For signing, pykey.py delegates to 3rd party libraries. One of these libraries
expects hash algorithms to be specified in the form "SHA-256" whereas the other
expects "sha256". Consumers of pykey shouldn't need to be aware of this detail.
This patch introduces constants HASH_SHA1, HASH_SHA256, etc. and changes pykey
to determine which string literals to use itself.
MozReview-Commit-ID: 27laM2uXMwJ
--HG--
extra : rebase_source : 9b74f486f7535671fd26c59e3e9cc3b4459f15e0
MozReview-Commit-ID: 9Htv04PfRzb
This introduces pyct.py with the capability of generating Signed Certificate
Timestamps for our test certificates. Also introduces a simple testcase that
should validate correctly under current CT requirements as well as one that does
not validate due to an insufficient number of SCTs.
(Note that "validate" in this case does not refer to the overall TLS handshake
result, because CT is not currently required. It more or less refers to the
value of certificateTransparencyStatus of the SSLStatus of the connection's
securityInfo - see nsISSLStatus.idl.)
--HG--
rename : security/manager/ssl/tests/unit/bad_certs/default-ee.key => security/manager/ssl/tests/unit/test_ct/default-ee.key
rename : security/manager/ssl/tests/unit/bad_certs/default-ee.key.keyspec => security/manager/ssl/tests/unit/test_ct/default-ee.key.keyspec
rename : security/manager/ssl/tests/unit/bad_certs/default-ee.pem => security/manager/ssl/tests/unit/test_ct/default-ee.pem
rename : security/manager/ssl/tests/unit/bad_certs/default-ee.pem.certspec => security/manager/ssl/tests/unit/test_ct/default-ee.pem.certspec
rename : security/manager/ssl/tests/unit/bad_certs/test-ca.pem => security/manager/ssl/tests/unit/test_ct/test-ca.pem
rename : security/manager/ssl/tests/unit/bad_certs/test-ca.pem.certspec => security/manager/ssl/tests/unit/test_ct/test-ca.pem.certspec
extra : rebase_source : 66c5a5e16eeb47c97972248d61a4f1cbadf59a49
MozReview-Commit-ID: Gay4bliuiDc
This modifies getCTKnownLogs.py to inject 3 debug-only Certificate Transparency
log keys and 2 organizations ("Mozilla Test Org 1" and "2") for use with
integration tests. Also updates CTKnownLogs.h as generated by the python script.
The debug logs use the "default", "secp256r1", and "alternate" keys that are
already present in our testing infrastructure (see pykey.py).
--HG--
extra : rebase_source : 3d4fc736f840cd080fab6b8c6c5b53cc9361abf2
Firefox essentially does not support running NSS in FIPS mode any longer. This
has always been the case on Android from what I can tell and it has been the
case on OS X since at least version 34 (see bug 1047584). It became the case on
Windows as of version 53 (see bug 1295937). Unfortunately, before this patch,
if a user attempted to run an affected version of Firefox using a profile
directory containing an NSS database collection that had FIPS enabled, NSS
initialization would fail and fall back to running in no DB mode, which had the
side-effect of making any saved passwords and certificates unavailable. This
patch attempts to detect and work around this failure mode by moving the
PKCS#11 module DB (which is where the FIPS bit is set) to a backup location and
basically running with a fresh, non-FIPS module DB. This allows Firefox to
initialize NSS with the preexisting key and certificate databases available.
MozReview-Commit-ID: 1E4u1ngZyRv
--HG--
rename : security/manager/ssl/tests/unit/test_sdr_preexisting.js => security/manager/ssl/tests/unit/test_broken_fips.js
rename : security/manager/ssl/tests/unit/test_sdr_preexisting/key3.db => security/manager/ssl/tests/unit/test_broken_fips/key3.db
extra : rebase_source : 887f457e998d6e57c6536573fbe3cb10547fe154
As requested by James Burton<jb@0.me.uk> and vouched for (via email) by
Lucas Garron <lgarron@google.com>.
