mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
713 773 коммитов 615 Ветки 98 Теги 5,7 GiB
Граф коммитов

11 Коммитов

Автор SHA1 Сообщение Дата
J.C. Jones 1746417e71 Bug 1539541 - Enable FIDO U2F API, and permit registrations for Google Accounts r=keeler,qdot 
Per the thread "Intent-to-Ship: Backward-Compatibility FIDO U2F support for
Google Accounts" on dev-platform [0], this bug is to:

  1. Enable the security.webauth.u2f by default, to ride the trains

  2. Remove the aOp == U2FOperation::Sign check from EvaluateAppID in
     WebAuthnUtil.cpp, permitting the Google override to work for Register as
     well as Sign.

This would enable Firefox users to use FIDO U2F API on most all sites, subject
to the algorithm limitations discussed in the section "Thorny issues in
enabling our FIDO U2F API implementation" of that post.

[0] https://groups.google.com/d/msg/mozilla.dev.platform/q5cj38hGTEA/lC834665BQAJ

Differential Revision: https://phabricator.services.mozilla.com/D25241

--HG--
extra : moz-landing-system : lando
 2019-03-29 17:16:13 +00:00
Alex Gaynor 823516cc43 Bug 1536097 - Part 5 - convert AttestationConveyancePreference to use ParamTraits for deserialization; r=jcj 
Depends on D24065

Differential Revision: https://phabricator.services.mozilla.com/D24066

--HG--
extra : moz-landing-system : lando
 2019-03-19 23:25:35 +00:00
Alex Gaynor 12dcc5de20 Bug 1536097 - Part 4 - convert UserVerificationRequirement to use ParamTraits for deserialization; r=jcj 
Depends on D24064

Differential Revision: https://phabricator.services.mozilla.com/D24065

--HG--
extra : moz-landing-system : lando
 2019-03-19 23:25:47 +00:00
Alex Gaynor 8db559a3fd Bug 1536097 - Part 1 - convert WebAuthnMaybeAuthenticatorAttachment to use a native IPDL maybe and use ParamTraits for deserialization; r=jcj 
Differential Revision: https://phabricator.services.mozilla.com/D24062

--HG--
extra : moz-landing-system : lando
 2019-03-20 15:23:44 +00:00
Sylvestre Ledru 265e672179 Bug 1511181 - Reformat everything to the Google coding style r=ehsan a=clang-format 
# ignore-this-changeset

--HG--
extra : amend_source : 4d301d3b0b8711c4692392aa76088ba7fd7d1022
 2018-11-30 11:46:48 +01:00
Tim Taubert 2a252e45a4 Bug 1464015 - Web Authentication - Rework IPC layer for future Android/Windows support r=jcj 
Reviewers: jcj

Reviewed By: jcj

Subscribers: mgoodwin

Bug #: 1464015

Differential Revision: https://phabricator.services.mozilla.com/D1378
 2018-05-30 16:06:09 +02:00
Tim Taubert 0af61da4ec Bug 1406471 - Web Authentication - Implement FIDO AppID Extension r=jcj,smaug 
Reviewers: jcj, smaug

Reviewed By: jcj

Bug #: 1406471

Differential Revision: https://phabricator.services.mozilla.com/D595
 2018-02-22 10:53:49 +01:00
Andrew McCreight 298aa82710 Bug 1412125, part 2 - Fix dom/ mode lines. r=qdot 
This was automatically generated by the script modeline.py.

MozReview-Commit-ID: BgulzkGteAL

--HG--
extra : rebase_source : a4b9d16a4c06c4e85d7d85f485221b1e4ebdfede
 2017-10-26 15:08:41 -07:00
J.C. Jones 95d83ac876 Bug 1387820 - WebAuthn WD-05 Get Assertion Data Fix r=keeler 
The WebAuthn WD-05 specification's Get Assertion method defines the returned
AuthenticatorAssertionResponse as providing ClientData, AuthenticatorData, and
the Signature from the Authenticator. Our implementation is incorrectly setting
AuthenticatorData and Signature:

AuthenticatorData as a structure is intended to mirror the structure from
the AuthenticatorData [1] section of the Attestation CBOR Object [2] in the
MakeCredential method, which we weren't doing _at all_. This is clarified in
the editor's draft of the specification, soon to be WD-06.

Signature for U2F Authenticators is defined as the "attestation signature", [3]
which is under-specified and we assumed would be the raw output from the U2F
Authenticator [4]. This should instead be the raw ANSI X9.62 signature with no
additional bytes. [5]

[1] https://www.w3.org/TR/2017/WD-webauthn-20170505/#sec-authenticator-data
[2] https://www.w3.org/TR/2017/WD-webauthn-20170505/#sec-attestation-data
[3] https://www.w3.org/TR/2017/WD-webauthn-20170505/#fido-u2f-attestation
[4] https://lists.w3.org/Archives/Public/public-webauthn/2017Aug/0078.html
[5] https://bugzilla.mozilla.org/show_bug.cgi?id=1387820#c4

MozReview-Commit-ID: DTIOILfS4pK

--HG--
extra : rebase_source : 996c10b2f0359b34f45cf370bb8483c2dc9d3b6e
 2017-08-09 20:05:23 -07:00
J.C. Jones 3987ef311b Bug 1380529 - Use CBOR for the Create Credential WebAuthn call (2/3) r=ttaubert 
The WebAuthn Create Credential method should encode its results using CBOR;
this patch changes to that format.

The CBOR formats for the U2F data are specified in [1][2]

The attestation data format is in [3]

The high-level layout is in [4]

[1] https://w3c.github.io/webauthn/#generating-an-attestation-object
[2] https://w3c.github.io/webauthn/#fido-u2f-attestation
[3] https://w3c.github.io/webauthn/#sec-attestation-data
[4] https://w3c.github.io/webauthn/#sctn-attestation

MozReview-Commit-ID: BYoFCJSxlLt

--HG--
extra : rebase_source : 190cb5f128659c7a947645abbc172c8aa39e4d40
 2017-07-13 18:12:50 -07:00
Kyle Machulis e0c24a5abd Bug 1323339 - Add WebAuthnManager and support IPC Child classes; r=jcj r=baku 
Takes functionality once in the WebAuthentication DOM class that needs
to be handled by the content process, and moves it to a
singleton (per-content-process) manager class. This allows the
WebAuthn API to centralize management of transactions and IPC
channels. Patch also creates the child (content-process) classes for
WebAuthn IPC channels.

MozReview-Commit-ID: 6ju2LK8lvNR
 2017-05-09 13:21:23 -07:00