2 * Copyright (c) 2019 Yubico AB. All rights reserved.
3 * Use of this source code is governed by a BSD-style
4 * license that can be found in the LICENSE file.
8 #include <fido/credman.h>
17 #include "../openbsd-compat/openbsd-compat.h"
21 credman_get_metadata(fido_dev_t *dev, const char *path)
23 fido_credman_metadata_t *metadata = NULL;
27 if ((metadata = fido_credman_metadata_new()) == NULL) {
28 warnx("fido_credman_metadata_new");
31 if ((r = fido_credman_get_dev_metadata(dev, metadata,
32 NULL)) != FIDO_OK && should_retry_with_pin(dev, r)) {
33 if ((pin = get_pin(path)) == NULL)
35 r = fido_credman_get_dev_metadata(dev, metadata, pin);
36 freezero(pin, PINBUF_LEN);
40 warnx("fido_credman_get_dev_metadata: %s", fido_strerr(r));
44 printf("existing rk(s): %u\n",
45 (unsigned)fido_credman_rk_existing(metadata));
46 printf("remaining rk(s): %u\n",
47 (unsigned)fido_credman_rk_remaining(metadata));
51 fido_credman_metadata_free(&metadata);
59 print_rp(fido_credman_rp_t *rp, size_t idx)
61 char *rp_id_hash = NULL;
63 if (base64_encode(fido_credman_rp_id_hash_ptr(rp, idx),
64 fido_credman_rp_id_hash_len(rp, idx), &rp_id_hash) < 0) {
65 warnx("output error");
68 printf("%02u: %s %s\n", (unsigned)idx, rp_id_hash,
69 fido_credman_rp_id(rp, idx));
76 credman_list_rp(const char *path)
78 fido_credman_rp_t *rp = NULL;
79 fido_dev_t *dev = NULL;
84 if ((rp = fido_credman_rp_new()) == NULL) {
85 warnx("fido_credman_rp_new");
88 if ((r = fido_credman_get_dev_rp(dev, rp, NULL)) != FIDO_OK &&
89 should_retry_with_pin(dev, r)) {
90 if ((pin = get_pin(path)) == NULL)
92 r = fido_credman_get_dev_rp(dev, rp, pin);
93 freezero(pin, PINBUF_LEN);
97 warnx("fido_credman_get_dev_rp: %s", fido_strerr(r));
100 for (size_t i = 0; i < fido_credman_rp_count(rp); i++)
101 if (print_rp(rp, i) < 0)
106 fido_credman_rp_free(&rp);
114 print_rk(const fido_credman_rk_t *rk, size_t idx)
116 const fido_cred_t *cred;
118 char *user_id = NULL;
122 if ((cred = fido_credman_rk(rk, idx)) == NULL) {
123 warnx("fido_credman_rk");
126 if (base64_encode(fido_cred_id_ptr(cred), fido_cred_id_len(cred),
127 &id) < 0 || base64_encode(fido_cred_user_id_ptr(cred),
128 fido_cred_user_id_len(cred), &user_id) < 0) {
129 warnx("output error");
133 type = cose_string(fido_cred_type(cred));
134 prot = prot_string(fido_cred_prot(cred));
136 printf("%02u: %s %s %s %s %s\n", (unsigned)idx, id,
137 fido_cred_display_name(cred), user_id, type, prot);
146 credman_list_rk(const char *path, const char *rp_id)
148 fido_dev_t *dev = NULL;
149 fido_credman_rk_t *rk = NULL;
153 dev = open_dev(path);
154 if ((rk = fido_credman_rk_new()) == NULL) {
155 warnx("fido_credman_rk_new");
158 if ((r = fido_credman_get_dev_rk(dev, rp_id, rk, NULL)) != FIDO_OK &&
159 should_retry_with_pin(dev, r)) {
160 if ((pin = get_pin(path)) == NULL)
162 r = fido_credman_get_dev_rk(dev, rp_id, rk, pin);
163 freezero(pin, PINBUF_LEN);
