From: Dongsun Lee <ds73.lee@samsung.com>
Date: Thu, 21 Mar 2024 09:44:57 +0000 (+0900)
Subject: Remove challenge from API
X-Git-Tag: accepted/tizen/unified/20240423.164622~17
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F31%2F308331%2F1;p=platform%2Fcore%2Fsecurity%2Fwebauthn.git

Remove challenge from API

Change-Id: If2d938965c210d19c0c0029ca5ed7f36fd0254e3
---

diff --git a/include/webauthn-types.h b/include/webauthn-types.h
index b242368..a590357 100644
--- a/include/webauthn-types.h
+++ b/include/webauthn-types.h
@@ -373,11 +373,6 @@ typedef struct __wauthn_pubkey_cred_creation_options {
     wauthn_user_entity_s *user; /**< This member contains names and
                                 an identifier for the user account
                                 performing the registration */
-    wauthn_const_buffer_s *challenge; /**< This member specifies a challenge
-                                      that the authenticator signs,
-                                      along with other data, when producing
-                                      an attestation object for the newly
-                                      created credential */
     wauthn_pubkey_cred_params_s *pubkey_cred_params; /**< This member lists the key types and
                                                      signature algorithms the Relying Party
                                                      supports, ordered from most preferred
@@ -424,9 +419,6 @@ typedef struct __wauthn_pubkey_cred_creation_options {
  * @see #wauthn_hybrid_linked_data_s
  */
 typedef struct __wauthn_pubkey_cred_request_options {
-    wauthn_const_buffer_s *challenge; /**< This member specifies a challenge that the authenticator
-                                      signs, along with other data, when producing
-                                      an authentication assertion */
     unsigned long timeout; /**< This member specifies a time, in milliseconds,
         that the Relying Party is willing to wait for the call to complete.
         The value, '0', means no timeout is set. (optional)*/
diff --git a/srcs/common/serialization.cpp b/srcs/common/serialization.cpp
index 8f0c859..6420d0f 100644
--- a/srcs/common/serialization.cpp
+++ b/srcs/common/serialization.cpp
@@ -686,7 +686,6 @@ void WAuthnCtypeSerializer::serialize(IStream& stream, const wauthn_pubkey_cred_
     // Seriallize the contents of struct's pointers
     serialize(stream, data->rp);
     serialize(stream, data->user);
-    serialize(stream, data->challenge);
     serialize(stream, data->pubkey_cred_params);
     serialize(stream, data->exclude_credentials);
     serialize(stream, data->authenticator_selection);
@@ -704,7 +703,6 @@ void WAuthnCtypeSerializer::deserialize(IStream& stream, wauthn_pubkey_cred_crea
     // Deseriallize the contents of struct's pointers
     deserialize(stream, &((*data)->rp));
     deserialize(stream, &((*data)->user));
-    deserialize(stream, &((*data)->challenge));
     deserialize(stream, &((*data)->pubkey_cred_params));
     deserialize(stream, &((*data)->exclude_credentials));
     deserialize(stream, &((*data)->authenticator_selection));
@@ -728,7 +726,6 @@ void WAuthnCtypeSerializer::serialize(IStream& stream, const wauthn_pubkey_cred_
     if (data == nullptr)
         return;
     // Seriallize the contents of struct's pointers
-    serialize(stream, data->challenge);
     serialize(stream, data->rpId);
     serialize(stream, data->allow_credentials);
     serialize(stream, data->hints);
@@ -743,7 +740,6 @@ void WAuthnCtypeSerializer::deserialize(IStream& stream, wauthn_pubkey_cred_requ
         return;
     __checkValidity(*data);
     // Deseriallize the contents of struct's pointers
-    deserialize(stream, &((*data)->challenge));
     deserialize(stream, &((*data)->rpId));
     deserialize(stream, &((*data)->allow_credentials));
     deserialize(stream, &((*data)->hints));
diff --git a/tests/serialization-test.cpp b/tests/serialization-test.cpp
index 991da79..e7bacb9 100644
--- a/tests/serialization-test.cpp
+++ b/tests/serialization-test.cpp
@@ -156,21 +156,19 @@ namespace SerializationTestData {
                                                             attestationFormat2};
     wauthn_attestation_formats_s emptyAttestationFormats = {0, nullptr};
 
-    unsigned char challengeRaw[06] = {0x01, 0x02, 0x03, 0x04, };
     unsigned long timeout = 1000;
-    wauthn_const_buffer_s challenge = {challengeRaw, sizeof(challengeRaw)};
     wauthn_attestation_pref_e attestation = AP_DIRECT;
-    wauthn_pubkey_cred_creation_options_s pubkeyCredCreationOptions = {&rpEntity, &userEntity, &challenge,
+    wauthn_pubkey_cred_creation_options_s pubkeyCredCreationOptions = {&rpEntity, &userEntity,
             &pubkeyCredParams2, timeout, &pubkeyCredDescriptors2, &authenticatorSelCri, &pubkeyCredHints2,
             attestation, &attestationFormats1, &authenticationExts2, &hybirdLinkedData};
-    wauthn_pubkey_cred_creation_options_s emptyPubkeyCredCreationOptions = {nullptr, nullptr, nullptr,
+    wauthn_pubkey_cred_creation_options_s emptyPubkeyCredCreationOptions = {nullptr, nullptr,
             nullptr, 0, nullptr, nullptr, nullptr, AP_NONE, nullptr, nullptr, nullptr};
 
