Diff
Modified: trunk/Source/WebCore/ChangeLog (278357 => 278358)
--- trunk/Source/WebCore/ChangeLog 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebCore/ChangeLog 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,3 +1,42 @@
+2021-06-02 Garrett Davidson <garrett_david...@apple.com>
+
+ [Cocoa] _WKAuthenticatorAssertionResponse should specify the attachment type used
+ https://bugs.webkit.org/show_bug.cgi?id=225519
+ <rdar://problem/76554090>
+
+ Reviewed by Brent Fulgham.
+
+ Allow WebAuthn authenticators to pass back their attachment type and continue
+ plumbing through up to the authenticator coordinator.
+
+ Covered by manual tests.
+
+ * Modules/webauthn/AuthenticatorAssertionResponse.cpp:
+ (WebCore::AuthenticatorAssertionResponse::create):
+ (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse):
+ * Modules/webauthn/AuthenticatorAssertionResponse.h:
+ * Modules/webauthn/AuthenticatorAttestationResponse.cpp:
+ (WebCore::AuthenticatorAttestationResponse::create):
+ (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse):
+ * Modules/webauthn/AuthenticatorAttestationResponse.h:
+ * Modules/webauthn/AuthenticatorCoordinator.cpp:
+ (WebCore::AuthenticatorCoordinator::create const):
+ (WebCore::AuthenticatorCoordinator::discoverFromExternalSource const):
+ * Modules/webauthn/AuthenticatorCoordinatorClient.h:
+ * Modules/webauthn/AuthenticatorResponse.cpp:
+ (WebCore::AuthenticatorResponse::tryCreate):
+ (WebCore::AuthenticatorResponse::attachment const):
+ (WebCore::AuthenticatorResponse::AuthenticatorResponse):
+ * Modules/webauthn/AuthenticatorResponse.h:
+ * Modules/webauthn/fido/DeviceResponseConverter.cpp:
+ (fido::readCTAPMakeCredentialResponse):
+ (fido::readCTAPGetAssertionResponse):
+ * Modules/webauthn/fido/DeviceResponseConverter.h:
+ * Modules/webauthn/fido/U2fResponseConverter.cpp:
+ (fido::readU2fRegisterResponse):
+ (fido::readU2fSignResponse):
+ * Modules/webauthn/fido/U2fResponseConverter.h:
+
2021-06-02 Youenn Fablet <you...@apple.com>
Reduce logging in MediaElementSession::playbackStateChangePermitted
Modified: trunk/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.cpp (278357 => 278358)
--- trunk/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.cpp 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.cpp 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2019 Apple Inc. All rights reserved.
+ * Copyright (C) 2019-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -32,25 +32,25 @@
namespace WebCore {
-Ref<AuthenticatorAssertionResponse> AuthenticatorAssertionResponse::create(Ref<ArrayBuffer>&& rawId, Ref<ArrayBuffer>&& authenticatorData, Ref<ArrayBuffer>&& signature, RefPtr<ArrayBuffer>&& userHandle, std::optional<AuthenticationExtensionsClientOutputs>&& extensions)
+Ref<AuthenticatorAssertionResponse> AuthenticatorAssertionResponse::create(Ref<ArrayBuffer>&& rawId, Ref<ArrayBuffer>&& authenticatorData, Ref<ArrayBuffer>&& signature, RefPtr<ArrayBuffer>&& userHandle, std::optional<AuthenticationExtensionsClientOutputs>&& extensions, AuthenticatorAttachment attachment)
{
- auto response = adoptRef(*new AuthenticatorAssertionResponse(WTFMove(rawId), WTFMove(authenticatorData), WTFMove(signature), WTFMove(userHandle)));
+ auto response = adoptRef(*new AuthenticatorAssertionResponse(WTFMove(rawId), WTFMove(authenticatorData), WTFMove(signature), WTFMove(userHandle), attachment));
if (extensions)
response->setExtensions(WTFMove(*extensions));
return response;
}
-Ref<AuthenticatorAssertionResponse> AuthenticatorAssertionResponse::create(const Vector<uint8_t>& rawId, const Vector<uint8_t>& authenticatorData, const Vector<uint8_t>& signature, const Vector<uint8_t>& userHandle)
+Ref<AuthenticatorAssertionResponse> AuthenticatorAssertionResponse::create(const Vector<uint8_t>& rawId, const Vector<uint8_t>& authenticatorData, const Vector<uint8_t>& signature, const Vector<uint8_t>& userHandle, AuthenticatorAttachment attachment)
{
RefPtr<ArrayBuffer> userhandleBuffer;
if (!userHandle.isEmpty())
userhandleBuffer = ArrayBuffer::create(userHandle.data(), userHandle.size());
- return create(ArrayBuffer::create(rawId.data(), rawId.size()), ArrayBuffer::create(authenticatorData.data(), authenticatorData.size()), ArrayBuffer::create(signature.data(), signature.size()), WTFMove(userhandleBuffer), std::nullopt);
+ return create(ArrayBuffer::create(rawId.data(), rawId.size()), ArrayBuffer::create(authenticatorData.data(), authenticatorData.size()), ArrayBuffer::create(signature.data(), signature.size()), WTFMove(userhandleBuffer), std::nullopt, attachment);
}
-Ref<AuthenticatorAssertionResponse> AuthenticatorAssertionResponse::create(Ref<ArrayBuffer>&& rawId, Ref<ArrayBuffer>&& userHandle, String&& name, SecAccessControlRef accessControl)
+Ref<AuthenticatorAssertionResponse> AuthenticatorAssertionResponse::create(Ref<ArrayBuffer>&& rawId, Ref<ArrayBuffer>&& userHandle, String&& name, SecAccessControlRef accessControl, AuthenticatorAttachment attachment)
{
- return adoptRef(*new AuthenticatorAssertionResponse(WTFMove(rawId), WTFMove(userHandle), WTFMove(name), accessControl));
+ return adoptRef(*new AuthenticatorAssertionResponse(WTFMove(rawId), WTFMove(userHandle), WTFMove(name), accessControl, attachment));
}
void AuthenticatorAssertionResponse::setAuthenticatorData(Vector<uint8_t>&& authenticatorData)
@@ -58,8 +58,8 @@
m_authenticatorData = ArrayBuffer::create(authenticatorData.data(), authenticatorData.size());
}
-AuthenticatorAssertionResponse::AuthenticatorAssertionResponse(Ref<ArrayBuffer>&& rawId, Ref<ArrayBuffer>&& authenticatorData, Ref<ArrayBuffer>&& signature, RefPtr<ArrayBuffer>&& userHandle)
- : AuthenticatorResponse(WTFMove(rawId))
+AuthenticatorAssertionResponse::AuthenticatorAssertionResponse(Ref<ArrayBuffer>&& rawId, Ref<ArrayBuffer>&& authenticatorData, Ref<ArrayBuffer>&& signature, RefPtr<ArrayBuffer>&& userHandle, AuthenticatorAttachment attachment)
+ : AuthenticatorResponse(WTFMove(rawId), attachment)
, m_authenticatorData(WTFMove(authenticatorData))
, m_signature(WTFMove(signature))
, m_userHandle(WTFMove(userHandle))
@@ -66,8 +66,8 @@
{
}
-AuthenticatorAssertionResponse::AuthenticatorAssertionResponse(Ref<ArrayBuffer>&& rawId, Ref<ArrayBuffer>&& userHandle, String&& name, SecAccessControlRef accessControl)
- : AuthenticatorResponse(WTFMove(rawId))
+AuthenticatorAssertionResponse::AuthenticatorAssertionResponse(Ref<ArrayBuffer>&& rawId, Ref<ArrayBuffer>&& userHandle, String&& name, SecAccessControlRef accessControl, AuthenticatorAttachment attachment)
+ : AuthenticatorResponse(WTFMove(rawId), attachment)
, m_userHandle(WTFMove(userHandle))
, m_name(WTFMove(name))
, m_accessControl(accessControl)
Modified: trunk/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.h (278357 => 278358)
--- trunk/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.h 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebCore/Modules/webauthn/AuthenticatorAssertionResponse.h 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2018-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -37,9 +37,9 @@
class AuthenticatorAssertionResponse : public AuthenticatorResponse {
public:
- static Ref<AuthenticatorAssertionResponse> create(Ref<ArrayBuffer>&& rawId, Ref<ArrayBuffer>&& authenticatorData, Ref<ArrayBuffer>&& signature, RefPtr<ArrayBuffer>&& userHandle, std::optional<AuthenticationExtensionsClientOutputs>&&);
- WEBCORE_EXPORT static Ref<AuthenticatorAssertionResponse> create(const Vector<uint8_t>& rawId, const Vector<uint8_t>& authenticatorData, const Vector<uint8_t>& signature, const Vector<uint8_t>& userHandle);
- WEBCORE_EXPORT static Ref<AuthenticatorAssertionResponse> create(Ref<ArrayBuffer>&& rawId, Ref<ArrayBuffer>&& userHandle, String&& name, SecAccessControlRef);
+ static Ref<AuthenticatorAssertionResponse> create(Ref<ArrayBuffer>&& rawId, Ref<ArrayBuffer>&& authenticatorData, Ref<ArrayBuffer>&& signature, RefPtr<ArrayBuffer>&& userHandle, std::optional<AuthenticationExtensionsClientOutputs>&&, AuthenticatorAttachment);
+ WEBCORE_EXPORT static Ref<AuthenticatorAssertionResponse> create(const Vector<uint8_t>& rawId, const Vector<uint8_t>& authenticatorData, const Vector<uint8_t>& signature, const Vector<uint8_t>& userHandle, AuthenticatorAttachment);
+ WEBCORE_EXPORT static Ref<AuthenticatorAssertionResponse> create(Ref<ArrayBuffer>&& rawId, Ref<ArrayBuffer>&& userHandle, String&& name, SecAccessControlRef, AuthenticatorAttachment);
virtual ~AuthenticatorAssertionResponse() = default;
ArrayBuffer* authenticatorData() const { return m_authenticatorData.get(); }
@@ -59,8 +59,8 @@
void setLAContext(LAContext *context) { m_laContext = context; }
private:
- AuthenticatorAssertionResponse(Ref<ArrayBuffer>&&, Ref<ArrayBuffer>&&, Ref<ArrayBuffer>&&, RefPtr<ArrayBuffer>&&);
- AuthenticatorAssertionResponse(Ref<ArrayBuffer>&&, Ref<ArrayBuffer>&&, String&&, SecAccessControlRef);
+ AuthenticatorAssertionResponse(Ref<ArrayBuffer>&&, Ref<ArrayBuffer>&&, Ref<ArrayBuffer>&&, RefPtr<ArrayBuffer>&&, AuthenticatorAttachment);
+ AuthenticatorAssertionResponse(Ref<ArrayBuffer>&&, Ref<ArrayBuffer>&&, String&&, SecAccessControlRef, AuthenticatorAttachment);
Type type() const final { return Type::Assertion; }
AuthenticatorResponseData data() const final;
Modified: trunk/Source/WebCore/Modules/webauthn/AuthenticatorAttestationResponse.cpp (278357 => 278358)
--- trunk/Source/WebCore/Modules/webauthn/AuthenticatorAttestationResponse.cpp 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebCore/Modules/webauthn/AuthenticatorAttestationResponse.cpp 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2019 Apple Inc. All rights reserved.
