Patch #1 of multiple. Add webauth .mojom and initial usage of makeCredential.

components/webauth/authenticator.mojom

+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+[JavaPackage="org.chromium.webauth.mojom"]
+module webauth.mojom;
+
+// This file describes the communication between the WebAuthentication renderer
+// implementation and browser-side implementations to create scoped credentials
+// and use already-created credentials to get assertions.
+// See https://w3c.github.io/webauthn/.
+
+// The public key and attestation that is returned by an authenticator's 
+// call to makeCredential.
+struct ScopedCredentialInfo {
+  array<uint8> client_data;
+  array<uint8> attestation;
+};
+
+// Information about the relying party and the user account held by that 
+// relying party. This information is used by the authenticator to create 
+// or retrieve an appropriate scoped credential for this account.
+struct RelyingPartyAccount {
+  string relying_party_display_name;

[ikilpatrick, 2017/04/24 22:11:44]

Did this get changed in the spec? \o/ ?

[kpaulhamus, 2017/04/25 00:03:08]

Welll.. it did... but this whole structure is actually getting changed again due
to the merge with the Cred Man API. All of that will come in follow-up CLs.

+  string display_name;
+  string id;
+  string name;
+  string image_url;
+};
+
+// Parameters that are used to generate an appropriate scoped credential.
+struct ScopedCredentialParameters {
+  ScopedCredentialType type;
+  // TODO(kpaulhamus): add AlgorithmIdentifier algorithm;
+};
+
+// Optional parameters that are used during makeCredential. 
+struct ScopedCredentialOptions {
+  int32 timeout_seconds;
+  string relying_party_id;
+  array<ScopedCredentialDescriptor> exclude_list;
+  // TODO(kpaulhamus): add Extensions
+};
+
+enum ScopedCredentialType {
+  SCOPEDCRED,
+};
+
+// Describes the credentials that the relying party already knows about for
+// the given account. If any of these are known to the authenticator, 
+// it should not create a new credential.
+struct ScopedCredentialDescriptor {
+  ScopedCredentialType type;
+  array<uint8> id;
+  array<Transport> transports;
+};
+
+enum Transport {
+  USB,
+  NFC,
+  BLE,
+};
+
+// Interface to direct authenticators to create or use a scoped credential.
+interface Authenticator {
+  // Gets the credential info for a new credential created by an authenticator
+  // for the given relying party and account. 
+  MakeCredential(RelyingPartyAccount account_information,
+                 array<ScopedCredentialParameters> crypto_parameters,
+                 array<uint8> attestation_challenge,
+                 ScopedCredentialOptions? options)
+      => (array<ScopedCredentialInfo> scoped_credentials);
+};