1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
5 #ifndef mozilla_dom_WebAuthnResult_h_
6 #define mozilla_dom_WebAuthnResult_h_
8 #include "nsIWebAuthnResult.h"
12 #include "mozilla/Maybe.h"
15 #ifdef MOZ_WIDGET_ANDROID
16 # include "mozilla/java/WebAuthnTokenManagerNatives.h"
21 # include "mozilla/dom/PWebAuthnTransactionParent.h"
22 # include "winwebauthn/webauthn.h"
25 namespace mozilla::dom
{
27 class WebAuthnRegisterResult final
: public nsIWebAuthnRegisterResult
{
29 NS_DECL_THREADSAFE_ISUPPORTS
30 NS_DECL_NSIWEBAUTHNREGISTERRESULT
32 WebAuthnRegisterResult(const nsTArray
<uint8_t>& aAttestationObject
,
33 const Maybe
<nsCString
>& aClientDataJSON
,
34 const nsTArray
<uint8_t>& aCredentialId
,
35 const nsTArray
<nsString
>& aTransports
,
36 const Maybe
<nsString
>& aAuthenticatorAttachment
)
37 : mClientDataJSON(aClientDataJSON
),
38 mCredPropsRk(Nothing()),
39 mAuthenticatorAttachment(aAuthenticatorAttachment
) {
40 mAttestationObject
.AppendElements(aAttestationObject
);
41 mCredentialId
.AppendElements(aCredentialId
);
42 mTransports
.AppendElements(aTransports
);
45 #ifdef MOZ_WIDGET_ANDROID
46 explicit WebAuthnRegisterResult(
47 const java::WebAuthnTokenManager::MakeCredentialResponse::LocalRef
&
49 mAttestationObject
.AppendElements(
50 reinterpret_cast<uint8_t*>(
51 aResponse
->AttestationObject()->GetElements().Elements()),
52 aResponse
->AttestationObject()->Length());
53 mClientDataJSON
= Some(nsAutoCString(
54 reinterpret_cast<const char*>(
55 aResponse
->ClientDataJson()->GetElements().Elements()),
56 aResponse
->ClientDataJson()->Length()));
57 mCredentialId
.AppendElements(
58 reinterpret_cast<uint8_t*>(
59 aResponse
->KeyHandle()->GetElements().Elements()),
60 aResponse
->KeyHandle()->Length());
61 auto transports
= aResponse
->Transports();
62 for (size_t i
= 0; i
< transports
->Length(); i
++) {
63 mTransports
.AppendElement(
64 jni::String::LocalRef(transports
->GetElement(i
))->ToString());
66 // authenticator attachment is not available on Android
67 mAuthenticatorAttachment
= Nothing();
72 WebAuthnRegisterResult(nsCString
& aClientDataJSON
,
73 PCWEBAUTHN_CREDENTIAL_ATTESTATION aResponse
)
74 : mClientDataJSON(Some(aClientDataJSON
)) {
75 mCredentialId
.AppendElements(aResponse
->pbCredentialId
,
76 aResponse
->cbCredentialId
);
78 mAttestationObject
.AppendElements(aResponse
->pbAttestationObject
,
79 aResponse
->cbAttestationObject
);
81 nsTArray
<WebAuthnExtensionResult
> extensions
;
82 if (aResponse
->dwVersion
>= WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_2
) {
83 PCWEBAUTHN_EXTENSIONS pExtensionList
= &aResponse
->Extensions
;
84 if (pExtensionList
->cExtensions
!= 0 &&
85 pExtensionList
->pExtensions
!= NULL
) {
86 for (DWORD dwIndex
= 0; dwIndex
< pExtensionList
->cExtensions
;
88 PWEBAUTHN_EXTENSION pExtension
=
89 &pExtensionList
->pExtensions
[dwIndex
];
90 if (pExtension
->pwszExtensionIdentifier
&&
91 (0 == _wcsicmp(pExtension
->pwszExtensionIdentifier
,
92 WEBAUTHN_EXTENSIONS_IDENTIFIER_HMAC_SECRET
)) &&
93 pExtension
->cbExtension
== sizeof(BOOL
)) {
94 BOOL
* pCredentialCreatedWithHmacSecret
=
95 (BOOL
*)pExtension
->pvExtension
;
96 if (*pCredentialCreatedWithHmacSecret
) {
97 mHmacCreateSecret
= Some(true);
104 if (aResponse
->dwVersion
>= WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_3
) {
105 if (aResponse
->dwUsedTransport
& WEBAUTHN_CTAP_TRANSPORT_USB
) {
106 mTransports
.AppendElement(u
"usb"_ns
);
108 if (aResponse
->dwUsedTransport
& WEBAUTHN_CTAP_TRANSPORT_NFC
) {
109 mTransports
.AppendElement(u
"nfc"_ns
);
111 if (aResponse
->dwUsedTransport
& WEBAUTHN_CTAP_TRANSPORT_BLE
) {
112 mTransports
.AppendElement(u
"ble"_ns
);
114 if (aResponse
->dwUsedTransport
& WEBAUTHN_CTAP_TRANSPORT_INTERNAL
) {
115 mTransports
.AppendElement(u
"internal"_ns
