blob: 6505cb60122b6212507a2fc25c288d6e7a3a2c79 [file] [log] [blame]
<!DOCTYPE html><!-- webkit-test-runner [ WebAuthenticationModernEnabled=true ] -->
<title>Web Authentication API: PublicKeyCredential's [[get]] failure cases with a mock u2f authenticator.</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="./resources/util.js"></script>
<script>
promise_test(function(t) {
const options = {
publicKey: {
challenge: asciiToUint8Array("123456"),
allowCredentials: [{ type: "public-key", id: Base64URL.parse(testCredentialIdBase64) }]
}
};
if (window.internals)
internals.setMockWebAuthenticationConfiguration({ hid: { stage: "request", subStage: "msg", error: "malicious-payload", isU2f: true, payloadBase64: [testU2fApduNoErrorOnlyResponseBase64] } });
return promiseRejects(t, "UnknownError", navigator.credentials.get(options), "Couldn't parse the U2F sign response.");
}, "PublicKeyCredential's [[get]] with malformed sign response in a mock hid authenticator.");
promise_test(function(t) {
const options = {
publicKey: {
challenge: asciiToUint8Array("123456"),
allowCredentials: [{ type: "public-key", id: Base64URL.parse(testCredentialIdBase64) }]
}
};
if (window.internals)
internals.setMockWebAuthenticationConfiguration({ hid: { stage: "request", subStage: "msg", error: "malicious-payload", isU2f: true, payloadBase64: [testU2fApduWrongDataOnlyResponseBase64] } });
return promiseRejects(t, "NotAllowedError", navigator.credentials.get(options), "No credentials from the allowCredentials list is found in the authenticator.");
}, "PublicKeyCredential's [[get]] with no matched allow credentials in a mock hid authenticator.");
promise_test(function(t) {
const options = {
publicKey: {
challenge: asciiToUint8Array("123456"),
allowCredentials: [{ type: "public-key", id: Base64URL.parse(testCredentialIdBase64) }, { type: "public-key", id: Base64URL.parse(testCredentialIdBase64) }]
}
};
if (window.internals)
internals.setMockWebAuthenticationConfiguration({ hid: { stage: "request", subStage: "msg", error: "malicious-payload", isU2f: true, payloadBase64: [testU2fApduWrongDataOnlyResponseBase64, testU2fApduWrongDataOnlyResponseBase64] } });
return promiseRejects(t, "NotAllowedError", navigator.credentials.get(options), "No credentials from the allowCredentials list is found in the authenticator.");
}, "PublicKeyCredential's [[get]] with no matched allow credentials in a mock hid authenticator. 2");
// With AppID extension
promise_test(function(t) {
const options = {
publicKey: {
challenge: asciiToUint8Array("123456"),
allowCredentials: [{ type: "public-key", id: Base64URL.parse(testCredentialIdBase64) }],
extensions: { appid: "" }
}
};
if (window.internals)
internals.setMockWebAuthenticationConfiguration({ hid: { stage: "request", subStage: "msg", error: "malicious-payload", isU2f: true, payloadBase64: [testU2fApduWrongDataOnlyResponseBase64, testU2fApduWrongDataOnlyResponseBase64] } });
return promiseRejects(t, "NotAllowedError", navigator.credentials.get(options), "No credentials from the allowCredentials list is found in the authenticator.");
}, "PublicKeyCredential's [[get]] with no matched allow credentials in a mock hid authenticator. (AppID)");
promise_test(function(t) {
const options = {
publicKey: {
challenge: asciiToUint8Array("123456"),
allowCredentials: [{ type: "public-key", id: Base64URL.parse(testCredentialIdBase64) }, { type: "public-key", id: Base64URL.parse(testCredentialIdBase64) }],
extensions: { appid: "" }
}
};
if (window.internals)
internals.setMockWebAuthenticationConfiguration({ hid: { stage: "request", subStage: "msg", error: "malicious-payload", isU2f: true, payloadBase64: [testU2fApduWrongDataOnlyResponseBase64, testU2fApduWrongDataOnlyResponseBase64, testU2fApduWrongDataOnlyResponseBase64, testU2fApduWrongDataOnlyResponseBase64] } });
return promiseRejects(t, "NotAllowedError", navigator.credentials.get(options), "No credentials from the allowCredentials list is found in the authenticator.");
}, "PublicKeyCredential's [[get]] with no matched allow credentials in a mock hid authenticator. 2 (AppID)");
</script>