1 // Copyright 2020 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #ifndef DEVICE_FIDO_CLIENT_DATA_H_
6 #define DEVICE_FIDO_CLIENT_DATA_H_
7
8 #include <stdint.h>
9
10 #include <string>
11 #include <vector>
12
13 #include "base/containers/span.h"
14 #include "base/strings/string_piece.h"
15 #include "components/cbor/values.h"
16 #include "url/origin.h"
17
18 namespace device {
19
20 // Builds the CollectedClientData[1] dictionary with the given values,
21 // serializes it to JSON, and returns the resulting string. For legacy U2F
22 // requests coming from the CryptoToken U2F extension, modifies the object key
23 // 'type' as required[2].
24 // [1] https://w3c.github.io/webauthn/#dictdef-collectedclientdata
25 // [2]
26 // https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-raw-message-formats-v1.2-ps-20170411.html#client-data
27 COMPONENT_EXPORT(DEVICE_FIDO)
28 std::string SerializeCollectedClientDataToJson(
29 const std::string& type,
30 const std::string& origin,
31 base::span<const uint8_t> challenge,
32 bool is_cross_origin,
33 bool use_legacy_u2f_type_key = false);
34
35 // AndroidClientDataExtensionInput contains data for an extension sent to the
36 // Clank caBLEv2 authenticator that are required due to the Android FIDO API not
37 // supporting the CTAP2 clientDataHash input parameter.
COMPONENT_EXPORT(DEVICE_FIDO)38 struct COMPONENT_EXPORT(DEVICE_FIDO) AndroidClientDataExtensionInput {
39 static base::Optional<AndroidClientDataExtensionInput> Parse(
40 const cbor::Value& value);
41
42 AndroidClientDataExtensionInput();
43 AndroidClientDataExtensionInput(std::string type,
44 url::Origin origin,
45 std::vector<uint8_t> challenge);
46 AndroidClientDataExtensionInput(const AndroidClientDataExtensionInput&);
47 AndroidClientDataExtensionInput(AndroidClientDataExtensionInput&&);
48
49 AndroidClientDataExtensionInput& operator=(
50 const AndroidClientDataExtensionInput&);
51 AndroidClientDataExtensionInput& operator=(AndroidClientDataExtensionInput&&);
52
53 ~AndroidClientDataExtensionInput();
54
55 std::string type;
56 url::Origin origin;
57 std::vector<uint8_t> challenge;
58 };
59
60 cbor::Value AsCBOR(const AndroidClientDataExtensionInput& ext);
61
62 bool IsValidAndroidClientDataJSON(
63 const device::AndroidClientDataExtensionInput& extension_input,
64 base::StringPiece android_client_data_json);
65
66 } // namespace device
67
68 #endif // DEVICE_FIDO_CLIENT_DATA_H_
69