| <!DOCTYPE html> |
| <title>Web Authentication API: PublicKeyCredential's [[create]] success cases with a mock u2f authenticator.</title> |
| <script src="/resources/testharness.js"></script> |
| <script src="/resources/testharnessreport.js"></script> |
| <script src="./resources/util.js"></script> |
| <script src="./resources/cbor.js"></script> |
| <script> |
| function checkResult(credential, isNoneAttestation = true) |
| { |
| // Check response |
| assert_array_equals(Base64URL.parse(credential.id), Base64URL.parse(testU2fCredentialIdBase64)); |
| assert_equals(credential.type, 'public-key'); |
| assert_array_equals(new Uint8Array(credential.rawId), Base64URL.parse(testU2fCredentialIdBase64)); |
| assert_equals(bytesToASCIIString(credential.response.clientDataJSON), '{"type":"webauthn.create","challenge":"MTIzNDU2","origin":"https://localhost:9443"}'); |
| assert_not_exists(credential.getClientExtensionResults(), "appid"); |
| |
| // Check attestation |
| const attestationObject = CBOR.decode(credential.response.attestationObject); |
| if (isNoneAttestation) |
| assert_equals(attestationObject.fmt, "none"); |
| else |
| assert_equals(attestationObject.fmt, "fido-u2f"); |
| // Check authData |
| const authData = decodeAuthData(attestationObject.authData); |
| assert_equals(bytesToHexString(authData.rpIdHash), "49960de5880e8c687434170f6476605b8fe4aeb9a28632c7995cf3ba831d9763"); |
| assert_equals(authData.flags, 65); |
| assert_equals(authData.counter, 0); |
| assert_equals(bytesToHexString(authData.aaguid), "00000000000000000000000000000000"); |
| assert_array_equals(authData.credentialID, Base64URL.parse(testU2fCredentialIdBase64)); |
| // Check fido-u2f attestation |
| assert_true(checkPublicKey(authData.publicKey)); |
| if (isNoneAttestation) |
| assert_object_equals(attestationObject.attStmt, { }); |
| else |
| assert_equals(attestationObject.attStmt.x5c.length, 1); |
| } |
| |
| promise_test(t => { |
| const options = { |
| publicKey: { |
| rp: { |
| name: "localhost", |
| }, |
| user: { |
| name: "John Appleseed", |
| id: Base64URL.parse(testUserhandleBase64), |
| displayName: "Appleseed", |
| }, |
| challenge: Base64URL.parse("MTIzNDU2"), |
| pubKeyCredParams: [{ type: "public-key", alg: -7 }], |
| timeout: 100 |
| } |
| }; |
| |
| if (window.testRunner) |
| testRunner.setWebAuthenticationMockConfiguration({ hid: { stage: "request", subStage: "msg", error: "success", isU2f: true, payloadBase64: [testU2fRegisterResponse] } }); |
| return navigator.credentials.create(options).then(credential => { |
| checkResult(credential); |
| }); |
| }, "PublicKeyCredential's [[create]] with minimum options in a mock u2f authenticator."); |
| |
| promise_test(t => { |
| const options = { |
| publicKey: { |
| rp: { |
| name: "localhost", |
| }, |
| user: { |
| name: "John Appleseed", |
| id: Base64URL.parse(testUserhandleBase64), |
| displayName: "Appleseed", |
| }, |
| challenge: Base64URL.parse("MTIzNDU2"), |
| pubKeyCredParams: [{ type: "public-key", alg: -7 }], |
| excludeCredentials: [{ type: "public-key", id: Base64URL.parse(testCredentialIdBase64) }], |
| timeout: 100 |
| } |
| }; |
| |
| if (window.testRunner) |
| testRunner.setWebAuthenticationMockConfiguration({ hid: { stage: "request", subStage: "msg", error: "success", isU2f: true, payloadBase64: [testU2fApduWrongDataOnlyResponseBase64, testU2fRegisterResponse] } }); |
| return navigator.credentials.create(options).then(credential => { |
| checkResult(credential); |
| }); |
| }, "PublicKeyCredential's [[create]] with excludeCredentials in a mock u2f authenticator."); |
| |
| promise_test(t => { |
| const options = { |
| publicKey: { |
| rp: { |
| name: "localhost", |
| }, |
| user: { |
| name: "John Appleseed", |
| id: Base64URL.parse(testUserhandleBase64), |
| displayName: "Appleseed", |
| }, |
| challenge: Base64URL.parse("MTIzNDU2"), |
| pubKeyCredParams: [{ type: "public-key", alg: -7 }], |
