Skip to content

Commit

Permalink
Passkeys: Return authenticatorData and publicKeyAlgorithm to extension
Browse files Browse the repository at this point in the history
  • Loading branch information
varjolintu authored and droidmonkey committed Jun 13, 2024
1 parent c3df161 commit 1d008db
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 5 deletions.
15 changes: 11 additions & 4 deletions src/browser/BrowserPasskeys.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -103,12 +103,19 @@ PublicKeyCredential BrowserPasskeys::buildRegisterPublicKeyCredential(const QJso
return {};
}

// Authenticator data
const auto authenticatorData = buildAuthenticatorData(credentialCreationOptions["rp"]["id"].toString(), extensions);

// Response
QJsonObject responseObject;
responseObject["attestationObject"] = browserMessageBuilder()->getBase64FromArray(attestationObject);
responseObject["clientDataJSON"] = browserMessageBuilder()->getBase64FromJson(clientDataJson);
responseObject["clientExtensionResults"] = credentialCreationOptions["clientExtensionResults"];

// Additions for extension side functions
responseObject["authenticatorData"] = browserMessageBuilder()->getBase64FromArray(authenticatorData);
responseObject["publicKeyAlgorithm"] = alg;

// PublicKeyCredential
QJsonObject publicKeyCredential;
publicKeyCredential["authenticatorAttachment"] = authenticatorAttachment;
Expand All @@ -132,7 +139,8 @@ QJsonObject BrowserPasskeys::buildGetPublicKeyCredential(const QJsonObject& asse
return {};
}

const auto authenticatorData = buildAuthenticatorData(assertionOptions);
const auto authenticatorData =
buildAuthenticatorData(assertionOptions["rpId"].toString(), assertionOptions["extensions"].toString());
const auto clientDataJson = assertionOptions["clientDataJson"].toObject();
const auto clientDataArray = QJsonDocument(clientDataJson).toJson(QJsonDocument::Compact);

Expand Down Expand Up @@ -204,14 +212,13 @@ QByteArray BrowserPasskeys::buildAttestationObject(const QJsonObject& credential
}

// Build a short version of the attestation object for webauthn.get
QByteArray BrowserPasskeys::buildAuthenticatorData(const QJsonObject& publicKey)
QByteArray BrowserPasskeys::buildAuthenticatorData(const QString& rpId, const QString& extensions)
{
QByteArray result;

const auto rpIdHash = browserMessageBuilder()->getSha256Hash(publicKey["rpId"].toString());
const auto rpIdHash = browserMessageBuilder()->getSha256Hash(rpId);
result.append(rpIdHash);

const auto extensions = publicKey["extensions"].toString();
const auto flags = setFlagsFromJson(QJsonObject(
{{"ED", !extensions.isEmpty()}, {"AT", false}, {"BS", false}, {"BE", false}, {"UV", true}, {"UP", true}}));
result.append(flags);
Expand Down
2 changes: 1 addition & 1 deletion src/browser/BrowserPasskeys.h
Original file line number Diff line number Diff line change
Expand Up @@ -119,7 +119,7 @@ class BrowserPasskeys : public QObject
const QString& credentialId,
const QByteArray& cborEncodedPublicKey,
const TestingVariables& predefinedVariables = {});
QByteArray buildAuthenticatorData(const QJsonObject& publicKey);
QByteArray buildAuthenticatorData(const QString& rpId, const QString& extensions);
AttestationKeyPair buildCredentialPrivateKey(int alg,
const QString& predefinedFirst = QString(),
const QString& predefinedSecond = QString());
Expand Down

0 comments on commit 1d008db

Please sign in to comment.