Philipp von Weitershausen
6e250f858f
Bug 569968 - Migration requires client to remove absolute URLs in crypto records
...
Make WBORecord.uri, CryptoWrapper.encryption, PubKey.privateKeyUri, PrivKey.publicKeyUri as well as the CryptoMeta keyring keys relative URLs in the payload. As a result, all records now *must* know their URI.
Bump storage version from 2 to 3 to trigger reupload of all data and exclude older clients.
2010-08-12 22:19:39 +02:00
Philipp von Weitershausen
efc1efae81
Bug 558963, part 2, UTF-8 encode passphrase and rewrap keys if needed, r=mconnor
2010-07-03 14:13:40 -04:00
Edward Lee
4e55362a90
Bug 570636 - Decide how to co-exist as a sync add-on and built-in sync [r=mconnor]
...
Map the modules directory to services-sync instead of weave and update imports.
2010-06-16 14:30:08 -07:00
Edward Lee
89f3d54c0f
Bug 568518 - Unhelpful log messages [r=mconnor]
...
Remove "Server attack" from exceptions.
2010-05-27 11:04:30 -07:00
Edward Lee
ba60f514a6
Bug 552134 - Ensure that keyring/symmetric key haven't been tampered with [r=mconnor]
...
Store a HMAC with the encrypted symmetric key instead of just the wrapped key and verify that the HMAC matches before unwrapping. Test that normal getting works and a tampered payload/HMAC fails but succeeds on restoring the correct HMAC.
2010-03-25 19:23:44 -07:00
Edward Lee
e5bce4658d
Bug 549638 - Ensure that encrypted payloads haven't been tampered with [r=mconnor r=dolske]
...
Generate a SHA256 HAMC hex string from the base64 ciphertext and base64 symmetric key. Generate a HMAC key from the symmetric key and cache them together when unwrapping. Refactor the Utils.sha1 to share the same digest code.
--HG--
extra : rebase_source : dae973c62317eb3b738306fc30ea19870555c7df
2010-03-16 16:31:56 -07:00
Edward Lee
e73dbf06b9
Bug 547007 - Use a per-record IV instead of one for each symkey [r=mconnor]
...
Generate a random IV on every encrypt instead of taking it from the CryptoMeta. Don't bother generating a bulkIV per CryptoMeta.
2010-03-16 16:31:56 -07:00
Edward Lee
177b122960
Bug 547048 - Only allow clients to issue delete records [r=mconnor]
...
Don't specially serialize/not encrypt delete records and store the deleted flag as part of the cleartext payload.
2010-03-16 16:31:56 -07:00
Edward Lee
6c37148ae4
Bug 547049 - Verify that encrypted payloads correspond to the requested record [r=mconnor]
...
Write the record's id to both .data and .cleartext and check that they match when decrypting.
2010-03-16 16:31:56 -07:00
Edward Lee
eca5bad2df
Bug 549636 - Don't unnecessarily [wrap] cleartext for JSON.stringify [r=mconnor]
...
Remove the unnecessary indirection now that JSON.stringify can take strings.
2010-03-16 16:31:56 -07:00
Edward Lee
00f548581e
Bug 544069 - Move bookmark parentid into the encrypted payload [r=mconnor]
...
Tweak the get/setters to refer to the PlacesItem instead of WBORecord.
2010-03-16 16:31:56 -07:00
Edward Lee
b8de893593
Bug 545764 - Convert constructor -> _init pattern to just use constructor
...
Inline various _init calls and do super's init with <Super>.call(this, args..). Add various get/set sugar to those missing e.g., meta.keyring. Also simplify crypto record creation by setting cleartext in the parent.
--HG--
extra : rebase_source : 6c9a9f210f8f46ac338adb84188538e7353c9673
2010-02-11 15:25:31 -08:00
Edward Lee
d4295ef8e9
Remove unused prefs and imports. (Bug 524916)
...
--HG--
extra : rebase_source : 074e542f63ee840b61db7fe63a6c3540c13a31a5
2009-11-25 17:49:15 -08:00
Edward Lee
2335b057db
Get rid of depth and sort on index instead.
2009-08-15 00:56:27 -07:00
Edward Lee
e94143f4e2
Bug 504212 - Have javascript stack traces show [object Object] for various CryptoWrapper functions
...
Pass the ID object instead of reading out the password and passing it in to encrypt/decrypt.
2009-07-14 16:51:04 -07:00
Edward Lee
4084603da5
Remove async.js and wrap.js and remove remaining references to Async.sugar, etc.
2009-06-06 18:24:30 -05:00
Edward Lee
394fea48d8
CryptoMeta_addKey: async + async/yield -> sync. (Unused?)
2009-06-06 18:24:23 -05:00
Edward Lee
228f2e2568
CryptoWrapper_decrypt: async + async/yield -> sync. Fix up bookmark/client decrypt.
2009-06-04 19:06:57 -07:00
Edward Lee
7adf2ffa78
CryptoWrapper_encrypt: async + async/yield -> sync.
