keepassxc/tests/TestPasskeys.h

/*
 *  Copyright (C) 2024 KeePassXC Team <team@keepassxc.org>
 *
 *  This program is free software: you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation, either version 2 or (at your option)
 *  version 3 of the License.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

#ifndef KEEPASSXC_TESTPASSKEYS_H
#define KEEPASSXC_TESTPASSKEYS_H

#include <QObject>

#include "browser/BrowserPasskeys.h"

class TestPasskeys : public QObject
{
    Q_OBJECT

private slots:
    void initTestCase();
    void init();

    void testBase64WithHexStrings();
    void testDecodeResponseData();

    void testLoadingECPrivateKeyFromPem();
    void testLoadingRSAPrivateKeyFromPem();
    void testCreatingAttestationObjectWithEC();
    void testCreatingAttestationObjectWithRSA();
    void testRegister();
    void testGet();

    void testExtensions();
    void testParseFlags();
    void testSetFlags();

    void testEntry();
    void testIsDomain();
    void testRegistrableDomainSuffix();
    void testRpIdValidation();
    void testParseAttestation();
    void testParseCredentialTypes();
    void testIsAuthenticatorSelectionValid();
    void testIsResidentKeyRequired();
    void testIsUserVerificationRequired();
    void testAllowLocalhostWithPasskeys();
};
#endif // KEEPASSXC_TESTPASSKEYS_H
Add basic support for WebAuthn (Passkeys) (#8825) --------- Co-authored-by: varjolintu <sami.vanttinen@protonmail.com> Co-authored-by: droidmonkey <support@dmapps.us> 2023-10-25 16:12:55 +02:00			`/*`
Passkeys improvements (#10318) Refactors the Passkey implementation to include more checks and a structure that is more aligned with the official specification. Notable changes: - _BrowserService_ no longer does the checks by itself. A new class _BrowserPasskeysClient_ constructs the relevant objects, acting as a client. _BrowserService_ only acts as a bridge between the client and _BrowserPasskeys_ (authenticator) and calls the relevant popups for user interaction. - A new helper class _PasskeyUtils_ includes the actual checks and parses the objects. - _BrowserPasskeys_ is pretty much intact, but some functions have been moved to PasskeyUtils. - Fixes Ed25519 encoding in _BrowserCBOR_. - Adds new error messages. - User confirmation for Passkey retrieval is also asked even if `discouraged` is used. This goes against the specification, but currently there's no other way to verify the user. - `cross-platform` is also accepted for compatibility. This could be removed if there's a potential issue with it. - Extension data is now handled correctly during Authentication. - Allowed and excluded credentials are now handled correctly. - `KPEX_PASSKEY_GENERATED_USER_ID` is renamed to `KPEX_PASSKEY_CREDENTIAL_ID` - Adds a new option "Allow localhost with Passkeys" to Browser Integration -> Advanced tab. By default it's not allowed to access HTTP sites, but `http://localhost` can be allowed for debugging and testing purposes for local servers. - Add tag `Passkey` to a Passkey entry, or an entry with an imported Passkey. Fixes #10287. 2024-03-06 13:42:01 +01:00			`* Copyright (C) 2024 KeePassXC Team <team@keepassxc.org>`
Add basic support for WebAuthn (Passkeys) (#8825) --------- Co-authored-by: varjolintu <sami.vanttinen@protonmail.com> Co-authored-by: droidmonkey <support@dmapps.us> 2023-10-25 16:12:55 +02:00			`*`
			`* This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU General Public License as published by`
			`* the Free Software Foundation, either version 2 or (at your option)`
			`* version 3 of the License.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU General Public License`
			`* along with this program. If not, see <http://www.gnu.org/licenses/>.`
			`*/`

			`#ifndef KEEPASSXC_TESTPASSKEYS_H`
			`#define KEEPASSXC_TESTPASSKEYS_H`

			`#include <QObject>`

			`#include "browser/BrowserPasskeys.h"`

			`class TestPasskeys : public QObject`
			`{`
			`Q_OBJECT`

			`private slots:`
			`void initTestCase();`
			`void init();`

			`void testBase64WithHexStrings();`
			`void testDecodeResponseData();`

			`void testLoadingECPrivateKeyFromPem();`
			`void testLoadingRSAPrivateKeyFromPem();`
			`void testCreatingAttestationObjectWithEC();`
			`void testCreatingAttestationObjectWithRSA();`
			`void testRegister();`
			`void testGet();`

			`void testExtensions();`
			`void testParseFlags();`
			`void testSetFlags();`
Passkeys: Add support for importing Passkey to entry (#9987) --------- Co-authored-by: Jonathan White <support@dmapps.us> 2023-11-23 05:11:25 +01:00
			`void testEntry();`
Passkeys improvements (#10318) Refactors the Passkey implementation to include more checks and a structure that is more aligned with the official specification. Notable changes: - _BrowserService_ no longer does the checks by itself. A new class _BrowserPasskeysClient_ constructs the relevant objects, acting as a client. _BrowserService_ only acts as a bridge between the client and _BrowserPasskeys_ (authenticator) and calls the relevant popups for user interaction. - A new helper class _PasskeyUtils_ includes the actual checks and parses the objects. - _BrowserPasskeys_ is pretty much intact, but some functions have been moved to PasskeyUtils. - Fixes Ed25519 encoding in _BrowserCBOR_. - Adds new error messages. - User confirmation for Passkey retrieval is also asked even if `discouraged` is used. This goes against the specification, but currently there's no other way to verify the user. - `cross-platform` is also accepted for compatibility. This could be removed if there's a potential issue with it. - Extension data is now handled correctly during Authentication. - Allowed and excluded credentials are now handled correctly. - `KPEX_PASSKEY_GENERATED_USER_ID` is renamed to `KPEX_PASSKEY_CREDENTIAL_ID` - Adds a new option "Allow localhost with Passkeys" to Browser Integration -> Advanced tab. By default it's not allowed to access HTTP sites, but `http://localhost` can be allowed for debugging and testing purposes for local servers. - Add tag `Passkey` to a Passkey entry, or an entry with an imported Passkey. Fixes #10287. 2024-03-06 13:42:01 +01:00			`void testIsDomain();`
			`void testRegistrableDomainSuffix();`
			`void testRpIdValidation();`
			`void testParseAttestation();`
			`void testParseCredentialTypes();`
			`void testIsAuthenticatorSelectionValid();`
			`void testIsResidentKeyRequired();`
			`void testIsUserVerificationRequired();`
			`void testAllowLocalhostWithPasskeys();`
Add basic support for WebAuthn (Passkeys) (#8825) --------- Co-authored-by: varjolintu <sami.vanttinen@protonmail.com> Co-authored-by: droidmonkey <support@dmapps.us> 2023-10-25 16:12:55 +02:00			`};`
			`#endif // KEEPASSXC_TESTPASSKEYS_H`