Add authenticator USB and Firmware details to the C API

Fixes #92

Author: jcjones

examples/main.rs

@@ -69,15 +69,19 @@ fn main() {
             app_bytes.clone(),
             vec![],
             move |rv| {
-                tx.send(rv.unwrap()).unwrap();
+                tx.send(rv).unwrap();
             },
         )
         .unwrap();
 
-    let register_data = try_or!(rx.recv(), |_| {
+    let register_result = try_or!(rx.recv(), |_| {
         panic!("Problem receiving, unable to continue");
     });
+    let (register_data, device_info) =
+        register_result.unwrap_or_else(|e| panic!("Registration failed: {:?}", e));
+
     println!("Register result: {}", base64::encode(&register_data));
+    println!("Device info: {}", &device_info);
     println!("Asking a security key to sign now, with the data from the register...");
     let credential = u2f_get_key_handle_from_register_response(&register_data).unwrap();
     let key_handle = KeyHandle {
@@ -95,15 +99,19 @@ fn main() {
             vec![app_bytes],
             vec![key_handle],
             move |rv| {
-                tx.send(rv.unwrap()).unwrap();
+                tx.send(rv).unwrap();
             },
         )
         .unwrap();
 
-    let (_, handle_used, sign_data) = try_or!(rx.recv(), |_| {
-        println!("Problem receiving");
+    let sign_result = try_or!(rx.recv(), |_| {
+        panic!("Problem receiving, unable to continue");
     });
+    let (_, handle_used, sign_data, device_info) =
+        sign_result.unwrap_or_else(|e| panic!("Sign failed: {:?}", e));
+
     println!("Sign result: {}", base64::encode(&sign_data));
     println!("Key handle used: {}", base64::encode(&handle_used));
+    println!("Device info: {}", &device_info);
     println!("Done.");
 }

fuzz/fuzz_targets/u2f_read.rs

@@ -9,19 +9,21 @@ extern crate authenticator;
 
 use std::{cmp, io};
 
-use authenticator::{sendrecv, U2FDevice};
+use authenticator::{sendrecv, U2FDevice, U2FDeviceInfo};
 use authenticator::{CID_BROADCAST, MAX_HID_RPT_SIZE};
 
 struct TestDevice<'a> {
     cid: [u8; 4],
     data: &'a [u8],
+    dev_info: Option<U2FDeviceInfo>,
 }
 
 impl<'a> TestDevice<'a> {
     pub fn new(data: &'a [u8]) -> TestDevice {
         TestDevice {
             cid: CID_BROADCAST,
             data,
+            dev_info: None,
         }
     }
 }
@@ -63,6 +65,20 @@ impl<'a> U2FDevice for TestDevice<'a> {
     fn out_rpt_size(&self) -> usize {
         MAX_HID_RPT_SIZE
     }
+
+    fn get_property(&self, _prop_name: &str) -> io::Result<String> {
+        Err(io::Error::new(io::ErrorKind::Other, "Not implemented"))
+    }
+
+    fn get_device_info(&self) -> U2FDeviceInfo {
+        // unwrap is okay, as dev_info must have already been set, else
+        // a programmer error
+        self.dev_info.clone().unwrap()
+    }
+
+    fn set_device_info(&mut self, dev_info: U2FDeviceInfo) {
+        self.dev_info = Some(dev_info);
+    }
 }
 
 fuzz_target!(|data: &[u8]| {

fuzz/fuzz_targets/u2f_read_write.rs

@@ -9,19 +9,21 @@ extern crate authenticator;
 
 use std::{cmp, io};
 
-use authenticator::{sendrecv, U2FDevice};
+use authenticator::{sendrecv, U2FDevice, U2FDeviceInfo};
 use authenticator::{CID_BROADCAST, MAX_HID_RPT_SIZE};
 
 struct TestDevice {
     cid: [u8; 4],
     data: Vec<u8>,
+    dev_info: Option<U2FDeviceInfo>,
 }
 
 impl TestDevice {
     pub fn new() -> TestDevice {
         TestDevice {
             cid: CID_BROADCAST,
             data: vec![],
+            dev_info: None,
         }
     }
 }
@@ -64,6 +66,20 @@ impl U2FDevice for TestDevice {
     fn out_rpt_size(&self) -> usize {
         MAX_HID_RPT_SIZE
     }
+
+    fn get_property(&self, _prop_name: &str) -> io::Result<String> {
+        Err(io::Error::new(io::ErrorKind::Other, "Not implemented"))
+    }
+
+    fn get_device_info(&self) -> U2FDeviceInfo {
+        // unwrap is okay, as dev_info must have already been set, else
+        // a programmer error
+        self.dev_info.clone().unwrap()
+    }
+
+    fn set_device_info(&mut self, dev_info: U2FDeviceInfo) {
+        self.dev_info = Some(dev_info);
+    }
 }
 
