This was done automatically replacing:
s/mozilla::Move/std::move/
s/ Move(/ std::move(/
s/(Move(/(std::move(/
Removing the 'using mozilla::Move;' lines.
And then with a few manual fixups, see the bug for the split series..
MozReview-Commit-ID: Jxze3adipUh
Summary:
FIDO U2F's specification says that when the wrong security key responds to a
signature, or when an already-registered key exists, that the UA should return
error code 4, DEVICE_INELIGIBLE. We used to do that, but adjusted some things
for WebAuthn and now we don't. This changes the soft token to return that at
the appropriate times, and updates the expectations of U2F.cpp that it should
use InvalidStateError as the signal to reutrn DEVICE_INELIGIBLE.
Also, note that WebAuthn's specification says that if any authenticator returns
"InvalidStateError" that it should be propagated, as it indicates that the
authenticator obtained user consent and failed to complete its job [1].
This change to the Soft Token affects the WebAuthn tests, but in a good way.
Reading the WebAuthn spec, we should not be returning NotAllowedError when there
is consent from the user via the token (which the softtoken always deliveres).
As such, this adjusts the affected WebAuthn tests, and adds a couple useful
checks to test_webauthn_get_assertion.html for future purposes.
[1] https://w3c.github.io/webauthn/#createCredential section 5.1.3 "Create a new
credential", Step 20, Note 2: "If any authenticator returns an error status
equivalent to "InvalidStateError"..."
Test Plan: https://treeherder.mozilla.org/#/jobs?repo=try&revision=f2fc930f7fc8eea69b1ebc96748fe95e150a92a4
Reviewers: ttaubert
Bug #: 1460767
Differential Revision: https://phabricator.services.mozilla.com/D1269
--HG--
extra : transplant_source : M%5B%93%81%29%7E%B2%E8%24%05%A6%96%8BUN%C9%FB%3E%B3h
As of bug 1417680, the NSS shutdown tracking infrastructure is unnecessary (and
does nothing anyway). This series of changesets removes the remaining pieces in
a way that is hopefully easy to confirm is correct.
MozReview-Commit-ID: 8Y5wpsyNlGc
--HG--
extra : rebase_source : ef6b481510d949e404a4ef5615097d66e566c947
Summary:
Add support for PublicKeyCredentialRequestOptions.userVerification. For now
this basically means that we'll abort the operation with NotAllowed, as we
don't support user verification yet.
Pass PublicKeyCredentialDescriptor.transports through to the token manager
implementations. The softoken will ignore those and pretend to support all
transports defined by the spec. The USB HID token will check for the "usb"
transport and either ignore credentials accordingly, or abort the operation.
Note: The `UserVerificationRequirement` in WebIDL is defined at https://w3c.github.io/webauthn/#assertion-options
Reviewers: jcj, smaug
Reviewed By: jcj, smaug
Bug #: 1406467
Differential Revision: https://phabricator.services.mozilla.com/D338
--HG--
extra : amend_source : 314cadb3bc40bbbee2a414bc5f13caed55f9d720
This was automatically generated by the script modeline.py.
MozReview-Commit-ID: BgulzkGteAL
--HG--
extra : rebase_source : a4b9d16a4c06c4e85d7d85f485221b1e4ebdfede
The U2FSoftTokenManager is a synchronous implementation and thus didn't need a
timeout so far. We need it for the U2FHIDTokenManager though to let user
interaction timeout properly.
Thus, add a timeout argument to the methods required by the U2FTokenTransport
interface and forward that to the token manager implementations.
This patch adds a Cancel() method to the U2FTokenTransport interface so that
we can forward request cancellations to the actual token manager implementation.
The current softtoken doesn't need that as it processes API calls synchronously,
USB HID tokens however need a cancellation mechanism.
The SendRequestCancel() call has been removed from WebAuthnManager::Cancel() as
we're currently only calling this method either when the chrome process
cancels the request (and then we don't need to send it back again) or the
content process fails to process the data after a request was fulfilled and
thus there's nothing to cancel. We will touch this again later when the UI
cancels requests on tab switch and similar user actions.
The U2F Soft Token, due to its usage of NSS, has to have const values be
marked non-const - but no such limitation should exist for other implementations
of U2F, so this patch moves the const_cast-ing from the U2FTokenManager-level
down to the U2FSoftTokenManager, where it is actually necessary.
Credit to Axel Nennker for this patch.
MozReview-Commit-ID: Kw6zfTDI3GL
--HG--
extra : rebase_source : 90e31e2da9e021043509653a476ddaae03078e55
Takes functionality from NSSU2FToken/NSSU2FTokenRemote classes, and
moves it into a U2FSoftToken class. Leaves
NSSU2FToken/NSSU2FTokenRemote classes intact so as not to break U2F
API code (to be ported to async IPC in bug 1354330).
MozReview-Commit-ID: El2MCcYUrtE
Takes functionality that was in the WebAuthentication class that now
needs to be handled by the parent process, and moves it to the
U2FTokenManager singleton class. U2FTokenManager is created on the
PBackground thread during the first WebAuthn transaction, and manages
hardware access and transaction management for the lifetime of the
browser session. Patch also adds parent classes for WebAuthn IPC
protocol.
MozReview-Commit-ID: EnhgUTPdlMZ
