New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[WebAuthn] CBOR encoded extensions not passed along during assertions #2557
[WebAuthn] CBOR encoded extensions not passed along during assertions #2557
Conversation
@@ -1017,7 +1017,10 @@ - (void)makeCredentialWithClientDataHash:(NSData *)clientDataHash options:(_WKPu | |||
result.userVerificationString = toString(userVerification(options.userVerification)); | |||
if (auto attachment = authenticatorAttachment(options.authenticatorAttachment)) | |||
result.authenticatorAttachmentString = toString(*attachment); | |||
result.extensions = authenticationExtensionsClientInputs(options.extensions); | |||
if (options.extensionsCBOR) | |||
result.extensions = WebCore::AuthenticationExtensionsClientInputs::fromCBOR(vectorFromNSData(options.extensionsCBOR)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is a bit unfortunate to copy the bytes from a NSData to a Vector, just to decode it.
Ideally, AuthenticationExtensionsClientInputs::fromCBOR() would take in a Span<const uint8_t>
so we could pass in data without copying it. It is cheap to construct a Span from a Vector or a NSData because it doesn't involve copying.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ooh, that's really good to know. Updating CBORReader with this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should check (as a follow-up patch) if there are other cases where we lack this optimization.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
bf66a2f
to
f0292e0
Compare
Source/WTF/wtf/cocoa/SpanCocoa.h
Outdated
@@ -41,6 +41,12 @@ inline Span<const std::byte> asBytes(const RetainPtr<NSData>& data) | |||
return asBytes(data.get()); | |||
} | |||
|
|||
inline Span<const uint8_t> spanFromNSData(NSData* data) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Any chance we could use asBytes() from SpanCocoa.h?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I tried this, converting everything to use std::byte instead of uint8_t turns out to be pretty involved as Span<const uint8_t>
and Span<const std::byte>
don't seem to be easily interchangeable.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, maybe we can name it asUInt8Span()
to be a little more consistent with asBytes()
.
Source/WebCore/Modules/webauthn/AuthenticationExtensionsClientInputs.cpp
Show resolved
Hide resolved
f0292e0
to
ceb5066
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good.
Thanks for the review and patience. |
https://bugs.webkit.org/show_bug.cgi?id=242913 rdar://96912101 Reviewed by Chris Dumez. * Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm: (+[_WKWebAuthenticationPanel convertToCoreRequestOptionsWithOptions:]): * Source/WTF/wtf/cocoa/SpanCocoa.h: (WTF::asUInt8Span): * Source/WebCore/Modules/webauthn/AuthenticationExtensionsClientInputs.cpp: (WebCore::AuthenticationExtensionsClientInputs::fromCBOR): * Source/WebCore/Modules/webauthn/AuthenticationExtensionsClientInputs.h: * Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm: (+[_WKWebAuthenticationPanel convertToCoreCreationOptionsWithOptions:]): (+[_WKWebAuthenticationPanel convertToCoreRequestOptionsWithOptions:]): Pass along CBOR encoded extension to ASC, use span to avoid copy. Rest of callsites to be fixed in https://bugs.webkit.org/show_bug.cgi?id=242919. Canonical link: https://commits.webkit.org/252626@main
ceb5066
to
c93cca1
Compare
Committed 252626@main (c93cca1): https://commits.webkit.org/252626@main Reviewed commits have been landed. Closing PR #2557 and removing active labels. |
c93cca1