storage/mozIStorageAsyncStatement.idl
author J.C. Jones <jjones@mozilla.com>
Wed, 09 Aug 2017 20:05:23 -0700
changeset 374432 d95683eef9ba92f79901d099631fcd2b733d4c15
parent 244595 ad01543457e739b4eee7a245e16734a3ecfd10ad
child 474137 41f28d23024ebecf5445896cd3b6b39a6b650a9d
permissions -rw-r--r--
Bug 1387820 - WebAuthn WD-05 Get Assertion Data Fix r=keeler The WebAuthn WD-05 specification's Get Assertion method defines the returned AuthenticatorAssertionResponse as providing ClientData, AuthenticatorData, and the Signature from the Authenticator. Our implementation is incorrectly setting AuthenticatorData and Signature: AuthenticatorData as a structure is intended to mirror the structure from the AuthenticatorData [1] section of the Attestation CBOR Object [2] in the MakeCredential method, which we weren't doing _at all_. This is clarified in the editor's draft of the specification, soon to be WD-06. Signature for U2F Authenticators is defined as the "attestation signature", [3] which is under-specified and we assumed would be the raw output from the U2F Authenticator [4]. This should instead be the raw ANSI X9.62 signature with no additional bytes. [5] [1] https://www.w3.org/TR/2017/WD-webauthn-20170505/#sec-authenticator-data [2] https://www.w3.org/TR/2017/WD-webauthn-20170505/#sec-attestation-data [3] https://www.w3.org/TR/2017/WD-webauthn-20170505/#fido-u2f-attestation [4] https://lists.w3.org/Archives/Public/public-webauthn/2017Aug/0078.html [5] https://bugzilla.mozilla.org/show_bug.cgi?id=1387820#c4 MozReview-Commit-ID: DTIOILfS4pK

/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
 * vim: sw=2 ts=2 sts=2 expandtab
 * This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#include "mozIStorageBaseStatement.idl"

/**
 * An asynchronous SQL statement.  This differs from mozIStorageStatement by
 * only being usable for asynchronous execution.  (mozIStorageStatement can
 * be used for both synchronous and asynchronous purposes.)  This specialization
 * for asynchronous operation allows us to avoid needing to acquire
 * synchronization primitives also used by the asynchronous execution thread.
 * In contrast, mozIStorageStatement may need to acquire the primitives and
 * consequently can cause the main thread to lock for extended intervals while
 * the asynchronous thread performs some long-running operation.
 */
[scriptable, uuid(52e49370-3b2e-4a27-a3fc-79e20ad4056b)]
interface mozIStorageAsyncStatement : mozIStorageBaseStatement {
  /*
   * 'params' provides a magic JS helper that lets you assign parameters by
   * name.  Unlike the helper on mozIStorageStatement, you cannot enumerate
   * in order to find out what parameters are legal.
   *
   * This does not work for BLOBs.  You must use an explicit binding API for
   * that.
   *
   * example:
   *  stmt.params.foo = 1;
   *  stmt.params["bar"] = 2;
   *  let argName = "baz";
   *  stmt.params[argName] = 3;
   *
   * readonly attribute nsIMagic params;
   */
};