nephele
/
haikuwebkit
1
0
Fork 0
Code Issues Releases Activity
haikuwebkit/Source/WebCore/Modules/webauthn/AuthenticatorAttestationRes...

62 lines
2.7 KiB
C++
Raw Permalink Normal View History

[WebAuthn] Combine AuthenticatorResponse and PublicKeyCredentialData https://bugs.webkit.org/show_bug.cgi?id=190783 <rdar://problem/57781183> Reviewed by Brent Fulgham. Source/WebCore: This patch combines AuthenticatorResponse and PublicKeyCredentialData, and therefore renames PublicKeyCredentialData to AuthenticatorResponseData as well. The complexity of WebKit's CTAP implementation has reached the point that PublicKeyCredentialData is not appropriate to represent all the different type of responses from authenticators anymore. For example, authenticatorGetNextAssertion depends on the numberOfCredentials member from authenticatorGetAssertion response to function, but numberOfCredentials is not used anywhere else. Therefore, a polymorphic type is needed to represent different responses from authenticators instead of an uniform one, i.e., PublicKeyCredentialData. AuthenticatorResponse seems to be the best fit. However, there are some limitations: 1) it is a WebIDL interface, and therefore is RefCounted. RefCounted objects cannot be serialized through IPC. To solve this, AuthenticatorResponseData (PublicKeyCredentialData) is kept as an intermediate type that is only used during IPC. 2) it doesn't contain all the information from an actual authenticator response. To solve this, it has been enlarged to include all members from PublicKeyCredential. After this patch, PublicKeyCredential will be a thin wrapper on top of AuthenticatorResponse. Covered by existing tests. * CMakeLists.txt: * DerivedSources-input.xcfilelist: * DerivedSources-output.xcfilelist: * DerivedSources.make: * Headers.cmake: * Modules/webauthn/AuthenticationExtensionsClientOutputs.h: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl. * Modules/webauthn/AuthenticationExtensionsClientOutputs.idl: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl. This is separated from PublicKeyCredential such that AuthenticatorResponse can include it. * Modules/webauthn/AuthenticatorAssertionResponse.cpp: Added. (WebCore::AuthenticatorAssertionResponse::create): (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse): (WebCore::AuthenticatorAssertionResponse::data const): * Modules/webauthn/AuthenticatorAssertionResponse.h: (WebCore::AuthenticatorAssertionResponse::create): Deleted. (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse): Deleted. * Modules/webauthn/AuthenticatorAttestationResponse.cpp: Copied from Source/WebCore/Modules/webauthn/AuthenticatorAttestationResponse.h. (WebCore::AuthenticatorAttestationResponse::create): (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): (WebCore::AuthenticatorAttestationResponse::data const): * Modules/webauthn/AuthenticatorAttestationResponse.h: (WebCore::AuthenticatorAttestationResponse::create): Deleted. (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): Deleted. * Modules/webauthn/AuthenticatorCoordinator.cpp: (WebCore::AuthenticatorCoordinator::create const): (WebCore::AuthenticatorCoordinator::discoverFromExternalSource const): * Modules/webauthn/AuthenticatorCoordinatorClient.h: * Modules/webauthn/AuthenticatorResponse.cpp: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.cpp. (WebCore::AuthenticatorResponse::tryCreate): (WebCore::AuthenticatorResponse::data const): (WebCore::AuthenticatorResponse::extensions const): (WebCore::AuthenticatorResponse::setClientDataJSON): (WebCore::AuthenticatorResponse::clientDataJSON const): (WebCore::AuthenticatorResponse::AuthenticatorResponse): * Modules/webauthn/AuthenticatorResponse.h: (WebCore::AuthenticatorResponse::rawId const): (WebCore::AuthenticatorResponse::setExtensions): (WebCore::AuthenticatorResponse::AuthenticatorResponse): Deleted. (WebCore::AuthenticatorResponse::clientDataJSON const): Deleted. * Modules/webauthn/AuthenticatorResponseData.h: Renamed from Source/WebCore/Modules/webauthn/PublicKeyCredentialData.h. (WebCore::AuthenticatorResponseData::encode const): (WebCore::AuthenticatorResponseData::decode): * Modules/webauthn/PublicKeyCredential.cpp: (WebCore::PublicKeyCredential::create): (WebCore::PublicKeyCredential::rawId const): (WebCore::PublicKeyCredential::getClientExtensionResults const): (WebCore::PublicKeyCredential::PublicKeyCredential): (WebCore::PublicKeyCredential::tryCreate): Deleted. * Modules/webauthn/PublicKeyCredential.h: * Modules/webauthn/PublicKeyCredential.idl: * Modules/webauthn/fido/DeviceResponseConverter.cpp: (fido::readCTAPMakeCredentialResponse): (fido::readCTAPGetAssertionResponse): * Modules/webauthn/fido/DeviceResponseConverter.h: A more appropriate derived type of AuthenticatorResponse is used to replace PublicKeyCredentialData. * Modules/webauthn/fido/U2fResponseConverter.cpp: (fido::readU2fRegisterResponse): (fido::readU2fSignResponse): * Modules/webauthn/fido/U2fResponseConverter.h: A more appropriate derived type of AuthenticatorResponse is used to replace PublicKeyCredentialData. * Sources.txt: * WebCore.xcodeproj/project.pbxproj: Source/WebKit: Code in WebKit are changed to use AuthenticatorResponse and its subtypes. * UIProcess/WebAuthentication/Authenticator.h: * UIProcess/WebAuthentication/AuthenticatorManager.cpp: (WebKit::AuthenticatorManager::respondReceived): (WebKit::AuthenticatorManager::invokePendingCompletionHandler): * UIProcess/WebAuthentication/AuthenticatorManager.h: * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm: (WebKit::LocalAuthenticator::continueMakeCredentialAfterAttested): (WebKit::LocalAuthenticator::continueGetAssertionAfterUserConsented): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp: (WebKit::WebAuthenticatorCoordinatorProxy::handleRequest): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h: * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in: * UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp: (WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived const): (WebKit::CtapAuthenticator::continueGetAssertionAfterResponseReceived): * UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp: (WebKit::U2fAuthenticator::continueRegisterCommandAfterResponseReceived): (WebKit::U2fAuthenticator::continueSignCommandAfterResponseReceived): * WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp: Tools: * TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp: (TestWebKitAPI::TEST): Updates tests accordingly. Canonical link: https://commits.webkit.org/218334@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@253398 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-12-11 23:19:08 +00:00
/*
[Cocoa] _WKAuthenticatorAssertionResponse should specify the attachment type used https://bugs.webkit.org/show_bug.cgi?id=225519 <rdar://problem/76554090> Source/WebCore: Patch by Garrett Davidson <garrett_davidson@apple.com> on 2021-06-02 Reviewed by Brent Fulgham. Allow WebAuthn authenticators to pass back their attachment type and continue plumbing through up to the authenticator coordinator. Covered by manual tests. * Modules/webauthn/AuthenticatorAssertionResponse.cpp: (WebCore::AuthenticatorAssertionResponse::create): (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse): * Modules/webauthn/AuthenticatorAssertionResponse.h: * Modules/webauthn/AuthenticatorAttestationResponse.cpp: (WebCore::AuthenticatorAttestationResponse::create): (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): * Modules/webauthn/AuthenticatorAttestationResponse.h: * Modules/webauthn/AuthenticatorCoordinator.cpp: (WebCore::AuthenticatorCoordinator::create const): (WebCore::AuthenticatorCoordinator::discoverFromExternalSource const): * Modules/webauthn/AuthenticatorCoordinatorClient.h: * Modules/webauthn/AuthenticatorResponse.cpp: (WebCore::AuthenticatorResponse::tryCreate): (WebCore::AuthenticatorResponse::attachment const): (WebCore::AuthenticatorResponse::AuthenticatorResponse): * Modules/webauthn/AuthenticatorResponse.h: * Modules/webauthn/fido/DeviceResponseConverter.cpp: (fido::readCTAPMakeCredentialResponse): (fido::readCTAPGetAssertionResponse): * Modules/webauthn/fido/DeviceResponseConverter.h: * Modules/webauthn/fido/U2fResponseConverter.cpp: (fido::readU2fRegisterResponse): (fido::readU2fSignResponse): * Modules/webauthn/fido/U2fResponseConverter.h: Source/WebKit: Patch by Garrett Davidson <garrett_davidson@apple.com> on 2021-06-02 Reviewed by Brent Fulgham. Have WebAuthn authenticators start passing back their attachment type, and plumb it up through to the calling process. * UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponse.mm: (-[_WKAuthenticatorAssertionResponse initWithClientDataJSON:rawId:extensions:authenticatorData:signature:userHandle:attachment:]): (-[_WKAuthenticatorAssertionResponse initWithClientDataJSON:rawId:extensions:authenticatorData:signature:userHandle:]): Deleted. * UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponseInternal.h: * UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponse.mm: (-[_WKAuthenticatorAttestationResponse initWithClientDataJSON:rawId:extensions:attestationObject:attachment:]): (-[_WKAuthenticatorAttestationResponse initWithClientDataJSON:rawId:extensions:attestationObject:]): Deleted. * UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponseInternal.h: * UIProcess/API/Cocoa/_WKAuthenticatorResponse.h: * UIProcess/API/Cocoa/_WKAuthenticatorResponse.mm: (-[_WKAuthenticatorResponse initWithClientDataJSON:rawId:extensions:attachment:]): (-[_WKAuthenticatorResponse initWithClientDataJSON:rawId:extensions:]): Deleted. * UIProcess/API/Cocoa/_WKAuthenticatorResponseInternal.h: * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm: (authenticatorAttachmentToWKAuthenticatorAttachment): (wkAuthenticatorAttestationResponse): (-[_WKWebAuthenticationPanel makeCredentialWithChallenge:origin:options:completionHandler:]): (wkAuthenticatorAssertionResponse): (-[_WKWebAuthenticationPanel getAssertionWithChallenge:origin:options:completionHandler:]): * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm: (WebKit::LocalAuthenticatorInternal::getExistingCredentials): (WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification): (WebKit::LocalAuthenticator::continueMakeCredentialAfterAttested): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp: (WebKit::WebAuthenticatorCoordinatorProxy::handleRequest): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h: * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in: * UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp: (WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived): (WebKit::CtapAuthenticator::continueGetAssertionAfterResponseReceived): (WebKit::CtapAuthenticator::continueGetNextAssertionAfterResponseReceived): * UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp: (WebKit::U2fAuthenticator::continueRegisterCommandAfterResponseReceived): (WebKit::U2fAuthenticator::continueSignCommandAfterResponseReceived): * WebAuthnProcess/WebAuthnConnectionToWebProcess.cpp: (WebKit::WebAuthnConnectionToWebProcess::handleRequest): * WebAuthnProcess/WebAuthnConnectionToWebProcess.h: * WebAuthnProcess/WebAuthnConnectionToWebProcess.messages.in: Tools: Patch by Garrett Davidson <davidson.garrettm@gmail.com> on 2021-06-02 Reviewed by Brent Fulgham. Update the CTAP tests to specify the new attachment parameter. All of these tests assume a cross platform authenticator. * TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp: (TestWebKitAPI::TEST): Canonical link: https://commits.webkit.org/238390@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@278358 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-06-02 16:42:27 +00:00
* Copyright (C) 2019-2021 Apple Inc. All rights reserved.
