202 lines
5.3 KiB
Text
202 lines
5.3 KiB
Text
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
|
* You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
/*
|
|
* IPC Transaction protocol for the WebAuthn DOM API. This IPC protocol allows
|
|
* the content process to call to the parent to access hardware for
|
|
* authentication registration and challenges. All transactions start in the
|
|
* child process, and the parent replies with a "Confirm*" message, or a
|
|
* "Cancel" message if there was an error (no hardware available, no registered
|
|
* keys, etc) or interruption (another transaction was started in another
|
|
* content process). Similarly, the content process can also request a cancel,
|
|
* either triggered explicitly by the user/script or due to UI events like
|
|
* selecting a different tab.
|
|
*/
|
|
|
|
include protocol PWindowGlobal;
|
|
|
|
include "mozilla/dom/WebAuthnIPCUtils.h";
|
|
|
|
using mozilla::dom::MaybeDiscardedBrowsingContext from "mozilla/dom/BrowsingContext.h";
|
|
using mozilla::dom::CredentialProtectionPolicy from "mozilla/dom/WebAuthenticationBinding.h";
|
|
|
|
namespace mozilla {
|
|
namespace dom {
|
|
|
|
struct WebAuthnAuthenticatorSelection {
|
|
nsString residentKey;
|
|
nsString userVerificationRequirement;
|
|
nsString? authenticatorAttachment;
|
|
};
|
|
|
|
struct WebAuthnScopedCredential {
|
|
uint8_t[] id;
|
|
uint8_t transports;
|
|
};
|
|
|
|
struct WebAuthnExtensionCredProtect {
|
|
CredentialProtectionPolicy policy;
|
|
bool required;
|
|
};
|
|
|
|
struct WebAuthnExtensionCredProps {
|
|
bool credProps;
|
|
};
|
|
|
|
struct WebAuthnExtensionHmacSecret {
|
|
bool hmacCreateSecret;
|
|
};
|
|
|
|
struct WebAuthnExtensionLargeBlob {
|
|
bool? flag; // In registrations this indicates whether large blob support is required.
|
|
// In authentications this indicates whether this is a request to read the
|
|
// a blob or whether it is a request to write one.
|
|
uint8_t[] write; // Authentication only. The value to be written when `flag` is
|
|
// present and false.
|
|
};
|
|
|
|
struct WebAuthnExtensionMinPinLength {
|
|
bool minPinLength;
|
|
};
|
|
|
|
struct WebAuthnExtensionPrf {
|
|
WebAuthnExtensionPrfValues? eval;
|
|
bool evalByCredentialMaybe;
|
|
WebAuthnExtensionPrfEvalByCredentialEntry[] evalByCredential;
|
|
};
|
|
|
|
struct WebAuthnExtensionPrfValues {
|
|
uint8_t[] first;
|
|
bool secondMaybe;
|
|
uint8_t[] second;
|
|
};
|
|
|
|
struct WebAuthnExtensionPrfEvalByCredentialEntry {
|
|
uint8_t[] credentialId;
|
|
WebAuthnExtensionPrfValues eval;
|
|
};
|
|
|
|
union WebAuthnExtension {
|
|
WebAuthnExtensionCredProtect;
|
|
WebAuthnExtensionCredProps;
|
|
WebAuthnExtensionHmacSecret;
|
|
WebAuthnExtensionLargeBlob;
|
|
WebAuthnExtensionMinPinLength;
|
|
WebAuthnExtensionPrf;
|
|
};
|
|
|
|
struct WebAuthnExtensionResultAppId {
|
|
bool AppId;
|
|
};
|
|
|
|
struct WebAuthnExtensionResultCredProps {
|
|
bool rk;
|
|
};
|
|
|
|
struct WebAuthnExtensionResultHmacSecret {
|
|
bool hmacCreateSecret;
|
|
};
|
|
|
|
struct WebAuthnExtensionResultLargeBlob {
|
|
bool flag; // In registration this indicates support. In authentication
|
|
// it indicates whether this is a read return or a write return.
