using SocketError = Exception<WAUTHN_ERROR_SOCKET>;
using NoSuchService = Exception<WAUTHN_ERROR_NO_SUCH_SERVICE>;
using AccessDenied = Exception<WAUTHN_ERROR_ACCESS_DENIED>;
-using MemoryError = Exception<WAUTHN_ERROR_MEMORY>;
-using Cancelled = Exception<WAUTHN_ERROR_CANCELLED>;
-using Timeout = Exception<WAUTHN_ERROR_TIMEOUT>;
+using MemoryError = Exception<WAUTHN_ERROR_OUT_OF_MEMORY>;
+using Cancelled = Exception<WAUTHN_ERROR_CANCELED>;
+using Timeout = Exception<WAUTHN_ERROR_TIMED_OUT>;
} // namespace Exception
if (!desc.id)
THROW_INVALID_PARAM("Missing credential id");
publicKeyCredDescriptorMap.AppendByteStringAt("id", *desc.id);
- if (desc.type != PCT_PUBLIC_KEY)
+ if (desc.type != WAUTHN_PUBKEY_CRED_TYPE_PUBLIC_KEY)
THROW_INVALID_PARAM("Unexpected credential type");
publicKeyCredDescriptorMap.AppendTextStringZAt("type", CREDENTIAL_TYPE_PUBLIC_KEY);
keys++;
if (m_options.authenticator_selection)
keys++;
- if (m_options.attestation != AP_NONE)
+ if (m_options.attestation != WAUTHN_ATTESTATION_PREF_NONE)
keys++;
if (m_options.attestation_formats)
keys++;
auto paramMap = pubKeyCredParamsArray.OpenMap(2);
paramMap.AppendInt64At("alg", m_options.pubkey_cred_params->params[i].alg);
- if (m_options.pubkey_cred_params->params[i].type != PCT_PUBLIC_KEY)
+ if (m_options.pubkey_cred_params->params[i].type !=
+ WAUTHN_PUBKEY_CRED_TYPE_PUBLIC_KEY)
THROW_INVALID_PARAM("Invalid credential type");
paramMap.AppendTextStringZAt("type", CREDENTIAL_TYPE_PUBLIC_KEY);
}
auto optionsMap = map.OpenMapAt(KEY_MC_CMD_OPTIONS, 2);
const auto &selection = *m_options.authenticator_selection;
- auto effectiveRk = (selection.resident_key == RKR_REQUIRED) ||
- (selection.resident_key == RKR_PREFERRED && m_supportedOptions.rk) ||
- (selection.resident_key == RKR_NONE && selection.require_resident_key);
+ auto effectiveRk =
+ (selection.resident_key == WAUTHN_RESIDENT_KEY_REQUIREMENT_REQUIRED) ||
+ (selection.resident_key == WAUTHN_RESIDENT_KEY_REQUIREMENT_PREFERRED &&
+ m_supportedOptions.rk) ||
+ (selection.resident_key == WAUTHN_RESIDENT_KEY_REQUIREMENT_NONE &&
+ selection.require_resident_key);
optionsMap.AppendBooleanAt("rk", effectiveRk);
// TODO user presence "up" not mapped?
