1816520 - Implement getPublicKey and getPublicKeyAlgorithm methods for AuthenticatorAttestationResponse

Status: RESOLVED FIXED

(Core :: DOM: Web Authentication, enhancement, P1)

Description

[John Schanck [:jschanck]]

https://w3c.github.io/webauthn/#dom-authenticatorattestationresponse-getpublickey

Comment 1

[arnaud.dagnelies]

Hi,
It's great to see this issue is finally picked up. To be honest, I was waiting for it for quite a while. :)
Dunno if it can help you, but here is a "playground" for a WebAuthn wrapper including the getPublicKey() call: https://webauthn.passwordless.id/demos/playground.html ...obviously not (yet) working with Firefox.
I'm rooting for you!

Comment 2

[arnaud.dagnelies]

Btw, I find this picture is quite useful to extract the right piece from the buffer. https://w3c.github.io/webauthn/#sctn-attestation

Comment 3

[arnaud.dagnelies]

(In reply to John Schanck [:jschanck] from comment #0)

https://w3c.github.io/webauthn/#dom-authenticatorattestationresponse-getpublickey

Hi. Is there any way to help?

Just as a tip, the pseudo-code should look similar to this:

    // see https://w3c.github.io/webauthn/#sctn-attestation
    const decodedAttestationData = CBOR.decode(this.attestationObject);
    const authData = decodedAttestationData.authData;
    const credData = authData.slice(32 + 1 + 4)

    const aaguid = credData .slice(0,16)
    const credentialIdLen = credData.slice(16,18).getUint16();
    const credentialId = credData.slice(18, 18+credentialIdLen);
    const publicKeyEncoded = credData.slice(18+credentialIdLen);

    const publicKeyCose = CBOR.decode(publicKeyEncoded);

Comment 4

[kamalendu.garai]

Is there any resolution for this issue to get fixed in coming version, need to know if Mozilla is trying to fix this in recent future because this is quite a hype and good way to get authenticated with any service.

Comment 5

[John Schanck [:jschanck]]

Yes, we intend to have this in Firefox 118.

Comment 6

[John Schanck [:jschanck]]

Attachment: Bug 1816520 - implement getPublicKey and getPublicKeyAlgorithm for AuthenticatorAttestationResponse. r=keeler

Depends on D186374

Comment 7

[kamalendu.garai]

(In reply to John Schanck [:jschanck] from comment #5)

Yes, we intend to have this in Firefox 118.

That is a great news. We all are looking forward to it.

Comment 8

[arnaud.dagnelies]

Well done. Looking forward to it. ^^

Comment 9

[Pulsebot]

Pushed by jschanck@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/03d6e3a37329
implement getPublicKey and getPublicKeyAlgorithm for AuthenticatorAttestationResponse. r=keeler,webidl,smaug

Comment 10

[Pulsebot]

Backout by csabou@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/e181f3ae7651
Backed out 2 changesets (bug 1816520, bug 1816519) for non-unified build bustages on AuthrsBridge_ffi.h. CLOSED TREE

Comment 11

[Cosmin Sabou [:CosminS]]

Backed out for non-unified build bustages on AuthrsBridge_ffi.h

Push with failures: https://treeherder.mozilla.org/jobs?repo=autoland&group_state=expanded&resultStatus=testfailed%2Cbusted%2Cexception%2Cretry%2Cusercancel&revision=03d6e3a3732943df64be04bdbb794e99a85cfc8a&selectedTaskRun=b8cP-tLqQx6NbiX4orPdag.0

Failure log: https://treeherder.mozilla.org/logviewer?job_id=427546656&repo=autoland

Backout link: https://hg.mozilla.org/integration/autoland/rev/e181f3ae7651

Comment 12

[Pulsebot]

Pushed by jschanck@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/1bae007bf17b
implement getPublicKey and getPublicKeyAlgorithm for AuthenticatorAttestationResponse. r=keeler,webidl,smaug

Comment 13

[Iulian Moraru]

Backed out for causing build bustages on WinWebAuthnManager.cpp.

