Bug 683262 - window.crypto throws if MOZ_DISABLE_DOMCRYPTO is turned on - window.crypto patch - r=jst

--HG--
rename : dom/interfaces/base/nsIDOMCrypto.idl => dom/interfaces/base/nsIDOMCryptoLegacy.idl

b2g/confvars.sh

@@ -23,7 +23,7 @@ MOZ_SERVICES_METRICS=1
 MOZ_CAPTIVEDETECT=1
 
 MOZ_WEBSMS_BACKEND=1
-MOZ_DISABLE_DOMCRYPTO=1
+MOZ_DISABLE_CRYPTOLEGACY=1
 MOZ_APP_STATIC_INI=1
 
 if test "$OS_TARGET" = "Android"; then

configure.in

@@ -4241,7 +4241,7 @@ MOZ_XUL=1
 MOZ_ZIPWRITER=1
 NS_PRINTING=1
 MOZ_PDF_PRINTING=
-MOZ_DISABLE_DOMCRYPTO=
+MOZ_DISABLE_CRYPTOLEGACY=
 NSS_DISABLE_DBM=
 NECKO_WIFI=1
 NECKO_COOKIES=1
@@ -6340,9 +6340,10 @@ AC_SUBST(MOZ_DISABLE_PARENTAL_CONTROLS)
 dnl ========================================================
 dnl = Disable DOMCrypto
 dnl ========================================================
-if test -n "$MOZ_DISABLE_DOMCRYPTO"; then
-    AC_DEFINE(MOZ_DISABLE_DOMCRYPTO)
+if test -n "$MOZ_DISABLE_CRYPTOLEGACY"; then
+    AC_DEFINE(MOZ_DISABLE_CRYPTOLEGACY)
 fi
+AC_SUBST(MOZ_DISABLE_CRYPTOLEGACY)
 
 dnl ========================================================
 dnl =

dom/base/Crypto.cpp

@@ -0,0 +1,100 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "Crypto.h"
+#include "nsIDOMClassInfo.h"
+#include "nsString.h"
+
+namespace mozilla {
+namespace dom {
+
+NS_INTERFACE_MAP_BEGIN(Crypto)
+  NS_INTERFACE_MAP_ENTRY(nsISupports)
+  NS_INTERFACE_MAP_ENTRY(nsIDOMCrypto)
+  NS_DOM_INTERFACE_MAP_ENTRY_CLASSINFO(Crypto)
+NS_INTERFACE_MAP_END
+
+NS_IMPL_ADDREF(Crypto)
+NS_IMPL_RELEASE(Crypto)
+
+Crypto::Crypto()
+{
+  MOZ_COUNT_CTOR(Crypto);
+}
+
+Crypto::~Crypto()
+{
+  MOZ_COUNT_DTOR(Crypto);
+}
+
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
+// Stub out the legacy nsIDOMCrypto methods. The actual
+// implementations are in security/manager/ssl/src/nsCrypto.{cpp,h}
+
+NS_IMETHODIMP
+Crypto::GetVersion(nsAString & aVersion)
+{
+  return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+NS_IMETHODIMP
+Crypto::GetEnableSmartCardEvents(bool *aEnableSmartCardEvents)
+{
+  return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+NS_IMETHODIMP
+Crypto::SetEnableSmartCardEvents(bool aEnableSmartCardEvents)
+{
+  return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+NS_IMETHODIMP
+Crypto::GenerateCRMFRequest(nsIDOMCRMFObject * *_retval)
+{
+  return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+NS_IMETHODIMP
+Crypto::ImportUserCertificates(const nsAString & nickname,
+                               const nsAString & cmmfResponse,
+                               bool doForcedBackup, nsAString & _retval)
+{
+  return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+NS_IMETHODIMP
+Crypto::PopChallengeResponse(const nsAString & challenge,
+                             nsAString & _retval)
+{
+  return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+NS_IMETHODIMP
+Crypto::Random(int32_t numBytes, nsAString & _retval)
+{
+  return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+NS_IMETHODIMP
+Crypto::SignText(const nsAString & stringToSign, const nsAString & caOption,
+                 nsAString & _retval)
+{
+  return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+NS_IMETHODIMP
+Crypto::Logout()
+{
+  return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+NS_IMETHODIMP
+Crypto::DisableRightClick()
+{
+  return NS_ERROR_NOT_IMPLEMENTED;
+}
+#endif
+
+} // namespace dom
+} // namespace mozilla

dom/base/Crypto.h

@@ -0,0 +1,33 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+#ifndef mozilla_dom_Crypto_h
+#define mozilla_dom_Crypto_h
+
+#ifdef MOZ_DISABLE_CRYPTOLEGACY
+#include "nsIDOMCrypto.h"
+#else
+#include "nsIDOMCryptoLegacy.h"
+#endif
+
+#define NS_DOMCRYPTO_CLASSNAME "Crypto JavaScript Class"
+#define NS_DOMCRYPTO_CID \
+  {0x929d9320, 0x251e, 0x11d4, { 0x8a, 0x7c, 0x00, 0x60, 0x08, 0xc8, 0x44, 0xc3} }
+
+namespace mozilla {
+namespace dom {
+
+class Crypto : public nsIDOMCrypto
+{
+public:
+  Crypto();
+  virtual ~Crypto();
+
+  NS_DECL_ISUPPORTS
+  NS_DECL_NSIDOMCRYPTO
+};
+
+} // namespace dom
+} // namespace mozilla
+
+#endif // mozilla_dom_Crypto_h

dom/base/Makefile.in

@@ -79,6 +79,7 @@ EXPORTS = \
   nsContentPermissionHelper.h \
   nsStructuredCloneContainer.h \
   nsWindowMemoryReporter.h \
+  Crypto.h \
   $(NULL)
 
