2017-04-20 00:46:08 +00:00
|
|
|
|
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
|
|
|
|
/* vim:set ts=2 sw=2 sts=2 et cindent: */
|
|
|
|
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
|
|
|
|
|
* You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
|
|
|
|
|
|
|
|
#include "hasht.h"
|
|
|
|
|
|
#include "nsICryptoHash.h"
|
2017-07-07 20:30:57 +00:00
|
|
|
|
#include "nsNetCID.h"
|
|
|
|
|
|
#include "nsThreadUtils.h"
|
2017-04-20 00:46:08 +00:00
|
|
|
|
#include "mozilla/ClearOnShutdown.h"
|
2017-05-17 00:07:01 +00:00
|
|
|
|
#include "mozilla/dom/AuthenticatorAttestationResponse.h"
|
2017-04-20 00:46:08 +00:00
|
|
|
|
#include "mozilla/dom/Promise.h"
|
Bug 1245527 - Rewrite U2F.cpp to use U2FTokenManager. r=keeler, r=ttaubert
- This patch reworks the U2F module to asynchronously call U2FManager,
which in turn handles constructing and managing the U2FTokenManager
via IPC.
- Add U2FTransaction{Parent,Child} implementations to mirror similar ones for
WebAuthn
- Rewrite all tests to compensate for U2F executing asynchronously now.
- Used async tasks, used the manifest parameters for scheme, and generally
made these cleaner.
- The mochitest "pref =" functionality from Bug 1328830 doesn't support Android
yet, causing breakage on Android. Rework the tests to go back to the old way
of using iframes to test U2F.
NOTE TO REVIEWERS:
Since this is huge, I recommend the following:
keeler - please review U2F.cpp/h, the tests, and the security-prefs.js. Most
of the U2F logic is still in U2F.cpp like before, but there's been
some reworking of how it is called.
ttaubert - please review U2FManager, the Transaction classes, build changes,
and the changes to nsGlobalWindow. All of these should be very
similar to the WebAuthn code it's patterned off.
MozReview-Commit-ID: C1ZN2ch66Rm
--HG--
extra : rebase_source : 5a2c52b0340c13f471af5040b998eb7e661b1981
2017-09-11 19:56:59 +00:00
|
|
|
|
#include "mozilla/dom/PWebAuthnTransaction.h"
|
|
|
|
|
|
#include "mozilla/dom/U2FUtil.h"
|
2017-07-14 01:12:50 +00:00
|
|
|
|
#include "mozilla/dom/WebAuthnCBORUtil.h"
|
2017-04-20 00:46:08 +00:00
|
|
|
|
#include "mozilla/dom/WebAuthnManager.h"
|
|
|
|
|
|
#include "mozilla/dom/WebAuthnTransactionChild.h"
|
Bug 1245527 - Rewrite U2F.cpp to use U2FTokenManager. r=keeler, r=ttaubert
- This patch reworks the U2F module to asynchronously call U2FManager,
which in turn handles constructing and managing the U2FTokenManager
via IPC.
- Add U2FTransaction{Parent,Child} implementations to mirror similar ones for
WebAuthn
- Rewrite all tests to compensate for U2F executing asynchronously now.
- Used async tasks, used the manifest parameters for scheme, and generally
made these cleaner.
- The mochitest "pref =" functionality from Bug 1328830 doesn't support Android
yet, causing breakage on Android. Rework the tests to go back to the old way
of using iframes to test U2F.
NOTE TO REVIEWERS:
Since this is huge, I recommend the following:
keeler - please review U2F.cpp/h, the tests, and the security-prefs.js. Most
of the U2F logic is still in U2F.cpp like before, but there's been
some reworking of how it is called.
ttaubert - please review U2FManager, the Transaction classes, build changes,
and the changes to nsGlobalWindow. All of these should be very
similar to the WebAuthn code it's patterned off.
MozReview-Commit-ID: C1ZN2ch66Rm
--HG--
extra : rebase_source : 5a2c52b0340c13f471af5040b998eb7e661b1981
2017-09-11 19:56:59 +00:00
|
|
|
|
#include "mozilla/dom/WebAuthnUtil.h"
|
2017-04-20 00:46:08 +00:00
|
|
|
|
#include "mozilla/dom/WebCryptoCommon.h"
|
|
|
|
|
|
#include "mozilla/ipc/BackgroundChild.h"
|
Bug 1245527 - Rewrite U2F.cpp to use U2FTokenManager. r=keeler, r=ttaubert
- This patch reworks the U2F module to asynchronously call U2FManager,
which in turn handles constructing and managing the U2FTokenManager
via IPC.
- Add U2FTransaction{Parent,Child} implementations to mirror similar ones for
WebAuthn
- Rewrite all tests to compensate for U2F executing asynchronously now.
- Used async tasks, used the manifest parameters for scheme, and generally
made these cleaner.
- The mochitest "pref =" functionality from Bug 1328830 doesn't support Android
yet, causing breakage on Android. Rework the tests to go back to the old way
of using iframes to test U2F.
NOTE TO REVIEWERS:
Since this is huge, I recommend the following:
keeler - please review U2F.cpp/h, the tests, and the security-prefs.js. Most
of the U2F logic is still in U2F.cpp like before, but there's been
some reworking of how it is called.
ttaubert - please review U2FManager, the Transaction classes, build changes,
and the changes to nsGlobalWindow. All of these should be very
similar to the WebAuthn code it's patterned off.
MozReview-Commit-ID: C1ZN2ch66Rm
--HG--
extra : rebase_source : 5a2c52b0340c13f471af5040b998eb7e661b1981
2017-09-11 19:56:59 +00:00
|
|
|
|
#include "mozilla/ipc/PBackgroundChild.h"
|
2017-04-20 00:46:08 +00:00
|
|
|
|
|
|
|
|
|
|
using namespace mozilla::ipc;
|
|
|
|
|
|
|
|
|
|
|
|
namespace mozilla {
|
|
|
|
|
|
namespace dom {
|
|
|
|
|
|
|
2017-07-14 01:12:50 +00:00
|
|
|
|
/***********************************************************************
|
|
|
|
|
|
* Protocol Constants
|
|
|
|
|
|
**********************************************************************/
|
|
|
|
|
|
|
|
|
|
|
|
const uint8_t FLAG_TUP = 0x01; // Test of User Presence required
|
|
|
|
|
|
const uint8_t FLAG_AT = 0x40; // Authenticator Data is provided
|
|
|
|
|
|
|
2017-04-20 00:46:08 +00:00
|
|
|
|
/***********************************************************************
|
|
|
|
|
|
* Statics
|
|
|
|
|
|
**********************************************************************/
|
|
|
|
|
|
|
|
|
|
|
|
namespace {
|
|
|
|
|
|
StaticRefPtr<WebAuthnManager> gWebAuthnManager;
|
|
|
|
|
|
static mozilla::LazyLogModule gWebAuthnManagerLog("webauthnmanager");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-08-04 19:34:18 +00:00
|
|
|
|
NS_NAMED_LITERAL_STRING(kVisibilityChange, "visibilitychange");
|
|
|
|
|
|
|
|
|
|
|
|
NS_IMPL_ISUPPORTS(WebAuthnManager, nsIIPCBackgroundChildCreateCallback,
|
|
|
|
|
|
nsIDOMEventListener);
|
2017-04-20 00:46:08 +00:00
|
|
|
|
|
|
|
|
|
|
/***********************************************************************
|
|
|
|
|
|
* Utility Functions
|
|
|
|
|
|
**********************************************************************/
|
|
|
|
|
|
|
|
|
|
|
|
template<class OOS>
|
|
|
|
|
|
static nsresult
|
2017-05-23 00:09:49 +00:00
|
|
|
|
GetAlgorithmName(const OOS& aAlgorithm,
|
2017-04-20 00:46:08 +00:00
|
|
|
|
/* out */ nsString& aName)
|
|
|
|
|
|
{
|
|
|
|
|
|
MOZ_ASSERT(aAlgorithm.IsString()); // TODO: remove assertion when we coerce.
|
|
|
|
|
|
|
|
|
|
|
|
if (aAlgorithm.IsString()) {
|
|
|
|
|
|
// If string, then treat as algorithm name
|
|
|
|
|
|
aName.Assign(aAlgorithm.GetAsString());
|
|
|
|
|
|
} else {
|
|
|
|
|
|
// TODO: Coerce to string and extract name. See WebCryptoTask.cpp
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-07-14 16:57:52 +00:00
|
|
|
|
// Only ES256 is currently supported
|
|
|
|
|
|
if (NORMALIZED_EQUALS(aName, JWK_ALG_ECDSA_P_256)) {
|
|
|
|
|
|
aName.AssignLiteral(JWK_ALG_ECDSA_P_256);
|
|
|
|
|
|
} else {
|
2017-04-20 00:46:08 +00:00
|
|
|
|
return NS_ERROR_DOM_SYNTAX_ERR;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return NS_OK;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static nsresult
|
|
|
|
|
|
AssembleClientData(const nsAString& aOrigin, const CryptoBuffer& aChallenge,
|
|
|
|
|
|
/* out */ nsACString& aJsonOut)
|
|
|
|
|
|
{
|
|
|
|
|
|
MOZ_ASSERT(NS_IsMainThread());
|
|
|
|
|
|
|
|
|
|
|
|
nsString challengeBase64;
|
|
|
|
|
|
nsresult rv = aChallenge.ToJwkBase64(challengeBase64);
|
|
|
|
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
|
|
|
|
return NS_ERROR_FAILURE;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-05-23 00:09:49 +00:00
|
|
|
|
CollectedClientData clientDataObject;
|
2017-04-20 00:46:08 +00:00
|
|
|
|
clientDataObject.mChallenge.Assign(challengeBase64);
|
2017-05-23 00:09:49 +00:00
|
|
|
|
clientDataObject.mOrigin.Assign(aOrigin);
|
2017-08-21 19:06:15 +00:00
|
|
|
|
clientDataObject.mHashAlg.Assign(NS_LITERAL_STRING("SHA-256"));
|
2017-04-20 00:46:08 +00:00
|
|
|
|
|
|
|
|
|
|
nsAutoString temp;
|
|
|
|
|
|
if (NS_WARN_IF(!clientDataObject.ToJSON(temp))) {
|
|
|
|
|
|
return NS_ERROR_FAILURE;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
aJsonOut.Assign(NS_ConvertUTF16toUTF8(temp));
|
|
|
|
|
|
return NS_OK;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
nsresult
|
|
|
|
|
|
GetOrigin(nsPIDOMWindowInner* aParent,
|
2017-07-07 20:30:57 +00:00
|
|
|
|
/*out*/ nsAString& aOrigin, /*out*/ nsACString& aHost)
|
2017-04-20 00:46:08 +00:00
|
|
|
|
{
|
2017-08-04 19:34:18 +00:00
|
|
|
|
MOZ_ASSERT(aParent);
|
2017-04-20 00:46:08 +00:00
|
|
|
|
nsCOMPtr<nsIDocument> doc = aParent->GetDoc();
|
|
|
|
|
|
MOZ_ASSERT(doc);
|
|
|
|
|
|
|
2017-07-07 20:30:57 +00:00
|
|
|
|
nsCOMPtr<nsIPrincipal> principal = doc->NodePrincipal();
|
2017-04-20 00:46:08 +00:00
|
|
|
|
nsresult rv = nsContentUtils::GetUTFOrigin(principal, aOrigin);
|
|
|
|
|
|
if (NS_WARN_IF(NS_FAILED(rv)) ||
|
|
|
|
|
|
NS_WARN_IF(aOrigin.IsEmpty())) {
|
|
|
|
|
|
return NS_ERROR_FAILURE;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (aOrigin.EqualsLiteral("null")) {
|
|
|
|
|
|
// 4.1.1.3 If callerOrigin is an opaque origin, reject promise with a
|
|
|
|
|
|
// DOMException whose name is "NotAllowedError", and terminate this
|
|
|
|
|
|
// algorithm
|
|
|
|
|
|
MOZ_LOG(gWebAuthnManagerLog, LogLevel::Debug, ("Rejecting due to opaque origin"));
|
|
|
|
|
|
return NS_ERROR_DOM_NOT_ALLOWED_ERR;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-07-07 20:30:57 +00:00
|
|
|
|
nsCOMPtr<nsIURI> originUri;
|
|
|
|
|
|
if (NS_FAILED(principal->GetURI(getter_AddRefs(originUri)))) {
|
|
|
|
|
|
return NS_ERROR_FAILURE;
|
|
|
|
|
|
}
|
|
|
|
|
|
if (NS_FAILED(originUri->GetAsciiHost(aHost))) {
|
|
|
|
|
|
return NS_ERROR_FAILURE;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-20 00:46:08 +00:00
|
|
|
|
return NS_OK;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
nsresult
|
|
|
|
|
|
RelaxSameOrigin(nsPIDOMWindowInner* aParent,
|
|
|
|
|
|
const nsAString& aInputRpId,
|
|
|
|
|
|
/* out */ nsACString& aRelaxedRpId)
|
|
|
|
|
|
{
|
|
|
|
|
|
MOZ_ASSERT(aParent);
|
2017-07-07 20:32:31 +00:00
|
|
|
|
nsCOMPtr<nsIDocument> doc = aParent->GetDoc();
|
|
|
|
|
|
MOZ_ASSERT(doc);
|
2017-08-04 19:34:18 +00:00
|
|
|
|
|
2017-07-07 20:32:31 +00:00
|
|
|
|
nsCOMPtr<nsIPrincipal> principal = doc->NodePrincipal();
|
|
|
|
|
|
nsCOMPtr<nsIURI> uri;
|
|
|
|
|
|
if (NS_FAILED(principal->GetURI(getter_AddRefs(uri)))) {
|
|
|
|
|
|
return NS_ERROR_FAILURE;
|
|
|
|
|
|
}
|
|
|
|
|
|
nsAutoCString originHost;
|
|
|
|
|
|
if (NS_FAILED(uri->GetAsciiHost(originHost))) {
|
|
|
|
|
|
return NS_ERROR_FAILURE;
|
|
|
|
|
|
}
|
2017-04-20 00:46:08 +00:00
|
|
|
|
nsCOMPtr<nsIDocument> document = aParent->GetDoc();
|
|
|
|
|
|
if (!document || !document->IsHTMLDocument()) {
|
|
|
|
|
|
return NS_ERROR_FAILURE;
|
|
|
|
|
|
}
|
2017-07-07 20:32:31 +00:00
|
|
|
|
nsHTMLDocument* html = document->AsHTMLDocument();
|
|
|
|
|
|
if (NS_WARN_IF(!html)) {
|
|
|
|
|
|
return NS_ERROR_FAILURE;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-09-11 16:06:28 +00:00
|
|
|
|
if (!html->IsRegistrableDomainSuffixOfOrEqualTo(aInputRpId, originHost)) {
|
2017-07-07 20:32:31 +00:00
|
|
|
|
return NS_ERROR_DOM_SECURITY_ERR;
|
|
|
|
|
|
}
|
2017-04-20 00:46:08 +00:00
|
|
|
|
|
|
|
|
|
|
aRelaxedRpId.Assign(NS_ConvertUTF16toUTF8(aInputRpId));
|
|
|
|
|
|
return NS_OK;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-08-04 19:34:18 +00:00