[WebAuthn] Combine AuthenticatorResponse and PublicKeyCredentialData https://bugs.webkit.org/show_bug.cgi?id=190783 <rdar://problem/57781183> Reviewed by Brent Fulgham. Source/WebCore: This patch combines AuthenticatorResponse and PublicKeyCredentialData, and therefore renames PublicKeyCredentialData to AuthenticatorResponseData as well. The complexity of WebKit's CTAP implementation has reached the point that PublicKeyCredentialData is not appropriate to represent all the different type of responses from authenticators anymore. For example, authenticatorGetNextAssertion depends on the numberOfCredentials member from authenticatorGetAssertion response to function, but numberOfCredentials is not used anywhere else. Therefore, a polymorphic type is needed to represent different responses from authenticators instead of an uniform one, i.e., PublicKeyCredentialData. AuthenticatorResponse seems to be the best fit. However, there are some limitations: 1) it is a WebIDL interface, and therefore is RefCounted. RefCounted objects cannot be serialized through IPC. To solve this, AuthenticatorResponseData (PublicKeyCredentialData) is kept as an intermediate type that is only used during IPC. 2) it doesn't contain all the information from an actual authenticator response. To solve this, it has been enlarged to include all members from PublicKeyCredential. After this patch, PublicKeyCredential will be a thin wrapper on top of AuthenticatorResponse. Covered by existing tests. * CMakeLists.txt: * DerivedSources-input.xcfilelist: * DerivedSources-output.xcfilelist: * DerivedSources.make: * Headers.cmake: * Modules/webauthn/AuthenticationExtensionsClientOutputs.h: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl. * Modules/webauthn/AuthenticationExtensionsClientOutputs.idl: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl. This is separated from PublicKeyCredential such that AuthenticatorResponse can include it. * Modules/webauthn/AuthenticatorAssertionResponse.cpp: Added. (WebCore::AuthenticatorAssertionResponse::create): (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse): (WebCore::AuthenticatorAssertionResponse::data const): * Modules/webauthn/AuthenticatorAssertionResponse.h: (WebCore::AuthenticatorAssertionResponse::create): Deleted. (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse): Deleted. * Modules/webauthn/AuthenticatorAttestationResponse.cpp: Copied from Source/WebCore/Modules/webauthn/AuthenticatorAttestationResponse.h. (WebCore::AuthenticatorAttestationResponse::create): (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): (WebCore::AuthenticatorAttestationResponse::data const): * Modules/webauthn/AuthenticatorAttestationResponse.h: (WebCore::AuthenticatorAttestationResponse::create): Deleted. (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): Deleted. * Modules/webauthn/AuthenticatorCoordinator.cpp: (WebCore::AuthenticatorCoordinator::create const): (WebCore::AuthenticatorCoordinator::discoverFromExternalSource const): * Modules/webauthn/AuthenticatorCoordinatorClient.h: * Modules/webauthn/AuthenticatorResponse.cpp: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.cpp. (WebCore::AuthenticatorResponse::tryCreate): (WebCore::AuthenticatorResponse::data const): (WebCore::AuthenticatorResponse::extensions const): (WebCore::AuthenticatorResponse::setClientDataJSON): (WebCore::AuthenticatorResponse::clientDataJSON const): (WebCore::AuthenticatorResponse::AuthenticatorResponse): * Modules/webauthn/AuthenticatorResponse.h: (WebCore::AuthenticatorResponse::rawId const): (WebCore::AuthenticatorResponse::setExtensions): (WebCore::AuthenticatorResponse::AuthenticatorResponse): Deleted. (WebCore::AuthenticatorResponse::clientDataJSON const): Deleted. * Modules/webauthn/AuthenticatorResponseData.h: Renamed from Source/WebCore/Modules/webauthn/PublicKeyCredentialData.h. (WebCore::AuthenticatorResponseData::encode const): (WebCore::AuthenticatorResponseData::decode): * Modules/webauthn/PublicKeyCredential.cpp: (WebCore::PublicKeyCredential::create): (WebCore::PublicKeyCredential::rawId const): (WebCore::PublicKeyCredential::getClientExtensionResults const): (WebCore::PublicKeyCredential::PublicKeyCredential): (WebCore::PublicKeyCredential::tryCreate): Deleted. * Modules/webauthn/PublicKeyCredential.h: * Modules/webauthn/PublicKeyCredential.idl: * Modules/webauthn/fido/DeviceResponseConverter.cpp: (fido::readCTAPMakeCredentialResponse): (fido::readCTAPGetAssertionResponse): * Modules/webauthn/fido/DeviceResponseConverter.h: A more appropriate derived type of AuthenticatorResponse is used to replace PublicKeyCredentialData. * Modules/webauthn/fido/U2fResponseConverter.cpp: (fido::readU2fRegisterResponse): (fido::readU2fSignResponse): * Modules/webauthn/fido/U2fResponseConverter.h: A more appropriate derived type of AuthenticatorResponse is used to replace PublicKeyCredentialData. * Sources.txt: * WebCore.xcodeproj/project.pbxproj: Source/WebKit: Code in WebKit are changed to use AuthenticatorResponse and its subtypes. * UIProcess/WebAuthentication/Authenticator.h: * UIProcess/WebAuthentication/AuthenticatorManager.cpp: (WebKit::AuthenticatorManager::respondReceived): (WebKit::AuthenticatorManager::invokePendingCompletionHandler): * UIProcess/WebAuthentication/AuthenticatorManager.h: * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm: (WebKit::LocalAuthenticator::continueMakeCredentialAfterAttested): (WebKit::LocalAuthenticator::continueGetAssertionAfterUserConsented): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp: (WebKit::WebAuthenticatorCoordinatorProxy::handleRequest): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h: * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in: * UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp: (WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived const): (WebKit::CtapAuthenticator::continueGetAssertionAfterResponseReceived): * UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp: (WebKit::U2fAuthenticator::continueRegisterCommandAfterResponseReceived): (WebKit::U2fAuthenticator::continueSignCommandAfterResponseReceived): * WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp: Tools: * TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp: (TestWebKitAPI::TEST): Updates tests accordingly. Canonical link: https://commits.webkit.org/218334@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@253398 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-12-11 23:19:08 +00:00
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
* THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
* THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "config.h"
#include "AuthenticatorAttestationResponse.h"
#if ENABLE(WEB_AUTHN)
#include "AuthenticatorResponseData.h"
namespace WebCore {
[Cocoa] _WKAuthenticatorAssertionResponse should specify the attachment type used https://bugs.webkit.org/show_bug.cgi?id=225519 <rdar://problem/76554090> Source/WebCore: Patch by Garrett Davidson <garrett_davidson@apple.com> on 2021-06-02 Reviewed by Brent Fulgham. Allow WebAuthn authenticators to pass back their attachment type and continue plumbing through up to the authenticator coordinator. Covered by manual tests. * Modules/webauthn/AuthenticatorAssertionResponse.cpp: (WebCore::AuthenticatorAssertionResponse::create): (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse): * Modules/webauthn/AuthenticatorAssertionResponse.h: * Modules/webauthn/AuthenticatorAttestationResponse.cpp: (WebCore::AuthenticatorAttestationResponse::create): (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): * Modules/webauthn/AuthenticatorAttestationResponse.h: * Modules/webauthn/AuthenticatorCoordinator.cpp: (WebCore::AuthenticatorCoordinator::create const): (WebCore::AuthenticatorCoordinator::discoverFromExternalSource const): * Modules/webauthn/AuthenticatorCoordinatorClient.h: * Modules/webauthn/AuthenticatorResponse.cpp: (WebCore::AuthenticatorResponse::tryCreate): (WebCore::AuthenticatorResponse::attachment const): (WebCore::AuthenticatorResponse::AuthenticatorResponse): * Modules/webauthn/AuthenticatorResponse.h: * Modules/webauthn/fido/DeviceResponseConverter.cpp: (fido::readCTAPMakeCredentialResponse): (fido::readCTAPGetAssertionResponse): * Modules/webauthn/fido/DeviceResponseConverter.h: * Modules/webauthn/fido/U2fResponseConverter.cpp: (fido::readU2fRegisterResponse): (fido::readU2fSignResponse): * Modules/webauthn/fido/U2fResponseConverter.h: Source/WebKit: Patch by Garrett Davidson <garrett_davidson@apple.com> on 2021-06-02 Reviewed by Brent Fulgham. Have WebAuthn authenticators start passing back their attachment type, and plumb it up through to the calling process. * UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponse.mm: (-[_WKAuthenticatorAssertionResponse initWithClientDataJSON:rawId:extensions:authenticatorData:signature:userHandle:attachment:]): (-[_WKAuthenticatorAssertionResponse initWithClientDataJSON:rawId:extensions:authenticatorData:signature:userHandle:]): Deleted. * UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponseInternal.h: * UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponse.mm: (-[_WKAuthenticatorAttestationResponse initWithClientDataJSON:rawId:extensions:attestationObject:attachment:]): (-[_WKAuthenticatorAttestationResponse