Граф коммитов

142 Коммитов

Автор SHA1 Сообщение Дата
Tim Taubert 0af61da4ec Bug 1406471 - Web Authentication - Implement FIDO AppID Extension r=jcj,smaug
Reviewers: jcj, smaug

Reviewed By: jcj

Bug #: 1406471

Differential Revision: https://phabricator.services.mozilla.com/D595
2018-02-22 10:53:49 +01:00
Tim Taubert 0f8c5589b8 Bug 1437616 - Fix Windows bustage on a CLOSED TREE r=me 2018-02-12 21:46:11 +01:00
Tim Taubert bc18da5fe7 Bug 1437616 - Use proper WebAuthn result types defined in the .pidl r=jcj
Reviewers: jcj

Reviewed By: jcj

Bug #: 1437616

Differential Revision: https://phabricator.services.mozilla.com/D582
2018-02-12 21:08:54 +01:00
J.C. Jones baed063f21 Bug 1436078 - Hard-code U2F permissions for Google Accounts r=ttaubert
This patch support already-enrolled U2F devices at Google Accounts by adding a
hard-coded "OK" into the U2F EvaluateAppID method, per the intent-to-ship [1].

This adds no tests, as this is not testable in our infrastructure. It will
require cooporation with Google Accounts to validate.

[1] https://groups.google.com/d/msg/mozilla.dev.platform/Uiu3fwnA2xw/201ynAiPAQAJ

MozReview-Commit-ID: 1YLd5sfeTKv

--HG--
extra : rebase_source : 96bfb92819be2c6e549dae0a5df0525587f894b8
2018-02-06 16:59:00 -07:00
Dorel Luca efcf9560cb Backed out changeset 89ac5a28c228 (bug 1436078) for build bustage on multiple platforms on a CLOSED TREE
--HG--
extra : amend_source : 7ee1cef1a20118db34783bae4631e79191439a44
2018-02-07 17:42:52 +02:00
J.C. Jones a0b8058fdf Bug 1436078 - Hard-code U2F permissions for Google Accounts r=ttaubert
This patch support already-enrolled U2F devices at Google Accounts by adding a
hard-coded "OK" into the U2F EvaluateAppID method, per the intent-to-ship [1].

This adds no tests, as this is not testable in our infrastructure. It will
require cooporation with Google Accounts to validate.

[1] https://groups.google.com/d/msg/mozilla.dev.platform/Uiu3fwnA2xw/201ynAiPAQAJ

MozReview-Commit-ID: 1YLd5sfeTKv

--HG--
extra : rebase_source : bfdb407cec61c4f4e5efaf85d1590fe287aaea4c
2018-02-06 16:59:00 -07:00
Tim Taubert c3180f09e1 Bug 1406467 - Web Authentication - WD-07 Updates to Make Assertion r=jcj,smaug
Summary:
Add support for PublicKeyCredentialRequestOptions.userVerification. For now
this basically means that we'll abort the operation with NotAllowed, as we
don't support user verification yet.

Pass PublicKeyCredentialDescriptor.transports through to the token manager
implementations. The softoken will ignore those and pretend to support all
transports defined by the spec. The USB HID token will check for the "usb"
transport and either ignore credentials accordingly, or abort the operation.

Note: The `UserVerificationRequirement` in WebIDL is defined at https://w3c.github.io/webauthn/#assertion-options

Reviewers: jcj, smaug

Reviewed By: jcj, smaug

Bug #: 1406467

Differential Revision: https://phabricator.services.mozilla.com/D338

--HG--
extra : amend_source : 314cadb3bc40bbbee2a414bc5f13caed55f9d720
2018-01-09 07:27:35 +01:00
J.C. Jones dccb7bcf7c Bug 1247124 - Limit FIDO U2F to Secure Contexts r=ttaubert,smaug
Use the [SecureContext] webidl notation to hide the powerful "window.u2f"
feature and its interface when not loaded in a secure context.

MozReview-Commit-ID: 7en8b5ieI85
2017-12-13 17:02:38 -06:00
Tim Taubert 975f015349 Bug 1422661 - Fix U2F test failures in new microtask scheduling r=jcj
Summary:
Ensure that transactions are cleared before U2FCallbacks are called, to allow
reentrancy from microtask checkpoints.

Move the two possible callbacks into U2FTransaction so we have nicer invariants
and know that there's a callback as long as we have a transaction.

Reviewers: jcj

Reviewed By: jcj

Bug #: 1422661

Differential Revision: https://phabricator.services.mozilla.com/D329

--HG--
extra : amend_source : 7097f38199a5bc4a215377e4f1a64079cf6d6a24
2017-12-08 16:55:52 +01:00
Tim Taubert b5c19b9f90 Bug 1396907 - Abstract a BaseAuthManager for dom/u2f and dom/webauthn r=jcj
Summary: We can probably abstract more stuff in the future, but this seems like a good start.

Reviewers: jcj

Reviewed By: jcj

Bug #: 1396907

Differential Revision: https://phabricator.services.mozilla.com/D323
2017-12-06 18:41:58 +01:00
Tim Taubert 91a23b2116 Bug 1421723 - Allow localhost as appId for U2F r=jcj
Reviewers: jcj

Reviewed By: jcj

Bug #: 1421723

Differential Revision: https://phabricator.services.mozilla.com/D321
2017-12-06 16:28:20 +01:00
Tim Taubert a3256fcae8 Bug 1421616 - Have one WebAuthnManager instance per CredentialsContainer r=jcj
Summary:
We currently have a single WebAuthnManager instance per process that's shared
between all CredentialContainers. That way the nsPIDOMWindowInner parent has
to be tracked by the transaction, as multiple containers could kick off
requests simultaneously.

This patch lets us we have one WebAuthnManager instance per each
CredentialsContainer and thus each nsPIDOMWindowInner. This matches the current
U2F implementation where there is one instance per parent window too.

This somewhat simplifies the communication diagram (at least in my head), as
each U2F/WebAuthnManager instance also has their own TransactionChild/Parent
pair for IPC protocol communication. The manager and child/parent pair are
destroyed when the window is.

Reviewers: jcj

Reviewed By: jcj

Bug #: 1421616

Differential Revision: https://phabricator.services.mozilla.com/D305
2017-12-05 19:05:06 +01:00
Tim Taubert 587ed9ddc7 Backed out changeset bb739695f566 (bug 1421616) 2017-12-05 19:24:22 +01:00
Tim Taubert a0935f0ff1 Bug 1421616 - Have one WebAuthnManager instance per CredentialsContainer r=jcj
Summary:
We currently have a single WebAuthnManager instance per process that's shared
between all CredentialContainers. That way the nsPIDOMWindowInner parent has
to be tracked by the transaction, as multiple containers could kick off
requests simultaneously.

