Diff
Modified: trunk/Source/WebCore/ChangeLog (285697 => 285698)
--- trunk/Source/WebCore/ChangeLog 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Source/WebCore/ChangeLog 2021-11-12 01:42:42 UTC (rev 285698)
@@ -1,3 +1,52 @@
+2021-11-11 Brent Fulgham <bfulg...@apple.com>
+
+ [WebAuthn] Stop serializing BufferSource and Vector<uint8_t> duplicates of identifiers
+ https://bugs.webkit.org/show_bug.cgi?id=233011
+ <rdar://problem/85313807>
+
+ Reviewed by Chris Dumez.
+
+ The original WebAuthn logic converted WebCore::BufferSource objects to Vector<uint8_t>
+ during serialization, which created a weird design where some code dealt with BufferSource
+ objects, and other with Vectors, and lots of converting to and from these types. It also caused
+ WebAuthn data structures to have two places where this information might live, with the
+ UIProcess using one representation, and the WebContent process using another.
+
+ This patch revises the code as follows:
+
+ 1. The identifiers are always stored as BufferSource, and the same member is used in UIProcess
+ and WebContent process when accessing this information.
+ 2. We now serialize BufferSource directly.
+
+ Tested by existing WebAuthn test cases (API and Layout tests)
+
+ * Modules/webauthn/PublicKeyCredentialCreationOptions.h:
+ (WebCore::PublicKeyCredentialCreationOptions::encode const):
+ (WebCore::PublicKeyCredentialCreationOptions::decode):
+ * Modules/webauthn/PublicKeyCredentialDescriptor.h:
+ (WebCore::PublicKeyCredentialDescriptor::encode const):
+ (WebCore::PublicKeyCredentialDescriptor::decode):
+ * Modules/webauthn/PublicKeyCredentialRequestOptions.h:
+ (WebCore::PublicKeyCredentialRequestOptions::decode):
+ * Modules/webauthn/cbor/CBORValue.cpp:
+ (cbor::CBORValue::CBORValue):
+ * Modules/webauthn/cbor/CBORValue.h:
+ * Modules/webauthn/fido/DeviceRequestConverter.cpp:
+ (fido::convertUserEntityToCBOR):
+ (fido::convertDescriptorToCBOR):
+ * Modules/webauthn/fido/U2fCommandConstructor.cpp:
+ (fido::WebCore::constructU2fSignCommand):
+ (fido::convertToU2fCheckOnlySignCommand):
+ (fido::convertToU2fSignCommand):
+ * Modules/webauthn/fido/U2fCommandConstructor.h:
+ * Modules/webauthn/fido/U2fResponseConverter.cpp:
+ (fido::readU2fSignResponse):
+ * Modules/webauthn/fido/U2fResponseConverter.h:
+ * bindings/js/BufferSource.h:
+ (WebCore::BufferSource::encode const):
+ (WebCore::BufferSource::decode):
+ (WebCore::toBufferSource):
+
2021-11-11 Michael Catanzaro <mcatanz...@gnome.org>
Misc compiler warnings
Modified: trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h (285697 => 285698)
--- trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h 2021-11-12 01:42:42 UTC (rev 285698)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2018-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -51,8 +51,7 @@
};
struct UserEntity : public Entity {
- BufferSource id; // id becomes idVector once it is passed to UIProcess.
- Vector<uint8_t> idVector;
+ BufferSource id;
String displayName;
};
@@ -76,7 +75,7 @@
RpEntity rp;
UserEntity user;
- BufferSource challenge; // challenge becomes challengeVector once it is passed to UIProcess.
+ BufferSource challenge;
Vector<Parameters> pubKeyCredParams;
std::optional<unsigned> timeout;
@@ -85,8 +84,6 @@
AttestationConveyancePreference attestation;
mutable std::optional<AuthenticationExtensionsClientInputs> extensions;
- Vector<uint8_t> challengeVector;
-
template<class Encoder> void encode(Encoder&) const;
template<class Decoder> static std::optional<PublicKeyCredentialCreationOptions> decode(Decoder&);
#endif // ENABLE(WEB_AUTHN)
@@ -143,8 +140,7 @@
void PublicKeyCredentialCreationOptions::encode(Encoder& encoder) const
{
encoder << rp.id << rp.name << rp.icon;
- encoder << static_cast<uint64_t>(user.id.length());
- encoder.encodeFixedLengthData(user.id.data(), user.id.length(), 1);
+ encoder << user.id;
encoder << user.displayName << user.name << user.icon << pubKeyCredParams << timeout << excludeCredentials << authenticatorSelection << attestation << extensions;
encoder << static_cast<uint64_t>(challenge.length());
encoder.encodeFixedLengthData(challenge.data(), challenge.length(), 1);
@@ -160,7 +156,7 @@
return std::nullopt;
if (!decoder.decode(result.rp.icon))
return std::nullopt;
- if (!decoder.decode(result.user.idVector))
+ if (!decoder.decode(result.user.id))
return std::nullopt;
if (!decoder.decode(result.user.displayName))
return std::nullopt;
@@ -198,7 +194,7 @@
return std::nullopt;
result.extensions = WTFMove(*extensions);
- if (!decoder.decode(result.challengeVector))
+ if (!decoder.decode(result.challenge))
return std::nullopt;
return result;
Modified: trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialDescriptor.h (285697 => 285698)
--- trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialDescriptor.h 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialDescriptor.h 2021-11-12 01:42:42 UTC (rev 285698)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2018-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -35,8 +35,7 @@
struct PublicKeyCredentialDescriptor {
PublicKeyCredentialType type;
- BufferSource id; // id becomes idVector once it is passed to UIProcess.
- Vector<uint8_t> idVector;
+ BufferSource id;
Vector<AuthenticatorTransport> transports;
template<class Encoder> void encode(Encoder&) const;
@@ -47,8 +46,7 @@
void PublicKeyCredentialDescriptor::encode(Encoder& encoder) const
{
encoder << type;
- encoder << static_cast<uint64_t>(id.length());
- encoder.encodeFixedLengthData(id.data(), id.length(), 1);
+ encoder << id;
encoder << transports;
}
@@ -58,7 +56,7 @@
PublicKeyCredentialDescriptor result;
if (!decoder.decode(result.type))
return std::nullopt;
- if (!decoder.decode(result.idVector))
+ if (!decoder.decode(result.id))
return std::nullopt;
if (!decoder.decode(result.transports))
return std::nullopt;
Modified: trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialRequestOptions.h (285697 => 285698)
--- trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialRequestOptions.h 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Source/WebCore/Modules/webauthn/PublicKeyCredentialRequestOptions.h 2021-11-12 01:42:42 UTC (rev 285698)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2018-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -38,7 +38,7 @@
struct PublicKeyCredentialRequestOptions {
#if ENABLE(WEB_AUTHN)
- BufferSource challenge; // challenge becomes challengeVector once it is passed to UIProcess.
+ BufferSource challenge;
std::optional<unsigned> timeout;
mutable String rpId;
Vector<PublicKeyCredentialDescriptor> allowCredentials;
@@ -46,8 +46,6 @@
std::optional<AuthenticatorAttachment> authenticatorAttachment;
mutable std::optional<AuthenticationExtensionsClientInputs> extensions;
- Vector<uint8_t> challengeVector;
-
template<class Encoder> void encode(Encoder&) const;
template<class Decoder> static std::optional<PublicKeyCredentialRequestOptions> decode(Decoder&);
#endif // ENABLE(WEB_AUTHN)
@@ -91,7 +89,7 @@
return std::nullopt;
result.extensions = WTFMove(*extensions);
- if (!decoder.decode(result.challengeVector))
+ if (!decoder.decode(result.challenge))
return std::nullopt;
return result;
Modified: trunk/Source/WebCore/Modules/webauthn/cbor/CBORValue.cpp (285697 => 285698)
--- trunk/Source/WebCore/Modules/webauthn/cbor/CBORValue.cpp 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Source/WebCore/Modules/webauthn/cbor/CBORValue.cpp 2021-11-12 01:42:42 UTC (rev 285698)
@@ -1,5 +1,5 @@
// Copyright 2017 The Chromium Authors. All rights reserved.
-// Copyright (C) 2018 Apple Inc. All rights reserved.
+// Copyright (C) 2018-2021 Apple Inc. All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
@@ -32,6 +32,7 @@
#if ENABLE(WEB_AUTHN)
+#include "BufferSource.h"
#include <new>
#include <utility>
@@ -100,6 +101,12 @@
{
}
+CBORValue::CBORValue(const WebCore::BufferSource& bufferSource)
+ : m_type(Type::ByteString)
+ , m_byteStringValue(bufferSource.data(), bufferSource.length())
+{
+}
+
CBORValue::CBORValue(const char* inString)
: CBORValue(String(inString))
{
Modified: trunk/Source/WebCore/Modules/webauthn/cbor/CBORValue.h (285697 => 285698)
--- trunk/Source/WebCore/Modules/webauthn/cbor/CBORValue.h 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Source/WebCore/Modules/webauthn/cbor/CBORValue.h 2021-11-12 01:42:42 UTC (rev 285698)
@@ -1,5 +1,5 @@
// Copyright 2017 The Chromium Authors. All rights reserved.
-// Copyright (C) 2018 Apple Inc. All rights reserved.
+// Copyright (C) 2018-2021 Apple Inc. All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
@@ -37,6 +37,10 @@
#include <wtf/Vector.h>
#include <wtf/text/WTFString.h>
+namespace WebCore {
+class BufferSource;
+}
+
namespace cbor {
// A class for Concise Binary Object Representation (CBOR) values.
@@ -127,6 +131,8 @@
explicit CBORValue(const BinaryValue&);
explicit CBORValue(BinaryValue&&);
+ explicit CBORValue(const WebCore::BufferSource&);
+
explicit CBORValue(const char*);
explicit CBORValue(String&&);
explicit CBORValue(const String&);
Modified: trunk/Source/WebCore/Modules/webauthn/fido/DeviceRequestConverter.cpp (285697 => 285698)
--- trunk/Source/WebCore/Modules/webauthn/fido/DeviceRequestConverter.cpp 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Source/WebCore/Modules/webauthn/fido/DeviceRequestConverter.cpp 2021-11-12 01:42:42 UTC (rev 285698)
@@ -1,5 +1,5 @@
// Copyright 2017 The Chromium Authors. All rights reserved.
-// Copyright (C) 2018 Apple Inc. All rights reserved.
+// Copyright (C) 2018-2021 Apple Inc. All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
@@ -61,7 +61,7 @@
userMap.emplace(CBORValue(kEntityNameMapKey), CBORValue(userEntity.name));
if (!userEntity.icon.isEmpty())
userMap.emplace(CBORValue(kIconUrlMapKey), CBORValue(userEntity.icon));
- userMap.emplace(CBORValue(kEntityIdMapKey), CBORValue(userEntity.idVector));
+ userMap.emplace(CBORValue(kEntityIdMapKey), CBORValue(userEntity.id));
userMap.emplace(CBORValue(kDisplayNameMapKey), CBORValue(userEntity.displayName));
return CBORValue(WTFMove(userMap));
}
@@ -83,7 +83,7 @@
{
CBORValue::MapValue cborDescriptorMap;
cborDescriptorMap[CBORValue(kCredentialTypeKey)] = CBORValue(publicKeyCredentialTypeToString(descriptor.type));
- cborDescriptorMap[CBORValue(kCredentialIdKey)] = CBORValue(descriptor.idVector);
+ cborDescriptorMap[CBORValue(kCredentialIdKey)] = CBORValue(descriptor.id);
return CBORValue(WTFMove(cborDescriptorMap));
}
Modified: trunk/Source/WebCore/Modules/webauthn/fido/U2fCommandConstructor.cpp (285697 => 285698)
--- trunk/Source/WebCore/Modules/webauthn/fido/U2fCommandConstructor.cpp 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Source/WebCore/Modules/webauthn/fido/U2fCommandConstructor.cpp 2021-11-12 01:42:42 UTC (rev 285698)
@@ -1,5 +1,5 @@
// Copyright 2018 The Chromium Authors. All rights reserved.
-// Copyright (C) 2019 Apple Inc. All rights reserved.
+// Copyright (C) 2019-2021 Apple Inc. All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
@@ -61,17 +61,17 @@
return command.getEncodedCommand();
}
-static std::optional<Vector<uint8_t>> constructU2fSignCommand(const Vector<uint8_t>& applicationParameter, const Vector<uint8_t>& challengeParameter, const Vector<uint8_t>& keyHandle, bool checkOnly)
+static std::optional<Vector<uint8_t>> constructU2fSignCommand(const Vector<uint8_t>& applicationParameter, const Vector<uint8_t>& challengeParameter, const BufferSource& keyHandle, bool checkOnly)
{
- if (keyHandle.size() > kMaxKeyHandleLength)
+ if (keyHandle.length() > kMaxKeyHandleLength)
return std::nullopt;
Vector<uint8_t> data;
- data.reserveInitialCapacity(kU2fChallengeParamLength + kU2fApplicationParamLength + 1 + keyHandle.size());
+ data.reserveInitialCapacity(kU2fChallengeParamLength + kU2fApplicationParamLength + 1 + keyHandle.length());
data.appendVector(challengeParameter);
data.appendVector(applicationParameter);
- data.append(static_cast<uint8_t>(keyHandle.size()));
- data.appendVector(keyHandle);
+ data.append(static_cast<uint8_t>(keyHandle.length()));
+ data.append(keyHandle.data(), keyHandle.length());
apdu::ApduCommand command;
command.setIns(static_cast<uint8_t>(U2fApduInstruction::kSign));
@@ -111,10 +111,10 @@
if (keyHandle.type != PublicKeyCredentialType::PublicKey)
return std::nullopt;
- return constructU2fSignCommand(produceRpIdHash(request.rp.id), clientDataHash, keyHandle.idVector, true /* checkOnly */);
+ return constructU2fSignCommand(produceRpIdHash(request.rp.id), clientDataHash, keyHandle.id, true /* checkOnly */);
}
-std::optional<Vector<uint8_t>> convertToU2fSignCommand(const Vector<uint8_t>& clientDataHash, const PublicKeyCredentialRequestOptions& request, const Vector<uint8_t>& keyHandle, bool isAppId)
+std::optional<Vector<uint8_t>> convertToU2fSignCommand(const Vector<uint8_t>& clientDataHash, const PublicKeyCredentialRequestOptions& request, const WebCore::BufferSource& keyHandle, bool isAppId)
{
if (!isConvertibleToU2fSignCommand(request))
return std::nullopt;
Modified: trunk/Source/WebCore/Modules/webauthn/fido/U2fCommandConstructor.h (285697 => 285698)
--- trunk/Source/WebCore/Modules/webauthn/fido/U2fCommandConstructor.h 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Source/WebCore/Modules/webauthn/fido/U2fCommandConstructor.h 2021-11-12 01:42:42 UTC (rev 285698)
@@ -1,5 +1,5 @@
// Copyright 2018 The Chromium Authors. All rights reserved.
-// Copyright (C) 2019 Apple Inc. All rights reserved.
+// Copyright (C) 2019-2021 Apple Inc. All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
@@ -34,6 +34,7 @@
#include <wtf/Forward.h>
namespace WebCore {
+class BufferSource;
struct AuthenticationExtensionsClientInputs;
struct PublicKeyCredentialCreationOptions;
struct PublicKeyCredentialDescriptor;
@@ -63,7 +64,7 @@
WEBCORE_EXPORT std::optional<Vector<uint8_t>> convertToU2fCheckOnlySignCommand(const Vector<uint8_t>& clientDataHash, const WebCore::PublicKeyCredentialCreationOptions&, const WebCore::PublicKeyCredentialDescriptor&);
// Extracts APDU encoded U2F sign command from PublicKeyCredentialRequestOptions.
