Closed
Bug 1021345
Opened 10 years ago
Closed 10 years ago
Allow apps to be installed from the Marketplace staging server
Categories
(Core :: Security: PSM, defect)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla34
People
(Reporter: keeler, Assigned: marco, NeedInfo)
References
Details
Attachments
(1 file)
673.13 KB,
patch
|
fabrice
:
review+
|
Details | Diff | Splinter Review |
The certificates in question are marketplace-dev-public.crt, marketplace-dev-reviewers.crt, marketplace-prod-public.crt, and marketplace-prod-reviewers.crt in https://mxr.mozilla.org/mozilla-central/source/security/apps/
Comment 1•10 years ago
|
||
Is it possible to include certs for stage as well? Certs should be at https://www.dropbox.com/s/agkljpkh8fia2em/marketplace-stage.cert.tar.gz
Flags: needinfo?(dkeeler)
Comment 2•10 years ago
|
||
Sure it is possible, but esides the cert we also need an origin for these services in order to change: https://mxr.mozilla.org/mozilla-central/source/dom/apps/src/Webapps.jsm#3192. Also, do you know how are the private keys for these certs being managed?
Flags: needinfo?(dkeeler) → needinfo?(krupa.mozbugs)
Comment 3•10 years ago
|
||
(In reply to Camilo Viecco (:cviecco) from comment #2) > Sure it is possible, but esides the cert we also need an origin for these > services in order to change: > https://mxr.mozilla.org/mozilla-central/source/dom/apps/src/Webapps.jsm#3192. > > Also, do you know how are the private keys for these certs being managed? cc'ing jason since he generated most of the certs for marketplace.
Flags: needinfo?(krupa.mozbugs) → needinfo?(jthomas)
Assignee | ||
Comment 4•10 years ago
|
||
Could you also provide the marketplace dev certs? I think the certs we have in the tree are just placeholders.
Assignee | ||
Comment 6•10 years ago
|
||
To summarize, we need the certs for dev (both public and reviewers) and for stage (both public and reviewers). We also need an origin for stage (is it "marketplace.allizom.org"?).
Comment 7•10 years ago
|
||
(In reply to Marco Castelluccio [:marco] from comment #4) > Could you also provide the marketplace dev certs? I think the certs we have > in the tree are just placeholders. are we sure that's the reason? The marketplace-dev reviewer cert that we have to use on pre-2.0 versions of FxOS is: https://github.com/mozilla/marketplace-certs/blob/master/marketplace-dev-reviewers-root.der and the mxr file is identical: https://mxr.mozilla.org/mozilla-central/source/security/apps/marketplace-dev-reviewers.crt
Assignee | ||
Comment 8•10 years ago
|
||
You're right, the reviewers certificate is correct. Is that certificate used on marketplace.allizom.org or on marketplace-dev.allizom.org? Right now we're trusting the certificate only if the origin is "https://marketplace-dev.allizom.org".
Flags: needinfo?(awilliamson)
Comment 9•10 years ago
|
||
(In reply to Marco Castelluccio [:marco] from comment #8) > You're right, the reviewers certificate is correct. > Is that certificate used on marketplace.allizom.org or on > marketplace-dev.allizom.org? > Right now we're trusting the certificate only if the origin is > "https://marketplace-dev.allizom.org". the certificate is for marketplace-dev - I'm not sure about reviewers on marketplace stage, or if one even exists. But I can't make the marketplace-dev one work either in Nightly or Aurora desktop.
Flags: needinfo?(awilliamson)
Assignee | ||
Comment 10•10 years ago
|
||
I've just built a test to verify the installation of apps from marketplace-dev (see bug 1040179). It doesn't test reviewer certificates, but it does test the public ones. To enable installing from https://marketplace-dev.allizom.org you need to: 1) Set dom.mozApps.use_reviewer_certs to true 2) Add the domain to dom.mozApps.signed_apps_installable_from In production, you don't need step 2.
