fido commands hash checks works.

2018-11-13 19:02:02 +02:00
parent 679b5eec5b
commit 7214c70720
9 changed files with 691 additions and 7 deletions
--- a/client/Makefile
+++ b/client/Makefile
@@ -107,6 +107,7 @@ CMDSRCS =	crapto1/crapto1.c \
 			crapto1/crypto1.c \
 			mfkey.c \
 			tea.c \
+			fido/additional_ca.c \
 			polarssl/des.c \
 			crypto/libpcrypto.c\
 			crypto/asn1utils.c\
--- a/client/cmdhffido.c
+++ b/client/cmdhffido.c
@@ -41,6 +41,10 @@
 #include "cliparser/cliparser.h"
 #include "crypto/asn1utils.h"
 #include "crypto/libpcrypto.h"
+#include "fido/additional_ca.h"
+#include "mbedtls/x509_crt.h"
+#include "mbedtls/x509.h"
+#include "mbedtls/pk.h"

 static int CmdHelp(const char *Cmd);

@@ -203,7 +207,7 @@ int CmdHFFidoRegister(const char *cmd) {
 	void* argtable[] = {
 		arg_param_begin,
 		arg_lit0("aA",  "apdu",     "show APDU reqests and responses"),
-		arg_lit0("vV",  "verbose",  "show technical data"),
+		arg_lit0("vV",  "verbose",  "show technical data. vv - show full certificates data"),
 		arg_lit0("pP",  "plain",    "send plain ASCII to challenge and application parameters instead of HEX"),
 		arg_str0("jJ",  "json",		"fido.json", "JSON input / output file name for parameters."),
 		arg_str0(NULL,  NULL,       "<HEX/ASCII challenge parameter (32b HEX/1..16 chars)>", NULL),
@@ -214,6 +218,7 @@ int CmdHFFidoRegister(const char *cmd) {
 	
 	bool APDULogging = arg_get_lit(1);
 	bool verbose = arg_get_lit(2);
+	bool verbose2 = arg_get_lit(2) > 1;
 	bool paramsPlain = arg_get_lit(3);

 	char fname[250] = {0};
@@ -304,7 +309,7 @@ int CmdHFFidoRegister(const char *cmd) {
 	if (APDULogging)
 		PrintAndLog("---------------------------------------------------------------");
 	PrintAndLog("data len: %d", len);
-	if (verbose) {
+	if (verbose2) {
 		PrintAndLog("--------------data----------------------");
 		dump_buffer((const unsigned char *)buf, len, NULL, 0);
 		PrintAndLog("--------------data----------------------");
@@ -321,8 +326,7 @@ int CmdHFFidoRegister(const char *cmd) {
 	
 	int derp = 67 + keyHandleLen;
 	int derLen = (buf[derp + 2] << 8) + buf[derp + 3] + 4;
-	// needs to decode DER certificate
-	if (verbose) {
+	if (verbose2) {
 		PrintAndLog("DER certificate[%d]:------------------DER-------------------", derLen);
 		dump_buffer_simple((const unsigned char *)&buf[67 + keyHandleLen], derLen, NULL);
 		PrintAndLog("\n----------------DER---------------------");
@@ -331,7 +335,56 @@ int CmdHFFidoRegister(const char *cmd) {
 	}
 	
 	// check and print DER certificate
-	uint8_t public_key[65] = {0}; 
+	uint8_t public_key[65] = {0};
+	
+	// TODO: print DER certificate in DER view
+	
+	// load CA's
+	mbedtls_x509_crt cacert;
+	mbedtls_x509_crt_init(&cacert);
+	res = mbedtls_x509_crt_parse(&cacert, (const unsigned char *) additional_ca_pem, additional_ca_pem_len);
+	if (res < 0) {
+		PrintAndLog("ERROR: CA parse certificate returned -0x%x - %s", -res, ecdsa_get_error(res));
+	}
+	if (verbose) 
+		PrintAndLog("CA load OK. %d skipped", res);
+	
+	// load DER certificate from authenticator's data
+	mbedtls_x509_crt cert;
+	mbedtls_x509_crt_init(&cert);
+	res = mbedtls_x509_crt_parse_der(&cert, &buf[67 + keyHandleLen], derLen);
+	if (res) {
+		PrintAndLog("ERROR: DER parse returned 0x%x - %s", (res<0)?-res:res, ecdsa_get_error(res));
+	}
+	
+	// get certificate info
+	char linfo[300] = {0};
+	mbedtls_x509_crt_info(linfo, sizeof(linfo), "  ", &cert);
+	PrintAndLog("DER certificate info:\n%s", linfo);
+	
+	// verify certificate
+	uint32_t verifyflags = 0;
+	memset(linfo, 0x00, sizeof(linfo));
+
+	res = mbedtls_x509_crt_verify(&cert, &cacert, NULL, NULL, &verifyflags, NULL, NULL);
+	if (res) {
+		PrintAndLog("ERROR: DER verify returned 0x%x - %s", (res<0)?-res:res, ecdsa_get_error(res));
+	}
+	
+	mbedtls_x509_crt_verify_info(linfo, sizeof(linfo), "  ", verifyflags);
+	PrintAndLog("Verification info:\n%s", linfo);
+	
+	// get public key
+	res = ecdsa_public_key_from_pk(&cert.pk, public_key, sizeof(public_key));
+	if (res) {
+		PrintAndLog("ERROR: getting public key from certificate 0x%x - %s", (res<0)?-res:res, ecdsa_get_error(res));
+	} else {
+		if (verbose)
+			PrintAndLog("Got a public key from certificate.");
+	}
+
+	mbedtls_x509_crt_free(&cert);
+	mbedtls_x509_crt_free(&cacert);
 	
