From 444d8de241f16a0695ab17d9ed6c8bd99f8626b8 Mon Sep 17 00:00:00 2001 From: =?utf8?q?=EC=9D=B4=EB=8F=99=EC=84=A0/Security=20Assurance=20Lab=28SR?= =?utf8?q?=29/=EC=82=BC=EC=84=B1=EC=A0=84=EC=9E=90?= Date: Wed, 11 Oct 2023 14:17:03 +0900 Subject: [PATCH] add webauthn APIs --- include/webauthn.h | 631 ++++++++++++++++++++++++++++++++++++++++++-- srcs/client/client.cpp | 4 +- srcs/common/wauth-error.cpp | 13 +- 3 files changed, 613 insertions(+), 35 deletions(-) diff --git a/include/webauthn.h b/include/webauthn.h index 495aed2..88308be 100644 --- a/include/webauthn.h +++ b/include/webauthn.h @@ -34,16 +34,126 @@ extern "C" { * @{ */ +#define WATUH_API_VERSION_NUMBER 0x00000001 + /** * @brief WebAuthn Errors. * @since_tizen 9.0 */ typedef enum { - WAU_ERROR_NONE = 0x00, /**< Successful */ - WAU_ERROR_UNKNOWN = -0x01, /**< Unknown error */ - WAU_ERROR_INVALID_PARAMETER = -0x02, /**< Invalid function parameter */ - WAU_ERROR_PERMISSION_DENIED = -0x03, /**< Permission denied */ -} wau_error_e; + WAUTHN_ERROR_NONE = 0x00, /**< Successful */ + WAUTHN_ERROR_UNKNOWN = -0x01, /**< Unknown error */ + WAUTHN_ERROR_INVALID_PARAMETER = -0x02, /**< Invalid function parameter */ + WAUTHN_ERROR_PERMISSION_DENIED = -0x03, /**< Permission denied */ + WAUTHN_ERROR_NOT_SUPPORTED = -0x04, /**< Not supported operation */ + WAUTHN_ERROR_NOT_ALLOWED = -0x05, /**< Not allowed in the current context */ + WAUTHN_ERROR_INVALID_STATE = -0x06, /**< Invalid State */ + WAUTHN_ERROR_ENCODING_FAILED = -0x07, /**< Encoding operation failed */ +} wauthn_error_e; + +/** + * @brief WebAuthn authenticator transports. * + * @since_tizen 9.0 + * @remarks Multiple transport values can be combined using bit-wise operation. + */ +typedef enum __wauthn_authenticator_transport { + WAUTHN_TRANSPORT_NONE = 0x00000000, + WAUTHN_TRANSPORT_USB = 0x00000001, /**< "usb" */ + WAUTHN_TRANSPORT_NFC = 0x00000002, /**< "nfc" */ + WAUTHN_TRANSPORT_BLE = 0x00000004, /**< "ble" */ + WAUTHN_TRANSPORT_SMARTCARD = 0x00000008, /**< "smart-card" */ + WAUTHN_TRANSPORT_HYBRID = 0x00000010, /**< "hybrid" */ + WAUTHN_TRANSPORT_INTERNAL = 0x00000020, /**< "internal" */ +} wauthn_authenticator_transport_e; + +/** + * @brief WebAuthn hash algorithms. + * Currently one hash algorithm is used, namely "SHA-256". + * @since_tizen 9.0 + */ +typedef enum __wauthn_hash_algorithm { + WAUTHN_HASH_ALGORITHM_SHA_256 = 1, /**< "SHA-256" */ +} wauthn_hash_algorithm_e; + +/** + * @brief WebAuthn COSE(CBOR Object Signing and Encryption) algorithms. + * @since_tizen 9.0 + */ +typedef enum __wauthn_cose_algorithm { + WAUTHN_COSE_ALGORITHM_ECDSA_P256_WITH_SHA256 = -7, /**< "ES256" */ + WAUTHN_COSE_ALGORITHM_ECDSA_P384_WITH_SHA384 = -35, /**< "ES384" */ + WAUTHN_COSE_ALGORITHM_ECDSA_P521_WITH_SHA512 = -36, /**< "ES512" */ + WAUTHN_COSE_ALGORITHM_EDDSA = -8, /**< "EdDSA" */ + WAUTHN_COSE_ALGORITHM_RSA_PSS_WITH_SHA256 = -37, /**< "PS256" */ + WAUTHN_COSE_ALGORITHM_RSA_PSS_WITH_SHA384 = -38, /**< "PS384" */ + WAUTHN_COSE_ALGORITHM_RSA_PSS_WITH_SHA512 = -39, /**< "PS512" */ + WAUTHN_COSE_ALGORITHM_RSASSA_PKCS1_V1_5_WITH_SHA256 = -257, /**< "RS256" */ + WAUTHN_COSE_ALGORITHM_RSASSA_PKCS1_V1_5_WITH_SHA384 = -258, /**< "RS384" */ + WAUTHN_COSE_ALGORITHM_RSASSA_PKCS1_V1_5_WITH_SHA512 = -259, /**< "RS512" */ +} wauthn_cose_algorithm_e; + +/** + * @brief WebAuthn attestation preference. + * @since_tizen 9.0 + */ +typedef enum __wauthn_attestation_pref { + ap_none = 0, /**< none */ + ap_indirect = 1, /**< "indirect" */ + ap_direct = 2, /**< "direct" */ + ap_enterprise = 3, /**< "enterprise" */ +} wauthn_attestation_pref_e; + +/** + * @brief WebAuthn public key credential hint value. + * @since_tizen 9.0 + */ +typedef enum __wauthn_pubkey_cred_hint { + pch_none = 0, /**< none */ + pch_security_key = 1, /**< "security-key" */ + pch_client_device = 2, /**< "client-device" */ + pch_hybrid = 3, /**< "hybrid" */ +} wauthn_pubkey_cred_hint_e; + +/** + * @brief WebAuthn user verification requirement value. + * @since_tizen 9.0 + */ +typedef enum __wauthn_user_verification_requirement { + uvr_none = 0, /**< none */ + uvr_required = 1, /**< "required" */ + uvr_preferred = 2, /**< "preferred" */ + uvr_discouraged = 3, /**< "discouraged" */ +} wauthn_user_verification_requirement_e; + +/** + * @brief WebAuthn resident key requirement value + * @since_tizen 9.0 + */ +typedef enum __wauthn_resident_key_requirement { + rkr_none = 0, /**< none */ + rkr_discouraged = 1, /**< "discouraged" */ + rkr_preferred = 2, /**< "preferred" */ + rkr_required = 3, /**< "required" */ +} wauthn_resident_key_requirement_e; + +/** + * @brief WebAuthn authentication attachment value + * @since_tizen 9.0 + */ +typedef enum __wauthn_authenticator_attachment { + aa_none = 0, /**< none */ + aa_platform = 1, /**< "platform" */ + aa_cross_platform = 2, /**< "cross-platform" */ +} wauthn_authenticator_attachment_e; + +/** + * @brief WebAuthn credential type. + * Currently one credential type is defined, namely "public-key". + * @since_tizen 9.0 + */ +typedef enum __wauthn_pubkey_cred_type { + pct_public_key = 1, /**< public-key */ +} wauthn_pubkey_cred_type_e; /** * @brief Returns stringified name of return code. @@ -54,58 +164,521 @@ typedef enum { * * @return @c stringified name of return code. */ -const char * wauth_error_to_string(int error); +const char * wauthn_error_to_string(int error); + /** - * @brief Make a new web authentication credential and store it to authenticator. + * @brief Set API version that the caller uses. * * @since_tizen 9.0 * - * @remarks something important to remember + * @remarks This API must be called before other APIs are called. * - * @param[in] param1 Item alias to be removed - * - * @param[out] output1 Output. + * @param[in] api_version_number API version number to set. + * Use #WATUH_API_VERSION_NUMBER as an input. * * @return @c 0 on success, * otherwise a negative error value - * @retval #WAU_ERROR_NONE Successful - * @retval #WAU_ERROR_INVALID_PARAMETER Input parameter is invalid - * @retval #WAU_ERROR_PERMISSION_DENIED Failed to access key manager or the item to remove + * @retval #WAUTHN_ERROR_NONE Successful + * @retval #WAUTHN_ERROR_NOT_SUPPORTED the specified API version is not supported. + */ +int wauthn_set_api_version(int api_version_number); + + +/** + * @brief Get information on authenticator types that the client platform supports. * - * @pre Precondition + * @since_tizen 9.0 * - * @see wau_get_assertion() + * @remarks This version of API only support hybrid roaming authenticator. + * So the bit for #WAUTHN_TRANSPORT_HYBRID is set 1 and + * bits for other authenticators set 0. + * Each authenticators can be checked using bitwise operation. + * Here is sample code for check supported authenticators, + * if (supported & WAUTHN_TRANSPORT_HYBRID) + * then // hybrid transport is supported + * else // hybrid transport is not supported + * + * @param[out] supported The pointer to an unsigned int for return supported authenticators + * + * @return @c 0 on success, + * otherwise a negative error value + * @retval #WAUTHN_ERROR_NONE Successful + * @retval #WAUTHN_ERROR_INVALID_PARAMETER the supported is NULL. + * @see #wauthn_authenticator_transport_e */ -int wauth_make_credential(const char *param1, char **output1); +int wauthn_supported_authenticators(unsigned int *supported); + /** - * @brief Get assertion from authenticator - * + * @brief The structure for binary buffer used in this CAPI. + * @since_tizen 9.0 + */ +typedef struct __wauthn_buffer { + unsigned char *data; /**< Byte array containing binary data */ + size_t size; /**< The size of the binary data */ +} wauthn_buffer_s; + +/** + * @brief The structure for response of wauthn_make_credential. + * @since_tizen 9.0 + * @see wauthn_make_credential() + * @see #wauthn_pubkey_credential_attestaion_s + * @see #wauthn_cose_algorithm_e + */ +typedef struct __wauthn_authenticator_attestation_response { + wauthn_buffer_s *client_data_json; + wauthn_buffer_s *attestation_object; /**< The CBOR encoded Attestation Object to be returned to the RP */ + unsigned int transports; + wauthn_buffer_s *authenticator_data; + wauthn_buffer_s *subject_pubkey_info; + wauthn_cose_algorithm_e pubkey_alg; +} wauthn_authenticator_attestation_response_s; + +/** + * @brief The structure for response of wauthn_get_assersion. + * @since_tizen 9.0 + * @see wauthn_get_assersion() + * @see #wauthn_pubkey_credential_assertion_s + */ +typedef struct __wauthn_authenticator_assertion_response { + wauthn_buffer_s *client_data_json; + wauthn_buffer_s *authenticator_data; + wauthn_buffer_s *signature; + wauthn_buffer_s *user_handle; + wauthn_buffer_s *attestation_object; +} wauthn_authenticator_assertion_response_s; + +/** + * @brief The structure for an origin. + * @since_tizen 9.0 + * @remarks https://html.spec.whatwg.org/multipage/browsers.html#concept-origin + */ +typedef struct __wauthn_origin { + char *scheme; + char *host; + int port; + char *domain; +} wauthn_origin_s; + +/** + * @brief The structure for a RP entity. * @since_tizen 9.0 + */ +typedef struct __wauthn_rp_entity { + char *name; /**< The name of RP */ + char *id; /**< The RPID */ +} wauthn_rp_entity_s; + +#define WEBAUTHN_MAX_USER_ID_LENGTH 64 + +/** + * @brief The structure for a user entity. + * @since_tizen 9.0 + */ +typedef struct __wauthn_user_entity { + char *name; + wauthn_buffer_s *id; /**< The ID of the user account. An ID is a byte sequence with a maximum size of + 64 bytes, and is not meant to be displayed to the user */ + char *display_name; /**< A human-palatable name for the user account, intended only for display */ +} wauthn_user_entity_s; + + +/** + * @brief The structure for a parameter for credential generation. + * @since_tizen 9.0 + * @see #wauthn_cose_algorithm_e + */ +typedef struct __wauthn_pubkey_cred_param { + wauthn_pubkey_cred_type_e type; /**< Well-known credential type specifying a credential to create */ + wauthn_cose_algorithm_e alg; /**< Well-known COSE algorithm specifying the algorithm to use for the credential */ +} wauthn_pubkey_cred_param_s; + +/** + * @brief The list structure for parameters for credential generation. + * @since_tizen 9.0 + * @see #wauthn_pubkey_cred_param_s + */ +typedef struct __wauthn_pubkey_cred_params { + size_t size; + wauthn_pubkey_cred_param_s *params; +} wauthn_pubkey_cred_params_s; + +/** + * @brief The structure for a publickey credential descriptor. + * @since_tizen 9.0 + * @see #wauthn_pubkey_cred_descriptor_s + */ +typedef struct __wauthn_pubkey_cred_descriptor { + wauthn_pubkey_cred_type_e type; + wauthn_buffer_s *id; + unsigned int transports; +} wauthn_pubkey_cred_descriptor_s; + +/** + * @brief The list structure for publickey credential descriptors. + * @since_tizen 9.0 + * @see #wauthn_pubkey_cred_descriptor_s + */ +typedef struct __wauthn_pubkey_cred_descriptors { + size_t size; + wauthn_pubkey_cred_descriptor_s *transports; +} wauthn_pubkey_cred_descriptors_s; + +/** + * @brief The structure for an authentication extension. + * @since_tizen 9.0 + * @see #wauthn_authentication_ext_s + */ +typedef struct __wauthn_authentication_ext { + wauthn_buffer_s *extension_id; /**< + Extension Identifier defined in the following registry. + https://www.iana.org/assignments/webauthn/webauthn.xhtml#webauthn-extension-ids. */ + wauthn_buffer_s *extension_value; /**< + Extension value */ +} wauthn_authentication_ext_s; + +/** + * @brief The list structure for authentication extensions. + * @since_tizen 9.0 + * @see #wauthn_authentication_ext_s + */ +typedef struct __wauthn_authentication_exts { + size_t size; + wauthn_authentication_ext_s *extensions; +} wauthn_authentication_exts_s; + +/** + * @brief The structure for an authenticator selection criteria. + * @since_tizen 9.0 + * @see #wauthn_authenticator_attachment_e + * @see #wauthn_resident_key_requirement_e + * @see #wauthn_user_verification_requirement_e + */ +typedef struct __wauthn_authenticator_sel_cri { + wauthn_authenticator_attachment_e attachment; + wauthn_resident_key_requirement_e resident_key; + bool require_resident_key; + wauthn_user_verification_requirement_e user_verification; +} wauthn_authenticator_sel_cri_s; + +/** + * @brief The list structure for publickey credential hints. + * @since_tizen 9.0 + * @see #wauthn_pubkey_cred_hint_e + */ +typedef struct __wauthn_pubkey_cred_hints { + size_t size; + wauthn_pubkey_cred_hint_e *hints; +} wauthn_pubkey_cred_hints_s; + +/** + * @brief The structure for a linked device data. + * @since_tizen 9.0 + */ +typedef struct __wauthn_hybrid_linked_data { + wauthn_buffer_s *contact_id; // cbor:"1" + wauthn_buffer_s *link_id; // cbor:"2" + wauthn_buffer_s *link_secret; // cbor:"3" + wauthn_buffer_s *authenticator_pubkey; // cbor:"4" + wauthn_buffer_s *authenticator_name; // cbor:"5" + wauthn_buffer_s *signature; // cbor:"6" + wauthn_buffer_s *auth_pubkey; + wauthn_buffer_s *tunnel_server_domain; +} wauthn_hybrid_linked_data_s; + +/** + * @brief The list structure for attestation formats. + * @since_tizen 9.0 + */ +typedef struct __wauthn_attestation_formats { + size_t size; + wauthn_buffer_s *attestation_formats; +} wauthn_attestation_formats_s; + +/** + * @brief The structure for a make credential option. + * @since_tizen 9.0 + * @see wauthn_make_credential() + * @see #wauthn_rp_entity_s + * @see #wauthn_user_entity_s + * @see #wauthn_pubkey_cred_params_s + * @see #wauthn_pubkey_cred_descriptors_s + * @see #wauthn_authenticator_sel_cri_s + * @see #wauthn_pubkey_cred_hints_s + * @see #wauthn_attestation_pref_e + * @see #wauthn_attestation_formats_s + * @see #wauthn_authentication_exts_s + * @see #wauthn_hybrid_linked_data_s + */ +typedef struct __wauthn_pubkey_cred_creation_options { + wauthn_rp_entity_s *rp; /**< This member contains a name and + an identifier for the Relying Party + responsible for the request */ + wauthn_user_entity_s *user; /**< This member contains names and + an identifier for the user account + performing the registration */ + wauthn_buffer_s *challenge; /**< This member specifies a challenge + that the authenticator signs, + along with other data, when producing + an attestation object for the newly + created credential */ + wauthn_pubkey_cred_params_s *pubkey_cred_params; /**< This member lists the key types and + signature algorithms the Relying Party + supports, ordered from most preferred + to least preferred */ + unsigned long timeout; /**< This member specifies a time, in milliseconds, + that the Relying Party is willing to wait for the call to complete. + This is treated as a hint, and MAY be overridden by the client. + The value, '0', means no timeout is set. (optional) */ + wauthn_pubkey_cred_descriptors_s *exclude_credentials; /**< The Relying Party SHOULD use + this member to list any existing + credentials mapped to this user + account (as identified by user.id) + (optional) */ + wauthn_authenticator_sel_cri_s *authenticator_selection; /**< The Relying Party MAY use + this member to specify capabilities + and settings that the authenticator + MUST or SHOULD satisfy to participate + in this operation (optional)*/ + wauthn_pubkey_cred_hints_s *hints; /**< + This member contains zero or more elements from #wauthn_pubkey_cred_hint_e to + guide the user agent in interacting with the user. (optional)*/ + wauthn_attestation_pref_e attestion; /**< + The Relying Party MAY use this member to specify a preference regarding attestation + conveyance. The default value is #ap_none (optional) */ + wauthn_attestation_formats_s *attestation_formats; /**< + The Relying Party MAY use this member to specify a preference regarding the attestation + statement format used by the authenticator. The default value is the empty list, which + indicates no preference (optional) */ + wauthn_authentication_exts_s *extensions; /**< The Relying Party MAY use this member to provide + client extension inputs requesting additional processing by the client and authenticator.(optional) */ + wauthn_hybrid_linked_data_s *linked_device; /**< Linked Device Connection Info (optional) */ +} wauthn_pubkey_cred_creation_options_s; + +/** + * @brief The structure for a get assertion option. + * @since_tizen 9.0 + * @see wauthn_get_assertion() + * @see #wauthn_pubkey_cred_descriptors_s + * @see #wauthn_user_verification_requirement_e + * @see #wauthn_pubkey_cred_hints_s + * @see #wauthn_attestation_pref_e + * @see #wauthn_attestation_formats_s + * @see #wauthn_authentication_exts_s + * @see #wauthn_hybrid_linked_data_s + */ +typedef struct __wauthn_pubkey_cred_request_options { + wauthn_buffer_s *challenge; /**< This member specifies a challenge that the authenticator signs, + along with other data, when producing an authentication assertion */ + unsigned long timeout; /**< This member specifies a time, in milliseconds, + that the Relying Party is willing to wait for the call to complete. + The value, '0', means no timeout is