This patch lets us we have one WebAuthnManager instance per each
CredentialsContainer and thus each nsPIDOMWindowInner. This matches the current
U2F implementation where there is one instance per parent window too.

This somewhat simplifies the communication diagram (at least in my head), as
each U2F/WebAuthnManager instance also has their own TransactionChild/Parent
pair for IPC protocol communication. The manager and child/parent pair are
destroyed when the window is.

Reviewers: jcj

Reviewed By: jcj

Bug #: 1421616

Differential Revision: https://phabricator.services.mozilla.com/D305
2017-12-05 19:05:06 +01:00
Tim Taubert c5eda6e272 Bug 1406462 - Web Authentication - Add support for authenticator selection criteria and attachment types r=jcj,smaug
Reviewers: jcj, smaug

Reviewed By: jcj, smaug

Bug #: 1406462

Differential Revision: https://phabricator.services.mozilla.com/D278
2017-11-29 13:58:33 +01:00
Tim Taubert ded0cee6bf Bug 1410346 - Merge U2F.cpp and U2FManager.cpp r=jcj
Reviewers: jcj

Reviewed By: jcj

Bug #: 1410346

Differential Revision: https://phabricator.services.mozilla.com/D288
2017-11-28 10:21:07 +01:00
Tim Taubert de00fd9f1f Backed out changeset 0750af27bcee (bug 1410346) 2017-11-28 10:37:45 +01:00
Tim Taubert 1712f2c336 Bug 1410346 - Merge U2F.cpp and U2FManager.cpp r=jcj
Reviewers: jcj

Reviewed By: jcj

Bug #: 1410346

Differential Revision: https://phabricator.services.mozilla.com/D288

--HG--
extra : amend_source : 5d078e8d9dc1bd6da11f2d84e349b6d77638ed6b
2017-11-28 10:21:07 +01:00
Tim Taubert 38fb49445f Bug 1420906 - Add override/cancellation/tab switch tests for U2F API r=jcj
Reviewers: jcj

Reviewed By: jcj

Bug #: 1420906

Differential Revision: https://phabricator.services.mozilla.com/D290
2017-11-28 10:08:49 +01:00
Tim Taubert 1d2e8ed150 Bug 1412408 - Fix content process leak of U2FTransactionChild instances r=jcj
Summary:
This patch fixes the reported leak of U2FTransactionChild instances in the
content process by introducing a WebAuthnTransactionChildBase class that both
WebAuthnTransactionChild and U2FTransactionChild inherit from.

This base class is responsible for proper refcounting. In
BackgroundChildImpl::DeallocPWebAuthnTransactionChild() we currently always
cast to WebAuthnTransactionChild, that will work only for the WebAuthn API. We
can now cast to WebAuthnTransactionChildBase to make this work for U2F as well.

Reviewers: jcj

Reviewed By: jcj

Bug #: 1412408

Differential Revision: https://phabricator.services.mozilla.com/D179
2017-11-02 12:18:19 +01:00
Bevis Tseng b7bcbf0162 Bug 1413125 - Support reentry synchronously from U2F callbacks. r=jcj
Call MozPromiseRequestHolder::Complete() and reset callbacks eariler to
support reentry of U2F::Register()/Sign() from calling ExecuteCallback().
2017-10-31 18:22:00 +08:00
Andrew McCreight 298aa82710 Bug 1412125, part 2 - Fix dom/ mode lines. r=qdot
This was automatically generated by the script modeline.py.

MozReview-Commit-ID: BgulzkGteAL

--HG--
extra : rebase_source : a4b9d16a4c06c4e85d7d85f485221b1e4ebdfede
2017-10-26 15:08:41 -07:00
Tim Taubert c29f1dbeb7 Bug 1403818 - Fix WebAuthn IPC crashes by keeping the child actor alive until process shutdown r=jcj
Summary:
We currently call ChildActor.send__delete() when clearing an active transaction
and thereby destroy the child actor. If that happens, e.g. due to a tab switch,
while a message is in the IPC buffer waiting to be delivered, we crash.

This patch creates the child actor lazily as before, but keeps it around until
the WebAuthnManager goes away, which will be at process shutdown.

Each transaction now has a unique id, that the parent process will include in
any of the ConfirmRegister, ConfirmSign, or Abort messages. That way we can
easily ignore stale messages that were in the buffer while we started a new
transaction or cancelled the current one.

Reviewers: jcj

Reviewed By: jcj

Bug #: 1403818

Differential Revision: https://phabricator.services.mozilla.com/D149
2017-10-25 15:59:53 +02:00
Andrea Marchesini cd379739f9 Bug 1411257 - No MOZ_CRASH if BackgroundChild::GetOrCreateForCurrentThread() fails - part 5 - U2F manager, r=asuth 2017-10-25 08:45:53 +02:00
Andrea Marchesini c9b008f29e Bug 1408333 Get rid of nsIIPCBackgroundChildCreateCallback - part 8 - U2F, r=asuth 2017-10-24 12:02:40 +02:00
Tim Taubert ce066246b7 Bug 1410428 - Handle stales messages in {WebAuthn,U2F}Manager r=jcj
Summary:
With both managers storing transaction infos in `Maybe<Info> mTransaction` now,
it occurred to me that we can't actually assert that
`mTransaction.isSome() == true` when we receive a message.

At least with the U2F API the request could be cancelled (and mTransaction
cleared) while there's a pending completion message. For WebAuthn it probably
doesn't hurt to handle this properly either.

(As a bonus, I snuck in the removal of an unused enum.)

Reviewers: jcj

Reviewed By: jcj

Bug #: 1410428

Differential Revision: https://phabricator.services.mozilla.com/D145
2017-10-21 11:34:44 +02:00
Tim Taubert 9ac166b3da Bug 1410345 - Rework U2FManager state machine r=jcj
Summary:
This patch aims to clean up the U2FManager's state machine, especially to make
cancellation of transactions clearer. To fix bug 1403818, we'll have to later
introduce a unique id that is forwarded to the U2FTokenManager.

There are multiple stages of cancellation/cleanup after a transaction was
started. All of the places where we previously called Cancel() or
MaybeClearTransaction() are listed below:

[stage 1] ClearTransaction

This is the most basic stage, we only clean up what information we have about
the current transaction. This means that the request was completed successfully.
It is used at the end of FinishRegister() and FinishSign().

[stage 2] RejectTransaction

The second stage will reject the transaction promise we returned to the caller.
Then it will call ClearTransaction, i.e. stage 1. It is used when one of the
two Finish*() functions aborts before completion, or when the parent process
sends a RequestAborted message.

[stage 2b] MaybeRejectTransaction

This is the same as stage 2, but will only run if there's an active transaction.
It is used by ~U2FManager() to reject and clean up when we the manager goes
away.

[stage 3] CancelTransaction

The third stage sends a "Cancel" message to the parent process before rejecting
the transaction promise (stage 2) and cleaning up (stage 1). It's used by
HandleEvent(), i.e. the document becomes inactive.

[stage 3b] MaybeCancelTransaction

This is the same as stage 3, but will only run if there's an active transaction.
It is used at the top of Register() and Sign() so that any active transaction
is cancelled before we handle a new request. It's also used by U2F::Cancel()
as long as bug 1410346 isn't fixed.

Reviewers: jcj

Reviewed By: jcj

Bug #: 1410345

Differential Revision: https://phabricator.services.mozilla.com/D144
2017-10-21 11:34:38 +02:00
Tim Taubert 23f8be23e6 Bug 1409357 - Remove {WebAuthn,U2F}Manager::Start{Register,Sign,Cancel} methods r=jcj
Summary:
We can simplify and reduce the {WebAuthn,U2F}Manager code by removing these
methods and sending messages directly from closures.

Reviewers: jcj

Reviewed By: jcj

Bug #: 1409357

Differential Revision: https://phabricator.services.mozilla.com/D131
2017-10-17 17:11:12 +02:00
Tim Taubert 382ba57162 Bug 1409135 - Cleanup and rearrange {WebAuthn,U2F}Manager.h r=jcj
Summary:
Both files declare a few methods as public that we can make private. Let's
seize the chance to rearrange declarations such that they reflect the message
model better.

Reviewers: jcj

Reviewed By: jcj

Bug #: 1409135

Differential Revision: https://phabricator.services.mozilla.com/D128

--HG--
extra : amend_source : 8f7a9d92ec81253847c44d92c71ea00cc8753bd1
2017-10-17 11:31:30 +02:00
Tim Taubert f7e1c16e21 Bug 1409116 - Rename {WebAuthn,U2F}TransactionParent::Cancel message to Abort r=jcj
Summary:
We currently allow sending a "Cancel" message from the child to abort a running
transaction, e.g. when the user switches away from the currently active tab.

We have a message with the same name "Cancel" sent by the parent when the
transaction is aborted due to failure somewhere in the token manager.

This patch renames abort messages from the parent to "Abort" to clarify the
purpose of the message.

Reviewers: jcj

Reviewed By: jcj

Bug #: 1409116

Differential Revision: https://phabricator.services.mozilla.com/D127

--HG--
extra : amend_source : ee6767965ad928033eb23b258aacf54bbaf57d2d
2017-10-17 11:30:55 +02:00
Tim Taubert 3e13f9c368 Bug 1407179 - Use AssertIsOnBackgroundThread() in U2F and WebAuthn BackgroundParentImpls r=jcj
Summary: It seems like a good idea to call AssertIsOnBackgroundThread() in the WebAuthnTransactionParent and U2FTransactionParent methods. They should never be called on any other thread. (Other BPImpls are doing the same.)

Reviewers: jcj

Reviewed By: jcj

Bug #: 1407179

Differential Revision: https://phabricator.services.mozilla.com/D105
2017-10-10 18:31:30 +02:00
Tim Taubert cb4f5e98e1 Bug 1402156 - Cancel any pending requests when u2f.{register,sign} is called r=jcj
Bug #: 1402156

Differential Revision: https://phabricator.services.mozilla.com/D101
2017-10-06 14:45:27 +02:00
J.C. Jones 9fc9b8dcb4 Bug 1244959 - Use IsRegistrableDomainSuffixOfOrEqualTo for U2F Facets r=ttaubert
In Comment 8 of Bug 1244959 [1], Brad Hill argues that instead of leaving our
U2F Facet support completely half-way, that we could use the Public Suffix logic
introduced into HTML for W3C Web Authentication (the method named
IsRegistrableDomainSuffixOfOrEqualTo) to scope the FIDO AppID to an eTLD+1
hierarchy. This is a deviation from the FIDO specification, but doesn't break
anything that currently works with our U2F implementation, and theoretically
enables sites that otherwise need an external FacetID fetch which we aren't
implementing.

The downside to this is that it's then Firefox-specific behavior. But since this
isn't a shipped feature, we have more room to experiment. As an additional
bonus, it encourages U2F sites to use the upcoming Web Authentication security
model, which will help them prepare to adopt the newer standard.

[1] https://bugzilla.mozilla.org/show_bug.cgi?id=1244959#c8

MozReview-Commit-ID: DzNVhHT9qRL

--HG--
extra : rebase_source : 262e2ddbec325e0391d346473f27ae2738490da1
2017-09-28 16:45:28 -07:00
J.C. Jones 4cf1111f75 Bug 1399334 - Workaround buggy pki.js cert verifier implementation r=keeler
There's an intermittent on the call attestationCert.verify() to test the self-
signed cert from our not-shipped software U2F implementation. Collection of the
intermittents shows these certs are fine, and should verify correctly, but they
don't. The bug must be in pki.js, which is out-of-scope as we only use it for
mochitests.

This patch removes the offending call to xxxx.verify(), because it doesn't
really matter whether the self-signed-cert looks OK to pki.js; we just need
the public key from inside it to proceed with the rest of the tests.

As an example of a so-called "invalid" self-signed cert that failed, we have:

https://treeherder.mozilla.org/logviewer.html#?repo=mozilla-central&job_id=134282931&lineNumber=2673

-----BEGIN CERTIFICATE-----
MIIBMTCB2aADAgECAgUA55x6LTAKBggqhkjOPQQDAjAhMR8wHQYDVQQDExZGaXJl
Zm94IFUyRiBTb2Z0IFRva2VuMB4XDTE3MDkzMDE5MjIzMloXDTE3MTAwMjE5MjIz
MlowITEfMB0GA1UEAxMWRmlyZWZveCBVMkYgU29mdCBUb2tlbjBZMBMGByqGSM49
AgEGCCqGSM49AwEHA0IABIWu4L8ky7s8I7qVv+JwMRHpippH4b6h7rN0jlKpFbHK
hnEwaCPLrTx04Eh9xT4GK9JWuuP759hnAxsWD5wk0H0wCgYIKoZIzj0EAwIDRwAw
RAIgRIeRcn6LkwU8VOmX+mdQ3jUQrUOp5f2xH/qBECGi5EcCIADBjsm/EDKkAwLZ
pGdX7+N+kgf9No4uuLV4dsNVJ1pa
-----END CERTIFICATE-----

There's nothing wrong with this cert, actually. Checking it with OpenSSL shows
all OK:

openssl verify -purpose any -CAfile /tmp/cert2.pem /tmp/cert2.pem
/tmp/cert2.pem: OK

So this intermittent is a bug outside of our U2F and U2F test soft token code.

