From 5ccb7367b2e53b9c673f00e26097169ac1eb1b40 Mon Sep 17 00:00:00 2001 From: David Dahl Date: Sat, 16 Feb 2013 22:43:16 -0600 Subject: [PATCH] Bug 683262 - window.crypto throws if MOZ_DISABLE_DOMCRYPTO is turned on - window.crypto patch - r=jst --HG-- rename : dom/interfaces/base/nsIDOMCrypto.idl => dom/interfaces/base/nsIDOMCryptoLegacy.idl --- b2g/confvars.sh | 2 +- configure.in | 7 +- dom/base/Crypto.cpp | 100 ++++++++++++++++++ dom/base/Crypto.h | 33 ++++++ dom/base/Makefile.in | 2 + dom/base/nsDOMClassInfo.cpp | 29 +++-- dom/base/nsDOMClassInfo.h | 5 + dom/base/nsDOMClassInfoClasses.h | 4 +- dom/base/nsGlobalWindow.cpp | 31 +++--- dom/base/nsGlobalWindow.h | 11 +- dom/interfaces/base/Makefile.in | 15 ++- dom/interfaces/base/nsIDOMCrypto.idl | 19 +--- dom/interfaces/base/nsIDOMCryptoLegacy.idl | 26 +++++ dom/tests/mochitest/Makefile.in | 1 + dom/tests/mochitest/crypto/Makefile.in | 24 +++++ dom/tests/mochitest/crypto/test_legacy.html | 28 +++++ .../mochitest/crypto/test_no_legacy.html | 28 +++++ mobile/android/confvars.sh | 2 +- security/manager/ssl/src/Makefile.in | 7 +- security/manager/ssl/src/nsCrypto.cpp | 80 +++++++------- security/manager/ssl/src/nsCrypto.h | 28 +++-- security/manager/ssl/src/nsNSSComponent.cpp | 27 ++++- security/manager/ssl/src/nsNSSComponent.h | 16 ++- security/manager/ssl/src/nsNSSModule.cpp | 8 ++ 24 files changed, 407 insertions(+), 126 deletions(-) create mode 100644 dom/base/Crypto.cpp create mode 100644 dom/base/Crypto.h create mode 100644 dom/interfaces/base/nsIDOMCryptoLegacy.idl create mode 100644 dom/tests/mochitest/crypto/Makefile.in create mode 100644 dom/tests/mochitest/crypto/test_legacy.html create mode 100644 dom/tests/mochitest/crypto/test_no_legacy.html diff --git a/b2g/confvars.sh b/b2g/confvars.sh index d99909bcaa4..5dc14639919 100755 --- a/b2g/confvars.sh +++ b/b2g/confvars.sh @@ -23,7 +23,7 @@ MOZ_SERVICES_METRICS=1 MOZ_CAPTIVEDETECT=1 MOZ_WEBSMS_BACKEND=1 -MOZ_DISABLE_DOMCRYPTO=1 +MOZ_DISABLE_CRYPTOLEGACY=1 MOZ_APP_STATIC_INI=1 if test "$OS_TARGET" = "Android"; then diff --git a/configure.in b/configure.in index ede3a758aec..4c0e6c4a098 100644 --- a/configure.in +++ b/configure.in @@ -4241,7 +4241,7 @@ MOZ_XUL=1 MOZ_ZIPWRITER=1 NS_PRINTING=1 MOZ_PDF_PRINTING= -MOZ_DISABLE_DOMCRYPTO= +MOZ_DISABLE_CRYPTOLEGACY= NSS_DISABLE_DBM= NECKO_WIFI=1 NECKO_COOKIES=1 @@ -6340,9 +6340,10 @@ AC_SUBST(MOZ_DISABLE_PARENTAL_CONTROLS) dnl ======================================================== dnl = Disable DOMCrypto dnl ======================================================== -if test -n "$MOZ_DISABLE_DOMCRYPTO"; then - AC_DEFINE(MOZ_DISABLE_DOMCRYPTO) +if test -n "$MOZ_DISABLE_CRYPTOLEGACY"; then + AC_DEFINE(MOZ_DISABLE_CRYPTOLEGACY) fi +AC_SUBST(MOZ_DISABLE_CRYPTOLEGACY) dnl ======================================================== dnl = diff --git a/dom/base/Crypto.cpp b/dom/base/Crypto.cpp new file mode 100644 index 00000000000..c9b80e438df --- /dev/null +++ b/dom/base/Crypto.cpp @@ -0,0 +1,100 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ +#include "Crypto.h" +#include "nsIDOMClassInfo.h" +#include "nsString.h" + +namespace mozilla { +namespace dom { + +NS_INTERFACE_MAP_BEGIN(Crypto) + NS_INTERFACE_MAP_ENTRY(nsISupports) + NS_INTERFACE_MAP_ENTRY(nsIDOMCrypto) + NS_DOM_INTERFACE_MAP_ENTRY_CLASSINFO(Crypto) +NS_INTERFACE_MAP_END + +NS_IMPL_ADDREF(Crypto) +NS_IMPL_RELEASE(Crypto) + +Crypto::Crypto() +{ + MOZ_COUNT_CTOR(Crypto); +} + +Crypto::~Crypto() +{ + MOZ_COUNT_DTOR(Crypto); +} + +#ifndef MOZ_DISABLE_CRYPTOLEGACY +// Stub out the legacy nsIDOMCrypto methods. The actual +// implementations are in security/manager/ssl/src/nsCrypto.