Comment 11•10 years ago
|
||
(In reply to Marco Castelluccio [:marco] from comment #10) > I've just built a test to verify the installation of apps from > marketplace-dev (see bug 1040179). It doesn't test reviewer certificates, > but it does test the public ones. > > To enable installing from https://marketplace-dev.allizom.org you need to: > 1) Set dom.mozApps.use_reviewer_certs to true > 2) Add the domain to dom.mozApps.signed_apps_installable_from > > In production, you don't need step 2. just to be clear: I can install from public pages on -dev; I can install from public and reviewer pages on production; I can't install from reviewer pages on -dev. (I've not tested stage)
Assignee | ||
Comment 12•10 years ago
|
||
OK, so the certificate in our tree and the certificate you pointed to on GitHub are the same, but they're both wrong. Their issuer is "MarketplaceTest2 Corporation", the issuer of the certificate used to sign unreviewed apps on marketplace-dev is "ExampllaReviewer Corporation".
Comment 13•10 years ago
|
||
hmm. I wonder who is using the 'correct' certificates. Jason might know.
Comment 14•10 years ago
|
||
All environment public root certificates for app signing should be on github https://github.com/mozilla/marketplace-certs/. I believe we used 'Examplla*' CommonName and 'MarketplaceTest* Issuer to differentiate the dev certs from prod. Bug 793876 for the script we used for creation of -dev certs. If we are having issues with -dev reviewer app signing certs due to the Issuer and CommonName I believe we can just recreate the certs with the correct Issuer and CommonName (please provide) and resign devs apps as needed.
Flags: needinfo?(jthomas)
Assignee | ||
Comment 15•10 years ago
|
||
I think there's no need to resign all the apps, we just need the cert you're actually using (it isn't the cert on github). So, once you've decided what you want to use, just attach the public certificate here and I'll test it and land it in mozilla-central.
Comment 16•10 years ago
|
||
I don't know the technical background around what certs were used an why, but wouldn't it be easier to swap out the certificate used on Marketplace-dev (and resign all the apps) than replace the one bundled in gecko?
Assignee | ||
Comment 17•10 years ago
|
||
(In reply to Andrew Williamson [:eviljeff] from comment #16) > I don't know the technical background around what certs were used an why, > but wouldn't it be easier to swap out the certificate used on > Marketplace-dev (and resign all the apps) than replace the one bundled in > gecko? Replacing is pretty easy (we just need to overwrite the old file), but it will only work for versions >= Nightly. Resigning all the apps means supporting all Firefox versions.
Comment 18•10 years ago
|
||
(In reply to Marco Castelluccio [:marco] from comment #17) > (In reply to Andrew Williamson [:eviljeff] from comment #16) > > I don't know the technical background around what certs were used an why, > > but wouldn't it be easier to swap out the certificate used on > > Marketplace-dev (and resign all the apps) than replace the one bundled in > > gecko? > > Replacing is pretty easy (we just need to overwrite the old file), but it > will only work for versions >= Nightly. Resigning all the apps means > supporting all Firefox versions. I'd go for replacing and resigning on Marketplace then.
Assignee | ||
Comment 19•10 years ago
|
||
(In reply to Andrew Williamson [:eviljeff] from comment #18) > (In reply to Marco Castelluccio [:marco] from comment #17) > > (In reply to Andrew Williamson [:eviljeff] from comment #16) > > > I don't know the technical background around what certs were used an why, > > > but wouldn't it be easier to swap out the certificate used on > > > Marketplace-dev (and resign all the apps) than replace the one bundled in > > > gecko? > > > > Replacing is pretty easy (we just need to overwrite the old file), but it > > will only work for versions >= Nightly. Resigning all the apps means > > supporting all Firefox versions. > > I'd go for replacing and resigning on Marketplace then. OK, I filed bug 1042006 to do so. So this bug is just about adding the certificates for the staging server and adding the staging server domain to the admitted origins. On GitHub there's only https://github.com/mozilla/marketplace-certs/blob/master/marketplace-stage-public-root.der and not the reviewer one. Who could provide it? What is the domain of the staging server?