+ * Copyright (C) 2019-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -32,18 +32,18 @@
namespace WebCore {
-Ref<AuthenticatorAttestationResponse> AuthenticatorAttestationResponse::create(Ref<ArrayBuffer>&& rawId, Ref<ArrayBuffer>&& attestationObject)
+Ref<AuthenticatorAttestationResponse> AuthenticatorAttestationResponse::create(Ref<ArrayBuffer>&& rawId, Ref<ArrayBuffer>&& attestationObject, AuthenticatorAttachment attachment)
{
- return adoptRef(*new AuthenticatorAttestationResponse(WTFMove(rawId), WTFMove(attestationObject)));
+ return adoptRef(*new AuthenticatorAttestationResponse(WTFMove(rawId), WTFMove(attestationObject), attachment));
}
-Ref<AuthenticatorAttestationResponse> AuthenticatorAttestationResponse::create(const Vector<uint8_t>& rawId, const Vector<uint8_t>& attestationObject)
+Ref<AuthenticatorAttestationResponse> AuthenticatorAttestationResponse::create(const Vector<uint8_t>& rawId, const Vector<uint8_t>& attestationObject, AuthenticatorAttachment attachment)
{
- return create(ArrayBuffer::create(rawId.data(), rawId.size()), ArrayBuffer::create(attestationObject.data(), attestationObject.size()));
+ return create(ArrayBuffer::create(rawId.data(), rawId.size()), ArrayBuffer::create(attestationObject.data(), attestationObject.size()), attachment);
}
-AuthenticatorAttestationResponse::AuthenticatorAttestationResponse(Ref<ArrayBuffer>&& rawId, Ref<ArrayBuffer>&& attestationObject)
- : AuthenticatorResponse(WTFMove(rawId))
+AuthenticatorAttestationResponse::AuthenticatorAttestationResponse(Ref<ArrayBuffer>&& rawId, Ref<ArrayBuffer>&& attestationObject, AuthenticatorAttachment attachment)
+ : AuthenticatorResponse(WTFMove(rawId), attachment)
, m_attestationObject(WTFMove(attestationObject))
{
}
Modified: trunk/Source/WebCore/Modules/webauthn/AuthenticatorAttestationResponse.h (278357 => 278358)
--- trunk/Source/WebCore/Modules/webauthn/AuthenticatorAttestationResponse.h 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebCore/Modules/webauthn/AuthenticatorAttestationResponse.h 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2018-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -33,8 +33,8 @@
class AuthenticatorAttestationResponse : public AuthenticatorResponse {
public:
- static Ref<AuthenticatorAttestationResponse> create(Ref<ArrayBuffer>&& rawId, Ref<ArrayBuffer>&& attestationObject);
- WEBCORE_EXPORT static Ref<AuthenticatorAttestationResponse> create(const Vector<uint8_t>& rawId, const Vector<uint8_t>& attestationObject);
+ static Ref<AuthenticatorAttestationResponse> create(Ref<ArrayBuffer>&& rawId, Ref<ArrayBuffer>&& attestationObject, AuthenticatorAttachment);
+ WEBCORE_EXPORT static Ref<AuthenticatorAttestationResponse> create(const Vector<uint8_t>& rawId, const Vector<uint8_t>& attestationObject, AuthenticatorAttachment);
virtual ~AuthenticatorAttestationResponse() = default;
@@ -41,7 +41,7 @@
ArrayBuffer* attestationObject() const { return m_attestationObject.ptr(); }
private:
- AuthenticatorAttestationResponse(Ref<ArrayBuffer>&&, Ref<ArrayBuffer>&&);
+ AuthenticatorAttestationResponse(Ref<ArrayBuffer>&&, Ref<ArrayBuffer>&&, AuthenticatorAttachment);
Type type() const final { return Type::Attestation; }
AuthenticatorResponseData data() const final;
Modified: trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp (278357 => 278358)
--- trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2018-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -185,13 +185,13 @@
return;
}
- auto callback = [clientDataJson = WTFMove(clientDataJson), promise = WTFMove(promise), abortSignal = WTFMove(abortSignal)] (AuthenticatorResponseData&& data, ExceptionData&& exception) mutable {
+ auto callback = [clientDataJson = WTFMove(clientDataJson), promise = WTFMove(promise), abortSignal = WTFMove(abortSignal)] (AuthenticatorResponseData&& data, AuthenticatorAttachment attachment, ExceptionData&& exception) mutable {
if (abortSignal && abortSignal->aborted()) {
promise.reject(Exception { AbortError, "Aborted by AbortSignal."_s });
return;
}
- if (auto response = AuthenticatorResponse::tryCreate(WTFMove(data))) {
+ if (auto response = AuthenticatorResponse::tryCreate(WTFMove(data), attachment)) {
response->setClientDataJSON(WTFMove(clientDataJson));
promise.resolve(PublicKeyCredential::create(response.releaseNonNull()).ptr());
return;
@@ -256,13 +256,13 @@
return;
}
- auto callback = [clientDataJson = WTFMove(clientDataJson), promise = WTFMove(promise), abortSignal = WTFMove(abortSignal)] (AuthenticatorResponseData&& data, ExceptionData&& exception) mutable {
+ auto callback = [clientDataJson = WTFMove(clientDataJson), promise = WTFMove(promise), abortSignal = WTFMove(abortSignal)] (AuthenticatorResponseData&& data, AuthenticatorAttachment attachment, ExceptionData&& exception) mutable {
if (abortSignal && abortSignal->aborted()) {
promise.reject(Exception { AbortError, "Aborted by AbortSignal."_s });
return;
}
- if (auto response = AuthenticatorResponse::tryCreate(WTFMove(data))) {
+ if (auto response = AuthenticatorResponse::tryCreate(WTFMove(data), attachment)) {
response->setClientDataJSON(WTFMove(clientDataJson));
promise.resolve(PublicKeyCredential::create(response.releaseNonNull()).ptr());
return;
Modified: trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinatorClient.h (278357 => 278358)
--- trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinatorClient.h 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebCore/Modules/webauthn/AuthenticatorCoordinatorClient.h 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2018-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -37,11 +37,13 @@
class Frame;
class SecurityOrigin;
+enum class AuthenticatorAttachment;
+
struct AuthenticatorResponseData;
struct PublicKeyCredentialCreationOptions;
struct PublicKeyCredentialRequestOptions;
-using RequestCompletionHandler = CompletionHandler<void(WebCore::AuthenticatorResponseData&&, WebCore::ExceptionData&&)>;
+using RequestCompletionHandler = CompletionHandler<void(WebCore::AuthenticatorResponseData&&, WebCore::AuthenticatorAttachment, WebCore::ExceptionData&&)>;
using QueryCompletionHandler = CompletionHandler<void(bool)>;
class WEBCORE_EXPORT AuthenticatorCoordinatorClient : public CanMakeWeakPtr<AuthenticatorCoordinatorClient> {
Modified: trunk/Source/WebCore/Modules/webauthn/AuthenticatorResponse.cpp (278357 => 278358)
--- trunk/Source/WebCore/Modules/webauthn/AuthenticatorResponse.cpp 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebCore/Modules/webauthn/AuthenticatorResponse.cpp 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2019 Apple Inc. All rights reserved.
+ * Copyright (C) 2019-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -34,7 +34,7 @@
namespace WebCore {
-RefPtr<AuthenticatorResponse> AuthenticatorResponse::tryCreate(AuthenticatorResponseData&& data)
+RefPtr<AuthenticatorResponse> AuthenticatorResponse::tryCreate(AuthenticatorResponseData&& data, AuthenticatorAttachment attachment)
{
if (!data.rawId)
return nullptr;
@@ -43,13 +43,13 @@
if (!data.attestationObject)
return nullptr;
- return AuthenticatorAttestationResponse::create(data.rawId.releaseNonNull(), data.attestationObject.releaseNonNull());
+ return AuthenticatorAttestationResponse::create(data.rawId.releaseNonNull(), data.attestationObject.releaseNonNull(), attachment);
}
if (!data.authenticatorData || !data.signature)
return nullptr;
- return AuthenticatorAssertionResponse::create(data.rawId.releaseNonNull(), data.authenticatorData.releaseNonNull(), data.signature.releaseNonNull(), WTFMove(data.userHandle), AuthenticationExtensionsClientOutputs { data.appid });
+ return AuthenticatorAssertionResponse::create(data.rawId.releaseNonNull(), data.authenticatorData.releaseNonNull(), data.signature.releaseNonNull(), WTFMove(data.userHandle), AuthenticationExtensionsClientOutputs { data.appid }, attachment);
}
AuthenticatorResponseData AuthenticatorResponse::data() const
@@ -85,8 +85,14 @@
return m_clientDataJSON.get();
}
-AuthenticatorResponse::AuthenticatorResponse(Ref<ArrayBuffer>&& rawId)
+AuthenticatorAttachment AuthenticatorResponse::attachment() const
+{
+ return m_attachment;
+}
+
+AuthenticatorResponse::AuthenticatorResponse(Ref<ArrayBuffer>&& rawId, AuthenticatorAttachment attachment)
: m_rawId(WTFMove(rawId))
+ , m_attachment(attachment)
{
}
Modified: trunk/Source/WebCore/Modules/webauthn/AuthenticatorResponse.h (278357 => 278358)
--- trunk/Source/WebCore/Modules/webauthn/AuthenticatorResponse.h 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebCore/Modules/webauthn/AuthenticatorResponse.h 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2019 Apple Inc. All rights reserved.
