Closed Bug 1958771 Opened 1 year ago Closed 11 months ago

The "authenticatorId" is handles as a uint64 while the specification uses a non-null string made using up to 48 characters

Tracking

()

Status:

RESOLVED FIXED

Milestone:

140 Branch

Tracking Flags:

Tracking

Status

firefox140

---

fixed

People

(Reporter: whimboo, Assigned: jschanck)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

Bug 1958771 - align WebAuthn virtual authenticator `authenticatorId` with the specification. r=keeler 11 months ago John Schanck [:jschanck] 48 bytes, text/x-phabricator-request		Details \| Review

Henrik Skupin [:whimboo][⌚️UTC+1]

Reporter

Description

•

1 year ago

I noticed this issue when investigating bug 1957746. As per the WebAuthn specification the authenticatorId is a:

An non-null string made using up to 48 characters from the unreserved production defined in Appendix A of [RFC3986] that uniquely identifies the Virtual Authenticator.

But in our implementation it has a uint64_t type:
https://searchfox.org/mozilla-central/rev/e600058b50ddb4932be63d5a8926fb154398b679/dom/webauthn/nsIWebAuthnService.idl#94,105,110

As Dana mentioned on bug 1957746 comment 5 the specification may have changed after we implemented it but it was never corrected.

BugBot [:suhaib / :marco/ :calixte]

Comment 1

•

11 months ago

The severity field is not set for this bug.
:jschanck, could you have a look please?

For more information, please visit BugBot documentation.

Flags: needinfo?(jschanck)

John Schanck [:jschanck]

Assignee

Updated

•

11 months ago

Severity: -- → S3

Flags: needinfo?(jschanck)

Priority: -- → P3

John Schanck [:jschanck]

Assignee

Comment 2

•

11 months ago

Attached file Bug 1958771 - align WebAuthn virtual authenticator `authenticatorId` with the specification. r=keeler — Details

Phabricator Automation

Updated

•

11 months ago

Assignee: nobody → jschanck

Status: NEW → ASSIGNED

Pulsebot

Comment 3

•

11 months ago

Pushed by jschanck@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/a029116ae05a align WebAuthn virtual authenticator `authenticatorId` with the specification. r=keeler,webdriver-reviewers,whimboo

Narcis Beleuzu [:NarcisB]

Comment 4

•

11 months ago

Backed out for bustages on MacOSWebAuthnService.mm

Backout link: https://hg-edge.mozilla.org/integration/autoland/rev/48fb21b04e65401ad4eab1e77e98a5717d2ad9cf
Log link: https://treeherder.mozilla.org/logviewer?job_id=505858049&repo=autoland&lineNumber=26235

There were also bustages on WinWebAuthnService.cpp

Flags: needinfo?(jschanck)

Pulsebot

Comment 5

•

11 months ago

Pushed by jschanck@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/089c146c218a align WebAuthn virtual authenticator `authenticatorId` with the specification. r=keeler,webdriver-reviewers,whimboo

Sebastian Hengst [:aryx] (needinfo me if it's about an intermittent or backout)

Comment 6

•

11 months ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/089c146c218a

Status: ASSIGNED → RESOLVED

Closed: 11 months ago

status-firefox140: --- → fixed

Resolution: --- → FIXED

Target Milestone: --- → 140 Branch

John Schanck [:jschanck]

Assignee

Updated

•

11 months ago

Flags: needinfo?(jschanck)

Camelia Badau [:cbadau], Desktop Test Engineering

Updated

•

10 months ago

QA Whiteboard: [qa-triage-done-c141/b140]

You need to log in before you can comment on or make changes to this bug.

Bugzilla

The "authenticatorId" is handles as a uint64 while the specification uses a non-null string made using up to 48 characters

Categories

(Core :: DOM: Web Authentication, defect, P3)

Tracking

()

People

(Reporter: whimboo, Assigned: jschanck)

References

(Blocks 1 open bug)

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Comment 1

Updated

Comment 2

Updated

Comment 3

Comment 4

Comment 5

Comment 6

Updated

Updated

Attachment

General

Description

File Name

Content Type