Bug 1463170 - Set AuthenticatorAssertionResponse.userHandle to null r=ttaubert r=smaug Summary: The WebAuthn spec says to set `AuthenticatorAssertionResponse.userHandle` to null when the authenticator returns no user handle (e.g., when allowList is set), but we return an empty ArrayBuffer. This is because of the defaults in AuthenticatorAssertionResponse.h, as the field is itself unset. We missed this change to the spec that happened in December [2], so this also has a corresponding WebIDL update. I don't see any other instances of WebIDL differences. [1] https://w3c.github.io/webauthn/#ref-for-dom-authenticatorassertionresponse-userhandle%E2%91%A0 [2] https://github.com/w3c/webauthn/commit/3b2a1d141cbd8f2954f073a6b6598d954398a986 Test Plan: https://treeherder.mozilla.org/#/jobs?repo=try&revision=59a2ab255ef14e935c1aa9f457276f8e61e5d779 Reviewers: smaug, ttaubert Bug #: 1463170 Differential Revision: https://phabricator.services.mozilla.com/D1337

Bug 1460767 - Return device ineligible when appropriate for U2F r=ttaubert Summary: FIDO U2F's specification says that when the wrong security key responds to a signature, or when an already-registered key exists, that the UA should return error code 4, DEVICE_INELIGIBLE. We used to do that, but adjusted some things for WebAuthn and now we don't. This changes the soft token to return that at the appropriate times, and updates the expectations of U2F.cpp that it should use InvalidStateError as the signal to reutrn DEVICE_INELIGIBLE. Also, note that WebAuthn's specification says that if any authenticator returns "InvalidStateError" that it should be propagated, as it indicates that the authenticator obtained user consent and failed to complete its job [1]. This change to the Soft Token affects the WebAuthn tests, but in a good way. Reading the WebAuthn spec, we should not be returning NotAllowedError when there is consent from the user via the token (which the softtoken always deliveres). As such, this adjusts the affected WebAuthn tests, and adds a couple useful checks to test_webauthn_get_assertion.html for future purposes. [1] https://w3c.github.io/webauthn/#createCredential section 5.1.3 "Create a new credential", Step 20, Note 2: "If any authenticator returns an error status equivalent to "InvalidStateError"..." Test Plan: https://treeherder.mozilla.org/#/jobs?repo=try&revision=f2fc930f7fc8eea69b1ebc96748fe95e150a92a4 Reviewers: ttaubert Bug #: 1460767 Differential Revision: https://phabricator.services.mozilla.com/D1269

Bug 1443248 - Update u2fhid to core-foundation-sys 0.5. r=ttaubert MozReview-Commit-ID: 4xTSQpvHHAV

Bug 1436078 - Hard-code U2F permissions for Google Accounts r=ttaubert This patch support already-enrolled U2F devices at Google Accounts by adding a hard-coded "OK" into the U2F EvaluateAppID method, per the intent-to-ship [1]. This adds no tests, as this is not testable in our infrastructure. It will require cooporation with Google Accounts to validate. [1] https://groups.google.com/d/msg/mozilla.dev.platform/Uiu3fwnA2xw/201ynAiPAQAJ MozReview-Commit-ID: 1YLd5sfeTKv

Bug 1436078 - Hard-code U2F permissions for Google Accounts r=ttaubert This patch support already-enrolled U2F devices at Google Accounts by adding a hard-coded "OK" into the U2F EvaluateAppID method, per the intent-to-ship [1]. This adds no tests, as this is not testable in our infrastructure. It will require cooporation with Google Accounts to validate. [1] https://groups.google.com/d/msg/mozilla.dev.platform/Uiu3fwnA2xw/201ynAiPAQAJ MozReview-Commit-ID: 1YLd5sfeTKv

bug 1421084 - part 4/4 - remove nsNSSShutDown.h and (hopefully) all references to it r=mt,ttaubert MozReview-Commit-ID: 2mhvHsC5Nil

