mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 1109235 - remove nsIStreamCipher and implementation r=keeler
This commit is contained in:
parent
bca498247e
commit
a11d7633b4
2
CLOBBER
2
CLOBBER
@ -22,4 +22,4 @@
|
||||
# changes to stick? As of bug 928195, this shouldn't be necessary! Please
|
||||
# don't change CLOBBER for WebIDL changes any more.
|
||||
|
||||
Bugs 1101331 - See if a CLOBBER helps the situation any.
|
||||
bug 1114669 removes nsIStreamCipher.idl, which requires a clobber according to bug 1114669
|
||||
|
@ -31,7 +31,6 @@ XPIDL_SOURCES += [
|
||||
'nsIProtectedAuthThread.idl',
|
||||
'nsISSLErrorListener.idl',
|
||||
'nsISSLStatus.idl',
|
||||
'nsIStreamCipher.idl',
|
||||
'nsITokenDialogs.idl',
|
||||
'nsITokenPasswordDialogs.idl',
|
||||
'nsIUserCertPicker.idl',
|
||||
|
@ -1,61 +0,0 @@
|
||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
|
||||
#include "nsISupports.idl"
|
||||
#include "nsIKeyModule.idl"
|
||||
|
||||
interface nsIInputStream;
|
||||
|
||||
/**
|
||||
* Stream cipher interface. We're basically copying the interface from
|
||||
* nsICryptoHash interface.
|
||||
*/
|
||||
[scriptable, uuid(1d507cd6-1630-4710-af1b-4012dbcc514c)]
|
||||
interface nsIStreamCipher : nsISupports
|
||||
{
|
||||
/**
|
||||
* Initialize a stream cipher.
|
||||
* @param aKey nsIKeyObject
|
||||
*/
|
||||
void init(in nsIKeyObject aKey);
|
||||
|
||||
/**
|
||||
* Initialize a stream cipher with an initialization vector.
|
||||
* @param aKey nsIKeyObject
|
||||
* @param aIV the initialization vector
|
||||
* @param aIVLen the length of the initialization vector
|
||||
*/
|
||||
void initWithIV(in nsIKeyObject aKey,
|
||||
[const, array, size_is(aIVLen)] in octet aIV,
|
||||
in unsigned long aIVLen);
|
||||
|
||||
/**
|
||||
* Update from an array of bytes.
|
||||
*/
|
||||
void update([const, array, size_is(aLen)] in octet aData, in unsigned long aLen);
|
||||
|
||||
/**
|
||||
* Update from a stream.
|
||||
*/
|
||||
void updateFromStream(in nsIInputStream aStream, in long aLen);
|
||||
|
||||
/**
|
||||
* A more script friendly method (not in nsICryptoHash interface).
|
||||
*/
|
||||
void updateFromString(in ACString aInput);
|
||||
|
||||
/**
|
||||
* @param aASCII if true then the returned value is a base-64
|
||||
* encoded string. if false, then the returned value is
|
||||
* binary data.
|
||||
*/
|
||||
ACString finish(in boolean aASCII);
|
||||
|
||||
/**
|
||||
* Discard aLen bytes of the keystream.
|
||||
* These days 1536 is considered a decent amount to drop to get
|
||||
* the key state warmed-up enough for secure usage.
