bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-16 08:13:42 +00:00
Code Issues Releases Wiki Activity

[EC-598] fix: some smaller bugs

Browse Source
This commit is contained in:
Andreas Coroiu
2023-03-31 15:53:10 +02:00
parent e8c9b887c4
commit 3edd7887a4
7 changed files with 52 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
apps/browser/src/webauthn/content/page-script.ts
View File

@@ -32,7 +32,19 @@ navigator.credentials.create = async (
throw new Error("Something went wrong."); throw new Error("Something went wrong.");
} }
return WebauthnUtils.mapCredentialRegistrationResult(response.result); console.log(response.result);
let mappedResult;
try {
mappedResult = WebauthnUtils.mapCredentialRegistrationResult(response.result);
} catch (e) {
console.error(e);
throw e;
}
console.log(mappedResult);
return mappedResult;
} catch (error) { } catch (error) {
if (error && error.fallbackRequested) { if (error && error.fallbackRequested) {
return await browserCredentials.create(options); return await browserCredentials.create(options);
@@ -60,6 +72,8 @@ navigator.credentials.get = async (
throw new Error("Something went wrong."); throw new Error("Something went wrong.");
} }
console.log(response.result);
return WebauthnUtils.mapCredentialAssertResult(response.result); return WebauthnUtils.mapCredentialAssertResult(response.result);
} catch (error) { } catch (error) {
if (error && error.fallbackRequested) { if (error && error.fallbackRequested) {

5
libs/common/src/vault/models/request/cipher.request.ts
View File

@@ -125,7 +125,10 @@ export class CipherRequest {
break; break;
case CipherType.Fido2Key: case CipherType.Fido2Key:
this.fido2Key = new Fido2KeyApi(); this.fido2Key = new Fido2KeyApi();
this.fido2Key.nonDiscoverableId = cipher.fido2Key.nonDiscoverableId.encryptedString; this.fido2Key.nonDiscoverableId =
cipher.fido2Key.nonDiscoverableId != null
? cipher.fido2Key.nonDiscoverableId.encryptedString
: null;
this.fido2Key.keyType = this.fido2Key.keyType =
cipher.fido2Key.keyType != null cipher.fido2Key.keyType != null
? (cipher.fido2Key.keyType.encryptedString as "public-key") ? (cipher.fido2Key.keyType.encryptedString as "public-key")

2
libs/common/src/webauthn/abstractions/fido2-authenticator.service.abstraction.ts
View File

@@ -110,7 +110,7 @@ export interface Fido2AuthenticatorGetAssertionParams {
export interface Fido2AuthenticatorGetAssertionResult { export interface Fido2AuthenticatorGetAssertionResult {
selectedCredential: { selectedCredential: {
id: string; id: Uint8Array;
userHandle?: Uint8Array; userHandle?: Uint8Array;
}; };
authenticatorData: Uint8Array; authenticatorData: Uint8Array;

6
libs/common/src/webauthn/services/fido2-authenticator.service.spec.ts
View File

@@ -446,10 +446,10 @@ describe("FidoAuthenticatorService", () => {
const aaguid = encAuthData.slice(37, 53); const aaguid = encAuthData.slice(37, 53);
const credentialIdLength = encAuthData.slice(53, 55); const credentialIdLength = encAuthData.slice(53, 55);
const credentialId = encAuthData.slice(55, 71); const credentialId = encAuthData.slice(55, 71);
// Public key format is not tested here since it will be tested // Unsure how to test public key
// by the assertion tests.
// const publicKey = encAuthData.slice(87); // const publicKey = encAuthData.slice(87);
expect(encAuthData.length).toBe(71 + 77);
expect(attestationObject.fmt).toBe("none"); expect(attestationObject.fmt).toBe("none");
expect(attestationObject.attStmt).toEqual({}); expect(attestationObject.attStmt).toEqual({});
expect(rpIdHash).toEqual( expect(rpIdHash).toEqual(
@@ -710,7 +710,7 @@ describe("FidoAuthenticatorService", () => {
const flags = encAuthData.slice(32, 33); const flags = encAuthData.slice(32, 33);
const counter = encAuthData.slice(33, 37); const counter = encAuthData.slice(33, 37);
expect(result.selectedCredential.id).toBe(selectedCredentialId); expect(result.selectedCredential.id).toEqual(Utils.guidToRawFormat(selectedCredentialId));
expect(result.selectedCredential.userHandle).toEqual( expect(result.selectedCredential.userHandle).toEqual(
Fido2Utils.stringToBuffer(ciphers[0].fido2Key.userHandle) Fido2Utils.stringToBuffer(ciphers[0].fido2Key.userHandle)
); );

2
libs/common/src/webauthn/services/fido2-authenticator.service.ts
View File

@@ -212,7 +212,7 @@ export class Fido2AuthenticatorService implements Fido2AuthenticatorServiceAbstr
return { return {
authenticatorData, authenticatorData,
selectedCredential: { selectedCredential: {
id: selectedCredentialId, id: Utils.guidToRawFormat(selectedCredentialId),
userHandle: Fido2Utils.stringToBuffer(selectedCipher.fido2Key.userHandle), userHandle: Fido2Utils.stringToBuffer(selectedCipher.fido2Key.userHandle),
}, },
signature, signature,

17
libs/common/src/webauthn/services/fido2-client.service.spec.ts
View File

@@ -318,8 +318,12 @@ describe("FidoAuthenticatorService", () => {
}); });
describe("assert non-discoverable credential", () => { describe("assert non-discoverable credential", () => {
it("should call authenticator.makeCredential", async () => { it("should call authenticator.assertCredential", async () => {
const allowedCredentialIds = [Utils.newGuid(), Utils.newGuid(), "not-a-guid"]; const allowedCredentialIds = [
Fido2Utils.bufferToString(Utils.guidToRawFormat(Utils.newGuid())),
Fido2Utils.bufferToString(Utils.guidToRawFormat(Utils.newGuid())),
Fido2Utils.bufferToString(Utils.fromByteStringToArray("not-a-guid")),
];
const params = createParams({ const params = createParams({
userVerification: "required", userVerification: "required",
allowedCredentialIds, allowedCredentialIds,
@@ -334,10 +338,13 @@ describe("FidoAuthenticatorService", () => {
rpId: RpId, rpId: RpId,
allowCredentialDescriptorList: [ allowCredentialDescriptorList: [
expect.objectContaining({ expect.objectContaining({
id: Utils.guidToRawFormat(allowedCredentialIds[0]), id: Fido2Utils.stringToBuffer(allowedCredentialIds[0]),
}), }),
expect.objectContaining({ expect.objectContaining({
id: Utils.guidToRawFormat(allowedCredentialIds[1]), id: Fido2Utils.stringToBuffer(allowedCredentialIds[1]),
}),
expect.objectContaining({
id: Fido2Utils.stringToBuffer(allowedCredentialIds[2]),
}), }),
], ],
}), }),
@@ -347,7 +354,7 @@ describe("FidoAuthenticatorService", () => {
}); });
describe("assert discoverable credential", () => { describe("assert discoverable credential", () => {
it("should call authenticator.makeCredential", async () => { it("should call authenticator.assertCredential", async () => {
const params = createParams({ const params = createParams({
userVerification: "required", userVerification: "required",
allowedCredentialIds: [], allowedCredentialIds: [],

35
libs/common/src/webauthn/services/fido2-client.service.ts
View File

@@ -83,19 +83,13 @@ export class Fido2ClientService implements Fido2ClientServiceAbstraction {
params.authenticatorSelection?.userVerification, params.authenticatorSelection?.userVerification,
params.timeout params.timeout
); );
const excludeCredentialDescriptorList: PublicKeyCredentialDescriptor[] = []; const excludeCredentialDescriptorList: PublicKeyCredentialDescriptor[] =
if (params.excludeCredentials !== undefined) { params.excludeCredentials?.map((credential) => ({
for (const credential of params.excludeCredentials) {
try {
excludeCredentialDescriptorList.push({
id: Fido2Utils.stringToBuffer(credential.id), id: Fido2Utils.stringToBuffer(credential.id),
transports: credential.transports, transports: credential.transports,
type: credential.type, type: credential.type,
}); })) ?? [];
// eslint-disable-next-line no-empty
} catch {}
}
}
const makeCredentialParams: Fido2AuthenticatorMakeCredentialsParams = { const makeCredentialParams: Fido2AuthenticatorMakeCredentialsParams = {
requireResidentKey: requireResidentKey:
params.authenticatorSelection?.residentKey === "required" || params.authenticatorSelection?.residentKey === "required" ||
@@ -138,9 +132,9 @@ export class Fido2ClientService implements Fido2ClientServiceAbstraction {
credentialId: Fido2Utils.bufferToString(makeCredentialResult.credentialId), credentialId: Fido2Utils.bufferToString(makeCredentialResult.credentialId),
attestationObject: Fido2Utils.bufferToString(makeCredentialResult.attestationObject), attestationObject: Fido2Utils.bufferToString(makeCredentialResult.attestationObject),
authData: Fido2Utils.bufferToString(makeCredentialResult.authData), authData: Fido2Utils.bufferToString(makeCredentialResult.authData),
clientDataJSON: Fido2Utils.bufferToString(clientDataJSONBytes),
publicKeyAlgorithm: makeCredentialResult.publicKeyAlgorithm, publicKeyAlgorithm: makeCredentialResult.publicKeyAlgorithm,
clientDataJSON, transports: ["hybrid"],
transports: ["web-extension"],
}; };
} }
@@ -181,16 +175,11 @@ export class Fido2ClientService implements Fido2ClientServiceAbstraction {
const timeout = setAbortTimeout(abortController, params.userVerification, params.timeout); const timeout = setAbortTimeout(abortController, params.userVerification, params.timeout);
const allowCredentialDescriptorList: PublicKeyCredentialDescriptor[] = []; const allowCredentialDescriptorList: PublicKeyCredentialDescriptor[] =
for (const id of params.allowedCredentialIds) { params.allowedCredentialIds.map((id) => ({
try { id: Fido2Utils.stringToBuffer(id),
allowCredentialDescriptorList.push({
id: Utils.guidToRawFormat(id),
type: "public-key", type: "public-key",
}); }));
// eslint-disable-next-line no-empty
} catch {}
}
const getAssertionParams: Fido2AuthenticatorGetAssertionParams = { const getAssertionParams: Fido2AuthenticatorGetAssertionParams = {
rpId, rpId,
@@ -223,8 +212,8 @@ export class Fido2ClientService implements Fido2ClientServiceAbstraction {
return { return {
authenticatorData: Fido2Utils.bufferToString(getAssertionResult.authenticatorData), authenticatorData: Fido2Utils.bufferToString(getAssertionResult.authenticatorData),
clientDataJSON, clientDataJSON: Fido2Utils.bufferToString(clientDataJSONBytes),
credentialId: getAssertionResult.selectedCredential.id, credentialId: Fido2Utils.bufferToString(getAssertionResult.selectedCredential.id),
userHandle: userHandle:
getAssertionResult.selectedCredential.userHandle !== undefined getAssertionResult.selectedCredential.userHandle !== undefined
? Fido2Utils.bufferToString(getAssertionResult.selectedCredential.userHandle) ? Fido2Utils.bufferToString(getAssertionResult.selectedCredential.userHandle)