Bug 1420760 - order webauthn CBOR map keys; r?ttaubert
MozReview-Commit-ID: 6BsiL45dxa3
--- a/dom/webauthn/WebAuthnCBORUtil.cpp
+++ b/dom/webauthn/WebAuthnCBORUtil.cpp
@@ -29,24 +29,24 @@ CBOREncodePublicKeyObj(const CryptoBuffe
pubKeyFmt /= eccPubKey
eccPubKey = { alg: eccAlgName, x: biguint, y: biguint }
eccAlgName = "ES256" / "ES384" / "ES512"
*/
cbor::output_dynamic cborPubKeyOut;
cbor::encoder encoder(cborPubKeyOut);
encoder.write_map(3);
{
- encoder.write_string("alg");
- encoder.write_string(JWK_ALG_ECDSA_P_256); // Always ES256 for U2F
-
encoder.write_string("x");
encoder.write_bytes(xBuf.Elements(), xBuf.Length());
encoder.write_string("y");
encoder.write_bytes(yBuf.Elements(), yBuf.Length());
+
+ encoder.write_string("alg");
+ encoder.write_string(JWK_ALG_ECDSA_P_256); // Always ES256 for U2F
}
if (!aPubKeyObj.Assign(cborPubKeyOut.data(), cborPubKeyOut.size())) {
return NS_ERROR_OUT_OF_MEMORY;
}
return NS_OK;
}
@@ -71,33 +71,33 @@ CBOREncodeAttestationObj(const CryptoBuf
x5c: [ attestnCert: bytes, * (caCert: bytes) ],
sig: bytes
}
*/
cbor::output_dynamic cborAttOut;
cbor::encoder encoder(cborAttOut);
encoder.write_map(3);
{
- encoder.write_string("authData");
- encoder.write_bytes(aAuthDataBuf.Elements(), aAuthDataBuf.Length());
-
encoder.write_string("fmt");
encoder.write_string("fido-u2f");
encoder.write_string("attStmt");
encoder.write_map(2);
{
+ encoder.write_string("sig");
+ encoder.write_bytes(aSignatureBuf.Elements(), aSignatureBuf.Length());
+
encoder.write_string("x5c");
// U2F wire protocol can only deliver 1 certificate, so it's never a chain
encoder.write_array(1);
encoder.write_bytes(aAttestationCertBuf.Elements(), aAttestationCertBuf.Length());
+ }
- encoder.write_string("sig");
- encoder.write_bytes(aSignatureBuf.Elements(), aSignatureBuf.Length());
- }
+ encoder.write_string("authData");
+ encoder.write_bytes(aAuthDataBuf.Elements(), aAuthDataBuf.Length());
}
if (!aAttestationObj.Assign(cborAttOut.data(), cborAttOut.size())) {
return NS_ERROR_OUT_OF_MEMORY;
}
return NS_OK;
}