device/fido/ctap_get_assertion_request.h - chromium/src - Git at Google

 // Copyright 2017 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef DEVICE_FIDO_CTAP_GET_ASSERTION_REQUEST_H_
 #define DEVICE_FIDO_CTAP_GET_ASSERTION_REQUEST_H_

 #include <stdint.h>

 #include <array>
 #include <string>
 #include <vector>

 #include "base/component_export.h"
 #include "base/containers/span.h"
 #include "base/macros.h"
 #include "base/optional.h"
 #include "crypto/sha2.h"
 #include "device/fido/cable/cable_discovery_data.h"
 #include "device/fido/fido_constants.h"
 #include "device/fido/public_key_credential_descriptor.h"

 namespace cbor {
 class Value;
 }

 namespace device {

 // Object that encapsulates request parameters for AuthenticatorGetAssertion as
 // specified in the CTAP spec.
 // https://fidoalliance.org/specs/fido-v2.0-rd-20161004/fido-client-to-authenticator-protocol-v2.0-rd-20161004.html#authenticatorgetassertion
 class COMPONENT_EXPORT(DEVICE_FIDO) CtapGetAssertionRequest {
  public:
   using ClientDataHash = std::array<uint8_t, kClientDataHashLength>;

   CtapGetAssertionRequest(std::string rp_id, std::string client_data_json);
   CtapGetAssertionRequest(const CtapGetAssertionRequest& that);
   CtapGetAssertionRequest(CtapGetAssertionRequest&& that);
   CtapGetAssertionRequest& operator=(const CtapGetAssertionRequest& other);
   CtapGetAssertionRequest& operator=(CtapGetAssertionRequest&& other);
   ~CtapGetAssertionRequest();

   // Serializes GetAssertion request parameter into CBOR encoded map with
   // integer keys and CBOR encoded values as defined by the CTAP spec.
   // https://drafts.fidoalliance.org/fido-2/latest/fido-client-to-authenticator-protocol-v2.0-wd-20180305.html#authenticatorGetAssertion
   std::pair<CtapRequestCommand, base::Optional<cbor::Value>> EncodeAsCBOR()
       const;

   CtapGetAssertionRequest& SetUserVerification(
       UserVerificationRequirement user_verfication);
   CtapGetAssertionRequest& SetUserPresenceRequired(bool user_presence_required);
   CtapGetAssertionRequest& SetAllowList(
       std::vector<PublicKeyCredentialDescriptor> allow_list);
   CtapGetAssertionRequest& SetPinAuth(std::vector<uint8_t> pin_auth);
   CtapGetAssertionRequest& SetPinProtocol(uint8_t pin_protocol);
   CtapGetAssertionRequest& SetCableExtension(
       std::vector<CableDiscoveryData> cable_extension);
   CtapGetAssertionRequest& SetAppId(std::string app_id);

   // Return true if the given RP ID hash from a response is valid for this
   // request.
   bool CheckResponseRpIdHash(
       const std::array<uint8_t, kRpIdHashLength>& response_rp_id_hash) const;

   const std::string& rp_id() const { return rp_id_; }
   const std::string& client_data_json() const { return client_data_json_; }
   const std::array<uint8_t, kClientDataHashLength>& client_data_hash() const {
     return client_data_hash_;
   }

   UserVerificationRequirement user_verification() const {
     return user_verification_;
   }

   bool user_presence_required() const { return user_presence_required_; }
   const base::Optional<std::vector<PublicKeyCredentialDescriptor>>& allow_list()
       const {
     return allow_list_;
   }

   const base::Optional<std::vector<uint8_t>>& pin_auth() const {
     return pin_auth_;
   }

   const base::Optional<uint8_t>& pin_protocol() const { return pin_protocol_; }
   const base::Optional<std::vector<CableDiscoveryData>>& cable_extension()
       const {
     return cable_extension_;
   }
   const base::Optional<std::array<uint8_t, kRpIdHashLength>>&
   alternative_application_parameter() const {
     return alternative_application_parameter_;
   }
   const base::Optional<std::string>& app_id() const { return app_id_; }

   bool is_incognito_mode() const { return is_incognito_mode_; }
   void set_is_incognito_mode(bool is_incognito_mode) {
     is_incognito_mode_ = is_incognito_mode;
   }

  private:
   std::string rp_id_;
   std::string client_data_json_;
   std::array<uint8_t, kClientDataHashLength> client_data_hash_;
   UserVerificationRequirement user_verification_ =
       UserVerificationRequirement::kDiscouraged;
   bool user_presence_required_ = true;

   base::Optional<std::vector<PublicKeyCredentialDescriptor>> allow_list_;
   base::Optional<std::vector<uint8_t>> pin_auth_;
   base::Optional<uint8_t> pin_protocol_;
   base::Optional<std::vector<CableDiscoveryData>> cable_extension_;
   base::Optional<std::string> app_id_;
   base::Optional<std::array<uint8_t, crypto::kSHA256Length>>
       alternative_application_parameter_;

   bool is_incognito_mode_ = false;
 };

 class CtapGetNextAssertionRequest {
  public:
   std::pair<CtapRequestCommand, base::Optional<cbor::Value>> EncodeAsCBOR()
       const;
 };

