Changeset 277658 in webkit
- Timestamp:
- May 18, 2021 10:04:34 AM (3 years ago)
- Location:
- trunk/Source/WebKit
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebKit/ChangeLog
r277655 r277658 1 2021-05-18 Garrett Davidson <garrett_davidson@apple.com> 2 3 Add nil checks for LAContexts before inserting them in the dictionaries. 4 https://bugs.webkit.org/show_bug.cgi?id=225897 5 6 Reviewed by Tim Horton. 7 8 In 225218 we stopped dropping requests that didn't have LAContexts. However, that let us 9 proceed only until we tried to put the (nil) LAContext in an NSDictionary to make a Sec* 10 call, which throws an exception. This patch adds proper nil checking before inserting the 11 contexts into the dictionaries. 12 13 Manually tested registration and assertion on macOS with and without LAContexts. 14 15 * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm: 16 (WebKit::LocalAuthenticator::continueGetAssertionAfterUserVerification): 17 * UIProcess/WebAuthentication/Cocoa/LocalConnection.mm: 18 (WebKit::LocalConnection::createCredentialPrivateKey const): 19 1 20 2021-05-18 Chris Dumez <cdumez@apple.com> 2 21 -
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
r276180 r277658 603 603 auto nsCredentialId = toNSData(response->rawId()); 604 604 { 605 auto query = adoptNS([[NSMutableDictionary alloc] init]); 606 [query setDictionary:@{ 605 NSMutableDictionary *queryDictionary = [@{ 607 606 (id)kSecClass: (id)kSecClassKey, 608 607 (id)kSecAttrKeyClass: (id)kSecAttrKeyClassPrivate, 609 608 (id)kSecAttrApplicationLabel: nsCredentialId.get(), 610 (id)kSecUseAuthenticationContext: context,611 609 (id)kSecReturnRef: @YES, 612 610 #if HAVE(DATA_PROTECTION_KEYCHAIN) … … 615 613 (id)kSecAttrNoLegacy: @YES 616 614 #endif 617 }]; 615 } mutableCopy]; 616 617 if (context) 618 queryDictionary[(id)kSecUseAuthenticationContext] = context; 619 620 auto query = adoptNS(queryDictionary); 618 621 updateQueryIfNecessary(query.get()); 619 622 -
trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalConnection.mm
r276851 r277658 160 160 RetainPtr<SecKeyRef> LocalConnection::createCredentialPrivateKey(LAContext *context, SecAccessControlRef accessControlRef, const String& secAttrLabel, NSData *secAttrApplicationTag) const 161 161 { 162 NSDictionary *privateKeyAttributes = @{ 163 (id)kSecAttrAccessControl: (id)accessControlRef, 164 (id)kSecAttrIsPermanent: @YES, 165 (id)kSecAttrAccessGroup: (id)String(LocalAuthenticatiorAccessGroup), 166 (id)kSecAttrLabel: secAttrLabel, 167 (id)kSecAttrApplicationTag: secAttrApplicationTag, 168 }; 169 170 if (context) { 171 privateKeyAttributes = [privateKeyAttributes mutableCopy]; 172 ((NSMutableDictionary *)privateKeyAttributes)[(id)kSecUseAuthenticationContext] = context; 173 } 174 162 175 NSDictionary *attributes = @{ 163 176 (id)kSecAttrTokenID: (id)kSecAttrTokenIDSecureEnclave, 164 177 (id)kSecAttrKeyType: (id)kSecAttrKeyTypeECSECPrimeRandom, 165 178 (id)kSecAttrKeySizeInBits: @256, 166 (id)kSecPrivateKeyAttrs: @{ 167 (id)kSecUseAuthenticationContext: context, 168 (id)kSecAttrAccessControl: (id)accessControlRef, 169 (id)kSecAttrIsPermanent: @YES, 170 (id)kSecAttrAccessGroup: (id)String(LocalAuthenticatiorAccessGroup), 171 (id)kSecAttrLabel: secAttrLabel, 172 (id)kSecAttrApplicationTag: secAttrApplicationTag, 173 }}; 179 (id)kSecPrivateKeyAttrs: privateKeyAttributes, 180 }; 181 174 182 LOCAL_CONNECTION_ADDITIONS 175 183 CFErrorRef errorRef = nullptr;
Note: See TracChangeset
for help on using the changeset viewer.