dom/webauthn/WebAuthnResult.cpp

   1 /* This Source Code Form is subject to the terms of the Mozilla Public
   2  * License, v. 2.0. If a copy of the MPL was not distributed with this
   3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   4
   5 #include "AuthrsBridge_ffi.h"
   6 #include "WebAuthnResult.h"
   7 #include "nsIWebAuthnAttObj.h"
   8 #include "nsCOMPtr.h"
   9 #include "nsString.h"
  10
  11 #ifdef MOZ_WIDGET_ANDROID
  12 namespace mozilla::jni {
  13
  14 template <>
  15 RefPtr<dom::WebAuthnRegisterResult> Java2Native(
  16     mozilla::jni::Object::Param aData, JNIEnv* aEnv) {
  17   MOZ_ASSERT(
  18       aData.IsInstanceOf<java::WebAuthnTokenManager::MakeCredentialResponse>());
  19   java::WebAuthnTokenManager::MakeCredentialResponse::LocalRef response(aData);
  20   RefPtr<dom::WebAuthnRegisterResult> result =
  21       new dom::WebAuthnRegisterResult(response);
  22   return result;
  23 }
  24
  25 template <>
  26 RefPtr<dom::WebAuthnSignResult> Java2Native(mozilla::jni::Object::Param aData,
  27                                             JNIEnv* aEnv) {
  28   MOZ_ASSERT(
  29       aData.IsInstanceOf<java::WebAuthnTokenManager::GetAssertionResponse>());
  30   java::WebAuthnTokenManager::GetAssertionResponse::LocalRef response(aData);
  31   RefPtr<dom::WebAuthnSignResult> result =
  32       new dom::WebAuthnSignResult(response);
  33   return result;
  34 }
  35
  36 }  // namespace mozilla::jni
  37 #endif
  38
  39 namespace mozilla::dom {
  40
  41 NS_IMPL_ISUPPORTS(WebAuthnRegisterResult, nsIWebAuthnRegisterResult)
  42
  43 NS_IMETHODIMP
  44 WebAuthnRegisterResult::GetClientDataJSON(nsACString& aClientDataJSON) {
  45   if (mClientDataJSON.isSome()) {
  46     aClientDataJSON = *mClientDataJSON;
  47     return NS_OK;
  48   }
  49   return NS_ERROR_NOT_AVAILABLE;
  50 }
  51
  52 NS_IMETHODIMP
  53 WebAuthnRegisterResult::GetAttestationObject(
  54     nsTArray<uint8_t>& aAttestationObject) {
  55   aAttestationObject.Assign(mAttestationObject);
  56   return NS_OK;
  57 }
  58
  59 NS_IMETHODIMP
  60 WebAuthnRegisterResult::GetCredentialId(nsTArray<uint8_t>& aCredentialId) {
  61   aCredentialId.Assign(mCredentialId);
  62   return NS_OK;
  63 }
  64
  65 NS_IMETHODIMP
  66 WebAuthnRegisterResult::GetTransports(nsTArray<nsString>& aTransports) {
  67   aTransports.Assign(mTransports);
  68   return NS_OK;
  69 }
  70
  71 NS_IMETHODIMP
  72 WebAuthnRegisterResult::GetHmacCreateSecret(bool* aHmacCreateSecret) {
  73   if (mHmacCreateSecret.isSome()) {
  74     *aHmacCreateSecret = mHmacCreateSecret.ref();
  75     return NS_OK;
  76   }
  77   return NS_ERROR_NOT_AVAILABLE;
  78 }
  79
  80 NS_IMETHODIMP
  81 WebAuthnRegisterResult::GetCredPropsRk(bool* aCredPropsRk) {
  82   if (mCredPropsRk.isSome()) {
  83     *aCredPropsRk = mCredPropsRk.ref();
  84     return NS_OK;
  85   }
  86   return NS_ERROR_NOT_AVAILABLE;
  87 }
  88
  89 NS_IMETHODIMP
  90 WebAuthnRegisterResult::SetCredPropsRk(bool aCredPropsRk) {
  91   mCredPropsRk = Some(aCredPropsRk);
  92   return NS_OK;
  93 }
  94
  95 NS_IMETHODIMP
  96 WebAuthnRegisterResult::GetAuthenticatorAttachment(
  97     nsAString& aAuthenticatorAttachment) {
  98   if (mAuthenticatorAttachment.isSome()) {
  99     aAuthenticatorAttachment = mAuthenticatorAttachment.ref();
 100     return NS_OK;
 101   }
 102   return NS_ERROR_NOT_AVAILABLE;
 103 }
 104
 105 NS_IMETHODIMP
 106 WebAuthnRegisterResult::HasIdentifyingAttestation(
 107     bool* aHasIdentifyingAttestation) {
 108   // Assume the attestation statement is identifying in case the constructor or
 109   // the getter below fail.