-WEBCORE_EXPORT std::optional<Vector<uint8_t>> convertToU2fSignCommand(const Vector<uint8_t>& clientDataHash, const WebCore::PublicKeyCredentialRequestOptions&, const Vector<uint8_t>& keyHandle, bool isAppId = false);
+WEBCORE_EXPORT std::optional<Vector<uint8_t>> convertToU2fSignCommand(const Vector<uint8_t>& clientDataHash, const WebCore::PublicKeyCredentialRequestOptions&, const WebCore::BufferSource& keyHandle, bool isAppId = false);
WEBCORE_EXPORT Vector<uint8_t> constructBogusU2fRegistrationCommand();
Modified: trunk/Source/WebCore/Modules/webauthn/fido/U2fResponseConverter.cpp (285697 => 285698)
--- trunk/Source/WebCore/Modules/webauthn/fido/U2fResponseConverter.cpp 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Source/WebCore/Modules/webauthn/fido/U2fResponseConverter.cpp 2021-11-12 01:42:42 UTC (rev 285698)
@@ -163,9 +163,9 @@
return AuthenticatorAttestationResponse::create(credentialId, attestationObject, attachment);
}
-RefPtr<AuthenticatorAssertionResponse> readU2fSignResponse(const String& rpId, const Vector<uint8_t>& keyHandle, const Vector<uint8_t>& u2fData, AuthenticatorAttachment attachment)
+RefPtr<AuthenticatorAssertionResponse> readU2fSignResponse(const String& rpId, const WebCore::BufferSource& keyHandle, const Vector<uint8_t>& u2fData, AuthenticatorAttachment attachment)
{
- if (keyHandle.isEmpty() || u2fData.size() <= signatureIndex)
+ if (!keyHandle.length() || u2fData.size() <= signatureIndex)
return nullptr;
// 1 byte flags, 4 bytes counter
@@ -178,7 +178,8 @@
// FIXME: Find a way to remove the need of constructing a vector here.
Vector<uint8_t> signature { u2fData.data() + signatureIndex, u2fData.size() - signatureIndex };
- return AuthenticatorAssertionResponse::create(keyHandle, authData, signature, { }, attachment);
+ Vector<uint8_t> keyHandleVector { keyHandle.data(), keyHandle.length() };
+ return AuthenticatorAssertionResponse::create(keyHandleVector, authData, signature, { }, attachment);
}
} // namespace fido
Modified: trunk/Source/WebCore/Modules/webauthn/fido/U2fResponseConverter.h (285697 => 285698)
--- trunk/Source/WebCore/Modules/webauthn/fido/U2fResponseConverter.h 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Source/WebCore/Modules/webauthn/fido/U2fResponseConverter.h 2021-11-12 01:42:42 UTC (rev 285698)
@@ -36,6 +36,10 @@
#include "AuthenticatorAttestationResponse.h"
#include <wtf/Forward.h>
+namespace WebCore {
+class BufferSource;
+}
+
namespace fido {
// Converts a U2F register response to WebAuthN makeCredential response.
@@ -44,7 +48,7 @@
// Converts a U2F authentication response to WebAuthN getAssertion response.
// https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html#u2f-authenticatorGetAssertion-interoperability
-WEBCORE_EXPORT RefPtr<WebCore::AuthenticatorAssertionResponse> readU2fSignResponse(const String& rpId, const Vector<uint8_t>& keyHandle, const Vector<uint8_t>& u2fData, WebCore::AuthenticatorAttachment);
+WEBCORE_EXPORT RefPtr<WebCore::AuthenticatorAssertionResponse> readU2fSignResponse(const String& rpId, const WebCore::BufferSource& keyHandle, const Vector<uint8_t>& u2fData, WebCore::AuthenticatorAttachment);
} // namespace fido
Modified: trunk/Source/WebCore/bindings/js/BufferSource.h (285697 => 285698)
--- trunk/Source/WebCore/bindings/js/BufferSource.h 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Source/WebCore/bindings/js/BufferSource.h 2021-11-12 01:42:42 UTC (rev 285698)
@@ -1,5 +1,6 @@
/*
* Copyright (C) 2016 Igalia S.L.
+ * Copyright (C) 2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -30,6 +31,10 @@
#include <variant>
#include <wtf/RefPtr.h>
+#if PLATFORM(COCOA) && defined(__OBJC__)
+OBJC_CLASS NSData;
+#endif
+
namespace WebCore {
class BufferSource {
@@ -64,8 +69,62 @@
}, m_variant);
}
+ template<class Encoder> void encode(Encoder&) const;
+ template<class Decoder> static std::optional<BufferSource> decode(Decoder&);
+
private:
VariantType m_variant;
};
+template<class Encoder>
+void BufferSource::encode(Encoder& encoder) const
+{
+ encoder << static_cast<uint64_t>(length());
+ if (!length())
+ return;
+
+ encoder.encodeFixedLengthData(data(), length() * sizeof(uint8_t), alignof(uint8_t));
+}
+
+template<class Decoder>
+std::optional<BufferSource> BufferSource::decode(Decoder& decoder)
+{
+ std::optional<uint64_t> size;
+ decoder >> size;
+ if (!size)
+ return std::nullopt;
+ if (!*size)
+ return BufferSource();
+
+ auto dataSize = CheckedSize { *size };
+ if (UNLIKELY(dataSize.hasOverflowed()))
+ return std::nullopt;
+
+ const uint8_t* data = "" alignof(uint8_t));
+ if (!data)
+ return std::nullopt;
+ return BufferSource(JSC::ArrayBuffer::tryCreate(static_cast<const void*>(data), dataSize.value()));
+}
+
+inline BufferSource toBufferSource(const uint8_t* data, size_t length)
+{
+ return BufferSource(JSC::ArrayBuffer::tryCreate(data, length));
+}
+
+#if PLATFORM(COCOA) && defined(__OBJC__)
+inline BufferSource toBufferSource(NSData *data)
+{
+ return BufferSource(JSC::ArrayBuffer::tryCreate(static_cast<const uint8_t*>(data.bytes), data.length));
+}
+
+inline RetainPtr<NSData> toNSData(const BufferSource& data)
+{
+ return adoptNS([[NSData alloc] initWithBytes:data.data() length:data.length()]);
+}
+#endif
+
} // namespace WebCore
+
+#if PLATFORM(COCOA) && defined(__OBJC__)
+using WebCore::toNSData;
+#endif
Modified: trunk/Source/WebKit/ChangeLog (285697 => 285698)
--- trunk/Source/WebKit/ChangeLog 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Source/WebKit/ChangeLog 2021-11-12 01:42:42 UTC (rev 285698)
@@ -1,3 +1,40 @@
+2021-11-11 Brent Fulgham <bfulg...@apple.com>
+
+ [WebAuthn] Stop serializing BufferSource and Vector<uint8_t> duplicates of identifiers
+ https://bugs.webkit.org/show_bug.cgi?id=233011
+ <rdar://problem/85313807>
+
+ Reviewed by Chris Dumez.
+
+ The original WebAuthn logic converted WebCore::BufferSource objects to Vector<uint8_t>
+ during serialization, which created a weird design where some code dealt with BufferSource
+ objects, and other with Vectors, and lots of converting to and from these types. It also caused
+ WebAuthn data structures to have two places where this information might live, with the
+ UIProcess using one representation, and the WebContent process using another.
+
+ This patch revises the code as follows:
+
+ 1. The identifiers are always stored as BufferSource, and the same member is used in UIProcess
+ and WebContent process when accessing this information.
+ 2. We now serialize BufferSource directly.