- auto effectiveUv = (selection.user_verification == UVR_REQUIRED) ||
- (selection.user_verification == UVR_PREFERRED && m_supportedOptions.uv);
+ auto effectiveUv =
+ (selection.user_verification == WAUTHN_USER_VERIFICATION_REQUIREMENT_REQUIRED) ||
+ (selection.user_verification == WAUTHN_USER_VERIFICATION_REQUIREMENT_PREFERRED &&
+ m_supportedOptions.uv);
optionsMap.AppendBooleanAt("uv", effectiveUv);
}
// TODO 0x08
// TODO 0x09
- if (m_options.attestation != AP_NONE) {
+ if (m_options.attestation != WAUTHN_ATTESTATION_PREF_NONE) {
// TODO not sure what to put here
// 1 - vendor facilitated enterprise attestation
// 2 - platform managed enterprise attestation
if (m_options.allow_credentials)
keys++;
- const bool uv = (m_options.user_verification == UVR_REQUIRED) ||
- (m_options.user_verification == UVR_PREFERRED && m_supportedOptions.uv);
+ const bool uv =
+ (m_options.user_verification == WAUTHN_USER_VERIFICATION_REQUIREMENT_REQUIRED) ||
+ (m_options.user_verification == WAUTHN_USER_VERIFICATION_REQUIREMENT_PREFERRED &&
+ m_supportedOptions.uv);
if (uv)
keys++;
std::string ToStr(wauthn_pubkey_cred_type_e pct)
{
switch (pct) {
- case PCT_PUBLIC_KEY: return "public-key";
+ case WAUTHN_PUBKEY_CRED_TYPE_PUBLIC_KEY: return "public-key";
}
return std::to_string(pct);
}
std::string ToStr(wauthn_authenticator_attachment_e authenticatorAttachment)
{
switch (authenticatorAttachment) {
- case AA_NONE: return "none";
- case AA_PLATFORM: return "platform";
- case AA_CROSS_PLATFORM: return "cross-platform";
+ case WAUTHN_AUTHENTICATOR_ATTACHMENT_NONE: return "none";
+ case WAUTHN_AUTHENTICATOR_ATTACHMENT_PLATFORM: return "platform";
+ case WAUTHN_AUTHENTICATOR_ATTACHMENT_CROSS_PLATFORM: return "cross-platform";
}
return std::to_string(authenticatorAttachment);
}
std::string ToStr(wauthn_resident_key_requirement_e residentKeyRequirement)
{
switch (residentKeyRequirement) {
- case RKR_NONE: return "none";
- case RKR_DISCOURAGED: return "discouraged";
- case RKR_PREFERRED: return "preferred";
- case RKR_REQUIRED: return "required";
+ case WAUTHN_RESIDENT_KEY_REQUIREMENT_NONE: return "none";
+ case WAUTHN_RESIDENT_KEY_REQUIREMENT_DISCOURAGED: return "discouraged";
+ case WAUTHN_RESIDENT_KEY_REQUIREMENT_PREFERRED: return "preferred";
+ case WAUTHN_RESIDENT_KEY_REQUIREMENT_REQUIRED: return "required";
}
return std::to_string(residentKeyRequirement);
}
std::string ToStr(wauthn_user_verification_requirement_e userVerificationRequirement)
{
switch (userVerificationRequirement) {
- case UVR_NONE: return "none";
- case UVR_REQUIRED: return "required";
- case UVR_PREFERRED: return "preferred";
- case UVR_DISCOURAGED: return "discouraged";
+ case WAUTHN_USER_VERIFICATION_REQUIREMENT_NONE: return "none";
+ case WAUTHN_USER_VERIFICATION_REQUIREMENT_REQUIRED: return "required";
+ case WAUTHN_USER_VERIFICATION_REQUIREMENT_PREFERRED: return "preferred";
+ case WAUTHN_USER_VERIFICATION_REQUIREMENT_DISCOURAGED: return "discouraged";
}
return std::to_string(userVerificationRequirement);
}
std::string ToStr(wauthn_pubkey_cred_hint_e credHint)
{
switch (credHint) {
- case PCH_NONE: return "none";
- case PCH_SECURITY_KEY: return "security-key";
- case PCH_CLIENT_DEVICE: return "client-device";
- case PCH_HYBRID: return "hybrid";
+ case WAUTHN_PUBKEY_CRED_HINT_NONE: return "none";
+ case WAUTHN_PUBKEY_CRED_HINT_SECURITY_KEY: return "security-key";
+ case WAUTHN_PUBKEY_CRED_HINT_CLIENT_DEVICE: return "client-device";
+ case WAUTHN_PUBKEY_CRED_HINT_HYBRID: return "hybrid";
}
return std::to_string(credHint);
}
std::string ToStr(wauthn_attestation_pref_e attestationPref)
{
switch (attestationPref) {
- case AP_NONE: return "none";
- case AP_INDIRECT: return "indirect";
- case AP_DIRECT: return "direct";
- case AP_ENTERPRISE: return "enterprise";
+ case WAUTHN_ATTESTATION_PREF_NONE: return "none";
+ case WAUTHN_ATTESTATION_PREF_INDIRECT: return "indirect";
+ case WAUTHN_ATTESTATION_PREF_DIRECT: return "direct";
+ case WAUTHN_ATTESTATION_PREF_ENTERPRISE: return "enterprise";
}
return std::to_string(attestationPref);
}
} catch (const Exception::Cancelled &) {
if (timedOutFuture.wait_for(std::chrono::nanoseconds{0}) !=
std::future_status::timeout) {
- result = WAUTHN_ERROR_TIMEOUT; // It is already logged
+ result = WAUTHN_ERROR_TIMED_OUT; // It is already logged
} else {
- result = WAUTHN_ERROR_CANCELLED; // It is already logged
+ result = WAUTHN_ERROR_CANCELED; // It is already logged
}
} catch (const Exception::ExceptionBase &e) {
result = e.Code();
} catch (const std::bad_alloc &) {
- result = WAUTHN_ERROR_MEMORY;
+ result = WAUTHN_ERROR_OUT_OF_MEMORY;
} catch (const std::exception &e) {
TRY_LOG_ERROR("Caught unexpected exception: " << e.what());
result = WAUTHN_ERROR_UNKNOWN;
} catch (const Exception::ExceptionBase &e) {
result = e.Code();
} catch (const std::bad_alloc &) {
- result = WAUTHN_ERROR_MEMORY;
+ result = WAUTHN_ERROR_OUT_OF_MEMORY;
} catch (const std::exception &e) {
TRY_LOG_ERROR("Caught unexpected exception: " << e.what());
result = WAUTHN_ERROR_UNKNOWN;
BufferView{forCallbacks.credentialRawId.data, forCallbacks.credentialRawId.size});
Assign(forCallbacks.ca.id, forCallbacks.credentialId, forCallbacks.credentialIdInBase64);
- forCallbacks.ca.type = PCT_PUBLIC_KEY;
+ forCallbacks.ca.type = WAUTHN_PUBKEY_CRED_TYPE_PUBLIC_KEY;
forCallbacks.ca.response = &forCallbacks.response;
- forCallbacks.ca.authenticator_attachment = AA_CROSS_PLATFORM;
+ forCallbacks.ca.authenticator_attachment = WAUTHN_AUTHENTICATOR_ATTACHMENT_CROSS_PLATFORM;
forCallbacks.ca.extensions = nullptr;
forCallbacks.ca.linked_device = AssignAndGetLinkedData(forCallbacks);
user.display_name = "user display name";
wauthn_pubkey_cred_param_s params[] = {
- {PCT_PUBLIC_KEY, WAUTHN_COSE_ALGORITHM_ECDSA_P256_WITH_SHA256 },
- {PCT_PUBLIC_KEY, WAUTHN_COSE_ALGORITHM_RSASSA_PKCS1_V1_5_WITH_SHA256},
+ {WAUTHN_PUBKEY_CRED_TYPE_PUBLIC_KEY, WAUTHN_COSE_ALGORITHM_ECDSA_P256_WITH_SHA256 },
+ {WAUTHN_PUBKEY_CRED_TYPE_PUBLIC_KEY, WAUTHN_COSE_ALGORITHM_RSASSA_PKCS1_V1_5_WITH_SHA256},
};
wauthn_pubkey_cred_params_s pubkeyCredParams;
pubkeyCredParams.params = params;
auto credentialId = ToWauthnConstBuff(credentialIdBytes);
wauthn_pubkey_cred_descriptor_s pubkeyCredDescriptor;
- pubkeyCredDescriptor.type = PCT_PUBLIC_KEY;
+ pubkeyCredDescriptor.type = WAUTHN_PUBKEY_CRED_TYPE_PUBLIC_KEY;
pubkeyCredDescriptor.id = &credentialId;
pubkeyCredDescriptor.transports = WAUTHN_TRANSPORT_INTERNAL | WAUTHN_TRANSPORT_HYBRID;
wauthn_pubkey_cred_request_options_s options;
std::memset(&options, 0, sizeof(options));
options.rpId = "acme.com";
- options.user_verification = UVR_REQUIRED;
+ options.user_verification = WAUTHN_USER_VERIFICATION_REQUIREMENT_REQUIRED;
options.allow_credentials = &pubkeyCredDescriptors;
return std::forward<Func>(func)(clientData, options);
user.display_name = USER_DISPLAY_NAME;
wauthn_pubkey_cred_param_s params[] = {
- {PCT_PUBLIC_KEY, WAUTHN_COSE_ALGORITHM_ECDSA_P256_WITH_SHA256 },
- {PCT_PUBLIC_KEY, WAUTHN_COSE_ALGORITHM_RSASSA_PKCS1_V1_5_WITH_SHA256},
+ {WAUTHN_PUBKEY_CRED_TYPE_PUBLIC_KEY, WAUTHN_COSE_ALGORITHM_ECDSA_P256_WITH_SHA256 },
+ {WAUTHN_PUBKEY_CRED_TYPE_PUBLIC_KEY, WAUTHN_COSE_ALGORITHM_RSASSA_PKCS1_V1_5_WITH_SHA256},
};
wauthn_pubkey_cred_params_s pubkeyCredParams;
pubkeyCredParams.params = params;
for (size_t i = 0; i < testContents.excludedCredentialsIds.size(); ++i) {
excluded_credentials_wcbs[i] = ToWauthnConstBuff(testContents.excludedCredentialsIds[i]);
excluded_credentials[i] = {
- PCT_PUBLIC_KEY,
+ WAUTHN_PUBKEY_CRED_TYPE_PUBLIC_KEY,
&excluded_credentials_wcbs[i],
testContents.transports,
};
exclude_credentials.size = excluded_credentials.size();
wauthn_authenticator_sel_cri_s authenticator_selection;
- authenticator_selection.attachment = AA_CROSS_PLATFORM;
+ authenticator_selection.attachment = WAUTHN_AUTHENTICATOR_ATTACHMENT_CROSS_PLATFORM;
authenticator_selection.require_resident_key = true;
- authenticator_selection.resident_key = RKR_REQUIRED;
- authenticator_selection.user_verification = UVR_REQUIRED;
+ authenticator_selection.resident_key = WAUTHN_RESIDENT_KEY_REQUIREMENT_REQUIRED;
+ authenticator_selection.user_verification = WAUTHN_USER_VERIFICATION_REQUIREMENT_REQUIRED;
wauthn_pubkey_cred_creation_options_s mcOptions;
std::memset(&mcOptions, 0, sizeof(mcOptions));
mcOptions.authenticator_selection =
testContents.allowNonDiscoverable ? nullptr : &authenticator_selection;
mcOptions.hints = nullptr;
- mcOptions.attestation = AP_NONE;
+ mcOptions.attestation = WAUTHN_ATTESTATION_PREF_NONE;
mcOptions.attestation_formats = nullptr;
mcOptions.extensions = nullptr;
mcOptions.linked_device = nullptr;
wauthn_const_buffer_s credentialId = ToWauthnConstBuff(credentialRawIdCopy);
wauthn_pubkey_cred_descriptor_s pubkeyCredDescriptor;
- pubkeyCredDescriptor.type = PCT_PUBLIC_KEY;
+ pubkeyCredDescriptor.type = WAUTHN_PUBKEY_CRED_TYPE_PUBLIC_KEY;
pubkeyCredDescriptor.id = &credentialId;
pubkeyCredDescriptor.transports = testContents.transports;
gaOptions.rpId = RP_ID;
gaOptions.allow_credentials =
testContents.allowNonDiscoverable ? &pubkeyCredDescriptors : nullptr;
- gaOptions.user_verification = UVR_REQUIRED;
+ gaOptions.user_verification = WAUTHN_USER_VERIFICATION_REQUIREMENT_REQUIRED;
gaOptions.hints = nullptr;
- gaOptions.attestation = AP_NONE;
+ gaOptions.attestation = WAUTHN_ATTESTATION_PREF_NONE;
gaOptions.attestation_formats = nullptr;
gaOptions.extensions = nullptr;
gaOptions.linked_device = linkedData ? &linkedDevice : nullptr;
std::cout << "MakeCredential: response_callback() was called."
