Git-Mirrors/keepassxc
1
0
Fork 0
mirror of https://github.com/keepassxreboot/keepassxc.git synced 2024-10-01 01:26:01 -04:00
Code Issues Packages Projects Releases Wiki Activity

Passkeys: Return authenticatorData and publicKeyAlgorithm to extension

Browse Source
This commit is contained in:
varjolintu 2024-06-04 21:06:41 +03:00 committed by Jonathan White
parent c3df16147d
commit 1d008dbd72
2 changed files with 12 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/browser/BrowserPasskeys.cpp
View File

@ -103,12 +103,19 @@ PublicKeyCredential BrowserPasskeys::buildRegisterPublicKeyCredential(const QJso
return {}; return {};
} }
// Authenticator data
const auto authenticatorData = buildAuthenticatorData(credentialCreationOptions["rp"]["id"].toString(), extensions);
// Response // Response
QJsonObject responseObject; QJsonObject responseObject;
responseObject["attestationObject"] = browserMessageBuilder()->getBase64FromArray(attestationObject); responseObject["attestationObject"] = browserMessageBuilder()->getBase64FromArray(attestationObject);
responseObject["clientDataJSON"] = browserMessageBuilder()->getBase64FromJson(clientDataJson); responseObject["clientDataJSON"] = browserMessageBuilder()->getBase64FromJson(clientDataJson);
responseObject["clientExtensionResults"] = credentialCreationOptions["clientExtensionResults"]; responseObject["clientExtensionResults"] = credentialCreationOptions["clientExtensionResults"];
// Additions for extension side functions
responseObject["authenticatorData"] = browserMessageBuilder()->getBase64FromArray(authenticatorData);
responseObject["publicKeyAlgorithm"] = alg;
// PublicKeyCredential // PublicKeyCredential
QJsonObject publicKeyCredential; QJsonObject publicKeyCredential;
publicKeyCredential["authenticatorAttachment"] = authenticatorAttachment; publicKeyCredential["authenticatorAttachment"] = authenticatorAttachment;
@ -132,7 +139,8 @@ QJsonObject BrowserPasskeys::buildGetPublicKeyCredential(const QJsonObject& asse
return {}; return {};
} }
const auto authenticatorData = buildAuthenticatorData(assertionOptions); const auto authenticatorData =
buildAuthenticatorData(assertionOptions["rpId"].toString(), assertionOptions["extensions"].toString());
const auto clientDataJson = assertionOptions["clientDataJson"].toObject(); const auto clientDataJson = assertionOptions["clientDataJson"].toObject();
const auto clientDataArray = QJsonDocument(clientDataJson).toJson(QJsonDocument::Compact); const auto clientDataArray = QJsonDocument(clientDataJson).toJson(QJsonDocument::Compact);
@ -204,14 +212,13 @@ QByteArray BrowserPasskeys::buildAttestationObject(const QJsonObject& credential
} }
// Build a short version of the attestation object for webauthn.get // Build a short version of the attestation object for webauthn.get
QByteArray BrowserPasskeys::buildAuthenticatorData(const QJsonObject& publicKey) QByteArray BrowserPasskeys::buildAuthenticatorData(const QString& rpId, const QString& extensions)
{ {
QByteArray result; QByteArray result;
const auto rpIdHash = browserMessageBuilder()->getSha256Hash(publicKey["rpId"].toString()); const auto rpIdHash = browserMessageBuilder()->getSha256Hash(rpId);
result.append(rpIdHash); result.append(rpIdHash);
const auto extensions = publicKey["extensions"].toString();
const auto flags = setFlagsFromJson(QJsonObject( const auto flags = setFlagsFromJson(QJsonObject(
{{"ED", !extensions.isEmpty()}, {"AT", false}, {"BS", false}, {"BE", false}, {"UV", true}, {"UP", true}})); {{"ED", !extensions.isEmpty()}, {"AT", false}, {"BS", false}, {"BE", false}, {"UV", true}, {"UP", true}}));
result.append(flags); result.append(flags);

2
src/browser/BrowserPasskeys.h
View File

@ -119,7 +119,7 @@ private:
const QString& credentialId, const QString& credentialId,
const QByteArray& cborEncodedPublicKey, const QByteArray& cborEncodedPublicKey,
const TestingVariables& predefinedVariables = {}); const TestingVariables& predefinedVariables = {});
QByteArray buildAuthenticatorData(const QJsonObject& publicKey); QByteArray buildAuthenticatorData(const QString& rpId, const QString& extensions);
AttestationKeyPair buildCredentialPrivateKey(int alg, AttestationKeyPair buildCredentialPrivateKey(int alg,
const QString& predefinedFirst = QString(), const QString& predefinedFirst = QString(),
const QString& predefinedSecond = QString()); const QString& predefinedSecond = QString());