167 warnx("fido_credman_get_dev_rk: %s", fido_strerr(r));
170 for (size_t i = 0; i < fido_credman_rk_count(rk); i++)
171 if (print_rk(rk, i) < 0)
176 fido_credman_rk_free(&rk);
184 credman_print_rk(fido_dev_t *dev, const char *path, const char *rp_id,
187 fido_credman_rk_t *rk = NULL;
188 const fido_cred_t *cred = NULL;
190 void *cred_id_ptr = NULL;
191 size_t cred_id_len = 0;
194 if ((rk = fido_credman_rk_new()) == NULL) {
195 warnx("fido_credman_rk_new");
198 if (base64_decode(cred_id, &cred_id_ptr, &cred_id_len) < 0) {
199 warnx("base64_decode");
202 if ((r = fido_credman_get_dev_rk(dev, rp_id, rk, NULL)) != FIDO_OK &&
203 should_retry_with_pin(dev, r)) {
204 if ((pin = get_pin(path)) == NULL)
206 r = fido_credman_get_dev_rk(dev, rp_id, rk, pin);
207 freezero(pin, PINBUF_LEN);
211 warnx("fido_credman_get_dev_rk: %s", fido_strerr(r));
215 for (size_t i = 0; i < fido_credman_rk_count(rk); i++) {
216 if ((cred = fido_credman_rk(rk, i)) == NULL ||
217 fido_cred_id_ptr(cred) == NULL) {
218 warnx("output error");
221 if (cred_id_len != fido_cred_id_len(cred) ||
222 memcmp(cred_id_ptr, fido_cred_id_ptr(cred), cred_id_len))
224 print_cred(stdout, fido_cred_type(cred), cred);
229 warnx("credential not found");
232 fido_credman_rk_free(&rk);
240 credman_delete_rk(const char *path, const char *id)
242 fido_dev_t *dev = NULL;
248 dev = open_dev(path);
249 if (base64_decode(id, &id_ptr, &id_len) < 0) {
250 warnx("base64_decode");
253 if ((r = fido_credman_del_dev_rk(dev, id_ptr, id_len,
254 NULL)) != FIDO_OK && should_retry_with_pin(dev, r)) {
255 if ((pin = get_pin(path)) == NULL)
257 r = fido_credman_del_dev_rk(dev, id_ptr, id_len, pin);
258 freezero(pin, PINBUF_LEN);
262 warnx("fido_credman_del_dev_rk: %s", fido_strerr(r));
276 credman_update_rk(const char *path, const char *user_id, const char *cred_id,
277 const char *name, const char *display_name)
279 fido_dev_t *dev = NULL;
280 fido_cred_t *cred = NULL;
282 void *user_id_ptr = NULL;
283 void *cred_id_ptr = NULL;
284 size_t user_id_len = 0;
285 size_t cred_id_len = 0;
288 dev = open_dev(path);
289 if (base64_decode(user_id, &user_id_ptr, &user_id_len) < 0 ||
290 base64_decode(cred_id, &cred_id_ptr, &cred_id_len) < 0) {
291 warnx("base64_decode");
294 if ((cred = fido_cred_new()) == NULL) {
295 warnx("fido_cred_new");
298 if ((r = fido_cred_set_id(cred, cred_id_ptr, cred_id_len)) != FIDO_OK) {
299 warnx("fido_cred_set_id: %s", fido_strerr(r));
302 if ((r = fido_cred_set_user(cred, user_id_ptr, user_id_len, name,
303 display_name, NULL)) != FIDO_OK) {
304 warnx("fido_cred_set_user: %s", fido_strerr(r));
307 if ((r = fido_credman_set_dev_rk(dev, cred, NULL)) != FIDO_OK &&
308 should_retry_with_pin(dev, r)) {
309 if ((pin = get_pin(path)) == NULL)
311 r = fido_credman_set_dev_rk(dev, cred, pin);
312 freezero(pin, PINBUF_LEN);
316 warnx("fido_credman_set_dev_rk: %s", fido_strerr(r));
326 fido_cred_free(&cred);
projects / FreeBSD / FreeBSD.git / blob