1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
|
<!DOCTYPE html>
<meta charset="utf-8">
<title>WebAuthn navigator.credentials.create() pubKeyCredParams Tests</title>
<meta name="timeout" content="long">
<link rel="author" title="Adam Powers" href="mailto:adam@fidoalliance.org">
<link rel="help" href="https://w3c.github.io/webauthn/#iface-credential">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/resources/testdriver.js"></script>
<script src="/resources/testdriver-vendor.js"></script>
<script src=helpers.js></script>
<body></body>
<script>
standardSetup(function() {
"use strict";
var badType = {
type: "something-else",
alg: cose_alg_ECDSA_w_SHA512
};
var badTypeEmptyString = cloneObject(badType);
badTypeEmptyString.type = "";
var badTypeNull = cloneObject(badType);
badTypeNull.type = null;
var badTypeEmptyObj = cloneObject(badType);
badTypeEmptyObj.type = {};
var badAlg = {
type: "public-key",
alg: 42
};
var badAlgZero = cloneObject(badAlg);
badAlgZero.alg = 0;
// bad pubKeyCredParams values
new CreateCredentialsTest({path: "options.publicKey.pubKeyCredParams", value: undefined}).runTest("Bad pubKeyCredParams: pubKeyCredParams is undefined", TypeError);
new CreateCredentialsTest("options.publicKey.pubKeyCredParams", "hi mom").runTest("Bad pubKeyCredParams: pubKeyCredParams is string", TypeError);
new CreateCredentialsTest("options.publicKey.pubKeyCredParams", null).runTest("Bad pubKeyCredParams: pubKeyCredParams is null", TypeError);
new CreateCredentialsTest("options.publicKey.pubKeyCredParams", [badType]).runTest("Bad pubKeyCredParams: first param has bad type (\"something-else\")", "NotSupportedError");
new CreateCredentialsTest("options.publicKey.pubKeyCredParams", [badTypeEmptyString]).runTest("Bad pubKeyCredParams: first param has bad type (\"\")", "NotSupportedError");
new CreateCredentialsTest("options.publicKey.pubKeyCredParams", [badTypeNull]).runTest("Bad pubKeyCredParams: first param has bad type (null)", "NotSupportedError");
new CreateCredentialsTest("options.publicKey.pubKeyCredParams", [badTypeEmptyObj]).runTest("Bad pubKeyCredParams: first param has bad type (empty object)", "NotSupportedError");
new CreateCredentialsTest("options.publicKey.pubKeyCredParams", [badAlg])
.modify("options.publicKey.timeout", 300)
.runTest("Bad pubKeyCredParams: first param has bad alg (42)", "NotAllowedError");
new CreateCredentialsTest("options.publicKey.pubKeyCredParams", [badAlgZero])
.modify("options.publicKey.timeout", 300)
.runTest("Bad pubKeyCredParams: first param has bad alg (0)", "NotAllowedError");
// TODO: come back to this when mock authenticators support multiple cryptos so that we can test the preference ranking
// function verifyEC256(res) {
// debug ("verifyEC256 got", res);
// debug ("client data JSON", ab2str(res.response.clientDataJSON));
// parseAuthenticatorData(res.response.attestationObject);
// }
// new CreateCredentialsTest("options.publicKey.pubKeyCredParams", [pkParamEC256, pkParamEC512])
// .afterTest(verifyEC256)
// .runTest("EC256, EC512 pubKeyCredParams");
// function verifyEC512(res) {
// debug ("verifyEC512 got", res);
// debug ("client data JSON", ab2str(res.response.clientDataJSON));
// // parseAuthenticatorData(res.response.attestationObject);
// printHex ("clientDataJSON", res.response.clientDataJSON);
// printHex ("attestationObject", res.response.attestationObject);
// }
// new CreateCredentialsTest("options.publicKey.pubKeyCredParams", [pkParamEC512, pkParamEC256])
// .afterTest(verifyEC512)
// .runTest("EC512, EC256 pubKeyCredParams");
});
/* JSHINT */
/* globals standardSetup, CreateCredentialsTest, cose_alg_ECDSA_w_SHA512, cloneObject */
</script>
|