зеркало из https://github.com/mozilla/gecko-dev.git
394 строки
12 KiB
C++
394 строки
12 KiB
C++
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
/* vim:set ts=2 sw=2 sts=2 et cindent: */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
|
* You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#include "mozilla/dom/U2FTokenManager.h"
|
|
#include "mozilla/dom/U2FTokenTransport.h"
|
|
#include "mozilla/dom/U2FHIDTokenManager.h"
|
|
#include "mozilla/dom/U2FSoftTokenManager.h"
|
|
#include "mozilla/dom/WebAuthnTransactionParent.h"
|
|
#include "mozilla/MozPromise.h"
|
|
#include "mozilla/dom/WebAuthnUtil.h"
|
|
#include "mozilla/ClearOnShutdown.h"
|
|
#include "mozilla/Unused.h"
|
|
#include "hasht.h"
|
|
#include "nsICryptoHash.h"
|
|
#include "pkix/Input.h"
|
|
#include "pkixutil.h"
|
|
|
|
// Not named "security.webauth.u2f_softtoken_counter" because setting that
|
|
// name causes the window.u2f object to disappear until preferences get
|
|
// reloaded, as its pref is a substring!
|
|
#define PREF_U2F_NSSTOKEN_COUNTER "security.webauth.softtoken_counter"
|
|
#define PREF_WEBAUTHN_SOFTTOKEN_ENABLED "security.webauth.webauthn_enable_softtoken"
|
|
#define PREF_WEBAUTHN_USBTOKEN_ENABLED "security.webauth.webauthn_enable_usbtoken"
|
|
|
|
namespace mozilla {
|
|
namespace dom {
|
|
|
|
/***********************************************************************
|
|
* Statics
|
|
**********************************************************************/
|
|
|
|
class U2FPrefManager;
|
|
|
|
namespace {
|
|
static mozilla::LazyLogModule gU2FTokenManagerLog("u2fkeymanager");
|
|
StaticRefPtr<U2FTokenManager> gU2FTokenManager;
|
|
StaticRefPtr<U2FPrefManager> gPrefManager;
|
|
}
|
|
|
|
class U2FPrefManager final : public nsIObserver
|
|
{
|
|
private:
|
|
U2FPrefManager() :
|
|
mPrefMutex("U2FPrefManager Mutex")
|
|
{
|
|
UpdateValues();
|
|
}
|
|
~U2FPrefManager() = default;
|
|
|
|
public:
|
|
NS_DECL_ISUPPORTS
|
|
|
|
static U2FPrefManager* GetOrCreate()
|
|
{
|
|
MOZ_ASSERT(NS_IsMainThread());
|
|
if (!gPrefManager) {
|
|
gPrefManager = new U2FPrefManager();
|
|
Preferences::AddStrongObserver(gPrefManager, PREF_WEBAUTHN_SOFTTOKEN_ENABLED);
|
|
Preferences::AddStrongObserver(gPrefManager, PREF_U2F_NSSTOKEN_COUNTER);
|
|
Preferences::AddStrongObserver(gPrefManager, PREF_WEBAUTHN_USBTOKEN_ENABLED);
|
|
ClearOnShutdown(&gPrefManager, ShutdownPhase::ShutdownThreads);
|
|
}
|
|
return gPrefManager;
|
|
}
|
|
|
|
static U2FPrefManager* Get()
|
|
{
|
|
return gPrefManager;
|
|
}
|
|
|
|
bool GetSoftTokenEnabled()
|
|
{
|
|
MutexAutoLock lock(mPrefMutex);
|
|
return mSoftTokenEnabled;
|
|
}
|
|
|
|
int GetSoftTokenCounter()
|
|
{
|
|
MutexAutoLock lock(mPrefMutex);
|
|
return mSoftTokenCounter;
|
|
}
|
|
|
|
bool GetUsbTokenEnabled()
|
|
{
|
|
MutexAutoLock lock(mPrefMutex);
|
|
return mUsbTokenEnabled;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
Observe(nsISupports* aSubject,
|
|
const char* aTopic,
|
|
const char16_t* aData) override
|
|
{
|
|
UpdateValues();
