Update fido_cred_set_attobj and winhello to use cbor_decode_attobj

Yubico · Feb 7, 2024 · d8786be · d8786be
1 parent 3628d85
commit d8786be
Show file tree

Hide file tree

Showing 4 changed files with 55 additions and 116 deletions.
diff --git a/src/cbor.c b/src/cbor.c
@@ -1132,6 +1132,53 @@ decode_attcred(const unsigned char **buf, size_t *len, int cose_alg,
 	return (ok);
 }
 
+int
+cbor_decode_attobj(const cbor_item_t *key, const cbor_item_t *val, void *arg)
+{
+	fido_cred_t *cred = arg;
+	char		*name = NULL;
+	int			 r = -1;
+
+	if (cbor_string_copy(key, &name) < 0) {
+		fido_log_debug("%s: cbor type", __func__);
+		return (0); /* ignore */
+	}
+
+	if (!strcmp(name, "fmt")) {
+		if (cbor_decode_fmt(val, &cred->fmt) < 0) {
+			fido_log_debug("%s: cbor_decode_fmt", __func__);
+			goto fail;
+		}
+	} else if (!strcmp(name, "attStmt")) {
+		if (cbor_decode_attstmt(val, &cred->attstmt) < 0) {
+			fido_log_debug("%s: cbor_decode_attstmt", __func__);
+			goto fail;
+		}
+	}
+	else if (!strcmp(name, "authData")) {
+		if (fido_blob_decode(val, &cred->authdata_raw) < 0) {
+			fido_log_debug("%s: fido_blob_decode", __func__);
+			goto fail;
+		} 
+
+		if (cbor_decode_cred_authdata(val, cred->type,
+			&cred->authdata_cbor, &cred->authdata, &cred->attcred,
+			&cred->authdata_ext) < 0) {
+			fido_log_debug("%s: cbor_decode_cred_authdata", __func__);
+			goto fail;
+		}
+	} else { /* ignore */
+		fido_log_debug("%s: unknown name", __func__);
+	}
+
+	r = FIDO_OK;
+fail:
+	if (name!= NULL)
+		free(name);
+
+	return (r);
+}
+
 static int
 decode_cred_extension(const cbor_item_t *key, const cbor_item_t *val, void *arg)
 {
@@ -1474,20 +1521,6 @@ cbor_decode_attstmt(const cbor_item_t *item, fido_attstmt_t *attstmt)
 	return (0);
 }
 
-int
-cbor_decode_attobj(const cbor_item_t *item, void *arg,
-    int(*parser)(const cbor_item_t *, const cbor_item_t *, void *))
-{
-	if (cbor_isa_map(item) == false ||
-	    cbor_map_is_definite(item) == false ||
-	    cbor_map_iter(item, arg, parser) < 0) {
-		fido_log_debug("%s: cbor type", __func__);
-		return (-1);
-	}
-
-	return (0);
-}
-
 int
 cbor_decode_uint64(const cbor_item_t *item, uint64_t *n)
 {

diff --git a/src/cred.c b/src/cred.c
@@ -736,67 +736,15 @@ fido_cred_set_attstmt(fido_cred_t *cred, const unsigned char *ptr, size_t len)
 	return (r);
 }
 
-static int
-parse_attobj(const cbor_item_t *key, const cbor_item_t *val, void *arg)
-{
-	fido_cred_t *cred = arg;
-	char		*name = NULL;
-	int			 r = -1;
-
-	if (cbor_string_copy(key, &name) < 0) {
-		fido_log_debug("%s: cbor type", __func__);
-		return (0); /* ignore */
-	}
-
-	if (!strcmp(name, "fmt")) {
-		free(cred->fmt);
-		cred->fmt = NULL;
-
-		if (cbor_decode_fmt(val, &cred->fmt) < 0) {
-			fido_log_debug("%s: cbor_decode_fmt", __func__);
-			goto fail;
-		}
-	} else if (!strcmp(name, "attStmt")) {
-		fido_cred_clean_attstmt(&cred->attstmt);
-
-		if (cbor_decode_attstmt(val, &cred->attstmt) < 0) {
-			fido_log_debug("%s: cbor_decode_attstmt", __func__);
-			goto fail;
-		}
-	}
-	else if (!strcmp(name, "authData")) {
-		fido_cred_clean_authdata(cred);
-
-		if (fido_blob_decode(val, &cred->authdata_raw) < 0) {
-			fido_log_debug("%s: fido_blob_decode", __func__);
-			goto fail;
-		} 
-
-		if (cbor_decode_cred_authdata(val, cred->type,
-			&cred->authdata_cbor, &cred->authdata, &cred->attcred,
-			&cred->authdata_ext) < 0) {
-			fido_log_debug("%s: cbor_decode_cred_authdata", __func__);
-			goto fail;
-		}
-	} else { /* ignore */
-		fido_log_debug("%s: unknown name", __func__);
-	}
-
-	r = FIDO_OK;
-fail:
-	if (name!= NULL)
-		free(name);
-
-	return (r);
-}
-
 int
 fido_cred_set_attobj(fido_cred_t *cred, const unsigned char *ptr, size_t len)
 {
 	cbor_item_t		*item = NULL;
 	struct cbor_load_result	 cbor;
 	int			 r = FIDO_ERR_INVALID_ARGUMENT;
 
