webauthn_registration Class Reference

This class is used to perform registration step on client side. More...

#include <webauthn_registration.h>

Inheritance diagram for webauthn_registration:

Public Member Functions
	webauthn_registration ()
bool	parse_challenge (const char *challenge) override
	Helper method to parse the challenge received from server during registration process. More...
bool	make_challenge_response (unsigned char *&buf) override
	This method will extract authenticator data, signature, certificate from fido_cred_t struct, construct a buffer holding this data which will be converted to base64 format before passing to server. More...
void	set_client_data (const unsigned char *, const char *) override
	Helper method to set client data context. More...
bool	generate_signature () override
	This method checks if a token device is available on client host. More...
size_t	get_client_data_json_len ()
std::string	get_client_data_json ()
Public Member Functions inherited from client_registration::registration
	registration ()
	Construcutor to allocate memory for performing attestation (registration) More...
virtual	~registration ()
	Standard destructor. More...
bool	make_credentials (const char *challenge)
	This method fills in all information required to initiate registration process. More...
void	set_rp_id (std::string rp_id)
	Method to set the relying party name or id. More...
void	set_user (std::string user)
	Set method to set user name. More...
size_t	get_authdata_len ()
	Method to get length of authenticator data. More...
const unsigned char *	get_authdata_ptr ()
	Method to get authenticator data. More...
size_t	get_sig_len ()
	Method to get length of signature. More...
const unsigned char *	get_sig_ptr ()
	Method to get signature data. More...
size_t	get_x5c_len ()
	Method to get length of x509 certificate. More...
const unsigned char *	get_x5c_ptr ()
	Method to get x509 certificate. More...
const char *	get_rp_id ()
	Method to get rp id. More...
bool	is_fido2 ()
	Method to check if token device supports CTAP2.1 resident keys feature. More...
const unsigned char *	get_attestation_statement_ptr ()
	Gets the full attestation statement blob. More...
size_t	get_attestation_statement_length ()
	Gets the length of the full attestation statement blob. More...
const char *	get_fmt ()

Private Attributes
std::string	m_client_data_json

Additional Inherited Members
Protected Member Functions inherited from client_registration::registration
fido_dev_info_t *	discover_fido2_devices (size_t num_devices)
	Discover available devices. More...
Protected Attributes inherited from client_registration::registration
fido_cred_t *	m_cred
bool	m_is_fido2 {false}

Detailed Description

This class is used to perform registration step on client side.

Constructor & Destructor Documentation

webauthn_registration()

webauthn_registration::webauthn_registration ( )

inline

Member Function Documentation

generate_signature()

bool webauthn_registration::generate_signature ( )

overridevirtual

This method checks if a token device is available on client host.

If device is present, device expects user to perform gesture action, upon which device generates credential details, which consists of authenticator data, signature and optional x509 certificate which is passed to server.

Return values

FIDO_OK(false)	successful generation of credentials.
true	error occurred.

Implements client_registration::registration.

get_client_data_json()

std::string webauthn_registration::get_client_data_json

(

)

get_client_data_json_len()

size_t webauthn_registration::get_client_data_json_len

(

)

make_challenge_response()

bool webauthn_registration::make_challenge_response ( unsigned char *&  challenge_response )

overridevirtual

This method will extract authenticator data, signature, certificate from fido_cred_t struct, construct a buffer holding this data which will be converted to base64 format before passing to server.

Format of challenge response is: [1 byte capability] [length encoded authenticator data] [length encoded signature: not used if attestation present] [length encoded certificate: not used if attestation present] [length encoded serialized client data JSON] [length encoded serialized attestation statement CBOR] [length encoded format string]

Parameters

[out]

challenge_response

buffer to hold challenge response

Return values

false	success
true	failure

send the fmt

Implements client_registration::registration.

parse_challenge()

bool webauthn_registration::parse_challenge ( const char *  challenge )

overridevirtual

Helper method to parse the challenge received from server during registration process.

This method extracts 1 byte capability flag, salt, user name, relying party ID and set it in fido_cred_t.

Parameters

[in]

challenge

buffer holding the server challenge

Return values

false	success
true	failure

Implements client_registration::registration.

set_client_data()

void webauthn_registration::set_client_data ( const unsigned char *  salt, const char *  rp  )

overridevirtual

Helper method to set client data context.

Client data format is: SHA256({ "type": "webauthn.create", "challenge": url_safe_base64("32 byte random"), "origin": authentication_webauthn_rp_id, "crossOrigin": false })

Parameters

[in]	salt	buffer holding random salt
[in]	rp	relying party name aka origin

Implements client_registration::registration.

Member Data Documentation

m_client_data_json

std::string webauthn_registration::m_client_data_json

private

---

The documentation for this class was generated from the following files:

• libmysql/fido_client/authentication_webauthn/webauthn_registration.h
• libmysql/fido_client/authentication_webauthn/webauthn_registration.cc