From b1e9c771764992f40b4cf3fe7c0697ed459b0281 Mon Sep 17 00:00:00 2001 From: John Schanck Date: Tue, 7 Mar 2023 23:27:56 +0000 Subject: [PATCH] Bug 1820886 - vendor authenticator-rs v0.4.0-alpha10. r=keeler,supply-chain-reviewers Differential Revision: https://phabricator.services.mozilla.com/D171913 --- Cargo.lock | 4 +- supply-chain/audits.toml | 2 +- .../rust/authenticator/.cargo-checksum.json | 2 +- third_party/rust/authenticator/Cargo.lock | 54 ++++++++-------- third_party/rust/authenticator/Cargo.toml | 2 +- third_party/rust/authenticator/src/consts.rs | 10 --- .../rust/authenticator/src/statemachine.rs | 47 +++++++++----- .../src/transport/device_selector.rs | 10 +-- .../rust/authenticator/src/transport/hid.rs | 46 +++++++++++--- .../rust/authenticator/src/transport/mod.rs | 61 +++++++++++++------ toolkit/library/rust/shared/Cargo.toml | 2 +- 11 files changed, 147 insertions(+), 93 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 8668af60d217e..060cb4a110b3b 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -379,9 +379,9 @@ dependencies = [ [[package]] name = "authenticator" -version = "0.4.0-alpha.9" +version = "0.4.0-alpha.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6314be6c155338119771d3e4b853232aa01c435c10434c960e3e66276f43bc6e" +checksum = "2238116278e3a069a5148ce1efaa73d750a0d7341e011235a0ddb3e7079cb1be" dependencies = [ "base64", "bitflags", diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml index 78562dbc39490..cfa6d1058905b 100644 --- a/supply-chain/audits.toml +++ b/supply-chain/audits.toml @@ -202,7 +202,7 @@ delta = "0.1.8 -> 0.1.9" [[audits.authenticator]] who = "John M. Schanck " criteria = "safe-to-deploy" -version = "0.4.0-alpha.9" +version = "0.4.0-alpha.10" notes = "Maintained by the CryptoEng team at Mozilla." [[audits.autocfg]] diff --git a/third_party/rust/authenticator/.cargo-checksum.json b/third_party/rust/authenticator/.cargo-checksum.json index dedda47913150..341ad4c3bb528 100644 --- a/third_party/rust/authenticator/.cargo-checksum.json +++ b/third_party/rust/authenticator/.cargo-checksum.json @@ -1 +1 @@ -{"files":{"Cargo.lock":"8b57df09f4a37bd36d91957bc291abaaba27bfe0274e9630095ee407186e92bf","Cargo.toml":"1846bfdfc63a45c2a9aa9a03def7b74501f435aafe493fb559de27d94b37e46f","Cross.toml":"8d132da818d48492aa9f4b78a348f0df3adfae45d988d42ebd6be8a5adadb6c3","LICENSE":"e866c8f5864d4cacfe403820e722e9dc03fe3c7565efa5e4dad9051d827bb92a","README.md":"c87d9c7cc44f1dd4ef861a3a9f8cd2eb68aedd3814768871f5fb63c2070806cd","build.rs":"01092254718e4cd5d6bffcd64d55cc3240dc00e79f3d7344a5dc4abf6c27bca6","examples/ctap1.rs":"a2d1a830ae2b3e16088ebf51db271ccee3671b70d94ec4c29890bd76c04eaac0","examples/ctap2.rs":"b91219ee12149945fff57cdd32f5494df85734d0010493edc36516d71636c8d6","examples/ctap2_discoverable_creds.rs":"8b53c46d057b24f477369adb8bf57eaaf0e400aace871e48d56272fdca5c7b14","examples/main.rs":"896d2ffe0889c36852b7ec4d6ad97b61fedc2231432e39fa6c6d87b0147434dc","examples/reset.rs":"be4c29737f356a2a9644d1b5fff0717b6d64a4b6d20d976085b4b165ec2a2377","examples/set_pin.rs":"94e93f170dc232d8fca896b2aa4969afd108428e206db84db7e17f0697fcf837","examples/test_exclude_list.rs":"08a49c900de3fb51de5566e6c4a41b34c77854ad20b6a0e1baf54e625ba8e31b","rustfmt.toml":"ceb6615363d6fff16426eb56f5727f98a7f7ed459ba9af735b1d8b672e2c3b9b","src/authenticatorservice.rs":"35cfca6e3e8258bd012b5e18c79db84ebdfbc3d7a49616ec05eb1d381f7b9c2b","src/capi.rs":"10f574423e52df873558dad25be350d5f23a99d4949b7eadcf91737cd33e3c69","src/consts.rs":"f04bb4367c2115c938e6a74594962a0a5de07fa439ff2974757897745c0c753e","src/crypto/dummy.rs":"3abe45ca14e8b5cb8e2661375d6a8c8ccc333c23577d1c34ec3fce292ef9f2b9","src/crypto/mod.rs":"d2e53a8bc2dc16186fe2c81022133aa8c11d04e7e6adb498778d376bb552c418","src/crypto/nss.rs":"49f23b6b54a046a2273bbd4992164226eb97b683dd37d7b1668e4db1e6d9a984","src/crypto/openssl.rs":"e5fdb8701daedec5b26e727be8ac4200ed27ffa4bea3bfb2b9da1d7e24b53195","src/crypto/ring.rs":"dd93b8bfafd1c35c7f23b66fb4881b884a60c7fcff964ae8966ff260e283b7c2","src/ctap2-capi.h":"bed059ee94251d9f81ed20419f48ae74eae45bec476d28a9aa5bb26aad2d0e8b","src/ctap2/attestation.rs":"e2e638c94ce942ef4cc8afa5f40fccfac98c5bf72a4ce88e46738c7f8f75725c","src/ctap2/client_data.rs":"26465221bdafc615beabdae62709aa6c193504aac3581d4c8f1d7914abe04465","src/ctap2/commands/client_pin.rs":"e49ee05c44e3a366f4bd9f78254f12f895bbb36adbf2c3b58355ddb907a11067","src/ctap2/commands/get_assertion.rs":"4806472e6ef4af00807d06a0a5f61f30110ab5cf258fa131fd6f98c03b7273b8","src/ctap2/commands/get_info.rs":"2e66b6ab18394ef89d3cb65b13ac165b95f1e48a55d3cec9d52a3c5db0ade994","src/ctap2/commands/get_next_assertion.rs":"1120b0301197ada11751c4c42fc0a4147368ec5427f62da3868347567d28ba3a","src/ctap2/commands/get_version.rs":"fba3f73b9d07bedaa1fc3cd7f7ef27b6113e38a1fe6d353cb12f7af73997f5cc","src/ctap2/commands/make_credentials.rs":"f85a8c9507c097ecac94860866cca60dd5ba4035b98d9b776b66f0cc856dd01d","src/ctap2/commands/mod.rs":"9562f5612d466299717f91c3b0a4e52f629a62359a01bd3654048242c605511a","src/ctap2/commands/reset.rs":"95dac8a400f66fb4725a3850a06d6b605ffc99bec4a90ca302a6e8f21deb48d8","src/ctap2/commands/selection.rs":"a2a4b2e30df1923c296f7ac3a8d38cfcac7c231669cfc39babcb7b02fac7cdee","src/ctap2/mod.rs":"672c581502ac6d1417d0fe42a92ef86b1f1d64799f48061b3d9ac026e35fb69d","src/ctap2/server.rs":"0eaefc392a34c84929b6992baecd7abe08521b3e6058e1187656a6fbfb03e9a6","src/ctap2/utils.rs":"ad0aa36a0dbeb510b7f37789329f1957eab206eb529dc083e6176b142984e