Assignee | ||
Updated•10 years ago
|
Summary: ensure that we have the right dev, staging, and production certs for marketplace checked in to the tree → Allow apps to be installed from the Marketplace staging server
Comment 20•10 years ago
|
||
(In reply to Marco Castelluccio [:marco] from comment #19) > (In reply to Andrew Williamson [:eviljeff] from comment #18) > > (In reply to Marco Castelluccio [:marco] from comment #17) > > > (In reply to Andrew Williamson [:eviljeff] from comment #16) > > > > I don't know the technical background around what certs were used an why, > > > > but wouldn't it be easier to swap out the certificate used on > > > > Marketplace-dev (and resign all the apps) than replace the one bundled in > > > > gecko? > > > > > > Replacing is pretty easy (we just need to overwrite the old file), but it > > > will only work for versions >= Nightly. Resigning all the apps means > > > supporting all Firefox versions. > > > > I'd go for replacing and resigning on Marketplace then. > > OK, I filed bug 1042006 to do so. > > So this bug is just about adding the certificates for the staging server and > adding the staging server domain to the admitted origins. > On GitHub there's only > https://github.com/mozilla/marketplace-certs/blob/master/marketplace-stage- > public-root.der and not the reviewer one. Who could provide it? Jason? > What is the domain of the staging server? stage: marketplace.allizom.org
Flags: needinfo?(jthomas)
Comment 21•10 years ago
|
||
https://github.com/mozilla/marketplace-certs/blob/master/marketplace-stage-public-root.der is for both app and reviewer signing.
Flags: needinfo?(jthomas)
Assignee | ||
Comment 22•10 years ago
|
||
Attachment #8460353 -
Flags: review?(fabrice)
Comment 23•10 years ago
|
||
Comment on attachment 8460353 [details] [diff] [review] Patch Review of attachment 8460353 [details] [diff] [review]: ----------------------------------------------------------------- r=me with nit fixed. ::: security/manager/ssl/public/nsIX509CertDB.idl @@ +299,5 @@ > const AppTrustedRoot AppMarketplaceProdReviewersRoot = 2; > const AppTrustedRoot AppMarketplaceDevPublicRoot = 3; > const AppTrustedRoot AppMarketplaceDevReviewersRoot = 4; > + const AppTrustedRoot AppMarketplaceStageRoot = 5; > + const AppTrustedRoot AppXPCShellRoot = 6; please change the UUID of the interface.
Attachment #8460353 -
Flags: review?(fabrice) → review+
Assignee | ||
Comment 24•10 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/8439b6d7bd2a
Comment 25•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/8439b6d7bd2a
Status: NEW → RESOLVED
Closed: 10 years ago
Flags: in-testsuite+
Resolution: --- → FIXED
Target Milestone: --- → mozilla34
Comment 26•10 years ago
|
||
Krupa, is this something you might want to (and be set up to) test? Thanks!
