Date: Fri, 21 Jul 2023 15:38:37 GMT From: Ed Maste <emaste@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: b27bad1e0373 - stable/13 - libfido2: update to 1.9.0 Message-ID: <202307211538.36LFcbZC009151@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/13 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=b27bad1e0373832af03cf2c4f84006899baa81e1 commit b27bad1e0373832af03cf2c4f84006899baa81e1 Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2023-05-05 23:11:52 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2023-07-21 14:41:42 +0000 libfido2: update to 1.9.0 Some highlights from NEWS: ** Added OpenSSL 3.0 compatibility. ** Removed OpenSSL 1.0 compatibility. ** Support for FIDO 2.1 "minPinLength" extension. ** Support for COSE_EDDSA, COSE_ES256, and COSE_RS1 attestation. ** Support for TPM 2.0 attestation. ** Support for device timeouts; see fido_dev_set_timeout(). ** New API calls: - es256_pk_from_EVP_PKEY; - fido_cred_attstmt_len; - fido_cred_attstmt_ptr; - fido_cred_pin_minlen; - fido_cred_set_attstmt; - fido_cred_set_pin_minlen; - fido_dev_set_pin_minlen_rpid; - fido_dev_set_timeout; - rs256_pk_from_EVP_PKEY. ** Reliability and portability fixes. ** Better handling of HID devices without identification strings; gh#381. Relnotes: Yes Sponsored by: The FreeBSD Foundation (cherry picked from commit f540a43052c12c76d3453ead881248d5467a1ab0) --- contrib/libfido2/CMakeLists.txt | 59 +- contrib/libfido2/NEWS | 22 + contrib/libfido2/README.adoc | 9 +- contrib/libfido2/examples/assert.c | 44 +- contrib/libfido2/examples/cred.c | 110 +- contrib/libfido2/examples/extern.h | 8 - contrib/libfido2/examples/reset.c | 13 +- contrib/libfido2/examples/util.c | 28 - contrib/libfido2/fuzz/Dockerfile | 6 +- contrib/libfido2/fuzz/Makefile | 16 +- contrib/libfido2/fuzz/clock.c | 79 ++ contrib/libfido2/fuzz/dummy.h | 83 ++ contrib/libfido2/fuzz/export.gnu | 12 + contrib/libfido2/fuzz/functions.txt | 1165 ++++++++++++---------- contrib/libfido2/fuzz/fuzz_assert.c | 48 +- contrib/libfido2/fuzz/fuzz_bio.c | 1 + contrib/libfido2/fuzz/fuzz_cred.c | 39 +- contrib/libfido2/fuzz/fuzz_credman.c | 1 + contrib/libfido2/fuzz/fuzz_hid.c | 30 +- contrib/libfido2/fuzz/fuzz_largeblob.c | 1 + contrib/libfido2/fuzz/fuzz_mgmt.c | 28 + contrib/libfido2/fuzz/fuzz_netlink.c | 94 +- contrib/libfido2/fuzz/mutator_aux.c | 5 +- contrib/libfido2/fuzz/mutator_aux.h | 5 +- contrib/libfido2/fuzz/report.tgz | Bin 303082 -> 320981 bytes contrib/libfido2/fuzz/summary.txt | 86 +- contrib/libfido2/fuzz/wrap.c | 201 ++-- contrib/libfido2/fuzz/wrapped.sym | 25 +- contrib/libfido2/man/CMakeLists.txt | 17 +- contrib/libfido2/man/es256_pk_new.3 | 18 +- contrib/libfido2/man/fido2-token.1 | 12 + contrib/libfido2/man/fido_cred_new.3 | 50 +- contrib/libfido2/man/fido_cred_set_authdata.3 | 57 +- contrib/libfido2/man/fido_cred_verify.3 | 12 +- contrib/libfido2/man/fido_dev_enable_entattest.3 | 27 +- contrib/libfido2/man/fido_dev_info_manifest.3 | 10 + contrib/libfido2/man/fido_dev_set_io_functions.3 | 35 +- contrib/libfido2/man/rs256_pk_new.3 | 18 +- contrib/libfido2/openbsd-compat/hkdf.c | 124 --- contrib/libfido2/openbsd-compat/hkdf.h | 65 -- contrib/libfido2/openbsd-compat/openbsd-compat.h | 17 +- contrib/libfido2/openbsd-compat/strsep.c | 79 ++ contrib/libfido2/regress/CMakeLists.txt | 10 +- contrib/libfido2/regress/assert.c | 88 +- contrib/libfido2/regress/cred.c | 646 +++++++++++- contrib/libfido2/regress/dev.c | 154 ++- contrib/libfido2/src/CMakeLists.txt | 15 +- contrib/libfido2/src/assert.c | 168 +--- contrib/libfido2/src/authkey.c | 16 +- contrib/libfido2/src/bio.c | 77 +- contrib/libfido2/src/cbor.c | 107 +- contrib/libfido2/src/config.c | 74 +- contrib/libfido2/src/cred.c | 245 +++-- contrib/libfido2/src/credman.c | 62 +- contrib/libfido2/src/dev.c | 63 +- contrib/libfido2/src/ecdh.c | 12 +- contrib/libfido2/src/eddsa.c | 82 +- contrib/libfido2/src/es256.c | 62 +- contrib/libfido2/src/export.gnu | 9 + contrib/libfido2/src/export.llvm | 9 + contrib/libfido2/src/export.msvc | 9 + contrib/libfido2/src/extern.h | 55 +- contrib/libfido2/src/fido.h | 18 +- contrib/libfido2/src/fido/config.h | 2 + contrib/libfido2/src/fido/eddsa.h | 9 +- contrib/libfido2/src/fido/es256.h | 3 +- contrib/libfido2/src/fido/param.h | 8 +- contrib/libfido2/src/fido/rs256.h | 3 +- contrib/libfido2/src/fido/types.h | 14 +- contrib/libfido2/src/hid_freebsd.c | 8 +- contrib/libfido2/src/hid_linux.c | 4 +- contrib/libfido2/src/hid_openbsd.c | 17 +- contrib/libfido2/src/hid_osx.c | 32 +- contrib/libfido2/src/hid_unix.c | 3 +- contrib/libfido2/src/hid_win.c | 48 +- contrib/libfido2/src/info.c | 81 +- contrib/libfido2/src/io.c | 104 +- contrib/libfido2/src/largeblob.c | 65 +- contrib/libfido2/src/netlink.c | 4 +- contrib/libfido2/src/nfc_linux.c | 44 +- contrib/libfido2/src/pin.c | 72 +- contrib/libfido2/src/reset.c | 12 +- contrib/libfido2/src/rs1.c | 99 ++ contrib/libfido2/src/rs256.c | 127 ++- contrib/libfido2/src/time.c | 74 ++ contrib/libfido2/src/tpm.c | 286 ++++++ contrib/libfido2/src/types.c | 76 ++ contrib/libfido2/src/u2f.c | 158 ++- contrib/libfido2/src/webauthn.h | 839 ++++++++++++++++ contrib/libfido2/src/winhello.c | 387 +++---- contrib/libfido2/tools/CMakeLists.txt | 3 + contrib/libfido2/tools/config.c | 48 + contrib/libfido2/tools/extern.h | 3 +- contrib/libfido2/tools/fido2-token.c | 2 + contrib/libfido2/tools/token.c | 6 + contrib/libfido2/windows/build.ps1 | 390 ++++---- contrib/libfido2/windows/const.ps1 | 42 + contrib/libfido2/windows/release.ps1 | 84 ++ lib/libfido2/Makefile | 4 + 99 files changed, 5599 insertions(+), 2302 deletions(-) diff --git a/contrib/libfido2/CMakeLists.txt b/contrib/libfido2/CMakeLists.txt index 101b7b33e2fc..d775a98c5b48 100644 --- a/contrib/libfido2/CMakeLists.txt +++ b/contrib/libfido2/CMakeLists.txt @@ -1,4 +1,4 @@ -# Copyright (c) 2018 Yubico AB. All rights reserved. +# Copyright (c) 2018-2021 Yubico AB. All rights reserved. # Use of this source code is governed by a BSD-style # license that can be found in the LICENSE file. @@ -28,7 +28,7 @@ set(CMAKE_POSITION_INDEPENDENT_CODE ON) set(CMAKE_COLOR_MAKEFILE OFF) set(CMAKE_VERBOSE_MAKEFILE ON) set(FIDO_MAJOR "1") -set(FIDO_MINOR "8") +set(FIDO_MINOR "9") set(FIDO_PATCH "0") set(FIDO_VERSION ${FIDO_MAJOR}.${FIDO_MINOR}.${FIDO_PATCH}) @@ -68,10 +68,11 @@ if(NOT MSVC) set(FIDO_CFLAGS "${FIDO_CFLAGS} -D_DARWIN_C_SOURCE") set(FIDO_CFLAGS "${FIDO_CFLAGS} -D__STDC_WANT_LIB_EXT1__=1") elseif(CMAKE_SYSTEM_NAME STREQUAL "Linux") - set(NFC_LINUX OFF) + set(NFC_LINUX ON) set(FIDO_CFLAGS "${FIDO_CFLAGS} -D_GNU_SOURCE") set(FIDO_CFLAGS "${FIDO_CFLAGS} -D_DEFAULT_SOURCE") - elseif(CMAKE_SYSTEM_NAME STREQUAL "FreeBSD") + elseif(CMAKE_SYSTEM_NAME STREQUAL "FreeBSD" OR + CMAKE_SYSTEM_NAME STREQUAL "MidnightBSD") set(FIDO_CFLAGS "${FIDO_CFLAGS} -D__BSD_VISIBLE=1") endif() set(FIDO_CFLAGS "${FIDO_CFLAGS} -std=c99") @@ -79,7 +80,7 @@ if(NOT MSVC) endif() check_c_compiler_flag("-Wshorten-64-to-32" HAVE_SHORTEN_64_TO_32) -check_c_compiler_flag("-fstack-protector-all" HAVE_STACK_PROTECTOR_ALL) +check_c_compiler_flag("-Werror -fstack-protector-all" HAVE_STACK_PROTECTOR_ALL) check_include_files(cbor.h HAVE_CBOR_H) check_include_files(endian.h HAVE_ENDIAN_H) @@ -88,7 +89,6 @@ check_include_files(openssl/opensslv.h HAVE_OPENSSLV_H) check_include_files(signal.h HAVE_SIGNAL_H) check_include_files(sys/random.h HAVE_SYS_RANDOM_H) check_include_files(unistd.h HAVE_UNISTD_H) -check_include_files("windows.h;webauthn.h" HAVE_WEBAUTHN_H) check_symbol_exists(arc4random_buf stdlib.h HAVE_ARC4RANDOM_BUF) check_symbol_exists(clock_gettime time.h HAVE_CLOCK_GETTIME) @@ -101,17 +101,13 @@ check_symbol_exists(getrandom sys/random.h HAVE_GETRANDOM) check_symbol_exists(memset_s string.h HAVE_MEMSET_S) check_symbol_exists(readpassphrase readpassphrase.h HAVE_READPASSPHRASE) check_symbol_exists(recallocarray stdlib.h HAVE_RECALLOCARRAY) -check_symbol_exists(sigaction signal.h HAVE_SIGACTION) check_symbol_exists(strlcat string.h HAVE_STRLCAT) check_symbol_exists(strlcpy string.h HAVE_STRLCPY) +check_symbol_exists(strsep string.h HAVE_STRSEP) check_symbol_exists(sysconf unistd.h HAVE_SYSCONF) check_symbol_exists(timespecsub sys/time.h HAVE_TIMESPECSUB) check_symbol_exists(timingsafe_bcmp string.h HAVE_TIMINGSAFE_BCMP) -set(CMAKE_EXTRA_INCLUDE_FILES