 EXPORTS_NAMESPACES = mozilla/dom
@@ -117,6 +118,7 @@ CPPSRCS =			\
 	nsDOMNavigationTiming.cpp \
 	nsPerformance.cpp	\
 	nsWindowMemoryReporter.cpp \
+	Crypto.cpp \
 	DOMError.cpp \
 	DOMRequest.cpp \
 	DOMCursor.cpp \

dom/base/nsDOMClassInfo.cpp

@@ -286,8 +286,12 @@
 #include "nsIDOMXULDocument.h"
 #include "nsIDOMXULElement.h"
 #include "nsIDOMXULCommandDispatcher.h"
-#include "nsIDOMCrypto.h"
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
 #include "nsIDOMCRMFObject.h"
+#include "nsIDOMCryptoLegacy.h"
+#else
+#include "nsIDOMCrypto.h"
+#endif
 #include "nsIControllers.h"
 #include "nsISelection.h"
 #include "nsIBoxObject.h"
@@ -477,7 +481,7 @@ static NS_DEFINE_CID(kDOMSOF_CID, NS_DOM_SCRIPT_OBJECT_FACTORY_CID);
 static const char kDOMStringBundleURL[] =
   "chrome://global/locale/dom/dom.properties";
 
-#ifdef MOZ_DISABLE_DOMCRYPTO
+#ifdef MOZ_DISABLE_CRYPTOLEGACY
   static const bool domCryptoEnabled = false;
 #else
   static const bool domCryptoEnabled = true;
@@ -556,8 +560,11 @@ static const char kDOMStringBundleURL[] =
 const uint32_t kDOMClassInfo_##_dom_class##_interfaces =                      \
   0;
 
-DOMCI_DATA_NO_CLASS(Crypto)
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
 DOMCI_DATA_NO_CLASS(CRMFObject)
+#endif
+DOMCI_DATA_NO_CLASS(Crypto)
+
 DOMCI_DATA_NO_CLASS(ContentFrameMessageManager)
 DOMCI_DATA_NO_CLASS(ChromeMessageBroadcaster)
 DOMCI_DATA_NO_CLASS(ChromeMessageSender)
@@ -956,10 +963,12 @@ static nsDOMClassInfoData sClassInfoData[] = {
 #endif
 
   // Crypto classes
-  NS_DEFINE_CLASSINFO_DATA(Crypto, nsDOMGenericSH,
-                           DOM_DEFAULT_SCRIPTABLE_FLAGS)
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
   NS_DEFINE_CLASSINFO_DATA(CRMFObject, nsDOMGenericSH,
                            DOM_DEFAULT_SCRIPTABLE_FLAGS)
+#endif
+  NS_DEFINE_CLASSINFO_DATA(Crypto, nsDOMGenericSH,
+                           DOM_DEFAULT_SCRIPTABLE_FLAGS)
 
   // DOM Traversal classes
   NS_DEFINE_CLASSINFO_DATA(TreeWalker, nsDOMGenericSH,
@@ -2764,14 +2773,16 @@ nsDOMClassInfo::Init()
   DOM_CLASSINFO_MAP_END
 #endif
 
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
+   DOM_CLASSINFO_MAP_BEGIN(CRMFObject, nsIDOMCRMFObject)
+     DOM_CLASSINFO_MAP_ENTRY(nsIDOMCRMFObject)
+   DOM_CLASSINFO_MAP_END
+#endif
+
   DOM_CLASSINFO_MAP_BEGIN(Crypto, nsIDOMCrypto)
     DOM_CLASSINFO_MAP_ENTRY(nsIDOMCrypto)
   DOM_CLASSINFO_MAP_END
 
-  DOM_CLASSINFO_MAP_BEGIN(CRMFObject, nsIDOMCRMFObject)
-    DOM_CLASSINFO_MAP_ENTRY(nsIDOMCRMFObject)
-  DOM_CLASSINFO_MAP_END
-
   DOM_CLASSINFO_MAP_BEGIN_NO_CLASS_IF(XMLStylesheetProcessingInstruction, nsIDOMProcessingInstruction)
     DOM_CLASSINFO_MAP_ENTRY(nsIDOMProcessingInstruction)
     DOM_CLASSINFO_MAP_ENTRY(nsIDOMLinkStyle)

dom/base/nsDOMClassInfo.h

@@ -29,6 +29,11 @@ class nsIForm;
 class nsIHTMLDocument;
 class nsNPAPIPluginInstance;
 
+class nsIDOMCrypto;
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
+class nsIDOMCRMFObject;
+#endif
+
 struct nsDOMClassInfoData;
 
 typedef nsIClassInfo* (*nsDOMClassInfoConstructorFnc)

dom/base/nsDOMClassInfoClasses.h

@@ -149,8 +149,10 @@ DOMCI_CLASS(TreeContentView)
 #endif
 
 // Crypto classes
-DOMCI_CLASS(Crypto)
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
 DOMCI_CLASS(CRMFObject)
+#endif
+DOMCI_CLASS(Crypto)
 
 // DOM Traversal classes
 DOMCI_CLASS(TreeWalker)

dom/base/nsGlobalWindow.cpp

@@ -85,9 +85,7 @@
 #include "nsIHTMLDocument.h"
 #include "nsIDOMHTMLDocument.h"
 #include "nsIDOMHTMLElement.h"
-#ifndef MOZ_DISABLE_DOMCRYPTO
-#include "nsIDOMCrypto.h"
-#endif
+#include "Crypto.h"
 #include "nsIDOMDocument.h"
 #include "nsIDOMElement.h"
 #include "nsIDOMEvent.h"
@@ -420,10 +418,6 @@ nsGlobalWindow::DOMMinTimeoutValue() const {
 static NS_DEFINE_CID(kXULControllersCID, NS_XULCONTROLLERS_CID);
 
 static const char sJSStackContractID[] = "@mozilla.org/js/xpc/ContextStack;1";
-#ifndef MOZ_DISABLE_DOMCRYPTO
-static const char kCryptoContractID[] = NS_CRYPTO_CONTRACTID;
-static const char kPkcs11ContractID[] = NS_PKCS11_CONTRACTID;
-#endif
 static const char sPopStatePrefStr[] = "browser.history.allowPopState";
 
 #define NETWORK_UPLOAD_EVENT_NAME     NS_LITERAL_STRING("moznetworkupload")
@@ -2024,12 +2018,15 @@ nsGlobalWindow::SetNewDocument(nsIDocument* aDocument,
   NS_ENSURE_TRUE(scx, NS_ERROR_NOT_INITIALIZED);
 
   JSContext *cx = scx->GetNativeContext();
-#ifndef MOZ_DISABLE_DOMCRYPTO
+
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
   // clear smartcard events, our document has gone away.
   if (mCrypto) {
-    mCrypto->SetEnableSmartCardEvents(false);
+    nsresult rv = mCrypto->SetEnableSmartCardEvents(false);
+    NS_ENSURE_SUCCESS(rv, rv);
   }
 #endif
+
   if (!mDocument) {
     // First document load.
 
@@ -3579,19 +3576,17 @@ nsGlobalWindow::GetApplicationCache(nsIDOMOfflineResourceList **aApplicationCach
 NS_IMETHODIMP
 nsGlobalWindow::GetCrypto(nsIDOMCrypto** aCrypto)
 {
-#ifdef MOZ_DISABLE_DOMCRYPTO
-  return NS_ERROR_NOT_IMPLEMENTED;
-#else
   FORWARD_TO_OUTER(GetCrypto, (aCrypto), NS_ERROR_NOT_INITIALIZED);
 
   if (!mCrypto) {
-    mCrypto = do_CreateInstance(kCryptoContractID);
-  }
-
-  NS_IF_ADDREF(*aCrypto = mCrypto);
-
-  return NS_OK;
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
+    mCrypto = do_CreateInstance(NS_CRYPTO_CONTRACTID);
+#else
+    mCrypto = new Crypto();
 #endif
+  }
+  NS_IF_ADDREF(*aCrypto = mCrypto);
+  return NS_OK;
 }
 
 NS_IMETHODIMP

dom/base/nsGlobalWindow.h

@@ -41,9 +41,6 @@
 #include "nsIScriptSecurityManager.h"
 #include "nsEventListenerManager.h"
 #include "nsIDOMDocument.h"
-#ifndef MOZ_DISABLE_DOMCRYPTO
-#include "nsIDOMCrypto.h"
-#endif
 #include "nsIPrincipal.h"
 #include "nsIXPCScriptable.h"
 #include "nsPoint.h"
@@ -96,6 +93,7 @@
 class nsIDOMBarProp;
 class nsIDocument;
 class nsPresContext;
+class nsIDOMCrypto;
 class nsIDOMEvent;
 class nsIScrollableFrame;
 class nsIControllers;
@@ -115,10 +113,6 @@ class nsDOMOfflineResourceList;
 class nsDOMWindowUtils;
 class nsIIdleService;
 
-#ifdef MOZ_DISABLE_DOMCRYPTO
-class nsIDOMCrypto;
-#endif
-
 class nsWindowSizes;
 
 namespace mozilla {
@@ -1080,9 +1074,8 @@ protected:
   nsString                      mDefaultStatus;
   // index 0->language_id 1, so index MAX-1 == language_id MAX
   nsGlobalWindowObserver*       mObserver;
-#ifndef MOZ_DISABLE_DOMCRYPTO
   nsCOMPtr<nsIDOMCrypto>        mCrypto;
-#endif
+
   nsCOMPtr<nsIDOMStorage>      mLocalStorage;
   nsCOMPtr<nsIDOMStorage>      mSessionStorage;
 

dom/interfaces/base/Makefile.in

@@ -32,7 +32,6 @@ XPIDLSRCS =					\
 	nsIDOMClientInformation.idl		\
 	nsIDOMConstructor.idl			\
 	nsIDOMCRMFObject.idl			\
-	nsIDOMCrypto.idl			\
 	nsIDOMHistory.idl			\
 	nsIDOMLocation.idl			\
 	nsIDOMMediaQueryList.idl		\
@@ -58,10 +57,20 @@ XPIDLSRCS =					\
 	nsIIdleObserver.idl			\
 	$(NULL)
 