|
|
|
|
static void
|
|
|
|
|
|
ListenForVisibilityEvents(nsPIDOMWindowInner* aParent,
|
|
|
|
|
|
WebAuthnManager* aListener)
|
|
|
|
|
|
{
|
|
|
|
|
|
MOZ_ASSERT(aParent);
|
|
|
|
|
|
MOZ_ASSERT(aListener);
|
|
|
|
|
|
|
|
|
|
|
|
nsCOMPtr<nsIDocument> doc = aParent->GetExtantDoc();
|
|
|
|
|
|
if (NS_WARN_IF(!doc)) {
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
nsresult rv = doc->AddSystemEventListener(kVisibilityChange, aListener,
|
|
|
|
|
|
/* use capture */ true,
|
|
|
|
|
|
/* wants untrusted */ false);
|
|
|
|
|
|
Unused << NS_WARN_IF(NS_FAILED(rv));
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
|
StopListeningForVisibilityEvents(nsPIDOMWindowInner* aParent,
|
|
|
|
|
|
WebAuthnManager* aListener)
|
|
|
|
|
|
{
|
|
|
|
|
|
MOZ_ASSERT(aParent);
|
|
|
|
|
|
MOZ_ASSERT(aListener);
|
|
|
|
|
|
|
|
|
|
|
|
nsCOMPtr<nsIDocument> doc = aParent->GetExtantDoc();
|
|
|
|
|
|
if (NS_WARN_IF(!doc)) {
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
nsresult rv = doc->RemoveSystemEventListener(kVisibilityChange, aListener,
|
|
|
|
|
|
/* use capture */ true);
|
|
|
|
|
|
Unused << NS_WARN_IF(NS_FAILED(rv));
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-20 00:46:08 +00:00
|
|
|
|
/***********************************************************************
|
|
|
|
|
|
* WebAuthnManager Implementation
|
|
|
|
|
|
**********************************************************************/
|
|
|
|
|
|
|
|
|
|
|
|
WebAuthnManager::WebAuthnManager()
|
|
|
|
|
|
{
|
|
|
|
|
|
MOZ_ASSERT(NS_IsMainThread());
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
|
WebAuthnManager::MaybeClearTransaction()
|
|
|
|
|
|
{
|
|
|
|
|
|
mClientData.reset();
|
|
|
|
|
|
mInfo.reset();
|
|
|
|
|
|
mTransactionPromise = nullptr;
|
2017-08-04 19:34:18 +00:00
|
|
|
|
if (mCurrentParent) {
|
|
|
|
|
|
StopListeningForVisibilityEvents(mCurrentParent, this);
|
|
|
|
|
|
mCurrentParent = nullptr;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-20 00:46:08 +00:00
|
|
|
|
if (mChild) {
|
|
|
|
|
|
RefPtr<WebAuthnTransactionChild> c;
|
|
|
|
|
|
mChild.swap(c);
|
|
|
|
|
|
c->Send__delete__(c);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
WebAuthnManager::~WebAuthnManager()
|
|
|
|
|
|
{
|
|
|
|
|
|
MaybeClearTransaction();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-07-28 13:53:42 +00:00
|
|
|
|
RefPtr<WebAuthnManager::BackgroundActorPromise>
|
2017-04-20 00:46:08 +00:00
|
|
|
|
WebAuthnManager::GetOrCreateBackgroundActor()
|
|
|
|
|
|
{
|
2017-07-28 13:53:42 +00:00
|
|
|
|
MOZ_ASSERT(NS_IsMainThread());
|
|
|
|
|
|
|
|
|
|
|
|
PBackgroundChild *actor = BackgroundChild::GetForCurrentThread();
|
|
|
|
|
|
RefPtr<WebAuthnManager::BackgroundActorPromise> promise =
|
|
|
|
|
|
mPBackgroundCreationPromise.Ensure(__func__);
|
|
|
|
|
|
|
|
|
|
|
|
if (actor) {
|
|
|
|
|
|
ActorCreated(actor);
|
|
|
|
|
|
} else {
|
|
|
|
|
|
bool ok = BackgroundChild::GetOrCreateForCurrentThread(this);
|
|
|
|
|
|
if (NS_WARN_IF(!ok)) {
|
|
|
|
|
|
ActorFailed();
|
|
|
|
|
|
}
|
2017-04-20 00:46:08 +00:00
|
|
|
|
}
|
2017-07-28 13:53:42 +00:00
|
|
|
|
|
|
|
|
|
|
return promise;
|
2017-04-20 00:46:08 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
//static
|
|
|
|
|
|
WebAuthnManager*
|
|
|
|
|
|
WebAuthnManager::GetOrCreate()
|
|
|
|
|
|
{
|
|
|
|
|
|
MOZ_ASSERT(NS_IsMainThread());
|
|
|
|
|
|
if (gWebAuthnManager) {
|
|
|
|
|
|
return gWebAuthnManager;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
gWebAuthnManager = new WebAuthnManager();
|
|
|
|
|
|
ClearOnShutdown(&gWebAuthnManager);
|
|
|
|
|
|
return gWebAuthnManager;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
//static
|
|
|
|
|
|
WebAuthnManager*
|
|
|
|
|
|
WebAuthnManager::Get()
|
|
|
|
|
|
{
|
|
|
|
|
|
MOZ_ASSERT(NS_IsMainThread());
|
|
|
|
|
|
return gWebAuthnManager;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
already_AddRefed<Promise>
|
2017-05-23 00:09:49 +00:00
|
|
|
|
WebAuthnManager::MakeCredential(nsPIDOMWindowInner* aParent,
|
|
|
|
|
|
const MakeCredentialOptions& aOptions)
|
2017-04-20 00:46:08 +00:00
|
|
|
|
{
|
|
|
|
|
|
MOZ_ASSERT(aParent);
|
|
|
|
|
|
|
|
|
|
|
|
MaybeClearTransaction();
|
|
|
|
|
|
|
|
|
|
|
|
nsCOMPtr<nsIGlobalObject> global = do_QueryInterface(aParent);
|
|
|
|
|
|
|
|
|
|
|
|
ErrorResult rv;
|
|
|
|
|
|
RefPtr<Promise> promise = Promise::Create(global, rv);
|
|
|
|
|
|
if(rv.Failed()) {
|
|
|
|
|
|
return nullptr;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
nsString origin;
|
2017-07-07 20:30:57 +00:00
|
|
|
|
nsCString rpId;
|
|
|
|
|
|
rv = GetOrigin(aParent, origin, rpId);
|
2017-04-20 00:46:08 +00:00
|
|
|
|
if (NS_WARN_IF(rv.Failed())) {
|
|
|
|
|
|
promise->MaybeReject(rv);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// If timeoutSeconds was specified, check if its value lies within a
|
|
|
|
|
|
// reasonable range as defined by the platform and if not, correct it to the
|
|
|
|
|
|
// closest value lying within that range.