{cpp,h} + +NS_IMETHODIMP +Crypto::GetVersion(nsAString & aVersion) +{ + return NS_ERROR_NOT_IMPLEMENTED; +} + +NS_IMETHODIMP +Crypto::GetEnableSmartCardEvents(bool *aEnableSmartCardEvents) +{ + return NS_ERROR_NOT_IMPLEMENTED; +} + +NS_IMETHODIMP +Crypto::SetEnableSmartCardEvents(bool aEnableSmartCardEvents) +{ + return NS_ERROR_NOT_IMPLEMENTED; +} + +NS_IMETHODIMP +Crypto::GenerateCRMFRequest(nsIDOMCRMFObject * *_retval) +{ + return NS_ERROR_NOT_IMPLEMENTED; +} + +NS_IMETHODIMP +Crypto::ImportUserCertificates(const nsAString & nickname, + const nsAString & cmmfResponse, + bool doForcedBackup, nsAString & _retval) +{ + return NS_ERROR_NOT_IMPLEMENTED; +} + +NS_IMETHODIMP +Crypto::PopChallengeResponse(const nsAString & challenge, + nsAString & _retval) +{ + return NS_ERROR_NOT_IMPLEMENTED; +} + +NS_IMETHODIMP +Crypto::Random(int32_t numBytes, nsAString & _retval) +{ + return NS_ERROR_NOT_IMPLEMENTED; +} + +NS_IMETHODIMP +Crypto::SignText(const nsAString & stringToSign, const nsAString & caOption, + nsAString & _retval) +{ + return NS_ERROR_NOT_IMPLEMENTED; +} + +NS_IMETHODIMP +Crypto::Logout() +{ + return NS_ERROR_NOT_IMPLEMENTED; +} + +NS_IMETHODIMP +Crypto::DisableRightClick() +{ + return NS_ERROR_NOT_IMPLEMENTED; +} +#endif + +} // namespace dom +} // namespace mozilla diff --git a/dom/base/Crypto.h b/dom/base/Crypto.h new file mode 100644 index 00000000000..4f41423beb5 --- /dev/null +++ b/dom/base/Crypto.h @@ -0,0 +1,33 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ +#ifndef mozilla_dom_Crypto_h +#define mozilla_dom_Crypto_h + +#ifdef MOZ_DISABLE_CRYPTOLEGACY +#include "nsIDOMCrypto.h" +#else +#include "nsIDOMCryptoLegacy.h" +#endif + +#define NS_DOMCRYPTO_CLASSNAME "Crypto JavaScript Class" +#define NS_DOMCRYPTO_CID \ + {0x929d9320, 0x251e, 0x11d4, { 0x8a, 0x7c, 0x00, 0x60, 0x08, 0xc8, 0x44, 0xc3} } + +namespace mozilla { +namespace dom { + +class Crypto : public nsIDOMCrypto +{ +public: + Crypto(); + virtual ~Crypto(); + + NS_DECL_ISUPPORTS + NS_DECL_NSIDOMCRYPTO +}; + +} // namespace dom +} // namespace mozilla + +#endif // mozilla_dom_Crypto_h diff --git a/dom/base/Makefile.in b/dom/base/Makefile.in index 178feee8cc6..6f47a054a41 100644 --- a/dom/base/Makefile.in +++ b/dom/base/Makefile.in @@ -79,6 +79,7 @@ EXPORTS = \ nsContentPermissionHelper.h \ nsStructuredCloneContainer.h \ nsWindowMemoryReporter.h \ + Crypto.h \ $(NULL) EXPORTS_NAMESPACES = mozilla/dom @@ -117,6 +118,7 @@ CPPSRCS = \ nsDOMNavigationTiming.cpp \ nsPerformance.cpp \ nsWindowMemoryReporter.cpp \ + Crypto.cpp \ DOMError.cpp \ DOMRequest.cpp \ DOMCursor.cpp \ diff --git a/dom/base/nsDOMClassInfo.cpp b/dom/base/nsDOMClassInfo.cpp index d0f83e51821..aac5ca5c9e8 100644 --- a/dom/base/nsDOMClassInfo.cpp +++ b/dom/base/nsDOMClassInfo.cpp @@ -286,8 +286,12 @@ #include "nsIDOMXULDocument.h" #include "nsIDOMXULElement.h" #include "nsIDOMXULCommandDispatcher.h" -#include "nsIDOMCrypto.h" +#ifndef MOZ_DISABLE_CRYPTOLEGACY #include "nsIDOMCRMFObject.h" +#include "nsIDOMCryptoLegacy.h" +#else +#include "nsIDOMCrypto.h" +#endif #include "nsIControllers.h" #include "nsISelection.h" #include "nsIBoxObject.h" @@ -477,7 +481,7 @@ static NS_DEFINE_CID(kDOMSOF_CID, NS_DOM_SCRIPT_OBJECT_FACTORY_CID); static const char kDOMStringBundleURL[] = "chrome://global/locale/dom/dom.properties"; -#ifdef MOZ_DISABLE_DOMCRYPTO +#ifdef MOZ_DISABLE_CRYPTOLEGACY static const bool domCryptoEnabled = false; #else static const bool domCryptoEnabled = true; @@ -556,8 +560,11 @@ static const char kDOMStringBundleURL[] = const uint32_t kDOMClassInfo_##_dom_class##_interfaces = \ 0; -DOMCI_DATA_NO_CLASS(Crypto) +#ifndef MOZ_DISABLE_CRYPTOLEGACY DOMCI_DATA_NO_CLASS(CRMFObject) +#endif +DOMCI_DATA_NO_CLASS(Crypto) + DOMCI_DATA_NO_CLASS(ContentFrameMessageManager) DOMCI_DATA_NO_CLASS(ChromeMessageBroadcaster) DOMCI_DATA_NO_CLASS(ChromeMessageSender) @@ -956,10 +963,12 @@ static nsDOMClassInfoData sClassInfoData[] = { #endif // Crypto classes - NS_DEFINE_CLASSINFO_DATA(Crypto, nsDOMGenericSH, - DOM_DEFAULT_SCRIPTABLE_FLAGS) +#ifndef MOZ_DISABLE_CRYPTOLEGACY NS_DEFINE_CLASSINFO_DATA(CRMFObject, nsDOMGenericSH, DOM_DEFAULT_SCRIPTABLE_FLAGS) +#endif + NS_DEFINE_CLASSINFO_DATA(Crypto, nsDOMGenericSH, + DOM_DEFAULT_SCRIPTABLE_FLAGS) // DOM Traversal classes NS_DEFINE_CLASSINFO_DATA(TreeWalker, nsDOMGenericSH, @@ -2764,14 +2773,16 @@ nsDOMClassInfo::Init() DOM_CLASSINFO_MAP_END #endif +#ifndef MOZ_DISABLE_CRYPTOLEGACY + DOM_CLASSINFO_MAP_BEGIN(CRMFObject, nsIDOMCRMFObject) + DOM_CLASSINFO_MAP_ENTRY(nsIDOMCRMFObject) + DOM_CLASSINFO_MAP_END +#endif + DOM_CLASSINFO_MAP_BEGIN(Crypto, nsIDOMCrypto) DOM_CLASSINFO_MAP_ENTRY(nsIDOMCrypto) DOM_CLASSINFO_MAP_END - DOM_CLASSINFO_MAP_BEGIN(CRMFObject, nsIDOMCRMFObject) - DOM_CLASSINFO_MAP_ENTRY(nsIDOMCRMFObject) - DOM_CLASSINFO_MAP_END - DOM_CLASSINFO_MAP_BEGIN_NO_CLASS_IF(XMLStylesheetProcessingInstruction, nsIDOMProcessingInstruction) DOM_CLASSINFO_MAP_ENTRY(nsIDOMProcessingInstruction) DOM_CLASSINFO_MAP_ENTRY(nsIDOMLinkStyle) diff --git a/dom/base/nsDOMClassInfo.h b/dom/base/nsDOMClassInfo.h index 2c9ce558d65..cb8e5c62ff4 100644 --- a/dom/base/nsDOMClassInfo.h +++ b/dom/base/nsDOMClassInfo.h @@ -29,6 +29,11 @@ class nsIForm; class nsIHTMLDocument; class nsNPAPIPluginInstance; +class nsIDOMCrypto; +#ifndef MOZ_DISABLE_CRYPTOLEGACY +class nsIDOMCRMFObject; +#endif + struct nsDOMClassInfoData; typedef nsIClassInfo* (*nsDOMClassInfoConstructorFnc) diff --git a/dom/base/nsDOMClassInfoClasses.h b/dom/base/nsDOMClassInfoClasses.h index 6c343afa155..b317c9ae2e8 100644 --- a/dom/base/nsDOMClassInfoClasses.h +++ b/dom/base/nsDOMClassInfoClasses.h @@ -149,8 +149,10 @@ DOMCI_CLASS(TreeContentView) #endif // Crypto classes -DOMCI_CLASS(Crypto) +#ifndef MOZ_DISABLE_CRYPTOLEGACY DOMCI_CLASS(CRMFObject) +#endif +DOMCI_CLASS(Crypto) // DOM Traversal classes DOMCI_CLASS(TreeWalker) diff --git a/dom/base/nsGlobalWindow.cpp b/dom/base/nsGlobalWindow.cpp index fc543768896..d021b7d5095 100644 --- a/dom/base/nsGlobalWindow.cpp +++ b/dom/base/nsGlobalWindow.cpp @@ -85,9 +85,7 @@ #include "nsIHTMLDocument.h" #include "nsIDOMHTMLDocument.h" #include "nsIDOMHTMLElement.h" -#ifndef MOZ_DISABLE_DOMCRYPTO -#include "nsIDOMCrypto.h" -#endif +#include "Crypto.h" #include "nsIDOMDocument.h" #include "nsIDOMElement.h" #include "nsIDOMEvent.h" @@ -420,10 +418,6 @@ nsGlobalWindow::DOMMinTimeoutValue() const { static NS_DEFINE_CID(kXULControllersCID, NS_XULCONTROLLERS_CID); static const char sJSStackContractID[] = "@mozilla.org/js/xpc/ContextStack;1"; -#ifndef MOZ_DISABLE_DOMCRYPTO -static const char kCryptoContractID[] = NS_CRYPTO_CONTRACTID; -static const char kPkcs11ContractID[] = NS_PKCS11_CONTRACTID; -#endif static const char sPopStatePrefStr[] = "browser.history.allowPopState"; #define NETWORK_UPLOAD_EVENT_NAME NS_LITERAL_STRING("moznetworkupload") @@ -2024,12 +2018,15 @@ nsGlobalWindow::SetNewDocument(nsIDocument* aDocument, NS_ENSURE_TRUE(scx, NS_ERROR_NOT_INITIALIZED); JSContext *cx = scx->GetNativeContext(); -#ifndef MOZ_DISABLE_DOMCRYPTO + +#ifndef MOZ_DISABLE_CRYPTOLEGACY // clear smartcard events, our document has gone away. if (mCrypto) { - mCrypto->SetEnableSmartCardEvents(false); + nsresult rv = mCrypto->SetEnableSmartCardEvents(false); + NS_ENSURE_SUCCESS(rv, rv); } #endif + if (!mDocument) { // First document load. @@ -3579,19 +3576,17 @@ nsGlobalWindow::GetApplicationCache(nsIDOMOfflineResourceList **aApplicationCach NS_IMETHODIMP nsGlobalWindow::GetCrypto(nsIDOMCrypto** aCrypto) { -#ifdef MOZ_DISABLE_DOMCRYPTO - return NS_ERROR_NOT_IMPLEMENTED; -#else FORWARD_TO_OUTER(GetCrypto, (aCrypto), NS_ERROR_NOT_INITIALIZED); if (!mCrypto) { - mCrypto = do_CreateInstance(kCryptoContractID); - } - - NS_IF_ADDREF(*aCrypto = mCrypto); - - return NS_OK; +#ifndef MOZ_DISABLE_CRYPTOLEGACY + mCrypto = do_CreateInstance(NS_CRYPTO_CONTRACTID); +#else + mCrypto = new Crypto(); #endif + } + NS_IF_ADDREF(*aCrypto = mCrypto); + return NS_OK; } NS_IMETHODIMP diff --git a/dom/base/nsGlobalWindow.h b/dom/base/nsGlobalWindow.h index 40dc4f61494..cb72e4bf1ff 100644 --- a/dom/base/nsGlobalWindow.h +++ b/dom/base/nsGlobalWindow.h @@ -41,9 +41,6 @@ #include "nsIScriptSecurityManager.h" #include "nsEventListenerManager.h" #include "nsIDOMDocument.h" -#ifndef MOZ_DISABLE_DOMCRYPTO -#include "nsIDOMCrypto.h" -#endif #include "nsIPrincipal.h" #include "nsIXPCScriptable.h" #include "nsPoint.h" @@ -96,6 +93,7 @@ class nsIDOMBarProp; class nsIDocument; class nsPresContext; +class nsIDOMCrypto; class nsIDOMEvent; class nsIScrollableFrame; class nsIControllers; @@ -115,10 +113,6 @@ class nsDOMOfflineResourceList; class nsDOMWindowUtils; class nsIIdleService; -#ifdef MOZ_DISABLE_DOMCRYPTO -class nsIDOMCrypto; -#endif - class nsWindowSizes; namespace mozilla { @@ -1080,9 +1074,8 @@ protected: nsString mDefaultStatus; // index 0->language_id 1, so index MAX-1 == language_id MAX nsGlobalWindowObserver* mObserver; -#ifndef MOZ_DISABLE_DOMCRYPTO nsCOMPtr mCrypto; -#endif + nsCOMPtr mLocalStorage; nsCOMPtr mSessionStorage; diff --git a/dom/interfaces/base/Makefile.in b/dom/interfaces/base/Makefile.in index 6009821d294..312aaf5882f 100644 --- a/dom/interfaces/base/Makefile.in +++ b/dom/interfaces/base/Makefile.in @@ -32,7 +32,6 @@ XPIDLSRCS = \ nsIDOMClientInformation.idl \ nsIDOMConstructor.idl \ nsIDOMCRMFObject.idl \ - nsIDOMCrypto.idl \ nsIDOMHistory.idl \ nsIDOMLocation.idl \ nsIDOMMediaQueryList.idl \ @@ -58,10 +57,20 @@ XPIDLSRCS = \ nsIIdleObserver.idl \ $(NULL) +ifdef MOZ_DISABLE_CRYPTOLEGACY +XPIDLSRCS += \ + nsIDOMCrypto.idl \ + $(NULL) +else +XPIDLSRCS += \ + nsIDOMCryptoLegacy.idl \ + $(NULL) +endif + ifdef MOZ_B2G XPIDLSRCS += \ - nsIDOMWindowB2G.idl \ - $(NULL) + nsIDOMWindowB2G.idl \ + $(NULL) endif include $(topsrcdir)/config/rules.mk diff --git a/dom/interfaces/base/nsIDOMCrypto.idl b/dom/interfaces/base/nsIDOMCrypto.idl index e3cfa9571bc..48be1eff1bd 100644 --- a/dom/interfaces/base/nsIDOMCrypto.idl +++ b/dom/interfaces/base/nsIDOMCrypto.idl @@ -3,22 +3,9 @@ * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -#include "domstubs.idl" - -[scriptable, uuid(12b6d899-2aed-4ea9-8c02-2223ab7ab592)] +#include "nsISupports.idl" + +[scriptable, uuid(eadb45d6-aec2-4b70-95f4-ffdf1f86738f)] interface nsIDOMCrypto : nsISupports { - readonly attribute DOMString version; - attribute boolean enableSmartCardEvents; - - nsIDOMCRMFObject generateCRMFRequest(/* ... */); - DOMString importUserCertificates(in DOMString nickname, - in DOMString cmmfResponse, - in boolean doForcedBackup); - DOMString popChallengeResponse(in DOMString challenge); - DOMString random(in long numBytes); - DOMString signText(in DOMString stringToSign, - in DOMString caOption /* ... */); - void logout(); - void disableRightClick(); }; diff --git a/dom/interfaces/base/nsIDOMCryptoLegacy.idl b/dom/interfaces/base/nsIDOMCryptoLegacy.idl new file mode 100644 index 00000000000..f8cd5ee791d --- /dev/null +++ b/dom/interfaces/base/nsIDOMCryptoLegacy.idl @@ -0,0 +1,26 @@ +/* -*- Mode: IDL; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "domstubs.idl" + +interface nsIDOMCRMFObject; + +[scriptable, uuid(b50312fa-06ec-460c-b5e9-5dbb009eb457)] +interface nsIDOMCrypto : nsISupports +{ + readonly attribute DOMString version; + attribute boolean enableSmartCardEvents; + + nsIDOMCRMFObject generateCRMFRequest(/* ... */); + DOMString importUserCertificates(in DOMString nickname, + in DOMString cmmfResponse, + in boolean doForcedBackup); + DOMString popChallengeResponse(in DOMString challenge); + DOMString random(in long numBytes); + DOMString signText(in DOMString stringToSign, + in DOMString caOption /* ... */); + void logout(); + void disableRightClick(); +}; diff --git a/dom/tests/mochitest/Makefile.in b/dom/tests/mochitest/Makefile.in index 5de932179d4..63715b2603e 100644 --- a/dom/tests/mochitest/Makefile.in +++ b/dom/tests/mochitest/Makefile.in @@ -18,6 +18,7 @@ DIRS += \ ajax \ bugs \ chrome \ + crypto \ general \ whatwg \ geolocation \ diff --git a/dom/tests/mochitest/crypto/Makefile.in b/dom/tests/mochitest/crypto/Makefile.in new file mode 100644 index 00000000000..3f5cfa22067 --- /dev/null +++ b/dom/tests/mochitest/crypto/Makefile.in @@ -0,0 +1,24 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this file, +# You can obtain one at http://mozilla.org/MPL/2.0/. + +DEPTH = ../../../.. +topsrcdir = @top_srcdir@ +srcdir = @srcdir@ +VPATH = @srcdir@ +relativesrcdir = dom/tests/mochitest/crypto + +include $(DEPTH)/config/autoconf.mk +include $(topsrcdir)/config/rules.mk + +_TEST_FILES = \ + $(NULL) + +ifndef MOZ_DISABLE_CRYPTOLEGACY +_TEST_FILES += test_legacy.html +else +_TEST_FILES += test_no_legacy.html +endif + +libs:: $(_TEST_FILES) + $(INSTALL) $(foreach f,$^,"$f") $(DEPTH)/_tests/testing/mochitest/tests/$(relativesrcdir) diff --git a/dom/tests/mochitest/crypto/test_legacy.html b/dom/tests/mochitest/crypto/test_legacy.html new file mode 100644 index 00000000000..09b7453d6f2 --- /dev/null +++ b/dom/tests/mochitest/crypto/test_legacy.html @@ -0,0 +1,28 @@ + + + + Test presence of legacy window.crypto features when + MOZ_DISABLE_CRYPTOLEGACY is NOT set. + + + + + + diff --git a/dom/tests/mochitest/crypto/test_no_legacy.html b/dom/tests/mochitest/crypto/test_no_legacy.html new file mode 