Skip to content

Commit

Permalink
libfido2-compat error translation
Browse files Browse the repository at this point in the history
  • Loading branch information
@BryanJacobs
BryanJacobs committed Jan 13, 2024
1 parent 000e8c2 commit 375a147
Show file tree
Hide file tree
Showing 4 changed files with 59 additions and 46 deletions.
24 changes: 12 additions & 12 deletions library/src/nativeMain/kotlin/us/q3q/fidok/fido2compat/Assert.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ fun fido_assert_set_rp(

assertHandle.rpId = id

return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
}

@OptIn(ExperimentalForeignApi::class)
Expand All @@ -77,9 +77,9 @@ fun fido_dev_get_assert(
): Int {
val devHandle = dev.asStableRef<FidoDevHandle>().get()
val assertHandle = assert.asStableRef<FidoAssertHandle>().get()
val authenticator = devHandle.authenticatorDevice ?: return FIDO_ERR_NOTFOUND
val authenticator = devHandle.authenticatorDevice ?: return FidoCompatErrors.FIDO_ERR_NOTFOUND.v

val rpId = assertHandle.rpId ?: return FIDO_ERR_INVALID_PARAM
val rpId = assertHandle.rpId ?: return FidoCompatErrors.FIDO_ERR_INVALID_PARAM.v

val client =
get_fidocompat_lib().ctapClient(
Expand Down Expand Up @@ -127,7 +127,7 @@ fun fido_dev_get_assert(
)
}

if (result == FIDO_OK) {
if (result == FidoCompatErrors.FIDO_OK.v) {
assertHandle.assertions = assertResponse!!
if (hmacSecretExtension != null) {
assertHandle.hmacSecrets =
Expand Down Expand Up @@ -161,7 +161,7 @@ fun fido_assert_set_clientdata(

if (ptr == null) {
assertHandle.clientDataHash = null
return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
}

val clientData =
Expand All @@ -171,7 +171,7 @@ fun fido_assert_set_clientdata(
val clientDataHash = get_fidocompat_lib().cryptoProvider.sha256(clientData).hash
assertHandle.clientDataHash = clientDataHash

return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
}

@OptIn(ExperimentalForeignApi::class)
Expand All @@ -185,7 +185,7 @@ fun fido_assert_set_clientdata_hash(

if (ptr == null) {
assertHandle.clientDataHash = null
return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
}

val clientDataHash =
Expand All @@ -194,7 +194,7 @@ fun fido_assert_set_clientdata_hash(
}
assertHandle.clientDataHash = clientDataHash

return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
}

@OptIn(ExperimentalForeignApi::class)
Expand All @@ -207,7 +207,7 @@ fun fido_assert_set_extensions(

assertHandle.extensions = flags

return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
}

@OptIn(ExperimentalForeignApi::class)
Expand All @@ -225,7 +225,7 @@ fun fido_assert_empty_allow_list(assert: fido_assert_t): Int {

assertHandle.allowList = mutableListOf()

return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
}

@OptIn(ExperimentalForeignApi::class)
Expand All @@ -243,7 +243,7 @@ fun fido_assert_allow_cred(
}
assertHandle.allowList.add(credIdBytes)

return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
}

@OptIn(ExperimentalForeignApi::class)
Expand All @@ -265,7 +265,7 @@ fun fido_assert_set_hmac_salt(
}
assertHandle.hmacSalt = hmacSalt

return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
}

@OptIn(ExperimentalForeignApi::class)
Expand Down
49 changes: 18 additions & 31 deletions library/src/nativeMain/kotlin/us/q3q/fidok/fido2compat/Credential.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,19 +31,6 @@ import kotlin.experimental.ExperimentalNativeApi

