More SgType related bugs

fido-alliance · Oct 4, 2023 · d0d5694 · d0d5694
1 parent f8273bb
commit d0d5694
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 8 deletions.
diff --git a/core/do/to2/listener-to2-64-ProveDevice.go b/core/do/to2/listener-to2-64-ProveDevice.go
@@ -67,7 +67,13 @@ func (h *DoTo2) ProveDevice64(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	err = fdoshared.VerifyCoseSignatureWithCertificate(proveDevice64, session.PublicKeyType, *session.Voucher.OVDevCertChain)
+	pkType, ok := fdoshared.SgTypeToFdoPkType[session.EASigInfo.SgType]
+	if !ok {
+		log.Println("ProveToRV32: Unknown signature type. ")
+		listenertestsdeps.Conf_RespondFDOError(w, r, fdoshared.INVALID_MESSAGE_ERROR, fdoshared.TO1_32_PROVE_TO_RV, "Error to verify signature ProveToRV32 ", http.StatusBadRequest, testcomListener, fdoshared.To1)
+		return
+	}
+	err = fdoshared.VerifyCoseSignatureWithCertificate(proveDevice64, pkType, *session.Voucher.OVDevCertChain)
 	if err != nil {
 		listenertestsdeps.Conf_RespondFDOError(w, r, fdoshared.MESSAGE_BODY_ERROR, currentCmd, "Error validating cose signature with certificate..."+err.Error(), http.StatusBadRequest, testcomListener, fdoshared.To2)
 		return

diff --git a/core/rv/listener-to1.go b/core/rv/listener-to1.go
@@ -92,6 +92,7 @@ func (h *RvTo1) Handle30HelloRV(w http.ResponseWriter, r *http.Request) {
 		Protocol:      fdoshared.To1,
 		NonceTO1Proof: nonceTO1Proof,
 		Guid:          helloRV30.Guid,
+		EASigInfo:     helloRV30.EASigInfo,
 	}
 
 	sessionId, err := h.session.NewSessionEntry(newSessionInst)
@@ -222,17 +223,16 @@ func (h *RvTo1) Handle32ProveToRV(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	voucherHeader, err := to0d.OwnershipVoucher.GetOVHeader()
-	if err != nil {
-		log.Println("ProveToRV32: Error decoding OVHeader. " + err.Error())
-		listenertestsdeps.Conf_RespondFDOError(w, r, fdoshared.INVALID_MESSAGE_ERROR, fdoshared.TO1_32_PROVE_TO_RV, "Error to verify signature ProveToRV32, some error", http.StatusBadRequest, testcomListener, fdoshared.To1)
+	pkType, ok := fdoshared.SgTypeToFdoPkType[session.EASigInfo.SgType]
+	if !ok {
+		log.Println("ProveToRV32: Unknown signature type. ")
+		listenertestsdeps.Conf_RespondFDOError(w, r, fdoshared.INVALID_MESSAGE_ERROR, fdoshared.TO1_32_PROVE_TO_RV, "Error to verify signature ProveToRV32 ", http.StatusBadRequest, testcomListener, fdoshared.To1)
 		return
 	}
-
-	err = fdoshared.VerifyCoseSignatureWithCertificate(proveToRV32, voucherHeader.OVPublicKey.PkType, *to0d.OwnershipVoucher.OVDevCertChain)
+	err = fdoshared.VerifyCoseSignatureWithCertificate(proveToRV32, pkType, *to0d.OwnershipVoucher.OVDevCertChain)
 	if err != nil {
 		log.Println("ProveToRV32: Error verifying ProveToRV32 signature. " + err.Error())
-		listenertestsdeps.Conf_RespondFDOError(w, r, fdoshared.INVALID_MESSAGE_ERROR, fdoshared.TO1_32_PROVE_TO_RV, "Error to verify signature ProveToRV32, some error", http.StatusBadRequest, testcomListener, fdoshared.To1)
+		listenertestsdeps.Conf_RespondFDOError(w, r, fdoshared.INVALID_MESSAGE_ERROR, fdoshared.TO1_32_PROVE_TO_RV, "Error to verify signature ProveToRV32 ", http.StatusBadRequest, testcomListener, fdoshared.To1)
 		return
 	}
 

diff --git a/core/shared/signing.misc.go b/core/shared/signing.misc.go
@@ -98,6 +98,13 @@ var FdoPkType_List []FdoPkType = []FdoPkType{
 	SECP384R1,
 }
 
+var SgTypeToFdoPkType = map[DeviceSgType]FdoPkType{
+	StSECP256R1: SECP256R1,
+	StSECP384R1: SECP384R1,
+	StRSA2048:   RSA2048RESTR,
+	StRSA3072:   RSAPKCS,
+}
+
 const (
 	SECP256R1_SIG_LEN int = 64
 	SECP384R1_SIG_LEN int = 96

diff --git a/core/shared/testcom/listener/listenert.db.go b/core/shared/testcom/listener/listenert.db.go
@@ -116,6 +116,10 @@ func (h *RequestListenerRunnerInst) RemoveTestRun(id string) error {
 }
 
 func (h *RequestListenerRunnerInst) GetNextTestID() testcom.FDOTestID {
+	if !h.Running {
+		return testcom.NULL_TEST
+	}
+
 	selectedTestID := h.Tests[h.ExpectedCmd][h.CurrentTestIndex]
 
 	h.LastTestID = selectedTestID