Bug 1275479 - Create nsIU2FToken base interface (Part 2). r=keeler
authorJ.C. Jones <jjones@mozilla.com>
Fri, 27 May 2016 13:44:20 -0700
changeset 340980 52bd4c6b7f7c33ae50c6a4b5c7b75c998cd620b9
parent 340979 b7d82acfe62e5cd86b5bbc4111b08e1b5e0d0a6d
child 340981 30e0d233fb29b0ff0d56d9d1704b5b136f16941e
push id1183
push userraliiev@mozilla.com
push dateMon, 05 Sep 2016 20:01:49 +0000
treeherdermozilla-release@3148731bed45 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskeeler
bugs1275479
milestone49.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1275479 - Create nsIU2FToken base interface (Part 2). r=keeler Create a base "nsIU2FToken" interface that all tokens must implement. This patch does not change U2F.cpp from initializing tokens monolithically, but if/when future tokens are added, the implementer may want to do that. MozReview-Commit-ID: GQuu6NolF4D
dom/u2f/NSSU2FTokenRemote.cpp
dom/u2f/NSSU2FTokenRemote.h
dom/u2f/U2F.cpp
dom/u2f/U2F.h
security/manager/ssl/moz.build
security/manager/ssl/nsINSSU2FToken.idl
security/manager/ssl/nsIU2FToken.idl
security/manager/ssl/nsNSSU2FToken.cpp
security/manager/ssl/nsNSSU2FToken.h
--- a/dom/u2f/NSSU2FTokenRemote.cpp
+++ b/dom/u2f/NSSU2FTokenRemote.cpp
@@ -5,33 +5,27 @@
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "mozilla/dom/ContentChild.h"
 
 #include "NSSU2FTokenRemote.h"
 
 using mozilla::dom::ContentChild;
 
-NS_IMPL_ISUPPORTS(NSSU2FTokenRemote, nsINSSU2FToken)
+NS_IMPL_ISUPPORTS(NSSU2FTokenRemote, nsIU2FToken)
 
 static mozilla::LazyLogModule gWebauthLog("webauth_u2f");
 
 NSSU2FTokenRemote::NSSU2FTokenRemote()
 {}
 
 NSSU2FTokenRemote::~NSSU2FTokenRemote()
 {}
 
 NS_IMETHODIMP
-NSSU2FTokenRemote::Init()
-{
-  return NS_OK;
-}
-
-NS_IMETHODIMP
 NSSU2FTokenRemote::IsCompatibleVersion(const nsAString& aVersionString,
                                        bool* aIsCompatible)
 {
   NS_ENSURE_ARG_POINTER(aIsCompatible);
 
   ContentChild* cc = ContentChild::GetSingleton();
   MOZ_ASSERT(cc);
   if (!cc->SendNSSU2FTokenIsCompatibleVersion(
--- a/dom/u2f/NSSU2FTokenRemote.h
+++ b/dom/u2f/NSSU2FTokenRemote.h
@@ -2,23 +2,23 @@
 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef NSSU2FTokenRemote_h
 #define NSSU2FTokenRemote_h
 
-#include "nsINSSU2FToken.h"
+#include "nsIU2FToken.h"
 
-class NSSU2FTokenRemote : public nsINSSU2FToken
+class NSSU2FTokenRemote : public nsIU2FToken
 {
 public:
   NS_DECL_ISUPPORTS
-  NS_DECL_NSINSSU2FTOKEN
+  NS_DECL_NSIU2FTOKEN
 
   NSSU2FTokenRemote();
 
 private:
   virtual ~NSSU2FTokenRemote();
 };
 
 #endif // NSSU2FTokenRemote_h
--- a/dom/u2f/U2F.cpp
+++ b/dom/u2f/U2F.cpp
@@ -7,16 +7,17 @@
 #include "hasht.h"
 #include "mozilla/dom/ContentChild.h"
 #include "mozilla/dom/CryptoBuffer.h"
 #include "mozilla/dom/NSSU2FTokenRemote.h"
 #include "mozilla/dom/U2F.h"
 #include "mozilla/dom/U2FBinding.h"
 #include "mozilla/Preferences.h"
 #include "nsContentUtils.h"
+#include "nsINSSU2FToken.h"
 #include "nsNetCID.h"
 #include "nsNSSComponent.h"
 #include "nsURLParsers.h"
 #include "pk11pub.h"
 
 using mozilla::dom::ContentChild;
 
 namespace mozilla {
@@ -585,16 +586,19 @@ U2F::Init(nsPIDOMWindowInner* aParent, E
   }
 
   if (!EnsureNSSInitializedChromeOrContent()) {
     MOZ_LOG(gWebauthLog, LogLevel::Debug, ("Failed to get NSS context for U2F"));
     aRv.Throw(NS_ERROR_FAILURE);
     return;
   }
 
+  // Monolithically insert compatible nsIU2FToken objects into mAuthenticators.
+  // In future functionality expansions, this is where we could add a dynamic
+  // add/remove interface.
   if (Preferences::GetBool(PREF_U2F_SOFTTOKEN_ENABLED)) {
     if (!XRE_IsParentProcess()) {
       MOZ_LOG(gWebauthLog, LogLevel::Debug,
         ("Is e10s Process, getting remote U2F soft token"));
 
       if (!mAuthenticators.AppendElement(new NSSU2FTokenRemote(),
                                          mozilla::fallible)) {
         aRv.Throw(NS_ERROR_OUT_OF_MEMORY);
--- a/dom/u2f/U2F.h
+++ b/dom/u2f/U2F.h
@@ -8,17 +8,17 @@
 #define mozilla_dom_U2F_h
 
 #include "js/TypeDecls.h"
 #include "mozilla/Attributes.h"
 #include "mozilla/dom/BindingDeclarations.h"
 #include "mozilla/dom/Nullable.h"
 #include "mozilla/ErrorResult.h"
 #include "nsCycleCollectionParticipant.h"
-#include "nsINSSU2FToken.h"
+#include "nsIU2FToken.h"
 #include "nsNSSShutDown.h"
 #include "nsPIDOMWindow.h"
 #include "nsWrapperCache.h"
 
 #include "USBToken.h"
 
 namespace mozilla {
 namespace dom {
@@ -35,17 +35,17 @@ enum class ErrorCode {
   OK = 0,
   OTHER_ERROR = 1,
   BAD_REQUEST = 2,
   CONFIGURATION_UNSUPPORTED = 3,
   DEVICE_INELIGIBLE = 4,
   TIMEOUT = 5
 };
 
-typedef nsCOMPtr<nsINSSU2FToken> Authenticator;
+typedef nsCOMPtr<nsIU2FToken> Authenticator;
 
 class U2FTask : public Runnable
 {
 public:
   U2FTask(const nsAString& aOrigin,
           const nsAString& aAppId);
 
   nsString mOrigin;
--- a/security/manager/ssl/moz.build
+++ b/security/manager/ssl/moz.build
@@ -33,16 +33,17 @@ XPIDL_SOURCES += [
     'nsIPKCS11Slot.idl',
     'nsIProtectedAuthThread.idl',
     'nsISecurityUITelemetry.idl',
     'nsISiteSecurityService.idl',
     'nsISSLStatus.idl',
     'nsISSLStatusProvider.idl',
     'nsITokenDialogs.idl',
     'nsITokenPasswordDialogs.idl',
+    'nsIU2FToken.idl',
     'nsIUserCertPicker.idl',
     'nsIWeakCryptoOverride.idl',
     'nsIX509Cert.idl',
     'nsIX509CertDB.idl',
     'nsIX509CertList.idl',
     'nsIX509CertValidity.idl',
 ]
 
--- a/security/manager/ssl/nsINSSU2FToken.idl
+++ b/security/manager/ssl/nsINSSU2FToken.idl
@@ -1,75 +1,21 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
-#include "nsISupports.idl"
+#include "nsIU2FToken.idl"
 
-interface nsIArray;
 /**
  * Interface used to interact with the NSS-backed software U2F Token
  */
 [scriptable, uuid(d9104a00-140b-4f86-a4b0-4998878ef4e6 )]
-interface nsINSSU2FToken : nsISupports {
+interface nsINSSU2FToken : nsIU2FToken {
   /**
    * Initializes the token and constructs and persists keys, if needed. Asserts
    * that it is only called by the main thread.
    */
   void init();
-
-  /**
-   * Is this token compatible with the provided version?
-   *
-   * @param version The offered version to test
-   * @return True if the offered version is compatible
-   */
-  void isCompatibleVersion(in AString version, [retval] out boolean result);
-
-  /**
-   * Return whether the provided KeyHandle belongs to this Token
-   *
-   * @param keyHandle Key Handle to evaluate.
-   * @return True if the Key Handle is ours.
-   */
-  void isRegistered([array, size_is(keyHandleLen)] in octet keyHandle,
-                    in uint32_t keyHandleLen,
-                    [retval] out boolean result);
-
-  /**
-   * Generates a public/private keypair for the provided application
-   * and challenge, returning the pubkey, challenge response, and
-   * key handle in the registration data.
-   *
-   * @param application The FIDO Application data to associate with the key.
-   * @param challenge The Challenge to satisfy in the response.
-   * @param registration An array containing the pubkey, challenge response,
-   *                     and key handle.
-   */
-  void register([array, size_is(applicationLen)] in octet application,
-                in uint32_t applicationLen,
-                [array, size_is(challengeLen)] in octet challenge,
-                in uint32_t challengeLen,
-                [array, size_is(registrationLen)] out octet registration,
-                out uint32_t registrationLen);
-
-  /**
-   * Creates a signature over the "param" arguments using the private key
-   * provided in the key handle argument.
-   *
-   * @param application The FIDO Application data to associate with the key.
-   * @param challenge The Challenge to satisfy in the response.
-   * @param keyHandle The Key Handle opaque object to use.
-   * @param signature The resulting signature.
-   */
-  void sign([array, size_is(applicationLen)] in octet application,
-            in uint32_t applicationLen,
-            [array, size_is(challengeLen)] in octet challenge,
-            in uint32_t challengeLen,
-            [array, size_is(keyHandleLen)] in octet keyHandle,
-            in uint32_t keyHandleLen,
-            [array, size_is(signatureLen)] out octet signature,
-            out uint32_t signatureLen);
 };
 