MozReview-Commit-ID: K142toVWtcv

--HG--
extra : rebase_source : 3c31a407e27cd5c6e7a1a4f1287f17f56f80daaa
2017-10-02 11:06:31 -07:00
J.C. Jones a11562f2ea Bug 1403279 - Set U2F version field on RegisterResponse r=keeler
The U2F specification defines the RegisterResponse.Version field as being set to
"U2F_V2" [1] on successful registrations, which we appear to have overlooked.

This sets the field and adds a few checks to the register test.


[1] https://www.fidoalliance.org/specs/fido-u2f-v1.1-id-20160915/fido-u2f-javascript-api-v1.1-id-20160915.html#idl-def-RegisterResponse

MozReview-Commit-ID: 9YqhM0x9itd

--HG--
extra : rebase_source : 35cab0dffa5db70476461699a6b4706f910b208a
2017-09-28 16:04:10 -07:00
J.C. Jones 6293af8a7a Bug 1399334 - Add more debugging to see why certificates aren't valid. r=ttaubert
There's an intermittent that is showing up now that test_register_sign.html
checks state.attestationCert.verify(); to ensure hte SoftToken's certificate
is valid. This patch prints the offending certificate when it's encountered,
to help diagnose the root cause.

MozReview-Commit-ID: 4QSobq9fBGK
2017-09-18 21:43:40 -07:00
Tim Taubert 14bd1247ca Bug 1401019 - Cancel the current U2F API request before starting a new one r=jcj
I wasn't sure what the right behavior for the U2F API is when `.sign()`
or `.register()` is called but there's an ongoing request that wasn't fulfilled
yet.

I think it makes sense to deny the request (as we currently do) when a request
of the same type is currently active. When however sign() -> register() or
vice-versa is called then we should cancel the previous request and start
the new one. From what I understand from reading the spec we definitely should
call the callback before starting the new request.

Bug #: 1401019

Differential Revision: https://phabricator.services.mozilla.com/D70
2017-09-19 16:55:38 +02:00
J.C. Jones 2afc1ad18b Bug 1245527 - Rewrite U2F.cpp to use U2FTokenManager. r=keeler, r=ttaubert
- This patch reworks the U2F module to asynchronously call U2FManager,
  which in turn handles constructing and managing the U2FTokenManager
  via IPC.
- Add U2FTransaction{Parent,Child} implementations to mirror similar ones for
  WebAuthn
- Rewrite all tests to compensate for U2F executing asynchronously now.
  - Used async tasks, used the manifest parameters for scheme, and generally
    made these cleaner.
- The mochitest "pref =" functionality from Bug 1328830 doesn't support Android
  yet, causing breakage on Android. Rework the tests to go back to the old way
  of using iframes to test U2F.


NOTE TO REVIEWERS:
 Since this is huge, I recommend the following:

 keeler - please review U2F.cpp/h, the tests, and the security-prefs.js. Most
          of the U2F logic is still in U2F.cpp like before, but there's been
          some reworking of how it is called.

 ttaubert - please review U2FManager, the Transaction classes, build changes,
            and the changes to nsGlobalWindow. All of these should be very
            similar to the WebAuthn code it's patterned off.


MozReview-Commit-ID: C1ZN2ch66Rm

--HG--
extra : rebase_source : 5a2c52b0340c13f471af5040b998eb7e661b1981
2017-09-11 12:56:59 -07:00
Phil Ringnalda 2dba33e427 Backed out 3 changesets (bug 1245527) for ASan browser-chrome leaks and Android mochitest bustage
Backed out changeset 8ee1f7aebd62 (bug 1245527)
Backed out changeset e6a5de8d1246 (bug 1245527)
Backed out changeset be63e73426b4 (bug 1245527)

MozReview-Commit-ID: AU22LgPh9iB
2017-09-09 00:09:21 -07:00
J.C. Jones 50501cbead Bug 1245527 - Rewrite U2F.cpp to use U2FTokenManager. r=keeler, r=ttaubert
- This patch reworks the U2F module to asynchronously call U2FManager,
  which in turn handles constructing and managing the U2FTokenManager
  via IPC.
- Add U2FTransaction{Parent,Child} implementations to mirror similar ones for
  WebAuthn
- Rewrite all tests to compensate for U2F executing asynchronously now.
  - Used async tasks, used the manifest parameters for prefs and scheme,
    and generally made these cleaner.

NOTE TO REVIEWERS:
 Since this is huge, I recommend the following:

 keeler - please review U2F.cpp/h, the tests, and the security-prefs.js. Most
          of the U2F logic is still in U2F.cpp like before, but there's been
          some reworking of how it is called.

 ttaubert - please review U2FManager, the Transaction classes, build changes,
            and the changes to nsGlobalWindow. All of these should be very
            similar to the WebAuthn code it's patterned off.


MozReview-Commit-ID: C1ZN2ch66Rm

--HG--
extra : transplant_source : %EA%98%D2%87C%FD%CC%A5%3D%B5%9B%1C%DA%A5J%CD%05%94%13%0D
2017-09-05 12:32:42 -07:00
Kartikaya Gupta ba4b3b9101 Bug 1384233 - Remove SizePrintfMacros.h. r=froydnj
We have a minimum requirement of VS 2015 for Windows builds, which supports
the z length modifier for format specifiers. So we don't need SizePrintfMacros.h
any more, and can just use %zu and friends directly everywhere.

MozReview-Commit-ID: 6s78RvPFMzv

--HG--
extra : rebase_source : 009ea39eb4dac1c927aa03e4f97d8ab673de8a0e
2017-07-26 16:03:57 -04:00
Bill McCloskey f115503a0b Bug 1372405 - Provide names for all runnables in the tree (r=froydnj)
MozReview-Commit-ID: DKR6ROiHRS7
2017-06-26 14:19:58 -07:00
Carsten "Tomcat" Book 8a1350b5a6 Backed out changeset 4f6302a98ae4 (bug 1372405)
--HG--
extra : rebase_source : 41632f3158e88e692809731394a683d065a73dfb
2017-06-21 13:59:26 +02:00
Bill McCloskey 6b3e84ed5f Bug 1372405 - Provide names for all runnables in the tree (r=froydnj)
MozReview-Commit-ID: DKR6ROiHRS7
2017-06-20 21:44:11 -07:00
Carsten "Tomcat" Book ea1b86680c Backed out changeset 9846de3bd954 (bug 1372405)
--HG--
extra : rebase_source : 5d4a48e8ec394c329994689d938d2a6e9b2752b0
2017-06-20 08:27:02 +02:00
Bill McCloskey 4592152411 Bug 1372405 - Provide names for all runnables in the tree (r=froydnj)
MozReview-Commit-ID: DKR6ROiHRS7
2017-06-19 22:25:47 -07:00
Bevis Tseng d1637b9c5a Bug 1372453 - Part 2: Name the caller of ProxyReleaseEvent. r=billm
MozReview-Commit-ID: LYhSWnZkq0i
2017-06-14 09:27:17 +08:00
Bill McCloskey 0767e31489 Bug 1372736 - Avoid using AbstractThread for non-media MozPromises (r=bkelly)
MozReview-Commit-ID: BBi0pK4DXxf
2017-06-15 20:16:25 -07:00
Bill McCloskey c85ab6308c Bug 1366072 - Change promises to take nsISerialEventTarget instead of AbstractThread (r=jwwang)
MozReview-Commit-ID: 4azUhSB6whu
2017-06-13 14:51:01 -07:00
J.C. Jones 2c4669cdf7 Bug 1334388 - Disable intermittent dom/u2f/tests/test_multiple_keys.html. r=keeler
This change disables the test dom/u2f/tests/test_multiple_keys.html, as it
is being prompted by some mis-use of the IPC system. All IPC for this component,
U2F, is being reworked currently in Bug 1323339, so fixing this really falls to
that bug. Bug 1347374 is filed to re-enable this test after the IPC rework.

