mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-23 04:41:11 +00:00
Backed out 2 changesets (bug 1887161) for causing build bustages @ siphash.h CLOSED TREE
Backed out changeset bd63a7c8f39e (bug 1887161) Backed out changeset 856d5366ba4b (bug 1887161)
This commit is contained in:
parent
a056c941c2
commit
bfc37d1f4b
@ -14398,11 +14398,6 @@
|
|||||||
value: false
|
value: false
|
||||||
mirror: always
|
mirror: always
|
||||||
|
|
||||||
# Control whether we use the SipHash to generate the canvas random key.
|
|
||||||
- name: privacy.resistFingerprinting.randomization.canvas.use_siphash
|
|
||||||
type: RelaxedAtomicBool
|
|
||||||
value: false
|
|
||||||
mirror: always
|
|
||||||
|
|
||||||
# Anti-tracking permission expiration.
|
# Anti-tracking permission expiration.
|
||||||
- name: privacy.restrict3rdpartystorage.expiration
|
- name: privacy.restrict3rdpartystorage.expiration
|
||||||
|
@ -9,7 +9,6 @@ include("sources.mozbuild")
|
|||||||
EXPORTS += [
|
EXPORTS += [
|
||||||
'expat.h',
|
'expat.h',
|
||||||
'expat_external.h',
|
'expat_external.h',
|
||||||
'siphash.h',
|
|
||||||
]
|
]
|
||||||
|
|
||||||
if CONFIG["MOZ_WASM_SANDBOXING_EXPAT"]:
|
if CONFIG["MOZ_WASM_SANDBOXING_EXPAT"]:
|
||||||
|
@ -34,7 +34,6 @@
|
|||||||
#include "mozilla/MacroForEach.h"
|
#include "mozilla/MacroForEach.h"
|
||||||
#include "mozilla/OriginAttributes.h"
|
#include "mozilla/OriginAttributes.h"
|
||||||
#include "mozilla/Preferences.h"
|
#include "mozilla/Preferences.h"
|
||||||
#include "mozilla/ProfilerMarkers.h"
|
|
||||||
#include "mozilla/RefPtr.h"
|
#include "mozilla/RefPtr.h"
|
||||||
#include "mozilla/Services.h"
|
#include "mozilla/Services.h"
|
||||||
#include "mozilla/Sprintf.h"
|
#include "mozilla/Sprintf.h"
|
||||||
@ -90,7 +89,6 @@
|
|||||||
#include "nscore.h"
|
#include "nscore.h"
|
||||||
#include "prenv.h"
|
#include "prenv.h"
|
||||||
#include "prtime.h"
|
#include "prtime.h"
|
||||||
#include "siphash.h"
|
|
||||||
#include "xpcpublic.h"
|
#include "xpcpublic.h"
|
||||||
|
|
||||||
#include "js/Date.h"
|
#include "js/Date.h"
|
||||||
@ -1515,8 +1513,6 @@ nsresult nsRFPService::GenerateCanvasKeyFromImageData(
|
|||||||
nsICookieJarSettings* aCookieJarSettings, uint8_t* aImageData,
|
nsICookieJarSettings* aCookieJarSettings, uint8_t* aImageData,
|
||||||
uint32_t aSize, nsTArray<uint8_t>& aCanvasKey) {
|
uint32_t aSize, nsTArray<uint8_t>& aCanvasKey) {
|
||||||
NS_ENSURE_ARG_POINTER(aCookieJarSettings);
|
NS_ENSURE_ARG_POINTER(aCookieJarSettings);
|
||||||
AUTO_PROFILER_MARKER_TEXT("nsRFPService", OTHER, {},
|
|
||||||
"nsRFPService::GenerateCanvasKeyFromImageData"_ns);
|
|
||||||
|
|
||||||
nsTArray<uint8_t> randomKey;
|
nsTArray<uint8_t> randomKey;
|
||||||
nsresult rv =
|
nsresult rv =
|
||||||
@ -1529,44 +1525,19 @@ nsresult nsRFPService::GenerateCanvasKeyFromImageData(
|
|||||||
return NS_ERROR_FAILURE;
|
return NS_ERROR_FAILURE;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (StaticPrefs::
|
// Generate the key for randomizing the canvas data using hMAC. The key is
|
||||||
privacy_resistFingerprinting_randomization_canvas_use_siphash()) {
|
// based on the random key of the document and the canvas data itself. So,
|
||||||
struct sipkey key = {{0, 0}};
|
// different canvas would have different keys.
|
||||||
|
HMAC hmac;
|
||||||
|
|
||||||
// SipHash takes 128 bits data as the key. So, we will only use the first
|
rv = hmac.Begin(SEC_OID_SHA256, Span(randomKey));
|
||||||
// half of the random key.
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
sip_tokey(&key, randomKey.Elements());
|
|
||||||
uint64_t digest = siphash24(aImageData, aSize, &key);
|
|
||||||
|
|
||||||
aCanvasKey.SetLength(32);
|
rv = hmac.Update(aImageData, aSize);
|
||||||
aCanvasKey.ClearAndRetainStorage();
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
|
|
||||||
// SipHash outputs 64 bits data as the hash result. But we need a 256 bits
|
rv = hmac.End(aCanvasKey);
|
||||||
// canvas key. So, we use a random number generator to expand the key.
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
non_crypto::XorShift128PlusRNG rng(digest, ~digest);
|
|
||||||
|
|
||||||
for (size_t i = 0; i < 4; ++i) {
|
|
||||||
uint64_t val = rng.next();
|
|
||||||
for (size_t j = 0; j < 8; ++j) {
|
|
||||||
uint8_t data = static_cast<uint8_t>((val >> (j * 8)) & 0xFF);
|
|
||||||
aCanvasKey.InsertElementAt((i * 8) + j, data);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
// Generate the key for randomizing the canvas data using hMAC. The key is
|
|
||||||
// based on the random key of the document and the canvas data itself. So,
|
|
||||||
// different canvas would have different keys.
|
|
||||||
HMAC hmac;
|
|
||||||
|
|
||||||
rv = hmac.Begin(SEC_OID_SHA256, Span(randomKey));
|
|
||||||
NS_ENSURE_SUCCESS(rv, rv);
|
|
||||||
|
|
||||||
rv = hmac.Update(aImageData, aSize);
|
|
||||||
NS_ENSURE_SUCCESS(rv, rv);
|
|
||||||
|
|
||||||
rv = hmac.End(aCanvasKey);
|
|
||||||
NS_ENSURE_SUCCESS(rv, rv);
|
|
||||||
}
|
|
||||||
|
|
||||||
return NS_OK;
|
return NS_OK;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user