[Mac] Layout Test http/wpt/webauthn/public-key-credential-create-success-hid.https...
[WebKit-https.git] / Source / WebKit / UIProcess / WebAuthentication / Mock / MockHidConnection.cpp
1 /*
2  * Copyright (C) 2018 Apple Inc. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
14  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
15  * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
17  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
18  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
19  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
21  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
22  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
23  * THE POSSIBILITY OF SUCH DAMAGE.
24  */
25
26 #include "config.h"
27 #include "MockHidConnection.h"
28
29 #if ENABLE(WEB_AUTHN) && PLATFORM(MAC)
30
31 #include <WebCore/AuthenticatorGetInfoResponse.h>
32 #include <WebCore/CBORReader.h>
33 #include <WebCore/FidoConstants.h>
34 #include <WebCore/WebAuthenticationConstants.h>
35 #include <wtf/BlockPtr.h>
36 #include <wtf/CryptographicallyRandomNumber.h>
37 #include <wtf/RunLoop.h>
38 #include <wtf/text/Base64.h>
39
40 namespace WebKit {
41 using Mock = MockWebAuthenticationConfiguration::Hid;
42 using namespace WebCore;
43 using namespace cbor;
44 using namespace fido;
45
46 namespace MockHidConnectionInternal {
47 // https://fidoalliance.org/specs/fido-v2.0-ps-20170927/fido-client-to-authenticator-protocol-v2.0-ps-20170927.html#mandatory-commands
48 const size_t CtapChannelIdSize = 4;
49 const uint8_t CtapKeepAliveStatusProcessing = 1;
50 // https://fidoalliance.org/specs/fido-v2.0-ps-20170927/fido-client-to-authenticator-protocol-v2.0-ps-20170927.html#commands
51 const int64_t CtapMakeCredentialRequestOptionsKey = 7;
52 const int64_t CtapGetAssertionRequestOptionsKey = 5;
53 }
54
55 MockHidConnection::MockHidConnection(IOHIDDeviceRef device, const MockWebAuthenticationConfiguration& configuration)
56     : HidConnection(device)
57     , m_configuration(configuration)
58 {
59 }
60
61 void MockHidConnection::initialize()
62 {
63     m_initialized = true;
64 }
65
66 void MockHidConnection::terminate()
67 {
68     m_terminated = true;
69 }
70
71 void MockHidConnection::send(Vector<uint8_t>&& data, DataSentCallback&& callback)
72 {
73     // FIXME(192061): Remove all LOG_ERRORs.
74     LOG_ERROR("Sending data: Phase 1. Current time: %f.", MonotonicTime::now().secondsSinceEpoch().value());
75     ASSERT(m_initialized);
76     auto task = makeBlockPtr([weakThis = makeWeakPtr(*this), data = WTFMove(data), callback = WTFMove(callback)]() mutable {
77         ASSERT(!RunLoop::isMain());
78         LOG_ERROR("Sending data: Phase 2. Current time: %f.", MonotonicTime::now().secondsSinceEpoch().value());
79         RunLoop::main().dispatch([weakThis, data = WTFMove(data), callback = WTFMove(callback)]() mutable {
80             LOG_ERROR("Sending data: Phase 3. Current time: %f.", MonotonicTime::now().secondsSinceEpoch().value());
81             if (!weakThis) {
82                 callback(DataSent::No);
83                 return;
84             }
85
86             LOG_ERROR("Sending data: Phase 4. Current time: %f.", MonotonicTime::now().secondsSinceEpoch().value());
87             weakThis->assembleRequest(WTFMove(data));
88
89             LOG_ERROR("Sending data: Phase 5. Current time: %f.", MonotonicTime::now().secondsSinceEpoch().value());
90             auto sent = DataSent::Yes;
91             if (weakThis->stagesMatch() && weakThis->m_configuration.hid->error == Mock::Error::DataNotSent)
92                 sent = DataSent::No;
93             callback(sent);
94         });
95     });
96     dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0), task.get());
97 }
98
99 void MockHidConnection::registerDataReceivedCallbackInternal()
100 {
101     if (stagesMatch() && m_configuration.hid->error == Mock::Error::EmptyReport) {
102         receiveReport({ });
103         shouldContinueFeedReports();
104         return;
105     }
106     if (!m_configuration.hid->fastDataArrival)
107         feedReports();
108 }
109
110 void MockHidConnection::assembleRequest(Vector<uint8_t>&& data)
111 {
112     if (!m_requestMessage) {
113         m_requestMessage = FidoHidMessage::createFromSerializedData(data);
114         ASSERT(m_requestMessage);
115     } else {
116         auto status = m_requestMessage->addContinuationPacket(data);
117         ASSERT_UNUSED(status, status);
118     }
119
120     if (m_requestMessage->messageComplete())
121         parseRequest();
122 }
123
124 void MockHidConnection::parseRequest()
125 {
126     using namespace MockHidConnectionInternal;
127
128     ASSERT(m_requestMessage);
129     // Set stages.
