Tim Taubert
0af61da4ec
Bug 1406471 - Web Authentication - Implement FIDO AppID Extension r=jcj,smaug
...
Reviewers: jcj, smaug
Reviewed By: jcj
Bug #: 1406471
Differential Revision: https://phabricator.services.mozilla.com/D595
2018-02-22 10:53:49 +01:00
Andrew McCreight
298aa82710
Bug 1412125, part 2 - Fix dom/ mode lines. r=qdot
...
This was automatically generated by the script modeline.py.
MozReview-Commit-ID: BgulzkGteAL
--HG--
extra : rebase_source : a4b9d16a4c06c4e85d7d85f485221b1e4ebdfede
2017-10-26 15:08:41 -07:00
J.C. Jones
95d83ac876
Bug 1387820 - WebAuthn WD-05 Get Assertion Data Fix r=keeler
...
The WebAuthn WD-05 specification's Get Assertion method defines the returned
AuthenticatorAssertionResponse as providing ClientData, AuthenticatorData, and
the Signature from the Authenticator. Our implementation is incorrectly setting
AuthenticatorData and Signature:
AuthenticatorData as a structure is intended to mirror the structure from
the AuthenticatorData [1] section of the Attestation CBOR Object [2] in the
MakeCredential method, which we weren't doing _at all_. This is clarified in
the editor's draft of the specification, soon to be WD-06.
Signature for U2F Authenticators is defined as the "attestation signature", [3]
which is under-specified and we assumed would be the raw output from the U2F
Authenticator [4]. This should instead be the raw ANSI X9.62 signature with no
additional bytes. [5]
[1] https://www.w3.org/TR/2017/WD-webauthn-20170505/#sec-authenticator-data
[2] https://www.w3.org/TR/2017/WD-webauthn-20170505/#sec-attestation-data
[3] https://www.w3.org/TR/2017/WD-webauthn-20170505/#fido-u2f-attestation
[4] https://lists.w3.org/Archives/Public/public-webauthn/2017Aug/0078.html
[5] https://bugzilla.mozilla.org/show_bug.cgi?id=1387820#c4
MozReview-Commit-ID: DTIOILfS4pK
--HG--
extra : rebase_source : 996c10b2f0359b34f45cf370bb8483c2dc9d3b6e
2017-08-09 20:05:23 -07:00
J.C. Jones
3987ef311b
Bug 1380529 - Use CBOR for the Create Credential WebAuthn call (2/3) r=ttaubert
...
The WebAuthn Create Credential method should encode its results using CBOR;
this patch changes to that format.
The CBOR formats for the U2F data are specified in [1][2]
The attestation data format is in [3]
The high-level layout is in [4]
[1] https://w3c.github.io/webauthn/#generating-an-attestation-object
[2] https://w3c.github.io/webauthn/#fido-u2f-attestation
[3] https://w3c.github.io/webauthn/#sec-attestation-data
[4] https://w3c.github.io/webauthn/#sctn-attestation
MozReview-Commit-ID: BYoFCJSxlLt
--HG--
extra : rebase_source : 190cb5f128659c7a947645abbc172c8aa39e4d40
2017-07-13 18:12:50 -07:00
Kyle Machulis
e0c24a5abd
Bug 1323339 - Add WebAuthnManager and support IPC Child classes; r=jcj r=baku
...
Takes functionality once in the WebAuthentication DOM class that needs
to be handled by the content process, and moves it to a
singleton (per-content-process) manager class. This allows the
WebAuthn API to centralize management of transactions and IPC
channels. Patch also creates the child (content-process) classes for
WebAuthn IPC channels.
MozReview-Commit-ID: 6ju2LK8lvNR
2017-05-09 13:21:23 -07:00