Skip to content

Commit

Permalink
change(pass-webauthn): fix impls and work towards registration verifi…
Browse files Browse the repository at this point in the history 
…cation.
  • Loading branch information
@jgutierrezre
jgutierrezre committed Oct 14, 2024
1 parent 95fa042 commit c55a062
Showing 1 changed file with 36 additions and 13 deletions.
49 changes: 36 additions & 13 deletions pass-webauthn/src/impls.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ where
Cx: Parameter,
{
fn challenge(&self) -> Challenge {
|| -> Result<AuthorityId, ()> {
|| -> Result<Challenge, ()> {
let client_data_json =
serde_json::from_slice::<Value>(&self.client_data).map_err(|_| ())?;

Check failure on line 20 in pass-webauthn/src/impls.rs

View workflow job for this annotation

GitHub Actions / clippy

no field `client_data` on type `&Attestation<Cx>` 

error[E0609]: no field `client_data` on type `&Attestation<Cx>`
  --> pass-webauthn/src/impls.rs:20:55
   |
20 |                 serde_json::from_slice::<Value>(&self.client_data).map_err(|_| ())?;
   |                                                       ^^^^^^^^^^^ unknown field
   |
   = note: available fields are: `credential_id`, `context`, `authenticator_data`, `attestation_data`, `public_key`

Expand All @@ -33,14 +33,11 @@ impl<Cx> DeviceChallengeResponse<Cx> for Attestation<Cx>
where
Cx: Parameter + Copy + 'static,
{
// TODO: @pandres95, considering that DeviceChallengeResponse is used for creating a new
// authentication device, webauth_verify wouldn't work here. We need to implement a new
// verification method exclusively for credential creation.
fn is_valid(&self) -> bool {
webauthn_verify(
self.authenticator_data.as_ref(),
&self.client_data,
&self.signature,
&self.public_key,
)
.is_ok()
true
}

fn used_challenge(&self) -> (Cx, Challenge) {
Expand Down Expand Up @@ -105,7 +102,17 @@ where
Cx: Parameter,
{
fn challenge(&self) -> Challenge {
todo!("Extract `challenge`, format into `Challenge` format (that is, [u8; 32])");
|| -> Result<Challenge, ()> {
let client_data_json =
serde_json::from_slice::<Value>(&self.client_data).map_err(|_| ())?;

let challenge_str =
base64::decode(client_data_json["challenge"].as_str().ok_or(())?.as_bytes())
.map_err(|_| ())?;

Decode::decode(&mut TrailingZeroInput::new(challenge_str.as_bytes())).map_err(|_| ())?

Check failure on line 113 in pass-webauthn/src/impls.rs

View workflow job for this annotation

GitHub Actions / clippy

no method named `as_bytes` found for struct `std::vec::Vec<u8>` in the current scope 

error[E0599]: no method named `as_bytes` found for struct `std::vec::Vec<u8>` in the current scope
   --> pass-webauthn/src/impls.rs:113:70
    |
113 |             Decode::decode(&mut TrailingZeroInput::new(challenge_str.as_bytes())).map_err(|_| ())?
    |                                                                      ^^^^^^^^
    |
    = help: items from traits can only be used if the trait is in scope
help: the following traits which provide `as_bytes` are implemented but not in scope; perhaps you want to import one of them
    |
1   + use blake2::as_bytes::AsBytes;
    |
1   + use std::os::unix::ffi::OsStrExt;
    |
1   + use zerocopy::AsBytes;
    |
help: there is a method `bytes` with a similar name
    |
113 |             Decode::decode(&mut TrailingZeroInput::new(challenge_str.bytes())).map_err(|_| ())?
    |                                                                      ~~~~~
}()
.unwrap_or_default()
}
}

Expand All @@ -114,20 +121,36 @@ impl<Cx> UserChallengeResponse<Cx> for Credential<Cx>
where
Cx: Parameter + Copy + 'static,
{
// TODO: @jgutierrezre please check if there are necessary validations involved here.
fn is_valid(&self) -> bool {
true
webauthn_verify(
self.authenticator_data.as_ref(),
&self.client_data,
&self.signature,
&self.public_key,

Check failure on line 129 in pass-webauthn/src/impls.rs

View workflow job for this annotation

GitHub Actions / clippy

no field `public_key` on type `&Credential<Cx>` 

error[E0609]: no field `public_key` on type `&Credential<Cx>`
   --> pass-webauthn/src/impls.rs:129:19
    |
129 |             &self.public_key,
    |                   ^^^^^^^^^^ unknown field
    |
    = note: available fields are: `user_id`, `context`, `authenticator_data`, `client_data`, `signature`
)
.is_ok()
}

fn used_challenge(&self) -> (Cx, Challenge) {
(self.context, self.challenge())
}

fn authority(&self) -> AuthorityId {
todo!("Extract `rp_id`, format into `AuthorityId` format (that is, [u8; 32])");
|| -> Result<AuthorityId, ()> {
let client_data_json =
serde_json::from_slice::<Value>(&self.client_data).map_err(|_| ())?;

let origin = client_data_json["origin"].as_str().ok_or(())?;
let (_, domain) = origin.split_once("//").ok_or(())?;
let (rp_id_subdomain, _) = domain.split_once(".").ok_or(())?;

Decode::decode(&mut TrailingZeroInput::new(rp_id_subdomain.as_bytes()))
.map_err(|_| ())?
}()
.unwrap_or_default()
}

fn user_id(&self) -> HashedUserId {
todo!("Extract `user_id`, format into `HashedUserId` format (that is, [u8; 32])");
&self.user_id

Check failure on line 154 in pass-webauthn/src/impls.rs

View workflow job for this annotation

GitHub Actions / clippy

mismatched types 

error[E0308]: mismatched types
   --> pass-webauthn/src/impls.rs:154:9
    |
153 |     fn user_id(&self) -> HashedUserId {
    |                          ------------ expected `[u8; 32]` because of return type
154 |         &self.user_id
    |         ^^^^^^^^^^^^^ expected `[u8; 32]`, found `&[u8; 32]`
    |
help: consider removing the borrow
    |
154 -         &self.user_id
154 +         self.user_id
    |
}
}

0 comments on commit c55a062

Please sign in to comment.