MozReview-Commit-ID: BQCk7Muz53c
2017-03-14 18:41:51 -07:00
J.C. Jones 487c9854bd Bug 1334388 - Rework u2f/test/test_multiple_keys to fix intermittent r=keeler
This is a cheezy fix to u2f/tests/frame_multiple_keys.html to try and fix
the ongoing intermittents. It's cheesy because it changes this from a
HTTPS-scheme test to HTTP, which is kind of a negative change, and shouldn't
do anything to help. It does, however, make this test look identical to the
other u2f tests which _don't_ have this intermittent issue. If this commit
fixes the problem then I'll know more about this strange failure case.

MozReview-Commit-ID: JXXFshJ6AGq

--HG--
extra : rebase_source : 83b09430d36904bba49037060f615f1b7a2d9078
2017-03-13 10:00:59 -07:00
J.C. Jones a51561a1c4 Bug 1260318 - Scope U2F Soft Tokens to a single AppID r=qdot,rbarnes
This change includes the FIDO "App ID" as part of the function used to generate
the wrapping key used in the NSS-based U2F soft token, cryptographically binding
the "Key Handle" to the site that Key Handle is intended for.

This is a breaking change with existing registered U2F keys, but since our soft
token is hidden behind a pref, it does not attempt to be backward-compatible.

- Updated for rbarnes' and qdot's reviews comments. Thanks!
- Made more strict in size restrictions, and added a version field
  to help us be this strict.
- Bugfix for an early unprotected buffer use (Thanks again rbarnes!)
- Fix a sneaky memory leak re: CryptoBuffer.ToSECItem

MozReview-Commit-ID: Jf6gNPauT4Y

--HG--
extra : rebase_source : 4ff5898e93e4a0a75576e5e54035a1cb6dd952d7
2017-02-01 15:21:04 -07:00
Iris Hsiao 940ee4003b Backed out changeset 713c0a78c2c1 (bug 1260318) for leak issue 2017-03-08 14:01:56 +08:00
J.C. Jones 8effd5c124 Bug 1260318 - Scope U2F Soft Tokens to a single AppID r=qdot,rbarnes
This change includes the FIDO "App ID" as part of the function used to generate
the wrapping key used in the NSS-based U2F soft token, cryptographically binding
the "Key Handle" to the site that Key Handle is intended for.

This is a breaking change with existing registered U2F keys, but since our soft
token is hidden behind a pref, it does not attempt to be backward-compatible.

- Updated for rbarnes' and qdot's reviews comments. Thanks!
- Made more strict in size restrictions, and added a version field
  to help us be this strict.
- Bugfix for an early unprotected buffer use (Thanks again rbarnes!)

MozReview-Commit-ID: Jf6gNPauT4Y

--HG--
extra : rebase_source : 52d10287d10698292e1480e04f580f6f8b4847cb
2017-02-01 15:21:04 -07:00
Daniel Holbert 417e3ff20b Bug 1344830: Convert to range-based 'for' loops in U2F.cpp. r=jcj
MozReview-Commit-ID: 2PRQw4Pxquq

--HG--
extra : rebase_source : 72818e2d14a90caea154f50a8ecd44ad25e2df93
2017-03-06 11:16:54 -08:00
Daniel Holbert 17a88fd2c2 Bug 1344816: Remove unused 'this' variable lambda-captures from U2F.cpp. r=jcj
MozReview-Commit-ID: 8GL2Mb7n3GU

--HG--
extra : rebase_source : 2ceb937215f8fe713eec989ce8d093a075cb3414
2017-03-06 11:05:46 -08:00
Tom Tromey 5f8f360823 Bug 1060419 - make log_print use Printf.h, r=froydnj
MozReview-Commit-ID: BIZ1GQEZ1vs

--HG--
extra : rebase_source : 2f1f0aa12493c44f352d9a7e8683e7bb72d2d75b
2016-12-15 20:16:31 -07:00
Joel Maher c203f27827 Bug 1335099 - add BUG_COMPONENT to many dom/* subdir files. r=overholt
MozReview-Commit-ID: CyIIs98hnUI
2017-02-06 09:45:55 -05:00
Sebastian Hengst 7225ec6170 Backed out changeset 9a332af74af5 (bug 1335099) for build bustage (moz.build rule matches no files). r=backout on a CLOSED TREE 2017-02-06 16:21:20 +01:00
Joel Maher 60e61eed48 Bug 1335099 - add BUG_COMPONENT to many dom/* subdir files. r=overholt
MozReview-Commit-ID: CyIIs98hnUI
2017-02-06 09:45:55 -05:00
J.C. Jones 4fc5b851c3 Bug 1335899 - Tolerate token failures in U2F.cpp r=keeler
If there's a second token (say, USB anyone?) that fails early, U2F.cpp's
U2FStatus object should not be told to "stop" unless it's actually done.

So basically, in the promise failures for U2F::Sign and U2F::Register, don't
call Stop - let the stop come implicitly when no tokens respond correctly.

This changes U2FStatus to be used the same way WebAuthn does its WebAuthnRequest
object, for the same purpose.

- Review updates from Keeler; thanks!


MozReview-Commit-ID: HaTKopFakDB

--HG--
extra : rebase_source : f55918f76117abb0f120b21a742c3705c2640225
2017-02-01 15:00:34 -07:00
J.C. Jones ff0d7b7db5 Bug 1333592 - Fix a regression with U2F sign() called with multiple keys r=keeler
Add a test that U2F supports signing with multiple keys.

Reorder the WaitGroupDone calls to ensure they always fire, even if there
are multiple actions in flight.

Also, change the status lanbda captures to capture by reference, and disable
the copy constructor that would let the by-value work. Interestingly, the
compiler is choosing by-reference by default -- at least logs show that the
behavior is correct without this change, but still - this is the right thing to
do.

Updated: Fix the unit tests and write a README that explains why they have to
         use an iframe, while WebAuthn tests do not.

MozReview-Commit-ID: AqSyxU5N4yu

--HG--
extra : rebase_source : b8f18973891ba63ac364203dece65a0689f46ee5
2017-01-26 15:18:50 -07:00
Bevis Tseng 07d4b0dc79 Bug 1314833 - Part 4: Factor out AbstractThread::MainThread() used in U2F. r=billm
MozReview-Commit-ID: 7TcbTE9wab0

--HG--
extra : rebase_source : b2c090e6e154d170f185d0f59ecfb456c074d94c
2016-11-22 14:19:06 +08:00
Kyle Machulis eddc328040 Bug 1330138 - Remove unused USBToken class from U2F API; r=jcj
MozReview-Commit-ID: HAWLD202fwi
2017-01-19 14:18:32 -08:00
Kyle Machulis 14bcecc66f Bug 1330138 - Divide U2F and WebAuthn into separate directories; r=jcj
MozReview-Commit-ID: FCCSL6XWhTf


--HG--
rename : dom/u2f/NSSU2FTokenRemote.cpp => dom/webauthn/NSSU2FTokenRemote.cpp
rename : dom/u2f/NSSU2FTokenRemote.h => dom/webauthn/NSSU2FTokenRemote.h
rename : dom/u2f/ScopedCredential.cpp => dom/webauthn/ScopedCredential.cpp
rename : dom/u2f/ScopedCredential.h => dom/webauthn/ScopedCredential.h
rename : dom/u2f/ScopedCredentialInfo.cpp => dom/webauthn/ScopedCredentialInfo.cpp
rename : dom/u2f/ScopedCredentialInfo.h => dom/webauthn/ScopedCredentialInfo.h
rename : dom/u2f/WebAuthnAssertion.cpp => dom/webauthn/WebAuthnAssertion.cpp
rename : dom/u2f/WebAuthnAssertion.h => dom/webauthn/WebAuthnAssertion.h
rename : dom/u2f/WebAuthnAttestation.cpp => dom/webauthn/WebAuthnAttestation.cpp
rename : dom/u2f/WebAuthnAttestation.h => dom/webauthn/WebAuthnAttestation.h
rename : dom/u2f/tests/test_webauthn_get_assertion.html => dom/webauthn/tests/test_webauthn_get_assertion.html
rename : dom/u2f/tests/test_webauthn_loopback.html => dom/webauthn/tests/test_webauthn_loopback.html
rename : dom/u2f/tests/test_webauthn_make_credential.html => dom/webauthn/tests/test_webauthn_make_credential.html
rename : dom/u2f/tests/test_webauthn_no_token.html => dom/webauthn/tests/test_webauthn_no_token.html
rename : dom/u2f/tests/test_webauthn_sameorigin.html => dom/webauthn/tests/test_webauthn_sameorigin.html
2017-01-19 14:18:32 -08:00
J.C. Jones 0851d956ab Bug 1329802 - WebAuthn Unit Tests: Add Unit Tests r=keeler
This uses the new mochitest "scheme" option from Bug 1286312. This cannot land
until after Bug 1286312 does.

For now, you can test locally by adding
  --setpref dom.securecontext.whitelist=mochi.test
to your command line, such as:

~/hg/mozilla-central/mach mochitest \
  --setpref dom.securecontext.whitelist=mochi.test ./dom/u2f/tests/

Updated:
Review fixes (thanks keeler!)

MozReview-Commit-ID: 7jTxF3Mrtcg

--HG--
extra : rebase_source : 72c24bdc028e440705598c694f3c4119d5304d83
2017-01-09 13:28:02 -07:00
Florian Quèze 85611a7b6d Bug 1331081 - script generated patch to omit addEventListener/removeEventListener's third parameter when it's false, r=jaws.
--HG--
extra : rebase_source : a22344ee1569f58f1f0a01017bfe0d46a6a14602
2017-01-17 11:50:25 +01:00
J.C. Jones 0109e409da Bug 1309284 - WebAuthn JS API [part 3]: Support origin relax algorithm r=keeler
The WebAuthn specification calls for running the HTML5.1 algorithm that
occurs when you modify document.domain from JS, and use that algorithm's
output for the "Relying Party ID" through the rest of the WebAuthn algorithm.

This code paves the way for that to be added in Bug 1329764, once the spec
issues upstream are resolved.


MozReview-Commit-ID: DNNcr3Gh1Be

--HG--
extra : rebase_source : f9e956fcb7c4b1418bbab5d45dec684c0c20b00b
2017-01-09 13:55:59 -07:00
J.C. Jones a1af416c57 Bug 1309284 - WebAuthn JS API [part 2]: Bugfixes from testing r=keeler
Add more debugging information to signing operations for the NSS Soft Token.

Bugfixes in WebAuthentication.cpp:
- Calculate ArrayBuffer/View before using.
- Fix an instance where we should return NotSupportedError.
- Fix several instances where we should return Out Of Memory.
- Fix a MozPromise assertion that occurs in GetAssertion if you coerce an early
  return.
- Mark all constructors explicit.

MozReview-Commit-ID: DQWHqZIlau9

--HG--
extra : rebase_source : f0f2bdde650e61c90b9b47c20c2427f1340f2d97
2016-12-16 10:44:56 -07:00
J.C. Jones e6dd50ba10 Bug 1309284 - Implement W3C Web Authentication JS API [part 1] r=keeler,qdot
This patch implements the W3C Web Authentication API from
https://www.w3.org/TR/webauthn/, currently the 28 September 2016
working draft.

It utilizes a tentative binding of the U2F NSS Soft Token to provide
authentication services while waiting on Bug 1245527 to support USB HID-based
U2F tokens. This binding is not in the specification yet, so it should be
considered an experiment to help the specification move fowrard.

There are also a handful of deviations from the specification's WebIDL, which
are annotated with comments in WebAuthentication.webidl.

There are no tests in this commit; they are in Part 4 of this commit series.
There is a small script online at https://webauthn.bin.coffee/ to exercise this
code, but it doesn't do any automated checks.

There are also a handful of TODOS:
1) The algorithm to relax the same-origin restriction is in Part 3.
2) The use of AlgorithmIdentifier and having a way to coerce an object to a
   string is still missing.
3) Timeouts and deadlines aren't there, and are pending reworking how
   the nsIU2FToken interface works.

UPDATED:
- Address qdot, keeler review comments (thanks!)
- Address more qdot, keeler review comments (thanks!)

