From 46d7be865d0df56ebb705345fcfa9712b3807afe Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Sun, 17 Feb 2019 15:33:24 -0500 Subject: [PATCH] fix upper byte U2F for backwards compatibility --- fido2/u2f.c | 4 ++-- tools/ctap_test.py | 6 +++++- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/fido2/u2f.c b/fido2/u2f.c index 172392d..5b56479 100644 --- a/fido2/u2f.c +++ b/fido2/u2f.c @@ -224,7 +224,7 @@ static int16_t u2f_authenticate(struct u2f_authenticate_request * req, uint8_t c } count = ctap_atomic_count(0); - hash[0] = (count >> 24) & 0xff; + hash[0] = 0xff; hash[1] = (count >> 16) & 0xff; hash[2] = (count >> 8) & 0xff; hash[3] = (count >> 0) & 0xff; @@ -241,7 +241,7 @@ static int16_t u2f_authenticate(struct u2f_authenticate_request * req, uint8_t c crypto_ecc256_sign(hash, 32, sig); u2f_response_writeback(&up,1); - hash[0] = (count >> 24) & 0xff; + hash[0] = 0xff; hash[1] = (count >> 16) & 0xff; hash[2] = (count >> 8) & 0xff; hash[3] = (count >> 0) & 0xff; diff --git a/tools/ctap_test.py b/tools/ctap_test.py index 4b44f5d..787ee03 100755 --- a/tools/ctap_test.py +++ b/tools/ctap_test.py @@ -383,12 +383,16 @@ class Tester: def test_u2f(self,): chal = sha256(b"AAA") appid = sha256(b"BBB") + lastc = 0 for i in range(0, 5): reg = self.ctap1.register(chal, appid) reg.verify(appid, chal) auth = self.ctap1.authenticate(chal, appid, reg.key_handle) # check endianness - assert auth.counter < 0x10000 + if lastc: + assert (auth.counter - lastc) < 10 + lastc = auth.counter + print(hex(lastc)) print("U2F reg + auth pass %d/5" % (i + 1)) def test_fido2_simple(self, pin_token=None):