+
+ Tested by existing WebAuthn test cases (API and Layout tests)
+
+ * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
+ (publicKeyCredentialUserEntity):
+ (publicKeyCredentialDescriptors):
+ * UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
+ (WebKit::LocalAuthenticatorInternal::produceHashSet):
+ (WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification):
+ (WebKit::LocalAuthenticator::deleteDuplicateCredential const):
+ * UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:
+ (WebKit::toASCDescriptor):
+ (WebKit::configureRegistrationRequestContext):
+ (WebKit::configurationAssertionRequestContext):
+ * UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp:
+ (WebKit::U2fAuthenticator::issueSignCommand):
+ (WebKit::U2fAuthenticator::continueSignCommandAfterResponseReceived):
+
2021-11-11 Michael Catanzaro <mcatanz...@gnome.org>
Misc compiler warnings
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm (285697 => 285698)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2021-11-12 01:42:42 UTC (rev 285698)
@@ -389,7 +389,7 @@
WebCore::PublicKeyCredentialCreationOptions::UserEntity result;
result.name = userEntity.name;
result.icon = userEntity.icon;
- result.idVector = vectorFromNSData(userEntity.identifier);
+ result.id = WebCore::toBufferSource(userEntity.identifier);
result.displayName = userEntity.displayName;
return result;
@@ -438,7 +438,7 @@
result.reserveInitialCapacity(credentials.count);
for (_WKPublicKeyCredentialDescriptor *credential : credentials)
- result.uncheckedAppend({ WebCore::PublicKeyCredentialType::PublicKey, { }, vectorFromNSData(credential.identifier), authenticatorTransports(credential.transports) });
+ result.uncheckedAppend({ WebCore::PublicKeyCredentialType::PublicKey, WebCore::toBufferSource(credential.identifier), authenticatorTransports(credential.transports) });
return result;
}
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm (285697 => 285698)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm 2021-11-12 01:42:42 UTC (rev 285698)
@@ -84,8 +84,8 @@
{
HashSet<String> result;
for (auto& credentialDescriptor : credentialDescriptors) {
- if (emptyTransportsOrContain(credentialDescriptor.transports, AuthenticatorTransport::Internal) && credentialDescriptor.type == PublicKeyCredentialType::PublicKey && credentialDescriptor.idVector.size() == credentialIdLength)
- result.add(base64EncodeToString(credentialDescriptor.idVector.data(), credentialDescriptor.idVector.size()));
+ if (emptyTransportsOrContain(credentialDescriptor.transports, AuthenticatorTransport::Internal) && credentialDescriptor.type == PublicKeyCredentialType::PublicKey && credentialDescriptor.id.length() == credentialIdLength)
+ result.add(base64EncodeToString(credentialDescriptor.id.data(), credentialDescriptor.id.length()));
}
return result;
}
@@ -353,7 +353,7 @@
const auto& secAttrLabel = creationOptions.rp.id;
cbor::CBORValue::MapValue userEntityMap;
- userEntityMap[cbor::CBORValue(fido::kEntityIdMapKey)] = cbor::CBORValue(creationOptions.user.idVector);
+ userEntityMap[cbor::CBORValue(fido::kEntityIdMapKey)] = cbor::CBORValue(creationOptions.user.id);
userEntityMap[cbor::CBORValue(fido::kEntityNameMapKey)] = cbor::CBORValue(creationOptions.user.name);
auto userEntity = cbor::CBORWriter::write(cbor::CBORValue(WTFMove(userEntityMap)));
ASSERT(userEntity);
@@ -686,9 +686,9 @@
m_existingCredentials.findMatching([creationOptions] (auto& credential) {
auto* userHandle = credential->userHandle();
ASSERT(userHandle);
- if (userHandle->byteLength() != creationOptions.user.idVector.size())
+ if (userHandle->byteLength() != creationOptions.user.id.length())
return false;
- if (memcmp(userHandle->data(), creationOptions.user.idVector.data(), userHandle->byteLength()))
+ if (memcmp(userHandle->data(), creationOptions.user.id.data(), userHandle->byteLength()))
return false;
auto query = adoptNS([[NSMutableDictionary alloc] init]);
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm (285697 => 285698)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm 2021-11-12 01:42:42 UTC (rev 285698)
@@ -49,11 +49,6 @@
return ArrayBuffer::create(reinterpret_cast<const uint8_t*>(data.bytes), data.length);
}
-static inline RetainPtr<NSData> toNSData(const BufferSource& data)
-{
- return adoptNS([[NSData alloc] initWithBytes:data.data() length:data.length()]);
-}
-
static inline RetainPtr<NSData> toNSData(const Vector<uint8_t> vector)
{
return adoptNS([[NSData alloc] initWithBytes:vector.data() length:vector.size()]);
@@ -151,7 +146,7 @@
}
}
- return adoptNS([allocASCPublicKeyCredentialDescriptorInstance() initWithCredentialID:toNSData(descriptor.idVector).get() transports:transports.get()]);
+ return adoptNS([allocASCPublicKeyCredentialDescriptorInstance() initWithCredentialID:toNSData(descriptor.id).get() transports:transports.get()]);
}
static RetainPtr<ASCCredentialRequestContext> configureRegistrationRequestContext(const PublicKeyCredentialCreationOptions& options)
@@ -178,10 +173,10 @@
auto credentialCreationOptions = adoptNS([allocASCPublicKeyCredentialCreationOptionsInstance() init]);
- [credentialCreationOptions setChallenge:toNSData(options.challengeVector).get()];
+ [credentialCreationOptions setChallenge:toNSData(options.challenge).get()];
[credentialCreationOptions setRelyingPartyIdentifier:options.rp.id];
[credentialCreationOptions setUserName:options.user.name];
- [credentialCreationOptions setUserIdentifier:toNSData(options.user.idVector).get()];
+ [credentialCreationOptions setUserIdentifier:toNSData(options.user.id.data()).get()];
[credentialCreationOptions setUserDisplayName:options.user.displayName];
[credentialCreationOptions setUserVerificationPreference:userVerification.get()];
[credentialCreationOptions setShouldRequireResidentKey:shouldRequireResidentKey];
@@ -236,7 +231,7 @@
auto requestContext = adoptNS([allocASCCredentialRequestContextInstance() initWithRequestTypes:requestTypes]);
[requestContext setRelyingPartyIdentifier:options.rpId];
- auto challenge = toNSData(options.challengeVector);
+ auto challenge = toNSData(options.challenge);
if (requestTypes & ASCCredentialRequestTypePlatformPublicKeyAssertion)
[requestContext setPlatformKeyCredentialAssertionOptions:[allocASCPublicKeyCredentialAssertionOptionsInstance() initWithKind:ASCPublicKeyCredentialKindPlatform relyingPartyIdentifier:options.rpId challenge:challenge.get() userVerificationPreference:userVerification.get() allowedCredentials:allowedCredentials.get()]];
Modified: trunk/Source/WebKit/UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp (285697 => 285698)
--- trunk/Source/WebKit/UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Source/WebKit/UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp 2021-11-12 01:42:42 UTC (rev 285698)
@@ -104,7 +104,7 @@
receiveRespond(ExceptionData { NotAllowedError, "No credentials from the allowCredentials list is found in the authenticator."_s });
return;
}
- auto u2fCmd = convertToU2fSignCommand(requestData().hash, requestOptions, requestOptions.allowCredentials[index].idVector, m_isAppId);
+ auto u2fCmd = convertToU2fSignCommand(requestData().hash, requestOptions, requestOptions.allowCredentials[index].id, m_isAppId);
ASSERT(u2fCmd);
issueNewCommand(WTFMove(*u2fCmd), CommandType::SignCommand);
}
@@ -209,9 +209,9 @@
RefPtr<AuthenticatorAssertionResponse> response;
if (m_isAppId) {
ASSERT(requestOptions.extensions && !requestOptions.extensions->appid.isNull());
- response = readU2fSignResponse(requestOptions.extensions->appid, requestOptions.allowCredentials[m_nextListIndex - 1].idVector, apduResponse.data(), AuthenticatorAttachment::CrossPlatform);
+ response = readU2fSignResponse(requestOptions.extensions->appid, requestOptions.allowCredentials[m_nextListIndex - 1].id, apduResponse.data(), AuthenticatorAttachment::CrossPlatform);
} else
- response = readU2fSignResponse(requestOptions.rpId, requestOptions.allowCredentials[m_nextListIndex - 1].idVector, apduResponse.data(), AuthenticatorAttachment::CrossPlatform);
+ response = readU2fSignResponse(requestOptions.rpId, requestOptions.allowCredentials[m_nextListIndex - 1].id, apduResponse.data(), AuthenticatorAttachment::CrossPlatform);
if (!response) {
receiveRespond(ExceptionData { UnknownError, "Couldn't parse the U2F sign response."_s });
return;
Modified: trunk/Tools/ChangeLog (285697 => 285698)
--- trunk/Tools/ChangeLog 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Tools/ChangeLog 2021-11-12 01:42:42 UTC (rev 285698)
@@ -1,3 +1,36 @@
+2021-11-11 Brent Fulgham <bfulg...@apple.com>
+
+ [WebAuthn] Stop serializing BufferSource and Vector<uint8_t> duplicates of identifiers
+ https://bugs.webkit.org/show_bug.cgi?id=233011
+ <rdar://problem/85313807>
+
+ Reviewed by Chris Dumez.
