1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
|
// Copyright 2023 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef COMPONENTS_WEBAUTHN_CORE_BROWSER_PASSKEY_MODEL_H_
#define COMPONENTS_WEBAUTHN_CORE_BROWSER_PASSKEY_MODEL_H_
#include <optional>
#include <string>
#include <string_view>
#include <vector>
#include "base/containers/flat_set.h"
#include "base/containers/span.h"
#include "base/memory/weak_ptr.h"
#include "base/observer_list_types.h"
#include "base/time/time.h"
#include "components/keyed_service/core/keyed_service.h"
#include "components/webauthn/core/browser/passkey_model_change.h"
namespace base {
class Location;
}
namespace sync_pb {
class WebauthnCredentialSpecifics;
}
namespace syncer {
class DataTypeControllerDelegate;
}
namespace webauthn {
// PasskeyModel provides access to passkeys, which are represented as
// WebauthnCredentialSpecifics in Sync.
//
// By design, non-syncing passkeys are not supported (unlike passwords e.g.,
// which can be created on the local device only, without uploading them to
// Sync).
//
// Aside from Sync passkeys, there might be other WebAuthn platform credentials
// on the device. E.g., non-passkey credentials in the browser-provided
// authenticators on CrOS (u2fd) and macOS (//device/fido/mac); or platform
// credentials owned by Windows Hello or iCloud Keychain. None of these are
// accessible though PasskeyModel.
class PasskeyModel : public KeyedService {
public:
class Observer : public base::CheckedObserver {
public:
// Notifies the observer that passkeys have changed, e.g. because a new one
// was downloaded or deleted.
virtual void OnPasskeysChanged(
const std::vector<PasskeyModelChange>& changes) = 0;
// Notifies the observer that the passkey model is shutting down.
virtual void OnPasskeyModelShuttingDown() = 0;
// Notifies the observer when the passkey model becomes ready.
virtual void OnPasskeyModelIsReady(bool is_ready) = 0;
};
// Represents the WebAuthn PublicKeyCredentialUserEntity passed by the Relying
// Party during registration.
struct UserEntity {
UserEntity(std::vector<uint8_t> id,
std::string name,
std::string display_name);
~UserEntity();
std::vector<uint8_t> id;
std::string name;
std::string display_name;
};
// Attributes of a passkey that can be updated. If an attribute is set to
// empty, then the entity attribute will also be set to empty.
struct PasskeyUpdate {
std::string user_name;
std::string user_display_name;
};
virtual void AddObserver(Observer* observer) = 0;
virtual void RemoveObserver(Observer* observer) = 0;
// Returns the sync DataTypeControllerDelegate for the WEBAUTHN_CREDENTIAL
// data type.
virtual base::WeakPtr<syncer::DataTypeControllerDelegate>
GetDataTypeControllerDelegate() = 0;
// Returns true if the model has finished loading state from disk and is ready
// to sync.
virtual bool IsReady() const = 0;
// Returns true if there are no passkeys in the account.
virtual bool IsEmpty() const = 0;
virtual base::flat_set<std::string> GetAllSyncIds() const = 0;
// Returns the list of all passkeys, including those that are shadowed.
virtual std::vector<sync_pb::WebauthnCredentialSpecifics> GetAllPasskeys()
const = 0;
// Returns the passkey matching the given Relying Party and credential ID, if
// any. Shadowed entities, which aren't suitable for generating assertions,
// are ignored.
virtual std::optional<sync_pb::WebauthnCredentialSpecifics>
GetPasskeyByCredentialId(const std::string& rp_id,
const std::string& credential_id) const = 0;
// Returns all passkeys for the given Relying Party ID. Shadowed entities,
// which aren't suitable for generating assertions, are ignored.
virtual std::vector<sync_pb::WebauthnCredentialSpecifics>
GetPasskeysForRelyingPartyId(const std::string& rp_id) const = 0;
// Deletes the passkey with the given `credential_id`. If the passkey is the
// head of the shadow chain, then all passkeys for the same (user id, rp id)
// are deleted as well. `location` is used for logging purposes and
// investigations. Returns true if a passkey was found and deleted, false
// otherwise.
virtual bool DeletePasskey(const std::string& credential_id,
const base::Location& location) = 0;
// Sets the `hidden` property for the passkey with the given `credential_id`.
// Returns true if a passkey was found and updated, false otherwise.
virtual bool SetPasskeyHidden(const std::string& credential_id,
bool hidden) = 0;
// Deletes all passkeys.
virtual void DeleteAllPasskeys() = 0;
// Updates attributes of the passkey with the given `credential_id`. Returns
// true if the credential was found and updated, false otherwise.
// |updated_by_user| should be true if the user explicitly requested this
// update, e.g. through the password manager. Passkeys updated by the user
// will be permantently marked as such. Any further attempts to update the
// passkey with |updated_by_user| set to |false| will be dropped.
virtual bool UpdatePasskey(const std::string& credential_id,
PasskeyUpdate change,
bool updated_by_user) = 0;
// Updates the `last_used_time_windows_epoch_micros` attribute of the
// passkey with the given `credential_id`. Returns true if the credential was
// found and updated, false otherwise.
virtual bool UpdatePasskeyTimestamp(const std::string& credential_id,
base::Time last_used_time) = 0;
// Creates a passkey for the given RP and user and returns the new entity
// specifics.
//
// The returned entity's `encrypted` field will contain an
// `WebauthnCredentialSpecifics_EncryptedData` message, encrypted to
// `trusted_vault_key`. `public_key_spki_der_out`, if non-null, will be set to
// a DER-serialized X.509 SubjectPublicKeyInfo of the corresponding public
// key.
//
// Any existing passkeys for the same RP and user ID are shadowed (i.e., added
// to the new passkey's `newly_shadowed_credential_ids`), causing them not to
// be enumerated by other methods in the model.
virtual sync_pb::WebauthnCredentialSpecifics CreatePasskey(
std::string_view rp_id,
const UserEntity& user_entity,
base::span<const uint8_t> trusted_vault_key,
int32_t trusted_vault_key_version,
std::vector<uint8_t>* public_key_spki_der_out) = 0;
// Creates a passkey from a pre-constructed protobuf.
// Existing passkeys for the same RP and user ID will be shadowed, but
// otherwise all fields in the entity should be filled by the caller.
virtual void CreatePasskey(sync_pb::WebauthnCredentialSpecifics& passkey) = 0;
// Inserts the given passkey specifics into the model and returns the entity
// sync_id.
virtual std::string AddNewPasskeyForTesting(
sync_pb::WebauthnCredentialSpecifics passkey) = 0;
};
} // namespace webauthn
#endif // COMPONENTS_WEBAUTHN_CORE_BROWSER_PASSKEY_MODEL_H_
|