130     if (m_requestMessage->cmd() == FidoHidDeviceCommand::kInit) {
131         auto previousSubStage = m_subStage;
132         m_subStage = Mock::SubStage::Init;
133         if (previousSubStage == Mock::SubStage::Msg)
134             m_stage = Mock::Stage::Request;
135     }
136     if (m_requestMessage->cmd() == FidoHidDeviceCommand::kCbor || m_requestMessage->cmd() == FidoHidDeviceCommand::kMsg)
137         m_subStage = Mock::SubStage::Msg;
138
139     if (m_stage == Mock::Stage::Request && m_subStage == Mock::SubStage::Msg) {
140         // Make sure we issue different msg cmd for CTAP and U2F.
141         ASSERT(m_configuration.hid->isU2f ^ (m_requestMessage->cmd() != FidoHidDeviceCommand::kMsg));
142
143         // Set options.
144         if (m_requestMessage->cmd() == FidoHidDeviceCommand::kCbor) {
145             m_requireResidentKey = false;
146             m_requireUserVerification = false;
147
148             auto payload = m_requestMessage->getMessagePayload();
149             ASSERT(payload.size());
150             auto cmd = static_cast<CtapRequestCommand>(payload[0]);
151             payload.remove(0);
152             auto requestMap = CBORReader::read(payload);
153             ASSERT(requestMap);
154
155             if (cmd == CtapRequestCommand::kAuthenticatorMakeCredential) {
156                 auto it = requestMap->getMap().find(CBORValue(CtapMakeCredentialRequestOptionsKey)); // Find options.
157                 if (it != requestMap->getMap().end()) {
158                     auto& optionMap = it->second.getMap();
159
160                     auto itr = optionMap.find(CBORValue(kResidentKeyMapKey));
161                     if (itr != optionMap.end())
162                         m_requireResidentKey = itr->second.getBool();
163
164                     itr = optionMap.find(CBORValue(kUserVerificationMapKey));
165                     if (itr != optionMap.end())
166                         m_requireUserVerification = itr->second.getBool();
167                 }
168             }
169
170             if (cmd == CtapRequestCommand::kAuthenticatorGetAssertion) {
171                 auto it = requestMap->getMap().find(CBORValue(CtapGetAssertionRequestOptionsKey)); // Find options.
172                 if (it != requestMap->getMap().end()) {
173                     auto& optionMap = it->second.getMap();
174                     auto itr = optionMap.find(CBORValue(kUserVerificationMapKey));
175                     if (itr != optionMap.end())
176                         m_requireUserVerification = itr->second.getBool();
177                 }
178             }
179         }
180     }
181
182     // Store nonce.
183     if (m_subStage == Mock::SubStage::Init) {
184         m_nonce = m_requestMessage->getMessagePayload();
185         ASSERT(m_nonce.size() == kHidInitNonceLength);
186     }
187
188     m_currentChannel = m_requestMessage->channelId();
189     m_requestMessage = WTF::nullopt;
190     if (m_configuration.hid->fastDataArrival)
191         feedReports();
192 }
193
194 void MockHidConnection::feedReports()
195 {
196     using namespace MockHidConnectionInternal;
197
198     if (m_subStage == Mock::SubStage::Init) {
199         Vector<uint8_t> payload;
200         payload.reserveInitialCapacity(kHidInitResponseSize);
201         payload.appendVector(m_nonce);
202         if (stagesMatch() && m_configuration.hid->error == Mock::Error::WrongNonce)
203             payload[0]--;
204         payload.grow(kHidInitResponseSize);
205         cryptographicallyRandomValues(payload.data() + payload.size(), CtapChannelIdSize);
206         auto channel = kHidBroadcastChannel;
207         if (stagesMatch() && m_configuration.hid->error == Mock::Error::WrongChannelId)
208             channel--;
209         FidoHidInitPacket initPacket(channel, FidoHidDeviceCommand::kInit, WTFMove(payload), payload.size());
210         receiveReport(initPacket.getSerializedData());
211         shouldContinueFeedReports();
212         return;
213     }
214
215     Optional<FidoHidMessage> message;
216     if (m_stage == Mock::Stage::Info && m_subStage == Mock::SubStage::Msg) {
217         auto infoData = encodeAsCBOR(AuthenticatorGetInfoResponse({ ProtocolVersion::kCtap }, Vector<uint8_t>(aaguidLength, 0u)));
218         infoData.insert(0, static_cast<uint8_t>(CtapDeviceResponseCode::kSuccess)); // Prepend status code.
