Avoid using NSS Base64 functions in PSM

RESOLVED FIXED in Firefox 55

Status

()

Core
Security: PSM
P1
normal
RESOLVED FIXED
6 months ago
4 months ago

People

(Reporter: Cykesiopka, Assigned: Cykesiopka)

Tracking

({addon-compat})

unspecified
mozilla55
addon-compat
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(firefox55 fixed)

Details

(Whiteboard: [psm-assigned])

MozReview Requests

()

Submitter Diff Changes Open Issues Last Updated
Loading...
Error loading review requests:

Attachments

(1 attachment)

(Assignee)

Description

6 months ago
The NSS Base64 functions are less safe and convenient to use than the XPCOM ones.
They're also an unnecessary dependency on NSS.
(Assignee)

Updated

6 months ago
Depends on: 1342736
Comment hidden (mozreview-request)

Comment 2

5 months ago
mozreview-review
Comment on attachment 8847155 [details]
Bug 1338897 - Avoid using NSS Base64 functions in PSM.

https://reviewboard.mozilla.org/r/120172/#review123060

Looks great. Sorry this took a while to review.

::: security/apps/AppSignatureVerification.cpp:50
(Diff revision 1)
>  extern mozilla::LazyLogModule gPIPNSSLog;
>  
>  namespace {
>  
> +inline nsDependentCSubstring
> +DigestToString(const Digest& digest)

It might be nice to call this "DigestToDependentString" to be a bit more clear that the result depends on the input living longer than it (also might be nice to document this).

::: security/nss.symbols:19
(Diff revision 1)
>  #endif
>  #include ../db/sqlite3/src/sqlite.symbols
>  ATOB_AsciiToData
>  ATOB_AsciiToData_Util
> -ATOB_ConvertAsciiToItem
>  ATOB_ConvertAsciiToItem_Util

I'd imagine we can get rid of this line as well now, right?

::: security/nss.symbols:510
(Diff revision 1)
>  SECITEM_AllocArray
>  SECITEM_AllocItem
>  SECITEM_AllocItem_Util
>  SECITEM_ArenaDupItem_Util
> -SECITEM_CompareItem
>  SECITEM_CompareItem_Util

Same here.
Attachment #8847155 - Flags: review?(dkeeler) → review+
(Assignee)

Comment 3

5 months ago
mozreview-review-reply
Comment on attachment 8847155 [details]
Bug 1338897 - Avoid using NSS Base64 functions in PSM.

https://reviewboard.mozilla.org/r/120172/#review123060

No worries, thanks for the review!

> I'd imagine we can get rid of this line as well now, right?

Sadly, getting rid of the _Util symbols broke my try builds the last time I tried. Looks like we still need to keep this here as long as NSS itself uses the function.
Comment hidden (mozreview-request)
(Assignee)

Comment 5

5 months ago
https://treeherder.mozilla.org/#/jobs?repo=try&revision=e3addf5adadbd72dec2ee8a72fb556754684cc19
Keywords: checkin-needed

Comment 6

5 months ago
Pushed by ryanvm@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/312bdabd35b8
Avoid using NSS Base64 functions in PSM. r=keeler
Keywords: checkin-needed
https://hg.mozilla.org/mozilla-central/rev/312bdabd35b8
Status: ASSIGNED → RESOLVED
Last Resolved: 5 months ago
status-firefox55: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla55
(Assignee)

Comment 8

5 months ago
The changes here may impact add-ons that fit the following criteria:
1. Use nsICryptoHash or nsICryptoHMAC directly or indirectly.
2. Init either of the above with SHA-512 as the choice of hash algorithm.
3. Call `finish(true)` to get back base 64 output.

If these add-ons previously depended on the base 64 output having CRLF characters inserted every 64 characters, they need to stop doing that - the output will no longer have such characters.
Keywords: addon-compat
(Assignee)

Updated

4 months ago
Blocks: 1356522
You need to log in before you can comment on or make changes to this bug.