@@ -1700,13 +1700,13 @@ private void getAssertion(APDU apdu, short lc, short readIdx, short firstCredIdx
17001700 // credential
17011701 if (rkMatch > -1 ) {
17021702 // Resident keys need CBOR wrapping...
1703- outputIdx = Util .arrayCopyNonAtomic (CannedCBOR .SINGLE_ID_MAP_PREAMBLE , (short ) 0 ,
1704- outBuf , outputIdx , (short ) CannedCBOR .SINGLE_ID_MAP_PREAMBLE .length );
1705- outBuf [outputIdx ++] = 0x58 ; // byte array with one-byte length
1706- outBuf [outputIdx ++] = (byte ) matchingPubKeyCredDataLen ;
1703+ outputIdx = packCredentialId (matchingPubKeyBuffer , startOfMatchingPubKeyCredData ,
1704+ outBuf , outputIdx );
1705+ } else {
1706+ // Copy straight from input to output
1707+ outputIdx = Util .arrayCopyNonAtomic (matchingPubKeyBuffer , startOfMatchingPubKeyCredData ,
1708+ outBuf , outputIdx , matchingPubKeyCredDataLen );
17071709 }
1708- outputIdx = Util .arrayCopyNonAtomic (matchingPubKeyBuffer , startOfMatchingPubKeyCredData ,
1709- outBuf , outputIdx , matchingPubKeyCredDataLen );
17101710
17111711 outBuf [outputIdx ++] = 0x02 ; // map key: authData
17121712
@@ -3124,11 +3124,8 @@ private void handleEnumerateCreds(APDU apdu, short bufferIdx, short startCredIdx
31243124 scratchRelease (MAX_USER_ID_LENGTH );
31253125
31263126 bufferMem [writeOffset ++] = 0x07 ; // map key: credentialId
3127- writeOffset = Util .arrayCopyNonAtomic (CannedCBOR .SINGLE_ID_MAP_PREAMBLE , (short ) 0 ,
3128- bufferMem , writeOffset , (short ) CannedCBOR .SINGLE_ID_MAP_PREAMBLE .length );
3129- writeOffset = encodeIntLen (writeOffset , CREDENTIAL_ID_LEN , true );
3130- writeOffset = Util .arrayCopyNonAtomic (residentKeyData , (short )(CREDENTIAL_ID_LEN * rkIndex ),
3131- bufferMem , writeOffset , CREDENTIAL_ID_LEN );
3127+ writeOffset = packCredentialId (residentKeyData , (short )(CREDENTIAL_ID_LEN * rkIndex ),
3128+ bufferMem , writeOffset );
31323129
31333130 bufferMem [writeOffset ++] = 0x08 ; // map key: publicKey
31343131 writeOffset = Util .arrayCopyNonAtomic (CannedCBOR .PUBLIC_KEY_ALG_PREAMBLE , (short ) 0 ,
@@ -3156,6 +3153,29 @@ private void handleEnumerateCreds(APDU apdu, short bufferIdx, short startCredIdx
31563153 sendErrorByte (apdu , FIDOConstants .CTAP2_ERR_NO_CREDENTIALS );
31573154 }
31583155
3156+ private short packCredentialId (byte [] credBuffer , short credOffset , byte [] writeBuffer , short writeOffset ) {
3157+ writeBuffer [writeOffset ++] = (byte ) 0xA2 ; // map: two entries
3158+
3159+ writeBuffer [writeOffset ++] = 0x62 ; // string - two bytes long
3160+ writeBuffer [writeOffset ++] = 0x69 ; // i
3161+ writeBuffer [writeOffset ++] = 0x64 ; // d
3162+ writeOffset = encodeIntLenTo (writeBuffer , writeOffset , CREDENTIAL_ID_LEN , true );
3163+ writeOffset = Util .arrayCopyNonAtomic (credBuffer , credOffset ,
3164+ writeBuffer , writeOffset , CREDENTIAL_ID_LEN );
3165+
3166+
3167+ writeBuffer [writeOffset ++] = 0x64 ; // string - four bytes long
3168+ writeBuffer [writeOffset ++] = 0x74 ; // t
3169+ writeBuffer [writeOffset ++] = 0x79 ; // y
3170+ writeBuffer [writeOffset ++] = 0x70 ; // p
3171+ writeBuffer [writeOffset ++] = 0x65 ; // e
3172+ writeOffset = encodeIntLenTo (writeBuffer , writeOffset , (short ) CannedCBOR .PUBLIC_KEY_TYPE .length , false );
3173+ writeOffset = Util .arrayCopyNonAtomic (CannedCBOR .PUBLIC_KEY_TYPE , (short ) 0 ,
3174+ writeBuffer , writeOffset , (short ) CannedCBOR .PUBLIC_KEY_TYPE .length );
3175+
3176+ return writeOffset ;
3177+ }
3178+
31593179 /**
31603180 * Handles enumerating stored RPs on the authenticator
31613181 *
0 commit comments