+
+ The original WebAuthn logic converted WebCore::BufferSource objects to Vector<uint8_t>
+ during serialization, which created a weird design where some code dealt with BufferSource
+ objects, and other with Vectors, and lots of converting to and from these types. It also caused
+ WebAuthn data structures to have two places where this information might live, with the
+ UIProcess using one representation, and the WebContent process using another.
+
+ This patch revises the code as follows:
+
+ 1. The identifiers are always stored as BufferSource, and the same member is used in UIProcess
+ and WebContent process when accessing this information.
+ 2. We now serialize BufferSource directly.
+
+ Tested by existing WebAuthn test cases (API and Layout tests)
+
+ * TestWebKitAPI/Tests/WebCore/CtapRequestTest.cpp:
+ (TestWebKitAPI::TEST):
+ * TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp:
+ (TestWebKitAPI::getTestCredentialRawIdBytes):
+ (TestWebKitAPI::TEST):
+ * TestWebKitAPI/Tests/WebCore/U2fCommandConstructorTest.cpp:
+ (TestWebKitAPI::constructMakeCredentialRequest):
+ (TestWebKitAPI::TEST):
+ * TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:
+ (TestWebKitAPI::TEST):
+
2021-11-11 Andres Gonzalez <andresg...@apple.com>
Fix for crash in LayoutTests in isolated tree mode.
Modified: trunk/Tools/TestWebKitAPI/Tests/WebCore/CtapRequestTest.cpp (285697 => 285698)
--- trunk/Tools/TestWebKitAPI/Tests/WebCore/CtapRequestTest.cpp 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Tools/TestWebKitAPI/Tests/WebCore/CtapRequestTest.cpp 2021-11-12 01:42:42 UTC (rev 285698)
@@ -1,5 +1,5 @@
// Copyright 2017 The Chromium Authors. All rights reserved.
-// Copyright (C) 2018 Apple Inc. All rights reserved.
+// Copyright (C) 2018-2021 Apple Inc. All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
@@ -56,13 +56,13 @@
PublicKeyCredentialCreationOptions::UserEntity user;
user.name = "johnpsm...@example.com";
user.icon = "https://pics.acme.com/00/p/aBjjjpqPb.png";
- user.idVector.append(TestData::kUserId, sizeof(TestData::kUserId));
+ user.id = WebCore::toBufferSource(TestData::kUserId, sizeof(TestData::kUserId));
user.displayName = "John P. Smith";
Vector<PublicKeyCredentialCreationOptions::Parameters> params { { PublicKeyCredentialType::PublicKey, 7 }, { PublicKeyCredentialType::PublicKey, 257 } };
PublicKeyCredentialCreationOptions::AuthenticatorSelectionCriteria selection { AuthenticatorAttachment::Platform, true, UserVerificationRequirement::Preferred };
- PublicKeyCredentialCreationOptions options { rp, user, { }, params, std::nullopt, { }, selection, AttestationConveyancePreference::None, std::nullopt, { } };
+ PublicKeyCredentialCreationOptions options { rp, user, { }, params, std::nullopt, { }, selection, AttestationConveyancePreference::None, std::nullopt };
Vector<uint8_t> hash;
hash.append(TestData::kClientDataHash, sizeof(TestData::kClientDataHash));
auto serializedData = encodeMakeCredenitalRequestAsCBOR(hash, options, AuthenticatorSupportedOptions::UserVerificationAvailability::kSupportedAndConfigured);
@@ -79,13 +79,13 @@
PublicKeyCredentialCreationOptions::UserEntity user;
user.name = "johnpsm...@example.com";
user.icon = "https://pics.acme.com/00/p/aBjjjpqPb.png";
- user.idVector.append(TestData::kUserId, sizeof(TestData::kUserId));
+ user.id = WebCore::toBufferSource(TestData::kUserId, sizeof(TestData::kUserId));
user.displayName = "John P. Smith";
Vector<PublicKeyCredentialCreationOptions::Parameters> params { { PublicKeyCredentialType::PublicKey, 7 }, { PublicKeyCredentialType::PublicKey, 257 } };
PublicKeyCredentialCreationOptions::AuthenticatorSelectionCriteria selection { AuthenticatorAttachment::Platform, false, UserVerificationRequirement::Discouraged };
- PublicKeyCredentialCreationOptions options { rp, user, { }, params, std::nullopt, { }, selection, AttestationConveyancePreference::None, std::nullopt, { } };
+ PublicKeyCredentialCreationOptions options { rp, user, { }, params, std::nullopt, { }, selection, AttestationConveyancePreference::None, std::nullopt };
Vector<uint8_t> hash;
hash.append(TestData::kClientDataHash, sizeof(TestData::kClientDataHash));
auto serializedData = encodeMakeCredenitalRequestAsCBOR(hash, options, AuthenticatorSupportedOptions::UserVerificationAvailability::kSupportedAndConfigured);
@@ -102,13 +102,13 @@
PublicKeyCredentialCreationOptions::UserEntity user;
user.name = "johnpsm...@example.com";
user.icon = "https://pics.acme.com/00/p/aBjjjpqPb.png";
- user.idVector.append(TestData::kUserId, sizeof(TestData::kUserId));
+ user.id = WebCore::toBufferSource(TestData::kUserId, sizeof(TestData::kUserId));
user.displayName = "John P. Smith";
Vector<PublicKeyCredentialCreationOptions::Parameters> params { { PublicKeyCredentialType::PublicKey, 7 }, { PublicKeyCredentialType::PublicKey, 257 } };
PublicKeyCredentialCreationOptions::AuthenticatorSelectionCriteria selection { AuthenticatorAttachment::Platform, false, UserVerificationRequirement::Required };
- PublicKeyCredentialCreationOptions options { rp, user, { }, params, std::nullopt, { }, selection, AttestationConveyancePreference::None, std::nullopt, { } };
+ PublicKeyCredentialCreationOptions options { rp, user, { }, params, std::nullopt, { }, selection, AttestationConveyancePreference::None, std::nullopt };
Vector<uint8_t> hash;
hash.append(TestData::kClientDataHash, sizeof(TestData::kClientDataHash));
auto serializedData = encodeMakeCredenitalRequestAsCBOR(hash, options, AuthenticatorSupportedOptions::UserVerificationAvailability::kNotSupported);
@@ -125,7 +125,7 @@
PublicKeyCredentialCreationOptions::UserEntity user;
user.name = "johnpsm...@example.com";
user.icon = "https://pics.acme.com/00/p/aBjjjpqPb.png";
- user.idVector.append(TestData::kUserId, sizeof(TestData::kUserId));
+ user.id = WebCore::toBufferSource(TestData::kUserId, sizeof(TestData::kUserId));
user.displayName = "John P. Smith";
