Passkeys: Return authenticatorData and publicKeyAlgorithm to extension

tigerwill90 · Jun 15, 2024 · 7619416 · 7619416
1 parent 7c5d315
commit 7619416
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 5 deletions.
diff --git a/src/browser/BrowserPasskeys.cpp b/src/browser/BrowserPasskeys.cpp
@@ -103,12 +103,19 @@ PublicKeyCredential BrowserPasskeys::buildRegisterPublicKeyCredential(const QJso
         return {};
     }
 
+    // Authenticator data
+    const auto authenticatorData = buildAuthenticatorData(credentialCreationOptions["rp"]["id"].toString(), extensions);
+
     // Response
     QJsonObject responseObject;
     responseObject["attestationObject"] = browserMessageBuilder()->getBase64FromArray(attestationObject);
     responseObject["clientDataJSON"] = browserMessageBuilder()->getBase64FromJson(clientDataJson);
     responseObject["clientExtensionResults"] = credentialCreationOptions["clientExtensionResults"];
 
+    // Additions for extension side functions
+    responseObject["authenticatorData"] = browserMessageBuilder()->getBase64FromArray(authenticatorData);
+    responseObject["publicKeyAlgorithm"] = alg;
+
     // PublicKeyCredential
     QJsonObject publicKeyCredential;
     publicKeyCredential["authenticatorAttachment"] = authenticatorAttachment;
@@ -132,7 +139,8 @@ QJsonObject BrowserPasskeys::buildGetPublicKeyCredential(const QJsonObject& asse
         return {};
     }
 
-    const auto authenticatorData = buildAuthenticatorData(assertionOptions);
+    const auto authenticatorData =
+        buildAuthenticatorData(assertionOptions["rpId"].toString(), assertionOptions["extensions"].toString());
     const auto clientDataJson = assertionOptions["clientDataJson"].toObject();
     const auto clientDataArray = QJsonDocument(clientDataJson).toJson(QJsonDocument::Compact);
 
@@ -204,14 +212,13 @@ QByteArray BrowserPasskeys::buildAttestationObject(const QJsonObject& credential
 }
 
 // Build a short version of the attestation object for webauthn.get
-QByteArray BrowserPasskeys::buildAuthenticatorData(const QJsonObject& publicKey)
+QByteArray BrowserPasskeys::buildAuthenticatorData(const QString& rpId, const QString& extensions)
 {
     QByteArray result;
 
-    const auto rpIdHash = browserMessageBuilder()->getSha256Hash(publicKey["rpId"].toString());
+    const auto rpIdHash = browserMessageBuilder()->getSha256Hash(rpId);
     result.append(rpIdHash);
 
-    const auto extensions = publicKey["extensions"].toString();
     const auto flags = setFlagsFromJson(QJsonObject(
         {{"ED", !extensions.isEmpty()}, {"AT", false}, {"BS", false}, {"BE", false}, {"UV", true}, {"UP", true}}));
     result.append(flags);

diff --git a/src/browser/BrowserPasskeys.h b/src/browser/BrowserPasskeys.h
@@ -119,7 +119,7 @@ class BrowserPasskeys : public QObject
                                       const QString& credentialId,
                                       const QByteArray& cborEncodedPublicKey,
                                       const TestingVariables& predefinedVariables = {});
-    QByteArray buildAuthenticatorData(const QJsonObject& publicKey);
+    QByteArray buildAuthenticatorData(const QString& rpId, const QString& extensions);
     AttestationKeyPair buildCredentialPrivateKey(int alg,
                                                  const QString& predefinedFirst = QString(),
                                                  const QString& predefinedSecond = QString());