mirror of
https://github.com/roytam1/palemoon27.git
synced 2026-05-26 14:30:27 +00:00
roytam1
b564bd67d3
- Use CompositorWidgetProxy for dispatching vsync to the compositor. (bug 1269037 part 1, r=mchang) (c8b7a4240c) - Remove unused null widget checks. (bug 1269037 part 2, r=mchang) (4f4cc9952b) - Bug 1269422: Wrap Gonk widget in |CompositorWidgetProxyWrapper|. r=dvander (4513035cbf) - Remove nsBaseWidget::NewCompositorBridgeParent. (bug 1272472 part 1, r=kats) (ca813c1f2b) - Use IPDL to schedule composites on GTK. (bug 1272472 part 2, r=nical) (7402cf834e) - Use IPC to schedule composites on Windows. (bug 1272472 part 3, r=jimm) (e5d7281dd7) - Don't use nsIWidget to check APZ in LayerManagerComposite. (bug 1269653 part 1, r=kats) (79a1644111) - Restrict SetDispAcquireFence's nsIWidget access to Gonk. (bug 1269653 part 2, r=kats) (72110b7bc7) - Bug 1264764 - Move PTexture under PCompositorBridge r=nical,dvander (17e6ec7fc1) - Move CompositorThreadHolder into its own file. (bug 1273017 part 1, r=mattwoodrow) (464ede8be1) - Move CompositorBridgeParent::CompositorLoop to CompositorThreadHolder. (bug 1273017 part 2, r=mattwoodrow) (85708f3cde) - Bug 1268313: Part 1 - Be explicit about which NewRunnableMethod callers want to be able to cancel. r=froydnj (faa07aa139) - Bug 1268313: Part 2 - Replace some NewRunnableMethods with NS_NewNonOwningRunnableMethod. r=froydnj (010c43d000) - Bug 1268313: Part 3 - Replace some NewCancelableRunnableMethod with NS_NewNonOwningCancelableRunnableMethod. r=froydnj (55018ef234) - Bug 1268313: Part 4 - Replace NewCancelableRunnableMethod with NS_NewCancelableRunnableMethod. r=froydnj (c22711b35d) - Bug 1268313: Part 5 - Make NS_NewRunnableMethod able to call const functions. r=froydnj (b0f60963a3) - Bug 1268313: Part 6 - Replace NewRunnableMethod with NS_NewRunnableMethod. r=froydnj (18d40def2c) - Bug 1260950 - Set mInitialSizeFound to true when the initial size id found. r=jesup, r=pehrsons a=kwierso (5d6abe57e0) - Bug 1237176 - Notify synth start if we get a finished event without a blocking-changed event. r=roc (c1aebe903a) - Bug 911546, use a runnable so that popups don't rollup during a grab, r=karlt (a06bd44e6c) - Bug 1237617 - Call nsWindow::ForcePresent during going active r=bas.schouten (066cad8f89) - Bug 1268313: Part 7 - Move NS_NewRunnableMethod and friends to mozilla::NewRunnableMethod. r=froydnj (8b4bf34961) - Bug 1266595: Followup to fix IPDL tests. r=billm (216f2dcff5) - Bug 1268313: Fix up IPDL tests. r=billm (228348d642) - Add WinCompositorWidgetProxy. (bug 1265975 part 1, r=jimm) (bfafe7a8e2) - Implement WinCompositorWidgetProxy::GetClientSize. (bug 1265975 part 2, r=jimm) (a8710a3259) - Move the WM_SETTEXT present lock to CompositorWidgetProxy. (bug 1265975 part 3, r=jimm) (297ce28c8a) - Move transparency handling to WinCompositorWigetProxy. (bug 1265975 part 4, r=jimm) (46ba0c6d01) - Remove Windows-specific compositor calls to nsIWidget. (bug 1265975 part 5, r=jimm) (3ef157c160) - Remove plugin-related CompositorBridgeParent use of nsIWidget. (bug 1265975 part 6, r=jimm) (6d80cdd6fd) - Hide top-level CompositorBridgeParents behind a new API. (bug 1272472 part 4, r=mattwoodrow,kats,gwagner) (228c0efdb7) - Bug 