Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2025-02-27 12:50:09 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1364991 - Make U2FTokenManager use const where possible r=qdot

Browse Source 
The U2F Soft Token, due to its usage of NSS, has to have const values be
marked non-const - but no such limitation should exist for other implementations
of U2F, so this patch moves the const_cast-ing from the U2FTokenManager-level
down to the U2FSoftTokenManager, where it is actually necessary.

Credit to Axel Nennker for this patch.

MozReview-Commit-ID: Kw6zfTDI3GL

--HG--
extra : rebase_source : 90e31e2da9e021043509653a476ddaae03078e55
This commit is contained in:
Axel Nennker 2017-05-22 16:40:29 -07:00
parent 83f7ba6396
commit 9738486c01
6 changed files with 30 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
dom/webauthn/U2FSoftTokenManager.cpp
View File

@ -582,8 +582,8 @@ U2FSoftTokenManager::IsCompatibleVersion(const nsAString& aVersion)
// IsRegistered determines if the provided key handle is usable by this token.
nsresult
U2FSoftTokenManager::IsRegistered(nsTArray<uint8_t>& aKeyHandle,
nsTArray<uint8_t>& aAppParam,
U2FSoftTokenManager::IsRegistered(const nsTArray<uint8_t>& aKeyHandle,
const nsTArray<uint8_t>& aAppParam,
bool& aResult)
{
nsNSSShutDownPreventionLock locker;
@ -603,9 +603,9 @@ U2FSoftTokenManager::IsRegistered(nsTArray<uint8_t>& aKeyHandle,
// Decode the key handle
UniqueSECKEYPrivateKey privKey = PrivateKeyFromKeyHandle(slot, mWrappingKey,
aKeyHandle.Elements(),
const_cast<uint8_t*>(aKeyHandle.Elements()),
aKeyHandle.Length(),
aAppParam.Elements(),
const_cast<uint8_t*>(aAppParam.Elements()),
aAppParam.Length(),
locker);
aResult = privKey.get() != nullptr;
@ -632,8 +632,8 @@ U2FSoftTokenManager::IsRegistered(nsTArray<uint8_t>& aKeyHandle,
// * attestation signature
//
nsresult
U2FSoftTokenManager::Register(nsTArray<uint8_t>& aApplication,
nsTArray<uint8_t>& aChallenge,
U2FSoftTokenManager::Register(const nsTArray<uint8_t>& aApplication,
const nsTArray<uint8_t>& aChallenge,
/* out */ nsTArray<uint8_t>& aRegistration,
/* out */ nsTArray<uint8_t>& aSignature)
{
@ -676,7 +676,7 @@ U2FSoftTokenManager::Register(nsTArray<uint8_t>& aApplication,
// The key handle will be the result of keywrap(privKey, key=mWrappingKey)
UniqueSECItem keyHandleItem = KeyHandleFromPrivateKey(slot, mWrappingKey,
aApplication.Elements(),
const_cast<uint8_t*>(aApplication.Elements()),
aApplication.Length(),
privKey, locker);
if (NS_WARN_IF(!keyHandleItem.get())) {
@ -744,9 +744,9 @@ U2FSoftTokenManager::Register(nsTArray<uint8_t>& aApplication,
// * Signature
//
nsresult
U2FSoftTokenManager::Sign(nsTArray<uint8_t>& aApplication,
nsTArray<uint8_t>& aChallenge,
nsTArray<uint8_t>& aKeyHandle,
U2FSoftTokenManager::Sign(const nsTArray<uint8_t>& aApplication,
const nsTArray<uint8_t>& aChallenge,
const nsTArray<uint8_t>& aKeyHandle,
nsTArray<uint8_t>& aSignature)
{
nsNSSShutDownPreventionLock locker;
@ -777,9 +777,9 @@ U2FSoftTokenManager::Sign(nsTArray<uint8_t>& aApplication,
// Decode the key handle
UniqueSECKEYPrivateKey privKey = PrivateKeyFromKeyHandle(slot, mWrappingKey,
aKeyHandle.Elements(),
const_cast<uint8_t*>(aKeyHandle.Elements()),
aKeyHandle.Length(),
aApplication.Elements(),
const_cast<uint8_t*>(aApplication.Elements()),
aApplication.Length(),
locker);
if (NS_WARN_IF(!privKey.get())) {