initWithClientDataJSON:rawId:extensions:attestationObject:]): Deleted. * UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponseInternal.h: * UIProcess/API/Cocoa/_WKAuthenticatorResponse.h: * UIProcess/API/Cocoa/_WKAuthenticatorResponse.mm: (-[_WKAuthenticatorResponse initWithClientDataJSON:rawId:extensions:attachment:]): (-[_WKAuthenticatorResponse initWithClientDataJSON:rawId:extensions:]): Deleted. * UIProcess/API/Cocoa/_WKAuthenticatorResponseInternal.h: * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm: (authenticatorAttachmentToWKAuthenticatorAttachment): (wkAuthenticatorAttestationResponse): (-[_WKWebAuthenticationPanel makeCredentialWithChallenge:origin:options:completionHandler:]): (wkAuthenticatorAssertionResponse): (-[_WKWebAuthenticationPanel getAssertionWithChallenge:origin:options:completionHandler:]): * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm: (WebKit::LocalAuthenticatorInternal::getExistingCredentials): (WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification): (WebKit::LocalAuthenticator::continueMakeCredentialAfterAttested): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp: (WebKit::WebAuthenticatorCoordinatorProxy::handleRequest): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h: * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in: * UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp: (WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived): (WebKit::CtapAuthenticator::continueGetAssertionAfterResponseReceived): (WebKit::CtapAuthenticator::continueGetNextAssertionAfterResponseReceived): * UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp: (WebKit::U2fAuthenticator::continueRegisterCommandAfterResponseReceived): (WebKit::U2fAuthenticator::continueSignCommandAfterResponseReceived): * WebAuthnProcess/WebAuthnConnectionToWebProcess.cpp: (WebKit::WebAuthnConnectionToWebProcess::handleRequest): * WebAuthnProcess/WebAuthnConnectionToWebProcess.h: * WebAuthnProcess/WebAuthnConnectionToWebProcess.messages.in: Tools: Patch by Garrett Davidson <davidson.garrettm@gmail.com> on 2021-06-02 Reviewed by Brent Fulgham. Update the CTAP tests to specify the new attachment parameter. All of these tests assume a cross platform authenticator. * TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp: (TestWebKitAPI::TEST): Canonical link: https://commits.webkit.org/238390@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@278358 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-06-02 16:42:27 +00:00
Ref<AuthenticatorAttestationResponse> AuthenticatorAttestationResponse::create(Ref<ArrayBuffer>&& rawId, Ref<ArrayBuffer>&& attestationObject, AuthenticatorAttachment attachment)
[WebAuthn] Combine AuthenticatorResponse and PublicKeyCredentialData https://bugs.webkit.org/show_bug.cgi?id=190783 <rdar://problem/57781183> Reviewed by Brent Fulgham. Source/WebCore: This patch combines AuthenticatorResponse and PublicKeyCredentialData, and therefore renames PublicKeyCredentialData to AuthenticatorResponseData as well. The complexity of WebKit's CTAP implementation has reached the point that PublicKeyCredentialData is not appropriate to represent all the different type of responses from authenticators anymore. For example, authenticatorGetNextAssertion depends on the numberOfCredentials member from authenticatorGetAssertion response to function, but numberOfCredentials is not used anywhere else. Therefore, a polymorphic type is needed to represent different responses from authenticators instead of an uniform one, i.e., PublicKeyCredentialData. AuthenticatorResponse seems to be the best fit. However, there are some limitations: 1) it is a WebIDL interface, and therefore is RefCounted. RefCounted objects cannot be serialized through IPC. To solve this, AuthenticatorResponseData (PublicKeyCredentialData) is kept as an intermediate type that is only used during IPC. 2) it doesn't contain all the information from an actual authenticator response. To solve this, it has been enlarged to include all members from PublicKeyCredential. After this patch, PublicKeyCredential will be a thin wrapper on top of AuthenticatorResponse. Covered by existing tests. * CMakeLists.txt: * DerivedSources-input.xcfilelist: * DerivedSources-output.xcfilelist: * DerivedSources.make: * Headers.cmake: * Modules/webauthn/AuthenticationExtensionsClientOutputs.h: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl. * Modules/webauthn/AuthenticationExtensionsClientOutputs.idl: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl. This is separated from PublicKeyCredential such that AuthenticatorResponse can include it. * Modules/webauthn/AuthenticatorAssertionResponse.cpp: Added. (WebCore::AuthenticatorAssertionResponse::create): (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse): (WebCore::AuthenticatorAssertionResponse::data const): * Modules/webauthn/AuthenticatorAssertionResponse.h: (WebCore::AuthenticatorAssertionResponse::create): Deleted. (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse): Deleted. * Modules/webauthn/AuthenticatorAttestationResponse.cpp: Copied from Source/WebCore/Modules/webauthn/AuthenticatorAttestationResponse.h. (WebCore::AuthenticatorAttestationResponse::create): (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): (WebCore::AuthenticatorAttestationResponse::data const): * Modules/webauthn/AuthenticatorAttestationResponse.h: (WebCore::AuthenticatorAttestationResponse::create): Deleted. (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): Deleted. * Modules/webauthn/AuthenticatorCoordinator.cpp: (WebCore::AuthenticatorCoordinator::create const): (WebCore::AuthenticatorCoordinator::discoverFromExternalSource const): * Modules/webauthn/AuthenticatorCoordinatorClient.h: * Modules/webauthn/AuthenticatorResponse.cpp: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.cpp. (WebCore::AuthenticatorResponse::tryCreate): (WebCore::AuthenticatorResponse::data const): (WebCore::AuthenticatorResponse::extensions const): (WebCore::AuthenticatorResponse::setClientDataJSON): (WebCore::AuthenticatorResponse::clientDataJSON const): (WebCore::AuthenticatorResponse::AuthenticatorResponse): * Modules/webauthn/AuthenticatorResponse.h: (WebCore::AuthenticatorResponse::rawId const): (WebCore::AuthenticatorResponse::setExtensions): (WebCore::AuthenticatorResponse::AuthenticatorResponse): Deleted. (WebCore::AuthenticatorResponse::clientDataJSON const): Deleted. * Modules/webauthn/AuthenticatorResponseData.h: Renamed from Source/WebCore/Modules/webauthn/PublicKeyCredentialData.h. (WebCore::AuthenticatorResponseData::encode const): (WebCore::AuthenticatorResponseData::decode): * Modules/webauthn/PublicKeyCredential.cpp: (WebCore::PublicKeyCredential::create): (WebCore::PublicKeyCredential::rawId const): (WebCore::PublicKeyCredential::getClientExtensionResults const): (WebCore::PublicKeyCredential::PublicKeyCredential): (WebCore::PublicKeyCredential::tryCreate): Deleted. * Modules/webauthn/PublicKeyCredential.h: * Modules/webauthn/PublicKeyCredential.idl: * Modules/webauthn/fido/DeviceResponseConverter.cpp: (fido::readCTAPMakeCredentialResponse): (fido::readCTAPGetAssertionResponse): * Modules/webauthn/fido/DeviceResponseConverter.h: A more appropriate derived type of AuthenticatorResponse is used to replace PublicKeyCredentialData. * Modules/webauthn/fido/U2fResponseConverter.cpp: (fido::readU2fRegisterResponse): (fido::readU2fSignResponse): * Modules/webauthn/fido/U2fResponseConverter.h: A more appropriate derived type of AuthenticatorResponse is used to replace PublicKeyCredentialData. * Sources.txt: * WebCore.xcodeproj/project.pbxproj: Source/WebKit: Code in WebKit are changed to use AuthenticatorResponse and its subtypes. * UIProcess/WebAuthentication/Authenticator.h: * UIProcess/WebAuthentication/AuthenticatorManager.cpp: (WebKit::AuthenticatorManager::respondReceived): (WebKit::AuthenticatorManager::invokePendingCompletionHandler): * UIProcess/WebAuthentication/AuthenticatorManager.h: * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm: (WebKit::LocalAuthenticator::continueMakeCredentialAfterAttested): (WebKit::LocalAuthenticator::continueGetAssertionAfterUserConsented): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp: (WebKit::WebAuthenticatorCoordinatorProxy::handleRequest): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h: * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in: * UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp: (WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived const): (WebKit::CtapAuthenticator::continueGetAssertionAfterResponseReceived): * UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp: (WebKit::U2fAuthenticator::continueRegisterCommandAfterResponseReceived): (WebKit::U2fAuthenticator::continueSignCommandAfterResponseReceived): * WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp: Tools: * TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp: (TestWebKitAPI::TEST): Updates tests accordingly. Canonical link: https://commits.webkit.org/218334@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@253398 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-12-11 23:19:08 +00:00
{