|
|
|
|
|
|
|
2017-08-09 19:26:49 +00:00
|
|
|
|
uint32_t adjustedTimeout = 30000;
|
2017-05-23 00:09:49 +00:00
|
|
|
|
if (aOptions.mTimeout.WasPassed()) {
|
|
|
|
|
|
adjustedTimeout = aOptions.mTimeout.Value();
|
2017-08-09 19:26:49 +00:00
|
|
|
|
adjustedTimeout = std::max(15000u, adjustedTimeout);
|
|
|
|
|
|
adjustedTimeout = std::min(120000u, adjustedTimeout);
|
2017-04-20 00:46:08 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-07-07 20:30:57 +00:00
|
|
|
|
if (aOptions.mRp.mId.WasPassed()) {
|
2017-04-20 00:46:08 +00:00
|
|
|
|
// If rpId is specified, then invoke the procedure used for relaxing the
|
|
|
|
|
|
// same-origin restriction by setting the document.domain attribute, using
|
|
|
|
|
|
// rpId as the given value but without changing the current document’s
|
|
|
|
|
|
// domain. If no errors are thrown, set rpId to the value of host as
|
|
|
|
|
|
// computed by this procedure, and rpIdHash to the SHA-256 hash of rpId.
|
|
|
|
|
|
// Otherwise, reject promise with a DOMException whose name is
|
|
|
|
|
|
// "SecurityError", and terminate this algorithm.
|
|
|
|
|
|
|
2017-05-23 00:09:49 +00:00
|
|
|
|
if (NS_FAILED(RelaxSameOrigin(aParent, aOptions.mRp.mId.Value(), rpId))) {
|
2017-04-20 00:46:08 +00:00
|
|
|
|
promise->MaybeReject(NS_ERROR_DOM_SECURITY_ERR);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
CryptoBuffer rpIdHash;
|
|
|
|
|
|
if (!rpIdHash.SetLength(SHA256_LENGTH, fallible)) {
|
|
|
|
|
|
promise->MaybeReject(NS_ERROR_OUT_OF_MEMORY);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
nsresult srv;
|
|
|
|
|
|
nsCOMPtr<nsICryptoHash> hashService =
|
|
|
|
|
|
do_CreateInstance(NS_CRYPTO_HASH_CONTRACTID, &srv);
|
|
|
|
|
|
if (NS_WARN_IF(NS_FAILED(srv))) {
|
|
|
|
|
|
promise->MaybeReject(NS_ERROR_DOM_SECURITY_ERR);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
srv = HashCString(hashService, rpId, rpIdHash);
|
|
|
|
|
|
if (NS_WARN_IF(NS_FAILED(srv))) {
|
|
|
|
|
|
promise->MaybeReject(NS_ERROR_DOM_SECURITY_ERR);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Process each element of cryptoParameters using the following steps, to
|
|
|
|
|
|
// produce a new sequence normalizedParameters.
|
2017-05-23 00:09:49 +00:00
|
|
|
|
nsTArray<PublicKeyCredentialParameters> normalizedParams;
|
|
|
|
|
|
for (size_t a = 0; a < aOptions.mParameters.Length(); ++a) {
|
2017-04-20 00:46:08 +00:00
|
|
|
|
// Let current be the currently selected element of
|
|
|
|
|
|
// cryptoParameters.
|
|
|
|
|
|
|
2017-05-23 00:09:49 +00:00
|
|
|
|
// If current.type does not contain a PublicKeyCredentialType
|
2017-04-20 00:46:08 +00:00
|
|
|
|
// supported by this implementation, then stop processing current and move
|
|
|
|
|
|
// on to the next element in cryptoParameters.
|
2017-05-23 00:09:49 +00:00
|
|
|
|
if (aOptions.mParameters[a].mType != PublicKeyCredentialType::Public_key) {
|
2017-04-20 00:46:08 +00:00
|
|
|
|
continue;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Let normalizedAlgorithm be the result of normalizing an algorithm using
|
|
|
|
|
|
// the procedure defined in [WebCryptoAPI], with alg set to
|
|
|
|
|
|
// current.algorithm and op set to 'generateKey'. If an error occurs during
|
|
|
|
|
|
// this procedure, then stop processing current and move on to the next
|
|
|
|
|
|
// element in cryptoParameters.
|
|
|
|
|
|
|
|
|
|
|
|
nsString algName;
|
2017-05-23 00:09:49 +00:00
|
|
|
|
if (NS_FAILED(GetAlgorithmName(aOptions.mParameters[a].mAlgorithm,
|
2017-04-20 00:46:08 +00:00
|
|
|
|
algName))) {
|
|
|
|
|
|
continue;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-05-23 00:09:49 +00:00
|
|
|
|
// Add a new object of type PublicKeyCredentialParameters to
|
2017-04-20 00:46:08 +00:00
|
|
|
|
// normalizedParameters, with type set to current.type and algorithm set to
|
|
|
|
|
|
// normalizedAlgorithm.
|
2017-05-23 00:09:49 +00:00
|
|
|
|
PublicKeyCredentialParameters normalizedObj;
|
|
|
|
|
|
normalizedObj.mType = aOptions.mParameters[a].mType;
|
2017-04-20 00:46:08 +00:00
|
|
|
|
normalizedObj.mAlgorithm.SetAsString().Assign(algName);
|
|
|
|
|
|
|
|
|
|
|
|
if (!normalizedParams.AppendElement(normalizedObj, mozilla::fallible)){
|
|
|
|
|
|
promise->MaybeReject(NS_ERROR_OUT_OF_MEMORY);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// If normalizedAlgorithm is empty and cryptoParameters was not empty, cancel
|
|
|
|
|
|
// the timer started in step 2, reject promise with a DOMException whose name
|
|
|
|
|
|
// is "NotSupportedError", and terminate this algorithm.
|
2017-05-23 00:09:49 +00:00
|
|
|
|
if (normalizedParams.IsEmpty() && !aOptions.mParameters.IsEmpty()) {
|
2017-04-20 00:46:08 +00:00
|
|
|
|
promise->MaybeReject(NS_ERROR_DOM_NOT_SUPPORTED_ERR);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// TODO: The following check should not be here. This is checking for
|
|
|
|
|
|
// parameters specific to the soft key, and should be put in the soft key
|
|
|
|
|
|
// manager in the parent process. Still need to serialize
|
2017-05-23 00:09:49 +00:00
|
|
|
|
// PublicKeyCredentialParameters first.
|
2017-04-20 00:46:08 +00:00
|
|
|
|
|
2017-05-23 00:09:49 +00:00
|
|
|
|
// Check if at least one of the specified combinations of
|
|
|
|
|
|
// PublicKeyCredentialParameters and cryptographic parameters is supported. If
|
|
|
|
|
|
// not, return an error code equivalent to NotSupportedError and terminate the
|
|
|
|
|
|
// operation.
|
2017-04-20 00:46:08 +00:00
|
|
|
|
|
|
|
|
|
|
bool isValidCombination = false;
|
|
|
|
|
|
|
|
|
|
|
|
for (size_t a = 0; a < normalizedParams.Length(); ++a) {
|
2017-05-23 00:09:49 +00:00
|
|
|
|
if (normalizedParams[a].mType == PublicKeyCredentialType::Public_key &&
|
2017-04-20 00:46:08 +00:00
|
|
|
|
normalizedParams[a].mAlgorithm.IsString() &&
|
|
|
|
|
|
normalizedParams[a].mAlgorithm.GetAsString().EqualsLiteral(
|
2017-07-14 16:57:52 +00:00
|
|
|
|
JWK_ALG_ECDSA_P_256)) {
|
2017-04-20 00:46:08 +00:00
|
|
|
|
isValidCombination = true;
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
if (!isValidCombination) {
|
|
|
|
|
|
promise->MaybeReject(NS_ERROR_DOM_NOT_SUPPORTED_ERR);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// If excludeList is undefined, set it to the empty list.
