Implement (initial) USB HID support for U2F Security Keys

NEW
Assigned to

Status

()

Core
DOM: Device Interfaces
P2
enhancement
10 months ago
5 days ago

People

(Reporter: jcj, Assigned: qdot)

Tracking

(Blocks: 2 bugs)

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [webauthn])

USB Human-Interface Device support is necessary for FIDO and WebAuthn USB token support. This is a redirection of Bug 1198330 which sought to implement this support by integrating the hidapi library into Gecko; :grobinson deemed that inappropriate, after experimentation, and so this bug is to implement per-platform hooks for the USB HID API for Gecko. This bug should implement a single platform, and further platforms should be follow-on bugs.

There is some initial work for OSX available here:
https://github.com/mozilla/gecko-dev/compare/master...garrettr:hid-stubs

Requirements:
* Device enumeration and add/remove listeners
* Enough feature discovery to detect FIDO U2F
* Send and Receive APDU methods
* Multiple device, multiple thread semantics
(Reporter)

Updated

10 months ago
Blocks: 1065729, 1245527
Apologies; the correct link for initial OSX native stubs is actually this one:

https://github.com/mozilla/gecko-dev/compare/master...garrettr:hid-native

Updated

10 months ago
Duplicate of this bug: 1198330
Hi :jcj,
I guess this is something around P2, i.e. planning to fix it in a few months/next release. Am I right?
Flags: needinfo?(jjones)
(In reply to Hsin-Yi Tsai [:hsinyi] from comment #3)
> Hi :jcj,
> I guess this is something around P2, i.e. planning to fix it in a few
> months/next release. Am I right?

That's correct. Marking P2.
Flags: needinfo?(jjones)
Priority: -- → P2
Assignee: nobody → kyle
qdot: Does this have a dependency on any UI that we need to plan for?
Flags: needinfo?(kyle)
No idea, I'm just doing the low level platform USB stuff. Forwarding to :jcj.
Flags: needinfo?(kyle) → needinfo?(jjones)
(In reply to Peter Dolanjski [:pdol] from comment #5)
> qdot: Does this have a dependency on any UI that we need to plan for?

No; U2F doesn't have a user-facing UI. The Relying Party provides prompts themselves, so no op for UI on our side. :)
Flags: needinfo?(jjones)
We occasionally get feedback about lack of FIDO support or similar:

https://twitter.com/DrSynAck/status/783957757053562880

While clearly the number of users who use these types of 2FA are small, they are also clearly lead users, potentially influential, and quite often involved in the security industry. P2 Sounds about right to me.
(In reply to J.C. Jones [:jcj] from comment #7)
> (In reply to Peter Dolanjski [:pdol] from comment #5)
> > qdot: Does this have a dependency on any UI that we need to plan for?
> 
> No; U2F doesn't have a user-facing UI. The Relying Party provides prompts
> themselves, so no op for UI on our side. :)

Great, carry on then :)
Whiteboard: [webauthn]
Summary: Implement (initial) USB HID support → Implement (initial) USB HID support for U2F Security Keys
Blocks: 1323339
No longer blocks: 1323339
Depends on: 1323339
You need to log in before you can comment on or make changes to this bug.