summaryrefslogtreecommitdiffstats
path: root/dom/webauthn/WebAuthnResult.h
diff options
context:
space:
mode:
Diffstat (limited to 'dom/webauthn/WebAuthnResult.h')
-rw-r--r--dom/webauthn/WebAuthnResult.h229
1 files changed, 229 insertions, 0 deletions
diff --git a/dom/webauthn/WebAuthnResult.h b/dom/webauthn/WebAuthnResult.h
new file mode 100644
index 0000000000..f7653fd4b0
--- /dev/null
+++ b/dom/webauthn/WebAuthnResult.h
@@ -0,0 +1,229 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef mozilla_dom_WebAuthnResult_h_
+#define mozilla_dom_WebAuthnResult_h_
+
+#include "nsIWebAuthnResult.h"
+#include "nsString.h"
+#include "nsTArray.h"
+
+#include "mozilla/Maybe.h"
+#include "nsString.h"
+
+#ifdef MOZ_WIDGET_ANDROID
+# include "mozilla/java/WebAuthnTokenManagerNatives.h"
+#endif
+
+#ifdef XP_WIN
+# include <windows.h>
+# include "mozilla/dom/PWebAuthnTransactionParent.h"
+# include "winwebauthn/webauthn.h"
+#endif
+
+namespace mozilla::dom {
+
+class WebAuthnRegisterResult final : public nsIWebAuthnRegisterResult {
+ public:
+ NS_DECL_THREADSAFE_ISUPPORTS
+ NS_DECL_NSIWEBAUTHNREGISTERRESULT
+
+ WebAuthnRegisterResult(const nsTArray<uint8_t>& aAttestationObject,
+ const Maybe<nsCString>& aClientDataJSON,
+ const nsTArray<uint8_t>& aCredentialId,
+ const nsTArray<nsString>& aTransports,
+ const Maybe<nsString>& aAuthenticatorAttachment)
+ : mClientDataJSON(aClientDataJSON),
+ mCredPropsRk(Nothing()),
+ mAuthenticatorAttachment(aAuthenticatorAttachment) {
+ mAttestationObject.AppendElements(aAttestationObject);
+ mCredentialId.AppendElements(aCredentialId);
+ mTransports.AppendElements(aTransports);
+ }
+
+#ifdef MOZ_WIDGET_ANDROID
+ explicit WebAuthnRegisterResult(
+ const java::WebAuthnTokenManager::MakeCredentialResponse::LocalRef&
+ aResponse) {
+ mAttestationObject.AppendElements(
+ reinterpret_cast<uint8_t*>(
+ aResponse->AttestationObject()->GetElements().Elements()),
+ aResponse->AttestationObject()->Length());
+ mClientDataJSON = Some(nsAutoCString(
+ reinterpret_cast<const char*>(
+ aResponse->ClientDataJson()->GetElements().Elements()),
+ aResponse->ClientDataJson()->Length()));
+ mCredentialId.AppendElements(
+ reinterpret_cast<uint8_t*>(
+ aResponse->KeyHandle()->GetElements().Elements()),
+ aResponse->KeyHandle()->Length());
+ auto transports = aResponse->Transports();
+ for (size_t i = 0; i < transports->Length(); i++) {
+ mTransports.AppendElement(
+ jni::String::LocalRef(transports->GetElement(i))->ToString());
+ }
+ // authenticator attachment is not available on Android
+ mAuthenticatorAttachment = Nothing();
+ }
+#endif
+
+#ifdef XP_WIN
+ WebAuthnRegisterResult(nsCString& aClientDataJSON,
+ PCWEBAUTHN_CREDENTIAL_ATTESTATION aResponse)
+ : mClientDataJSON(Some(aClientDataJSON)) {
+ mCredentialId.AppendElements(aResponse->pbCredentialId,
+ aResponse->cbCredentialId);
+
+ mAttestationObject.AppendElements(aResponse->pbAttestationObject,
+ aResponse->cbAttestationObject);
+
+ nsTArray<WebAuthnExtensionResult> extensions;
+ if (aResponse->dwVersion >= WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_2) {
+ PCWEBAUTHN_EXTENSIONS pExtensionList = &aResponse->Extensions;
+ if (pExtensionList->cExtensions != 0 &&
+ pExtensionList->pExtensions != NULL) {
+ for (DWORD dwIndex = 0; dwIndex < pExtensionList->cExtensions;
+ dwIndex++) {
+ PWEBAUTHN_EXTENSION pExtension =
+ &pExtensionList->pExtensions[dwIndex];
+ if (pExtension->pwszExtensionIdentifier &&
+ (0 == _wcsicmp(pExtension->pwszExtensionIdentifier,
+ WEBAUTHN_EXTENSIONS_IDENTIFIER_HMAC_SECRET)) &&
+ pExtension->cbExtension == sizeof(BOOL)) {
+ BOOL* pCredentialCreatedWithHmacSecret =
+ (BOOL*)pExtension->pvExtension;
+ if (*pCredentialCreatedWithHmacSecret) {
+ mHmacCreateSecret = Some(true);
+ }
+ }
+ }
+ }
+ }
+
+ if (aResponse->dwVersion >= WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_3) {
+ if (aResponse->dwUsedTransport & WEBAUTHN_CTAP_TRANSPORT_USB) {
+ mTransports.AppendElement(u"usb"_ns);
+ }
+ if (aResponse->dwUsedTransport & WEBAUTHN_CTAP_TRANSPORT_NFC) {
+ mTransports.AppendElement(u"nfc"_ns);
+ }
+ if (aResponse->dwUsedTransport & WEBAUTHN_CTAP_TRANSPORT_BLE) {
+ mTransports.AppendElement(u"ble"_ns);
+ }
+ if (aResponse->dwUsedTransport & WEBAUTHN_CTAP_TRANSPORT_INTERNAL) {
+ mTransports.AppendElement(u"internal"_ns);
+ }
+ }
+ // WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_5 corresponds to
+ // WEBAUTHN_API_VERSION_6 which is where WEBAUTHN_CTAP_TRANSPORT_HYBRID was
+ // defined.
