Bug 193150

Summary:

[WebAuthN] Import U2F command/response converters from Chromium

Product:

WebKit

Reporter:

Jiewen Tan <jiewen_tan>

Component:

WebCore Misc.

Assignee:

Jiewen Tan <jiewen_tan>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

bfulgham, cdumez, commit-queue, ews-watchlist, jiewen_tan, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Bug Depends on:

Bug Blocks:

181943

Attachments:

Description	Flags
Patch	none
Patch	bfulgham: review+
Patch for landing	none

Jiewen Tan

Reported 2019-01-04 12:05:03 PST

Import U2F command/response converters from Chromium.

Attachments
Patch (120.51 KB, patch) 2019-01-04 13:27 PST, Jiewen Tan	no flags	Details Formatted Diff Diff
Patch (120.51 KB, patch) 2019-01-04 16:55 PST, Jiewen Tan	bfulgham: review+	Details Formatted Diff Diff
Patch for landing (120.50 KB, patch) 2019-01-06 17:31 PST, Jiewen Tan	no flags	Details Formatted Diff Diff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2019-01-04 12:06:00 PST

<rdar://problem/47054028>

Jiewen Tan

Comment 2 2019-01-04 13:27:35 PST

Created attachment 358358 [details] Patch

EWS Watchlist

Comment 3 2019-01-04 13:30:54 PST Comment hidden (obsolete)

Attachment 358358 [details] did not pass style-queue: ERROR: Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h:41: P_256 is incorrectly named. Don't use underscores in your identifier names. [readability/naming/underscores] [4] Total errors found: 1 in 25 files If any of these errors are false positives, please file a bug against check-webkit-style.

Jiewen Tan

Comment 4 2019-01-04 16:55:04 PST

Created attachment 358399 [details] Patch

EWS Watchlist

Comment 5 2019-01-04 17:00:53 PST

Attachment 358399 [details] did not pass style-queue: ERROR: Source/WebCore/Modules/webauthn/WebAuthenticationConstants.h:41: P_256 is incorrectly named. Don't use underscores in your identifier names. [readability/naming/underscores] [4] Total errors found: 1 in 25 files If any of these errors are false positives, please file a bug against check-webkit-style.

Brent Fulgham

Comment 6 2019-01-06 16:43:36 PST

Comment on attachment 358399 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=358399&action=review R=me > Source/WebCore/ChangeLog:20 > + Besides importing stuffs from Chroimum, it also gathers a bunch of constants and helper functions into WebAuthenticationConstants.h Besides importing stuff from Chromium ... > Source/WebCore/Modules/webauthn/fido/U2fCommandConstructor.cpp:90 > + if (parameters.alg == COSE::ES256) This really seems like something a std::find would work for. But it’s fine as-is. > Source/WebCore/Modules/webauthn/fido/U2fCommandConstructor.cpp:114 > + return constructU2fSignCommand(produceRpIdHash(request.rp.id), clientDataHash, keyHandle.idVector, true /* checkOnly */); The need for this comment indicates this should be an enumeration! But since this is imported code, land as-is and then post a patch to clean up the interface. > Source/WebCore/Modules/webauthn/fido/U2fResponseConverter.cpp:71 > + x.append(u2fData.data() + pos, ES256FieldElementLength); Can the vector be constructed directly with this data? Or at least sized properly, rather than having a separate allocation event, then a resize as we append. This is true for all such cases. > Source/WebCore/Modules/webgpu/WebGPUCommandBuffer.cpp:34 > +#include "GPURenderPipeline.h" Is this needed as part of this patch? Was it causing a build error for you?

Jiewen Tan

Comment 7 2019-01-06 17:23:24 PST

Comment on attachment 358399 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=358399&action=review Thanks Brent for r+ this patch. >> Source/WebCore/ChangeLog:20 >> + Besides importing stuffs from Chroimum, it also gathers a bunch of constants and helper functions into WebAuthenticationConstants.h > > Besides importing stuff from Chromium ... Fixed. >> Source/WebCore/Modules/webauthn/fido/U2fCommandConstructor.cpp:90 >> + if (parameters.alg == COSE::ES256) > > This really seems like something a std::find would work for. But it’s fine as-is. You are right! Fixed. >> Source/WebCore/Modules/webauthn/fido/U2fCommandConstructor.cpp:114 >> + return constructU2fSignCommand(produceRpIdHash(request.rp.id), clientDataHash, keyHandle.idVector, true /* checkOnly */); > > The need for this comment indicates this should be an enumeration! But since this is imported code, land as-is and then post a patch to clean up the interface. Sure. >> Source/WebCore/Modules/webauthn/fido/U2fResponseConverter.cpp:71 >> + x.append(u2fData.data() + pos, ES256FieldElementLength); > > Can the vector be constructed directly with this data? Or at least sized properly, rather than having a separate allocation event, then a resize as we append. > > This is true for all such cases. It looks like that the default cntr of Vector does nothing. Therefore we will have only one allocation event when we append. >> Source/WebCore/Modules/webgpu/WebGPUCommandBuffer.cpp:34 >> +#include "GPURenderPipeline.h" > > Is this needed as part of this patch? Was it causing a build error for you? Some kind of unified source build magic...

Jiewen Tan

Comment 8 2019-01-06 17:31:04 PST

Created attachment 358470 [details] Patch for landing

WebKit Commit Bot

Comment 9 2019-01-06 18:08:29 PST

Comment on attachment 358470 [details] Patch for landing Clearing flags on attachment: 358470 Committed r239665: <https://trac.webkit.org/changeset/239665>

Note You need to log in before you can comment on or make changes to this bug.