Google Git
Sign in
chromium / chromium / src.git / 7ca0c1a47eda52b3040c21df5029e1beaff7d4b1 / . / device / fido / ctap_make_credential_request.cc
blob: 84c37accdbf34ecae757d02225b4ff72b9f685b6 [file] [log] [blame]
// Copyright 2017 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "device/fido/ctap_make_credential_request.h"
#include <algorithm>
#include <limits>
#include <utility>
#include "base/numerics/safe_conversions.h"
#include "components/cbor/values.h"
#include "device/fido/fido_constants.h"
#include "device/fido/fido_parsing_utils.h"
namespace device {
CtapMakeCredentialRequest::CtapMakeCredentialRequest(
std::string in_client_data_json,
PublicKeyCredentialRpEntity in_rp,
PublicKeyCredentialUserEntity in_user,
PublicKeyCredentialParams in_public_key_credential_params)
: client_data_json(std::move(in_client_data_json)),
client_data_hash(fido_parsing_utils::CreateSHA256Hash(client_data_json)),
rp(std::move(in_rp)),
user(std::move(in_user)),
public_key_credential_params(std::move(in_public_key_credential_params)) {
}
CtapMakeCredentialRequest::CtapMakeCredentialRequest(
const CtapMakeCredentialRequest& that) = default;
CtapMakeCredentialRequest::CtapMakeCredentialRequest(
CtapMakeCredentialRequest&& that) = default;
CtapMakeCredentialRequest& CtapMakeCredentialRequest::operator=(
const CtapMakeCredentialRequest& that) = default;
CtapMakeCredentialRequest& CtapMakeCredentialRequest::operator=(
CtapMakeCredentialRequest&& that) = default;
CtapMakeCredentialRequest::~CtapMakeCredentialRequest() = default;
// static
std::pair<CtapRequestCommand, base::Optional<cbor::Value>>
CtapMakeCredentialRequest::EncodeAsCBOR(
const CtapMakeCredentialRequest& request) {
cbor::Value::MapValue cbor_map;
cbor_map[cbor::Value(1)] = cbor::Value(request.client_data_hash);
cbor_map[cbor::Value(2)] =
PublicKeyCredentialRpEntity::ConvertToCBOR(request.rp);
cbor_map[cbor::Value(3)] =
PublicKeyCredentialUserEntity::ConvertToCBOR(request.user);
cbor_map[cbor::Value(4)] =
request.public_key_credential_params.ConvertToCBOR();
if (request.exclude_list) {
cbor::Value::ArrayValue exclude_list_array;
for (const auto& descriptor : *request.exclude_list) {
exclude_list_array.push_back(descriptor.ConvertToCBOR());
}
cbor_map[cbor::Value(5)] = cbor::Value(std::move(exclude_list_array));
}
cbor::Value::MapValue extensions;
if (request.hmac_secret) {
extensions[cbor::Value(kExtensionHmacSecret)] = cbor::Value(true);
}
if (request.cred_protect) {
extensions.emplace(kExtensionCredProtect,
static_cast<uint8_t>(request.cred_protect->first));
}
if (!extensions.empty()) {
cbor_map[cbor::Value(6)] = cbor::Value(std::move(extensions));
}
if (request.pin_auth) {
cbor_map[cbor::Value(8)] = cbor::Value(*request.pin_auth);
}
if (request.pin_protocol) {
cbor_map[cbor::Value(9)] = cbor::Value(*request.pin_protocol);
}
cbor::Value::MapValue option_map;
// Resident keys are not required by default.
if (request.resident_key_required) {
option_map[cbor::Value(kResidentKeyMapKey)] =
cbor::Value(request.resident_key_required);
}
// User verification is not required by default.
if (request.user_verification == UserVerificationRequirement::kRequired) {
option_map[cbor::Value(kUserVerificationMapKey)] = cbor::Value(true);
}
if (!option_map.empty()) {
cbor_map[cbor::Value(7)] = cbor::Value(std::move(option_map));
}
return std::make_pair(CtapRequestCommand::kAuthenticatorMakeCredential,
cbor::Value(std::move(cbor_map)));
}
} // namespace device