26e","src/ctap2_capi.rs":"aa116118fc2aa0020f196540b57bce2daf5741ebe9cbf773de0d2916d5c44828","src/errors.rs":"dd5c61fd7a77b6be3875120ae7708bbcf3f4daaf924ae17b67d256a49f326d29","src/lib.rs":"511c78d7c8f89fb56888f16c1517ee2124e58b1392dff7e88652ef4ea0ddab02","src/manager.rs":"2f02ab57fabc5bf47edae1afd357b4600f3f4ec1f556914014d6e562cbfdda0d","src/statecallback.rs":"6b16f97176db1ae3fc3851fe8394e4ffc324bc6fe59313845ac3a88132fd52f1","src/statemachine.rs":"3f113a5bd693023dd8db915465d5f958a5fb9f06b4f8195d2e8564b4d15a2ef0","src/status_update.rs":"dfa74e57838d25cb6eb594314ce3affaf633a377b462342f0dcb9c528413db1f","src/transport/device_selector.rs":"2b1bf526f6e6757a16c3a3e9621ca24ee8a797dc597e9c78655ba6437b63b8cb","src/transport/errors.rs":"5af7cb8d22ffa63bf4264d182a0f54b9b3a2cc9d19d832b3495857229f9a2875","src/transport/freebsd/device.rs":"0568825a1e07d09fef33b14b7ad1d1702392cba9a12ad18562dd9d396d4cf49b","src/transport/freebsd/mod.rs":"42dcb57fbeb00140003a8ad39acac9b547062b8f281a3fa5deb5f92a6169dde6","src/transport/freebsd/monitor.rs":"a6b34af4dd2e357a5775b1f3a723766107c11ef98dba859b1188ed08e0e450a2","src/transport/freebsd/transaction.rs":"bd65fce8864be95839d7918f0fecc065f907265e0ce5411845f409c8e206f9a4","src/transport/freebsd/uhid.rs":"a194416a8bc5d428c337f8d96a2248769ca190810852bbe5ee686ab595d8eb4c","src/transport/hid.rs":"cdb856b49211fed0eb3384e6670259bc4bbcede244330d9c921a85166b0d7481","src/transport/hidproto.rs":"9d490f161807b75f4d7d5096355006627c1f47c0d90fca53bade3692efc92a2d","src/transport/linux/device.rs":"921dfe64c7c6fe8a175b0a6b36d34ff9be95421ef9eb65630678976f96913b7b","src/transport/linux/hidraw.rs":"c7a0df9b4e51cb2736218ffffa02b2b2547b7c515d69f9bae2c9a8c8f1cb547b","src/transport/linux/hidwrapper.h":"72785db3a9b27ea72b6cf13a958fee032af54304522d002f56322473978a20f9","src/transport/linux/hidwrapper.rs":"753c7459dbb73befdd186b6269ac33f7a4537b4c935928f50f2b2131756e787d","src/transport/linux/ioctl_aarch64le.rs":"2d8b265cd39a9f46816f83d5a5df0701c13eb842bc609325bad42ce50add3bf0","src/transport/linux/ioctl_armle.rs":"2d8b265cd39a9f46816f83d5a5df0701c13eb842bc609325bad42ce50add3bf0","src/transport/linux/ioctl_mips64le.rs":"fbda309934ad8bda689cd4fb5c0ca696fe26dedb493fe9d5a5322c3047d474fd","src/transport/linux/ioctl_mipsbe.rs":"fbda309934ad8bda689cd4fb5c0ca696fe26dedb493fe9d5a5322c3047d474fd","src/transport/linux/ioctl_mipsle.rs":"fbda309934ad8bda689cd4fb5c0ca696fe26dedb493fe9d5a5322c3047d474fd","src/transport/linux/ioctl_powerpc64be.rs":"fbda309934ad8bda689cd4fb5c0ca696fe26dedb493fe9d5a5322c3047d474fd","src/transport/linux/ioctl_powerpc64le.rs":"fbda309934ad8bda689cd4fb5c0ca696fe26dedb493fe9d5a5322c3047d474fd","src/transport/linux/ioctl_powerpcbe.rs":"fbda309934ad8bda689cd4fb5c0ca696fe26dedb493fe9d5a5322c3047d474fd","src/transport/linux/ioctl_riscv64.rs":"2d8b265cd39a9f46816f83d5a5df0701c13eb842bc609325bad42ce50add3bf0","src/transport/linux/ioctl_s390xbe.rs":"2d8b265cd39a9f46816f83d5a5df0701c13eb842bc609325bad42ce50add3bf0","src/transport/linux/ioctl_x86.rs":"2d8b265cd39a9f46816f83d5a5df0701c13eb842bc609325bad42ce50add3bf0","src/transport/linux/ioctl_x86_64.rs":"2d8b265cd39a9f46816f83d5a5df0701c13eb842bc609325bad42ce50add3bf0","src/transport/linux/mod.rs":"446e435126d2a58f167f648dd95cba28e8ac9c17f1f799e1eaeab80ea800fc57","src/transport/linux/monitor.rs":"5e3ec2618dd74027ae6ca1527991254e3271cce59106d4920ce0414094e22f64","src/transport/linux/transaction.rs":"bd65fce8864be95839d7918f0fecc065f907265e0ce5411845f409c8e206f9a4","src/transport/macos/device.rs":"823162e7514df64b1e11d372fe2b9ba443f46a9ba3326344937d8e6d0c35ee28","src/transport/macos/iokit.rs":"7dc4e7bbf8e42e2fcde0cee8e48d14d6234a5a910bd5d3c4e966d8ba6b73992f","src/transport/macos/mod.rs":"333e561554fc901d4f6092f6e4c85823e2b0c4ff31c9188d0e6d542b71a0a07c","src/transport/macos/monitor.rs":"e02288454bb4010e06b705d82646abddb3799f0cd655f574aa19f9d91485a4a2","src/transport/macos/transaction.rs":"b034104484c6864668425bbd4499540c3117b0de2e80b0b03ee452d00323ed50","src/transport/mock/device.rs":"36ab98fd323a88b45ac460333692f97fe47b74b23e2fbb770cf8a41094d9c795","src/transport/mock/mod.rs":"9c4c87efd19adddc1a91c699a6c328063cfbac5531b76346a5ff92e986aded8f","src/transport/mock/transaction.rs":"be3ed8c389dfa04122364b82515edd76fad6f5d5f72d15cacd45a84fb8397292","src/transport/mod.rs":"c545b050c9b4193f80b2248a1c639bed5acbac89891d2863c699bbf4556b1628","src/transport/netbsd/device.rs":"e194a809f0ab5b7f377e647e11857d38c57355a0b896394bc836abfee36796af","src/transport/netbsd/fd.rs":"5464019025d03ea2a39c82f76b238bbbdb0ea63f5a5fc7c9d974e235139cd53b","src/transport/netbsd/mod.rs":"b1c52aa29537330cebe67427062d6c94871cab2a9b0c04b2305d686f07e88fd5","src/transport/netbsd/monitor.rs":"fb2917e4ba53cc9867987a539061f82d011f4c6e478df1157d965d32df2eb922","src/transport/netbsd/transaction.rs":"bd65fce8864be95839d7918f0fecc065f907265e0ce5411845f409c8e206f9a4","src/transport/netbsd/uhid.rs":"d15be35e2413240066a8f086bb8846b08a6a92bf6a1941c3eec1329dd3a4f9ce","src/transport/openbsd/device.rs":"acbc028ed1eed3bdff13c424baf6015e153f3b7847c2bb7f203c19e253e9950e","src/transport/openbsd/mod.rs":"514274d414042ff84b3667a41a736e78581e22fda87ccc97c2bc05617e381a30","src/transport/openbsd/monitor.rs":"2e0ba6ecc69b450be9cbfd21a7c65036ed2ce593b12363596d3eae0b5bfb79e8","src/transport/openbsd/transaction.rs":"bd65fce8864be95839d7918f0fecc065f907265e0ce5411845f409c8e206f9a4","src/transport/stub/device.rs":"a9d5c42e60a16a5e2b11a5922a8c7b2b47928790e0894fd022c68d766d853721","src