Bug 1406456 - WebAuthn WebIDL Updates for WD-07 (part 1) r=keeler,qdot

This covers these renames:
* In PublicKeyCredentialParameters, algorithm => alg
* MakeCredentialOptions => MakePublicKeyCredentialOptions
* PublicKeyCredentialEntity => PublicKeyCredentialRpEntity
* Attachment => AuthenticatorAttachment

It sets a default excludeList and allowList for the make / get options.

It adds the method isPlatformAuthenticatorAvailable which is incomplete and
not callable, to be completed in Bug 1406468.

Adds type PublicKeyCredentialRpEntity.

Adds "userId" to AuthenticatorAssertionResponse.

Adds "id" as a buffer source to PublicKeyCredentialUserEntity and as a
DOMString to PublicKeyCredentialRpEntity, refactoring out the "id" field
from the parent PublicKeyCredentialEntity.

It also adds a simple enforcement per spec 4.4.3 "User Account Parameters for
Credential Generation" that the new user ID buffer, if set, be no more than
64 bytes long. I mostly added it here so I could adjust the tests all at once
in this commit.

MozReview-Commit-ID: IHUdGVoWocq

--HG--
extra : rebase_source : bc1793f74700b2785d2bf2099c0dba068f717a59

Author: jcjones

dom/webauthn/AuthenticatorAssertionResponse.cpp

@@ -92,5 +92,20 @@ AuthenticatorAssertionResponse::SetSignature(CryptoBuffer& aBuffer)
   return NS_OK;
 }
 
+void
+AuthenticatorAssertionResponse::GetUserId(DOMString& aRetVal)
+{
+  // This requires mUserId to not be re-set for the life of the caller's in-var.
+  aRetVal.SetOwnedString(mUserId);
+}
+
+nsresult
+AuthenticatorAssertionResponse::SetUserId(const nsAString& aUserId)
+{
+  MOZ_ASSERT(mUserId.IsEmpty(), "We already have a UserID?");
+  mUserId.Assign(aUserId);
+  return NS_OK;
+}
+
 } // namespace dom
 } // namespace mozilla

dom/webauthn/AuthenticatorAssertionResponse.h

@@ -47,11 +47,18 @@ class AuthenticatorAssertionResponse final : public AuthenticatorResponse
   nsresult
   SetSignature(CryptoBuffer& aBuffer);
 
+  void
+  GetUserId(DOMString& aRetVal);
+
+  nsresult
+  SetUserId(const nsAString& aUserId);
+
 private:
   CryptoBuffer mAuthenticatorData;
   JS::Heap<JSObject*> mAuthenticatorDataCachedObj;
   CryptoBuffer mSignature;
   JS::Heap<JSObject*> mSignatureCachedObj;
+  nsString mUserId;
 };
 
 } // namespace dom

dom/webauthn/PublicKeyCredential.cpp

@@ -4,6 +4,7 @@
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
+#include "mozilla/dom/Promise.h"
 #include "mozilla/dom/PublicKeyCredential.h"
 #include "mozilla/dom/WebAuthenticationBinding.h"
 #include "nsCycleCollectionParticipant.h"
@@ -82,5 +83,29 @@ PublicKeyCredential::SetResponse(RefPtr<AuthenticatorResponse> aResponse)
   mResponse = aResponse;
 }
 
+/* static */ already_AddRefed<Promise>
+PublicKeyCredential::IsPlatformAuthenticatorAvailable(GlobalObject& aGlobal)
+{
+  nsIGlobalObject* globalObject =
+    xpc::NativeGlobal(JS::CurrentGlobalOrNull(aGlobal.Context()));
+  if (NS_WARN_IF(!globalObject)) {
+    return nullptr;
+  }
+
+  ErrorResult rv;
+  RefPtr<Promise> promise = Promise::Create(globalObject, rv);
+  if(rv.Failed()) {
+    return nullptr;
+  }
+
+  // Complete in Bug 1406468. This shouldn't just always return true, it should
+  // follow the guidelines in
+  // https://w3c.github.io/webauthn/#isPlatformAuthenticatorAvailable
+  // such as ensuring that U2FTokenManager isn't in some way disabled.
+  promise->MaybeResolve(true);
+  return promise.forget();
+}
+
+
 } // namespace dom
 } // namespace mozilla

dom/webauthn/PublicKeyCredential.h

@@ -46,6 +46,9 @@ class PublicKeyCredential final : public Credential
   void
   SetResponse(RefPtr<AuthenticatorResponse>);
 
