1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-22 22:38:08 +00:00

core/webauthn: Close U2F confirmation screen if browser stops polling for more than 3 seconds.

This commit is contained in:
Andrew Kozlik 2019-12-03 10:32:01 +01:00
parent 0b851d6959
commit 420a4b8ba7

View File

@ -110,13 +110,18 @@ _CLIENTPIN_SUBCMD_GET_KEY_AGREEMENT = const(0x02)
_CLIENTPIN_RESP_KEY_AGREEMENT = const(0x01) # COSE_Key, optional _CLIENTPIN_RESP_KEY_AGREEMENT = const(0x01) # COSE_Key, optional
# status codes for the keepalive cmd # status codes for the keepalive cmd
_KEEPALIVE_STATUS_NONE = const(0x00)
_KEEPALIVE_STATUS_PROCESSING = const(0x01) # still processing the current request _KEEPALIVE_STATUS_PROCESSING = const(0x01) # still processing the current request
_KEEPALIVE_STATUS_UP_NEEDED = const(0x02) # waiting for user presence _KEEPALIVE_STATUS_UP_NEEDED = const(0x02) # waiting for user presence
# time intervals and timeouts # time intervals and timeouts
_KEEPALIVE_INTERVAL_MS = const(80) # interval between keepalive commands _KEEPALIVE_INTERVAL_MS = const(80) # interval between keepalive commands
_CTAP_HID_TIMEOUT_MS = const(500) _CTAP_HID_TIMEOUT_MS = const(
_U2F_CONFIRM_TIMEOUT_MS = const(10 * 1000) 500
) # maximum interval between CTAP HID continuation frames
_U2F_CONFIRM_TIMEOUT_MS = const(
3 * 1000
) # maximum U2F pollling interval, Chrome uses 200 ms
_FIDO2_CONFIRM_TIMEOUT_MS = const(60 * 1000) _FIDO2_CONFIRM_TIMEOUT_MS = const(60 * 1000)
_POPUP_TIMEOUT_MS = const(4 * 1000) _POPUP_TIMEOUT_MS = const(4 * 1000)
@ -603,6 +608,10 @@ class U2fState(State, ConfirmInfo):
self._req_data = req_data self._req_data = req_data
self.load_icon(self._cred.rp_id_hash) self.load_icon(self._cred.rp_id_hash)
def keepalive_status(self) -> int:
# Run the keepalive loop to check for timeout, but do not send any keepalive messages.
return _KEEPALIVE_STATUS_NONE
def timeout_ms(self) -> int: def timeout_ms(self) -> int:
return _U2F_CONFIRM_TIMEOUT_MS return _U2F_CONFIRM_TIMEOUT_MS
@ -957,11 +966,12 @@ class DialogManager:
async def keepalive_loop(self) -> None: async def keepalive_loop(self) -> None:
try: try:
if not isinstance(self.state, Fido2State): if not isinstance(self.state, (U2fState, Fido2State)):
return return
while utime.ticks_ms() < self.deadline: while utime.ticks_ms() < self.deadline:
cmd = cmd_keepalive(self.state.cid, self.state.keepalive_status()) if self.state.keepalive_status() != _KEEPALIVE_STATUS_NONE:
await send_cmd(cmd, self.iface) cmd = cmd_keepalive(self.state.cid, self.state.keepalive_status())
await send_cmd(cmd, self.iface)
await loop.sleep(_KEEPALIVE_INTERVAL_MS * 1000) await loop.sleep(_KEEPALIVE_INTERVAL_MS * 1000)
finally: finally:
self.keepalive = None self.keepalive = None