/transport/stub/mod.rs":"6a7fec504a52d403b0241b18cd8b95088a31807571f4c0a67e4055afc74f4453","src/transport/stub/transaction.rs":"a3dbea5ccf691cff69278ed8a8ba67d27baba0ea2e1c6a53c9b0b04027283221","src/transport/windows/device.rs":"657019bcf21e9edd7a1e2716dd1ba342532909aae43299b6abfb365a09a53860","src/transport/windows/mod.rs":"218e7f2fe91ecb390c12bba5a5ffdad2c1f0b22861c937f4d386262e5b3dd617","src/transport/windows/monitor.rs":"57fe53862ce1d077811008aedc54f9bbf319adce6834d6e66f53a73760c314ff","src/transport/windows/transaction.rs":"bd65fce8864be95839d7918f0fecc065f907265e0ce5411845f409c8e206f9a4","src/transport/windows/winapi.rs":"ddef8ac42179ec9b56b5b1b76b65779fd8bb09073d400504a16d450e70ad1fc9","src/u2fhid-capi.h":"30e37cbc746b682400fcddcede29527635d122fea01e21413e0b63bb58ba4d75","src/u2fprotocol.rs":"b8c8a71e7a79d61b694039ce31b0657a9e0d7fe2190c18feca09855a1cfa1cbd","src/u2ftypes.rs":"8511c6f04f69670ddd403178a46060644a27128ca4077a9a3e00bc6671e3864b","src/util.rs":"cf37c4c3caf6dde4fc3cf6f5f297ed3c0f13bcb50fb0e8955899fc837483ef31","src/virtualdevices/mod.rs":"2c7df7691d5c150757304241351612aed4260d65b70ab0f483edbc1a5cfb5674","src/virtualdevices/software_u2f.rs":"83e63c0c4a597e71d87b5cd1f33a49646d00b3062edbdd05c51623b80fb60168","src/virtualdevices/webdriver/mod.rs":"4a36e6dfa9f45f941d863b4039bfbcfa8eaca660bd6ed78aeb1a2962db64be5a","src/virtualdevices/webdriver/testtoken.rs":"7146e02f1a5dad2c8827dd11c12ee408c0e42a0706ac65f139998feffd42570f","src/virtualdevices/webdriver/virtualmanager.rs":"7205a0397833628fc0847aa942a6a314dc1e23306858b546053e0de6a360ebe1","src/virtualdevices/webdriver/web_api.rs":"9032525af458b6fe9a3274c36b6ef8c791ecc4ec46d38ae36583fc9a4535b59d","testing/cross/powerpc64le-unknown-linux-gnu.Dockerfile":"d7463ff4376e3e0ca3fed879fab4aa975c4c0a3e7924c5b88aef9381a5d013de","testing/cross/x86_64-unknown-linux-gnu.Dockerfile":"11c79c04b07a171b0c9b63ef75fa75f33263ce76e3c1eda0879a3e723ebd0c24","testing/run_cross.sh":"cc2a7e0359f210eba2e7121f81eb8ab0125cea6e0d0f2698177b0fe2ad0c33d8","webdriver-tools/requirements.txt":"8236aa3dedad886f213c9b778fec80b037212d30e640b458984110211d546005","webdriver-tools/webdriver-driver.py":"82327c26ba271d1689acc87b612ab8436cb5475f0a3c0dba7baa06e7f6f5e19c"},"package":"6314be6c155338119771d3e4b853232aa01c435c10434c960e3e66276f43bc6e"} \ No newline at end of file +{"files":{"Cargo.lock":"75f6e7b8ef5859ddabf20fb31c5abe41ea2b76001ff2b359d512f728cb289886","Cargo.toml":"ded2f28df2fe8dae02e4f5c20a1a5390fe8721736bbbaf352385f029c878d193","Cross.toml":"8d132da818d48492aa9f4b78a348f0df3adfae45d988d42ebd6be8a5adadb6c3","LICENSE":"e866c8f5864d4cacfe403820e722e9dc03fe3c7565efa5e4dad9051d827bb92a","README.md":"c87d9c7cc44f1dd4ef861a3a9f8cd2eb68aedd3814768871f5fb63c2070806cd","build.rs":"01092254718e4cd5d6bffcd64d55cc3240dc00e79f3d7344a5dc4abf6c27bca6","examples/ctap1.rs":"a2d1a830ae2b3e16088ebf51db271ccee3671b70d94ec4c29890bd76c04eaac0","examples/ctap2.rs":"b91219ee12149945fff57cdd32f5494df85734d0010493edc36516d71636c8d6","examples/ctap2_discoverable_creds.rs":"8b53c46d057b24f477369adb8bf57eaaf0e400aace871e48d56272fdca5c7b14","examples/main.rs":"896d2ffe0889c36852b7ec4d6ad97b61fedc2231432e39fa6c6d87b0147434dc","examples/reset.rs":"be4c29737f356a2a9644d1b5fff0717b6d64a4b6d20d976085b4b165ec2a2377","examples/set_pin.rs":"94e93f170dc232d8fca896b2aa4969afd108428e206db84db7e17f0697fcf837","examples/test_exclude_list.rs":"08a49c900de3fb51de5566e6c4a41b34c77854ad20b6a0e1baf54e625ba8e31b","rustfmt.toml":"ceb6615363d6fff16426eb56f5727f98a7f7ed459ba9af735b1d8b672e2c3b9b","src/authenticatorservice.rs":"35cfca6e3e8258bd012b5e18c79db84ebdfbc3d7a49616ec05eb1d381f7b9c2b","src/capi.rs":"10f574423e52df873558dad25be350d5f23a99d4949b7eadcf91737cd33e3c69","src/consts.rs":"d7b274ec55e56a8d2c150df28e23d72a7379e5bd7257d53d63c2a7b59ab90800","src/crypto/dummy.rs":"3abe45ca14e8b5cb8e2661375d6a8c8ccc333c23577d1c34ec3fce292ef9f2b9","src/crypto/mod.rs":"d2e53a8bc2dc16186fe2c81022133aa8c11d04e7e6adb498778d376bb552c418","src/crypto/nss.rs":"49f23b6b54a046a2273bbd4992164226eb97b683dd37d7b1668e4db1e6d9a984","src/crypto/openssl.rs":"e5fdb8701daedec5b26e727be8ac4200ed27ffa4bea3bfb2b9da1d7e24b53195","src/crypto/ring.rs":"dd93b8bfafd1c35c7f23b66fb4881b884a60c7fcff964ae8966ff260e283b7c2","src/ctap2-capi.h":"bed059ee94251d9f81ed20419f48ae74eae45bec476d28a9aa5bb26aad2d0e8b","src/ctap2/attestation.rs":"e2e638c94ce942ef4cc8afa5f40fccfac98c5bf72a4ce88e46738c7f8f75725c","src/ctap2/client_data.rs":"26465221bdafc615beabdae62709aa6c193504aac3581d4c8f1d7914abe04465","src/ctap2/commands/client_pin.rs":"e49ee05c44e3a366f4bd9f78254f12f895bbb36adbf2c3b58355ddb907a11067","src/ctap2/commands/get_assertion.rs":"4806472e6ef4af00807d06a0a5f61f30110ab5cf258fa131fd6f98c03b7273b8","src/ctap2/commands/get_info.rs":"2e66b6ab18394ef89d3cb65b13ac165b95f1e48a55d3cec9d52a3c5db0ade994","src/ctap2/commands/get_next_assertion.rs":"1120b0301197ada11751c4c42fc0a4147368ec5427f62da3868347567d28ba3a","src/ctap2/commands/get_version.rs":"fba3f73b9d07bedaa1fc3cd7f7ef27b6113e38a1fe6d353cb12f7af73997f5cc","src/ctap2/commands/make_credentials.rs":"f85a8c9507c097ecac94860866cca60dd5ba4035b98d9b776b66f0cc856dd01d","src/ctap2/commands/mod.rs":"9562f5612d466299717f91c3b0a4e52f629a62359a01bd3654048242c605511a","src/ctap2/commands/reset.rs":"95dac8a400f66fb4725a3850a06d6b605ffc99bec4a90ca302a6e8f21deb48d8","src/ctap2/commands/selection.rs":"a2a4b2e30df1923c296f7ac3a8d38cfcac7c231669cfc39babcb7b02fac7cdee","src/ctap2/mod.rs":"672c581