1253424 - part 1 - add a already_AddRefed nsTransactionStack::Push overload; r=erahm (7059e20914) - Bug 1253424 - part 2 - add nsTransactionStack::IsEmpty; r=erahm (7e9764a146) - Bug 1254618 - modify nsTransactionStack to use nsDeque rather than std::deque; r=ehsan (5e47ea431e) - Bug 1136857 - Make DOMStorageCache::mLoaded flag atomic to prevent potential races, r=nfroyd (39aaea1de3) - Bug 1265408 - Add webidl for IIRFilterNode; r=smaug (040ce9aa43) - Bug 1265408 - Implement IIRFilterNode; r=padenot (6bf569a412) - Bug 1265408 - Import IIRFilter from blink; r=padenot (71b28c0ad2) - Bug 1265408 - Use IIRFilter from blink; r=padenot (5d058d8568) - Bug 1265408 - Add buffersAreZero to IIRFilter; r=karlt (45edba3e13) - Bug 1265408 - Avoid subnormals in IIRFilter; r=karlt (0e1ae93f0b) - Bug 1265408 - Add LogToDeveloperConsole to WebAudioUtils; r=padenot (88d5f0222a) - Bug 1268984 - Store GMPStorage on GMPServiceParent so that it persists inside the same PB session. r=gerald (17d4d0abaf) - Bug 1267905 - Replace uses of ScopedCERTCertList with UniqueCERTCertList. r=keeler (783bf11b2a) - Bug 1270005 - Replace uses of ScopedPK11SlotInfo with UniquePK11SlotInfo in PSM. r=keeler (ea9a4011aa) - Bug 1271501 - Remove unnecessary uses of reinterpret_cast in PSM. r=keeler (6be40f0a85) - Bug 1271501 - Downgrade unnecessarily strong reinterpret_casts in PSM. r=keeler (95245f00ce) - Bug 1082346 - 01. Convert PKCS12 password endian using copyAndSwapToBigEndian. r=keeler (9cc58fc550) - Bug 1082346 - 02. Test case. r=keeler r=Cykesiopka (7fb0e8abc4) - Bug 160122 - Stop using PR_smprintf in PSM. r=keeler (1e5b68819c) - Bug 1271501 - Use mozilla::BitwiseCast instead of reinterpret_cast in PSM. r=keeler (894966a2ef) - Bug 1273855: TraceLogger - Include PID in the log names in order to support browser with e10s, r=bbouvier (8cf2233db3) - Bug 1274189. Part 1 - rename some functions to be consistent with other MediaDataDecoder sub-classes. r=jya. (4511b3d3f7) - Bug 1274189. Part 2 - remove use of FlushableTaskQueue::Flush(). r=jya. (77e745fdd1) - Bug 1274189. Part 3 - remove use of FlushableTaskQueue. r=jya (aac61dcd02) - Bug 1269963. Part 1 - Add a SyncRunnable::DispatchToThread() overload for AbstractThread. r=bobbyholley. (839752aff4) - Bug 1269672 - part1 : revert sampling rate changing of the bug1235612. (9015782e13) - Bug 1270698 - check if we need to enter buffering periodically to ensure we start buffering when running out of decoded audio/video data. r=cpearce. (16734549b7) - Bug 1271581 - use newCurrentTime, instead of GetMediaTime() to decide the nextState; r=jwwang (9c5075eada) - Bug 1224973 - Part 1: Remove MediaDecoderOwner->IsHidden(). r=cpearce,jwwang (4fde3ede5a) - Bug 1224973 - Part 2: Set MediaDecoder visibility via NotifyOwnerActivityChanged. r=cpearce,jwwang (be917202eb) - Bug 1224973 - Part 3: Plumb element visibility into MDSM. r=jya,jwwang (9ec83fa243) - Bug 1224973 - Part 4: Pref media.suspend-bkgnd-video.enabled. r=cpearce,jwwang (43413a025f) - Bug 1269408: P1. Retry InternalSeek if previous attempt failed once more data is available. r=gerald (05db58dc7c) - crude fix (0097068989) - Bug 1269408: P2. Update mochitest. r=gerald (464b4c0724) - Bug 1269408: P3. Ensure a new seek request will cancel the previous internal seek. r=gerald (6ed4b8dc95) - Bug 1269408: P4. Ensure the decoders are flushed prior performing an internal seek. r=gerald (074234067b) - Bug 1269408: P5. Only drop the seek target if it's exactly the seek target. r=gerald (88701eb05a) - Bug 1269408: P6. Add debugging information, useful when a mochitest timeout. r=gerald (ef0270ab0d) - Bug 1269408: P7. Start skip to next keyframe logic when resume point is behind current time. r=gerald (bd40ebf3bc) - Bug 1269408: P8. Add debugging log. r=gerald (e6dbd1f0a6) - Bug 1269408: P9. Move handling logic of skip to next keyframe to its own function. r=gerald (3c8039e417) - Bug 1269408: P10. Reject promise early if in error state. r=me (8af54c574e) - Bug 1224973 - Part 5: Implement suspend decoding for background video. r=cpearce,jwwang,jya (22081521e3) - Bug 1242874 - part1 : create suspened types. r=baku (d3ac9548e5) - Bug 1242874 - part2 : window's suspend attribute. r=baku, r=ehsan (1fd9dc2647) - remove allowscirpted (39ab523036) - Bug 1242874 - part3 : implement different suspended methods. r=baku, r=jwwang (25d1f27a03) - Bug 1242874 - part4 : wrap the volume/mute/suspend for notifyStartedPlaying. r=baku (b8ba3238c2) - bug 1242874 - part5 : add test. r=baku, r=ehsan (f840139b5a) - Bug 1235612 - Part 1: Implement notify media-playback. r=baku (b5ec29da20) - Bug 1235612 - Part 2: Notify audible state in NotifyStartedPlaying. r=baku (dc38583a62) - Bug 1235612 - Part 3: Implement the logic of audible state notification for agent owners. r=baku (f65b3952fa) - Bug 1235612 - Part 4: Modify check audible method. r=jwwang (73457e39eb) - Bug 1269672 - part2 : move audible data checking from MDSM to DecodedAudioDataSink. (d2c3b6874c) - Bug 1269936 - Introduce and call a runtime-wide servo initialization hook. r=heycam (d4d505d4c2) - Bug 1263778 - Rename a bunch of low-level [[Prototype]] access methods to make their interactions with statically-known and dynamically-computed [[Prototype]]s clearer. r=efaust (66bbe8e7db) - Bug 888969 - Permit a cyclic [[Prototype]] chain to be created through a Location object. r=bz, r=efaust (3e3b9cbb16) - re-apply Bug 1054906 - Implement ES6 Symbol.hasInstance 2/2; r=jandem (8d5c7573ff) - Bug 1054906 - Implement ES6 Symbol.hasInstance 1/2; r=evilpie,bz (a836904e5d) - fix misspatch (54a5f2d708) - Bug 1270349 part 1. Add IDL parser support for [LegacyUnenumerableNamedProperties]. r=peterv (8c836bc74a) - Bug 1270349 part 2. Add [LegacyUnenumerableNamedProperties] to the interfaces that specify it in DOM and HTML. r=peterv (25d3cc1377) - Bug 1270349 part 3. Add a way to ask an interface descriptor for a proxy whether its named props should be enumerable. r=peterv (0a9f804867) - Bug 1270349 part 4. Use LegacyUnenumerableNamedProperties instead of NameIsEnumerable() calls to determine whether named props on DOM proxies should be enumerable. r=peterv (82f5158963) - Bug 1270349 part 5. Use LegacyUnenumerableNamedProperties instead of passing flags to GetSupportedNames to determine whether named props on DOM proxies should be reflected in ownPropertyKeys. r=peterv (3984176834) - Bug 1270349 followup to address a review comment. r=peterv (b49f4c5335)
374 lines
12 KiB
C++
374 lines
12 KiB
C++
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#include "AppTrustDomain.h"
|
|
#include "MainThreadUtils.h"
|
|
#include "certdb.h"
|
|
#include "mozilla/ArrayUtils.h"
|
|
#include "mozilla/Casting.h"
|
|
#include "mozilla/Preferences.h"
|
|
#include "nsComponentManagerUtils.h"
|
|
#include "nsIFile.h"
|
|
#include "nsIFileStreams.h"
|
|
#include "nsIX509CertDB.h"
|
|
#include "nsNSSCertificate.h"
|
|
#include "nsNetUtil.h"
|
|
#include "pkix/pkixnss.h"
|
|
#include "prerror.h"
|
|
#include "secerr.h"
|
|
|
|
// Generated in Makefile.in
|
|
#include "marketplace-prod-public.inc"
|
|
#include "marketplace-prod-reviewers.inc"
|
|
#include "marketplace-dev-public.inc"
|
|
#include "marketplace-dev-reviewers.inc"
|
|
#include "marketplace-stage.inc"
|
|
#include "xpcshell.inc"
|
|
// Trusted Hosted Apps Certificates
|
|
#include "manifest-signing-root.inc"
|
|
#include "manifest-signing-test-root.inc"
|
|
// Add-on signing Certificates
|
|
#include "addons-public.inc"
|
|
#include "addons-stage.inc"
|
|
// Privileged Package Certificates
|
|
#include "privileged-package-root.inc"
|
|
|
|
using namespace mozilla::pkix;
|
|
|
|
extern mozilla::LazyLogModule gPIPNSSLog;
|
|
|
|
static const unsigned int DEFAULT_MIN_RSA_BITS = 2048;
|
|
static char kDevImportedDER[] =
|
|
"network.http.signed-packages.developer-root";
|
|
|
|
namespace mozilla { namespace psm {
|
|
|
|
StaticMutex AppTrustDomain::sMutex;
|
|
UniquePtr<unsigned char[]> AppTrustDomain::sDevImportedDERData;
|
|
unsigned int AppTrustDomain::sDevImportedDERLen = 0;
|
|
|
|
AppTrustDomain::AppTrustDomain(UniqueCERTCertList& certChain, void* pinArg)
|
|
: mCertChain(certChain)
|
|
, mPinArg(pinArg)
|
|
, mMinRSABits(DEFAULT_MIN_RSA_BITS)
|
|
{
|
|
}
|
|
|
|
SECStatus
|
|
AppTrustDomain::SetTrustedRoot(AppTrustedRoot trustedRoot)
|
|
{
|
|
SECItem trustedDER;
|
|
|
|
// Load the trusted certificate into the in-memory NSS database so that
|
|
// CERT_CreateSubjectCertList can find it.
|
|
|
|
switch (trustedRoot)
|
|
{
|
|
case nsIX509CertDB::AppMarketplaceProdPublicRoot:
|
|
trustedDER.data = const_cast<uint8_t*>(marketplaceProdPublicRoot);
|
|
trustedDER.len = mozilla::ArrayLength(marketplaceProdPublicRoot);
|
|
break;
|
|
|
|
case nsIX509CertDB::AppMarketplaceProdReviewersRoot:
|
|
trustedDER.data = const_cast<uint8_t*>(marketplaceProdReviewersRoot);
|
|
trustedDER.len = mozilla::ArrayLength(marketplaceProdReviewersRoot);
|
|
break;
|
|
|
|
case nsIX509CertDB::AppMarketplaceDevPublicRoot:
|
|
trustedDER.data = const_cast<uint8_t*>(marketplaceDevPublicRoot);
|
|
trustedDER.len = mozilla::ArrayLength(marketplaceDevPublicRoot);
|
|
break;
|
|
|
|
case nsIX509CertDB::AppMarketplaceDevReviewersRoot:
|
|
trustedDER.data = const_cast<uint8_t*>(marketplaceDevReviewersRoot);
|
|
trustedDER.len = mozilla::ArrayLength(marketplaceDevReviewersRoot);
|
|
break;
|
|
|
|
case nsIX509CertDB::AppMarketplaceStageRoot:
|
|
trustedDER.data = const_cast<uint8_t*>(marketplaceStageRoot);
|
|
trustedDER.len = mozilla::ArrayLength(marketplaceStageRoot);
|
|
// The staging root was generated with a 1024-bit key.
