}
static GList *
-__get_auth_list_with_keyids(GList *available_authenticators)
+__get_auth_list_with_keyids(_policy_t *policy, GList *available_authenticators)
{
- _INFO("__get_auth_list_with_keyids");
+ _INFO("keyID retrieval start");
GList *available_authenticators_full = NULL;
GList *avl_auth_iter = g_list_first(available_authenticators);
- while (avl_auth_iter != NULL) {
+ for (; avl_auth_iter != NULL; avl_auth_iter = avl_auth_iter->next) {
fido_authenticator_s *asm_auth = (fido_authenticator_s*)(avl_auth_iter->data);
if (asm_auth != NULL) {
- char *get_reg_json = _uaf_composer_compose_get_registrations_request(asm_auth->auth_index);
- char *get_reg_resp = _asm_ipc_send_sync(asm_auth->asm_id, get_reg_json);
+ if (asm_auth->is_roaming == true) {
+ /*For RA, keyID = keyHandle*/
+ _INFO("For Roaming");
+ GList *accepted_list = policy->accepted_list;
+
+ if (accepted_list != NULL)
+ _INFO("accepted_list count = [%d]", g_list_length(accepted_list));
+
+ GList *accepted_list_iter = g_list_first(accepted_list);
+ for (; accepted_list_iter != NULL; accepted_list_iter = accepted_list_iter->next) {
+
+ GList *accepted_list_internal = (GList *) accepted_list_iter->data;
+ GList *accepted_list_internal_iter = g_list_first(accepted_list_internal);
+ for (; accepted_list_internal_iter != NULL;
+ accepted_list_internal_iter = accepted_list_internal_iter->next) {
+ _match_criteria_t *match_info = (_match_criteria_t *) accepted_list_internal_iter->data;
+
+ if (match_info->aaid_list != NULL) {
+
+ GList *aaid_iter = g_list_first(match_info->aaid_list);
+ for (; aaid_iter != NULL; aaid_iter = aaid_iter->next) {
+
+ char *aaid = (char*)aaid_iter->data;
+ if ((aaid != NULL) && (strcmp(aaid, asm_auth->aaid) == 0)) {
+ _INFO("Adding keyid as keyhandle");
+
+ if (match_info->key_id_list != NULL) {
+ GList *key_list_iter = g_list_first(match_info->key_id_list);
+ for (; key_list_iter != NULL; key_list_iter = key_list_iter->next) {
+
+ char *key_id = (char*)key_list_iter->data;
+ if (key_id != NULL) {
+ asm_auth->key_ids = g_list_append(asm_auth->key_ids, _SAFE_DUP(key_id));
+ _INFO("Added keyid as keyhandle");
+ _INFO("%s", key_id);
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
- if (get_reg_resp != NULL)
- _INFO("_asm_ipc_send_sync = [%s]", get_reg_resp);
+ if (asm_auth->key_ids != NULL) {
+ asm_auth->key_ids = g_list_first(asm_auth->key_ids);
+ available_authenticators_full = g_list_append(available_authenticators_full, asm_auth);
+ _INFO("Added keyid as keyhandle [%p][%s][%d]", asm_auth,
+ asm_auth->aaid, g_list_length(asm_auth->key_ids));
+ }
- _asm_get_reg_out_t *get_reg_out = _uaf_parser_parser_asm_get_reg_response(get_reg_resp);
- if (get_reg_out != NULL) {
- asm_auth->key_ids = __get_keyid_list_from_app_reg(get_reg_out->app_reg_list);
- asm_auth->key_ids = g_list_first(asm_auth->key_ids);
- _INFO(" asm_auth->key_ids count = [%d]", g_list_length(asm_auth->key_ids));
- }
- available_authenticators_full = g_list_append(available_authenticators_full, asm_auth);
+ } else {
+
+ _INFO("For Bound");
+ char *get_reg_json = _uaf_composer_compose_get_registrations_request(asm_auth->auth_index);
+ char *get_reg_resp = _asm_ipc_send_sync(asm_auth->asm_id, get_reg_json);
- SAFE_DELETE(get_reg_json);
- SAFE_DELETE(get_reg_resp);
- _free_asm_get_reg_out(get_reg_out);
+ if (get_reg_resp != NULL)
+ _INFO("_asm_ipc_send_sync = [%s]", get_reg_resp);
+ _asm_get_reg_out_t *get_reg_out = _uaf_parser_parser_asm_get_reg_response(get_reg_resp);
+ if (get_reg_out != NULL) {
+ asm_auth->key_ids = __get_keyid_list_from_app_reg(get_reg_out->app_reg_list);
+ asm_auth->key_ids = g_list_first(asm_auth->key_ids);
+ _INFO(" asm_auth->key_ids count = [%d]", g_list_length(asm_auth->key_ids));
+ }
+ available_authenticators_full = g_list_append(available_authenticators_full, asm_auth);