signal.h) -check_type_size("sig_atomic_t" HAVE_SIG_ATOMIC_T) -set(CMAKE_EXTRA_INCLUDE_FILES) - set(CMAKE_TRY_COMPILE_TARGET_TYPE STATIC_LIBRARY) try_compile(HAVE_POSIX_IOCTL "${CMAKE_CURRENT_BINARY_DIR}/posix_ioctl_check.o" @@ -134,16 +130,15 @@ list(APPEND CHECK_VARIABLES HAVE_POSIX_IOCTL HAVE_READPASSPHRASE HAVE_RECALLOCARRAY - HAVE_SIGACTION HAVE_SIGNAL_H HAVE_STRLCAT HAVE_STRLCPY + HAVE_STRSEP HAVE_SYSCONF HAVE_SYS_RANDOM_H HAVE_TIMESPECSUB HAVE_TIMINGSAFE_BCMP HAVE_UNISTD_H - HAVE_WEBAUTHN_H ) foreach(v ${CHECK_VARIABLES}) @@ -156,26 +151,26 @@ if(HAVE_EXPLICIT_BZERO AND NOT LIBFUZZER) add_definitions(-DHAVE_EXPLICIT_BZERO) endif() -if(HAVE_SIGACTION AND (NOT HAVE_SIG_ATOMIC_T STREQUAL "")) - add_definitions(-DSIGNAL_EXAMPLE) -endif() - if(UNIX) add_definitions(-DHAVE_DEV_URANDOM) endif() if(MSVC) if((NOT CBOR_INCLUDE_DIRS) OR (NOT CBOR_LIBRARY_DIRS) OR - (NOT CRYPTO_INCLUDE_DIRS) OR (NOT CRYPTO_LIBRARY_DIRS) OR - (NOT ZLIB_INCLUDE_DIRS) OR (NOT ZLIB_LIBRARY_DIRS)) - message(FATAL_ERROR "please provide definitions for " - "{CBOR,CRYPTO,ZLIB}_{INCLUDE,LIBRARY}_DIRS when building " - "under msvc") + (NOT CBOR_BIN_DIRS) OR (NOT CRYPTO_INCLUDE_DIRS) OR + (NOT CRYPTO_LIBRARY_DIRS) OR (NOT CRYPTO_BIN_DIRS) OR + (NOT ZLIB_INCLUDE_DIRS) OR (NOT ZLIB_LIBRARY_DIRS) OR + (NOT ZLIB_BIN_DIRS)) + message(FATAL_ERROR "please define " + "{CBOR,CRYPTO,ZLIB}_{INCLUDE,LIBRARY,BIN}_DIRS when " + "building under msvc") endif() set(CBOR_LIBRARIES cbor) set(ZLIB_LIBRARIES zlib) set(CRYPTO_LIBRARIES crypto-46) set(MSVC_DISABLED_WARNINGS_LIST + "C4152" # nonstandard extension used: function/data pointer + # conversion in expression; "C4200" # nonstandard extension used: zero-sized array in # struct/union; "C4204" # nonstandard extension used: non-constant aggregate @@ -191,12 +186,10 @@ if(MSVC) ${MSVC_DISABLED_WARNINGS_LIST}) string(REGEX REPLACE "[/-]W[1234][ ]?" "" CMAKE_C_FLAGS ${CMAKE_C_FLAGS}) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -MP -W4 -WX ${MSVC_DISABLED_WARNINGS_STR}") - set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} /Z7 /guard:cf /sdl /RTCcsu") + set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} /Od /Z7 /guard:cf /sdl /RTCcsu") set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} /Zi /guard:cf /sdl") - if (HAVE_WEBAUTHN_H) - add_definitions(-DUSE_WINHELLO) - set(USE_WINHELLO ON) - endif() + add_definitions(-DUSE_WINHELLO) + set(USE_WINHELLO ON) else() include(FindPkgConfig) pkg_search_module(CBOR libcbor) @@ -275,9 +268,14 @@ else() set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -fno-omit-frame-pointer") set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} -D_FORTIFY_SOURCE=2") + if(CRYPTO_VERSION VERSION_GREATER_EQUAL 3.0) + add_definitions(-DOPENSSL_API_COMPAT=0x10100000L) + endif() + if(FUZZ) add_definitions(-DFIDO_FUZZ) endif() + if(LIBFUZZER) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=fuzzer-no-link") endif() @@ -404,10 +402,9 @@ if(BUILD_MANPAGES) endif() if(NOT WIN32) - if(CMAKE_BUILD_TYPE STREQUAL "Debug") - if(NOT LIBFUZZER AND NOT FUZZ) - subdirs(regress) - endif() + if(CMAKE_BUILD_TYPE STREQUAL "Debug" AND NOT FUZZ) + enable_testing() + subdirs(regress) endif() if(FUZZ) subdirs(fuzz) diff --git a/contrib/libfido2/NEWS b/contrib/libfido2/NEWS index a89766b72e89..04cda4e0e83a 100644 --- a/contrib/libfido2/NEWS +++ b/contrib/libfido2/NEWS @@ -1,3 +1,25 @@ +* Version 1.9.0 (2021-10-27) + ** Enabled NFC support on Linux. + ** Added OpenSSL 3.0 compatibility. + ** Removed OpenSSL 1.0 compatibility. + ** Support for FIDO 2.1 "minPinLength" extension. + ** Support for COSE_EDDSA, COSE_ES256, and COSE_RS1 attestation. + ** Support for TPM 2.0 attestation. + ** Support for device timeouts; see fido_dev_set_timeout(). + ** New API calls: + - es256_pk_from_EVP_PKEY; + - fido_cred_attstmt_len; + - fido_cred_attstmt_ptr; + - fido_cred_pin_minlen; + - fido_cred_set_attstmt; + - fido_cred_set_pin_minlen; + - fido_dev_set_pin_minlen_rpid; + - fido_dev_set_timeout; + - rs256_pk_from_EVP_PKEY. + ** Reliability and portability fixes. + ** Better handling of HID devices without identification