+ * Copyright (C) 2019-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -34,6 +34,8 @@
namespace WebCore {
+enum class AuthenticatorAttachment;
+
struct AuthenticatorResponseData;
class AuthenticatorResponse : public RefCounted<AuthenticatorResponse> {
@@ -43,7 +45,7 @@
Attestation
};
- static RefPtr<AuthenticatorResponse> tryCreate(AuthenticatorResponseData&&);
+ static RefPtr<AuthenticatorResponse> tryCreate(AuthenticatorResponseData&&, AuthenticatorAttachment);
virtual ~AuthenticatorResponse() = default;
virtual Type type() const = 0;
@@ -54,14 +56,16 @@
AuthenticationExtensionsClientOutputs extensions() const;
void setClientDataJSON(Ref<ArrayBuffer>&&);
ArrayBuffer* clientDataJSON() const;
+ WEBCORE_EXPORT AuthenticatorAttachment attachment() const;
protected:
- AuthenticatorResponse(Ref<ArrayBuffer>&&);
+ AuthenticatorResponse(Ref<ArrayBuffer>&&, AuthenticatorAttachment);
private:
Ref<ArrayBuffer> m_rawId;
AuthenticationExtensionsClientOutputs m_extensions;
RefPtr<ArrayBuffer> m_clientDataJSON;
+ AuthenticatorAttachment m_attachment;
};
} // namespace WebCore
Modified: trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h (278357 => 278358)
--- trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h 2021-06-02 16:42:27 UTC (rev 278358)
@@ -28,7 +28,6 @@
#if ENABLE(WEB_AUTHN)
#include "AttestationConveyancePreference.h"
#include "AuthenticationExtensionsClientInputs.h"
-#include "AuthenticatorAttachment.h"
#include "BufferSource.h"
#include "PublicKeyCredentialDescriptor.h"
#include "PublicKeyCredentialType.h"
@@ -38,6 +37,8 @@
namespace WebCore {
+enum class AuthenticatorAttachment;
+
struct PublicKeyCredentialCreationOptions {
#if ENABLE(WEB_AUTHN)
struct Entity {
Modified: trunk/Source/WebCore/Modules/webauthn/fido/DeviceResponseConverter.cpp (278357 => 278358)
--- trunk/Source/WebCore/Modules/webauthn/fido/DeviceResponseConverter.cpp 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebCore/Modules/webauthn/fido/DeviceResponseConverter.cpp 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
// Copyright 2018 The Chromium Authors. All rights reserved.
-// Copyright (C) 2018 Apple Inc. All rights reserved.
+// Copyright (C) 2018-2021 Apple Inc. All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
@@ -95,7 +95,7 @@
// Decodes byte array response from authenticator to CBOR value object and
// checks for correct encoding format.
-RefPtr<AuthenticatorAttestationResponse> readCTAPMakeCredentialResponse(const Vector<uint8_t>& inBuffer, const AttestationConveyancePreference& attestation)
+RefPtr<AuthenticatorAttestationResponse> readCTAPMakeCredentialResponse(const Vector<uint8_t>& inBuffer, WebCore::AuthenticatorAttachment attachment, const AttestationConveyancePreference& attestation)
{
auto decodedMap = decodeResponseMap(inBuffer);
if (!decodedMap)
@@ -135,10 +135,10 @@
attestationObject = cbor::CBORWriter::write(CBOR(WTFMove(attestationObjectMap)));
}
- return AuthenticatorAttestationResponse::create(credentialId, *attestationObject);
+ return AuthenticatorAttestationResponse::create(credentialId, *attestationObject, attachment);
}
-RefPtr<AuthenticatorAssertionResponse> readCTAPGetAssertionResponse(const Vector<uint8_t>& inBuffer)
+RefPtr<AuthenticatorAssertionResponse> readCTAPGetAssertionResponse(const Vector<uint8_t>& inBuffer, WebCore::AuthenticatorAttachment attachment)
{
auto decodedMap = decodeResponseMap(inBuffer);
if (!decodedMap)
@@ -172,7 +172,7 @@
if (itr == user.end() || !itr->second.isByteString())
return nullptr;
auto& userHandle = itr->second.getByteString();
- response = AuthenticatorAssertionResponse::create(credentialId, authData, signature, userHandle);
+ response = AuthenticatorAssertionResponse::create(credentialId, authData, signature, userHandle, attachment);
itr = user.find(CBOR(kEntityNameMapKey));
if (itr != user.end()) {
@@ -188,7 +188,7 @@
response->setDisplayName(itr->second.getString());
}
} else {
- response = AuthenticatorAssertionResponse::create(credentialId, authData, signature, { });
+ response = AuthenticatorAssertionResponse::create(credentialId, authData, signature, { }, attachment);
}
it = responseMap.find(CBOR(5));
Modified: trunk/Source/WebCore/Modules/webauthn/fido/DeviceResponseConverter.h (278357 => 278358)
--- trunk/Source/WebCore/Modules/webauthn/fido/DeviceResponseConverter.h 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebCore/Modules/webauthn/fido/DeviceResponseConverter.h 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
// Copyright 2018 The Chromium Authors. All rights reserved.
-// Copyright (C) 2018 Apple Inc. All rights reserved.
+// Copyright (C) 2018-2021 Apple Inc. All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
@@ -52,12 +52,12 @@
// and converts response to AuthenticatorMakeCredentialResponse object with
// CBOR map keys that conform to format of attestation object defined by the
// WebAuthN spec : https://w3c.github.io/webauthn/#fig-attStructs
-WEBCORE_EXPORT RefPtr<WebCore::AuthenticatorAttestationResponse> readCTAPMakeCredentialResponse(const Vector<uint8_t>&, const WebCore::AttestationConveyancePreference& attestation = WebCore::AttestationConveyancePreference::Direct);
+WEBCORE_EXPORT RefPtr<WebCore::AuthenticatorAttestationResponse> readCTAPMakeCredentialResponse(const Vector<uint8_t>&, WebCore::AuthenticatorAttachment, const WebCore::AttestationConveyancePreference& = WebCore::AttestationConveyancePreference::Direct);
// De-serializes CBOR encoded response to AuthenticatorGetAssertion /
// AuthenticatorGetNextAssertion request to AuthenticatorGetAssertionResponse
// object.
-WEBCORE_EXPORT RefPtr<WebCore::AuthenticatorAssertionResponse> readCTAPGetAssertionResponse(const Vector<uint8_t>&);
+WEBCORE_EXPORT RefPtr<WebCore::AuthenticatorAssertionResponse> readCTAPGetAssertionResponse(const Vector<uint8_t>&, WebCore::AuthenticatorAttachment);
// De-serializes CBOR encoded response to AuthenticatorGetInfo request to
// AuthenticatorGetInfoResponse object.
Modified: trunk/Source/WebCore/Modules/webauthn/fido/U2fResponseConverter.cpp (278357 => 278358)
--- trunk/Source/WebCore/Modules/webauthn/fido/U2fResponseConverter.cpp 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebCore/Modules/webauthn/fido/U2fResponseConverter.cpp 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
// Copyright 2018 The Chromium Authors. All rights reserved.
-// Copyright (C) 2019 Apple Inc. All rights reserved.
+// Copyright (C) 2019-2021 Apple Inc. All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
@@ -137,7 +137,7 @@
} // namespace
-RefPtr<AuthenticatorAttestationResponse> readU2fRegisterResponse(const String& rpId, const Vector<uint8_t>& u2fData, const AttestationConveyancePreference& attestation)
+RefPtr<AuthenticatorAttestationResponse> readU2fRegisterResponse(const String& rpId, const Vector<uint8_t>& u2fData, AuthenticatorAttachment attachment, const AttestationConveyancePreference& attestation)
{
auto publicKey = extractECPublicKeyFromU2fRegistrationResponse(u2fData);
if (publicKey.isEmpty())
@@ -160,10 +160,10 @@
auto attestationObject = buildAttestationObject(WTFMove(authData), "fido-u2f", WTFMove(fidoAttestationStatement), attestation);
- return AuthenticatorAttestationResponse::create(credentialId, attestationObject);
+ return AuthenticatorAttestationResponse::create(credentialId, attestationObject, attachment);
}
-RefPtr<AuthenticatorAssertionResponse> readU2fSignResponse(const String& rpId, const Vector<uint8_t>& keyHandle, const Vector<uint8_t>& u2fData)
+RefPtr<AuthenticatorAssertionResponse> readU2fSignResponse(const String& rpId, const Vector<uint8_t>& keyHandle, const Vector<uint8_t>& u2fData, AuthenticatorAttachment attachment)
{
if (keyHandle.isEmpty() || u2fData.size() <= signatureIndex)
return nullptr;
@@ -178,7 +178,7 @@
// FIXME: Find a way to remove the need of constructing a vector here.
