2017-10-26 22:08:41 +00:00
|
|
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
|
|
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
2016-02-09 15:43:00 +00:00
|
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
|
|
|
|
#ifndef mozilla_dom_U2F_h
|
|
|
|
#define mozilla_dom_U2F_h
|
|
|
|
|
|
|
|
#include "js/TypeDecls.h"
|
|
|
|
#include "mozilla/Attributes.h"
|
|
|
|
#include "mozilla/dom/BindingDeclarations.h"
|
|
|
|
#include "mozilla/dom/Nullable.h"
|
2016-10-13 03:56:56 +00:00
|
|
|
#include "mozilla/dom/U2FBinding.h"
|
2017-12-05 18:05:06 +00:00
|
|
|
#include "mozilla/dom/WebAuthnManagerBase.h"
|
2016-02-09 15:43:00 +00:00
|
|
|
#include "mozilla/ErrorResult.h"
|
2016-10-13 03:56:56 +00:00
|
|
|
#include "mozilla/MozPromise.h"
|
|
|
|
#include "nsProxyRelease.h"
|
2016-02-09 15:43:00 +00:00
|
|
|
#include "nsWrapperCache.h"
|
2017-01-09 20:22:49 +00:00
|
|
|
#include "U2FAuthenticator.h"
|
2016-11-22 06:19:06 +00:00
|
|
|
|
2017-06-10 04:24:46 +00:00
|
|
|
namespace mozilla {
|
2016-02-09 15:43:00 +00:00
|
|
|
namespace dom {
|
|
|
|
|
2018-02-12 20:46:11 +00:00
|
|
|
class WebAuthnMakeCredentialResult;
|
|
|
|
class WebAuthnGetAssertionResult;
|
|
|
|
|
2016-02-09 15:43:00 +00:00
|
|
|
class U2FRegisterCallback;
|
|
|
|
class U2FSignCallback;
|
|
|
|
|
2016-10-13 03:56:56 +00:00
|
|
|
// Defined in U2FBinding.h by the U2F.webidl; their use requires a JSContext.
|
|
|
|
struct RegisterRequest;
|
|
|
|
struct RegisteredKey;
|
|
|
|
|
2017-11-28 09:21:07 +00:00
|
|
|
class U2FTransaction
|
|
|
|
{
|
2017-12-08 15:55:52 +00:00
|
|
|
typedef Variant<nsMainThreadPtrHandle<U2FRegisterCallback>,
|
|
|
|
nsMainThreadPtrHandle<U2FSignCallback>> U2FCallback;
|
|
|
|
|
2017-11-28 09:21:07 +00:00
|
|
|
public:
|
2018-05-30 14:06:09 +00:00
|
|
|
explicit U2FTransaction(const U2FCallback&& aCallback)
|
2018-05-30 19:15:35 +00:00
|
|
|
: mCallback(std::move(aCallback))
|
2017-11-28 09:21:07 +00:00
|
|
|
, mId(NextId())
|
|
|
|
{
|
|
|
|
MOZ_ASSERT(mId > 0);
|
|
|
|
}
|
|
|
|
|
2017-12-08 15:55:52 +00:00
|
|
|
bool HasRegisterCallback() {
|
|
|
|
return mCallback.is<nsMainThreadPtrHandle<U2FRegisterCallback>>();
|
|
|
|
}
|
|
|
|
|
|
|
|
auto& GetRegisterCallback() {
|
|
|
|
return mCallback.as<nsMainThreadPtrHandle<U2FRegisterCallback>>();
|
|
|
|
}
|
|
|
|
|
|
|
|
bool HasSignCallback() {
|
|
|
|
return mCallback.is<nsMainThreadPtrHandle<U2FSignCallback>>();
|
|
|
|
}
|
|
|
|
|
|
|
|
auto& GetSignCallback() {
|
|
|
|
return mCallback.as<nsMainThreadPtrHandle<U2FSignCallback>>();
|
|
|
|
}
|
|
|
|
|
|
|
|
// The callback passed to the API.
|
|
|
|
U2FCallback mCallback;
|
|
|
|
|
2017-11-28 09:21:07 +00:00
|
|
|
// Unique transaction id.
|
|
|
|
uint64_t mId;
|
|
|
|
|
|
|
|
private:
|
|
|
|
// Generates a unique id for new transactions. This doesn't have to be unique
|
|
|
|
// forever, it's sufficient to differentiate between temporally close
|
|
|
|
// transactions, where messages can intersect. Can overflow.
|
|
|
|
static uint64_t NextId() {
|
|
|
|
static uint64_t id = 0;
|
|
|
|
return ++id;
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2017-12-06 17:41:58 +00:00
|
|
|
class U2F final : public WebAuthnManagerBase
|
2016-10-13 03:56:56 +00:00
|
|
|
, public nsWrapperCache
|
2016-02-09 15:43:00 +00:00
|
|
|
{
|
|
|
|
public:
|
|
|
|
NS_DECL_CYCLE_COLLECTING_ISUPPORTS
|
|
|
|
NS_DECL_CYCLE_COLLECTION_SCRIPT_HOLDER_CLASS(U2F)
|
|
|
|
|
2017-12-06 17:41:58 +00:00
|
|
|
explicit U2F(nsPIDOMWindowInner* aParent)
|
|
|
|
: WebAuthnManagerBase(aParent)
|
|
|
|
{ }
|
2016-02-09 15:43:00 +00:00
|
|
|
|
|
|
|
nsPIDOMWindowInner*
|
|
|
|
GetParentObject() const
|
|
|
|
{
|
|
|
|
return mParent;
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
Bug 1245527 - Rewrite U2F.cpp to use U2FTokenManager. r=keeler, r=ttaubert
- This patch reworks the U2F module to asynchronously call U2FManager,
which in turn handles constructing and managing the U2FTokenManager
via IPC.
