2017-10-26 22:08:41 +00:00
|
|
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
|
|
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
2016-02-09 15:43:00 +00:00
|
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
|
|
|
|
#ifndef mozilla_dom_U2F_h
|
|
|
|
#define mozilla_dom_U2F_h
|
|
|
|
|
|
|
|
#include "js/TypeDecls.h"
|
|
|
|
#include "mozilla/Attributes.h"
|
2017-11-28 09:21:07 +00:00
|
|
|
#include "mozilla/dom/PWebAuthnTransaction.h"
|
2016-02-09 15:43:00 +00:00
|
|
|
#include "mozilla/dom/BindingDeclarations.h"
|
|
|
|
#include "mozilla/dom/Nullable.h"
|
2016-10-13 03:56:56 +00:00
|
|
|
#include "mozilla/dom/U2FBinding.h"
|
2016-02-09 15:43:00 +00:00
|
|
|
#include "mozilla/ErrorResult.h"
|
2016-10-13 03:56:56 +00:00
|
|
|
#include "mozilla/MozPromise.h"
|
|
|
|
#include "nsProxyRelease.h"
|
2016-02-09 15:43:00 +00:00
|
|
|
#include "nsWrapperCache.h"
|
2017-01-09 20:22:49 +00:00
|
|
|
#include "U2FAuthenticator.h"
|
2017-11-28 09:21:07 +00:00
|
|
|
#include "nsIDOMEventListener.h"
|
2016-02-09 15:43:00 +00:00
|
|
|
|
2017-06-10 04:24:46 +00:00
|
|
|
class nsISerialEventTarget;
|
2016-11-22 06:19:06 +00:00
|
|
|
|
2017-06-10 04:24:46 +00:00
|
|
|
namespace mozilla {
|
2016-02-09 15:43:00 +00:00
|
|
|
namespace dom {
|
|
|
|
|
2017-11-28 09:21:07 +00:00
|
|
|
class U2FTransactionChild;
|
2016-02-09 15:43:00 +00:00
|
|
|
class U2FRegisterCallback;
|
|
|
|
class U2FSignCallback;
|
|
|
|
|
2016-10-13 03:56:56 +00:00
|
|
|
// Defined in U2FBinding.h by the U2F.webidl; their use requires a JSContext.
|
|
|
|
struct RegisterRequest;
|
|
|
|
struct RegisteredKey;
|
|
|
|
|
2017-11-28 09:21:07 +00:00
|
|
|
class U2FTransaction
|
|
|
|
{
|
|
|
|
public:
|
|
|
|
U2FTransaction(const WebAuthnTransactionInfo&& aInfo,
|
|
|
|
const nsCString& aClientData)
|
|
|
|
: mInfo(aInfo)
|
|
|
|
, mClientData(aClientData)
|
|
|
|
, mId(NextId())
|
|
|
|
{
|
|
|
|
MOZ_ASSERT(mId > 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
// Holds the parameters of the current transaction, as we need them both
|
|
|
|
// before the transaction request is sent, and on successful return.
|
|
|
|
WebAuthnTransactionInfo mInfo;
|
|
|
|
|
|
|
|
// Client data used to assemble reply objects.
|
|
|
|
nsCString mClientData;
|
|
|
|
|
|
|
|
// Unique transaction id.
|
|
|
|
uint64_t mId;
|
|
|
|
|
|
|
|
private:
|
|
|
|
// Generates a unique id for new transactions. This doesn't have to be unique
|
|
|
|
// forever, it's sufficient to differentiate between temporally close
|
|
|
|
// transactions, where messages can intersect. Can overflow.
|
|
|
|
static uint64_t NextId() {
|
|
|
|
static uint64_t id = 0;
|
|
|
|
return ++id;
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
class U2F final : public nsIDOMEventListener
|
2016-10-13 03:56:56 +00:00
|
|
|
, public nsWrapperCache
|
2016-02-09 15:43:00 +00:00
|
|
|
{
|
|
|
|
public:
|
2017-11-28 09:21:07 +00:00
|
|
|
NS_DECL_NSIDOMEVENTLISTENER
|
|
|
|
|
2016-02-09 15:43:00 +00:00
|
|
|
NS_DECL_CYCLE_COLLECTING_ISUPPORTS
|
|
|
|
NS_DECL_CYCLE_COLLECTION_SCRIPT_HOLDER_CLASS(U2F)
|
|
|
|
|
Bug 1245527 - Rewrite U2F.cpp to use U2FTokenManager. r=keeler, r=ttaubert
- This patch reworks the U2F module to asynchronously call U2FManager,
which in turn handles constructing and managing the U2FTokenManager
via IPC.