Vector<uint8_t> signature { u2fData.data() + signatureIndex, u2fData.size() - signatureIndex };
- return AuthenticatorAssertionResponse::create(keyHandle, authData, signature, { });
+ return AuthenticatorAssertionResponse::create(keyHandle, authData, signature, { }, attachment);
}
} // namespace fido
Modified: trunk/Source/WebCore/Modules/webauthn/fido/U2fResponseConverter.h (278357 => 278358)
--- trunk/Source/WebCore/Modules/webauthn/fido/U2fResponseConverter.h 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebCore/Modules/webauthn/fido/U2fResponseConverter.h 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
// Copyright 2018 The Chromium Authors. All rights reserved.
-// Copyright (C) 2019 Apple Inc. All rights reserved.
+// Copyright (C) 2019-2021 Apple Inc. All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
@@ -40,11 +40,11 @@
// Converts a U2F register response to WebAuthN makeCredential response.
// https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html#u2f-authenticatorMakeCredential-interoperability
-WEBCORE_EXPORT RefPtr<WebCore::AuthenticatorAttestationResponse> readU2fRegisterResponse(const String& rpId, const Vector<uint8_t>& u2fData, const WebCore::AttestationConveyancePreference& attestation = WebCore::AttestationConveyancePreference::Direct);
+WEBCORE_EXPORT RefPtr<WebCore::AuthenticatorAttestationResponse> readU2fRegisterResponse(const String& rpId, const Vector<uint8_t>& u2fData, WebCore::AuthenticatorAttachment, const WebCore::AttestationConveyancePreference& = WebCore::AttestationConveyancePreference::Direct);
// Converts a U2F authentication response to WebAuthN getAssertion response.
// https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html#u2f-authenticatorGetAssertion-interoperability
-WEBCORE_EXPORT RefPtr<WebCore::AuthenticatorAssertionResponse> readU2fSignResponse(const String& rpId, const Vector<uint8_t>& keyHandle, const Vector<uint8_t>& u2fData);
+WEBCORE_EXPORT RefPtr<WebCore::AuthenticatorAssertionResponse> readU2fSignResponse(const String& rpId, const Vector<uint8_t>& keyHandle, const Vector<uint8_t>& u2fData, WebCore::AuthenticatorAttachment);
} // namespace fido
Modified: trunk/Source/WebKit/ChangeLog (278357 => 278358)
--- trunk/Source/WebKit/ChangeLog 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebKit/ChangeLog 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,3 +1,53 @@
+2021-06-02 Garrett Davidson <garrett_david...@apple.com>
+
+ [Cocoa] _WKAuthenticatorAssertionResponse should specify the attachment type used
+ https://bugs.webkit.org/show_bug.cgi?id=225519
+ <rdar://problem/76554090>
+
+ Reviewed by Brent Fulgham.
+
+ Have WebAuthn authenticators start passing back their attachment type, and plumb
+ it up through to the calling process.
+
+ * UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponse.mm:
+ (-[_WKAuthenticatorAssertionResponse initWithClientDataJSON:rawId:extensions:authenticatorData:signature:userHandle:attachment:]):
+ (-[_WKAuthenticatorAssertionResponse initWithClientDataJSON:rawId:extensions:authenticatorData:signature:userHandle:]): Deleted.
+ * UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponseInternal.h:
+ * UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponse.mm:
+ (-[_WKAuthenticatorAttestationResponse initWithClientDataJSON:rawId:extensions:attestationObject:attachment:]):
+ (-[_WKAuthenticatorAttestationResponse initWithClientDataJSON:rawId:extensions:attestationObject:]): Deleted.
+ * UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponseInternal.h:
+ * UIProcess/API/Cocoa/_WKAuthenticatorResponse.h:
+ * UIProcess/API/Cocoa/_WKAuthenticatorResponse.mm:
+ (-[_WKAuthenticatorResponse initWithClientDataJSON:rawId:extensions:attachment:]):
+ (-[_WKAuthenticatorResponse initWithClientDataJSON:rawId:extensions:]): Deleted.
+ * UIProcess/API/Cocoa/_WKAuthenticatorResponseInternal.h:
+ * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
+ (authenticatorAttachmentToWKAuthenticatorAttachment):
+ (wkAuthenticatorAttestationResponse):
+ (-[_WKWebAuthenticationPanel makeCredentialWithChallenge:origin:options:completionHandler:]):
+ (wkAuthenticatorAssertionResponse):
+ (-[_WKWebAuthenticationPanel getAssertionWithChallenge:origin:options:completionHandler:]):
+ * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
+ (WebKit::LocalAuthenticatorInternal::getExistingCredentials):
+ (WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification):
+ (WebKit::LocalAuthenticator::continueMakeCredentialAfterAttested):
+ * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp:
+ (WebKit::WebAuthenticatorCoordinatorProxy::handleRequest):
+ * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h:
+ * UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in:
+ * UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp:
+ (WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived):
+ (WebKit::CtapAuthenticator::continueGetAssertionAfterResponseReceived):
+ (WebKit::CtapAuthenticator::continueGetNextAssertionAfterResponseReceived):
+ * UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp:
+ (WebKit::U2fAuthenticator::continueRegisterCommandAfterResponseReceived):
+ (WebKit::U2fAuthenticator::continueSignCommandAfterResponseReceived):
+ * WebAuthnProcess/WebAuthnConnectionToWebProcess.cpp:
+ (WebKit::WebAuthnConnectionToWebProcess::handleRequest):
+ * WebAuthnProcess/WebAuthnConnectionToWebProcess.h:
+ * WebAuthnProcess/WebAuthnConnectionToWebProcess.messages.in:
+
2021-06-02 Chris Dumez <cdu...@apple.com>
Use Checked aliases instead of Checked<T, RecordOverflow>
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponse.mm (278357 => 278358)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponse.mm 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponse.mm 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2020 Apple Inc. All rights reserved.
+ * Copyright (C) 2020-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -32,9 +32,9 @@
@implementation _WKAuthenticatorAssertionResponse
-- (instancetype)initWithClientDataJSON:(NSData *)clientDataJSON rawId:(NSData *)rawId extensions:(RetainPtr<_WKAuthenticationExtensionsClientOutputs>&&)extensions authenticatorData:(NSData *)authenticatorData signature:(NSData *)signature userHandle:(NSData *)userHandle
+- (instancetype)initWithClientDataJSON:(NSData *)clientDataJSON rawId:(NSData *)rawId extensions:(RetainPtr<_WKAuthenticationExtensionsClientOutputs>&&)extensions authenticatorData:(NSData *)authenticatorData signature:(NSData *)signature userHandle:(NSData *)userHandle attachment:(_WKAuthenticatorAttachment)attachment
{
- if (!(self = [super initWithClientDataJSON:clientDataJSON rawId:rawId extensions:WTFMove(extensions)]))
+ if (!(self = [super initWithClientDataJSON:clientDataJSON rawId:rawId extensions:WTFMove(extensions) attachment:attachment]))
return nil;
_authenticatorData = authenticatorData;
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponseInternal.h (278357 => 278358)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponseInternal.h 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAssertionResponseInternal.h 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2020 Apple Inc. All rights reserved.
+ * Copyright (C) 2020-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -34,7 +34,7 @@
@interface _WKAuthenticatorAssertionResponse ()
-- (instancetype)initWithClientDataJSON:(NSData *)clientDataJSON rawId:(NSData *)rawId extensions:(RetainPtr<_WKAuthenticationExtensionsClientOutputs>&&)extensions authenticatorData:(NSData *)authenticatorData signature:(NSData *)signature userHandle:(NSData *)userHandle;
+- (instancetype)initWithClientDataJSON:(NSData *)clientDataJSON rawId:(NSData *)rawId extensions:(RetainPtr<_WKAuthenticationExtensionsClientOutputs>&&)extensions authenticatorData:(NSData *)authenticatorData signature:(NSData *)signature userHandle:(NSData *)userHandle attachment:(_WKAuthenticatorAttachment)attachment;
@end
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponse.mm (278357 => 278358)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponse.mm 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponse.mm 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2020 Apple Inc. All rights reserved.
+ * Copyright (C) 2020-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -32,9 +32,9 @@
@implementation _WKAuthenticatorAttestationResponse
-- (instancetype)initWithClientDataJSON:(NSData *)clientDataJSON rawId:(NSData *)rawId extensions:(RetainPtr<_WKAuthenticationExtensionsClientOutputs>&&)extensions attestationObject:(NSData *)attestationObject
+- (instancetype)initWithClientDataJSON:(NSData *)clientDataJSON rawId:(NSData *)rawId extensions:(RetainPtr<_WKAuthenticationExtensionsClientOutputs>&&)extensions attestationObject:(NSData *)attestationObject attachment:(_WKAuthenticatorAttachment)attachment
{
- if (!(self = [super initWithClientDataJSON:clientDataJSON rawId:rawId extensions:WTFMove(extensions)]))
+ if (!(self = [super initWithClientDataJSON:clientDataJSON rawId:rawId extensions:WTFMove(extensions) attachment:attachment]))
return nil;
_attestationObject = attestationObject;
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponseInternal.h (278357 => 278358)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponseInternal.h 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponseInternal.h 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2020 Apple Inc. All rights reserved.
+ * Copyright (C) 2020-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -34,7 +34,7 @@
@interface _WKAuthenticatorAttestationResponse ()
-- (instancetype)initWithClientDataJSON:(NSData *)clientDataJSON rawId:(NSData *)rawId extensions:(RetainPtr<_WKAuthenticationExtensionsClientOutputs>&&)extensions attestationObject:(NSData *)attestationObject;
+- (instancetype)initWithClientDataJSON:(NSData *)clientDataJSON rawId:(NSData *)rawId extensions:(RetainPtr<_WKAuthenticationExtensionsClientOutputs>&&)extensions attestationObject:(NSData *)attestationObject attachment:(_WKAuthenticatorAttachment)attachment;
@end
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponse.h (278357 => 278358)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponse.h 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponse.h 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2020 Apple Inc. All rights reserved.