219         if (stagesMatch() && m_configuration.hid->error == Mock::Error::WrongChannelId)
220             message = FidoHidMessage::create(m_currentChannel - 1, FidoHidDeviceCommand::kCbor, infoData);
221         else {
222             if (!m_configuration.hid->isU2f)
223                 message = FidoHidMessage::create(m_currentChannel, FidoHidDeviceCommand::kCbor, infoData);
224             else
225                 message = FidoHidMessage::create(m_currentChannel, FidoHidDeviceCommand::kError, { static_cast<uint8_t>(CtapDeviceResponseCode::kCtap1ErrInvalidCommand) });
226         }
227     }
228
229     if (m_stage == Mock::Stage::Request && m_subStage == Mock::SubStage::Msg) {
230         if (m_configuration.hid->keepAlive) {
231             m_configuration.hid->keepAlive = false;
232             FidoHidInitPacket initPacket(m_currentChannel, FidoHidDeviceCommand::kKeepAlive, { CtapKeepAliveStatusProcessing }, 1);
233             receiveReport(initPacket.getSerializedData());
234             continueFeedReports();
235             return;
236         }
237         if (stagesMatch() && m_configuration.hid->error == Mock::Error::UnsupportedOptions && (m_requireResidentKey || m_requireUserVerification))
238             message = FidoHidMessage::create(m_currentChannel, FidoHidDeviceCommand::kCbor, { static_cast<uint8_t>(CtapDeviceResponseCode::kCtap2ErrUnsupportedOption) });
239         else {
240             Vector<uint8_t> payload;
241             ASSERT(!m_configuration.hid->payloadBase64.isEmpty());
242             auto status = base64Decode(m_configuration.hid->payloadBase64[0], payload);
243             m_configuration.hid->payloadBase64.remove(0);
244             ASSERT_UNUSED(status, status);
245             if (!m_configuration.hid->isU2f)
246                 message = FidoHidMessage::create(m_currentChannel, FidoHidDeviceCommand::kCbor, payload);
247             else
248                 message = FidoHidMessage::create(m_currentChannel, FidoHidDeviceCommand::kMsg, payload);
249         }
250     }
251
252     ASSERT(message);
253     bool isFirst = true;
254     while (message->numPackets()) {
255         auto report = message->popNextPacket();
256         if (!isFirst && stagesMatch() && m_configuration.hid->error == Mock::Error::WrongChannelId)
257             report = FidoHidContinuationPacket(m_currentChannel - 1, 0, { }).getSerializedData();
258         // Packets are feed asynchronously to mimic actual data transmission.
259         RunLoop::main().dispatch([report = WTFMove(report), weakThis = makeWeakPtr(*this)]() mutable {
260             if (!weakThis)
261                 return;
262             weakThis->receiveReport(WTFMove(report));
263         });
264         isFirst = false;
265     }
266 }
267
268 bool MockHidConnection::stagesMatch() const
269 {
270     return m_configuration.hid->stage == m_stage && m_configuration.hid->subStage == m_subStage;
271 }
272
273 void MockHidConnection::shouldContinueFeedReports()
274 {
275     if (!m_configuration.hid->continueAfterErrorData)
276         return;
277     m_configuration.hid->continueAfterErrorData = false;
278     m_configuration.hid->error = Mock::Error::Success;
279     continueFeedReports();
280 }
281
282 void MockHidConnection::continueFeedReports()
283 {
284     // Send actual response for the next run.
285     RunLoop::main().dispatch([weakThis = makeWeakPtr(*this)]() mutable {
286         if (!weakThis)
287             return;
288         weakThis->feedReports();
289     });
290 }
291
292 } // namespace WebKit
293
294 #endif // ENABLE(WEB_AUTHN) && PLATFORM(MAC)