502ac6d1417d0fe42a92ef86b1f1d64799f48061b3d9ac026e35fb69d","src/ctap2/server.rs":"0eaefc392a34c84929b6992baecd7abe08521b3e6058e1187656a6fbfb03e9a6","src/ctap2/utils.rs":"ad0aa36a0dbeb510b7f37789329f1957eab206eb529dc083e6176b142984e26e","src/ctap2_capi.rs":"aa116118fc2aa0020f196540b57bce2daf5741ebe9cbf773de0d2916d5c44828","src/errors.rs":"dd5c61fd7a77b6be3875120ae7708bbcf3f4daaf924ae17b67d256a49f326d29","src/lib.rs":"511c78d7c8f89fb56888f16c1517ee2124e58b1392dff7e88652ef4ea0ddab02","src/manager.rs":"2f02ab57fabc5bf47edae1afd357b4600f3f4ec1f556914014d6e562cbfdda0d","src/statecallback.rs":"6b16f97176db1ae3fc3851fe8394e4ffc324bc6fe59313845ac3a88132fd52f1","src/statemachine.rs":"76732b696943e4e2f77170847d24ef3327a207a93bba171a0340cd917b15e37d","src/status_update.rs":"dfa74e57838d25cb6eb594314ce3affaf633a377b462342f0dcb9c528413db1f","src/transport/device_selector.rs":"a3e07b555a2d7ed8ccc7fbc061448e13860bbe069232196bb9825a992378635a","src/transport/errors.rs":"5af7cb8d22ffa63bf4264d182a0f54b9b3a2cc9d19d832b3495857229f9a2875","src/transport/freebsd/device.rs":"0568825a1e07d09fef33b14b7ad1d1702392cba9a12ad18562dd9d396d4cf49b","src/transport/freebsd/mod.rs":"42dcb57fbeb00140003a8ad39acac9b547062b8f281a3fa5deb5f92a6169dde6","src/transport/freebsd/monitor.rs":"a6b34af4dd2e357a5775b1f3a723766107c11ef98dba859b1188ed08e0e450a2","src/transport/freebsd/transaction.rs":"bd65fce8864be95839d7918f0fecc065f907265e0ce5411845f409c8e206f9a4","src/transport/freebsd/uhid.rs":"a194416a8bc5d428c337f8d96a2248769ca190810852bbe5ee686ab595d8eb4c","src/transport/hid.rs":"6bfd64d28568a40b7cb872ed5931df78497543713c0552829ed9c02c60713b73","src/transport/hidproto.rs":"9d490f161807b75f4d7d5096355006627c1f47c0d90fca53bade3692efc92a2d","src/transport/linux/device.rs":"921dfe64c7c6fe8a175b0a6b36d34ff9be95421ef9eb65630678976f96913b7b","src/transport/linux/hidraw.rs":"c7a0df9b4e51cb2736218ffffa02b2b2547b7c515d69f9bae2c9a8c8f1cb547b","src/transport/linux/hidwrapper.h":"72785db3a9b27ea72b6cf13a958fee032af54304522d002f56322473978a20f9","src/transport/linux/hidwrapper.rs":"753c7459dbb73befdd186b6269ac33f7a4537b4c935928f50f2b2131756e787d","src/transport/linux/ioctl_aarch64le.rs":"2d8b265cd39a9f46816f83d5a5df0701c13eb842bc609325bad42ce50add3bf0","src/transport/linux/ioctl_armle.rs":"2d8b265cd39a9f46816f83d5a5df0701c13eb842bc609325bad42ce50add3bf0","src/transport/linux/ioctl_mips64le.rs":"fbda309934ad8bda689cd4fb5c0ca696fe26dedb493fe9d5a5322c3047d474fd","src/transport/linux/ioctl_mipsbe.rs":"fbda309934ad8bda689cd4fb5c0ca696fe26dedb493fe9d5a5322c3047d474fd","src/transport/linux/ioctl_mipsle.rs":"fbda309934ad8bda689cd4fb5c0ca696fe26dedb493fe9d5a5322c3047d474fd","src/transport/linux/ioctl_powerpc64be.rs":"fbda309934ad8bda689cd4fb5c0ca696fe26dedb493fe9d5a5322c3047d474fd","src/transport/linux/ioctl_powerpc64le.rs":"fbda309934ad8bda689cd4fb5c0ca696fe26dedb493fe9d5a5322c3047d474fd","src/transport/linux/ioctl_powerpcbe.rs":"fbda309934ad8bda689cd4fb5c0ca696fe26dedb493fe9d5a5322c3047d474fd","src/transport/linux/ioctl_riscv64.rs":"2d8b265cd39a9f46816f83d5a5df0701c13eb842bc609325bad42ce50add3bf0","src/transport/linux/ioctl_s390xbe.rs":"2d8b265cd39a9f46816f83d5a5df0701c13eb842bc609325bad42ce50add3bf0","src/transport/linux/ioctl_x86.rs":"2d8b265cd39a9f46816f83d5a5df0701c13eb842bc609325bad42ce50add3bf0","src/transport/linux/ioctl_x86_64.rs":"2d8b265cd39a9f46816f83d5a5df0701c13eb842bc609325bad42ce50add3bf0","src/transport/linux/mod.rs":"446e435126d2a58f167f648dd95cba28e8ac9c17f1f799e1eaeab80ea800fc57","src/transport/linux/monitor.rs":"5e3ec2618dd74027ae6ca1527991254e3271cce59106d4920ce0414094e22f64","src/transport/linux/transaction.rs":"bd65fce8864be95839d7918f0fecc065f907265e0ce5411845f409c8e206f9a4","src/transport/macos/device.rs":"823162e7514df64b1e11d372fe2b9ba443f46a9ba3326344937d8e6d0c35ee28","src/transport/macos/iokit.rs":"7dc4e7bbf8e42e2fcde0cee8e48d14d6234a5a910bd5d3c4e966d8ba6b73992f","src/transport/macos/mod.rs":"333e561554fc901d4f6092f6e4c85823e2b0c4ff31c9188d0e6d542b71a0a07c","src/transport/macos/monitor.rs":"e02288454bb4010e06b705d82646abddb3799f0cd655f574aa19f9d91485a4a2","src/transport/macos/transaction.rs":"b034104484c6864668425bbd4499540c3117b0de2e80b0b03ee452d00323ed50","src/transport/mock/device.rs":"36ab98fd323a88b45ac460333692f97fe47b74b23e2fbb770cf8a41094d9c795","src/transport/mock/mod.rs":"9c4c87efd19adddc1a91c699a6c328063cfbac5531b76346a5ff92e986aded8f","src/transport/mock/transaction.rs":"be3ed8c389dfa04122364b82515edd76fad6f5d5f72d15cacd45a84fb8397292","src/transport/mod.rs":"ca532b7f262e7bbff844970b92872c07b8cdd0d9035802cd54d6fbb6e51db381","src/transport/netbsd/device.rs":"e194a809f0ab5b7f377e647e11857d38c57355a0b896394bc836abfee36796af","src/transport/netbsd/fd.rs":"5464019025d03ea2a39c82f76b238bbbdb0ea63f5a5fc7c9d974e235139cd53b","src/transport/netbsd/mod.rs":"b1c52aa29537330cebe67427062d6c94871cab2a9b0c04b2305d686f07e88fd5","src/transport/netbsd/monitor.rs":"fb2917e4ba53cc9867987a539061f82d011f4c6e478df1157d965d32df2eb922","src/transport/netbsd/transaction.rs":"bd65fce8864be95839d7918f0fecc065f907265e0ce5411845f409c8e206f9a4","src/transport/netbsd/uhid.rs":"d15be35e2413240066a8f086bb8846b08a6a92bf6a1941c3eec1329dd3a4f9ce","src/transport/openbsd/device.rs":"acbc028ed1eed3bdff13c424baf6015e153f3b7847c2bb7f203c19e253e9950e","src/transport/openbsd/mod.rs":"514274d414042ff84b3667a41a736e78581e22fda87ccc97c2bc05617e381a30","src/transport/openbsd/monitor.rs":"2e0ba6ecc69b450be9cbfd21a7c65036ed2ce593b12