From cbf40f4ec7e8302ace9f297272afdb9187dc8aae Mon Sep 17 00:00:00 2001
From: Conor Patrick <conorpp94@gmail.com>
Date: Sat, 28 Mar 2020 12:14:35 -0400
Subject: [PATCH] hmac-secret should be different when UV=1

---
 fido2/ctap.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/fido2/ctap.c b/fido2/ctap.c
index 3542fa8..46afb54 100644
--- a/fido2/ctap.c
+++ b/fido2/ctap.c
@@ -461,6 +461,7 @@ static int ctap_make_extensions(CTAP_extensions * ext, uint8_t * ext_encoder_buf
         // Generate credRandom
         crypto_sha256_hmac_init(CRYPTO_TRANSPORT_KEY2, 0, credRandom);
         crypto_sha256_update((uint8_t*)&ext->hmac_secret.credential->id, sizeof(CredentialId));
+        crypto_sha256_update(&getAssertionState.user_verified, 1);
         crypto_sha256_hmac_final(CRYPTO_TRANSPORT_KEY2, 0, credRandom);
 
         // Decrypt saltEnc