100644 index 00000000000..0c10cca5a39 --- /dev/null +++ b/dom/tests/mochitest/crypto/test_no_legacy.html @@ -0,0 +1,28 @@ + + + + Test lack of legacy window.crypto features when + MOZ_DISABLE_CRYPTOLEGACY is set + + + + + + diff --git a/mobile/android/confvars.sh b/mobile/android/confvars.sh index fa5f4a14a15..2f99ffd022a 100755 --- a/mobile/android/confvars.sh +++ b/mobile/android/confvars.sh @@ -14,7 +14,7 @@ MOZ_OFFICIAL_BRANDING_DIRECTORY=mobile/android/branding/official MOZ_SAFE_BROWSING=1 -MOZ_DISABLE_DOMCRYPTO=1 +MOZ_DISABLE_CRYPTOLEGACY=1 # Enable getUserMedia MOZ_MEDIA_NAVIGATOR=1 diff --git a/security/manager/ssl/src/Makefile.in b/security/manager/ssl/src/Makefile.in index 086e59d956d..0f4669a42e3 100644 --- a/security/manager/ssl/src/Makefile.in +++ b/security/manager/ssl/src/Makefile.in @@ -62,7 +62,6 @@ CPPSRCS = \ nsCRLManager.cpp \ nsNSSShutDown.cpp \ nsNTLMAuthModule.cpp \ - nsSmartCardMonitor.cpp \ nsStreamCipher.cpp \ nsKeyModule.cpp \ nsIdentityChecking.cpp \ @@ -76,6 +75,12 @@ CPPSRCS = \ SharedSSLState.cpp \ $(NULL) +ifndef MOZ_DISABLE_CRYPTOLEGACY +CPPSRCS += \ + nsSmartCardMonitor.cpp \ + $(NULL) +endif + ifdef MOZ_XUL CPPSRCS += nsCertTree.cpp endif diff --git a/security/manager/ssl/src/nsCrypto.cpp b/security/manager/ssl/src/nsCrypto.cpp index 3c999f96fb5..f431495e029 100644 --- a/security/manager/ssl/src/nsCrypto.cpp +++ b/security/manager/ssl/src/nsCrypto.cpp @@ -3,8 +3,18 @@ * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -#include "nsNSSComponent.h" #include "nsCrypto.h" +#include "nsNSSComponent.h" +#include "secmod.h" + +#include "nsReadableUtils.h" +#include "nsCRT.h" +#include "nsXPIDLString.h" +#include "nsISaveAsCharset.h" +#include "nsNativeCharsetUtils.h" + +#ifndef MOZ_DISABLE_CRYPTOLEGACY +#include "nsNSSComponent.h" #include "nsKeygenHandler.h" #include "nsKeygenThread.h" #include "nsNSSCertificate.h" @@ -15,7 +25,6 @@ #include "nsIServiceManager.h" #include "nsIMemory.h" #include "nsAlgorithm.h" -#include "nsCRT.h" #include "prprf.h" #include "nsDOMCID.h" #include "nsIDOMWindow.h" @@ -34,7 +43,6 @@ #include "nsJSPrincipals.h" #include "nsIPrincipal.h" #include "nsIScriptSecurityManager.h" -#include "nsXPIDLString.h" #include "nsIGenKeypairInfoDlg.h" #include "nsIDOMCryptoDialogs.h" #include "nsIFormSigningDialog.h" @@ -42,7 +50,6 @@ #include "jsapi.h" #include "jsdbgapi.h" #include -#include "nsReadableUtils.h" #include "pk11func.h" #include "keyhi.h" #include "cryptohi.h" @@ -57,22 +64,18 @@ #include "cert.h" #include "certdb.h" #include "secmod.h" -#include "nsISaveAsCharset.h" -#include "nsNativeCharsetUtils.h" #include "ScopedNSSTypes.h" #include "ssl.h" // For SSL_ClearSessionCache #include "nsNSSCleaner.h" -#include "nsNSSShutDown.h" #include "nsNSSCertHelper.h" #include +#endif using namespace mozilla; -NSSCleanupAutoPtrClass_WithParam(PK11Context, PK11_DestroyContext, TrueParam, true) - /* * These are the most common error strings that are returned * by the JavaScript methods in case of error. @@ -98,6 +101,16 @@ NSSCleanupAutoPtrClass_WithParam(PK11Context, PK11_DestroyContext, TrueParam, tr #define JS_ERR_BAD_CIPHER_ENABLE_FLAGS -9 #define JS_ERR_ADD_DUPLICATE_MOD -10 +namespace { + +NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID); + +} // unnamed namespace + +#ifndef MOZ_DISABLE_CRYPTOLEGACY + +NSSCleanupAutoPtrClass_WithParam(PK11Context, PK11_DestroyContext, TrueParam, true) + /* * This structure is used to store information for one key generation. * The nsCrypto::GenerateCRMFRequest method parses the inputs and then @@ -195,13 +208,11 @@ private: // QueryInterface implementation for nsCrypto NS_INTERFACE_MAP_BEGIN(nsCrypto) NS_INTERFACE_MAP_ENTRY(nsIDOMCrypto) - NS_INTERFACE_MAP_ENTRY(nsISupports) - NS_DOM_INTERFACE_MAP_ENTRY_CLASSINFO(Crypto) -NS_INTERFACE_MAP_END - -NS_IMPL_ADDREF(nsCrypto) -NS_IMPL_RELEASE(nsCrypto) +NS_INTERFACE_MAP_END_INHERITING(mozilla::dom::Crypto) +NS_IMPL_ADDREF_INHERITED(nsCrypto, mozilla::dom::Crypto) +NS_IMPL_RELEASE_INHERITED(nsCrypto, mozilla::dom::Crypto) + // QueryInterface implementation for nsCRMFObject NS_INTERFACE_MAP_BEGIN(nsCRMFObject) NS_INTERFACE_MAP_ENTRY(nsIDOMCRMFObject) @@ -213,6 +224,8 @@ NS_IMPL_ADDREF(nsCRMFObject) NS_IMPL_RELEASE(nsCRMFObject) // QueryInterface implementation for nsPkcs11 +#endif // MOZ_DISABLE_CRYPTOLEGACY + NS_INTERFACE_MAP_BEGIN(nsPkcs11) NS_INTERFACE_MAP_ENTRY(nsIPKCS11) NS_INTERFACE_MAP_ENTRY(nsISupports) @@ -221,6 +234,8 @@ NS_INTERFACE_MAP_END NS_IMPL_ADDREF(nsPkcs11) NS_IMPL_RELEASE(nsPkcs11) +#ifndef MOZ_DISABLE_CRYPTOLEGACY + // ISupports implementation for nsCryptoRunnable NS_IMPL_ISUPPORTS1(nsCryptoRunnable, nsIRunnable) @@ -230,8 +245,6 @@ NS_IMPL_ISUPPORTS1(nsP12Runnable, nsIRunnable) // ISupports implementation for nsCryptoRunArgs NS_IMPL_ISUPPORTS0(nsCryptoRunArgs) -static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID); - nsCrypto::nsCrypto() : mEnableSmartCardEvents(false) { @@ -2871,6 +2884,8 @@ nsCRMFObject::SetCRMFRequest(char *inRequest) return NS_OK; } +#endif // MOZ_DISABLE_CRYPTOLEGACY + nsPkcs11::nsPkcs11() { } @@ -2879,33 +2894,6 @@ nsPkcs11::~nsPkcs11() { } -//Quick function to confirm with the user. -bool -confirm_user(const PRUnichar *message) -{ - int32_t buttonPressed = 1; // If the user exits by clicking the close box, assume No (button 1) - - nsCOMPtr prompter; - (void) nsNSSComponent::GetNewPrompter(getter_AddRefs(prompter)); - - if (prompter) { - nsPSMUITracker tracker; - if (!tracker.isUIForbidden()) { - // The actual value is irrelevant but we shouldn't be handing out - // malformed JSBools to XPConnect. - bool checkState = false; - prompter->ConfirmEx(0, message, - (nsIPrompt::BUTTON_DELAY_ENABLE) + - (nsIPrompt::BUTTON_POS_1_DEFAULT) + - (nsIPrompt::BUTTON_TITLE_OK * nsIPrompt::BUTTON_POS_0) + - (nsIPrompt::BUTTON_TITLE_CANCEL * nsIPrompt::BUTTON_POS_1), - nullptr, nullptr, nullptr, nullptr, &checkState, &buttonPressed); - } - } - - return (buttonPressed == 0); -} - //Delete a PKCS11 module from the user's profile. NS_IMETHODIMP nsPkcs11::DeleteModule(const nsAString& aModuleName) @@ -2928,7 +2916,9 @@ nsPkcs11::DeleteModule(const nsAString& aModuleName) if (srv == SECSuccess) { SECMODModule *module = SECMOD_FindModule(modName.get()); if (module) { +#ifndef MOZ_DISABLE_CRYPTOLEGACY nssComponent->ShutdownSmartCardThread(module); +#endif SECMOD_DestroyModule(module); } rv = NS_OK; @@ -2960,7 +2950,9 @@ nsPkcs11::AddModule(const nsAString& aModuleName, if (srv == SECSuccess) { SECMODModule *module = SECMOD_FindModule(moduleName.get()); if (module) { +#ifndef MOZ_DISABLE_CRYPTOLEGACY nssComponent->LaunchSmartCardThread(module); +#endif SECMOD_DestroyModule(module); } } diff --git a/security/manager/ssl/src/nsCrypto.h b/security/manager/ssl/src/nsCrypto.h index 8e79143b733..648e88b1051 100644 --- a/security/manager/ssl/src/nsCrypto.h +++ b/security/manager/ssl/src/nsCrypto.h @@ -5,10 +5,12 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #ifndef _nsCrypto_h_ #define _nsCrypto_h_ + +#ifndef MOZ_DISABLE_CRYPTOLEGACY +#include "Crypto.h" #include "nsCOMPtr.h" #include "nsIDOMCRMFObject.h" -#include "nsIDOMCrypto.h" -#include "nsIPKCS11.h" +#include "nsIDOMCryptoLegacy.h" #include "nsIRunnable.h" #include "nsString.h" #include "jsapi.h" @@ -17,11 +19,6 @@ #define NS_CRYPTO_CLASSNAME "Crypto JavaScript Class" #define NS_CRYPTO_CID \ {0x929d9320, 0x251e, 0x11d4, { 0x8a, 0x7c, 0x00, 0x60, 0x08, 0xc8, 0x44, 0xc3} } - -#define NS_PKCS11_CLASSNAME "Pkcs11 JavaScript Class" -#define NS_PKCS11_CID \ - {0x74b7a390, 0x3b41, 0x11d4, { 0x8a, 0x80, 0x00, 0x60, 0x08, 0xc8, 0x44, 0xc3} } - #define PSM_VERSION_STRING "2.4" class nsIPSMComponent; @@ -46,14 +43,16 @@ private: }; -class nsCrypto: public nsIDOMCrypto +class nsCrypto: public mozilla::dom::Crypto { public: nsCrypto(); virtual ~nsCrypto(); - nsresult init(); - - NS_DECL_ISUPPORTS + + NS_DECL_ISUPPORTS_INHERITED + + // If legacy DOM crypto is enabled this is the class that actually + // implements the legacy methods. NS_DECL_NSIDOMCRYPTO private: @@ -61,6 +60,13 @@ private: bool mEnableSmartCardEvents; }; +#endif // MOZ_DISABLE_CRYPTOLEGACY + +#include "nsIPKCS11.h" + +#define NS_PKCS11_CLASSNAME "Pkcs11 JavaScript Class" +#define NS_PKCS11_CID \ + {0x74b7a390, 0x3b41, 0x11d4, { 0x8a, 0x80, 0x00, 0x60, 0x08, 0xc8, 0x44, 0xc3} } class nsPkcs11 : public nsIPKCS11 { diff --git a/security/manager/ssl/src/nsNSSComponent.cpp b/security/manager/ssl/src/nsNSSComponent.cpp