<< std::endl; // NOLINT(performance-avoid-endl)
auto *testContents = static_cast<TestContents *>(data);
- if (result == WAUTHN_ERROR_TIMEOUT) {
+ if (result == WAUTHN_ERROR_TIMED_OUT) {
std::cout << __FUNCTION__ << ": request timed out"
<< std::endl; // NOLINT(performance-avoid-endl)
testContents->succeeded = false;
<< std::endl; // NOLINT(performance-avoid-endl)
auto *testContents = static_cast<TestContents *>(data);
auto lock = std::lock_guard{testContents->mutex};
- if (result == WAUTHN_ERROR_TIMEOUT) {
+ if (result == WAUTHN_ERROR_TIMED_OUT) {
std::cout << __FUNCTION__ << ": request timed out"
<< std::endl; // NOLINT(performance-avoid-endl)
testContents->succeeded = false;
static auto credentialId = ToWauthnConstBuff(CREDENTIAL_ID_BUFFER);
wauthn_pubkey_cred_descriptor_s descriptor;
- descriptor.type = PCT_PUBLIC_KEY;
+ descriptor.type = WAUTHN_PUBKEY_CRED_TYPE_PUBLIC_KEY;
descriptor.id = &credentialId;
descriptor.transports = WAUTHN_TRANSPORT_NONE;
return descriptor;
wauthn_pubkey_cred_param_s params[ALGS.size()];
size_t idx = 0;
for (auto alg : ALGS) {
- params[idx].type = PCT_PUBLIC_KEY;
+ params[idx].type = WAUTHN_PUBKEY_CRED_TYPE_PUBLIC_KEY;
params[idx].alg = alg;
idx++;
}
options.exclude_credentials = nullptr;
options.authenticator_selection = nullptr; // TODO
options.hints = nullptr;
- options.attestation = AP_NONE;
+ options.attestation = WAUTHN_ATTESTATION_PREF_NONE;
options.attestation_formats = nullptr;
options.extensions = nullptr;
options.linked_device = nullptr;
wauthn_pubkey_cred_param_s params[ALGS.size()];
size_t idx = 0;
for (auto alg : ALGS) {
- params[idx].type = PCT_PUBLIC_KEY;
+ params[idx].type = WAUTHN_PUBKEY_CRED_TYPE_PUBLIC_KEY;
params[idx].alg = alg;
idx++;
}
options.exclude_credentials = nullptr;
wauthn_authenticator_sel_cri_s authenticator_selection;
- authenticator_selection.resident_key = RKR_REQUIRED;
+ authenticator_selection.resident_key = WAUTHN_RESIDENT_KEY_REQUIREMENT_REQUIRED;
authenticator_selection.require_resident_key = true;
- authenticator_selection.user_verification = UVR_REQUIRED;
+ authenticator_selection.user_verification = WAUTHN_USER_VERIFICATION_REQUIREMENT_REQUIRED;
options.authenticator_selection = &authenticator_selection;
options.hints = nullptr;
- options.attestation = AP_NONE;
+ options.attestation = WAUTHN_ATTESTATION_PREF_NONE;
options.attestation_formats = nullptr;
options.extensions = nullptr;
options.linked_device = nullptr;
wauthn_const_buffer_s desc_id0;
desc_id0.data = credential_id0;
desc_id0.size = sizeof(credential_id0) - 1; // -1 to remove zero-termination
- pubkey_cred_descriptor[0].type = PCT_PUBLIC_KEY;