- Add U2FTransaction{Parent,Child} implementations to mirror similar ones for
WebAuthn
- Rewrite all tests to compensate for U2F executing asynchronously now.
- Used async tasks, used the manifest parameters for scheme, and generally
made these cleaner.
- The mochitest "pref =" functionality from Bug 1328830 doesn't support Android
yet, causing breakage on Android. Rework the tests to go back to the old way
of using iframes to test U2F.
NOTE TO REVIEWERS:
Since this is huge, I recommend the following:
keeler - please review U2F.cpp/h, the tests, and the security-prefs.js. Most
of the U2F logic is still in U2F.cpp like before, but there's been
some reworking of how it is called.
ttaubert - please review U2FManager, the Transaction classes, build changes,
and the changes to nsGlobalWindow. All of these should be very
similar to the WebAuthn code it's patterned off.
MozReview-Commit-ID: C1ZN2ch66Rm
--HG--
extra : rebase_source : 5a2c52b0340c13f471af5040b998eb7e661b1981
2017-09-11 19:56:59 +00:00
|
|
|
explicit U2F(nsPIDOMWindowInner* aParent);
|
2016-02-09 15:43:00 +00:00
|
|
|
|
|
|
|
nsPIDOMWindowInner*
|
|
|
|
GetParentObject() const
|
|
|
|
{
|
|
|
|
return mParent;
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
Bug 1245527 - Rewrite U2F.cpp to use U2FTokenManager. r=keeler, r=ttaubert
- This patch reworks the U2F module to asynchronously call U2FManager,
which in turn handles constructing and managing the U2FTokenManager
via IPC.
- Add U2FTransaction{Parent,Child} implementations to mirror similar ones for
WebAuthn
- Rewrite all tests to compensate for U2F executing asynchronously now.
- Used async tasks, used the manifest parameters for scheme, and generally
made these cleaner.
- The mochitest "pref =" functionality from Bug 1328830 doesn't support Android
yet, causing breakage on Android. Rework the tests to go back to the old way
of using iframes to test U2F.
NOTE TO REVIEWERS:
Since this is huge, I recommend the following:
keeler - please review U2F.cpp/h, the tests, and the security-prefs.js. Most
of the U2F logic is still in U2F.cpp like before, but there's been
some reworking of how it is called.
ttaubert - please review U2FManager, the Transaction classes, build changes,
and the changes to nsGlobalWindow. All of these should be very
similar to the WebAuthn code it's patterned off.
MozReview-Commit-ID: C1ZN2ch66Rm
--HG--
extra : rebase_source : 5a2c52b0340c13f471af5040b998eb7e661b1981
2017-09-11 19:56:59 +00:00
|
|
|
Init(ErrorResult& aRv);
|
2016-02-09 15:43:00 +00:00
|
|
|
|
|
|
|
virtual JSObject*
|
|
|
|
WrapObject(JSContext* aCx, JS::Handle<JSObject*> aGivenProto) override;
|
|
|
|
|
|
|
|
void
|
|
|
|
Register(const nsAString& aAppId,
|
|
|
|
const Sequence<RegisterRequest>& aRegisterRequests,
|
|
|
|
const Sequence<RegisteredKey>& aRegisteredKeys,
|
|
|
|
U2FRegisterCallback& aCallback,
|
|
|
|
const Optional<Nullable<int32_t>>& opt_aTimeoutSeconds,
|
|
|
|
ErrorResult& aRv);
|
|
|
|
|
|
|
|
void
|
|
|
|
Sign(const nsAString& aAppId,
|
|
|
|
const nsAString& aChallenge,
|
|
|
|
const Sequence<RegisteredKey>& aRegisteredKeys,
|
|
|
|
U2FSignCallback& aCallback,
|
|
|
|
const Optional<Nullable<int32_t>>& opt_aTimeoutSeconds,
|
|
|
|
ErrorResult& aRv);
|
|
|
|
|
2017-09-19 14:55:38 +00:00
|
|
|
void
|
2017-11-28 09:21:07 +00:00
|
|
|
FinishRegister(const uint64_t& aTransactionId, nsTArray<uint8_t>& aRegBuffer);
|
|
|
|
|
|
|
|
void
|
|
|
|
FinishSign(const uint64_t& aTransactionId,
|
|
|
|
nsTArray<uint8_t>& aCredentialId,
|
|
|
|
nsTArray<uint8_t>& aSigBuffer);
|
|
|
|
|
|
|
|
void
|
|
|
|
RequestAborted(const uint64_t& aTransactionId, const nsresult& aError);
|
|
|
|
|
|
|
|
void ActorDestroyed();
|
|
|
|
|
|
|
|
private:
|
|
|
|
~U2F();
|
|
|
|
|
|
|
|
// Visibility event handling.
