mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-25 13:51:41 +00:00
Bug 1346299 - Remove Telemetry Probe: KEYGEN_GENERATED_KEY_TYPE r=jcj,keeler
Removed the probe in Histogram.json and the code related to it in nsKeygenHandler.cpp MozReview-Commit-ID: E8lGbx19e2C --HG-- extra : rebase_source : ef958749e6ad2e2b617fd1efdd09cdd3185bef18
This commit is contained in:
parent
8c5524fc2e
commit
a8f1cea361
@ -8,7 +8,6 @@
|
||||
#include "cryptohi.h"
|
||||
#include "keyhi.h"
|
||||
#include "mozilla/Assertions.h"
|
||||
#include "mozilla/Telemetry.h"
|
||||
#include "nsIContent.h"
|
||||
#include "nsIDOMHTMLSelectElement.h"
|
||||
#include "nsIGenKeypairInfoDlg.h"
|
||||
@ -66,7 +65,7 @@ typedef struct curveNameTagPairStr {
|
||||
} CurveNameTagPair;
|
||||
|
||||
static CurveNameTagPair nameTagPair[] =
|
||||
{
|
||||
{
|
||||
{ "prime192v1", SEC_OID_ANSIX962_EC_PRIME192V1 },
|
||||
{ "prime192v2", SEC_OID_ANSIX962_EC_PRIME192V2 },
|
||||
{ "prime192v3", SEC_OID_ANSIX962_EC_PRIME192V3 },
|
||||
@ -157,7 +156,7 @@ DecodeECParams(const char* curve)
|
||||
|
||||
if (curve && *curve) {
|
||||
numCurves = sizeof(nameTagPair)/sizeof(CurveNameTagPair);
|
||||
for (i = 0; ((i < numCurves) && (curveOidTag == SEC_OID_UNKNOWN));
|
||||
for (i = 0; ((i < numCurves) && (curveOidTag == SEC_OID_UNKNOWN));
|
||||
i++) {
|
||||
if (PL_strcmp(curve, nameTagPair[i].curveName) == 0)
|
||||
curveOidTag = nameTagPair[i].curveOidTag;
|
||||
@ -165,7 +164,7 @@ DecodeECParams(const char* curve)
|
||||
}
|
||||
|
||||
/* Return nullptr if curve name is not recognized */
|
||||
if ((curveOidTag == SEC_OID_UNKNOWN) ||
|
||||
if ((curveOidTag == SEC_OID_UNKNOWN) ||
|
||||
(oidData = SECOID_FindOIDByTag(curveOidTag)) == nullptr) {
|
||||
return nullptr;
|
||||
}
|
||||
@ -176,9 +175,9 @@ DecodeECParams(const char* curve)
|
||||
return nullptr;
|
||||
}
|
||||
|
||||
/*
|
||||
/*
|
||||
* ecparams->data needs to contain the ASN encoding of an object ID (OID)
|
||||
* representing the named curve. The actual OID is in
|
||||
* representing the named curve. The actual OID is in
|
||||
* oidData->oid.data so we simply prepend 0x06 and OID length
|
||||
*/
|
||||
ecparams->data[0] = SEC_ASN1_OBJECT_ID;
|
||||
@ -191,9 +190,9 @@ DecodeECParams(const char* curve)
|
||||
NS_IMPL_ISUPPORTS(nsKeygenFormProcessor, nsIFormProcessor)
|
||||
|
||||
nsKeygenFormProcessor::nsKeygenFormProcessor()
|
||||
{
|
||||
{
|
||||
m_ctx = new PipUIContext();
|
||||
}
|
||||
}
|
||||
|
||||
nsKeygenFormProcessor::~nsKeygenFormProcessor()
|
||||
{
|
||||
@ -307,7 +306,7 @@ GetSlotWithMechanism(uint32_t aMechanism, nsIInterfaceRequestor* m_ctx,
|
||||
*aSlot = nullptr;
|
||||
|
||||
// Get the slot
|
||||
slotList = PK11_GetAllTokens(MapGenMechToAlgoMech(aMechanism),
|
||||
slotList = PK11_GetAllTokens(MapGenMechToAlgoMech(aMechanism),
|
||||
true, true, m_ctx);
|
||||
if (!slotList || !slotList->head) {
|
||||
rv = NS_ERROR_FAILURE;
|
||||
@ -340,7 +339,7 @@ GetSlotWithMechanism(uint32_t aMechanism, nsIInterfaceRequestor* m_ctx,
|
||||
if (tokenNameList[i])
|
||||
i++;
|
||||
else {
|
||||
// OOM. adjust numSlots so we don't free unallocated memory.
