1 | // Copyright (c) 2018, Yubico AB | |
2 | // All rights reserved. | |
3 | // | |
4 | // Redistribution and use in source and binary forms, with or without | |
5 | // modification, are permitted provided that the following conditions are met: | |
6 | // | |
7 | // 1. Redistributions of source code must retain the above copyright notice, this | |
8 | // list of conditions and the following disclaimer. | |
9 | // | |
10 | // 2. Redistributions in binary form must reproduce the above copyright notice, | |
11 | // this list of conditions and the following disclaimer in the documentation | |
12 | // and/or other materials provided with the distribution. | |
13 | // | |
14 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" | |
15 | // AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
16 | // IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | |
17 | // DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE | |
18 | // FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
19 | // DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR | |
20 | // SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER | |
21 | // CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, | |
22 | // OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | |
23 | // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
24 | ||
25 | package com.yubico.webauthn.data; | |
26 | ||
27 | import com.fasterxml.jackson.annotation.JsonCreator; | |
28 | import com.fasterxml.jackson.annotation.JsonProperty; | |
29 | import com.fasterxml.jackson.core.JsonProcessingException; | |
30 | import com.fasterxml.jackson.databind.ObjectMapper; | |
31 | import com.fasterxml.jackson.databind.node.ObjectNode; | |
32 | import com.yubico.internal.util.CollectionUtil; | |
33 | import com.yubico.internal.util.JacksonCodecs; | |
34 | import com.yubico.webauthn.FinishRegistrationOptions; | |
35 | import com.yubico.webauthn.RelyingParty; | |
36 | import java.security.KeyFactory; | |
37 | import java.security.NoSuchAlgorithmException; | |
38 | import java.security.Signature; | |
39 | import java.util.Collections; | |
40 | import java.util.List; | |
41 | import java.util.Optional; | |
42 | import java.util.Set; | |
43 | import java.util.TreeSet; | |
44 | import java.util.stream.Collectors; | |
45 | import lombok.Builder; | |
46 | import lombok.NonNull; | |
47 | import lombok.Value; | |
48 | import lombok.extern.slf4j.Slf4j; | |
49 | ||
50 | /** | |
51 | * Parameters for a call to <code>navigator.credentials.create()</code>. | |
52 | * | |
53 | * @see <a | |
54 | * href="https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#dictdef-publickeycredentialcreationoptions">§5.4. | |
55 | * Options for Credential Creation (dictionary PublicKeyCredentialCreationOptions)</a> | |
56 | */ | |
57 | @Slf4j | |
58 | @Value | |
59 | @Builder(toBuilder = true) | |
60 | public class PublicKeyCredentialCreationOptions { | |
61 | ||
62 | /** | |
63 | * Contains data about the Relying Party responsible for the request. | |
64 | * | |
65 | * <p>Its value's {@link RelyingPartyIdentity#getId() id} member specifies the <a | |
66 | * href="https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#rp-id">RP ID</a> the credential | |
67 | * should be scoped to. If omitted, its value will be set by the client. See {@link | |
68 | * RelyingPartyIdentity} for further details. | |
69 | */ | |
70 | @NonNull private final RelyingPartyIdentity rp; | |
71 | ||
72 | /** Contains data about the user account for which the Relying Party is requesting attestation. */ | |
73 | @NonNull private final UserIdentity user; | |
74 | ||
75 | /** | |
76 | * A challenge intended to be used for generating the newly created credential’s attestation | |
77 | * object. See the <a | |
78 | * href="https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#sctn-cryptographic-challenges">§13.1 | |
79 | * Cryptographic Challenges</a> security consideration. | |
80 | */ | |
81 | @NonNull private final ByteArray challenge; | |
82 | ||
83 | /** | |
84 | * Information about the desired properties of the credential to be created. | |
85 | * | |
86 | * <p>The sequence is ordered from most preferred to least preferred. The client makes a | |