 %{C++
 #define NS_NSSU2FTOKEN_CONTRACTID  "@mozilla.org/dom/u2f/nss-u2f-token;1"
 %}
new file mode 100644
--- /dev/null
+++ b/security/manager/ssl/nsIU2FToken.idl
@@ -0,0 +1,66 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nsISupports.idl"
+
+interface nsIArray;
+
+/**
+ * Interface used to interact with U2F Token devices
+ */
+[scriptable, uuid(5778242f-1f42-47a2-b514-fa1adde2d904)]
+interface nsIU2FToken : nsISupports {
+  /**
+   * Is this token compatible with the provided version?
+   *
+   * @param version The offered version to test
+   * @return True if the offered version is compatible
+   */
+  void isCompatibleVersion(in AString version, [retval] out boolean result);
+
+  /**
+   * Return whether the provided KeyHandle belongs to this Token
+   *
+   * @param keyHandle Key Handle to evaluate.
+   * @return True if the Key Handle is ours.
+   */
+  void isRegistered([array, size_is(keyHandleLen)] in octet keyHandle,
+                    in uint32_t keyHandleLen,
+                    [retval] out boolean result);
+
+  /**
+   * Generates a public/private keypair for the provided application
+   * and challenge, returning the pubkey, challenge response, and
+   * key handle in the registration data.
+   *
+   * @param application The FIDO Application data to associate with the key.
+   * @param challenge The Challenge to satisfy in the response.
+   * @param registration An array containing the pubkey, challenge response,
+   *                     and key handle.
+   */
+  void register([array, size_is(applicationLen)] in octet application,
+                in uint32_t applicationLen,
+                [array, size_is(challengeLen)] in octet challenge,
+                in uint32_t challengeLen,
+                [array, size_is(registrationLen)] out octet registration,
+                out uint32_t registrationLen);
+
+  /**
+   * Creates a signature over the "param" arguments using the private key
+   * provided in the key handle argument.
+   *
+   * @param application The FIDO Application data to associate with the key.
+   * @param challenge The Challenge to satisfy in the response.
+   * @param keyHandle The Key Handle opaque object to use.
+   * @param signature The resulting signature.
+   */
+  void sign([array, size_is(applicationLen)] in octet application,
+            in uint32_t applicationLen,
+            [array, size_is(challengeLen)] in octet challenge,
+            in uint32_t challengeLen,
+            [array, size_is(keyHandleLen)] in octet keyHandle,
+            in uint32_t keyHandleLen,
+            [array, size_is(signatureLen)] out octet signature,
+            out uint32_t signatureLen);
+};
--- a/security/manager/ssl/nsNSSU2FToken.cpp
+++ b/security/manager/ssl/nsNSSU2FToken.cpp
@@ -12,17 +12,17 @@
 #include "pk11pub.h"
 #include "prerror.h"
 #include "secerr.h"
 #include "WebCryptoCommon.h"
 
 using namespace mozilla;
 using mozilla::dom::CreateECParamsForCurve;
 
-NS_IMPL_ISUPPORTS(nsNSSU2FToken, nsINSSU2FToken)
+NS_IMPL_ISUPPORTS(nsNSSU2FToken, nsIU2FToken, nsINSSU2FToken)
 
 // Not named "security.webauth.u2f_softtoken_counter" because setting that
 // name causes the window.u2f object to disappear until preferences get
 // reloaded, as its' pref is a substring!
 #define PREF_U2F_NSSTOKEN_COUNTER "security.webauth.softtoken_counter"
 
 const nsCString nsNSSU2FToken::mSecretNickname =
   NS_LITERAL_CSTRING("U2F_NSSTOKEN");
--- a/security/manager/ssl/nsNSSU2FToken.h
+++ b/security/manager/ssl/nsNSSU2FToken.h
@@ -15,16 +15,17 @@
 #define NS_NSSU2FTOKEN_CID \
   {0x79f95a6c, 0xd0f7, 0x4d7d, {0xae, 0xaa, 0xcd, 0x0a, 0x04, 0xb6, 0x50, 0x89}}
 
 class nsNSSU2FToken : public nsINSSU2FToken,
                       public nsNSSShutDownObject
 {
 public:
   NS_DECL_ISUPPORTS
+  NS_DECL_NSIU2FTOKEN
   NS_DECL_NSINSSU2FTOKEN
 
   nsNSSU2FToken();
 
   // For nsNSSShutDownObject
   virtual void virtualDestroyNSSReference() override;
   void destructorSafeDestroyNSSReference();