kmwebnet/OpenSK
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add a read_cbor_map macro to avoid the overhead of removing values on-by-one in BTreeMap.

Browse Source
This commit is contained in:
Guillaume Endignoux
2020-06-09 14:36:16 +02:00
parent e18a26317f
commit 97fb222455
3 changed files with 306 additions and 130 deletions
Download Patch File Download Diff File Expand all files Collapse all files

119
src/ctap/command.rs
View File

@@ -124,26 +124,30 @@ impl TryFrom<cbor::Value> for AuthenticatorMakeCredentialParameters {
type Error = Ctap2StatusCode;
fn try_from(cbor_value: cbor::Value) -> Result<Self, Ctap2StatusCode> {
let mut param_map = extract_map(cbor_value)?;
read_cbor_map! {
extract_map(cbor_value)?,
client_data_hash @ cbor_unsigned!(1),
rp @ cbor_unsigned!(2),
user @ cbor_unsigned!(3),
cred_param_vec @ cbor_unsigned!(4),
exclude_list @ cbor_unsigned!(5),
extensions @ cbor_unsigned!(6),
options @ cbor_unsigned!(7),
pin_uv_auth_param @ cbor_unsigned!(8),
pin_uv_auth_protocol @ cbor_unsigned!(9),
};
let client_data_hash =
extract_byte_string(ok_or_missing(param_map.remove(&cbor_unsigned!(1)))?)?;
let client_data_hash = extract_byte_string(ok_or_missing(client_data_hash)?)?;
let rp = PublicKeyCredentialRpEntity::try_from(ok_or_missing(rp)?)?;
let user = PublicKeyCredentialUserEntity::try_from(ok_or_missing(user)?)?;
let rp = PublicKeyCredentialRpEntity::try_from(ok_or_missing(
param_map.remove(&cbor_unsigned!(2)),
)?)?;
let user = PublicKeyCredentialUserEntity::try_from(ok_or_missing(
param_map.remove(&cbor_unsigned!(3)),
)?)?;
let cred_param_vec = extract_array(ok_or_missing(param_map.remove(&cbor_unsigned!(4)))?)?;
let cred_param_vec = extract_array(ok_or_missing(cred_param_vec)?)?;
let pub_key_cred_params = cred_param_vec
.into_iter()
.map(PublicKeyCredentialParameter::try_from)
.collect::<Result<Vec<PublicKeyCredentialParameter>, Ctap2StatusCode>>()?;
let exclude_list = match param_map.remove(&cbor_unsigned!(5)) {
let exclude_list = match exclude_list {
Some(entry) => {
let exclude_list_vec = extract_array(entry)?;
let list_len = MAX_CREDENTIAL_COUNT_IN_LIST.unwrap_or(exclude_list_vec.len());
@@ -157,12 +161,11 @@ impl TryFrom<cbor::Value> for AuthenticatorMakeCredentialParameters {
None => None,
};
let extensions = param_map
.remove(&cbor_unsigned!(6))
let extensions = extensions
.map(MakeCredentialExtensions::try_from)
.transpose()?;
let options = match param_map.remove(&cbor_unsigned!(7)) {
let options = match options {
Some(entry) => MakeCredentialOptions::try_from(entry)?,
None => MakeCredentialOptions {
rk: false,
@@ -170,15 +173,8 @@ impl TryFrom<cbor::Value> for AuthenticatorMakeCredentialParameters {
},
};
let pin_uv_auth_param = param_map
.remove(&cbor_unsigned!(8))
.map(extract_byte_string)
.transpose()?;
let pin_uv_auth_protocol = param_map
.remove(&cbor_unsigned!(9))
.map(extract_unsigned)
.transpose()?;
let pin_uv_auth_param = pin_uv_auth_param.map(extract_byte_string).transpose()?;
let pin_uv_auth_protocol = pin_uv_auth_protocol.map(extract_unsigned).transpose()?;
Ok(AuthenticatorMakeCredentialParameters {
client_data_hash,
@@ -210,14 +206,21 @@ impl TryFrom<cbor::Value> for AuthenticatorGetAssertionParameters {
type Error = Ctap2StatusCode;
fn try_from(cbor_value: cbor::Value) -> Result<Self, Ctap2StatusCode> {