+ifdef MOZ_DISABLE_CRYPTOLEGACY
+XPIDLSRCS += \
+	nsIDOMCrypto.idl			\
+	$(NULL)
+else
+XPIDLSRCS += \
+	nsIDOMCryptoLegacy.idl			\
+	$(NULL)
+endif
+
 ifdef MOZ_B2G
 XPIDLSRCS += \
-  nsIDOMWindowB2G.idl \
-  $(NULL)
+	nsIDOMWindowB2G.idl \
+	$(NULL)
 endif
 
 include $(topsrcdir)/config/rules.mk

dom/interfaces/base/nsIDOMCrypto.idl

@@ -3,22 +3,9 @@
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
-#include "domstubs.idl"
-
-[scriptable, uuid(12b6d899-2aed-4ea9-8c02-2223ab7ab592)]
+#include "nsISupports.idl"
+ 
+[scriptable, uuid(eadb45d6-aec2-4b70-95f4-ffdf1f86738f)]
 interface nsIDOMCrypto : nsISupports
 {
-  readonly attribute DOMString        version;
-  attribute boolean         enableSmartCardEvents;
-
-  nsIDOMCRMFObject          generateCRMFRequest(/* ... */);
-  DOMString                 importUserCertificates(in DOMString nickname,
-                                                   in DOMString cmmfResponse,
-                                                   in boolean doForcedBackup);
-  DOMString                 popChallengeResponse(in DOMString challenge);
-  DOMString                 random(in long numBytes);
-  DOMString                 signText(in DOMString stringToSign,
-                                     in DOMString caOption /* ... */);
-  void                      logout();
-  void                      disableRightClick();
 };

dom/interfaces/base/nsIDOMCryptoLegacy.idl

@@ -0,0 +1,26 @@
+/* -*- Mode: IDL; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "domstubs.idl"
+
+interface nsIDOMCRMFObject;
+
+[scriptable, uuid(b50312fa-06ec-460c-b5e9-5dbb009eb457)]
+interface nsIDOMCrypto : nsISupports
+{
+  readonly attribute DOMString        version;
+  attribute boolean         enableSmartCardEvents;
+
+  nsIDOMCRMFObject          generateCRMFRequest(/* ... */);
+  DOMString                 importUserCertificates(in DOMString nickname,
+                                                   in DOMString cmmfResponse,
+                                                   in boolean doForcedBackup);
+  DOMString                 popChallengeResponse(in DOMString challenge);
+  DOMString                 random(in long numBytes);
+  DOMString                 signText(in DOMString stringToSign,
+                                     in DOMString caOption /* ... */);
+  void                      logout();
+  void                      disableRightClick();
+};

dom/tests/mochitest/Makefile.in

@@ -18,6 +18,7 @@ DIRS	+= \
 	ajax \
 	bugs \
 	chrome \
+	crypto \
 	general \
 	whatwg \
 	geolocation \

dom/tests/mochitest/crypto/Makefile.in

@@ -0,0 +1,24 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this file,
+# You can obtain one at http://mozilla.org/MPL/2.0/.
+
+DEPTH		= ../../../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+relativesrcdir	= dom/tests/mochitest/crypto
+
+include $(DEPTH)/config/autoconf.mk
+include $(topsrcdir)/config/rules.mk
+
+_TEST_FILES = \
+    $(NULL)
+    
+ifndef MOZ_DISABLE_CRYPTOLEGACY
+_TEST_FILES += test_legacy.html
+else
+_TEST_FILES += test_no_legacy.html
+endif
+
+libs::	$(_TEST_FILES)
+	$(INSTALL) $(foreach f,$^,"$f") $(DEPTH)/_tests/testing/mochitest/tests/$(relativesrcdir)

dom/tests/mochitest/crypto/test_legacy.html

@@ -0,0 +1,28 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <title>Test presence of legacy window.crypto features when
+         MOZ_DISABLE_CRYPTOLEGACY is NOT set.</title>
+  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>        
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<script class="testbody" type="text/javascript">
+
+ok("crypto" in window, "crypto in window");
+ok("version" in window.crypto, "version in window.crypto");
+ok("enableSmartCardEvents" in window.crypto,
+   "enableSmartCardEvents in window.crypto");
+ok("generateCRMFRequest" in window.crypto,
+   "generateCRMFRequest in window.crypto");
+ok("importUserCertificates" in window.crypto,
+   "importUserCertificates in window.crypto");
+ok("popChallengeResponse" in window.crypto,
+   "popChallengeResponse in window.crypto");
+ok("random" in window.crypto, "random in window.crypto");
+ok("signText" in window.crypto, "signText in window.crypto");
+ok("disableRightClick" in window.crypto,
+   "disableRightClick in window.crypto");
+
+</script>
+</body></html>

dom/tests/mochitest/crypto/test_no_legacy.html

@@ -0,0 +1,28 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <title>Test lack of legacy window.crypto features when
+         MOZ_DISABLE_CRYPTOLEGACY is set</title>
+  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>        
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<script class="testbody" type="text/javascript">
+
+ok("crypto" in window, "crypto in window");
+ok(!("version" in window.crypto), "version not in window.crypto");
+ok(!("enableSmartCardEvents" in window.crypto),
+   "enableSmartCardEvents not in window.crypto");
+ok(!("generateCRMFRequest" in window.crypto),
+   "generateCRMFRequest not in window.crypto");
+ok(!("importUserCertificates" in window.crypto),
+   "importUserCertificates not in window.crypto");
+ok(!("popChallengeResponse" in window.crypto),
+   "popChallengeResponse not in window.crypto");
+ok(!("random" in window.crypto), "random not in window.crypto");
+ok(!("signText" in window.crypto), "signText not in window.crypto");
+ok(!("disableRightClick" in window.crypto),
+   "disableRightClick not in window.crypto");
+
+</script>
+</body></html>

mobile/android/confvars.sh

@@ -14,7 +14,7 @@ MOZ_OFFICIAL_BRANDING_DIRECTORY=mobile/android/branding/official
 
