Bug 347926: remove arc4.js and friends from source tree

patch: use nsIStreamCipher
r=provos,sr=darin

toolkit/components/url-classifier/content/enchash-decrypter.js

@@ -64,7 +64,8 @@ function PROT_EnchashDecrypter() {
   this.REs_ = PROT_EnchashDecrypter.REs;
   this.hasher_ = new G_CryptoHasher();
   this.base64_ = new G_Base64();
-  this.rc4_ = new ARC4();
+  this.streamCipher_ = Cc["@mozilla.org/security/streamcipher;1"]
+                       .createInstance(Ci.nsIStreamCipher);
 }
 
 PROT_EnchashDecrypter.DATABASE_SALT = "oU3q.72p";
@@ -166,10 +167,16 @@ PROT_EnchashDecrypter.prototype.parseRegExps = function(data) {
 }
 
 PROT_EnchashDecrypter.prototype.getCanonicalHost = function(str) {
-  var urlObj = Cc["@mozilla.org/network/standard-url;1"]
-               .createInstance(Ci.nsIURL);
-  urlObj.spec = str;
-  var asciiHost = urlObj.asciiHost;
+  var ioservice = Cc["@mozilla.org/network/io-service;1"]
+                  .getService(Ci.nsIIOService);
+                  
+  var urlObj = ioservice.newURI(str, null, null);
+  var asciiHost = '';
+  try {
+    asciiHost = urlObj.asciiHost;
+  } catch (e) {
+    return asciiHost;
+  }
 
   var unescaped = this.hexDecode_(asciiHost);
 
@@ -290,24 +297,26 @@ PROT_EnchashDecrypter.prototype.getLookupKey = function(host) {
 }
 
 PROT_EnchashDecrypter.prototype.decryptData = function(data, host) {
+  // XXX: base 64 decoding should be done in C++
+  var asciiArray = this.base64_.decodeString(data);
+  var ascii = this.base64_.stringifyArray(asciiArray);
 
-  var ascii = this.base64_.decodeString(data);
   var random_salt = ascii.slice(0, PROT_EnchashDecrypter.SALT_LENGTH);
   var encrypted_data = ascii.slice(PROT_EnchashDecrypter.SALT_LENGTH);
-  var temp_decryption_key = 
-    this.base64_.arrayifyString(PROT_EnchashDecrypter.DATABASE_SALT);
-  temp_decryption_key = temp_decryption_key.concat(random_salt);
-  temp_decryption_key = 
-    temp_decryption_key.concat(this.base64_.arrayifyString(host));
-                               
+  var temp_decryption_key = PROT_EnchashDecrypter.DATABASE_SALT
+      + random_salt + host;
   this.hasher_.init(G_CryptoHasher.algorithms.MD5);
-  this.hasher_.updateFromArray(temp_decryption_key);
-  var decryption_key = this.base64_.arrayifyString(this.hasher_.digestRaw());
+  this.hasher_.updateFromString(temp_decryption_key);
 
-  this.rc4_.setKey(decryption_key, decryption_key.length);
-  this.rc4_.crypt(encrypted_data, encrypted_data.length);   // Works in-place
-  
-  return this.base64_.stringifyArray(encrypted_data);
+  var keyFactory = Cc["@mozilla.org/security/keyobjectfactory;1"]
+                   .getService(Ci.nsIKeyObjectFactory);
+  var key = keyFactory.keyFromString(Ci.nsIKeyObject.RC4,
+                                     this.hasher_.digestRaw());
+
+  this.streamCipher_.init(key);
+  this.streamCipher_.updateFromString(encrypted_data);
+
+  return this.streamCipher_.finish(false /* no base64 */);
 }
 