|
|
mMinRSABits = 1024u;
|
|
break;
|
|
|
|
case nsIX509CertDB::AppXPCShellRoot:
|
|
trustedDER.data = const_cast<uint8_t*>(xpcshellRoot);
|
|
trustedDER.len = mozilla::ArrayLength(xpcshellRoot);
|
|
break;
|
|
|
|
case nsIX509CertDB::AddonsPublicRoot:
|
|
trustedDER.data = const_cast<uint8_t*>(addonsPublicRoot);
|
|
trustedDER.len = mozilla::ArrayLength(addonsPublicRoot);
|
|
break;
|
|
|
|
case nsIX509CertDB::AddonsStageRoot:
|
|
trustedDER.data = const_cast<uint8_t*>(addonsStageRoot);
|
|
trustedDER.len = mozilla::ArrayLength(addonsStageRoot);
|
|
break;
|
|
|
|
case nsIX509CertDB::PrivilegedPackageRoot:
|
|
trustedDER.data = const_cast<uint8_t*>(privilegedPackageRoot);
|
|
trustedDER.len = mozilla::ArrayLength(privilegedPackageRoot);
|
|
break;
|
|
|
|
case nsIX509CertDB::DeveloperImportedRoot: {
|
|
StaticMutexAutoLock lock(sMutex);
|
|
if (!sDevImportedDERData) {
|
|
MOZ_ASSERT(!NS_IsMainThread());
|
|
nsCOMPtr<nsIFile> file(do_CreateInstance("@mozilla.org/file/local;1"));
|
|
if (!file) {
|
|
PR_SetError(SEC_ERROR_IO, 0);
|
|
return SECFailure;
|
|
}
|
|
nsresult rv = file->InitWithNativePath(
|
|
Preferences::GetCString(kDevImportedDER));
|
|
if (NS_FAILED(rv)) {
|
|
PR_SetError(SEC_ERROR_IO, 0);
|
|
return SECFailure;
|
|
}
|
|
|
|
nsCOMPtr<nsIInputStream> inputStream;
|
|
NS_NewLocalFileInputStream(getter_AddRefs(inputStream), file, -1, -1,
|
|
nsIFileInputStream::CLOSE_ON_EOF);
|
|
if (!inputStream) {
|
|
PR_SetError(SEC_ERROR_IO, 0);
|
|
return SECFailure;
|
|
}
|
|
|
|
uint64_t length;
|
|
rv = inputStream->Available(&length);
|
|
if (NS_FAILED(rv)) {
|
|
PR_SetError(SEC_ERROR_IO, 0);
|
|
return SECFailure;
|
|
}
|
|
|
|
auto data = MakeUnique<char[]>(length);
|
|
rv = inputStream->Read(data.get(), length, &sDevImportedDERLen);
|
|
if (NS_FAILED(rv)) {
|
|
PR_SetError(SEC_ERROR_IO, 0);
|
|
return SECFailure;
|
|
}
|
|
|
|
MOZ_ASSERT(length == sDevImportedDERLen);
|
|
sDevImportedDERData.reset(
|
|
BitwiseCast<unsigned char*, char*>(data.release()));
|
|
}
|
|
|
|
trustedDER.data = sDevImportedDERData.get();
|
|
trustedDER.len = sDevImportedDERLen;
|
|
break;
|
|
}
|
|
|
|
default:
|
|
PR_SetError(SEC_ERROR_INVALID_ARGS, 0);
|
|
return SECFailure;
|
|
}
|
|
|
|
mTrustedRoot.reset(CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
|
|
&trustedDER, nullptr, false, true));
|
|
if (!mTrustedRoot) {
|
|
return SECFailure;
|
|
}
|
|
|
|
return SECSuccess;
|
|
}
|
|
|
|
Result
|
|
AppTrustDomain::FindIssuer(Input encodedIssuerName, IssuerChecker& checker,
|
|
Time)
|
|
|
|
{
|
|
MOZ_ASSERT(mTrustedRoot);
|
|
if (!mTrustedRoot) {
|
|
return Result::FATAL_ERROR_INVALID_STATE;
|
|
}
|
|
|
|
// TODO(bug 1035418): If/when mozilla::pkix relaxes the restriction that
|
|
// FindIssuer must only pass certificates with a matching subject name to
|
|
// checker.Check, we can stop using CERT_CreateSubjectCertList and instead
|
|
// use logic like this:
|
|
//
|
|
// 1. First, try the trusted trust anchor.
|
|
// 2. Secondly, iterate through the certificates that were stored in the CMS
|
|
// message, passing each one to checker.Check.
|
|
SECItem encodedIssuerNameSECItem =
|
|
UnsafeMapInputToSECItem(encodedIssuerName);
|
|
UniqueCERTCertList
|
|
candidates(CERT_CreateSubjectCertList(nullptr, CERT_GetDefaultCertDB(),
|
|
&encodedIssuerNameSECItem, 0,
|
|
false));
|
|
if (candidates) {
|
|
for (CERTCertListNode* n = CERT_LIST_HEAD(candidates);
|
|
!CERT_LIST_END(n, candidates); n = CERT_LIST_NEXT(n)) {
|
|
Input certDER;
|
|
Result rv = certDER.Init(n->cert->derCert.data, n->cert->derCert.len);
|
|
if (rv != Success) {
|
|
continue; // probably too big
|
|
}
|
|
|
|
bool keepGoing;
|
|
rv = checker.Check(certDER, nullptr/*additionalNameConstraints*/,
|
|
keepGoing);
|
|
if (rv != Success) {
|
|
return rv;
|
|
}
|
|
if (!keepGoing) {
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
return Success;
|
|
}
|
|
|
|
Result
|
|
AppTrustDomain::GetCertTrust(EndEntityOrCA endEntityOrCA,
|
|
const CertPolicyId& policy,
|
|
Input candidateCertDER,
|
|
/*out*/ TrustLevel& trustLevel)
|
|
{
|
|
MOZ_ASSERT(policy.IsAnyPolicy());
|
|
MOZ_ASSERT(mTrustedRoot);
|
|
if (!policy.IsAnyPolicy()) {
|
|
return Result::FATAL_ERROR_INVALID_ARGS;
|
|
}
|
|
if (!mTrustedRoot) {
|
|
return Result::FATAL_ERROR_INVALID_STATE;
|
|
}
|
|
|
|
// Handle active distrust of the certificate.
|
|
|
|
// XXX: This would be cleaner and more efficient if we could get the trust
|
|
// information without constructing a CERTCertificate here, but NSS doesn't
|
|
// expose it in any other easy-to-use fashion.
|
|
SECItem candidateCertDERSECItem =
|
|
UnsafeMapInputToSECItem(candidateCertDER);
|
|
UniqueCERTCertificate candidateCert(
|
|
CERT_NewTempCertificate(CERT_GetDefaultCertDB(), &candidateCertDERSECItem,
|
|
nullptr, false, true));
|
|
if (!candidateCert) {
|
|
return MapPRErrorCodeToResult(PR_GetError());
|
|
}
|
|
|
|
CERTCertTrust trust;
|
|
if (CERT_GetCertTrust(candidateCert.get(), &trust) == SECSuccess) {
|
|
uint32_t flags = SEC_GET_TRUST_FLAGS(&trust, trustObjectSigning);
|
|
|
|
// For DISTRUST, we use the CERTDB_TRUSTED or CERTDB_TRUSTED_CA bit,
|
|
// because we can have active distrust for either type of cert. Note that
|
|
// CERTDB_TERMINAL_RECORD means "stop trying to inherit trust" so if the
|
|
// relevant trust bit isn't set then that means the cert must be considered
|
|
// distrusted.
|
|
uint32_t relevantTrustBit = endEntityOrCA == EndEntityOrCA::MustBeCA
|
|
? CERTDB_TRUSTED_CA
|
|
: CERTDB_TRUSTED;
|
|
if (((flags & (relevantTrustBit | CERTDB_TERMINAL_RECORD)))
|
|
== CERTDB_TERMINAL_RECORD) {
|
|
trustLevel = TrustLevel::ActivelyDistrusted;
|
|
return Success;
|
|
}
|
|
}
|
|
|
|
// mTrustedRoot is the only trust anchor for this validation.
