2  * Copyright (c) 2019-2022 Yubico AB. All rights reserved.
3  * Use of this source code is governed by a BSD-style
5  * SPDX-License-Identifier: BSD-2-Clause
31 		return (-1);  in credman_grow_array()
42 		return (-1);  in credman_grow_array()
46 		return (-1);  in credman_grow_array()
61 	int ok = -1;  in credman_prepare_hmac()
86 		param_cbor[1] = cbor_encode_pubkey(&cred->attcred.id);  in credman_prepare_hmac()
87 		param_cbor[2] = cbor_encode_user_entity(&cred->user);  in credman_prepare_hmac()
95 		return (-1);  in credman_prepare_hmac()
115 credman_tx(fido_dev_t *dev, uint8_t subcmd, const void *param, const char *pin,  in credman_tx()  argument
143 	if (pin != NULL || uv == FIDO_OPT_TRUE) {  in credman_tx()
152 		if ((r = cbor_add_uv_params(dev, cmd, &hmac, pk, ecdh, pin,  in credman_tx()
179 credman_parse_metadata(const cbor_item_t *key, const cbor_item_t *val,  in credman_parse_metadata()  argument
192 		return (cbor_decode_uint64(val, &metadata->rk_existing));  in credman_parse_metadata()
194 		return (cbor_decode_uint64(val, &metadata->rk_remaining));  in credman_parse_metadata()
236     const char *pin, int *ms)  in credman_get_metadata_wait()  argument
240 	if ((r = credman_tx(dev, CMD_CRED_METADATA, NULL, pin, NULL,  in credman_get_metadata_wait()
250     const char *pin)  in fido_credman_get_dev_metadata()  argument
252 	int ms = dev->timeout_ms;  in fido_credman_get_dev_metadata()
254 	return (credman_get_metadata_wait(dev, metadata, pin, &ms));  in fido_credman_get_dev_metadata()
258 credman_parse_rk(const cbor_item_t *key, const cbor_item_t *val, void *arg)  in credman_parse_rk()  argument
271 		return (cbor_decode_user(val, &cred->user));  in credman_parse_rk()
273 		return (cbor_decode_cred_id(val, &cred->attcred.id));  in credman_parse_rk()
275 		if (cbor_decode_pubkey(val, &cred->attcred.type,  in credman_parse_rk()
276 		    &cred->attcred.pubkey) < 0)  in credman_parse_rk()
277 			return (-1);  in credman_parse_rk()
278 		cred->type = cred->attcred.type; /* XXX */  in credman_parse_rk()
281 		if (cbor_decode_uint64(val, &prot) < 0 || prot > INT_MAX ||  in credman_parse_rk()
283 			return (-1);  in credman_parse_rk()
286 		return (fido_blob_decode(val, &cred->largeblob_key));  in credman_parse_rk()
296 	for (size_t i = 0; i < rk->n_alloc; i++) {  in credman_reset_rk()
297 		fido_cred_reset_tx(&rk->ptr[i]);  in credman_reset_rk()
298 		fido_cred_reset_rx(&rk->ptr[i]);  in credman_reset_rk()
301 	free(rk->ptr);  in credman_reset_rk()
302 	rk->ptr = NULL;  in credman_reset_rk()
307 credman_parse_rk_count(const cbor_item_t *key, const cbor_item_t *val,  in credman_parse_rk_count()  argument
321 	if (cbor_decode_uint64(val, &n) < 0 || n > SIZE_MAX) {  in credman_parse_rk_count()
323 		return (-1);  in credman_parse_rk_count()
326 	if (credman_grow_array((void **)&rk->ptr, &rk->n_alloc, &rk->n_rx,  in credman_parse_rk_count()
327 	    (size_t)n, sizeof(*rk->ptr)) < 0) {  in credman_parse_rk_count()
329 		return (-1);  in credman_parse_rk_count()
362 	if (rk->n_alloc == 0) {  in credman_rx_rk()
369 	if ((r = cbor_parse_reply(msg, (size_t)msglen, &rk->ptr[0],  in credman_rx_rk()
374 	rk->n_rx = 1;  in credman_rx_rk()
402 	if (rk->n_rx >= rk->n_alloc) {  in credman_rx_next_rk()
403 		fido_log_debug("%s: n_rx=%zu, n_alloc=%zu", __func__, rk->n_rx,  in credman_rx_next_rk()
404 		    rk->n_alloc);  in credman_rx_next_rk()
409 	if ((r = cbor_parse_reply(msg, (size_t)msglen, &rk->ptr[rk->n_rx],  in credman_rx_next_rk()
424     const char *pin, int *ms)  in credman_get_rk_wait()  argument
438 	if ((r = credman_tx(dev, CMD_RK_BEGIN, &rp_dgst, pin, rp_id,  in credman_get_rk_wait()
443 	while (rk->n_rx < rk->n_alloc) {  in credman_get_rk_wait()
448 		rk->n_rx++;  in credman_get_rk_wait()
456     fido_credman_rk_t *rk, const char *pin)  in fido_credman_get_dev_rk()  argument
458 	int ms = dev->timeout_ms;  in fido_credman_get_dev_rk()
460 	return (credman_get_rk_wait(dev, rp_id, rk, pin, &ms));  in fido_credman_get_dev_rk()