 MOZ_SAFE_BROWSING=1
 
-MOZ_DISABLE_DOMCRYPTO=1
+MOZ_DISABLE_CRYPTOLEGACY=1
 
 # Enable getUserMedia
 MOZ_MEDIA_NAVIGATOR=1

security/manager/ssl/src/Makefile.in

@@ -62,7 +62,6 @@ CPPSRCS = 				\
   nsCRLManager.cpp \
   nsNSSShutDown.cpp \
   nsNTLMAuthModule.cpp \
-  nsSmartCardMonitor.cpp \
   nsStreamCipher.cpp \
   nsKeyModule.cpp \
   nsIdentityChecking.cpp \
@@ -76,6 +75,12 @@ CPPSRCS = 				\
   SharedSSLState.cpp \
   $(NULL)
 
+ifndef MOZ_DISABLE_CRYPTOLEGACY
+CPPSRCS += \
+  nsSmartCardMonitor.cpp \
+  $(NULL)
+endif
+
 ifdef MOZ_XUL
 CPPSRCS += nsCertTree.cpp
 endif

security/manager/ssl/src/nsCrypto.cpp

@@ -3,8 +3,18 @@
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-#include "nsNSSComponent.h"
 #include "nsCrypto.h"
+#include "nsNSSComponent.h"
+#include "secmod.h"
+
+#include "nsReadableUtils.h"
+#include "nsCRT.h"
+#include "nsXPIDLString.h"
+#include "nsISaveAsCharset.h"
+#include "nsNativeCharsetUtils.h"
+
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
+#include "nsNSSComponent.h"
 #include "nsKeygenHandler.h"
 #include "nsKeygenThread.h"
 #include "nsNSSCertificate.h"
@@ -15,7 +25,6 @@
 #include "nsIServiceManager.h"
 #include "nsIMemory.h"
 #include "nsAlgorithm.h"
-#include "nsCRT.h"
 #include "prprf.h"
 #include "nsDOMCID.h"
 #include "nsIDOMWindow.h"
@@ -34,7 +43,6 @@
 #include "nsJSPrincipals.h"
 #include "nsIPrincipal.h"
 #include "nsIScriptSecurityManager.h"
-#include "nsXPIDLString.h"
 #include "nsIGenKeypairInfoDlg.h"
 #include "nsIDOMCryptoDialogs.h"
 #include "nsIFormSigningDialog.h"
@@ -42,7 +50,6 @@
 #include "jsapi.h"
 #include "jsdbgapi.h"
 #include <ctype.h>
-#include "nsReadableUtils.h"
 #include "pk11func.h"
 #include "keyhi.h"
 #include "cryptohi.h"
@@ -57,22 +64,18 @@
 #include "cert.h"
 #include "certdb.h"
 #include "secmod.h"
-#include "nsISaveAsCharset.h"
-#include "nsNativeCharsetUtils.h"
 #include "ScopedNSSTypes.h"
 
 #include "ssl.h" // For SSL_ClearSessionCache
 
 #include "nsNSSCleaner.h"
 
-#include "nsNSSShutDown.h"
 #include "nsNSSCertHelper.h"
 #include <algorithm>
+#endif
 
 using namespace mozilla;
 
-NSSCleanupAutoPtrClass_WithParam(PK11Context, PK11_DestroyContext, TrueParam, true)
-
 /*
  * These are the most common error strings that are returned
  * by the JavaScript methods in case of error.
@@ -98,6 +101,16 @@ NSSCleanupAutoPtrClass_WithParam(PK11Context, PK11_DestroyContext, TrueParam, tr
 #define JS_ERR_BAD_CIPHER_ENABLE_FLAGS    -9
 #define JS_ERR_ADD_DUPLICATE_MOD          -10
 
+namespace {
+  
+NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
+
+} // unnamed namespace
+
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
+
+NSSCleanupAutoPtrClass_WithParam(PK11Context, PK11_DestroyContext, TrueParam, true)
+
 /*
  * This structure is used to store information for one key generation.
  * The nsCrypto::GenerateCRMFRequest method parses the inputs and then
@@ -195,13 +208,11 @@ private:
 // QueryInterface implementation for nsCrypto
 NS_INTERFACE_MAP_BEGIN(nsCrypto)
   NS_INTERFACE_MAP_ENTRY(nsIDOMCrypto)
-  NS_INTERFACE_MAP_ENTRY(nsISupports)
-  NS_DOM_INTERFACE_MAP_ENTRY_CLASSINFO(Crypto)
-NS_INTERFACE_MAP_END
-
-NS_IMPL_ADDREF(nsCrypto)
-NS_IMPL_RELEASE(nsCrypto)
+NS_INTERFACE_MAP_END_INHERITING(mozilla::dom::Crypto)
 
+NS_IMPL_ADDREF_INHERITED(nsCrypto, mozilla::dom::Crypto)
+NS_IMPL_RELEASE_INHERITED(nsCrypto, mozilla::dom::Crypto)
+ 
 // QueryInterface implementation for nsCRMFObject
 NS_INTERFACE_MAP_BEGIN(nsCRMFObject)
   NS_INTERFACE_MAP_ENTRY(nsIDOMCRMFObject)
@@ -213,6 +224,8 @@ NS_IMPL_ADDREF(nsCRMFObject)
 NS_IMPL_RELEASE(nsCRMFObject)
 
 // QueryInterface implementation for nsPkcs11
+#endif // MOZ_DISABLE_CRYPTOLEGACY
+
 NS_INTERFACE_MAP_BEGIN(nsPkcs11)
   NS_INTERFACE_MAP_ENTRY(nsIPKCS11)
   NS_INTERFACE_MAP_ENTRY(nsISupports)
@@ -221,6 +234,8 @@ NS_INTERFACE_MAP_END
 NS_IMPL_ADDREF(nsPkcs11)
 NS_IMPL_RELEASE(nsPkcs11)
 
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
+
 // ISupports implementation for nsCryptoRunnable
 NS_IMPL_ISUPPORTS1(nsCryptoRunnable, nsIRunnable)
 
@@ -230,8 +245,6 @@ NS_IMPL_ISUPPORTS1(nsP12Runnable, nsIRunnable)
 // ISupports implementation for nsCryptoRunArgs
 NS_IMPL_ISUPPORTS0(nsCryptoRunArgs)
 
-static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
-
 nsCrypto::nsCrypto() :
   mEnableSmartCardEvents(false)
 {
@@ -2871,6 +2884,8 @@ nsCRMFObject::SetCRMFRequest(char *inRequest)
   return NS_OK;
 }
 
+#endif // MOZ_DISABLE_CRYPTOLEGACY
+
 nsPkcs11::nsPkcs11()
 {
 }
@@ -2879,33 +2894,6 @@ nsPkcs11::~nsPkcs11()
 {
 }
 
-//Quick function to confirm with the user.
-bool
-confirm_user(const PRUnichar *message)
-{
-  int32_t buttonPressed = 1; // If the user exits by clicking the close box, assume No (button 1)
-
-  nsCOMPtr<nsIPrompt> prompter;
-  (void) nsNSSComponent::GetNewPrompter(getter_AddRefs(prompter));
-
-  if (prompter) {
-    nsPSMUITracker tracker;
-    if (!tracker.isUIForbidden()) {
-      // The actual value is irrelevant but we shouldn't be handing out
-      // malformed JSBools to XPConnect.
-      bool checkState = false;
-      prompter->ConfirmEx(0, message,
-                          (nsIPrompt::BUTTON_DELAY_ENABLE) +
-                          (nsIPrompt::BUTTON_POS_1_DEFAULT) +
-                          (nsIPrompt::BUTTON_TITLE_OK * nsIPrompt::BUTTON_POS_0) +
-                          (nsIPrompt::BUTTON_TITLE_CANCEL * nsIPrompt::BUTTON_POS_1),
-                          nullptr, nullptr, nullptr, nullptr, &checkState, &buttonPressed);
-    }
-  }
-
-  return (buttonPressed == 0);
-}
-
 //Delete a PKCS11 module from the user's profile.
 NS_IMETHODIMP
 nsPkcs11::DeleteModule(const nsAString& aModuleName)
@@ -2928,7 +2916,9 @@ nsPkcs11::DeleteModule(const nsAString& aModuleName)
   if (srv == SECSuccess) {
     SECMODModule *module = SECMOD_FindModule(modName.get());
     if (module) {
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
       nssComponent->ShutdownSmartCardThread(module);
+#endif
       SECMOD_DestroyModule(module);
     }
     rv = NS_OK;
@@ -2960,7 +2950,9 @@ nsPkcs11::AddModule(const nsAString& aModuleName,
   if (srv == SECSuccess) {
     SECMODModule *module = SECMOD_FindModule(moduleName.get());
     if (module) {
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
       nssComponent->LaunchSmartCardThread(module);
+#endif
       SECMOD_DestroyModule(module);
     }
   }

security/manager/ssl/src/nsCrypto.h

@@ -5,10 +5,12 @@
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 #ifndef _nsCrypto_h_
 #define _nsCrypto_h_
+
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
+#include "Crypto.h"
 #include "nsCOMPtr.h"
 #include "nsIDOMCRMFObject.h"
-#include "nsIDOMCrypto.h"
-#include "nsIPKCS11.h"
+#include "nsIDOMCryptoLegacy.h"
 #include "nsIRunnable.h"
 #include "nsString.h"
 #include "jsapi.h"
@@ -17,11 +19,6 @@
 #define NS_CRYPTO_CLASSNAME "Crypto JavaScript Class"
 #define NS_CRYPTO_CID \
   {0x929d9320, 0x251e, 0x11d4, { 0x8a, 0x7c, 0x00, 0x60, 0x08, 0xc8, 0x44, 0xc3} }
-
-#define NS_PKCS11_CLASSNAME "Pkcs11 JavaScript Class"
-#define NS_PKCS11_CID \
-  {0x74b7a390, 0x3b41, 0x11d4, { 0x8a, 0x80, 0x00, 0x60, 0x08, 0xc8, 0x44, 0xc3} }
-
 #define PSM_VERSION_STRING "2.4"
 
 class nsIPSMComponent;
@@ -46,14 +43,16 @@ private:
 };
 