+ if (aResponse->dwVersion >= WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_5) {
+ if (aResponse->dwUsedTransport & WEBAUTHN_CTAP_TRANSPORT_HYBRID) {
+ mTransports.AppendElement(u"hybrid"_ns);
+ }
+ }
+
+ if (aResponse->dwVersion >= WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_3) {
+ if (aResponse->dwUsedTransport & WEBAUTHN_CTAP_TRANSPORT_INTERNAL) {
+ mAuthenticatorAttachment = Some(u"platform"_ns);
+ } else {
+ mAuthenticatorAttachment = Some(u"cross-platform"_ns);
+ }
+ }
+ }
+#endif
+
+ nsresult Anonymize();
+
+ private:
+ ~WebAuthnRegisterResult() = default;
+
+ nsTArray<uint8_t> mAttestationObject;
+ nsTArray<uint8_t> mCredentialId;
+ nsTArray<nsString> mTransports;
+ Maybe<nsCString> mClientDataJSON;
+ Maybe<bool> mCredPropsRk;
+ Maybe<bool> mHmacCreateSecret;
+ Maybe<nsString> mAuthenticatorAttachment;
+};
+
+class WebAuthnSignResult final : public nsIWebAuthnSignResult {
+ public:
+ NS_DECL_THREADSAFE_ISUPPORTS
+ NS_DECL_NSIWEBAUTHNSIGNRESULT
+
+ WebAuthnSignResult(const nsTArray<uint8_t>& aAuthenticatorData,
+ const Maybe<nsCString>& aClientDataJSON,
+ const nsTArray<uint8_t>& aCredentialId,
+ const nsTArray<uint8_t>& aSignature,
+ const nsTArray<uint8_t>& aUserHandle,
+ const Maybe<nsString>& aAuthenticatorAttachment)
+ : mClientDataJSON(aClientDataJSON),
+ mAuthenticatorAttachment(aAuthenticatorAttachment) {
+ mAuthenticatorData.AppendElements(aAuthenticatorData);
+ mCredentialId.AppendElements(aCredentialId);
+ mSignature.AppendElements(aSignature);
+ mUserHandle.AppendElements(aUserHandle);
+ }
+
+#ifdef MOZ_WIDGET_ANDROID
+ explicit WebAuthnSignResult(
+ const java::WebAuthnTokenManager::GetAssertionResponse::LocalRef&
+ aResponse) {
+ mAuthenticatorData.AppendElements(
+ reinterpret_cast<uint8_t*>(
+ aResponse->AuthData()->GetElements().Elements()),
+ aResponse->AuthData()->Length());
+ mClientDataJSON = Some(nsAutoCString(
+ reinterpret_cast<const char*>(
+ aResponse->ClientDataJson()->GetElements().Elements()),
+ aResponse->ClientDataJson()->Length()));
+ mCredentialId.AppendElements(
+ reinterpret_cast<uint8_t*>(
+ aResponse->KeyHandle()->GetElements().Elements()),
+ aResponse->KeyHandle()->Length());
+ mSignature.AppendElements(
+ reinterpret_cast<uint8_t*>(
+ aResponse->Signature()->GetElements().Elements()),
+ aResponse->Signature()->Length());
+ mUserHandle.AppendElements(
+ reinterpret_cast<uint8_t*>(
+ aResponse->UserHandle()->GetElements().Elements()),
+ aResponse->UserHandle()->Length());
+ // authenticator attachment is not available on Android
+ mAuthenticatorAttachment = Nothing();
+ }
+#endif
+
+#ifdef XP_WIN
+ WebAuthnSignResult(nsCString& aClientDataJSON, PCWEBAUTHN_ASSERTION aResponse)
+ : mClientDataJSON(Some(aClientDataJSON)) {
+ mSignature.AppendElements(aResponse->pbSignature, aResponse->cbSignature);
+
+ mCredentialId.AppendElements(aResponse->Credential.pbId,
+ aResponse->Credential.cbId);
+
+ mUserHandle.AppendElements(aResponse->pbUserId, aResponse->cbUserId);
+
+ mAuthenticatorData.AppendElements(aResponse->pbAuthenticatorData,
+ aResponse->cbAuthenticatorData);
+
+ mAuthenticatorAttachment = Nothing(); // not available
+ }
+#endif
+
+ private:
+ ~WebAuthnSignResult() = default;
+
+ nsTArray<uint8_t> mAuthenticatorData;
+ Maybe<nsCString> mClientDataJSON;
+ nsTArray<uint8_t> mCredentialId;
+ nsTArray<uint8_t> mSignature;
+ nsTArray<uint8_t> mUserHandle;
+ Maybe<nsString> mAuthenticatorAttachment;
+ Maybe<bool> mUsedAppId;
+};
+
+} // namespace mozilla::dom
+#endif // mozilla_dom_WebAuthnResult_h
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-02 00:36:08 +0000