Implement largeBlobKey

Also change logic to ensure RK IVs are properly used.

Author: BryanJacobs

README.md

@@ -2,16 +2,21 @@
 
 ## Overview
 
-This repository contains sources for a FIDO2 CTAP2.1 compatible(-ish)
-applet targeting the Javacard Classic system, version 3.0.4. In a
+This repository contains sources for a feature complete, FIDO2 CTAP2.1
+compatible applet targeting the Javacard Classic system, version 3.0.4. In a
 nutshell, this lets you take a smartcard, install an app onto it,
 and have it work as a FIDO2 authenticator device with a variety of
 features. You can generate and use OpenSSH `ecdsa-sk` type keys, including
 ones you carry with you on the key (`-O resident`). You can securely unlock
 a LUKS encrypted disk with `systemd-cryptenroll`. You can log in to a Linux
 system locally with [pam-u2f](https://github.com/Yubico/pam-u2f).
 
-In order to run this, you will need
+100% of the FIDO2 CTAP2.1 spec is covered, with the exception of features
+that aren't physically on an ordinary smartcard, such as biometrics or
+other on-board user verification. The implementation is not 100% standards
+compliant, but you can expect very good results generally.
+
+In order to run this outside a simulator, you will need
 [a compatible smartcard](docs/requirements.md). Some smartcards which
 describe themselves as running Javacard 3.0.1 also work - see the
 detailed requirements.
@@ -55,38 +60,37 @@ I suggest [reading the FAQ](docs/FAQ.md) and perhaps [the security model](docs/s
 
 ## Implementation Status
 
-| Feature                                   | Status                                                  |
-|-------------------------------------------|---------------------------------------------------------|
-| CTAP1/U2F                                 | Implemented (see [install guide](docs/certs.md))        |
-| CTAP2.0 core                              | Implemented                                             |
-| CTAP2.1 core                              | Implemented                                             |
-| Resident keys                             | Implemented, default 50 slots                           |
-| User Presence                             | User always considered present: not standards compliant |
-| ECDSA (SecP256r1)                         | Implemented                                             |
-| Self attestation                          | Implemented                                             |
-| Basic attestation with ECDSA certs        | Implemented (see [install guide](docs/certs.md))        |
-| Other crypto, like ed25519                | Not implemented                                         |
-| CTAP2.0 hmac-secret extension             | Implemented                                             |
-| CTAP2.1 hmac-secret extension             | Implemented                                             |
-| CTAP2.1 alwaysUv option                   | Implemented                                             |
-| CTAP2.1 credProtect option                | Implemented                                             |
-| CTAP2.1 PIN Protocol 1                    | Implemented                                             |
-| CTAP2.1 PIN Protocol 2                    | Implemented                                             |
-| CTAP2.1 credential management             | Implemented                                             |
-| CTAP2.1 enterprise attestation            | Implemented but always rejected                         |
-| CTAP2.1 authenticator config              | Implemented                                             |
-| CTAP2.1 minPinLength extension            | Implemented, zero RPID storage capacity                 |
-| CTAP2.1 credBlob extension                | Implemented, discoverable creds only                    |
-| CTAP2.1 authenticatorLargeBlobs extension | Not implemented                                         |
-| CTAP2.1 largeBlobKey extension            | Not implemented                                         |
-| CTAP2.1 bio-stuff                         | Not implemented (doesn't make sense in this context?)   |
-| APDU chaining                             | Supported                                               |
-| Extended APDUs                            | Supported                                               |
-| Performance                               | Adequate (sub-3-second common operations)               |
-| Resource consumption                      | Reasonably optimized for avoiding flash wear            |
-| Bugs                                      | Yes                                                     |
-| Code quality                              | No                                                      |
-| Security                                  | Theoretical, but see "bugs" row above                   |
+| Feature                            | Status                                                  |
+|------------------------------------|---------------------------------------------------------|
+| CTAP1/U2F                          | Implemented (see [install guide](docs/certs.md))        |
+| CTAP2.0 core                       | Implemented                                             |
+| CTAP2.1 core                       | Implemented                                             |
+| Resident keys                      | Implemented, default 50 slots (max 255)                 |
+| User Presence                      | User always considered present: not standards compliant |
+| ECDSA (SecP256r1)                  | Implemented                                             |
+| Self attestation                   | Implemented                                             |
+| Basic attestation with ECDSA certs | Implemented (see [install guide](docs/certs.md))        |
+| Other crypto, like ed25519         | Not implemented - availability depends on hardware      |
+| CTAP2.1 hmac-secret extension      | Implemented                                             |
+| CTAP2.1 alwaysUv option            | Implemented                                             |
+| CTAP2.1 credProtect option         | Implemented                                             |
+| CTAP2.1 PIN Protocol 1             | Implemented                                             |
+| CTAP2.1 PIN Protocol 2             | Implemented                                             |
+| CTAP2.1 credential management      | Implemented                                             |
+| CTAP2.1 enterprise attestation     | Implemented but never provided to RPs                   |
+| CTAP2.1 authenticator config       | Implemented                                             |
+| CTAP2.1 minPinLength extension     | Implemented, zero RPID storage capacity                 |
+| CTAP2.1 credBlob extension         | Implemented, discoverable creds only                    |
+| CTAP2.1 largeBlobKey extension     | Implemented                                             |
+| CTAP2.1 authenticatorLargeBlobs    | Implemented, default 1024 bytes storage (max 4k)        |
+| CTAP2.1 bio-stuff                  | Not implemented (doesn't make sense in this context?)   |
+| APDU chaining                      | Supported                                               |
+| Extended APDUs                     | Supported                                               |
+| Performance                        | Adequate (sub-3-second common operations)               |
+| Resource consumption               | Reasonably optimized for avoiding flash wear            |
+| Bugs                               | Yes                                                     |
+| Code quality                       | No                                                      |
+| Security                           | Theoretical, but see "bugs" row above                   |
 
 ## Software Compatibility
 
@@ -125,8 +129,11 @@ There are two compatibility issues in the table above:
    hardwired to use only "passkeys". If a site explicitly requests a non-discoverable credential,
    you will be prompted to use an NFC security key, but this is only CTAP1 and not CTAP2. There's
    nothing fundamentally preventing this from working on Android but the current state of Chrome
-   and Fennec are that CTAP2 doesn't, because both use the broken Play Services library.
+   and Fennec are that CTAP2 doesn't, because both use the broken Play Services library. It's also
+   worth noting that if you install an untrusted attestation certificate, some implementations will
+   reject your created U2F/CTAP1 credentials.
 1. Some browsers support FIDO2 in theory but only allow USB security keys - this implementation
    is for PC/SC, and doesn't implement USB HID, so it will only work with FIDO2
    implementations that can handle e.g. NFC tokens instead of being restricted to USB. This prevents,
-   for example, Firefox on Linux from using FIDO2Applet. 
+   for example, Firefox on Linux from using FIDO2Applet. Phyiscally USB-connected smartcards are
+   still PC/SC devices, not HID ones!

docs/FAQ.md

@@ -50,29 +50,20 @@ authenticator was useless - in other words, a true second factor.
 
 So I wrote a CTAP2 implementation that [had that property](security_model.md).
 
-## You say there are "caveats" for some implementation bits. What are those?
+## The implementation says you're not "standards compliant". Why?
 
 Well, first off, this app doesn't attempt to do a full CBOR parse, so its error
 statuses often aren't perfect and it's generally tolerant of invalid input.
 
 Secondly, the CTAP API requires user presence detection, but there's really no
 way to do that on Javacard 3.0.4. We can't even use the "presence timeout"
-that is described in the spec for NFC devices. So you're always treated as
-being present, which is to some extent offset by the fact that anything real
-requires you type your PIN (if one is set)... Additionally, this app will not
-clear CTAP2.1 PIN token permissions on use.
+that is described in the spec for NFC devices: there's no timer! So you're
+always treated as being present, which is to some extent offset by the fact
+that anything real requires you type your PIN (if one is set)... Additionally,
+this app will not clear CTAP2.1 PIN token permissions on use.
 