 }  // namespace device

 #endif  // DEVICE_FIDO_CTAP_GET_ASSERTION_REQUEST_H_
	// Copyright 2017 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef DEVICE_FIDO_CTAP_GET_ASSERTION_REQUEST_H_
	#define DEVICE_FIDO_CTAP_GET_ASSERTION_REQUEST_H_

	#include <stdint.h>

	#include <array>
	#include <string>
	#include <vector>

	#include "base/component_export.h"
	#include "base/containers/span.h"
	#include "base/macros.h"
	#include "base/optional.h"
	#include "crypto/sha2.h"
	#include "device/fido/cable/cable_discovery_data.h"
	#include "device/fido/fido_constants.h"
	#include "device/fido/public_key_credential_descriptor.h"

	namespace cbor {
	class Value;
	}

	namespace device {

	// Object that encapsulates request parameters for AuthenticatorGetAssertion as
	// specified in the CTAP spec.
	// https://fidoalliance.org/specs/fido-v2.0-rd-20161004/fido-client-to-authenticator-protocol-v2.0-rd-20161004.html#authenticatorgetassertion
	class COMPONENT_EXPORT(DEVICE_FIDO) CtapGetAssertionRequest {
	public:
	using ClientDataHash = std::array<uint8_t, kClientDataHashLength>;

	CtapGetAssertionRequest(std::string rp_id, std::string client_data_json);
	CtapGetAssertionRequest(const CtapGetAssertionRequest& that);
	CtapGetAssertionRequest(CtapGetAssertionRequest&& that);
	CtapGetAssertionRequest& operator=(const CtapGetAssertionRequest& other);
	CtapGetAssertionRequest& operator=(CtapGetAssertionRequest&& other);
	~CtapGetAssertionRequest();

	// Serializes GetAssertion request parameter into CBOR encoded map with
	// integer keys and CBOR encoded values as defined by the CTAP spec.
	// https://drafts.fidoalliance.org/fido-2/latest/fido-client-to-authenticator-protocol-v2.0-wd-20180305.html#authenticatorGetAssertion
	std::pair<CtapRequestCommand, base::Optional<cbor::Value>> EncodeAsCBOR()
	const;

	CtapGetAssertionRequest& SetUserVerification(
	UserVerificationRequirement user_verfication);
	CtapGetAssertionRequest& SetUserPresenceRequired(bool user_presence_required);
	CtapGetAssertionRequest& SetAllowList(
	std::vector<PublicKeyCredentialDescriptor> allow_list);
	CtapGetAssertionRequest& SetPinAuth(std::vector<uint8_t> pin_auth);
	CtapGetAssertionRequest& SetPinProtocol(uint8_t pin_protocol);
	CtapGetAssertionRequest& SetCableExtension(
	std::vector<CableDiscoveryData> cable_extension);
	CtapGetAssertionRequest& SetAppId(std::string app_id);

	// Return true if the given RP ID hash from a response is valid for this
	// request.
	bool CheckResponseRpIdHash(
	const std::array<uint8_t, kRpIdHashLength>& response_rp_id_hash) const;

	const std::string& rp_id() const { return rp_id_; }
	const std::string& client_data_json() const { return client_data_json_; }
	const std::array<uint8_t, kClientDataHashLength>& client_data_hash() const {
	return client_data_hash_;
	}

	UserVerificationRequirement user_verification() const {
	return user_verification_;
	}

	bool user_presence_required() const { return user_presence_required_; }
	const base::Optional<std::vector<PublicKeyCredentialDescriptor>>& allow_list()
	const {
	return allow_list_;
	}

	const base::Optional<std::vector<uint8_t>>& pin_auth() const {
	return pin_auth_;
	}

	const base::Optional<uint8_t>& pin_protocol() const { return pin_protocol_; }
	const base::Optional<std::vector<CableDiscoveryData>>& cable_extension()
	const {
	return cable_extension_;
	}
	const base::Optional<std::array<uint8_t, kRpIdHashLength>>&
	alternative_application_parameter() const {
	return alternative_application_parameter_;
	}
	const base::Optional<std::string>& app_id() const { return app_id_; }

	bool is_incognito_mode() const { return is_incognito_mode_; }
	void set_is_incognito_mode(bool is_incognito_mode) {
	is_incognito_mode_ = is_incognito_mode;
	}

	private:
	std::string rp_id_;
	std::string client_data_json_;
	std::array<uint8_t, kClientDataHashLength> client_data_hash_;
	UserVerificationRequirement user_verification_ =
	UserVerificationRequirement::kDiscouraged;
	bool user_presence_required_ = true;

	base::Optional<std::vector<PublicKeyCredentialDescriptor>> allow_list_;
	base::Optional<std::vector<uint8_t>> pin_auth_;
	base::Optional<uint8_t> pin_protocol_;
	base::Optional<std::vector<CableDiscoveryData>> cable_extension_;
	base::Optional<std::string> app_id_;
	base::Optional<std::array<uint8_t, crypto::kSHA256Length>>
	alternative_application_parameter_;

	bool is_incognito_mode_ = false;
	};

	class CtapGetNextAssertionRequest {
	public:
	std::pair<CtapRequestCommand, base::Optional<cbor::Value>> EncodeAsCBOR()
	const;
	};

	} // namespace device

	#endif // DEVICE_FIDO_CTAP_GET_ASSERTION_REQUEST_H_