bug 1421084 - part 3/4 - remove nsNSSShutDownObject::shutdown and virtualDestroyNSSReference r=mt,ttaubert MozReview-Commit-ID: ErL7ZjAGVVC

bug 1421084 - part 2/4 - remove nsNSSShutDownObject::isAlreadyShutDown() r=mt,ttaubert MozReview-Commit-ID: DlS16pHE0Ik

bug 1421084 - part 1/4 - remove now-unnecessary nsNSSShutDownPreventionLock r=mt,ttaubert As of bug 1417680, the NSS shutdown tracking infrastructure is unnecessary (and does nothing anyway). This series of changesets removes the remaining pieces in a way that is hopefully easy to confirm is correct. MozReview-Commit-ID: 8Y5wpsyNlGc

Bug 1428916 - WebAuthn: Draft Attestation Preference r=smaug,ttaubert The WebAuthn spec lets RPs ask to specifically get direct attestation certificates during credential creation using the "Attestation Conveyance Preference" [1]. This change adds that field into the WebIDL and ignores it for now. This is pre-work to Bug #1430150 which will make this useful (which in turn requires Bug #1416056's support for anonymizing those attestation certificates). [1] https://www.w3.org/TR/webauthn/#attestation-convey MozReview-Commit-ID: 763vaAMv48z

Bug 1407789 - Prohibit cross-site iframes for Credential Management r=baku,keeler,ttaubert Credential Management defines a parameter `sameOriginWithAncestors` which is set true if the responsible document is not either in a top-level browsing context, or is in a nested context whose heirarchy is all loaded from the same origin as the top-level context [1][2]. The individual credential types of CredMan can use this flag to make decisions on whether to error or not. Our Credential Management implementation right now is a shim to Web Authentication, which says that if `sameOriginWithAncestors` is false, return `"NotAllowedError"`. This ensures that https://webauthn.bin.coffee/iframe.html works, but the cross-origin https://u2f.bin.coffee/iframe-webauthn.html does not. [1] https://w3c.github.io/webappsec-credential-management/#algorithm-request [2] https://w3c.github.io/webappsec-credential-management/#algorithm-create [3] https://w3c.github.io/webauthn/#createCredential [4] https://w3c.github.io/webauthn/#getAssertion MozReview-Commit-ID: KIyakgl0kGv

Bug 1247124 - Limit FIDO U2F to Secure Contexts r=ttaubert,smaug Use the [SecureContext] webidl notation to hide the powerful "window.u2f" feature and its interface when not loaded in a secure context. MozReview-Commit-ID: 7en8b5ieI85

Bug 1423236 - Rerun mach vendor rust. r=ttaubert This contains the generated changes from running `mach vendor rust` on the previous commit, and eliminates the redundant copy of libudev-sys we have sitting in third_party/rust/ MozReview-Commit-ID: IXTI14beFMi

Bug 1423236 - Use patch instead of replace to eliminate redundant vendored copy of libudev-sys. r=ttaubert MozReview-Commit-ID: 529N231rvgY

Bug 1420060 - FIPS can no longer be toggled in Firefox with the builtin NSS, r=ttaubert MozReview-Commit-ID: 5lgEBiFozSG Differential Revision: https://phabricator.services.mozilla.com/D282

Bug 1402519 - Remove MOZ_CRASHREPORTER directives from security; r=ttaubert MozReview-Commit-ID: CfPBvffjEhq

Bug 1403840 - add cose rust lib with a test, r=keeler,ttaubert Summary: This adds the COSE rust library from https://github.com/franziskuskiefer/cose-rust with its C API from https://github.com/franziskuskiefer/cose-c-api to gecko with a basic test. The COSE library will be used for verifying add-on signatures in future. Reviewers: keeler, ttaubert Reviewed By: keeler Bug #: 1403840 Differential Revision: https://phabricator.services.mozilla.com/D232