|
|
uint8_t[] blob; // Authentication only. Read return.
|
|
bool written; // Authentication only. Write return
|
|
};
|
|
|
|
struct WebAuthnExtensionResultPrf {
|
|
bool? enabled;
|
|
WebAuthnExtensionPrfValues? results;
|
|
};
|
|
|
|
union WebAuthnExtensionResult {
|
|
WebAuthnExtensionResultAppId;
|
|
WebAuthnExtensionResultCredProps;
|
|
WebAuthnExtensionResultHmacSecret;
|
|
WebAuthnExtensionResultLargeBlob;
|
|
WebAuthnExtensionResultPrf;
|
|
};
|
|
|
|
struct WebAuthnMakeCredentialRpInfo {
|
|
nsString Name;
|
|
};
|
|
|
|
struct WebAuthnMakeCredentialUserInfo {
|
|
uint8_t[] Id;
|
|
nsString Name;
|
|
nsString DisplayName;
|
|
};
|
|
|
|
struct CoseAlg {
|
|
long alg;
|
|
};
|
|
|
|
struct WebAuthnMakeCredentialInfo {
|
|
nsCString RpId;
|
|
uint8_t[] Challenge;
|
|
uint32_t TimeoutMS;
|
|
WebAuthnScopedCredential[] ExcludeList;
|
|
WebAuthnMakeCredentialRpInfo Rp;
|
|
WebAuthnMakeCredentialUserInfo User;
|
|
CoseAlg[] coseAlgs;
|
|
WebAuthnExtension[] Extensions;
|
|
WebAuthnAuthenticatorSelection AuthenticatorSelection;
|
|
nsString attestationConveyancePreference;
|
|
};
|
|
|
|
struct WebAuthnMakeCredentialResult {
|
|
nsCString ClientDataJSON;
|
|
uint8_t[] AttestationObject;
|
|
uint8_t[] KeyHandle;
|
|
nsString[] Transports;
|
|
WebAuthnExtensionResult[] Extensions;
|
|
nsString? AuthenticatorAttachment;
|
|
};
|
|
|
|
union WebAuthnMakeCredentialResponse {
|
|
nsresult;
|
|
WebAuthnMakeCredentialResult;
|
|
};
|
|
|
|
struct WebAuthnGetAssertionInfo {
|
|
nsCString RpId;
|
|
nsCString? AppId;
|
|
uint8_t[] Challenge;
|
|
uint32_t TimeoutMS;
|
|
WebAuthnScopedCredential[] AllowList;
|
|
WebAuthnExtension[] Extensions;
|
|
nsString userVerificationRequirement;
|
|
bool ConditionallyMediated;
|
|
};
|
|
|
|
struct WebAuthnGetAssertionResult {
|
|
nsCString ClientDataJSON;
|
|
uint8_t[] KeyHandle;
|
|
uint8_t[] Signature;
|
|
uint8_t[] AuthenticatorData;
|
|
WebAuthnExtensionResult[] Extensions;
|
|
uint8_t[] UserHandle;
|
|
nsString? AuthenticatorAttachment;
|
|
};
|
|
|
|
union WebAuthnGetAssertionResponse {
|
|
nsresult;
|
|
WebAuthnGetAssertionResult;
|
|
};
|
|
|
|
async protocol PWebAuthnTransaction {
|
|
manager PWindowGlobal;
|
|
|
|
parent:
|
|
async RequestRegister(WebAuthnMakeCredentialInfo aTransactionInfo) returns (WebAuthnMakeCredentialResponse response);
|
|
async RequestSign(WebAuthnGetAssertionInfo aTransactionInfo) returns (WebAuthnGetAssertionResponse response);
|
|
async RequestIsUVPAA() returns (bool available);
|
|
async RequestCancel();
|
|
|
|
child:
|
|
async __delete__();
|
|
};
|
|
|
|
}
|
|
}
|