| <!DOCTYPE html><!-- webkit-test-runner [ WebAuthenticationModernEnabled=true ] --> |
| <title>Web Authentication API: PublicKeyCredential's [[create]] failure cases with a mock u2f authenticator.</title> |
| <script src="/resources/testharness.js"></script> |
| <script src="/resources/testharnessreport.js"></script> |
| <script src="./resources/util.js"></script> |
| <script> |
| promise_test(function(t) { |
| const options = { |
| publicKey: { |
| rp: { |
| name: "example.com" |
| }, |
| user: { |
| name: "John Appleseed", |
| id: asciiToUint8Array("123456"), |
| displayName: "John", |
| }, |
| challenge: asciiToUint8Array("123456"), |
| pubKeyCredParams: [{ type: "public-key", alg: -7 }], |
| timeout: 10 |
| } |
| }; |
| |
| if (window.internals) |
| internals.setMockWebAuthenticationConfiguration({ silentFailure: true, hid: { stage: "request", subStage: "msg", error: "malicious-payload", isU2f: true, payloadBase64: ["AQ=="] } }); |
| return promiseRejects(t, "NotAllowedError", navigator.credentials.create(options), "Operation timed out."); |
| }, "PublicKeyCredential's [[create]] with malformed APDU payload in a mock hid authenticator."); |
| |
| promise_test(function(t) { |
| const options = { |
| publicKey: { |
| rp: { |
| name: "example.com" |
| }, |
| user: { |
| name: "John Appleseed", |
| id: asciiToUint8Array("123456"), |
| displayName: "John", |
| }, |
| challenge: asciiToUint8Array("123456"), |
| pubKeyCredParams: [{ type: "public-key", alg: -7 }], |
| timeout: 10 |
| } |
| }; |
| |
| if (window.internals) |
| internals.setMockWebAuthenticationConfiguration({ silentFailure: true, hid: { stage: "request", subStage: "msg", error: "malicious-payload", isU2f: true, payloadBase64: [testU2fApduNoErrorOnlyResponseBase64] } }); |
| return promiseRejects(t, "NotAllowedError", navigator.credentials.create(options), "Operation timed out."); |
| }, "PublicKeyCredential's [[create]] with malformed U2F register response in a mock hid authenticator."); |
| |
| promise_test(function(t) { |
| const options = { |
| publicKey: { |
| rp: { |
| name: "example.com" |
| }, |
| user: { |
| name: "John Appleseed", |
| id: asciiToUint8Array("123456"), |
| displayName: "John", |
| }, |
| challenge: asciiToUint8Array("123456"), |
| pubKeyCredParams: [{ type: "public-key", alg: -7 }], |
| timeout: 10 |
| } |
| }; |
| |
| if (window.internals) |
| internals.setMockWebAuthenticationConfiguration({ silentFailure: true, hid: { stage: "request", subStage: "msg", error: "malicious-payload", isU2f: true, payloadBase64: [testU2fApduInsNotSupportedOnlyResponseBase64] } }); |
| return promiseRejects(t, "NotAllowedError", navigator.credentials.create(options), "Operation timed out."); |
| }, "PublicKeyCredential's [[create]] with register command error in a mock hid authenticator."); |
| |
| promise_test(function(t) { |
| const options = { |
| publicKey: { |
| rp: { |
| name: "example.com" |
| }, |
| user: { |
| name: "John Appleseed", |
| id: asciiToUint8Array("123456"), |
| displayName: "John", |
| }, |
| challenge: asciiToUint8Array("123456"), |
| pubKeyCredParams: [{ type: "public-key", alg: -7 }], |
| excludeCredentials: [{ type: "public-key", id: Base64URL.parse(testCredentialIdBase64) }], |
| timeout: 10 |
| } |
| }; |
| |
| if (window.internals) |
| internals.setMockWebAuthenticationConfiguration({ silentFailure: true, hid: { stage: "request", subStage: "msg", error: "malicious-payload", isU2f: true, payloadBase64: [testU2fApduNoErrorOnlyResponseBase64, testU2fApduInsNotSupportedOnlyResponseBase64] } }); |