|
|
return NS_OK;
|
|
}
|
|
private:
|
|
void UpdateValues() {
|
|
MOZ_ASSERT(NS_IsMainThread());
|
|
MutexAutoLock lock(mPrefMutex);
|
|
mSoftTokenEnabled = Preferences::GetBool(PREF_WEBAUTHN_SOFTTOKEN_ENABLED);
|
|
mSoftTokenCounter = Preferences::GetUint(PREF_U2F_NSSTOKEN_COUNTER);
|
|
mUsbTokenEnabled = Preferences::GetBool(PREF_WEBAUTHN_USBTOKEN_ENABLED);
|
|
}
|
|
|
|
Mutex mPrefMutex;
|
|
bool mSoftTokenEnabled;
|
|
int mSoftTokenCounter;
|
|
bool mUsbTokenEnabled;
|
|
};
|
|
|
|
NS_IMPL_ISUPPORTS(U2FPrefManager, nsIObserver);
|
|
|
|
/***********************************************************************
|
|
* U2FManager Implementation
|
|
**********************************************************************/
|
|
|
|
U2FTokenManager::U2FTokenManager()
|
|
: mTransactionParent(nullptr)
|
|
, mTransactionId(0)
|
|
{
|
|
MOZ_ASSERT(XRE_IsParentProcess());
|
|
// Create on the main thread to make sure ClearOnShutdown() works.
|
|
MOZ_ASSERT(NS_IsMainThread());
|
|
// Create the preference manager while we're initializing.
|
|
U2FPrefManager::GetOrCreate();
|
|
}
|
|
|
|
U2FTokenManager::~U2FTokenManager()
|
|
{
|
|
MOZ_ASSERT(NS_IsMainThread());
|
|
}
|
|
|
|
//static
|
|
void
|
|
U2FTokenManager::Initialize()
|
|
{
|
|
if (!XRE_IsParentProcess()) {
|
|
return;
|
|
}
|
|
MOZ_ASSERT(NS_IsMainThread());
|
|
MOZ_ASSERT(!gU2FTokenManager);
|
|
gU2FTokenManager = new U2FTokenManager();
|
|
ClearOnShutdown(&gU2FTokenManager);
|
|
}
|
|
|
|
//static
|
|
U2FTokenManager*
|
|
U2FTokenManager::Get()
|
|
{
|
|
MOZ_ASSERT(XRE_IsParentProcess());
|
|
// We should only be accessing this on the background thread
|
|
MOZ_ASSERT(!NS_IsMainThread());
|
|
return gU2FTokenManager;
|
|
}
|
|
|
|
void
|
|
U2FTokenManager::AbortTransaction(const nsresult& aError)
|
|
{
|
|
Unused << mTransactionParent->SendCancel(aError);
|
|
ClearTransaction();
|
|
}
|
|
|
|
void
|
|
U2FTokenManager::MaybeClearTransaction(WebAuthnTransactionParent* aParent)
|
|
{
|
|
// Only clear if we've been requested to do so by our current transaction
|
|
// parent.
|
|
if (mTransactionParent == aParent) {
|
|
ClearTransaction();
|
|
}
|
|
}
|
|
|
|
void
|
|
U2FTokenManager::ClearTransaction()
|
|
{
|
|
mTransactionParent = nullptr;
|
|
// Drop managers at the end of all transactions
|
|
mTokenManagerImpl = nullptr;
|
|
// Forget promises, if necessary.
|
|
mRegisterPromise.DisconnectIfExists();
|
|
mSignPromise.DisconnectIfExists();
|
|
// Bump transaction id.
|
|
mTransactionId++;
|
|
}
|
|
|
|
RefPtr<U2FTokenTransport>
|
|
U2FTokenManager::GetTokenManagerImpl()
|
|
{
|
|
MOZ_ASSERT(U2FPrefManager::Get());
|
|
|
|
if (mTokenManagerImpl) {
|
|
return mTokenManagerImpl;
|
|
}
|
|
|
|
auto pm = U2FPrefManager::Get();
|
|
bool useSoftToken = pm->GetSoftTokenEnabled();
|
|
bool useUsbToken = pm->GetUsbTokenEnabled();
|
|
|
|
// At least one token type must be enabled.
|
|
// We currently don't support soft and USB tokens enabled at
|
|
// the same time as the softtoken would always win the race to register.