• Push with failures

• Failure log

• Backout link

[task 2023-08-31T18:47:23.443Z] 18:47:23     INFO -  gmake[4]: Entering directory '/builds/worker/workspace/obj-build/dom/webauthn'
[task 2023-08-31T18:47:23.445Z] 18:47:23     INFO -  /builds/worker/fetches/sccache/sccache /builds/worker/fetches/clang/bin/clang-cl -fms-compatibility-version=19.29 -Xclang -std=c++17 -Xclang -ivfsoverlay -Xclang /builds/worker/fetches/vs/overlay.yaml -FoWinWebAuthnManager.obj -c  -I/builds/worker/workspace/obj-build/dist/stl_wrappers -guard:cf -DNDEBUG=1 -DTRIMMED=1 -DUNICODE -D_UNICODE -D_CRT_RAND_S -DCERT_CHAIN_PARA_HAS_EXTRA_FIELDS -D_SECURE_ATL -DCHROMIUM_BUILD -DU_STATIC_IMPLEMENTATION -DWIN32 -D_WIN32 -D_WINDOWS -DWIN32_LEAN_AND_MEAN -DWINAPI_NO_BUNDLED_LIBRARIES -DMOZ_HAS_MOZGLUE -DMOZILLA_INTERNAL_API -DIMPL_LIBXUL -DSTATIC_EXPORTABLE_JS_API -I/builds/worker/checkouts/gecko/dom/webauthn -I/builds/worker/workspace/obj-build/dom/webauthn -I/builds/worker/workspace/obj-build/ipc/ipdl/_ipdlheaders -I/builds/worker/checkouts/gecko/ipc/chromium/src -I/builds/worker/checkouts/gecko/dom/base -I/builds/worker/checkouts/gecko/dom/crypto -I/builds/worker/checkouts/gecko/security/manager/ssl -I/builds/worker/checkouts/gecko/third_party/rust -I/builds/worker/checkouts/gecko/toolkit/components/jsoncpp/include -I/builds/worker/workspace/obj-build/dist/include -I/builds/worker/workspace/obj-build/dist/include/nspr -I/builds/worker/workspace/obj-build/dist/include/nss -MD -FI /builds/worker/workspace/obj-build/mozilla-config.h -DMOZILLA_CLIENT -fcrash-diagnostics-dir=/builds/worker/artifacts -TP -Zc:sizedDealloc- -D_HAS_EXCEPTIONS=0 -Gy -Zc:inline -Gw -D_SILENCE_TR1_NAMESPACE_DEPRECATION_WARNING -GR- -Z7 -Xclang -load -Xclang /builds/worker/workspace/obj-build/build/clang-plugin/libclang-plugin.so -Xclang -add-plugin -Xclang moz-check -O2 -Oy- -Werror -W3 -Wbitfield-enum-conversion -Wdeprecated-this-capture -Wempty-body -Wformat-type-confusion -Wignored-qualifiers -Wpointer-arith -Wshadow-field-in-constructor-modified -Wsign-compare -Wtautological-constant-in-range-compare -Wtype-limits -Wno-error=tautological-type-limit-compare -Wunreachable-code -Wunreachable-code-return -Wunused-but-set-parameter -Wno-invalid-offsetof -Wclass-varargs -Wempty-init-stmt -Wfloat-overflow-conversion -Wfloat-zero-conversion -Wloop-analysis -Wno-range-loop-analysis -Wc++2a-compat -Wenum-compare-conditional -Wenum-float-conversion -Wvolatile -Wno-error=deprecated -Wno-error=deprecated-anon-enum-enum-conversion -Wno-error=deprecated-enum-enum-conversion -Wno-error=deprecated-pragma -Wno-error=deprecated-this-capture -Wcomma -Wimplicit-fallthrough -Wstring-conversion -Wno-inline-new-delete -Wno-error=deprecated-declarations -Wno-error=array-bounds -Wno-error=free-nonheap-object -Wno-error=atomic-alignment -Wno-error=deprecated-builtins -Wno-unknown-pragmas -Wno-ignored-pragmas -Wno-deprecated-declarations -Wno-microsoft-enum-value -Wno-microsoft-include -Wno-invalid-noreturn -Wno-inconsistent-missing-override -Wno-implicit-exception-spec-mismatch -Wno-microsoft-exception-spec -Wno-unused-local-typedef -Wno-ignored-attributes -Wno-used-but-marked-unused -Wno-psabi -Wthread-safety -Wno-error=builtin-macro-redefined -Wno-unknown-warning-option -fno-strict-aliasing -Xclang -ffp-contract=off  -Xclang -MP -Xclang -dependency-file -Xclang .deps/WinWebAuthnManager.obj.pp -Xclang -MT -Xclang WinWebAuthnManager.obj   /builds/worker/checkouts/gecko/dom/webauthn/WinWebAuthnManager.cpp