set. (optional)*/ + char *rpId; /**< This member specifies the RP ID claimed by the Relying Party (optional)*/ + wauthn_pubkey_cred_descriptors_s *allow_credentials; /**< This member is used by the client + to find authenticators eligible for this + authentication ceremony (optional)*/ + wauthn_user_verification_requirement_e user_verification; /**< + This member specifies the Relying Party's requirements regarding + user verification for the wauthn_get_assertion() operation. + The default value is #uvr_preferred (optional) */ + wauthn_pubkey_cred_hints_s *hints; /**< + This member contains zero or more elements from #wauthn_pubkey_cred_hint_e to + guide the user agent in interacting with the user. (optional)*/ + wauthn_attestation_pref_e attestion; /**< + The Relying Party MAY use this member to specify a preference regarding + attestation conveyance. The default value is #ap_none (optional)*/ + wauthn_attestation_formats_s *attestation_formats; /**< + The Relying Party MAY use this member to specify a preference regarding the attestation + statement format used by the authenticator. The default value is the empty list, which + indicates no preference (optional) */ + wauthn_authentication_exts_s *extensions; /**< + The Relying Party MAY use this member to provide client extension inputs requesting + additional processing by the client and authenticator.(optional) */ + wauthn_hybrid_linked_data_s *linked_device; /**< Linked Device Connection Info (optional) */ +} wauthn_pubkey_cred_request_options_s; + +/** + * @brief The structure for a publickey_credential response for wauthn_make_credential(). + * @since_tizen 9.0 + * @see wauthn_make_credential() + * @see #wauthn_authenticator_attestation_response_s + * @see #wauthn_authenticator_attachment_e + * @see #wauthn_authentication_exts_s + * @see #wauthn_hybrid_linked_data_s + */ +typedef struct __wauthn_pubkey_credential_attestaion { + wauthn_buffer_s *id; + wauthn_pubkey_cred_type_e type; + wauthn_buffer_s *rawId; + wauthn_authenticator_attestation_response_s *response; + wauthn_authenticator_attachment_e authenticator_attachment; + wauthn_authentication_exts_s *extensions; + bool is_conditional_mediation_available; + wauthn_buffer_s *json_data; + wauthn_hybrid_linked_data_s *linked_device; +} wauthn_pubkey_credential_attestaion_s; + +/** + * @brief The structure for a publickey_credential response for wauthn_get_assertion(). + * @since_tizen 9.0 + * @see wauthn_get_assertion() + * @see #wauthn_authenticator_assertion_response_s + * @see #wauthn_authenticator_attachment_e + * @see #wauthn_authentication_exts_s + * @see #wauthn_hybrid_linked_data_s + */ +typedef struct __wauthn_pubkey_credential_assertion { + wauthn_buffer_s *id; + wauthn_pubkey_cred_type_e type; + wauthn_buffer_s *rawId; + wauthn_authenticator_assertion_response_s *response; + wauthn_authenticator_attachment_e authenticator_attachment; + wauthn_authentication_exts_s *extensions; + bool is_conditional_mediation_available; + wauthn_buffer_s *json_data; + wauthn_hybrid_linked_data_s *linked_device; +} wauthn_pubkey_credential_assertion_s; + +/** + * @brief The structure for a client data json. + * @since_tizen 9.0 + * @see #wauthn_hash_algorithm_e + */ +typedef struct __wauthn_client_data { + wauthn_buffer_s *client_data_json;// UTF-8 encoded JSON serialization of the client data + wauthn_hash_algorithm_e