 So set a PIN, and unplug your card when you're not using it.
 
-Thirdly, implementing credProtect by storing values for non-discoverable
-credentials is a royal pain: it would require the key's generated credential IDs
-to be longer than the minimum 64 bytes. Rather than do that, this implementation
-just rejects the creation of level-three non-discoverable credentials while a PIN
-is unset. Discoverable credentials are always fine, although of course you can't
-USE level 3 credentials without setting a PIN...
-
-So, again, set a PIN.
-
 Finally, the CTAP2.0 and CTAP2.1 standards are actually mutually incompatible. When
 a getAssertion call is made with an `allowList` given, CTAP2.0 says that the
 authenticator should iterate through assertions generated with the matching
@@ -116,7 +107,8 @@ It will store:
 - up to 32 characters of the RP ID, again AES256 encrypted
 - a max 64-byte-long user ID, again AES256 encrypted
 - the 64-byte public key associated with the credential, again AES256 encrypted
-- A 16-byte random IV used for encrypting the RP ID, user ID, and public key
+- Several 16-byte random IVs used for encrypting the RP ID, user ID, public key,
+  large blob key, and the credential itself
 - the length of the RP ID, unencrypted
 - the length of the user ID, unencrypted
 - a boolean set to true on the first credential from a given RP ID, used
@@ -190,7 +182,9 @@ to be given trouble by software bugs than by your flash write endurance. Flash i
 writable buffer space if your smartcard has at least 2k of RAM, is only used for long request
 chaining if your smartcard has 1k of RAM, and is only used for "ordinary" requests if you're under
 around 200 bytes of RAM. Great care has been taken to make sure the most common operations like
-getPinToken and getKeyAgreement don't write to flash.
+getPinToken and getKeyAgreement don't write to flash unnecessarily.
+
+Note that operations like writing the largeBlobStore will, of course, use flash.
 
 If you want to assess exactly what is and is not in RAM on your particular Javacard, you can install
 the applet and send APDUs like the following:

docs/security_model.md

@@ -165,6 +165,11 @@ on-device wrapping key. Without doing that, they can read incidentals like:
 - how long each key's user ID is
 - how many different RPs in total have resident keys on the device
 - the credProtect level of each resident key
+- the length and contents of the stored "large blob array" (note:
+  the FIDO standard requires that the platform encrypt the contents
+  of the large blob array, so the authenticator implementation here
+  does not. What can be read is what the getLargeBlobs operation
+  returns without authentication anyhow...)
 
 What they can't do without decrypting the wrapping key is get at
 your actual credentials for sites - the private keys, the RP IDs,

mds.json

@@ -34,7 +34,7 @@
   "attestationRootCertificates": [],
   "authenticatorGetInfo": {
       "versions": [ "FIDO_2_0", "FIDO_2_1", "FIDO_2_1_PRE" ],
-      "extensions": [ "credBlob", "credProtect", "hmac-secret" ],
+      "extensions": [ "credBlob", "credProtect", "hmac-secret", "largeBlobKey" ],
       "aaguid": "00000000000000000000000000000000",
       "options": {
         "ep": true,
@@ -43,6 +43,7 @@
         "alwaysUv": false,
         "credMgmt": true,
         "authnrCfg": true,
+        "largeBlobs": true,
         "makeCredUvNotRqd": false,
         "pinUvAuthToken": true
       },

python_tests/ctap/ctap_test.py

@@ -277,8 +277,8 @@ def get_assertion_from_cred(self, cred: Optional[AttestationResponse],
             **kwargs
         )
 