|
|
|
|
|
|
//
|
|
|
|
|
|
// If extensions was specified, process any extensions supported by this
|
|
|
|
|
|
// client platform, to produce the extension data that needs to be sent to the
|
|
|
|
|
|
// authenticator. If an error is encountered while processing an extension,
|
|
|
|
|
|
// skip that extension and do not produce any extension data for it. Call the
|
|
|
|
|
|
// result of this processing clientExtensions.
|
|
|
|
|
|
//
|
|
|
|
|
|
// Currently no extensions are supported
|
|
|
|
|
|
//
|
|
|
|
|
|
// Use attestationChallenge, callerOrigin and rpId, along with the token
|
|
|
|
|
|
// binding key associated with callerOrigin (if any), to create a ClientData
|
|
|
|
|
|
// structure representing this request. Choose a hash algorithm for hashAlg
|
|
|
|
|
|
// and compute the clientDataJSON and clientDataHash.
|
|
|
|
|
|
|
|
|
|
|
|
CryptoBuffer challenge;
|
2017-05-23 00:09:49 +00:00
|
|
|
|
if (!challenge.Assign(aOptions.mChallenge)) {
|
2017-04-20 00:46:08 +00:00
|
|
|
|
promise->MaybeReject(NS_ERROR_DOM_SECURITY_ERR);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
nsAutoCString clientDataJSON;
|
2017-09-11 16:06:28 +00:00
|
|
|
|
srv = AssembleClientData(origin, challenge, clientDataJSON);
|
2017-04-20 00:46:08 +00:00
|
|
|
|
if (NS_WARN_IF(NS_FAILED(srv))) {
|
|
|
|
|
|
promise->MaybeReject(NS_ERROR_DOM_SECURITY_ERR);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
CryptoBuffer clientDataHash;
|
|
|
|
|
|
if (!clientDataHash.SetLength(SHA256_LENGTH, fallible)) {
|
|
|
|
|
|
promise->MaybeReject(NS_ERROR_DOM_SECURITY_ERR);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
srv = HashCString(hashService, clientDataJSON, clientDataHash);
|
|
|
|
|
|
if (NS_WARN_IF(NS_FAILED(srv))) {
|
|
|
|
|
|
promise->MaybeReject(NS_ERROR_DOM_SECURITY_ERR);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
nsTArray<WebAuthnScopedCredentialDescriptor> excludeList;
|
|
|
|
|
|
if (aOptions.mExcludeList.WasPassed()) {
|
|
|
|
|
|
for (const auto& s: aOptions.mExcludeList.Value()) {
|
|
|
|
|
|
WebAuthnScopedCredentialDescriptor c;
|
|
|
|
|
|
CryptoBuffer cb;
|
|
|
|
|
|
cb.Assign(s.mId);
|
|
|
|
|
|
c.id() = cb;
|
|
|
|
|
|
excludeList.AppendElement(c);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// TODO: Add extension list building
|
|
|
|
|
|
nsTArray<WebAuthnExtension> extensions;
|
|
|
|
|
|
|
|
|
|
|
|
WebAuthnTransactionInfo info(rpIdHash,
|
|
|
|
|
|
clientDataHash,
|
|
|
|
|
|
adjustedTimeout,
|
|
|
|
|
|
excludeList,
|
|
|
|
|
|
extensions);
|
|
|
|
|
|
RefPtr<MozPromise<nsresult, nsresult, false>> p = GetOrCreateBackgroundActor();
|
2017-06-10 04:24:46 +00:00
|
|
|
|
p->Then(GetMainThreadSerialEventTarget(), __func__,
|
2017-04-20 00:46:08 +00:00
|
|
|
|
[]() {
|
|
|
|
|
|
WebAuthnManager* mgr = WebAuthnManager::Get();
|
|
|
|
|
|
if (!mgr) {
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
mgr->StartRegister();
|
|
|
|
|
|
},
|
|
|
|
|
|
[]() {
|
|
|
|
|
|
// This case can't actually happen, we'll have crashed if the child
|
|
|
|
|
|
// failed to create.
|
|
|
|
|
|
});
|
|
|
|
|
|
mTransactionPromise = promise;
|
|
|
|
|
|
mClientData = Some(clientDataJSON);
|
|
|
|
|
|
mCurrentParent = aParent;
|
|
|
|
|
|
mInfo = Some(info);
|
2017-08-04 19:34:18 +00:00
|
|
|
|
ListenForVisibilityEvents(aParent, this);
|
|
|
|
|
|
|
2017-04-20 00:46:08 +00:00
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
|
WebAuthnManager::StartRegister() {
|
|
|
|
|
|
if (mChild) {
|
|
|
|
|
|
mChild->SendRequestRegister(mInfo.ref());
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
|
WebAuthnManager::StartSign() {
|
|
|
|
|
|
if (mChild) {
|
|
|
|
|
|
mChild->SendRequestSign(mInfo.ref());
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-08-04 19:34:18 +00:00
|
|
|
|
void
|
|
|
|
|
|
WebAuthnManager::StartCancel() {
|
|
|
|
|
|
if (mChild) {
|
|
|
|
|
|
mChild->SendRequestCancel();
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-20 00:46:08 +00:00
|
|
|
|
already_AddRefed<Promise>
|
|
|
|
|
|
WebAuthnManager::GetAssertion(nsPIDOMWindowInner* aParent,
|
2017-05-23 21:55:10 +00:00
|
|
|
|
const PublicKeyCredentialRequestOptions& aOptions)
|
2017-04-20 00:46:08 +00:00
|
|
|
|
{
|
|
|
|
|
|
MOZ_ASSERT(aParent);
|
|
|
|
|
|
|
|
|
|
|
|
MaybeClearTransaction();
|
|
|
|
|
|
|
|
|
|
|
|
nsCOMPtr<nsIGlobalObject> global = do_QueryInterface(aParent);
|
|
|
|
|
|
|
|
|
|
|
|
ErrorResult rv;
|
|
|
|
|
|
RefPtr<Promise> promise = Promise::Create(global, rv);
|
|
|
|
|
|
if(rv.Failed()) {
|
|
|
|
|
|
return nullptr;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
nsString origin;
|
2017-07-07 20:30:57 +00:00
|
|
|
|
nsCString rpId;
|
|
|
|
|
|
rv = GetOrigin(aParent, origin, rpId);
|
2017-04-20 00:46:08 +00:00
|
|
|
|
if (NS_WARN_IF(rv.Failed())) {
|
|
|
|
|
|
promise->MaybeReject(rv);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// If timeoutSeconds was specified, check if its value lies within a
|
|
|
|
|
|
// reasonable range as defined by the platform and if not, correct it to the
|
|
|
|
|
|
// closest value lying within that range.
|
|
|
|
|
|
|
2017-05-23 21:55:10 +00:00
|
|
|
|
uint32_t adjustedTimeout = 30000;
|
|
|
|
|
|
if (aOptions.mTimeout.WasPassed()) {
|
|
|
|
|
|
adjustedTimeout = aOptions.mTimeout.Value();
|
|
|
|
|
|
adjustedTimeout = std::max(15000u, adjustedTimeout);
|
|
|
|
|
|
adjustedTimeout = std::min(120000u, adjustedTimeout);
|
2017-04-20 00:46:08 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-07-07 20:30:57 +00:00
|
|
|
|
if (aOptions.mRpId.WasPassed()) {
|
2017-04-20 00:46:08 +00:00
|
|
|
|
// If rpId is specified, then invoke the procedure used for relaxing the
|
|
|
|
|
|
// same-origin restriction by setting the document.domain attribute, using
|
|
|
|
|
|
// rpId as the given value but without changing the current document’s
|
|
|
|
|
|
// domain. If no errors are thrown, set rpId to the value of host as
|
|
|
|
|
|
// computed by this procedure, and rpIdHash to the SHA-256 hash of rpId.
