3 years ago
2 years ago


(Reporter: franziskus, Assigned: franziskus)



Firefox Tracking Flags

(firefox46 affected)



(1 attachment)

There's currently no way to decode base64 with url encoding. Not sure if we also want encoding.
patch is also here

I didn't find any possibility to do this so I added it. This allows to decode url encoded base64 with the already available functions. Not sure if there are tests anywhere for this where I should add some (didn't find any)?
Attachment #8703503 - Flags: review?(martin.thomson)
Comment on attachment 8703503 [details] [diff] [review]

Review of attachment 8703503 [details] [diff] [review]:

LGTM  That -1 thing threw me at first.
Attachment #8703503 - Flags: review?(martin.thomson) → review+
Comment on attachment 8703503 [details] [diff] [review]

Review of attachment 8703503 [details] [diff] [review]:

Also, I don't think that this is enough.  Checkout atob.c, which checks characters before feeding them to this (thereby rejecting "-_")

Changed my mind.  This changes the behaviour of the function in a way that we can't do in NSS.  Current code expects an error if '-' or '_' are encountered.

Sadly, the best option is to add a new function for this.
Attachment #8703503 - Flags: review+ → review-
BTW, if you are looking for this in m-c, a decoder just landed.

uh, this finally landed, hasn't been there yet last time I checked (you might want to close bug 769521 then as well).

But we might want to have this in NSS anyway. David suggested to use nsIDataSignatureVerifier[1] for Content-Signature verification, which makes sense but does the b64 decoding in NSS. So I guess adding a new function for this is the best option?

Flags: needinfo?(martin.thomson)
Wasn't the plan was to remove dependencies on PSM?  It's not like this code is particularly complex or difficult. nsIDataSignatureVerifier seems like it might not be a direct fit anyway, since the signatures for content-signature are raw and nsIDataSignatureVerifier seems to depend on DER-encoded structures (CMS).
Flags: needinfo?(martin.thomson)
Last Resolved: 2 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.