Support WebAuthn Tokens for WebAuthn on Android

RESOLVED FIXED in Firefox 68

Status

()

enhancement
P2
normal
RESOLVED FIXED
2 years ago
7 days ago

People

(Reporter: jcj, Assigned: jcj)

Tracking

(Blocks 6 bugs)

Other Branch
mozilla68
All
Android
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(geckoview66 wontfix, firefox-esr60 wontfix, firefox66 wontfix, firefox67 wontfix, firefox68+ fixed)

Details

(Whiteboard: [webauthn][geckoview:fenix:m7], )

Attachments

(2 attachments)

Assignee

Description

2 years ago
Android just added native support for FIDO U2F token devices [1], so it is now easier to support this in Fennec.

There's two approaches in the current WebAuthn code to add more platforms / authenticator types: 

1. Implement another U2FTokenTransport that calls out to the OS as needed. 

2. Add Android support to the Rust u2f-hid-rs library that we're importing into Gecko in Bug 1388843.

I'm not familiar with Fennec enough to know which would be easier. I know there are some Rust FFI crates available for Android, so it might be relatively straightforward to at least pull in Bluetooth HID on Fennec that way.

[1] https://developers.google.com/identity/fido/android/native-apps
Assignee

Comment 1

2 years ago
We'll probably just want to do this in Rust; I've filed https://github.com/jcjones/u2f-hid-rs/issues/42 to track it in the Rust lib.

Comment 2

a year ago
Using the Android Api might get users support for more transports than upgrading the rust library?
https://developers.google.com/android/reference/com/google/android/gms/fido/common/Transport

The Android API supports BT, BT_LE, NFC and USB.
https://developers.google.com/android/reference/com/google/android/gms/fido/common/Transport

:nalexander could you please take a look?
Flags: needinfo?(nalexander)
(In reply to Axel Nennker from comment #2)
> Using the Android Api might get users support for more transports than
> upgrading the rust library?
> https://developers.google.com/android/reference/com/google/android/gms/fido/
> common/Transport
> 
> The Android API supports BT, BT_LE, NFC and USB.
> https://developers.google.com/android/reference/com/google/android/gms/fido/
> common/Transport
> 
> :nalexander could you please take a look?

Hi Axel!  Sorry, I can't spend any time on this -- I've long since moved off the Fennec project.  I just do some build system stuff for Fennec now.

I agree that an implementation based off the Android API would be better than re-implementing everything in Rust, but given resourcing for Fennec now, I don't think an implementation based on the Android API will happen any time soon.  Sorry :(
Flags: needinfo?(nalexander)
no reviews needed yet, just a WIP
Attachment #8973658 - Attachment description: wip → Bug 1391438 - Support U2F Tokens for WebAuthn on Android
Assignee

Updated

9 months ago
Depends on: target-android-o
Assignee

Updated

3 months ago
Component: DOM: Device Interfaces → DOM: Web Authentication
Assignee

Comment 5

3 months ago

The APIs involved here give us CTAP2 (FIDO2) support

Hardware: Unspecified → All
Summary: Support U2F Tokens for WebAuthn on Android → Support WebAuthn Tokens for WebAuthn on Android
Attachment #8973658 - Attachment description: Bug 1391438 - Support U2F Tokens for WebAuthn on Android → Bug 1391438 - Support FIDO2 for WebAuthn on Android
Assignee

Updated

3 months ago
Duplicate of this bug: 1521735
Whiteboard: [webauthn] → [webauthn][geckoview:fenix:p3]
Priority: P3 → P2
Whiteboard: [webauthn][geckoview:fenix:p3] → [webauthn][geckoview:fenix:p2]

Adding [geckoview:fenix:m7] whiteboard tag because we should figure out our WebAuthn plans in Q2.

Whiteboard: [webauthn][geckoview:fenix:p2] → [webauthn][geckoview:fenix:m7]
Assignee

Updated

15 days ago
Blocks: 1550116
Assignee

Updated

15 days ago
Blocks: 1550164
Assignee

Updated

14 days ago
Blocks: 1550603
Assignee

Updated

14 days ago
Blocks: 1550625
Assignee

Updated

13 days ago
Blocks: 1550788
Assignee

Updated

13 days ago
Assignee: nobody → jjones
Status: NEW → ASSIGNED

Comment 9

13 days ago
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/192ba11153b4
Move GECKOBUNDLE macros into their own header r=snorp
https://hg.mozilla.org/integration/autoland/rev/d8e0bfeb5fa3
Support FIDO2 for WebAuthn on Android r=snorp,keeler

Comment 10

13 days ago
bugherder
Status: ASSIGNED → RESOLVED
Last Resolved: 13 days ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla68
Assignee

Updated

10 days ago
Blocks: 1551229
Assignee

Updated

10 days ago
Blocks: 1551230
Depends on: 1551297
Assignee

Updated

7 days ago
Regressions: 1552152
You need to log in before you can comment on or make changes to this bug.