Bug 1402519 - Remove MOZ_CRASHREPORTER directives from security; r=ttaubert MozReview-Commit-ID: CfPBvffjEhq

Bug 1418752 - Firefox instahang on start after landing patch from bug #1392841. r=ttaubert EnsureNSSInitializedChromeOrContent() sends sync event to main thread from non-main thread even if it's already initialized. This can make fix at https://searchfox.org/mozilla-central/rev/919dce54f43356c22d6ff6b81c07ef412b1bf933/netwerk/protocol/http/nsHttpHandler.cpp#2105 inefficient and can lead to a deadlock.

Bug 1401594 - land NSS NSS_3_34_BETA5 UPGRADE_NSS_RELEASE, r=ttaubert MozReview-Commit-ID: HdFnjDGJDcJ

Bug 1415795 - revert name change of NSS API, r=ttaubert MozReview-Commit-ID: Jj72zkfaRh

Bug 1409259 - Add browser console test for the distrust console message r=keeler,ttaubert There are xpcshell tests to verify that the appropriate distrust flag is set upon reaching an affected end entity certificate; this test checks that the distrust flag prints a warning to console. MozReview-Commit-ID: OMG246WOOT

Bug 1409259 - Add a console warning for soon-to-be-distrusted roots r=keeler,ttaubert This patch adds a new diagnostic status flag to nsIWebProgressListener, STATE_CERT_DISTRUST_IMMINENT, which indicates that the certificate chain is going to change validity due to an upcoming distrust event. The first of these events is this bug, affecting various roots from Symantec. The STATE_CERT_DISTRUST_IMMINENT flag is set by nsNSSCallbacks and passed, via nsSecureBrowserUIImpl, to browser.js where it is used to alert the console. Adding this sort of diagnostic printing to be accessible to browser.js is a long-desired goal, as future functionality can start doing more decision-making there. We may, for example, also want to degrade the lock icon, which will be straightforward with this flag. This commit does not implement the IsCertificateDistrustImminent method. That is follow-on work. MozReview-Commit-ID: 75IOdc24XIV

Bug 1381190 - Change to COSE Algorithm identifiers for WebAuthn r=qdot,ttaubert The WD-06 (and later) WebAuthn specs choose to move to integer algorithm identifiers for the signatures [1], with a handful of algorithms identified [2]. U2F devices only support ES256 (e.g., COSE ID "-7"), so that's all that is implemented here. Note that the spec also now requires that we accept empty lists of parameters, and in that case, the RP says they aren't picky, so this changes what happens when the parameter list is empty (but still aborts when the list is non-empty but doesn't have anything we can use) [3]. There's a follow-on to move parameter-validation logic into the U2FTokenManager in Bug 1409220. [1] https://w3c.github.io/webauthn/#dictdef-publickeycredentialparameters [2] https://w3c.github.io/webauthn/#alg-identifier [3] https://w3c.github.io/webauthn/#createCredential bullet #12 MozReview-Commit-ID: KgL7mQ9u1uq

Bug 1381190 - Remove WebAuthnRequest dead code r=ttaubert The WebAuthnRequest.h file is no longer used, and it appears we forgot to clean it up. MozReview-Commit-ID: 8Cgh40YxGiY

Bug 1402267 - Add a scalar telemetry probe that tracks SessionFile worker restarts. data-r=liuche, r=chutten,liuche,ttaubert MozReview-Commit-ID: F3kCfz18kcQ

Bug 1402267 - Restart the SessionWorker each time there are failures reported as much as defined in the 'browser.sessionstore.max_write_failures' pref. r=ttaubert MozReview-Commit-ID: 91vOcbmhFmj