|
||||
*/
|
||||
void discard(in long aLen);
|
||||
};
|
@ -58,7 +58,6 @@ UNIFIED_SOURCES += [
|
||||
'NSSErrorsService.cpp',
|
||||
'nsSSLSocketProvider.cpp',
|
||||
'nsSSLStatus.cpp',
|
||||
'nsStreamCipher.cpp',
|
||||
'nsTLSSocketProvider.cpp',
|
||||
'nsUsageArrayHelper.cpp',
|
||||
'PSMRunnable.cpp',
|
||||
|
@ -31,7 +31,6 @@
|
||||
#include "nsCURILoader.h"
|
||||
#include "nsICategoryManager.h"
|
||||
#include "nsNTLMAuthModule.h"
|
||||
#include "nsStreamCipher.h"
|
||||
#include "nsKeyModule.h"
|
||||
#include "nsDataSignatureVerifier.h"
|
||||
#include "nsCertOverrideService.h"
|
||||
@ -201,7 +200,6 @@ NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsCertPicker)
|
||||
NS_NSS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nssEnsure, nsNTLMAuthModule, InitTest)
|
||||
NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsureChromeOrContent, nsCryptoHash)
|
||||
NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsCryptoHMAC)
|
||||
NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsStreamCipher)
|
||||
NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsKeyObject)
|
||||
NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsKeyObjectFactory)
|
||||
NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsDataSignatureVerifier)
|
||||
@ -234,7 +232,6 @@ NS_DEFINE_NAMED_CID(NS_CRYPTO_HASH_CID);
|
||||
NS_DEFINE_NAMED_CID(NS_CRYPTO_HMAC_CID);
|
||||
NS_DEFINE_NAMED_CID(NS_CERT_PICKER_CID);
|
||||
NS_DEFINE_NAMED_CID(NS_NTLMAUTHMODULE_CID);
|
||||
NS_DEFINE_NAMED_CID(NS_STREAMCIPHER_CID);
|
||||
NS_DEFINE_NAMED_CID(NS_KEYMODULEOBJECT_CID);
|
||||
NS_DEFINE_NAMED_CID(NS_KEYMODULEOBJECTFACTORY_CID);
|
||||
NS_DEFINE_NAMED_CID(NS_DATASIGNATUREVERIFIER_CID);
|
||||
@ -266,7 +263,6 @@ static const mozilla::Module::CIDEntry kNSSCIDs[] = {
|
||||
{ &kNS_CRYPTO_HMAC_CID, false, nullptr, nsCryptoHMACConstructor },
|
||||
{ &kNS_CERT_PICKER_CID, false, nullptr, nsCertPickerConstructor },
|
||||
{ &kNS_NTLMAUTHMODULE_CID, false, nullptr, nsNTLMAuthModuleConstructor },
|
||||
{ &kNS_STREAMCIPHER_CID, false, nullptr, nsStreamCipherConstructor },
|
||||
{ &kNS_KEYMODULEOBJECT_CID, false, nullptr, nsKeyObjectConstructor },
|
||||
{ &kNS_KEYMODULEOBJECTFACTORY_CID, false, nullptr, nsKeyObjectFactoryConstructor },
|
||||
{ &kNS_DATASIGNATUREVERIFIER_CID, false, nullptr, nsDataSignatureVerifierConstructor },
|
||||
@ -303,7 +299,6 @@ static const mozilla::Module::ContractIDEntry kNSSContracts[] = {
|
||||
{ "@mozilla.org/uriloader/psm-external-content-listener;1", &kNS_PSMCONTENTLISTEN_CID },
|
||||
{ NS_CRYPTO_FIPSINFO_SERVICE_CONTRACTID, &kNS_PKCS11MODULEDB_CID },
|
||||
{ NS_NTLMAUTHMODULE_CONTRACTID, &kNS_NTLMAUTHMODULE_CID },
|
||||
{ NS_STREAMCIPHER_CONTRACTID, &kNS_STREAMCIPHER_CID },
|
||||
{ NS_KEYMODULEOBJECT_CONTRACTID, &kNS_KEYMODULEOBJECT_CID },
|
||||
{ NS_KEYMODULEOBJECTFACTORY_CONTRACTID, &kNS_KEYMODULEOBJECTFACTORY_CID },
|
||||
{ NS_DATASIGNATUREVERIFIER_CONTRACTID, &kNS_DATASIGNATUREVERIFIER_CID },
|
||||
|
@ -1,186 +0,0 @@
|
||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
|
||||
#include "nsIKeyModule.h"
|
||||
#include "nsStreamCipher.h"
|
||||
#include "nsStreamUtils.h"
|
||||
#include "base64.h"
|
||||
|
||||
NS_IMPL_ISUPPORTS(nsStreamCipher, nsIStreamCipher)
|
||||
|
||||
nsStreamCipher::nsStreamCipher()
|
||||
: mContext(nullptr)
|
||||
{
|
||||
}
|
||||
|
||||
nsStreamCipher::~nsStreamCipher()
|
||||
{
|
||||
if (mContext)
|
||||
PK11_DestroyContext(mContext, true /* free sub-objects */);
|
||||
}
|
||||
|
||||
nsresult
|
||||
nsStreamCipher::InitWithIV_(nsIKeyObject *aKey, SECItem* aIV)
|
||||
{
|
||||
NS_ENSURE_ARG_POINTER(aKey);
|
||||
|
||||
// Make sure we have a SYM_KEY.