 fuzz_target!(|data: &[u8]| {

src/capi.rs

@@ -22,6 +22,11 @@ const RESBUF_ID_REGISTRATION: u8 = 0;
 const RESBUF_ID_KEYHANDLE: u8 = 1;
 const RESBUF_ID_SIGNATURE: u8 = 2;
 const RESBUF_ID_APPID: u8 = 3;
+const RESBUF_ID_VENDOR_NAME: u8 = 4;
+const RESBUF_ID_DEVICE_NAME: u8 = 5;
+const RESBUF_ID_FIRMWARE_MAJOR: u8 = 6;
+const RESBUF_ID_FIRMWARE_MINOR: u8 = 7;
+const RESBUF_ID_FIRMWARE_BUILD: u8 = 8;
 
 // Generates a new 64-bit transaction id with collision probability 2^-32.
 fn new_tid() -> u64 {
@@ -233,9 +238,14 @@ pub unsafe extern "C" fn rust_u2f_mgr_register(
         key_handles,
         move |rv| {
             let result = match rv {
-                Ok(registration) => {
+                Ok((registration, dev_info)) => {
                     let mut bufs = HashMap::new();
                     bufs.insert(RESBUF_ID_REGISTRATION, registration);
+                    bufs.insert(RESBUF_ID_VENDOR_NAME, dev_info.vendor_name);
+                    bufs.insert(RESBUF_ID_DEVICE_NAME, dev_info.device_name);
+                    bufs.insert(RESBUF_ID_FIRMWARE_MAJOR, vec![dev_info.version_major]);
+                    bufs.insert(RESBUF_ID_FIRMWARE_MINOR, vec![dev_info.version_minor]);
+                    bufs.insert(RESBUF_ID_FIRMWARE_BUILD, vec![dev_info.version_build]);
                     U2FResult::Success(bufs)
                 }
                 Err(e) => U2FResult::Error(e),
@@ -288,11 +298,16 @@ pub unsafe extern "C" fn rust_u2f_mgr_sign(
     let tid = new_tid();
     let res = (*mgr).sign(flags, timeout, challenge, app_ids, key_handles, move |rv| {
         let result = match rv {
-            Ok((app_id, key_handle, signature)) => {
+            Ok((app_id, key_handle, signature, dev_info)) => {
                 let mut bufs = HashMap::new();
                 bufs.insert(RESBUF_ID_KEYHANDLE, key_handle);
                 bufs.insert(RESBUF_ID_SIGNATURE, signature);
                 bufs.insert(RESBUF_ID_APPID, app_id);
+                bufs.insert(RESBUF_ID_VENDOR_NAME, dev_info.vendor_name);
+                bufs.insert(RESBUF_ID_DEVICE_NAME, dev_info.device_name);
+                bufs.insert(RESBUF_ID_FIRMWARE_MAJOR, vec![dev_info.version_major]);
+                bufs.insert(RESBUF_ID_FIRMWARE_MINOR, vec![dev_info.version_minor]);
+                bufs.insert(RESBUF_ID_FIRMWARE_BUILD, vec![dev_info.version_build]);
                 U2FResult::Success(bufs)
             }
             Err(e) => U2FResult::Error(e),

src/consts.rs

@@ -45,6 +45,8 @@ pub const U2F_REGISTER: u8 = 0x01; // Registration command
 pub const U2F_AUTHENTICATE: u8 = 0x02; // Authenticate/sign command
 pub const U2F_VERSION: u8 = 0x03; // Read version string command
 
+pub const YKPIV_INS_GET_VERSION: u8 = 0xfd; // Get firmware version, yubico ext
+
 // U2F_REGISTER command defines
 pub const U2F_REGISTER_ID: u8 = 0x05; // Version 2 registration identifier
 pub const U2F_REGISTER_HASH_ID: u8 = 0x00; // Version 2 hash identintifier

src/freebsd/device.rs

@@ -11,14 +11,15 @@ use std::os::unix::prelude::*;
 
 use crate::consts::{CID_BROADCAST, MAX_HID_RPT_SIZE};
 use crate::platform::uhid;
-use crate::u2ftypes::U2FDevice;
+use crate::u2ftypes::{U2FDevice, U2FDeviceInfo};
 use crate::util::from_unix_result;
 
 #[derive(Debug)]
 pub struct Device {
     path: OsString,
     fd: libc::c_int,
     cid: [u8; 4],
+    dev_info: Option<U2FDeviceInfo>,
 }
 
 impl Device {
@@ -30,6 +31,7 @@ impl Device {
             path,
             fd,
             cid: CID_BROADCAST,
+            dev_info: None,
         })
     }
 
