Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-20 16:55:40 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
e3c223da3e
gecko-dev/dom/webauthn/WebAuthnUtil.h
J.C. Jones 1746417e71 Bug 1539541 - Enable FIDO U2F API, and permit registrations for Google Accounts r=keeler,qdot 
Per the thread "Intent-to-Ship: Backward-Compatibility FIDO U2F support for
Google Accounts" on dev-platform [0], this bug is to:

  1. Enable the security.webauth.u2f by default, to ride the trains

  2. Remove the aOp == U2FOperation::Sign check from EvaluateAppID in
     WebAuthnUtil.cpp, permitting the Google override to work for Register as
     well as Sign.

This would enable Firefox users to use FIDO U2F API on most all sites, subject
to the algorithm limitations discussed in the section "Thorny issues in
enabling our FIDO U2F API implementation" of that post.

[0] https://groups.google.com/d/msg/mozilla.dev.platform/q5cj38hGTEA/lC834665BQAJ

Differential Revision: https://phabricator.services.mozilla.com/D25241

--HG--
extra : moz-landing-system : lando
2019-03-29 17:16:13 +00:00

91 lines
3.6 KiB
C++
Raw Blame History

/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef mozilla_dom_WebAuthnUtil_h
#define mozilla_dom_WebAuthnUtil_h
/*
* Utility functions used by both WebAuthnManager and U2FTokenManager.
*/
#include "mozilla/dom/CryptoBuffer.h"
#include "mozilla/dom/WebAuthenticationBinding.h"
namespace mozilla {
namespace dom {
enum class U2FOperation { Register, Sign };
bool EvaluateAppID(nsPIDOMWindowInner* aParent, const nsString& aOrigin,
/* in/out */ nsString& aAppId);
nsresult AssembleAuthenticatorData(const CryptoBuffer& rpIdHashBuf,
const uint8_t flags,
const CryptoBuffer& counterBuf,
const CryptoBuffer& attestationDataBuf,
/* out */ CryptoBuffer& authDataBuf);
nsresult AssembleAttestationObject(const CryptoBuffer& aRpIdHash,
const CryptoBuffer& aPubKeyBuf,
const CryptoBuffer& aKeyHandleBuf,
const CryptoBuffer& aAttestationCertBuf,
const CryptoBuffer& aSignatureBuf,
bool aForceNoneAttestation,
/* out */ CryptoBuffer& aAttestationObjBuf);
nsresult U2FDecomposeSignResponse(const CryptoBuffer& aResponse,
/* out */ uint8_t& aFlags,
/* out */ CryptoBuffer& aCounterBuf,
/* out */ CryptoBuffer& aSignatureBuf);
nsresult U2FDecomposeRegistrationResponse(
const CryptoBuffer& aResponse,
/* out */ CryptoBuffer& aPubKeyBuf,
/* out */ CryptoBuffer& aKeyHandleBuf,
/* out */ CryptoBuffer& aAttestationCertBuf,
/* out */ CryptoBuffer& aSignatureBuf);
nsresult U2FDecomposeECKey(const CryptoBuffer& aPubKeyBuf,
/* out */ CryptoBuffer& aXcoord,
/* out */ CryptoBuffer& aYcoord);
nsresult HashCString(const nsACString& aIn, /* out */ CryptoBuffer& aOut);
nsresult BuildTransactionHashes(const nsCString& aRpId,
const nsCString& aClientDataJSON,
/* out */ CryptoBuffer& aRpIdHash,
/* out */ CryptoBuffer& aClientDataHash);
} // namespace dom
} // namespace mozilla
namespace IPC {
template <>
struct ParamTraits<mozilla::dom::AuthenticatorAttachment>
: public ContiguousEnumSerializer<
mozilla::dom::AuthenticatorAttachment,
mozilla::dom::AuthenticatorAttachment::Platform,
mozilla::dom::AuthenticatorAttachment::EndGuard_> {};
template <>
struct ParamTraits<mozilla::dom::UserVerificationRequirement>
: public ContiguousEnumSerializer<
mozilla::dom::UserVerificationRequirement,
mozilla::dom::UserVerificationRequirement::Required,
mozilla::dom::UserVerificationRequirement::EndGuard_> {};
template <>
struct ParamTraits<mozilla::dom::AttestationConveyancePreference>
: public ContiguousEnumSerializer<
mozilla::dom::AttestationConveyancePreference,
mozilla::dom::AttestationConveyancePreference::None,
mozilla::dom::AttestationConveyancePreference::EndGuard_> {};
} // namespace IPC
#endif // mozilla_dom_WebAuthnUtil_h
Reference in New Issue View Git Blame Copy Permalink