Merge pull request #113 from kaczmarczyck/move-semantics

reads CBOR maps by moving instead of references
2020-06-09 10:57:10 +02:00
parent 642ee69a9b 8f6c3dcaac
commit 0316d7f7e4
7 changed files with 336 additions and 460 deletions
--- a/reproducible/binaries.sha256sum
+++ b/reproducible/binaries.sha256sum
@@ -1,9 +0,0 @@
-c182bb4902fff51b2f56810fc2a27df3646cd66ba21359162354d53445623ab8	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840dk.bin
-2c2879a0263ebaa6e841db4b352346cc5b4cef5084ce85525cf49669d3b0b41d	target/nrf52840dk_merged.hex
-0a9929ba8fa57e8a502a49fc7c53177397202e1b11f4c7c3cb6ed68b2b99dd46	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840_dongle.bin
-652824a90674dc3199070f2f46a791ab4951e367982ecae6f65fc41338a5a856	target/nrf52840_dongle_merged.hex
-cca9086c9149c607589b23ffa599a5e4c26db7c20bd3700b79528bd3a5df991d	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840_dongle_dfu.bin
-a030505f5576129954a3977f97957b8b4e023b2b51a29d45d4511566458666ac	target/nrf52840_dongle_dfu_merged.hex
-8857488ba6a69e366f0da229bbfc012a2ad291d3a88d9494247d600c10bb19b7	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840_mdk_dfu.bin
-82ac4290967ae67a78c986444fd6c2a2aa5668ac254a2af642c98be4a064f913	target/nrf52840_mdk_dfu_merged.hex
-c3e901a80fd779b15a6f266e48dcef5140b318f5f62b23a96547498572ac1666	target/tab/ctap2.tab
--- a/reproducible/reference_binaries_macos-10.15.sha256sum
+++ b/reproducible/reference_binaries_macos-10.15.sha256sum
@@ -1,9 +1,9 @@
 1003863864e06553e730eec6df4bf8d30c99f697ef9380efdc35eba679b4db78	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840dk.bin
-63dda5b708add5ac72db0c0757de451f95173b0fc7d71fc85c3b25460850e23c	target/nrf52840dk_merged.hex
+022268c93fa8bbd9e54e082982b87c10a0e7c0486704de8219d1bb374304636a	target/nrf52840dk_merged.hex
 88f00a5e1dae6ab3f7571c254ac75f5f3e29ebea7f3ca46c16cfdc3708e804fc	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840_dongle.bin
-2fca47df0053c6750d9f8fe61e8e6a0e9eee2457c908aa1c2225e2aab2690cb4	target/nrf52840_dongle_merged.hex
+8d68ecc700527789b8edf318f0872ca8fc3b72fa73236f4e06bec89a3682fcf8	target/nrf52840_dongle_merged.hex
 1bc69b48a2c48da55db8b322902e1fe3f2e095c0dd8517db28837d86e0addc85	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840_dongle_dfu.bin
-33b5a96bb427de653440cd8bfa31e518e1a2c269368a6cd103602d2fd6f3e127	target/nrf52840_dongle_dfu_merged.hex
+af5465e4209914aaf74ee878d03e883a717827119e47b9295aa279ee21f0c5f4	target/nrf52840_dongle_dfu_merged.hex
 f38ee31d3a09e7e11848e78b5318f95517b6dcd076afcb37e6e3d3e5e9995cc7	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840_mdk_dfu.bin
-dce8f1f02e2f7e93634b1edd02343547e139445d23c2d17ce6ccdc4895a67c8c	target/nrf52840_mdk_dfu_merged.hex
-1e216599d58e6c66845845a2ec709f72842e21d48a2185022223d1ffe006de07	target/tab/ctap2.tab
+23603386a615e4e8cb2173c5ce4762110e6cbb979efdbb6e8bef9bc1e3988de4	target/nrf52840_mdk_dfu_merged.hex
+c2cbcc28b835934be4c3d3e3c5bdaba642a5811d760c1d2cb73d26b6474e4219	target/tab/ctap2.tab
--- a/reproducible/reference_binaries_ubuntu-18.04.sha256sum
+++ b/reproducible/reference_binaries_ubuntu-18.04.sha256sum
@@ -1,9 +1,9 @@
 c182bb4902fff51b2f56810fc2a27df3646cd66ba21359162354d53445623ab8	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840dk.bin
-d978bbb7d56e54f1d8dc43a8b73e01ede50f404f8640ed8969112acac9efa36e	target/nrf52840dk_merged.hex
+d8b62ece387a77cc21f2c10a5f5d65d0d57bf4739b47fd86d2c9ecdd90fbfd7e	target/nrf52840dk_merged.hex
 0a9929ba8fa57e8a502a49fc7c53177397202e1b11f4c7c3cb6ed68b2b99dd46	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840_dongle.bin
-53f3f390fce878d4d6108d34a0f4f305375ca125a02a4160839eeee3acd55e88	target/nrf52840_dongle_merged.hex
+380de1a910b4d9eeb0c814b11b074b2e66334968cc99a4bd34d52a1fce3c5a79	target/nrf52840_dongle_merged.hex
 cca9086c9149c607589b23ffa599a5e4c26db7c20bd3700b79528bd3a5df991d	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840_dongle_dfu.bin
-68ef4c5d2e5b53761c31e185fa6237eaaa13736f8e0657c68d235f27497efe85	target/nrf52840_dongle_dfu_merged.hex
+4edd988b3e37991f1e58fc520e41f7666f8ae3e8d3993e1bb2fb71657a71fa50	target/nrf52840_dongle_dfu_merged.hex
 8857488ba6a69e366f0da229bbfc012a2ad291d3a88d9494247d600c10bb19b7	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840_mdk_dfu.bin
-898842aeaf9a7b03f3f5828871fc8a41fff8fc550683c18f9cfd718f8da26ba4	target/nrf52840_mdk_dfu_merged.hex
-d7d8e13bd8a183a6868a463512a999e1c3843d9d5b13f1d35909bfa80d24619e	target/tab/ctap2.tab
+a51aba1cd12e55aa33fd9017af406583ebf14e1c690295b15cf147713dfe2561	target/nrf52840_mdk_dfu_merged.hex
+40b413a8b645b4b47fae62a4311acb12cb0c57faff2757e45c18d9e5d441e52d	target/tab/ctap2.tab
--- a/reproducible/reproduced.tar
+++ b/reproducible/reproduced.tar
--- a/src/ctap/command.rs
+++ b/src/ctap/command.rs
@@ -13,10 +13,10 @@
 // limitations under the License.