+  static already_AddRefed<Promise>
+  IsPlatformAuthenticatorAvailable(GlobalObject& aGlobal);
+
 private:
   CryptoBuffer mRawId;
   JS::Heap<JSObject*> mRawIdCachedObj;

dom/webauthn/WebAuthnManager.cpp

@@ -282,7 +282,7 @@ WebAuthnManager::Get()
 
 already_AddRefed<Promise>
 WebAuthnManager::MakeCredential(nsPIDOMWindowInner* aParent,
-                                const MakeCredentialOptions& aOptions)
+                                const MakePublicKeyCredentialOptions& aOptions)
 {
   MOZ_ASSERT(aParent);
 
@@ -304,6 +304,18 @@ WebAuthnManager::MakeCredential(nsPIDOMWindowInner* aParent,
     return promise.forget();
   }
 
+  // Enforce 4.4.3 User Account Parameters for Credential Generation
+  if (aOptions.mUser.mId.WasPassed()) {
+    // When we add UX, we'll want to do more with this value, but for now
+    // we just have to verify its correctness.
+    CryptoBuffer userId;
+    userId.Assign(aOptions.mUser.mId.Value());
+    if (userId.Length() > 64) {
+      promise->MaybeReject(NS_ERROR_DOM_TYPE_ERR);
+      return promise.forget();
+    }
+  }
+
   // If timeoutSeconds was specified, check if its value lies within a
   // reasonable range as defined by the platform and if not, correct it to the
   // closest value lying within that range.
@@ -371,7 +383,7 @@ WebAuthnManager::MakeCredential(nsPIDOMWindowInner* aParent,
     // element in cryptoParameters.
 
     nsString algName;
-    if (NS_FAILED(GetAlgorithmName(aOptions.mParameters[a].mAlgorithm,
+    if (NS_FAILED(GetAlgorithmName(aOptions.mParameters[a].mAlg,
                                    algName))) {
       continue;
     }
@@ -381,7 +393,7 @@ WebAuthnManager::MakeCredential(nsPIDOMWindowInner* aParent,
     // normalizedAlgorithm.
     PublicKeyCredentialParameters normalizedObj;
     normalizedObj.mType = aOptions.mParameters[a].mType;
-    normalizedObj.mAlgorithm.SetAsString().Assign(algName);
+    normalizedObj.mAlg.SetAsString().Assign(algName);
 
     if (!normalizedParams.AppendElement(normalizedObj, mozilla::fallible)){
       promise->MaybeReject(NS_ERROR_OUT_OF_MEMORY);
@@ -411,8 +423,8 @@ WebAuthnManager::MakeCredential(nsPIDOMWindowInner* aParent,
 
   for (size_t a = 0; a < normalizedParams.Length(); ++a) {
     if (normalizedParams[a].mType == PublicKeyCredentialType::Public_key &&
-        normalizedParams[a].mAlgorithm.IsString() &&
-        normalizedParams[a].mAlgorithm.GetAsString().EqualsLiteral(
+        normalizedParams[a].mAlg.IsString() &&
+        normalizedParams[a].mAlg.GetAsString().EqualsLiteral(
           JWK_ALG_ECDSA_P_256)) {
       isValidCombination = true;
       break;
@@ -464,14 +476,12 @@ WebAuthnManager::MakeCredential(nsPIDOMWindowInner* aParent,
   }
 
   nsTArray<WebAuthnScopedCredentialDescriptor> excludeList;
-  if (aOptions.mExcludeList.WasPassed()) {
-    for (const auto& s: aOptions.mExcludeList.Value()) {
-      WebAuthnScopedCredentialDescriptor c;
-      CryptoBuffer cb;
-      cb.Assign(s.mId);
-      c.id() = cb;
-      excludeList.AppendElement(c);
-    }
+  for (const auto& s: aOptions.mExcludeList) {
+    WebAuthnScopedCredentialDescriptor c;
+    CryptoBuffer cb;
+    cb.Assign(s.mId);
+    c.id() = cb;
+    excludeList.AppendElement(c);
   }
 
