| author | David Keeler <dkeeler@mozilla.com> |
| Tue, 16 May 2017 17:07:01 -0700 | |
| changeset 398496 | 675f396003827bd1075128c6620dd38386a2b64f |
| parent 398495 | ec9d6a6c30ee4f72a279725b882609e18e637100 |
| child 398497 | 5d05100ea93645c57fcdb196c323afe159151135 |
| push id | unknown |
| push user | unknown |
| push date | unknown |
| reviewers | jcj, qdot |
| bugs | 1332681 |
| milestone | 55.0a1 |
| first release with | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
| last release without | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
new file mode 100644 --- /dev/null +++ b/dom/credentialmanagement/Credential.cpp @@ -0,0 +1,50 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim:set ts=2 sw=2 sts=2 et cindent: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "mozilla/dom/Credential.h" +#include "mozilla/dom/CredentialManagementBinding.h" +#include "nsCycleCollectionParticipant.h" + +namespace mozilla { +namespace dom { + +NS_IMPL_CYCLE_COLLECTION_WRAPPERCACHE(Credential, mParent) + +NS_IMPL_CYCLE_COLLECTING_ADDREF(Credential) +NS_IMPL_CYCLE_COLLECTING_RELEASE(Credential) + +NS_INTERFACE_MAP_BEGIN_CYCLE_COLLECTION(Credential) + NS_WRAPPERCACHE_INTERFACE_MAP_ENTRY + NS_INTERFACE_MAP_ENTRY(nsISupports) +NS_INTERFACE_MAP_END + +Credential::Credential(nsPIDOMWindowInner* aParent) + : mParent(aParent) +{} + +Credential::~Credential() +{} + +JSObject* +Credential::WrapObject(JSContext* aCx, JS::Handle<JSObject*> aGivenProto) +{ + return CredentialBinding::Wrap(aCx, this, aGivenProto); +} + +void +Credential::GetId(nsAString& aId) const +{ + aId.Assign(mId); +} + +void +Credential::GetType(nsAString& aType) const +{ + aType.Assign(mType); +} + +} // namespace dom +} // namespace mozilla
new file mode 100644 --- /dev/null +++ b/dom/credentialmanagement/Credential.h @@ -0,0 +1,56 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim:set ts=2 sw=2 sts=2 et cindent: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef mozilla_dom_Credential_h +#define mozilla_dom_Credential_h + +#include "mozilla/dom/CredentialManagementBinding.h" +#include "nsCycleCollectionParticipant.h" +#include "nsPIDOMWindow.h" +#include "nsWrapperCache.h" + +namespace mozilla { +namespace dom { + +class Credential : public nsISupports + , public nsWrapperCache +{ +public: + NS_DECL_CYCLE_COLLECTING_ISUPPORTS + NS_DECL_CYCLE_COLLECTION_SCRIPT_HOLDER_CLASS(Credential) + +public: + explicit Credential(nsPIDOMWindowInner* aParent); + +protected: + virtual ~Credential(); + +public: + nsISupports* + GetParentObject() const + { + return mParent; + } + + JSObject* + WrapObject(JSContext* aCx, JS::Handle<JSObject*> aGivenProto) override; + + void + GetId(nsAString& aId) const; + + void + GetType(nsAString& aType) const; + +private: + nsCOMPtr<nsPIDOMWindowInner> mParent; + nsAutoString mId; + nsAutoString mType; +}; + +} // namespace dom +} // namespace mozilla + +#endif // mozilla_dom_Credential_h
new file mode 100644 --- /dev/null +++ b/dom/credentialmanagement/moz.build @@ -0,0 +1,18 @@ +# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +with Files("**"): + BUG_COMPONENT = ("Core", "DOM: Device Interfaces") + +EXPORTS.mozilla.dom += [ + 'Credential.h', +] + +UNIFIED_SOURCES += [ + 'Credential.cpp', +] + +FINAL_LIBRARY = 'xul'
--- a/dom/moz.build +++ b/dom/moz.build @@ -45,16 +45,17 @@ DIRS += [ 'animation', 'base', 'bindings', 'battery', 'browser-element', 'cache', 'canvas', 'commandhandler', + 'credentialmanagement', 'crypto', 'encoding', 'events', 'fetch', 'file', 'filehandle', 'filesystem', 'flyweb',