-    def get_assertion(self, rp_id: str, client_data: Optional[bytes] = None):
-        return self.get_assertion_from_cred(cred=None, rp_id=rp_id, client_data=client_data)
+    def get_assertion(self, rp_id: str, client_data: Optional[bytes] = None, **kwargs):
+        return self.get_assertion_from_cred(cred=None, rp_id=rp_id, client_data=client_data, **kwargs)
 
     def get_high_level_client(self, extensions: Optional[list[Type[Ctap2Extension]]] = None,
                               user_interaction: UserInteraction = None,

python_tests/ctap/test_ctap_attestation_mode_switch.py

@@ -13,6 +13,7 @@ def setUp(self, install_params: Optional[bytes] = None) -> None:
         super().setUp(bytes([0x01]))
 
     @parameterized.expand([
+        ("tiny", 3),
         ("very short", 140),
         ("short", 300),
         ("medium", 900),
@@ -36,6 +37,37 @@ def test_applying_cert_len(self, _, length):
 
         cred_res = self.ctap2.make_credential(**self.basic_makecred_params)
         self.assertEqual(self.cert, cred_res.att_stmt['x5c'][0])
+        self.assertIsNone(cred_res.large_blob_key)
+
+    @parameterized.expand([
+        ("tiny", 3),
+        ("very short", 140),
+        ("short", 300),
+        ("medium", 900),
+        ("long", 2000),
+        ("very long", 8000),
+    ])
+    def test_applying_cert_len_with_large_blob(self, _, length):
+        info_before = self.ctap2.get_info()
+        self.assertEqual(Aaguid.NONE, info_before.aaguid)
+
+        cert_bytes = secrets.token_bytes(length)
+        cert = self.gen_attestation_cert([cert_bytes])
+
+        self.ctap2.send_cbor(
+            self.VENDOR_COMMAND_SWITCH_ATT,
+            args(cert)
+        )
+
+        info_after = self.ctap2.get_info()
+        self.assertEqual(self.aaguid, info_after.aaguid)
+
+        self.basic_makecred_params['options'] = {'rk': True}
+        self.basic_makecred_params['extensions'] = {'largeBlobKey': True}
+        cred_res = self.ctap2.make_credential(**self.basic_makecred_params)
+        self.assertEqual(self.cert, cred_res.att_stmt['x5c'][0])
+        self.assertIsNotNone(cred_res.large_blob_key)
+        self.assertEqual(32, len(cred_res.large_blob_key))
 
     def test_u2f_supported_after_switch(self):
         info_before = self.ctap2.get_info()

python_tests/ctap/test_ctap_basics.py

@@ -16,7 +16,7 @@ def test_info_supported_versions(self):
 
     def test_info_supported_extensions(self):
         info = self.ctap2.get_info()
-        self.assertEqual(["credBlob", "credProtect", "hmac-secret"], info.extensions)
+        self.assertEqual(["credBlob", "credProtect", "hmac-secret", "largeBlobKey"], info.extensions)
 
     def test_info_aaguid_none(self):
         info = self.ctap2.get_info()
@@ -129,7 +129,7 @@ def test_makecred_disallowed_by_exclude_list(self):
         self.assertEqual(CtapError.ERR.CREDENTIAL_EXCLUDED, e2.exception.code)
 
     def test_multiple_matching_rks(self):
-        creds_to_make = 3
+        creds_to_make = 5
         self.basic_makecred_params['options'] = {
             'rk': True
         }
@@ -146,9 +146,10 @@ def test_multiple_matching_rks(self):
         with self.assertRaises(CtapError) as e:
             self.ctap2.get_next_assertion()
         self.assertEqual(CtapError.ERR.NO_CREDENTIALS, e.exception.code)
-        self.assertEqual(sorted([x.auth_data.credential_data.credential_id for x in creds]),
-                         sorted([x.credential['id'] for x in asserts])
-                         )
+        self.assertEqual(
+            [x.auth_data.credential_data.credential_id for x in creds][::-1],
+            [x.credential['id'] for x in asserts]
+        )
 
     def test_makecred_rk_disallowed_by_exclude_list(self):
         non_resident_cred = self.ctap2.make_credential(**self.basic_makecred_params)