 	// get hash
 	int hashp = 1 + 65 + 1 + keyHandleLen + derLen;
@@ -351,8 +404,8 @@ int CmdHFFidoRegister(const char *cmd) {
 		size_t xbuflen = 0;
 		res = FillBuffer(xbuf, sizeof(xbuf), &xbuflen,
 			"\x00", 1,
-			adata, 32, 
-			cdata, 32, 
+			&data[32], 32,           // application parameter  
+			&data[0], 32,            // challenge parameter
 			&buf[67], keyHandleLen,  // keyHandle
 			&buf[1], 65,             // user public key
 			NULL, 0);
--- a/client/crypto/libpcrypto.c
+++ b/client/crypto/libpcrypto.c
@@ -16,6 +16,7 @@
 #include <mbedtls/asn1.h>
 #include <mbedtls/aes.h>
 #include <mbedtls/cmac.h>
+#include <mbedtls/pk.h>
 #include <mbedtls/ecdsa.h>
 #include <mbedtls/sha256.h>
 #include <mbedtls/ctr_drbg.h>
@@ -208,6 +209,31 @@ char *ecdsa_get_error(int ret) {
 	return retstr;
 }

+int ecdsa_public_key_from_pk(mbedtls_pk_context *pk, uint8_t *key, size_t keylen) {
+	int res = 0;
+	size_t realkeylen = 0;
+	if (keylen < 65) 
+		return 1;
+	
+	mbedtls_ecdsa_context ctx;
+	mbedtls_ecdsa_init(&ctx);
+	
+	res = mbedtls_ecp_group_load(&ctx.grp, MBEDTLS_ECP_DP_SECP256R1); // secp256r1
+	if (res)
+		goto exit;
+	
+	res = mbedtls_ecdsa_from_keypair(&ctx, mbedtls_pk_ec(*pk) );
+	if (res)
+		goto exit;
+	
+	res = mbedtls_ecp_point_write_binary(&ctx.grp, &ctx.Q, MBEDTLS_ECP_PF_UNCOMPRESSED, &realkeylen, key, keylen);
+	if (realkeylen != 65)
+		res = 2;
+exit:
+	mbedtls_ecdsa_free(&ctx);
+	return res;
+}
+
 int ecdsa_signature_create(uint8_t *key_d, uint8_t *key_xy, uint8_t *input, int length, uint8_t *signature, size_t *signaturelen) {
 	int res;
 	*signaturelen = 0;
--- a/client/crypto/libpcrypto.h
+++ b/client/crypto/libpcrypto.h
@@ -14,6 +14,7 @@
 #include <stdint.h>
 #include <stdbool.h>
 #include <stddef.h>
+#include <mbedtls/pk.h>

 extern int aes_encode(uint8_t *iv, uint8_t *key, uint8_t *input, uint8_t *output, int length);
 extern int aes_decode(uint8_t *iv, uint8_t *key, uint8_t *input, uint8_t *output, int length);
@@ -23,6 +24,7 @@ extern int aes_cmac8(uint8_t *iv, uint8_t *key, uint8_t *input, uint8_t *mac, in
 extern int sha256hash(uint8_t *input, int length, uint8_t *hash);

