Skip to content

Commit 3268793

Browse files
emlunemlun
committed
Convert clientDataJson to bytes earlier in TestAuthenticator
1 parent 6b18623 commit 3268793

File tree

2 files changed

+29
-34
lines changed

2 files changed

+29
-34
lines changed

webauthn-server-core/src/test/scala/com/yubico/webauthn/RelyingPartyRegistrationSpec.scala

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2160,9 +2160,7 @@ class RelyingPartyRegistrationSpec
21602160
TestAuthenticator.createCredential(
21612161
authDataBytes = authData,
21622162
credentialKeypair = credentialKeypair,
2163-
clientDataJson = clientDataJson.getOrElse(
2164-
TestAuthenticator.createClientData()
2165-
),
2163+
clientDataJson = clientDataJson,
21662164
attestationMaker = AttestationMaker.tpm(
21672165
cert = AttestationSigner.ca(
21682166
alg = COSEAlgorithmIdentifier.ES256,

webauthn-server-core/src/test/scala/com/yubico/webauthn/TestAuthenticator.scala

Lines changed: 28 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -146,13 +146,13 @@ object TestAuthenticator {
146146
val format: String
147147
def makeAttestationStatement(
148148
authDataBytes: ByteArray,
149-
clientDataJson: String,
149+
clientDataJson: ByteArray,
150150
): JsonNode
151151
def certChain: List[(X509Certificate, PrivateKey)] = Nil
152152

153153
def makeAttestationObjectBytes(
154154
authDataBytes: ByteArray,
155-
clientDataJson: String,
155+
clientDataJson: ByteArray,
156156
): ByteArray = {
157157
val f = JsonNodeFactory.instance
158158
val attObj = f
@@ -177,7 +177,7 @@ object TestAuthenticator {
177177
override def certChain = signer.certChain
178178
override def makeAttestationStatement(
179179
authDataBytes: ByteArray,
180-
clientDataJson: String,
180+
clientDataJson: ByteArray,
181181
): JsonNode =
182182
makePackedAttestationStatement(authDataBytes, clientDataJson, signer)
183183
}
@@ -188,7 +188,7 @@ object TestAuthenticator {
188188
override def certChain = signer.certChain
189189
override def makeAttestationStatement(
190190
authDataBytes: ByteArray,
191-
clientDataJson: String,
191+
clientDataJson: ByteArray,
192192
): JsonNode =
193193
makeU2fAttestationStatement(authDataBytes, clientDataJson, signer)
194194
}
@@ -202,7 +202,7 @@ object TestAuthenticator {
202202
override def certChain = cert.certChain
203203
override def makeAttestationStatement(
204204
authDataBytes: ByteArray,
205-
clientDataJson: String,
205+
clientDataJson: ByteArray,
206206
): JsonNode =
207207
makeAndroidSafetynetAttestationStatement(
208208
authDataBytes,
@@ -230,7 +230,7 @@ object TestAuthenticator {
230230
override val format = "apple"
231231
override def makeAttestationStatement(
232232
authDataBytes: ByteArray,
233-
clientDataJson: String,
233+
clientDataJson: ByteArray,
234234
): JsonNode =
235235
makeAppleAttestationStatement(
236236
caCert,
@@ -264,7 +264,7 @@ object TestAuthenticator {
264264
override def certChain = cert.certChain
265265
override def makeAttestationStatement(
266266
authDataBytes: ByteArray,
267-
clientDataJson: String,
267+
clientDataJson: ByteArray,
268268
): JsonNode =
269269
makeTpmAttestationStatement(
270270
authDataBytes,
@@ -287,7 +287,7 @@ object TestAuthenticator {
287287
override def certChain = Nil
288288
override def makeAttestationStatement(
289289
authDataBytes: ByteArray,
290-
clientDataJson: String,
290+
clientDataJson: ByteArray,
291291
): JsonNode =
292292
makeNoneAttestationStatement()
293293
}
@@ -458,9 +458,9 @@ object TestAuthenticator {
458458

459459
def createCredential(
460460
authDataBytes: ByteArray,
461-
clientDataJson: String,
462461
credentialKeypair: KeyPair,
463462
attestationMaker: AttestationMaker,
463+
clientDataJson: Option[String] = None,
464464
clientExtensions: ClientRegistrationExtensionOutputs =
465465
ClientRegistrationExtensionOutputs.builder().build(),
466466
): (
@@ -472,10 +472,15 @@ object TestAuthenticator {
472472
List[(X509Certificate, PrivateKey)],
473473
) = {
474474

475-
val clientDataJsonBytes = toBytes(clientDataJson)
475+
val clientDataJsonBytes = toBytes(
476+
clientDataJson.getOrElse(createClientData())
477+
)
476478

477479
val attestationObjectBytes =
478-
attestationMaker.makeAttestationObjectBytes(authDataBytes, clientDataJson)
480+
attestationMaker.makeAttestationObjectBytes(
481+
authDataBytes,
482+
clientDataJsonBytes,
483+
)
479484

480485
val response = AuthenticatorAttestationResponse
481486
.builder()
@@ -517,7 +522,6 @@ object TestAuthenticator {
517522
createCredential(
518523
authDataBytes = authData,
519524
credentialKeypair = credentialKeypair,
520-
clientDataJson = createClientData(),
521525
attestationMaker = attestationMaker,
522526
)
523527
}
@@ -539,7 +543,6 @@ object TestAuthenticator {
539543
val signer = SelfAttestation(keypair, keyAlgorithm)
540544
createCredential(
541545
authDataBytes = authData,
542-
clientDataJson = createClientData(),
543546
credentialKeypair = keypair,
544547
attestationMaker = attestationMaker(signer),
545548
)
@@ -563,7 +566,7 @@ object TestAuthenticator {
563566
)
564567
createCredential(
565568
authDataBytes = authData,
566-
clientDataJson = createClientData(challenge = challenge),
569+
clientDataJson = Some(createClientData(challenge = challenge)),
567570
credentialKeypair = keypair,
568571
attestationMaker = AttestationMaker.none(),
569572
)
@@ -678,14 +681,14 @@ object TestAuthenticator {
678681

679682
def makeU2fAttestationStatement(
680683
authDataBytes: ByteArray,
681-
clientDataJson: String,
684+
clientDataJson: ByteArray,
682685
signer: AttestationSigner,
683686
): JsonNode = {
684687
val authData = new AuthenticatorData(authDataBytes)
685688

686689
def makeSignedData(
687690
rpIdHash: ByteArray,
688-
clientDataJson: String,
691+
clientDataJson: ByteArray,
689692
credentialId: ByteArray,
690693
credentialPublicKeyRawBytes: ByteArray,
691694
): ByteArray = {
@@ -732,7 +735,7 @@ object TestAuthenticator {
732735

733736
def makePackedAttestationStatement(
734737
authDataBytes: ByteArray,
735-
clientDataJson: String,
738+
clientDataJson: ByteArray,
736739
signer: AttestationSigner,
737740
): JsonNode = {
738741
val signedData = new ByteArray(
@@ -766,7 +769,7 @@ object TestAuthenticator {
766769

767770
def makeAndroidSafetynetAttestationStatement(
768771
authDataBytes: ByteArray,
769-
clientDataJson: String,
772+
clientDataJson: ByteArray,
770773
cert: AttestationCert,
771774
ctsProfileMatch: Boolean = true,
772775
): JsonNode = {
@@ -834,15 +837,12 @@ object TestAuthenticator {
834837
caCert: X509Certificate,
835838
caKey: PrivateKey,
836839
authDataBytes: ByteArray,
837-
clientDataJson: String,
840+
clientDataJson: ByteArray,
838841
addNonceExtension: Boolean = true,
839842
nonceValue: Option[ByteArray] = None,
840843
certSubjectPublicKey: Option[PublicKey] = None,
841844
): JsonNode = {
842-
val clientDataJSON = new ByteArray(
843-
clientDataJson.getBytes(StandardCharsets.UTF_8)
844-
)
845-
val clientDataJsonHash = Crypto.sha256(clientDataJSON)
845+
val clientDataJsonHash = Crypto.sha256(clientDataJson)
846846
val nonceToHash = authDataBytes.concat(clientDataJsonHash)
847847
val nonce = Crypto.sha256(nonceToHash)
848848

@@ -895,7 +895,7 @@ object TestAuthenticator {
895895

896896
def makeTpmAttestationStatement(
897897
authDataBytes: ByteArray,
898-
clientDataJson: String,
898+
clientDataJson: ByteArray,
899899
cert: AttestationCert,
900900
ver: Option[String] = Some("2.0"),
901901
magic: ByteArray = TpmAttestationStatementVerifier.TPM_GENERATED_VALUE,
@@ -933,13 +933,10 @@ object TestAuthenticator {
933933
case TpmAlgHash.SHA512 => Crypto.sha512 _
934934
case TpmAlgHash.SHA1 => Crypto.sha1 _
935935
}
936-
val extraData = {
937-
hashFunc(
938-
authDataBytes concat Crypto.sha256(
939-
new ByteArray(clientDataJson.getBytes(StandardCharsets.UTF_8))
940-
)
941-
)
942-
}
936+
val extraData = hashFunc(
937+
authDataBytes concat Crypto.sha256(clientDataJson)
938+
)
939+
943940
val (parameters, unique) = WebAuthnTestCodecs.getCoseKty(cosePubkey) match {
944941
case 3 => { // RSA
945942
val cose = CBORObject.DecodeFromBytes(cosePubkey.getBytes)

0 commit comments

Comments
 (0)