Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-27 23:02:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1819156 - Assign WebAuthn transaction IDs randomly. r=keeler

Browse Source 
Differential Revision: https://phabricator.services.mozilla.com/D171138
This commit is contained in:
John Schanck 2023-02-28 17:18:21 +00:00
parent 35c2e74490
commit abb105e577
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
dom/webauthn/WebAuthnManager.h
View File

@ -9,6 +9,7 @@
#include "mozilla/Maybe.h"
#include "mozilla/MozPromise.h"
#include "mozilla/RandomNum.h"
#include "mozilla/dom/AbortSignal.h"
#include "mozilla/dom/PWebAuthnTransaction.h"
#include "mozilla/dom/WebAuthnManagerBase.h"
@ -65,12 +66,13 @@ class WebAuthnTransaction {
bool mVisibilityChanged;
private:
// Generates a unique id for new transactions. This doesn't have to be unique
// forever, it's sufficient to differentiate between temporally close
// transactions, where messages can intersect. Can overflow.
// Generates a probabilistically unique ID for the new transaction. IDs are 53
// bits, as they are used in javascript. We use a random value if possible,
// otherwise a counter.
static uint64_t NextId() {
static uint64_t id = 0;
return ++id;
Maybe<uint64_t> rand = mozilla::RandomUint64();
return rand.valueOr(++id) & UINT64_C(0x1fffffffffffff); // 2^53 - 1
}
};