strings; gh#381. + ** Fixed detection of Windows's native webauthn API; gh#382. + * Version 1.8.0 (2021-07-22) ** Dropped 'Requires.private' entry from pkg-config file. ** Better support for FIDO 2.1 authenticators. diff --git a/contrib/libfido2/README.adoc b/contrib/libfido2/README.adoc index f5ffa7e4e602..a0e188bf8774 100644 --- a/contrib/libfido2/README.adoc +++ b/contrib/libfido2/README.adoc @@ -23,6 +23,8 @@ file for the full license text. *libfido2* is known to work on Linux, macOS, Windows, OpenBSD, and FreeBSD. +NFC support is available on Linux and Windows. + === Documentation Documentation is available in troff and HTML formats. An @@ -40,7 +42,7 @@ is also available. ==== Releases -The current release of *libfido2* is 1.8.0. Please consult Yubico's +The current release of *libfido2* is 1.9.0. Please consult Yubico's https://developers.yubico.com/libfido2/Releases[release page] for source and binary releases. @@ -66,7 +68,7 @@ Follow the instructions for Ubuntu 18.04 (Bionic) below. Or from source, on UNIX-like systems: - $ (rm -rf build && mkdir build && cd build && cmake ..) + $ cmake -B build $ make -C build $ sudo make -C build install @@ -75,7 +77,8 @@ https://www.freedesktop.org/wiki/Software/pkg-config/[pkg-config] may need to be installed, or the PKG_CONFIG_PATH environment variable set. *libfido2* depends on https://github.com/pjk/libcbor[libcbor], -https://www.openssl.org[OpenSSL], and https://zlib.net[zlib]. On Linux, libudev +https://www.openssl.org[OpenSSL] 1.1 or newer, and https://zlib.net[zlib]. +On Linux, libudev (part of https://www.freedesktop.org/wiki/Software/systemd[systemd]) is also required. diff --git a/contrib/libfido2/examples/assert.c b/contrib/libfido2/examples/assert.c index dc3fda3ac447..8b0dbd9f6eb2 100644 --- a/contrib/libfido2/examples/assert.c +++ b/contrib/libfido2/examples/assert.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018 Yubico AB. All rights reserved. + * Copyright (c) 2018-2021 Yubico AB. All rights reserved. * Use of this source code is governed by a BSD-style * license that can be found in the LICENSE file. */ @@ -20,7 +20,7 @@ #include "../openbsd-compat/openbsd-compat.h" #include "extern.h" -static const unsigned char cdh[32] = { +static const unsigned char cd[32] = { 0xec, 0x8d, 0x8f, 0x78, 0x42, 0x4a, 0x2b, 0xb7, 0x82, 0x34, 0xaa, 0xca, 0x07, 0xa1, 0xf6, 0x56, 0x42, 0x1c, 0xb6, 0xf6, 0xb3, 0x00, 0x86, 0x52, @@ -106,10 +106,9 @@ verify_assert(int type, const unsigned char *authdata_ptr, size_t authdata_len, errx(1, "fido_assert_new"); /* client data hash */ - r = fido_assert_set_clientdata_hash(assert, cdh, sizeof(cdh)); + r = fido_assert_set_clientdata(assert, cd, sizeof(cd)); if (r != FIDO_OK) - errx(1, "fido_assert_set_clientdata_hash: %s (0x%x)", - fido_strerr(r), r); + errx(1, "fido_assert_set_clientdata: %s (0x%x)", fido_strerr(r), r); /* relying party */ r = fido_assert_set_rp(assert, "localhost"); @@ -166,7 +165,7 @@ main(int argc, char **argv) const char *blobkey_out = NULL; const char *hmac_out = NULL; unsigned char *body = NULL; - long long seconds = 0; + long long ms = 0; size_t len; int type = COSE_ES256; int ext = 0; @@ -182,16 +181,12 @@ main(int argc, char **argv) pin = optarg; break; case 'T': -#ifndef SIGNAL_EXAMPLE - (void)seconds; - errx(1, "-T not supported"); -#else - if (base10(optarg, &seconds) < 0) + if (base10(optarg, &ms) < 0) errx(1, "base10: %s", optarg); - if (seconds <= 0 || seconds > 30) + if (ms <= 0 || ms > 30) errx(1, "-T: %s must be in (0,30]", optarg); + ms *= 1000; /* seconds to milliseconds */ break; -#endif case 'a': if (read_blob(optarg, &body, &len) < 0) errx(1, "read_blob: %s", optarg); @@ -262,10 +257,9 @@ main(int argc, char **argv) fido_dev_force_u2f(dev); /* client data hash */ - r = fido_assert_set_clientdata_hash(assert, cdh, sizeof(cdh)); + r = fido_assert_set_clientdata(assert, cd, sizeof(cd)); if (r != FIDO_OK) - errx(1, "fido_assert_set_clientdata_hash: %s (0x%x)", - fido_strerr(r), r); + errx(1, "fido_assert_set_clientdata: %s (0x%x)", fido_strerr(r), r); /* relying party */ r = fido_assert_set_rp(assert, "localhost"); @@ -286,20 +280,12 @@ main(int argc, char **argv) if (uv && (r = fido_assert_set_uv(assert, FIDO_OPT_TRUE)) != FIDO_OK) errx(1, "fido_assert_set_uv: %s (0x%x)", fido_strerr(r), r); -#ifdef SIGNAL_EXAMPLE - prepare_signal_handler(SIGINT); - if (seconds) { - prepare_signal_handler(SIGALRM); - alarm((unsigned)seconds); - } -#endif + /* timeout */ + if (ms != 0 && (r = fido_dev_set_timeout(dev, (int)ms)) != FIDO_OK) + errx(1, "fido_dev_set_timeout: %s (0x%x)", fido_strerr(r), r); - r = fido_dev_get_assert(dev, assert, pin); - if (r != FIDO_OK) { -#ifdef SIGNAL_EXAMPLE - if (got_signal) - fido_dev_cancel(dev); -#endif + if ((r = fido_dev_get_assert(dev, assert, pin)) != FIDO_OK) { + fido_dev_cancel(dev); errx(1, "fido_dev_get_assert: %s (0x%x)", fido_strerr(r), r); } diff --git a/contrib/libfido2/examples/cred.c b/contrib/libfido2/examples/cred.c index 74145c761380..4a9d8bf4b25a 100644 --- a/contrib/libfido2/examples/cred.c +++ b/contrib/libfido2/examples/cred.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018 Yubico AB. All rights reserved. + * Copyright (c) 2018-2021 Yubico AB. All rights reserved. * Use of this source code is governed by a BSD-style * license that can be found in the LICENSE file. */ @@ -17,7 +17,7 @@ #include "../openbsd-compat/openbsd-compat.h" #include "extern.h" -static const unsigned char cdh[32] = { +static const unsigned char cd[32] = { 0xf9, 0x64, 0x57, 0xe7, 0x2d, 0x97, 0xf6, 0xbb, 0xdd, 0xd7, 0xfb, 0x06, 0x37, 0x62, 0xea, 0x26, 0x20, 0x44, 0x8e, 0x69, 0x7c, 0x03, 0xf2, 0x31, @@ -42,9 +42,8 @@ usage(void) static void verify_cred(int type, const char *fmt, const unsigned char *authdata_ptr, - size_t authdata_len, const unsigned char *x509_ptr, size_t x509_len, - const unsigned char *sig_ptr, size_t sig_len, bool rk, bool uv, int ext, - const char *key_out, const char *id_out) + size_t authdata_len, const unsigned char *attstmt_ptr, size_t attstmt_len, + bool rk, bool uv, int ext, const char *key_out, const char *id_out) { fido_cred_t *cred; int r; @@ -57,11 +56,10 @@ verify_cred(int type, const char *fmt, const unsigned char *authdata_ptr, if (r != FIDO_OK) errx(1, "fido_cred_set_type: %s (0x%x)", fido_strerr(r), r); - /* client data hash */ - r = fido_cred_set_clientdata_hash(cred, cdh, sizeof(cdh)); + /* client data */ + r = fido_cred_set_clientdata(cred, cd, sizeof(cd)); if (r != FIDO_OK) - errx(1, "fido_cred_set_clientdata_hash: %s (0x%x)", - fido_strerr(r), r); + errx(1, "fido_cred_set_clientdata: %s (0x%x)", fido_strerr(r), r); /* relying party */ r = fido_cred_set_rp(cred, "localhost", "sweet home localhost"); @@ -96,15 +94,10 @@ verify_cred(int type, const char *fmt, const unsigned char *authdata_ptr, goto out; } - /* x509 */ - r = fido_cred_set_x509(cred, x509_ptr, x509_len); + /* attestation statement */ + r = fido_cred_set_attstmt(cred, attstmt_ptr, attstmt_len); if (r != FIDO_OK) - errx(1, "fido_cred_set_x509: %s (0x%x)", fido_strerr(r), r); - - /* sig */ - r = fido_cred_set_sig(cred, sig_ptr, sig_len); - if (r != FIDO_OK) - errx(1, "fido_cred_set_sig: %s (0x%x)", fido_strerr(r), r); + errx(1, "fido_cred_set_attstmt: %s (0x%x)", fido_strerr(r), r); r = fido_cred_verify(cred); if (r != FIDO_OK) @@ -138,27 +131,6 @@ out: fido_cred_free(&cred); } -static fido_dev_t * -open_from_manifest(const fido_dev_info_t *dev_infos, size_t len, - const char *path) -{ - size_t i; - fido_dev_t *dev; - - for (i = 0; i < len; i++) { - const fido_dev_info_t *curr = fido_dev_info_ptr(dev_infos, i); - if (path == NULL || - strcmp(path, fido_dev_info_path(curr)) == 0) { - dev = fido_dev_new_with_info(curr); - if (fido_dev_open_with_info(dev) == FIDO_OK) - return (dev); - fido_dev_free(&dev); - } - } - - return (NULL); -} - int main(int argc, char **argv) { @@ -171,16 +143,13 @@ main(int argc, char **argv) const char *blobkey_out = NULL; const char *key_out = NULL; const char *id_out = NULL; - const char *path = NULL; unsigned char *body = NULL; - long long seconds = 0; + long long ms = 0; size_t len; int type = COSE_ES256; int ext = 0; int ch; int r; - fido_dev_info_t *dev_infos = NULL; - size_t dev_infos_len = 0; if ((cred = fido_cred_new()) == NULL) errx(1, "fido_cred_new"); @@ -191,16 +160,12 @@ main(int argc, char **argv) pin = optarg; break; case 'T': -#ifndef SIGNAL_EXAMPLE - (void)seconds; - errx(1, "-T not supported"); -#else - if (base10(optarg, &seconds) < 0) + if (base10(optarg, &ms) < 0) errx(1, "base10: %s", optarg); - if (seconds <= 0 || seconds > 30) + if (ms <= 0 || ms > 30) errx(1, "-T: %s must be in (0,30]", optarg); + ms *= 1000; /* seconds to milliseconds */ break; -#endif case 'b': ext |= FIDO_EXT_LARGEBLOB_KEY; blobkey_out = optarg; @@ -248,21 +213,20 @@ main(int argc, char **argv) } } - fido_init(0); - argc -= optind; argv += optind; - if (argc > 1) + if (argc != 1) usage(); - dev_infos = fido_dev_info_new(16); - fido_dev_info_manifest(dev_infos, 16, &dev_infos_len); - if (argc == 1) - path = argv[0]; - if ((dev = open_from_manifest(dev_infos, dev_infos_len, path)) == NULL) - errx(1, "open_from_manifest"); + fido_init(0); + + if ((dev = fido_dev_new()) == NULL) + errx(1, "fido_dev_new"); + r = fido_dev_open(dev, argv[0]); + if (r != FIDO_OK) + errx(1, "fido_dev_open: %s (0x%x)", fido_strerr(r), r); if (u2f) fido_dev_force_u2f(dev); @@ -271,11 +235,10 @@ main(int argc, char **argv) if (r != FIDO_OK) errx(1, "fido_cred_set_type: %s (0x%x)", fido_strerr(r), r); - /* client data hash */ - r = fido_cred_set_clientdata_hash(cred, cdh, sizeof(cdh)); + /* client data */ + r = fido_cred_set_clientdata(cred, cd, sizeof(cd)); if (r != FIDO_OK) - errx(1, "fido_cred_set_clientdata_hash: %s (0x%x)", - fido_strerr(r), r); + errx(1, "fido_cred_set_clientdata: %s (0x%x)", fido_strerr(r), r); /* relying party */ r = fido_cred_set_rp(cred, "localhost", "sweet home localhost"); @@ -301,20 +264,12 @@ main(int argc, char **argv) if (uv && (r = fido_cred_set_uv(cred, FIDO_OPT_TRUE)) != FIDO_OK) errx(1, "fido_cred_set_uv: %s (0x%x)", fido_strerr(r), r); -#ifdef SIGNAL_EXAMPLE - prepare_signal_handler(SIGINT); - if (seconds) { - prepare_signal_handler(SIGALRM); - alarm((unsigned)seconds); - } -#endif + /* timeout */ + if (ms != 0 && (r = fido_dev_set_timeout(dev, (int)ms)) != FIDO_OK) + errx(1, "fido_dev_set_timeout: %s (0x%x)", fido_strerr(r), r); - r = fido_dev_make_cred(dev, cred, pin); - if (r != FIDO_OK) { -#ifdef SIGNAL_EXAMPLE - if (got_signal) - fido_dev_cancel(dev); -#endif + if ((r = fido_dev_make_cred(dev, cred, pin)) != FIDO_OK) { + fido_dev_cancel(dev); errx(1, "fido_makecred: %s (0x%x)", fido_strerr(r), r); } @@ -329,9 +284,8 @@ main(int argc, char **argv) uv = true; verify_cred(type, fido_cred_fmt(cred), fido_cred_authdata_ptr(cred), - fido_cred_authdata_len(cred), fido_cred_x5c_ptr(cred), - fido_cred_x5c_len(cred), fido_cred_sig_ptr(cred), - fido_cred_sig_len(cred), rk, uv, ext, key_out, id_out); + fido_cred_authdata_len(cred), fido_cred_attstmt_ptr(cred), + fido_cred_attstmt_len(cred), rk, uv, ext, key_out, id_out); if (blobkey_out != NULL) { /* extract the "largeBlob" key */ diff --git a/contrib/libfido2/examples/extern.h b/contrib/libfido2/examples/extern.h index 0ea68c4fb585..5633b23d2003 100644 --- a/contrib/libfido2/examples/extern.h +++ b/contrib/libfido2/examples/extern.h @@ -11,10 +11,6 @@ #include <openssl/evp.h> #include <openssl/rsa.h> -#ifdef HAVE_SIGNAL_H -#include <signal.h> -#endif - /* util.c */ EC_KEY *read_ec_pubkey(const char *); RSA *read_rsa_pubkey(const char *); @@ -25,9 +21,5 @@ int write_blob(const char *, const unsigned char *, size_t); int write_ec_pubkey(const char *, const void *, size_t); int write_rsa_pubkey(const char *, const void *, size_t); int write_eddsa_pubkey(const char *, const void *, size_t); -#ifdef SIGNAL_EXAMPLE -void prepare_signal_handler(int); -extern volatile sig_atomic_t got_signal; -#endif #endif /* _EXTERN_H_ */ diff --git a/contrib/libfido2/examples/reset.c b/contrib/libfido2/examples/reset.c index eb341c26c0cd..b429d05f0fe4 100644 --- a/contrib/libfido2/examples/reset.c +++ b/contrib/libfido2/examples/reset.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018 Yubico AB. All rights reserved. + * Copyright (c) 2018-2021 Yubico AB. All rights reserved. * Use of this source code is governed by a BSD-style * license that can be found in the LICENSE file. */ @@ -34,16 +34,9 @@ main(int argc, char **argv) if ((r = fido_dev_open(dev, argv[1])) != FIDO_OK) errx(1, "fido_dev_open: %s (0x%x)", fido_strerr(r), r); -#ifdef SIGNAL_EXAMPLE - prepare_signal_handler(SIGINT); -#endif - if ((r = fido_dev_reset(dev)) != FIDO_OK) { -#ifdef SIGNAL_EXAMPLE - if (got_signal) - fido_dev_cancel(dev); -#endif - errx(1, "fido_reset: %s (0x%x)", fido_strerr(r), r); + fido_dev_cancel(dev); + errx(1, "fido_dev_reset: %s (0x%x)", fido_strerr(r), r); } if ((r = fido_dev_close(dev)) != FIDO_OK) diff --git a/contrib/libfido2/examples/util.c b/contrib/libfido2/examples/util.c index caa68aa880ee..8b360af21c7a 100644 --- a/contrib/libfido2/examples/util.c +++ b/contrib/libfido2/examples/util.c @@ -21,9 +21,6 @@ #include <limits.h> #include <stdlib.h> #include <string.h> -#ifdef HAVE_SIGNAL_H -#include <signal.h> -#endif #ifdef HAVE_UNISTD_H #include <unistd.h> #endif @@ -33,31 +30,6 @@ #include "../openbsd-compat/openbsd-compat.h" #include "extern.h" -#ifdef SIGNAL_EXAMPLE -volatile sig_atomic_t got_signal = 0; - -static void -signal_handler(int signo) -{ - (void)signo; - got_signal = 1; -} - -void -prepare_signal_handler(int signo) -{ - struct sigaction sa; - - memset(&sa, 0, sizeof(sa)); - - sigemptyset(&sa.sa_mask); - sa.sa_handler = signal_handler; - - if (sigaction(signo, &sa, NULL) < 0) - err(1, "sigaction"); -} -#endif - int base10(const char *str, long long *ll) { diff --git a/contrib/libfido2/fuzz/Dockerfile b/contrib/libfido2/fuzz/Dockerfile index 895da69e4c4c..f175991d0462 100644 --- a/contrib/libfido2/fuzz/Dockerfile +++ b/contrib/libfido2/fuzz/Dockerfile @@ -1,12 +1,12 @@ -# Copyright (c) 2019 Yubico AB. All rights reserved. +# Copyright (c) 2019-2021 Yubico AB. All rights reserved. # Use of this source code is governed by a BSD-style # license that can be found in the LICENSE file. FROM ubuntu:focal ENV DEBIAN_FRONTEND=noninteractive RUN apt-get update -RUN apt-get install -y clang-11 cmake git libssl-dev libudev-dev make pkg-config +RUN apt-get install -y clang-12 cmake git libssl-dev libudev-dev make pkg-config RUN apt-get install -y zlib1g-dev RUN git clone --branch v0.8.0 https://github.com/PJK/libcbor RUN git clone https://github.com/yubico/libfido2 -RUN CC=clang-11 CXX=clang++-11 /libfido2/fuzz/build-coverage /libcbor /libfido2 +RUN CC=clang-12 CXX=clang++-12 /libfido2/fuzz/build-coverage /libcbor /libfido2 diff --git a/contrib/libfido2/fuzz/Makefile b/contrib/libfido2/fuzz/Makefile index 4b067c23aac2..1a974a2bf557 100644 --- a/contrib/libfido2/fuzz/Makefile +++ b/contrib/libfido2/fuzz/Makefile @@ -1,11 +1,11 @@ -# Copyright (c) 2019 Yubico AB. All rights reserved. +# Copyright (c) 2019-2021 Yubico AB. All rights reserved. # Use of this source code is governed by a BSD-style # license that can be found in the LICENSE file. -IMAGE := libfido2-coverage:1.8.0 +IMAGE := libfido2-coverage:1.9.1 RUNNER := libfido2-runner -PROFDATA := llvm-profdata-11 -COV := llvm-cov-11 +PROFDATA := llvm-profdata-12 +COV := llvm-cov-12 TARGETS := fuzz_assert fuzz_bio fuzz_cred fuzz_credman fuzz_hid \ fuzz_largeblob fuzz_netlink fuzz_mgmt CORPORA := $(foreach f,${TARGETS},${f}/corpus) @@ -50,16 +50,18 @@ profdata: run report.tgz: profdata docker exec ${RUNNER} /bin/sh -c 'rm -rf /report && mkdir /report && \ ${COV} show -format=html -tab-size=8 -instr-profile=/$< \ - -output-dir=/report /libfido2/build/src/libfido2.so' + --show-branch-summary=false -output-dir=/report \ + /libfido2/build/src/libfido2.so' docker exec -i ${RUNNER} tar Czcf / - report > $@ summary.txt: profdata docker exec ${RUNNER} ${COV} report -use-color=false \ - /libfido2/build/src/libfido2.so -instr-profile=/$< > $@ + --show-branch-summary=false /libfido2/build/src/libfido2.so \ + -instr-profile=/$< > $@ functions.txt: profdata docker exec ${RUNNER} /bin/sh -c '${COV} report -use-color=false \ - -show-functions -instr-profile=/$< \ + -show-functions --show-branch-summary=false -instr-profile=/$< \ /libfido2/build/src/libfido2.so /libfido2/src/*.