mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7969 Commits
17 Branches
Tree: 3f5cdfe359
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '3f5cdfe359'
${ noResults }
gitea/vendor/github.com/tstranex/u2f/register.go

register.go 6.1KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230 
  1. // Go FIDO U2F Library

  2. // Copyright 2015 The Go FIDO U2F Library Authors. All rights reserved.

  3. // Use of this source code is governed by the MIT

  4. // license that can be found in the LICENSE file.

  5. 

  6. package u2f

  7. 

  8. import (

  9. 	"crypto/ecdsa"

  10. 	"crypto/elliptic"

  11. 	"crypto/sha256"

  12. 	"crypto/x509"

  13. 	"encoding/asn1"

  14. 	"encoding/hex"

  15. 	"errors"

  16. 	"time"

  17. )

  18. 

  19. // Registration represents a single enrolment or pairing between an

  20. // application and a token. This data will typically be stored in a database.

  21. type Registration struct {

  22. 	// Raw serialized registration data as received from the token.

  23. 	Raw []byte

  24. 

  25. 	KeyHandle []byte

  26. 	PubKey    ecdsa.PublicKey

  27. 

  28. 	// AttestationCert can be nil for Authenticate requests.

  29. 	AttestationCert *x509.Certificate

  30. }

  31. 

  32. // Config contains configurable options for the package.

  33. type Config struct {

  34. 	// SkipAttestationVerify controls whether the token attestation

  35. 	// certificate should be verified on registration. Ideally it should

  36. 	// always be verified. However, there is currently no public list of

  37. 	// trusted attestation root certificates so it may be necessary to skip.

  38. 	SkipAttestationVerify bool

  39. 

  40. 	// RootAttestationCertPool overrides the default root certificates used

  41. 	// to verify client attestations. If nil, this defaults to the roots that are

  42. 	// bundled in this library.

  43. 	RootAttestationCertPool *x509.CertPool

  44. }

  45. 

  46. // Register validates a RegisterResponse message to enrol a new token.

  47. // An error is returned if any part of the response fails to validate.

  48. // The returned Registration should be stored by the caller.

  49. func Register(resp RegisterResponse, c Challenge, config *Config) (*Registration, error) {

  50. 	if config == nil {

  51. 		config = &Config{}

  52. 	}

  53. 

  54. 	if time.Now().Sub(c.Timestamp) > timeout {

  55. 		return nil, errors.New("u2f: challenge has expired")

  56. 	}

  57. 

  58. 	regData, err := decodeBase64(resp.RegistrationData)

  59. 	if err != nil {

  60. 		return nil, err

  61. 	}

  62. 

  63. 	clientData, err := decodeBase64(resp.ClientData)

  64. 	if err != nil {

  65. 		return nil, err

  66. 	}

  67. 

  68. 	reg, sig, err := parseRegistration(regData)

  69. 	if err != nil {

  70. 		return nil, err

  71. 	}

  72. 

  73. 	if err := verifyClientData(clientData, c); err != nil {

  74. 		return nil, err

  75. 	}

  76. 

  77. 	if err := verifyAttestationCert(*reg, config); err != nil {

  78. 		return nil, err

  79. 	}

  80. 

  81. 	if err := verifyRegistrationSignature(*reg, sig, c.AppID, clientData); err != nil {

  82. 		return nil, err

  83. 	}

  84. 

  85. 	return reg, nil

  86. }

  87. 

  88. func parseRegistration(buf []byte) (*Registration, []byte, error) {

  89. 	if len(buf) < 1+65+1+1+1 {

  90. 		return nil, nil, errors.New("u2f: data is too short")

  91. 	}

  92. 

  93. 	var r Registration

  94. 	r.Raw = buf

  95. 

  96. 	if buf[0] != 0x05 {

  97. 		return nil, nil, errors.New("u2f: invalid reserved byte")

  98. 	}

  99. 	buf = buf[1:]

  100. 

  101. 	x, y := elliptic.Unmarshal(elliptic.P256(), buf[:65])

  102. 	if x == nil {

  103. 		return nil, nil, errors.New("u2f: invalid public key")

  104. 	}

  105. 	r.PubKey.Curve = elliptic.P256()

  106. 	r.PubKey.X = x

  107. 	r.PubKey.Y = y

  108. 	buf = buf[65:]

  109. 

  110. 	khLen := int(buf[0])

  111. 	buf = buf[1:]

  112. 	if len(buf) < khLen {

  113. 		return nil, nil, errors.New("u2f: invalid key handle")

  114. 	}

  115. 	r.KeyHandle = buf[:khLen]

  116. 	buf = buf[khLen:]

  117. 

  118. 	// The length of the x509 cert isn't specified so it has to be inferred

  119. 	// by parsing. We can't use x509.ParseCertificate yet because it returns

  120. 	// an error if there are any trailing bytes. So parse raw asn1 as a

  121. 	// workaround to get the length.