+ * Copyright (C) 2020-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -26,6 +26,7 @@
#pragma once
#import <WebKit/WKFoundation.h>
+#import <WebKit/_WKAuthenticatorAttachment.h>
#import <Foundation/Foundation.h>
@@ -36,6 +37,7 @@
WK_CLASS_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA))
@interface _WKAuthenticatorResponse : NSObject
+@property (nonatomic, readonly) _WKAuthenticatorAttachment attachment;
@property (nonatomic, readonly) NSData *clientDataJSON;
@property (nonatomic, readonly) NSData *rawId;
@property (nullable, nonatomic, readonly, strong) _WKAuthenticationExtensionsClientOutputs *extensions;
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponse.mm (278357 => 278358)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponse.mm 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponse.mm 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2020 Apple Inc. All rights reserved.
+ * Copyright (C) 2020-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -33,7 +33,7 @@
RetainPtr<_WKAuthenticationExtensionsClientOutputs> _extensions;
}
-- (instancetype)initWithClientDataJSON:(NSData *)clientDataJSON rawId:(NSData *)rawId extensions:(RetainPtr<_WKAuthenticationExtensionsClientOutputs>&&)extensions
+- (instancetype)initWithClientDataJSON:(NSData *)clientDataJSON rawId:(NSData *)rawId extensions:(RetainPtr<_WKAuthenticationExtensionsClientOutputs>&&)extensions attachment:(_WKAuthenticatorAttachment)attachment
{
if (!(self = [super init]))
return nil;
@@ -41,6 +41,8 @@
_clientDataJSON = clientDataJSON;
_rawId = rawId;
_extensions = extensions;
+ _attachment = attachment;
+
return self;
}
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponseInternal.h (278357 => 278358)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponseInternal.h 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKAuthenticatorResponseInternal.h 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2020 Apple Inc. All rights reserved.
+ * Copyright (C) 2020-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -34,7 +34,7 @@
@interface _WKAuthenticatorResponse ()
-- (instancetype)initWithClientDataJSON:(NSData *)clientDataJSON rawId:(NSData *)rawId extensions:(RetainPtr<_WKAuthenticationExtensionsClientOutputs>&&)extensions;
+- (instancetype)initWithClientDataJSON:(NSData *)clientDataJSON rawId:(NSData *)rawId extensions:(RetainPtr<_WKAuthenticationExtensionsClientOutputs>&&)extensions attachment:(_WKAuthenticatorAttachment)attachment;
@end
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm (278357 => 278358)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2021-06-02 16:42:27 UTC (rev 278358)
@@ -42,6 +42,7 @@
#import "_WKPublicKeyCredentialRequestOptions.h"
#import "_WKPublicKeyCredentialRelyingPartyEntity.h"
#import "_WKPublicKeyCredentialUserEntity.h"
+#import <WebCore/AuthenticatorAttachment.h>
#import <WebCore/AuthenticatorResponse.h>
#import <WebCore/AuthenticatorResponseData.h>
#import <WebCore/CBORReader.h>
@@ -453,10 +454,20 @@
}
#if ENABLE(WEB_AUTHN)
-static RetainPtr<_WKAuthenticatorAttestationResponse> wkAuthenticatorAttestationResponse(const WebCore::AuthenticatorResponseData& data, NSData *clientDataJSON)
+static _WKAuthenticatorAttachment authenticatorAttachmentToWKAuthenticatorAttachment(WebCore::AuthenticatorAttachment attachment)
{
- return adoptNS([[_WKAuthenticatorAttestationResponse alloc] initWithClientDataJSON:clientDataJSON rawId:[NSData dataWithBytes:data.rawId->data() length:data.rawId->byteLength()] extensions:nil attestationObject:[NSData dataWithBytes:data.attestationObject->data() length:data.attestationObject->byteLength()]]);
+ switch (attachment) {
+ case WebCore::AuthenticatorAttachment::Platform:
+ return _WKAuthenticatorAttachmentPlatform;
+ case WebCore::AuthenticatorAttachment::CrossPlatform:
+ return _WKAuthenticatorAttachmentCrossPlatform;
+ }
}
+
+static RetainPtr<_WKAuthenticatorAttestationResponse> wkAuthenticatorAttestationResponse(const WebCore::AuthenticatorResponseData& data, NSData *clientDataJSON, WebCore::AuthenticatorAttachment attachment)
+{
+ return adoptNS([[_WKAuthenticatorAttestationResponse alloc] initWithClientDataJSON:clientDataJSON rawId:[NSData dataWithBytes:data.rawId->data() length:data.rawId->byteLength()] extensions:nil attestationObject:[NSData dataWithBytes:data.attestationObject->data() length:data.attestationObject->byteLength()] attachment: authenticatorAttachmentToWKAuthenticatorAttachment(attachment)]);
+}
#endif
- (void)makeCredentialWithChallenge:(NSData *)challenge origin:(NSString *)origin options:(_WKPublicKeyCredentialCreationOptions *)options completionHandler:(void (^)(_WKAuthenticatorAttestationResponse *, NSError *))handler
@@ -466,7 +477,7 @@
auto hash = produceClientDataJsonHash(clientDataJSON.get());
auto callback = [handler = makeBlockPtr(handler), clientDataJSON = WTFMove(clientDataJSON)] (Variant<Ref<WebCore::AuthenticatorResponse>, WebCore::ExceptionData>&& result) mutable {
WTF::switchOn(result, [&](const Ref<WebCore::AuthenticatorResponse>& response) {
- handler(wkAuthenticatorAttestationResponse(response->data(), clientDataJSON.get()).get(), nil);
+ handler(wkAuthenticatorAttestationResponse(response->data(), clientDataJSON.get(), response->attachment()).get(), nil);
}, [&](const WebCore::ExceptionData& exception) {
handler(nil, [NSError errorWithDomain:WKErrorDomain code:WKErrorUnknown userInfo:nil]);
});
@@ -495,7 +506,7 @@
}
#if ENABLE(WEB_AUTHN)
-static RetainPtr<_WKAuthenticatorAssertionResponse> wkAuthenticatorAssertionResponse(const WebCore::AuthenticatorResponseData& data, NSData *clientDataJSON)
+static RetainPtr<_WKAuthenticatorAssertionResponse> wkAuthenticatorAssertionResponse(const WebCore::AuthenticatorResponseData& data, NSData *clientDataJSON, WebCore::AuthenticatorAttachment attachment)
{
RetainPtr<_WKAuthenticationExtensionsClientOutputs> extensions;
if (data.appid)
@@ -505,7 +516,7 @@
if (data.userHandle)
userHandle = [NSData dataWithBytes:data.userHandle->data() length:data.userHandle->byteLength()];
- return adoptNS([[_WKAuthenticatorAssertionResponse alloc] initWithClientDataJSON:clientDataJSON rawId:[NSData dataWithBytes:data.rawId->data() length:data.rawId->byteLength()] extensions:WTFMove(extensions) authenticatorData:[NSData dataWithBytes:data.authenticatorData->data() length:data.authenticatorData->byteLength()] signature:[NSData dataWithBytes:data.signature->data() length:data.signature->byteLength()] userHandle:userHandle]);
+ return adoptNS([[_WKAuthenticatorAssertionResponse alloc] initWithClientDataJSON:clientDataJSON rawId:[NSData dataWithBytes:data.rawId->data() length:data.rawId->byteLength()] extensions:WTFMove(extensions) authenticatorData:[NSData dataWithBytes:data.authenticatorData->data() length:data.authenticatorData->byteLength()] signature:[NSData dataWithBytes:data.signature->data() length:data.signature->byteLength()] userHandle:userHandle attachment:authenticatorAttachmentToWKAuthenticatorAttachment(attachment)]);
}
#endif
@@ -516,7 +527,7 @@
auto hash = produceClientDataJsonHash(clientDataJSON.get());
auto callback = [handler = makeBlockPtr(handler), clientDataJSON = WTFMove(clientDataJSON)] (Variant<Ref<WebCore::AuthenticatorResponse>, WebCore::ExceptionData>&& result) mutable {
WTF::switchOn(result, [&](const Ref<WebCore::AuthenticatorResponse>& response) {
- handler(wkAuthenticatorAssertionResponse(response->data(), clientDataJSON.get()).get(), nil);
+ handler(wkAuthenticatorAssertionResponse(response->data(), clientDataJSON.get(), response->attachment()).get(), nil);
}, [&](const WebCore::ExceptionData& exception) {
handler(nil, [NSError errorWithDomain:WKErrorDomain code:WKErrorUnknown userInfo:nil]);
});
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/AuthenticatorManager.cpp (278357 => 278358)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/AuthenticatorManager.cpp 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/AuthenticatorManager.cpp 2021-06-02 16:42:27 UTC (rev 278358)
@@ -38,6 +38,7 @@
#include "WebPreferencesKeys.h"
#include "WebProcessProxy.h"
#include <WebCore/AuthenticatorAssertionResponse.h>
+#include <WebCore/AuthenticatorAttachment.h>
#include <WebCore/AuthenticatorTransport.h>
#include <WebCore/PublicKeyCredentialCreationOptions.h>
#include <WebCore/WebAuthenticationConstants.h>
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm (278357 => 278358)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2018-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -30,6 +30,7 @@
#import <Security/SecItem.h>
#import <WebCore/AuthenticatorAssertionResponse.h>
+#import <WebCore/AuthenticatorAttachment.h>
#import <WebCore/AuthenticatorAttestationResponse.h>
#import <WebCore/CBORReader.h>
#import <WebCore/CBORWriter.h>
@@ -167,7 +168,7 @@
}
auto& username = it->second.getString();
- result.uncheckedAppend(AuthenticatorAssertionResponse::create(toArrayBuffer(attributes[(id)kSecAttrApplicationLabel]), toArrayBuffer(userHandle), String(username), (__bridge SecAccessControlRef)attributes[(id)kSecAttrAccessControl]));
+ result.uncheckedAppend(AuthenticatorAssertionResponse::create(toArrayBuffer(attributes[(id)kSecAttrApplicationLabel]), toArrayBuffer(userHandle), String(username), (__bridge SecAccessControlRef)attributes[(id)kSecAttrAccessControl], AuthenticatorAttachment::Platform));
}
return result;
}
@@ -426,7 +427,7 @@
auto authData = buildAuthData(creationOptions.rp.id, flags, counter, buildAttestedCredentialData(Vector<uint8_t>(aaguidLength, 0), credentialId, cosePublicKey));
auto attestationObject = buildAttestationObject(WTFMove(authData), "", { }, AttestationConveyancePreference::None);
- receiveRespond(AuthenticatorAttestationResponse::create(credentialId, attestationObject));
+ receiveRespond(AuthenticatorAttestationResponse::create(credentialId, attestationObject, AuthenticatorAttachment::Platform));
return;
}
@@ -470,7 +471,7 @@
auto attestationObject = buildAttestationObject(WTFMove(authData), "apple", WTFMove(attestationStatementMap), creationOptions.attestation);
deleteDuplicateCredential();
- receiveRespond(AuthenticatorAttestationResponse::create(credentialId, attestationObject));
+ receiveRespond(AuthenticatorAttestationResponse::create(credentialId, attestationObject, AuthenticatorAttachment::Platform));
}
void LocalAuthenticator::getAssertion()
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp (278357 => 278358)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2018-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -70,9 +70,9 @@
auto callback = [handler = WTFMove(handler)] (Variant<Ref<AuthenticatorResponse>, ExceptionData>&& result) mutable {
ASSERT(RunLoop::isMain());
WTF::switchOn(result, [&](const Ref<AuthenticatorResponse>& response) {
- handler(response->data(), { });
+ handler(response->data(), response->attachment(), { });
}, [&](const ExceptionData& exception) {
- handler({ }, exception);
+ handler({ }, (AuthenticatorAttachment)0, exception);
});
};
m_webPageProxy.websiteDataStore().authenticatorManager().handleRequest(WTFMove(data), WTFMove(callback));
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h (278357 => 278358)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2018-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -33,6 +33,7 @@
#include <wtf/Noncopyable.h>
namespace WebCore {
+enum class AuthenticatorAttachment;
struct ExceptionData;
struct PublicKeyCredentialCreationOptions;
struct AuthenticatorResponseData;
@@ -55,7 +56,7 @@
~WebAuthenticatorCoordinatorProxy();
private:
- using RequestCompletionHandler = CompletionHandler<void(const WebCore::AuthenticatorResponseData&, const WebCore::ExceptionData&)>;
+ using RequestCompletionHandler = CompletionHandler<void(const WebCore::AuthenticatorResponseData&, WebCore::AuthenticatorAttachment, const WebCore::ExceptionData&)>;
using QueryCompletionHandler = CompletionHandler<void(bool)>;
// IPC::MessageReceiver.
