summaryrefslogtreecommitdiffstats
path: root/dom/webauthn/PWebAuthnTransaction.ipdl
diff options
context:
space:
mode:
Diffstat (limited to 'dom/webauthn/PWebAuthnTransaction.ipdl')
-rw-r--r--dom/webauthn/PWebAuthnTransaction.ipdl154
1 files changed, 154 insertions, 0 deletions
diff --git a/dom/webauthn/PWebAuthnTransaction.ipdl b/dom/webauthn/PWebAuthnTransaction.ipdl
new file mode 100644
index 0000000000..906c686824
--- /dev/null
+++ b/dom/webauthn/PWebAuthnTransaction.ipdl
@@ -0,0 +1,154 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * IPC Transaction protocol for the WebAuthn DOM API. This IPC protocol allows
+ * the content process to call to the parent to access hardware for
+ * authentication registration and challenges. All transactions start in the
+ * child process, and the parent replies with a "Confirm*" message, or a
+ * "Cancel" message if there was an error (no hardware available, no registered
+ * keys, etc) or interruption (another transaction was started in another
+ * content process). Similarly, the content process can also request a cancel,
+ * either triggered explicitly by the user/script or due to UI events like
+ * selecting a different tab.
+ */
+
+include protocol PBackground;
+
+using mozilla::dom::AttestationConveyancePreference from "mozilla/dom/WebAuthnUtil.h";
+using mozilla::dom::AuthenticatorAttachment from "mozilla/dom/WebAuthnUtil.h";
+using mozilla::dom::MaybeDiscardedBrowsingContext from "mozilla/dom/BrowsingContext.h";
+using mozilla::dom::UserVerificationRequirement from "mozilla/dom/WebAuthnUtil.h";
+
+namespace mozilla {
+namespace dom {
+
+struct WebAuthnAuthenticatorSelection {
+ bool requireResidentKey;
+ UserVerificationRequirement userVerificationRequirement;
+ AuthenticatorAttachment? authenticatorAttachment;
+};
+
+struct WebAuthnScopedCredential {
+ uint8_t[] id;
+ uint8_t transports;
+};
+
+struct WebAuthnExtensionAppId {
+ uint8_t[] AppId;
+ nsString appIdentifier;
+};
+
+struct WebAuthnExtensionHmacSecret {
+ bool hmacCreateSecret;
+};
+
+union WebAuthnExtension {
+ WebAuthnExtensionAppId;
+ WebAuthnExtensionHmacSecret;
+};
+
+struct WebAuthnExtensionResultAppId {
+ bool AppId;
+};
+
+struct WebAuthnExtensionResultHmacSecret {
+ bool hmacCreateSecret;
+};
+
+union WebAuthnExtensionResult {
+ WebAuthnExtensionResultAppId;
+ WebAuthnExtensionResultHmacSecret;
+};
+
+struct WebAuthnMakeCredentialRpInfo {
+ nsString Name;
+ nsString Icon;
+};
+
+struct WebAuthnMakeCredentialUserInfo {
+ uint8_t[] Id;
+ nsString Name;
+ nsString Icon;
+ nsString DisplayName;
+};
+
+struct CoseAlg {
+ long alg;
+};
+
+struct WebAuthnMakeCredentialExtraInfo {
+ WebAuthnMakeCredentialRpInfo Rp;
+ WebAuthnMakeCredentialUserInfo User;
+ CoseAlg[] coseAlgs;
+ WebAuthnExtension[] Extensions;
+ WebAuthnAuthenticatorSelection AuthenticatorSelection;
+ AttestationConveyancePreference attestationConveyancePreference;
+};
+
+struct WebAuthnMakeCredentialInfo {
+ nsString Origin;
+ nsString RpId;
+ uint8_t[] Challenge;
+ nsCString ClientDataJSON;
+ uint32_t TimeoutMS;
+ WebAuthnScopedCredential[] ExcludeList;
+ WebAuthnMakeCredentialExtraInfo? Extra;
+ uint64_t BrowsingContextId;
+};
+
+struct WebAuthnMakeCredentialResult {
+ nsCString ClientDataJSON;
+ uint8_t[] AttestationObject;
+ uint8_t[] KeyHandle;
+ /* Might be empty if the token implementation doesn't support CTAP1. */
+ uint8_t[] RegistrationData;
+ WebAuthnExtensionResult[] Extensions;
+};
+
+struct WebAuthnGetAssertionExtraInfo {
+ WebAuthnExtension[] Extensions;
+ UserVerificationRequirement userVerificationRequirement;
+};
+
+struct WebAuthnGetAssertionInfo {
+ nsString Origin;
+ nsString RpId;
+ uint8_t[] Challenge;
+ nsCString ClientDataJSON;
+ uint32_t TimeoutMS;
+ WebAuthnScopedCredential[] AllowList;
+ WebAuthnGetAssertionExtraInfo? Extra;
+ uint64_t BrowsingContextId;
+};
+
+struct WebAuthnGetAssertionResult {
+ nsCString ClientDataJSON;
+ uint8_t[] KeyHandle;
+ uint8_t[] Signature;
+ uint8_t[] AuthenticatorData;
+ WebAuthnExtensionResult[] Extensions;
+ /* Might be empty if the token implementation doesn't support CTAP1. */
+ uint8_t[] SignatureData;
+ uint8_t[] UserHandle;
+};
+
+async protocol PWebAuthnTransaction {
+ manager PBackground;
+
+ parent:
+ async RequestRegister(uint64_t aTransactionId, WebAuthnMakeCredentialInfo aTransactionInfo);
+ async RequestSign(uint64_t aTransactionId, WebAuthnGetAssertionInfo aTransactionInfo);
+ async RequestCancel(uint64_t aTransactionId);
+ async DestroyMe();
+
+ child:
+ async __delete__();
+ async ConfirmRegister(uint64_t aTransactionId, WebAuthnMakeCredentialResult aResult);
+ async ConfirmSign(uint64_t aTransactionId, WebAuthnGetAssertionResult aResult);
+ async Abort(uint64_t aTransactionId, nsresult Error);
+};
+
+}
+}