|
|
|
|
|
|
// Otherwise, reject promise with a DOMException whose name is
|
|
|
|
|
|
// "SecurityError", and terminate this algorithm.
|
|
|
|
|
|
|
|
|
|
|
|
if (NS_FAILED(RelaxSameOrigin(aParent, aOptions.mRpId.Value(), rpId))) {
|
|
|
|
|
|
promise->MaybeReject(NS_ERROR_DOM_SECURITY_ERR);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
CryptoBuffer rpIdHash;
|
|
|
|
|
|
if (!rpIdHash.SetLength(SHA256_LENGTH, fallible)) {
|
|
|
|
|
|
promise->MaybeReject(NS_ERROR_OUT_OF_MEMORY);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
nsresult srv;
|
|
|
|
|
|
nsCOMPtr<nsICryptoHash> hashService =
|
|
|
|
|
|
do_CreateInstance(NS_CRYPTO_HASH_CONTRACTID, &srv);
|
|
|
|
|
|
if (NS_WARN_IF(NS_FAILED(srv))) {
|
|
|
|
|
|
promise->MaybeReject(NS_ERROR_DOM_SECURITY_ERR);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
srv = HashCString(hashService, rpId, rpIdHash);
|
|
|
|
|
|
if (NS_WARN_IF(NS_FAILED(srv))) {
|
|
|
|
|
|
promise->MaybeReject(NS_ERROR_DOM_SECURITY_ERR);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Use assertionChallenge, callerOrigin and rpId, along with the token binding
|
|
|
|
|
|
// key associated with callerOrigin (if any), to create a ClientData structure
|
|
|
|
|
|
// representing this request. Choose a hash algorithm for hashAlg and compute
|
|
|
|
|
|
// the clientDataJSON and clientDataHash.
|
|
|
|
|
|
CryptoBuffer challenge;
|
2017-05-23 21:55:10 +00:00
|
|
|
|
if (!challenge.Assign(aOptions.mChallenge)) {
|
2017-04-20 00:46:08 +00:00
|
|
|
|
promise->MaybeReject(NS_ERROR_DOM_SECURITY_ERR);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
nsAutoCString clientDataJSON;
|
2017-09-11 16:06:28 +00:00
|
|
|
|
srv = AssembleClientData(origin, challenge, clientDataJSON);
|
2017-04-20 00:46:08 +00:00
|
|
|
|
if (NS_WARN_IF(NS_FAILED(srv))) {
|
|
|
|
|
|
promise->MaybeReject(NS_ERROR_DOM_SECURITY_ERR);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
CryptoBuffer clientDataHash;
|
|
|
|
|
|
if (!clientDataHash.SetLength(SHA256_LENGTH, fallible)) {
|
|
|
|
|
|
promise->MaybeReject(NS_ERROR_DOM_SECURITY_ERR);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
srv = HashCString(hashService, clientDataJSON, clientDataHash);
|
|
|
|
|
|
if (NS_WARN_IF(NS_FAILED(srv))) {
|
|
|
|
|
|
promise->MaybeReject(NS_ERROR_DOM_SECURITY_ERR);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Note: we only support U2F-style authentication for now, so we effectively
|
|
|
|
|
|
// require an AllowList.
|
2017-05-23 21:55:10 +00:00
|
|
|
|
if (aOptions.mAllowList.Length() < 1) {
|
2017-04-20 00:46:08 +00:00
|
|
|
|
promise->MaybeReject(NS_ERROR_DOM_NOT_ALLOWED_ERR);
|
|
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
nsTArray<WebAuthnScopedCredentialDescriptor> allowList;
|
2017-05-23 21:55:10 +00:00
|
|
|
|
for (const auto& s: aOptions.mAllowList) {
|
2017-04-20 00:46:08 +00:00
|
|
|
|
WebAuthnScopedCredentialDescriptor c;
|
|
|
|
|
|
CryptoBuffer cb;
|
|
|
|
|
|
cb.Assign(s.mId);
|
|
|
|
|
|
c.id() = cb;
|
|
|
|
|
|
allowList.AppendElement(c);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// TODO: Add extension list building
|
|
|
|
|
|
// If extensions was specified, process any extensions supported by this
|
|
|
|
|
|
// client platform, to produce the extension data that needs to be sent to the
|
|
|
|
|
|
// authenticator. If an error is encountered while processing an extension,
|
|
|
|
|
|
// skip that extension and do not produce any extension data for it. Call the
|
|
|
|
|
|
// result of this processing clientExtensions.
|
|
|
|
|
|
nsTArray<WebAuthnExtension> extensions;
|
|
|
|
|
|
|
|
|
|
|
|
WebAuthnTransactionInfo info(rpIdHash,
|
|
|
|
|
|
clientDataHash,
|
2017-05-23 21:55:10 +00:00
|
|
|
|
adjustedTimeout,
|
2017-04-20 00:46:08 +00:00
|
|
|
|
allowList,
|
|
|
|
|
|
extensions);
|
|
|
|
|
|
RefPtr<MozPromise<nsresult, nsresult, false>> p = GetOrCreateBackgroundActor();
|
2017-06-10 04:24:46 +00:00
|
|
|
|
p->Then(GetMainThreadSerialEventTarget(), __func__,
|
2017-04-20 00:46:08 +00:00
|
|
|
|
[]() {
|
|
|
|
|
|
WebAuthnManager* mgr = WebAuthnManager::Get();
|
|
|
|
|
|
if (!mgr) {
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
mgr->StartSign();
|
|
|
|
|
|
},
|
|
|
|
|
|
[]() {
|
|
|
|
|
|
// This case can't actually happen, we'll have crashed if the child
|
|
|
|
|
|
// failed to create.
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
// Only store off the promise if we've succeeded in sending the IPC event.
|
|
|
|
|
|
mTransactionPromise = promise;
|
|
|
|
|
|
mClientData = Some(clientDataJSON);
|
|
|
|
|
|
mCurrentParent = aParent;
|
|
|
|
|
|
mInfo = Some(info);
|
2017-08-04 19:34:18 +00:00
|
|
|
|
ListenForVisibilityEvents(aParent, this);
|
|
|
|
|
|
|
2017-04-20 00:46:08 +00:00
|
|
|
|
return promise.forget();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void
|
2017-07-06 12:44:56 +00:00
|
|
|
|
WebAuthnManager::FinishMakeCredential(nsTArray<uint8_t>& aRegBuffer)
|
2017-04-20 00:46:08 +00:00
|
|
|
|
{
|
|
|
|
|
|
MOZ_ASSERT(mTransactionPromise);
|
|
|
|
|
|
MOZ_ASSERT(mInfo.isSome());
|
|
|
|
|
|
|
|
|
|
|
|
CryptoBuffer regData;
|
|
|
|
|
|
if (NS_WARN_IF(!regData.Assign(aRegBuffer.Elements(), aRegBuffer.Length()))) {
|
2017-07-14 01:12:50 +00:00
|
|
|
|
Cancel(NS_ERROR_OUT_OF_MEMORY);
|
2017-04-20 00:46:08 +00:00
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-07-14 01:12:50 +00:00
|
|
|
|
mozilla::dom::CryptoBuffer aaguidBuf;
|
|
|
|
|
|
if (NS_WARN_IF(!aaguidBuf.SetCapacity(16, mozilla::fallible))) {
|
|
|
|
|
|
Cancel(NS_ERROR_OUT_OF_MEMORY);
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
// TODO: Adjust the AAGUID from all zeroes in Bug 1381575 (if needed)
|
|
|
|
|
|
// See https://github.com/w3c/webauthn/issues/506
|
|
|
|
|
|
for (int i=0; i<16; i++) {
|
|
|
|
|
|
aaguidBuf.AppendElement(0x00, mozilla::fallible);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-20 00:46:08 +00:00
|
|
|
|
// Decompose the U2F registration packet
|
|
|
|
|
|
CryptoBuffer pubKeyBuf;
|
|
|
|
|
|
CryptoBuffer keyHandleBuf;
|
|
|
|
|
|
CryptoBuffer attestationCertBuf;
|
|
|
|
|
|
CryptoBuffer signatureBuf;
|
|
|
|
|
|
|
2017-07-14 01:12:50 +00:00
|
|
|
|
// Only handles attestation cert chains of length=1.