[task 2023-08-31T18:47:23.447Z] 18:47:23    ERROR -  /builds/worker/checkouts/gecko/dom/webauthn/WinWebAuthnManager.cpp(448,28): error: member access into incomplete type 'nsIWebAuthnAttObj'
[task 2023-08-31T18:47:23.448Z] 18:47:23     INFO -        rv = anonymizedAttObj->GetAttestationObject(attObject);
[task 2023-08-31T18:47:23.448Z] 18:47:23     INFO -                             ^
[task 2023-08-31T18:47:23.449Z] 18:47:23     INFO -  /builds/worker/checkouts/gecko/dom/webauthn/AuthrsBridge_ffi.h(12,7): note: forward declaration of 'nsIWebAuthnAttObj'
[task 2023-08-31T18:47:23.450Z] 18:47:23     INFO -  class nsIWebAuthnAttObj;
[task 2023-08-31T18:47:23.451Z] 18:47:23     INFO -        ^
[task 2023-08-31T18:47:23.452Z] 18:47:23     INFO -  In file included from /builds/worker/checkouts/gecko/dom/webauthn/WinWebAuthnManager.cpp:8:
[task 2023-08-31T18:47:23.453Z] 18:47:23     INFO -  In file included from /builds/worker/workspace/obj-build/ipc/ipdl/_ipdlheaders/mozilla/dom/PWebAuthnTransactionParent.h:9:
[task 2023-08-31T18:47:23.454Z] 18:47:23     INFO -  In file included from /builds/worker/workspace/obj-build/ipc/ipdl/_ipdlheaders/mozilla/dom/PWebAuthnTransaction.h:15:
[task 2023-08-31T18:47:23.455Z] 18:47:23     INFO -  In file included from /builds/worker/workspace/obj-build/dist/include/mozilla/MozPromise.h:22:
[task 2023-08-31T18:47:23.456Z] 18:47:23     INFO -  In file included from /builds/worker/workspace/obj-build/dist/include/nsISerialEventTarget.h:9:
[task 2023-08-31T18:47:23.457Z] 18:47:23     INFO -  In file included from /builds/worker/workspace/obj-build/dist/include/nsIEventTarget.h:17:
[task 2023-08-31T18:47:23.457Z] 18:47:23    ERROR -  /builds/worker/workspace/obj-build/dist/include/nsCOMPtr.h(326,5): error: static assertion failed due to requirement '1 < sizeof (TestForIID<nsIWebAuthnAttObj>(nullptr))': nsCOMPtr only works for types with IIDs.  Either use RefPtr; add an IID to your type with NS_DECLARE_STATIC_IID_ACCESSOR/NS_DEFINE_STATIC_IID_ACCESSOR; or make the nsCOMPtr point to a base class with an IID.
[task 2023-08-31T18:47:23.458Z] 18:47:23     INFO -      static_assert(1 < sizeof(TestForIID<T>(nullptr)),
[task 2023-08-31T18:47:23.459Z] 18:47:23     INFO -      ^             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[task 2023-08-31T18:47:23.459Z] 18:47:23     INFO -  /builds/worker/workspace/obj-build/dist/include/nsCOMPtr.h(371,5): note: in instantiation of member function 'nsCOMPtr<nsIWebAuthnAttObj>::assert_validity' requested here
[task 2023-08-31T18:47:23.459Z] 18:47:23     INFO -      assert_validity();
[task 2023-08-31T18:47:23.459Z] 18:47:23     INFO -      ^
[task 2023-08-31T18:47:23.460Z] 18:47:23     INFO -  /builds/worker/checkouts/gecko/dom/webauthn/WinWebAuthnManager.cpp(439,35): note: in instantiation of member function 'nsCOMPtr<nsIWebAuthnAttObj>::nsCOMPtr' requested here
