kmwebnet/OpenSK
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into fix_workflow

Browse Source
This commit is contained in:
Jean-Michel Picod
2020-11-20 13:23:43 +01:00
committed by GitHub
parent 22ff0b236f fd68698e27
commit 4645ed322d
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/ctap/mod.rs
View File

@@ -392,12 +392,16 @@ where
let has_extension_output = use_hmac_extension || cred_protect_policy.is_some(); let has_extension_output = use_hmac_extension || cred_protect_policy.is_some();
let rp_id = rp.rp_id; let rp_id = rp.rp_id;
let rp_id_hash = Sha256::hash(rp_id.as_bytes());
if let Some(exclude_list) = exclude_list { if let Some(exclude_list) = exclude_list {
for cred_desc in exclude_list { for cred_desc in exclude_list {
if self if self
.persistent_store .persistent_store
.find_credential(&rp_id, &cred_desc.key_id, pin_uv_auth_param.is_none())? .find_credential(&rp_id, &cred_desc.key_id, pin_uv_auth_param.is_none())?
.is_some() .is_some()
|| self
.decrypt_credential_source(cred_desc.key_id, &rp_id_hash)?
.is_some()
{ {
// Perform this check, so bad actors can't brute force exclude_list // Perform this check, so bad actors can't brute force exclude_list
// without user interaction. // without user interaction.
@@ -446,7 +450,6 @@ where
let sk = crypto::ecdsa::SecKey::gensk(self.rng); let sk = crypto::ecdsa::SecKey::gensk(self.rng);
let pk = sk.genpk(); let pk = sk.genpk();
let rp_id_hash = Sha256::hash(rp_id.as_bytes());
let credential_id = if options.rk { let credential_id = if options.rk {
let random_id = self.rng.gen_uniform_u8x32().to_vec(); let random_id = self.rng.gen_uniform_u8x32().to_vec();
let credential_source = PublicKeyCredentialSource { let credential_source = PublicKeyCredentialSource {