|
|
// We could support it for signing though...
|
|
if (!(useSoftToken ^ useUsbToken)) {
|
|
return nullptr;
|
|
}
|
|
|
|
if (useSoftToken) {
|
|
return new U2FSoftTokenManager(pm->GetSoftTokenCounter());
|
|
}
|
|
|
|
// TODO Use WebAuthnRequest to aggregate results from all transports,
|
|
// once we have multiple HW transport types.
|
|
return new U2FHIDTokenManager();
|
|
}
|
|
|
|
void
|
|
U2FTokenManager::Register(WebAuthnTransactionParent* aTransactionParent,
|
|
const WebAuthnTransactionInfo& aTransactionInfo)
|
|
{
|
|
MOZ_LOG(gU2FTokenManagerLog, LogLevel::Debug, ("U2FAuthRegister"));
|
|
|
|
ClearTransaction();
|
|
mTransactionParent = aTransactionParent;
|
|
mTokenManagerImpl = GetTokenManagerImpl();
|
|
|
|
if (!mTokenManagerImpl) {
|
|
AbortTransaction(NS_ERROR_DOM_NOT_ALLOWED_ERR);
|
|
return;
|
|
}
|
|
|
|
// Check if all the supplied parameters are syntactically well-formed and
|
|
// of the correct length. If not, return an error code equivalent to
|
|
// UnknownError and terminate the operation.
|
|
|
|
if ((aTransactionInfo.RpIdHash().Length() != SHA256_LENGTH) ||
|
|
(aTransactionInfo.ClientDataHash().Length() != SHA256_LENGTH)) {
|
|
AbortTransaction(NS_ERROR_DOM_UNKNOWN_ERR);
|
|
return;
|
|
}
|
|
|
|
uint64_t tid = mTransactionId;
|
|
mozilla::TimeStamp startTime = mozilla::TimeStamp::Now();
|
|
mTokenManagerImpl->Register(aTransactionInfo.Descriptors(),
|
|
aTransactionInfo.RpIdHash(),
|
|
aTransactionInfo.ClientDataHash(),
|
|
aTransactionInfo.TimeoutMS())
|
|
->Then(GetCurrentThreadSerialEventTarget(), __func__,
|
|
[tid, startTime](U2FRegisterResult&& aResult) {
|
|
U2FTokenManager* mgr = U2FTokenManager::Get();
|
|
mgr->MaybeConfirmRegister(tid, aResult);
|
|
Telemetry::ScalarAdd(
|
|
Telemetry::ScalarID::SECURITY_WEBAUTHN_USED,
|
|
NS_LITERAL_STRING("U2FRegisterFinish"), 1);
|
|
Telemetry::AccumulateTimeDelta(
|
|
Telemetry::WEBAUTHN_CREATE_CREDENTIAL_MS,
|
|
startTime);
|
|
},
|
|
[tid](nsresult rv) {
|
|
MOZ_ASSERT(NS_FAILED(rv));
|
|
U2FTokenManager* mgr = U2FTokenManager::Get();
|
|
mgr->MaybeAbortRegister(tid, rv);
|
|
Telemetry::ScalarAdd(
|
|
Telemetry::ScalarID::SECURITY_WEBAUTHN_USED,
|
|
NS_LITERAL_STRING("U2FRegisterAbort"), 1);
|
|
})
|
|
->Track(mRegisterPromise);
|
|
}
|
|
|
|
void
|
|
U2FTokenManager::MaybeConfirmRegister(uint64_t aTransactionId,
|
|
U2FRegisterResult& aResult)
|
|
{
|
|
if (mTransactionId != aTransactionId) {
|
|
return;
|
|
}
|
|
|
|
mRegisterPromise.Complete();
|
|
|
|
nsTArray<uint8_t> registration;
|
|
aResult.ConsumeRegistration(registration);
|
|
|
|
Unused << mTransactionParent->SendConfirmRegister(registration);
|
|
ClearTransaction();
|
|
}
|
|
|
|
void
|
|
U2FTokenManager::MaybeAbortRegister(uint64_t aTransactionId,