[task 2023-08-31T18:47:23.460Z] 18:47:23     INFO -        nsCOMPtr<nsIWebAuthnAttObj> anonymizedAttObj;
[task 2023-08-31T18:47:23.460Z] 18:47:23     INFO -                                    ^
[task 2023-08-31T18:47:23.460Z] 18:47:23     INFO -  /builds/worker/workspace/obj-build/dist/include/nsCOMPtr.h(326,21): note: expression evaluates to '1 < 1'
[task 2023-08-31T18:47:23.460Z] 18:47:23     INFO -      static_assert(1 < sizeof(TestForIID<T>(nullptr)),
[task 2023-08-31T18:47:23.461Z] 18:47:23     INFO -                    ~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[task 2023-08-31T18:47:23.461Z] 18:47:23    ERROR -  /builds/worker/workspace/obj-build/dist/include/nsCOMPtr.h(340,7): error: member access into incomplete type 'nsIWebAuthnAttObj'
[task 2023-08-31T18:47:23.461Z] 18:47:23     INFO -        NSCAP_RELEASE(this, mRawPtr);
[task 2023-08-31T18:47:23.461Z] 18:47:23     INFO -        ^
[task 2023-08-31T18:47:23.461Z] 18:47:23     INFO -  /builds/worker/workspace/obj-build/dist/include/nsCOMPtr.h(82,41): note: expanded from macro 'NSCAP_RELEASE'
[task 2023-08-31T18:47:23.461Z] 18:47:23     INFO -  #  define NSCAP_RELEASE(this, ptr) (ptr)->Release()
[task 2023-08-31T18:47:23.461Z] 18:47:23     INFO -                                          ^
[task 2023-08-31T18:47:23.461Z] 18:47:23     INFO -  /builds/worker/checkouts/gecko/dom/webauthn/WinWebAuthnManager.cpp(439,35): note: in instantiation of member function 'nsCOMPtr<nsIWebAuthnAttObj>::~nsCOMPtr' requested here
[task 2023-08-31T18:47:23.461Z] 18:47:23     INFO -        nsCOMPtr<nsIWebAuthnAttObj> anonymizedAttObj;
[task 2023-08-31T18:47:23.461Z] 18:47:23     INFO -                                    ^
[task 2023-08-31T18:47:23.461Z] 18:47:23     INFO -  /builds/worker/checkouts/gecko/dom/webauthn/AuthrsBridge_ffi.h(12,7): note: forward declaration of 'nsIWebAuthnAttObj'
[task 2023-08-31T18:47:23.461Z] 18:47:23     INFO -  class nsIWebAuthnAttObj;
[task 2023-08-31T18:47:23.461Z] 18:47:23     INFO -        ^
[task 2023-08-31T18:47:23.462Z] 18:47:23     INFO -  In file included from /builds/worker/checkouts/gecko/dom/webauthn/WinWebAuthnManager.cpp:8:
[task 2023-08-31T18:47:23.462Z] 18:47:23     INFO -  In file included from /builds/worker/workspace/obj-build/ipc/ipdl/_ipdlheaders/mozilla/dom/PWebAuthnTransactionParent.h:9:
[task 2023-08-31T18:47:23.462Z] 18:47:23     INFO -  In file included from /builds/worker/workspace/obj-build/ipc/ipdl/_ipdlheaders/mozilla/dom/PWebAuthnTransaction.h:15:
[task 2023-08-31T18:47:23.462Z] 18:47:23     INFO -  In file included from /builds/worker/workspace/obj-build/dist/include/mozilla/MozPromise.h:22:
[task 2023-08-31T18:47:23.462Z] 18:47:23     INFO -  In file included from /builds/worker/workspace/obj-build/dist/include/nsISerialEventTarget.h:9:
[task 2023-08-31T18:47:23.462Z] 18:47:23     INFO -  In file included from /builds/worker/workspace/obj-build/dist/include/nsIEventTarget.h:17:
[task 2023-08-31T18:47:23.462Z] 18:47:23    ERROR -  /builds/worker/workspace/obj-build/dist/include/nsCOMPtr.h(318,7): error: member access into incomplete type 'nsIWebAuthnAttObj'