|
2017-04-20 00:46:08 +00:00
|
|
|
|
nsresult rv = U2FDecomposeRegistrationResponse(regData, pubKeyBuf, keyHandleBuf,
|
|
|
|
|
|
attestationCertBuf, signatureBuf);
|
|
|
|
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
|
|
|
|
Cancel(rv);
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
2017-07-14 01:12:50 +00:00
|
|
|
|
MOZ_ASSERT(keyHandleBuf.Length() <= 0xFFFF);
|
2017-04-20 00:46:08 +00:00
|
|
|
|
|
2017-07-25 22:03:59 +00:00
|
|
|
|
nsAutoString keyHandleBase64Url;
|
|
|
|
|
|
rv = keyHandleBuf.ToJwkBase64(keyHandleBase64Url);
|
|
|
|
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
|
|
|
|
Cancel(rv);
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-20 00:46:08 +00:00
|
|
|
|
CryptoBuffer clientDataBuf;
|
|
|
|
|
|
if (!clientDataBuf.Assign(mClientData.ref())) {
|
|
|
|
|
|
Cancel(NS_ERROR_OUT_OF_MEMORY);
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
CryptoBuffer rpIdHashBuf;
|
|
|
|
|
|
if (!rpIdHashBuf.Assign(mInfo.ref().RpIdHash())) {
|
|
|
|
|
|
Cancel(NS_ERROR_OUT_OF_MEMORY);
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-07-14 01:12:50 +00:00
|
|
|
|
// Construct the public key object
|
|
|
|
|
|
CryptoBuffer pubKeyObj;
|
|
|
|
|
|
rv = CBOREncodePublicKeyObj(pubKeyBuf, pubKeyObj);
|
|
|
|
|
|
if (NS_FAILED(rv)) {
|
|
|
|
|
|
Cancel(rv);
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-08-10 03:05:23 +00:00
|
|
|
|
// During create credential, counter is always 0 for U2F
|
|
|
|
|
|
// See https://github.com/w3c/webauthn/issues/507
|
|
|
|
|
|
mozilla::dom::CryptoBuffer counterBuf;
|
|
|
|
|
|
if (NS_WARN_IF(!counterBuf.SetCapacity(4, mozilla::fallible))) {
|
2017-07-14 01:12:50 +00:00
|
|
|
|
Cancel(NS_ERROR_OUT_OF_MEMORY);
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
2017-08-10 03:05:23 +00:00
|
|
|
|
counterBuf.AppendElement(0x00, mozilla::fallible);
|
|
|
|
|
|
counterBuf.AppendElement(0x00, mozilla::fallible);
|
|
|
|
|
|
counterBuf.AppendElement(0x00, mozilla::fallible);
|
|
|
|
|
|
counterBuf.AppendElement(0x00, mozilla::fallible);
|
2017-07-14 01:12:50 +00:00
|
|
|
|
|
2017-08-10 03:05:23 +00:00
|
|
|
|
// Construct the Attestation Data, which slots into the end of the
|
|
|
|
|
|
// Authentication Data buffer.
|
|
|
|
|
|
CryptoBuffer attDataBuf;
|
|
|
|
|
|
rv = AssembleAttestationData(aaguidBuf, keyHandleBuf, pubKeyObj, attDataBuf);
|
|
|
|
|
|
if (NS_FAILED(rv)) {
|
|
|
|
|
|
Cancel(rv);
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
2017-07-14 01:12:50 +00:00
|
|
|
|
|
2017-08-10 03:05:23 +00:00
|
|
|
|
mozilla::dom::CryptoBuffer authDataBuf;
|
|
|
|
|
|
rv = AssembleAuthenticatorData(rpIdHashBuf, FLAG_TUP, counterBuf, attDataBuf,
|
|
|
|
|
|
authDataBuf);
|
|
|
|
|
|
if (NS_FAILED(rv)) {
|
|
|
|
|
|
Cancel(rv);
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
2017-07-14 01:12:50 +00:00
|
|
|
|
|
2017-08-10 03:05:23 +00:00
|
|
|
|
// The Authentication Data buffer gets CBOR-encoded with the Cert and
|
|
|
|
|
|
// Signature to build the Attestation Object.
|
2017-07-14 01:12:50 +00:00
|
|
|
|
CryptoBuffer attObj;
|
|
|
|
|
|
rv = CBOREncodeAttestationObj(authDataBuf, attestationCertBuf, signatureBuf,
|
|
|
|
|
|
attObj);
|
|
|
|
|
|
if (NS_FAILED(rv)) {
|
|
|
|
|
|
Cancel(rv);
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-05-17 00:07:01 +00:00
|
|
|
|
// Create a new PublicKeyCredential object and populate its fields with the
|
|
|
|
|
|
// values returned from the authenticator as well as the clientDataJSON
|
|
|
|
|
|
// computed earlier.