Bug 1407829 - WebAuthn: Implement CredMan's Store method r=qdot,ttaubert Credential Management defines a Store operation [1], which needs to be implemented for WebAuthn's spec compliance. It only returns a NotSupportedError for WebAuthn [2], so it's pretty simple. [1] https://w3c.github.io/webappsec-credential-management/#dom-credentialscontainer-store [2] https://w3c.github.io/webauthn/#storeCredential MozReview-Commit-ID: KDEB8r5feQt

Bug 1406456 - WebAuthn WebIDL Updates for WD-07 (part 3) r=qdot,ttaubert Reorder WebAuthentication.webidl to match the ordering of the IDL index in the Web Authentication spec. No normative changes. MozReview-Commit-ID: 7qPE60Qh7Ly

Bug 1406456 - WebAuthn WebIDL Updates for WD-07 (part 2) r=qdot,ttaubert This covers these renames: * In CollectedClientData, hashAlg => hashAlgorithm * In CollectedClientData, tokenBinding => tokenBindingId * In MakePublicKeyCredentialOptions, parameters => pubKeyCredParams * In MakePublicKeyCredentialOptions, excludeList => excludeCredentials * In PublicKeyCredentialRequestOptions, allowList => allowCredentials * Transport (WebAuthnTransport in Gecko) => AuthenticatorTransport MozReview-Commit-ID: 3FdRnkosy83

Bug 1406469 - Handle the WebAuthn "User Verified" flag r=ttaubert WebAuthn has added a flag UV to indicate the user was biometrically verified. We have to make sure not to set that flag for U2F. Turns out we already do that, but let's add the constant and such. Ref: https://w3c.github.io/webauthn/#authenticator-data MozReview-Commit-ID: 6Qtjdkverls

Bug 1244959 - Use IsRegistrableDomainSuffixOfOrEqualTo for U2F Facets r=ttaubert In Comment 8 of Bug 1244959 [1], Brad Hill argues that instead of leaving our U2F Facet support completely half-way, that we could use the Public Suffix logic introduced into HTML for W3C Web Authentication (the method named IsRegistrableDomainSuffixOfOrEqualTo) to scope the FIDO AppID to an eTLD+1 hierarchy. This is a deviation from the FIDO specification, but doesn't break anything that currently works with our U2F implementation, and theoretically enables sites that otherwise need an external FacetID fetch which we aren't implementing. The downside to this is that it's then Firefox-specific behavior. But since this isn't a shipped feature, we have more room to experiment. As an additional bonus, it encourages U2F sites to use the upcoming Web Authentication security model, which will help them prepare to adopt the newer standard. [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1244959#c8 MozReview-Commit-ID: DzNVhHT9qRL

Bug 1399334 - Add more debugging to see why certificates aren't valid. r=ttaubert There's an intermittent that is showing up now that test_register_sign.html checks state.attestationCert.verify(); to ensure hte SoftToken's certificate is valid. This patch prints the offending certificate when it's encountered, to help diagnose the root cause. MozReview-Commit-ID: 4QSobq9fBGK

Bug 1400066 - Gracefully handle unsupported platforms for U2F HID support r=ttaubert FreeBSD isn't currently support for FIDO U2F support, similar to Android, so this patch [1] from Jan Beich <jbeich@FreeBSD.org> treats Android and FreeBSD the same. With luck, someone will add in the platform support for both, soon! [1] https://github.com/jcjones/u2f-hid-rs/pull/44 MozReview-Commit-ID: DU7Rco2NLb3

Bug 1400080 - Remove impossible telemetry test from WebAuthn r=ttaubert Now that there are actual hardware devices, this test can't be run: it depended on there being a deliberately-erroring implementation of WebAuthn which would instantly reject promises. Fortunately, this test was really more a test that telemetry scalars work properly than really the functionality of WebAuthn. Sadly, I don't see any way to re-enable this test without adding a new test- only pref to the tree, which doesn't seem worth it for the telemetry. So this patch removes the offending test completely which was backed out in https://hg.mozilla.org/integration/mozilla-inbound/rev/c115eec567a6 . MozReview-Commit-ID: LiLuQHbPU1z