let mut param_map = extract_map(cbor_value)?;
read_cbor_map! {
extract_map(cbor_value)?,
rp_id @ cbor_unsigned!(1),
client_data_hash @ cbor_unsigned!(2),
allow_list @ cbor_unsigned!(3),
extensions @ cbor_unsigned!(4),
options @ cbor_unsigned!(5),
pin_uv_auth_param @ cbor_unsigned!(6),
pin_uv_auth_protocol @ cbor_unsigned!(7),
};
let rp_id = extract_text_string(ok_or_missing(param_map.remove(&cbor_unsigned!(1)))?)?;
let rp_id = extract_text_string(ok_or_missing(rp_id)?)?;
let client_data_hash = extract_byte_string(ok_or_missing(client_data_hash)?)?;
let client_data_hash =
extract_byte_string(ok_or_missing(param_map.remove(&cbor_unsigned!(2)))?)?;
let allow_list = match param_map.remove(&cbor_unsigned!(3)) {
let allow_list = match allow_list {
Some(entry) => {
let allow_list_vec = extract_array(entry)?;
let list_len = MAX_CREDENTIAL_COUNT_IN_LIST.unwrap_or(allow_list_vec.len());
@@ -231,12 +234,11 @@ impl TryFrom<cbor::Value> for AuthenticatorGetAssertionParameters {
None => None,
};
let extensions = param_map
.remove(&cbor_unsigned!(4))
let extensions = extensions
.map(GetAssertionExtensions::try_from)
.transpose()?;
let options = match param_map.remove(&cbor_unsigned!(5)) {
let options = match options {
Some(entry) => GetAssertionOptions::try_from(entry)?,
None => GetAssertionOptions {
up: true,
@@ -244,15 +246,8 @@ impl TryFrom<cbor::Value> for AuthenticatorGetAssertionParameters {
},
};
let pin_uv_auth_param = param_map
.remove(&cbor_unsigned!(6))
.map(extract_byte_string)
.transpose()?;
let pin_uv_auth_protocol = param_map
.remove(&cbor_unsigned!(7))
.map(extract_unsigned)
.transpose()?;
let pin_uv_auth_param = pin_uv_auth_param.map(extract_byte_string).transpose()?;
let pin_uv_auth_protocol = pin_uv_auth_protocol.map(extract_unsigned).transpose()?;
Ok(AuthenticatorGetAssertionParameters {
rp_id,
@@ -280,33 +275,25 @@ impl TryFrom<cbor::Value> for AuthenticatorClientPinParameters {
type Error = Ctap2StatusCode;
fn try_from(cbor_value: cbor::Value) -> Result<Self, Ctap2StatusCode> {
let mut param_map = extract_map(cbor_value)?;
read_cbor_map! {
extract_map(cbor_value)?,
pin_protocol @ cbor_unsigned!(1),
sub_command @ cbor_unsigned!(2),
key_agreement @ cbor_unsigned!(3),
pin_auth @ cbor_unsigned!(4),
new_pin_enc @ cbor_unsigned!(5),
pin_hash_enc @ cbor_unsigned!(6),
};
let pin_protocol = extract_unsigned(ok_or_missing(param_map.remove(&cbor_unsigned!(1)))?)?;
let sub_command =
ClientPinSubCommand::try_from(ok_or_missing(param_map.remove(&cbor_unsigned!(2)))?)?;
let key_agreement = param_map
.remove(&cbor_unsigned!(3))
let pin_protocol = extract_unsigned(ok_or_missing(pin_protocol)?)?;
let sub_command = ClientPinSubCommand::try_from(ok_or_missing(sub_command)?)?;
let key_agreement = key_agreement
.map(extract_map)
.transpose()?
.map(|x| CoseKey(x));
let pin_auth = param_map
.remove(&cbor_unsigned!(4))
.map(extract_byte_string)
.transpose()?;
let new_pin_enc = param_map
.remove(&cbor_unsigned!(5))
.map(extract_byte_string)
.transpose()?;
let pin_hash_enc = param_map
.remove(&cbor_unsigned!(6))
.map(extract_byte_string)
.transpose()?;
let pin_auth = pin_auth.map(extract_byte_string).transpose()?;
let new_pin_enc = new_pin_enc.map(extract_byte_string).transpose()?;
let pin_hash_enc = pin_hash_enc.map(extract_byte_string).transpose()?;
Ok(AuthenticatorClientPinParameters {
pin_protocol,