|
|
|
|
|
|
RefPtr<AuthenticatorAttestationResponse> attestation =
|
|
|
|
|
|
new AuthenticatorAttestationResponse(mCurrentParent);
|
|
|
|
|
|
attestation->SetClientDataJSON(clientDataBuf);
|
2017-07-14 01:12:50 +00:00
|
|
|
|
attestation->SetAttestationObject(attObj);
|
2017-04-20 00:46:08 +00:00
|
|
|
|
|
2017-05-17 00:07:01 +00:00
|
|
|
|
RefPtr<PublicKeyCredential> credential = new PublicKeyCredential(mCurrentParent);
|
2017-07-25 22:03:59 +00:00
|
|
|
|
credential->SetId(keyHandleBase64Url);
|
|
|
|
|
|
credential->SetType(NS_LITERAL_STRING("public-key"));
|
2017-05-17 00:07:01 +00:00
|
|
|
|
credential->SetRawId(keyHandleBuf);
|
|
|
|
|
|
credential->SetResponse(attestation);
|
2017-04-20 00:46:08 +00:00
|
|
|
|
|
2017-05-17 00:07:01 +00:00
|
|
|
|
mTransactionPromise->MaybeResolve(credential);
|
2017-04-20 00:46:08 +00:00
|
|
|
|
MaybeClearTransaction();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
|
WebAuthnManager::FinishGetAssertion(nsTArray<uint8_t>& aCredentialId,
|
|
|
|
|
|
nsTArray<uint8_t>& aSigBuffer)
|
|
|
|
|
|
{
|
|
|
|
|
|
MOZ_ASSERT(mTransactionPromise);
|
|
|
|
|
|
MOZ_ASSERT(mInfo.isSome());
|
|
|
|
|
|
|
2017-08-10 03:05:23 +00:00
|
|
|
|
CryptoBuffer tokenSignatureData;
|
|
|
|
|
|
if (NS_WARN_IF(!tokenSignatureData.Assign(aSigBuffer.Elements(),
|
|
|
|
|
|
aSigBuffer.Length()))) {
|
2017-04-20 00:46:08 +00:00
|
|
|
|
Cancel(NS_ERROR_OUT_OF_MEMORY);
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
CryptoBuffer clientDataBuf;
|
|
|
|
|
|
if (!clientDataBuf.Assign(mClientData.ref())) {
|
|
|
|
|
|
Cancel(NS_ERROR_OUT_OF_MEMORY);
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
CryptoBuffer rpIdHashBuf;
|
|
|
|
|
|
if (!rpIdHashBuf.Assign(mInfo.ref().RpIdHash())) {
|
|
|
|
|
|
Cancel(NS_ERROR_OUT_OF_MEMORY);
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-08-10 03:05:23 +00:00
|
|
|
|
CryptoBuffer signatureBuf;
|
|
|
|
|
|
CryptoBuffer counterBuf;
|
|
|
|
|
|
uint8_t flags = 0;
|
|
|
|
|
|
nsresult rv = U2FDecomposeSignResponse(tokenSignatureData, flags, counterBuf,
|
|
|
|
|
|
signatureBuf);
|
|
|
|
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
|
|
|
|
Cancel(rv);
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
CryptoBuffer attestationDataBuf;
|
2017-04-20 00:46:08 +00:00
|
|
|
|
CryptoBuffer authenticatorDataBuf;
|
2017-08-10 03:05:23 +00:00
|
|
|
|
rv = AssembleAuthenticatorData(rpIdHashBuf, FLAG_TUP, counterBuf,
|
|
|
|
|
|
/* deliberately empty */ attestationDataBuf,
|
|
|
|
|
|
authenticatorDataBuf);
|
2017-04-20 00:46:08 +00:00
|
|
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
|
|
|
|
Cancel(rv);
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
CryptoBuffer credentialBuf;
|
|
|
|
|
|
if (!credentialBuf.Assign(aCredentialId)) {
|
2017-07-25 22:03:59 +00:00
|
|
|
|
Cancel(NS_ERROR_OUT_OF_MEMORY);
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
nsAutoString credentialBase64Url;
|
|
|
|
|
|
rv = credentialBuf.ToJwkBase64(credentialBase64Url);
|
|
|
|
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
2017-04-20 00:46:08 +00:00
|
|
|
|
Cancel(rv);
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// If any authenticator returns success:
|
|
|
|
|
|
|
2017-05-22 20:03:58 +00:00
|
|
|
|
// Create a new PublicKeyCredential object named value and populate its fields
|
2017-04-20 00:46:08 +00:00
|
|
|
|
// with the values returned from the authenticator as well as the
|
|
|
|
|
|
// clientDataJSON computed earlier.
|
2017-05-22 20:03:58 +00:00
|
|
|
|
RefPtr<AuthenticatorAssertionResponse> assertion =
|
|
|
|
|
|
new AuthenticatorAssertionResponse(mCurrentParent);
|
|
|
|
|
|
assertion->SetClientDataJSON(clientDataBuf);
|
2017-04-20 00:46:08 +00:00
|
|
|
|
assertion->SetAuthenticatorData(authenticatorDataBuf);
|
2017-08-10 03:05:23 +00:00
|
|
|
|
assertion->SetSignature(signatureBuf);
|
2017-04-20 00:46:08 +00:00
|
|
|
|
|
2017-05-22 20:03:58 +00:00
|
|
|
|
RefPtr<PublicKeyCredential> credential =
|
|
|
|
|
|
new PublicKeyCredential(mCurrentParent);
|
2017-07-25 22:03:59 +00:00
|
|
|
|
credential->SetId(credentialBase64Url);
|
|
|
|
|
|
credential->SetType(NS_LITERAL_STRING("public-key"));
|
2017-05-22 20:03:58 +00:00
|
|
|
|
credential->SetRawId(credentialBuf);
|
|
|
|
|
|
credential->SetResponse(assertion);
|
|
|
|
|
|
|
|
|
|
|
|
mTransactionPromise->MaybeResolve(credential);
|
2017-04-20 00:46:08 +00:00
|
|
|
|
MaybeClearTransaction();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
|
WebAuthnManager::Cancel(const nsresult& aError)
|
|
|
|
|
|
{
|
2017-08-04 19:34:18 +00:00
|
|
|
|
MOZ_ASSERT(NS_IsMainThread());
|
|
|
|
|
|
|
2017-04-20 00:46:08 +00:00
|
|
|
|
if (mTransactionPromise) {
|
|
|
|
|
|
mTransactionPromise->MaybeReject(aError);
|
|
|
|
|
|
}
|
2017-08-04 19:34:18 +00:00
|
|
|
|
|
2017-04-20 00:46:08 +00:00
|
|
|
|
MaybeClearTransaction();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-08-04 19:34:18 +00:00
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
|
WebAuthnManager::HandleEvent(nsIDOMEvent* aEvent)
|
|
|
|
|
|
{
|
|
|
|
|
|
MOZ_ASSERT(aEvent);
|
|
|
|
|
|
|
|
|
|
|
|
nsAutoString type;
|
|
|
|
|
|
aEvent->GetType(type);
|
|
|
|
|
|
if (!type.Equals(kVisibilityChange)) {
|
|
|
|
|
|
return NS_ERROR_FAILURE;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
nsCOMPtr<nsIDocument> doc =
|
|
|
|
|
|
do_QueryInterface(aEvent->InternalDOMEvent()->GetTarget());
|
|
|
|
|
|
MOZ_ASSERT(doc);
|
|
|
|
|
|
|
|
|
|
|
|
if (doc && doc->Hidden()) {
|
|
|
|
|
|
MOZ_LOG(gWebAuthnManagerLog, LogLevel::Debug,
|
|
|
|
|
|
("Visibility change: WebAuthn window is hidden, cancelling job."));
|
|
|
|
|
|
|
|
|
|
|
|
StartCancel();
|
|
|
|
|
|
Cancel(NS_ERROR_ABORT);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return NS_OK;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-20 00:46:08 +00:00
|
|
|
|
void
|
|
|
|
|
|
WebAuthnManager::ActorCreated(PBackgroundChild* aActor)
|
|
|
|
|
|
{
|
2017-07-28 13:53:42 +00:00
|
|
|
|
MOZ_ASSERT(NS_IsMainThread());
|
2017-04-20 00:46:08 +00:00
|
|
|
|
MOZ_ASSERT(aActor);
|
|
|
|
|
|
|
2017-07-28 13:53:42 +00:00
|
|
|
|
if (mChild) {
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-20 00:46:08 +00:00
|
|
|
|
RefPtr<WebAuthnTransactionChild> mgr(new WebAuthnTransactionChild());
|
|
|
|
|
|
PWebAuthnTransactionChild* constructedMgr =
|
|
|
|
|
|
aActor->SendPWebAuthnTransactionConstructor(mgr);
|
|
|
|
|
|
|
|
|
|
|
|
if (NS_WARN_IF(!constructedMgr)) {
|
|
|
|
|
|
ActorFailed();
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
MOZ_ASSERT(constructedMgr == mgr);
|
|
|
|
|
|
mChild = mgr.forget();
|
|
|
|
|
|
mPBackgroundCreationPromise.Resolve(NS_OK, __func__);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
|
WebAuthnManager::ActorDestroyed()
|
|
|
|
|
|
{
|
|
|
|
|
|
mChild = nullptr;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
|
WebAuthnManager::ActorFailed()
|
|
|
|
|
|
{
|
|
|
|
|
|
MOZ_CRASH("We shouldn't be here!");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|