Title: [239523] trunk
- Revision
- 239523
- Author
- jiewen_...@apple.com
- Date
- 2018-12-21 15:27:27 -0800 (Fri, 21 Dec 2018)
Log Message
[WebAuthN] userPresence should always be true
https://bugs.webkit.org/show_bug.cgi?id=192835
<rdar://problem/46538788>
Reviewed by Brent Fulgham.
Source/WebCore:
In the current spec as of 7 August 2018, userPresence is suggested to set to the inverse of userVerification.
This doesn't comply with the CTAP spec. Details in: https://github.com/w3c/webauthn/issues/1123.
After discussing with other members of the working group, we decided to make userPresence always default to true.
Covered by exisiting tests.
* Modules/webauthn/fido/DeviceRequestConverter.cpp:
(fido::encodeGetAssertionRequestAsCBOR):
Tools:
* TestWebKitAPI/Tests/WebCore/CtapRequestTest.cpp:
(TestWebKitAPI::TEST):
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (239522 => 239523)
--- trunk/Source/WebCore/ChangeLog 2018-12-21 23:26:05 UTC (rev 239522)
+++ trunk/Source/WebCore/ChangeLog 2018-12-21 23:27:27 UTC (rev 239523)
@@ -1,5 +1,22 @@
2018-12-21 Jiewen Tan <jiewen_...@apple.com>
+ [WebAuthN] userPresence should always be true
+ https://bugs.webkit.org/show_bug.cgi?id=192835
+ <rdar://problem/46538788>
+
+ Reviewed by Brent Fulgham.
+
+ In the current spec as of 7 August 2018, userPresence is suggested to set to the inverse of userVerification.
+ This doesn't comply with the CTAP spec. Details in: https://github.com/w3c/webauthn/issues/1123.
+ After discussing with other members of the working group, we decided to make userPresence always default to true.
+
+ Covered by exisiting tests.
+
+ * Modules/webauthn/fido/DeviceRequestConverter.cpp:
+ (fido::encodeGetAssertionRequestAsCBOR):
+
+2018-12-21 Jiewen Tan <jiewen_...@apple.com>
+
[WebAuthN] Import an APDU coder from Chromium
https://bugs.webkit.org/show_bug.cgi?id=192949
<rdar://problem/46879933>
Modified: trunk/Source/WebCore/Modules/webauthn/fido/DeviceRequestConverter.cpp (239522 => 239523)
--- trunk/Source/WebCore/Modules/webauthn/fido/DeviceRequestConverter.cpp 2018-12-21 23:26:05 UTC (rev 239522)
+++ trunk/Source/WebCore/Modules/webauthn/fido/DeviceRequestConverter.cpp 2018-12-21 23:27:27 UTC (rev 239523)
@@ -159,7 +159,7 @@
requireUserVerification = false;
}
optionMap[CBORValue(kUserVerificationMapKey)] = CBORValue(requireUserVerification);
- optionMap[CBORValue(kUserPresenceMapKey)] = CBORValue(!requireUserVerification);
+ optionMap[CBORValue(kUserPresenceMapKey)] = CBORValue(true);
if (!optionMap.empty())
cborMap[CBORValue(5)] = CBORValue(WTFMove(optionMap));
Modified: trunk/Tools/ChangeLog (239522 => 239523)
--- trunk/Tools/ChangeLog 2018-12-21 23:26:05 UTC (rev 239522)
+++ trunk/Tools/ChangeLog 2018-12-21 23:27:27 UTC (rev 239523)
@@ -1,3 +1,14 @@
+2018-12-21 Jiewen Tan <jiewen_...@apple.com>
+
+ [WebAuthN] userPresence should always be true
+ https://bugs.webkit.org/show_bug.cgi?id=192835
+ <rdar://problem/46538788>
+
+ Reviewed by Brent Fulgham.
+
+ * TestWebKitAPI/Tests/WebCore/CtapRequestTest.cpp:
+ (TestWebKitAPI::TEST):
+
2018-12-19 Simon Fraser <simon.fra...@apple.com>
Add support to run-benchmark to use non-default copies of the browser apps
Modified: trunk/Tools/TestWebKitAPI/Tests/WebCore/FidoTestData.h (239522 => 239523)
--- trunk/Tools/TestWebKitAPI/Tests/WebCore/FidoTestData.h 2018-12-21 23:26:05 UTC (rev 239522)
+++ trunk/Tools/TestWebKitAPI/Tests/WebCore/FidoTestData.h 2018-12-21 23:27:27 UTC (rev 239523)
@@ -344,8 +344,8 @@
0xa2,
// key -"up"
0x62, 0x75, 0x70,
- // value - False(20)
- 0xf4,
+ // value - True(21)
+ 0xf5,
// key - "uv"
0x62, 0x75, 0x76,
// value - True(21)
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes