diff --git a/src/browser/BrowserPasskeys.cpp b/src/browser/BrowserPasskeys.cpp index 4df78b1fe1..adcdc8590e 100644 --- a/src/browser/BrowserPasskeys.cpp +++ b/src/browser/BrowserPasskeys.cpp @@ -61,8 +61,9 @@ PublicKeyCredential BrowserPasskeys::buildRegisterPublicKeyCredential(const QJso const TestingVariables& testingVariables) { QJsonObject publicKeyCredential; - const auto id = testingVariables.credentialId.isEmpty() ? browserMessageBuilder()->getRandomBytesAsBase64(ID_BYTES) - : testingVariables.credentialId; + const auto credentialId = testingVariables.credentialId.isEmpty() + ? browserMessageBuilder()->getRandomBytesAsBase64(ID_BYTES) + : testingVariables.credentialId; // Extensions auto extensionObject = publicKeyCredentialOptions["extensions"].toObject(); @@ -72,22 +73,23 @@ PublicKeyCredential BrowserPasskeys::buildRegisterPublicKeyCredential(const QJso // Response QJsonObject responseObject; const auto clientData = buildClientDataJson(publicKeyCredentialOptions, origin, false); - const auto attestationObject = buildAttestationObject(publicKeyCredentialOptions, extensions, id, testingVariables); + const auto attestationObject = + buildAttestationObject(publicKeyCredentialOptions, extensions, credentialId, testingVariables); responseObject["clientDataJSON"] = browserMessageBuilder()->getBase64FromJson(clientData); responseObject["attestationObject"] = browserMessageBuilder()->getBase64FromArray(attestationObject.cborEncoded); // PublicKeyCredential publicKeyCredential["authenticatorAttachment"] = QString("platform"); - publicKeyCredential["id"] = id; + publicKeyCredential["id"] = credentialId; publicKeyCredential["response"] = responseObject; publicKeyCredential["type"] = PUBLIC_KEY; - return {id, publicKeyCredential, attestationObject.pem}; + return {credentialId, publicKeyCredential, attestationObject.pem}; } QJsonObject BrowserPasskeys::buildGetPublicKeyCredential(const QJsonObject& publicKeyCredentialRequestOptions, const QString& origin, - const QString& userId, + const QString& credentialId, const QString& userHandle, const QString& privateKeyPem) { @@ -104,7 +106,7 @@ QJsonObject BrowserPasskeys::buildGetPublicKeyCredential(const QJsonObject& publ QJsonObject publicKeyCredential; publicKeyCredential["authenticatorAttachment"] = QString("platform"); - publicKeyCredential["id"] = userId; + publicKeyCredential["id"] = credentialId; publicKeyCredential["response"] = responseObject; publicKeyCredential["type"] = PUBLIC_KEY; @@ -156,7 +158,7 @@ QJsonObject BrowserPasskeys::buildClientDataJson(const QJsonObject& publicKey, c // https://w3c.github.io/webauthn/#attestation-object PrivateKey BrowserPasskeys::buildAttestationObject(const QJsonObject& publicKey, const QString& extensions, - const QString& id, + const QString& credentialId, const TestingVariables& testingVariables) { QByteArray result; @@ -188,7 +190,7 @@ PrivateKey BrowserPasskeys::buildAttestationObject(const QJsonObject& publicKey, // Credential Id result.append(QByteArray::fromBase64( - testingVariables.credentialId.isEmpty() ? id.toUtf8() : testingVariables.credentialId.toUtf8(), + testingVariables.credentialId.isEmpty() ? credentialId.toUtf8() : testingVariables.credentialId.toUtf8(), QByteArray::Base64UrlEncoding)); // Credential private key diff --git a/src/browser/BrowserPasskeys.h b/src/browser/BrowserPasskeys.h index 530029b079..46b9c81a16 100644 --- a/src/browser/BrowserPasskeys.h +++ b/src/browser/BrowserPasskeys.h @@ -54,7 +54,7 @@ enum AuthenticatorFlags struct PublicKeyCredential { - QString id; + QString credentialId; QJsonObject response; QByteArray key; }; @@ -87,7 +87,7 @@ class BrowserPasskeys : public QObject const TestingVariables& predefinedVariables = {}); QJsonObject buildGetPublicKeyCredential(const QJsonObject& publicKeyCredentialRequestOptions, const QString& origin, - const QString& userId, + const QString& credentialId, const QString& userHandle, const QString& privateKeyPem); bool isUserVerificationValid(const QString& userVerification) const; @@ -112,7 +112,7 @@ class BrowserPasskeys : public QObject QJsonObject