MozReview-Commit-ID: HD9laXzJpRg
--HG--
extra : rebase_source : 7c632c6772509a3c4c03cf971ee0f62ad5225275
nsCertOverrideService uses a ReentrantMonitor to protect its inner
state. However, there's no way for nsCertOverrideService's methods to
be re-entered when calling outside code. The use of ReentrantMonitor
appears to be compensating for an unclear division of locking
responsibilities, by enabling every method to simply lock the
ReentrantMonitor upon entrance without care for who might have locked it
beforehand.
Using Mutex is cheaper than ReentrantMonitor, and also forces us to
make explicit who's required to do locking, and who needs to do work
with the lock held.
Calling VFY_VerifyDigestDirect causes the provided SECKEYPublicKey to be
reimported to the softoken regardless of if it already exists on it. EC keys
must be verified upon import (to see if the point is on the curve to avoid some
small subgroup attacks), and so repeatedly doing this with a static key (say,
for example, a key corresponding to a built-in certificate transparency log) is
inefficient. This patch alters the certificate transparency implementation to
import these keys each once and then use PK11_Verify for ECDSA signature
verification, which doesn't have the same drawback.
Since this change causes CertVerifier to hold an NSS resource (via its
MultiLogCTVerifier having a list of CTLogVerifier, each of which now has a
SECKEYPublicKey), nsNSSComponent has to make sure it goes away before shutting
down NSS. This patch ensures this happens in nsNSSComponent::ShutdownNSS().
MozReview-Commit-ID: 6VSmz7S53y2
--HG--
extra : rebase_source : 4994db9de80a6c1aec3d7e322ff30d040140ce92
Everything depending on the widget being gonk can go away, as well as
everything depending on MOZ_AUDIO_CHANNEL_MANAGER, which was only
defined on gonk builds under b2g/ (which goes away in bug 1357326).
--HG--
extra : rebase_source : 9f0aeeb7eea8417fa4e06d662d566d67ecaf2a24
This changes does several things:
1. Changes some titles to include the word "driver" for better clarity.
2. Moves and cleans up the JS implementation of load_device.xul. Having a
cleaner implementation in a separate file makes the code easier to discover
and maintain.
3. Removes code that tries to show a special case message if a module was
already loaded.
3A. The backend code doesn't provide distinction from this case and failure to
add in general.
3B. The backend code would only return the error code being checked for if a
blank module name was provided.
4. Adds tests.
MozReview-Commit-ID: 8BxKWKw5rvp
--HG--
extra : rebase_source : 15a29bf7d46f523a11eac37c9f0c6efb2b5d0114
The default OCSP timeout for soft-fail DV is still 2 seconds. This patch makes
it configurable on the interval (0, 5] seconds.
The default OCSP timeout for EV and hard-fail DV is still 10 seconds. This patch
makes it configurable on the interval (0, 20] seconds.
MozReview-Commit-ID: CPd8pwYrJhj
--HG--
extra : rebase_source : 45bd7d06ea013f0a776ea18be9408dedb18271d8
(adapted from bug 1349762 comment 0)
Google Trust Services (GTS) recently purchased two roots from GlobalSign that
are both enabled for EV treatment: "GlobalSign Root CA - R2" and "GlobalSign ECC
Root CA - R4".
However, GTS does not have an EV audit, so we are going to turn off EV treatment
for both of those root certificates.
But "GlobalSign Root CA - R2" has intermediate cert "GlobalSign Extended
Validation CA - SHA256 - G2" that continues to be controlled by GlobalSign, to
be used to migrate their customers off dependence on that root.
This patch removes EV treatment for "GlobalSign ECC Root CA - R4". It also
removes EV treatment for all chains rooted in "GlobalSign Root CA - R2" unless
the "GlobalSign Extended Validation CA - SHA256 - G2" intermediate is in the
chain.
MozReview-Commit-ID: Ej9L9zTwoPN
--HG--
extra : rebase_source : 575f1a48646cf728d879d0cf53c888654e4a32ad
These directories contain sensitive content, and access is not necessary now that we have file content processes.
r=haik
MozReview-Commit-ID: FiRJkMnlYUx
--HG--
extra : rebase_source : 0bcdefcb1ea410fb26c3f8373673488e2a5fdd75
This API produces much more readable code (though slightly more verbose). While this is not a publicly documented API on macOS, it is used by both WebKit and Chrome.
MozReview-Commit-ID: LVxYT4wBLck
--HG--
extra : rebase_source : 9688981ea0bb4e71f084afc404af705fa68f84a3
-Wextra implies -Wmissing-field-initializers, but since the latter warning seems
to warn about mostly uninteresting instances (XPCOM module definitions etc), we
disable it for now.
(Note that -Wall is already enabled by default for all directories for gcc and
clang.)
MozReview-Commit-ID: 8RdF51sLPC8
--HG--
extra : rebase_source : 003c1c04e090ec215d058f5adf4c9e72558bbae3
NS_SetCurrentThreadName() is added as an alternative to PR_SetCurrentThreadName()
inside libxul. The thread names are collected in the form of crash annotation to
be processed on socorro.
MozReview-Commit-ID: 4RpAWzTuvPs
This also changes the read only related status checks in filesystem_interception.cc to include STATUS_NETWORK_OPEN_RESTRICTION (0xC0000201), which gets returned in some cases and fails because we never ask the broker.
Carrying r=jimm from original changeset:
https://hg.mozilla.org/mozilla-central/rev/1755a454e2de
MozReview-Commit-ID: 4tfygPiKG9Z
This also changes the read only related status checks in filesystem_interception.cc to include STATUS_NETWORK_OPEN_RESTRICTION (0xC0000201), which gets returned in some cases and fails because we never ask the broker.
There are a few places where we can use the safer functionality provided by the
Mozilla string classes instead.
Also fixes Bug 1268657 (remove vestigial
TransportSecurityInfo::SetShortSecurityDescription declaration).
MozReview-Commit-ID: Cxv5B4bsDua
--HG--
extra : rebase_source : 074a154c9000807d6dd466f23e92289e0d4c76d8
Some of our tests currently assume that certain real domains are HSTS preloaded.
While most of the time these domains are in fact preloaded, this may change
during periods of maintenance or other events.
To avoid this, the changes here perform the following renames:
bugzilla.mozilla.org -> includesubdomains.preloaded.test
login.persona.org -> includesubdomains2.preloaded.test
www.torproject.org -> noincludesubdomains.preloaded.test
In addition, some tests that refer to mozilla.com (but don't depend on it being
preloaded) are made to refer to example.com instead to avoid referring to real
domains in tests.
MozReview-Commit-ID: 3987moJnKGk
--HG--
extra : rebase_source : 0ec49c9a410ba891f11668e7e11c48b7547e1825
Periodic updates on m-c are currently broken due to Bug 1350619, so this change
inserts the test domains into the preload list semi-manually.
MozReview-Commit-ID: EBOiQcKDSHr
--HG--
extra : rebase_source : bc5880af95dc9934132d0e9251d9060ad9c6871a
This lets us migrate off depending on real preloaded domains and onto
domains that are guaranteed to have the correct characteristics.
MozReview-Commit-ID: 4TyOfdIA9I7
--HG--
extra : rebase_source : f49109de9292dec31b72d87819dd52b5a6b659ed
nsIX509Cert.getAllTokenNames() is only used (improperly) to determine if a
certificate is a built-in. nsIX509Cert.isBuiltInRoot should be used instead.
MozReview-Commit-ID: LBwI8nTc05C
--HG--
extra : rebase_source : 9494cd1243395b0d293022e981f64be560a54dec
When determining if a certificate error override is allowed for a host, we
consult nsISiteSecurityService::IsSecureURI to see if the host is HSTS/HPKP.