 
-class nsCrypto: public nsIDOMCrypto
+class nsCrypto: public mozilla::dom::Crypto
 {
 public:
   nsCrypto();
   virtual ~nsCrypto();
-  nsresult init();
-  
-  NS_DECL_ISUPPORTS
+
+  NS_DECL_ISUPPORTS_INHERITED
+
+  // If legacy DOM crypto is enabled this is the class that actually
+  // implements the legacy methods.
   NS_DECL_NSIDOMCRYPTO
 
 private:
@@ -61,6 +60,13 @@ private:
 
   bool mEnableSmartCardEvents;
 };
+#endif // MOZ_DISABLE_CRYPTOLEGACY
+
+#include "nsIPKCS11.h"
+
+#define NS_PKCS11_CLASSNAME "Pkcs11 JavaScript Class"
+#define NS_PKCS11_CID \
+  {0x74b7a390, 0x3b41, 0x11d4, { 0x8a, 0x80, 0x00, 0x60, 0x08, 0xc8, 0x44, 0xc3} }
 
 class nsPkcs11 : public nsIPKCS11
 {

security/manager/ssl/src/nsNSSComponent.cpp

@@ -19,26 +19,33 @@
 #include "nsIStreamListener.h"
 #include "nsIStringBundle.h"
 #include "nsIDirectoryService.h"
-#include "nsIDOMNode.h"
 #include "nsCURILoader.h"
 #include "nsDirectoryServiceDefs.h"
 #include "nsIX509Cert.h"
 #include "nsIX509CertDB.h"
 #include "nsNSSCertificate.h"
 #include "nsNSSHelper.h"
-#include "nsSmartCardMonitor.h"
 #include "prlog.h"
 #include "nsIPrefService.h"
 #include "nsIPrefBranch.h"
 #include "nsIDateTimeFormat.h"
 #include "nsDateTimeFormatCID.h"
+#include "nsThreadUtils.h"
+
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
+#include "nsIDOMNode.h"
 #include "nsIDOMEvent.h"
 #include "nsIDOMDocument.h"
 #include "nsIDOMWindow.h"
 #include "nsIDOMWindowCollection.h"
 #include "nsIDOMSmartCardEvent.h"
+#include "nsSmartCardMonitor.h"
+#include "nsIDOMCryptoLegacy.h"
+#include "nsIPrincipal.h"
+#else
 #include "nsIDOMCrypto.h"
-#include "nsThreadUtils.h"
+#endif
+
 #include "nsCRT.h"
 #include "nsCRLInfo.h"
 #include "nsCertOverrideService.h"
@@ -58,7 +65,6 @@
 #include "nsICRLManager.h"
 #include "nsNSSShutDown.h"
 #include "GeneratedEvents.h"
-#include "nsIDOMSmartCardEvent.h"
 #include "nsIKeyModule.h"
 #include "ScopedNSSTypes.h"
 #include "SharedSSLState.h"
@@ -205,6 +211,7 @@ private:
   nsCOMPtr<nsIStreamListener> mListener;
 };
 
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
 //This class is used to run the callback code
 //passed to the event handlers for smart card notification
 class nsTokenEventRunnable : public nsIRunnable {
@@ -239,6 +246,7 @@ nsTokenEventRunnable::Run()
 
   return nssComponent->DispatchEvent(mType, mTokenName);
 }
+#endif // MOZ_DISABLE_CRYPTOLEGACY
 
 bool nsPSMInitPanic::isPanic = false;
 
@@ -326,7 +334,9 @@ nsNSSComponent::nsNSSComponent()
   :mutex("nsNSSComponent.mutex"),
    mNSSInitialized(false),
    mCrlTimerLock("nsNSSComponent.mCrlTimerLock"),
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
    mThreadList(nullptr),
+#endif
    mCertVerificationThread(nullptr)
 {
 #ifdef PR_LOGGING
@@ -415,6 +425,7 @@ nsNSSComponent::~nsNSSComponent()
   PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsNSSComponent::dtor finished\n"));
 }
 
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
 NS_IMETHODIMP
 nsNSSComponent::PostEvent(const nsAString &eventType, 
                                                   const nsAString &tokenName)
@@ -538,7 +549,7 @@ nsNSSComponent::DispatchEventToWindow(nsIDOMWindow *domWin,
   rv = target->DispatchEvent(smartCardEvent, &boolrv);
   return rv;
 }
-
+#endif // MOZ_DISABLE_CRYPTOLEGACY
 
 NS_IMETHODIMP
 nsNSSComponent::PIPBundleFormatStringFromName(const char *name,
@@ -620,6 +631,7 @@ nsNSSComponent::GetNSSBundleString(const char *name,
   return rv;
 }
 
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
 void
 nsNSSComponent::LaunchSmartCardThreads()
 {
@@ -675,6 +687,7 @@ nsNSSComponent::ShutdownSmartCardThreads()
   delete mThreadList;
   mThreadList = nullptr;
 }
+#endif // MOZ_DISABLE_CRYPTOLEGACY
 
 static char *
 nss_addEscape(const char *string, char quote)
@@ -1800,7 +1813,9 @@ nsNSSComponent::InitializeNSS(bool showWarningBox)
 
       InstallLoadableRoots();
 
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
       LaunchSmartCardThreads();
+#endif
 
       PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("NSS Initialization done\n"));
     }
@@ -1848,7 +1863,9 @@ nsNSSComponent::ShutdownNSS()
       mPrefBranch->RemoveObserver("security.", this);
     }
 
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
     ShutdownSmartCardThreads();
+#endif
     SSL_ClearSessionCache();
     UnloadLoadableRoots();
     CleanupIdentityInfo();

security/manager/ssl/src/nsNSSComponent.h

@@ -16,13 +16,15 @@
 #include "nsIEntropyCollector.h"
 #include "nsString.h"
 #include "nsIStringBundle.h"
-#include "nsIDOMEventTarget.h"
 #include "nsIPrefBranch.h"
 #include "nsIObserver.h"
 #include "nsIObserverService.h"
 #include "nsWeakReference.h"
 #include "nsIScriptSecurityManager.h"
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
+#include "nsIDOMEventTarget.h"
 #include "nsSmartCardMonitor.h"
+#endif
 #include "nsINSSErrorsService.h"
 #include "nsITimer.h"
 #include "nsNetUtil.h"
@@ -146,6 +148,7 @@ class NS_NO_VTABLE nsINSSComponent : public nsISupports {
   
