Add check for AAGUID length in GetInfo response

AAGUID length received from AuthenticatorGetInfo response must be of
length 16[1]. Add this check when parsing response from device and if
AAGUID length is any number other than 16, return base::nullopt.

[1]: https://fidoalliance.org/specs/fido-v2.0-rd-20170927/fido-client-to-authenticator-protocol-v2.0-rd-20170927.html#authenticatorgetinfo-0x04

Bug: 872217
Change-Id: I58e86942ef7eedd3075dabcf49c25407ce3c3050
Reviewed-on: https://chromium-review.googlesource.com/1167798
Commit-Queue: Jun Choi <hongjunchoi@chromium.org>
Reviewed-by: Jan Wilken Dörrie <jdoerrie@chromium.org>
Cr-Commit-Position: refs/heads/master@{#582069}

device/fido/ctap_response_unittest.cc

@@ -138,6 +138,65 @@ constexpr uint8_t kTestAuthenticatorGetInfoResponseWithDuplicateVersion[] = {
     0x81, 0x01,
 };
 
+constexpr uint8_t kTestAuthenticatorGetInfoResponseWithIncorrectAaguid[] = {
+    // Success status byte
+    0x00,
+    // Map of 6 elements
+    0xA6,
+    // Key(01) - versions
+    0x01,
+    // Array(01)
+    0x81,
+    // "U2F_V2"
+    0x66, 0x55, 0x32, 0x46, 0x5F, 0x56, 0x32,
+    // Key(02) - extensions
+    0x02,
+    // Array(2)
+    0x82,
+    // "uvm"
+    0x63, 0x75, 0x76, 0x6D,
+    // "hmac-secret"
+    0x6B, 0x68, 0x6D, 0x61, 0x63, 0x2D, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74,
+    // Key(03) - AAGUID
+    0x03,
+    // Bytes(17) - FIDO2 device AAGUID must be 16 bytes long in order to be
+    // correct.
+    0x51, 0xF8, 0xA0, 0x11, 0xF3, 0x8C, 0x0A, 0x4D, 0x15, 0x80, 0x06, 0x17,
+    0x11, 0x1F, 0x9E, 0xDC, 0x7D, 0x00,
+    // Key(04) - options
+    0x04,
+    // Map(05)
+    0xA5,
+    // Key - "rk"
+    0x62, 0x72, 0x6B,
+    // true
+    0xF5,
+    // Key - "up"
+    0x62, 0x75, 0x70,
+    // true
+    0xF5,
+    // Key - "uv"
+    0x62, 0x75, 0x76,
+    // true
+    0xF5,
+    // Key - "plat"
+    0x64, 0x70, 0x6C, 0x61, 0x74,
+    // true
+    0xF5,
+    // Key - "clientPin"
+    0x69, 0x63, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x50, 0x69, 0x6E,
+    // false
+    0xF4,
+    // Key(05) - Max message size
+    0x05,
+    // 1200
+    0x19, 0x04, 0xB0,
+    // Key(06) - Pin protocols
+    0x06,
+    // Array[1]
+    0x81, 0x01,
+};
+
 // The attested credential data, excluding the public key bytes. Append
 // with kTestECPublicKeyCOSE to get the complete attestation data.
 constexpr uint8_t kTestAttestedCredentialDataPrefix[] = {
@@ -504,11 +563,13 @@ TEST(CTAPResponseTest, TestReadGetInfoResponse) {
             get_info_response->options().client_pin_availability());
 }
 
-TEST(CTAPResponseTest, TestReadGetInfoResponseWithIncorrectVersionFormat) {
+TEST(CTAPResponseTest, TestReadGetInfoResponseWithIncorrectFormat) {
   EXPECT_FALSE(
       ReadCTAPGetInfoResponse(kTestAuthenticatorGetInfoResponseWithNoVersion));
   EXPECT_FALSE(ReadCTAPGetInfoResponse(
       kTestAuthenticatorGetInfoResponseWithDuplicateVersion));
+  EXPECT_FALSE(ReadCTAPGetInfoResponse(
+      kTestAuthenticatorGetInfoResponseWithIncorrectAaguid));
 }
 
 TEST(CTAPResponseTest, TestSerializeGetInfoResponse) {

device/fido/device_response_converter.cc

@@ -181,8 +181,10 @@ base::Optional<AuthenticatorGetInfoResponse> ReadCTAPGetInfoResponse(
     return base::nullopt;
 
   it = response_map.find(CBOR(3));
-  if (it == response_map.end() || !it->second.is_bytestring())
+  if (it == response_map.end() || !it->second.is_bytestring() ||
+      it->second.GetBytestring().size() != kAaguidLength) {
     return base::nullopt;
+  }
 
   AuthenticatorGetInfoResponse response(std::move(protocol_versions),
                                         it->second.GetBytestring());