465     size_t cred_id_len, const char *pin, int *ms)  in credman_del_rk_wait()  argument
475 	if ((r = credman_tx(dev, CMD_DELETE_CRED, &cred, pin, NULL,  in credman_del_rk_wait()
489     size_t cred_id_len, const char *pin)  in fido_credman_del_dev_rk()  argument
491 	int ms = dev->timeout_ms;  in fido_credman_del_dev_rk()
493 	return (credman_del_rk_wait(dev, cred_id, cred_id_len, pin, &ms));  in fido_credman_del_dev_rk()
497 credman_parse_rp(const cbor_item_t *key, const cbor_item_t *val, void *arg)  in credman_parse_rp()  argument
509 		return (cbor_decode_rp_entity(val, &rp->rp_entity));  in credman_parse_rp()
511 		return (fido_blob_decode(val, &rp->rp_id_hash));  in credman_parse_rp()
521 	for (size_t i = 0; i < rp->n_alloc; i++) {  in credman_reset_rp()
522 		free(rp->ptr[i].rp_entity.id);  in credman_reset_rp()
523 		free(rp->ptr[i].rp_entity.name);  in credman_reset_rp()
524 		rp->ptr[i].rp_entity.id = NULL;  in credman_reset_rp()
525 		rp->ptr[i].rp_entity.name = NULL;  in credman_reset_rp()
526 		fido_blob_reset(&rp->ptr[i].rp_id_hash);  in credman_reset_rp()
529 	free(rp->ptr);  in credman_reset_rp()
530 	rp->ptr = NULL;  in credman_reset_rp()
535 credman_parse_rp_count(const cbor_item_t *key, const cbor_item_t *val,  in credman_parse_rp_count()  argument
549 	if (cbor_decode_uint64(val, &n) < 0 || n > SIZE_MAX) {  in credman_parse_rp_count()
551 		return (-1);  in credman_parse_rp_count()
554 	if (credman_grow_array((void **)&rp->ptr, &rp->n_alloc, &rp->n_rx,  in credman_parse_rp_count()
555 	    (size_t)n, sizeof(*rp->ptr)) < 0) {  in credman_parse_rp_count()
557 		return (-1);  in credman_parse_rp_count()
590 	if (rp->n_alloc == 0) {  in credman_rx_rp()
597 	if ((r = cbor_parse_reply(msg, (size_t)msglen, &rp->ptr[0],  in credman_rx_rp()
602 	rp->n_rx = 1;  in credman_rx_rp()
630 	if (rp->n_rx >= rp->n_alloc) {  in credman_rx_next_rp()
631 		fido_log_debug("%s: n_rx=%zu, n_alloc=%zu", __func__, rp->n_rx,  in credman_rx_next_rp()
632 		    rp->n_alloc);  in credman_rx_next_rp()
637 	if ((r = cbor_parse_reply(msg, (size_t)msglen, &rp->ptr[rp->n_rx],  in credman_rx_next_rp()
651 credman_get_rp_wait(fido_dev_t *dev, fido_credman_rp_t *rp, const char *pin,  in credman_get_rp_wait()  argument
656 	if ((r = credman_tx(dev, CMD_RP_BEGIN, NULL, pin, NULL,  in credman_get_rp_wait()
661 	while (rp->n_rx < rp->n_alloc) {  in credman_get_rp_wait()
666 		rp->n_rx++;  in credman_get_rp_wait()
673 fido_credman_get_dev_rp(fido_dev_t *dev, fido_credman_rp_t *rp, const char *pin)  in fido_credman_get_dev_rp()  argument
675 	int ms = dev->timeout_ms;  in fido_credman_get_dev_rp()
677 	return (credman_get_rp_wait(dev, rp, pin, &ms));  in fido_credman_get_dev_rp()
681 credman_set_dev_rk_wait(fido_dev_t *dev, fido_cred_t *cred, const char *pin,  in credman_set_dev_rk_wait()  argument
686 	if ((r = credman_tx(dev, CMD_UPDATE_CRED, cred, pin, NULL,  in credman_set_dev_rk_wait()
695 fido_credman_set_dev_rk(fido_dev_t *dev, fido_cred_t *cred, const char *pin)  in fido_credman_set_dev_rk()  argument
697 	int ms = dev->timeout_ms;  in fido_credman_set_dev_rk()
699 	return (credman_set_dev_rk_wait(dev, cred, pin, &ms));  in fido_credman_set_dev_rk()
724 	return (rk->n_rx);  in fido_credman_rk_count()
730 	if (idx >= rk->n_alloc)  in fido_credman_rk()
733 	return (&rk->ptr[idx]);  in fido_credman_rk()
757 	return (metadata->rk_existing);  in fido_credman_rk_existing()
763 	return (metadata->rk_remaining);  in fido_credman_rk_remaining()
788 	return (rp->n_rx);  in fido_credman_rp_count()
794 	if (idx >= rp->n_alloc)  in fido_credman_rp_id()
797 	return (rp->ptr[idx].rp_entity.id);  in fido_credman_rp_id()
803 	if (idx >= rp->n_alloc)  in fido_credman_rp_name()
806 	return (rp->ptr[idx].rp_entity.name);  in fido_credman_rp_name()
812 	if (idx >= rp->n_alloc)  in fido_credman_rp_id_hash_len()
815 	return (rp->ptr[idx].rp_id_hash.len);  in fido_credman_rp_id_hash_len()
821 	if (idx >= rp->n_alloc)  in fido_credman_rp_id_hash_ptr()
824 	return (rp->ptr[idx].rp_id_hash.ptr);  in fido_credman_rp_id_hash_ptr()