Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-13 13:25:37 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
757be4f470
gecko-dev/dom/webidl/U2F.webidl
J.C. Jones e6dd50ba10 Bug 1309284 - Implement W3C Web Authentication JS API [part 1] r=keeler,qdot 
This patch implements the W3C Web Authentication API from
https://www.w3.org/TR/webauthn/, currently the 28 September 2016
working draft.

It utilizes a tentative binding of the U2F NSS Soft Token to provide
authentication services while waiting on Bug 1245527 to support USB HID-based
U2F tokens. This binding is not in the specification yet, so it should be
considered an experiment to help the specification move fowrard.

There are also a handful of deviations from the specification's WebIDL, which
are annotated with comments in WebAuthentication.webidl.

There are no tests in this commit; they are in Part 4 of this commit series.
There is a small script online at https://webauthn.bin.coffee/ to exercise this
code, but it doesn't do any automated checks.

There are also a handful of TODOS:
1) The algorithm to relax the same-origin restriction is in Part 3.
2) The use of AlgorithmIdentifier and having a way to coerce an object to a
   string is still missing.
3) Timeouts and deadlines aren't there, and are pending reworking how
   the nsIU2FToken interface works.

UPDATED:
- Address qdot, keeler review comments (thanks!)
- Address more qdot, keeler review comments (thanks!)

MozReview-Commit-ID: JITapI38iOh

--HG--
extra : rebase_source : 9a09e852dd0c8dc47f42dabbcf8b845a6828b225
2017-01-09 13:22:49 -07:00

97 lines
2.8 KiB
Plaintext
Raw Blame History

/* -*- Mode: IDL; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
* You can obtain one at http://mozilla.org/MPL/2.0/.
*
* The origin of this IDL file is a combination of the FIDO U2F Raw Message Formats:
* https://fidoalliance.org/specs/fido-u2f-v1.0-nfc-bt-amendment-20150514/fido-u2f-raw-message-formats.html
* and the U2F JavaScript API v1.1, not yet published. While v1.1 is not published,
* v1.0, is located here:
* https://fidoalliance.org/specs/fido-u2f-v1.0-nfc-bt-amendment-20150514/fido-u2f-javascript-api.html
*/
[NoInterfaceObject]
interface GlobalU2F {
[Throws, Pref="security.webauth.u2f"]
readonly attribute U2F u2f;
};
typedef unsigned short ErrorCode;
typedef sequence<Transport> Transports;
enum Transport {
"bt",
"ble",
"nfc",
"usb"
};
dictionary U2FClientData {
DOMString typ; // Spelling is from the specification
DOMString challenge;
DOMString origin;
// cid_pubkey for Token Binding is not implemented
};
dictionary RegisterRequest {
DOMString version;
DOMString challenge;
};
dictionary RegisterResponse {
DOMString version;
DOMString registrationData;
DOMString clientData;
// From Error
ErrorCode? errorCode;
DOMString? errorMessage;
};
dictionary RegisteredKey {
DOMString version;
DOMString keyHandle;
Transports? transports;
DOMString? appId;
};
dictionary SignResponse {
DOMString keyHandle;
DOMString signatureData;
DOMString clientData;
// From Error
ErrorCode? errorCode;
DOMString? errorMessage;
};
callback U2FRegisterCallback = void(RegisterResponse response);
callback U2FSignCallback = void(SignResponse response);
[Pref="security.webauth.u2f"]
interface U2F {
// These enumerations are defined in the FIDO U2F Javascript API under the
// interface "ErrorCode" as constant integers, and also in the U2F.cpp file.
// Any changes to these must occur in both locations.
const unsigned short OK = 0;
const unsigned short OTHER_ERROR = 1;
const unsigned short BAD_REQUEST = 2;
const unsigned short CONFIGURATION_UNSUPPORTED = 3;
const unsigned short DEVICE_INELIGIBLE = 4;
const unsigned short TIMEOUT = 5;
[Throws]
void register (DOMString appId,
sequence<RegisterRequest> registerRequests,
sequence<RegisteredKey> registeredKeys,
U2FRegisterCallback callback,
optional long? opt_timeoutSeconds);
[Throws]
void sign (DOMString appId,
DOMString challenge,
sequence<RegisteredKey> registeredKeys,
U2FSignCallback callback,
optional long? opt_timeoutSeconds);
};
Reference in New Issue View Git Blame Copy Permalink