Vector<PublicKeyCredentialCreationOptions::Parameters> params { { PublicKeyCredentialType::PublicKey, 7 }, { PublicKeyCredentialType::PublicKey, 257 } };
@@ -135,7 +135,7 @@
pin.protocol = pin::kProtocolVersion;
pin.auth.append(TestData::kCtap2PinAuth, sizeof(TestData::kCtap2PinAuth));
- PublicKeyCredentialCreationOptions options { rp, user, { }, params, std::nullopt, { }, selection, AttestationConveyancePreference::None, std::nullopt, { } };
+ PublicKeyCredentialCreationOptions options { rp, user, { }, params, std::nullopt, { }, selection, AttestationConveyancePreference::None, std::nullopt };
Vector<uint8_t> hash;
hash.append(TestData::kClientDataHash, sizeof(TestData::kClientDataHash));
auto serializedData = encodeMakeCredenitalRequestAsCBOR(hash, options, AuthenticatorSupportedOptions::UserVerificationAvailability::kSupportedAndConfigured, pin);
@@ -157,7 +157,7 @@
0x34, 0x85, 0x8a, 0xc7, 0x5b, 0xed, 0x3f, 0xd5, 0x80, 0xbf, 0x98,
0x08, 0xd9, 0x4f, 0xcb, 0xee, 0x82, 0xb9, 0xb2, 0xef, 0x66, 0x77,
0xaf, 0x0a, 0xdc, 0xc3, 0x58, 0x52, 0xea, 0x6b, 0x9e };
- descriptor1.idVector.append(id1, sizeof(id1));
+ descriptor1.id = WebCore::toBufferSource(id1, sizeof(id1));
options.allowCredentials.append(descriptor1);
PublicKeyCredentialDescriptor descriptor2;
@@ -168,7 +168,7 @@
0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03 };
- descriptor2.idVector.append(id2, sizeof(id2));
+ descriptor2.id = WebCore::toBufferSource(id2, sizeof(id2));
options.allowCredentials.append(descriptor2);
options.userVerification = UserVerificationRequirement::Required;
@@ -194,7 +194,7 @@
0x34, 0x85, 0x8a, 0xc7, 0x5b, 0xed, 0x3f, 0xd5, 0x80, 0xbf, 0x98,
0x08, 0xd9, 0x4f, 0xcb, 0xee, 0x82, 0xb9, 0xb2, 0xef, 0x66, 0x77,
0xaf, 0x0a, 0xdc, 0xc3, 0x58, 0x52, 0xea, 0x6b, 0x9e };
- descriptor1.idVector.append(id1, sizeof(id1));
+ descriptor1.id = WebCore::toBufferSource(id1, sizeof(id1));
options.allowCredentials.append(descriptor1);
PublicKeyCredentialDescriptor descriptor2;
@@ -205,7 +205,7 @@
0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03 };
- descriptor2.idVector.append(id2, sizeof(id2));
+ descriptor2.id = WebCore::toBufferSource(id2, sizeof(id2));
options.allowCredentials.append(descriptor2);
options.userVerification = UserVerificationRequirement::Discouraged;
@@ -231,7 +231,7 @@
0x34, 0x85, 0x8a, 0xc7, 0x5b, 0xed, 0x3f, 0xd5, 0x80, 0xbf, 0x98,
0x08, 0xd9, 0x4f, 0xcb, 0xee, 0x82, 0xb9, 0xb2, 0xef, 0x66, 0x77,
0xaf, 0x0a, 0xdc, 0xc3, 0x58, 0x52, 0xea, 0x6b, 0x9e };
- descriptor1.idVector.append(id1, sizeof(id1));
+ descriptor1.id = WebCore::toBufferSource(id1, sizeof(id1));
options.allowCredentials.append(descriptor1);
PublicKeyCredentialDescriptor descriptor2;
@@ -242,7 +242,7 @@
0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03 };
- descriptor2.idVector.append(id2, sizeof(id2));
+ descriptor2.id = WebCore::toBufferSource(id2, sizeof(id2));
options.allowCredentials.append(descriptor2);
options.userVerification = UserVerificationRequirement::Required;
@@ -268,7 +268,7 @@
0x34, 0x85, 0x8a, 0xc7, 0x5b, 0xed, 0x3f, 0xd5, 0x80, 0xbf, 0x98,
0x08, 0xd9, 0x4f, 0xcb, 0xee, 0x82, 0xb9, 0xb2, 0xef, 0x66, 0x77,
0xaf, 0x0a, 0xdc, 0xc3, 0x58, 0x52, 0xea, 0x6b, 0x9e };
- descriptor1.idVector.append(id1, sizeof(id1));
+ descriptor1.id = WebCore::toBufferSource(id1, sizeof(id1));
options.allowCredentials.append(descriptor1);
PublicKeyCredentialDescriptor descriptor2;
@@ -279,7 +279,7 @@
0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03 };
- descriptor2.idVector.append(id2, sizeof(id2));
+ descriptor2.id = WebCore::toBufferSource(id2, sizeof(id2));
options.allowCredentials.append(descriptor2);
options.userVerification = UserVerificationRequirement::Required;
Modified: trunk/Tools/TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp (285697 => 285698)
--- trunk/Tools/TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Tools/TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp 2021-11-12 01:42:42 UTC (rev 285698)
@@ -1,5 +1,5 @@
// Copyright 2017 The Chromium Authors. All rights reserved.
-// Copyright (C) 2018 Apple Inc. All rights reserved.
+// Copyright (C) 2018-2021 Apple Inc. All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
@@ -34,6 +34,7 @@
#include "FidoTestData.h"
#include <_javascript_Core/ArrayBuffer.h>
#include <WebCore/AuthenticatorAttachment.h>
+#include <WebCore/BufferSource.h>
#include <WebCore/CBORReader.h>
#include <WebCore/CBORValue.h>
#include <WebCore/CBORWriter.h>
@@ -333,12 +334,9 @@
}
// Return a key handle used for GetAssertion request.
-Vector<uint8_t> getTestCredentialRawIdBytes()
+BufferSource getTestCredentialRawIdBytes()
{
- Vector<uint8_t> testCredentialRawIdBytes;
- testCredentialRawIdBytes.reserveInitialCapacity(sizeof(TestData::kU2fSignKeyHandle));
- testCredentialRawIdBytes.append(TestData::kU2fSignKeyHandle, sizeof(TestData::kU2fSignKeyHandle));
- return testCredentialRawIdBytes;
+ return WebCore::toBufferSource(TestData::kU2fSignKeyHandle, sizeof(TestData::kU2fSignKeyHandle));
}
// Return a malformed U2fRegisterResponse.
@@ -558,7 +556,7 @@
TEST(CTAPResponseTest, TestParseU2fSignWithNullKeyHandle)
{
- auto response = readU2fSignResponse(TestData::kRelyingPartyId, Vector<uint8_t>(), getTestSignResponse(), AuthenticatorAttachment::CrossPlatform);
+ auto response = readU2fSignResponse(TestData::kRelyingPartyId, BufferSource(), getTestSignResponse(), AuthenticatorAttachment::CrossPlatform);
EXPECT_FALSE(response);
}
Modified: trunk/Tools/TestWebKitAPI/Tests/WebCore/U2fCommandConstructorTest.cpp (285697 => 285698)
--- trunk/Tools/TestWebKitAPI/Tests/WebCore/U2fCommandConstructorTest.cpp 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Tools/TestWebKitAPI/Tests/WebCore/U2fCommandConstructorTest.cpp 2021-11-12 01:42:42 UTC (rev 285698)
@@ -1,5 +1,5 @@
// Copyright 2018 The Chromium Authors. All rights reserved.
-// Copyright (C) 2019 Apple Inc. All rights reserved.