363596d3eae0b5bfb79e8","src/transport/openbsd/transaction.rs":"bd65fce8864be95839d7918f0fecc065f907265e0ce5411845f409c8e206f9a4","src/transport/stub/device.rs":"a9d5c42e60a16a5e2b11a5922a8c7b2b47928790e0894fd022c68d766d853721","src/transport/stub/mod.rs":"6a7fec504a52d403b0241b18cd8b95088a31807571f4c0a67e4055afc74f4453","src/transport/stub/transaction.rs":"a3dbea5ccf691cff69278ed8a8ba67d27baba0ea2e1c6a53c9b0b04027283221","src/transport/windows/device.rs":"657019bcf21e9edd7a1e2716dd1ba342532909aae43299b6abfb365a09a53860","src/transport/windows/mod.rs":"218e7f2fe91ecb390c12bba5a5ffdad2c1f0b22861c937f4d386262e5b3dd617","src/transport/windows/monitor.rs":"57fe53862ce1d077811008aedc54f9bbf319adce6834d6e66f53a73760c314ff","src/transport/windows/transaction.rs":"bd65fce8864be95839d7918f0fecc065f907265e0ce5411845f409c8e206f9a4","src/transport/windows/winapi.rs":"ddef8ac42179ec9b56b5b1b76b65779fd8bb09073d400504a16d450e70ad1fc9","src/u2fhid-capi.h":"30e37cbc746b682400fcddcede29527635d122fea01e21413e0b63bb58ba4d75","src/u2fprotocol.rs":"b8c8a71e7a79d61b694039ce31b0657a9e0d7fe2190c18feca09855a1cfa1cbd","src/u2ftypes.rs":"8511c6f04f69670ddd403178a46060644a27128ca4077a9a3e00bc6671e3864b","src/util.rs":"cf37c4c3caf6dde4fc3cf6f5f297ed3c0f13bcb50fb0e8955899fc837483ef31","src/virtualdevices/mod.rs":"2c7df7691d5c150757304241351612aed4260d65b70ab0f483edbc1a5cfb5674","src/virtualdevices/software_u2f.rs":"83e63c0c4a597e71d87b5cd1f33a49646d00b3062edbdd05c51623b80fb60168","src/virtualdevices/webdriver/mod.rs":"4a36e6dfa9f45f941d863b4039bfbcfa8eaca660bd6ed78aeb1a2962db64be5a","src/virtualdevices/webdriver/testtoken.rs":"7146e02f1a5dad2c8827dd11c12ee408c0e42a0706ac65f139998feffd42570f","src/virtualdevices/webdriver/virtualmanager.rs":"7205a0397833628fc0847aa942a6a314dc1e23306858b546053e0de6a360ebe1","src/virtualdevices/webdriver/web_api.rs":"9032525af458b6fe9a3274c36b6ef8c791ecc4ec46d38ae36583fc9a4535b59d","testing/cross/powerpc64le-unknown-linux-gnu.Dockerfile":"d7463ff4376e3e0ca3fed879fab4aa975c4c0a3e7924c5b88aef9381a5d013de","testing/cross/x86_64-unknown-linux-gnu.Dockerfile":"11c79c04b07a171b0c9b63ef75fa75f33263ce76e3c1eda0879a3e723ebd0c24","testing/run_cross.sh":"cc2a7e0359f210eba2e7121f81eb8ab0125cea6e0d0f2698177b0fe2ad0c33d8","webdriver-tools/requirements.txt":"8236aa3dedad886f213c9b778fec80b037212d30e640b458984110211d546005","webdriver-tools/webdriver-driver.py":"82327c26ba271d1689acc87b612ab8436cb5475f0a3c0dba7baa06e7f6f5e19c"},"package":"2238116278e3a069a5148ce1efaa73d750a0d7341e011235a0ddb3e7079cb1be"} \ No newline at end of file diff --git a/third_party/rust/authenticator/Cargo.lock b/third_party/rust/authenticator/Cargo.lock index b154ace067508..1ab0a572e670f 100644 --- a/third_party/rust/authenticator/Cargo.lock +++ b/third_party/rust/authenticator/Cargo.lock @@ -39,7 +39,7 @@ dependencies = [ [[package]] name = "authenticator" -version = "0.4.0-alpha.9" +version = "0.4.0-alpha.10" dependencies = [ "assert_matches", "base64", @@ -183,9 +183,9 @@ checksum = "ec8a7b6a70fde80372154c65702f00a0f56f3e1c36abbc6c440484be248856db" [[package]] name = "cc" -version = "1.0.74" +version = "1.0.76" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "581f5dba903aac52ea3feb5ec4810848460ee833876f1f9b0fdeab1f19091574" +checksum = "76a284da2e6fe2092f2353e51713435363112dfd60030e22add80be333fb928f" [[package]] name = "cexpr" @@ -551,9 +551,9 @@ checksum = "9a3a5bfb195931eeb336b2a7b4d761daec841b97f947d34394601737a7bba5e4" [[package]] name = "hyper" -version = "0.14.23" +version = "0.14.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "034711faac9d2166cb1baf1a2fb0b60b1f277f8492fd72176c17f3515e1abd3c" +checksum = "02c929dc5c39e335a03c405292728118860721b10190d98c2a0f0efd5baafbac" dependencies = [ "bytes 1.2.1", "futures-channel", @@ -631,15 +631,15 @@ checksum = "830d08ce1d1d941e6b30645f1a0eb5643013d835ce3779a5fc208261dbe10f55" [[package]] name = "libc" -version = "0.2.137" +version = "0.2.136" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fc7fcc620a3bff7cdd7a365be3376c97191aeaccc2a603e600951e452615bf89" +checksum = "55edcf6c0bb319052dea84732cf99db461780fd5e8d3eb46ab6ff312ab31f197" [[package]] name = "libloading" -version = "0.7.4" +version = "0.7.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b67380fd3b2fbe7527a606e18729d21c6f3951633d0500574c4dc22d2d638b9f" +checksum = "efbc0f03f9a775e9f6aed295c6a1ba2253c5757a9e03d55c6caa46a681abcddd" dependencies = [ "cfg-if", "winapi", @@ -784,9 +784,9 @@ dependencies = [ [[package]] name = "num_cpus" -version = "1.14.0" +version = "1.13.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f6058e64324c71e02bc2b150e4f3bc8286db6c83092132ffa3f6b1eab0f9def5" +checksum = "19e64526ebdee182341572e50e9ad03965aa510cd94427a4549448f285e957a1" dependencies = [ "hermit-abi", "libc", @@ -794,9 +794,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.16.0" +version = "1.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "86f0b0d4bf799edbc74508c1e8bf170ff5f41238e5f8225603ca7caaae2b7860" +checksum = "e82dad04139b71a90c080c8463fe0dc7902db5192d939bd0950f074d014339e1" [[package]] name = "openssl" @@ -892,15 +892,15 @@ dependencies = [ [[package]] name = "pkg-config" -version = "0.3.26" +version = "0.3.25" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6ac9a59f73473f1b8d852421e59e64809f025994837ef743615c6d0c5b305160" +checksum = "1df8c4ec4b0627e53bdf214615ad287367e482558cf84b109250b37464dc03ae" [[package]] name = "ppv-lite86" -version = "0.2.17" +version = "0.2.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de" +checksum = "eb9f9e6e233e5c4a35559a617bf40a4ec447db2e84c20b55a6f83167b7e57872" [[package]] name = "proc-macro2" @@ -967,9 +967,9 @@ dependencies = [ [[package]] name = "regex" -version = "1.7.0" +version = "1.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e076559ef8e241f2ae3479e36f97bd5741c0330689e217ad51ce2c76808b868a" +checksum = "4c4eb3267174b8c6c2f654116623910a0fef09c4753f8dd83db29c48a0df988b" dependencies = [ "aho-corasick", "memchr", @@ -978,9 +978,9 @@ dependencies = [ [[package]] name = "regex-syntax" -version = "0.6.28" +version = "0.6.27" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "456c603be3e8d448b072f410900c09faf164fbce2d480456f50eea6e25f9c848" +checksum = "a3f87b73ce11b1619a3c6332f45341e0047173771e8b8b73f87bfeefb7b56244" [[package]] name = "remove_dir_all" @@ -1051,9 +1051,9 @@ checksum = "ef703b7cb59335eae2eb93ceb664c0eb7ea6bf567079d843e09420219668e072" [[package]] name = "scoped-tls" -version = "1.0.1" +version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e1cf6437eb19a8f4a6cc0f7dca544973b0b78843adbfeb3683d1a94a0024a294" +checksum = "ea6a9290e3c9cf0f18145ef7ffa62d68ee0bf5fcd651017e586dc7fd5da448c2" [[package]] name = "serde" @@ -1119,9 +1119,9 @@ dependencies = [ [[package]] name = "sha-1" -version = "0.10.1" +version = "0.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f5058ada175748e33390e40e872bd0fe59a19f265d0158daa551c5a88a76009c" +checksum = "028f48d513f9678cda28f6e4064755b3fbb2af6acd672f2c209b62323f7aea0f" dependencies = [ "cfg-if", "cpufeatures", @@ -1285,9 +1285,9 @@ dependencies = [ [[package]] name = "tokio-macros" -version = "1.8.2" +version = "1.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d266c00fde287f55d3f1c3e96c500c362a2b8c695076ec180f27918820bc6df8" +checksum = "9724f9a975fb987ef7a3cd9be0350edcbe130698af5b8f7a631e23d42d052484" dependencies = [ "proc-macro2", "quote", diff --git a/third_party/rust/authenticator/Cargo.toml b/third_party/rust/authenticator/Cargo.toml index 0720bda4583ad..4888c55743850 100644 --- a/third_party/rust/authenticator/Cargo.toml +++ b/third_party/rust/authenticator/Cargo.toml @@ -12,7 +12,7 @@ [package] edition = "2018" name = "authenticator" -version = "0.4.0-alpha.9" +version = "0.4.0-alpha.10" authors = [ "J.C. Jones ", "Tim Taubert ", diff --git a/third_party/rust/authenticator/src/consts.rs b/third_party/rust/authenticator/src/consts.rs index 24fe2687c47b6..2055e8d1bbfaf 100644 --- a/third_party/rust/authenticator/src/consts.rs +++ b/third_party/rust/authenticator/src/consts.rs @@ -130,16 +130,6 @@ bitflags! { } } -impl Capability { - pub fn has_fido1(self) -> bool { - !self.contains(Capability::NMSG) - } - - pub fn has_fido2(self) -> bool { - self.contains(Capability::CBOR) - } -} - // Low-level error codes. Return as negatives. pub const ERR_NONE: u8 = 0x00; // No error diff --git a/third_party/rust/authenticator/src/statemachine.rs b/third_party/rust/authenticator/src/statemachine.rs index a8978b787c8f9..5f36611261bbb 100644 --- a/third_party/rust/authenticator/src/statemachine.rs +++ b/third_party/rust/authenticator/src/statemachine.rs @@ -308,6 +308,7 @@ impl StateMachineCtap2 { info: DeviceBuildParameters, selector: &Sender, ctap2_only: bool, + keep_alive: &dyn Fn() -> bool, ) -> Option { // Create a new device. let mut dev = match Device::new(info) { @@ -349,9 +350,16 @@ impl StateMachineCtap2 { .send(DeviceSelectorEvent::ImAToken((write_only_clone, tx))) .ok()?; + // We can be cancelled from the user (through keep_alive()) or from the device selector + // (through a DeviceCommand::Cancel on rx). We'll combine those signals into a single + // predicate to pass to Device::block_and_blink. + let keep_blinking = || { + keep_alive() && !matches!(rx.try_recv(), Ok(DeviceCommand::Cancel)) + }; + // Blocking recv. DeviceSelector will tell us what to do match rx.recv() { - Ok(DeviceCommand::Blink) => match dev.block_and_blink() { + Ok(DeviceCommand::Blink) => match dev.block_and_blink(&keep_blinking) { BlinkResult::DeviceSelected => { // User selected us. Let DeviceSelector know, so it can cancel all other // outstanding open blink-requests. @@ -364,6 +372,10 @@ impl StateMachineCtap2 { return None; } }, + Ok(DeviceCommand::Cancel) => { + info!("Device {:?} was not selected", dev.id()); + return None; + } Ok(DeviceCommand::Removed) => { info!("Device {:?} was removed", dev.id()); return None; @@ -448,8 +460,8 @@ impl StateMachineCtap2 { timeout, cbc.clone(), status, - move |info, selector, status, _alive| { - let mut dev = match Self::init_and_select(info, &selector, false) { + move |info, selector, status, alive| { + let mut dev = match Self::init_and_select(info, &selector, false, alive) { None => { return; } @@ -505,7 +517,7 @@ impl StateMachineCtap2 { debug!("------------------------------------------------------------------"); debug!("{:?}", makecred); debug!("------------------------------------------------------------------"); - let resp = dev.send_msg(&makecred); + let resp = dev.send_msg_cancellable(&makecred, alive); if resp.is_ok() { send_status( &status, @@ -557,8 +569,8 @@ impl StateMachineCtap2 { timeout, callback.clone(), status, - move |info, selector, status, _alive| { - let mut dev = match Self::init_and_select(info, &selector, false) { + move |info, selector, status, alive| { + let mut dev = match Self::init_and_select(info, &selector, false, alive) { None => { return; } @@ -607,14 +619,17 @@ impl StateMachineCtap2 { debug!