2009-06-04 17:58:37 -07:00
Edward Lee
a9de56fef0
CryptoMeta_addUnwrappedKey: async + async/yield -> sync.
2009-06-04 17:36:34 -07:00
Edward Lee
95bfb88ac7
CryptoMeta_getKey: async + async/yield -> sync.
2009-06-04 17:21:42 -07:00
Edward Lee
df16a63edb
PubKeyManager_getDefaultKey: async + async/yield -> sync.
2009-06-04 17:04:51 -07:00
Edward Lee
ce37486d9c
RecordMgr_get: async + async/yield -> sync.
2009-06-04 16:50:57 -07:00
Edward Lee
b7a138755c
Bug 488142 - Make it easier to add simple deferred cleartext/payload values
...
Add a couple Utils helper to create a pair of simple [gs]etters that use a hash property instead. Apply this to various records: WBORecord, {Priv,Pub}Key, Crypto{Meta,Wrapper}, and every engine's type records. Migrate by making sure key data exists (name change).
2009-04-13 16:39:29 -05:00
Edward Lee
3993035a59
Bug 482670 - WBORecord should implement a .deleted property
...
Expose a .deleted property that engines can set to true to store an even thinner deleted payload (empty string "" instead of "[null]") on the server. Handle deserializing of deleted records by setting the property. Note: Engines must set their payloads to something JSON-able if it's not a delete record.
2009-04-03 12:38:47 -05:00
Edward Lee
4f6ebe6be5
Bug 481741 - Switch to JSON from nsIJSON
2009-03-31 14:09:38 -05:00
Dan Mills
0ceeb9ad03
remove accidental debugging spew
2009-03-18 12:09:26 -07:00
Dan Mills
dbb8b91520
Cache unwrapped symmetric keys
2009-03-16 19:37:30 -07:00
Dan Mills
7b9eedde66
Bug 478327: Send minimal '[null]' payload for deleted records
2009-03-11 01:40:04 -07:00
Dan Mills
c274581912
resolve using the baseUri, it's cheaper that way
2009-02-11 21:49:16 -08:00
Dan Mills
bc8fde0994
don't encrypt empty payloads
2009-01-27 15:25:16 -08:00
Dan Mills
a3d9640e3c
Make records not extend Resource, instead they have a serialize() method that can be used to create a Resource for uploading if necessary.
...
Use global service instances under Svc.*
Consolidate various record managers (caches/convenience factories) to extend the same base object
Log exceptions caught by notify wrapper
2009-01-27 13:35:10 -08:00
Dan Mills
9c7bac20f5
WBO toString will serialize 'payload', CryptoWrapper overrides that and will serialize 'cleartext'
2009-01-23 15:08:12 -08:00
Dan Mills
078387cb07
move Observers.js and Preferences.js into an ext/ directory, to make it clear they are externally-mantained libraries
2009-01-22 11:48:36 -08:00
Dan Mills
ff240dd3ce
add clients sync (list of clients with names and types); make it simpler to create Engine subclasses; remove the 2nd 'authenticator' parameter for Resources; resetServer is now wipeServer; consider 0 an invalid place ID (fixes bug when calculating item depths); add a Svc global exported from utils.js where commonly used services can live
2009-01-06 13:54:18 -08:00
Dan Mills
6b260498e0
switch to generating individual bookmark records directly from the places store, without using a cache (to improve memory performance); create objects for bookmark types; temporarily disable history sync
2008-12-28 19:59:44 -08:00
Dan Mills
c327476fcc
remove unused 'cleartext' payload property; add fixme comment to set a pref listener
2008-12-01 18:58:28 -08:00
Dan Mills
2deeacdab5
remove incorrect getter/setter for cleartext - it should not be stored inside the payload!
2008-12-01 18:08:59 -08:00
Dan Mills
a001a3f564
server api changes: encoding is gone (payload guaranteed to be utf-8 now), payload is guaranteed to be json so no need to wrap in an array to encode; change crypto object to place encrypted data in a 'cyphertext' property inside the payload, instead of replacing the payload
2008-12-01 18:07:07 -08:00
Dan Mills
14b5494b13
record import (cache) fix
2008-11-20 09:14:42 +09:00
Dan Mills
cf0df0d424
cache crypto meta objects
2008-11-08 20:24:12 -08:00
Dan Mills
b12787f2f2
crypto changes: private keys get their own iv and salt, crypto meta records get a separate iv and no salt. various fixes in crypto code and other wbo related objects. fix crypto tests to match.
2008-11-08 02:00:33 -08:00
Dan Mills
7091144051
make sure records always have a data field that represents their state (e.g. for serialization); add some pki routines (createKeypair); add incoming/outgoing queue to NewEngine
2008-11-06 23:23:35 -08:00
Dan Mills
a8e372f80f
add base record types for the new weave server api
2008-11-03 14:37:51 -08:00