tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

PWebAuthnTransaction.ipdl (5424B)

      1 /* This Source Code Form is subject to the terms of the Mozilla Public
      2  * License, v. 2.0. If a copy of the MPL was not distributed with this file,
      3  * You can obtain one at http://mozilla.org/MPL/2.0/. */
      4 
      5 /*
      6  * IPC Transaction protocol for the WebAuthn DOM API. This IPC protocol allows
      7  * the content process to call to the parent to access hardware for
      8  * authentication registration and challenges. All transactions start in the
      9  * child process, and the parent replies with a "Confirm*" message, or a
     10  * "Cancel" message if there was an error (no hardware available, no registered
     11  * keys, etc) or interruption (another transaction was started in another
     12  * content process). Similarly, the content process can also request a cancel,
     13  * either triggered explicitly by the user/script or due to UI events like
     14  * selecting a different tab.
     15  */
     16 
     17 include protocol PWindowGlobal;
     18 
     19 include "mozilla/dom/WebAuthnIPCUtils.h";
     20 
     21 using mozilla::dom::MaybeDiscardedBrowsingContext from "mozilla/dom/BrowsingContext.h";
     22 using mozilla::dom::CredentialProtectionPolicy from "mozilla/dom/WebAuthenticationBinding.h";
     23 
     24 namespace mozilla {
     25 namespace dom {
     26 
     27 struct WebAuthnAuthenticatorSelection {
     28   nsString residentKey;
     29   nsString userVerificationRequirement;
     30   nsString? authenticatorAttachment;
     31 };
     32 
     33 struct WebAuthnScopedCredential {
     34   uint8_t[] id;
     35   uint8_t transports;
     36 };
     37 
     38 struct WebAuthnExtensionCredProtect {
     39   CredentialProtectionPolicy policy;
     40   bool required;
     41 };
     42 
     43 struct WebAuthnExtensionCredProps {
     44   bool credProps;
     45 };
     46 
     47 struct WebAuthnExtensionHmacSecret {
     48   bool hmacCreateSecret;
     49 };
     50 
     51 struct WebAuthnExtensionLargeBlob {
     52   bool? flag;      // In registrations this indicates whether large blob support is required.
     53                    // In authentications this indicates whether this is a request to read the
     54                    // a blob or whether it is a request to write one.
     55   uint8_t[] write; // Authentication only. The value to be written when `flag` is
     56                    // present and false.
     57 };
     58 
     59 struct WebAuthnExtensionMinPinLength {
     60   bool minPinLength;
     61 };
     62 
     63 struct WebAuthnExtensionPrf {
     64   WebAuthnExtensionPrfValues? eval;
     65   bool evalByCredentialMaybe;
     66   WebAuthnExtensionPrfEvalByCredentialEntry[] evalByCredential;
     67 };
     68 
     69 struct WebAuthnExtensionPrfValues {
     70     uint8_t[] first;
     71     bool secondMaybe;
     72     uint8_t[] second;
     73 };
     74 
     75 struct WebAuthnExtensionPrfEvalByCredentialEntry {
     76     uint8_t[] credentialId;
     77     WebAuthnExtensionPrfValues eval;
     78 };
     79 
     80 union WebAuthnExtension {
     81   WebAuthnExtensionCredProtect;
     82   WebAuthnExtensionCredProps;
     83   WebAuthnExtensionHmacSecret;
     84   WebAuthnExtensionLargeBlob;
     85   WebAuthnExtensionMinPinLength;
     86   WebAuthnExtensionPrf;
     87 };
     88 
     89 struct WebAuthnExtensionResultAppId {
     90   bool AppId;
     91 };
     92 
     93 struct WebAuthnExtensionResultCredProps {
     94   bool rk;
     95 };
     96 
     97 struct WebAuthnExtensionResultHmacSecret {
     98   bool hmacCreateSecret;
     99 };
    100 
    101 struct WebAuthnExtensionResultLargeBlob {
    102   bool flag;      // In registration this indicates support. In authentication
    103                   // it indicates whether this is a read return or a write return.
