/src/mozilla-central/dom/webauthn/WebAuthnCBORUtil.cpp

Source (jump to first uncovered line)
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this file,
 * You can obtain one at http://mozilla.org/MPL/2.0/. */

#include "cbor-cpp/src/cbor.h"
#include "mozilla/dom/WebAuthnCBORUtil.h"
#include "mozilla/dom/WebAuthnUtil.h"

namespace mozilla {
namespace dom {

nsresult
CBOREncodePublicKeyObj(const CryptoBuffer& aPubKeyBuf,
                       /* out */ CryptoBuffer& aPubKeyObj)
{
  mozilla::dom::CryptoBuffer xBuf, yBuf;
  nsresult rv = U2FDecomposeECKey(aPubKeyBuf, xBuf, yBuf);
  if (NS_FAILED(rv)) {
    return rv;
  }

  // COSE_Key object. See https://tools.ietf.org/html/rfc8152#section-7
  cbor::output_dynamic cborPubKeyOut;
  cbor::encoder encoder(cborPubKeyOut);
  encoder.write_map(5);
  {
    encoder.write_int(1);   // kty
    encoder.write_int(2);   // EC2
    encoder.write_int(3);   // alg
    encoder.write_int(-7);  // ES256

    // See https://tools.ietf.org/html/rfc8152#section-13.1
    encoder.write_int(-1);  // crv
    encoder.write_int(1);   // P-256
    encoder.write_int(-2);  // x
    encoder.write_bytes(xBuf.Elements(), xBuf.Length());
    encoder.write_int(-3);  // y
    encoder.write_bytes(yBuf.Elements(), yBuf.Length());
  }

  if (!aPubKeyObj.Assign(cborPubKeyOut.data(), cborPubKeyOut.size())) {
    return NS_ERROR_OUT_OF_MEMORY;
  }
  return NS_OK;
}

nsresult
CBOREncodeFidoU2FAttestationObj(const CryptoBuffer& aAuthDataBuf,
                                const CryptoBuffer& aAttestationCertBuf,
                                const CryptoBuffer& aSignatureBuf,
                                /* out */ CryptoBuffer& aAttestationObj)
{
  /*
  Attestation Object, encoded in CBOR (description is CDDL)

  attObj = {
              authData: bytes,
              $$attStmtType
           }
  $$attStmtType //= (
                        fmt: "fido-u2f",
                        attStmt: u2fStmtFormat
                    )
  u2fStmtFormat = {
                      x5c: [ attestnCert: bytes, * (caCert: bytes) ],
                      sig: bytes
                  }
  */
  cbor::output_dynamic cborAttOut;
  cbor::encoder encoder(cborAttOut);
  encoder.write_map(3);
  {
    encoder.write_string("fmt");
    encoder.write_string("fido-u2f");

    encoder.write_string("attStmt");
    encoder.write_map(2);
    {
      encoder.write_string("sig");
      encoder.write_bytes(aSignatureBuf.Elements(), aSignatureBuf.Length());

      encoder.write_string("x5c");
      // U2F wire protocol can only deliver 1 certificate, so it's never a chain
      encoder.write_array(1);
      encoder.write_bytes(aAttestationCertBuf.Elements(), aAttestationCertBuf.Length());
    }

    encoder.write_string("authData");
    encoder.write_bytes(aAuthDataBuf.Elements(), aAuthDataBuf.Length());
  }

  if (!aAttestationObj.Assign(cborAttOut.data(), cborAttOut.size())) {
    return NS_ERROR_OUT_OF_MEMORY;
  }
  return NS_OK;
}

nsresult
CBOREncodeNoneAttestationObj(const CryptoBuffer& aAuthDataBuf,
                             /* out */ CryptoBuffer& aAttestationObj)
{
  /*
  Attestation Object, encoded in CBOR (description is CDDL)

  $$attStmtType //= (
                          fmt: "none",
                          attStmt: emptyMap
                      )

  emptyMap = {}
  */
  cbor::output_dynamic cborAttOut;
  cbor::encoder encoder(cborAttOut);
  encoder.write_map(3);
  {
    encoder.write_string("fmt");
    encoder.write_string("none");

    encoder.write_string("attStmt");
    encoder.write_map(0);

    encoder.write_string("authData");
    encoder.write_bytes(aAuthDataBuf.Elements(), aAuthDataBuf.Length());
  }

  if (!aAttestationObj.Assign(cborAttOut.data(), cborAttOut.size())) {
    return NS_ERROR_OUT_OF_MEMORY;
  }
  return NS_OK;
}

