#include <stdio.h> #include <fido.h> unsigned char user_id[] = { 0x15, 0xf9, 0x5d, 0x3e, 0xce, 0xe9, 0x17, 0x3e, 0x25, 0x8e, 0xe6, 0x20, 0x92, 0xcf, 0xff, 0x9b, 0xe0, 0xcf, 0xf9, 0xca, 0x50, 0x8d, 0x1f, 0x24, 0xf1, 0xa7, 0xeb, 0x68, 0x7d, 0xb7, 0x82, 0x5d }; unsigned int user_id_len = 32; unsigned char cd_hash[] = { 0xc0, 0x9e, 0xfa, 0x40, 0x30, 0x66, 0x31, 0xbd, 0xd9, 0x3a, 0xcf, 0xbd, 0xab, 0x8d, 0x63, 0xc4, 0x0c, 0x99, 0x43, 0x43, 0xe4, 0x13, 0x85, 0x20, 0xe2, 0x59, 0x2d, 0x41, 0xe9, 0xa0, 0xdd, 0xb1 }; unsigned int cd_hash_len = 32; #define MAX_FIDO_DEVICES 8 #define FIDO_CHECK(x) do { int err = x; if(err != FIDO_OK) { printf("FIDO ERR %i line %i\n", err, __LINE__); } } while(0) int main(void) { printf("SigningTool register\n"); fido_init(FIDO_DEBUG); printf("Searching for devices\n"); fido_dev_info_t *devs = fido_dev_info_new(MAX_FIDO_DEVICES); FIDO_CHECK(!devs); size_t found = 0; FIDO_CHECK(fido_dev_info_manifest(devs, MAX_FIDO_DEVICES, &found)); printf("Found %zu devices\n", found); const char *path; for(size_t i = 0; i < found; ++i) { fido_dev_info_t const *dev_info = fido_dev_info_ptr(devs, i); FIDO_CHECK(!dev_info); path = fido_dev_info_path(dev_info); printf("Device %zu is %s\n", i, path); } printf("Opening device\n"); fido_dev_t *dev = fido_dev_new(); FIDO_CHECK(!dev); FIDO_CHECK(fido_dev_open(dev, path)); fido_dev_info_free(&devs, MAX_FIDO_DEVICES); printf("Making credential\n"); fido_cred_t* cred = fido_cred_new(); FIDO_CHECK(!cred); FIDO_CHECK(fido_cred_set_type(cred, COSE_ES256)); /* COSE_ES256, COSE_RS256, COSE_EDDSA */ FIDO_CHECK(fido_cred_set_clientdata_hash(cred, cd_hash, cd_hash_len)); FIDO_CHECK(fido_cred_set_user(cred, user_id, user_id_len, NULL, NULL, NULL)); FIDO_CHECK(fido_cred_set_rp(cred, "id", "name")); FIDO_CHECK(fido_cred_set_fmt(cred, "packed")); printf("Generating credential\n"); FIDO_CHECK(fido_dev_make_cred(dev, cred, NULL)); fido_dev_close(dev); fido_dev_free(&dev); printf("Getting generated data\n"); unsigned char const *signature = fido_cred_sig_ptr(cred); unsigned char const *pubkey = fido_cred_pubkey_ptr(cred); unsigned char const *authdata = fido_cred_authdata_ptr(cred); size_t signature_len = fido_cred_sig_len(cred); size_t pubkey_len = fido_cred_pubkey_len(cred); size_t authdata_len = fido_cred_authdata_len(cred); FIDO_CHECK(!signature); FIDO_CHECK(!pubkey); FIDO_CHECK(!authdata); printf("Write generated data\n"); FILE *file = fopen("generated.bin", "w"); fwrite("JOOKIA_SIG", sizeof("JOOKIA_SIG"), 1, file); fwrite(signature, signature_len, 1, file); fwrite("JOOKIA_PUBKEY", sizeof("JOOKIA_PUBKEY"), 1, file); fwrite(pubkey, pubkey_len, 1, file); fwrite("JOOKIA_AUTHDATA", sizeof("JOOKIA_AUTHDATA"), 1, file); fwrite(authdata, authdata_len, 1, file); fclose(file); printf("Verifying attestation\n"); FIDO_CHECK(fido_cred_verify(cred)); /* Cleanup */ fido_cred_free(&cred); return 0; }