dom/webauthn/WebAuthnResult.h

   1 /* This Source Code Form is subject to the terms of the Mozilla Public
   2  * License, v. 2.0. If a copy of the MPL was not distributed with this
   3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   4
   5 #ifndef mozilla_dom_WebAuthnResult_h_
   6 #define mozilla_dom_WebAuthnResult_h_
   7
   8 #include "nsIWebAuthnResult.h"
   9 #include "nsString.h"
  10 #include "nsTArray.h"
  11
  12 #include "mozilla/Maybe.h"
  13 #include "nsString.h"
  14
  15 #ifdef MOZ_WIDGET_ANDROID
  16 #  include "mozilla/java/WebAuthnUtilsNatives.h"
  17 #endif
  18
  19 #ifdef XP_WIN
  20 #  include <windows.h>
  21 #  include "mozilla/dom/PWebAuthnTransactionParent.h"
  22 #  include "winwebauthn/webauthn.h"
  23 #endif
  24
  25 namespace mozilla::dom {
  26
  27 class WebAuthnRegisterResult final : public nsIWebAuthnRegisterResult {
  28  public:
  29   NS_DECL_THREADSAFE_ISUPPORTS
  30   NS_DECL_NSIWEBAUTHNREGISTERRESULT
  31
  32   WebAuthnRegisterResult(const nsTArray<uint8_t>& aAttestationObject,
  33                          const Maybe<nsCString>& aClientDataJSON,
  34                          const nsTArray<uint8_t>& aCredentialId,
  35                          const nsTArray<nsString>& aTransports,
  36                          const Maybe<nsString>& aAuthenticatorAttachment)
  37       : mClientDataJSON(aClientDataJSON),
  38         mCredPropsRk(Nothing()),
  39         mAuthenticatorAttachment(aAuthenticatorAttachment) {
  40     mAttestationObject.AppendElements(aAttestationObject);
  41     mCredentialId.AppendElements(aCredentialId);
  42     mTransports.AppendElements(aTransports);
  43   }
  44
  45 #ifdef MOZ_WIDGET_ANDROID
  46   explicit WebAuthnRegisterResult(
  47       const java::WebAuthnUtils::MakeCredentialResponse::LocalRef& aResponse) {
  48     mAttestationObject.AppendElements(
  49         reinterpret_cast<uint8_t*>(
  50             aResponse->AttestationObject()->GetElements().Elements()),
  51         aResponse->AttestationObject()->Length());
  52     if (aResponse->ClientDataJson()) {
  53       mClientDataJSON = Some(nsAutoCString(
  54           reinterpret_cast<const char*>(
  55               aResponse->ClientDataJson()->GetElements().Elements()),
  56           aResponse->ClientDataJson()->Length()));
  57     }
  58     mCredentialId.AppendElements(
  59         reinterpret_cast<uint8_t*>(
  60             aResponse->KeyHandle()->GetElements().Elements()),
  61         aResponse->KeyHandle()->Length());
  62     auto transports = aResponse->Transports();
  63     for (size_t i = 0; i < transports->Length(); i++) {
  64       mTransports.AppendElement(
  65           jni::String::LocalRef(transports->GetElement(i))->ToString());
  66     }
  67     mAuthenticatorAttachment =
  68         Some(aResponse->AuthenticatorAttachment()->ToString());
  69   }
  70 #endif
  71
  72 #ifdef XP_WIN
  73   WebAuthnRegisterResult(nsCString& aClientDataJSON,
  74                          PCWEBAUTHN_CREDENTIAL_ATTESTATION aResponse)
  75       : mClientDataJSON(Some(aClientDataJSON)) {
  76     mCredentialId.AppendElements(aResponse->pbCredentialId,
  77                                  aResponse->cbCredentialId);
  78
  79     mAttestationObject.AppendElements(aResponse->pbAttestationObject,
  80                                       aResponse->cbAttestationObject);
  81
  82     nsTArray<WebAuthnExtensionResult> extensions;
  83     if (aResponse->dwVersion >= WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_2) {
  84       PCWEBAUTHN_EXTENSIONS pExtensionList = &aResponse->Extensions;
  85       if (pExtensionList->cExtensions != 0 &&
  86           pExtensionList->pExtensions != NULL) {
  87         for (DWORD dwIndex = 0; dwIndex < pExtensionList->cExtensions;
  88              dwIndex++) {
  89           PWEBAUTHN_EXTENSION pExtension =
  90               &pExtensionList->pExtensions[dwIndex];
  91           if (pExtension->pwszExtensionIdentifier &&
  92               (0 == _wcsicmp(pExtension->pwszExtensionIdentifier,
  93                              WEBAUTHN_EXTENSIONS_IDENTIFIER_HMAC_SECRET)) &&
  94               pExtension->cbExtension == sizeof(BOOL)) {
  95             BOOL* pCredentialCreatedWithHmacSecret =
  96                 (BOOL*)pExtension->pvExtension;
  97             if (*pCredentialCreatedWithHmacSecret) {
  98               mHmacCreateSecret = Some(true);
  99             }
 100           }
 101         }
 102       }
 103     }
 104
 105     if (aResponse->dwVersion >= WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_3) {
 106       if (aResponse->dwUsedTransport & WEBAUTHN_CTAP_TRANSPORT_USB) {
 107         mTransports.AppendElement(u"usb"_ns);
 108       }
 109       if (aResponse->dwUsedTransport & WEBAUTHN_CTAP_TRANSPORT_NFC) {
 110         mTransports.AppendElement(u"nfc"_ns);
 111       }
 112       if (aResponse->dwUsedTransport & WEBAUTHN_CTAP_TRANSPORT_BLE) {
 113         mTransports.AppendElement(u"ble"_ns);
 114       }
 115       if (aResponse->dwUsedTransport & WEBAUTHN_CTAP_TRANSPORT_INTERNAL) {
 116         mTransports.AppendElement(u"internal"_ns);
 117       }
 118     }
 119     // WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_5 corresponds to
 120     // WEBAUTHN_API_VERSION_6 which is where WEBAUTHN_CTAP_TRANSPORT_HYBRID was
 121     // defined.