buildClientDataJson(const QJsonObject& publicKey, const QString& origin, bool get); PrivateKey buildAttestationObject(const QJsonObject& publicKey, const QString& extensions, - const QString& id, + const QString& credentialId, const TestingVariables& predefinedVariables = {}); QByteArray buildGetAttestationObject(const QJsonObject& publicKey); PrivateKey buildCredentialPrivateKey(int alg, diff --git a/src/browser/BrowserService.cpp b/src/browser/BrowserService.cpp index 0a2ec6eaf3..6f5e7f4d5b 100644 --- a/src/browser/BrowserService.cpp +++ b/src/browser/BrowserService.cpp @@ -666,12 +666,18 @@ QJsonObject BrowserService::showPasskeysRegisterPrompt(const QJsonObject& public rpId, rpName, username, - publicKeyCredentials.id, + publicKeyCredentials.credentialId, userHandle, publicKeyCredentials.key); } else { - addPasskeyToGroup( - nullptr, origin, rpId, rpName, username, publicKeyCredentials.id, userHandle, publicKeyCredentials.key); + addPasskeyToGroup(nullptr, + origin, + rpId, + rpName, + username, + publicKeyCredentials.credentialId, + userHandle, + publicKeyCredentials.key); } hideWindow(); @@ -730,7 +736,7 @@ void BrowserService::addPasskeyToGroup(Group* group, const QString& rpId, const QString& rpName, const QString& username, - const QString& userId, + const QString& credentialId, const QString& userHandle, const QString& privateKey) { @@ -751,7 +757,7 @@ void BrowserService::addPasskeyToGroup(Group* group, entry->setUrl(url); entry->setIcon(KEEPASSXCBROWSER_PASSKEY_ICON); - addPasskeyToEntry(entry, rpId, rpName, username, userId, userHandle, privateKey); + addPasskeyToEntry(entry, rpId, rpName, username, credentialId, userHandle, privateKey); // Remove blank entry history entry->removeHistoryItems(entry->historyItems()); @@ -761,7 +767,7 @@ void BrowserService::addPasskeyToEntry(Entry* entry, const QString& rpId, const QString& rpName, const QString& username, - const QString& userId, + const QString& credentialId, const QString& userHandle, const QString& privateKey) { @@ -776,7 +782,7 @@ void BrowserService::addPasskeyToEntry(Entry* entry, entry->beginUpdate(); entry->attributes()->set(BrowserPasskeys::KPEX_PASSKEY_USERNAME, username); - entry->attributes()->set(BrowserPasskeys::KPEX_PASSKEY_GENERATED_USER_ID, userId, true); + entry->attributes()->set(BrowserPasskeys::KPEX_PASSKEY_GENERATED_USER_ID, credentialId, true); entry->attributes()->set(BrowserPasskeys::KPEX_PASSKEY_PRIVATE_KEY_PEM, privateKey, true); entry->attributes()->set(BrowserPasskeys::KPEX_PASSKEY_RELYING_PARTY, rpId); entry->attributes()->set(BrowserPasskeys::KPEX_PASSKEY_USER_HANDLE, userHandle, true); @@ -1324,9 +1330,9 @@ QJsonObject BrowserService::getPublicKeyCredentialFromEntry(const Entry* entry, const QJsonObject& publicKey, const QString& origin) { const auto privateKeyPem = entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_PRIVATE_KEY_PEM); - const auto userId = entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_GENERATED_USER_ID); + const auto credentialId = entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_GENERATED_USER_ID); const auto userHandle = entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_USER_HANDLE); - return browserPasskeys()->buildGetPublicKeyCredential(publicKey, origin, userId, userHandle, privateKeyPem); + return browserPasskeys()->buildGetPublicKeyCredential(publicKey, origin, credentialId, userHandle, privateKeyPem); } // Checks if the same user ID already exists for the current site diff --git a/src/browser/BrowserService.h b/src/browser/BrowserService.h index 01daaee852..935ee9c478 100644 --- a/src/browser/BrowserService.h +++ b/src/browser/BrowserService.h @@ -84,7 +84,6 @@ class BrowserService : public QObject QString getCurrentTotp(const QString& uuid); void showPasswordGenerator(const KeyPairMessage& keyPairMessage); bool isPasswordGeneratorRequested() const; - bool isUrlIdentical(const QString& first, const QString& second) const; QSharedPointer selectedDatabase(); #ifdef WITH_XC_BROWSER_PASSKEYS QJsonObject @@ -97,14 +96,14 @@ class BrowserService : public QObject const QString& rpId, const