Discoverable Credentials

[shimritd]

in the case of RK=true, if there are more than one user that is enrolled with the same key to the same domain, the authenticator replies with more than one assertion, am i right?
does the code ignore this case? i can see that only the first assertion is parsed.
and can you please explain the difference between stmt_count and stmt_len?
thanks!

[LDVG]

Hi,

in the case of RK=true, if there are more than one user that is enrolled with the same key to the same domain, the authenticator replies with more than one assertion, am i right?

Unless the user has the ability to select which credential to use on the authenticator itself, yes (see CTAP 2.1, § 6.2.2. authenticatorGetAssertion Algorithm, step 12).

does the code ignore this case? i can see that only the first assertion is parsed.

No, it should be possible to retreive all assertions. An example using fido2-cred and fido2-assert (note that our two users are given randomized user IDs):

$ # Register first user.
$ echo credential challenge | openssl sha256 -binary | base64 > cred_param  # Client data hash.
$ echo relying party >> cred_param  # Relying party ID.
$ echo user1 >> cred_param  # User name.
$ dd if=/dev/urandom bs=1 count=32 | base64 >> cred_param   # User ID.
$ fido2-cred -M -r -i cred_param /dev/hidraw5 | fido2-cred -V -o cred1

$ # Register second user.
$ echo credential challenge | openssl sha256 -binary | base64 > cred_param
$ echo relying party >> cred_param
$ echo user2 >> cred_param
$ dd if=/dev/urandom bs=1 count=32 | base64 >> cred_param
$ fido2-cred -M -r -i cred_param /dev/hidraw5 | fido2-cred -V -o cred2

$ # Fetch the assertions.
$ echo assertion challenge | openssl sha256 -binary | base64 > assert_param
$ echo relying party >> assert_param
$ fido2-assert -G -r -i assert_param /dev/hidraw5
mZmBWUaJGwEjSNQvkFaicpCzDKhap2pQlfi8FXsv68k=
relying party
WCWusDiEl8jD03XBV+5yBpiseHi+hwrY8aqZNy+sXbRbVAEAAAAF
MEUCIQDw9oy5SigO6WWPrxsSwn3fQBeBWd62k+2bhpDWiPtvFQIgeZ8SgAKhNZJ92FQtQY03iHOJe9OfNUHZer0fjZUn0T8=
uUDR2fMZhu8OdjkBYfSoF2cJMiVxZpoPqy6494ArYcU=

mZmBWUaJGwEjSNQvkFaicpCzDKhap2pQlfi8FXsv68k=
relying party
WCWusDiEl8jD03XBV+5yBpiseHi+hwrY8aqZNy+sXbRbVAEAAAAH
MEUCIQDizkQBEF9EBtbkB4k2I51GRFIjQ0UGHUofmhcC2vn0DQIgF2n98rWhmr5j1ybN7wDavdvNebCIa8WoJjyr9Xw/tTk=
QF6hqrJdf/ENKcsG5gcHLjMfRW4tzZY1wa8VzBvfwtU=

I have visually separated the two assertions with a blank line. In this case, fido2-assert -G outputs the client data hash, relying party ID, authenticator data, assertion signature, and user ID for each assertion generated.

and can you please explain the difference between stmt_count and stmt_len?

I'm sorry, can you clarify what exact symbols you are referring to here?

[shimritd]

thanks for your answer, i'm running it as a visual studio solution and i'm using examples/cred to enroll and then example/assert to authenticate.
in the function adjust_assert_count, i can see:
if (fido_assert_set_count(assert, (size_t)n) != FIDO_OK) {
fido_log_debug("%s: fido_assert_set_count", func);
return (-1);
}

assert->stmt_len = 0; /* XXX */

so after the call to "fido_assert_set_count", i can see that both: assert->stmt_len and assert->stmt_count are set to 3 which is indeed the number of different users that were enrolled on the device for the same domain, but after this call, as you can see, assert->stmt_len is set to 0.
in addition, in fido_dev_get_assert_rx, the call to cbor_parse_reply, looks like this:
/* parse the first assertion */
if ((r = cbor_parse_reply(msg, (size_t)msglen, &assert->stmt[0],
parse_assert_reply)) != FIDO_OK) {
fido_log_debug("%s: parse_assert_reply", func);
goto out;
}
assert->stmt_len = 1;

so i don't see where the other assertions are parsed.

[LDVG]

The remaining assertions are requested by the internal function fido_get_next_assert_tx() and parsed by the internal function fido_get_next_assert_rx(). These are called from the internal function fido_dev_get_assert_wait():

libfido2/src/assert.c

Lines 274 to 279 in 0a1102c

	while (assert->stmt_len < assert->stmt_cnt) {
	if ((r = fido_get_next_assert_tx(dev, ms)) != FIDO_OK ||
	(r = fido_get_next_assert_rx(dev, assert, ms)) != FIDO_OK)
	return (r);
	assert->stmt_len++;
	}