+// Copyright (C) 2019-2021 Apple Inc. All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
@@ -50,7 +50,7 @@
rp.name = "acme.com";
PublicKeyCredentialCreationOptions::UserEntity user;
- user.idVector = convertBytesToVector(TestData::kUserId, sizeof(TestData::kUserId));
+ user.id = WebCore::toBufferSource(TestData::kUserId, sizeof(TestData::kUserId));
user.name = "johnpsm...@example.com";
user.displayName = "John P. Smith";
user.icon = "https://pics.acme.com/00/p/aBjjjpqPb.png";
@@ -112,7 +112,7 @@
auto makeCredentialParam = constructMakeCredentialRequest();
PublicKeyCredentialDescriptor credentialDescriptor;
credentialDescriptor.type = PublicKeyCredentialType::PublicKey;
- credentialDescriptor.idVector = convertBytesToVector(TestData::kU2fSignKeyHandle, sizeof(TestData::kU2fSignKeyHandle));
+ credentialDescriptor.id = WebCore::toBufferSource(TestData::kU2fSignKeyHandle, sizeof(TestData::kU2fSignKeyHandle));
Vector<PublicKeyCredentialDescriptor> excludeList;
excludeList.append(credentialDescriptor);
makeCredentialParam.excludeCredentials = WTFMove(excludeList);
@@ -128,7 +128,7 @@
auto makeCredentialParam = constructMakeCredentialRequest();
PublicKeyCredentialDescriptor credentialDescriptor;
credentialDescriptor.type = static_cast<PublicKeyCredentialType>(-1);
- credentialDescriptor.idVector = convertBytesToVector(TestData::kU2fSignKeyHandle, sizeof(TestData::kU2fSignKeyHandle));
+ credentialDescriptor.id = WebCore::toBufferSource(TestData::kU2fSignKeyHandle, sizeof(TestData::kU2fSignKeyHandle));
Vector<PublicKeyCredentialDescriptor> excludeList;
excludeList.append(credentialDescriptor);
makeCredentialParam.excludeCredentials = WTFMove(excludeList);
@@ -145,7 +145,7 @@
rp.name = "acme.com";
PublicKeyCredentialCreationOptions::UserEntity user;
- user.idVector = convertBytesToVector(TestData::kUserId, sizeof(TestData::kUserId));
+ user.id = WebCore::toBufferSource(TestData::kUserId, sizeof(TestData::kUserId));
user.name = "johnpsm...@example.com";
user.displayName = "John P. Smith";
user.icon = "https://pics.acme.com/00/p/aBjjjpqPb.png";
@@ -187,13 +187,13 @@
auto getAssertionReq = constructGetAssertionRequest();
PublicKeyCredentialDescriptor credentialDescriptor;
credentialDescriptor.type = PublicKeyCredentialType::PublicKey;
- credentialDescriptor.idVector = convertBytesToVector(TestData::kU2fSignKeyHandle, sizeof(TestData::kU2fSignKeyHandle));
+ credentialDescriptor.id = WebCore::toBufferSource(TestData::kU2fSignKeyHandle, sizeof(TestData::kU2fSignKeyHandle));
Vector<PublicKeyCredentialDescriptor> allowedList;
allowedList.append(WTFMove(credentialDescriptor));
getAssertionReq.allowCredentials = WTFMove(allowedList);
EXPECT_TRUE(isConvertibleToU2fSignCommand(getAssertionReq));
- const auto u2fSignCommand = convertToU2fSignCommand(convertBytesToVector(TestData::kClientDataHash, sizeof(TestData::kClientDataHash)), getAssertionReq, convertBytesToVector(TestData::kU2fSignKeyHandle, sizeof(TestData::kU2fSignKeyHandle)));
+ const auto u2fSignCommand = convertToU2fSignCommand(convertBytesToVector(TestData::kClientDataHash, sizeof(TestData::kClientDataHash)), getAssertionReq, WebCore::toBufferSource(TestData::kU2fSignKeyHandle, sizeof(TestData::kU2fSignKeyHandle)));
ASSERT_TRUE(u2fSignCommand);
EXPECT_EQ(*u2fSignCommand, convertBytesToVector(TestData::kU2fSignCommandApdu, sizeof(TestData::kU2fSignCommandApdu)));
}
@@ -203,7 +203,7 @@
auto getAssertionReq = constructGetAssertionRequest();
PublicKeyCredentialDescriptor credentialDescriptor;
credentialDescriptor.type = PublicKeyCredentialType::PublicKey;
- credentialDescriptor.idVector = convertBytesToVector(TestData::kU2fSignKeyHandle, sizeof(TestData::kU2fSignKeyHandle));
+ credentialDescriptor.id = WebCore::toBufferSource(TestData::kU2fSignKeyHandle, sizeof(TestData::kU2fSignKeyHandle));
Vector<PublicKeyCredentialDescriptor> allowedList;
allowedList.append(WTFMove(credentialDescriptor));
getAssertionReq.allowCredentials = WTFMove(allowedList);
@@ -214,7 +214,7 @@
extensions.appid = "https://www.example.com/appid";
getAssertionReq.extensions = WTFMove(extensions);
- const auto u2fSignCommand = convertToU2fSignCommand(convertBytesToVector(TestData::kClientDataHash, sizeof(TestData::kClientDataHash)), getAssertionReq, convertBytesToVector(TestData::kU2fSignKeyHandle, sizeof(TestData::kU2fSignKeyHandle)), true);
+ const auto u2fSignCommand = convertToU2fSignCommand(convertBytesToVector(TestData::kClientDataHash, sizeof(TestData::kClientDataHash)), getAssertionReq, WebCore::toBufferSource(TestData::kU2fSignKeyHandle, sizeof(TestData::kU2fSignKeyHandle)), true);
ASSERT_TRUE(u2fSignCommand);
EXPECT_EQ(*u2fSignCommand, convertBytesToVector(TestData::kU2fAppIDSignCommandApdu, sizeof(TestData::kU2fAppIDSignCommandApdu)));
}
@@ -230,7 +230,7 @@
auto getAssertionReq = constructGetAssertionRequest();
PublicKeyCredentialDescriptor credentialDescriptor;
credentialDescriptor.type = PublicKeyCredentialType::PublicKey;
- credentialDescriptor.idVector = convertBytesToVector(TestData::kU2fSignKeyHandle, sizeof(TestData::kU2fSignKeyHandle));
+ credentialDescriptor.id = WebCore::toBufferSource(TestData::kU2fSignKeyHandle, sizeof(TestData::kU2fSignKeyHandle));
Vector<PublicKeyCredentialDescriptor> allowedList;
allowedList.append(WTFMove(credentialDescriptor));
getAssertionReq.allowCredentials = WTFMove(allowedList);
@@ -244,7 +244,7 @@
auto getAssertionReq = constructGetAssertionRequest();
PublicKeyCredentialDescriptor credentialDescriptor;
credentialDescriptor.type = PublicKeyCredentialType::PublicKey;
- credentialDescriptor.idVector = convertBytesToVector(TestData::kU2fSignKeyHandle, sizeof(TestData::kU2fSignKeyHandle));
+ credentialDescriptor.id = WebCore::toBufferSource(TestData::kU2fSignKeyHandle, sizeof(TestData::kU2fSignKeyHandle));
Vector<PublicKeyCredentialDescriptor> allowedList;
allowedList.append(WTFMove(credentialDescriptor));
getAssertionReq.allowCredentials = WTFMove(allowedList);
@@ -251,11 +251,11 @@
ASSERT_TRUE(isConvertibleToU2fSignCommand(getAssertionReq));
Vector<uint8_t> keyHandle(kMaxKeyHandleLength, 0xff);
- const auto validSignCommand = convertToU2fSignCommand(convertBytesToVector(TestData::kClientDataHash, sizeof(TestData::kClientDataHash)), getAssertionReq, keyHandle);
+ const auto validSignCommand = convertToU2fSignCommand(convertBytesToVector(TestData::kClientDataHash, sizeof(TestData::kClientDataHash)), getAssertionReq, WebCore::toBufferSource(keyHandle.data(), keyHandle.size()));
EXPECT_TRUE(validSignCommand);
keyHandle.append(0xff);
- const auto invalidSignCommand = convertToU2fSignCommand(convertBytesToVector(TestData::kClientDataHash, sizeof(TestData::kClientDataHash)), getAssertionReq, keyHandle);
+ const auto invalidSignCommand = convertToU2fSignCommand(convertBytesToVector(TestData::kClientDataHash, sizeof(TestData::kClientDataHash)), getAssertionReq, WebCore::toBufferSource(keyHandle.data(), keyHandle.size()));
EXPECT_FALSE(invalidSignCommand);
}
Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm (285697 => 285698)
--- trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2021-11-12 01:37:34 UTC (rev 285697)
+++ trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm 2021-11-12 01:42:42 UTC (rev 285698)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2019 Apple Inc. All rights reserved.
