MySQL 8.4.2
Source Code Documentation
webauthn_registration Class Reference

This class is used to perform registration step on client side. More...

#include <webauthn_registration.h>

Inheritance diagram for webauthn_registration:
[legend]

Public Member Functions

 webauthn_registration ()
 
bool parse_challenge (const char *challenge) override
 Helper method to parse the challenge received from server during registration process. More...
 
bool make_challenge_response (unsigned char *&buf) override
 This method will extract authenticator data, signature, certificate from fido_cred_t struct, construct a buffer holding this data which will be converted to base64 format before passing to server. More...
 
void set_client_data (const unsigned char *, const char *) override
 Helper method to set client data context. More...
 
bool generate_signature () override
 This method checks if a token device is available on client host. More...
 
size_t get_client_data_json_len ()
 
std::string get_client_data_json ()
 
- Public Member Functions inherited from client_registration::registration
 registration ()
 Construcutor to allocate memory for performing attestation (registration) More...
 
virtual ~registration ()
 Standard destructor. More...
 
bool make_credentials (const char *challenge)
 This method fills in all information required to initiate registration process. More...
 
void set_rp_id (std::string rp_id)
 Method to set the relying party name or id. More...
 
void set_user (std::string user)
 Set method to set user name. More...
 
size_t get_authdata_len ()
 Method to get length of authenticator data. More...
 
const unsigned char * get_authdata_ptr ()
 Method to get authenticator data. More...
 
size_t get_sig_len ()
 Method to get length of signature. More...
 
const unsigned char * get_sig_ptr ()
 Method to get signature data. More...
 
size_t get_x5c_len ()
 Method to get length of x509 certificate. More...
 
const unsigned char * get_x5c_ptr ()
 Method to get x509 certificate. More...
 
const char * get_rp_id ()
 Method to get rp id. More...
 
bool is_fido2 ()
 Method to check if token device supports CTAP2.1 resident keys feature. More...
 

Private Attributes

std::string m_client_data_json
 

Additional Inherited Members

- Protected Member Functions inherited from client_registration::registration
fido_dev_info_t * discover_fido2_devices (size_t num_devices)
 Discover available devices. More...
 
- Protected Attributes inherited from client_registration::registration
fido_cred_t * m_cred
 
bool m_is_fido2 {false}
 

Detailed Description

This class is used to perform registration step on client side.

Constructor & Destructor Documentation

◆ webauthn_registration()

webauthn_registration::webauthn_registration ( )
inline

Member Function Documentation

◆ generate_signature()

bool webauthn_registration::generate_signature ( )
overridevirtual

This method checks if a token device is available on client host.

If device is present, device expects user to perform gesture action, upon which device generates credential details, which consists of authenticator data, signature and optional x509 certificate which is passed to server.

Return values
FIDO_OK(false)successful generation of credentials.
trueerror occurred.

Implements client_registration::registration.

◆ get_client_data_json()

std::string webauthn_registration::get_client_data_json ( )

◆ get_client_data_json_len()

size_t webauthn_registration::get_client_data_json_len ( )

◆ make_challenge_response()

bool webauthn_registration::make_challenge_response ( unsigned char *&  challenge_response)
overridevirtual

This method will extract authenticator data, signature, certificate from fido_cred_t struct, construct a buffer holding this data which will be converted to base64 format before passing to server.

Format of challenge response is: [1 byte capability] [length encoded authenticator data] [length encoded signature] [length encoded certificate] [length encoded serialized client data JSON]

Parameters
[out]challenge_responsebuffer to hold challenge response
Return values
falsesuccess
truefailure

Implements client_registration::registration.

◆ parse_challenge()

bool webauthn_registration::parse_challenge ( const char *  challenge)
overridevirtual

Helper method to parse the challenge received from server during registration process.

This method extracts 1 byte capability flag, salt, user name, relying party ID and set it in fido_cred_t.

Parameters
[in]challengebuffer holding the server challenge
Return values
falsesuccess
truefailure

Implements client_registration::registration.

◆ set_client_data()

void webauthn_registration::set_client_data ( const unsigned char *  salt,
const char *  rp 
)
overridevirtual

Helper method to set client data context.

Client data format is: SHA256({ "type": "webauthn.create", "challenge": url_safe_base64("32 byte random"), "origin": authentication_webauthn_rp_id, "crossOrigin": false })

Parameters
[in]saltbuffer holding random salt
[in]rprelying party name aka origin

Implements client_registration::registration.

Member Data Documentation

◆ m_client_data_json

std::string webauthn_registration::m_client_data_json
private

The documentation for this class was generated from the following files: