mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-08 10:44:56 +00:00
Bug 1217694 - Signed package should come from the moz-package-origin specified in its manifest. r=valentin
This commit is contained in:
Jonathan Hao
parent
fc66d30a75
commit
b4855726e4
@ -24,7 +24,7 @@ interface nsIVerificationCallback;
|
||||
* https://wiki.mozilla.org/FirefoxOS/New_security_model/Packaging
|
||||
*/
|
||||
|
||||
[scriptable, uuid(edf91fee-ef4a-4479-9136-27eb3b7a6312)]
|
||||
[scriptable, uuid(2963609c-370b-4a76-9858-6f05121d0473)]
|
||||
interface nsIPackagedAppUtils : nsISupports
|
||||
{
|
||||
/**
|
||||
@ -55,6 +55,12 @@ interface nsIPackagedAppUtils : nsISupports
|
||||
* manifest is verified.
|
||||
*/
|
||||
readonly attribute ACString packageIdentifier;
|
||||
|
||||
/**
|
||||
* The moz-package-location in the manifest of this signed package.
|
||||
* Only available after the manifest is verified.
|
||||
*/
|
||||
readonly attribute ACString packageOrigin;
|
||||
};
|
||||
|
||||
/**
|
||||
|
||||
@ -14,6 +14,7 @@ const PACKAGEDAPPUTILS_CID = Components.ID("{fe8f1c2e-3c13-11e5-9a3f-bbf47d1e669
|
||||
|
||||
function PackagedAppUtils() {
|
||||
this.packageIdentifier = '';
|
||||
this.packageOrigin = '';
|
||||
}
|
||||
|
||||
var DEBUG = 0
|
||||
@ -49,19 +50,20 @@ PackagedAppUtils.prototype = {
|
||||
debug("Signature: " + signature);
|
||||
|
||||
try {
|
||||
// Base64 decode
|
||||
signature = atob(signature);
|
||||
|
||||
// Remove header
|
||||
let manifestBody = aManifest.substr(aManifest.indexOf('\r\n\r\n') + 4);
|
||||
debug("manifestBody: " + manifestBody);
|
||||
|
||||
// Parse manifest, store resource hashes
|
||||
let manifestObj = JSON.parse(manifestBody);
|
||||
this.resources = manifestObj["moz-resources"];
|
||||
this.packageIdentifier = manifestObj["package-identifier"];
|
||||
this.packageOrigin = manifestObj["moz-package-origin"];
|
||||
this.resources = manifestObj["moz-resources"];
|
||||
|
||||
// Base64 decode
|
||||
signature = atob(signature);
|
||||
} catch (e) {
|
||||
debug("JSON parsing failure");
|
||||
debug("Manifest parsing failure");
|
||||
aCallback.fireVerifiedEvent(true, false);
|
||||
return;
|
||||
}
|
||||
|
||||
@ -81,11 +81,13 @@ NS_IMETHODIMP PackagedAppVerifier::Init(nsIPackagedAppVerifierListener* aListene
|
||||
mIsFirstResource = true;
|
||||
mManifest = EmptyCString();
|
||||
|
||||
nsAutoCString originNoSuffix;
|
||||
OriginAttributes().PopulateFromOrigin(aPackageOrigin, originNoSuffix);
|
||||
mBypassVerification = (originNoSuffix ==
|
||||
OriginAttributes().PopulateFromOrigin(aPackageOrigin, mPackageOrigin);
|
||||
mBypassVerification = (mPackageOrigin ==
|
||||
Preferences::GetCString("network.http.signed-packages.trusted-origin"));
|
||||
|
||||
LOG(("mBypassVerification = %d\n", mBypassVerification));
|
||||
LOG(("mPackageOrigin = %s\n", mPackageOrigin.get()));
|
||||
|
||||
nsresult rv;
|
||||
mPackagedAppUtils = do_CreateInstance(NS_PACKAGEDAPPUTILS_CONTRACTID, &rv);
|
||||
if (NS_FAILED(rv)) {
|
||||
@ -359,6 +361,16 @@ PackagedAppVerifier::OnManifestVerified(bool aSuccess)
|
||||
LOG(("Developer mode! Treat junk signature valid."));
|
||||
}
|
||||
|
||||
if (aSuccess && !mSignature.IsEmpty()) {
|
||||
// Get the package location from the manifest
|
||||
nsAutoCString packageOrigin;
|
||||
mPackagedAppUtils->GetPackageOrigin(packageOrigin);
|
||||
if (packageOrigin != mPackageOrigin) {
|
||||
aSuccess = false;
|
||||
LOG(("moz-package-location doesn't match:\nFrom: %s\nManifest: %s\n", mPackageOrigin.get(), packageOrigin.get()));
|
||||
}
|
||||
}
|
||||
|
||||
// Only when the manifest verified and package has signature would we
|
||||
// regard this package is signed.
|
||||
mIsPackageSigned = aSuccess && !mSignature.IsEmpty();
|
||||
|
||||
@ -11,73 +11,71 @@ function handleRequest(request, response)
|
||||
|
||||
// The package content
|
||||
// getData formats it as described at http://www.w3.org/TR/web-packaging/#streamable-package-format
|
||||
var signedPackage = [
|
||||
"manifest-signature: MIIF1AYJKoZIhvcNAQcCoIIFxTCCBcECAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCCA54wggOaMIICgqADAgECAgECMA0GCSqGSIb3DQEBCwUAMHMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEkMCIGA1UEChMbRXhhbXBsZSBUcnVzdGVkIENvcnBvcmF0aW9uMRkwFwYDVQQDExBUcnVzdGVkIFZhbGlkIENBMB4XDTE1MDkxMDA4MDQzNVoXDTM1MDkxMDA4MDQzNVowdDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MSQwIgYDVQQKExtFeGFtcGxlIFRydXN0ZWQgQ29ycG9yYXRpb24xGjAYBgNVBAMTEVRydXN0ZWQgQ29ycCBDZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAts8whjOzEbn/w1xkFJ67af7F/JPujBK91oyJekh2schIMzFau9pY8S1AiJQoJCulOJCJfUc8hBLKBZiGAkii+4Gpx6cVqMLe6C22MdD806Soxn8Dg4dQqbIvPuI4eeVKu5CEk80PW/BaFMmRvRHO62C7PILuH6yZeGHC4P7dTKpsk4CLxh/jRGXLC8jV2BCW0X+3BMbHBg53NoI9s1Gs7KGYnfOHbBP5wEFAa00RjHnubUaCdEBlC8Kl4X7p0S4RGb3rsB08wgFe9EmSZHIgcIm+SuVo7N4qqbI85qo2ulU6J8NN7ZtgMPHzrMhzgAgf/KnqPqwDIxnNmRNJmHTUYwIDAQABozgwNjAMBgNVHRMBAf8EAjAAMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMDMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAukH6cJUUj5faa8CuPCqrEa0PoLY4SYNnff9NI+TTAHkB9l+kOcFl5eo2EQOcWmZKYi7QLlWC4jy/KQYattO9FMaxiOQL4FAc6ZIbNyfwWBzZWyr5syYJTTTnkLq8A9pCKarN49+FqhJseycU+8EhJEJyP5pv5hLvDNTTHOQ6SXhASsiX8cjo3AY4bxA5pWeXuTZ459qDxOnQd+GrOe4dIeqflk0hA2xYKe3SfF+QlK8EO370B8Dj8RX230OATM1E3OtYyALe34KW3wM9Qm9rb0eViDnVyDiCWkhhQnw5yPg/XQfloug2itRYuCnfUoRt8xfeHgwz2Ymz8cUADn3KpTGCAf4wggH6AgEBMHgwczELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MSQwIgYDVQQKExtFeGFtcGxlIFRydXN0ZWQgQ29ycG9yYXRpb24xGTAXBgNVBAMTEFRydXN0ZWQgVmFsaWQgQ0ECAQIwCQYFKw4DAhoFAKBdMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTE1MTAwMTIxMTEwNlowIwYJKoZIhvcNAQkEMRYEFHAisUYrrt+gBxYFhZ5KQQusOmN3MA0GCSqGSIb3DQEBAQUABIIBACHW4V0BsPWOvWrGOTRj6mPpNbH/JI1bN2oyqQZrpUQoaBY+BbYxO7TY4Uwe+aeIR/TTPJznOMF/dl3Bna6TPabezU4ylg7TVFI6W7zC5f5DZKp+Xv6uTX6knUzbbW1fkJqMtE8hGUzYXc3/C++Ci6kuOzrpWOhk6DpJHeUO/ioV56H0+QK/oMAjYpEsOohaPqvTPNOBhMQ0OQP3bmuJ6HcjZ/oz96PpzXUPKT1tDe6VykIYkV5NvtC8Tu2lDbYvp9ug3gyDgdyNSV47y5i/iWkzEhsAJB+9Z50wKhplnkxxVHEXkB/6tmfvExvQ28gLd/VbaEGDX2ljCaTSUjhD0o0=\r",
|
||||
"--7B0MKBI3UH\r",
|
||||
"Content-Location: manifest.webapp\r",
|
||||
"Content-Type: application/x-web-app-manifest+json\r",
|
||||
"\r",
|
||||
"{",
|
||||
" \"name\": \"My App\",",
|
||||
" \"moz-resources\": [",
|
||||
" {",
|
||||
" \"src\": \"page2.html\",",
|
||||
" \"integrity\": \"JREF3JbXGvZ+I1KHtoz3f46ZkeIPrvXtG4VyFQrJ7II=\"",
|
||||
" },",
|
||||
" {",
|
||||
" \"src\": \"index.html\",",
|
||||
" \"integrity\": \"zEubR310nePwd30NThIuoCxKJdnz7Mf5z+dZHUbH1SE=\"",
|
||||
" },",
|
||||
" {",
|
||||
" \"src\": \"scripts/script.js\",",
|
||||
" \"integrity\": \"6TqtNArQKrrsXEQWu3D9ZD8xvDRIkhyV6zVdTcmsT5Q=\"",
|
||||
" },",
|
||||
" {",
|
||||
" \"src\": \"scripts/library.js\",",
|
||||
" \"integrity\": \"TN2ByXZiaBiBCvS4MeZ02UyNi44vED+KjdjLInUl4o8=\"",
|
||||
" }",
|
||||
" ],",
|
||||
" \"moz-permissions\": [",
|
||||
" {",
|
||||
" \"systemXHR\": {",
|
||||
" \"description\": \"Needed to download stuff\"",
|
||||
" },",
|
||||
" \"devicestorage:pictures\": {",
|
||||
" \"description\": \"Need to load pictures\"",
|
||||
" }",
|
||||
" }",
|
||||
" ],",
|
||||
" \"package-identifier\": \"611FC2FE-491D-4A47-B3B3-43FBDF6F404F\",",
|
||||
" \"moz-package-location\": \"https://example.com/myapp/app.pak\",",
|
||||
" \"description\": \"A great app!\"",
|
||||
"}\r",
|
||||
"--7B0MKBI3UH\r",
|
||||
"Content-Location: page2.html\r",
|
||||
"Content-Type: text/html\r",
|
||||
"\r",
|
||||
"<html>",
|
||||
" page2.html",
|
||||
"</html>",
|
||||
"\r",
|
||||
"--7B0MKBI3UH\r",
|
||||
"Content-Location: index.html\r",
|
||||
"Content-Type: text/html\r",
|
||||
"\r",
|
||||
"<html>",
|
||||
" Last updated: 2015/10/01 14:10 PST",
|
||||
"</html>",
|
||||
"\r",
|
||||
"--7B0MKBI3UH\r",
|
||||
"Content-Location: scripts/script.js\r",
|
||||
"Content-Type: text/javascript\r",
|
||||
"\r",
|
||||
"// script.js",
|
||||
"\r",
|
||||
"--7B0MKBI3UH\r",
|
||||
"Content-Location: scripts/library.js\r",
|
||||
"Content-Type: text/javascript\r",
|
||||
"\r",
|
||||
"// library.js",
|
||||
"\r",
|
||||
"--7B0MKBI3UH--"
|
||||
].join("\n");
|
||||
var signedPackage = `manifest-signature: MIIF1AYJKoZIhvcNAQcCoIIFxTCCBcECAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCCA54wggOaMIICgqADAgECAgECMA0GCSqGSIb3DQEBCwUAMHMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEkMCIGA1UEChMbRXhhbXBsZSBUcnVzdGVkIENvcnBvcmF0aW9uMRkwFwYDVQQDExBUcnVzdGVkIFZhbGlkIENBMB4XDTE1MDkxMDA4MDQzNVoXDTM1MDkxMDA4MDQzNVowdDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MSQwIgYDVQQKExtFeGFtcGxlIFRydXN0ZWQgQ29ycG9yYXRpb24xGjAYBgNVBAMTEVRydXN0ZWQgQ29ycCBDZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAts8whjOzEbn/w1xkFJ67af7F/JPujBK91oyJekh2schIMzFau