typealias fido_cred_t = COpaquePointer

const val FIDO_OK = 0
const val FIDO_ERR_TX = -1
const val FIDO_ERR_RX = -2
const val FIDO_ERR_RX_NOT_CBOR = -3
const val FIDO_ERR_RX_INVALID_CBOR = -4
const val FIDO_ERR_INVALID_PARAM = -5
const val FIDO_ERR_INVALID_SIG = -6
const val FIDO_ERR_INVALID_ARGUMENT = -7
const val FIDO_ERR_USER_PRESENCE_REQUIRED = -8
const val FIDO_ERR_INTERNAL = -9
const val FIDO_ERR_NOTFOUND = -10
const val FIDO_ERR_COMPRESS = -11

const val FIDO_OPT_OMIT = 0
const val FIDO_OPT_FALSE = 1
const val FIDO_OPT_TRUE = 2
Expand Down Expand Up @@ -101,7 +88,7 @@ fun fido_cred_set_rp(
credHandle.rpId = id
credHandle.rpName = name

return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
}

@OptIn(ExperimentalForeignApi::class)
Expand All @@ -123,7 +110,7 @@ fun fido_cred_set_user(
credHandle.userName = name
credHandle.userDisplayName = display_name

return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
}

@OptIn(ExperimentalForeignApi::class)
Expand All @@ -140,12 +127,12 @@ fun fido_cred_set_type(
}

if (matchingAlg == null) {
return FIDO_ERR_INVALID_ARGUMENT
return FidoCompatErrors.FIDO_ERR_INVALID_ARGUMENT.v
}

credHandle.type = matchingAlg

return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
}

@OptIn(ExperimentalForeignApi::class)
Expand All @@ -157,9 +144,9 @@ fun fido_dev_make_cred(
): Int {
val devHandle = dev.asStableRef<FidoDevHandle>().get()
val credHandle = cred.asStableRef<FidoCredHandle>().get()
val authenticator = devHandle.authenticatorDevice ?: return FIDO_ERR_NOTFOUND
val authenticator = devHandle.authenticatorDevice ?: return FidoCompatErrors.FIDO_ERR_NOTFOUND.v

val rpId = credHandle.rpId ?: return FIDO_ERR_INVALID_PARAM
val rpId = credHandle.rpId ?: return FidoCompatErrors.FIDO_ERR_INVALID_PARAM.v

val client =
get_fidocompat_lib().ctapClient(
Expand Down Expand Up @@ -210,7 +197,7 @@ fun fido_dev_make_cred(
)
}

if (result == FIDO_OK) {
if (result == FidoCompatErrors.FIDO_OK.v) {
credHandle.cred = credResponse
if (credProtect != null) {
credHandle.prot = credProtect.getLevel()
Expand Down Expand Up @@ -275,7 +262,7 @@ fun fido_cred_set_clientdata(

if (ptr == null) {
credHandle.clientDataHash = null
return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
}

val clientData =
Expand All @@ -285,7 +272,7 @@ fun fido_cred_set_clientdata(
val clientDataHash = get_fidocompat_lib().cryptoProvider.sha256(clientData).hash
credHandle.clientDataHash = clientDataHash

return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
}

@OptIn(ExperimentalForeignApi::class)
Expand All @@ -299,7 +286,7 @@ fun fido_cred_set_clientdata_hash(

if (ptr == null) {
credHandle.clientDataHash = null
return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
}

val clientDataHash =
Expand All @@ -308,7 +295,7 @@ fun fido_cred_set_clientdata_hash(
}
credHandle.clientDataHash = clientDataHash

return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
}

@OptIn(ExperimentalForeignApi::class)
Expand All @@ -321,7 +308,7 @@ fun fido_cred_set_extensions(

credHandle.extensions = flags

return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
}

@OptIn(ExperimentalForeignApi::class)
Expand All @@ -334,7 +321,7 @@ fun fido_cred_set_prot(

if (prot != 0) {
if (prot < 0 || prot > 3) {
return FIDO_ERR_INVALID_PARAM
return FidoCompatErrors.FIDO_ERR_INVALID_PARAM.v
}
credHandle.extensions = credHandle.extensions.or(FIDO_EXT_CRED_PROTECT)
credHandle.prot = prot.toUByte()
Expand All @@ -343,7 +330,7 @@ fun fido_cred_set_prot(
credHandle.prot = 0u
}

return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
}

@OptIn(ExperimentalForeignApi::class)
Expand All @@ -370,10 +357,10 @@ fun fido_cred_set_rk(
} else if (rk == FIDO_OPT_FALSE || rk == FIDO_OPT_OMIT) {
credHandle.rk = false
} else {
return FIDO_ERR_INVALID_ARGUMENT
return FidoCompatErrors.FIDO_ERR_INVALID_ARGUMENT.v
}

return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
}

@OptIn(ExperimentalForeignApi::class)
Expand All @@ -383,7 +370,7 @@ fun fido_cred_empty_exclude_list(cred: fido_cred_t): Int {

credHandle.excludeList = mutableListOf()

return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
}

@OptIn(ExperimentalForeignApi::class)
Expand All @@ -401,5 +388,5 @@ fun fido_cred_exclude(
}
credHandle.excludeList.add(credIdBytes)

return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
}
2 changes: 1 addition & 1 deletion library/src/nativeMain/kotlin/us/q3q/fidok/fido2compat/Info.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ fun fido_dev_get_cbor_info(
val devHandle = dev.asStableRef<FidoDevHandle>().get()
val infoHandle = ci.asStableRef<FidoInfoHandle>().get()

val authenticator = devHandle.authenticatorDevice ?: return FIDO_ERR_TX
val authenticator = devHandle.authenticatorDevice ?: return FidoCompatErrors.FIDO_ERR_TX.v

val client =
get_fidocompat_lib().ctapClient(
Expand Down
30 changes: 28 additions & 2 deletions library/src/nativeMain/kotlin/us/q3q/fidok/fido2compat/Init.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,27 @@ package us.q3q.fidok.fido2compat

import us.q3q.fidok.BotanCryptoProvider
import us.q3q.fidok.ctap.CTAPError
import us.q3q.fidok.ctap.CTAPResponse
import us.q3q.fidok.ctap.DeviceCommunicationException
import us.q3q.fidok.ctap.FIDOkLibrary
import us.q3q.fidok.platformDeviceProviders
import kotlin.experimental.ExperimentalNativeApi

enum class FidoCompatErrors(val v: Int) {
FIDO_OK(0),
FIDO_ERR_TX(-1),
FIDO_ERR_RX(-2),
FIDO_ERR_RX_NOT_CBOR(-3),
FIDO_ERR_RX_INVALID_CBOR(-4),
FIDO_ERR_INVALID_PARAM(-5),
FIDO_ERR_INVALID_SIG(-6),
FIDO_ERR_INVALID_ARGUMENT(-7),
FIDO_ERR_USER_PRESENCE_REQUIRED(-8),
FIDO_ERR_INTERNAL(-9),
FIDO_ERR_NOTFOUND(-10),
FIDO_ERR_COMPRESS(-11),
}

internal var library: FIDOkLibrary? = null

@OptIn(ExperimentalNativeApi::class)
Expand All @@ -23,6 +39,16 @@ fun fido_init(flags: Int) {
}
}

@OptIn(ExperimentalNativeApi::class)
@CName("fido_strerr")
fun fido_strerr(n: Int): String {
return if (n <= 0) {
FidoCompatErrors.entries.firstOrNull { it.v == n }
} else {
CTAPResponse.entries.firstOrNull { it.value.toInt() == n }
}?.name ?: "Unknown error $n"
}

fun get_fidocompat_lib(): FIDOkLibrary {
return library
?: throw IllegalStateException("fido_init not called")
Expand All @@ -31,10 +57,10 @@ fun get_fidocompat_lib(): FIDOkLibrary {
fun fido_do_with_error_handling(c: () -> Unit): Int {
try {
c()
return FIDO_OK
return FidoCompatErrors.FIDO_OK.v
} catch (e: CTAPError) {
return e.code.toInt()
} catch (e: DeviceCommunicationException) {
return FIDO_ERR_TX
return FidoCompatErrors.FIDO_ERR_TX.v
}
}

0 comments on commit 375a147

Please sign in to comment.