MozReview-Commit-ID: JITapI38iOh

--HG--
extra : rebase_source : 9a09e852dd0c8dc47f42dabbcf8b845a6828b225
2017-01-09 13:22:49 -07:00
Andi-Bogdan Postelnicu 359856eb75 Bug 1308868 - Add ignore-initialization-check annotation to mErrorCode from U2FStatus. r=baku
MozReview-Commit-ID: 1dIKcbbeStW
2016-10-17 16:10:17 +03:00
J.C. Jones 0f6b60fc2f Bug 1297552 - Reorder parts of U2F.cpp r=keeler
MozReview-Commit-ID: L1juEjU6AMJ

--HG--
extra : transplant_source : %7FpE%29%9C%A2%B5%40%8716%16%1C%B7%B56%F5%19VJ
2016-10-06 14:35:57 -07:00
J.C. Jones 4b548ed05e Bug 1297552 - Use MozPromise to run U2F operations in parallel. r=keeler
This patch sets up the U2F system to support multiple nsIU2FToken
"authenticators" simultaneously, such as having both a USB and a Bluetooth Smart
implementation enabled at the same time. It also paves the way to support
timeout interruptions (for Bug 1301793).

- Executes operations across a list of authenticators.
- Uses runnables, via MozPromise and SharedThreadPool.
- Remove nsNSSShutDownPreventionLock from U2F*Task and move to U2F*Runnable
- Review updates
- Some of the review updates from earlier changeset are ... painful to merge
  back before this one, so I'm just tacking them on here.

It's still missing some things, though:
- It's not actually executing the operations in parallel yet, as invoking
  methods on NSSU2FTokenRemote from a worker thread throws exceptions while
  obtaining ContentChild::GetSingleton().

MozReview-Commit-ID: EUdZQesASo2
***
Bug 1297552 - Updates per review r?keeler


MozReview-Commit-ID: EHIWM74tfYG

--HG--
extra : transplant_source : %F9%9E%9E%5B7%19R0%7D%C1%B1%FB%BD%97%26%B2%A3%9CTg
2016-10-12 20:56:56 -07:00
J.C. Jones 4f92cc6d96 Bug 1297552 - Only permit U2F operations in e10s mode r=keeler
- Breaks compatibility with non-e10s windows, as the underlying USB
  implementation from Bug 1298838 won't support non-e10s either.
- Now that U2F doesn't support non-e10s, disable tests if we're not in
  e10s mode.

MozReview-Commit-ID: 5F2323xtXEC

--HG--
extra : transplant_source : v%1Fl%C0%2AJ%26k4%89/%95v%89%12%87%94Y%3Cs
2016-10-07 17:28:52 -07:00
J.C. Jones ec6a7a9491 Bug 1297552 - Perform U2F hash operations more efficiently r=keeler
Moves hash calculations to happen only once per JS-invoked Register/Sign
operation.

MozReview-Commit-ID: FuA95qCl1rG

--HG--
extra : transplant_source : %81%A48%8D%FF%82%89M%A7%C4%11%07%B6%94M%C2U%1FY%E8
2016-10-06 13:07:17 -07:00
J.C. Jones 91e424db5d Bug 1306142 - Unchecked return code in U2F. r=keeler
The U2F.cpp code fails to test all returns from CryptoBuffer.Assign(),
leading (when OOM) to potentially empty registration keys (during Register),
or empty attestations (during Sign).

This is a protocol violation, and forced testing at Dropbox,
u2fdemo.appspot.com, and u2f.bin.coffee show that those Relying Parties'
implementations properly error out if the registration or attestation is empty,
as would happen in this instance.

As this is only on an OOM condition, it's not really feasible to add an
automated test.

Also catches one other Assign() that isn't properly returning
"NS_ERROR_OUT_OF_MEMORY".
2016-10-07 16:48:55 -07:00
J.C. Jones 6981fcdfd8 Bug 1281932 - Fix intermittent u2f tests r=keeler
This is reworking the U2F tests to do two things:

1) Don't run all the tests in one big frame; that makes it hard to tell
   what test is actually dying in Treeherder.
2) Fix the obvious possible test races with the async functions which could be
   causing the intermittent

- Review updates per keeler
- Change inappropriate uses of 'var' to 'let' in u2futil.js (kudos, keeler)
- Rework frame_no_token.html to follow the same pattern as the others
- Catch unexpected messages on the u2f testing harness
- Update 2: Go back to a pre-set number of expected async tests.

MozReview-Commit-ID: 6uLt5O1lUa3

--HG--
rename : dom/u2f/tests/test_frame_appid_facet.html => dom/u2f/tests/frame_appid_facet.html
rename : dom/u2f/tests/test_frame_appid_facet_insecure.html => dom/u2f/tests/frame_appid_facet_insecure.html
rename : dom/u2f/tests/test_frame_appid_facet_subdomain.html => dom/u2f/tests/frame_appid_facet_subdomain.html
rename : dom/u2f/tests/test_frame_register.html => dom/u2f/tests/frame_register.html
rename : dom/u2f/tests/test_frame_register_sign.html => dom/u2f/tests/frame_register_sign.html
extra : rebase_source : 1255bd8ba17a141c3c8205a277c06c483540de90
2016-10-10 17:06:31 -07:00
Nicholas Nethercote 34dcc7b852 Bug 1299384 - Use MOZ_MUST_USE with NS_warn_if_impl(). r=erahm.
This change avoids lots of false positives for Coverity's CHECKED_RETURN
warning, caused by NS_WARN_IF's current use in both statement-style and
expression-style.

In the case where the code within the NS_WARN_IF has side-effects, I made the
following change.

> NS_WARN_IF(NS_FAILED(FunctionWithSideEffects()));
> -->
> Unused << NS_WARN_IF(NS_FAILED(FunctionWithSideEffects()));

In the case where the code within the NS_WARN_IF lacks side-effects, I made the
following change.

> NS_WARN_IF(!condWithoutSideEffects);
> -->
> NS_WARNING_ASSERTION(condWithoutSideEffects, "msg");

This has two improvements.
- The condition is not evaluated in non-debug builds.
- The sense of the condition is inverted to the familiar "this condition should
  be true" sense used in assertions.

A common variation on the side-effect-free case is the following.

> nsresult rv = Fn();
> NS_WARN_IF_(NS_FAILED(rv));
> -->
> DebugOnly<nsresult rv> = Fn();
> NS_WARNING_ASSERTION(NS_SUCCEEDED(rv), "Fn failed");

--HG--
extra : rebase_source : 58788245021096efa8372a9dc1d597a611d45611
2016-09-02 17:12:24 +10:00
Cykesiopka a16f7b0f6a Bug 1296316 - Convert nsNSSShutDownObject::CalledFromType to an enum class. r=mgoodwin
enum classes are in general safer than plain enums, and as such should be
preferred.

MozReview-Commit-ID: 1FK89SNhdk4

--HG--
extra : rebase_source : 764c4855026c02d8c9e33ca33637fec54ea5ca31
2016-08-20 23:00:19 +08:00
Tom Tromey 5538d692d3 Bug 1286877 - do not set c-basic-offset for python-mode; r=gps
This removes the unnecessary setting of c-basic-offset from all
python-mode files.

