AuthenticatorAttestationResponse.cpp

Enable keyboard shortcuts

/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */

/* vim: set ts=8 sts=2 et sw=2 tw=80: */

/* This Source Code Form is subject to the terms of the Mozilla Public

 * License, v. 2.0. If a copy of the MPL was not distributed with this

 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#include "AuthrsBridge_ffi.h"

#include "mozilla/Base64.h"

#include "mozilla/HoldDropJSObjects.h"

#include "mozilla/dom/AuthenticatorAttestationResponse.h"

#include "mozilla/dom/WebAuthenticationBinding.h"

namespace mozilla::dom {

NS_IMPL_CYCLE_COLLECTION_CLASS(AuthenticatorAttestationResponse)

NS_IMPL_CYCLE_COLLECTION_UNLINK_BEGIN_INHERITED(

    AuthenticatorAttestationResponse, AuthenticatorResponse)

  tmp->mAttestationObjectCachedObj = nullptr;

NS_IMPL_CYCLE_COLLECTION_UNLINK_END

NS_IMPL_CYCLE_COLLECTION_TRACE_BEGIN_INHERITED(AuthenticatorAttestationResponse,

                                               AuthenticatorResponse)

  NS_IMPL_CYCLE_COLLECTION_TRACE_PRESERVED_WRAPPER

  NS_IMPL_CYCLE_COLLECTION_TRACE_JS_MEMBER_CALLBACK(mAttestationObjectCachedObj)

NS_IMPL_CYCLE_COLLECTION_TRACE_END

NS_IMPL_CYCLE_COLLECTION_TRAVERSE_BEGIN_INHERITED(

    AuthenticatorAttestationResponse, AuthenticatorResponse)

NS_IMPL_CYCLE_COLLECTION_TRAVERSE_END

NS_IMPL_ADDREF_INHERITED(AuthenticatorAttestationResponse,

                         AuthenticatorResponse)

NS_IMPL_RELEASE_INHERITED(AuthenticatorAttestationResponse,

                          AuthenticatorResponse)

NS_INTERFACE_MAP_BEGIN_CYCLE_COLLECTION(AuthenticatorAttestationResponse)

NS_INTERFACE_MAP_END_INHERITING(AuthenticatorResponse)

AuthenticatorAttestationResponse::AuthenticatorAttestationResponse(

    nsPIDOMWindowInner* aParent)

    : AuthenticatorResponse(aParent), mAttestationObjectCachedObj(nullptr) {

  mozilla::HoldJSObjects(this);

AuthenticatorAttestationResponse::~AuthenticatorAttestationResponse() {

  mozilla::DropJSObjects(this);

JSObject* AuthenticatorAttestationResponse::WrapObject(

    JSContext* aCx, JS::Handle<JSObject*> aGivenProto) {

  return AuthenticatorAttestationResponse_Binding::Wrap(aCx, this, aGivenProto);

void AuthenticatorAttestationResponse::GetAttestationObject(

    JSContext* aCx, JS::MutableHandle<JSObject*> aValue, ErrorResult& aRv) {

  if (!mAttestationObjectCachedObj) {

    mAttestationObjectCachedObj =

        ArrayBuffer::Create(aCx, mAttestationObject, aRv);

    if (aRv.Failed()) {

      return;

  aValue.set(mAttestationObjectCachedObj);

void AuthenticatorAttestationResponse::SetAttestationObject(

    const nsTArray<uint8_t>& aBuffer) {

  mAttestationObject.Assign(aBuffer);

void AuthenticatorAttestationResponse::GetTransports(

    nsTArray<nsString>& aTransports) {

  aTransports.Assign(mTransports);

void AuthenticatorAttestationResponse::SetTransports(

    const nsTArray<nsString>& aTransports) {

  mTransports.Assign(aTransports);

nsresult AuthenticatorAttestationResponse::GetAuthenticatorDataBytes(

    nsTArray<uint8_t>& aAuthenticatorData) {

  if (!mAttestationObjectParsed) {

    nsresult rv = authrs_webauthn_att_obj_constructor(

        mAttestationObject, /* anonymize */ false,

        getter_AddRefs(mAttestationObjectParsed));

    if (NS_FAILED(rv)) {

      return rv;

  nsresult rv =

      mAttestationObjectParsed->GetAuthenticatorData(aAuthenticatorData);

  if (NS_FAILED(rv)) {

    return rv;

  return NS_OK;

void AuthenticatorAttestationResponse::GetAuthenticatorData(

    JSContext* aCx, JS::MutableHandle<JSObject*> aValue, ErrorResult& aRv) {

  nsTArray<uint8_t> authenticatorData;

  nsresult rv = GetAuthenticatorDataBytes(authenticatorData);

  if (NS_FAILED(rv)) {

    aRv.Throw(rv);

    return;