Bug 1245527 - Remove NSS U2F SoftToken. r=ttaubert, r=jed The nsIU2FToken and its implementors are no longer needed; the soft token was re-implemented into dom/webauthn/U2FSoftTokenManager.cpp during the WebAuthn implementation. When the dom/u2f/ code changed to the implementation from WebAuthn, the old synchronous version became dead code. This patch removes the dead code. MozReview-Commit-ID: 2yDD0tccgZr

Bug 1245527 - Rewrite U2F.cpp to use U2FTokenManager. r=keeler, r=ttaubert - This patch reworks the U2F module to asynchronously call U2FManager, which in turn handles constructing and managing the U2FTokenManager via IPC. - Add U2FTransaction{Parent,Child} implementations to mirror similar ones for WebAuthn - Rewrite all tests to compensate for U2F executing asynchronously now. - Used async tasks, used the manifest parameters for scheme, and generally made these cleaner. - The mochitest "pref =" functionality from Bug 1328830 doesn't support Android yet, causing breakage on Android. Rework the tests to go back to the old way of using iframes to test U2F. NOTE TO REVIEWERS: Since this is huge, I recommend the following: keeler - please review U2F.cpp/h, the tests, and the security-prefs.js. Most of the U2F logic is still in U2F.cpp like before, but there's been some reworking of how it is called. ttaubert - please review U2FManager, the Transaction classes, build changes, and the changes to nsGlobalWindow. All of these should be very similar to the WebAuthn code it's patterned off. MozReview-Commit-ID: C1ZN2ch66Rm

Bug 1245527 - Remove NSS U2F SoftToken. r=ttaubert, r=jed The nsIU2FToken and its implementors are no longer needed; the soft token was re-implemented into dom/webauthn/U2FSoftTokenManager.cpp during the WebAuthn implementation. When the dom/u2f/ code changed to the implementation from WebAuthn, the old synchronous version became dead code. This patch removes the dead code. MozReview-Commit-ID: 2yDD0tccgZr

Bug 1245527 - Rewrite U2F.cpp to use U2FTokenManager. r=keeler, r=ttaubert - This patch reworks the U2F module to asynchronously call U2FManager, which in turn handles constructing and managing the U2FTokenManager via IPC. - Add U2FTransaction{Parent,Child} implementations to mirror similar ones for WebAuthn - Rewrite all tests to compensate for U2F executing asynchronously now. - Used async tasks, used the manifest parameters for prefs and scheme, and generally made these cleaner. NOTE TO REVIEWERS: Since this is huge, I recommend the following: keeler - please review U2F.cpp/h, the tests, and the security-prefs.js. Most of the U2F logic is still in U2F.cpp like before, but there's been some reworking of how it is called. ttaubert - please review U2FManager, the Transaction classes, build changes, and the changes to nsGlobalWindow. All of these should be very similar to the WebAuthn code it's patterned off. MozReview-Commit-ID: C1ZN2ch66Rm

Bug 1383799 - Cancel WebAuthn operations on tab-switch r=ttaubert WebAuthn operations that are in-flight with authenticators must be cancelled when switching tabs. There's an Issue [1] opened with the WebAuthn spec for this already, but the language is _not_ in spec. Still, it's necessary for security, spec or not. This also matches how Chromium handles U2F operations during a tab switch. [1] https://github.com/w3c/webauthn/issues/316 MozReview-Commit-ID: 6Qh9oC4pqys

Bug 1373672 - Part 3: Expose childOffset from nsIDocShell to use in nsSessionStoreUtils, r=ttaubert, r=smaug The reasoning behind this is that with this change, removing a non-dynamic docshell from the document dynamically shouldn't affect the indexes which we use for both recording and restoring data in child docshells. MozReview-Commit-ID: JIK8GBSWDEF * * * fixup From c2cb8e33211348c36b1ce18bb62e6465fa46d3ae Mon Sep 17 00:00:00 2001

