Bug 1403279 - Set U2F version field on RegisterResponse r?keeler
The U2F specification defines the RegisterResponse.Version field as being set to
"U2F_V2" [1] on successful registrations, which we appear to have overlooked.
This sets the field and adds a few checks to the register test.
[1] https://www.fidoalliance.org/specs/fido-u2f-v1.1-id-20160915/fido-u2f-javascript-api-v1.1-id-20160915.html#idl-def-RegisterResponse
MozReview-Commit-ID: 9YqhM0x9itd
--- a/dom/u2f/U2F.cpp
+++ b/dom/u2f/U2F.cpp
@@ -14,17 +14,16 @@
namespace mozilla {
namespace dom {
static mozilla::LazyLogModule gU2FLog("u2fmanager");
NS_NAMED_LITERAL_STRING(kFinishEnrollment, "navigator.id.finishEnrollment");
NS_NAMED_LITERAL_STRING(kGetAssertion, "navigator.id.getAssertion");
-NS_NAMED_LITERAL_STRING(kRequiredU2FVersion, "U2F_V2");
NS_INTERFACE_MAP_BEGIN_CYCLE_COLLECTION(U2F)
NS_WRAPPERCACHE_INTERFACE_MAP_ENTRY
NS_INTERFACE_MAP_ENTRY(nsISupports)
NS_INTERFACE_MAP_END
NS_IMPL_CYCLE_COLLECTING_ADDREF(U2F)
NS_IMPL_CYCLE_COLLECTING_RELEASE(U2F)
--- a/dom/u2f/U2FAuthenticator.h
+++ b/dom/u2f/U2FAuthenticator.h
@@ -21,12 +21,14 @@ enum class ErrorCode {
BAD_REQUEST = 2,
CONFIGURATION_UNSUPPORTED = 3,
DEVICE_INELIGIBLE = 4,
TIMEOUT = 5
};
typedef MozPromise<nsString, ErrorCode, false> U2FPromise;
+NS_NAMED_LITERAL_STRING(kRequiredU2FVersion, "U2F_V2");
+
} // namespace dom
} // namespace mozilla
#endif // mozilla_dom_U2FAuthenticator_h
--- a/dom/u2f/U2FManager.cpp
+++ b/dom/u2f/U2FManager.cpp
@@ -352,16 +352,17 @@ U2FManager::FinishRegister(nsTArray<uint
if (NS_WARN_IF(NS_FAILED(rvClientData)) ||
NS_WARN_IF(NS_FAILED(rvRegistrationData))) {
mTransactionPromise.Reject(ErrorCode::OTHER_ERROR, __func__);
return;
}
// Assemble a response object to return
RegisterResponse response;
+ response.mVersion.Construct(kRequiredU2FVersion);
response.mClientData.Construct(clientDataBase64);
response.mRegistrationData.Construct(registrationDataBase64);
response.mErrorCode.Construct(static_cast<uint32_t>(ErrorCode::OK));
nsString responseStr;
if (NS_WARN_IF(!response.ToJSON(responseStr))) {
mTransactionPromise.Reject(ErrorCode::OTHER_ERROR, __func__);
return;
--- a/dom/u2f/tests/frame_register.html
+++ b/dom/u2f/tests/frame_register.html
@@ -14,16 +14,19 @@ var challenge = new Uint8Array(16);
async function doTests() {
local_is(window.location.origin, "https://example.com", "Is loaded correctly");
// basic check
await promiseU2FRegister("https://example.com/appId", [{
version: version,
challenge: bytesToBase64UrlSafe(challenge),
}], [], function(res){
+ local_is(res.version, version, "Version should be set correctly");
+ local_ok(res.clientData.length > 0, "ClientData must be set");
+ local_ok(res.registrationData.length > 0, "RegistrationData must be set");
local_is(res.errorCode, 0, "AppID should work from the domain");
});
await promiseU2FRegister("https://example.net/appId", [{
version: version,
challenge: bytesToBase64UrlSafe(challenge),
}], [], function(res){
local_is(res.errorCode, 2, "AppID should not work from other domains");