@@ -93,4 +95,18 @@ impl U2FDevice for Device {
     fn out_rpt_size(&self) -> usize {
         MAX_HID_RPT_SIZE
     }
+
+    fn get_property(&self, _prop_name: &str) -> io::Result<String> {
+        Err(io::Error::new(io::ErrorKind::Other, "Not implemented"))
+    }
+
+    fn get_device_info(&self) -> U2FDeviceInfo {
+        // unwrap is okay, as dev_info must have already been set, else
+        // a programmer error
+        self.dev_info.clone().unwrap()
+    }
+
+    fn set_device_info(&mut self, dev_info: U2FDeviceInfo) {
+        self.dev_info = Some(dev_info);
+    }
 }

src/lib.rs

@@ -100,8 +100,8 @@ pub struct KeyHandle {
 }
 
 pub type AppId = Vec<u8>;
-pub type RegisterResult = Vec<u8>;
-pub type SignResult = (AppId, Vec<u8>, Vec<u8>);
+pub type RegisterResult = (Vec<u8>, u2ftypes::U2FDeviceInfo);
+pub type SignResult = (AppId, Vec<u8>, Vec<u8>, u2ftypes::U2FDeviceInfo);
 
 #[derive(Debug, Clone, Copy)]
 pub enum Error {

src/linux/device.rs

@@ -10,8 +10,8 @@ use std::io::{Read, Write};
 use std::os::unix::prelude::*;
 
 use crate::consts::CID_BROADCAST;
-use crate::platform::hidraw;
-use crate::u2ftypes::U2FDevice;
+use crate::platform::{hidraw, monitor};
+use crate::u2ftypes::{U2FDevice, U2FDeviceInfo};
 use crate::util::from_unix_result;
 
 #[derive(Debug)]
@@ -21,6 +21,7 @@ pub struct Device {
     in_rpt_size: usize,
     out_rpt_size: usize,
     cid: [u8; 4],
+    dev_info: Option<U2FDeviceInfo>,
 }
 
 impl Device {
@@ -35,6 +36,7 @@ impl Device {
             in_rpt_size,
             out_rpt_size,
             cid: CID_BROADCAST,
+            dev_info: None,
         })
     }
 
@@ -93,4 +95,18 @@ impl U2FDevice for Device {
     fn out_rpt_size(&self) -> usize {
         self.out_rpt_size
     }
+
+    fn get_property(&self, prop_name: &str) -> io::Result<String> {
+        monitor::get_property_linux(&self.path, prop_name)
+    }
+
+    fn get_device_info(&self) -> U2FDeviceInfo {
+        // unwrap is okay, as dev_info must have already been set, else
+        // a programmer error
+        self.dev_info.clone().unwrap()
+    }
+
+    fn set_device_info(&mut self, dev_info: U2FDeviceInfo) {
+        self.dev_info = Some(dev_info);
+    }
 }

src/linux/monitor.rs

@@ -107,6 +107,8 @@ where
         let f = self.new_device_cb.clone();
         let key = path.clone();
 
+        debug!("Adding device {}", path.to_string_lossy());
+
         let runloop = RunLoop::new(move |alive| {
             if alive() {
                 f(path, alive);
@@ -119,6 +121,8 @@ where
     }
 
     fn remove_device(&mut self, path: &OsString) {
+        debug!("Removing device {}", path.to_string_lossy());
+
         if let Some(runloop) = self.runloops.remove(path) {
             runloop.cancel();
         }
@@ -131,3 +135,35 @@ where
         }
     }
 }
+
+pub fn get_property_linux(path: &OsString, prop_name: &str) -> io::Result<String> {
+    let ctx = libudev::Context::new()?;
+
+    let mut enumerator = libudev::Enumerator::new(&ctx)?;
+    enumerator.match_subsystem(UDEV_SUBSYSTEM)?;
+
+    // Iterate all existing devices, since we don't have a syspath
+    // and libudev-rs doesn't implement opening by devnode.
+    for dev in enumerator.scan_devices()? {
+        if dev.devnode().is_some() && dev.devnode().unwrap() == path {
+            debug!(
+                "get_property_linux Querying property {} from {}",
+                prop_name,
+                dev.syspath().display()
+            );
+
+            let value = dev
+                .attribute_value(prop_name)
+                .ok_or(io::ErrorKind::Other)?
+                .to_string_lossy();
+
+            debug!("get_property_linux Fetched Result, {}={}", prop_name, value);
+            return Ok(value.to_string());
+        }
+    }
+
+    Err(io::Error::new(
+        io::ErrorKind::Other,
+        "Unable to find device",
+    ))
+}