value_conversions.cc | Explore in Territory

// Copyright 2021 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifdef UNSAFE_BUFFERS_BUILD
// TODO(crbug.com/40285824): Remove this and convert code to safer constructs.
#pragma allow_unsafe_buffers
#endif

#include "components/webauthn/json/value_conversions.h"

#include <iterator>
#include <optional>
#include <string_view>

#include "base/base64url.h"
#include "base/feature_list.h"
#include "base/ranges/ranges.h"
#include "base/values.h"
#include "device/fido/attestation_object.h"
#include "device/fido/authenticator_selection_criteria.h"
#include "device/fido/cable/cable_discovery_data.h"
#include "device/fido/features.h"
#include "device/fido/fido_constants.h"
#include "device/fido/fido_transport_protocol.h"
#include "device/fido/fido_types.h"
#include "device/fido/public_key_credential_descriptor.h"
#include "device/fido/public_key_credential_params.h"
#include "device/fido/public_key_credential_rp_entity.h"
#include "device/fido/public_key_credential_user_entity.h"
#include "third_party/blink/public/mojom/webauthn/authenticator.mojom.h"

namespace webauthn {

namespace {

std::string Base64UrlEncode(base::span<const uint8_t> input) { … }

bool Base64UrlDecode(std::string_view input, std::string* output) { … }

// Base64url-decodes the value of `key` from `dict`. Returns `nullopt` if the
// key isn't present or decoding failed.
std::optional<std::string> Base64UrlDecodeStringKey(
    const base::Value::Dict& dict,
    const std::string& key) { … }

// Like `Base64UrlDecodeStringKey()` attempts to find and base64-decode the
// value of `key` in `dict`. However, the value is optional and so may be
// `base::Value::Type::NONE` or may be omitted. The style of omitted values
// is changing: initially they were expressed as `null` values in JSON objects,
// but as of https://github.com/w3c/webauthn/pull/1878 they'll be omitted
// instead. This code is in a transitional state where either form is accepted.
//
// Returns true on success and the decoded result if the value was a string.
// Returns `{false, std::nullopt}` if the key wasn't found or if decoding the
// string failed.
std::tuple<bool, std::optional<std::string>> Base64UrlDecodeOptionalStringKey(
    const base::Value::Dict& dict,
    const std::string& key) { … }

std::vector<uint8_t> ToByteVector(const std::string& in) { … }

base::Value ToValue(const device::PublicKeyCredentialRpEntity& relying_party) { … }

base::Value ToValue(const device::PublicKeyCredentialUserEntity& user) { … }

base::Value ToValue(
    const device::PublicKeyCredentialParams::CredentialInfo& params) { … }

base::Value ToValue(const device::PublicKeyCredentialDescriptor& descriptor) { … }

base::Value ToValue(
    const device::AuthenticatorAttachment& authenticator_attachment) { … }

base::Value ToValue(
    const device::ResidentKeyRequirement& resident_key_requirement) { … }

base::Value ToValue(
    const device::UserVerificationRequirement& user_verification_requirement) { … }

base::Value ToValue(
    const device::AuthenticatorSelectionCriteria& authenticator_selection) { … }

base::Value ToValue(const device::AttestationConveyancePreference&
                        attestation_conveyance_preference) { … }

base::Value ToValue(const blink::mojom::RemoteDesktopClientOverride&
                        remote_desktop_client_override) { … }

base::Value ToValue(const blink::mojom::ProtectionPolicy policy) { … }

base::Value ToValue(const device::LargeBlobSupport large_blob) { … }

base::Value ToValue(const device::CableDiscoveryData& cable_authentication) { … }

base::Value ToValue(
    const blink::mojom::SupplementalPubKeysRequestPtr& supplemental_pub_keys) { … }

base::Value ToValue(const std::vector<std::string>& strings) { … }

std::optional<device::FidoTransportProtocol> FidoTransportProtocolFromValue(
    const base::Value& value) { … }

std::optional<device::AuthenticatorAttachment>
OptionalAuthenticatorAttachmentFromValue(const base::Value* value) { … }

std::pair<blink::mojom::MakeCredentialAuthenticatorResponsePtr, std::string>
InvalidMakeCredentialField(const char* field_name) { … }

std::pair<blink::mojom::GetAssertionAuthenticatorResponsePtr, std::string>
InvalidGetAssertionField(const char* field_name) { … }

base::Value ToValue(const blink::mojom::PRFValuesPtr& prf_input) { … }

base::Value ToValue(const std::vector<blink::mojom::Hint>& hints) { … }

}  // namespace

base::Value ToValue(
    const blink::mojom::PublicKeyCredentialCreationOptionsPtr& options) { … }

base::Value ToValue(
    const blink::mojom::PublicKeyCredentialRequestOptionsPtr& options) { … }

std::optional<blink::mojom::PRFValuesPtr> ParsePRFResults(
    const base::Value::Dict* results) { … }

std::optional<blink::mojom::SupplementalPubKeysResponsePtr>
ParseSupplementalPubKeys(const base::Value::Dict* json) { … }

std::pair<blink::mojom::MakeCredentialAuthenticatorResponsePtr, std::string>
MakeCredentialResponseFromValue(const base::Value& value) { … }

std::pair<blink::mojom::GetAssertionAuthenticatorResponsePtr, std::string>
GetAssertionResponseFromValue(const base::Value& value) { … }

}  // namespace webauthn
chromium/components/webauthn/json/value_conversions.cc