| return promiseRejects(t, "NotAllowedError", navigator.credentials.create(options), "Operation timed out."); |
| }, "PublicKeyCredential's [[create]] with bogus command error in a mock hid authenticator."); |
| |
| promise_test(function(t) { |
| const options = { |
| publicKey: { |
| rp: { |
| name: "example.com" |
| }, |
| user: { |
| name: "John Appleseed", |
| id: asciiToUint8Array("123456"), |
| displayName: "John", |
| }, |
| challenge: asciiToUint8Array("123456"), |
| pubKeyCredParams: [{ type: "public-key", alg: -7 }], |
| excludeCredentials: [{ type: "public-key", id: Base64URL.parse(testCredentialIdBase64) }], |
| } |
| }; |
| |
| if (window.internals) |
| internals.setMockWebAuthenticationConfiguration({ silentFailure: true, hid: { stage: "request", subStage: "msg", error: "malicious-payload", isU2f: true, payloadBase64: [testU2fApduNoErrorOnlyResponseBase64, testU2fApduNoErrorOnlyResponseBase64] } }); |
| return promiseRejects(t, "InvalidStateError", navigator.credentials.create(options), "At least one credential matches an entry of the excludeCredentials list in the authenticator."); |
| }, "PublicKeyCredential's [[create]] with first exclude credential matched in a mock hid authenticator."); |
| |
| // Match the second exclude credential. |
| promise_test(function(t) { |
| const options = { |
| publicKey: { |
| rp: { |
| name: "example.com" |
| }, |
| user: { |
| name: "John Appleseed", |
| id: asciiToUint8Array("123456"), |
| displayName: "John", |
| }, |
| challenge: asciiToUint8Array("123456"), |
| pubKeyCredParams: [{ type: "public-key", alg: -7 }], |
| excludeCredentials: [{ type: "public-key", id: Base64URL.parse(testCredentialIdBase64) }, { type: "public-key", id: Base64URL.parse(testCredentialIdBase64) }], // The content doesn't matter. |
| } |
| }; |
| |
| if (window.internals) |
| internals.setMockWebAuthenticationConfiguration({ silentFailure: true, hid: { stage: "request", subStage: "msg", error: "malicious-payload", isU2f: true, payloadBase64: [testU2fApduWrongDataOnlyResponseBase64, testU2fApduNoErrorOnlyResponseBase64, testU2fApduNoErrorOnlyResponseBase64] } }); |
| return promiseRejects(t, "InvalidStateError", navigator.credentials.create(options), "At least one credential matches an entry of the excludeCredentials list in the authenticator."); |
| }, "PublicKeyCredential's [[create]] with second exclude credential matched in a mock hid authenticator."); |
| |
| promise_test(function(t) { |
| const options = { |
| publicKey: { |
| rp: { |
| name: "example.com" |
| }, |
| user: { |
| name: "John Appleseed", |
| id: asciiToUint8Array("123456"), |
| displayName: "John", |
| }, |
| challenge: asciiToUint8Array("123456"), |
| pubKeyCredParams: [{ type: "public-key", alg: -7 }], |
| excludeCredentials: [{ type: "public-key", id: Base64URL.parse(testCredentialIdBase64) }], |
| timeout: 10 |
| } |
| }; |
| |
| if (window.internals) |
| internals.setMockWebAuthenticationConfiguration({ silentFailure: true, hid: { stage: "request", subStage: "msg", error: "malicious-payload", isU2f: true, payloadBase64: [testU2fApduConditionsNotSatisfiedOnlyResponseBase64, testU2fApduConditionsNotSatisfiedOnlyResponseBase64, testU2fApduConditionsNotSatisfiedOnlyResponseBase64, testU2fApduNoErrorOnlyResponseBase64] } }); |
| return promiseRejects(t, "NotAllowedError", navigator.credentials.create(options), "Operation timed out."); |
| }, "PublicKeyCredential's [[create]] with first exclude credential matched in a mock hid authenticator. Test of user presence."); |
| </script> |