|
|
|
|
void ListenForVisibilityEvents();
|
|
|
|
void StopListeningForVisibilityEvents();
|
|
|
|
|
|
|
|
// Clears all information we have about the current transaction.
|
|
|
|
void ClearTransaction();
|
|
|
|
// Rejects the current transaction and calls ClearTransaction().
|
|
|
|
void RejectTransaction(const nsresult& aError);
|
|
|
|
// Cancels the current transaction (by sending a Cancel message to the
|
|
|
|
// parent) and rejects it by calling RejectTransaction().
|
|
|
|
void CancelTransaction(const nsresult& aError);
|
|
|
|
|
|
|
|
bool MaybeCreateBackgroundActor();
|
2017-09-19 14:55:38 +00:00
|
|
|
|
2017-09-09 07:09:21 +00:00
|
|
|
nsString mOrigin;
|
Bug 1245527 - Rewrite U2F.cpp to use U2FTokenManager. r=keeler, r=ttaubert
- This patch reworks the U2F module to asynchronously call U2FManager,
which in turn handles constructing and managing the U2FTokenManager
via IPC.
- Add U2FTransaction{Parent,Child} implementations to mirror similar ones for
WebAuthn
- Rewrite all tests to compensate for U2F executing asynchronously now.
- Used async tasks, used the manifest parameters for scheme, and generally
made these cleaner.
- The mochitest "pref =" functionality from Bug 1328830 doesn't support Android
yet, causing breakage on Android. Rework the tests to go back to the old way
of using iframes to test U2F.
NOTE TO REVIEWERS:
Since this is huge, I recommend the following:
keeler - please review U2F.cpp/h, the tests, and the security-prefs.js. Most
of the U2F logic is still in U2F.cpp like before, but there's been
some reworking of how it is called.
ttaubert - please review U2FManager, the Transaction classes, build changes,
and the changes to nsGlobalWindow. All of these should be very
similar to the WebAuthn code it's patterned off.
MozReview-Commit-ID: C1ZN2ch66Rm
--HG--
extra : rebase_source : 5a2c52b0340c13f471af5040b998eb7e661b1981
2017-09-11 19:56:59 +00:00
|
|
|
nsCOMPtr<nsPIDOMWindowInner> mParent;
|
2017-11-28 09:21:07 +00:00
|
|
|
|
|
|
|
// U2F API callbacks.
|
Bug 1245527 - Rewrite U2F.cpp to use U2FTokenManager. r=keeler, r=ttaubert
- This patch reworks the U2F module to asynchronously call U2FManager,
which in turn handles constructing and managing the U2FTokenManager
via IPC.
- Add U2FTransaction{Parent,Child} implementations to mirror similar ones for
WebAuthn
- Rewrite all tests to compensate for U2F executing asynchronously now.
- Used async tasks, used the manifest parameters for scheme, and generally
made these cleaner.
- The mochitest "pref =" functionality from Bug 1328830 doesn't support Android
yet, causing breakage on Android. Rework the tests to go back to the old way
of using iframes to test U2F.
NOTE TO REVIEWERS:
Since this is huge, I recommend the following:
keeler - please review U2F.cpp/h, the tests, and the security-prefs.js. Most
of the U2F logic is still in U2F.cpp like before, but there's been
some reworking of how it is called.
ttaubert - please review U2FManager, the Transaction classes, build changes,
and the changes to nsGlobalWindow. All of these should be very
similar to the WebAuthn code it's patterned off.
MozReview-Commit-ID: C1ZN2ch66Rm
--HG--
extra : rebase_source : 5a2c52b0340c13f471af5040b998eb7e661b1981
2017-09-11 19:56:59 +00:00
|
|
|
Maybe<nsMainThreadPtrHandle<U2FRegisterCallback>> mRegisterCallback;
|
|
|
|
Maybe<nsMainThreadPtrHandle<U2FSignCallback>> mSignCallback;
|
2016-02-09 15:43:00 +00:00
|
|
|
|
2017-11-28 09:21:07 +00:00
|
|
|
// IPC Channel to the parent process.
|
|
|
|
RefPtr<U2FTransactionChild> mChild;
|
|
|
|
|
|
|
|
// The current transaction, if any.
|
|
|
|
Maybe<U2FTransaction> mTransaction;
|
2016-02-09 15:43:00 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
} // namespace dom
|
|
|
|
} // namespace mozilla
|
|
|
|
|
|
|
|
#endif // mozilla_dom_U2F_h
|