("{:?}", getassertion); debug!("------------------------------------------------------------------"); - let mut resp = dev.send_msg(&getassertion); + let mut resp = dev.send_msg_cancellable(&getassertion, alive); if resp.is_err() { // Retry with a different RP ID if one was supplied. This is intended to be // used with the AppID provided in the WebAuthn FIDO AppID extension. if let Some(alternate_rp_id) = getassertion.alternate_rp_id { - getassertion.rp = RelyingPartyWrapper::Data(RelyingParty{id: alternate_rp_id, ..Default::default()}); + getassertion.rp = RelyingPartyWrapper::Data(RelyingParty { + id: alternate_rp_id, + ..Default::default() + }); getassertion.alternate_rp_id = None; - resp = dev.send_msg(&getassertion); + resp = dev.send_msg_cancellable(&getassertion, alive); } } if resp.is_ok() { @@ -682,9 +697,9 @@ impl StateMachineCtap2 { timeout, callback.clone(), status, - move |info, selector, status, _alive| { + move |info, selector, status, alive| { let reset = Reset {}; - let mut dev = match Self::init_and_select(info, &selector, true) { + let mut dev = match Self::init_and_select(info, &selector, true, alive) { None => { return; } @@ -696,7 +711,7 @@ impl StateMachineCtap2 { debug!("{:?}", reset); debug!("------------------------------------------------------------------"); - let resp = dev.send_cbor(&reset); + let resp = dev.send_cbor_cancellable(&reset, alive); if resp.is_ok() { send_status( &status, @@ -745,8 +760,8 @@ impl StateMachineCtap2 { timeout, callback.clone(), status, - move |info, selector, status, _alive| { - let mut dev = match Self::init_and_select(info, &selector, true) { + move |info, selector, status, alive| { + let mut dev = match Self::init_and_select(info, &selector, true, alive) { None => { return; } @@ -793,7 +808,7 @@ impl StateMachineCtap2 { &new_pin, ) .map_err(HIDError::Command) - .and_then(|msg| dev.send_cbor(&msg)) + .and_then(|msg| dev.send_cbor_cancellable(&msg, alive)) .map_err(AuthenticatorError::HIDError) .map_err(|e| repackage_pin_errors(&mut dev, e)); @@ -819,7 +834,7 @@ impl StateMachineCtap2 { } else { SetNewPin::new(&authinfo, &shared_secret, &new_pin) .map_err(HIDError::Command) - .and_then(|msg| dev.send_cbor(&msg)) + .and_then(|msg| dev.send_cbor_cancellable(&msg, alive)) .map_err(AuthenticatorError::HIDError) }; callback.call(res); diff --git a/third_party/rust/authenticator/src/transport/device_selector.rs b/third_party/rust/authenticator/src/transport/device_selector.rs index 181509e143698..c754b54461764 100644 --- a/third_party/rust/authenticator/src/transport/device_selector.rs +++ b/third_party/rust/authenticator/src/transport/device_selector.rs @@ -21,6 +21,7 @@ pub enum BlinkResult { #[derive(Debug, Clone, Copy, PartialEq, Eq)] pub enum DeviceCommand { Blink, + Cancel, Continue, Removed, } @@ -190,10 +191,11 @@ impl DeviceSelector { } fn cancel_all(tokens: HashMap>, exclude: Option<&DeviceID>) { - tokens - .into_keys() - .filter(|x| exclude.map_or(true, |y| y != &x.id())) - .for_each(|mut dev| dev.cancel().unwrap()); // TODO + for (dev, tx) in tokens.iter() { + if Some(&dev.id()) != exclude { + let _ = tx.send(DeviceCommand::Cancel); + } + } } pub fn stop(&mut self) { diff --git a/third_party/rust/authenticator/src/transport/hid.rs b/third_party/rust/authenticator/src/transport/hid.rs index 90f40526ae1ae..ed81e88ac105c 100644 --- a/third_party/rust/authenticator/src/transport/hid.rs +++ b/third_party/rust/authenticator/src/transport/hid.rs @@ -1,4 +1,4 @@ -use crate::consts::{HIDCmd, CID_BROADCAST}; +use crate::consts::{Capability, HIDCmd, CID_BROADCAST}; use crate::crypto::ECDHSecret; use crate::ctap2::commands::get_info::AuthenticatorInfo; use crate::transport::{errors::HIDError, Nonce}; @@ -32,6 +32,16 @@ where fn get_shared_secret(&self) -> Option<&ECDHSecret>; fn clone_device_as_write_only(&self) -> Result; + fn supports_ctap1(&self) -> bool { + // CAPABILITY_NMSG: + // If set to 1, authenticator DOES NOT implement U2FHID_MSG function + !self.get_device_info().cap_flags.contains(Capability::NMSG) + } + + fn supports_ctap2(&self) -> bool { + self.get_device_info().cap_flags.contains(Capability::CBOR) + } + // Initialize on a protocol-level fn initialize(&mut self, noncecmd: Nonce) -> Result<(), HIDError> { if self.initialized() { @@ -49,7 +59,7 @@ where // Send Init to broadcast address to create a new channel self.set_cid(CID_BROADCAST); - let (cmd, raw) = self.sendrecv(HIDCmd::Init, &nonce)?; + let (cmd, raw) = self.sendrecv(HIDCmd::Init, &nonce, &|| true)?; if cmd != HIDCmd::Init { return Err(HIDError::DeviceError); } @@ -84,15 +94,37 @@ where Ok(()) } - fn sendrecv(&mut self, cmd: HIDCmd, send: &[u8]) -> io::Result<(HIDCmd, Vec)> { + fn sendrecv( + &mut self, + cmd: HIDCmd, + send: &[u8], + keep_alive: &dyn Fn() -> bool, + ) -> io::Result<(HIDCmd, Vec)> { let cmd: u8 = cmd.into(); self.u2f_write(cmd, send)?; loop { let (cmd, data) = self.u2f_read()?; if cmd != HIDCmd::Keepalive { - break Ok((cmd, data)); + return Ok((cmd, data)); + } + // The authenticator might send us HIDCmd::Keepalive messages indefinitely, e.g. if + // it's waiting for user presence. The keep_alive function is used to cancel the + // transaction. + if !keep_alive() { + break; } } + + // If this is a CTAP2 device we can tell the authenticator to cancel the transaction on its + // side as well. There's nothing to do for U2F/CTAP1 devices. + if self.supports_ctap2() { + self.u2f_write(u8::from(HIDCmd::Cancel), &[])?; + } + // For CTAP2 devices we expect to read + // (HIDCmd::Cbor, [CTAP2_ERR_KEEPALIVE_CANCEL]) + // for U2F/CTAP1 we expect to read + // (HIDCmd::Keepalive, [status]). + self.u2f_read() } fn u2f_write(&mut self, cmd: u8, send: &[u8]) -> io::Result<()> { @@ -127,10 +159,4 @@ where trace!