Git-Mirrors/keepassxc
1
0
Fork 0
mirror of https://github.com/keepassxreboot/keepassxc.git synced 2024-10-01 01:26:01 -04:00
Code Issues Packages Projects Releases Wiki Activity

Passkeys: Return authenticatorData and publicKeyAlgorithm to extension

Browse Source
This commit is contained in:
varjolintu 2024-06-04 21:06:41 +03:00 committed by Jonathan White
parent c3df16147d
commit 1d008dbd72
2 changed files with 12 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/browser/BrowserPasskeys.cpp
View File

@ -103,12 +103,19 @@ PublicKeyCredential BrowserPasskeys::buildRegisterPublicKeyCredential(const QJso
return {};
}
// Authenticator data
const auto authenticatorData = buildAuthenticatorData(credentialCreationOptions["rp"]["id"].toString(), extensions);
// Response
QJsonObject responseObject;
responseObject["attestationObject"] = browserMessageBuilder()->getBase64FromArray(attestationObject);
responseObject["clientDataJSON"] = browserMessageBuilder()->getBase64FromJson(clientDataJson);
responseObject["clientExtensionResults"] = credentialCreationOptions["clientExtensionResults"];
// Additions for extension side functions
responseObject["authenticatorData"] = browserMessageBuilder()->getBase64FromArray(authenticatorData);
responseObject["publicKeyAlgorithm"] = alg;
// PublicKeyCredential
QJsonObject publicKeyCredential;
publicKeyCredential["authenticatorAttachment"] = authenticatorAttachment;
@ -132,7 +139,8 @@ QJsonObject BrowserPasskeys::buildGetPublicKeyCredential(const QJsonObject& asse
return {};
}
const auto authenticatorData = buildAuthenticatorData(assertionOptions);
const auto authenticatorData =
buildAuthenticatorData(assertionOptions["rpId"].toString(), assertionOptions["extensions"].toString());
const auto clientDataJson = assertionOptions["clientDataJson"].toObject();
const auto clientDataArray = QJsonDocument(clientDataJson).toJson(QJsonDocument::Compact);
@ -204,14 +212,13 @@ QByteArray BrowserPasskeys::buildAttestationObject(const QJsonObject& credential
}
// Build a short version of the attestation object for webauthn.get
QByteArray BrowserPasskeys::buildAuthenticatorData(const QJsonObject& publicKey)
QByteArray BrowserPasskeys::buildAuthenticatorData(const QString& rpId, const QString& extensions)
{
QByteArray result;
const auto rpIdHash = browserMessageBuilder()->getSha256Hash(publicKey["rpId"].toString());
const auto rpIdHash = browserMessageBuilder()->getSha256Hash(rpId);
result.append(rpIdHash);
const auto extensions = publicKey["extensions"].toString();
const auto flags = setFlagsFromJson(QJsonObject(
{{"ED", !extensions.isEmpty()}, {"AT", false}, {"BS", false}, {"BE", false}, {"UV", true}, {"UP", true}}));
result.append(flags);

2
src/browser/BrowserPasskeys.h
View File

@ -119,7 +119,7 @@ private:
const QString& credentialId,
const QByteArray& cborEncodedPublicKey,
const TestingVariables& predefinedVariables = {});
QByteArray buildAuthenticatorData(const QJsonObject& publicKey);
QByteArray buildAuthenticatorData(const QString& rpId, const QString& extensions);
AttestationKeyPair buildCredentialPrivateKey(int alg,
const QString& predefinedFirst = QString(),
const QString& predefinedSecond = QString());