| excludeCredentials: [{ type: "public-key", id: Base64URL.parse(testCredentialIdBase64) }, { type: "public-key", id: Base64URL.parse(testCredentialIdBase64) }], // The content doesn't matter. |
| timeout: 100 |
| } |
| }; |
| |
| if (window.testRunner) |
| testRunner.setWebAuthenticationMockConfiguration({ hid: { stage: "request", subStage: "msg", error: "success", isU2f: true, payloadBase64: [testU2fApduWrongDataOnlyResponseBase64, testU2fApduWrongDataOnlyResponseBase64, testU2fRegisterResponse] } }); |
| return navigator.credentials.create(options).then(credential => { |
| checkResult(credential); |
| }); |
| }, "PublicKeyCredential's [[create]] with excludeCredentials in a mock u2f authenticator. 2"); |
| |
| promise_test(t => { |
| const options = { |
| publicKey: { |
| rp: { |
| name: "localhost", |
| }, |
| user: { |
| name: "John Appleseed", |
| id: Base64URL.parse(testUserhandleBase64), |
| displayName: "Appleseed", |
| }, |
| challenge: Base64URL.parse("MTIzNDU2"), |
| pubKeyCredParams: [{ type: "public-key", alg: -7 }], |
| timeout: 500 |
| } |
| }; |
| |
| if (window.testRunner) |
| testRunner.setWebAuthenticationMockConfiguration({ hid: { stage: "request", subStage: "msg", error: "success", isU2f: true, payloadBase64: [testU2fApduConditionsNotSatisfiedOnlyResponseBase64, testU2fApduConditionsNotSatisfiedOnlyResponseBase64, testU2fRegisterResponse] } }); |
| return navigator.credentials.create(options).then(credential => { |
| checkResult(credential); |
| }); |
| }, "PublicKeyCredential's [[create]] with test of user presence in a mock u2f authenticator."); |
| |
| promise_test(t => { |
| const options = { |
| publicKey: { |
| rp: { |
| name: "localhost", |
| }, |
| user: { |
| name: "John Appleseed", |
| id: Base64URL.parse(testUserhandleBase64), |
| displayName: "Appleseed", |
| }, |
| challenge: Base64URL.parse("MTIzNDU2"), |
| pubKeyCredParams: [{ type: "public-key", alg: -7 }], |
| attestation: "none", |
| timeout: 100 |
| } |
| }; |
| |
| if (window.testRunner) |
| testRunner.setWebAuthenticationMockConfiguration({ hid: { stage: "request", subStage: "msg", error: "success", isU2f: true, payloadBase64: [testU2fRegisterResponse] } }); |
| return navigator.credentials.create(options).then(credential => { |
| checkResult(credential); |
| }); |
| }, "PublicKeyCredential's [[create]] with none attestation in a mock u2f authenticator."); |
| |
| promise_test(t => { |
| const options = { |
| publicKey: { |
| rp: { |
| name: "localhost", |
| }, |
| user: { |
| name: "John Appleseed", |
| id: Base64URL.parse(testUserhandleBase64), |
| displayName: "Appleseed", |
| }, |
| challenge: Base64URL.parse("MTIzNDU2"), |
| pubKeyCredParams: [{ type: "public-key", alg: -7 }], |
| attestation: "indirect", |
| timeout: 100 |
| } |
| }; |
| |
| if (window.testRunner) |
| testRunner.setWebAuthenticationMockConfiguration({ hid: { stage: "request", subStage: "msg", error: "success", isU2f: true, payloadBase64: [testU2fRegisterResponse] } }); |
| return navigator.credentials.create(options).then(credential => { |
| checkResult(credential, false); |
| }); |
| }, "PublicKeyCredential's [[create]] with indirect attestation in a mock u2f authenticator."); |
| |
| promise_test(t => { |
| const options = { |
| publicKey: { |
| rp: { |
| name: "localhost", |
| }, |
| user: { |
| name: "John Appleseed", |
| id: Base64URL.parse(testUserhandleBase64), |
| displayName: "Appleseed", |
| }, |
| challenge: Base64URL.parse("MTIzNDU2"), |
| pubKeyCredParams: [{ type: "public-key", alg: -7 }], |
| attestation: "direct", |
| timeout: 100 |
| } |
| }; |
| |
| if (window.testRunner) |
| testRunner.setWebAuthenticationMockConfiguration({ hid: { stage: "request", subStage: "msg", error: "success", isU2f: true, payloadBase64: [testU2fRegisterResponse] } }); |
| return navigator.credentials.create(options).then(credential => { |
| checkResult(credential, false); |
| }); |
| }, "PublicKeyCredential's [[create]] with direct attestation in a mock u2f authenticator."); |
| </script> |