The U2FSoftTokenManager is a synchronous implementation and thus didn't need a
timeout so far. We need it for the U2FHIDTokenManager though to let user
interaction timeout properly.
Thus, add a timeout argument to the methods required by the U2FTokenTransport
interface and forward that to the token manager implementations.
This adjusts tests to also check origin-based RP IDs, for interop
purposes. When we officially move up to WD-06, we'll want to remove these.
MozReview-Commit-ID: FJRg7vxZIcN
--HG--
extra : rebase_source : 6b89ef1ec5f8f6312bc00740b171540dd2a111cf
A recent fixup commit [1] changed "RP ID" fields in WebAuthn to be domain
strings rather than origins, which matches the current editor's draft of
Web Authentication. Unfortunately, this is contrary to the interop WD-05,
which requires they be origins.
We should be tolerant of origins for now, and in the follow-on Bug 1381126
we'll remove this tolerance once we get past initial WD-05 interop.
[1] https://hg.mozilla.org/mozilla-central/rev/e173fd86d931
MozReview-Commit-ID: Cz2KaHvOIHz
--HG--
extra : rebase_source : eafac0cbab324c566a7ae64004f85258ca3ba805
nsHTMLDocument included IsRegistrableDomainSuffixOfOrEqualTo() to facilitate
some use cases in Web Authentication, and this patch adds support to our
implementation. The general idea is to permit relaxing some of the same-origin
policy for single-sign-on type approaches, while restricting other uses. [1]
[1] https://w3c.github.io/webauthn/#rp-id
MozReview-Commit-ID: BP74OYvcwBJ
--HG--
extra : rebase_source : 94b62f9063de129dc30c4457578b50088a3c92e0
The spec for WebAuthn defines "RP ID" as a "valid domain string" [1], whereas we
were using an origin string (with the scheme and whatnot). This patch corrects
the default rpId strings (when not overriden) to be domain strings.
[1] https://w3c.github.io/webauthn/#rp-id
MozReview-Commit-ID: 2p1cEQDa2FV
--HG--
extra : rebase_source : 8be13b8e88abb409e15c1bf9142f18d786699504
This patch adds a skeleton U2FHIDTokenManager that returns
NS_ERROR_NOT_IMPLEMENTED for ::Register() and ::Sign().
This will help test calling into the Rust library and make it easier to
implement the full USB HID transport.
This patch adds a Cancel() method to the U2FTokenTransport interface so that
we can forward request cancellations to the actual token manager implementation.
The current softtoken doesn't need that as it processes API calls synchronously,
USB HID tokens however need a cancellation mechanism.
The SendRequestCancel() call has been removed from WebAuthnManager::Cancel() as
we're currently only calling this method either when the chrome process
cancels the request (and then we don't need to send it back again) or the
content process fails to process the data after a request was fulfilled and
thus there's nothing to cancel. We will touch this again later when the UI
cancels requests on tab switch and similar user actions.
The U2F Soft Token, due to its usage of NSS, has to have const values be
marked non-const - but no such limitation should exist for other implementations
of U2F, so this patch moves the const_cast-ing from the U2FTokenManager-level
down to the U2FSoftTokenManager, where it is actually necessary.
Credit to Axel Nennker for this patch.
MozReview-Commit-ID: Kw6zfTDI3GL
--HG--
extra : rebase_source : 90e31e2da9e021043509653a476ddaae03078e55
Takes functionality from NSSU2FToken/NSSU2FTokenRemote classes, and
moves it into a U2FSoftToken class. Leaves
NSSU2FToken/NSSU2FTokenRemote classes intact so as not to break U2F
API code (to be ported to async IPC in bug 1354330).
MozReview-Commit-ID: El2MCcYUrtE
Takes functionality that was in the WebAuthentication class that now
needs to be handled by the parent process, and moves it to the
U2FTokenManager singleton class. U2FTokenManager is created on the
PBackground thread during the first WebAuthn transaction, and manages
hardware access and transaction management for the lifetime of the
browser session. Patch also adds parent classes for WebAuthn IPC
protocol.
MozReview-Commit-ID: EnhgUTPdlMZ
Takes functionality once in the WebAuthentication DOM class that needs
to be handled by the content process, and moves it to a
singleton (per-content-process) manager class. This allows the
WebAuthn API to centralize management of transactions and IPC
channels. Patch also creates the child (content-process) classes for
WebAuthn IPC channels.
MozReview-Commit-ID: 6ju2LK8lvNR
Before the patch set for bug 1323339, WebAuthentication was managing
almost all content-side functionality for the WebAuthn API. This
would've made it difficult to support IPC, transaction interruption,
etc... This patch strips most of the functionality out of
WebAuthentication. The functionality will be moved to the
WebAuthnManager class in the next patch, for sake of review coherence.
MozReview-Commit-ID: 9Uup8NhLVBj
This change includes the FIDO "App ID" as part of the function used to generate
the wrapping key used in the NSS-based U2F soft token, cryptographically binding
the "Key Handle" to the site that Key Handle is intended for.
This is a breaking change with existing registered U2F keys, but since our soft
token is hidden behind a pref, it does not attempt to be backward-compatible.
- Updated for rbarnes' and qdot's reviews comments. Thanks!
- Made more strict in size restrictions, and added a version field
to help us be this strict.
- Bugfix for an early unprotected buffer use (Thanks again rbarnes!)
- Fix a sneaky memory leak re: CryptoBuffer.ToSECItem
MozReview-Commit-ID: Jf6gNPauT4Y
--HG--
extra : rebase_source : 4ff5898e93e4a0a75576e5e54035a1cb6dd952d7
This change includes the FIDO "App ID" as part of the function used to generate
the wrapping key used in the NSS-based U2F soft token, cryptographically binding
the "Key Handle" to the site that Key Handle is intended for.
This is a breaking change with existing registered U2F keys, but since our soft
token is hidden behind a pref, it does not attempt to be backward-compatible.
- Updated for rbarnes' and qdot's reviews comments. Thanks!
- Made more strict in size restrictions, and added a version field
to help us be this strict.
- Bugfix for an early unprotected buffer use (Thanks again rbarnes!)
MozReview-Commit-ID: Jf6gNPauT4Y
--HG--
extra : rebase_source : 52d10287d10698292e1480e04f580f6f8b4847cb
Wes Kocher
Tim Taubert
J.C. Jones
Bill McCloskey
Carsten "Tomcat" Book
David Keeler
Axel Nennker
Kyle Machulis
Iris Hsiao
Joel Maher
Sebastian Hengst
Bevis Tseng