 use super::data_formats::{
-    ok_or_missing, read_array, read_byte_string, read_map, read_text_string, read_unsigned,
-    ClientPinSubCommand, CoseKey, Extensions, GetAssertionOptions, MakeCredentialOptions,
-    PublicKeyCredentialDescriptor, PublicKeyCredentialParameter, PublicKeyCredentialRpEntity,
-    PublicKeyCredentialUserEntity,
+    extract_array, extract_byte_string, extract_map, extract_text_string, extract_unsigned,
+    ok_or_missing, ClientPinSubCommand, CoseKey, GetAssertionExtensions, GetAssertionOptions,
+    MakeCredentialExtensions, MakeCredentialOptions, PublicKeyCredentialDescriptor,
+    PublicKeyCredentialParameter, PublicKeyCredentialRpEntity, PublicKeyCredentialUserEntity,
 };
 use super::status_code::Ctap2StatusCode;
 use alloc::string::String;
@@ -113,7 +113,7 @@ pub struct AuthenticatorMakeCredentialParameters {
    pub user: PublicKeyCredentialUserEntity,
    pub pub_key_cred_params: Vec<PublicKeyCredentialParameter>,
    pub exclude_list: Option<Vec<PublicKeyCredentialDescriptor>>,
-    pub extensions: Option<Extensions>,
+    pub extensions: Option<MakeCredentialExtensions>,
    // Even though options are optional, we can use the default if not present.
    pub options: MakeCredentialOptions,
    pub pin_uv_auth_param: Option<Vec<u8>>,
@@ -124,30 +124,32 @@ impl TryFrom<cbor::Value> for AuthenticatorMakeCredentialParameters {
    type Error = Ctap2StatusCode;

    fn try_from(cbor_value: cbor::Value) -> Result<Self, Ctap2StatusCode> {
-        let param_map = read_map(&cbor_value)?;
+        let mut param_map = extract_map(cbor_value)?;