[Cocoa] _WKAuthenticatorAssertionResponse should specify the attachment type used https://bugs.webkit.org/show_bug.cgi?id=225519 <rdar://problem/76554090> Source/WebCore: Patch by Garrett Davidson <garrett_davidson@apple.com> on 2021-06-02 Reviewed by Brent Fulgham. Allow WebAuthn authenticators to pass back their attachment type and continue plumbing through up to the authenticator coordinator. Covered by manual tests. * Modules/webauthn/AuthenticatorAssertionResponse.cpp: (WebCore::AuthenticatorAssertionResponse::create): (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse): * Modules/webauthn/AuthenticatorAssertionResponse.h: * Modules/webauthn/AuthenticatorAttestationResponse.cpp: (WebCore::AuthenticatorAttestationResponse::create): (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): * Modules/webauthn/AuthenticatorAttestationResponse.h: * Modules/webauthn/AuthenticatorCoordinator.cpp: (WebCore::AuthenticatorCoordinator::create const): (WebCore::AuthenticatorCoordinator::discoverFromExternalSource const): * Modules/webauthn/AuthenticatorCoordinatorClient.h: * Modules/webauthn/AuthenticatorResponse.cpp: (WebCore::AuthenticatorResponse::tryCreate): (WebCore::AuthenticatorResponse::attachment const): (WebCore::AuthenticatorResponse::AuthenticatorResponse): * Modules/webauthn/AuthenticatorResponse.h: * Modules/webauthn/fido/DeviceResponseConverter.cpp: (fido::readCTAPMakeCredentialResponse): (fido::readCTAPGetAssertionResponse): * Modules/webauthn/fido/DeviceResponseConverter.h: * Modules/webauthn/fido/U2fResponseConverter.cpp: (fido::readU2fRegisterResponse): (fido::readU2fSignResponse): * Modules/webauthn/fido/U2fResponseConverter.h: Source/WebKit: Patch by Garrett Davidson <garrett_davidson@apple.com> on 2021-06-02 Reviewed by Brent Fulgham. Have WebAuthn authenticators start passing back their attachment type, and plumb it up through to the calling process. * UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponse.mm: (-[_WKAuthenticatorAssertionResponse initWithClientDataJSON:rawId:extensions:authenticatorData:signature:userHandle:attachment:]): (-[_WKAuthenticatorAssertionResponse initWithClientDataJSON:rawId:extensions:authenticatorData:signature:userHandle:]): Deleted. * UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponseInternal.h: * UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponse.mm: (-[_WKAuthenticatorAttestationResponse initWithClientDataJSON:rawId:extensions:attestationObject:attachment:]): (-[_WKAuthenticatorAttestationResponse initWithClientDataJSON:rawId:extensions:attestationObject:]): Deleted. * UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponseInternal.h: * UIProcess/API/Cocoa/_WKAuthenticatorResponse.h: * UIProcess/API/Cocoa/_WKAuthenticatorResponse.mm: (-[_WKAuthenticatorResponse initWithClientDataJSON:rawId:extensions:attachment:]): (-[_WKAuthenticatorResponse initWithClientDataJSON:rawId:extensions:]): Deleted. * UIProcess/API/Cocoa/_WKAuthenticatorResponseInternal.h: * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm: (authenticatorAttachmentToWKAuthenticatorAttachment): (wkAuthenticatorAttestationResponse): (-[_WKWebAuthenticationPanel makeCredentialWithChallenge:origin:options:completionHandler:]): (wkAuthenticatorAssertionResponse): (-[_WKWebAuthenticationPanel getAssertionWithChallenge:origin:options:completionHandler:]): * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm: (WebKit::LocalAuthenticatorInternal::getExistingCredentials): (WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification): (WebKit::LocalAuthenticator::continueMakeCredentialAfterAttested): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp: (WebKit::WebAuthenticatorCoordinatorProxy::handleRequest): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h: * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in: * UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp: (WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived): (WebKit::CtapAuthenticator::continueGetAssertionAfterResponseReceived): (WebKit::CtapAuthenticator::continueGetNextAssertionAfterResponseReceived): * UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp: (WebKit::U2fAuthenticator::continueRegisterCommandAfterResponseReceived): (WebKit::U2fAuthenticator::continueSignCommandAfterResponseReceived): * WebAuthnProcess/WebAuthnConnectionToWebProcess.cpp: (WebKit::WebAuthnConnectionToWebProcess::handleRequest): * WebAuthnProcess/WebAuthnConnectionToWebProcess.h: * WebAuthnProcess/WebAuthnConnectionToWebProcess.messages.in: Tools: Patch by Garrett Davidson <davidson.garrettm@gmail.com> on 2021-06-02 Reviewed by Brent Fulgham. Update the CTAP tests to specify the new attachment parameter. All of these tests assume a cross platform authenticator. * TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp: (TestWebKitAPI::TEST): Canonical link: https://commits.webkit.org/238390@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@278358 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-06-02 16:42:27 +00:00
return adoptRef(*new AuthenticatorAttestationResponse(WTFMove(rawId), WTFMove(attestationObject), attachment));
[WebAuthn] Combine AuthenticatorResponse and PublicKeyCredentialData https://bugs.webkit.org/show_bug.cgi?id=190783 <rdar://problem/57781183> Reviewed by Brent Fulgham. Source/WebCore: This patch combines AuthenticatorResponse and PublicKeyCredentialData, and therefore renames PublicKeyCredentialData to AuthenticatorResponseData as well. The complexity of WebKit's CTAP implementation has reached the point that PublicKeyCredentialData is not appropriate to represent all the different type of responses from authenticators anymore. For example, authenticatorGetNextAssertion depends on the numberOfCredentials member from authenticatorGetAssertion response to function, but numberOfCredentials is not used anywhere else. Therefore, a polymorphic type is needed to represent different responses from authenticators instead of an uniform one, i.e., PublicKeyCredentialData. AuthenticatorResponse seems to be the best fit. However, there are some limitations: 1) it is a WebIDL interface, and therefore is RefCounted. RefCounted objects cannot be serialized through IPC. To solve this, AuthenticatorResponseData (PublicKeyCredentialData) is kept as an intermediate type that is only used during IPC. 2) it doesn't contain all the information from an actual authenticator response. To solve this, it has been enlarged to include all members from PublicKeyCredential. After this patch, PublicKeyCredential will be a thin wrapper on top of AuthenticatorResponse. Covered by existing tests. * CMakeLists.txt: * DerivedSources-input.xcfilelist: * DerivedSources-output.xcfilelist: * DerivedSources.make: * Headers.cmake: * Modules/webauthn/AuthenticationExtensionsClientOutputs.h: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl. * Modules/webauthn/AuthenticationExtensionsClientOutputs.idl: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl. This is separated from PublicKeyCredential such that AuthenticatorResponse can include it. * Modules/webauthn/AuthenticatorAssertionResponse.cpp: Added. (WebCore::AuthenticatorAssertionResponse::create): (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse): (WebCore::AuthenticatorAssertionResponse::data const): * Modules/webauthn/AuthenticatorAssertionResponse.h: (WebCore::AuthenticatorAssertionResponse::create): Deleted. (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse): Deleted. * Modules/webauthn/AuthenticatorAttestationResponse.cpp: Copied from Source/WebCore/Modules/webauthn/AuthenticatorAttestationResponse.h. (WebCore::AuthenticatorAttestationResponse::create): (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): (WebCore::AuthenticatorAttestationResponse::data const): * Modules/webauthn/AuthenticatorAttestationResponse.h: (WebCore::AuthenticatorAttestationResponse::create): Deleted. (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): Deleted. * Modules/webauthn/AuthenticatorCoordinator.cpp: (WebCore::AuthenticatorCoordinator::create const): (WebCore::AuthenticatorCoordinator::discoverFromExternalSource const): * Modules/webauthn/AuthenticatorCoordinatorClient.h: * Modules/webauthn/AuthenticatorResponse.cpp: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.cpp. (WebCore::AuthenticatorResponse::tryCreate): (WebCore::AuthenticatorResponse::data const): (WebCore::AuthenticatorResponse::extensions const): (WebCore::AuthenticatorResponse::setClientDataJSON): (WebCore::AuthenticatorResponse::clientDataJSON const): (WebCore::AuthenticatorResponse::AuthenticatorResponse): * Modules/webauthn/AuthenticatorResponse.h: (WebCore::AuthenticatorResponse::rawId const): (WebCore::AuthenticatorResponse::setExtensions): (WebCore::AuthenticatorResponse::AuthenticatorResponse): Deleted. (WebCore::AuthenticatorResponse::clientDataJSON const): Deleted. * Modules/webauthn/AuthenticatorResponseData.h: Renamed from Source/WebCore/Modules/webauthn/PublicKeyCredentialData.h. (WebCore::AuthenticatorResponseData::encode const): (WebCore::AuthenticatorResponseData::decode): * Modules/webauthn/PublicKeyCredential.cpp: (WebCore::PublicKeyCredential::create): (WebCore::PublicKeyCredential::rawId const): (WebCore::PublicKeyCredential::getClientExtensionResults const): (WebCore::PublicKeyCredential::PublicKeyCredential): (WebCore::PublicKeyCredential::tryCreate): Deleted. * Modules/webauthn/PublicKeyCredential.h: * Modules/webauthn/PublicKeyCredential.idl: * Modules/webauthn/fido/DeviceResponseConverter.cpp: (fido::readCTAPMakeCredentialResponse): (fido::readCTAPGetAssertionResponse): * Modules/webauthn/fido/DeviceResponseConverter.h: A more appropriate derived type of AuthenticatorResponse is used to replace PublicKeyCredentialData. * Modules/webauthn/fido/U2fResponseConverter.cpp: (fido::readU2fRegisterResponse): (fido::readU2fSignResponse): * Modules/webauthn/fido/U2fResponseConverter.h: A more appropriate derived type of AuthenticatorResponse is used to replace PublicKeyCredentialData. * Sources.txt: * WebCore.xcodeproj/project.pbxproj: Source/WebKit: Code in WebKit are changed to use AuthenticatorResponse and its subtypes. * UIProcess/WebAuthentication/Authenticator.h: * UIProcess/WebAuthentication/AuthenticatorManager.cpp: (WebKit::AuthenticatorManager::respondReceived): (WebKit::AuthenticatorManager::invokePendingCompletionHandler): * UIProcess/WebAuthentication/AuthenticatorManager.h: * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm: (WebKit::LocalAuthenticator::continueMakeCredentialAfterAttested): (WebKit::LocalAuthenticator::continueGetAssertionAfterUserConsented): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp: (WebKit::WebAuthenticatorCoordinatorProxy::handleRequest): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h: * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in: * UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp: (WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived const): (WebKit::CtapAuthenticator::continueGetAssertionAfterResponseReceived): * UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp: (WebKit::U2fAuthenticator::continueRegisterCommandAfterResponseReceived): (WebKit::U2fAuthenticator::continueSignCommandAfterResponseReceived): * WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp: Tools: * TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp: (TestWebKitAPI::TEST): Updates tests accordingly. Canonical link: https://commits.webkit.org/218334@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@253398 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-12-11 23:19:08 +00:00
}
[Cocoa] _WKAuthenticatorAssertionResponse should specify the attachment type used https://bugs.webkit.org/show_bug.cgi?id=225519 <rdar://problem/76554090> Source/WebCore: Patch by Garrett Davidson <garrett_davidson@apple.com> on 2021-06-02 Reviewed by Brent Fulgham. Allow WebAuthn authenticators to pass back their attachment type and continue plumbing through up to the authenticator coordinator. Covered by manual tests. * Modules/webauthn/AuthenticatorAssertionResponse.cpp: (WebCore::AuthenticatorAssertionResponse::create): (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse): * Modules/webauthn/AuthenticatorAssertionResponse.h: * Modules/webauthn/AuthenticatorAttestationResponse.cpp: (WebCore::AuthenticatorAttestationResponse::create): (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): * Modules/webauthn/AuthenticatorAttestationResponse.h: * Modules/webauthn/AuthenticatorCoordinator.cpp: (WebCore::AuthenticatorCoordinator::create const): (WebCore::AuthenticatorCoordinator::discoverFromExternalSource const): * Modules/webauthn/AuthenticatorCoordinatorClient.h: * Modules/webauthn/AuthenticatorResponse.cpp: (WebCore::AuthenticatorResponse::tryCreate): (WebCore::AuthenticatorResponse::attachment const): (WebCore::AuthenticatorResponse::AuthenticatorResponse): * Modules/webauthn/AuthenticatorResponse.h: * Modules/webauthn/fido/DeviceResponseConverter.cpp: (fido::readCTAPMakeCredentialResponse): (fido::readCTAPGetAssertionResponse): * Modules/webauthn/fido/DeviceResponseConverter.h: * Modules/webauthn/fido/U2fResponseConverter.cpp: (fido::readU2fRegisterResponse): (fido::readU2fSignResponse): * Modules/webauthn/fido/U2fResponseConverter.h: Source/WebKit: Patch by Garrett Davidson <garrett_davidson@apple.com> on 2021-06-02 Reviewed by Brent Fulgham. Have WebAuthn authenticators start passing back their attachment type, and plumb it up through to the calling process. * UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponse.mm: (-[_WKAuthenticatorAssertionResponse initWithClientDataJSON:rawId:extensions:authenticatorData:signature:userHandle:attachment:]): (-[_WKAuthenticatorAssertionResponse initWithClientDataJSON:rawId:extensions:authenticatorData:signature:userHandle:]): Deleted. * UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponseInternal.h: * UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponse.mm: (-[_WKAuthenticatorAttestationResponse initWithClientDataJSON:rawId:extensions:attestationObject:attachment:]): (-[_WKAuthenticatorAttestationResponse initWithClientDataJSON:rawId:extensions:attestationObject:]): Deleted. * UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponseInternal.h: * UIProcess/API/Cocoa/_WKAuthenticatorResponse.h: * UIProcess/API/Cocoa/_WKAuthenticatorResponse.mm: (-[_WKAuthenticatorResponse initWithClientDataJSON:rawId:extensions:attachment:]): (-[_WKAuthenticatorResponse initWithClientDataJSON:rawId:extensions:]): Deleted. * UIProcess/API/Cocoa/_WKAuthenticatorResponseInternal.h: * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm: (authenticatorAttachmentToWKAuthenticatorAttachment): (wkAuthenticatorAttestationResponse): (-[_WKWebAuthenticationPanel makeCredentialWithChallenge:origin:options:completionHandler:]): (wkAuthenticatorAssertionResponse): (-[_WKWebAuthenticationPanel getAssertionWithChallenge:origin:options:completionHandler:]): * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm: (WebKit::LocalAuthenticatorInternal::getExistingCredentials): (WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification): (WebKit::LocalAuthenticator::continueMakeCredentialAfterAttested): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp: (WebKit::WebAuthenticatorCoordinatorProxy::handleRequest): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h: * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in: * UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp: (WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived): (WebKit::CtapAuthenticator::continueGetAssertionAfterResponseReceived): (WebKit::CtapAuthenticator::continueGetNextAssertionAfterResponseReceived): * UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp: (WebKit::U2fAuthenticator::continueRegisterCommandAfterResponseReceived): (WebKit::U2fAuthenticator::continueSignCommandAfterResponseReceived): * WebAuthnProcess/WebAuthnConnectionToWebProcess.cpp: (WebKit::WebAuthnConnectionToWebProcess::handleRequest): * WebAuthnProcess/WebAuthnConnectionToWebProcess.h: * WebAuthnProcess/WebAuthnConnectionToWebProcess.messages.in: Tools: Patch by Garrett Davidson <davidson.garrettm@gmail.com> on 2021-06-02 Reviewed by Brent Fulgham. Update the CTAP tests to specify the new attachment parameter. All of these tests assume a cross platform authenticator. * TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp: (TestWebKitAPI::TEST): Canonical link: https://commits.webkit.org/238390@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@278358 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-06-02 16:42:27 +00:00
Ref<AuthenticatorAttestationResponse> AuthenticatorAttestationResponse::create(const Vector<uint8_t>& rawId, const Vector<uint8_t>& attestationObject, AuthenticatorAttachment attachment)
[WebAuthn] Combine AuthenticatorResponse and PublicKeyCredentialData https://bugs.webkit.org/show_bug.cgi?id=190783 <rdar://problem/57781183> Reviewed by Brent Fulgham. Source/WebCore: This patch combines AuthenticatorResponse and PublicKeyCredentialData, and therefore renames PublicKeyCredentialData to AuthenticatorResponseData as well. The complexity of WebKit's CTAP implementation has reached the point that PublicKeyCredentialData is not appropriate to represent all the different type of responses from authenticators anymore. For example, authenticatorGetNextAssertion depends on the numberOfCredentials member from authenticatorGetAssertion response to function, but numberOfCredentials is not used anywhere else. Therefore, a polymorphic type is needed to represent different responses from authenticators instead of an uniform one, i.e., PublicKeyCredentialData. AuthenticatorResponse seems to be the best fit. However, there are some limitations: 1) it is a WebIDL interface, and therefore is RefCounted. RefCounted objects cannot be serialized through IPC. To solve this, AuthenticatorResponseData (PublicKeyCredentialData) is kept as an intermediate type that is only used during IPC. 2) it doesn't contain all the information from an actual authenticator response. To solve this, it has been enlarged to include all members from PublicKeyCredential. After this patch, PublicKeyCredential will be a thin wrapper on top of AuthenticatorResponse. Covered by existing tests. * CMakeLists.txt: * DerivedSources-input.xcfilelist: * DerivedSources-output.xcfilelist: * DerivedSources.make: * Headers.cmake: * Modules/webauthn/AuthenticationExtensionsClientOutputs.h: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl. * Modules/webauthn/AuthenticationExtensionsClientOutputs.idl: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl. This is separated from PublicKeyCredential such that AuthenticatorResponse can include it. * Modules/webauthn/AuthenticatorAssertionResponse.cpp: Added. (WebCore::AuthenticatorAssertionResponse::create): (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse): (WebCore::AuthenticatorAssertionResponse::data