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in (278357 => 278358)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,4 +1,4 @@
-# Copyright (C) 2018 Apple Inc. All rights reserved.
+# Copyright (C) 2018-2021 Apple Inc. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
@@ -26,8 +26,8 @@
messages -> WebAuthenticatorCoordinatorProxy NotRefCounted {
- MakeCredential(WebCore::FrameIdentifier frameID, struct WebKit::FrameInfoData frameInfo, Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialCreationOptions options, bool processingUserGesture) -> (struct WebCore::AuthenticatorResponseData data, struct WebCore::ExceptionData exception) Async
- GetAssertion(WebCore::FrameIdentifier frameID, struct WebKit::FrameInfoData frameInfo, Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialRequestOptions options, bool processingUserGesture) -> (struct WebCore::AuthenticatorResponseData data, struct WebCore::ExceptionData exception) Async
+ MakeCredential(WebCore::FrameIdentifier frameID, struct WebKit::FrameInfoData frameInfo, Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialCreationOptions options, bool processingUserGesture) -> (struct WebCore::AuthenticatorResponseData data, enum:int WebCore::AuthenticatorAttachment attachment, struct WebCore::ExceptionData exception) Async
+ GetAssertion(WebCore::FrameIdentifier frameID, struct WebKit::FrameInfoData frameInfo, Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialRequestOptions options, bool processingUserGesture) -> (struct WebCore::AuthenticatorResponseData data, enum:int WebCore::AuthenticatorAttachment attachment, struct WebCore::ExceptionData exception) Async
IsUserVerifyingPlatformAuthenticatorAvailable() -> (bool result) Async
}
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp (278357 => 278358)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2018-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -31,6 +31,7 @@
#include "CtapDriver.h"
#include "CtapHidDriver.h"
#include "U2fAuthenticator.h"
+#include <WebCore/AuthenticatorAttachment.h>
#include <WebCore/CryptoKeyAES.h>
#include <WebCore/CryptoKeyEC.h>
#include <WebCore/CryptoKeyHMAC.h>
@@ -105,7 +106,7 @@
void CtapAuthenticator::continueMakeCredentialAfterResponseReceived(Vector<uint8_t>&& data)
{
- auto response = readCTAPMakeCredentialResponse(data, WTF::get<PublicKeyCredentialCreationOptions>(requestData().options).attestation);
+ auto response = readCTAPMakeCredentialResponse(data, AuthenticatorAttachment::CrossPlatform, WTF::get<PublicKeyCredentialCreationOptions>(requestData().options).attestation);
if (!response) {
auto error = getResponseCode(data);
@@ -146,7 +147,7 @@
void CtapAuthenticator::continueGetAssertionAfterResponseReceived(Vector<uint8_t>&& data)
{
- auto response = readCTAPGetAssertionResponse(data);
+ auto response = readCTAPGetAssertionResponse(data, AuthenticatorAttachment::CrossPlatform);
if (!response) {
auto error = getResponseCode(data);
@@ -185,7 +186,7 @@
void CtapAuthenticator::continueGetNextAssertionAfterResponseReceived(Vector<uint8_t>&& data)
{
- auto response = readCTAPGetAssertionResponse(data);
+ auto response = readCTAPGetAssertionResponse(data, AuthenticatorAttachment::CrossPlatform);
if (!response) {
auto error = getResponseCode(data);
receiveRespond(ExceptionData { UnknownError, makeString("Unknown internal error. Error code: ", static_cast<uint8_t>(error)) });
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp (278357 => 278358)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2019 Apple Inc. All rights reserved.
+ * Copyright (C) 2019-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -30,6 +30,7 @@
#include "CtapDriver.h"
#include <WebCore/ApduResponse.h>
+#include <WebCore/AuthenticatorAttachment.h>
#include <WebCore/ExceptionData.h>
#include <WebCore/U2fCommandConstructor.h>
#include <WebCore/U2fResponseConverter.h>
@@ -156,7 +157,7 @@
case ApduResponse::Status::SW_NO_ERROR: {
auto& options = WTF::get<PublicKeyCredentialCreationOptions>(requestData().options);
auto appId = processGoogleLegacyAppIdSupportExtension(options.extensions);
- auto response = readU2fRegisterResponse(!appId ? options.rp.id : appId, apduResponse.data(), options.attestation);
+ auto response = readU2fRegisterResponse(!appId ? options.rp.id : appId, apduResponse.data(), AuthenticatorAttachment::CrossPlatform, options.attestation);
if (!response) {
receiveRespond(ExceptionData { UnknownError, "Couldn't parse the U2F register response."_s });
return;
@@ -208,9 +209,9 @@
RefPtr<AuthenticatorAssertionResponse> response;
if (m_isAppId) {
ASSERT(requestOptions.extensions && !requestOptions.extensions->appid.isNull());
- response = readU2fSignResponse(requestOptions.extensions->appid, requestOptions.allowCredentials[m_nextListIndex - 1].idVector, apduResponse.data());
+ response = readU2fSignResponse(requestOptions.extensions->appid, requestOptions.allowCredentials[m_nextListIndex - 1].idVector, apduResponse.data(), AuthenticatorAttachment::CrossPlatform);
} else
- response = readU2fSignResponse(requestOptions.rpId, requestOptions.allowCredentials[m_nextListIndex - 1].idVector, apduResponse.data());
+ response = readU2fSignResponse(requestOptions.rpId, requestOptions.allowCredentials[m_nextListIndex - 1].idVector, apduResponse.data(), AuthenticatorAttachment::CrossPlatform);
if (!response) {
receiveRespond(ExceptionData { UnknownError, "Couldn't parse the U2F sign response."_s });
return;
Modified: trunk/Source/WebKit/WebAuthnProcess/WebAuthnConnectionToWebProcess.cpp (278357 => 278358)
--- trunk/Source/WebKit/WebAuthnProcess/WebAuthnConnectionToWebProcess.cpp 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebKit/WebAuthnProcess/WebAuthnConnectionToWebProcess.cpp 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2020 Apple Inc. All rights reserved.
+ * Copyright (C) 2020-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -82,9 +82,9 @@
auto callback = [handler = WTFMove(handler)] (Variant<Ref<AuthenticatorResponse>, ExceptionData>&& result) mutable {
ASSERT(RunLoop::isMain());
WTF::switchOn(result, [&](const Ref<AuthenticatorResponse>& response) {
- handler(response->data(), { });
+ handler(response->data(), response->attachment(), { });
}, [&](const ExceptionData& exception) {
- handler({ }, exception);
+ handler({ }, static_cast<AuthenticatorAttachment>(0), exception);
});
};
m_WebAuthnProcess->authenticatorManager().handleRequest(WTFMove(data), WTFMove(callback));
Modified: trunk/Source/WebKit/WebAuthnProcess/WebAuthnConnectionToWebProcess.h (278357 => 278358)
--- trunk/Source/WebKit/WebAuthnProcess/WebAuthnConnectionToWebProcess.h 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebKit/WebAuthnProcess/WebAuthnConnectionToWebProcess.h 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2020 Apple Inc. All rights reserved.