-        let client_data_hash = read_byte_string(ok_or_missing(param_map.get(&cbor_unsigned!(1)))?)?;
+        let client_data_hash =
+            extract_byte_string(ok_or_missing(param_map.remove(&cbor_unsigned!(1)))?)?;

        let rp = PublicKeyCredentialRpEntity::try_from(ok_or_missing(
-            param_map.get(&cbor_unsigned!(2)),
+            param_map.remove(&cbor_unsigned!(2)),
        )?)?;

        let user = PublicKeyCredentialUserEntity::try_from(ok_or_missing(
-            param_map.get(&cbor_unsigned!(3)),
+            param_map.remove(&cbor_unsigned!(3)),
        )?)?;

-        let cred_param_vec = read_array(ok_or_missing(param_map.get(&cbor_unsigned!(4)))?)?;
+        let cred_param_vec = extract_array(ok_or_missing(param_map.remove(&cbor_unsigned!(4)))?)?;
        let pub_key_cred_params = cred_param_vec
-            .iter()
+            .into_iter()
            .map(PublicKeyCredentialParameter::try_from)
            .collect::<Result<Vec<PublicKeyCredentialParameter>, Ctap2StatusCode>>()?;

-        let exclude_list = match param_map.get(&cbor_unsigned!(5)) {
+        let exclude_list = match param_map.remove(&cbor_unsigned!(5)) {
            Some(entry) => {
-                let exclude_list_vec = read_array(entry)?;
+                let exclude_list_vec = extract_array(entry)?;
+                let list_len = MAX_CREDENTIAL_COUNT_IN_LIST.unwrap_or(exclude_list_vec.len());
                let exclude_list = exclude_list_vec
-                    .iter()
-                    .take(MAX_CREDENTIAL_COUNT_IN_LIST.unwrap_or(exclude_list_vec.len()))
+                    .into_iter()
+                    .take(list_len)
                    .map(PublicKeyCredentialDescriptor::try_from)
                    .collect::<Result<Vec<PublicKeyCredentialDescriptor>, Ctap2StatusCode>>()?;
                Some(exclude_list)
@@ -156,11 +158,11 @@ impl TryFrom<cbor::Value> for AuthenticatorMakeCredentialParameters {
        };

        let extensions = param_map
-            .get(&cbor_unsigned!(6))
-            .map(Extensions::try_from)
+            .remove(&cbor_unsigned!(6))
+            .map(MakeCredentialExtensions::try_from)
            .transpose()?;

-        let options = match param_map.get(&cbor_unsigned!(7)) {
+        let options = match param_map.remove(&cbor_unsigned!(7)) {
            Some(entry) => MakeCredentialOptions::try_from(entry)?,
            None => MakeCredentialOptions {
                rk: false,
@@ -169,13 +171,13 @@ impl TryFrom<cbor::Value> for AuthenticatorMakeCredentialParameters {
        };

        let pin_uv_auth_param = param_map
-            .get(&cbor_unsigned!(8))
-            .map(read_byte_string)
+            .remove(&cbor_unsigned!(8))
+            .map(extract_byte_string)
            .transpose()?;

        let pin_uv_auth_protocol = param_map
-            .get(&cbor_unsigned!(9))
-            .map(read_unsigned)
+            .remove(&cbor_unsigned!(9))
+            .map(extract_unsigned)
            .transpose()?;

        Ok(AuthenticatorMakeCredentialParameters {
@@ -197,7 +199,7 @@ pub struct AuthenticatorGetAssertionParameters {
    pub rp_id: String,
    pub client_data_hash: Vec<u8>,
    pub allow_list: Option<Vec<PublicKeyCredentialDescriptor>>,
-    pub extensions: Option<Extensions>,
+    pub extensions: Option<GetAssertionExtensions>,
    // Even though options are optional, we can use the default if not present.
    pub options: GetAssertionOptions,
    pub pin_uv_auth_param: Option<Vec<u8>>,
@@ -208,18 +210,20 @@ impl TryFrom<cbor::Value> for AuthenticatorGetAssertionParameters {
    type Error = Ctap2StatusCode;

    fn try_from(cbor_value: cbor::Value) -> Result<Self, Ctap2StatusCode> {
-        let param_map = read_map(&cbor_value)?;
+        let mut param_map = extract_map(cbor_value)?;

