WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
205376
[WebAuthn] Implement coders for CTAP ClientPIN requests and responses
https://bugs.webkit.org/show_bug.cgi?id=205376
Summary
[WebAuthn] Implement coders for CTAP ClientPIN requests and responses
Jiewen Tan
Reported
2019-12-17 23:05:56 PST
Implement coder for CTAP ClientPIN requests and responses.
Attachments
Patch
(96.23 KB, patch)
2019-12-17 23:50 PST
,
Jiewen Tan
no flags
Details
Formatted Diff
Diff
Patch
(96.23 KB, patch)
2019-12-18 07:45 PST
,
Jiewen Tan
no flags
Details
Formatted Diff
Diff
Patch
(95.04 KB, patch)
2019-12-19 18:34 PST
,
Jiewen Tan
no flags
Details
Formatted Diff
Diff
Show Obsolete
(2)
View All
Add attachment
proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1
2019-12-17 23:06:19 PST
<
rdar://problem/58034395
>
Jiewen Tan
Comment 2
2019-12-17 23:50:32 PST
Created
attachment 385945
[details]
Patch
Jiewen Tan
Comment 3
2019-12-18 07:45:02 PST
Created
attachment 385972
[details]
Patch
Brent Fulgham
Comment 4
2019-12-18 08:56:21 PST
Comment on
attachment 385945
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=385945&action=review
> Source/WebCore/ChangeLog:24 > + of API tests.
I suggest rephrasing this as: "The authenticatorClientPIN subCommands are based on a Chromium patch:
https://chromium-review.googlesource.com/c/chromium/src/+/1457004
Specifically, it adopts the interfaces from that patch, but rewrites the BoringSSL-based crypto features using WebCore's WebCrypto implementation. This allows us to focus on high level crypto interfaces, and lets WebCrypto handle the underlying crypto library. Also, the original Chromium patch lacks tests. We introduce a large set of API tests to confirm proper function."
> Source/WebCore/ChangeLog:29 > + made headers private for TestWebKitAPI.
Maybe: "This patch also makes the AES CBC, EDCH, and HMAC platform* implementations public, so that these implementations can be shared by WebAuthentication and test infrastructure."
> Source/WebCore/Modules/webauthn/fido/Pin.cpp:139 > +// static
I don't think these comments are helpful. I suggest removing them.
> Source/WebCore/Modules/webauthn/fido/Pin.cpp:171 > + })) {
I think this Vector<std::pair<int, int>> would be better as a constexpr called 'P256Point' or something, and this loop as a helper function: "static bool coseKeyIsP256Point(const CBORValue::MapValue& coseKey)"
> Source/WebCore/Modules/webauthn/fido/Pin.h:63 > +enum class RequestKey : int {
Does this need to be an 'int' by spec? All values are positive, and would fit in a byte (could be uint8_t).
> Source/WebCore/Modules/webauthn/fido/Pin.h:74 > +enum class ResponseKey : int {
Ditto.
> Source/WebCore/crypto/mac/CryptoKeyRSAMac.cpp:204 > + return WTFMove(result);
Is this WTFMove() necessary? I would expect the return value optimization to handle this.
> Source/WebCore/crypto/mac/CryptoKeyRSAMac.cpp:211 > + return WTFMove(result);
Ditto.
> Tools/TestWebKitAPI/Tests/WebCore/CtapPinTest.cpp:35 > +#include <WebCOre/CryptoAlgorithmAesCbcCfbParams.h>
Oops! Not good for case sensitive file systems! :-) fatal error: 'WebCOre/CryptoAlgorithmAesCbcCfbParams.h' file not found
Brent Fulgham
Comment 5
2019-12-18 17:54:02 PST
Comment on
attachment 385972
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=385972&action=review
Looks like your API tests are failing on some systems.
> Source/WebCore/ChangeLog:24 > + of API tests.
I suggest rephrasing this as: "The authenticatorClientPIN subCommands are based on a Chromium patch:
https://chromium-review.googlesource.com/c/chromium/src/+/1457004
Specifically, it adopts the interfaces from that patch, but rewrites the BoringSSL-based crypto features using WebCore's WebCrypto implementation. This allows us to focus on high level crypto interfaces, and lets WebCrypto handle the underlying crypto library. Also, the original Chromium patch lacks tests. We introduce a large set of API tests to confirm proper function."
> Source/WebCore/ChangeLog:29 > + made headers private for TestWebKitAPI.
Maybe: "This patch also makes the AES CBC, EDCH, and HMAC platform* implementations public, so that these implementations can be shared by WebAuthentication and test infrastructure."