QA Whiteboard: [qa+]
Flags: needinfo?(krupa.mozbugs)
Comment 27•10 years ago
|
||
On 34.0a1, packaged app installs still fail on stage. build identifier: 20140804040204 git commit info: 2014-08-01 5fd14b8b 8-04 19:46:55.852 E/GeckoConsole( 1108): Content JS LOG at https://marketplace.allizom.org/iframe-install.html/:129 in installPackage/installRequest.onsuccess: [iframe-install] App install request for Stage 08-04 19:46:55.862 E/GeckoConsole( 305): Content JS LOG at app://system.gaiamobile.org/js/app_usage_metrics.js:92 in debug: [AppUsage] https://marketplace.allizom.org/app/e6a59937-29e4-456a-b636-b69afa8693b4/manifest.webapp installed 08-04 19:46:56.012 I/Gecko ( 305): RemoteOpenFileParent: file '/data/local/webapps/{b9b415b9-3bd2-4f7f-a213-6696374117e4}/application.zip' was not found! 08-04 19:46:56.012 I/Gecko ( 1070): IPDL protocol error: [PRemoteOpenFileChild] Received an invalid file descriptor! 08-04 19:46:56.062 E/GeckoConsole( 1070): Content JS ERROR at app://verticalhome.gaiamobile.org/gaia_build_defer_index.js:397 in GridItem.prototype.doRenderIcon/<: Error fetching icon Error: Error while HTTP GET: 08-04 19:46:56.312 I/GeckoDump( 305): XXX FIXME : Got a mozContentEvent: inputmethod-update-layouts 08-04 19:46:57.182 E/GeckoConsole( 305): Content JS INFO at app://system.gaiamobile.org/js/app_install_manager.js:356 in ai_handleDownloadError: downloadError event, error code is INVALID_SIGNATURE 08-04 19:46:57.272 E/GeckoConsole( 1108): Content JS LOG at https://marketplace.allizom.org/iframe-install.html/:145 in installPackage/installRequest.onsuccess/installRequest.result.ondownloaderror: [iframe-install] App download error: INVALID_SIGNATURE 08-04 19:46:57.272 E/GeckoConsole( 1108): Content JS LOG at https://marketplace-stage.cdn.mozilla.net/media/fireplace/js/include.js?b=1406925514345:6 in s/<: [installer] Received message from iframe installer (install-package) 08-04 19:46:57.272 E/GeckoConsole( 1108): Content JS LOG at https://marketplace-stage.cdn.mozilla.net/media/fireplace/js/include.js?b=1406925514345:6 in s/<: [installer] iframe install failed: INVALID_SIGNATURE
Status: RESOLVED → REOPENED
Flags: needinfo?(krupa.mozbugs)
Resolution: FIXED → ---
Assignee | ||
Comment 28•10 years ago
|
||
Mmmh, we have a test using three apps downloaded from marketplace.allizom.org: http://mxr.mozilla.org/mozilla-central/source/dom/apps/tests/test_marketplace_pkg_install.html?force=1
Comment 29•10 years ago
|
||
(In reply to Marco Castelluccio [:marco] from comment #28) > Mmmh, we have a test using three apps downloaded from > marketplace.allizom.org: > http://mxr.mozilla.org/mozilla-central/source/dom/apps/tests/ > test_marketplace_pkg_install.html?force=1 hrm, that's odd. I tried installing the same packaged apps after manually installing certs and the installs worked. I can try again tomorrow with a fresh build.
Comment 30•10 years ago
|
||
I tried to install a hosted and a packaged app on my Android phone, and got the following error "App install error: 0-" http://screencast.com/t/sakLbNJDK and the apps were not installed, and tried on Android tablet, the apps were installed, but I got the following error "INVALID_SIGNATURE". Both devices have Android 4.2.1. I have also modified the browser.webapps.apkFactoryUrl to https://apk-controller.stage.mozaws.net/application.apk in about:config, and I have installed the latest Nightly. Is this the same issue or should I file a new bug?
Comment 31•10 years ago
|
||
I investigated same scenario as in comment from above on my Android device (Galaxy S3, Android 4.3) and I was able to install both hosted and packaged apps, but I received same error as Iulian(INVALID_SIGNATURE) only for packaged apps.
Comment 32•10 years ago
|
||
(In reply to Iulian Timis from comment #30) > I tried to install a hosted and a packaged app on my Android phone, and got > the following error "App install error: 0-" > http://screencast.com/t/sakLbNJDK and the apps were not installed, and tried > on Android tablet, the apps were installed, but I got the following error > "INVALID_SIGNATURE". Both devices have Android 4.2.1. > > I have also modified the browser.webapps.apkFactoryUrl to > https://apk-controller.stage.mozaws.net/application.apk in about:config, and > I have installed the latest Nightly. > > Is this the same issue or should I file a new bug? Austin, do you think this is the same issue or not?