  JS::Heap<JSObject*> buffer(ArrayBuffer::Create(aCx, authenticatorData, aRv));

  if (aRv.Failed()) {

    return;

  aValue.set(buffer);

nsresult AuthenticatorAttestationResponse::GetPublicKeyBytes(

    nsTArray<uint8_t>& aPublicKeyBytes) {

  if (!mAttestationObjectParsed) {

    nsresult rv = authrs_webauthn_att_obj_constructor(

        mAttestationObject, /* anonymize */ false,

        getter_AddRefs(mAttestationObjectParsed));

    if (NS_FAILED(rv)) {

      return rv;

  nsresult rv = mAttestationObjectParsed->GetPublicKey(aPublicKeyBytes);

  if (NS_FAILED(rv)) {

    return rv;

  return NS_OK;

void AuthenticatorAttestationResponse::GetPublicKey(

    JSContext* aCx, JS::MutableHandle<JSObject*> aValue, ErrorResult& aRv) {

  nsTArray<uint8_t> publicKey;

  nsresult rv = GetPublicKeyBytes(publicKey);

  if (NS_FAILED(rv)) {

    if (rv == NS_ERROR_NOT_AVAILABLE) {

      aValue.set(nullptr);

    } else {

      aRv.Throw(NS_ERROR_OUT_OF_MEMORY);

    return;

  JS::Heap<JSObject*> buffer(ArrayBuffer::Create(aCx, publicKey, aRv));

  if (aRv.Failed()) {

    return;

  aValue.set(buffer);

COSEAlgorithmIdentifier AuthenticatorAttestationResponse::GetPublicKeyAlgorithm(

    ErrorResult& aRv) {

  if (!mAttestationObjectParsed) {

    nsresult rv = authrs_webauthn_att_obj_constructor(

        mAttestationObject, false, getter_AddRefs(mAttestationObjectParsed));

    if (NS_FAILED(rv)) {

      aRv.Throw(rv);

      return 0;

  COSEAlgorithmIdentifier alg;

  mAttestationObjectParsed->GetPublicKeyAlgorithm(&alg);

  return alg;

void AuthenticatorAttestationResponse::ToJSON(

    AuthenticatorAttestationResponseJSON& aJSON, ErrorResult& aError) {

  nsAutoCString clientDataJSONBase64;

  nsresult rv = Base64URLEncode(

      mClientDataJSON.Length(),

      reinterpret_cast<const uint8_t*>(mClientDataJSON.get()),

      mozilla::Base64URLEncodePaddingPolicy::Omit, clientDataJSONBase64);

  // This will only fail if the length is so long that it overflows 32-bits

  // when calculating the encoded size.

  if (NS_FAILED(rv)) {

    aError.ThrowDataError("clientDataJSON too long");

    return;

  aJSON.mClientDataJSON.Assign(NS_ConvertUTF8toUTF16(clientDataJSONBase64));

  nsTArray<uint8_t> authenticatorData;

  rv = GetAuthenticatorDataBytes(authenticatorData);

  if (NS_FAILED(rv)) {

    aError.ThrowUnknownError("could not get authenticatorData");

    return;

  nsAutoCString authenticatorDataBase64;

  rv = Base64URLEncode(authenticatorData.Length(), authenticatorData.Elements(),

                       mozilla::Base64URLEncodePaddingPolicy::Omit,

                       authenticatorDataBase64);

  if (NS_FAILED(rv)) {

    aError.ThrowDataError("authenticatorData too long");

    return;

  aJSON.mAuthenticatorData.Assign(

      NS_ConvertUTF8toUTF16(authenticatorDataBase64));

  if (!aJSON.mTransports.Assign(mTransports, mozilla::fallible)) {

    aError.Throw(NS_ERROR_OUT_OF_MEMORY);

    return;

  nsTArray<uint8_t> publicKeyBytes;

  rv = GetPublicKeyBytes(publicKeyBytes);

  if (NS_SUCCEEDED(rv)) {

    nsAutoCString publicKeyBytesBase64;

    rv = Base64URLEncode(publicKeyBytes.Length(), publicKeyBytes.Elements(),

                         mozilla::Base64URLEncodePaddingPolicy::Omit,

                         publicKeyBytesBase64);

    if (NS_FAILED(rv)) {

      aError.ThrowDataError("publicKey too long");

      return;

    aJSON.mPublicKey.Construct(NS_ConvertUTF8toUTF16(publicKeyBytesBase64));

  } else if (rv != NS_ERROR_NOT_AVAILABLE) {

    aError.ThrowUnknownError("could not get publicKey");

    return;

  COSEAlgorithmIdentifier publicKeyAlgorithm = GetPublicKeyAlgorithm(aError);

  if (aError.Failed()) {

    aError.ThrowUnknownError("could not get publicKeyAlgorithm");

    return;

  aJSON.mPublicKeyAlgorithm = publicKeyAlgorithm;

  nsAutoCString attestationObjectBase64;

  rv = Base64URLEncode(

      mAttestationObject.Length(), mAttestationObject.Elements(),

      mozilla::Base64URLEncodePaddingPolicy::Omit, attestationObjectBase64);

  if (NS_FAILED(rv)) {

    aError.ThrowDataError("attestationObject too long");

    return;

  aJSON.mAttestationObject.Assign(

      NS_ConvertUTF8toUTF16(attestationObjectBase64));

}  // namespace mozilla::dom