[WebAuthN] Use a real nonce for CTAPHID_INIT
authorjiewen_tan@apple.com <jiewen_tan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 15 Nov 2018 21:24:51 +0000 (21:24 +0000)
committerjiewen_tan@apple.com <jiewen_tan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 15 Nov 2018 21:24:51 +0000 (21:24 +0000)
commit373e727a24a9e3c2bdb0a8fe1703260f3f861dfd
tree3d3fb10d914bf89b920e9c70fb9407d72f1d897e
parent3219f4ca29a5c78b88ab93750162c989777ff3fb
[WebAuthN] Use a real nonce for CTAPHID_INIT
https://bugs.webkit.org/show_bug.cgi?id=191533
<rdar://problem/46103502>

Reviewed by Brent Fulgham.

Source/WebCore:

New tests are added into existing test files.

* Modules/webauthn/fido/FidoConstants.h:

Source/WebKit:

Use a real nonce for CTAPHID_INIT request according to:
https://fidoalliance.org/specs/fido-v2.0-ps-20170927/fido-client-to-authenticator-protocol-v2.0-ps-20170927.html#ctaphid_init-0x06.
The challenge here is the new transaction needs to start in the next runloop otherwise a dead lock will form:
wrong nonce -> new transaction -> new nonce -> write init request -> read init response from last run as it
piped in the run loop -> wrong nonce of course -> ...
To break the above dead lock, we have to start the new transaction in the next run. However, that isn't
sufficient as the arrived init response will be piped in HidConnection::m_inputReports, which is designed
on purpose to store any data packets within (initialized, terminated) time interval to prevent data loss in
the case when HidConnection::registerDataReceivedCallback is called after the first data packet's arrival.
In order to break the dead lock completely, HidConnection::invalidateCache will bnnne called prior to every
send to delete any potential init response from last run. HidConnection::invalidateCache is not necessary
for other protocols though. The above scenario is more or less a design flaw in CTAP HID.

Of course, all above scenarios are covered in our mock tests.

* UIProcess/API/C/WKWebsiteDataStoreRef.cpp:
(WKWebsiteDataStoreSetWebAuthenticationMockConfiguration):
* UIProcess/WebAuthentication/Cocoa/HidConnection.h:
(WebKit::HidConnection::invalidateCache):
* UIProcess/WebAuthentication/Mock/MockHidConnection.cpp:
(WebKit::MockHidConnection::send):
(WebKit::MockHidConnection::parseRequest):
(WebKit::MockHidConnection::feedReports):
* UIProcess/WebAuthentication/Mock/MockHidConnection.h:
* UIProcess/WebAuthentication/Mock/MockWebAuthenticationConfiguration.h:
* UIProcess/WebAuthentication/fido/CtapHidDriver.cpp:
(WebKit::CtapHidDriver::Worker::transact):
(WebKit::CtapHidDriver::CtapHidDriver):
(WebKit::CtapHidDriver::transact):
(WebKit::CtapHidDriver::continueAfterChannelAllocated):
(WebKit::CtapHidDriver::returnResponse):
* UIProcess/WebAuthentication/fido/CtapHidDriver.h:

LayoutTests:

* http/wpt/webauthn/ctap-hid-failure.https-expected.txt:
* http/wpt/webauthn/ctap-hid-failure.https.html:
* http/wpt/webauthn/ctap-hid-success.https-expected.txt:
* http/wpt/webauthn/ctap-hid-success.https.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@238246 268f45cc-cd09-0410-ab3c-d52691b4dbfc
15 files changed:
LayoutTests/ChangeLog
LayoutTests/http/wpt/webauthn/ctap-hid-failure.https-expected.txt
LayoutTests/http/wpt/webauthn/ctap-hid-failure.https.html
LayoutTests/http/wpt/webauthn/ctap-hid-success.https-expected.txt
LayoutTests/http/wpt/webauthn/ctap-hid-success.https.html
Source/WebCore/ChangeLog
Source/WebCore/Modules/webauthn/fido/FidoConstants.h
Source/WebKit/ChangeLog
Source/WebKit/UIProcess/API/C/WKWebsiteDataStoreRef.cpp
Source/WebKit/UIProcess/WebAuthentication/Cocoa/HidConnection.h
Source/WebKit/UIProcess/WebAuthentication/Mock/MockHidConnection.cpp
Source/WebKit/UIProcess/WebAuthentication/Mock/MockHidConnection.h
Source/WebKit/UIProcess/WebAuthentication/Mock/MockWebAuthenticationConfiguration.h
Source/WebKit/UIProcess/WebAuthentication/fido/CtapHidDriver.cpp
Source/WebKit/UIProcess/WebAuthentication/fido/CtapHidDriver.h