 #ifdef DEBUG

toolkit/components/url-classifier/content/js/arc4.js

@@ -1,125 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is Google Safe Browsing.
- *
- * The Initial Developer of the Original Code is Google Inc.
- * Portions created by the Initial Developer are Copyright (C) 2006
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Marius Schilder <mschilder@google.com> (original author)
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-
-/**
- * ARC4 streamcipher implementation
- * @constructor
- */
-function ARC4() {
-  this._S = new Array(256);
-  this._i = 0;
-  this._j = 0;
-}
-
-/**
- * Initialize the cipher for use with new key.
- * @param {byte[]} key is byte array containing key
- * @param {int} opt_length indicates # of bytes to take from key
- */
-ARC4.prototype.setKey = function(key, opt_length) {
-  if (!isArray(key)) {
-    throw new Error("Key parameter must be a byte array");
-  }
-
-  if (!opt_length) {
-    opt_length = key.length;
-  }
-
-  var S = this._S;
-
-  for (var i = 0; i < 256; ++i) {
-    S[i] = i;
-  }
-
-  var j = 0;
-  for (var i = 0; i < 256; ++i) {
-    j = (j + S[i] + key[i % opt_length]) & 255;
-
-    var tmp = S[i];
-    S[i] = S[j];
-    S[j] = tmp;
-  }
-    
-  this._i = 0;
-  this._j = 0;
-}
-
-/**
- * Discard n bytes of the keystream.
- * These days 1536 is considered a decent amount to drop to get
- * the key state warmed-up enough for secure usage.
- * This is not done in the constructor to preserve efficiency for
- * use cases that do not need this.
- * @param {int} n is # of bytes to disregard from stream
- */
-ARC4.prototype.discard = function(n) {
-  // To avoid strict JS warnings, we fill the array with values.
-  var devnul = [];
-  for (var i = 0; i < n; i++) {
-    devnul[i] = 0;
-  }
-  this.crypt(devnul);
-}
-
-/**
- * En- or decrypt (same operation for streamciphers like ARC4)
- * @param {byte[]} data gets xor-ed in place
- * @param {int} opt_length indicated # of bytes to crypt
- */
-ARC4.prototype.crypt = function(data, opt_length) {
-  if (!opt_length) {
-    opt_length = data.length;
-  }
-
-  var i = this._i;
-  var j = this._j;
-  var S = this._S;
-
-  for (var n = 0; n < opt_length; ++n) {
-    i = (i + 1) & 255;
-    j = (j + S[i]) & 255;
-
-    var tmp = S[i];
-    S[i] = S[j];
-    S[j] = tmp;
-
-    data[n] ^= S[(S[i] + S[j]) & 255];
-  }
-
-  this._i = i;
-  this._j = j;
-}

toolkit/components/url-classifier/content/url-crypto.js

@@ -62,7 +62,8 @@ function PROT_UrlCrypto() {
   this.debugZone = "urlcrypto";
   this.hasher_ = new G_CryptoHasher();
   this.base64_ = new G_Base64();
-  this.rc4_ = new ARC4();
+  this.streamCipher_ = Cc["@mozilla.org/security/streamcipher;1"]
+                       .createInstance(Ci.nsIStreamCipher);
 
   if (!this.manager_) {
     // Create a UrlCryptoKeyManager to reads keys from profile directory if
@@ -171,7 +172,7 @@ PROT_UrlCrypto.prototype.maybeCryptParams = function(params) {
   var encrypted = this.encryptV1(clientKeyArray, 
                                  this.VERSION,
                                  counter,
-                                 this.base64_.arrayifyString(queryString));
+                                 queryString);
 
   params = {};
   params[this.VERSION_QUERY_PARAM_NAME] = this.VERSION;
@@ -183,11 +184,9 @@ PROT_UrlCrypto.prototype.maybeCryptParams = function(params) {
 }
 
 /**
- * Encrypt something IN PLACE. Did you hear that? It works IN PLACE.
- * That is, it replaces the plaintext with ciphertext. It also returns
- * the websafe base64-encoded ciphertext. The client key is untouched.
+ * Encrypts text and returns a base64 string of the results.
  *
- * This method runs in about ~5ms on a 2Ghz P4. (Turn debugging off if
+ * This method runs in about ~2ms on a 2Ghz P4. (Turn debugging off if
  * you see it much slower).
  *
  * @param clientKeyArray Array of bytes (numbers in [0,255]) composing K_C
@@ -196,15 +195,14 @@ PROT_UrlCrypto.prototype.maybeCryptParams = function(params) {
  *
  * @param counter Number that acts as a nonce for this encryption
  *
- * @param inOutArray Array of plaintext bytes that will be replaced
- *                   with the array of ciphertext bytes
+ * @param text String to be encrypted
  *
  * @returns String containing the websafe base64-encoded ciphertext
  */
 PROT_UrlCrypto.prototype.encryptV1 = function(clientKeyArray,
                                               version, 
                                               counter,
-                                              inOutArray) {
+                                              text) {
 
   // We're a version1 encrypter, after all
   if (version != "1") 
@@ -212,15 +210,17 @@ PROT_UrlCrypto.prototype.encryptV1 = function(clientKeyArray,
 
   var key = this.deriveEncryptionKey(clientKeyArray, counter);
 
-  this.rc4_.setKey(key, key.length);
+  this.streamCipher_.init(key);
 
   if (this.RC4_DISCARD_BYTES > 0)
-    this.rc4_.discard(this.RC4_DISCARD_BYTES);
+    this.streamCipher_.discard(this.RC4_DISCARD_BYTES);
   
-  // The crypt() method works in-place
-  this.rc4_.crypt(inOutArray, inOutArray.length);
+  this.streamCipher_.updateFromString(text);
+
+  var encrypted = this.streamCipher_.finish(true /* base64 encoded */);
+  // The base64 version we get has new lines, we want to remove those.
   
-  return this.base64_.encodeByteArray(inOutArray, true /* websafe */);
+  return encrypted.replace(/\r\n/g, "");
 }
   
 /**
@@ -230,7 +230,7 @@ PROT_UrlCrypto.prototype.encryptV1 = function(clientKeyArray,
  *
  * @param count Number that acts as a nonce for this key
  *
- * @returns Array of bytes containing the encryption key
+ * @return nsIKeyObject
  */
 PROT_UrlCrypto.prototype.deriveEncryptionKey = function(clientKeyArray, 
                                                         count) {
@@ -249,7 +249,12 @@ PROT_UrlCrypto.prototype.deriveEncryptionKey = function(clientKeyArray,
   this.hasher_.updateFromArray(clientKeyArray);
   this.hasher_.updateFromArray(paddingArray);
 
-  return this.base64_.arrayifyString(this.hasher_.digestRaw());
+  // Create the nsIKeyObject
+  var keyFactory = Cc["@mozilla.org/security/keyobjectfactory;1"]
+                   .getService(Ci.nsIKeyObjectFactory);
+  var key = keyFactory.keyFromString(Ci.nsIKeyObject.RC4,
+                                     this.hasher_.digestRaw());
+  return key;
 }
 
 /**

toolkit/components/url-classifier/src/nsUrlClassifierLib.js

@@ -44,7 +44,6 @@ const Ci = Components.interfaces;
 const G_GDEBUG = false;
 
 // TODO: get rid of application.js and filesystem.js (not used much)
-#include ../content/js/arc4.js
 #include ../content/js/lang.js
 
 #include ../content/moz/preferences.js

toolkit/components/url-classifier/src/nsUrlClassifierTable.js

@@ -55,7 +55,6 @@ function Init() {
   modScope.G_Debug = jslib.G_Debug;
   modScope.G_CryptoHasher = jslib.G_CryptoHasher;
   modScope.G_Base64 = jslib.G_Base64;
-  modScope.ARC4 = jslib.ARC4;
   modScope.BindToObject = jslib.BindToObject;
 
   // We only need to call Init once.