> Source/WebCore/Modules/webauthn/fido/Pin.cpp:111 > +// static
I don't think these comments are helpful. I suggest removing them.
> Source/WebCore/Modules/webauthn/fido/Pin.cpp:170 > + {-1 /* curve */, 1 /* P-256 */},
I think this Vector<std::pair<int, int>> would be better as a constexpr called 'P256Point' or something, and this loop as a helper function: "static bool coseKeyIsP256Point(const CBORValue::MapValue& coseKey)"
> Source/WebCore/Modules/webauthn/fido/Pin.h:63 > +enum class RequestKey : int {
Does this need to be an 'int' by spec? All values are positive, and would fit in a byte (could be uint8_t).
> Source/WebCore/crypto/mac/CryptoKeyRSAMac.cpp:204 > + return WTFMove(result);
Is this WTFMove() necessary? I would expect the return value optimization to handle this.
> Source/WebCore/crypto/mac/CryptoKeyRSAMac.cpp:211 > + return WTFMove(result);
Is this WTFMove() necessary? I would expect the return value optimization to handle this.
Jiewen Tan
Comment 6
2019-12-19 17:42:31 PST
Comment on
attachment 385972
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=385972&action=review
Thanks Brent for reviewing this patch.
>> Source/WebCore/ChangeLog:24 >> + of API tests. > > I suggest rephrasing this as: "The authenticatorClientPIN subCommands are based on a Chromium patch:
https://chromium-review.googlesource.com/c/chromium/src/+/1457004
Specifically, it adopts the interfaces from that patch, but rewrites the BoringSSL-based crypto features using WebCore's WebCrypto implementation. This allows us to focus on high level crypto interfaces, and lets WebCrypto handle the underlying crypto library. Also, the original Chromium patch lacks tests. We introduce a large set of API tests to confirm proper function."
Fixed.
>> Source/WebCore/ChangeLog:29 >> + made headers private for TestWebKitAPI. > > Maybe: "This patch also makes the AES CBC, EDCH, and HMAC platform* implementations public, so that these implementations can be shared by WebAuthentication and test infrastructure."
Fixed.
>> Source/WebCore/Modules/webauthn/fido/Pin.cpp:111 >> +// static > > I don't think these comments are helpful. I suggest removing them.
Removed.
>> Source/WebCore/Modules/webauthn/fido/Pin.cpp:170 >> + {-1 /* curve */, 1 /* P-256 */}, > > I think this Vector<std::pair<int, int>> would be better as a constexpr called 'P256Point' or something, and this loop as a helper function: "static bool coseKeyIsP256Point(const CBORValue::MapValue& coseKey)"
This part was from the original Chromium patch. If I were to write this part, I won't write it like this as well. Maybe we should keep it as it is but replace the integer with the constants that I defined in WebAuthenticationConstants.h.
>> Source/WebCore/Modules/webauthn/fido/Pin.h:63 >> +enum class RequestKey : int { > > Does this need to be an 'int' by spec? All values are positive, and would fit in a byte (could be uint8_t).
Good catch. I just keep this without second thought.
>> Source/WebCore/crypto/mac/CryptoKeyRSAMac.cpp:204 >> + return WTFMove(result); > > Is this WTFMove() necessary? I would expect the return value optimization to handle this.
True, I did something earlier, and forgot to undo this part.
>> Source/WebCore/crypto/mac/CryptoKeyRSAMac.cpp:211 >> + return WTFMove(result); > > Is this WTFMove() necessary? I would expect the return value optimization to handle this.
Ditto.
Jiewen Tan
Comment 7
2019-12-19 18:34:00 PST
Created
attachment 386172
[details]
Patch
Brent Fulgham
Comment 8
2019-12-19 23:55:58 PST
Comment on
attachment 386172
[details]
Patch Thank you for incorporating my suggestions. R=me
Jiewen Tan
Comment 9
2019-12-20 01:48:11 PST
(In reply to Brent Fulgham from
comment #8
)
> Comment on
attachment 386172
[details]
> Patch > > Thank you for incorporating my suggestions. R=me
Thanks for r+ the patch.
WebKit Commit Bot
Comment 10
2019-12-20 02:31:11 PST
Comment on
attachment 386172
[details]
Patch Clearing flags on attachment: 386172 Committed
r253811
: <
https://trac.webkit.org/changeset/253811
>
WebKit Commit Bot
Comment 11
2019-12-20 02:31:13 PST
All reviewed patches have been landed. Closing bug.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug