Add option to .get() to verify signatures on read
Categories
(Firefox :: Remote Settings Client, enhancement)
Tracking
()
Tracking | Status | |
---|---|---|
firefox-esr60 | --- | unaffected |
firefox67 | --- | wontfix |
firefox68 | --- | fixed |
People
(Reporter: leplatrem, Assigned: leplatrem)
References
Details
(Keywords: sec-want, Whiteboard: [post-critsmash-triage][adv-main68-])
Attachments
(2 files, 2 obsolete files)
So that can do something like this:
try {
data = await client.get({ verifySignature: true });
} catch (e) {
if (e instanceof RemoteSettings.InvalidSignatureError) {
await client.clear();
await client.loadDump();
// or client.sync();
}
}
Assignee | ||
Updated•5 years ago
|
Assignee | ||
Comment 1•5 years ago
|
||
After digging into this, I realize that we'll have to force a synchronization or store the collection metadata locally during synchronization. Otherwise, if we fetch the signature from the server on .get()
, and the local data is not up-to-date, the signature won't be valid.
Assignee | ||
Comment 2•5 years ago
|
||
Comment 3•5 years ago
|
||
Why does this need to be hidden? This might be better/safer but how could the knowledge be used to exploit our users?
Assignee | ||
Comment 4•5 years ago
|
||
Why does this need to be hidden? This might be better/safer but how could the knowledge be used to exploit our users?
It does not have to be hidden indeed. Since it makes explicit that we don't verify signature on read, I thought it would be safer. Basically an attacker could alter the local IndexedDB in the profile folder to alter the records. On next synchronization those changes will be erased though.
Assignee | ||
Updated•5 years ago
|
Assignee | ||
Comment 5•5 years ago
|
||
Bug 1547995 - Upgrade kinto-offline-client.js to v12.4.0
Updated•5 years ago
|
Assignee | ||
Comment 6•5 years ago
•
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=ca87d42d86956a9588b8e7382ae04472533c42f9
Updated•5 years ago
|
Updated•5 years ago
|
Assignee | ||
Comment 7•5 years ago
|
||
Assignee | ||
Comment 8•5 years ago
|
||
Depends on D30356
Assignee | ||
Comment 9•5 years ago
|
||
Comment hidden (obsolete) |
Assignee | ||
Comment 11•5 years ago
|
||
I'm stuck on this:
https://treeherder.mozilla.org/logviewer.html#/jobs?job_id=245559065&repo=try&lineNumber=2336-2342
Could be this? [Exception... "Unexpected error" nsresult: "0x8000ffff (NS_ERROR_UNEXPECTED)" location: "JS frame :: resource://testing-common/httpd.js :: finish :: line 3455" data: no]
Tests pass locally :/
Assignee | ||
Comment 12•5 years ago
|
||
Ok, found the issue.
Tests now pass.
https://treeherder.mozilla.org/#/jobs?repo=try&revision=4f31fd83bc1747c1e3b05115f702996a45d07f0e
Comment 13•5 years ago
|
||
First it landed as
https://hg.mozilla.org/integration/autoland/rev/411f5783f0466ee478325b2b32f3d13d74f077ec
https://hg.mozilla.org/integration/autoland/rev/0bcfcc0bbc658890cbb6e218b2f2f06b42a56b16
Then it got backed out as
https://hg.mozilla.org/integration/autoland/rev/40377335c3b5597fef5a638ea42870039b34d34c
Push with xpcshell failures for services/settings/test/unit/test_remote_settings.js: https://treeherder.mozilla.org/#/jobs?repo=autoland&resultStatus=testfailed%2Cbusted%2Cexception%2Crunnable&revision=0bcfcc0bbc658890cbb6e218b2f2f06b42a56b16&selectedJob=246020078
Failure log: https://treeherder.mozilla.org/logviewer.html#?job_id=246020078&repo=autoland
"One or more unittests failed."
Assignee | ||
Comment 14•5 years ago
|
||
Sorry for the troubles. Phabricator now has the fix.
Comment 15•5 years ago
•
|
||
This relanded here on autoland: https://treeherder.mozilla.org/#/jobs?repo=autoland&resultStatus=testfailed%2Cbusted%2Cexception&classifiedState=unclassified&revision=8fb278dd620a5dab42e6ecc175ab7418ec62a72a
https://hg.mozilla.org/integration/autoland/rev/3840128adf0a6c129ef34650fdf4d5cc0a79db38
https://hg.mozilla.org/integration/autoland/rev/8fb278dd620a5dab42e6ecc175ab7418ec62a72a
Comment 16•5 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/3840128adf0a
https://hg.mozilla.org/mozilla-central/rev/8fb278dd620a
Updated•5 years ago
|
Updated•5 years ago
|
Updated•5 years ago
|
Updated•5 years ago
|
Updated•4 years ago
|
Description
•