new file mode 100644 --- /dev/null +++ b/dom/webauthn/AuthenticatorAttestationResponse.cpp @@ -0,0 +1,50 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim:set ts=2 sw=2 sts=2 et cindent: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "mozilla/dom/WebAuthenticationBinding.h" +#include "mozilla/dom/AuthenticatorAttestationResponse.h" + +namespace mozilla { +namespace dom { + +NS_IMPL_ADDREF_INHERITED(AuthenticatorAttestationResponse, AuthenticatorResponse) +NS_IMPL_RELEASE_INHERITED(AuthenticatorAttestationResponse, AuthenticatorResponse) + +NS_INTERFACE_MAP_BEGIN_CYCLE_COLLECTION_INHERITED(AuthenticatorAttestationResponse) +NS_INTERFACE_MAP_END_INHERITING(AuthenticatorResponse) + +AuthenticatorAttestationResponse::AuthenticatorAttestationResponse(nsPIDOMWindowInner* aParent) + : AuthenticatorResponse(aParent) +{} + +AuthenticatorAttestationResponse::~AuthenticatorAttestationResponse() +{} + +JSObject* +AuthenticatorAttestationResponse::WrapObject(JSContext* aCx, + JS::Handle<JSObject*> aGivenProto) +{ + return AuthenticatorAttestationResponseBinding::Wrap(aCx, this, aGivenProto); +} + +void +AuthenticatorAttestationResponse::GetAttestationObject(JSContext* aCx, + JS::MutableHandle<JSObject*> aRetVal) const +{ + aRetVal.set(mAttestationObject.ToUint8Array(aCx)); +} + +nsresult +AuthenticatorAttestationResponse::SetAttestationObject(CryptoBuffer& aBuffer) +{ + if (NS_WARN_IF(!mAttestationObject.Assign(aBuffer))) { + return NS_ERROR_OUT_OF_MEMORY; + } + return NS_OK; +} + +} // namespace dom +} // namespace mozilla
new file mode 100644 --- /dev/null +++ b/dom/webauthn/AuthenticatorAttestationResponse.h @@ -0,0 +1,49 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim:set ts=2 sw=2 sts=2 et cindent: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef mozilla_dom_AuthenticatorAttestationResponse_h +#define mozilla_dom_AuthenticatorAttestationResponse_h + +#include "js/TypeDecls.h" +#include "mozilla/Attributes.h" +#include "mozilla/ErrorResult.h" +#include "mozilla/dom/AuthenticatorResponse.h" +#include "mozilla/dom/BindingDeclarations.h" +#include "mozilla/dom/CryptoBuffer.h" +#include "nsCycleCollectionParticipant.h" +#include "nsWrapperCache.h" + +namespace mozilla { +namespace dom { + +class AuthenticatorAttestationResponse final : public AuthenticatorResponse +{ +public: + NS_DECL_ISUPPORTS_INHERITED + + explicit AuthenticatorAttestationResponse(nsPIDOMWindowInner* aParent); + +protected: + ~AuthenticatorAttestationResponse() override; + +public: + virtual JSObject* + WrapObject(JSContext* aCx, JS::Handle<JSObject*> aGivenProto) override; + + void + GetAttestationObject(JSContext* aCx, JS::MutableHandle<JSObject*> aRetVal) const; + + nsresult + SetAttestationObject(CryptoBuffer& aBuffer); + +private: + CryptoBuffer mAttestationObject; +}; + +} // namespace dom +} // namespace mozilla + +#endif // mozilla_dom_AuthenticatorAttestationResponse_h
rename from dom/webauthn/WebAuthnAttestation.cpp rename to dom/webauthn/AuthenticatorResponse.cpp --- a/dom/webauthn/WebAuthnAttestation.cpp +++ b/dom/webauthn/AuthenticatorResponse.cpp @@ -1,98 +1,53 @@ /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ /* vim:set ts=2 sw=2 sts=2 et cindent: */ /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "mozilla/dom/WebAuthenticationBinding.h" -#include "mozilla/dom/WebAuthnAttestation.h" +#include "mozilla/dom/AuthenticatorResponse.h" namespace mozilla { namespace dom { // Only needed for refcounted objects. -NS_IMPL_CYCLE_COLLECTION_WRAPPERCACHE(WebAuthnAttestation, mParent) -NS_IMPL_CYCLE_COLLECTING_ADDREF(WebAuthnAttestation) -NS_IMPL_CYCLE_COLLECTING_RELEASE(WebAuthnAttestation) -NS_INTERFACE_MAP_BEGIN_CYCLE_COLLECTION(WebAuthnAttestation) +NS_IMPL_CYCLE_COLLECTION_WRAPPERCACHE(AuthenticatorResponse, mParent) +NS_IMPL_CYCLE_COLLECTING_ADDREF(AuthenticatorResponse) +NS_IMPL_CYCLE_COLLECTING_RELEASE(AuthenticatorResponse) +NS_INTERFACE_MAP_BEGIN_CYCLE_COLLECTION(AuthenticatorResponse) NS_WRAPPERCACHE_INTERFACE_MAP_ENTRY