+	fido_cred_reset_rx(cred);
+
 	if (ptr == NULL || len == 0)
 		goto fail;
 
@@ -805,8 +753,10 @@ fido_cred_set_attobj(fido_cred_t *cred, const unsigned char *ptr, size_t len)
 		goto fail;
 	}
 
-	if (cbor_decode_attobj(item, cred, parse_attobj) < 0) {
-		fido_log_debug("%s: cbor_decode_attobj", __func__);
+	if (cbor_isa_map(item) == false ||
+	    cbor_map_is_definite(item) == false ||
+	    cbor_map_iter(item, cred, cbor_decode_attobj) < 0) {
+		fido_log_debug("%s: cbor type", __func__);
 		goto fail;
 	}
 

diff --git a/src/extern.h b/src/extern.h
@@ -58,7 +58,7 @@ cbor_item_t *es256_pk_encode(const es256_pk_t *, int);
 
 /* cbor decoding functions */
 int cbor_decode_attstmt(const cbor_item_t *, fido_attstmt_t *);
-int cbor_decode_attobj(const cbor_item_t *item, void *arg, int(*parser)(const cbor_item_t *, const cbor_item_t *, void *));
+int cbor_decode_attobj(const cbor_item_t *, const cbor_item_t *, void *);
 int cbor_decode_bool(const cbor_item_t *, bool *);
 int cbor_decode_cred_authdata(const cbor_item_t *, int, fido_blob_t *,
     fido_authdata_t *, fido_attcred_t *, fido_cred_ext_t *);

diff --git a/src/winhello.c b/src/winhello.c
@@ -739,50 +739,6 @@ translate_fido_cred(struct winhello_cred *ctx, const fido_cred_t *cred,
 	return FIDO_OK;
 }
 
-static int
-decode_attobj(const cbor_item_t *key, const cbor_item_t *val, void *arg)
-{
-	fido_cred_t *cred = arg;
-	char *name = NULL;
-	int ok = -1;
-
-	if (cbor_string_copy(key, &name) < 0) {
-		fido_log_debug("%s: cbor type", __func__);
-		ok = 0; /* ignore */
-		goto fail;
-	}
-
-	if (!strcmp(name, "fmt")) {
-		if (cbor_decode_fmt(val, &cred->fmt) < 0) {
-			fido_log_debug("%s: cbor_decode_fmt", __func__);
-			goto fail;
-		}
-	} else if (!strcmp(name, "attStmt")) {
-		if (cbor_decode_attstmt(val, &cred->attstmt) < 0) {
-			fido_log_debug("%s: cbor_decode_attstmt", __func__);
-			goto fail;
-		}
-	} else if (!strcmp(name, "authData")) {
-		if (fido_blob_decode(val, &cred->authdata_raw) < 0) {
-			fido_log_debug("%s: fido_blob_decode", __func__);
-			goto fail;
-		}
-		if (cbor_decode_cred_authdata(val, cred->type,
-		    &cred->authdata_cbor, &cred->authdata, &cred->attcred,
-		    &cred->authdata_ext) < 0) {
-			fido_log_debug("%s: cbor_decode_cred_authdata",
-			    __func__);
-			goto fail;
-		}
-	}
-
-	ok = 0;
-fail:
-	free(name);
-
-	return (ok);
-}
-
 static int
 translate_winhello_cred(fido_cred_t *cred,
     const WEBAUTHN_CREDENTIAL_ATTESTATION *att)
@@ -802,7 +758,7 @@ translate_winhello_cred(fido_cred_t *cred,
 	}
 	if (cbor_isa_map(item) == false ||
 	    cbor_map_is_definite(item) == false ||
-	    cbor_map_iter(item, cred, decode_attobj) < 0) {
+	    cbor_map_iter(item, cred, cbor_decode_attobj) < 0) {
 		fido_log_debug("%s: cbor type", __func__);
 		goto fail;
 	}