     const char *rpId = "test RP ID";
-    wauthn_pubkey_cred_request_options_s pubkeyCredRequestOptions = {&challenge, timeout, const_cast<char *>(rpId),
+    wauthn_pubkey_cred_request_options_s pubkeyCredRequestOptions = {timeout, const_cast<char *>(rpId),
             &pubkeyCredDescriptors2, user_verification, &pubkeyCredHints2, attestation, &attestationFormats1,
             &authenticationExts2, &hybirdLinkedData};
-    wauthn_pubkey_cred_request_options_s emptyPubkeyCredRequestOptions = {nullptr, 0, nullptr,
+    wauthn_pubkey_cred_request_options_s emptyPubkeyCredRequestOptions = {0, nullptr,
             nullptr, UVR_NONE, nullptr, AP_NONE, nullptr, nullptr, nullptr};
 
     wauthn_pubkey_credential_attestaion_s pubkeyCredentialAttestation = {&bufferId, pubkeyCredType, &bufferId0,
@@ -1011,8 +1009,6 @@ bool __compareWAuthnPubkeyCredCreationOptionsS(const wauthn_pubkey_cred_creation
         return false;
     if(__compareWAuthnUserEntityS(expected->user, actual->user) == false)
         return false;
-    if(__compareWAuthnBuffers(expected->challenge, actual->challenge) == false)
-        return false;
     if(__compareWAuthnPubkeyCredParamsS(expected->pubkey_cred_params, actual->pubkey_cred_params) == false)
         return false;
     if (expected->timeout != actual->timeout)
@@ -1066,8 +1062,6 @@ bool __compareWAuthnPubkeyCredRequestOptionsS(const wauthn_pubkey_cred_request_o
 {
     if (actual == nullptr || expected == nullptr)
         return (actual == expected);
-    if(__compareWAuthnBuffers(expected->challenge, actual->challenge) == false)
-        return false;
     if (expected->timeout != actual->timeout)
         return false;
     if(__compareCstring(expected->rpId, actual->rpId) == false)
diff --git a/tests/webauthn-client-test.cpp b/tests/webauthn-client-test.cpp
index cabe6ae..62745ba 100644
--- a/tests/webauthn-client-test.cpp
+++ b/tests/webauthn-client-test.cpp
@@ -159,27 +159,25 @@ namespace CommonTestData {
                                                             attestationFormat2};
     wauthn_attestation_formats_s emptyAttestationFormats = {0, nullptr};
 
-    unsigned char challengeRaw[06] = {0x01, 0x02, 0x03, 0x04, };
     unsigned long timeout = 1000;
-    wauthn_const_buffer_s challenge = {challengeRaw, sizeof(challengeRaw)};
     wauthn_attestation_pref_e attestation = AP_DIRECT;
-    wauthn_pubkey_cred_creation_options_s pubkeyCredCreationOptions = {&rpEntity, &userEntity, &challenge,
+    wauthn_pubkey_cred_creation_options_s pubkeyCredCreationOptions = {&rpEntity, &userEntity,
             &pubkeyCredParams2, timeout, &pubkeyCredDescriptors2, &authenticatorSelCri, &pubkeyCredHints2,
             attestation, &attestationFormats1, &authenticationExts2, &hybirdLinkedData};
-    wauthn_pubkey_cred_creation_options_s pubkeyCredCreationOptionsWithQR = {&rpEntity, &userEntity, &challenge,
+    wauthn_pubkey_cred_creation_options_s pubkeyCredCreationOptionsWithQR = {&rpEntity, &userEntity,
             &pubkeyCredParams2, timeout, &pubkeyCredDescriptors2, &authenticatorSelCri, &pubkeyCredHints2,
             attestation, &attestationFormats1, &authenticationExts2, nullptr};
-    wauthn_pubkey_cred_creation_options_s emptyPubkeyCredCreationOptions = {nullptr, nullptr, nullptr,
+    wauthn_pubkey_cred_creation_options_s emptyPubkeyCredCreationOptions = {nullptr, nullptr,
             nullptr, 0, nullptr, nullptr, nullptr, AP_NONE, nullptr, nullptr, nullptr};
 
     const char *rpId = "test RP ID";
-    wauthn_pubkey_cred_request_options_s pubkeyCredRequestOptions = {&challenge, timeout, const_cast<char *>(rpId),
+    wauthn_pubkey_cred_request_options_s pubkeyCredRequestOptions = {timeout, const_cast<char *>(rpId),
             &pubkeyCredDescriptors2, user_verification, &pubkeyCredHints2, attestation, &attestationFormats1,
             &authenticationExts2, &hybirdLinkedData};
-    wauthn_pubkey_cred_request_options_s pubkeyCredRequestOptionsWithQR = {&challenge, timeout, const_cast<char *>(rpId),
+    wauthn_pubkey_cred_request_options_s pubkeyCredRequestOptionsWithQR = {timeout, const_cast<char *>(rpId),
             &pubkeyCredDescriptors2, user_verification, &pubkeyCredHints2, attestation, &attestationFormats1,
             &authenticationExts2, nullptr};
-    wauthn_pubkey_cred_request_options_s emptyPubkeyCredRequestOptions = {nullptr, 0, nullptr,
+    wauthn_pubkey_cred_request_options_s emptyPubkeyCredRequestOptions = {0, nullptr,
             nullptr, UVR_NONE, nullptr, AP_NONE, nullptr, nullptr, nullptr};
 
     wauthn_pubkey_credential_attestaion_s pubkeyCredentialAttestation = {&bufferId, pubkeyCredType, &bufferId0,