Changeset 256001 in webkit
- Timestamp:
- Feb 6, 2020 6:57:30 PM (4 years ago)
- Location:
- trunk
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r255996 r256001 1 2020-02-06 Jiewen Tan <jiewen_tan@apple.com> 2 3 [WebAuthn] authenticatorGetAssertion should be sent without pinAuth if UV = "discouraged" 4 https://bugs.webkit.org/show_bug.cgi?id=206547 5 <rdar://problem/58768032> 6 7 Reviewed by Brent Fulgham. 8 9 * http/wpt/webauthn/public-key-credential-get-success-hid.https-expected.txt: 10 * http/wpt/webauthn/public-key-credential-get-success-hid.https.html: 11 1 12 2020-02-06 Antti Koivisto <antti@apple.com> 2 13 -
trunk/LayoutTests/http/wpt/webauthn/public-key-credential-get-success-hid.https-expected.txt
r254356 r256001 7 7 PASS PublicKeyCredential's [[get]] with two consecutive requests. 8 8 PASS PublicKeyCredential's [[get]] with multiple accounts in a mock hid authenticator. 9 PASS PublicKeyCredential's [[get]] with PIN supported in the authenticator but userVerification = 'discouraged' in a mock hid authenticator. 9 10 -
trunk/LayoutTests/http/wpt/webauthn/public-key-credential-get-success-hid.https.html
r254356 r256001 117 117 }); 118 118 }, "PublicKeyCredential's [[get]] with multiple accounts in a mock hid authenticator."); 119 120 promise_test(t => { 121 const options = { 122 publicKey: { 123 challenge: Base64URL.parse("MTIzNDU2"), 124 userVerification: "discouraged", 125 timeout: 100 126 } 127 }; 128 129 if (window.internals) 130 internals.setMockWebAuthenticationConfiguration({ hid: { supportClientPin: true, payloadBase64: [testAssertionMessageBase64] } }); 131 return navigator.credentials.get(options).then(credential => { 132 return checkCtapGetAssertionResult(credential); 133 }); 134 }, "PublicKeyCredential's [[get]] with PIN supported in the authenticator but userVerification = 'discouraged' in a mock hid authenticator."); 119 135 </script> -
trunk/Source/WebKit/ChangeLog
r256000 r256001 1 2020-02-06 Jiewen Tan <jiewen_tan@apple.com> 2 3 [WebAuthn] authenticatorGetAssertion should be sent without pinAuth if UV = "discouraged" 4 https://bugs.webkit.org/show_bug.cgi?id=206547 5 <rdar://problem/58768032> 6 7 Reviewed by Brent Fulgham. 8 9 Covered by new tests within existing files. 10 11 * UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp: 12 (WebKit::CtapAuthenticator::makeCredential): 13 (WebKit::CtapAuthenticator::getAssertion): 14 1 15 2020-02-06 Wenson Hsieh <wenson_hsieh@apple.com> 2 16 -
trunk/Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp
r254554 r256001 59 59 return; 60 60 Vector<uint8_t> cborCmd; 61 auto& options = WTF::get<PublicKeyCredentialCreationOptions>(requestData().options); 61 62 if (m_info.options().clientPinAvailability() == AuthenticatorSupportedOptions::ClientPinAvailability::kSupportedAndPinSet) 62 cborCmd = encodeMakeCredenitalRequestAsCBOR(requestData().hash, WTF::get<PublicKeyCredentialCreationOptions>(requestData().options), m_info.options().userVerificationAvailability(), PinParameters { pin::kProtocolVersion, m_pinAuth });63 cborCmd = encodeMakeCredenitalRequestAsCBOR(requestData().hash, options, m_info.options().userVerificationAvailability(), PinParameters { pin::kProtocolVersion, m_pinAuth }); 63 64 else 64 cborCmd = encodeMakeCredenitalRequestAsCBOR(requestData().hash, WTF::get<PublicKeyCredentialCreationOptions>(requestData().options), m_info.options().userVerificationAvailability());65 cborCmd = encodeMakeCredenitalRequestAsCBOR(requestData().hash, options, m_info.options().userVerificationAvailability()); 65 66 driver().transact(WTFMove(cborCmd), [weakThis = makeWeakPtr(*this)](Vector<uint8_t>&& data) { 66 67 ASSERT(RunLoop::isMain()); … … 92 93 ASSERT(!m_isDowngraded); 93 94 Vector<uint8_t> cborCmd; 94 if (m_info.options().clientPinAvailability() == AuthenticatorSupportedOptions::ClientPinAvailability::kSupportedAndPinSet) 95 cborCmd = encodeGetAssertionRequestAsCBOR(requestData().hash, WTF::get<PublicKeyCredentialRequestOptions>(requestData().options), m_info.options().userVerificationAvailability(), PinParameters { pin::kProtocolVersion, m_pinAuth }); 95 auto& options = WTF::get<PublicKeyCredentialRequestOptions>(requestData().options); 96 if (m_info.options().clientPinAvailability() == AuthenticatorSupportedOptions::ClientPinAvailability::kSupportedAndPinSet && options.userVerification != UserVerificationRequirement::Discouraged) 97 cborCmd = encodeGetAssertionRequestAsCBOR(requestData().hash, options, m_info.options().userVerificationAvailability(), PinParameters { pin::kProtocolVersion, m_pinAuth }); 96 98 else 97 cborCmd = encodeGetAssertionRequestAsCBOR(requestData().hash, WTF::get<PublicKeyCredentialRequestOptions>(requestData().options), m_info.options().userVerificationAvailability());99 cborCmd = encodeGetAssertionRequestAsCBOR(requestData().hash, options, m_info.options().userVerificationAvailability()); 98 100 driver().transact(WTFMove(cborCmd), [weakThis = makeWeakPtr(*this)](Vector<uint8_t>&& data) { 99 101 ASSERT(RunLoop::isMain());
Note: See TracChangeset
for help on using the changeset viewer.