-        let rp_id = read_text_string(ok_or_missing(param_map.get(&cbor_unsigned!(1)))?)?;
+        let rp_id = extract_text_string(ok_or_missing(param_map.remove(&cbor_unsigned!(1)))?)?;

-        let client_data_hash = read_byte_string(ok_or_missing(param_map.get(&cbor_unsigned!(2)))?)?;
+        let client_data_hash =
+            extract_byte_string(ok_or_missing(param_map.remove(&cbor_unsigned!(2)))?)?;

-        let allow_list = match param_map.get(&cbor_unsigned!(3)) {
+        let allow_list = match param_map.remove(&cbor_unsigned!(3)) {
            Some(entry) => {
-                let allow_list_vec = read_array(entry)?;
+                let allow_list_vec = extract_array(entry)?;
+                let list_len = MAX_CREDENTIAL_COUNT_IN_LIST.unwrap_or(allow_list_vec.len());
                let allow_list = allow_list_vec
-                    .iter()
-                    .take(MAX_CREDENTIAL_COUNT_IN_LIST.unwrap_or(allow_list_vec.len()))
+                    .into_iter()
+                    .take(list_len)
                    .map(PublicKeyCredentialDescriptor::try_from)
                    .collect::<Result<Vec<PublicKeyCredentialDescriptor>, Ctap2StatusCode>>()?;
                Some(allow_list)
@@ -228,11 +232,11 @@ impl TryFrom<cbor::Value> for AuthenticatorGetAssertionParameters {
        };

        let extensions = param_map
-            .get(&cbor_unsigned!(4))
-            .map(Extensions::try_from)
+            .remove(&cbor_unsigned!(4))
+            .map(GetAssertionExtensions::try_from)
            .transpose()?;

-        let options = match param_map.get(&cbor_unsigned!(5)) {
+        let options = match param_map.remove(&cbor_unsigned!(5)) {
            Some(entry) => GetAssertionOptions::try_from(entry)?,
            None => GetAssertionOptions {
                up: true,
@@ -241,13 +245,13 @@ impl TryFrom<cbor::Value> for AuthenticatorGetAssertionParameters {
        };

        let pin_uv_auth_param = param_map
-            .get(&cbor_unsigned!(6))
-            .map(read_byte_string)
+            .remove(&cbor_unsigned!(6))
+            .map(extract_byte_string)
            .transpose()?;

        let pin_uv_auth_protocol = param_map
-            .get(&cbor_unsigned!(7))
-            .map(read_unsigned)
+            .remove(&cbor_unsigned!(7))
+            .map(extract_unsigned)
            .transpose()?;

        Ok(AuthenticatorGetAssertionParameters {
@@ -276,32 +280,32 @@ impl TryFrom<cbor::Value> for AuthenticatorClientPinParameters {
    type Error = Ctap2StatusCode;

    fn try_from(cbor_value: cbor::Value) -> Result<Self, Ctap2StatusCode> {
-        let param_map = read_map(&cbor_value)?;
+        let mut param_map = extract_map(cbor_value)?;

-        let pin_protocol = read_unsigned(ok_or_missing(param_map.get(&cbor_unsigned!(1)))?)?;
+        let pin_protocol = extract_unsigned(ok_or_missing(param_map.remove(&cbor_unsigned!(1)))?)?;

        let sub_command =
-            ClientPinSubCommand::try_from(ok_or_missing(param_map.get(&cbor_unsigned!(2)))?)?;
+            ClientPinSubCommand::try_from(ok_or_missing(param_map.remove(&cbor_unsigned!(2)))?)?;

