Fix for Bug 57985 r=ddrinan,hyatt a=hyatt

Implement the nsIEntropyCollector interface so that we can send entropy bits off to PSM to better improve the randomness of generated keys for SSL
2025-02-07 07:04:09 +00:00 · 2000-10-30 23:35:46 +00:00 · 2000-10-30 23:35:46 +00:00 · 05042507f6
commit 05042507f6
parent 805a910b76
3 changed files with 23 additions and 3 deletions
--- a/extensions/psm-glue/src/nsPSMComponent.cpp
+++ b/extensions/psm-glue/src/nsPSMComponent.cpp
@ -153,11 +153,12 @@ nsPSMComponent::RegisterCertContentListener()
 }

 /* nsISupports Implementation for the class */
-NS_IMPL_THREADSAFE_ISUPPORTS4(nsPSMComponent, 
+NS_IMPL_THREADSAFE_ISUPPORTS5(nsPSMComponent, 
                              nsIPSMComponent, 
                              nsISecurityManagerComponent,
                              nsIContentHandler,
-                              nsISignatureVerifier);
+                              nsISignatureVerifier,
+                              nsIEntropyCollector);

 #define INIT_NUM_PREFS 100
 /* preference types */
@ -1185,3 +1186,11 @@ nsPSMComponent::VerifySignature(const char* aRSABuf, PRUint32 aRSABufLen,
  return rv;
 }

+NS_IMETHODIMP
+nsPSMComponent::RandomUpdate(void *entropy, PRInt32 bufLen)
+{
+    if (mControl) {
+      CMT_RandomUpdate(mControl, entropy, bufLen);
+    }
+    return NS_OK;
+}
--- a/extensions/psm-glue/src/nsPSMComponent.h
+++ b/extensions/psm-glue/src/nsPSMComponent.h
@ -30,6 +30,7 @@

 #include "nsIContentHandler.h"
 #include "nsIURIContentListener.h"
+#include "nsIEntropyCollector.h"

 #define SECURITY_STRING_BUNDLE_URL "chrome://communicator/locale/security.properties"

@ -58,7 +59,8 @@ private:
 // Implementation of the PSM component interface.
 class nsPSMComponent : public nsIPSMComponent, 
                       public nsIContentHandler, 
-                       public nsISignatureVerifier
+                       public nsISignatureVerifier,
+                       public nsIEntropyCollector
 {
 public:
  NS_DEFINE_STATIC_CID_ACCESSOR( NS_PSMCOMPONENT_CID );
@ -71,6 +73,7 @@ public:
  NS_DECL_NSIPSMCOMPONENT
  NS_DECL_NSICONTENTHANDLER
  NS_DECL_NSISIGNATUREVERIFIER
+  NS_DECL_NSIENTROPYCOLLECTOR

  static NS_METHOD CreatePSMComponent(nsISupports* aOuter, REFNSIID aIID, void **aResult);
  nsresult RegisterCertContentListener();
--- a/extensions/psm-glue/src/nsPSMModule.cpp
+++ b/extensions/psm-glue/src/nsPSMModule.cpp
@ -44,6 +44,8 @@
 #include "nsCURILoader.h"
 #include "nsISupportsUtils.h"

+
+
 // Define SDR object constructor
 static NS_DEFINE_IID(kISupportsIID, NS_ISUPPORTS_IID);
 static NS_DEFINE_CID(kFormProcessorCID, NS_FORMPROCESSOR_CID); 
@ -171,6 +173,12 @@ static nsModuleComponentInfo components[] =
      NS_FORMPROCESSOR_CID,
      NS_FORMPROCESSOR_CONTRACTID,
      nsKeygenFormProcessor::Create
+    },
+    {
+      "Entropy Collector",
+      NS_ENTROPYCOLLECTOR_CID,
+      NS_ENTROPYCOLLECTOR_CONTRACTID,
+      nsPSMComponent::CreatePSMComponent      
    }
 };