|
||||
int16_t keyType;
|
||||
nsresult rv = aKey->GetType(&keyType);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
if (keyType != nsIKeyObject::SYM_KEY)
|
||||
return NS_ERROR_INVALID_ARG;
|
||||
|
||||
if (mContext)
|
||||
PK11_DestroyContext(mContext, true /* free sub-objects */);
|
||||
|
||||
// Get the PK11SymKey out of the key object and create the PK11Context.
|
||||
void* keyObj;
|
||||
rv = aKey->GetKeyObj(&keyObj);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
PK11SymKey *symkey = reinterpret_cast<PK11SymKey*>(keyObj);
|
||||
if (!symkey)
|
||||
return NS_ERROR_FAILURE;
|
||||
|
||||
CK_MECHANISM_TYPE cipherMech = PK11_GetMechanism(symkey);
|
||||
|
||||
SECItem *param = nullptr;
|
||||
// aIV may be null
|
||||
param = PK11_ParamFromIV(cipherMech, aIV);
|
||||
if (!param)
|
||||
return NS_ERROR_FAILURE;
|
||||
|
||||
mContext = PK11_CreateContextBySymKey(cipherMech, CKA_ENCRYPT,
|
||||
symkey, param);
|
||||
|
||||
SECITEM_FreeItem(param, true);
|
||||
|
||||
// Something went wrong if mContext doesn't exist.
|
||||
if (!mContext)
|
||||
return NS_ERROR_FAILURE;
|
||||
|
||||
// Everything went ok.
|
||||
mValue.Truncate();
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/////////////////////////////////////////////////////////////////////////////
|
||||
// nsIStreamCipher
|
||||
|
||||
NS_IMETHODIMP nsStreamCipher::Init(nsIKeyObject *aKey)
|
||||
{
|
||||
return InitWithIV_(aKey, nullptr);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP nsStreamCipher::InitWithIV(nsIKeyObject *aKey,
|
||||
const uint8_t *aIV, uint32_t aIVLen)
|
||||
{
|
||||
SECItem IV;
|
||||
IV.data = (unsigned char*)aIV;
|
||||
IV.len = aIVLen;
|
||||
return InitWithIV_(aKey, &IV);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP nsStreamCipher::Update(const uint8_t *aData, uint32_t aLen)
|
||||
{
|
||||
if (!mContext)
|
||||
return NS_ERROR_NOT_INITIALIZED;
|
||||
|
||||
unsigned char* output = new unsigned char[aLen];
|
||||
unsigned char* input = (unsigned char*)aData;
|
||||
|
||||
int32_t setLen;
|
||||
|
||||
#ifdef DEBUG
|
||||
SECStatus rv =
|
||||
#endif
|
||||
PK11_CipherOp(mContext, output, &setLen, aLen, input, aLen);
|
||||
NS_ASSERTION(rv == SECSuccess, "failed to encrypt");
|
||||
NS_ASSERTION((uint32_t)setLen == aLen, "data length should not change");
|
||||
|
||||
mValue.Append((const char*)output, aLen);
|
||||
|
||||
delete [] output;
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP nsStreamCipher::UpdateFromStream(nsIInputStream *aStream,
|
||||
int32_t aLen)
|
||||
{
|
||||
if (!mContext)
|
||||
return NS_ERROR_NOT_INITIALIZED;
|
||||
|
||||
nsCString inputString;
|
||||
nsresult rv = NS_ConsumeStream(aStream, aLen, inputString);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
return UpdateFromString(inputString);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP nsStreamCipher::UpdateFromString(const nsACString& aInput)
|
||||
{
|
||||
if (!mContext)
|
||||
return NS_ERROR_NOT_INITIALIZED;