    104   uint8_t[] blob; // Authentication only. Read return.
    105   bool written;   // Authentication only. Write return
    106 };
    107 
    108 struct WebAuthnExtensionResultPrf {
    109   bool? enabled;
    110   WebAuthnExtensionPrfValues? results;
    111 };
    112 
    113 union WebAuthnExtensionResult {
    114   WebAuthnExtensionResultAppId;
    115   WebAuthnExtensionResultCredProps;
    116   WebAuthnExtensionResultHmacSecret;
    117   WebAuthnExtensionResultLargeBlob;
    118   WebAuthnExtensionResultPrf;
    119 };
    120 
    121 struct WebAuthnMakeCredentialRpInfo {
    122   nsString Name;
    123 };
    124 
    125 struct WebAuthnMakeCredentialUserInfo {
    126   uint8_t[] Id;
    127   nsString Name;
    128   nsString DisplayName;
    129 };
    130 
    131 struct CoseAlg {
    132   long alg;
    133 };
    134 
    135 struct WebAuthnMakeCredentialInfo {
    136   nsCString RpId;
    137   uint8_t[] Challenge;
    138   uint32_t TimeoutMS;
    139   WebAuthnScopedCredential[] ExcludeList;
    140   WebAuthnMakeCredentialRpInfo Rp;
    141   WebAuthnMakeCredentialUserInfo User;
    142   CoseAlg[] coseAlgs;
    143   WebAuthnExtension[] Extensions;
    144   WebAuthnAuthenticatorSelection AuthenticatorSelection;
    145   nsString attestationConveyancePreference;
    146   nsString[] Hints;
    147 };
    148 
    149 struct WebAuthnMakeCredentialResult {
    150   nsCString ClientDataJSON;
    151   uint8_t[] AttestationObject;
    152   uint8_t[] KeyHandle;
    153   nsString[] Transports;
    154   WebAuthnExtensionResult[] Extensions;
    155   nsString? AuthenticatorAttachment;
    156 };
    157 
    158 union WebAuthnMakeCredentialResponse {
    159   nsresult;
    160   WebAuthnMakeCredentialResult;
    161 };
    162 
    163 struct WebAuthnGetAssertionInfo {
    164   nsCString RpId;
    165   nsCString? AppId;
    166   uint8_t[] Challenge;
    167   uint32_t TimeoutMS;
    168   WebAuthnScopedCredential[] AllowList;
    169   WebAuthnExtension[] Extensions;
    170   nsString userVerificationRequirement;
    171   bool ConditionallyMediated;
    172   nsString[] Hints;
    173 };
    174 
    175 struct WebAuthnGetAssertionResult {
    176   nsCString ClientDataJSON;
    177   uint8_t[] KeyHandle;
    178   uint8_t[] Signature;
    179   uint8_t[] AuthenticatorData;
    180   WebAuthnExtensionResult[] Extensions;
    181   uint8_t[] UserHandle;
    182   nsString? AuthenticatorAttachment;
    183 };
    184 
    185 union WebAuthnGetAssertionResponse {
    186   nsresult;
    187   WebAuthnGetAssertionResult;
    188 };
    189 
    190 async protocol PWebAuthnTransaction {
    191   manager PWindowGlobal;
    192 
    193   parent:
    194     async RequestRegister(WebAuthnMakeCredentialInfo aTransactionInfo) returns (WebAuthnMakeCredentialResponse response);
    195     async RequestSign(WebAuthnGetAssertionInfo aTransactionInfo) returns (WebAuthnGetAssertionResponse response);
    196     async RequestIsUVPAA() returns (bool available);
    197     async RequestCancel();
    198 
    199   child:
    200     async __delete__();
    201 };
    202 
    203 }
    204 }