);
118 // WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_5 corresponds to
119 // WEBAUTHN_API_VERSION_6 which is where WEBAUTHN_CTAP_TRANSPORT_HYBRID was
121 if (aResponse
->dwVersion
>= WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_5
) {
122 if (aResponse
->dwUsedTransport
& WEBAUTHN_CTAP_TRANSPORT_HYBRID
) {
123 mTransports
.AppendElement(u
"hybrid"_ns
);
127 if (aResponse
->dwVersion
>= WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_3
) {
128 if (aResponse
->dwUsedTransport
& WEBAUTHN_CTAP_TRANSPORT_INTERNAL
) {
129 mAuthenticatorAttachment
= Some(u
"platform"_ns
);
131 mAuthenticatorAttachment
= Some(u
"cross-platform"_ns
);
137 nsresult
Anonymize();
140 ~WebAuthnRegisterResult() = default;
142 nsTArray
<uint8_t> mAttestationObject
;
143 nsTArray
<uint8_t> mCredentialId
;
144 nsTArray
<nsString
> mTransports
;
145 Maybe
<nsCString
> mClientDataJSON
;
146 Maybe
<bool> mCredPropsRk
;
147 Maybe
<bool> mHmacCreateSecret
;
148 Maybe
<nsString
> mAuthenticatorAttachment
;
151 class WebAuthnSignResult final
: public nsIWebAuthnSignResult
{
153 NS_DECL_THREADSAFE_ISUPPORTS
154 NS_DECL_NSIWEBAUTHNSIGNRESULT
156 WebAuthnSignResult(const nsTArray
<uint8_t>& aAuthenticatorData
,
157 const Maybe
<nsCString
>& aClientDataJSON
,
158 const nsTArray
<uint8_t>& aCredentialId
,
159 const nsTArray
<uint8_t>& aSignature
,
160 const nsTArray
<uint8_t>& aUserHandle
,
161 const Maybe
<nsString
>& aAuthenticatorAttachment
)
162 : mClientDataJSON(aClientDataJSON
),
163 mAuthenticatorAttachment(aAuthenticatorAttachment
) {
164 mAuthenticatorData
.AppendElements(aAuthenticatorData
);
165 mCredentialId
.AppendElements(aCredentialId
);
166 mSignature
.AppendElements(aSignature
);
167 mUserHandle
.AppendElements(aUserHandle
);
170 #ifdef MOZ_WIDGET_ANDROID
171 explicit WebAuthnSignResult(
172 const java::WebAuthnTokenManager::GetAssertionResponse::LocalRef
&
174 mAuthenticatorData
.AppendElements(
175 reinterpret_cast<uint8_t*>(
176 aResponse
->AuthData()->GetElements().Elements()),
177 aResponse
->AuthData()->Length());
178 mClientDataJSON
= Some(nsAutoCString(
179 reinterpret_cast<const char*>(
180 aResponse
->ClientDataJson()->GetElements().Elements()),
181 aResponse
->ClientDataJson()->Length()));
182 mCredentialId
.AppendElements(
183 reinterpret_cast<uint8_t*>(
184 aResponse
->KeyHandle()->GetElements().Elements()),
185 aResponse
->KeyHandle()->Length());
186 mSignature
.AppendElements(
187 reinterpret_cast<uint8_t*>(
188 aResponse
->Signature()->GetElements().Elements()),
189 aResponse
->Signature()->Length());
190 mUserHandle
.AppendElements(
191 reinterpret_cast<uint8_t*>(
192 aResponse
->UserHandle()->GetElements().Elements()),
193 aResponse
->UserHandle()->Length());
194 // authenticator attachment is not available on Android
195 mAuthenticatorAttachment
= Nothing();
200 WebAuthnSignResult(nsCString
& aClientDataJSON
, PCWEBAUTHN_ASSERTION aResponse
)
201 : mClientDataJSON(Some(aClientDataJSON
)) {
202 mSignature
.AppendElements(aResponse
->pbSignature
, aResponse
->cbSignature
);
204 mCredentialId
.AppendElements(aResponse
->Credential
.pbId
,
205 aResponse
->Credential
.cbId
);
207 mUserHandle
.AppendElements(aResponse
->pbUserId
, aResponse
->cbUserId
);
209 mAuthenticatorData
.AppendElements(aResponse
->pbAuthenticatorData
,
210 aResponse
->cbAuthenticatorData
);
212 mAuthenticatorAttachment
= Nothing(); // not available
217 ~WebAuthnSignResult() = default;
219 nsTArray
<uint8_t> mAuthenticatorData
;
220 Maybe
<nsCString
> mClientDataJSON
;
221 nsTArray
<uint8_t> mCredentialId
;
222 nsTArray
<uint8_t> mSignature
;
223 nsTArray
<uint8_t> mUserHandle
;
224 Maybe
<nsString
> mAuthenticatorAttachment
;
225 Maybe
<bool> mUsedAppId
;
228 } // namespace mozilla::dom
229 #endif // mozilla_dom_WebAuthnResult_h