9pY8S1AiJQoJCulOJCJfUc8hBLKBZiGAkii+4Gpx6cVqMLe6C22MdD806Soxn8Dg4dQqbIvPuI4eeVKu5CEk80PW/BaFMmRvRHO62C7PILuH6yZeGHC4P7dTKpsk4CLxh/jRGXLC8jV2BCW0X+3BMbHBg53NoI9s1Gs7KGYnfOHbBP5wEFAa00RjHnubUaCdEBlC8Kl4X7p0S4RGb3rsB08wgFe9EmSZHIgcIm+SuVo7N4qqbI85qo2ulU6J8NN7ZtgMPHzrMhzgAgf/KnqPqwDIxnNmRNJmHTUYwIDAQABozgwNjAMBgNVHRMBAf8EAjAAMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMDMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAukH6cJUUj5faa8CuPCqrEa0PoLY4SYNnff9NI+TTAHkB9l+kOcFl5eo2EQOcWmZKYi7QLlWC4jy/KQYattO9FMaxiOQL4FAc6ZIbNyfwWBzZWyr5syYJTTTnkLq8A9pCKarN49+FqhJseycU+8EhJEJyP5pv5hLvDNTTHOQ6SXhASsiX8cjo3AY4bxA5pWeXuTZ459qDxOnQd+GrOe4dIeqflk0hA2xYKe3SfF+QlK8EO370B8Dj8RX230OATM1E3OtYyALe34KW3wM9Qm9rb0eViDnVyDiCWkhhQnw5yPg/XQfloug2itRYuCnfUoRt8xfeHgwz2Ymz8cUADn3KpTGCAf4wggH6AgEBMHgwczELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MSQwIgYDVQQKExtFeGFtcGxlIFRydXN0ZWQgQ29ycG9yYXRpb24xGTAXBgNVBAMTEFRydXN0ZWQgVmFsaWQgQ0ECAQIwCQYFKw4DAhoFAKBdMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTE1MTAyODExMTIwMlowIwYJKoZIhvcNAQkEMRYEFENKTXRUkdej+EPd/oKRhz0Cp13zMA0GCSqGSIb3DQEBAQUABIIBAFCr+i8cwTiwzzCVjzZZI2NAqu8dnYOAJjkhD02tJjBCbvehEhXW6pP/Gk8+oyx2zoV87zbw9xBGcEU9b3ulbggdFR56S3C3w+eTbeOXMcx7A8mn9vvsoMJm+/rkT4DgEUU1iaM7pdwH48CKJOnAZP5FkjRvpRBh8TgfcDbusXveYTwG5LVpDp8856+9FBzvZ7wLz9iWDvlT/EFxfWOnGduAJunQ9qQm+pWu5cvSTwWasCMYmiPRlsuBhU9Fx7LtlXIHtE2nYYQVMTMDE58z/mzT34W0bnneecrghHREhb90UvdlUZJ2q3Jahsa3718WUGPTp7ZYwYaPBy7ryoOoWSA=\r
|
||||
--7IYGY9UDJB\r
|
||||
Content-Location: manifest.webapp\r
|
||||
Content-Type: application/x-web-app-manifest+json\r
|
||||
\r
|
||||
{
|
||||
"moz-package-origin": "http://mochi.test:8888",
|
||||
"name": "My App",
|
||||
"moz-resources": [
|
||||
{
|
||||
"src": "page2.html",
|
||||
"integrity": "JREF3JbXGvZ+I1KHtoz3f46ZkeIPrvXtG4VyFQrJ7II="
|
||||
},
|
||||
{
|
||||
"src": "index.html",
|
||||
"integrity": "IjQ2S/V9qsC7wW5uv/Niq40M1aivvqH5+1GKRwUnyRg="
|
||||
},
|
||||
{
|
||||
"src": "scripts/script.js",
|
||||
"integrity": "6TqtNArQKrrsXEQWu3D9ZD8xvDRIkhyV6zVdTcmsT5Q="
|
||||
},
|
||||
{
|
||||
"src": "scripts/library.js",
|
||||
"integrity": "TN2ByXZiaBiBCvS4MeZ02UyNi44vED+KjdjLInUl4o8="
|
||||
}
|
||||
],
|
||||
"moz-permissions": [
|
||||
{
|
||||
"systemXHR": {
|
||||
"description": "Needed to download stuff"
|
||||
},
|
||||
"devicestorage:pictures": {
|
||||
"description": "Need to load pictures"
|
||||
}
|
||||
}
|
||||
],
|
||||
"package-identifier": "09bc9714-7ab6-4320-9d20-fde4c237522c",
|
||||
"description": "A great app!"
|
||||
}\r
|
||||
--7IYGY9UDJB\r
|
||||
Content-Location: page2.html\r
|
||||
Content-Type: text/html\r
|
||||
\r
|
||||
<html>
|
||||
page2.html
|
||||
</html>
|
||||
\r
|
||||
--7IYGY9UDJB\r
|
||||
Content-Location: index.html\r
|
||||
Content-Type: text/html\r
|
||||
\r
|
||||
<html>
|
||||
Last updated: 2015/10/28
|
||||
</html>
|
||||
\r
|
||||
--7IYGY9UDJB\r
|
||||
Content-Location: scripts/script.js\r
|
||||
Content-Type: text/javascript\r
|
||||
\r
|
||||
// script.js
|
||||
\r
|
||||
--7IYGY9UDJB\r
|
||||
Content-Location: scripts/library.js\r
|
||||
Content-Type: text/javascript\r
|
||||
\r
|
||||
// library.js
|
||||
\r
|
||||
--7IYGY9UDJB--`;
|
||||
|
||||
@ -95,10 +95,10 @@ var testData = {
|
||||
}
|
||||
}
|
||||
|
||||
var badSignature = "manifest-signature: dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk\r\n";
|
||||
var goodSignature = "manifest-signature: MIIF1AYJKoZIhvcNAQcCoIIFxTCCBcECAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCCA54wggOaMIICgqADAgECAgECMA0GCSqGSIb3DQEBCwUAMHMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEkMCIGA1UEChMbRXhhbXBsZSBUcnVzdGVkIENvcnBvcmF0aW9uMRkwFwYDVQQDExBUcnVzdGVkIFZhbGlkIENBMB4XDTE1MDkxMDA4MDQzNVoXDTM1MDkxMDA4MDQzNVowdDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MSQwIgYDVQQKExtFeGFtcGxlIFRydXN0ZWQgQ29ycG9yYXRpb24xGjAYBgNVBAMTEVRydXN0ZWQgQ29ycCBDZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAts8whjOzEbn/w1xkFJ67af7F/JPujBK91oyJekh2schIMzFau9pY8S1AiJQoJCulOJCJfUc8hBLKBZiGAkii+4Gpx6cVqMLe6C22MdD806Soxn8Dg4dQqbIvPuI4eeVKu5CEk80PW/BaFMmRvRHO62C7PILuH6yZeGHC4P7dTKpsk4CLxh/jRGXLC8jV2BCW0X+3BMbHBg53NoI9s1Gs7KGYnfOHbBP5wEFAa00RjHnubUaCdEBlC8Kl4X7p0S4RGb3rsB08wgFe9EmSZHIgcIm+SuVo7N4qqbI85qo2ulU6J8NN7ZtgMPHzrMhzgAgf/KnqPqwDIxnNmRNJmHTUYwIDAQABozgwNjAMBgNVHRMBAf8EAjAAMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMDMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAukH6cJUUj5faa8CuPCqrEa0PoLY4SYNnff9NI+TTAHkB9l+kOcFl5eo2EQOcWmZKYi7QLlWC4jy/KQYattO9FMaxiOQL4FAc6ZIbNyfwWBzZWyr5syYJTTTnkLq8A9pCKarN49+FqhJseycU+8EhJEJyP5pv5hLvDNTTHOQ6SXhASsiX8cjo3AY4bxA5pWeXuTZ459qDxOnQd+GrOe4dIeqflk0hA2xYKe3SfF+QlK8EO370B8Dj8RX230OATM1E3OtYyALe34KW3wM9Qm9rb0eViDnVyDiCWkhhQnw5yPg/XQfloug2itRYuCnfUoRt8xfeHgwz2Ymz8cUADn3KpTGCAf4wggH6AgEBMHgwczELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MSQwIgYDVQQKExtFeGFtcGxlIFRydXN0ZWQgQ29ycG9yYXRpb24xGTAXBgNVBAMTEFRydXN0ZWQgVmFsaWQgQ0ECAQIwCQYFKw4DAhoFAKBdMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTE1MTAwMTIxMTEwNlowIwYJKoZIhvcNAQkEMRYEFHAisUYrrt+gBxYFhZ5KQQusOmN3MA0GCSqGSIb3DQEBAQUABIIBACHW4V0BsPWOvWrGOTRj6mPpNbH/JI1bN2oyqQZrpUQoaBY+BbYxO7TY4Uwe+aeIR/TTPJznOMF/dl3Bna6TPabezU4ylg7TVFI6W7zC5f5DZKp+Xv6uTX6knUzbbW1fkJqMtE8hGUzYXc3/C++Ci6kuOzrpWOhk6DpJHeUO/ioV56H0+QK/oMAjYpEsOohaPqvTPNOBhMQ0OQP3bmuJ6HcjZ/oz96PpzXUPKT1tDe6VykIYkV5NvtC8Tu2lDbYvp9ug3gyDgdyNSV47y5i/iWkzEhsAJB+9Z50wKhplnkxxVHEXkB/6tmfvExvQ28gLd/VbaEGDX2ljCaTSUjhD0o0=\r\n";
