From ef83674b2c944e9ab07bec44a6af85362fcc383b Mon Sep 17 00:00:00 2001 From: Angelo Liao Date: Fri, 28 Jul 2017 17:08:09 -0700 Subject: [PATCH 1/2] add requireResidentKey param to the invocation step of authenticatorMakeCredential (#502) * explicitly level 1, fixes #475 * improve allowCredentials and transports handling in #getAssertion, fixes #480 * Update index.bs * add requireResidentKey param to authenticatorMC * added ... identified by rpId for clarification * grammar fixup * Update index.bs * fix linking error * add back ' = []' on excludeCredentials, fixes #268 * add links to scribe/bot instructions * Fix typo. * Fix typo * Renamed MakeCredentialOptions to MakePublicKeyCredentialOptions and parameters to pubKeyCredParams * Have parameter orders match those in the Authenticator Operations section --- index.bs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/index.bs b/index.bs index 0493d77f3..9215a75f1 100644 --- a/index.bs +++ b/index.bs @@ -655,6 +655,7 @@ When this method is invoked, the user agent MUST execute the following algorithm 1. Otherwise, [=list/Append=] |C| to |excludeCredentialDescriptorList|. 1. [=In parallel=], invoke the [=authenticatorMakeCredential=] operation on |authenticator| with |rpId|, |clientDataHash|, |options|.{{MakePublicKeyCredentialOptions/rp}}, |options|.{{MakePublicKeyCredentialOptions/user}}, + |options|.{{MakePublicKeyCredentialOptions/authenticatorSelection}}.{{AuthenticatorSelectionCriteria/requireResidentKey}}, |normalizedParameters|, |excludeCredentialDescriptorList|, and |authenticatorExtensions| as parameters. 1. [=set/Append=] |authenticator| to |issuedRequests|. @@ -1554,8 +1555,8 @@ input parameters: preferred. The platform makes a best-effort to create the most preferred credential that it can. - An optional list of {{PublicKeyCredentialDescriptor}} objects provided by the [=[RP]=] with the intention that, if any of these are known to the authenticator, it should not create a new credential. -- Extension data created by the client based on the extensions requested by the [=[RP]=], if any. - The |requireResidentKey| parameter of the |options|.{{MakePublicKeyCredentialOptions/authenticatorSelection}} dictionary. +- Extension data created by the client based on the extensions requested by the [=[RP]=], if any. When this operation is invoked, the authenticator must perform the following procedure: - Check if all the supplied parameters are syntactically well-formed and of the correct length. If not, return an error code From 52b4422b372ec5d56da89f4808cfb12938c8ecb2 Mon Sep 17 00:00:00 2001 From: Mike Jones Date: Fri, 28 Jul 2017 17:09:55 -0700 Subject: [PATCH 2/2] PublicKeyCredentialParameters parameter name is alg - not algorithm (#513) --- index.bs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/index.bs b/index.bs index 9215a75f1..5ebdc900a 100644 --- a/index.bs +++ b/index.bs @@ -3248,11 +3248,11 @@ The sample code for generating and registering a new key follows: pubKeyCredParams: [ { type: "public-key", - algorithm: "ES256", + alg: "ES256", }, { type: "public-key", - algorithm: "RS256", + alg: "RS256", } ],