+ * Copyright (C) 2019-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -1623,8 +1623,8 @@
EXPECT_WK_STREQ(result.user.name, "japples...@example.com");
EXPECT_TRUE(result.user.icon.isNull());
- EXPECT_EQ(result.user.idVector.size(), sizeof(identifier));
- EXPECT_EQ(memcmp(result.user.idVector.data(), identifier, sizeof(identifier)), 0);
+ EXPECT_EQ(result.user.id.length(), sizeof(identifier));
+ EXPECT_EQ(memcmp(result.user.id.data(), identifier, sizeof(identifier)), 0);
EXPECT_WK_STREQ(result.user.displayName, "J Appleseed");
EXPECT_EQ(result.pubKeyCredParams.size(), 1lu);
@@ -1667,8 +1667,8 @@
EXPECT_WK_STREQ(result.user.name, "japples...@example.com");
EXPECT_TRUE(result.user.icon.isNull());
- EXPECT_EQ(result.user.idVector.size(), sizeof(identifier));
- EXPECT_EQ(memcmp(result.user.idVector.data(), identifier, sizeof(identifier)), 0);
+ EXPECT_EQ(result.user.id.length(), sizeof(identifier));
+ EXPECT_EQ(memcmp(result.user.id.data(), identifier, sizeof(identifier)), 0);
EXPECT_WK_STREQ(result.user.displayName, "J Appleseed");
EXPECT_EQ(result.pubKeyCredParams.size(), 2lu);
@@ -1681,8 +1681,8 @@
EXPECT_EQ(result.excludeCredentials.size(), 1lu);
EXPECT_EQ(result.excludeCredentials[0].type, WebCore::PublicKeyCredentialType::PublicKey);
- EXPECT_EQ(result.excludeCredentials[0].idVector.size(), sizeof(identifier));
- EXPECT_EQ(memcmp(result.excludeCredentials[0].idVector.data(), identifier, sizeof(identifier)), 0);
+ EXPECT_EQ(result.excludeCredentials[0].id.length(), sizeof(identifier));
+ EXPECT_EQ(memcmp(result.excludeCredentials[0].id.data(), identifier, sizeof(identifier)), 0);
EXPECT_EQ(result.authenticatorSelection->authenticatorAttachment, std::nullopt);
EXPECT_EQ(result.authenticatorSelection->requireResidentKey, false);
@@ -1734,8 +1734,8 @@
EXPECT_WK_STREQ(result.user.name, "japples...@example.com");
EXPECT_WK_STREQ(result.user.icon, @"https//www.example.com/icon.jpg");
- EXPECT_EQ(result.user.idVector.size(), sizeof(identifier));
- EXPECT_EQ(memcmp(result.user.idVector.data(), identifier, sizeof(identifier)), 0);
+ EXPECT_EQ(result.user.id.length(), sizeof(identifier));
+ EXPECT_EQ(memcmp(result.user.id.data(), identifier, sizeof(identifier)), 0);
EXPECT_WK_STREQ(result.user.displayName, "J Appleseed");
EXPECT_EQ(result.pubKeyCredParams.size(), 2lu);
@@ -1748,8 +1748,8 @@
EXPECT_EQ(result.excludeCredentials.size(), 2lu);
EXPECT_EQ(result.excludeCredentials[0].type, WebCore::PublicKeyCredentialType::PublicKey);
- EXPECT_EQ(result.excludeCredentials[0].idVector.size(), sizeof(identifier));
- EXPECT_EQ(memcmp(result.excludeCredentials[0].idVector.data(), identifier, sizeof(identifier)), 0);
+ EXPECT_EQ(result.excludeCredentials[0].id.length(), sizeof(identifier));
+ EXPECT_EQ(memcmp(result.excludeCredentials[0].id.data(), identifier, sizeof(identifier)), 0);
EXPECT_EQ(result.excludeCredentials[0].transports.size(), 3lu);
EXPECT_EQ(result.excludeCredentials[0].transports[0], AuthenticatorTransport::Usb);
EXPECT_EQ(result.excludeCredentials[0].transports[1], AuthenticatorTransport::Nfc);
@@ -1804,8 +1804,8 @@
EXPECT_WK_STREQ(result.user.name, "japples...@example.com");
EXPECT_WK_STREQ(result.user.icon, @"https//www.example.com/icon.jpg");
- EXPECT_EQ(result.user.idVector.size(), sizeof(identifier));
- EXPECT_EQ(memcmp(result.user.idVector.data(), identifier, sizeof(identifier)), 0);
+ EXPECT_EQ(result.user.id.length(), sizeof(identifier));
+ EXPECT_EQ(memcmp(result.user.id.data(), identifier, sizeof(identifier)), 0);
EXPECT_WK_STREQ(result.user.displayName, "J Appleseed");
EXPECT_EQ(result.pubKeyCredParams.size(), 2lu);
@@ -1818,8 +1818,8 @@
EXPECT_EQ(result.excludeCredentials.size(), 2lu);
EXPECT_EQ(result.excludeCredentials[0].type, WebCore::PublicKeyCredentialType::PublicKey);
- EXPECT_EQ(result.excludeCredentials[0].idVector.size(), sizeof(identifier));
- EXPECT_EQ(memcmp(result.excludeCredentials[0].idVector.data(), identifier, sizeof(identifier)), 0);
+ EXPECT_EQ(result.excludeCredentials[0].id.length(), sizeof(identifier));
+ EXPECT_EQ(memcmp(result.excludeCredentials[0].id.data(), identifier, sizeof(identifier)), 0);
EXPECT_EQ(result.excludeCredentials[0].transports.size(), 3lu);
EXPECT_EQ(result.excludeCredentials[0].transports[0], AuthenticatorTransport::Usb);
EXPECT_EQ(result.excludeCredentials[0].transports[1], AuthenticatorTransport::Nfc);
@@ -1931,8 +1931,8 @@
EXPECT_EQ(result.allowCredentials.size(), 1lu);
EXPECT_EQ(result.allowCredentials[0].type, WebCore::PublicKeyCredentialType::PublicKey);
- EXPECT_EQ(result.allowCredentials[0].idVector.size(), sizeof(identifier));
- EXPECT_EQ(memcmp(result.allowCredentials[0].idVector.data(), identifier, sizeof(identifier)), 0);
+ EXPECT_EQ(result.allowCredentials[0].id.length(), sizeof(identifier));
+ EXPECT_EQ(memcmp(result.allowCredentials[0].id.data(), identifier, sizeof(identifier)), 0);
EXPECT_EQ(result.userVerification, UserVerificationRequirement::Preferred);
EXPECT_TRUE(result.extensions->appid.isNull());
@@ -1965,8 +1965,8 @@
EXPECT_EQ(result.allowCredentials.size(), 2lu);
EXPECT_EQ(result.allowCredentials[0].type, WebCore::PublicKeyCredentialType::PublicKey);
- EXPECT_EQ(result.allowCredentials[0].idVector.size(), sizeof(identifier));
- EXPECT_EQ(memcmp(result.allowCredentials[0].idVector.data(), identifier, sizeof(identifier)), 0);
+ EXPECT_EQ(result.allowCredentials[0].id.length(), sizeof(identifier));
+ EXPECT_EQ(memcmp(result.allowCredentials[0].id.data(), identifier, sizeof(identifier)), 0);
EXPECT_EQ(result.allowCredentials[0].transports.size(), 3lu);
EXPECT_EQ(result.allowCredentials[0].transports[0], AuthenticatorTransport::Usb);
EXPECT_EQ(result.allowCredentials[0].transports[1], AuthenticatorTransport::Nfc);