|
||||
var badSignature = "manifest-signature: MIIF1AYJKoZIhvcNAQcCoIIFxTCCBcECAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCCA54wggOaMIICgqADAgECAgECMA0GCSqGSIb3DQEBCwUAMHMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEkMCIGA1UEChMbRXhhbXBsZSBUcnVzdGVkIENvcnBvcmF0aW9uMRkwFwYDVQQDExBUcnVzdGVkIFZhbGlkIENBMB4XDTE1MDkxMDA4MDQzNVoXDTM1MDkxMDA4MDQzNVowdDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MSQwIgYDVQQKExtFeGFtcGxlIFRydXN0ZWQgQ29ycG9yYXRpb24xGjAYBgNVBAMTEVRydXN0ZWQgQ29ycCBDZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAts8whjOzEbn/w1xkFJ67af7F/JPujBK91oyJekh2schIMzFau9pY8S1AiJQoJCulOJCJfUc8hBLKBZiGAkii+4Gpx6cVqMLe6C22MdD806Soxn8Dg4dQqbIvPuI4eeVKu5CEk80PW/BaFMmRvRHO62C7PILuH6yZeGHC4P7dTKpsk4CLxh/jRGXLC8jV2BCW0X+3BMbHBg53NoI9s1Gs7KGYnfOHbBP5wEFAa00RjHnubUaCdEBlC8Kl4X7p0S4RGb3rsB08wgFe9EmSZHIgcIm+SuVo7N4qqbI85qo2ulU6J8NN7ZtgMPHzrMhzgAgf/KnqPqwDIxnNmRNJmHTUYwIDAQABozgwNjAMBgNVHRMBAf8EAjAAMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMDMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAukH6cJUUj5faa8CuPCqrEa0PoLY4SYNnff9NI+TTAHkB9l+kOcFl5eo2EQOcWmZKYi7QLlWC4jy/KQYattO9FMaxiOQL4FAc6ZIbNyfwWBzZWyr5syYJTTTnkLq8A9pCKarN49+FqhJseycU+8EhJEJyP5pv5hLvDNTTHOQ6SXhASsiX8cjo3AY4bxA5pWeXuTZ459qDxOnQd+GrOe4dIeqflk0hA2xYKe3SfF+QlK8EO370B8Dj8RX230OATM1E3OtYyALe34KW3wM9Qm9rb0eViDnVyDiCWkhhQnw5yPg/XQfloug2itRYuCnfUoRt8xfeHgwz2Ymz8cUADn3KpTGCAf4wggH6AgEBMHgwczELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MSQwIgYDVQQKExtFeGFtcGxlIFRydXN0ZWQgQ29ycG9yYXRpb24xGTAXBgNVBAMTEFRydXN0ZWQgVmFsaWQgQ0ECAQIwCQYFKw4DAhoFAKBdMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTE1MTAwMTIxMTEwNlowIwYJKoZIhvcNAQkEMRYEFHAisUYrrt+gBxYFhZ5KQQusOmN3MA0GCSqGSIb3DQEBAQUABIIBACHW4V0BsPWOvWrGOTRj6mPpNbH/JI1bN2oyqQZrpUQoaBY+BbYxO7TY4Uwe+aeIR/TTPJznOMF/dl3Bna6TPabezU4ylg7TVFI6W7zC5f5DZKp+Xv6uTX6knUzbbW1fkJqMtE8hGUzYXc3/C++Ci6kuOzrpWOhk6DpJHeUO/ioV56H0+QK/oMAjYpEsOohaPqvTPNOBhMQ0OQP3bmuJ6HcjZ/oz96PpzXUPKT1tDe6VykIYkV5NvtC8Tu2lDbYvp9ug3gyDgdyNSV47y5i/iWkzEhsAJB+9Z50wKhplnkxxVHEXkB/6tmfvExvQ28gLd/VbaEGDX2ljCaTSUjhD0o0=\r\n";
|
||||
|
||||
var packageContent = [
|
||||
function packageContent(origin) {
|
||||
return [
|
||||
"--7B0MKBI3UH\r",
|
||||
"Content-Location: manifest.webapp\r",
|
||||
"Content-Type: application/x-web-app-manifest+json\r",
|
||||
@ -134,7 +134,7 @@ var packageContent = [
|
||||
" }",
|
||||
" ],",
|
||||
" \"package-identifier\": \"611FC2FE-491D-4A47-B3B3-43FBDF6F404F\",",
|
||||
" \"moz-package-location\": \"https://example.com/myapp/app.pak\",",
|
||||
" \"moz-package-origin\": \"" + origin + "\",",
|
||||
" \"description\": \"A great app!\"",
|
||||
"}\r",
|
||||
"--7B0MKBI3UH\r",
|
||||
@ -167,6 +167,7 @@ var packageContent = [
|
||||
"\r",
|
||||
"--7B0MKBI3UH--"
|
||||
].join("\n");
|
||||
}
|
||||
|
||||
function contentHandler(metadata, response)
|
||||
{
|
||||
@ -184,14 +185,14 @@ function regularContentHandler(metadata, response)