87 | * best-effort to create the most preferred credential that it can. | |
88 | */ | |
89 | @NonNull private final List<PublicKeyCredentialParameters> pubKeyCredParams; | |
90 | ||
91 | /** | |
92 | * A time, in milliseconds, that the caller is willing to wait for the call to complete. This is | |
93 | * treated as a hint, and MAY be overridden by the client. | |
94 | */ | |
95 | private final Long timeout; | |
96 | ||
97 | /** | |
98 | * Intended for use by Relying Parties that wish to limit the creation of multiple credentials for | |
99 | * the same account on a single authenticator. The client is requested to return an error if the | |
100 | * new credential would be created on an authenticator that also contains one of the credentials | |
101 | * enumerated in this parameter. | |
102 | */ | |
103 | private final Set<PublicKeyCredentialDescriptor> excludeCredentials; | |
104 | ||
105 | /** | |
106 | * Intended for use by Relying Parties that wish to select the appropriate authenticators to | |
107 | * participate in the create() operation. | |
108 | */ | |
109 | private final AuthenticatorSelectionCriteria authenticatorSelection; | |
110 | ||
111 | /** | |
112 | * Intended for use by Relying Parties that wish to express their preference for attestation | |
113 | * conveyance. The default is {@link AttestationConveyancePreference#NONE}. | |
114 | */ | |
115 | @NonNull private final AttestationConveyancePreference attestation; | |
116 | ||
117 | /** | |
118 | * Additional parameters requesting additional processing by the client and authenticator. | |
119 | * | |
120 | * <p>For example, the caller may request that only authenticators with certain capabilities be | |
121 | * used to create the credential, or that particular information be returned in the attestation | |
122 | * object. Some extensions are defined in <a | |
123 | * href="https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#sctn-extensions">§9 WebAuthn | |
124 | * Extensions</a>; consult the IANA "WebAuthn Extension Identifier" registry established by <a | |
125 | * href="https://tools.ietf.org/html/draft-hodges-webauthn-registries">[WebAuthn-Registries]</a> | |
126 | * for an up-to-date list of registered WebAuthn Extensions. | |
127 | */ | |
128 | @NonNull private final RegistrationExtensionInputs extensions; | |
129 | ||
130 | @Builder | |
131 | @JsonCreator | |
132 | private PublicKeyCredentialCreationOptions( | |
133 |
1
1. <init> : negated conditional → KILLED |
@NonNull @JsonProperty("rp") RelyingPartyIdentity rp, |
134 |
1
1. <init> : negated conditional → KILLED |
@NonNull @JsonProperty("user") UserIdentity user, |
135 |
1
1. <init> : negated conditional → KILLED |
@NonNull @JsonProperty("challenge") ByteArray challenge, |
136 |
1
1. <init> : negated conditional → KILLED |
@NonNull @JsonProperty("pubKeyCredParams") |
137 | List<PublicKeyCredentialParameters> pubKeyCredParams, | |
138 | @JsonProperty("timeout") Long timeout, | |
139 | @JsonProperty("excludeCredentials") Set<PublicKeyCredentialDescriptor> excludeCredentials, | |
140 | @JsonProperty("authenticatorSelection") AuthenticatorSelectionCriteria authenticatorSelection, | |
141 | @JsonProperty("attestation") AttestationConveyancePreference attestation, | |
142 | @JsonProperty("extensions") RegistrationExtensionInputs extensions) { | |
143 | this.rp = rp; | |
144 | this.user = user; | |
145 | this.challenge = challenge; | |
146 | this.pubKeyCredParams = filterAvailableAlgorithms(pubKeyCredParams); | |
147 | this.timeout = timeout; | |
148 | this.excludeCredentials = | |
149 |
1
1. <init> : negated conditional → KILLED |
excludeCredentials == null |
150 | ? null | |
151 | : CollectionUtil.immutableSortedSet(new TreeSet<>(excludeCredentials)); | |
152 | this.authenticatorSelection = authenticatorSelection; | |
153 |
1
1. <init> : negated conditional → KILLED |
this.attestation = attestation == null ? AttestationConveyancePreference.NONE : attestation; |
154 | this.extensions = | |
155 |
1
1. <init> : negated conditional → KILLED |
extensions == null ? RegistrationExtensionInputs.builder().build() : extensions; |
156 | } | |
157 | ||
158 | /** | |
159 | * Serialize this {@link PublicKeyCredentialCreationOptions} value to JSON suitable for sending to | |
160 | * the client. | |
161 | * | |
162 | * <p>Any {@link ByteArray} values in this data structure will be {@link ByteArray#getBase64Url() | |
163 | * Base64Url} encoded. Those values MUST be decoded into <code>BufferSource</code> values (such as | |
164 | * <code>Uint8Array</code>) on the client side before calling <code>navigator.credentials.create() | |
165 | * </code>. | |
166 | * | |
167 | * <p>After decoding binary values, the resulting JavaScript object is suitable for passing as an | |
168 | * argument to <code>navigator.credentials.create()</code>. | |
169 | * | |
170 | * @return a JSON value suitable for sending to the client and passing as an argument to <code> | |
171 | * navigator.credentials.create()</code>, after decoding binary options from Base64Url | |
172 | * strings. | |
173 | * @throws JsonProcessingException if JSON serialization fails. | |
174 | */ | |
175 | public String toCredentialsCreateJson() throws JsonProcessingException { | |
176 | ObjectMapper json = JacksonCodecs.json(); | |
177 | ObjectNode result = json.createObjectNode(); | |
178 | result.set("publicKey", json.valueToTree(this)); | |
179 |
1
1. toCredentialsCreateJson : replaced return value with "" for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions::toCredentialsCreateJson → KILLED |
return json.writeValueAsString(result); |
180 | } | |
181 | ||
182 | /** | |
183 | * Encode this {@link PublicKeyCredentialCreationOptions} to JSON. The inverse of {@link | |
184 | * #fromJson(String)}. | |
185 | * | |
186 | * <p>This method is suitable for encoding the {@link PublicKeyCredentialCreationOptions} for | |
187 | * temporary storage so that it can later be passed as an argument to {@link | |
188 | * RelyingParty#finishRegistration(FinishRegistrationOptions)}. The {@link #fromJson(String)} | |
189 | * factory function is guaranteed to restore an identical {@link | |
190 | * PublicKeyCredentialCreationOptions} instance. | |
191 | * | |
192 | * <p>Note that encoding might not be needed if you can simply keep the {@link | |
193 | * PublicKeyCredentialCreationOptions} instance in server memory. | |
194 | * | |
195 | * @return this {@link PublicKeyCredentialCreationOptions} encoded to JSON. | |
196 | * @throws JsonProcessingException | |
197 | */ | |
198 | public String toJson() throws JsonProcessingException { | |
199 |
1
1. toJson : replaced return value with "" for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions::toJson → KILLED |
return JacksonCodecs.json().writeValueAsString(this); |
200 | } | |
201 | ||
202 | /** | |
203 | * Decode a {@link PublicKeyCredentialCreationOptions} from JSON. The inverse of {@link | |
204 | * #toJson()}. | |
205 | * | |
206 | * <p>If the JSON was generated by the {@link #toJson()} method, then {@link #fromJson(String)} in | |
207 | * the same library version guarantees to restore an identical {@link | |
208 | * PublicKeyCredentialCreationOptions} instance. This is not guaranteed between different library | |
209 | * versions. | |
210 | * | |
211 | * @return a {@link PublicKeyCredentialCreationOptions} decoded from the input JSON. | |
212 | * @throws JsonProcessingException | |
213 | */ | |
214 | public static PublicKeyCredentialCreationOptions fromJson(String json) | |
215 | throws JsonProcessingException { | |
216 |
1
1. fromJson : replaced return value with null for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions::fromJson → KILLED |
return JacksonCodecs.json().readValue(json, PublicKeyCredentialCreationOptions.class); |
217 | } | |
218 | ||
219 | public Optional<Long> getTimeout() { | |
220 |
1
1. getTimeout : replaced return value with Optional.empty for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions::getTimeout → KILLED |
return Optional.ofNullable(timeout); |
221 | } | |
222 | ||
223 | public Optional<Set<PublicKeyCredentialDescriptor>> getExcludeCredentials() { | |
224 |
1
1. getExcludeCredentials : replaced return value with Optional.empty for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions::getExcludeCredentials → KILLED |