+
+ SAFE_DELETE(get_reg_json);
+ SAFE_DELETE(get_reg_resp);
+ _free_asm_get_reg_out(get_reg_out);
+
+ }
}
- avl_auth_iter = avl_auth_iter->next;
}
+ _INFO("keyID retrieval end");
return available_authenticators_full;
}
if (policy->is_keyid_present == true) {
/*Available authenticators' keyIDs can be fetched via GetRegistrations ASM op*/
_INFO("Need to call GetRegistrations to match policy");
- GList *avl_auth_list_full_temp = __get_auth_list_with_keyids(available_authenticators);
+ GList *avl_auth_list_full_temp = __get_auth_list_with_keyids(policy, available_authenticators);
if (avl_auth_list_full_temp != NULL) {
g_list_free(available_authenticators_full);
if (policy->is_keyid_present == true) {
/*Available authenticators' keyIDs can be fetched via GetRegistrations ASM op*/
_INFO("Need to call GetRegistrations to match policy");
- GList *avl_auth_list_full_temp = __get_auth_list_with_keyids(available_authenticators);
+ GList *avl_auth_list_full_temp = __get_auth_list_with_keyids(policy, available_authenticators);
if (avl_auth_list_full_temp != NULL) {
g_list_free(available_authenticators_full);
available_authenticators_full = g_list_first(avl_auth_list_full_temp);
accepted_list_iter = accepted_list_iter->next;
}
- if (allowed_list != NULL)
+ if (allowed_list != NULL) {
allowed_list = g_list_first(allowed_list);
- return allowed_list;
+ /*List consolidation, based on asmid-authindex*/
+
+ GList *alist_cons = NULL;
+
+ GList *allowed_list_iter = g_list_first(allowed_list);
+ for (; allowed_list_iter != NULL; allowed_list_iter = allowed_list_iter->next) {
+
+ _matched_auth_data_t *matched_auth_data = (_matched_auth_data_t*)allowed_list_iter->data;
+ if (matched_auth_data->auth_index == NULL)
+ continue;
+
+ _matched_auth_data_t *matched_auth_data_new = (_matched_auth_data_t*) calloc(1, sizeof(_matched_auth_data_t));
+
+ matched_auth_data_new->auth_index = _SAFE_DUP(matched_auth_data->auth_index);
+ matched_auth_data_new->att_type = matched_auth_data->att_type;
+ matched_auth_data_new->asm_id = _SAFE_DUP(matched_auth_data->asm_id);
+ matched_auth_data_new->key_ids = __copy_string_list(matched_auth_data->key_ids);
+ matched_auth_data_new->tc_display_png_characteristics =
+ __copy_png_list(matched_auth_data->tc_display_png_characteristics);
+
+ _INFO("[%s][%s]", matched_auth_data_new->asm_id, matched_auth_data_new->auth_index);
+ /*Find duplicate, append keyids*/
+ GList *allowed_list_iter_next = allowed_list_iter->next;
+ for (; allowed_list_iter_next != NULL; allowed_list_iter_next = allowed_list_iter_next->next) {
+
+ _matched_auth_data_t *matched_auth_data_nxt = (_matched_auth_data_t*)allowed_list_iter_next->data;
+
+ if (strcmp(matched_auth_data_nxt->asm_id, matched_auth_data->asm_id) == 0) {
+ if (strcmp(matched_auth_data_nxt->auth_index, matched_auth_data->auth_index) == 0) {
+
+ _INFO("Appending keyIds");
+ /*Append keyIds*/
+ for (matched_auth_data_nxt->key_ids = g_list_first(matched_auth_data_nxt->key_ids);
+ matched_auth_data_nxt->key_ids != NULL;
+ matched_auth_data_nxt->key_ids = matched_auth_data_nxt->key_ids->next) {
+
+ char *key_id = matched_auth_data_nxt->key_ids->data;
+ matched_auth_data_new->key_ids = g_list_append(matched_auth_data_new->key_ids,
+ _SAFE_DUP(key_id));
+ _INFO("Appended keyIds, count=[%d]", g_list_length(matched_auth_data_new->key_ids));
+ }
+
+ /*Once matched and appended, it wont be considered next time*/
+ matched_auth_data_nxt->auth_index = NULL;
+ }
+ }
+
+ }
+
+ _INFO("Total keyId count=[%d]", g_list_length(matched_auth_data_new->key_ids));
+ alist_cons = g_list_append(alist_cons, matched_auth_data_new);
+ _INFO("Added to consolidated list");
+ }
+ return alist_cons;
+
+ }
+
+ _ERR("No match");
+ return NULL;
}
/* Returns _matched_auth_dereg_t list */