NS_INTERFACE_MAP_ENTRY(nsISupports) NS_INTERFACE_MAP_END -WebAuthnAttestation::WebAuthnAttestation(nsPIDOMWindowInner* aParent) +AuthenticatorResponse::AuthenticatorResponse(nsPIDOMWindowInner* aParent) : mParent(aParent) {} -WebAuthnAttestation::~WebAuthnAttestation() +AuthenticatorResponse::~AuthenticatorResponse() {} JSObject* -WebAuthnAttestation::WrapObject(JSContext* aCx, - JS::Handle<JSObject*> aGivenProto) -{ - return WebAuthnAttestationBinding::Wrap(aCx, this, aGivenProto); -} - -void -WebAuthnAttestation::GetFormat(nsString& aRetVal) const +AuthenticatorResponse::WrapObject(JSContext* aCx, + JS::Handle<JSObject*> aGivenProto) { - aRetVal = mFormat; -} - -void -WebAuthnAttestation::GetClientData(JSContext* aCx, - JS::MutableHandle<JSObject*> aRetVal) const -{ - aRetVal.set(mClientData.ToUint8Array(aCx)); -} - -void -WebAuthnAttestation::GetAuthenticatorData(JSContext* aCx, - JS::MutableHandle<JSObject*> aRetVal) const -{ - aRetVal.set(mAuthenticatorData.ToUint8Array(aCx)); + return AuthenticatorResponseBinding::Wrap(aCx, this, aGivenProto); } void -WebAuthnAttestation::GetAttestation(JSContext* aCx, - JS::MutableHandle<JS::Value> aRetVal) const +AuthenticatorResponse::GetClientDataJSON(JSContext* aCx, + JS::MutableHandle<JSObject*> aRetVal) const { - aRetVal.setObject(*mAttestation.ToUint8Array(aCx)); -} - -nsresult -WebAuthnAttestation::SetFormat(nsString aFormat) -{ - mFormat = aFormat; - return NS_OK; + aRetVal.set(mClientDataJSON.ToUint8Array(aCx)); } nsresult -WebAuthnAttestation::SetClientData(CryptoBuffer& aBuffer) -{ - if (!mClientData.Assign(aBuffer)) { - return NS_ERROR_OUT_OF_MEMORY; - } - return NS_OK; -} - -nsresult -WebAuthnAttestation::SetAuthenticatorData(CryptoBuffer& aBuffer) +AuthenticatorResponse::SetClientDataJSON(CryptoBuffer& aBuffer) { - if (!mAuthenticatorData.Assign(aBuffer)) { - return NS_ERROR_OUT_OF_MEMORY; - } - return NS_OK; -} - -nsresult -WebAuthnAttestation::SetAttestation(CryptoBuffer& aBuffer) -{ - if (!mAttestation.Assign(aBuffer)) { + if (NS_WARN_IF(!mClientDataJSON.Assign(aBuffer))) { return NS_ERROR_OUT_OF_MEMORY; } return NS_OK; } } // namespace dom } // namespace mozilla
rename from dom/webauthn/WebAuthnAttestation.h rename to dom/webauthn/AuthenticatorResponse.h --- a/dom/webauthn/WebAuthnAttestation.h +++ b/dom/webauthn/AuthenticatorResponse.h @@ -1,79 +1,60 @@ /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ /* vim:set ts=2 sw=2 sts=2 et cindent: */ /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -#ifndef mozilla_dom_WebAuthnAttestation_h -#define mozilla_dom_WebAuthnAttestation_h +#ifndef mozilla_dom_AuthenticatorResponse_h +#define mozilla_dom_AuthenticatorResponse_h #include "js/TypeDecls.h" #include "mozilla/Attributes.h" #include "mozilla/ErrorResult.h" #include "mozilla/dom/BindingDeclarations.h" #include "mozilla/dom/CryptoBuffer.h" #include "nsCycleCollectionParticipant.h" #include "nsWrapperCache.h" namespace mozilla { namespace dom { -class WebAuthnAttestation final : public nsISupports - , public nsWrapperCache +class AuthenticatorResponse : public nsISupports + , public nsWrapperCache { public: NS_DECL_CYCLE_COLLECTING_ISUPPORTS - NS_DECL_CYCLE_COLLECTION_SCRIPT_HOLDER_CLASS(WebAuthnAttestation) + NS_DECL_CYCLE_COLLECTION_SCRIPT_HOLDER_CLASS(AuthenticatorResponse) -public: - explicit WebAuthnAttestation(nsPIDOMWindowInner* aParent); + explicit AuthenticatorResponse(nsPIDOMWindowInner* aParent); protected: - ~WebAuthnAttestation(); + virtual ~AuthenticatorResponse(); public: nsISupports* GetParentObject() const { return mParent; } virtual JSObject* WrapObject(JSContext* aCx, JS::Handle<JSObject*> aGivenProto) override; void GetFormat(nsString& aRetVal) const; void - GetClientData(JSContext* aCx, JS::MutableHandle<JSObject*> aRetVal) const; - - void - GetAuthenticatorData(JSContext* caCxx, JS::MutableHandle<JSObject*> aRetVal) const; - - void - GetAttestation(JSContext* aCx, JS::MutableHandle<JS::Value> aRetVal) const; + GetClientDataJSON(JSContext* aCx, JS::MutableHandle<JSObject*> aRetVal) const; nsresult - SetFormat(nsString aFormat); - - nsresult - SetClientData(CryptoBuffer& aBuffer); - - nsresult - SetAuthenticatorData(CryptoBuffer& aBuffer); - - nsresult - SetAttestation(CryptoBuffer& aBuffer); + SetClientDataJSON(CryptoBuffer& aBuffer); private: nsCOMPtr<nsPIDOMWindowInner> mParent; - nsString mFormat; - CryptoBuffer mClientData; - CryptoBuffer mAuthenticatorData; - CryptoBuffer mAttestation; + CryptoBuffer mClientDataJSON; }; } // namespace dom } // namespace mozilla -#endif // mozilla_dom_WebAuthnAttestation_h +#endif // mozilla_dom_AuthenticatorResponse_h
rename from dom/webauthn/ScopedCredentialInfo.cpp rename to dom/webauthn/PublicKeyCredential.cpp --- a/dom/webauthn/ScopedCredentialInfo.cpp +++ b/dom/webauthn/PublicKeyCredential.cpp @@ -1,63 +1,69 @@ /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ /* vim:set ts=2 sw=2 sts=2 et cindent: */ /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -#include "mozilla/dom/ScopedCredentialInfo.h" +#include "mozilla/dom/PublicKeyCredential.h" #include "mozilla/dom/WebAuthenticationBinding.h" +#include "nsCycleCollectionParticipant.h" namespace mozilla { namespace dom { -// Only needed for refcounted objects. -NS_IMPL_CYCLE_COLLECTION_WRAPPERCACHE(ScopedCredentialInfo, mParent) -NS_IMPL_CYCLE_COLLECTING_ADDREF(ScopedCredentialInfo) -NS_IMPL_CYCLE_COLLECTING_RELEASE(ScopedCredentialInfo) -NS_INTERFACE_MAP_BEGIN_CYCLE_COLLECTION(ScopedCredentialInfo) - NS_WRAPPERCACHE_INTERFACE_MAP_ENTRY - NS_INTERFACE_MAP_ENTRY(nsISupports) -NS_INTERFACE_MAP_END +NS_IMPL_CYCLE_COLLECTION_INHERITED(PublicKeyCredential, Credential, mResponse) + +NS_IMPL_ADDREF_INHERITED(PublicKeyCredential, Credential) +NS_IMPL_RELEASE_INHERITED(PublicKeyCredential, Credential) -ScopedCredentialInfo::ScopedCredentialInfo(nsPIDOMWindowInner* aParent) - : mParent(aParent) +NS_INTERFACE_MAP_BEGIN_CYCLE_COLLECTION_INHERITED(PublicKeyCredential) +NS_INTERFACE_MAP_END_INHERITING(Credential) + +NS_IMPL_CYCLE_COLLECTION_TRACE_BEGIN_INHERITED(PublicKeyCredential, Credential) +NS_IMPL_CYCLE_COLLECTION_TRACE_END + +PublicKeyCredential::PublicKeyCredential(nsPIDOMWindowInner* aParent) + : Credential(aParent) {} -ScopedCredentialInfo::~ScopedCredentialInfo() +PublicKeyCredential::~PublicKeyCredential() {} JSObject* -ScopedCredentialInfo::WrapObject(JSContext* aCx, - JS::Handle<JSObject*> aGivenProto) +PublicKeyCredential::WrapObject(JSContext* aCx, + JS::Handle<JSObject*> aGivenProto) { - return ScopedCredentialInfoBinding::Wrap(aCx, this, aGivenProto); + return PublicKeyCredentialBinding::Wrap(aCx, this, aGivenProto); } -already_AddRefed<ScopedCredential> -ScopedCredentialInfo::Credential() const +void +PublicKeyCredential::GetRawId(JSContext* aCx, + JS::MutableHandle<JSObject*> aRetVal) const { - RefPtr<ScopedCredential> temp(mCredential); + aRetVal.set(mRawId.ToUint8Array(aCx)); +} + +already_AddRefed<AuthenticatorResponse> +PublicKeyCredential::Response() const +{ + RefPtr<AuthenticatorResponse> temp(mResponse); return temp.forget(); } -already_AddRefed<WebAuthnAttestation> -ScopedCredentialInfo::Attestation() const +nsresult +PublicKeyCredential::SetRawId(CryptoBuffer& aBuffer) { - RefPtr<WebAuthnAttestation> temp(mAttestation); - return temp.forget(); + if (NS_WARN_IF(!mRawId.Assign(aBuffer))) { + return NS_ERROR_OUT_OF_MEMORY; + } + return NS_OK; } void -ScopedCredentialInfo::SetCredential(RefPtr<ScopedCredential> aCredential) +PublicKeyCredential::SetResponse(RefPtr<AuthenticatorResponse> aResponse) { - mCredential = aCredential; -} - -void -ScopedCredentialInfo::SetAttestation(RefPtr<WebAuthnAttestation> aAttestation) -{ - mAttestation = aAttestation; + mResponse = aResponse; } } // namespace dom } // namespace mozilla