Flags: needinfo?(ozten.bugs)
Comment 33•10 years ago
|
||
I am receiving the INVALID_SIGNATURE error on Flame (FFOS 2.1) for packaged apps and the apps are NOT installed.
Assignee | ||
Comment 34•10 years ago
|
||
Are you sure you're both setting "dom.mozApps.use_reviewers_certs" to true and adding https://marketplace.allizom.org/ to the list in the "dom.mozApps.signed_apps_installable_from" pref?
Comment 35•10 years ago
|
||
(In reply to Marco Castelluccio [:marco] from comment #34) > Are you sure you're both setting "dom.mozApps.use_reviewers_certs" to true > and adding https://marketplace.allizom.org/ to the list in the > "dom.mozApps.signed_apps_installable_from" pref? Yes, I have done the above settings but I'm still getting the same behavior described in comment 30
Comment 37•10 years ago
|
||
platform version:30.0 (20140820000202) 4f92950e 08-20 12:51:45.269 E/GeckoConsole( 135): Content JS INFO at app://system.gaiamobile.org/js/app_install_manager.js:355 in ai_handleDownloadError: downloadError event, error code is INVALID_SIGNATURE 08-20 12:51:45.389 E/GeckoConsole( 533): Content JS LOG at https://marketplace.allizom.org/iframe-install.html/:153 in installPackage/installRequest.onsuccess/installRequest.result.ondownloaderror: [iframe-install] App download error: INVALID_SIGNATURE 08-20 12:51:45.389 E/GeckoConsole( 533): Content JS LOG at app://packaged.marketplace.allizom.org/media/js/include.js:6 in s/<: [installer] Received message from iframe installer (install-package) 08-20 12:51:45.399 E/GeckoConsole( 533): Content JS LOG at app://packaged.marketplace.allizom.org/media/js/include.js:6 in s/<: [installer] Received message from iframe installer (install-package) 08-20 12:51:45.399 E/GeckoConsole( 533): Content JS LOG at app://packaged.marketplace.allizom.org/media/js/include.js:6 in s/<: [installer] iframe install failed: INVALID_SIGNATURE 08-20 12:51:45.399 E/GeckoConsole( 533): Content JS LOG at app://packaged.marketplace.allizom.org/media/js/include.js:6 in s/<: [buttons] App install deferred was rejected for Whatsap Firefox OS Info 08-20 12:51:45.399 E/GeckoConsole( 533): Content JS LOG at app://packaged.marketplace.allizom.org/media/js/include.js:6 in s/<: [buttons] Unsuccessful install for Whatsap Firefox OS Info iulian, can you try as well?
Flags: needinfo?(krupa.mozbugs) → needinfo?(iulian.timis)
Comment 38•10 years ago
|
||
I was able to install and launch a packaged app with no issues on my Android 4.2.1 device on FF34.
Flags: needinfo?(iulian.timis)
Comment 39•10 years ago
|
||
(In reply to Iulian Timis from comment #38) > I was able to install and launch a packaged app with no issues on my Android > 4.2.1 device on FF34. Iulian, can you try the same on firefoxOS, please?
Flags: needinfo?(iulian.timis)
Comment 40•10 years ago
|
||
I was also able to install a packaged app on FF OS 1.3 (Inari) with no issues.
Flags: needinfo?(iulian.timis)
Assignee | ||
Comment 41•10 years ago
|
||
I think it's worth opening a new bug for the issue krupa is seeing.
Status: REOPENED → RESOLVED
Closed: 10 years ago → 10 years ago
Resolution: --- → FIXED
Comment 42•10 years ago
|
||
Krupa, I can no longer reproduce this issue, could you please test again in your enviroment? Thank you!
Flags: needinfo?(krupa.mozbugs)
Updated•9 years ago
|
Flags: needinfo?(krupa.mozbugs)
You need to log in
before you can comment on or make changes to this bug.
Description
•