|
|
const nsresult& aError)
|
|
{
|
|
if (mTransactionId != aTransactionId) {
|
|
return;
|
|
}
|
|
|
|
mRegisterPromise.Complete();
|
|
AbortTransaction(aError);
|
|
}
|
|
|
|
void
|
|
U2FTokenManager::Sign(WebAuthnTransactionParent* aTransactionParent,
|
|
const WebAuthnTransactionInfo& aTransactionInfo)
|
|
{
|
|
MOZ_LOG(gU2FTokenManagerLog, LogLevel::Debug, ("U2FAuthSign"));
|
|
|
|
ClearTransaction();
|
|
mTransactionParent = aTransactionParent;
|
|
mTokenManagerImpl = GetTokenManagerImpl();
|
|
|
|
if (!mTokenManagerImpl) {
|
|
AbortTransaction(NS_ERROR_DOM_NOT_ALLOWED_ERR);
|
|
return;
|
|
}
|
|
|
|
if ((aTransactionInfo.RpIdHash().Length() != SHA256_LENGTH) ||
|
|
(aTransactionInfo.ClientDataHash().Length() != SHA256_LENGTH)) {
|
|
AbortTransaction(NS_ERROR_DOM_UNKNOWN_ERR);
|
|
return;
|
|
}
|
|
|
|
uint64_t tid = mTransactionId;
|
|
mozilla::TimeStamp startTime = mozilla::TimeStamp::Now();
|
|
mTokenManagerImpl->Sign(aTransactionInfo.Descriptors(),
|
|
aTransactionInfo.RpIdHash(),
|
|
aTransactionInfo.ClientDataHash(),
|
|
aTransactionInfo.TimeoutMS())
|
|
->Then(GetCurrentThreadSerialEventTarget(), __func__,
|
|
[tid, startTime](U2FSignResult&& aResult) {
|
|
U2FTokenManager* mgr = U2FTokenManager::Get();
|
|
mgr->MaybeConfirmSign(tid, aResult);
|
|
Telemetry::ScalarAdd(
|
|
Telemetry::ScalarID::SECURITY_WEBAUTHN_USED,
|
|
NS_LITERAL_STRING("U2FSignFinish"), 1);
|
|
Telemetry::AccumulateTimeDelta(
|
|
Telemetry::WEBAUTHN_GET_ASSERTION_MS,
|
|
startTime);
|
|
},
|
|
[tid](nsresult rv) {
|
|
MOZ_ASSERT(NS_FAILED(rv));
|
|
U2FTokenManager* mgr = U2FTokenManager::Get();
|
|
mgr->MaybeAbortSign(tid, rv);
|
|
Telemetry::ScalarAdd(
|
|
Telemetry::ScalarID::SECURITY_WEBAUTHN_USED,
|
|
NS_LITERAL_STRING("U2FSignAbort"), 1);
|
|
})
|
|
->Track(mSignPromise);
|
|
}
|
|
|
|
void
|
|
U2FTokenManager::MaybeConfirmSign(uint64_t aTransactionId,
|
|
U2FSignResult& aResult)
|
|
{
|
|
if (mTransactionId != aTransactionId) {
|
|
return;
|
|
}
|
|
|
|
mSignPromise.Complete();
|
|
|
|
nsTArray<uint8_t> keyHandle;
|
|
aResult.ConsumeKeyHandle(keyHandle);
|
|
nsTArray<uint8_t> signature;
|
|
aResult.ConsumeSignature(signature);
|
|
|
|
Unused << mTransactionParent->SendConfirmSign(keyHandle, signature);
|
|
ClearTransaction();
|
|
}
|
|
|
|
void
|
|
U2FTokenManager::MaybeAbortSign(uint64_t aTransactionId, const nsresult& aError)
|
|
{
|
|
if (mTransactionId != aTransactionId) {
|
|
return;
|
|
}
|
|
|
|
mSignPromise.Complete();
|
|
AbortTransaction(aError);
|
|
}
|
|
|
|
void
|
|
U2FTokenManager::Cancel(WebAuthnTransactionParent* aParent)
|
|
{
|
|
if (mTransactionParent != aParent) {
|
|
return;
|
|
}
|
|
|
|
mTokenManagerImpl->Cancel();
|
|
ClearTransaction();
|
|
}
|
|
|
|
}
|
|
}
|