Bug 1373672 - Part 3: Expose childOffset from nsIDocShell to use in nsSessionStoreUtils, r=ttaubert, r=smaug The reasoning behind this is that with this change, removing a non-dynamic docshell from the document dynamically shouldn't affect the indexes which we use for both recording and restoring data in child docshells. MozReview-Commit-ID: JIK8GBSWDEF

Bug 1380529 - Only permit "ES256" as pubkey type for WebAuthn (3/3) r=ttaubert Web Authentication uses JWK algorithm names (ES256) instead of WebCrypto names (such as P-256). There are other JWK algorithm names, but our current U2F-backed implementation only can support ES256 anyway, as that's all that FIDO U2F devices understand. This patch limits us to the name ES256 for the "alg" parameter. MozReview-Commit-ID: 3V5DMzVzPad

Bug 1380529 - Use CBOR for the Create Credential WebAuthn call (2/3) r=ttaubert The WebAuthn Create Credential method should encode its results using CBOR; this patch changes to that format. The CBOR formats for the U2F data are specified in [1][2] The attestation data format is in [3] The high-level layout is in [4] [1] https://w3c.github.io/webauthn/#generating-an-attestation-object [2] https://w3c.github.io/webauthn/#fido-u2f-attestation [3] https://w3c.github.io/webauthn/#sec-attestation-data [4] https://w3c.github.io/webauthn/#sctn-attestation MozReview-Commit-ID: BYoFCJSxlLt

Bug 1380529 - Add a CBOR library for WebAuthn (1/3) r=ttaubert Web Authentication's WD-05 specification moves to using (CBOR) Concise Binary Object Representation to transmit the binary data... most of it. This lands a subset of the Apache 2-licensed "CBOR C++" serialization library [1] into webauthn's path. It does not add any code to use this library; see patch 2/3. [1] https://github.com/naphaso/cbor-cpp/ MozReview-Commit-ID: Ktj9TgdqElk

bug 1375709 - avoid deadlock when shutting down NSS r=Cykesiopka,ttaubert The deadlock fix attempted in bug 1273475 was incomplete. This should prevent the issue by preventing nsNSSShutDownPreventionLocks from attempting to increment the NSS activity state count when shutdown is in progress (this is acceptible because when code that creates any nsNSSShutDownPreventionLocks then checks isAlreadyShutDown(), it will return true because sInShutdown is true, thus preventing that code from unsafely using NSS resources and functions). MozReview-Commit-ID: 4o5DGbU2TCq

bug 1344478 - isAlreadyShutDown should return true for nsNSSShutDownObjects created after NSS shut down r=Cykesiopka,ttaubert MozReview-Commit-ID: 5bUTLz6mGKC In general, it is possible to create a new nsNSSShutDownObject after nsNSSShutDownList::shutdown() had been called. Before this patch, at that point, isAlreadyShutDown() would incorrectly return false, which could lead to code calling NSS functions, which would probably lead to a crash (because NSS could be uninitialized at that point). This change merges nsNSSShutDownList::shutdown() with evaporateAllNSSResources() into evaporateAllNSSResourcesAndShutDown() for simplicity and makes it so isAlreadyShutDown() returns true if called after that point.

Bug 1344595 - Protect against nsIPrincipal.origin throwing for about:blank iframes; r=ttaubert

Bug 1329238 - Make public CryptoKey.h methods return UniqueX NSS types instead of raw pointers. r=ttaubert The std::unique_ptr based UniqueX types provide better safety over managing raw pointers. MozReview-Commit-ID: EwwOfs6RHqy

Bug 1325104 - Stop using Scoped.h NSS types in CryptoKey.(cpp|h). r=ttaubert Scoped.h is deprecated. MozReview-Commit-ID: HVfrjM2haQf