hash_alg; // Hash algorithm used to hash the client_data_json field +} wauthn_client_data_s; + +/** + * @brief Invoked when a QR Code need to be displayed. + * @remarks If the request does not need to display a QR code + * then this callback function won't be invoked, + * @since_tizen 9.0 + * @param[in] qrcode The QR code payload + * @see #wauthn_mc_callbacks_s() + * @see #wauthn_ga_callbacks_s() + */ +typedef void wauthn_cb_display_qrcode(const unsigned char *qrcode); + +/** + * @brief Invoked when the response for the make credential request need to be returned. + * @since_tizen 9.0 + * @param[in] pubkey_cred The publickey credential contains response data + * @see #wauthn_mc_callbacks_s + * @see #wauthn_pubkey_credential_attestaion_s + */ +typedef void wauthn_cb_mc_on_response(const wauthn_pubkey_credential_attestaion_s *pubkey_cred); + +/** + * @brief Invoked when the response for the get assertion request need to be returned. + * @since_tizen 9.0 + * @param[in] pubkey_cred The publickey credential contains response data + * @see #wauthn_ga_callbacks_s + * @see #wauthn_pubkey_credential_assertion_s + */ +typedef void wauthn_cb_ga_on_response(const wauthn_pubkey_credential_assertion_s *pubkey_cred); + +/** + * @brief The structure for callback function list used to make credential. + * @since_tizen 9.0 + * @see wauthn_make_credential() + * @see wauthn_cb_display_qrcode() + * @see wauthn_cb_mc_on_response() + */ +typedef struct __wauthn_mc_callbacks { + wauthn_cb_display_qrcode *qrcode_callback; + wauthn_cb_mc_on_response *response_callback; +} wauthn_mc_callbacks_s; + +/** + * @brief The structure for callback function list used to get assertion. + * @since_tizen 9.0 + * @see wauthn_get_assertion() + * @see wauthn_cb_display_qrcode() + * @see wauthn_cb_ga_on_response() + */ +typedef struct __wauthn_ga_callbacks { + wauthn_cb_display_qrcode *qrcode_callback; + wauthn_cb_ga_on_response *response_callback; +} wauthn_ga_callbacks_s; + +/** + * @brief Make a new web authentication credential and store it to authenticator. * - * @remarks something important to remember + * @since_tizen 9.0 * - * @param[in] param1 Item alias to be removed + * @remarks [TBD] something important to remember * -* @param[out] output1 Output. + * @param[in] client_data UTF-8 encoded JSON serialization of the client data + * @param[in] cancellation_id This ID will be used to cancel the make wauthn_make_credential() request + * @param[in] options This argument is a #wauthn_pubkey_cred_creation_options_s object specifying the + * desired attributes of the to-be-created public key credential + * @param[in] callbacks The callback functions to be invoked * * @return @c 0 on success, * otherwise a negative error value - * @retval #WAU_ERROR_NONE Successful - * @retval #WAU_ERROR_INVALID_PARAMETER Input parameter is invalid - * @retval #WAU_ERROR_PERMISSION_DENIED Failed to access key manager or the item to remove + * @retval #WAUTHN_ERROR_NONE Successful + * @retval #WAUTHN_ERROR_INVALID_PARAMETER Input parameter is invalid + * @retval #WAUTHN_ERROR_NOT_ALLOWED Not allowed in the current context + * @retval #WAUTHN_ERROR_INVALID_STATE Get in an invalid state * - * @pre Precondition + * @pre [TBD] Precondition * - * @see wau_make_credential() + * @see wauthn_get_assertion() + * @see #wauthn_pubkey_cred_creation_options_s + * @see #wauthn_mc_callbacks_s */ -int wauth_get_assertion(const char *param1, char **output1); +int wauthn_make_credential( const wauthn_client_data_s *client_data, + const unsigned long int cancellation_id, + const wauthn_pubkey_cred_creation_options_s *options, + wauthn_mc_callbacks_s *callbacks); +/** + * @brief Get assertion from authenticator. + * + * @since_tizen 9.0 + * + * @remarks [TBD] Something important to remember + * + * @param[in] client_data UTF-8 encoded JSON serialization of the client data + * @param[in] cancellation_id This ID will be used to cancel the make wauthn_get_assertion() request + * @param[in] options This argument is a #wauthn_pubkey_cred_request_options_s object specifying the + * desired attributes of the public key credential to discover + * @param[in] callbacks The callback functions to be invoked + * + * @return @c 0 on success, + * @retval #WAUTHN_ERROR_NONE Successful + * @retval #WAUTHN_ERROR_INVALID_PARAMETER Input parameter is invalid + * @retval #WAUTHN_ERROR_NOT_ALLOWED Not allowed in the current context + * + * @pre [TBD] Precondition + * + * @see wauthn_make_credential() + * @see #wauthn_pubkey_cred_request_options_s + * @see #wauthn_ga_callbacks_s + */ +int wauthn_get_assertion( const wauthn_client_data_s *client_data, + const unsigned long int cancellation_id, + const wauthn_pubkey_cred_request_options_s *options, + wauthn_ga_callbacks_s *callbacks); /** - * @} + * @brief Stops operation with the cancellation ID. + * + * @since_tizen 9.0 + * + * @param[in] cancellation_id The cancellation ID to stop + * + * @return @c 0 on success, + * @retval #WAUTHN_ERROR_NONE Successful + * @retval #WAUTHN_ERROR_INVALID_PARAMETER Input parameter is invalid + * @retval #WAUTHN_ERROR_NOT_ALLOWED Not allowed in the current context + * + * @see wauthn_make_credential() + * @see wauthn_get_assertion() */ +int wauthn_cancel( const unsigned long int cancellation_id); #ifdef __cplusplus } diff --git a/srcs/client/client.cpp b/srcs/client/client.cpp index 9aafdea..5184894 100644 --- a/srcs/client/client.cpp +++ b/srcs/client/client.cpp @@ -28,7 +28,7 @@ int wau_make_credential(const char *param1, char **output1) { (void) param1; (void) output1; - return WAU_ERROR_NONE; + return WAUTHN_ERROR_NONE; } WEBAUTHN_CAPI @@ -36,5 +36,5 @@ int wau_get_assertion(const char *param1, char **output1) { (void) param1; (void) output1; - return WAU_ERROR_NONE; + return WAUTHN_ERROR_NONE; } diff --git a/srcs/common/wauth-error.cpp b/srcs/common/wauth-error.cpp index c963f40..4e7fe0b 100644 --- a/srcs/common/wauth-error.cpp +++ b/srcs/common/wauth-error.cpp @@ -22,13 +22,18 @@ #include -#define WAU_CODE_DESCRIBE(name) case name: return #name +#define WAUTHN_CODE_DESCRIBE(name) case name: return #name const char * wauth_error_to_string(int error) { switch (error) { - WAU_CODE_DESCRIBE(WAU_ERROR_NONE); - WAU_CODE_DESCRIBE(WAU_ERROR_UNKNOWN); - WAU_CODE_DESCRIBE(WAU_ERROR_INVALID_PARAMETER); + WAUTHN_CODE_DESCRIBE(WAUTHN_ERROR_NONE); + WAUTHN_CODE_DESCRIBE(WAUTHN_ERROR_UNKNOWN); + WAUTHN_CODE_DESCRIBE(WAUTHN_ERROR_INVALID_PARAMETER); + WAUTHN_CODE_DESCRIBE(WAUTHN_ERROR_PERMISSION_DENIED); + WAUTHN_CODE_DESCRIBE(WAUTHN_ERROR_NOT_SUPPORTED); + WAUTHN_CODE_DESCRIBE(WAUTHN_ERROR_NOT_ALLOWED); + WAUTHN_CODE_DESCRIBE(WAUTHN_ERROR_INVALID_STATE); + WAUTHN_CODE_DESCRIBE(WAUTHN_ERROR_ENCODING_FAILED); default: return "Code not defined"; } } -- 2.7.4