This API takes an nsIURI, but the calling code only has a hostname as an
nsCString. Calling NS_NewURI works in all situations we will encounter except
when the hostname is an IPv6 address. Since IP addresses are never HSTS/HPKP
anyway, we can skip the NS_NewURI / IsSecureURI calls in those cases as a
workaround.
MozReview-Commit-ID: JXa8cGvqqTA
--HG--
extra : rebase_source : b8dcd2cb4211af230f867ce3954d5333b7a49684
MozReview-Commit-ID: 5bUTLz6mGKC
In general, it is possible to create a new nsNSSShutDownObject after
nsNSSShutDownList::shutdown() had been called. Before this patch, at that point,
isAlreadyShutDown() would incorrectly return false, which could lead to code
calling NSS functions, which would probably lead to a crash (because NSS could
be uninitialized at that point). This change merges
nsNSSShutDownList::shutdown() with evaporateAllNSSResources() into
evaporateAllNSSResourcesAndShutDown() for simplicity and makes it so
isAlreadyShutDown() returns true if called after that point.
--HG--
extra : rebase_source : badab89a9e197f18fcd943f16cc77c6aa6664f0d
Removed the probe in Histogram.json and the code related to it in nsKeygenHandler.cpp
MozReview-Commit-ID: E8lGbx19e2C
--HG--
extra : rebase_source : ef958749e6ad2e2b617fd1efdd09cdd3185bef18
pkixocsp_VerifyEncodedResponse_GetCertTrust has a field trustDomain that
deliberately shadows the field it inherits from so that code doesn't use it by
accident.
MozReview-Commit-ID: 1Y4W6sA7lHD
--HG--
extra : rebase_source : d2d3180e6c65ea49255545216230525b96af010d
The NSS Base64 functions are less safe and convenient to use than the XPCOM ones.
They're also an unnecessary dependency on NSS.
The NSS Base64 functions behave slightly differently than the XPCOM ones:
1. ATOB_ConvertAsciiToItem() / NSSBase64_DecodeBuffer() silently ignore invalid
characters like CRLF, space and so on. Base64Decode() will return an error
if these characters are encountered.
2. BTOA_DataToAscii() will produce output that has CRLF inserted every 64
characters. Base64Encode() doesn't do this.
For the reasons listed below, no unexpected compatibility issues should arise:
1. AppSignatureVerification.cpp already filters out CRLF and spaces for Manifest
and Signature values before decoding.
2. ExtendedValidation.cpp is only given what should be valid hard-coded input to
decode.
3. ContentSignatureVerifier.cpp already splits on CRLF for when it needs to
decode PEM certs. Spaces shouldn't be likely.
For Content-Signature header verification, examination of real input to a
running instance of Firefox suggests CRLF and spaces will not be present in
the header to decode.
4. nsCryptoHash.cpp encode is affected, but we actually don't want the CRLF
behaviour.
5. nsDataSignatureVerifier.cpp decode is affected, but we add whitespace
stripping to maintain backwards compatibility.
6. nsKeygenHandler.cpp encode is affected, but the previous CRLF behaviour was
arguably a bug, since neither WHATWG or W3C specs specified this.
MozReview-Commit-ID: IWMFxqVZMeX
--HG--
extra : rebase_source : 4863b2e5eabef0555e8e1ebe39216d0d9393f3e9
There's an antipattern where nsLiteralString is used as an unnecessary intermediary in converting from CharT* to CharT*,
e.g. CallAFunctionThatTakesACharPointer(NS_LITERAL_CSTRING("foo").get());
or
NS_NAMED_LITERAL_STRING(foo, "abc");
CallAFunctionThatTakesACharPointer(foo.get());
This patch rewrites the callsites that can be trivially changed to use char*/char16_t*.
I'd somewhat like to remove nsTLiteralString::get() altogether, but in code that's less straightforward than these examples, get() is useful enough to keep.
MozReview-Commit-ID: Kh1rUziVllo
--HG--
extra : rebase_source : c21a65694d6e1c42fd88f73632f7ac8f38d005ae