|
||||
|
||||
const nsCString& flatInput = PromiseFlatCString(aInput);
|
||||
unsigned char* input = (unsigned char*)flatInput.get();
|
||||
uint32_t len = aInput.Length();
|
||||
|
||||
unsigned char* output = new unsigned char[len];
|
||||
|
||||
int32_t setLen;
|
||||
|
||||
#ifdef DEBUG
|
||||
SECStatus rv =
|
||||
#endif
|
||||
PK11_CipherOp(mContext, output, &setLen, len, input, len);
|
||||
NS_ASSERTION(rv == SECSuccess, "failed to encrypt");
|
||||
NS_ASSERTION((uint32_t)setLen == len, "data length should not change");
|
||||
|
||||
mValue.Append((const char*)output, len);
|
||||
delete [] output;
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP nsStreamCipher::Finish(bool aASCII, nsACString & _retval)
|
||||
{
|
||||
if (!mContext)
|
||||
return NS_ERROR_NOT_INITIALIZED;
|
||||
|
||||
if (aASCII) {
|
||||
char *asciiData = BTOA_DataToAscii((unsigned char*)(mValue.get()),
|
||||
mValue.Length());
|
||||
_retval.Assign(asciiData);
|
||||
PORT_Free(asciiData);
|
||||
} else {
|
||||
_retval.Assign(mValue);
|
||||
}
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP nsStreamCipher::Discard(int32_t aLen)
|
||||
{
|
||||
if (!mContext)
|
||||
return NS_ERROR_NOT_INITIALIZED;
|
||||
|
||||
unsigned char* output = new unsigned char[aLen];
|
||||
unsigned char* input = new unsigned char[aLen];
|
||||
|
||||
int32_t setLen;
|
||||
|
||||
#ifdef DEBUG
|
||||
SECStatus rv =
|
||||
#endif
|
||||
PK11_CipherOp(mContext, output, &setLen, aLen, input, aLen);
|
||||
NS_ASSERTION(rv == SECSuccess, "failed to encrypt");
|
||||
NS_ASSERTION(setLen == aLen, "data length should not change");
|
||||
|
||||
delete [] output;
|
||||
delete [] input;
|
||||
return NS_OK;
|
||||
}
|
@ -1,43 +0,0 @@
|
||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
|
||||
#ifndef _NS_STREAMCIPHER_H_
|
||||
#define _NS_STREAMCIPHER_H_
|
||||
|
||||
#include "nsIStreamCipher.h"
|
||||
#include "nsString.h"
|
||||
#include "pk11func.h"
|
||||
#include "mozilla/Attributes.h"
|
||||
|
||||
/* dbfcbe4a-10f7-4d6f-a481-68e6d6b71d21 */
|
||||
#define NS_STREAMCIPHER_CID \
|
||||
{ 0xdbfcbe4a, 0x10f7, 0x4d6f, {0xa4, 0x81, 0x68, 0xe6, 0xd6, 0xb7, 0x1d, 0x21}}
|
||||
#define NS_STREAMCIPHER_CONTRACTID "@mozilla.org/security/streamcipher;1"
|
||||
|
||||
class nsStreamCipher MOZ_FINAL : public nsIStreamCipher
|
||||
{
|
||||
public:
|
||||
nsStreamCipher();
|
||||
|
||||
NS_DECL_ISUPPORTS
|
||||
NS_DECL_NSISTREAMCIPHER
|
||||
|
||||
private:
|
||||
~nsStreamCipher();
|
||||
|
||||
// Helper method for initializing this object.
|
||||
// aIV may be null.
|
||||
nsresult InitWithIV_(nsIKeyObject *aKey, SECItem* aIV);
|
||||
|
||||
// Disallow copy constructor
|
||||
nsStreamCipher(nsStreamCipher&);
|
||||
|
||||
// Holds our stream cipher context.
|
||||
PK11Context* mContext;
|
||||
|
||||
// Holds the amount we've computed so far.
|
||||
nsCString mValue;
|
||||
};
|
||||
|
||||
#endif // _NS_STREAMCIPHER_H_
|
Loading…
Reference in New Issue
Block a user