Merge branch 'master' into hid-init-sync

2020-11-20 14:42:02 +01:00
parent e1b419c104 8c60d4b97d
commit 9124de4ec6
3 changed files with 29 additions and 3 deletions
--- a/.github/workflows/crypto_test.yml
+++ b/.github/workflows/crypto_test.yml
@@ -27,7 +27,7 @@ jobs:
      - name: Set up OpenSK
        run: ./setup.sh

-      - run: echo "::set-env name=RUSTFLAGS::-C target-feature=+aes"
+      - run: echo "RUSTFLAGS=-C target-feature=+aes" >> $GITHUB_ENV

      - name: Unit testing of crypto library (release mode)
        uses: actions-rs/cargo@v1
--- a/src/ctap/hid/mod.rs
+++ b/src/ctap/hid/mod.rs
@@ -298,7 +298,9 @@ impl CtapHid {
                HidPacketIterator::none()
            }
            Err((cid, error)) => {
-                if !self.is_allocated_channel(cid) {
+                if !self.is_allocated_channel(cid)
+                    && error != receive::Error::UnexpectedContinuation
+                {
                    CtapHid::error_message(cid, CtapHid::ERR_INVALID_CHANNEL)
                } else {
                    match error {
@@ -514,6 +516,27 @@ mod test {
        }
    }

+    #[test]
+    fn test_spurious_continuation_packet() {
+        let mut rng = ThreadRng256 {};
+        let user_immediately_present = |_| Ok(());
+        let mut ctap_state = CtapState::new(&mut rng, user_immediately_present);
+        let mut ctap_hid = CtapHid::new();
+
+        let mut packet = [0x00; 64];
+        packet[0..7].copy_from_slice(&[0xC1, 0xC1, 0xC1, 0xC1, 0x00, 0x51, 0x51]);
+        let mut assembler_reply = MessageAssembler::new();
+        for pkt_reply in ctap_hid.process_hid_packet(&packet, DUMMY_CLOCK_VALUE, &mut ctap_state) {
+            // Continuation packets are silently ignored.
+            assert_eq!(
+                assembler_reply
+                    .parse_packet(&pkt_reply, DUMMY_TIMESTAMP)
+                    .unwrap(),
+                None
+            );
+        }
+    }
+
    #[test]
    fn test_command_init() {
        let mut rng = ThreadRng256 {};
--- a/src/ctap/mod.rs
+++ b/src/ctap/mod.rs
@@ -392,12 +392,16 @@ where
        let has_extension_output = use_hmac_extension || cred_protect_policy.is_some();

        let rp_id = rp.rp_id;
+        let rp_id_hash = Sha256::hash(rp_id.as_bytes());
        if let Some(exclude_list) = exclude_list {
            for cred_desc in exclude_list {
                if self
                    .persistent_store
                    .find_credential(&rp_id, &cred_desc.key_id, pin_uv_auth_param.is_none())?
                    .is_some()
+                    || self
+                        .decrypt_credential_source(cred_desc.key_id, &rp_id_hash)?
+                        .is_some()
                {
                    // Perform this check, so bad actors can't brute force exclude_list
                    // without user interaction.
@@ -446,7 +450,6 @@ where
        let sk = crypto::ecdsa::SecKey::gensk(self.rng);
        let pk = sk.genpk();

-        let rp_id_hash = Sha256::hash(rp_id.as_bytes());
        let credential_id = if options.rk {
            let random_id = self.rng.gen_uniform_u8x32().to_vec();
            let credential_source = PublicKeyCredentialSource {