  122. 	sig, err := asn1.Unmarshal(buf, &asn1.RawValue{})

  123. 	if err != nil {

  124. 		return nil, nil, err

  125. 	}

  126. 

  127. 	buf = buf[:len(buf)-len(sig)]

  128. 	fixCertIfNeed(buf)

  129. 	cert, err := x509.ParseCertificate(buf)

  130. 	if err != nil {

  131. 		return nil, nil, err

  132. 	}

  133. 	r.AttestationCert = cert

  134. 

  135. 	return &r, sig, nil

  136. }

  137. 

  138. // UnmarshalBinary implements encoding.BinaryMarshaler.

  139. func (r *Registration) UnmarshalBinary(data []byte) error {

  140. 	reg, _, err := parseRegistration(data)

  141. 	if err != nil {

  142. 		return err

  143. 	}

  144. 	*r = *reg

  145. 	return nil

  146. }

  147. 

  148. // MarshalBinary implements encoding.BinaryUnmarshaler.

  149. func (r *Registration) MarshalBinary() ([]byte, error) {

  150. 	return r.Raw, nil

  151. }

  152. 

  153. func verifyAttestationCert(r Registration, config *Config) error {

  154. 	if config.SkipAttestationVerify {

  155. 		return nil

  156. 	}

  157. 	rootCertPool := roots

  158. 	if config.RootAttestationCertPool != nil {

  159. 		rootCertPool = config.RootAttestationCertPool

  160. 	}

  161. 

  162. 	opts := x509.VerifyOptions{Roots: rootCertPool}

  163. 	_, err := r.AttestationCert.Verify(opts)

  164. 	return err

  165. }

  166. 

  167. func verifyRegistrationSignature(

  168. 	r Registration, signature []byte, appid string, clientData []byte) error {

  169. 

  170. 	appParam := sha256.Sum256([]byte(appid))

  171. 	challenge := sha256.Sum256(clientData)

  172. 

  173. 	buf := []byte{0}

  174. 	buf = append(buf, appParam[:]...)

  175. 	buf = append(buf, challenge[:]...)

  176. 	buf = append(buf, r.KeyHandle...)

  177. 	pk := elliptic.Marshal(r.PubKey.Curve, r.PubKey.X, r.PubKey.Y)

  178. 	buf = append(buf, pk...)

  179. 

  180. 	return r.AttestationCert.CheckSignature(

  181. 		x509.ECDSAWithSHA256, buf, signature)

  182. }

  183. 

  184. func getRegisteredKey(appID string, r Registration) RegisteredKey {

  185. 	return RegisteredKey{

  186. 		Version:   u2fVersion,

  187. 		KeyHandle: encodeBase64(r.KeyHandle),

  188. 		AppID:     appID,

  189. 	}

  190. }

  191. 

  192. // fixCertIfNeed fixes broken certificates described in

  193. // https://github.com/Yubico/php-u2flib-server/blob/master/src/u2flib_server/U2F.php#L84

  194. func fixCertIfNeed(cert []byte) {

  195. 	h := sha256.Sum256(cert)

  196. 	switch hex.EncodeToString(h[:]) {

  197. 	case

  198. 		"349bca1031f8c82c4ceca38b9cebf1a69df9fb3b94eed99eb3fb9aa3822d26e8",

  199. 		"dd574527df608e47ae45fbba75a2afdd5c20fd94a02419381813cd55a2a3398f",

  200. 		"1d8764f0f7cd1352df6150045c8f638e517270e8b5dda1c63ade9c2280240cae",

  201. 		"d0edc9a91a1677435a953390865d208c55b3183c6759c9b5a7ff494c322558eb",

  202. 		"6073c436dcd064a48127ddbf6032ac1a66fd59a0c24434f070d4e564c124c897",

  203. 		"ca993121846c464d666096d35f13bf44c1b05af205f9b4a1e00cf6cc10c5e511":

  204. 

  205. 		// clear the offending byte.

  206. 		cert[len(cert)-257] = 0

  207. 	}

  208. }

  209. 

  210. // NewWebRegisterRequest creates a request to enrol a new token.

  211. // regs is the list of the user's existing registration. The browser will

  212. // refuse to re-register a device if it has an existing registration.

  213. func NewWebRegisterRequest(c *Challenge, regs []Registration) *WebRegisterRequest {

  214. 	req := RegisterRequest{

  215. 		Version:   u2fVersion,

  216. 		Challenge: encodeBase64(c.Challenge),

  217. 	}

  218. 

  219. 	rr := WebRegisterRequest{

  220. 		AppID:            c.AppID,

  221. 		RegisterRequests: []RegisterRequest{req},

  222. 	}

  223. 

  224. 	for _, r := range regs {

  225. 		rk := getRegisteredKey(c.AppID, r)

  226. 		rr.RegisteredKeys = append(rr.RegisteredKeys, rk)

  227. 	}

  228. 

  229. 	return &rr

  230. }