14
dom/webauthn/U2FSoftTokenManager.h
View File

@ -24,16 +24,16 @@ class U2FSoftTokenManager final : public U2FTokenTransport,
{
public:
explicit U2FSoftTokenManager(uint32_t aCounter);
virtual nsresult Register(nsTArray<uint8_t>& aApplication,
nsTArray<uint8_t>& aChallenge,
virtual nsresult Register(const nsTArray<uint8_t>& aApplication,
const nsTArray<uint8_t>& aChallenge,
/* out */ nsTArray<uint8_t>& aRegistration,
/* out */ nsTArray<uint8_t>& aSignature) override;
virtual nsresult Sign(nsTArray<uint8_t>& aApplication,
nsTArray<uint8_t>& aChallenge,
nsTArray<uint8_t>& aKeyHandle,
virtual nsresult Sign(const nsTArray<uint8_t>& aApplication,
const nsTArray<uint8_t>& aChallenge,
const nsTArray<uint8_t>& aKeyHandle,
/* out */ nsTArray<uint8_t>& aSignature) override;
nsresult IsRegistered(nsTArray<uint8_t>& aKeyHandle,
nsTArray<uint8_t>& aAppParam,
nsresult IsRegistered(const nsTArray<uint8_t>& aKeyHandle,
const nsTArray<uint8_t>& aAppParam,
bool& aResult);
// For nsNSSShutDownObject

4
dom/webauthn/U2FTokenManager.cpp
View File

@ -168,7 +168,7 @@ U2FTokenManager::Cancel(const nsresult& aError)
void
U2FTokenManager::Register(WebAuthnTransactionParent* aTransactionParent,
WebAuthnTransactionInfo& aTransactionInfo)
const WebAuthnTransactionInfo& aTransactionInfo)
{
MOZ_LOG(gU2FTokenManagerLog, LogLevel::Debug, ("U2FAuthRegister"));
MOZ_ASSERT(U2FPrefManager::Get());
@ -229,7 +229,7 @@ U2FTokenManager::Register(WebAuthnTransactionParent* aTransactionParent,
void
U2FTokenManager::Sign(WebAuthnTransactionParent* aTransactionParent,
WebAuthnTransactionInfo& aTransactionInfo)
const WebAuthnTransactionInfo& aTransactionInfo)
{
MOZ_LOG(gU2FTokenManagerLog, LogLevel::Debug, ("U2FAuthSign"));
MOZ_ASSERT(U2FPrefManager::Get());

4
dom/webauthn/U2FTokenManager.h
View File

@ -45,9 +45,9 @@ public:
NS_INLINE_DECL_REFCOUNTING(U2FTokenManager)
static U2FTokenManager* Get();
void Register(WebAuthnTransactionParent* aTransactionParent,
WebAuthnTransactionInfo& aTransactionInfo);
const WebAuthnTransactionInfo& aTransactionInfo);
void Sign(WebAuthnTransactionParent* aTransactionParent,
WebAuthnTransactionInfo& aTransactionInfo);
const WebAuthnTransactionInfo& aTransactionInfo);
void MaybeClearTransaction(WebAuthnTransactionParent* aParent);
static void Initialize();
private:

10
dom/webauthn/U2FTokenTransport.h
View File

@ -21,13 +21,13 @@ class U2FTokenTransport
public:
NS_INLINE_DECL_REFCOUNTING(U2FTokenTransport);
U2FTokenTransport() {}
virtual nsresult Register(nsTArray<uint8_t>& aApplication,
nsTArray<uint8_t>& aChallenge,
virtual nsresult Register(const nsTArray<uint8_t>& aApplication,
const nsTArray<uint8_t>& aChallenge,
/* out */ nsTArray<uint8_t>& aRegistration,
/* out */ nsTArray<uint8_t>& aSignature) = 0;
virtual nsresult Sign(nsTArray<uint8_t>& aApplication,
nsTArray<uint8_t>& aChallenge,
nsTArray<uint8_t>& aKeyHandle,
virtual nsresult Sign(const nsTArray<uint8_t>& aApplication,
const nsTArray<uint8_t>& aChallenge,
const nsTArray<uint8_t>& aKeyHandle,
/* out */ nsTArray<uint8_t>& aSignature) = 0;
protected:
virtual ~U2FTokenTransport() = default;

6
dom/webauthn/WebAuthnTransactionParent.cpp
View File

@ -14,8 +14,7 @@ mozilla::ipc::IPCResult
WebAuthnTransactionParent::RecvRequestRegister(const WebAuthnTransactionInfo& aTransactionInfo)
{
U2FTokenManager* mgr = U2FTokenManager::Get();
// Cast away const here since NSS wants to be able to use non-const functions
mgr->Register(this, const_cast<WebAuthnTransactionInfo&>(aTransactionInfo));
mgr->Register(this, aTransactionInfo);
return IPC_OK();
}
@ -23,8 +22,7 @@ mozilla::ipc::IPCResult
WebAuthnTransactionParent::RecvRequestSign(const WebAuthnTransactionInfo& aTransactionInfo)
{
U2FTokenManager* mgr = U2FTokenManager::Get();
// Cast away const here since NSS wants to be able to use non-const functions
mgr->Sign(this, const_cast<WebAuthnTransactionInfo&>(aTransactionInfo));
mgr->Sign(this, aTransactionInfo);
return IPC_OK();
}