rename from dom/webauthn/ScopedCredentialInfo.h rename to dom/webauthn/PublicKeyCredential.h --- a/dom/webauthn/ScopedCredentialInfo.h +++ b/dom/webauthn/PublicKeyCredential.h @@ -1,74 +1,59 @@ /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ /* vim:set ts=2 sw=2 sts=2 et cindent: */ /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -#ifndef mozilla_dom_ScopedCredentialInfo_h -#define mozilla_dom_ScopedCredentialInfo_h +#ifndef mozilla_dom_PublicKeyCredential_h +#define mozilla_dom_PublicKeyCredential_h #include "js/TypeDecls.h" #include "mozilla/Attributes.h" #include "mozilla/dom/BindingDeclarations.h" +#include "mozilla/dom/Credential.h" #include "mozilla/ErrorResult.h" #include "nsCycleCollectionParticipant.h" #include "nsWrapperCache.h" namespace mozilla { namespace dom { -class CryptoKey; -class ScopedCredential; -class WebAuthnAttestation; - -} // namespace dom -} // namespace mozilla - -namespace mozilla { -namespace dom { - -class ScopedCredentialInfo final : public nsISupports - , public nsWrapperCache +class PublicKeyCredential final : public Credential { public: - NS_DECL_CYCLE_COLLECTING_ISUPPORTS - NS_DECL_CYCLE_COLLECTION_SCRIPT_HOLDER_CLASS(ScopedCredentialInfo) + NS_DECL_ISUPPORTS_INHERITED + NS_DECL_CYCLE_COLLECTION_SCRIPT_HOLDER_CLASS_INHERITED(PublicKeyCredential, + Credential) -public: - explicit ScopedCredentialInfo(nsPIDOMWindowInner* aParent); + explicit PublicKeyCredential(nsPIDOMWindowInner* aParent); protected: - ~ScopedCredentialInfo(); + ~PublicKeyCredential() override; public: - nsISupports* - GetParentObject() const - { - return mParent; - } - virtual JSObject* WrapObject(JSContext* aCx, JS::Handle<JSObject*> aGivenProto) override; - already_AddRefed<ScopedCredential> - Credential() const; + void + GetRawId(JSContext* cx, JS::MutableHandle<JSObject*> aRetVal) const; - already_AddRefed<WebAuthnAttestation> - Attestation() const; + already_AddRefed<AuthenticatorResponse> + Response() const; + + nsresult + SetRawId(CryptoBuffer& aBuffer); void - SetCredential(RefPtr<ScopedCredential>); - - void - SetAttestation(RefPtr<WebAuthnAttestation>); + SetResponse(RefPtr<AuthenticatorResponse>); private: - nsCOMPtr<nsPIDOMWindowInner> mParent; - RefPtr<WebAuthnAttestation> mAttestation; - RefPtr<ScopedCredential> mCredential; + CryptoBuffer mRawId; + RefPtr<AuthenticatorResponse> mResponse; + // Extensions are not supported yet. + // <some type> mClientExtensionResults; }; } // namespace dom } // namespace mozilla -#endif // mozilla_dom_ScopedCredentialInfo_h +#endif // mozilla_dom_PublicKeyCredential_h
--- a/dom/webauthn/WebAuthnManager.cpp +++ b/dom/webauthn/WebAuthnManager.cpp @@ -3,16 +3,17 @@ /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this file, * You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "hasht.h" #include "nsNetCID.h" #include "nsICryptoHash.h" #include "mozilla/ClearOnShutdown.h" +#include "mozilla/dom/AuthenticatorAttestationResponse.h" #include "mozilla/dom/Promise.h" #include "mozilla/dom/WebAuthnManager.h" #include "mozilla/dom/WebAuthnUtil.h" #include "mozilla/dom/PWebAuthnTransaction.h" #include "mozilla/dom/WebAuthnTransactionChild.h" #include "mozilla/dom/WebCryptoCommon.h" #include "mozilla/ipc/PBackgroundChild.h" #include "mozilla/ipc/BackgroundChild.h" @@ -669,35 +670,29 @@ WebAuthnManager::FinishMakeCredential(ns CryptoBuffer authenticatorDataBuf; rv = U2FAssembleAuthenticatorData(authenticatorDataBuf, rpIdHashBuf, signatureData); if (NS_WARN_IF(NS_FAILED(rv))) { Cancel(NS_ERROR_OUT_OF_MEMORY); return; } - // Create a new ScopedCredentialInfo object named value and