Skip to content

Commit

Permalink
Rename userId to credentialId
Browse files Browse the repository at this point in the history
  • Loading branch information
varjolintu authored and droidmonkey committed Nov 9, 2023
1 parent 1126055 commit a3717c7
Show file tree
Hide file tree
Showing 7 changed files with 39 additions and 32 deletions.
20 changes: 11 additions & 9 deletions src/browser/BrowserPasskeys.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -61,8 +61,9 @@ PublicKeyCredential BrowserPasskeys::buildRegisterPublicKeyCredential(const QJso
const TestingVariables& testingVariables)
{
QJsonObject publicKeyCredential;
const auto id = testingVariables.credentialId.isEmpty() ? browserMessageBuilder()->getRandomBytesAsBase64(ID_BYTES)
: testingVariables.credentialId;
const auto credentialId = testingVariables.credentialId.isEmpty()
? browserMessageBuilder()->getRandomBytesAsBase64(ID_BYTES)
: testingVariables.credentialId;

// Extensions
auto extensionObject = publicKeyCredentialOptions["extensions"].toObject();
Expand All @@ -72,22 +73,23 @@ PublicKeyCredential BrowserPasskeys::buildRegisterPublicKeyCredential(const QJso
// Response
QJsonObject responseObject;
const auto clientData = buildClientDataJson(publicKeyCredentialOptions, origin, false);
const auto attestationObject = buildAttestationObject(publicKeyCredentialOptions, extensions, id, testingVariables);
const auto attestationObject =
buildAttestationObject(publicKeyCredentialOptions, extensions, credentialId, testingVariables);
responseObject["clientDataJSON"] = browserMessageBuilder()->getBase64FromJson(clientData);
responseObject["attestationObject"] = browserMessageBuilder()->getBase64FromArray(attestationObject.cborEncoded);

// PublicKeyCredential
publicKeyCredential["authenticatorAttachment"] = QString("platform");
publicKeyCredential["id"] = id;
publicKeyCredential["id"] = credentialId;
publicKeyCredential["response"] = responseObject;
publicKeyCredential["type"] = PUBLIC_KEY;

return {id, publicKeyCredential, attestationObject.pem};
return {credentialId, publicKeyCredential, attestationObject.pem};
}

QJsonObject BrowserPasskeys::buildGetPublicKeyCredential(const QJsonObject& publicKeyCredentialRequestOptions,
const QString& origin,
const QString& userId,
const QString& credentialId,
const QString& userHandle,
const QString& privateKeyPem)
{
Expand All @@ -104,7 +106,7 @@ QJsonObject BrowserPasskeys::buildGetPublicKeyCredential(const QJsonObject& publ

QJsonObject publicKeyCredential;
publicKeyCredential["authenticatorAttachment"] = QString("platform");
publicKeyCredential["id"] = userId;
publicKeyCredential["id"] = credentialId;
publicKeyCredential["response"] = responseObject;
publicKeyCredential["type"] = PUBLIC_KEY;

Expand Down Expand Up @@ -156,7 +158,7 @@ QJsonObject BrowserPasskeys::buildClientDataJson(const QJsonObject& publicKey, c
// https://w3c.github.io/webauthn/#attestation-object
PrivateKey BrowserPasskeys::buildAttestationObject(const QJsonObject& publicKey,
const QString& extensions,
const QString& id,
const QString& credentialId,
const TestingVariables& testingVariables)
{
QByteArray result;
Expand Down Expand Up @@ -188,7 +190,7 @@ PrivateKey BrowserPasskeys::buildAttestationObject(const QJsonObject& publicKey,

// Credential Id
result.append(QByteArray::fromBase64(
testingVariables.credentialId.isEmpty() ? id.toUtf8() : testingVariables.credentialId.toUtf8(),
testingVariables.credentialId.isEmpty() ? credentialId.toUtf8() : testingVariables.credentialId.toUtf8(),
QByteArray::Base64UrlEncoding));

