[webkit-changes] [WebKit/WebKit] 7db187: [WebAuthn] Add logging for authenticators
Commit Queue
noreply at github.com
Mon Mar 4 15:12:00 PST 2024
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 7db187aff8f92fa64a130fecf7d69471eb95aa1e
https://github.com/WebKit/WebKit/commit/7db187aff8f92fa64a130fecf7d69471eb95aa1e
Author: Pascoe <pascoe at apple.com>
Date: 2024-03-04 (Mon, 04 Mar 2024)
Changed paths:
M Source/WebCore/Modules/webauthn/WebAuthenticationUtils.cpp
M Source/WebCore/Modules/webauthn/WebAuthenticationUtils.h
M Source/WebCore/Modules/webauthn/fido/AuthenticatorGetInfoResponse.cpp
M Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp
M Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.h
M Source/WebKit/UIProcess/WebAuthentication/fido/FidoAuthenticator.cpp
M Source/WebKit/UIProcess/WebAuthentication/fido/FidoAuthenticator.h
M Source/WebKit/UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp
Log Message:
-----------
[WebAuthn] Add logging for authenticators
https://bugs.webkit.org/show_bug.cgi?id=270463
rdar://123704181
Reviewed by Charlie Wolfe.
This patch adds detailed logging to understand the flows through the CTAP
and U2F authenticator code. Sometimes we hit flaky or hard to reproduce
error conditions with security keys. This change will aid in debugging
these cases.
Although challenges are short-lived. We don't log the responses of successful
makeCredential and getAssertion calls containing signatures, instead logging only
if there was an issue with the response.
* Source/WebCore/Modules/webauthn/WebAuthenticationUtils.cpp:
(WebCore::toString):
* Source/WebCore/Modules/webauthn/WebAuthenticationUtils.h:
* Source/WebCore/Modules/webauthn/fido/AuthenticatorGetInfoResponse.cpp:
(fido::encodeAsCBOR):
(fido::toString): Deleted.
* Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp:
(WebKit::CtapAuthenticator::makeCredential):
(WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived):
(WebKit::CtapAuthenticator::getAssertion):
(WebKit::CtapAuthenticator::continueGetAssertionAfterResponseReceived):
(WebKit::CtapAuthenticator::continueGetNextAssertionAfterResponseReceived):
(WebKit::CtapAuthenticator::getRetries):
(WebKit::CtapAuthenticator::continueGetKeyAgreementAfterGetRetries):
(WebKit::CtapAuthenticator::continueRequestPinAfterGetKeyAgreement):
(WebKit::CtapAuthenticator::continueGetPinTokenAfterRequestPin):
(WebKit::CtapAuthenticator::continueRequestAfterGetPinToken):
(WebKit::CtapAuthenticator::tryRestartPin):
(WebKit::CtapAuthenticator::tryDowngrade):
(WebKit::CtapAuthenticator::aaguidForDebugging const):
* Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.h:
* Source/WebKit/UIProcess/WebAuthentication/fido/FidoAuthenticator.cpp:
(WebKit::FidoAuthenticator::transportForDebugging const):
* Source/WebKit/UIProcess/WebAuthentication/fido/FidoAuthenticator.h:
* Source/WebKit/UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp:
(WebKit::U2fAuthenticator::makeCredential):
(WebKit::U2fAuthenticator::checkExcludeList):
(WebKit::U2fAuthenticator::issueRegisterCommand):
(WebKit::U2fAuthenticator::getAssertion):
(WebKit::U2fAuthenticator::issueSignCommand):
(WebKit::U2fAuthenticator::issueNewCommand):
(WebKit::U2fAuthenticator::issueCommand):
(WebKit::U2fAuthenticator::continueRegisterCommandAfterResponseReceived):
(WebKit::U2fAuthenticator::continueCheckOnlyCommandAfterResponseReceived):
(WebKit::U2fAuthenticator::continueBogusCommandExcludeCredentialsMatchAfterResponseReceived):
(WebKit::U2fAuthenticator::continueBogusCommandNoCredentialsAfterResponseReceived):
(WebKit::U2fAuthenticator::continueSignCommandAfterResponseReceived):
Canonical link: https://commits.webkit.org/275657@main
To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications
More information about the webkit-changes
mailing list