From 3cd39768a557a94043f7b9fa375a8c958797b8af Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Fri, 16 Aug 2024 15:26:58 -0700 Subject: [PATCH] Add the `topOrigin` field to the limited clientData verification algorithm. I was asked to to the PR for this issue, without looking at the submitted PR, in order to avoid IPR issues that would arise from a change by a non-member. The `topOrigin` field was added the the CollectedClientData, and the serialization algorithm, but not the verification algorithm. This PR addresses that. Fixes #2102 --- index.bs | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/index.bs b/index.bs index dd18bed90..60bf401cd 100644 --- a/index.bs +++ b/index.bs @@ -3919,7 +3919,9 @@ Verifiers may use the following algorithm to verify an encoded {{CollectedClient 1. A string, |type|, that contains the expected {{CollectedClientData/type}}. 1. A byte string, |challenge|, that contains the challenge byte string that was given in the {{PublicKeyCredentialRequestOptions}} or {{PublicKeyCredentialCreationOptions}}. 1. A string, |origin|, that contains the expected {{CollectedClientData/origin}} that issued the request to the user agent. - 1. A boolean, |crossOrigin|, that is true if, and only if, the request should have been performed within a cross-origin <{iframe}>. + 1. A string or null value, |expectedTopOrigin|, which contains the expected [=top-level origin=] for a cross-origin request, or else a null value to indicate that request must not have been performed in a cross-origin <{iframe}>. + + Note: a non-null value for |expectedTopOrigin| will cause all {{CollectedClientData}} structures generated by previous versions of this specification to be rejected as previous versions did not serialize the [=top-level origin=]. 1. Let |expected| be an empty byte string. 1. Append 0x7b2274797065223a (`{"type":`) to |expected|. 1. Append [=CCDToString=](|type|) to |expected|. @@ -3929,10 +3931,11 @@ Verifiers may use the following algorithm to verify an encoded {{CollectedClient 1. Append 0x2c226f726967696e223a (`,"origin":`) to |expected|. 1. Append [=CCDToString=](|origin|) to |expected|. 1. Append 0x2c2263726f73734f726967696e223a (`,"crossOrigin":`) to |expected|. -1. If |crossOrigin| is true: - 1. Append 0x74727565 (`true`) to |expected|. -1. Otherwise, i.e. |crossOrigin| is false: +1. If |expectedTopOrigin| is null: 1. Append 0x66616c7365 (`false`) to |expected|. +1. Else: + 1. Append 0x747275652c22746f704f726967696e223a (`true,"topOrigin":`) to |expected|. + 1. Append [=CDDToString=](|expectedTopOrigin|) to |expected|. 1. If |expected| is not a prefix of |clientDataJSON| then the verification has failed. 1. If |clientDataJSON| is not at least one byte longer than |expected| then the verification has failed. 1. If the byte of |clientDataJSON| at the offset equal to the length of |expected|: