mirror
/
solo1
kopia lustrzana https://github.com/solokeys/solo1
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

fix rk allow-list credential returned

pull/577/head 4.1.3
Conor Patrick 2021-10-07 22:57:15 -05:00
rodzic 2884f95ff4
commit d7ef32b0e0
1 zmienionych plików z 10 dodań i 4 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

14
fido2/ctap.c
Wyświetl plik

@ -1144,7 +1144,8 @@ static int cred_cmp_func(const void * _a, const void * _b)
return b->credential.id.count - a->credential.id.count; return b->credential.id.count - a->credential.id.count;
} }
static void add_existing_user_info(CTAP_credentialDescriptor * cred) // Return 1 if existing info found, 0 otherwise
static int add_existing_user_info(CTAP_credentialDescriptor * cred)
{ {
CTAP_residentKey rk; CTAP_residentKey rk;
int index = STATE.rk_stored; int index = STATE.rk_stored;
@ -1156,11 +1157,12 @@ static void add_existing_user_info(CTAP_credentialDescriptor * cred)
{ {
printf1(TAG_GREEN, "found rk match for allowList item (%d)\r\n", i); printf1(TAG_GREEN, "found rk match for allowList item (%d)\r\n", i);
memmove(&cred->credential.user, &rk.user, sizeof(CTAP_userEntity)); memmove(&cred->credential.user, &rk.user, sizeof(CTAP_userEntity));
return; return 1;
} }
} }
printf1(TAG_GREEN, "NO rk match for allowList item \r\n"); printf1(TAG_GREEN, "NO rk match for allowList item \r\n");
return 0;
} }
// @return the number of valid credentials // @return the number of valid credentials
@ -1202,9 +1204,13 @@ int ctap_filter_invalid_credentials(CTAP_getAssertion * GA)
} }
else else
{ {
// add user info if it exists
add_existing_user_info(&GA->creds[i]);
count++; count++;
// add user info if it exists
if ( add_existing_user_info(&GA->creds[i]) ) {
// If RK matches credential in the allow_list, we should
// only return one credential.
break;
}
} }
} }