        let key_agreement = param_map
-            .get(&cbor_unsigned!(3))
-            .map(read_map)
+            .remove(&cbor_unsigned!(3))
+            .map(extract_map)
            .transpose()?
-            .map(|x| CoseKey(x.clone()));
+            .map(|x| CoseKey(x));

        let pin_auth = param_map
-            .get(&cbor_unsigned!(4))
-            .map(read_byte_string)
+            .remove(&cbor_unsigned!(4))
+            .map(extract_byte_string)
            .transpose()?;

        let new_pin_enc = param_map
-            .get(&cbor_unsigned!(5))
-            .map(read_byte_string)
+            .remove(&cbor_unsigned!(5))
+            .map(extract_byte_string)
            .transpose()?;

        let pin_hash_enc = param_map
-            .get(&cbor_unsigned!(6))
-            .map(read_byte_string)
+            .remove(&cbor_unsigned!(6))
+            .map(extract_byte_string)
            .transpose()?;

        Ok(AuthenticatorClientPinParameters {
--- a/src/ctap/data_formats.rs
+++ b/src/ctap/data_formats.rs
--- a/src/ctap/mod.rs
+++ b/src/ctap/mod.rs
@@ -435,16 +435,14 @@ where
        }

        let (use_hmac_extension, cred_protect_policy) = if let Some(extensions) = extensions {
-            let mut cred_protect = extensions
-                .make_credential_cred_protect_policy()
-                .transpose()?;
+            let mut cred_protect = extensions.cred_protect;
            if cred_protect.unwrap_or(CredentialProtectionPolicy::UserVerificationOptional)
                < DEFAULT_CRED_PROTECT
                    .unwrap_or(CredentialProtectionPolicy::UserVerificationOptional)
            {
                cred_protect = DEFAULT_CRED_PROTECT;
            }
-            (extensions.has_make_credential_hmac_secret()?, cred_protect)
+            (extensions.hmac_secret, cred_protect)
        } else {
            (false, None)
        };
@@ -545,11 +543,11 @@ where
        auth_data.extend(cose_key);
        if has_extension_output {
            let hmac_secret_output = if use_hmac_extension { Some(true) } else { None };
-            let extensions = cbor_map_options! {
+            let extensions_output = cbor_map_options! {
                "hmac-secret" => hmac_secret_output,
                "credProtect" => cred_protect_policy,
            };
-            if !cbor::write(extensions, &mut auth_data) {
+            if !cbor::write(extensions_output, &mut auth_data) {
                return Err(Ctap2StatusCode::CTAP2_ERR_VENDOR_RESPONSE_CANNOT_WRITE_CBOR);
            }
        }
@@ -639,11 +637,8 @@ where
            }
        }

-        let get_assertion_hmac_secret_input = match extensions {
-            Some(extensions) => extensions.get_assertion_hmac_secret().transpose()?,
-            None => None,
-        };
-        if get_assertion_hmac_secret_input.is_some() && !options.up {
+        let hmac_secret_input = extensions.map(|e| e.hmac_secret).flatten();
+        if hmac_secret_input.is_some() && !options.up {
            // The extension is actually supported, but we need user presence.
            return Err(Ctap2StatusCode::CTAP2_ERR_UNSUPPORTED_EXTENSION);
        }
@@ -673,7 +668,7 @@ where
        if options.up {
            flags |= UP_FLAG;
        }
-        if get_assertion_hmac_secret_input.is_some() {
+        if hmac_secret_input.is_some() {
            flags |= ED_FLAG;
        }

@@ -720,12 +715,12 @@ where

        let mut auth_data = self.generate_auth_data(&rp_id_hash, flags);
        // Process extensions.
-        if let Some(get_assertion_hmac_secret_input) = get_assertion_hmac_secret_input {
+        if let Some(hmac_secret_input) = hmac_secret_input {
            let GetAssertionHmacSecretInput {
                key_agreement,
                salt_enc,
                salt_auth,
-            } = get_assertion_hmac_secret_input;
+            } = hmac_secret_input;
            let pk: crypto::ecdh::PubKey = CoseKey::try_into(key_agreement)?;
            let shared_secret = self.key_agreement_key.exchange_x_sha256(&pk);
            // HMAC-secret does the same 16 byte truncated check.
@@ -740,10 +735,10 @@ where
                None => return Err(Ctap2StatusCode::CTAP2_ERR_UNSUPPORTED_EXTENSION),
            };