QString& rpName, const QString& username, - const QString& userId, + const QString& credentialId, const QString& userHandle, const QString& privateKey); void addPasskeyToEntry(Entry* entry, const QString& rpId, const QString& rpName, const QString& username, - const QString& userId, + const QString& credentialId, const QString& userHandle, const QString& privateKey); #endif diff --git a/src/gui/passkeys/PasskeyExporter.cpp b/src/gui/passkeys/PasskeyExporter.cpp index 36fa2e4499..26b7191b0d 100644 --- a/src/gui/passkeys/PasskeyExporter.cpp +++ b/src/gui/passkeys/PasskeyExporter.cpp @@ -60,7 +60,7 @@ void PasskeyExporter::showExportDialog(const QList& items) * "relyingParty: , * "url": , * "userHandle": , - * "userId": , + * "credentialId": , * "username:" * } */ @@ -91,7 +91,7 @@ void PasskeyExporter::exportSelectedEntry(const Entry* entry, const QString& fol passkeyObject["relyingParty"] = entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_RELYING_PARTY); passkeyObject["url"] = entry->url(); passkeyObject["username"] = entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_USERNAME); - passkeyObject["userId"] = entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_GENERATED_USER_ID); + passkeyObject["credentialId"] = entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_GENERATED_USER_ID); passkeyObject["userHandle"] = entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_USER_HANDLE); passkeyObject["privateKey"] = entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_PRIVATE_KEY_PEM); diff --git a/src/gui/passkeys/PasskeyImporter.cpp b/src/gui/passkeys/PasskeyImporter.cpp index 103b1df4e7..0b48c102df 100644 --- a/src/gui/passkeys/PasskeyImporter.cpp +++ b/src/gui/passkeys/PasskeyImporter.cpp @@ -64,11 +64,11 @@ void PasskeyImporter::importSelectedFile(QFile& file, QSharedPointer& const auto relyingParty = passkeyObject["relyingParty"].toString(); const auto url = passkeyObject["url"].toString(); const auto username = passkeyObject["username"].toString(); - const auto password = passkeyObject["userId"].toString(); + const auto credentialId = passkeyObject["credentialId"].toString(); const auto userHandle = passkeyObject["userHandle"].toString(); const auto privateKey = passkeyObject["privateKey"].toString(); - if (relyingParty.isEmpty() || username.isEmpty() || password.isEmpty() || userHandle.isEmpty() + if (relyingParty.isEmpty() || username.isEmpty() || credentialId.isEmpty() || userHandle.isEmpty() || privateKey.isEmpty()) { MessageBox::information(nullptr, tr("Cannot import Passkey"), @@ -80,7 +80,7 @@ void PasskeyImporter::importSelectedFile(QFile& file, QSharedPointer& tr("Cannot import Passkey"), tr("Cannot import Passkey file \"%1\". Private key is missing or malformed.").arg(file.fileName())); } else { - showImportDialog(database, url, relyingParty, username, password, userHandle, privateKey); + showImportDialog(database, url, relyingParty, username, credentialId, userHandle, privateKey); } } @@ -88,7 +88,7 @@ void PasskeyImporter::showImportDialog(QSharedPointer& database, const QString& url, const QString& relyingParty, const QString& username, - const QString& userId, + const QString& credentialId, const QString& userHandle, const QString& privateKey) { @@ -120,7 +120,7 @@ void PasskeyImporter::showImportDialog(QSharedPointer& database, } browserService()->addPasskeyToGroup( - group, url, relyingParty, relyingParty, username, userId, userHandle, privateKey); + group, url, relyingParty, relyingParty, username, credentialId, userHandle, privateKey); } Group* PasskeyImporter::getDefaultGroup(QSharedPointer& database) diff --git a/src/gui/passkeys/PasskeyImporter.h b/src/gui/passkeys/PasskeyImporter.h index c1523cbc18..093da53e22 100644 --- a/src/gui/passkeys/PasskeyImporter.h +++ b/src/gui/passkeys/PasskeyImporter.h @@ -39,7 +39,7 @@ class PasskeyImporter : public QObject const QString& url, const QString& relyingParty, const QString& username, - const QString& userId, + const QString& credentialId, const QString& userHandle, const QString& privateKey); Group* getDefaultGroup(QSharedPointer& database);