Bug 1536773 - WebAuthn does not return userHandle back during Authentication r=jcj

Differential Revision: https://phabricator.services.mozilla.com/D24189

--HG--
extra : moz-landing-system : lando

dom/webauthn/PWebAuthnTransaction.ipdl

@@ -117,6 +117,7 @@ struct WebAuthnGetAssertionResult {
   WebAuthnExtensionResult[] Extensions;
   /* Might be empty if the token implementation doesn't support CTAP1. */
   uint8_t[] SignatureData;
+  uint8_t[] UserHandle;
 };
 
 async protocol PWebAuthnTransaction {

dom/webauthn/U2FHIDTokenManager.cpp

@@ -400,9 +400,11 @@ void U2FHIDTokenManager::HandleSignResult(UniquePtr<U2FResult>&& aResult) {
     return;
   }
 
+  nsTArray<uint8_t> userHandle;
+
   WebAuthnGetAssertionResult result(mTransaction.ref().mClientDataJSON,
                                     keyHandle, signatureBuf, authenticatorData,
-                                    extensions, rawSignatureBuf);
+                                    extensions, rawSignatureBuf, userHandle);
   mSignPromise.Resolve(std::move(result), __func__);
 }
 

dom/webauthn/U2FSoftTokenManager.cpp

@@ -964,9 +964,11 @@ RefPtr<U2FSignPromise> U2FSoftTokenManager::Sign(
     return U2FSignPromise::CreateAndReject(NS_ERROR_FAILURE, __func__);
   }
 
+  nsTArray<uint8_t> userHandle;
+
   WebAuthnGetAssertionResult result(aInfo.ClientDataJSON(), keyHandle,
                                     signatureBuf, authenticatorData, extensions,
-                                    signatureDataBuf);
+                                    signatureDataBuf, userHandle);
   return U2FSignPromise::CreateAndResolve(std::move(result), __func__);
 }
 

dom/webauthn/WebAuthnManager.cpp

@@ -734,6 +734,11 @@ void WebAuthnManager::FinishGetAssertion(
     return;
   }
 
+  CryptoBuffer userHandleBuf;
+  // U2FTokenManager don't return user handle.
+  // Best effort.
+  userHandleBuf.Assign(aResult.UserHandle());
+
   // If any authenticator returns success:
 
   // Create a new PublicKeyCredential object named value and populate its fields
@@ -744,6 +749,9 @@ void WebAuthnManager::FinishGetAssertion(
   assertion->SetClientDataJSON(clientDataBuf);
   assertion->SetAuthenticatorData(authenticatorDataBuf);
   assertion->SetSignature(signatureBuf);
+  if (!userHandleBuf.IsEmpty()) {
+    assertion->SetUserHandle(userHandleBuf);
+  }
 
   RefPtr<PublicKeyCredential> credential = new PublicKeyCredential(mParent);
   credential->SetId(credentialBase64Url);

dom/webauthn/WinWebAuthnManager.cpp

@@ -629,6 +629,10 @@ void WinWebAuthnManager::Sign(PWebAuthnTransactionParent* aTransactionParent,
     keyHandle.AppendElements(pWebAuthNAssertion->Credential.pbId,
                              pWebAuthNAssertion->Credential.cbId);
 
+    nsTArray<uint8_t> userHandle;
+    userHandle.AppendElements(pWebAuthNAssertion->pbUserId,
+                              pWebAuthNAssertion->cbUserId);
+
     nsTArray<uint8_t> authenticatorData;
     authenticatorData.AppendElements(pWebAuthNAssertion->pbAuthenticatorData,
                                      pWebAuthNAssertion->cbAuthenticatorData);
@@ -641,7 +645,7 @@ void WinWebAuthnManager::Sign(PWebAuthnTransactionParent* aTransactionParent,
 
     WebAuthnGetAssertionResult result(aInfo.ClientDataJSON(), keyHandle,
                                       signature, authenticatorData, extensions,
-                                      signature);
+                                      signature, userHandle);
 
     Unused << mTransactionParent->SendConfirmSign(aTransactionId, result);
     ClearTransaction();