 extern int ecdsa_key_create(uint8_t * key_d, uint8_t *key_xy);
+extern int ecdsa_public_key_from_pk(mbedtls_pk_context *pk, uint8_t *key, size_t keylen);
 extern int ecdsa_signature_create(uint8_t *key_d, uint8_t *key_xy, uint8_t *input, int length, uint8_t *signature, size_t *signaturelen);
 extern int ecdsa_signature_verify(uint8_t *key_xy, uint8_t *input, int length, uint8_t *signature, size_t signaturelen);
 extern char *ecdsa_get_error(int ret);
--- a/client/fido/additional_ca.c
+++ b/client/fido/additional_ca.c
@@ -0,0 +1,63 @@
+//-----------------------------------------------------------------------------
+// Copyright (C) 2018 Merlok
+//
+// This code is licensed to you under the terms of the GNU GPL, version 2 or,
+// at your option, any later version. See the LICENSE.txt file for the text of
+// the license.
+//-----------------------------------------------------------------------------
+// CA PEM certificates 
+//-----------------------------------------------------------------------------
+//
+
+#include "additional_ca.h"
+#include "mbedtls/certs.h"
+
+#define GLOBALSIGN_CA				\
+"-----BEGIN CERTIFICATE-----\r\n"	\
+"MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG\r\n"	\
+"A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv\r\n"	\
+"b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw\r\n"	\
+"MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i\r\n"	\
+"YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT\r\n"	\
+"aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ\r\n"	\
+"jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp\r\n"	\
+"xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp\r\n"	\
+"1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG\r\n"	\
+"snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ\r\n"	\
+"U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8\r\n"	\
+"9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E\r\n"	\
+"BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B\r\n"	\
+"AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz\r\n"	\
+"yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE\r\n"	\
+"38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP\r\n"	\
+"AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad\r\n"	\
+"DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME\r\n"	\
+"HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==\r\n"	\
+"-----END CERTIFICATE-----\r\n"
+
+// Name: Yubico U2F Root CA Serial 457200631
+// Issued: 2014-08-01
+#define YUBICO_CA	\
+"-----BEGIN CERTIFICATE-----" \
+"MIIDHjCCAgagAwIBAgIEG0BT9zANBgkqhkiG9w0BAQsFADAuMSwwKgYDVQQDEyNZ" \
+"dWJpY28gVTJGIFJvb3QgQ0EgU2VyaWFsIDQ1NzIwMDYzMTAgFw0xNDA4MDEwMDAw" \
+"MDBaGA8yMDUwMDkwNDAwMDAwMFowLjEsMCoGA1UEAxMjWXViaWNvIFUyRiBSb290" \
+"IENBIFNlcmlhbCA0NTcyMDA2MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK" \
+"AoIBAQC/jwYuhBVlqaiYWEMsrWFisgJ+PtM91eSrpI4TK7U53mwCIawSDHy8vUmk" \
+"5N2KAj9abvT9NP5SMS1hQi3usxoYGonXQgfO6ZXyUA9a+KAkqdFnBnlyugSeCOep" \
+"8EdZFfsaRFtMjkwz5Gcz2Py4vIYvCdMHPtwaz0bVuzneueIEz6TnQjE63Rdt2zbw" \
+"nebwTG5ZybeWSwbzy+BJ34ZHcUhPAY89yJQXuE0IzMZFcEBbPNRbWECRKgjq//qT" \
+"9nmDOFVlSRCt2wiqPSzluwn+v+suQEBsUjTGMEd25tKXXTkNW21wIWbxeSyUoTXw" \
+"LvGS6xlwQSgNpk2qXYwf8iXg7VWZAgMBAAGjQjBAMB0GA1UdDgQWBBQgIvz0bNGJ" \
+"hjgpToksyKpP9xv9oDAPBgNVHRMECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAN" \
+"BgkqhkiG9w0BAQsFAAOCAQEAjvjuOMDSa+JXFCLyBKsycXtBVZsJ4Ue3LbaEsPY4" \
+"MYN/hIQ5ZM5p7EjfcnMG4CtYkNsfNHc0AhBLdq45rnT87q/6O3vUEtNMafbhU6kt" \
+"hX7Y+9XFN9NpmYxr+ekVY5xOxi8h9JDIgoMP4VB1uS0aunL1IGqrNooL9mmFnL2k" \
+"LVVee6/VR6C5+KSTCMCWppMuJIZII2v9o4dkoZ8Y7QRjQlLfYzd3qGtKbw7xaF1U" \
+"sG/5xUb/Btwb2X2g4InpiB/yt/3CpQXpiWX/K4mBvUKiGn05ZsqeY1gx4g0xLBqc" \
+"U9psmyPzK+Vsgw2jeRQ5JlKDyqE0hebfC1tvFu0CCrJFcw==" \
+"-----END CERTIFICATE-----"
+
+/* Concatenation of all additional CA certificates in PEM format if available */
+const char   additional_ca_pem[] = YUBICO_CA; ///GLOBALSIGN_CA
+const size_t additional_ca_pem_len = sizeof(additional_ca_pem);
--- a/client/fido/additional_ca.h
+++ b/client/fido/additional_ca.h
@@ -0,0 +1,21 @@
+//-----------------------------------------------------------------------------
+// Copyright (C) 2018 Merlok
+//
+// This code is licensed to you under the terms of the GNU GPL, version 2 or,
+// at your option, any later version. See the LICENSE.txt file for the text of
+// the license.
+//-----------------------------------------------------------------------------
+// CA PEM certificates 
+//-----------------------------------------------------------------------------
+//
+
+#ifndef __ADDITIONAL_CA_H__
+#define __ADDITIONAL_CA_H__
+
+#include <stddef.h>
+
+// Concatenation of all CA certificates in PEM format if available 
+extern const char   additional_ca_pem[];
+extern const size_t additional_ca_pem_len;
+
+#endif /* __ADDITIONAL_CA_H__ */
--- a/client/obj/fido/.dummy
+++ b/client/obj/fido/.dummy