[ch]' > $@ clean: run diff --git a/contrib/libfido2/fuzz/clock.c b/contrib/libfido2/fuzz/clock.c new file mode 100644 index 000000000000..23803c2ee3e5 --- /dev/null +++ b/contrib/libfido2/fuzz/clock.c @@ -0,0 +1,79 @@ +/* + * Copyright (c) 2021 Yubico AB. All rights reserved. + * Use of this source code is governed by a BSD-style + * license that can be found in the LICENSE file. + */ + +#include <stdint.h> +#include <time.h> + +#include "mutator_aux.h" + +/* + * A pseudo-random monotonic clock with a probabilistic discontinuity to + * the end of time (as measured by struct timespec). + */ + +extern int prng_up; +extern int __wrap_clock_gettime(clockid_t, struct timespec *); +extern int __real_clock_gettime(clockid_t, struct timespec *); +extern int __wrap_usleep(unsigned int); +static TLS struct timespec fuzz_clock; + +static void +tick(unsigned int usec) +{ + long long drift; + + /* + * Simulate a jump to the end of time with 0.125% probability. + * This condition should be gracefully handled by callers of + * clock_gettime(). + */ + if (uniform_random(800) < 1) { + fuzz_clock.tv_sec = LLONG_MAX; + fuzz_clock.tv_nsec = LONG_MAX; + return; + } + + drift = usec * 1000LL + (long long)uniform_random(10000000); /* 10ms */ + if (LLONG_MAX - drift < (long long)fuzz_clock.tv_nsec) { + fuzz_clock_reset(); /* Not much we can do here. */ + } else if (drift + (long long)fuzz_clock.tv_nsec < 1000000000) { + fuzz_clock.tv_nsec += (long)(drift); + } else { + fuzz_clock.tv_sec += (long)(drift / 1000000000); + fuzz_clock.tv_nsec += (long)(drift % 1000000000); + } +} + +int +__wrap_clock_gettime(clockid_t clk_id, struct timespec *tp) +{ + if (!prng_up || clk_id != CLOCK_MONOTONIC) + return __real_clock_gettime(clk_id, tp); + if (uniform_random(400) < 1) + return -1; + + tick(0); + *tp = fuzz_clock; + + return 0; +} + +int +__wrap_usleep(unsigned int usec) +{ + if (uniform_random(400) < 1) + return -1; + + tick(usec); + + return 0; +} + +void +fuzz_clock_reset(void) +{ + memset(&fuzz_clock, 0, sizeof(fuzz_clock)); +} diff --git a/contrib/libfido2/fuzz/dummy.h b/contrib/libfido2/fuzz/dummy.h index 981cceec37b5..95744eba634b 100644 --- a/contrib/libfido2/fuzz/dummy.h +++ b/contrib/libfido2/fuzz/dummy.h @@ -93,4 +93,87 @@ const uint8_t dummy_eddsa[] = { 0xe2, 0x39, 0xdf, 0x2f, 0x87, 0x19, 0xb3, 0x02, }; +const uint8_t dummy_netlink_wiredata[] = { + 0xd8, 0x01, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x9d, 0x2e, 0x00, 0x00, + 0x01, 0x02, 0x00, 0x00, 0x08, 0x00, 0x02, 0x00, + 0x6e, 0x66, 0x63, 0x00, 0x06, 0x00, 0x01, 0x00, + 0x1e, 0x00, 0x00, 0x00, 0x08, 0x00, 0x03, 0x00, + 0x01, 0x00, 0x00, 0x00, 0x08, 0x00, 0x04, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x05, 0x00, + 0x1f, 0x00, 0x00, 0x00, 0x80, 0x01, 0x06, 0x00, + 0x14, 0x00, 0x01, 0x00, 0x08, 0x00, 0x01, 0x00, + 0x01, 0x00, 0x00, 0x00, 0x08, 0x00, 0x02, 0x00, + 0x0e, 0x00, 0x00, 0x00, 0x14, 0x00, 0x02, 0x00, + 0x08, 0x00, 0x01, 0x00, 0x02, 0x00, 0x00, 0x00, + 0x08, 0x00, 0x02, 0x00, 0x0a, 0x00, 0x00, 0x00, + 0x14, 0x00, 0x03, 0x00, 0x08, 0x00, 0x01, 0x00, + 0x03, 0x00, 0x00, 0x00, 0x08, 0x00, 0x02, 0x00, + 0x0a, 0x00, 0x00, 0x00, 0x14, 0x00, 0x04, 0x00, + 0x08, 0x00, 0x01, 0x00, 0x06, 0x00, 0x00, 0x00, + 0x08, 0x00, 0x02, 0x00, 0x0a, 0x00, 0x00, 0x00, + 0x14, 0x00, 0x05, 0x00, 0x08, 0x00, 0x01, 0x00, + 0x07, 0x00, 0x00, 0x00, 0x08, 0x00, 0x02, 0x00, + 0x0a, 0x00, 0x00, 0x00, 0x14, 0x00, 0x06, 0x00, + 0x08, 0x00, 0x01, 0x00, 0x04, 0x00, 0x00, 0x00, + 0x08, 0x00, 0x02, 0x00, 0x0a, 0x00, 0x00, 0x00, + 0x14, 0x00, 0x07, 0x00, 0x08, 0x00, 0x01, 0x00, + 0x05, 0x00, 0x00, 0x00, 0x08, 0x00, 0x02, 0x00, + 0x0a, 0x00, 0x00, 0x00, 0x14, 0x00, 0x08, 0x00, + 0x08, 0x00, 0x01, 0x00, 0x08, 0x00, 0x00, 0x00, + 0x08, 0x00, 0x02, 0x00, 0x0c, 0x00, 0x00, 0x00, + 0x14, 0x00, 0x09, 0x00, 0x08, 0x00, 0x01, 0x00, + 0x0f, 0x00, 0x00, 0x00, 0x08, 0x00, 0x02, 0x00, + 0x0a, 0x00, 0x00, 0x00, 0x14, 0x00, 0x0a, 0x00, + 0x08, 0x00, 0x01, 0x00, 0x10, 0x00, 0x00, 0x00, + 0x08, 0x00, 0x02, 0x00, 0x0a, 0x00, 0x00, 0x00, + 0x14, 0x00, 0x0b, 0x00, 0x08, 0x00, 0x01, 0x00, + 0x13, 0x00, 0x00, 0x00, 0x08, 0x00, 0x02, 0x00, + 0x0a, 0x00, 0x00, 0x00, 0x14, 0x00, 0x0c, 0x00, *** 12268 LINES SKIPPED ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202307211538.36LFcbZC009151>