// Credential private key
Expand Down
6 changes: 3 additions & 3 deletions src/browser/BrowserPasskeys.h
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ enum AuthenticatorFlags

struct PublicKeyCredential
{
QString id;
QString credentialId;
QJsonObject response;
QByteArray key;
};
Expand Down Expand Up @@ -87,7 +87,7 @@ class BrowserPasskeys : public QObject
const TestingVariables& predefinedVariables = {});
QJsonObject buildGetPublicKeyCredential(const QJsonObject& publicKeyCredentialRequestOptions,
const QString& origin,
const QString& userId,
const QString& credentialId,
const QString& userHandle,
const QString& privateKeyPem);
bool isUserVerificationValid(const QString& userVerification) const;
Expand All @@ -112,7 +112,7 @@ class BrowserPasskeys : public QObject
QJsonObject buildClientDataJson(const QJsonObject& publicKey, const QString& origin, bool get);
PrivateKey buildAttestationObject(const QJsonObject& publicKey,
const QString& extensions,
const QString& id,
const QString& credentialId,
const TestingVariables& predefinedVariables = {});
QByteArray buildGetAttestationObject(const QJsonObject& publicKey);
PrivateKey buildCredentialPrivateKey(int alg,
Expand Down
24 changes: 15 additions & 9 deletions src/browser/BrowserService.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -666,12 +666,18 @@ QJsonObject BrowserService::showPasskeysRegisterPrompt(const QJsonObject& public
rpId,
rpName,
username,
publicKeyCredentials.id,
publicKeyCredentials.credentialId,
userHandle,
publicKeyCredentials.key);
} else {
addPasskeyToGroup(
nullptr, origin, rpId, rpName, username, publicKeyCredentials.id, userHandle, publicKeyCredentials.key);
addPasskeyToGroup(nullptr,
origin,
rpId,
rpName,
username,
publicKeyCredentials.credentialId,
userHandle,
publicKeyCredentials.key);
}

hideWindow();
Expand Down Expand Up @@ -730,7 +736,7 @@ void BrowserService::addPasskeyToGroup(Group* group,
const QString& rpId,
const QString& rpName,
const QString& username,
const QString& userId,
const QString& credentialId,
const QString& userHandle,
const QString& privateKey)
{
Expand All @@ -751,7 +757,7 @@ void BrowserService::addPasskeyToGroup(Group* group,
entry->setUrl(url);
entry->setIcon(KEEPASSXCBROWSER_PASSKEY_ICON);

addPasskeyToEntry(entry, rpId, rpName, username, userId, userHandle, privateKey);
addPasskeyToEntry(entry, rpId, rpName, username, credentialId, userHandle, privateKey);

// Remove blank entry history
entry->removeHistoryItems(entry->historyItems());
Expand All @@ -761,7 +767,7 @@ void BrowserService::addPasskeyToEntry(Entry* entry,
const QString& rpId,
const QString& rpName,
const QString& username,
const QString& userId,
const QString& credentialId,
const QString& userHandle,
const QString& privateKey)
{
Expand All @@ -776,7 +782,7 @@ void BrowserService::addPasskeyToEntry(Entry* entry,
entry->beginUpdate();

entry->attributes()->set(BrowserPasskeys::KPEX_PASSKEY_USERNAME, username);
entry->attributes()->set(BrowserPasskeys::KPEX_PASSKEY_GENERATED_USER_ID, userId, true);
entry->attributes()->set(BrowserPasskeys::KPEX_PASSKEY_GENERATED_USER_ID, credentialId, true);
entry->attributes()->set(BrowserPasskeys::KPEX_PASSKEY_PRIVATE_KEY_PEM, privateKey, true);
entry->attributes()->set(BrowserPasskeys::KPEX_PASSKEY_RELYING_PARTY, rpId);
entry->attributes()->set(BrowserPasskeys::KPEX_PASSKEY_USER_HANDLE, userHandle, true);
Expand Down Expand Up @@ -1324,9 +1330,9 @@ QJsonObject
BrowserService::getPublicKeyCredentialFromEntry(const Entry* entry, const QJsonObject& publicKey, const QString& origin)
{
const auto privateKeyPem = entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_PRIVATE_KEY_PEM);
const auto userId = entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_GENERATED_USER_ID);
const auto credentialId = entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_GENERATED_USER_ID);
const auto userHandle = entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_USER_HANDLE);
return browserPasskeys()->buildGetPublicKeyCredential(publicKey, origin, userId, userHandle, privateKeyPem);
return browserPasskeys()->buildGetPublicKeyCredential(publicKey, origin, credentialId, userHandle, privateKeyPem);
}

