Closed Bug 717481 Opened 13 years ago Closed 12 years ago

login manager storage should use default encryption type from the crypto provider

Categories

(Toolkit :: Password Manager, defect, P1)

Product:
Toolkit
Component:
Password Manager
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla13
Tracking Flags:
Tracking Status
blocking-fennec1.0 --- beta+

People

(Reporter: Dolske, Assigned: Dolske)

References

Details

Attachments

(1 file, 1 obsolete file)

Patch v.2
6.63 KB, patch
Details | Diff | Splinter Review 
Login Manager's crypto code is already largely split into nsILoginManagerCrypto / crypto-SDR.js. However, the SQL storage backend (storage-mozStorage.js) still makes assumptions about how crypto-SDR works, which makes it difficult to actually replace it with a different implementation.

Should be pretty simple to fix this. Due to product/sync requirements, fennec is likely to end up doing this encryption through Java APIs, and this will be the first step to making that easier to do. Makes sense to have even if they don't!

Patch shortly.
Attached patch Patch v.1 (obsolete) — Splinter Review 
Passed tests (locally) on first attempt, so presumably there is something wrong with it. :-)

[A quick glance at tests/ surprisingly seems to indicate we don't test for base64 conversion or correct enctype columns, so either I'm missing that or this should be checked more carefully by hand.]
Assignee: nobody → dolske
Attachment #587915 - Flags: review?(paul)
wesj: I _think_ that with this patch, a Fennec build with a custom nsILoginManagerCrypto provider that forwards to a Java implementation should Just Work. Probably easiest, for the moment, to just replace the guts of crypto-SDR.js to test. Better to override @mozilla.org/login-manager/crypto/SDR;1. Eventually we should make storage-mozStorage.js use "@mozilla.org/login-manager/crypto?type=#" as needed.
Blocks: 718760
Comment on attachment 587915 [details] [diff] [review]
Patch v.1

Review of attachment 587915 [details] [diff] [review]:
-----------------------------------------------------------------

So if somebody implements nsILoginManagerCrypto, they still need to actually encode in a compatible type, which really just means SDR, right?

Is the native Fennec work being done such that we would be able to take an encrypted pw and decode it with SDR on desktop?

::: toolkit/components/passwordmgr/nsILoginManagerCrypto.idl
@@ +36,5 @@
>  
>  
>  #include "nsISupports.idl"
>  
>  [scriptable, uuid(73f85239-421d-4d34-8d9c-79cf820ea1e6)]

Don't we need to rev the uuid here?
(In reply to Justin Dolske [:Dolske] from comment #1)
> Created attachment 587915 [details] [diff] [review]
> Patch v.1
> 
> Passed tests (locally) on first attempt, so presumably there is something
> wrong with it. :-)
> 
> [A quick glance at tests/ surprisingly seems to indicate we don't test for
> base64 conversion or correct enctype columns, so either I'm missing that or
> this should be checked more carefully by hand.]

It looks like we did add a few tests in bug 316084.
Comment on attachment 587915 [details] [diff] [review]
Patch v.1

Review of attachment 587915 [details] [diff] [review]:
-----------------------------------------------------------------

We talked IRL, so my concerns were addressed.
Attachment #587915 - Flags: review?(paul) → review+
Priority: -- → P1
Why has this not landed?
blocking-fennec1.0: --- → beta+
Status: NEW → ASSIGNED
Attached patch Patch v.2Splinter Review 
Bumped IID, and fixed trivial bitrot.
Attachment #587915 - Attachment is obsolete: true
Keywords: checkin-needed
https://hg.mozilla.org/mozilla-central/rev/a939d0ba3075
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: