Bug 233371 - Add headers for [_WKWebAuthenticationPanel makeCredentialWithClientDataHash] and [_WKWebAuthenticationPanel getAssertionWithClientDataHash]
Summary: Add headers for [_WKWebAuthenticationPanel makeCredentialWithClientDataHash] ...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit Misc. (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: j_pascoe@apple.com
URL:
Keywords: InRadar
Depends on: 233216
Blocks:
  Show dependency treegraph
 
Reported: 2021-11-19 09:21 PST by j_pascoe@apple.com
Modified: 2021-11-19 14:20 PST (History)
2 users (show)

See Also:

Attachments
Patch (2.54 KB, patch)
2021-11-19 09:30 PST, j_pascoe@apple.com 		no flags Details | Formatted Diff | Diff
Patch (8.93 KB, patch)
2021-11-19 09:52 PST, j_pascoe@apple.com 		no flags Details | Formatted Diff | Diff
Patch (9.12 KB, patch)
2021-11-19 10:47 PST, j_pascoe@apple.com 		no flags Details | Formatted Diff | Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description j_pascoe@apple.com 2021-11-19 09:21:17 PST 
This is a followup to: https://bugs.webkit.org/show_bug.cgi?id=233216

Summary:
In order to avoid needing to make and coordinate changes to ASC to support new fields or changes within ClientDataJSON and to maintain a single source of truth, calls to ASC from WebKit will contain a precomputed ClientDataHash.

In order to use these new methods, they must be added to _WKWebAuthenticationPanel.h
Comment 1 Radar WebKit Bug Importer 2021-11-19 09:21:34 PST 
<rdar://problem/85607248>
Comment 2 j_pascoe@apple.com 2021-11-19 09:30:31 PST 
Created attachment 444825 [details]
Patch
Comment 3 j_pascoe@apple.com 2021-11-19 09:52:45 PST 
Created attachment 444828 [details]
Patch
Comment 4 Brent Fulgham 2021-11-19 10:10:08 PST 
Comment on attachment 444828 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=444828&action=review

r=me if you switch to WK_<MAC/IOS>_TBA in the availability macros.

> Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:129
> +- (void)makeCredentialWithClientDataHash:(NSData *)clientDataHash options:(_WKPublicKeyCredentialCreationOptions *)options completionHandler:(void (^)(_WKAuthenticatorAttestationResponse *, NSError *))handler WK_API_AVAILABLE(macos(12.0), ios(15.0));

This isn't true -- we already shipped macOS 12 and iOS 15 without these methods. Usually we use "WK_MAC_TBA" and "WK_IOS_TBA" until we are close to a release.

> Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:131
> +- (void)getAssertionWithClientDataHash:(NSData *)clientDataHash options:(_WKPublicKeyCredentialRequestOptions *)options completionHandler:(void (^)(_WKAuthenticatorAssertionResponse *, NSError *))handler WK_API_AVAILABLE(macos(12.0), ios(15.0));

Ditto.

> Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:1932
> +        EXPECT_WK_STREQ([response.rawId base64EncodedStringWithOptions:0], "SMSXHngF7hEOsElA73C3RY+8bR4=");

Curious if this rawId has a meaning you could reference, similar to the comments in the GetAssertionLAClientDataHash test, below.

> Tools/TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:2117
> +        // echo -n "example.com" | shasum -a 256 | xxd -r -p | base64

These comments are super helpful. I wonder if there is a similar thing you could say about the raw ID above?
Comment 5 j_pascoe@apple.com 2021-11-19 10:47:39 PST 
Created attachment 444835 [details]
Patch
Comment 6 j_pascoe@apple.com 2021-11-19 10:49:20 PST 
Wish I could've made it a slick bash command but converting from x9.63 to something openssl understands and back was involved.
Comment 7 Brent Fulgham 2021-11-19 10:57:31 PST 
Comment on attachment 444835 [details]
Patch

r=me
Comment 8 EWS 2021-11-19 14:19:59 PST 
Committed r286078 (244465@main): <https://commits.webkit.org/244465@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 444835 [details].