[task 2023-08-31T18:47:23.462Z] 18:47:23     INFO -        NSCAP_RELEASE(this, oldPtr);
[task 2023-08-31T18:47:23.462Z] 18:47:23     INFO -        ^
[task 2023-08-31T18:47:23.463Z] 18:47:23     INFO -  /builds/worker/workspace/obj-build/dist/include/nsCOMPtr.h(82,41): note: expanded from macro 'NSCAP_RELEASE'
[task 2023-08-31T18:47:23.463Z] 18:47:23     INFO -  #  define NSCAP_RELEASE(this, ptr) (ptr)->Release()
[task 2023-08-31T18:47:23.463Z] 18:47:23     INFO -                                          ^
[task 2023-08-31T18:47:23.463Z] 18:47:23     INFO -  /builds/worker/workspace/obj-build/dist/include/nsCOMPtr.h(786,5): note: in instantiation of member function 'nsCOMPtr<nsIWebAuthnAttObj>::assign_assuming_AddRef' requested here
[task 2023-08-31T18:47:23.463Z] 18:47:23     INFO -      assign_assuming_AddRef(nullptr);
[task 2023-08-31T18:47:23.464Z] 18:47:23     INFO -      ^
[task 2023-08-31T18:47:23.464Z] 18:47:23     INFO -  /builds/worker/workspace/obj-build/dist/include/nsCOMPtr.h(963,43): note: in instantiation of member function 'nsCOMPtr<nsIWebAuthnAttObj>::StartAssignment' requested here
[task 2023-08-31T18:47:23.464Z] 18:47:23     INFO -    operator T**() { return mTargetSmartPtr.StartAssignment(); }
[task 2023-08-31T18:47:23.464Z] 18:47:23     INFO -                                            ^
[task 2023-08-31T18:47:23.465Z] 18:47:23     INFO -  /builds/worker/checkouts/gecko/dom/webauthn/WinWebAuthnManager.cpp(442,33): note: in instantiation of member function 'nsGetterAddRefs<nsIWebAuthnAttObj>::operator nsIWebAuthnAttObj **' requested here
[task 2023-08-31T18:47:23.465Z] 18:47:23     INFO -            /* anonymize */ true, getter_AddRefs(anonymizedAttObj));
[task 2023-08-31T18:47:23.465Z] 18:47:23     INFO -                                  ^
[task 2023-08-31T18:47:23.465Z] 18:47:23     INFO -  /builds/worker/checkouts/gecko/dom/webauthn/AuthrsBridge_ffi.h(12,7): note: forward declaration of 'nsIWebAuthnAttObj'
[task 2023-08-31T18:47:23.465Z] 18:47:23     INFO -  class nsIWebAuthnAttObj;
[task 2023-08-31T18:47:23.465Z] 18:47:23     INFO -        ^
[task 2023-08-31T18:47:23.465Z] 18:47:23     INFO -  4 errors generated.
[task 2023-08-31T18:47:23.466Z] 18:47:23    ERROR -  gmake[4]: *** [/builds/worker/checkouts/gecko/config/rules.mk:660: WinWebAuthnManager.obj] Error 1
[task 2023-08-31T18:47:23.466Z] 18:47:23     INFO -  gmake[4]: Leaving directory '/builds/worker/workspace/obj-build/dom/webauthn'
[task 2023-08-31T18:47:23.466Z] 18:47:23     INFO -  gmake[4]: Entering directory '/builds/worker/workspace/obj-build/dom/webauthn'

Comment 14

[Pulsebot]

Pushed by jschanck@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/a4d7daedc001
implement getPublicKey and getPublicKeyAlgorithm for AuthenticatorAttestationResponse. r=keeler,webidl,smaug

Comment 15

[Cristian Tuns]

https://hg.mozilla.org/mozilla-central/rev/a4d7daedc001

Comment 16

[Hamish Willee]

FF119 MDN docs work for this tracked in https://github.com/mdn/content/issues/29299. APIs already documented, so this was just release note and browser compatibility.