RESOLVED FIXED233011
[WebAuthn] Stop serializing BufferSource and Vector<uint8_t> duplicates of identifiers 
https://bugs.webkit.org/show_bug.cgi?id=233011
Summary [WebAuthn] Stop serializing BufferSource and Vector<uint8_t> duplicates of id...
Brent Fulgham
Reported 2021-11-11 13:42:10 PST
The original WebAuthn logic converted WebCore::BufferSource objects to Vector<uint8_t> for serialization, which created a weird design where some code dealt with BufferSource objects, and other with Vectors, and lots of converting to and from these types. It also caused WebAuthn data structures to have two places where this information might live, with the UIProcess using one representation, and the WebContent process using another. This patch revises the code as follows: 1. The identifiers are always stored as BufferSource, and the same member is used in UIProcess and WebContent process when accessing this information. 2. We now serialize BufferSource directly.
Attachments
Patch (63.89 KB, patch)
2021-11-11 14:37 PST, Brent Fulgham 		no flags
DetailsFormatted DiffDiff
Patch for landing (64.71 KB, patch)
2021-11-11 16:43 PST, Brent Fulgham 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2021-11-11 13:43:43 PST
<rdar://problem/85313807>
Brent Fulgham
Comment 2 2021-11-11 14:37:16 PST
Created attachment 444005 [details] Patch
Chris Dumez
Comment 3 2021-11-11 15:01:54 PST
Comment on attachment 444005 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=444005&action=review r=me, very nice! > Source/WebCore/Modules/webauthn/fido/U2fCommandConstructor.cpp:88 > + return constructU2fSignCommand(applicationParameter, challengeParameter, keyVector, checkOnly); Doesn't need to be done in this patch but constructU2fSignCommand() should probably take in a WTF::Span<const uint8_t> instead of a Vector<uint8_t>. > Source/WebCore/bindings/js/BufferSource.h:99 > + auto dataSize = CheckedSize { *size } * sizeof(uint8_t); nit: The `* sizeof(uint8_t)` doesn't look terribly useful :) > Source/WebCore/bindings/js/BufferSource.h:106 > + return BufferSource(JSC::ArrayBuffer::tryCreate(reinterpret_cast<const void*>(data), dataSize.value())); nit: Would a static_cast<const void*> work? > Source/WebCore/bindings/js/BufferSource.h:117 > + return BufferSource(JSC::ArrayBuffer::tryCreate(reinterpret_cast<const uint8_t*>(data.bytes), data.length)); static_cast<> should suffice since bytes returns a const void* > Source/WebCore/bindings/js/BufferSource.h:128 > +using WebCore::toBufferSource; I am not opposed to it but I didn't realize we were doing this outside of WTF.
Brent Fulgham
Comment 8 2021-11-11 16:43:19 PST
Created attachment 444024 [details] Patch for landing
EWS
Comment 9 2021-11-11 17:42:49 PST
Committed r285698 (244165@main): <https://commits.webkit.org/244165@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 444024 [details].
Note You need to log in before you can comment on or make changes to this bug.