1 // Copyright 2017 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef DEVICE_FIDO_CTAP_GET_ASSERTION_REQUEST_H_ 6 #define DEVICE_FIDO_CTAP_GET_ASSERTION_REQUEST_H_ 7 8 #include <stdint.h> 9 10 #include <array> 11 #include <string> 12 #include <vector> 13 14 #include "base/component_export.h" 15 #include "base/containers/span.h" 16 #include "base/macros.h" 17 #include "base/optional.h" 18 #include "crypto/sha2.h" 19 #include "device/fido/cable/cable_discovery_data.h" 20 #include "device/fido/client_data.h" 21 #include "device/fido/fido_constants.h" 22 #include "device/fido/public_key_credential_descriptor.h" 23 24 namespace cbor { 25 class Value; 26 } 27 28 namespace device { 29 30 // Object that encapsulates request parameters for AuthenticatorGetAssertion as 31 // specified in the CTAP spec. 32 // https://fidoalliance.org/specs/fido-v2.0-rd-20161004/fido-client-to-authenticator-protocol-v2.0-rd-20161004.html#authenticatorgetassertion COMPONENT_EXPORT(DEVICE_FIDO)33struct COMPONENT_EXPORT(DEVICE_FIDO) CtapGetAssertionRequest { 34 public: 35 using ClientDataHash = std::array<uint8_t, kClientDataHashLength>; 36 37 // Decodes a CTAP2 authenticatorGetAssertion request message. The request's 38 // |client_data_json| will be empty and |client_data_hash| will be set. 39 // 40 // A |uv| bit of 0 is mapped to UserVerificationRequirement::kDiscouraged. 41 static base::Optional<CtapGetAssertionRequest> Parse( 42 const cbor::Value::MapValue& request_map); 43 44 CtapGetAssertionRequest(std::string rp_id, std::string client_data_json); 45 CtapGetAssertionRequest(const CtapGetAssertionRequest& that); 46 CtapGetAssertionRequest(CtapGetAssertionRequest&& that); 47 CtapGetAssertionRequest& operator=(const CtapGetAssertionRequest& other); 48 CtapGetAssertionRequest& operator=(CtapGetAssertionRequest&& other); 49 ~CtapGetAssertionRequest(); 50 51 std::string rp_id; 52 std::string client_data_json; 53 std::array<uint8_t, kClientDataHashLength> client_data_hash; 54 UserVerificationRequirement user_verification = 55 UserVerificationRequirement::kDiscouraged; 56 bool user_presence_required = true; 57 58 std::vector<PublicKeyCredentialDescriptor> allow_list; 59 base::Optional<std::vector<uint8_t>> pin_auth; 60 base::Optional<uint8_t> pin_protocol; 61 base::Optional<std::vector<CableDiscoveryData>> cable_extension; 62 base::Optional<std::string> app_id; 63 base::Optional<std::array<uint8_t, crypto::kSHA256Length>> 64 alternative_application_parameter; 65 66 bool is_incognito_mode = false; 67 bool is_u2f_only = false; 68 69 base::Optional<AndroidClientDataExtensionInput> android_client_data_ext; 70 }; 71 72 struct CtapGetNextAssertionRequest {}; 73 74 // Serializes GetAssertion request parameter into CBOR encoded map with 75 // integer keys and CBOR encoded values as defined by the CTAP spec. 76 // https://drafts.fidoalliance.org/fido-2/latest/fido-client-to-authenticator-protocol-v2.0-wd-20180305.html#authenticatorGetAssertion 77 COMPONENT_EXPORT(DEVICE_FIDO) 78 std::pair<CtapRequestCommand, base::Optional<cbor::Value>> 79 AsCTAPRequestValuePair(const CtapGetAssertionRequest&); 80 81 COMPONENT_EXPORT(DEVICE_FIDO) 82 std::pair<CtapRequestCommand, base::Optional<cbor::Value>> 83 AsCTAPRequestValuePair(const CtapGetNextAssertionRequest&); 84 85 } // namespace device 86 87 #endif // DEVICE_FIDO_CTAP_GET_ASSERTION_REQUEST_H_ 88