Bug 192727 - [WebAuthN] Remove hash from Client Data
Summary: [WebAuthN] Remove hash from Client Data
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore Misc. (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Jiewen Tan
URL:
Keywords: InRadar
Depends on:
Blocks: 181943
  Show dependency treegraph
 
Reported: 2018-12-14 16:49 PST by Jiewen Tan
Modified: 2018-12-20 15:55 PST (History)
6 users (show)

See Also:

Attachments
Patch (7.47 KB, patch)
2018-12-14 17:07 PST, Jiewen Tan 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jiewen Tan 2018-12-14 16:49:43 PST 
Remove hash from Client Data. The hash algorithm for hashing the client data is enforced to SHA_256 in the latest spec: https://www.w3.org/TR/webauthn/#sec-client-data. Therefore, we should remove it.
Comment 1 Radar WebKit Bug Importer 2018-12-14 16:52:49 PST 
<rdar://problem/46746673>
Comment 2 Jiewen Tan 2018-12-14 17:07:47 PST 
Created attachment 357359 [details]
Patch
Comment 3 Brent Fulgham 2018-12-20 14:07:03 PST 
Comment on attachment 357359 [details]
Patch

Reviewed with Jiewen in person. r=me.
Comment 4 Jiewen Tan 2018-12-20 14:21:40 PST 
Comment on attachment 357359 [details]
Patch

Thanks for Brent to r+ this patch.
Comment 5 WebKit Commit Bot 2018-12-20 15:55:57 PST 
Comment on attachment 357359 [details]
Patch

Clearing flags on attachment: 357359

Committed r239471: <https://trac.webkit.org/changeset/239471>
Comment 6 WebKit Commit Bot 2018-12-20 15:55:59 PST 
All reviewed patches have been landed.  Closing bug.