return Optional.ofNullable(excludeCredentials); |
225 | } | |
226 | ||
227 | public Optional<AuthenticatorSelectionCriteria> getAuthenticatorSelection() { | |
228 |
1
1. getAuthenticatorSelection : replaced return value with Optional.empty for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions::getAuthenticatorSelection → KILLED |
return Optional.ofNullable(authenticatorSelection); |
229 | } | |
230 | ||
231 | public static PublicKeyCredentialCreationOptionsBuilder.MandatoryStages builder() { | |
232 |
1
1. builder : replaced return value with null for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions::builder → KILLED |
return new PublicKeyCredentialCreationOptionsBuilder.MandatoryStages(); |
233 | } | |
234 | ||
235 | public static class PublicKeyCredentialCreationOptionsBuilder { | |
236 | private Long timeout = null; | |
237 | private Set<PublicKeyCredentialDescriptor> excludeCredentials = null; | |
238 | private AuthenticatorSelectionCriteria authenticatorSelection = null; | |
239 | ||
240 | public static class MandatoryStages { | |
241 | private final PublicKeyCredentialCreationOptionsBuilder builder = | |
242 | new PublicKeyCredentialCreationOptionsBuilder(); | |
243 | ||
244 | /** | |
245 | * {@link PublicKeyCredentialCreationOptionsBuilder#rp(RelyingPartyIdentity) rp} is a required | |
246 | * parameter. | |
247 | * | |
248 | * @see PublicKeyCredentialCreationOptionsBuilder#rp(RelyingPartyIdentity) | |
249 | */ | |
250 | public Step2 rp(RelyingPartyIdentity rp) { | |
251 | builder.rp(rp); | |
252 |
1
1. rp : replaced return value with null for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions$PublicKeyCredentialCreationOptionsBuilder$MandatoryStages::rp → KILLED |
return new Step2(); |
253 | } | |
254 | ||
255 | public class Step2 { | |
256 | /** | |
257 | * {@link PublicKeyCredentialCreationOptionsBuilder#user(UserIdentity) user} is a required | |
258 | * parameter. | |
259 | * | |
260 | * @see PublicKeyCredentialCreationOptionsBuilder#user(UserIdentity) | |
261 | */ | |
262 | public Step3 user(UserIdentity user) { | |
263 | builder.user(user); | |
264 |
1
1. user : replaced return value with null for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions$PublicKeyCredentialCreationOptionsBuilder$MandatoryStages$Step2::user → KILLED |
return new Step3(); |
265 | } | |
266 | } | |
267 | ||
268 | public class Step3 { | |
269 | /** | |
270 | * {@link PublicKeyCredentialCreationOptionsBuilder#challenge(ByteArray) challenge} is a | |
271 | * required parameter. | |
272 | * | |
273 | * @see PublicKeyCredentialCreationOptionsBuilder#challenge(ByteArray) | |
274 | */ | |
275 | public Step4 challenge(ByteArray challenge) { | |
276 | builder.challenge(challenge); | |
277 |
1
1. challenge : replaced return value with null for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions$PublicKeyCredentialCreationOptionsBuilder$MandatoryStages$Step3::challenge → KILLED |
return new Step4(); |
278 | } | |
279 | } | |
280 | ||
281 | public class Step4 { | |
282 | /** | |
283 | * {@link PublicKeyCredentialCreationOptionsBuilder#pubKeyCredParams(List) pubKeyCredParams} | |
284 | * is a required parameter. | |
285 | * | |
286 | * @see PublicKeyCredentialCreationOptionsBuilder#pubKeyCredParams(List) | |
287 | */ | |
288 | public PublicKeyCredentialCreationOptionsBuilder pubKeyCredParams( | |
289 | List<PublicKeyCredentialParameters> pubKeyCredParams) { | |
290 |
1
1. pubKeyCredParams : replaced return value with null for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions$PublicKeyCredentialCreationOptionsBuilder$MandatoryStages$Step4::pubKeyCredParams → KILLED |
return builder.pubKeyCredParams(pubKeyCredParams); |
291 | } | |
292 | } | |
293 | } | |
294 | ||
295 | /** | |
296 | * A time, in milliseconds, that the caller is willing to wait for the call to complete. This is | |
297 | * treated as a hint, and MAY be overridden by the client. | |
298 | */ | |
299 |
1
1. timeout : negated conditional → KILLED |
public PublicKeyCredentialCreationOptionsBuilder timeout(@NonNull Optional<Long> timeout) { |
300 | this.timeout = timeout.orElse(null); | |
301 |
1
1. timeout : replaced return value with null for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions$PublicKeyCredentialCreationOptionsBuilder::timeout → KILLED |
return this; |
302 | } | |
303 | ||
304 | /* | |
305 | * Workaround, see: https://github.com/rzwitserloot/lombok/issues/2623#issuecomment-714816001 | |
306 | * Consider reverting this workaround if Lombok fixes that issue. | |
307 | */ | |
308 | private PublicKeyCredentialCreationOptionsBuilder timeout(Long timeout) { | |
309 |
1
1. timeout : replaced return value with null for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions$PublicKeyCredentialCreationOptionsBuilder::timeout → KILLED |
return this.timeout(Optional.ofNullable(timeout)); |
310 | } | |
311 | ||
312 | /** | |
313 | * A time, in milliseconds, that the caller is willing to wait for the call to complete. This is | |
314 | * treated as a hint, and MAY be overridden by the client. | |
315 | */ | |
316 | public PublicKeyCredentialCreationOptionsBuilder timeout(long timeout) { | |
317 |
1
1. timeout : replaced return value with null for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions$PublicKeyCredentialCreationOptionsBuilder::timeout → NO_COVERAGE |
return this.timeout(Optional.of(timeout)); |
318 | } | |
319 | ||
320 | /** | |
321 | * Intended for use by Relying Parties that wish to limit the creation of multiple credentials | |
322 | * for the same account on a single authenticator. The client is requested to return an error if | |
323 | * the new credential would be created on an authenticator that also contains one of the | |
324 | * credentials enumerated in this parameter. | |
325 | */ | |
326 | public PublicKeyCredentialCreationOptionsBuilder excludeCredentials( | |
327 | Optional<Set<PublicKeyCredentialDescriptor>> excludeCredentials) { | |
328 |
1
1. excludeCredentials : replaced return value with null for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions$PublicKeyCredentialCreationOptionsBuilder::excludeCredentials → KILLED |
return this.excludeCredentials(excludeCredentials.orElse(null)); |
329 | } | |
330 | ||
331 | /** | |
332 | * Intended for use by Relying Parties that wish to limit the creation of multiple credentials | |
333 | * for the same account on a single authenticator. The client is requested to return an error if | |
334 | * the new credential would be created on an authenticator that also contains one of the | |
335 | * credentials enumerated in this parameter. | |
336 | */ | |
337 | public PublicKeyCredentialCreationOptionsBuilder excludeCredentials( | |
338 | Set<PublicKeyCredentialDescriptor> excludeCredentials) { | |
339 | this.excludeCredentials = excludeCredentials; | |
340 |
1
1. excludeCredentials : replaced return value with null for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions$PublicKeyCredentialCreationOptionsBuilder::excludeCredentials → KILLED |
return this; |
341 | } | |
342 | ||
343 | /** | |
344 | * Intended for use by Relying Parties that wish to select the appropriate authenticators to | |
345 | * participate in the create() operation. | |
346 | */ | |
347 | public PublicKeyCredentialCreationOptionsBuilder authenticatorSelection( | |
348 |
1
1. authenticatorSelection : negated conditional → KILLED |
@NonNull Optional<AuthenticatorSelectionCriteria> authenticatorSelection) { |
349 |
1
1. authenticatorSelection : replaced return value with null for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions$PublicKeyCredentialCreationOptionsBuilder::authenticatorSelection → KILLED |
return this.authenticatorSelection(authenticatorSelection.orElse(null)); |
350 | } | |
351 | ||
352 | /** | |
353 | * Intended for use by Relying Parties that wish to select the appropriate authenticators to | |
354 | * participate in the create() operation. | |
355 | */ | |
356 | public PublicKeyCredentialCreationOptionsBuilder authenticatorSelection( | |
357 | AuthenticatorSelectionCriteria authenticatorSelection) { | |
358 | this.authenticatorSelection = authenticatorSelection; | |
359 |
1
1. authenticatorSelection : replaced return value with null for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions$PublicKeyCredentialCreationOptionsBuilder::authenticatorSelection → KILLED |