|
|
if (CERT_CompareCerts(mTrustedRoot.get(), candidateCert.get())) {
|
|
trustLevel = TrustLevel::TrustAnchor;
|
|
return Success;
|
|
}
|
|
|
|
trustLevel = TrustLevel::InheritsTrust;
|
|
return Success;
|
|
}
|
|
|
|
Result
|
|
AppTrustDomain::DigestBuf(Input item,
|
|
DigestAlgorithm digestAlg,
|
|
/*out*/ uint8_t* digestBuf,
|
|
size_t digestBufLen)
|
|
{
|
|
return DigestBufNSS(item, digestAlg, digestBuf, digestBufLen);
|
|
}
|
|
|
|
Result
|
|
AppTrustDomain::CheckRevocation(EndEntityOrCA, const CertID&, Time, Duration,
|
|
/*optional*/ const Input*,
|
|
/*optional*/ const Input*)
|
|
{
|
|
// We don't currently do revocation checking. If we need to distrust an Apps
|
|
// certificate, we will use the active distrust mechanism.
|
|
return Success;
|
|
}
|
|
|
|
Result
|
|
AppTrustDomain::IsChainValid(const DERArray& certChain, Time time)
|
|
{
|
|
SECStatus srv = ConstructCERTCertListFromReversedDERArray(certChain,
|
|
mCertChain);
|
|
if (srv != SECSuccess) {
|
|
return MapPRErrorCodeToResult(PR_GetError());
|
|
}
|
|
return Success;
|
|
}
|
|
|
|
Result
|
|
AppTrustDomain::CheckSignatureDigestAlgorithm(DigestAlgorithm,
|
|
EndEntityOrCA,
|
|
Time)
|
|
{
|
|
// TODO: We should restrict signatures to SHA-256 or better.
|
|
return Success;
|
|
}
|
|
|
|
Result
|
|
AppTrustDomain::CheckRSAPublicKeyModulusSizeInBits(
|
|
EndEntityOrCA /*endEntityOrCA*/, unsigned int modulusSizeInBits)
|
|
{
|
|
if (modulusSizeInBits < mMinRSABits) {
|
|
return Result::ERROR_INADEQUATE_KEY_SIZE;
|
|
}
|
|
return Success;
|
|
}
|
|
|
|
Result
|
|
AppTrustDomain::VerifyRSAPKCS1SignedDigest(const SignedDigest& signedDigest,
|
|
Input subjectPublicKeyInfo)
|
|
{
|
|
// TODO: We should restrict signatures to SHA-256 or better.
|
|
return VerifyRSAPKCS1SignedDigestNSS(signedDigest, subjectPublicKeyInfo,
|
|
mPinArg);
|
|
}
|
|
|
|
Result
|
|
AppTrustDomain::CheckECDSACurveIsAcceptable(EndEntityOrCA /*endEntityOrCA*/,
|
|
NamedCurve curve)
|
|
{
|
|
switch (curve) {
|
|
case NamedCurve::secp256r1: // fall through
|
|
case NamedCurve::secp384r1: // fall through
|
|
case NamedCurve::secp521r1:
|
|
return Success;
|
|
}
|
|
|
|
return Result::ERROR_UNSUPPORTED_ELLIPTIC_CURVE;
|
|
}
|
|
|
|
Result
|
|
AppTrustDomain::VerifyECDSASignedDigest(const SignedDigest& signedDigest,
|
|
Input subjectPublicKeyInfo)
|
|
{
|
|
return VerifyECDSASignedDigestNSS(signedDigest, subjectPublicKeyInfo,
|
|
mPinArg);
|
|
}
|
|
|
|
Result
|
|
AppTrustDomain::CheckValidityIsAcceptable(Time /*notBefore*/, Time /*notAfter*/,
|
|
EndEntityOrCA /*endEntityOrCA*/,
|
|
KeyPurposeId /*keyPurpose*/)
|
|
{
|
|
return Success;
|
|
}
|
|
|
|
} } // namespace mozilla::psm
|