 122     if (aResponse->dwVersion >= WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_5) {
 123       if (aResponse->dwUsedTransport & WEBAUTHN_CTAP_TRANSPORT_HYBRID) {
 124         mTransports.AppendElement(u"hybrid"_ns);
 125       }
 126     }
 127
 128     if (aResponse->dwVersion >= WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_3) {
 129       if (aResponse->dwUsedTransport & WEBAUTHN_CTAP_TRANSPORT_INTERNAL) {
 130         mAuthenticatorAttachment = Some(u"platform"_ns);
 131       } else {
 132         mAuthenticatorAttachment = Some(u"cross-platform"_ns);
 133       }
 134     }
 135   }
 136 #endif
 137
 138  private:
 139   ~WebAuthnRegisterResult() = default;
 140
 141   nsTArray<uint8_t> mAttestationObject;
 142   nsTArray<uint8_t> mCredentialId;
 143   nsTArray<nsString> mTransports;
 144   Maybe<nsCString> mClientDataJSON;
 145   Maybe<bool> mCredPropsRk;
 146   Maybe<bool> mHmacCreateSecret;
 147   Maybe<nsString> mAuthenticatorAttachment;
 148 };
 149
 150 class WebAuthnSignResult final : public nsIWebAuthnSignResult {
 151  public:
 152   NS_DECL_THREADSAFE_ISUPPORTS
 153   NS_DECL_NSIWEBAUTHNSIGNRESULT
 154
 155   WebAuthnSignResult(const nsTArray<uint8_t>& aAuthenticatorData,
 156                      const Maybe<nsCString>& aClientDataJSON,
 157                      const nsTArray<uint8_t>& aCredentialId,
 158                      const nsTArray<uint8_t>& aSignature,
 159                      const nsTArray<uint8_t>& aUserHandle,
 160                      const Maybe<nsString>& aAuthenticatorAttachment)
 161       : mClientDataJSON(aClientDataJSON),
 162         mAuthenticatorAttachment(aAuthenticatorAttachment) {
 163     mAuthenticatorData.AppendElements(aAuthenticatorData);
 164     mCredentialId.AppendElements(aCredentialId);
 165     mSignature.AppendElements(aSignature);
 166     mUserHandle.AppendElements(aUserHandle);
 167   }
 168
 169 #ifdef MOZ_WIDGET_ANDROID
 170   explicit WebAuthnSignResult(
 171       const java::WebAuthnUtils::GetAssertionResponse::LocalRef& aResponse) {
 172     mAuthenticatorData.AppendElements(
 173         reinterpret_cast<uint8_t*>(
 174             aResponse->AuthData()->GetElements().Elements()),
 175         aResponse->AuthData()->Length());
 176     if (aResponse->ClientDataJson()) {
 177       mClientDataJSON = Some(nsAutoCString(
 178           reinterpret_cast<const char*>(
 179               aResponse->ClientDataJson()->GetElements().Elements()),
 180           aResponse->ClientDataJson()->Length()));
 181     }
 182     mCredentialId.AppendElements(
 183         reinterpret_cast<uint8_t*>(
 184             aResponse->KeyHandle()->GetElements().Elements()),
 185         aResponse->KeyHandle()->Length());
 186     mSignature.AppendElements(
 187         reinterpret_cast<uint8_t*>(
 188             aResponse->Signature()->GetElements().Elements()),
 189         aResponse->Signature()->Length());
 190     mUserHandle.AppendElements(
 191         reinterpret_cast<uint8_t*>(
 192             aResponse->UserHandle()->GetElements().Elements()),
 193         aResponse->UserHandle()->Length());
 194     mAuthenticatorAttachment =
 195         Some(aResponse->AuthenticatorAttachment()->ToString());
 196   }
 197 #endif
 198
 199 #ifdef XP_WIN
 200   WebAuthnSignResult(nsCString& aClientDataJSON, PCWEBAUTHN_ASSERTION aResponse)
 201       : mClientDataJSON(Some(aClientDataJSON)) {
 202     mSignature.AppendElements(aResponse->pbSignature, aResponse->cbSignature);
 203
 204     mCredentialId.AppendElements(aResponse->Credential.pbId,
 205                                  aResponse->Credential.cbId);
 206
 207     mUserHandle.AppendElements(aResponse->pbUserId, aResponse->cbUserId);
 208
 209     mAuthenticatorData.AppendElements(aResponse->pbAuthenticatorData,
 210                                       aResponse->cbAuthenticatorData);
 211
 212     mAuthenticatorAttachment = Nothing();  // not available
 213   }
 214 #endif
 215
 216  private:
 217   ~WebAuthnSignResult() = default;
 218
 219   nsTArray<uint8_t> mAuthenticatorData;
 220   Maybe<nsCString> mClientDataJSON;
 221   nsTArray<uint8_t> mCredentialId;
 222   nsTArray<uint8_t> mSignature;
 223   nsTArray<uint8_t> mUserHandle;
 224   Maybe<nsString> mAuthenticatorAttachment;
 225   Maybe<bool> mUsedAppId;
 226 };
 227
 228 }  // namespace mozilla::dom
 229 #endif  // mozilla_dom_WebAuthnResult_h