This was automatically generated using

    perl -pi -e 's/; *c-basic-offset: *[0-9]+//'

... on the affected files.

The bulk of these files are moz.build files but there a few others as
well.

MozReview-Commit-ID: 2pPf3DEiZqx

--HG--
extra : rebase_source : 0a7dcac80b924174a2c429b093791148ea6ac204
2016-07-14 10:16:42 -06:00
J.C. Jones 8524776280 Bug 1275479 - Create nsIU2FToken base interface (Part 2). r=keeler
Create a base "nsIU2FToken" interface that all tokens must implement. This
patch does not change U2F.cpp from initializing tokens monolithically, but
if/when future tokens are added, the implementer may want to do that.

MozReview-Commit-ID: GQuu6NolF4D

--HG--
extra : transplant_source : %3Fi%8E%C4n%BF%C1%DB%DB%03HjG%B5%9Ct%9EMWH
2016-05-27 13:44:20 -07:00
J.C. Jones a253e31ba2 Bug 1275479 - Refactor U2F Token Interface (Part 1). r=keeler
Rework U2F.cpp to use a collection of nsINSSU2FToken for U2F/WebAuth operations.

MozReview-Commit-ID: 9qwllawzOWh

--HG--
extra : transplant_source : %E1%7B%15%AEp%8C%1A%3C%E5%9F%13%D1%B3%1D%BB%C2%88%07%0AX
2016-05-31 20:51:24 -07:00
J.C. Jones fa14e077d5 Bug 1265211 - Fix intermittent U2F Test r=mgoodwin
- The u2futil.js script's verifySignature method was causing an intermittent
  in test_frame_register_sign.html due to incomplete ASN.1 decoding. Since
  we're calready pulling in an ASN.1 parsing library, this changes that code to
  do a complete parse and santizize, which should cover all cases.

MozReview-Commit-ID: 9kDWT2KUFdq

--HG--
extra : transplant_source : %A9CD%CD%E7E%11s%0A%82ls%5B%7B%80jQ%FC%FE%0B
2016-04-19 08:49:13 -07:00
Kyle Huey c73656947b Bug 1265927: Move nsRunnable to mozilla::Runnable, CancelableRunnable to mozilla::CancelableRunnable. r=froydnj 2016-04-25 17:23:21 -07:00
J.C. Jones f55c5966d7 Bug 1264472 - Use nsRunnables in FIDO U2F. r=keeler
- Move the AppID/FacetID algorithm into its own (potentially reentrant) method
  to facilitate Bug 1244959
- Change the Register and Sign operations to be Runnables so that in the future
  they can be executed after (future) remote fetches
- Clean up error handling
- Remove unnecessary remote-load Facet test files; we'll re-add some form of
  them when the remote load algorithm is completed

MozReview-Commit-ID: 4K1q6ovzhgf

--HG--
extra : transplant_source : /%7F/%96o1%3E%5E%17%20%A2%D0%AA%10%21%88%19%D9%B3%C9
extra : histedit_source : 4d3c61294951920a22e1f1eb7846a2a03f7cd2f0
2016-04-18 14:49:07 -07:00
J.C. Jones c86b49406f Bug 1244960 - FIDO u2f NSSToken (Part 5): Review updates. r=keeler
MozReview-Commit-ID: BcsEltYEQAW

--HG--
extra : transplant_source : %BE%3D%08%DBeD%27q%96%3E%EC%C6z%AA%60Q%9E%E8%BE%86
2016-04-14 10:48:53 -07:00
J.C. Jones 9c17f635f9 Bug 1244960 - FIDO u2f NSSToken (Part 4): Correct FacetID base algorithm. r=keeler
Work on the FacetID/AppID algorithm showed this patch had incorrect usage of
the eTLD+1 checking, so this patch removes those checks until the more
sophisticated algorithm lands in Bug 1244959.

MozReview-Commit-ID: 2k6N5AU0J68

--HG--
extra : transplant_source : %B7n%17%00%DF%AB%F4OG%7E%D1%F0p%B1%AC%9Bq%C9%2B%D0
2016-04-13 10:32:25 -07:00
J.C. Jones 358a9ece05 Bug 1244960 - FIDO u2f NSSToken (Part 3): Review updates. r=keeler
MozReview-Commit-ID: FkPHy9GGarU

--HG--
extra : transplant_source : %8Dd0%BA%FD%E93%8E%A7%C5%01Cn%02%0F%0C%3E%5D%9C%96
2016-04-13 10:20:37 -07:00
J.C. Jones 3b81894a7e Bug 1244960 - FIDO u2f NSSToken (Part 2): Use Attestation Certificates. r=keeler
- Add an ephemeral self-signed Attestation Cert to NSSToken
  - A new one is generated at each call to Register; this is allowed by the
    protocol, and avoids fingerprinting if the NSSToken is in use.
- This now passes at https://u2fdemo.appspot.com/

MozReview-Commit-ID: Aq61MuX9oSD

--HG--
extra : transplant_source : %C1%00n6%22%01%E7q%B4/%D8-%C5W%D4%E6%86%14%25%C2
2016-03-28 18:55:52 -07:00
J.C. Jones 63f7ce5155 Bug 1244960 - Complete FIDO u2f NSSToken (Part 1). r=keeler, r=baku
- Merge in test changes from Bug 1255784.
- Remove the unnecessary mutex
- Stop doing direct memory work in NSS Token
- Clean up direct memory work in ContentParent
- In order to store persistent crypto parameters, the NSSToken had to move
  onto the main thread and be interfaced with via IDL/IPDL.
- Support Register/Sign via NSS using a long-lived secret key
- Rename the softtoken/usbtoken "enable" prefs, because of hierarchy issues
  with the WebIDL Pref shadowing.
- Also orders the includes on nsNSSModule.cpp
- Attestation Certificates are in Part 2.

Updates per keeler review comments:

- Use //-style comments everywhere
- Refactor the PrivateKeyFromKeyHandle method
- Rename the logging and fix extraneous NS_WARN_IF/logging combinations
- Other updates from review

April 11-12:

- Correct usage of the "usageCount" flag for PK11_UnwrapPrivKey
- Rebase up to latest

April 15:
- Rebase to latest

MozReview-Commit-ID: 6T8jNmwFvHJ

--HG--
extra : transplant_source : w%26%CES%2Cu%04%3EAl%04%2Cb%E2v%C9%08%3A%CC%F4
2016-04-15 09:29:12 -07:00
Andrea Marchesini 4321cda2ba Bug 1255784 - u2f tests should use SpecialPowers.pushPrefEnv, r=jjones 2016-03-11 18:20:55 +01:00
J.C. Jones 70bc936cba Bug 1231681 - "Implement window.u2f interface". r=baku, r=dkeeler 2016-02-09 16:43:00 +01:00