}
}

Line	Count	Source (jump to first uncovered line)
1		/* -- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -- */
2		/* vim: set ts=8 sts=2 et sw=2 tw=80: */
3		/* This Source Code Form is subject to the terms of the Mozilla Public
4		* License, v. 2.0. If a copy of the MPL was not distributed with this file,
5		* You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7		#include "cbor-cpp/src/cbor.h"
8		#include "mozilla/dom/WebAuthnCBORUtil.h"
9		#include "mozilla/dom/WebAuthnUtil.h"
10
11		namespace mozilla {
12		namespace dom {
13
14		nsresult
15		CBOREncodePublicKeyObj(const CryptoBuffer& aPubKeyBuf,
16		/* out */ CryptoBuffer& aPubKeyObj)
17	0	{
18	0	mozilla::dom::CryptoBuffer xBuf, yBuf;
19	0	nsresult rv = U2FDecomposeECKey(aPubKeyBuf, xBuf, yBuf);
20	0	if (NS_FAILED(rv)) {
21	0	return rv;
22	0	}
23	0
24	0	// COSE_Key object. See https://tools.ietf.org/html/rfc8152#section-7
25	0	cbor::output_dynamic cborPubKeyOut;
26	0	cbor::encoder encoder(cborPubKeyOut);
27	0	encoder.write_map(5);
28	0	{
29	0	encoder.write_int(1); // kty
30	0	encoder.write_int(2); // EC2
31	0	encoder.write_int(3); // alg
32	0	encoder.write_int(-7); // ES256
33	0
34	0	// See https://tools.ietf.org/html/rfc8152#section-13.1
35	0	encoder.write_int(-1); // crv
36	0	encoder.write_int(1); // P-256
37	0	encoder.write_int(-2); // x
38	0	encoder.write_bytes(xBuf.Elements(), xBuf.Length());
39	0	encoder.write_int(-3); // y
40	0	encoder.write_bytes(yBuf.Elements(), yBuf.Length());
41	0	}
42	0
43	0	if (!aPubKeyObj.Assign(cborPubKeyOut.data(), cborPubKeyOut.size())) {
44	0	return NS_ERROR_OUT_OF_MEMORY;
45	0	}
46	0	return NS_OK;
47	0	}
48
49		nsresult
50		CBOREncodeFidoU2FAttestationObj(const CryptoBuffer& aAuthDataBuf,
51		const CryptoBuffer& aAttestationCertBuf,
52		const CryptoBuffer& aSignatureBuf,
53		/* out */ CryptoBuffer& aAttestationObj)
54	0	{
55	0	/*
56	0	Attestation Object, encoded in CBOR (description is CDDL)
57	0
58	0	attObj = {
59	0	authData: bytes,
60	0	$$attStmtType
61	0	}
62	0	$$attStmtType //= (
63	0	fmt: "fido-u2f",
64	0	attStmt: u2fStmtFormat
65	0	)
66	0	u2fStmtFormat = {
67	0	x5c: [ attestnCert: bytes, * (caCert: bytes) ],
68	0	sig: bytes
69	0	}
70	0	*/
71	0	cbor::output_dynamic cborAttOut;
72	0	cbor::encoder encoder(cborAttOut);
73	0	encoder.write_map(3);
74	0	{
75	0	encoder.write_string("fmt");
76	0	encoder.write_string("fido-u2f");
77	0
78	0	encoder.write_string("attStmt");
79	0	encoder.write_map(2);
80	0	{
81	0	encoder.write_string("sig");
82	0	encoder.write_bytes(aSignatureBuf.Elements(), aSignatureBuf.Length());
83	0
84	0	encoder.write_string("x5c");
85	0	// U2F wire protocol can only deliver 1 certificate, so it's never a chain
86	0	encoder.write_array(1);
87	0	encoder.write_bytes(aAttestationCertBuf.Elements(), aAttestationCertBuf.Length());
88	0	}
89	0
90	0	encoder.write_string("authData");
91	0	encoder.write_bytes(aAuthDataBuf.Elements(), aAuthDataBuf.Length());
92	0	}
93	0
94	0	if (!aAttestationObj.Assign(cborAttOut.data(), cborAttOut.size())) {
95	0	return NS_ERROR_OUT_OF_MEMORY;
96	0	}
97	0	return NS_OK;
98	0	}
99
100		nsresult
101		CBOREncodeNoneAttestationObj(const CryptoBuffer& aAuthDataBuf,
102		/* out */ CryptoBuffer& aAttestationObj)
103	0	{
104	0	/*
105	0	Attestation Object, encoded in CBOR (description is CDDL)
106	0
107	0	$$attStmtType //= (
108	0	fmt: "none",
109	0	attStmt: emptyMap
110	0	)
111	0
112	0	emptyMap = {}
113	0	*/
114	0	cbor::output_dynamic cborAttOut;
115	0	cbor::encoder encoder(cborAttOut);
116	0	encoder.write_map(3);
117	0	{
118	0	encoder.write_string("fmt");
119	0	encoder.write_string("none");
120	0
121	0	encoder.write_string("attStmt");
122	0	encoder.write_map(0);
123	0
124	0	encoder.write_string("authData");
125	0	encoder.write_bytes(aAuthDataBuf.Elements(), aAuthDataBuf.Length());
126	0	}
127	0
128	0	if (!aAttestationObj.Assign(cborAttOut.data(), cborAttOut.size())) {
129	0	return NS_ERROR_OUT_OF_MEMORY;
130	0	}
131	0	return NS_OK;
132	0	}
133
134		}
135		}

Coverage Report

Created: 2018-09-25 14:53