populate its - // fields with the values returned from the authenticator as well as the - // clientDataJSON computed earlier. - - RefPtr<ScopedCredential> credential = new ScopedCredential(mCurrentParent); - credential->SetType(ScopedCredentialType::ScopedCred); - credential->SetId(keyHandleBuf); + // Create a new PublicKeyCredential object and populate its fields with the + // values returned from the authenticator as well as the clientDataJSON + // computed earlier. + RefPtr<AuthenticatorAttestationResponse> attestation = + new AuthenticatorAttestationResponse(mCurrentParent); + attestation->SetClientDataJSON(clientDataBuf); + attestation->SetAttestationObject(regData); - RefPtr<WebAuthnAttestation> attestation = new WebAuthnAttestation(mCurrentParent); - attestation->SetFormat(NS_LITERAL_STRING("u2f")); - attestation->SetClientData(clientDataBuf); - attestation->SetAuthenticatorData(authenticatorDataBuf); - attestation->SetAttestation(regData); + RefPtr<PublicKeyCredential> credential = new PublicKeyCredential(mCurrentParent); + credential->SetRawId(keyHandleBuf); + credential->SetResponse(attestation); - RefPtr<ScopedCredentialInfo> info = new ScopedCredentialInfo(mCurrentParent); - info->SetCredential(credential); - info->SetAttestation(attestation); - - mTransactionPromise->MaybeResolve(info); + mTransactionPromise->MaybeResolve(credential); MaybeClearTransaction(); } void WebAuthnManager::FinishGetAssertion(nsTArray<uint8_t>& aCredentialId, nsTArray<uint8_t>& aSigBuffer) { MOZ_ASSERT(mTransactionPromise);
--- a/dom/webauthn/moz.build +++ b/dom/webauthn/moz.build @@ -7,41 +7,43 @@ with Files("**"): BUG_COMPONENT = ("Core", "DOM: Device Interfaces") IPDL_SOURCES += [ 'PWebAuthnTransaction.ipdl' ] EXPORTS.mozilla.dom += [ + 'AuthenticatorAttestationResponse.h', + 'AuthenticatorResponse.h', 'NSSU2FTokenRemote.h', + 'PublicKeyCredential.h', 'ScopedCredential.h', - 'ScopedCredentialInfo.h', 'U2FSoftTokenManager.h', 'U2FTokenManager.h', 'U2FTokenTransport.h', 'WebAuthentication.h', 'WebAuthnAssertion.h', - 'WebAuthnAttestation.h', 'WebAuthnManager.h', 'WebAuthnRequest.h', 'WebAuthnTransactionChild.h', 'WebAuthnTransactionParent.h', 'WebAuthnUtil.h' ] UNIFIED_SOURCES += [ + 'AuthenticatorAttestationResponse.cpp', + 'AuthenticatorResponse.cpp', 'NSSU2FTokenRemote.cpp', + 'PublicKeyCredential.cpp', 'ScopedCredential.cpp', - 'ScopedCredentialInfo.cpp', 'U2FSoftTokenManager.cpp', 'U2FTokenManager.cpp', 'WebAuthentication.cpp', 'WebAuthnAssertion.cpp', - 'WebAuthnAttestation.cpp', 'WebAuthnManager.cpp', 'WebAuthnTransactionChild.cpp', 'WebAuthnTransactionParent.cpp', 'WebAuthnUtil.cpp' ] include('/ipc/chromium/chromium-config.mozbuild')
--- a/dom/webauthn/tests/test_webauthn_loopback.html +++ b/dom/webauthn/tests/test_webauthn_loopback.html @@ -34,38 +34,33 @@ function() { let gCredentialChallenge = new Uint8Array(16); window.crypto.getRandomValues(gCredentialChallenge); let gAssertionChallenge = new Uint8Array(16); window.crypto.getRandomValues(gAssertionChallenge); testMakeCredential(); function checkCredentialValid(aCredInfo) { - /* ScopedCredentialInfo - - Credential - -- ID: Key Handle buffer pulled from U2F Register() Response - -- Type: "ScopedCred" - - WebAuthnAttestation - -- Format: "u2f" - -- ClientData: serialized JSON - -- AuthenticatorData: RP ID Hash || U2F Sign() Response - -- Attestation: U2F Register() Response */ + /* PublicKeyCredential : Credential + - rawId: Key Handle buffer pulled from U2F Register() Response + - response : AuthenticatorAttestationResponse : AuthenticatorResponse + - attestationObject: RP ID Hash || U2F Sign() Response + - clientDataJSON: serialized JSON + - clientExtensionResults: (not yet supported) + */ - is(aCredInfo.credential.type, "ScopedCred", "Type is