return this; |
360 | } | |
361 | } | |
362 | ||
363 | /* | |
364 | * Essentially a copy of RelyingParty.filterAvailableAlgorithms(List) because that method and WebAuthnCodecs are not visible here. | |
365 | */ | |
366 | private static List<PublicKeyCredentialParameters> filterAvailableAlgorithms( | |
367 | List<PublicKeyCredentialParameters> pubKeyCredParams) { | |
368 |
1
1. filterAvailableAlgorithms : replaced return value with Collections.emptyList for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions::filterAvailableAlgorithms → KILLED |
return Collections.unmodifiableList( |
369 | pubKeyCredParams.stream() | |
370 | .filter( | |
371 | param -> { | |
372 | try { | |
373 | switch (param.getAlg()) { | |
374 | case EdDSA: | |
375 | KeyFactory.getInstance("EdDSA"); | |
376 | break; | |
377 | ||
378 | case ES256: | |
379 | case ES384: | |
380 | case ES512: | |
381 | KeyFactory.getInstance("EC"); | |
382 | break; | |
383 | ||
384 | case RS256: | |
385 | case RS384: | |
386 | case RS512: | |
387 | case RS1: | |
388 | KeyFactory.getInstance("RSA"); | |
389 | break; | |
390 | ||
391 | default: | |
392 | log.warn( | |
393 | "Unknown algorithm: {}. Please file a bug report.", param.getAlg()); | |
394 | } | |
395 | } catch (NoSuchAlgorithmException e) { | |
396 | log.warn( | |
397 | "Unsupported algorithm in PublicKeyCredentialCreationOptions.pubKeyCredParams: {}. No KeyFactory available; registrations with this key algorithm will fail. You may need to add a dependency and load a provider using java.security.Security.addProvider().", | |
398 | param.getAlg()); | |
399 |
1
1. lambda$filterAvailableAlgorithms$0 : replaced boolean return with true for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions::lambda$filterAvailableAlgorithms$0 → KILLED |
return false; |
400 | } | |
401 | ||
402 | try { | |
403 | switch (param.getAlg()) { | |
404 | case EdDSA: | |
405 | Signature.getInstance("EDDSA"); | |
406 | break; | |
407 | ||
408 | case ES256: | |
409 | Signature.getInstance("SHA256withECDSA"); | |
410 | break; | |
411 | ||
412 | case ES384: | |
413 | Signature.getInstance("SHA384withECDSA"); | |
414 | break; | |
415 | ||
416 | case ES512: | |
417 | Signature.getInstance("SHA512withECDSA"); | |
418 | break; | |
419 | ||
420 | case RS256: | |
421 | Signature.getInstance("SHA256withRSA"); | |
422 | break; | |
423 | ||
424 | case RS384: | |
425 | Signature.getInstance("SHA384withRSA"); | |
426 | break; | |
427 | ||
428 | case RS512: | |
429 | Signature.getInstance("SHA512withRSA"); | |
430 | break; | |
431 | ||
432 | case RS1: | |
433 | Signature.getInstance("SHA1withRSA"); | |
434 | break; | |
435 | ||
436 | default: | |
437 | log.warn( | |
438 | "Unknown algorithm: {}. Please file a bug report.", param.getAlg()); | |
439 | } | |
440 | } catch (NoSuchAlgorithmException e) { | |
441 | log.warn( | |
442 | "Unsupported algorithm in PublicKeyCredentialCreationOptions.pubKeyCredParams: {}. No Signature available; registrations with this key algorithm will fail. You may need to add a dependency and load a provider using java.security.Security.addProvider().", | |
443 | param.getAlg()); | |
444 |
1
1. lambda$filterAvailableAlgorithms$0 : replaced boolean return with true for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions::lambda$filterAvailableAlgorithms$0 → NO_COVERAGE |
return false; |
445 | } | |
446 | ||
447 |
1
1. lambda$filterAvailableAlgorithms$0 : replaced boolean return with false for com/yubico/webauthn/data/PublicKeyCredentialCreationOptions::lambda$filterAvailableAlgorithms$0 → KILLED |
return true; |
448 | }) | |
449 | .collect(Collectors.toList())); | |
450 | } | |
451 | } | |
Mutations | ||
133 |
1.1 |
|
134 |
1.1 |
|
135 |
1.1 |
|
136 |
1.1 |
|
149 |
1.1 |
|
153 |
1.1 |
|
155 |
1.1 |
|
179 |
1.1 |
|
199 |
1.1 |
|
216 |
1.1 |
|
220 |
1.1 |
|
224 |
1.1 |
|
228 |
1.1 |
|
232 |
1.1 |
|
252 |
1.1 |
|
264 |
1.1 |
|
277 |
1.1 |
|
290 |
1.1 |
|
299 |
1.1 |
|
301 |
1.1 |
|
309 |
1.1 |
|
317 |
1.1 |
|
328 |
1.1 |
|
340 |
1.1 |
|
348 |
1.1 |
|
349 |
1.1 |
|
359 |
1.1 |
|
368 |
1.1 |
|
399 |
1.1 |
|
444 |
1.1 |
|
447 |
1.1 |