Bug 233371

Summary: Add headers for [_WKWebAuthenticationPanel makeCredentialWithClientDataHash] and [_WKWebAuthenticationPanel getAssertionWithClientDataHash]
Product: WebKit Reporter: pascoe <pascoe>
Component: WebKit Misc.Assignee: pascoe <pascoe>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 233216    
Bug Blocks:    
Attachments:
Description Flags
Patch
none
Patch
none
Patch none

pascoe@apple.com
Reported 2021-11-19 09:21:17 PST
This is a followup to: https://bugs.webkit.org/show_bug.cgi?id=233216 Summary: In order to avoid needing to make and coordinate changes to ASC to support new fields or changes within ClientDataJSON and to maintain a single source of truth, calls to ASC from WebKit will contain a precomputed ClientDataHash. In order to use these new methods, they must be added to _WKWebAuthenticationPanel.h
Attachments
Patch (2.54 KB, patch)
2021-11-19 09:30 PST, pascoe@apple.com 		no flags
DetailsFormatted DiffDiff
Patch (8.93 KB, patch)
2021-11-19 09:52 PST, pascoe@apple.com 		no flags
DetailsFormatted DiffDiff
Patch (9.12 KB, patch)
2021-11-19 10:47 PST, pascoe@apple.com 		no flags
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2021-11-19 09:21:34 PST
<rdar://problem/85607248>
pascoe@apple.com
Comment 2 2021-11-19 09:30:31 PST
Created attachment 444825 [details] Patch
pascoe@apple.com
Comment 3 2021-11-19 09:52:45 PST
Created attachment 444828 [details] Patch
Brent Fulgham
Comment 4 2021-11-19 10:10:08 PST
Comment on attachment 444828 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=444828&action=review r=me if you switch to WK_<MAC/IOS>_TBA in the availability macros. > Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:129 > +- (void)makeCredentialWithClientDataHash:(NSData *)clientDataHash options:(_WKPublicKeyCredentialCreationOptions *)options completionHandler:(void (^)(_WKAuthenticatorAttestationResponse *, NSError *))handler WK_API_AVAILABLE(macos(12.0), ios(15.0)); This isn't true -- we already shipped macOS 12 and iOS 15 without these methods. Usually we use "WK_MAC_TBA" and "WK_IOS_TBA" until we are close to a release. > Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:131 > +- (void)getAssertionWithClientDataHash:(NSData *)clientDataHash options:(_WKPublicKeyCredentialRequestOptions *)options completionHandler:(void (^)(_WKAuthenticatorAssertionResponse *, NSError *))handler WK_API_AVAILABLE(macos(12.0), ios(15.0)); Ditto. > Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:1932 > + EXPECT_WK_STREQ([response.rawId base64EncodedStringWithOptions:0], "SMSXHngF7hEOsElA73C3RY+8bR4="); Curious if this rawId has a meaning you could reference, similar to the comments in the GetAssertionLAClientDataHash test, below. > Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:2117 > + // echo -n "example.com" | shasum -a 256 | xxd -r -p | base64 These comments are super helpful. I wonder if there is a similar thing you could say about the raw ID above?
pascoe@apple.com
Comment 5 2021-11-19 10:47:39 PST
Created attachment 444835 [details] Patch
pascoe@apple.com
Comment 6 2021-11-19 10:49:20 PST
Wish I could've made it a slick bash command but converting from x9.63 to something openssl understands and back was involved.
Brent Fulgham
Comment 7 2021-11-19 10:57:31 PST
Comment on attachment 444835 [details] Patch r=me
EWS
Comment 8 2021-11-19 14:19:59 PST
Committed r286078 (244465@main): <https://commits.webkit.org/244465@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 444835 [details].
Note You need to log in before you can comment on or make changes to this bug.