const): * Modules/webauthn/AuthenticatorAssertionResponse.h: (WebCore::AuthenticatorAssertionResponse::create): Deleted. (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse): Deleted. * Modules/webauthn/AuthenticatorAttestationResponse.cpp: Copied from Source/WebCore/Modules/webauthn/AuthenticatorAttestationResponse.h. (WebCore::AuthenticatorAttestationResponse::create): (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): (WebCore::AuthenticatorAttestationResponse::data const): * Modules/webauthn/AuthenticatorAttestationResponse.h: (WebCore::AuthenticatorAttestationResponse::create): Deleted. (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): Deleted. * Modules/webauthn/AuthenticatorCoordinator.cpp: (WebCore::AuthenticatorCoordinator::create const): (WebCore::AuthenticatorCoordinator::discoverFromExternalSource const): * Modules/webauthn/AuthenticatorCoordinatorClient.h: * Modules/webauthn/AuthenticatorResponse.cpp: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.cpp. (WebCore::AuthenticatorResponse::tryCreate): (WebCore::AuthenticatorResponse::data const): (WebCore::AuthenticatorResponse::extensions const): (WebCore::AuthenticatorResponse::setClientDataJSON): (WebCore::AuthenticatorResponse::clientDataJSON const): (WebCore::AuthenticatorResponse::AuthenticatorResponse): * Modules/webauthn/AuthenticatorResponse.h: (WebCore::AuthenticatorResponse::rawId const): (WebCore::AuthenticatorResponse::setExtensions): (WebCore::AuthenticatorResponse::AuthenticatorResponse): Deleted. (WebCore::AuthenticatorResponse::clientDataJSON const): Deleted. * Modules/webauthn/AuthenticatorResponseData.h: Renamed from Source/WebCore/Modules/webauthn/PublicKeyCredentialData.h. (WebCore::AuthenticatorResponseData::encode const): (WebCore::AuthenticatorResponseData::decode): * Modules/webauthn/PublicKeyCredential.cpp: (WebCore::PublicKeyCredential::create): (WebCore::PublicKeyCredential::rawId const): (WebCore::PublicKeyCredential::getClientExtensionResults const): (WebCore::PublicKeyCredential::PublicKeyCredential): (WebCore::PublicKeyCredential::tryCreate): Deleted. * Modules/webauthn/PublicKeyCredential.h: * Modules/webauthn/PublicKeyCredential.idl: * Modules/webauthn/fido/DeviceResponseConverter.cpp: (fido::readCTAPMakeCredentialResponse): (fido::readCTAPGetAssertionResponse): * Modules/webauthn/fido/DeviceResponseConverter.h: A more appropriate derived type of AuthenticatorResponse is used to replace PublicKeyCredentialData. * Modules/webauthn/fido/U2fResponseConverter.cpp: (fido::readU2fRegisterResponse): (fido::readU2fSignResponse): * Modules/webauthn/fido/U2fResponseConverter.h: A more appropriate derived type of AuthenticatorResponse is used to replace PublicKeyCredentialData. * Sources.txt: * WebCore.xcodeproj/project.pbxproj: Source/WebKit: Code in WebKit are changed to use AuthenticatorResponse and its subtypes. * UIProcess/WebAuthentication/Authenticator.h: * UIProcess/WebAuthentication/AuthenticatorManager.cpp: (WebKit::AuthenticatorManager::respondReceived): (WebKit::AuthenticatorManager::invokePendingCompletionHandler): * UIProcess/WebAuthentication/AuthenticatorManager.h: * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm: (WebKit::LocalAuthenticator::continueMakeCredentialAfterAttested): (WebKit::LocalAuthenticator::continueGetAssertionAfterUserConsented): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp: (WebKit::WebAuthenticatorCoordinatorProxy::handleRequest): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h: * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in: * UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp: (WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived const): (WebKit::CtapAuthenticator::continueGetAssertionAfterResponseReceived): * UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp: (WebKit::U2fAuthenticator::continueRegisterCommandAfterResponseReceived): (WebKit::U2fAuthenticator::continueSignCommandAfterResponseReceived): * WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp: Tools: * TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp: (TestWebKitAPI::TEST): Updates tests accordingly. Canonical link: https://commits.webkit.org/218334@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@253398 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-12-11 23:19:08 +00:00
{
[Cocoa] _WKAuthenticatorAssertionResponse should specify the attachment type used https://bugs.webkit.org/show_bug.cgi?id=225519 <rdar://problem/76554090> Source/WebCore: Patch by Garrett Davidson <garrett_davidson@apple.com> on 2021-06-02 Reviewed by Brent Fulgham. Allow WebAuthn authenticators to pass back their attachment type and continue plumbing through up to the authenticator coordinator. Covered by manual tests. * Modules/webauthn/AuthenticatorAssertionResponse.cpp: (WebCore::AuthenticatorAssertionResponse::create): (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse): * Modules/webauthn/AuthenticatorAssertionResponse.h: * Modules/webauthn/AuthenticatorAttestationResponse.cpp: (WebCore::AuthenticatorAttestationResponse::create): (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): * Modules/webauthn/AuthenticatorAttestationResponse.h: * Modules/webauthn/AuthenticatorCoordinator.cpp: (WebCore::AuthenticatorCoordinator::create const): (WebCore::AuthenticatorCoordinator::discoverFromExternalSource const): * Modules/webauthn/AuthenticatorCoordinatorClient.h: * Modules/webauthn/AuthenticatorResponse.cpp: (WebCore::AuthenticatorResponse::tryCreate): (WebCore::AuthenticatorResponse::attachment const): (WebCore::AuthenticatorResponse::AuthenticatorResponse): * Modules/webauthn/AuthenticatorResponse.h: * Modules/webauthn/fido/DeviceResponseConverter.cpp: (fido::readCTAPMakeCredentialResponse): (fido::readCTAPGetAssertionResponse): * Modules/webauthn/fido/DeviceResponseConverter.h: * Modules/webauthn/fido/U2fResponseConverter.cpp: (fido::readU2fRegisterResponse): (fido::readU2fSignResponse): * Modules/webauthn/fido/U2fResponseConverter.h: Source/WebKit: Patch by Garrett Davidson <garrett_davidson@apple.com> on 2021-06-02 Reviewed by Brent Fulgham. Have WebAuthn authenticators start passing back their attachment type, and plumb it up through to the calling process. * UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponse.mm: (-[_WKAuthenticatorAssertionResponse initWithClientDataJSON:rawId:extensions:authenticatorData:signature:userHandle:attachment:]): (-[_WKAuthenticatorAssertionResponse initWithClientDataJSON:rawId:extensions:authenticatorData:signature:userHandle:]): Deleted. * UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponseInternal.h: * UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponse.mm: (-[_WKAuthenticatorAttestationResponse initWithClientDataJSON:rawId:extensions:attestationObject:attachment:]): (-[_WKAuthenticatorAttestationResponse initWithClientDataJSON:rawId:extensions:attestationObject:]): Deleted. * UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponseInternal.h: * UIProcess/API/Cocoa/_WKAuthenticatorResponse.h: * UIProcess/API/Cocoa/_WKAuthenticatorResponse.mm: (-[_WKAuthenticatorResponse initWithClientDataJSON:rawId:extensions:attachment:]): (-[_WKAuthenticatorResponse initWithClientDataJSON:rawId:extensions:]): Deleted. * UIProcess/API/Cocoa/_WKAuthenticatorResponseInternal.h: * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm: (authenticatorAttachmentToWKAuthenticatorAttachment): (wkAuthenticatorAttestationResponse): (-[_WKWebAuthenticationPanel makeCredentialWithChallenge:origin:options:completionHandler:]): (wkAuthenticatorAssertionResponse): (-[_WKWebAuthenticationPanel getAssertionWithChallenge:origin:options:completionHandler:]): * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm: (WebKit::LocalAuthenticatorInternal::getExistingCredentials): (WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification): (WebKit::LocalAuthenticator::continueMakeCredentialAfterAttested): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp: (WebKit::WebAuthenticatorCoordinatorProxy::handleRequest): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h: * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in: * UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp: (WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived): (WebKit::CtapAuthenticator::continueGetAssertionAfterResponseReceived): (WebKit::CtapAuthenticator::continueGetNextAssertionAfterResponseReceived): * UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp: (WebKit::U2fAuthenticator::continueRegisterCommandAfterResponseReceived): (WebKit::U2fAuthenticator::continueSignCommandAfterResponseReceived): * WebAuthnProcess/WebAuthnConnectionToWebProcess.cpp: (WebKit::WebAuthnConnectionToWebProcess::handleRequest): * WebAuthnProcess/WebAuthnConnectionToWebProcess.h: * WebAuthnProcess/WebAuthnConnectionToWebProcess.messages.in: Tools: Patch by Garrett Davidson <davidson.garrettm@gmail.com> on 2021-06-02 Reviewed by Brent Fulgham. Update the CTAP tests to specify the new attachment parameter. All of these tests assume a cross platform authenticator. * TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp: (TestWebKitAPI::TEST): Canonical link: https://commits.webkit.org/238390@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@278358 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-06-02 16:42:27 +00:00