// Checks if the same user ID already exists for the current site
Expand Down
5 changes: 2 additions & 3 deletions src/browser/BrowserService.h
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,6 @@ class BrowserService : public QObject
QString getCurrentTotp(const QString& uuid);
void showPasswordGenerator(const KeyPairMessage& keyPairMessage);
bool isPasswordGeneratorRequested() const;
bool isUrlIdentical(const QString& first, const QString& second) const;
QSharedPointer<Database> selectedDatabase();
#ifdef WITH_XC_BROWSER_PASSKEYS
QJsonObject
Expand All @@ -97,14 +96,14 @@ class BrowserService : public QObject
const QString& rpId,
const QString& rpName,
const QString& username,
const QString& userId,
const QString& credentialId,
const QString& userHandle,
const QString& privateKey);
void addPasskeyToEntry(Entry* entry,
const QString& rpId,
const QString& rpName,
const QString& username,
const QString& userId,
const QString& credentialId,
const QString& userHandle,
const QString& privateKey);
#endif
Expand Down
4 changes: 2 additions & 2 deletions src/gui/passkeys/PasskeyExporter.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ void PasskeyExporter::showExportDialog(const QList<Entry*>& items)
* "relyingParty: <relying party>,
* "url": <URL>,
* "userHandle": <user handle>,
* "userId": <generated user id>,
* "credentialId": <generated credential id>,
* "username:" <username>
* }
*/
Expand Down Expand Up @@ -91,7 +91,7 @@ void PasskeyExporter::exportSelectedEntry(const Entry* entry, const QString& fol
passkeyObject["relyingParty"] = entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_RELYING_PARTY);
passkeyObject["url"] = entry->url();
passkeyObject["username"] = entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_USERNAME);
passkeyObject["userId"] = entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_GENERATED_USER_ID);
passkeyObject["credentialId"] = entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_GENERATED_USER_ID);
passkeyObject["userHandle"] = entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_USER_HANDLE);
passkeyObject["privateKey"] = entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_PRIVATE_KEY_PEM);

Expand Down
10 changes: 5 additions & 5 deletions src/gui/passkeys/PasskeyImporter.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -64,11 +64,11 @@ void PasskeyImporter::importSelectedFile(QFile& file, QSharedPointer<Database>&
const auto relyingParty = passkeyObject["relyingParty"].toString();
const auto url = passkeyObject["url"].toString();
const auto username = passkeyObject["username"].toString();
const auto password = passkeyObject["userId"].toString();
const auto credentialId = passkeyObject["credentialId"].toString();
const auto userHandle = passkeyObject["userHandle"].toString();
const auto privateKey = passkeyObject["privateKey"].toString();

if (relyingParty.isEmpty() || username.isEmpty() || password.isEmpty() || userHandle.isEmpty()
if (relyingParty.isEmpty() || username.isEmpty() || credentialId.isEmpty() || userHandle.isEmpty()
|| privateKey.isEmpty()) {
MessageBox::information(nullptr,
tr("Cannot import Passkey"),
Expand All @@ -80,15 +80,15 @@ void PasskeyImporter::importSelectedFile(QFile& file, QSharedPointer<Database>&
tr("Cannot import Passkey"),
tr("Cannot import Passkey file \"%1\". Private key is missing or malformed.").arg(file.fileName()));
} else {
showImportDialog(database, url, relyingParty, username, password, userHandle, privateKey);
showImportDialog(database, url, relyingParty, username, credentialId, userHandle, privateKey);
}
}

void PasskeyImporter::showImportDialog(QSharedPointer<Database>& database,
const QString& url,
const QString& relyingParty,
const QString& username,
const QString& userId,
const QString& credentialId,
const QString& userHandle,
const QString& privateKey)
{
Expand Down Expand Up @@ -120,7 +120,7 @@ void PasskeyImporter::showImportDialog(QSharedPointer<Database>& database,
}

browserService()->addPasskeyToGroup(
group, url, relyingParty, relyingParty, username, userId, userHandle, privateKey);
group, url, relyingParty, relyingParty, username, credentialId, userHandle, privateKey);
}

Group* PasskeyImporter::getDefaultGroup(QSharedPointer<Database>& database)
Expand Down
2 changes: 1 addition & 1 deletion src/gui/passkeys/PasskeyImporter.h
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ class PasskeyImporter : public QObject
const QString& url,
const QString& relyingParty,
const QString& username,
const QString& userId,
const QString& credentialId,
const QString& userHandle,
const QString& privateKey);
Group* getDefaultGroup(QSharedPointer<Database>& database);
Expand Down

0 comments on commit a3717c7

Please sign in to comment.