-            let extensions = cbor_map! {
+            let extensions_output = cbor_map! {
                "hmac-secret" => encrypted_output,
            };
-            if !cbor::write(extensions, &mut auth_data) {
+            if !cbor::write(extensions_output, &mut auth_data) {
                return Err(Ctap2StatusCode::CTAP2_ERR_VENDOR_RESPONSE_CANNOT_WRITE_CBOR);
            }
        }
@@ -1118,8 +1113,8 @@ where
 #[cfg(test)]
 mod test {
    use super::data_formats::{
-        Extensions, GetAssertionOptions, MakeCredentialOptions, PublicKeyCredentialRpEntity,
-        PublicKeyCredentialUserEntity,
+        GetAssertionExtensions, GetAssertionOptions, MakeCredentialExtensions,
+        MakeCredentialOptions, PublicKeyCredentialRpEntity, PublicKeyCredentialUserEntity,
    };
    use super::*;
    use crypto::rng256::ThreadRng256;
@@ -1219,9 +1214,10 @@ mod test {
    fn create_make_credential_parameters_with_cred_protect_policy(
        policy: CredentialProtectionPolicy,
    ) -> AuthenticatorMakeCredentialParameters {
-        let mut extension_map = BTreeMap::new();
-        extension_map.insert("credProtect".to_string(), cbor::Value::from(policy));
-        let extensions = Some(Extensions::new(extension_map));
+        let extensions = Some(MakeCredentialExtensions {
+            hmac_secret: false,
+            cred_protect: Some(policy),
+        });
        let mut make_credential_params = create_minimal_make_credential_parameters();
        make_credential_params.extensions = extensions;
        make_credential_params
@@ -1408,9 +1404,10 @@ mod test {
        let user_immediately_present = |_| Ok(());
        let mut ctap_state = CtapState::new(&mut rng, user_immediately_present);

-        let mut extension_map = BTreeMap::new();
-        extension_map.insert("hmac-secret".to_string(), cbor_bool!(true));
-        let extensions = Some(Extensions::new(extension_map));
+        let extensions = Some(MakeCredentialExtensions {
+            hmac_secret: true,
+            cred_protect: None,
+        });
        let mut make_credential_params = create_minimal_make_credential_parameters();
        make_credential_params.extensions = extensions;
        let make_credential_response =
@@ -1520,9 +1517,10 @@ mod test {
        let user_immediately_present = |_| Ok(());
        let mut ctap_state = CtapState::new(&mut rng, user_immediately_present);

-        let mut extension_map = BTreeMap::new();
-        extension_map.insert("hmac-secret".to_string(), cbor_bool!(true));
-        let make_extensions = Some(Extensions::new(extension_map));
+        let make_extensions = Some(MakeCredentialExtensions {
+            hmac_secret: true,
+            cred_protect: None,
+        });
        let mut make_credential_params = create_minimal_make_credential_parameters();
        make_credential_params.extensions = make_extensions;
        assert!(ctap_state
@@ -1530,15 +1528,15 @@ mod test {
            .is_ok());

        let pk = sk.genpk();
-        let hmac_secret_parameters = cbor_map! {
-            1 => cbor::Value::Map(CoseKey::from(pk).0),
-            2 => vec![0; 32],
-            3 => vec![0; 16],
+        let hmac_secret_input = GetAssertionHmacSecretInput {
+            key_agreement: CoseKey::from(pk),
+            salt_enc: vec![0x02; 32],
+            salt_auth: vec![0x03; 16],
        };
-        let mut extension_map = BTreeMap::new();
-        extension_map.insert("hmac-secret".to_string(), hmac_secret_parameters);
+        let get_extensions = Some(GetAssertionExtensions {
+            hmac_secret: Some(hmac_secret_input),
+        });

-        let get_extensions = Some(Extensions::new(extension_map));
        let get_assertion_params = AuthenticatorGetAssertionParameters {
            rp_id: String::from("example.com"),
            client_data_hash: vec![0xCD],