Bug 275357 - Incorrect serialization of WebAuthn CollectedClientData
Summary: Incorrect serialization of WebAuthn CollectedClientData
Status: NEW
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit Misc. (show other bugs)
Version: Safari 17
Hardware: Mac (Apple Silicon) macOS 14
: P2 Normal
Assignee: pascoe@apple.com
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2024-06-11 05:42 PDT by garciacampos.sergio
Modified: 2024-06-26 15:42 PDT (History)
5 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description garciacampos.sergio 2024-06-11 05:42:03 PDT 
Not sure this is reported in the correct Component, if it's isn't please let me know.

The webauthn specification indicates that the encoding of the "CollectedClientData" must follow some strict rules, 
This is stated clearly in the specification in point "5.8.1.1. Serialization"
https://www.w3.org/TR/webauthn/#clientdatajson-serialization

here is an example of the value returned by safari where you can see the ordering of the elements is not correct:

{"type":"webauthn.get","challenge":"AYiqf4hnXuSy7ea0nnLY07cZKYHxDQu7ptax5yKIGJwA","origin":"http://localhost:5173"}"

but safari is not compliant with the standard and this makes it impossible to verify the signature when using the limited verification algorithm.

It works as expected on Google Chrome.


It probably affects other hardware and OSs
Comment 1 Radar WebKit Bug Importer 2024-06-18 05:43:13 PDT 
<rdar://problem/130073946>
Comment 2 Karl Dubost 2024-06-18 23:15:44 PDT 
After this sentence in https://www.w3.org/TR/webauthn/#clientdatajson-serialization

> The serialization algorithm works by appending successive byte strings to an, initially empty, partial result until the complete result is obtained.

It follows a sequence of things that should be appended. 

1. {"type":
2. ,"challenge":
3. ,"origin":
4. ,"crossOrigin":
5. }

And in https://www.w3.org/TR/webauthn/#clientdatajson-development
5.8.1.3. Future development

> They also must not change the serialization algorithm to change the order in which those fields are serialized.

This is probably handled by https://searchfox.org/wubkat/rev/15ad704057e0d342d10b792f6108eaeed7accbd7/Source/WebCore/Modules/webauthn/WebAuthenticationUtils.cpp#160-182

@garciacampos.sergio

You mentioned that: 
> the value returned by safari where you can see the ordering of the elements is not correct:

with the example being:

1. type
2. challenge
3. origin

The order seems to be the same. Or did you mean there is a missing "crossOrigin"?
Comment 3 garciacampos.sergio 2024-06-21 03:21:34 PDT 
> This is probably handled by https://searchfox.org/wubkat/rev/15ad704057e0d342d10b792f6108eaeed7accbd7/Source/WebCore/Modules/webauthn/WebAuthenticationUtils.cpp#160-182

i see there that "topOrigin" might be place before "crossOrigin"


> The order seems to be the same. Or did you mean there is a missing "crossOrigin"?
For some reason i thought the order was wrong but it's not. Sorry about the mess. It's just missing the  "crossOrign"


Ideally it think webkit should follow the described algorithm more closely, and actually build it using bytes directly as mentioned in the spec. That will guarantee that no weird escaping or whitespace can later break the "Limited Verification Algorithm"