Arduino/pico-fido
1
0
Fork 1
mirror of https://github.com/polhenarejos/pico-fido.git synced 2025-12-19 02:48:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix potential bug in CBOR encoding.

Browse Source 
It happen if a keepalive packet is sent in the middle of an encoding.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos
2024-08-18 23:59:52 +02:00
parent 1b4dd9bed0
commit 163e936231
8 changed files with 14 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/fido/cbor_make_credential.c
View File

@@ -468,7 +468,7 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
}
}
cbor_encoder_init(&encoder, ctap_resp->init.data + 1, CTAP_MAX_PACKET_SIZE, 0);
cbor_encoder_init(&encoder, res_APDU + 1, CTAP_MAX_PACKET_SIZE, 0);
CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder,
extensions.largeBlobKey == ptrue &&
options.rk == ptrue ? 5 : 4));
@@ -512,7 +512,7 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
}
mbedtls_platform_zeroize(largeBlobKey, sizeof(largeBlobKey));
CBOR_CHECK(cbor_encoder_close_container(&encoder, &mapEncoder));
resp_size = cbor_encoder_get_buffer_size(&encoder, ctap_resp->init.data + 1);
resp_size = cbor_encoder_get_buffer_size(&encoder, res_APDU + 1);
if (options.rk == ptrue) {
if (credential_store(cred_id, cred_id_len, rp_id_hash) != 0) {