[webkit-changes] [WebKit/WebKit] 848a80: Send bogus registration if no credentials match fo...
John Pascoe
noreply at github.com
Fri Oct 7 09:24:23 PDT 2022
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 848a8058df32588840ba1125a351816c765d7d24
https://github.com/WebKit/WebKit/commit/848a8058df32588840ba1125a351816c765d7d24
Author: J Pascoe <j_pascoe at apple.com>
Date: 2022-10-07 (Fri, 07 Oct 2022)
Changed paths:
M LayoutTests/http/wpt/webauthn/public-key-credential-get-failure-u2f-silent.https.html
M LayoutTests/http/wpt/webauthn/public-key-credential-get-failure-u2f.https.html
M Source/WebKit/UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp
M Source/WebKit/UIProcess/WebAuthentication/fido/U2fAuthenticator.h
M Tools/TestWebKitAPI/Tests/WebKitCocoa/web-authentication-get-assertion-u2f-no-credentials.html
Log Message:
-----------
Send bogus registration if no credentials match for U2F authenticators
https://bugs.webkit.org/show_bug.cgi?id=245904
<rdar://100329828>
Reviewed by Brent Fulgham.
U2F authenticators should wait for a tap before showing the no credentials status, just like
FIDO2 authenticators. This patch accomplishes that by sending a bogus register command whenever
there are no matching credentials from the allow list. The code already did that for registrations,
this starts doing it for assertions.
* Source/WebKit/UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp:
(WebKit::U2fAuthenticator::issueSignCommand):
(WebKit::U2fAuthenticator::responseReceived):
(WebKit::U2fAuthenticator::continueCheckOnlyCommandAfterResponseReceived):
(WebKit::U2fAuthenticator::continueBogusCommandExcludeCredentialsMatchAfterResponseReceived):
(WebKit::U2fAuthenticator::continueBogusCommandNoCredentialsAfterResponseReceived):
(WebKit::U2fAuthenticator::continueBogusCommandAfterResponseReceived): Deleted.
* Source/WebKit/UIProcess/WebAuthentication/fido/U2fAuthenticator.h:
* LayoutTests/http/wpt/webauthn/public-key-credential-get-failure-u2f-silent.https.html:
* LayoutTests/http/wpt/webauthn/public-key-credential-get-failure-u2f.https.html:
* Tools/TestWebKitAPI/Tests/WebKitCocoa/web-authentication-get-assertion-u2f-no-credentials.html:
Canonical link: https://commits.webkit.org/255273@main
More information about the webkit-changes
mailing list