- Add U2FTransaction{Parent,Child} implementations to mirror similar ones for
WebAuthn
- Rewrite all tests to compensate for U2F executing asynchronously now.
- Used async tasks, used the manifest parameters for scheme, and generally
made these cleaner.
- The mochitest "pref =" functionality from Bug 1328830 doesn't support Android
yet, causing breakage on Android. Rework the tests to go back to the old way
of using iframes to test U2F.
NOTE TO REVIEWERS:
Since this is huge, I recommend the following:
keeler - please review U2F.cpp/h, the tests, and the security-prefs.js. Most
of the U2F logic is still in U2F.cpp like before, but there's been
some reworking of how it is called.
ttaubert - please review U2FManager, the Transaction classes, build changes,
and the changes to nsGlobalWindow. All of these should be very
similar to the WebAuthn code it's patterned off.
MozReview-Commit-ID: C1ZN2ch66Rm
--HG--
extra : rebase_source : 5a2c52b0340c13f471af5040b998eb7e661b1981
2017-09-11 19:56:59 +00:00
|
|
|
Init(ErrorResult& aRv);
|
2016-02-09 15:43:00 +00:00
|
|
|
|
|
|
|
virtual JSObject*
|
|
|
|
WrapObject(JSContext* aCx, JS::Handle<JSObject*> aGivenProto) override;
|
|
|
|
|
|
|
|
void
|
|
|
|
Register(const nsAString& aAppId,
|
|
|
|
const Sequence<RegisterRequest>& aRegisterRequests,
|
|
|
|
const Sequence<RegisteredKey>& aRegisteredKeys,
|
|
|
|
U2FRegisterCallback& aCallback,
|
|
|
|
const Optional<Nullable<int32_t>>& opt_aTimeoutSeconds,
|
|
|
|
ErrorResult& aRv);
|
|
|
|
|
|
|
|
void
|
|
|
|
Sign(const nsAString& aAppId,
|
|
|
|
const nsAString& aChallenge,
|
|
|
|
const Sequence<RegisteredKey>& aRegisteredKeys,
|
|
|
|
U2FSignCallback& aCallback,
|
|
|
|
const Optional<Nullable<int32_t>>& opt_aTimeoutSeconds,
|
|
|
|
ErrorResult& aRv);
|
|
|
|
|
2017-12-05 18:05:06 +00:00
|
|
|
// WebAuthnManagerBase
|
|
|
|
|
2017-11-28 09:37:45 +00:00
|
|
|
void
|
2017-12-05 18:05:06 +00:00
|
|
|
FinishMakeCredential(const uint64_t& aTransactionId,
|
2018-02-12 20:08:54 +00:00
|
|
|
const WebAuthnMakeCredentialResult& aResult) override;
|
2017-11-28 09:21:07 +00:00
|
|
|
|
|
|
|
void
|
2017-12-05 18:05:06 +00:00
|
|
|
FinishGetAssertion(const uint64_t& aTransactionId,
|
2018-02-12 20:08:54 +00:00
|
|
|
const WebAuthnGetAssertionResult& aResult) override;
|
2017-11-28 09:21:07 +00:00
|
|
|
|
|
|
|
void
|
2017-12-05 18:05:06 +00:00
|
|
|
RequestAborted(const uint64_t& aTransactionId,
|
|
|
|
const nsresult& aError) override;
|
2017-11-28 09:21:07 +00:00
|
|
|
|
2017-12-06 17:41:58 +00:00
|
|
|
protected:
|
|
|
|
// Cancels the current transaction (by sending a Cancel message to the
|
|
|
|
// parent) and rejects it by calling RejectTransaction().
|
|
|
|
void CancelTransaction(const nsresult& aError) override;
|
2017-11-28 09:21:07 +00:00
|
|
|
|
|
|
|
private:
|
|
|
|
~U2F();
|
|
|
|
|
2017-12-08 15:55:52 +00:00
|
|
|
template<typename T, typename C>
|
|
|
|
void ExecuteCallback(T& aResp, nsMainThreadPtrHandle<C>& aCb);
|
|
|
|
|
2017-11-28 09:21:07 +00:00
|
|
|
// Clears all information we have about the current transaction.
|
|
|
|
void ClearTransaction();
|
2017-12-08 15:55:52 +00:00
|
|
|
// Rejects the current transaction and clears it.
|
2017-11-28 09:21:07 +00:00
|
|
|
void RejectTransaction(const nsresult& aError);
|
2017-09-19 14:55:38 +00:00
|
|
|
|
2017-09-09 07:09:21 +00:00
|
|
|
nsString mOrigin;
|
2017-11-28 09:21:07 +00:00
|
|
|
|
|
|
|
// The current transaction, if any.
|
|
|
|
Maybe<U2FTransaction> mTransaction;
|
2016-02-09 15:43:00 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
} // namespace dom
|
|
|
|
} // namespace mozilla
|
|
|
|
|
|
|
|
#endif // mozilla_dom_U2F_h
|