+ * Copyright (C) 2020-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -33,6 +33,7 @@
#include <wtf/RefCounted.h>
namespace WebCore {
+enum class AuthenticatorAttachment;
struct AuthenticatorResponseData;
struct ExceptionData;
struct MockWebAuthenticationConfiguration;
@@ -57,7 +58,7 @@
WebCore::ProcessIdentifier webProcessIdentifier() const { return m_webProcessIdentifier; }
private:
- using RequestCompletionHandler = CompletionHandler<void(const WebCore::AuthenticatorResponseData&, const WebCore::ExceptionData&)>;
+ using RequestCompletionHandler = CompletionHandler<void(const WebCore::AuthenticatorResponseData&, WebCore::AuthenticatorAttachment, const WebCore::ExceptionData&)>;
using QueryCompletionHandler = CompletionHandler<void(bool)>;
WebAuthnConnectionToWebProcess(WebAuthnProcess&, WebCore::ProcessIdentifier, IPC::Connection::Identifier);
Modified: trunk/Source/WebKit/WebAuthnProcess/WebAuthnConnectionToWebProcess.messages.in (278357 => 278358)
--- trunk/Source/WebKit/WebAuthnProcess/WebAuthnConnectionToWebProcess.messages.in 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebKit/WebAuthnProcess/WebAuthnConnectionToWebProcess.messages.in 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,4 +1,4 @@
-# Copyright (C) 2020 Apple Inc. All rights reserved.
+# Copyright (C) 2020-2021 Apple Inc. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
@@ -24,8 +24,8 @@
messages -> WebAuthnConnectionToWebProcess {
- MakeCredential(Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialCreationOptions options, bool processingUserGesture) -> (struct WebCore::AuthenticatorResponseData data, struct WebCore::ExceptionData exception) Async
- GetAssertion(Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialRequestOptions options, bool processingUserGesture) -> (struct WebCore::AuthenticatorResponseData data, struct WebCore::ExceptionData exception) Async
+ MakeCredential(Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialCreationOptions options, bool processingUserGesture) -> (struct WebCore::AuthenticatorResponseData data, enum:int WebCore::AuthenticatorAttachment attachment, struct WebCore::ExceptionData exception) Async
+ GetAssertion(Vector<uint8_t> hash, struct WebCore::PublicKeyCredentialRequestOptions options, bool processingUserGesture) -> (struct WebCore::AuthenticatorResponseData data, enum:int WebCore::AuthenticatorAttachment attachment, struct WebCore::ExceptionData exception) Async
IsUserVerifyingPlatformAuthenticatorAvailable() -> (bool result) Async
SetMockWebAuthenticationConfiguration(struct WebCore::MockWebAuthenticationConfiguration configuration);
Modified: trunk/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp (278357 => 278358)
--- trunk/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp 2021-06-02 16:42:27 UTC (rev 278358)
@@ -37,6 +37,7 @@
#include "WebPage.h"
#include "WebProcess.h"
#include <_javascript_Core/ConsoleTypes.h>
+#include <WebCore/AuthenticatorAttachment.h>
#include <WebCore/AuthenticatorResponseData.h>
#include <WebCore/Frame.h>
#include <WebCore/PublicKeyCredentialCreationOptions.h>
Modified: trunk/Tools/ChangeLog (278357 => 278358)
--- trunk/Tools/ChangeLog 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Tools/ChangeLog 2021-06-02 16:42:27 UTC (rev 278358)
@@ -1,3 +1,18 @@
+2021-06-02 Garrett Davidson <davidson.garre...@gmail.com>
+
+
+ [Cocoa] _WKAuthenticatorAssertionResponse should specify the attachment type used
+ https://bugs.webkit.org/show_bug.cgi?id=225519
+ <rdar://problem/76554090>
+
+ Reviewed by Brent Fulgham.
+
+ Update the CTAP tests to specify the new attachment parameter. All of these tests
+ assume a cross platform authenticator.
+
+ * TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp:
+ (TestWebKitAPI::TEST):
+
2021-06-02 Keith Miller <keith_mil...@apple.com>
Convert small JIT pool tests into executable fuzzing
Modified: trunk/Tools/TestWebKitAPI/Tests/WebCore/CtapRequestTest.cpp (278357 => 278358)
--- trunk/Tools/TestWebKitAPI/Tests/WebCore/CtapRequestTest.cpp 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Tools/TestWebKitAPI/Tests/WebCore/CtapRequestTest.cpp 2021-06-02 16:42:27 UTC (rev 278358)
@@ -33,6 +33,7 @@
#include "FidoTestData.h"
#include "PlatformUtilities.h"
+#include <WebCore/AuthenticatorAttachment.h>
#include <WebCore/DeviceRequestConverter.h>
#include <WebCore/FidoConstants.h>
#include <WebCore/Pin.h>
Modified: trunk/Tools/TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp (278357 => 278358)
--- trunk/Tools/TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Tools/TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp 2021-06-02 16:42:27 UTC (rev 278358)
@@ -32,6 +32,7 @@
#if ENABLE(WEB_AUTHN)
#include "FidoTestData.h"
+#include <WebCore/AuthenticatorAttachment.h>
#include <WebCore/CBORReader.h>
#include <WebCore/CBORValue.h>
#include <WebCore/CBORWriter.h>
@@ -353,7 +354,7 @@
// https://fidoalliance.org/specs/fido-v2.0-ps-20170927/fido-client-to-authenticator-protocol-v2.0-ps-20170927.html#commands
TEST(CTAPResponseTest, TestReadMakeCredentialResponse)
{
- auto makeCredentialResponse = readCTAPMakeCredentialResponse(convertBytesToVector(TestData::kTestMakeCredentialResponse, sizeof(TestData::kTestMakeCredentialResponse)));
+ auto makeCredentialResponse = readCTAPMakeCredentialResponse(convertBytesToVector(TestData::kTestMakeCredentialResponse, sizeof(TestData::kTestMakeCredentialResponse)), AuthenticatorAttachment::CrossPlatform);
ASSERT_TRUE(makeCredentialResponse);
auto cborAttestationObject = cbor::CBORReader::read(convertBytesToVector(reinterpret_cast<uint8_t*>(makeCredentialResponse->attestationObject()->data()), makeCredentialResponse->attestationObject()->byteLength()));
ASSERT_TRUE(cborAttestationObject);
@@ -401,7 +402,7 @@
// https://fidoalliance.org/specs/fido-v2.0-ps-20170927/fido-client-to-authenticator-protocol-v2.0-ps-20170927.html
TEST(CTAPResponseTest, TestReadGetAssertionResponse1)
{
- auto getAssertionResponse = readCTAPGetAssertionResponse(convertBytesToVector(TestData::kDeviceGetAssertionResponseShort, sizeof(TestData::kDeviceGetAssertionResponseShort)));
+ auto getAssertionResponse = readCTAPGetAssertionResponse(convertBytesToVector(TestData::kDeviceGetAssertionResponseShort, sizeof(TestData::kDeviceGetAssertionResponseShort)), AuthenticatorAttachment::CrossPlatform);
ASSERT_TRUE(getAssertionResponse);
EXPECT_EQ(getAssertionResponse->authenticatorData()->byteLength(), sizeof(TestData::kCtap2GetAssertionAuthData));
@@ -412,7 +413,7 @@
TEST(CTAPResponseTest, TestReadGetAssertionResponse2)
{
- auto getAssertionResponse = readCTAPGetAssertionResponse(convertBytesToVector(TestData::kDeviceGetAssertionResponse, sizeof(TestData::kDeviceGetAssertionResponse)));
+ auto getAssertionResponse = readCTAPGetAssertionResponse(convertBytesToVector(TestData::kDeviceGetAssertionResponse, sizeof(TestData::kDeviceGetAssertionResponse)), AuthenticatorAttachment::CrossPlatform);
ASSERT_TRUE(getAssertionResponse);
EXPECT_EQ(getAssertionResponse->authenticatorData()->byteLength(), sizeof(TestData::kCtap2GetAssertionAuthData));
@@ -425,7 +426,7 @@
TEST(CTAPResponseTest, TestReadGetAssertionResponse3)
{
- auto getAssertionResponse = readCTAPGetAssertionResponse(convertBytesToVector(TestData::kDeviceGetAssertionResponseLong, sizeof(TestData::kDeviceGetAssertionResponseLong)));
+ auto getAssertionResponse = readCTAPGetAssertionResponse(convertBytesToVector(TestData::kDeviceGetAssertionResponseLong, sizeof(TestData::kDeviceGetAssertionResponseLong)), AuthenticatorAttachment::CrossPlatform);
ASSERT_TRUE(getAssertionResponse);
EXPECT_EQ(getAssertionResponse->authenticatorData()->byteLength(), sizeof(TestData::kCtap2GetAssertionAuthData));
@@ -442,7 +443,7 @@
// Test that U2F register response is properly parsed.
TEST(CTAPResponseTest, TestParseRegisterResponseData)
{
- auto response = readU2fRegisterResponse(TestData::kRelyingPartyId, convertBytesToVector(TestData::kTestU2fRegisterResponse, sizeof(TestData::kTestU2fRegisterResponse)));
+ auto response = readU2fRegisterResponse(TestData::kRelyingPartyId, convertBytesToVector(TestData::kTestU2fRegisterResponse, sizeof(TestData::kTestU2fRegisterResponse)), AuthenticatorAttachment::CrossPlatform);
ASSERT_TRUE(response);
EXPECT_EQ(response->rawId()->byteLength(), sizeof(TestData::kU2fSignKeyHandle));
EXPECT_EQ(memcmp(response->rawId()->data(), TestData::kU2fSignKeyHandle, sizeof(TestData::kU2fSignKeyHandle)), 0);
@@ -455,15 +456,15 @@
TEST(CTAPResponseTest, TestParseIncorrectRegisterResponseData1)
{
const uint8_t testData1[] = { 0x05 };
- auto response = readU2fRegisterResponse(TestData::kRelyingPartyId, convertBytesToVector(testData1, sizeof(testData1)));
+ auto response = readU2fRegisterResponse(TestData::kRelyingPartyId, convertBytesToVector(testData1, sizeof(testData1)), AuthenticatorAttachment::CrossPlatform);
EXPECT_FALSE(response);
const uint8_t testData2[] = { 0x05, 0x00 };
- response = readU2fRegisterResponse(TestData::kRelyingPartyId, convertBytesToVector(testData2, sizeof(testData2)));
+ response = readU2fRegisterResponse(TestData::kRelyingPartyId, convertBytesToVector(testData2, sizeof(testData2)), AuthenticatorAttachment::CrossPlatform);
EXPECT_FALSE(response);
const uint8_t testData3[] = { 0x05, 0x04, 0x00 };
- response = readU2fRegisterResponse(TestData::kRelyingPartyId, convertBytesToVector(testData3, sizeof(testData3)));
+ response = readU2fRegisterResponse(TestData::kRelyingPartyId, convertBytesToVector(testData3, sizeof(testData3)), AuthenticatorAttachment::CrossPlatform);
EXPECT_FALSE(response);
}
@@ -470,11 +471,11 @@
// Test malformed key handle.