index 0776ef1de0e..bb16546a928 100644 --- a/security/manager/ssl/src/nsNSSComponent.cpp +++ b/security/manager/ssl/src/nsNSSComponent.cpp @@ -19,26 +19,33 @@ #include "nsIStreamListener.h" #include "nsIStringBundle.h" #include "nsIDirectoryService.h" -#include "nsIDOMNode.h" #include "nsCURILoader.h" #include "nsDirectoryServiceDefs.h" #include "nsIX509Cert.h" #include "nsIX509CertDB.h" #include "nsNSSCertificate.h" #include "nsNSSHelper.h" -#include "nsSmartCardMonitor.h" #include "prlog.h" #include "nsIPrefService.h" #include "nsIPrefBranch.h" #include "nsIDateTimeFormat.h" #include "nsDateTimeFormatCID.h" +#include "nsThreadUtils.h" + +#ifndef MOZ_DISABLE_CRYPTOLEGACY +#include "nsIDOMNode.h" #include "nsIDOMEvent.h" #include "nsIDOMDocument.h" #include "nsIDOMWindow.h" #include "nsIDOMWindowCollection.h" #include "nsIDOMSmartCardEvent.h" +#include "nsSmartCardMonitor.h" +#include "nsIDOMCryptoLegacy.h" +#include "nsIPrincipal.h" +#else #include "nsIDOMCrypto.h" -#include "nsThreadUtils.h" +#endif + #include "nsCRT.h" #include "nsCRLInfo.h" #include "nsCertOverrideService.h" @@ -58,7 +65,6 @@ #include "nsICRLManager.h" #include "nsNSSShutDown.h" #include "GeneratedEvents.h" -#include "nsIDOMSmartCardEvent.h" #include "nsIKeyModule.h" #include "ScopedNSSTypes.h" #include "SharedSSLState.h" @@ -205,6 +211,7 @@ private: nsCOMPtr mListener; }; +#ifndef MOZ_DISABLE_CRYPTOLEGACY //This class is used to run the callback code //passed to the event handlers for smart card notification class nsTokenEventRunnable : public nsIRunnable { @@ -239,6 +246,7 @@ nsTokenEventRunnable::Run() return nssComponent->DispatchEvent(mType, mTokenName); } +#endif // MOZ_DISABLE_CRYPTOLEGACY bool nsPSMInitPanic::isPanic = false; @@ -326,7 +334,9 @@ nsNSSComponent::nsNSSComponent() :mutex("nsNSSComponent.mutex"), mNSSInitialized(false), mCrlTimerLock("nsNSSComponent.mCrlTimerLock"), +#ifndef MOZ_DISABLE_CRYPTOLEGACY mThreadList(nullptr), +#endif mCertVerificationThread(nullptr) { #ifdef PR_LOGGING @@ -415,6 +425,7 @@ nsNSSComponent::~nsNSSComponent() PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsNSSComponent::dtor finished\n")); } +#ifndef MOZ_DISABLE_CRYPTOLEGACY NS_IMETHODIMP nsNSSComponent::PostEvent(const nsAString &eventType, const nsAString &tokenName) @@ -538,7 +549,7 @@ nsNSSComponent::DispatchEventToWindow(nsIDOMWindow *domWin, rv = target->DispatchEvent(smartCardEvent, &boolrv); return rv; } - +#endif // MOZ_DISABLE_CRYPTOLEGACY NS_IMETHODIMP nsNSSComponent::PIPBundleFormatStringFromName(const char *name, @@ -620,6 +631,7 @@ nsNSSComponent::GetNSSBundleString(const char *name, return rv; } +#ifndef MOZ_DISABLE_CRYPTOLEGACY void nsNSSComponent::LaunchSmartCardThreads() { @@ -675,6 +687,7 @@ nsNSSComponent::ShutdownSmartCardThreads() delete mThreadList; mThreadList = nullptr; } +#endif // MOZ_DISABLE_CRYPTOLEGACY static char * nss_addEscape(const char *string, char quote) @@ -1800,7 +1813,9 @@ nsNSSComponent::InitializeNSS(bool showWarningBox) InstallLoadableRoots(); +#ifndef MOZ_DISABLE_CRYPTOLEGACY LaunchSmartCardThreads(); +#endif PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("NSS Initialization done\n")); } @@ -1848,7 +1863,9 @@ nsNSSComponent::ShutdownNSS() mPrefBranch->RemoveObserver("security.", this); } +#ifndef MOZ_DISABLE_CRYPTOLEGACY ShutdownSmartCardThreads(); +#endif SSL_ClearSessionCache(); UnloadLoadableRoots(); CleanupIdentityInfo(); diff --git a/security/manager/ssl/src/nsNSSComponent.h b/security/manager/ssl/src/nsNSSComponent.h index 6b71f384935..2109244c079 100644 --- a/security/manager/ssl/src/nsNSSComponent.h +++ b/security/manager/ssl/src/nsNSSComponent.h @@ -16,13 +16,15 @@ #include "nsIEntropyCollector.h" #include "nsString.h" #include "nsIStringBundle.h" -#include "nsIDOMEventTarget.h" #include "nsIPrefBranch.h" #include "nsIObserver.h" #include "nsIObserverService.h" #include "nsWeakReference.h" #include "nsIScriptSecurityManager.h" +#ifndef MOZ_DISABLE_CRYPTOLEGACY +#include "nsIDOMEventTarget.h" #include "nsSmartCardMonitor.h" +#endif #include "nsINSSErrorsService.h" #include "nsITimer.h" #include "nsNetUtil.h" @@ -146,6 +148,7 @@ class NS_NO_VTABLE nsINSSComponent : public nsISupports { NS_IMETHOD LogoutAuthenticatedPK11() = 0; +#ifndef MOZ_DISABLE_CRYPTOLEGACY NS_IMETHOD LaunchSmartCardThread(SECMODModule *module) = 0; NS_IMETHOD ShutdownSmartCardThread(SECMODModule *module) = 0; @@ -153,6 +156,7 @@ class NS_NO_VTABLE nsINSSComponent : public nsISupports { NS_IMETHOD PostEvent(const nsAString &eventType, const nsAString &token) = 0; NS_IMETHOD DispatchEvent(const nsAString &eventType, const nsAString &token) = 0; +#endif NS_IMETHOD EnsureIdentityInfoLoaded() = 0; @@ -253,10 +257,15 @@ public: NS_IMETHOD DownloadCRLDirectly(nsAutoString, nsAutoString); NS_IMETHOD RememberCert(CERTCertificate *cert); +#ifndef MOZ_DISABLE_CRYPTOLEGACY NS_IMETHOD LaunchSmartCardThread(SECMODModule *module); NS_IMETHOD ShutdownSmartCardThread(SECMODModule *module); NS_IMETHOD PostEvent(const nsAString &eventType, const nsAString &token); NS_IMETHOD DispatchEvent(const nsAString &eventType, const nsAString &token); + void LaunchSmartCardThreads(); + void ShutdownSmartCardThreads(); + nsresult DispatchEventToWindow(nsIDOMWindow *domWin, const nsAString &eventType, const nsAString &token); +#endif NS_IMETHOD EnsureIdentityInfoLoaded(); NS_IMETHOD IsNSSInitialized(bool *initialized); @@ -275,8 +284,6 @@ private: void InstallLoadableRoots(); void UnloadLoadableRoots(); - void LaunchSmartCardThreads(); - void ShutdownSmartCardThreads(); void CleanupIdentityInfo(); void setValidationOptions(nsIPrefBranch * pref); nsresult InitializePIPNSSBundle(); @@ -287,7 +294,6 @@ private: nsresult DownloadCrlSilently(); nsresult PostCRLImportEvent(const nsCSubstring &urlString, nsIStreamListener *psmDownloader); nsresult getParamsForNextCrlToDownload(nsAutoString *url, PRTime *time, nsAutoString *key); - nsresult DispatchEventToWindow(nsIDOMWindow *domWin, const nsAString &eventType, const nsAString &token); // Methods that we use to handle the profile change notifications (and to // synthesize a full profile change when we're just doing a profile startup): @@ -315,7 +321,9 @@ private: bool mUpdateTimerInitialized; static int mInstanceCount; nsNSSShutDownList *mShutdownObjectList; +#ifndef MOZ_DISABLE_CRYPTOLEGACY SmartCardThreadList *mThreadList; +#endif bool mIsNetworkDown; void deleteBackgroundThreads(); diff --git a/security/manager/ssl/src/nsNSSModule.cpp b/security/manager/ssl/src/nsNSSModule.cpp index 568c2be52ae..f8aa23af439 100644 --- a/security/manager/ssl/src/nsNSSModule.cpp +++ b/security/manager/ssl/src/nsNSSModule.cpp @@ -186,7 +186,9 @@ NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsNSSCertCache) #ifdef MOZ_XUL NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsCertTree) #endif +#ifndef MOZ_DISABLE_CRYPTOLEGACY NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsCrypto) +#endif NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsPkcs11) NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsCMSSecureMessage) NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsCMSDecoder) @@ -225,7 +227,9 @@ NS_DEFINE_NAMED_CID(NS_FORMPROCESSOR_CID); NS_DEFINE_NAMED_CID(NS_CERTTREE_CID); #endif NS_DEFINE_NAMED_CID(NS_PKCS11_CID); +#ifndef MOZ_DISABLE_CRYPTOLEGACY NS_DEFINE_NAMED_CID(NS_CRYPTO_CID); +#endif NS_DEFINE_NAMED_CID(NS_CMSSECUREMESSAGE_CID); NS_DEFINE_NAMED_CID(NS_CMSDECODER_CID); NS_DEFINE_NAMED_CID(NS_CMSENCODER_CID); @@ -262,7 +266,9 @@ static const mozilla::Module::CIDEntry kNSSCIDs[] = { { &kNS_CERTTREE_CID, false, nullptr, nsCertTreeConstructor }, #endif { &kNS_PKCS11_CID, false, nullptr, nsPkcs11Constructor }, +#ifndef MOZ_DISABLE_CRYPTOLEGACY { &kNS_CRYPTO_CID, false, nullptr, nsCryptoConstructor }, +#endif { &kNS_CMSSECUREMESSAGE_CID, false, nullptr, nsCMSSecureMessageConstructor }, { &kNS_CMSDECODER_CID, false, nullptr, nsCMSDecoderConstructor }, { &kNS_CMSENCODER_CID, false, nullptr, nsCMSEncoderConstructor }, @@ -302,7 +308,9 @@ static const mozilla::Module::ContractIDEntry kNSSContracts[] = { { NS_CERTTREE_CONTRACTID, &kNS_CERTTREE_CID }, #endif { NS_PKCS11_CONTRACTID, &kNS_PKCS11_CID }, +#ifndef MOZ_DISABLE_CRYPTOLEGACY { NS_CRYPTO_CONTRACTID, &kNS_CRYPTO_CID }, +#endif { NS_CMSSECUREMESSAGE_CONTRACTID, &kNS_CMSSECUREMESSAGE_CID }, { NS_CMSDECODER_CONTRACTID, &kNS_CMSDECODER_CID }, { NS_CMSENCODER_CONTRACTID, &kNS_CMSENCODER_CID },