return create(ArrayBuffer::create(rawId.data(), rawId.size()), ArrayBuffer::create(attestationObject.data(), attestationObject.size()), attachment);
[WebAuthn] Combine AuthenticatorResponse and PublicKeyCredentialData https://bugs.webkit.org/show_bug.cgi?id=190783 <rdar://problem/57781183> Reviewed by Brent Fulgham. Source/WebCore: This patch combines AuthenticatorResponse and PublicKeyCredentialData, and therefore renames PublicKeyCredentialData to AuthenticatorResponseData as well. The complexity of WebKit's CTAP implementation has reached the point that PublicKeyCredentialData is not appropriate to represent all the different type of responses from authenticators anymore. For example, authenticatorGetNextAssertion depends on the numberOfCredentials member from authenticatorGetAssertion response to function, but numberOfCredentials is not used anywhere else. Therefore, a polymorphic type is needed to represent different responses from authenticators instead of an uniform one, i.e., PublicKeyCredentialData. AuthenticatorResponse seems to be the best fit. However, there are some limitations: 1) it is a WebIDL interface, and therefore is RefCounted. RefCounted objects cannot be serialized through IPC. To solve this, AuthenticatorResponseData (PublicKeyCredentialData) is kept as an intermediate type that is only used during IPC. 2) it doesn't contain all the information from an actual authenticator response. To solve this, it has been enlarged to include all members from PublicKeyCredential. After this patch, PublicKeyCredential will be a thin wrapper on top of AuthenticatorResponse. Covered by existing tests. * CMakeLists.txt: * DerivedSources-input.xcfilelist: * DerivedSources-output.xcfilelist: * DerivedSources.make: * Headers.cmake: * Modules/webauthn/AuthenticationExtensionsClientOutputs.h: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl. * Modules/webauthn/AuthenticationExtensionsClientOutputs.idl: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl. This is separated from PublicKeyCredential such that AuthenticatorResponse can include it. * Modules/webauthn/AuthenticatorAssertionResponse.cpp: Added. (WebCore::AuthenticatorAssertionResponse::create): (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse): (WebCore::AuthenticatorAssertionResponse::data const): * Modules/webauthn/AuthenticatorAssertionResponse.h: (WebCore::AuthenticatorAssertionResponse::create): Deleted. (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse): Deleted. * Modules/webauthn/AuthenticatorAttestationResponse.cpp: Copied from Source/WebCore/Modules/webauthn/AuthenticatorAttestationResponse.h. (WebCore::AuthenticatorAttestationResponse::create): (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): (WebCore::AuthenticatorAttestationResponse::data const): * Modules/webauthn/AuthenticatorAttestationResponse.h: (WebCore::AuthenticatorAttestationResponse::create): Deleted. (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): Deleted. * Modules/webauthn/AuthenticatorCoordinator.cpp: (WebCore::AuthenticatorCoordinator::create const): (WebCore::AuthenticatorCoordinator::discoverFromExternalSource const): * Modules/webauthn/AuthenticatorCoordinatorClient.h: * Modules/webauthn/AuthenticatorResponse.cpp: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.cpp. (WebCore::AuthenticatorResponse::tryCreate): (WebCore::AuthenticatorResponse::data const): (WebCore::AuthenticatorResponse::extensions const): (WebCore::AuthenticatorResponse::setClientDataJSON): (WebCore::AuthenticatorResponse::clientDataJSON const): (WebCore::AuthenticatorResponse::AuthenticatorResponse): * Modules/webauthn/AuthenticatorResponse.h: (WebCore::AuthenticatorResponse::rawId const): (WebCore::AuthenticatorResponse::setExtensions): (WebCore::AuthenticatorResponse::AuthenticatorResponse): Deleted. (WebCore::AuthenticatorResponse::clientDataJSON const): Deleted. * Modules/webauthn/AuthenticatorResponseData.h: Renamed from Source/WebCore/Modules/webauthn/PublicKeyCredentialData.h. (WebCore::AuthenticatorResponseData::encode const): (WebCore::AuthenticatorResponseData::decode): * Modules/webauthn/PublicKeyCredential.cpp: (WebCore::PublicKeyCredential::create): (WebCore::PublicKeyCredential::rawId const): (WebCore::PublicKeyCredential::getClientExtensionResults const): (WebCore::PublicKeyCredential::PublicKeyCredential): (WebCore::PublicKeyCredential::tryCreate): Deleted. * Modules/webauthn/PublicKeyCredential.h: * Modules/webauthn/PublicKeyCredential.idl: * Modules/webauthn/fido/DeviceResponseConverter.cpp: (fido::readCTAPMakeCredentialResponse): (fido::readCTAPGetAssertionResponse): * Modules/webauthn/fido/DeviceResponseConverter.h: A more appropriate derived type of AuthenticatorResponse is used to replace PublicKeyCredentialData. * Modules/webauthn/fido/U2fResponseConverter.cpp: (fido::readU2fRegisterResponse): (fido::readU2fSignResponse): * Modules/webauthn/fido/U2fResponseConverter.h: A more appropriate derived type of AuthenticatorResponse is used to replace PublicKeyCredentialData. * Sources.txt: * WebCore.xcodeproj/project.pbxproj: Source/WebKit: Code in WebKit are changed to use AuthenticatorResponse and its subtypes. * UIProcess/WebAuthentication/Authenticator.h: * UIProcess/WebAuthentication/AuthenticatorManager.cpp: (WebKit::AuthenticatorManager::respondReceived): (WebKit::AuthenticatorManager::invokePendingCompletionHandler): * UIProcess/WebAuthentication/AuthenticatorManager.h: * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm: (WebKit::LocalAuthenticator::continueMakeCredentialAfterAttested): (WebKit::LocalAuthenticator::continueGetAssertionAfterUserConsented): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp: (WebKit::WebAuthenticatorCoordinatorProxy::handleRequest): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h: * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in: * UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp: (WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived const): (WebKit::CtapAuthenticator::continueGetAssertionAfterResponseReceived): * UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp: (WebKit::U2fAuthenticator::continueRegisterCommandAfterResponseReceived): (WebKit::U2fAuthenticator::continueSignCommandAfterResponseReceived): * WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp: Tools: * TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp: (TestWebKitAPI::TEST): Updates tests accordingly. Canonical link: https://commits.webkit.org/218334@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@253398 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-12-11 23:19:08 +00:00
}
[Cocoa] _WKAuthenticatorAssertionResponse should specify the attachment type used https://bugs.webkit.org/show_bug.cgi?id=225519 <rdar://problem/76554090> Source/WebCore: Patch by Garrett Davidson <garrett_davidson@apple.com> on 2021-06-02 Reviewed by Brent Fulgham. Allow WebAuthn authenticators to pass back their attachment type and continue plumbing through up to the authenticator coordinator. Covered by manual tests. * Modules/webauthn/AuthenticatorAssertionResponse.cpp: (WebCore::AuthenticatorAssertionResponse::create): (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse): * Modules/webauthn/AuthenticatorAssertionResponse.h: * Modules/webauthn/AuthenticatorAttestationResponse.cpp: (WebCore::AuthenticatorAttestationResponse::create): (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): * Modules/webauthn/AuthenticatorAttestationResponse.h: * Modules/webauthn/AuthenticatorCoordinator.cpp: (WebCore::AuthenticatorCoordinator::create const): (WebCore::AuthenticatorCoordinator::discoverFromExternalSource const): * Modules/webauthn/AuthenticatorCoordinatorClient.h: * Modules/webauthn/AuthenticatorResponse.cpp: (WebCore::AuthenticatorResponse::tryCreate): (WebCore::AuthenticatorResponse::attachment const): (WebCore::AuthenticatorResponse::AuthenticatorResponse): * Modules/webauthn/AuthenticatorResponse.h: * Modules/webauthn/fido/DeviceResponseConverter.cpp: (fido::readCTAPMakeCredentialResponse): (fido::readCTAPGetAssertionResponse): * Modules/webauthn/fido/DeviceResponseConverter.h: * Modules/webauthn/fido/U2fResponseConverter.cpp: (fido::readU2fRegisterResponse): (fido::readU2fSignResponse): * Modules/webauthn/fido/U2fResponseConverter.h: Source/WebKit: Patch by Garrett Davidson <garrett_davidson@apple.com> on 2021-06-02 Reviewed by Brent Fulgham. Have WebAuthn authenticators start passing back their attachment type, and plumb it up through to the calling process. * UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponse.mm: (-[_WKAuthenticatorAssertionResponse initWithClientDataJSON:rawId:extensions:authenticatorData:signature:userHandle:attachment:]): (-[_WKAuthenticatorAssertionResponse initWithClientDataJSON:rawId:extensions:authenticatorData:signature:userHandle:]): Deleted. * UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponseInternal.h: * UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponse.mm: (-[_WKAuthenticatorAttestationResponse initWithClientDataJSON:rawId:extensions:attestationObject:attachment:]): (-[_WKAuthenticatorAttestationResponse initWithClientDataJSON:rawId:extensions:attestationObject:]): Deleted. * UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponseInternal.h: * UIProcess/API/Cocoa/_WKAuthenticatorResponse.h: * UIProcess/API/Cocoa/_WKAuthenticatorResponse.mm: (-[_WKAuthenticatorResponse initWithClientDataJSON:rawId:extensions:attachment:]): (-[_WKAuthenticatorResponse initWithClientDataJSON:rawId:extensions:]): Deleted. * UIProcess/API/Cocoa/_WKAuthenticatorResponseInternal.h: * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm: (authenticatorAttachmentToWKAuthenticatorAttachment): (wkAuthenticatorAttestationResponse): (-[_WKWebAuthenticationPanel makeCredentialWithChallenge:origin:options:completionHandler:]): (wkAuthenticatorAssertionResponse): (-[_WKWebAuthenticationPanel getAssertionWithChallenge:origin:options:completionHandler:]): * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm: (WebKit::LocalAuthenticatorInternal::getExistingCredentials): (WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification): (WebKit::LocalAuthenticator::continueMakeCredentialAfterAttested): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp: (WebKit::WebAuthenticatorCoordinatorProxy::handleRequest): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h: * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in: * UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp: (WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived): (WebKit::CtapAuthenticator::continueGetAssertionAfterResponseReceived): (WebKit::CtapAuthenticator::continueGetNextAssertionAfterResponseReceived): * UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp: (WebKit::U2fAuthenticator::continueRegisterCommandAfterResponseReceived): (WebKit::U2fAuthenticator::continueSignCommandAfterResponseReceived): * WebAuthnProcess/WebAuthnConnectionToWebProcess.cpp: (WebKit::WebAuthnConnectionToWebProcess::handleRequest): * WebAuthnProcess/WebAuthnConnectionToWebProcess.h: * WebAuthnProcess/WebAuthnConnectionToWebProcess.messages.in: Tools: Patch by Garrett Davidson <davidson.garrettm@gmail.com> on 2021-06-02 Reviewed by Brent Fulgham. Update the CTAP tests to specify the new attachment parameter. All of these tests assume a cross platform authenticator. * TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp: (TestWebKitAPI::TEST): Canonical link: https://commits.webkit.org/238390@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@278358 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-06-02 16:42:27 +00:00
AuthenticatorAttestationResponse::AuthenticatorAttestationResponse(Ref<ArrayBuffer>&& rawId, Ref<ArrayBuffer>&& attestationObject, AuthenticatorAttachment attachment)
: AuthenticatorResponse(WTFMove(rawId), attachment)
[WebAuthn] Combine AuthenticatorResponse and PublicKeyCredentialData https://bugs.webkit.org/show_bug.cgi?id=190783 <rdar://problem/57781183> Reviewed by Brent Fulgham. Source/WebCore: This patch combines AuthenticatorResponse and PublicKeyCredentialData, and therefore renames PublicKeyCredentialData to AuthenticatorResponseData as well. The complexity of WebKit's CTAP implementation has reached the point that PublicKeyCredentialData is not appropriate to represent all the different type of responses from authenticators anymore. For example, authenticatorGetNextAssertion depends on the numberOfCredentials member from authenticatorGetAssertion response to function, but numberOfCredentials is not used anywhere else. Therefore, a polymorphic type is needed to represent different responses from authenticators instead of an uniform one, i.e., PublicKeyCredentialData. AuthenticatorResponse seems to be the best fit. However, there are some limitations: 1) it is a WebIDL interface, and therefore is RefCounted. RefCounted objects cannot be serialized through IPC. To solve this, AuthenticatorResponseData (PublicKeyCredentialData) is kept as an intermediate type that is only used during IPC. 2) it doesn't contain all the information from an actual authenticator response. To solve this, it has been enlarged to include all members from PublicKeyCredential. After this patch, PublicKeyCredential will be a thin wrapper on top of AuthenticatorResponse. Covered by existing tests. * CMakeLists.txt: * DerivedSources-input.xcfilelist: * DerivedSources-output.xcfilelist: * DerivedSources.make: * Headers.cmake: * Modules/webauthn/AuthenticationExtensionsClientOutputs.h: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl. * Modules/webauthn/AuthenticationExtensionsClientOutputs.idl: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl. This is separated from PublicKeyCredential such that AuthenticatorResponse can include it. * Modules/webauthn/AuthenticatorAssertionResponse.cpp: Added. (WebCore::AuthenticatorAssertionResponse::create): (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse): (WebCore::AuthenticatorAssertionResponse::data const): * Modules/webauthn/AuthenticatorAssertionResponse.h: (WebCore::AuthenticatorAssertionResponse::create): Deleted. (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse): Deleted. * Modules/webauthn/AuthenticatorAttestationResponse.cpp: Copied from Source/WebCore/Modules/webauthn/AuthenticatorAttestationResponse.h. (WebCore::AuthenticatorAttestationResponse::create): (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): (WebCore::AuthenticatorAttestationResponse::data const): * Modules/webauthn/AuthenticatorAttestationResponse.h: (WebCore::AuthenticatorAttestationResponse::create): Deleted. (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse): Deleted. * Modules/webauthn/AuthenticatorCoordinator.cpp: (WebCore::AuthenticatorCoordinator::create const): (WebCore::AuthenticatorCoordinator::discoverFromExternalSource const): * Modules/webauthn/AuthenticatorCoordinatorClient.h: * Modules/webauthn/AuthenticatorResponse.cpp: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.cpp. (WebCore::AuthenticatorResponse::tryCreate): (WebCore::AuthenticatorResponse::data const): (WebCore::AuthenticatorResponse::extensions const): (WebCore::AuthenticatorResponse::setClientDataJSON): (WebCore::AuthenticatorResponse::clientDataJSON const): (WebCore::AuthenticatorResponse::AuthenticatorResponse): * Modules/webauthn/AuthenticatorResponse.h: (WebCore::AuthenticatorResponse::rawId const): (WebCore::AuthenticatorResponse::setExtensions): (WebCore::AuthenticatorResponse::AuthenticatorResponse): Deleted. (WebCore::AuthenticatorResponse::clientDataJSON const): Deleted. * Modules/webauthn/AuthenticatorResponseData.h: Renamed from Source/WebCore/Modules/webauthn/PublicKeyCredentialData.h. (WebCore::AuthenticatorResponseData::encode const): (WebCore::AuthenticatorResponseData::decode): * Modules/webauthn/PublicKeyCredential.cpp: (WebCore::PublicKeyCredential::create): (WebCore::PublicKeyCredential::rawId const): (WebCore::PublicKeyCredential::getClientExtensionResults const): (WebCore::PublicKeyCredential::PublicKeyCredential): (WebCore::PublicKeyCredential::tryCreate): Deleted. * Modules/webauthn/PublicKeyCredential.h: * Modules/webauthn/PublicKeyCredential.idl: * Modules/webauthn/fido/DeviceResponseConverter.cpp: (fido::readCTAPMakeCredentialResponse): (fido::readCTAPGetAssertionResponse): * Modules/webauthn/fido/DeviceResponseConverter.h: A more appropriate derived type of AuthenticatorResponse is used to replace PublicKeyCredentialData. * Modules/webauthn/fido/U2fResponseConverter.cpp: (fido::readU2fRegisterResponse): (fido::readU2fSignResponse): * Modules/webauthn/fido/U2fResponseConverter.h: A more appropriate derived type of AuthenticatorResponse is used to replace PublicKeyCredentialData. * Sources.txt: * WebCore.xcodeproj/project.pbxproj: Source/WebKit: Code in WebKit are changed to use AuthenticatorResponse and its subtypes. * UIProcess/WebAuthentication/Authenticator.h: * UIProcess/WebAuthentication/AuthenticatorManager.cpp: (WebKit::AuthenticatorManager::respondReceived): (WebKit::AuthenticatorManager::invokePendingCompletionHandler): * UIProcess/WebAuthentication/AuthenticatorManager.h: * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm: (WebKit::LocalAuthenticator::continueMakeCredentialAfterAttested): (WebKit::LocalAuthenticator::continueGetAssertionAfterUserConsented): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp: (WebKit::WebAuthenticatorCoordinatorProxy::handleRequest): * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h: * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in: * UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp: (WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived const): (WebKit::CtapAuthenticator::continueGetAssertionAfterResponseReceived): * UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp: (WebKit::U2fAuthenticator::continueRegisterCommandAfterResponseReceived): (WebKit::U2fAuthenticator::continueSignCommandAfterResponseReceived): * WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp: Tools: * TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp: (TestWebKitAPI::TEST): Updates tests accordingly. Canonical link: https://commits.webkit.org/218334@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@253398 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-12-11 23:19:08 +00:00
, m_attestationObject(WTFMove(attestationObject))
{
}
AuthenticatorResponseData AuthenticatorAttestationResponse::data() const
{
auto data = AuthenticatorResponse::data();
data.isAuthenticatorAttestationResponse = true;
data.attestationObject = m_attestationObject.copyRef();
return data;
}
} // namespace WebCore
#endif // ENABLE(WEB_AUTHN)