   // TODO: Add extension list building

dom/webauthn/WebAuthnManager.h

@@ -57,8 +57,7 @@ struct Account;
 class ArrayBufferViewOrArrayBuffer;
 struct AssertionOptions;
 class OwningArrayBufferViewOrArrayBuffer;
-struct ScopedCredentialOptions;
-struct ScopedCredentialParameters;
+struct MakePublicKeyCredentialOptions;
 class Promise;
 class WebAuthnTransactionChild;
 class WebAuthnTransactionInfo;
@@ -84,7 +83,7 @@ class WebAuthnManager final : public nsIIPCBackgroundChildCreateCallback,
 
   already_AddRefed<Promise>
   MakeCredential(nsPIDOMWindowInner* aParent,
-                 const MakeCredentialOptions& aOptions);
+                 const MakePublicKeyCredentialOptions& aOptions);
 
   already_AddRefed<Promise>
   GetAssertion(nsPIDOMWindowInner* aParent,

dom/webauthn/tests/browser/tab_webauthn_success.html

@@ -35,10 +35,10 @@ <h1>Full-run test for MakeCredential/GetAssertion for W3C Web Authentication</h1
 let gState = {};
 let makeCredentialOptions = {
   rp: {id: document.domain, name: "none", icon: "none"},
-  user: {id: "none", name: "none", icon: "none", displayName: "none"},
+  user: {id: new Uint8Array(), name: "none", icon: "none", displayName: "none"},
   challenge: gCredentialChallenge,
   timeout: 5000, // the minimum timeout is actually 15 seconds
-  parameters: [{type: "public-key", algorithm: "ES256"}],
+  parameters: [{type: "public-key", alg: "ES256"}],
 };
 
 navigator.credentials.create({publicKey: makeCredentialOptions})
@@ -48,6 +48,7 @@ <h1>Full-run test for MakeCredential/GetAssertion for W3C Web Authentication</h1
   return webAuthnDecodeCBORAttestation(aNewCredentialInfo.response.attestationObject);
 })
 .then(function testAssertion(aCredInfo) {
+  gState.authDataObj = aCredInfo.authDataObj;
   gState.publicKeyHandle = aCredInfo.authDataObj.publicKeyHandle;
 
   let newCredential = {
@@ -63,30 +64,26 @@ <h1>Full-run test for MakeCredential/GetAssertion for W3C Web Authentication</h1
     allowList: [newCredential]
   };
 
-  return navigator.credentials.get({publicKey: publicKeyCredentialRequestOptions});
-})
-.then(function(aAssertion) {
-  let clientData = JSON.parse(buffer2string(aAssertion.response.clientDataJSON));
-
-  gState.assertion = aAssertion;
-
-  return webAuthnDecodeAuthDataArray(new Uint8Array(aAssertion.response.authenticatorData));
-})
-.then(function(aAttestationObj) {
-  gState.attestation = aAttestationObj;
-
   // Make sure the RP ID hash matches what we calculate.
   return crypto.subtle.digest("SHA-256", string2buffer(document.domain))
   .then(function(calculatedRpIdHash) {
     let calcHashStr = bytesToBase64UrlSafe(new Uint8Array(calculatedRpIdHash));
-    let providedHashStr = bytesToBase64UrlSafe(new Uint8Array(aAttestationObj.authDataObj.rpIdHash));
+    let providedHashStr = bytesToBase64UrlSafe(new Uint8Array(gState.authDataObj.rpIdHash));
 
     if (calcHashStr != providedHashStr) {
       return Promise.reject("Calculated RP ID hash must match what the browser derived.");
     }
-    return Promise.resolve(aAttestationObj);
+
+    return navigator.credentials.get({publicKey: publicKeyCredentialRequestOptions});
   });
 })
+.then(function(aAssertion) {
+  let clientData = JSON.parse(buffer2string(aAssertion.response.clientDataJSON));
+
+  gState.assertion = aAssertion;
+
+  return webAuthnDecodeAuthDataArray(new Uint8Array(aAssertion.response.authenticatorData));
+})
 .then(function(aAttestation) {
   if (new Uint8Array(aAttestation.flags) != flag_TUP) {
     return Promise.reject("Assertion's user presence byte not set correctly.");
@@ -102,7 +99,7 @@ <h1>Full-run test for MakeCredential/GetAssertion for W3C Web Authentication</h1
 .then(function(aSignedData) {
   let signature = gState.assertion.response.signature;
   console.log(gState.publicKeyHandle, aSignedData, signature);
-  return verifySignature(gState.publicKeyHandle, aSignedData, new Uint8Array(signature));
+  return verifySignature(gState.publicKeyHandle, aSignedData, signature);
 })
 .then(function(aSigVerifyResult) {
   signalCompletion("Signing signature verified: " + aSigVerifyResult);