|
||||
function contentHandlerWithBadSignature(metadata, response)
|
||||
{
|
||||
response.setHeader("Content-Type", 'application/package');
|
||||
var body = badSignature + packageContent;
|
||||
var body = badSignature + packageContent(uri);
|
||||
response.bodyOutputStream.write(body, body.length);
|
||||
}
|
||||
|
||||
function contentHandlerWithGoodSignature(metadata, response)
|
||||
{
|
||||
response.setHeader("Content-Type", 'application/package');
|
||||
var body = goodSignature + packageContent;
|
||||
var body = goodSignature + packageContent(uri);
|
||||
response.bodyOutputStream.write(body, body.length);
|
||||
}
|
||||
|
||||
@ -222,7 +223,6 @@ function run_test()
|
||||
|
||||
add_test(test_channel_with_bad_signature_from_trusted_origin);
|
||||
add_test(test_channel_with_bad_signature);
|
||||
add_test(test_channel_with_good_signature);
|
||||
|
||||
// run tests
|
||||
run_next_test();
|
||||
|
||||
@ -120,7 +120,8 @@ var testData = {
|
||||
}
|
||||
}
|
||||
|
||||
var signedPackage = [
|
||||
function signedPackage(origin) {
|
||||
return [
|
||||
"manifest-signature: MIIF1AYJKoZIhvcNAQcCoIIFxTCCBcECAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCCA54wggOaMIICgqADAgECAgECMA0GCSqGSIb3DQEBCwUAMHMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEkMCIGA1UEChMbRXhhbXBsZSBUcnVzdGVkIENvcnBvcmF0aW9uMRkwFwYDVQQDExBUcnVzdGVkIFZhbGlkIENBMB4XDTE1MDkxMDA4MDQzNVoXDTM1MDkxMDA4MDQzNVowdDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MSQwIgYDVQQKExtFeGFtcGxlIFRydXN0ZWQgQ29ycG9yYXRpb24xGjAYBgNVBAMTEVRydXN0ZWQgQ29ycCBDZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAts8whjOzEbn/w1xkFJ67af7F/JPujBK91oyJekh2schIMzFau9pY8S1AiJQoJCulOJCJfUc8hBLKBZiGAkii+4Gpx6cVqMLe6C22MdD806Soxn8Dg4dQqbIvPuI4eeVKu5CEk80PW/BaFMmRvRHO62C7PILuH6yZeGHC4P7dTKpsk4CLxh/jRGXLC8jV2BCW0X+3BMbHBg53NoI9s1Gs7KGYnfOHbBP5wEFAa00RjHnubUaCdEBlC8Kl4X7p0S4RGb3rsB08wgFe9EmSZHIgcIm+SuVo7N4qqbI85qo2ulU6J8NN7ZtgMPHzrMhzgAgf/KnqPqwDIxnNmRNJmHTUYwIDAQABozgwNjAMBgNVHRMBAf8EAjAAMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMDMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAukH6cJUUj5faa8CuPCqrEa0PoLY4SYNnff9NI+TTAHkB9l+kOcFl5eo2EQOcWmZKYi7QLlWC4jy/KQYattO9FMaxiOQL4FAc6ZIbNyfwWBzZWyr5syYJTTTnkLq8A9pCKarN49+FqhJseycU+8EhJEJyP5pv5hLvDNTTHOQ6SXhASsiX8cjo3AY4bxA5pWeXuTZ459qDxOnQd+GrOe4dIeqflk0hA2xYKe3SfF+QlK8EO370B8Dj8RX230OATM1E3OtYyALe34KW3wM9Qm9rb0eViDnVyDiCWkhhQnw5yPg/XQfloug2itRYuCnfUoRt8xfeHgwz2Ymz8cUADn3KpTGCAf4wggH6AgEBMHgwczELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MSQwIgYDVQQKExtFeGFtcGxlIFRydXN0ZWQgQ29ycG9yYXRpb24xGTAXBgNVBAMTEFRydXN0ZWQgVmFsaWQgQ0ECAQIwCQYFKw4DAhoFAKBdMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTE1MTAwMTIxMTEwNlowIwYJKoZIhvcNAQkEMRYEFHAisUYrrt+gBxYFhZ5KQQusOmN3MA0GCSqGSIb3DQEBAQUABIIBACHW4V0BsPWOvWrGOTRj6mPpNbH/JI1bN2oyqQZrpUQoaBY+BbYxO7TY4Uwe+aeIR/TTPJznOMF/dl3Bna6TPabezU4ylg7TVFI6W7zC5f5DZKp+Xv6uTX6knUzbbW1fkJqMtE8hGUzYXc3/C++Ci6kuOzrpWOhk6DpJHeUO/ioV56H0+QK/oMAjYpEsOohaPqvTPNOBhMQ0OQP3bmuJ6HcjZ/oz96PpzXUPKT1tDe6VykIYkV5NvtC8Tu2lDbYvp9ug3gyDgdyNSV47y5i/iWkzEhsAJB+9Z50wKhplnkxxVHEXkB/6tmfvExvQ28gLd/VbaEGDX2ljCaTSUjhD0o0=\r",
|
||||
"--7B0MKBI3UH\r",
|
||||
"Content-Location: manifest.webapp\r",
|
||||
@ -157,7 +158,7 @@ var signedPackage = [
|
||||
" }",
|
||||
" ],",
|
||||
" \"package-identifier\": \"611FC2FE-491D-4A47-B3B3-43FBDF6F404F\",",
|
||||
" \"moz-package-location\": \"https://example.com/myapp/app.pak\",",
|
||||
" \"moz-package-origin\": \"" + origin + "\",",
|
||||
" \"description\": \"A great app!\"",
|
||||
"}\r",
|
||||
"--7B0MKBI3UH\r",
|
||||
@ -190,6 +191,7 @@ var signedPackage = [
|
||||
"\r",
|
||||
"--7B0MKBI3UH--"
|
||||
].join("\n");
|
||||
};
|
||||
|
||||
XPCOMUtils.defineLazyGetter(this, "uri", function() {
|
||||
return "http://localhost:" + httpserver.identity.primaryPort;
|
||||
@ -571,7 +573,7 @@ function test_worse_package_5() {
|
||||
function signedPackagedAppContentHandler(metadata, response)
|
||||
{
|
||||
response.setHeader("Content-Type", 'application/package');
|
||||
var body = signedPackage;
|
||||
var body = signedPackage(uri);
|
||||
response.bodyOutputStream.write(body, body.length);
|
||||
}
|
||||
|
||||
@ -587,13 +589,28 @@ var dummyCacheListener = {
|
||||
onCacheEntryAvailable: function () {}
|
||||
};
|
||||
|
||||
function setTrustedOrigin() {
|
||||
let pref = "network.http.signed-packages.trusted-origin";
|
||||
ok(!!Ci.nsISupportsString, "Ci.nsISupportsString");
|
||||
let origin = Cc["@mozilla.org/supports-string;1"].createInstance(Ci.nsISupportsString);
|
||||
origin.data = uri;
|
||||
gPrefs.setComplexValue(pref, Ci.nsISupportsString, origin);
|
||||
}
|
||||
|
||||
function resetTrustedOrigin() {
|
||||
gPrefs.clearUserPref("network.http.signed-packages.trusted-origin");
|
||||
}
|
||||
|
||||
function test_signed_package_callback()
|
||||
{
|
||||
setTrustedOrigin();
|
||||
|
||||
packagePath = "/signedPackage";
|
||||
let url = uri + packagePath + "!//index.html";
|
||||
let channel = getChannelForURL(url, {
|
||||
onStartSignedPackageRequest: function(aPackageId) {
|
||||
ok(true, "onStartSignedPackageRequest is notifited as expected");
|
||||
resetTrustedOrigin();
|
||||
run_next_test();
|
||||
},
|
||||
|
||||
|
||||
@ -177,7 +177,8 @@ function test_invalid_signature(aBypassVerification) {
|
||||
const kManifestContent = 'Content-Location: manifest.webapp\r\n' +
|
||||
'Content-Type: application/x-web-app-manifest+json\r\n' +
|
||||
'\r\n' +
|
||||
'{ "package-identifier": "' + kPackagedId + '" }';
|
||||
'{ "package-identifier": "' + kPackagedId + '",\n' +
|
||||
' "moz-package-origin": "' + kOrigin + '" }';
|
||||
|
||||
const expectedCallbacks = [
|
||||
// URL statusCode verificationResult content
|
||||
|
||||
Loading…
Reference in New Issue
Block a user