+ pubkey_cred_descriptor[0].type = WAUTHN_PUBKEY_CRED_TYPE_PUBLIC_KEY;
pubkey_cred_descriptor[0].id = &desc_id0;
pubkey_cred_descriptor[0].transports = WAUTHN_TRANSPORT_NONE;
wauthn_const_buffer_s desc_id1;
desc_id1.data = credential_id1;
desc_id1.size = sizeof(credential_id1) - 1; // -1 to remove zero-termination
- pubkey_cred_descriptor[1].type = PCT_PUBLIC_KEY;
+ pubkey_cred_descriptor[1].type = WAUTHN_PUBKEY_CRED_TYPE_PUBLIC_KEY;
pubkey_cred_descriptor[1].id = &desc_id1;
pubkey_cred_descriptor[1].transports = WAUTHN_TRANSPORT_NONE;
options.timeout = 0; // not serialized
options.rpId = rp_id;
options.allow_credentials = &pubkey_cred_descriptors;
- options.user_verification = UVR_REQUIRED;
+ options.user_verification = WAUTHN_USER_VERIFICATION_REQUIREMENT_REQUIRED;
options.hints = nullptr;
- options.attestation = AP_NONE;
+ options.attestation = WAUTHN_ATTESTATION_PREF_NONE;
options.attestation_formats = nullptr;
options.extensions = nullptr;
options.linked_device = nullptr;
},
[](auto &test) {
EXPECT_EQ(test.called, "response_callback;");
- EXPECT_EQ(test.responseCallbackRes, WAUTHN_ERROR_MEMORY);
+ EXPECT_EQ(test.responseCallbackRes, WAUTHN_ERROR_OUT_OF_MEMORY);
});
}
EXPECT_EQ(result, WAUTHN_ERROR_NONE);
ASSERT_NE(pubkeyCred, nullptr);
- EXPECT_EQ(pubkeyCred->type, PCT_PUBLIC_KEY);
+ EXPECT_EQ(pubkeyCred->type, WAUTHN_PUBKEY_CRED_TYPE_PUBLIC_KEY);
ASSERT_NE(pubkeyCred->response, nullptr);
EXPECT_EQ(pubkeyCred->response->client_data_json, BUFFER_VIEW(EXAMPLE_CLIENT_JSON));
EXPECT_EQ(pubkeyCred->id, ToBufferView(idInBase64));
}
- EXPECT_EQ(pubkeyCred->authenticator_attachment, AA_CROSS_PLATFORM);
+ EXPECT_EQ(pubkeyCred->authenticator_attachment,
+ WAUTHN_AUTHENTICATOR_ATTACHMENT_CROSS_PLATFORM);
EXPECT_EQ(pubkeyCred->extensions, nullptr);
if (test.addLinkedData) {
if (test.responseCallbackRes == WAUTHN_ERROR_NONE) {
EXPECT_EQ(test.called, "response_callback;linked_data_callback;");
EXPECT_EQ(test.linkedDataCallbackRes, WAUTHN_ERROR_NONE);
- } else if (test.responseCallbackRes == WAUTHN_ERROR_CANCELLED) {
+ } else if (test.responseCallbackRes == WAUTHN_ERROR_CANCELED) {
EXPECT_EQ(test.called, "response_callback;");
throw Exception::Cancelled{};
} else {
auto duration = std::chrono::steady_clock::now() - tp;
EXPECT_EQ(test.called, "response_callback;");
- EXPECT_EQ(test.responseCallbackRes, WAUTHN_ERROR_TIMEOUT);
+ EXPECT_EQ(test.responseCallbackRes, WAUTHN_ERROR_TIMED_OUT);
EXPECT_GE(duration, std::chrono::milliseconds{timeoutInMilliseconds});
EXPECT_LT(duration, std::chrono::milliseconds{timeoutInMilliseconds + 300});
projects / platform / core / security / webauthn-ble.git / commitdiff