| 1 | // Copyright (c) 2018, Yubico AB | |
| 2 | // All rights reserved. | |
| 3 | // | |
| 4 | // Redistribution and use in source and binary forms, with or without | |
| 5 | // modification, are permitted provided that the following conditions are met: | |
| 6 | // | |
| 7 | // 1. Redistributions of source code must retain the above copyright notice, this | |
| 8 | // list of conditions and the following disclaimer. | |
| 9 | // | |
| 10 | // 2. Redistributions in binary form must reproduce the above copyright notice, | |
| 11 | // this list of conditions and the following disclaimer in the documentation | |
| 12 | // and/or other materials provided with the distribution. | |
| 13 | // | |
| 14 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" | |
| 15 | // AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
| 16 | // IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | |
| 17 | // DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE | |
| 18 | // FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
| 19 | // DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR | |
| 20 | // SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER | |
| 21 | // CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, | |
| 22 | // OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | |
| 23 | // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
| 24 | ||
| 25 | package com.yubico.webauthn.data; | |
| 26 | ||
| 27 | import com.fasterxml.jackson.annotation.JsonCreator; | |
| 28 | import com.fasterxml.jackson.annotation.JsonProperty; | |
| 29 | import lombok.EqualsAndHashCode; | |
| 30 | import lombok.ToString; | |
| 31 | ||
| 32 | /** | |
| 33 | * The flags bit field of an authenticator data structure, decoded as a high-level object. | |
| 34 | * | |
| 35 | * @see <a href="https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#flags">Table 1</a> | |
| 36 | */ | |
| 37 | @ToString | |
| 38 | @EqualsAndHashCode | |
| 39 | public final class AuthenticatorDataFlags { | |
| 40 | public final byte value; | |
| 41 | ||
| 42 | /** User present */ | |
| 43 | public final boolean UP; | |
| 44 | ||
| 45 | /** User verified */ | |
| 46 | public final boolean UV; | |
| 47 | ||
| 48 | /** | |
| 49 | * Backup eligible: the credential can and is allowed to be backed up. | |
| 50 | * | |
| 51 | * <p>NOTE that this is only a hint and not a guarantee, unless backed by a trusted authenticator | |
| 52 | * attestation. | |
| 53 | * | |
| 54 | * @see <a href="https://w3c.github.io/webauthn/#authdata-flags-be">§6.1. Authenticator Data</a> | |
| 55 | * @deprecated EXPERIMENTAL: This feature is from a not yet mature standard; it could change as | |
| 56 | * the standard matures. | |
| 57 | */ | |
| 58 | @Deprecated public final boolean BE; | |
| 59 | ||
| 60 | /** | |
| 61 | * Backup status: the credential is currently backed up. | |
| 62 | * | |
| 63 | * <p>NOTE that this is only a hint and not a guarantee, unless backed by a trusted authenticator | |
| 64 | * attestation. | |
| 65 | * | |
| 66 | * @see <a href="https://w3c.github.io/webauthn/#authdata-flags-bs">§6.1. Authenticator Data</a> | |
| 67 | * @deprecated EXPERIMENTAL: This feature is from a not yet mature standard; it could change as | |
| 68 | * the standard matures. | |
| 69 | */ | |
| 70 | @Deprecated public final boolean BS; | |
| 71 | ||
| 72 | /** | |
| 73 | * Attested credential data present. | |
| 74 | * | |
| 75 | * <p>Users of this library should not need to inspect this value directly. | |
| 76 | * | |
| 77 | * @see AuthenticatorData#getAttestedCredentialData() | |
| 78 | */ | |
| 79 | public final boolean AT; | |
| 80 | ||
| 81 | /** | |
| 82 | * Extension data present. | |
| 83 | * | |
| 84 | * @see AuthenticatorData#getExtensions() | |
| 85 | */ | |
| 86 | public final boolean ED; | |
| 87 | ||
| 88 | /** Decode an {@link AuthenticatorDataFlags} object from a raw bit field byte. */ | |
| 89 | @JsonCreator | |
| 90 | public AuthenticatorDataFlags(@JsonProperty("value") byte value) { | |
| 91 | this.value = value; | |
| 92 | ||
| 93 |
2
1. <init> : Replaced bitwise AND with OR → KILLED 2. <init> : negated conditional → KILLED |
UP = (value & Bitmasks.UP) != 0; |
| 94 |
2
1. <init> : Replaced bitwise AND with OR → KILLED 2. <init> : negated conditional → KILLED |
UV = (value & Bitmasks.UV) != 0; |
| 95 |
2
1. <init> : Replaced bitwise AND with OR → KILLED 2. <init> : negated conditional → KILLED |
BE = (value & Bitmasks.BE) != 0; |
| 96 |
2
1. <init> : Replaced bitwise AND with OR → KILLED 2. <init> : negated conditional → KILLED |
BS = (value & Bitmasks.BS) != 0; |
| 97 |
2
1. <init> : Replaced bitwise AND with OR → KILLED 2. <init> : negated conditional → KILLED |
AT = (value & Bitmasks.AT) != 0; |
| 98 |
2
1. <init> : Replaced bitwise AND with OR → KILLED 2. <init> : negated conditional → KILLED |
ED = (value & Bitmasks.ED) != 0; |
| 99 | ||
| 100 |
2
1. <init> : negated conditional → KILLED 2. <init> : negated conditional → KILLED |
if (BS && !BE) { |
| 101 | throw new IllegalArgumentException( | |
| 102 | String.format("Flag combination is invalid: BE=0, BS=1 in flags: 0x%02x", value)); | |
| 103 | } | |
| 104 | } | |
| 105 | ||
| 106 | private static final class Bitmasks { | |
| 107 | static final byte UP = 0x01; | |
| 108 | static final byte UV = 0x04; | |
| 109 | static final byte BE = 0x08; | |
| 110 | static final byte BS = 0x10; | |
| 111 | static final byte AT = 0x40; | |
| 112 | static final byte ED = -0x80; | |
| 113 | ||
| 114 | /* Reserved bits */ | |
| 115 | // static final byte RFU1 = 0x02; | |
| 116 | // static final byte RFU2 = 0x20; | |
| 117 | } | |
| 118 | } | |
Mutations | ||
| 93 |
1.1 2.2 |
|
| 94 |
1.1 2.2 |
|
| 95 |
1.1 2.2 |
|
| 96 |
1.1 2.2 |
|
| 97 |
1.1 2.2 |
|
| 98 |
1.1 2.2 |
|
| 100 |
1.1 2.2 |