// Copyright 2018 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "device/fido/get_assertion_request_handler.h" #include <map> #include <set> #include <string> #include <utility> #include <vector> #include "base/containers/contains.h" #include "base/feature_list.h" #include "base/functional/bind.h" #include "base/json/json_writer.h" #include "base/metrics/histogram_functions.h" #include "base/ranges/algorithm.h" #include "base/stl_util.h" #include "base/strings/string_number_conversions.h" #include "base/timer/elapsed_timer.h" #include "build/build_config.h" #include "build/chromeos_buildflags.h" #include "components/cbor/diagnostic_writer.h" #include "components/device_event_log/device_event_log.h" #include "device/fido/authenticator_get_assertion_response.h" #include "device/fido/ctap_get_assertion_request.h" #include "device/fido/discoverable_credential_metadata.h" #include "device/fido/features.h" #include "device/fido/fido_authenticator.h" #include "device/fido/fido_constants.h" #include "device/fido/fido_discovery_factory.h" #include "device/fido/fido_parsing_utils.h" #include "device/fido/fido_transport_protocol.h" #include "device/fido/fido_types.h" #include "device/fido/filter.h" #include "device/fido/pin.h" #include "device/fido/public_key_credential_descriptor.h" #include "device/fido/public_key_credential_user_entity.h" #if BUILDFLAG(IS_MAC) #include "device/fido/mac/authenticator.h" #endif // BUILDFLAG(IS_MAC) #if BUILDFLAG(IS_WIN) #include "device/fido/win/authenticator.h" #include "device/fido/win/type_conversions.h" #endif #if BUILDFLAG(IS_CHROMEOS) #include "device/fido/cros/authenticator.h" #endif namespace device { namespace { PINUVDisposition; const std::set<pin::Permissions> GetPinTokenPermissionsFor( const FidoAuthenticator& authenticator, const CtapGetAssertionOptions& options) { … } // ValidateResponseExtensions returns true iff |extensions| is valid as a // response to |request| and |options|. bool ValidateResponseExtensions( const CtapGetAssertionRequest& request, const CtapGetAssertionOptions& options, const AuthenticatorGetAssertionResponse& response, const cbor::Value& extensions) { … } // ResponseValid returns whether |responses| is permissible for the given // |authenticator| and |request|. bool ResponseValid( const FidoAuthenticator& authenticator, const CtapGetAssertionRequest& request, const CtapGetAssertionOptions& options, const std::vector<AuthenticatorGetAssertionResponse>& responses) { … } base::flat_set<FidoTransportProtocol> GetTransportsAllowedByRP( const CtapGetAssertionRequest& request) { … } void ReportGetAssertionRequestTransport(FidoAuthenticator* authenticator) { … } void ReportGetAssertionResponseTransport(FidoAuthenticator* authenticator) { … } UserVerificationRequirement AtLeastUVPreferred(UserVerificationRequirement uv) { … } CtapGetAssertionRequest SpecializeRequestForAuthenticator( const CtapGetAssertionRequest& request, const CtapGetAssertionOptions& options, const FidoAuthenticator& authenticator) { … } CtapGetAssertionOptions SpecializeOptionsForAuthenticator( const CtapGetAssertionOptions& options, const FidoAuthenticator& authenticator) { … } bool IsOnlyHybridOrInternal(const PublicKeyCredentialDescriptor& credential) { … } bool AllowListOnlyHybridOrInternal(const CtapGetAssertionRequest& request) { … } bool AllowListIncludedTransport(const CtapGetAssertionRequest& request, FidoTransportProtocol transport) { … } } // namespace GetAssertionRequestHandler::GetAssertionRequestHandler( FidoDiscoveryFactory* fido_discovery_factory, std::vector<std::unique_ptr<FidoDiscoveryBase>> additional_discoveries, const base::flat_set<FidoTransportProtocol>& supported_transports, CtapGetAssertionRequest request, CtapGetAssertionOptions options, bool allow_skipping_pin_touch, CompletionCallback completion_callback) : … { … } GetAssertionRequestHandler::~GetAssertionRequestHandler() = default; void GetAssertionRequestHandler::PreselectAccount( DiscoverableCredentialMetadata credential) { … } base::WeakPtr<GetAssertionRequestHandler> GetAssertionRequestHandler::GetWeakPtr() { … } void GetAssertionRequestHandler::OnBluetoothAdapterEnumerated( bool is_present, BleStatus ble_status, bool can_power_on, bool is_peripheral_role_supported) { … } void GetAssertionRequestHandler::DispatchRequest( FidoAuthenticator* authenticator) { … } void GetAssertionRequestHandler::AuthenticatorRemoved( FidoDiscoveryBase* discovery, FidoAuthenticator* authenticator) { … } void GetAssertionRequestHandler::GetPlatformCredentialStatus( FidoAuthenticator* platform_authenticator) { … } bool GetAssertionRequestHandler::AuthenticatorSelectedForPINUVAuthToken( FidoAuthenticator* authenticator) { … } void GetAssertionRequestHandler::CollectPIN(pin::PINEntryReason reason, pin::PINEntryError error, uint32_t min_pin_length, int attempts, ProvidePINCallback provide_pin_cb) { … } void GetAssertionRequestHandler::PromptForInternalUVRetry(int attempts) { … } void GetAssertionRequestHandler::HavePINUVAuthTokenResultForAuthenticator( FidoAuthenticator* authenticator, AuthTokenRequester::Result result, std::optional<pin::TokenResponse> token_response) { … } void GetAssertionRequestHandler::ObtainPINUVAuthToken( FidoAuthenticator* authenticator, std::set<pin::Permissions> permissions, bool skip_pin_touch, bool internal_uv_locked) { … } void GetAssertionRequestHandler::HandleResponse( FidoAuthenticator* authenticator, CtapGetAssertionRequest request, base::ElapsedTimer request_timer, GetAssertionStatus status, std::vector<AuthenticatorGetAssertionResponse> responses) { … } void GetAssertionRequestHandler::TerminateUnsatisfiableRequestPostTouch( FidoAuthenticator* authenticator) { … } void GetAssertionRequestHandler::DispatchRequestWithToken( pin::TokenResponse token) { … } } // namespace device
Codebase Browser
chromium