 110   bool isIdentifying = true;
 111
 112   nsCOMPtr<nsIWebAuthnAttObj> attObj;
 113   nsresult rv = authrs_webauthn_att_obj_constructor(mAttestationObject,
 114                                                     /* anonymize */ false,
 115                                                     getter_AddRefs(attObj));
 116   if (NS_SUCCEEDED(rv)) {
 117     Unused << attObj->IsIdentifying(&isIdentifying);
 118   }
 119
 120   *aHasIdentifyingAttestation = isIdentifying;
 121   return NS_OK;
 122 }
 123
 124 NS_IMETHODIMP
 125 WebAuthnRegisterResult::Anonymize() {
 126   // The anonymize flag in the nsIWebAuthnAttObj constructor causes the
 127   // attestation statement to be removed during deserialization. It also
 128   // causes the AAGUID to be zeroed out. If we can't deserialize the
 129   // existing attestation, then we can't ensure that it is anonymized, so we
 130   // act as though the user denied consent and we return NotAllowed.
 131   nsCOMPtr<nsIWebAuthnAttObj> anonymizedAttObj;
 132   nsresult rv = authrs_webauthn_att_obj_constructor(
 133       mAttestationObject,
 134       /* anonymize */ true, getter_AddRefs(anonymizedAttObj));
 135   if (NS_FAILED(rv)) {
 136     return rv;
 137   }
 138   mAttestationObject.Clear();
 139   rv = anonymizedAttObj->GetAttestationObject(mAttestationObject);
 140   if (NS_FAILED(rv)) {
 141     return rv;
 142   }
 143   return NS_OK;
 144 }
 145
 146 NS_IMPL_ISUPPORTS(WebAuthnSignResult, nsIWebAuthnSignResult)
 147
 148 NS_IMETHODIMP
 149 WebAuthnSignResult::GetClientDataJSON(nsACString& aClientDataJSON) {
 150   if (mClientDataJSON.isSome()) {
 151     aClientDataJSON = *mClientDataJSON;
 152     return NS_OK;
 153   }
 154   return NS_ERROR_NOT_AVAILABLE;
 155 }
 156
 157 NS_IMETHODIMP
 158 WebAuthnSignResult::GetAuthenticatorData(
 159     nsTArray<uint8_t>& aAuthenticatorData) {
 160   aAuthenticatorData.Assign(mAuthenticatorData);
 161   return NS_OK;
 162 }
 163
 164 NS_IMETHODIMP
 165 WebAuthnSignResult::GetCredentialId(nsTArray<uint8_t>& aCredentialId) {
 166   aCredentialId.Assign(mCredentialId);
 167   return NS_OK;
 168 }
 169
 170 NS_IMETHODIMP
 171 WebAuthnSignResult::GetSignature(nsTArray<uint8_t>& aSignature) {
 172   aSignature.Assign(mSignature);
 173   return NS_OK;
 174 }
 175
 176 NS_IMETHODIMP
 177 WebAuthnSignResult::GetUserHandle(nsTArray<uint8_t>& aUserHandle) {
 178   aUserHandle.Assign(mUserHandle);
 179   return NS_OK;
 180 }
 181
 182 NS_IMETHODIMP
 183 WebAuthnSignResult::GetUserName(nsACString& aUserName) {
 184   return NS_ERROR_NOT_AVAILABLE;
 185 }
 186
 187 NS_IMETHODIMP
 188 WebAuthnSignResult::GetUsedAppId(bool* aUsedAppId) {
 189   if (mUsedAppId.isNothing()) {
 190     return NS_ERROR_NOT_AVAILABLE;
 191   }
 192   *aUsedAppId = mUsedAppId.ref();
 193   return NS_OK;
 194 }
 195
 196 NS_IMETHODIMP
 197 WebAuthnSignResult::SetUsedAppId(bool aUsedAppId) {
 198   mUsedAppId = Some(aUsedAppId);
 199   return NS_OK;
 200 }
 201
 202 NS_IMETHODIMP
 203 WebAuthnSignResult::GetAuthenticatorAttachment(
 204     nsAString& aAuthenticatorAttachment) {
 205   if (mAuthenticatorAttachment.isSome()) {
 206     aAuthenticatorAttachment = mAuthenticatorAttachment.ref();
 207     return NS_OK;
 208   }
 209   return NS_ERROR_NOT_AVAILABLE;
 210 }
 211
 212 }  // namespace mozilla::dom