TEST(CTAPResponseTest, TestParseIncorrectRegisterResponseData2)
{
- auto response = readU2fRegisterResponse(TestData::kRelyingPartyId, getTestU2fRegisterResponse(kU2fKeyHandleLengthOffset, nullptr, 0));
+ auto response = readU2fRegisterResponse(TestData::kRelyingPartyId, getTestU2fRegisterResponse(kU2fKeyHandleLengthOffset, nullptr, 0), AuthenticatorAttachment::CrossPlatform);
EXPECT_FALSE(response);
const uint8_t testData[] = { 0x40 };
- response = readU2fRegisterResponse(TestData::kRelyingPartyId, getTestU2fRegisterResponse(kU2fKeyHandleLengthOffset, testData, sizeof(testData)));
+ response = readU2fRegisterResponse(TestData::kRelyingPartyId, getTestU2fRegisterResponse(kU2fKeyHandleLengthOffset, testData, sizeof(testData)), AuthenticatorAttachment::CrossPlatform);
EXPECT_FALSE(response);
}
@@ -482,27 +483,27 @@
TEST(CTAPResponseTest, TestParseIncorrectRegisterResponseData3)
{
const auto prefix = kU2fKeyHandleOffset + 64;
- auto response = readU2fRegisterResponse(TestData::kRelyingPartyId, getTestU2fRegisterResponse(prefix, nullptr, 0));
+ auto response = readU2fRegisterResponse(TestData::kRelyingPartyId, getTestU2fRegisterResponse(prefix, nullptr, 0), AuthenticatorAttachment::CrossPlatform);
EXPECT_FALSE(response);
const uint8_t testData1[] = { 0x40 };
- response = readU2fRegisterResponse(TestData::kRelyingPartyId, getTestU2fRegisterResponse(prefix, testData1, sizeof(testData1)));
+ response = readU2fRegisterResponse(TestData::kRelyingPartyId, getTestU2fRegisterResponse(prefix, testData1, sizeof(testData1)), AuthenticatorAttachment::CrossPlatform);
EXPECT_FALSE(response);
const uint8_t testData2[] = { 0x30 };
- response = readU2fRegisterResponse(TestData::kRelyingPartyId, getTestU2fRegisterResponse(prefix, testData2, sizeof(testData2)));
+ response = readU2fRegisterResponse(TestData::kRelyingPartyId, getTestU2fRegisterResponse(prefix, testData2, sizeof(testData2)), AuthenticatorAttachment::CrossPlatform);
EXPECT_FALSE(response);
const uint8_t testData3[] = { 0x30, 0x82 };
- response = readU2fRegisterResponse(TestData::kRelyingPartyId, getTestU2fRegisterResponse(prefix, testData3, sizeof(testData3)));
+ response = readU2fRegisterResponse(TestData::kRelyingPartyId, getTestU2fRegisterResponse(prefix, testData3, sizeof(testData3)), AuthenticatorAttachment::CrossPlatform);
EXPECT_FALSE(response);
const uint8_t testData4[] = { 0x30, 0xC1 };
- response = readU2fRegisterResponse(TestData::kRelyingPartyId, getTestU2fRegisterResponse(prefix, testData4, sizeof(testData4)));
+ response = readU2fRegisterResponse(TestData::kRelyingPartyId, getTestU2fRegisterResponse(prefix, testData4, sizeof(testData4)), AuthenticatorAttachment::CrossPlatform);
EXPECT_FALSE(response);
const uint8_t testData5[] = { 0x30, 0x82, 0x02, 0x4A };
- response = readU2fRegisterResponse(TestData::kRelyingPartyId, getTestU2fRegisterResponse(prefix, testData5, sizeof(testData5)));
+ response = readU2fRegisterResponse(TestData::kRelyingPartyId, getTestU2fRegisterResponse(prefix, testData5, sizeof(testData5)), AuthenticatorAttachment::CrossPlatform);
EXPECT_FALSE(response);
}
@@ -510,7 +511,7 @@
TEST(CTAPResponseTest, TestParseIncorrectRegisterResponseData4)
{
const auto prefix = sizeof(TestData::kTestU2fRegisterResponse);
- auto response = readU2fRegisterResponse(TestData::kRelyingPartyId, getTestU2fRegisterResponse(prefix - 71, nullptr, 0));
+ auto response = readU2fRegisterResponse(TestData::kRelyingPartyId, getTestU2fRegisterResponse(prefix - 71, nullptr, 0), AuthenticatorAttachment::CrossPlatform);
EXPECT_FALSE(response);
}
@@ -527,7 +528,7 @@
testData1.append(0x01);
testData1.append(0x00);
testData1.append(TestData::kTestU2fRegisterResponse + suffix, signatureSize);
- auto response = readU2fRegisterResponse(TestData::kRelyingPartyId, testData1);
+ auto response = readU2fRegisterResponse(TestData::kRelyingPartyId, testData1, AuthenticatorAttachment::CrossPlatform);
EXPECT_TRUE(response);
Vector<uint8_t> testData2;
@@ -537,7 +538,7 @@
testData2.append(0x01);
testData2.append(0x00);
testData2.append(TestData::kTestU2fRegisterResponse + suffix, signatureSize);
- response = readU2fRegisterResponse(TestData::kRelyingPartyId, testData2);
+ response = readU2fRegisterResponse(TestData::kRelyingPartyId, testData2, AuthenticatorAttachment::CrossPlatform);
EXPECT_TRUE(response);
}
@@ -544,7 +545,7 @@
// Tests that U2F authenticator data is properly serialized.
TEST(CTAPResponseTest, TestParseSignResponseData)
{
- auto response = readU2fSignResponse(TestData::kRelyingPartyId, getTestCredentialRawIdBytes(), getTestSignResponse());
+ auto response = readU2fSignResponse(TestData::kRelyingPartyId, getTestCredentialRawIdBytes(), getTestSignResponse(), AuthenticatorAttachment::CrossPlatform);
ASSERT_TRUE(response);
EXPECT_EQ(response->rawId()->byteLength(), sizeof(TestData::kU2fSignKeyHandle));
EXPECT_EQ(memcmp(response->rawId()->data(), TestData::kU2fSignKeyHandle, sizeof(TestData::kU2fSignKeyHandle)), 0);
@@ -556,13 +557,13 @@
TEST(CTAPResponseTest, TestParseU2fSignWithNullKeyHandle)
{
- auto response = readU2fSignResponse(TestData::kRelyingPartyId, Vector<uint8_t>(), getTestSignResponse());
+ auto response = readU2fSignResponse(TestData::kRelyingPartyId, Vector<uint8_t>(), getTestSignResponse(), AuthenticatorAttachment::CrossPlatform);
EXPECT_FALSE(response);
}
TEST(CTAPResponseTest, TestParseU2fSignWithNullResponse)
{
- auto response = readU2fSignResponse(TestData::kRelyingPartyId, getTestCredentialRawIdBytes(), Vector<uint8_t>());
+ auto response = readU2fSignResponse(TestData::kRelyingPartyId, getTestCredentialRawIdBytes(), Vector<uint8_t>(), AuthenticatorAttachment::CrossPlatform);
EXPECT_FALSE(response);
}
@@ -569,7 +570,7 @@
TEST(CTAPResponseTest, TestParseU2fSignWithCorruptedCounter)
{
// A sign response of less than 5 bytes.
- auto response = readU2fSignResponse(TestData::kRelyingPartyId, getTestCredentialRawIdBytes(), getTestCorruptedSignResponse(3));
+ auto response = readU2fSignResponse(TestData::kRelyingPartyId, getTestCredentialRawIdBytes(), getTestCorruptedSignResponse(3), AuthenticatorAttachment::CrossPlatform);
EXPECT_FALSE(response);
}
@@ -576,7 +577,7 @@
TEST(CTAPResponseTest, TestParseU2fSignWithCorruptedSignature)
{
// A sign response no more than 5 bytes.
- auto response = readU2fSignResponse(TestData::kRelyingPartyId, getTestCredentialRawIdBytes(), getTestCorruptedSignResponse(5));
+ auto response = readU2fSignResponse(TestData::kRelyingPartyId, getTestCredentialRawIdBytes(), getTestCorruptedSignResponse(5), AuthenticatorAttachment::CrossPlatform);
EXPECT_FALSE(response);
}
Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm (278357 => 278358)
--- trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2021-06-02 16:29:07 UTC (rev 278357)
+++ trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2021-06-02 16:42:27 UTC (rev 278358)
@@ -33,6 +33,7 @@
#import "TestWKWebView.h"
#import "WKWebViewConfigurationExtras.h"
#import <LocalAuthentication/LocalAuthentication.h>
+#import <WebCore/AuthenticatorAttachment.h>
#import <WebCore/PublicKeyCredentialCreationOptions.h>
#import <WebCore/PublicKeyCredentialRequestOptions.h>
#import <WebKit/WKPreferencesPrivate.h>