mirror of
https://github.com/servo/servo.git
synced 2025-06-06 16:45:39 +00:00
119 lines
No EOL
7.5 KiB
HTML
119 lines
No EOL
7.5 KiB
HTML
<!DOCTYPE html>
|
|
<meta charset="utf-8">
|
|
<title>WebAuthn credential.create() Passing Tests</title>
|
|
<link rel="author" title="Adam Powers" href="mailto:adam@fidoalliance.org">
|
|
<link rel="help" href="https://w3c.github.io/webauthn/#iface-credential">
|
|
<script src="/resources/testharness.js"></script>
|
|
<script src="/resources/testharnessreport.js"></script>
|
|
<script src=helpers.js></script>
|
|
<body></body>
|
|
<script>
|
|
standardSetup(function() {
|
|
"use strict";
|
|
|
|
// CreateCredentialTest passing tests
|
|
|
|
// default arguments
|
|
new CreateCredentialsTest().runTest("passing credentials.create() with default arguments");
|
|
|
|
// rp
|
|
new CreateCredentialsTest({path: "options.publicKey.rp.id", value: window.location.host}).runTest("passing credentials.create() with rpId (host and port)");
|
|
new CreateCredentialsTest({path: "options.publicKey.rp.id", value: window.location.hostname}).runTest("passing credentials.create() with rpId (hostname)");
|
|
new CreateCredentialsTest({path: "options.publicKey.rp.icon", value: undefined}).runTest("passing credentials.create() without rp.icon");
|
|
|
|
// user
|
|
new CreateCredentialsTest("options.publicKey.user.id", new ArrayBuffer(1)).runTest("very short user id");
|
|
new CreateCredentialsTest("options.publicKey.user.id", new ArrayBuffer(64)).runTest("max length user id");
|
|
new CreateCredentialsTest("options.publicKey.user.id", new Uint8Array(64)).runTest("Uint8Array user id");
|
|
new CreateCredentialsTest("options.publicKey.user.id", new Int8Array(64)).runTest("Int8Array user id");
|
|
new CreateCredentialsTest("options.publicKey.user.id", new Int16Array(32)).runTest("Int16Array user id");
|
|
new CreateCredentialsTest("options.publicKey.user.id", new Int32Array(16)).runTest("Int32Array user id");
|
|
new CreateCredentialsTest("options.publicKey.user.id", new Float32Array(16)).runTest("Float32Array user id");
|
|
var dvBuf1 = new ArrayBuffer(16);
|
|
new CreateCredentialsTest("options.publicKey.user.id", new DataView(dvBuf1)).runTest("DataView user id");
|
|
new CreateCredentialsTest({path: "options.publicKey.user.icon", value: undefined}).runTest("passing credentials.create() without user.icon");
|
|
|
|
// good challenge values
|
|
// all these challenges are zero-filled buffers... think anyone will complain?
|
|
new CreateCredentialsTest("options.publicKey.challenge", new Int16Array(33)).runTest("Int16Array challenge");
|
|
new CreateCredentialsTest("options.publicKey.challenge", new Int32Array(17)).runTest("Int32Array challenge");
|
|
new CreateCredentialsTest("options.publicKey.challenge", new Float32Array(17)).runTest("Float32Array challenge");
|
|
new CreateCredentialsTest("options.publicKey.challenge", new Float64Array(9)).runTest("Float64Array challenge");
|
|
var dvBuf2 = new ArrayBuffer(65);
|
|
new CreateCredentialsTest("options.publicKey.challenge", new DataView(dvBuf2)).runTest("DataView challenge");
|
|
new CreateCredentialsTest("options.publicKey.challenge", new ArrayBuffer(8192)).runTest("Absurdly large challenge");
|
|
|
|
// good pubKeyCredParams values
|
|
new CreateCredentialsTest("options.publicKey.pubKeyCredParams", []).runTest("Bad pubKeyCredParams: pubKeyCredParams is empty Array");
|
|
const pkParamEC256 = {
|
|
type: "public-key",
|
|
alg: cose_alg_ECDSA_w_SHA256
|
|
};
|
|
const pkParamEC512 = {
|
|
type: "public-key",
|
|
alg: cose_alg_ECDSA_w_SHA512
|
|
};
|
|
// XXX: presumes all mock authenticators support EC256
|
|
new CreateCredentialsTest("options.publicKey.pubKeyCredParams", [pkParamEC256]).runTest("EC256 pubKeyCredParams");
|
|
new CreateCredentialsTest("options.publicKey.pubKeyCredParams", [pkParamEC512, pkParamEC256])
|
|
.runTest("SelectEC256 pubKeyCredParams from a list");
|
|
// TODO: currently most browsers are mocking FIDO U2F, which is EC256 only
