File: WebAuthenticationConstants.h

package info (click to toggle)
webkit2gtk 2.51.3-1
  • links: PTS, VCS
  • area: main
  • in suites: experimental
  • size: 477,912 kB
  • sloc: cpp: 3,898,343; javascript: 198,215; ansic: 165,229; python: 50,371; asm: 21,819; ruby: 18,095; perl: 16,953; xml: 4,623; sh: 2,398; yacc: 2,356; java: 2,019; lex: 1,358; pascal: 372; makefile: 197
file content (130 lines) | stat: -rw-r--r-- 4,566 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
 
/*
 * Copyright (C) 2018 Apple Inc. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
 * THE POSSIBILITY OF SUCH DAMAGE.
 */

#pragma once

namespace COSE {

// See RFC 8152 - CBOR Object Signing and Encryption <https://tools.ietf.org/html/rfc8152>
// Labels
const int64_t alg = 3;
const int64_t crv = -1;
const int64_t kty = 1;
const int64_t x = -2;
const int64_t y = -3;

// Values
const int64_t EC2 = 2;
const int64_t ES256 = -7;
const int64_t RS256 = -257;
const int64_t ECDH256 = -25;
const int64_t P_256 = 1;

} // namespace COSE

namespace WebCore {

// Length of the SHA-256 hash of the RP ID asssociated with the credential:
// https://www.w3.org/TR/webauthn/#sec-authenticator-data
const size_t rpIdHashLength = 32;

// Length of the flags:
// https://www.w3.org/TR/webauthn/#sec-authenticator-data
const size_t flagsLength = 1;

// Length of the signature counter, 32-bit unsigned big-endian integer:
// https://www.w3.org/TR/webauthn/#sec-authenticator-data
const size_t signCounterLength = 4;

// Length of the AAGUID of the authenticator:
// https://www.w3.org/TR/webauthn/#sec-attested-credential-data
const size_t aaguidLength = 16;

// Length of the byte length L of Credential ID, 16-bit unsigned big-endian
// integer: https://www.w3.org/TR/webauthn/#sec-attested-credential-data
const size_t credentialIdLengthLength = 2;

// Per Section 2.3.5 of http://www.secg.org/sec1-v2.pdf
const size_t ES256FieldElementLength = 32;

// HMAC-Secret extension output sizes:
// https://fidoalliance.org/specs/fido-v2.1-ps-20210615/fido-client-to-authenticator-protocol-v2.1-ps-20210615.html#sctn-hmac-secret-extension
const size_t hmacSecretOutputLength = 32;
const size_t hmacSecretDualOutputLength = 64;

// https://www.w3.org/TR/webauthn/#none-attestation
const char noneAttestationValue[] = "none";

// https://www.w3.org/TR/webauthn-1/#dom-collectedclientdata-type
enum class ClientDataType : bool {
    Create,
    Get
};

enum class ShouldZeroAAGUID : bool {
    No,
    Yes
};

#if defined(__OBJC__)
NSString * const LocalAuthenticatorAccessGroup = @"com.apple.webkit.webauthn";
#endif

// Credential serialization
constexpr const char privateKeyKey[] = "priv";
constexpr const char keyTypeKey[] = "key_type";
constexpr const char keySizeKey[] = "key_size";
constexpr const char relyingPartyKey[] = "rp";
constexpr const char applicationTagKey[] = "tag";

constexpr auto authenticatorTransportUsb = "usb"_s;
constexpr auto authenticatorTransportNfc = "nfc"_s;
constexpr auto authenticatorTransportBle = "ble"_s;
constexpr auto authenticatorTransportInternal = "internal"_s;
constexpr auto authenticatorTransportCable = "cable"_s;
constexpr auto authenticatorTransportSmartCard = "smart-card"_s;
constexpr auto authenticatorTransportHybrid = "hybrid"_s;


} // namespace WebCore

namespace WebAuthn {

enum class Scope {
    CrossOrigin,
    SameOrigin,
    SameSite
};

// https://www.w3.org/TR/webauthn-2/#authenticator-data
constexpr uint8_t userPresenceFlag = 0b00000001;
constexpr uint8_t userVerifiedFlag = 0b00000100;
constexpr uint8_t attestedCredentialDataIncludedFlag = 0b01000000;
constexpr uint8_t extensionDataIncludedFlag = 0b10000000;
// https://github.com/w3c/webauthn/pull/1695
constexpr uint8_t backupEligibilityFlag = 0b00001000;
constexpr uint8_t backupStateFlag = 0b00010000;

} // namespace WebAuthn