   NS_IMETHOD LogoutAuthenticatedPK11() = 0;
 
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
   NS_IMETHOD LaunchSmartCardThread(SECMODModule *module) = 0;
 
   NS_IMETHOD ShutdownSmartCardThread(SECMODModule *module) = 0;
@@ -153,6 +156,7 @@ class NS_NO_VTABLE nsINSSComponent : public nsISupports {
   NS_IMETHOD PostEvent(const nsAString &eventType, const nsAString &token) = 0;
 
   NS_IMETHOD DispatchEvent(const nsAString &eventType, const nsAString &token) = 0;
+#endif
   
   NS_IMETHOD EnsureIdentityInfoLoaded() = 0;
 
@@ -253,10 +257,15 @@ public:
   NS_IMETHOD DownloadCRLDirectly(nsAutoString, nsAutoString);
   NS_IMETHOD RememberCert(CERTCertificate *cert);
 
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
   NS_IMETHOD LaunchSmartCardThread(SECMODModule *module);
   NS_IMETHOD ShutdownSmartCardThread(SECMODModule *module);
   NS_IMETHOD PostEvent(const nsAString &eventType, const nsAString &token);
   NS_IMETHOD DispatchEvent(const nsAString &eventType, const nsAString &token);
+  void LaunchSmartCardThreads();
+  void ShutdownSmartCardThreads();
+  nsresult DispatchEventToWindow(nsIDOMWindow *domWin, const nsAString &eventType, const nsAString &token);
+#endif
   NS_IMETHOD EnsureIdentityInfoLoaded();
   NS_IMETHOD IsNSSInitialized(bool *initialized);
 
@@ -275,8 +284,6 @@ private:
   
   void InstallLoadableRoots();
   void UnloadLoadableRoots();
-  void LaunchSmartCardThreads();
-  void ShutdownSmartCardThreads();
   void CleanupIdentityInfo();
   void setValidationOptions(nsIPrefBranch * pref);
   nsresult InitializePIPNSSBundle();
@@ -287,7 +294,6 @@ private:
   nsresult DownloadCrlSilently();
   nsresult PostCRLImportEvent(const nsCSubstring &urlString, nsIStreamListener *psmDownloader);
   nsresult getParamsForNextCrlToDownload(nsAutoString *url, PRTime *time, nsAutoString *key);
-  nsresult DispatchEventToWindow(nsIDOMWindow *domWin, const nsAString &eventType, const nsAString &token);
 
   // Methods that we use to handle the profile change notifications (and to
   // synthesize a full profile change when we're just doing a profile startup):
@@ -315,7 +321,9 @@ private:
   bool mUpdateTimerInitialized;
   static int mInstanceCount;
   nsNSSShutDownList *mShutdownObjectList;
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
   SmartCardThreadList *mThreadList;
+#endif
   bool mIsNetworkDown;
 
   void deleteBackgroundThreads();

security/manager/ssl/src/nsNSSModule.cpp

@@ -186,7 +186,9 @@ NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsNSSCertCache)
 #ifdef MOZ_XUL
 NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsCertTree)
 #endif
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
 NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsCrypto)
+#endif
 NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsPkcs11)
 NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsCMSSecureMessage)
 NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsCMSDecoder)
@@ -225,7 +227,9 @@ NS_DEFINE_NAMED_CID(NS_FORMPROCESSOR_CID);
 NS_DEFINE_NAMED_CID(NS_CERTTREE_CID);
 #endif
 NS_DEFINE_NAMED_CID(NS_PKCS11_CID);
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
 NS_DEFINE_NAMED_CID(NS_CRYPTO_CID);
+#endif
 NS_DEFINE_NAMED_CID(NS_CMSSECUREMESSAGE_CID);
 NS_DEFINE_NAMED_CID(NS_CMSDECODER_CID);
 NS_DEFINE_NAMED_CID(NS_CMSENCODER_CID);
@@ -262,7 +266,9 @@ static const mozilla::Module::CIDEntry kNSSCIDs[] = {
   { &kNS_CERTTREE_CID, false, nullptr, nsCertTreeConstructor },
 #endif
   { &kNS_PKCS11_CID, false, nullptr, nsPkcs11Constructor },
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
   { &kNS_CRYPTO_CID, false, nullptr, nsCryptoConstructor },
+#endif
   { &kNS_CMSSECUREMESSAGE_CID, false, nullptr, nsCMSSecureMessageConstructor },
   { &kNS_CMSDECODER_CID, false, nullptr, nsCMSDecoderConstructor },
   { &kNS_CMSENCODER_CID, false, nullptr, nsCMSEncoderConstructor },
@@ -302,7 +308,9 @@ static const mozilla::Module::ContractIDEntry kNSSContracts[] = {
   { NS_CERTTREE_CONTRACTID, &kNS_CERTTREE_CID },
 #endif
   { NS_PKCS11_CONTRACTID, &kNS_PKCS11_CID },
+#ifndef MOZ_DISABLE_CRYPTOLEGACY
   { NS_CRYPTO_CONTRACTID, &kNS_CRYPTO_CID },
+#endif
   { NS_CMSSECUREMESSAGE_CONTRACTID, &kNS_CMSSECUREMESSAGE_CID },
   { NS_CMSDECODER_CONTRACTID, &kNS_CMSDECODER_CID },
   { NS_CMSENCODER_CONTRACTID, &kNS_CMSENCODER_CID },