|
|
// new CreateCredentialsTest("options.publicKey.pubKeyCredParams", [pkParamEC512]).runTest("EC512 pubKeyCredParams");
|
|
|
|
// NOTE: excludeCredentials parameter -- see also: createcredential-excludecredentials.https.html
|
|
|
|
// timeout
|
|
new CreateCredentialsTest({path: "options.publicKey.timeout", value: undefined}).runTest("passing credentials.create() with no timeout");
|
|
|
|
// valid authenticatorSelection values
|
|
var defaultAuthnrSel = {
|
|
authenticatorAttachment: "cross-platform",
|
|
requireResidentKey: false,
|
|
userVerification: "preferred"
|
|
};
|
|
// attachment
|
|
var authnrSelAttachUndef = cloneObject(defaultAuthnrSel);
|
|
authnrSelAttachUndef.authenticatorAttachment = undefined;
|
|
// resident key
|
|
var authnrSelRkUndef = cloneObject(defaultAuthnrSel);
|
|
authnrSelRkUndef.requireResidentKey = undefined;
|
|
var authnrSelRkFalse = cloneObject(defaultAuthnrSel);
|
|
authnrSelRkFalse.requireResidentKey = false;
|
|
// user verification
|
|
var authnrSelUvUndef = cloneObject(defaultAuthnrSel);
|
|
authnrSelUvUndef.userVerification = undefined;
|
|
var authnrSelUvDiscouraged = cloneObject(defaultAuthnrSel);
|
|
authnrSelUvDiscouraged.userVerification = "discouraged";
|
|
new CreateCredentialsTest({path: "options.publicKey.authenticatorSelection", value: undefined}).runTest("authenticatorSelection is undefined");
|
|
new CreateCredentialsTest("options.publicKey.authenticatorSelection", {}).runTest("authenticatorSelection is empty object");
|
|
new CreateCredentialsTest("options.publicKey.authenticatorSelection", cloneObject(defaultAuthnrSel)).runTest("authenticatorSelection default values");
|
|
|
|
// authnr selection attachment
|
|
new CreateCredentialsTest("options.publicKey.authenticatorSelection", authnrSelAttachUndef).runTest("authenticatorSelection attachment undefined");
|
|
|
|
// authnr selection resident key
|
|
new CreateCredentialsTest("options.publicKey.authenticatorSelection", authnrSelRkUndef).runTest("authenticatorSelection residentKey undefined");
|
|
// XXX: assumes authnr is behaving like most U2F authnrs; really depends on the authnr or mock configuration
|
|
new CreateCredentialsTest("options.publicKey.authenticatorSelection", authnrSelRkFalse).runTest("authenticatorSelection residentKey false");
|
|
|
|
// authnr selection user verification
|
|
new CreateCredentialsTest("options.publicKey.authenticatorSelection", authnrSelUvUndef).runTest("authenticatorSelection userVerification undefined");
|
|
new CreateCredentialsTest("options.publicKey.authenticatorSelection", authnrSelUvDiscouraged).runTest("authenticatorSelection userVerification discouraged");
|
|
|
|
|
|
// good attestation values
|
|
new CreateCredentialsTest("options.publicKey.attestation", "none").runTest("attestation parameter: attestation is \"none\"");
|
|
new CreateCredentialsTest("options.publicKey.attestation", "indirect").runTest("attestation parameter: attestation is \"indirect\"");
|
|
new CreateCredentialsTest("options.publicKey.attestation", "direct").runTest("attestation parameter: attestation is \"direct\"");
|
|
new CreateCredentialsTest({path: "options.publicKey.attestation", value: undefined}).runTest("attestation parameter: attestation is undefined");
|
|
// TODO: test this with multiple mock authenticators to make sure that the right options are chosen when available?
|
|
|
|
// good extension values
|
|
new CreateCredentialsTest({path: "options.publicKey.extensions", value: undefined}).runTest("extensions undefined");
|
|
new CreateCredentialsTest("options.publicKey.extensions", {}).runTest("extensions are empty object");
|
|
new CreateCredentialsTest("options.publicKey.extensions", {foo: "", bar: "", bat: ""}).runTest("extensions are dict of empty strings");
|
|
});
|
|
|
|
/* JSHINT */
|
|
/* globals standardSetup, CreateCredentialsTest, cose_alg_ECDSA_w_SHA256, cose_alg_ECDSA_w_SHA512, cloneObject */
|
|
</script> |