// Copyright 2020 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "device/fido/cable/v2_authenticator.h" #include <string_view> #include "base/containers/flat_set.h" #include "base/feature_list.h" #include "base/json/json_reader.h" #include "base/memory/raw_ptr.h" #include "base/memory/raw_ptr_exclusion.h" #include "base/memory/weak_ptr.h" #include "base/ranges/algorithm.h" #include "base/sequence_checker.h" #include "base/strings/string_number_conversions.h" #include "base/task/sequenced_task_runner.h" #include "base/time/time.h" #include "components/cbor/diagnostic_writer.h" #include "components/cbor/reader.h" #include "components/cbor/values.h" #include "components/cbor/writer.h" #include "components/device_event_log/device_event_log.h" #include "crypto/random.h" #include "device/fido/cable/v2_constants.h" #include "device/fido/cable/v2_handshake.h" #include "device/fido/cable/websocket_adapter.h" #include "device/fido/cbor_extract.h" #include "device/fido/features.h" #include "device/fido/fido_constants.h" #include "device/fido/fido_parsing_utils.h" #include "device/fido/network_context_factory.h" #include "device/fido/public_key_credential_descriptor.h" #include "device/fido/public_key_credential_params.h" #include "device/fido/public_key_credential_rp_entity.h" #include "device/fido/public_key_credential_user_entity.h" #include "net/base/isolation_info.h" #include "net/cookies/site_for_cookies.h" #include "net/storage_access_api/status.h" #include "net/traffic_annotation/network_traffic_annotation.h" #include "services/network/public/mojom/network_context.mojom.h" #include "third_party/abseil-cpp/absl/types/variant.h" #include "third_party/blink/public/mojom/webauthn/authenticator.mojom.h" #include "third_party/boringssl/src/include/openssl/aes.h" #include "third_party/boringssl/src/include/openssl/ec_key.h" #include "third_party/boringssl/src/include/openssl/obj.h" namespace device::cablev2::authenticator { CtapDeviceResponseCode; CtapRequestCommand; IntKey; Is; Map; StepOrByte; Stop; StringKey; namespace { // kTimeoutSeconds is the timeout that is put into the parameters that are // passed up to the platform. const int kTimeoutSeconds = …; constexpr net::NetworkTrafficAnnotationTag kTrafficAnnotation = …; struct MakeCredRequest { … }; static constexpr StepOrByte<MakeCredRequest> kMakeCredParseSteps[] = …; struct AttestationObject { … }; static constexpr StepOrByte<AttestationObject> kAttObjParseSteps[] = …; struct GetAssertionRequest { … }; static constexpr StepOrByte<GetAssertionRequest> kGetAssertionParseSteps[] = …; // BuildGetInfoResponse returns a CBOR-encoded getInfo response. std::vector<uint8_t> BuildGetInfoResponse() { … } std::array<uint8_t, device::cablev2::kNonceSize> RandomNonce() { … } GeneratePairingDataCallback; // TunnelTransport is a transport that uses WebSockets to talk to a cloud // service and uses BLE adverts to show proximity. class TunnelTransport : public Transport { … }; class CTAP2Processor : public Transaction { … }; class DigitalIdentityProcessor : public Transaction { … }; static std::array<uint8_t, 32> DerivePairedSecret( base::span<const uint8_t, kRootSecretSize> root_secret, const std::optional<base::span<const uint8_t>>& contact_id, base::span<const uint8_t, kPairingIDSize> pairing_id) { … } class PairingDataGenerator { … }; } // namespace Platform::BLEAdvert::~BLEAdvert() = default; Platform::~Platform() = default; Transport::~Transport() = default; Transaction::~Transaction() = default; std::unique_ptr<Transaction> TransactWithPlaintextTransport( std::unique_ptr<Platform> platform, std::unique_ptr<Transport> transport) { … } std::unique_ptr<Transaction> TransactFromQRCode( std::unique_ptr<Platform> platform, NetworkContextFactory network_context_factory, base::span<const uint8_t, kRootSecretSize> root_secret, const std::string& authenticator_name, base::span<const uint8_t, 16> qr_secret, base::span<const uint8_t, kP256X962Length> peer_identity, std::optional<std::vector<uint8_t>> contact_id) { … } std::unique_ptr<Transaction> TransactDigitalIdentityFromQRCodeForTesting( std::unique_ptr<Platform> platform, NetworkContextFactory network_context_factory, base::span<const uint8_t, 16> qr_secret, base::span<const uint8_t, kP256X962Length> peer_identity, PayloadType response_payload_type, std::vector<uint8_t> response) { … } std::unique_ptr<Transaction> TransactFromQRCodeDeprecated( std::unique_ptr<Platform> platform, network::mojom::NetworkContext* network_context, base::span<const uint8_t, kRootSecretSize> root_secret, const std::string& authenticator_name, base::span<const uint8_t, 16> qr_secret, base::span<const uint8_t, kP256X962Length> peer_identity, std::optional<std::vector<uint8_t>> contact_id) { … } std::unique_ptr<Transaction> TransactFromFCM( std::unique_ptr<Platform> platform, NetworkContextFactory network_context_factory, base::span<const uint8_t, kRootSecretSize> root_secret, std::array<uint8_t, kRoutingIdSize> routing_id, base::span<const uint8_t, kTunnelIdSize> tunnel_id, base::span<const uint8_t, kPairingIDSize> pairing_id, base::span<const uint8_t, kClientNonceSize> client_nonce, std::optional<base::span<const uint8_t>> contact_id) { … } std::unique_ptr<Transaction> TransactFromFCMDeprecated( std::unique_ptr<Platform> platform, network::mojom::NetworkContext* network_context, base::span<const uint8_t, kRootSecretSize> root_secret, std::array<uint8_t, kRoutingIdSize> routing_id, base::span<const uint8_t, kTunnelIdSize> tunnel_id, base::span<const uint8_t, kPairingIDSize> pairing_id, base::span<const uint8_t, kClientNonceSize> client_nonce, std::optional<base::span<const uint8_t>> contact_id) { … } } // namespace device::cablev2::authenticator
Codebase Browser
chromium