("u2f_read({:?}) cmd={:?}: {:04X?}", self.id(), cmd, &data); Ok((cmd, data)) } - - fn cancel(&mut self) -> Result<(), HIDError> { - let cancel: u8 = HIDCmd::Cancel.into(); - self.u2f_write(cancel, &[])?; - Ok(()) - } } diff --git a/third_party/rust/authenticator/src/transport/mod.rs b/third_party/rust/authenticator/src/transport/mod.rs index 31b6da247c001..af0857fb6b98d 100644 --- a/third_party/rust/authenticator/src/transport/mod.rs +++ b/third_party/rust/authenticator/src/transport/mod.rs @@ -1,4 +1,4 @@ -use crate::consts::{Capability, HIDCmd}; +use crate::consts::HIDCmd; use crate::crypto::ECDHSecret; use crate::ctap2::commands::client_pin::{GetKeyAgreement, PinAuth}; @@ -76,18 +76,38 @@ pub enum Nonce { // but the goal is to remove U2FDevice entirely and copy over the trait-definition here pub trait FidoDevice: HIDDevice { fn send_msg>(&mut self, msg: &Req) -> Result { + self.send_msg_cancellable(msg, &|| true) + } + + fn send_cbor(&mut self, msg: &Req) -> Result { + self.send_cbor_cancellable(msg, &|| true) + } + + fn send_ctap1(&mut self, msg: &Req) -> Result { + self.send_ctap1_cancellable(msg, &|| true) + } + + fn send_msg_cancellable>( + &mut self, + msg: &Req, + keep_alive: &dyn Fn() -> bool, + ) -> Result { if !self.initialized() { return Err(HIDError::DeviceNotInitialized); } if self.supports_ctap2() && msg.is_ctap2_request() { - self.send_cbor(msg) + self.send_cbor_cancellable(msg, keep_alive) } else { - self.send_ctap1(msg) + self.send_ctap1_cancellable(msg, keep_alive) } } - fn send_cbor(&mut self, msg: &Req) -> Result { + fn send_cbor_cancellable( + &mut self, + msg: &Req, + keep_alive: &dyn Fn() -> bool, + ) -> Result { debug!("sending {:?} to {:?}", msg, self); let mut data = msg.wire_format(self)?; @@ -98,7 +118,7 @@ pub trait FidoDevice: HIDDevice { buf.append(&mut data); let buf = buf; - let (cmd, resp) = self.sendrecv(HIDCmd::Cbor, &buf)?; + let (cmd, resp) = self.sendrecv(HIDCmd::Cbor, &buf, keep_alive)?; debug!( "got from Device {:?} status={:?}: {:?}", self.id(), @@ -112,12 +132,17 @@ pub trait FidoDevice: HIDDevice { } } - fn send_ctap1(&mut self, msg: &Req) -> Result { + fn send_ctap1_cancellable( + &mut self, + msg: &Req, + keep_alive: &dyn Fn() -> bool, + ) -> Result { debug!("sending {:?} to {:?}", msg, self); let (data, add_info) = msg.ctap1_format(self)?; - loop { - let (cmd, mut data) = self.sendrecv(HIDCmd::Msg, &data)?; + while keep_alive() { + // sendrecv will not block with a CTAP1 device + let (cmd, mut data) = self.sendrecv(HIDCmd::Msg, &data, &|| true)?; debug!( "got from Device {:?} status={:?}: {:?}", self.id(), @@ -146,6 +171,11 @@ pub trait FidoDevice: HIDDevice { return Err(HIDError::UnexpectedCmd(cmd.into())); } } + + Err(HIDError::Command(CommandError::StatusCode( + StatusCode::KeepaliveCancel, + None, + ))) } // This is ugly as we have 2 init-functions now, but the fastest way currently. @@ -168,13 +198,13 @@ pub trait FidoDevice: HIDDevice { Ok(()) } - fn block_and_blink(&mut self) -> BlinkResult { + fn block_and_blink(&mut self, keep_alive: &dyn Fn() -> bool) -> BlinkResult { let supports_select_cmd = self .get_authenticator_info() .map_or(false, |i| i.versions.contains(&String::from("FIDO_2_1"))); let resp = if supports_select_cmd { let msg = Selection {}; - self.send_cbor(&msg) + self.send_cbor_cancellable(&msg, keep_alive) } else { // We need to fake a blink-request, because FIDO2.0 forgot to specify one // See: https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html#using-pinToken-in-authenticatorMakeCredential @@ -190,7 +220,7 @@ pub trait FidoDevice: HIDDevice { msg.set_pin_auth(Some(PinAuth::empty_pin_auth()), None); info!("Trying to blink: {:?}", &msg); // We don't care about the Ok-value, just if it is Ok or not - self.send_msg(&msg).map(|_| ()) + self.send_msg_cancellable(&msg, keep_alive).map(|_| ()) }; match resp { @@ -219,15 +249,6 @@ pub trait FidoDevice: HIDDevice { } } } - fn supports_ctap1(&self) -> bool { - // CAPABILITY_NMSG: - // If set to 1, authenticator DOES NOT implement U2FHID_MSG function - !self.get_device_info().cap_flags.contains(Capability::NMSG) - } - - fn supports_ctap2(&self) -> bool { - self.get_device_info().cap_flags.contains(Capability::CBOR) - } fn establish_shared_secret(&mut self) -> Result<(ECDHSecret, AuthenticatorInfo), HIDError> { if !self.supports_ctap2() { diff --git a/toolkit/library/rust/shared/Cargo.toml b/toolkit/library/rust/shared/Cargo.toml index 6f6006cbfd540..b6e1b6d8f3b04 100644 --- a/toolkit/library/rust/shared/Cargo.toml +++ b/toolkit/library/rust/shared/Cargo.toml @@ -39,7 +39,7 @@ tokio-reactor = { version = "=0.1.3", optional = true } # audioipc2-client and audioipc2-server. tokio-threadpool = { version = "=0.1.17", optional = true } encoding_glue = { path = "../../../../intl/encoding_glue" } -authenticator = { version = "0.4.0-alpha.9", features = ["gecko"] } +authenticator = { version = "0.4.0-alpha.10", features = ["gecko"] } gkrust_utils = { path = "../../../../xpcom/rust/gkrust_utils" } gecko_logger = { path = "../../../../xpcom/rust/gecko_logger" } rsdparsa_capi = { path = "../../../../dom/media/webrtc/sdp/rsdparsa_capi" }