commit | 8987fd0ef8e33333f9b529b3e62f8893182a56cf | [log] [tgz] |
---|---|---|
author | Martin Kreichgauer <martinkr@google.com> | Fri Jul 20 22:42:03 2018 |
committer | Commit Bot <commit-bot@chromium.org> | Fri Jul 20 22:42:03 2018 |
tree | bfb94947683107c298573b8ce422f26271188666 | |
parent | 7a954e099711e68c3bad517777f0867127247bc3 [diff] |
device/fido: move post request checks from FidoTask in RequestHandler This extends the scope of these checks to cover non-device authenticators (like Touch ID). The following checks are moved from MakeAssertionTask into MakeAssertionRequestHandler: - |CheckRpIdHash| to verify the RP ID of the request matches the returned credential. The following checks are moved from GetAssertionTask into MakeAssertionRequestHandler: - |CheckRpIdHash| to verify the RP ID of the request matches the returned credential. - |CheckRequirementsOnReturnedUserEntities| to check constraints on the optional UserEntity response field. - |CheckRequirementsOnReturnedCredentialId| to check whether the returned credential id was in the allow list (except for resident keys). Also fixes the following bugs in |CheckRequirementsOnReturnedCredentialId|: - Responses with resident key support should still have their response checked against the allow list if one was provided. - For allow lists of size 1, the credential id may be omitted in the reponse; but if it is not, it must be checked against the allow list. Corresponding unit tests are moved accordingly. Bug: 863988, 678128 Change-Id: If7b76e7ecac45d96914a62661da9979c62895a25 Reviewed-on: https://chromium-review.googlesource.com/1144403 Commit-Queue: Martin Kreichgauer <martinkr@google.com> Reviewed-by: Jun Choi <hongjunchoi@chromium.org> Cr-Commit-Position: refs/heads/master@{#577017}
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
The project's web site is https://www.chromium.org.
Documentation in the source is rooted in docs/README.md.
Learn how to Get Around the Chromium Source Code Directory Structure .