correct"); - ok(aCredInfo.credential.id.length > 0, "Key ID exists"); + ok(aCredInfo.rawId.length > 0, "Key ID exists"); - is(aCredInfo.attestation.format, "u2f", "Format is correct"); - is(aCredInfo.attestation.attestation[0], 0x05, "Reserved byte is correct"); - ok(aCredInfo.attestation.authenticatorData.length > 0, "Authenticator data exists"); - let clientData = JSON.parse(buffer2string(aCredInfo.attestation.clientData)); + is(aCredInfo.response.attestationObject[0], 0x05, "Reserved byte is correct"); + let clientData = JSON.parse(buffer2string(aCredInfo.response.clientDataJSON)); is(clientData.challenge, bytesToBase64UrlSafe(gCredentialChallenge), "Challenge is correct"); is(clientData.origin, window.location.origin, "Origin is correct"); is(clientData.hashAlg, "S256", "Hash algorithm is correct"); - return decodeU2FRegistration(aCredInfo.attestation.attestation) + return decodeU2FRegistration(aCredInfo.response.attestationObject) .then(function(u2fObj) { aCredInfo.u2fReg = u2fObj; return aCredInfo; }); } function checkAssertionAndSigValid(aPublicKey, aAssertion) { /* WebAuthnAssertion @@ -120,39 +115,41 @@ function() { SimpleTest.finish(); }); } function testMakeDuplicate(aCredInfo) { let acct = {rpDisplayName: "none", displayName: "none", id: "none"}; let param = {type: "ScopedCred", algorithm: "p-256"}; let options = {rpId: document.origin, - excludeList: [aCredInfo.credential]}; + excludeList: [{type: "ScopedCred", + id: Uint8Array.from(aCredInfo.rawId), + transports: ["usb"]}]}; authn.makeCredential(acct, [param], gCredentialChallenge, options) .then(function() { // We should have errored here! ok(false, "The excludeList didn't stop a duplicate being created!"); SimpleTest.finish(); }) .catch(function(aReason) { - ok(aReason.toString().startsWith("NotAllowedError"), "Expect NotAllowedError, got" + aReason); + ok(aReason.toString().startsWith("NotAllowedError"), "Expect NotAllowedError, got " + aReason); testAssertion(aCredInfo); }); } function testAssertion(aCredInfo) { let newCredential = { - type: aCredInfo.credential.type, - id: Uint8Array.from(aCredInfo.credential.id), - transports: [ "usb" ], + type: "ScopedCred", + id: Uint8Array.from(aCredInfo.rawId), + transports: ["usb"], } let assertOptions = {rpId: document.origin, timeoutSeconds: 5, - allowList: [ newCredential ]}; + allowList: [newCredential]}; authn.getAssertion(gAssertionChallenge, assertOptions) .then(function(aAssertion) { /* Pass along the pubKey. */ return checkAssertionAndSigValid(aCredInfo.u2fReg.publicKey, aAssertion); }) .then(function(aSigVerifyResult) { ok(aSigVerifyResult, "Signing signature verified"); SimpleTest.finish();
--- a/dom/webauthn/tests/test_webauthn_sameorigin.html +++ b/dom/webauthn/tests/test_webauthn_sameorigin.html @@ -35,23 +35,23 @@ } function expectSecurityError(aResult) { // TODO: Change to `ok` when Bug 1329764 lands todo(aResult.toString().startsWith("SecurityError"), "Expecting a SecurityError"); return Promise.resolve(); } - function keepThisScopedCredential(aScopedCredInfo) { + function keepThisPublicKeyCredential(aPublicKeyCredential) { gTrackedCredential = { - type: aScopedCredInfo.credential.type, - id: Uint8Array.from(aScopedCredInfo.credential.id), + type: "ScopedCred", + id: Uint8Array.from(aPublicKeyCredential.rawId), transports: [ "usb" ], } - return Promise.resolve(aScopedCredInfo); + return Promise.resolve(aPublicKeyCredential); } function runTests() { isnot(navigator.authentication, undefined, "WebAuthn API endpoint must exist"); isnot(navigator.authentication.makeCredential, undefined, "WebAuthn makeCredential API endpoint must exist"); isnot(navigator.authentication.getAssertion, undefined, "WebAuthn getAssertion API endpoint must exist"); @@ -63,17 +63,17 @@ let acct = {rpDisplayName: "none", displayName: "none", id: "none"}; let param = {type: "ScopedCred", algorithm: "p-256"}; var testFuncs = [ function() { // Test basic good call return authn.makeCredential(acct, [param], chall, {rpId: document.origin}) - .then(keepThisScopedCredential) + .then(keepThisPublicKeyCredential) .then(arrivingHereIsGood) .catch(arrivingHereIsBad); }, function() { // Test rpId being unset return authn.makeCredential(acct, [param], chall, {}) .then(arrivingHereIsGood)
new file mode 100644 --- /dev/null +++ b/dom/webidl/CredentialManagement.webidl @@ -0,0 +1,14 @@ +/* -*- Mode: IDL; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. + * + * The origin of this IDL file is + * https://www.w3.org/TR/credential-management-1/ + */ + +[Exposed=Window, SecureContext, Pref="security.webauth.webauthn"] +interface Credential { + readonly attribute USVString id; + readonly attribute DOMString type; +};
--- a/dom/webidl/WebAuthentication.webidl +++ b/dom/webidl/WebAuthentication.webidl @@ -5,19 +5,31 @@ * * The origin of this IDL file is * https://www.w3.org/TR/webauthn/ */ /***** Interfaces to Data *****/ [SecureContext, Pref="security.webauth.webauthn"] -interface ScopedCredentialInfo { - readonly attribute ScopedCredential credential; - readonly attribute WebAuthnAttestation attestation; +interface PublicKeyCredential : Credential { + readonly attribute ArrayBuffer rawId; + readonly attribute AuthenticatorResponse response; + // Extensions are not supported yet. + // readonly attribute AuthenticationExtensions clientExtensionResults; +}; + +[SecureContext, Pref="security.webauth.webauthn"] +interface AuthenticatorResponse { + readonly attribute ArrayBuffer clientDataJSON; +}; + +[SecureContext, Pref="security.webauth.webauthn"] +interface AuthenticatorAttestationResponse : AuthenticatorResponse { + readonly attribute ArrayBuffer attestationObject; }; dictionary Account { required DOMString rpDisplayName; required DOMString displayName; required DOMString id; DOMString name; DOMString imageURL; @@ -50,24 +62,16 @@ dictionary AssertionOptions { USVString rpId; sequence<ScopedCredentialDescriptor> allowList; WebAuthnExtensions extensions; }; dictionary WebAuthnExtensions { }; -[SecureContext, Pref="security.webauth.webauthn"] -interface WebAuthnAttestation { - readonly attribute USVString format; - readonly attribute ArrayBuffer clientData; - readonly attribute ArrayBuffer authenticatorData; - readonly attribute any attestation; -}; - // Renamed from "ClientData" to avoid a collision with U2F dictionary WebAuthnClientData { required DOMString challenge; required DOMString origin; required WebAuthnAlgorithmID hashAlg; // NOTE: changed from AllgorithmIdentifier because typedef (object or DOMString) not serializable DOMString tokenBinding; WebAuthnExtensions extensions; }; @@ -94,17 +98,17 @@ enum WebAuthnTransport { "nfc", "ble" }; /***** The Main API *****/ [SecureContext, Pref="security.webauth.webauthn"] interface WebAuthentication { - Promise<ScopedCredentialInfo> makeCredential ( + Promise<PublicKeyCredential> makeCredential ( Account accountInformation, sequence<ScopedCredentialParameters> cryptoParameters, BufferSource attestationChallenge, optional ScopedCredentialOptions options ); Promise<WebAuthnAssertion> getAssertion ( BufferSource assertionChallenge,
--- a/dom/webidl/moz.build +++ b/dom/webidl/moz.build @@ -439,16 +439,17 @@ WEBIDL_FILES = [ 'Comment.webidl', 'CompositionEvent.webidl', 'Console.webidl', 'ConstantSourceNode.webidl', 'ContainerBoxObject.webidl', 'ConvolverNode.webidl', 'Coordinates.webidl', 'CreateOfferRequest.webidl', + 'CredentialManagement.webidl', 'Crypto.webidl', 'CSPDictionaries.webidl', 'CSPReport.webidl', 'CSS.webidl', 'CSSAnimation.webidl', 'CSSConditionRule.webidl', 'CSSCounterStyleRule.webidl', 'CSSFontFaceRule.webidl',