From 1d008dbd728cda21ab87c63b4199610a60e095e7 Mon Sep 17 00:00:00 2001 From: varjolintu Date: Tue, 4 Jun 2024 21:06:41 +0300 Subject: [PATCH] Passkeys: Return authenticatorData and publicKeyAlgorithm to extension --- src/browser/BrowserPasskeys.cpp | 15 +++++++++++---- src/browser/BrowserPasskeys.h | 2 +- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/src/browser/BrowserPasskeys.cpp b/src/browser/BrowserPasskeys.cpp index 059e1509c..2b6d95f65 100644 --- a/src/browser/BrowserPasskeys.cpp +++ b/src/browser/BrowserPasskeys.cpp @@ -103,12 +103,19 @@ PublicKeyCredential BrowserPasskeys::buildRegisterPublicKeyCredential(const QJso return {}; } + // Authenticator data + const auto authenticatorData = buildAuthenticatorData(credentialCreationOptions["rp"]["id"].toString(), extensions); + // Response QJsonObject responseObject; responseObject["attestationObject"] = browserMessageBuilder()->getBase64FromArray(attestationObject); responseObject["clientDataJSON"] = browserMessageBuilder()->getBase64FromJson(clientDataJson); responseObject["clientExtensionResults"] = credentialCreationOptions["clientExtensionResults"]; + // Additions for extension side functions + responseObject["authenticatorData"] = browserMessageBuilder()->getBase64FromArray(authenticatorData); + responseObject["publicKeyAlgorithm"] = alg; + // PublicKeyCredential QJsonObject publicKeyCredential; publicKeyCredential["authenticatorAttachment"] = authenticatorAttachment; @@ -132,7 +139,8 @@ QJsonObject BrowserPasskeys::buildGetPublicKeyCredential(const QJsonObject& asse return {}; } - const auto authenticatorData = buildAuthenticatorData(assertionOptions); + const auto authenticatorData = + buildAuthenticatorData(assertionOptions["rpId"].toString(), assertionOptions["extensions"].toString()); const auto clientDataJson = assertionOptions["clientDataJson"].toObject(); const auto clientDataArray = QJsonDocument(clientDataJson).toJson(QJsonDocument::Compact); @@ -204,14 +212,13 @@ QByteArray BrowserPasskeys::buildAttestationObject(const QJsonObject& credential } // Build a short version of the attestation object for webauthn.get -QByteArray BrowserPasskeys::buildAuthenticatorData(const QJsonObject& publicKey) +QByteArray BrowserPasskeys::buildAuthenticatorData(const QString& rpId, const QString& extensions) { QByteArray result; - const auto rpIdHash = browserMessageBuilder()->getSha256Hash(publicKey["rpId"].toString()); + const auto rpIdHash = browserMessageBuilder()->getSha256Hash(rpId); result.append(rpIdHash); - const auto extensions = publicKey["extensions"].toString(); const auto flags = setFlagsFromJson(QJsonObject( {{"ED", !extensions.isEmpty()}, {"AT", false}, {"BS", false}, {"BE", false}, {"UV", true}, {"UP", true}})); result.append(flags); diff --git a/src/browser/BrowserPasskeys.h b/src/browser/BrowserPasskeys.h index 0c09e3314..21a8f1e51 100644 --- a/src/browser/BrowserPasskeys.h +++ b/src/browser/BrowserPasskeys.h @@ -119,7 +119,7 @@ private: const QString& credentialId, const QByteArray& cborEncodedPublicKey, const TestingVariables& predefinedVariables = {}); - QByteArray buildAuthenticatorData(const QJsonObject& publicKey); + QByteArray buildAuthenticatorData(const QString& rpId, const QString& extensions); AttestationKeyPair buildCredentialPrivateKey(int alg, const QString& predefinedFirst = QString(), const QString& predefinedSecond = QString());