Use libwebauthn for JSON parsing

Author: AlfioEmanueleFresta

Cargo.lock

@@ -10,7 +10,7 @@ async-stream = "0.3.6"
 base64 = "0.22.1"
 credentialsd-common = { path = "../credentialsd-common" }
 futures-lite.workspace = true
-libwebauthn = { git = "https://github.com/linux-credentials/libwebauthn.git", rev="80545bff16c4e89a930221e90d3141a76303b84b", features = ["libnfc","pcsc"] }
+libwebauthn = { git = "https://github.com/linux-credentials/libwebauthn.git", rev="d97c80d25bdb974472c40de5e5031db5946ad532", features = ["libnfc","pcsc"] }
 # TODO: split nfc and pcsc into separate features
 # Also, 0.6.1 fails to build with non-vendored library.
 # https://github.com/alexrsagen/rs-nfc1/issues/15

credentialsd-common/Cargo.lock

@@ -377,6 +377,7 @@ impl From<GetAssertionResponse> for AuthenticatorResponse {
 mod test {
     use std::{sync::Arc, time::Duration};
 
+    use base64::Engine as _;
     use libwebauthn::{
         ops::webauthn::{
             MakeCredentialRequest, ResidentKeyRequirement, UserVerificationRequirement,
@@ -395,6 +396,7 @@ mod test {
         webauthn,
     };
     use credentialsd_common::model::Operation;
+    use credentialsd_common::model::{CredentialRequest, MakeCredentialRequest};
 
     use super::{
         hybrid::{test::DummyHybridHandler, HybridStateInternal},
@@ -454,16 +456,14 @@ mod test {
         let challenge = "Ox0AXQz7WUER7BGQFzvVrQbReTkS3sepVGj26qfUhhrWSarkDbGF4T4NuCY1aAwHYzOzKMJJ2YRSatetl0D9bQ";
         let origin = "webauthn.io".to_string();
         let is_cross_origin = false;
-        let client_data_json = webauthn::format_client_data_json(
-            Operation::Create,
-            challenge,
-            &origin,
-            is_cross_origin,
-        );
-        let client_data_hash = webauthn::create_client_data_hash(&client_data_json);
+        // Decode the challenge from base64url
+        let challenge_bytes = base64::engine::general_purpose::URL_SAFE_NO_PAD
+            .decode(challenge)
+            .expect("valid base64url challenge");
         let make_request = MakeCredentialRequest {
-            hash: client_data_hash,
-            origin: "webauthn.io".to_string(),
+            challenge: challenge_bytes,
+            origin: origin.clone(),
+            cross_origin: Some(is_cross_origin),
             relying_party: Ctap2PublicKeyCredentialRpEntity {
                 id: "webauthn.io".to_string(),
                 name: Some("webauthn.io".to_string()),

credentialsd/Cargo.lock

@@ -36,8 +36,11 @@ impl InProcessNfcHandler {
         prev_nfc_state: &NfcStateInternal,
     ) -> Result<NfcStateInternal, Error> {
         match libwebauthn::transport::nfc::get_nfc_device().await {
-            Ok(None) => Ok(NfcStateInternal::Waiting),
-            Ok(Some(hid_device)) => Ok(NfcStateInternal::Connected(hid_device)),
+            Ok(Some(nfc_device)) => Ok(NfcStateInternal::Connected(nfc_device)),
+            Ok(None) => {
+                let state = NfcStateInternal::Waiting;
+                Ok(state)
+            }
             Err(err) => {
                 *failures += 1;
                 if *failures == 5 {