dom/webauthn/tests/mochitest.ini

@@ -3,19 +3,12 @@ support-files =
   cbor/*
   pkijs/*
   u2futil.js
-
-[test_webauthn_loopback.html]
 skip-if = !e10s
 scheme = https
+
+[test_webauthn_loopback.html]
 [test_webauthn_no_token.html]
-skip-if = !e10s
-scheme = https
 [test_webauthn_make_credential.html]
-skip-if = !e10s
-scheme = https
 [test_webauthn_get_assertion.html]
-skip-if = !e10s
-scheme = https
 [test_webauthn_sameorigin.html]
-skip-if = !e10s
-scheme = https
+[test_webauthn_isplatformauthenticatoravailable.html]

dom/webauthn/tests/test_webauthn_isplatformauthenticatoravailable.html

@@ -0,0 +1,47 @@
+<!DOCTYPE html>
+<meta charset=utf-8>
+<head>
+  <title>Test for W3C Web Authentication isPlatformAuthenticatorAvailable</title>
+  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <script type="text/javascript" src="u2futil.js"></script>
+  <script type="text/javascript" src="pkijs/common.js"></script>
+  <script type="text/javascript" src="pkijs/asn1.js"></script>
+  <script type="text/javascript" src="pkijs/x509_schema.js"></script>
+  <script type="text/javascript" src="pkijs/x509_simpl.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+
+<h1>Test for W3C Web Authentication isPlatformAuthenticatorAvailable</h1>
+<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1309284">Mozilla Bug 1309284</a>
+
+<script class="testbody" type="text/javascript">
+"use strict";
+
+// Execute the full-scope test
+SimpleTest.waitForExplicitFinish();
+
+// Turn off all tokens. This should result in "not allowed" failures
+SpecialPowers.pushPrefEnv({"set": [["security.webauth.webauthn", true],
+                                   ["security.webauth.webauthn_enable_softtoken", true],
+                                   ["security.webauth.webauthn_enable_usbtoken", false]]},
+function() {
+  PublicKeyCredential.isPlatformAuthenticatorAvailable()
+  .then(function(aResult) {
+    // The specification requires this method, if will return false, to wait 10
+    // minutes for anti-fingerprinting reasons. So we really can't test that
+    // in an automated way.
+    ok(aResult, "Should be available!");
+  })
+  .catch(function(aProblem) {
+    is(false, "Problem encountered: " + aProblem);
+  })
+  .then(function() {
+    SimpleTest.finish();
+  })
+});
+
+</script>
+
+</body>
+</html>

dom/webauthn/tests/test_webauthn_loopback.html

@@ -108,6 +108,7 @@ <h1>Full-run test for MakeCredential/GetAssertion for W3C Web Authentication</h1
 
     ok(aAssertion.response.authenticatorData === aAssertion.response.authenticatorData, "AuthenticatorAssertionResponse.AuthenticatorData is SameObject");
     ok(aAssertion.response.signature === aAssertion.response.signature, "AuthenticatorAssertionResponse.Signature is SameObject");
+    isnot(aAssertion.response.userId, undefined, "AuthenticatorAssertionResponse.UserId is defined")
 
     ok(aAssertion.response.authenticatorData.byteLength > 0, "Authenticator data exists");
     let clientData = JSON.parse(buffer2string(aAssertion.response.clientDataJSON));
@@ -136,8 +137,8 @@ <h1>Full-run test for MakeCredential/GetAssertion for W3C Web Authentication</h1
 
   function testMakeCredential() {
     let rp = {id: document.domain, name: "none", icon: "none"};
-    let user = {id: "none", name: "none", icon: "none", displayName: "none"};
-    let param = {type: "public-key", algorithm: "ES256"};
+    let user = {name: "none", icon: "none", displayName: "none"};
+    let param = {type: "public-key", alg: "ES256"};
     let makeCredentialOptions = {
       rp: rp,
       user: user,
@@ -155,8 +156,8 @@ <h1>Full-run test for MakeCredential/GetAssertion for W3C Web Authentication</h1
 
   function testMakeDuplicate(aCredInfo) {
     let rp = {id: document.domain, name: "none", icon: "none"};
-    let user = {id: "none", name: "none", icon: "none", displayName: "none"};
-    let param = {type: "public-key", algorithm: "ES256"};
+    let user = {name: "none", icon: "none", displayName: "none"};
+    let param = {type: "public-key", alg: "ES256"};
     let makeCredentialOptions = {
       rp: rp,
       user: user,