|
||||
// OOM. adjust numSlots so we don't free unallocated memory.
|
||||
numSlots = i;
|
||||
PK11_FreeSlotListElement(slotList, slotElement);
|
||||
rv = NS_ERROR_OUT_OF_MEMORY;
|
||||
@ -394,54 +393,6 @@ loser:
|
||||
return rv;
|
||||
}
|
||||
|
||||
|
||||
void
|
||||
GatherKeygenTelemetry(uint32_t keyGenMechanism, int keysize, char* curve)
|
||||
{
|
||||
if (keyGenMechanism == CKM_RSA_PKCS_KEY_PAIR_GEN) {
|
||||
if (keysize > 8196 || keysize < 0) {
|
||||
return;
|
||||
}
|
||||
|
||||
nsCString telemetryValue("rsa");
|
||||
telemetryValue.AppendPrintf("%d", keysize);
|
||||
mozilla::Telemetry::Accumulate(
|
||||
mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, telemetryValue);
|
||||
} else if (keyGenMechanism == CKM_EC_KEY_PAIR_GEN) {
|
||||
nsCString secp384r1 = NS_LITERAL_CSTRING("secp384r1");
|
||||
nsCString secp256r1 = NS_LITERAL_CSTRING("secp256r1");
|
||||
|
||||
mozilla::UniqueSECItem decoded = DecodeECParams(curve);
|
||||
if (!decoded) {
|
||||
switch (keysize) {
|
||||
case 2048:
|
||||
mozilla::Telemetry::Accumulate(
|
||||
mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, secp384r1);
|
||||
break;
|
||||
case 1024:
|
||||
case 512:
|
||||
mozilla::Telemetry::Accumulate(
|
||||
mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, secp256r1);
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
if (secp384r1.EqualsIgnoreCase(curve, secp384r1.Length())) {
|
||||
mozilla::Telemetry::Accumulate(
|
||||
mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, secp384r1);
|
||||
} else if (secp256r1.EqualsIgnoreCase(curve, secp256r1.Length())) {
|
||||
mozilla::Telemetry::Accumulate(
|
||||
mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, secp256r1);
|
||||
} else {
|
||||
mozilla::Telemetry::Accumulate(
|
||||
mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, NS_LITERAL_CSTRING("other_ec"));
|
||||
}
|
||||
}
|
||||
} else {
|
||||
MOZ_CRASH("Unknown keygen algorithm");
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
nsresult
|
||||
nsKeygenFormProcessor::GetPublicKey(const nsAString& aValue,
|
||||
const nsAString& aChallenge,
|
||||
@ -525,17 +476,17 @@ nsKeygenFormProcessor::GetPublicKey(const nsAString& aValue,
|
||||
params = &rsaParams;
|
||||
break;
|
||||
case CKM_EC_KEY_PAIR_GEN:
|
||||
/* XXX We ought to rethink how the KEYGEN tag is
|
||||
/* XXX We ought to rethink how the KEYGEN tag is
|
||||
* displayed. The pulldown selections presented
|
||||
* to the user must depend on the keytype.
|
||||
* The displayed selection could be picked
|
||||
* from the keyparams attribute (this is currently called
|
||||
* the pqg attribute).
|
||||
* For now, we pick ecparams from the keyparams field
|
||||
* if it specifies a valid supported curve, or else
|
||||
* if it specifies a valid supported curve, or else
|
||||
* we pick one of secp384r1, secp256r1 or secp192r1
|
||||
* respectively depending on the user's selection
|
||||
* (High, Medium, Low).
|
||||
* (High, Medium, Low).
|
||||
* (RSA uses RSA-2048, RSA-1024 and RSA-512 for historical
|
||||
* reasons, while ECC choices represent a stronger mapping)
|
||||
* NOTE: The user's selection
|
||||
@ -559,7 +510,7 @@ nsKeygenFormProcessor::GetPublicKey(const nsAString& aValue,
|
||||
case 512:
|
||||
ecParams = DecodeECParams("secp256r1");
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
MOZ_ASSERT(ecParams);
|
||||
params = ecParams.get();
|
||||
@ -616,7 +567,7 @@ nsKeygenFormProcessor::GetPublicKey(const nsAString& aValue,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if (NS_FAILED(rv) || !privateKey) {
|
||||
goto loser;
|
||||
}
|
||||
@ -680,7 +631,6 @@ nsKeygenFormProcessor::GetPublicKey(const nsAString& aValue,
|
||||
|
||||
rv = NS_OK;
|
||||
|
||||
GatherKeygenTelemetry(keyGenMechanism, keysize, keyparamsString);
|
||||
loser:
|
||||
if (srv != SECSuccess) {
|
||||
if ( privateKey ) {
|
||||
@ -729,12 +679,12 @@ nsKeygenFormProcessor::ExtractParams(nsIDOMHTMLElement* aElement,
|
||||
|
||||
aElement->GetAttribute(NS_LITERAL_STRING("pqg"),
|
||||
keyParamsValue);
|
||||
/* XXX We can still support the pqg attribute in the keygen
|
||||
* tag for backward compatibility while introducing a more
|
||||
/* XXX We can still support the pqg attribute in the keygen
|
||||
* tag for backward compatibility while introducing a more
|
||||
* general attribute named keyparams.
|
||||
*/
|
||||
if (keyParamsValue.IsEmpty()) {
|
||||
aElement->GetAttribute(NS_LITERAL_STRING("keyparams"),
|
||||
aElement->GetAttribute(NS_LITERAL_STRING("keyparams"),
|
||||
keyParamsValue);
|
||||
}
|
||||
|
||||
@ -751,7 +701,7 @@ nsKeygenFormProcessor::ProcessValue(nsIDOMHTMLElement* aElement,
|
||||
nsAutoString keyParamsValue;
|
||||
ExtractParams(aElement, challengeValue, keyTypeValue, keyParamsValue);
|
||||
|
||||
return GetPublicKey(aValue, challengeValue, keyTypeValue,
|
||||
return GetPublicKey(aValue, challengeValue, keyTypeValue,
|
||||
aValue, keyParamsValue);
|
||||
}
|
||||
|
||||
@ -770,7 +720,7 @@ nsresult
|
||||
nsKeygenFormProcessor::ProvideContent(const nsAString& aFormType,
|
||||
nsTArray<nsString>& aContent,
|
||||
nsAString& aAttribute)
|
||||
{
|
||||
{
|
||||
if (Compare(aFormType, NS_LITERAL_STRING("SELECT"),
|
||||
nsCaseInsensitiveStringComparator()) == 0) {
|
||||
|
||||
@ -780,5 +730,5 @@ nsKeygenFormProcessor::ProvideContent(const nsAString& aFormType,
|
||||
aAttribute.AssignLiteral("-mozilla-keygen");
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -2148,15 +2148,6 @@
|
||||
"releaseChannelCollection": "opt-out",
|
||||
"description": "The lifetime of accepted HTTPS server certificates, in weeks, up to 2 years. Bucket 105 is all end-entity HTTPS server certificates with a lifetime > 2 years."
|
||||
},
|
||||
"KEYGEN_GENERATED_KEY_TYPE": {
|
||||
"expires_in_version": "55",
|
||||
"alert_emails": ["seceng-telemetry@mozilla.com"],
|
||||
"kind": "count",
|
||||
"keyed": true,
|
||||
"releaseChannelCollection": "opt-out",
|
||||
"bug_numbers": [1191414,1284945],
|
||||
"description": "The number of times we generate a key via keygen, keyed on algorithm and keysize. Keys include RSA with key size (512, 1024, 2048, possibly others), secp384r1, secp256r1, and 'other_ec'."
|
||||
},
|
||||
"WEBSOCKETS_HANDSHAKE_TYPE": {
|
||||
"expires_in_version": "never",
|
||||
"kind": "enumerated",
|
||||
|
Loading…
Reference in New Issue
Block a user