mirror of
https://github.com/roytam1/palemoon27.git
synced 2026-05-27 03:50:36 +00:00
roytam1
eeee2498f7
- Bug 1153978 - Part 1: Separate buildIdOp from AsmJSCacheOps. r=jandem,bz (3e2b2c2754) - Bug 1190032 - Sandbox failure in nsPluginHost::GetPluginTempDir. r=areinald (5698ee5709) - Bug 1190032 - Sandbox failure in nsPluginHost::GetPluginTempDir, tighten earlier patch. r=areinald (81fad0767b) - Bug 1201935 - Allow reading from TmpD in OS X content processes. r=smichaud (d67de1d8da) - Bug 1237847 - [e10s] Null deref crash when running test_pluginstream_newstream.html; r=bobowen (c61e5fa268) - Add a helper function for iterating indirect layer trees. (bug 1245765 part 1, r=mattwoodrow) (9fcc19e731) - Propagate D3D9 device resets to remote layers. (bug 1245765 part 2, r=mattwoodrow) (15ab24ebd6) - Don't propagate simulated device resets to child processes. (bug 1245765 part 3, r=mattwoodrow) (fe0986532c) - Fix async drawing when we lose the D3D11 device. (bug 1245765 part 4, r=mattwoodrow) (fcf9e1a009) - Factor compositor initialization out of LayerManagerComposite. (bug 1245765 part 6, r=mattwoodrow) (7af570b6fc) - Bug 1232042: Execute an additional present for D3D11 on the compositor thread when a WM_PAINT event has returned. r=jrmuizel (ac14c78377) - Handle device resets by recreating the compositor, rather than the compositor IPDL stack. (bug 1245765 part 7, r=mattwoodrow) (87292d6e2b) - Ensure that content processes recreate rendering devices. (bug 1245765 part 8, r=mattwoodrow) (8c4e712c6e) - Invalidate layers when starting a transaction on a stale device. (bug 1245765 part 9, r=mattwoodrow) (330efa7199) - Bug 1041599 - Maintain a single volume control session between browser, content, and plugins on Windows. r=aklotz (bdab2a3b35) - align more tests (c6445e1646) - Bug 1241646 - remove unused token arguments from nsIX509CertDB r=keeler (13e50d449c) - Bug 1064402 - Part 1: Remove Import button in Servers tab of the Certificate Manager. r=keeler (181a5a0be2) - Bug 1064402 - Part 2: Remove nsIX509CertDB.importServerCertificate() and nsIX509Cert::SERVER_CERT support in importCertsFromFile(). r=keeler (a4ee6e83f4) - Bug 1130418 - Remove broken e-mail cert trust editing UI. r=emk (d8dca873c1) - Bug 1243182 - Enable eslint "space-infix-ops" rule for PSM. r=keeler (9f5110213f) - Bug 1244245 - Enable eslint "curly" rule for PSM. r=keeler (09b4d913ab) - Bug 1246365 - Enable eslint "comma-spacing" and "semi" rules for PSM. r=keeler (e85d033547) - bug 1246765 - remove unnecessary resource://app/ registration from getHSTSPreloadList.js r=Cykesiopka DONTBUILD NPOTB (e4eb6d1a1e) - Bug 1249595 - Enable 11 more ESLint rules for PSM. r=keeler (7daa42685a) - Bug 1224968 - Support public key input to unbreak periodic HPKP updates. r=keeler (a14415f3c3) - Bug 1229284 - Remove support for SHA-1 hashes in genHPKPStaticPins.js. r=keeler (2e54ef3566) - Bug 1197607, Automated hsts & hpkp updates are failing on mozilla-central, mozilla-aurora, mozilla-esr38, r=cykesiopka (8754cce3ba) - Bug 1224481 - Comment out CA certs removed in NSS 3.21 in PreloadedHPKPins.json to keep periodic Static HPKP updates working. r=dkeeler (6680c85a1b) - bug 1232766 - update the preloaded pinset for Google domains r=rbarnes (83697d274b) - Bug 1250254 - Enable ESLint "no-throw-literal" rule for PSM. r=dkeeler (300ef6f5b8) - Bug 1256088 - Merge mock app-info implementation into AppInfo.jsm. r=gps (e38ae85b3d) - Bug 1153978 - Part 0: Separate nsIPlatformInfo from nsIXULAppInfo. r=jst,gps (2f4eef64c1) - Bug 1153978 - Part 2: Clear pending exception thrown from XDR related APIs when ignoring ReadCachedScript failure. r=bz (09f06d4c74) - Bug 1153978 - Part 3: Use the build id instead of the XDR_BYTECODE_VERSION constant. r=jandem (2e8e01f534) - bug 1241317 - gather telemetry on prevalence of FIPS r=jcj r=vladan (905485c911) - Bug 1220237 - Remove uses of nsIEnumerator from PSM. r=keeler (6b17abd967) - bug 1239455 - rework telemetry for SHA-1 certificates to reflect possible policy states r=Cykesiopka,mgoodwin,rbarnes (95fb0f63ab) - Bug 1247847 - Use smart pointers in nsNSSCertHelper.cpp to manage NSS resources. r=keeler (56140f95c4) - Bug 1248874 - Replace Scoped.h templates used only by PSM in ScopedNSSTypes.h with UniquePtr equivalents. r=dkeeler (1cedc01ab9) - Bug 1016555 - Disable OCSP checking for certificates covered by OneCRL r=keeler (3dc16a87d6) - Bug 1227970 - Perform preference checks to allow OCSP Bypass for OneCRL via Kinto r=keeler (58136eb9e5) - Bug 1219482: Replace PRLogModuleInfo with LazyLogModule in security subdirectory.r=nfroyd (896838cc5d) - Bug 1226928 - remove Wshadow warning in ScopedNSSTypes, r=keeler (52ccbac1bc) - Bug 1226928 - signature verification for content-signing, r=keeler,mayhemer (5f589bf0e0) - Bug 1250256 - Partially clean up nsSDR.cpp. r=keeler (665c582a90) - bug 1241650 - remove nsIX509CertDB.findCertNicknames r=mgoodwin (bf0c26772b) - Bug 1250258 - Partially clean up nsNSSCertificateDB.cpp import methods. r=keeler (693e213484) - Bug 1204202 - Package Universal CRT DLLs for VS2015. r=glandium,ehsan (9b9e1e4057) - bug 496234 - add test vectors from RFC 1320 for md4 implementation r=mayhemer (6526e81ec7) - bug 1228175 - fix IsCertBuiltInRoot r=Cykesiopka,mgoodwin (13bdaf7bb3) - bug 1240118 - add functionality to treat a test certificate as a built-in root r=mgoodwin (bf31c4365b) - Bug 1245649: Turn on valid-typeof, no-invalid-regexp, no-empty-pattern and no-empty-character-class. r=felipe (f637f26dc7) - Bug 1245916: Add additional default globals. r=felipe (229e39bbbe) - Bug 1251011 - Enable ESLint "no-undef" rule for PSM. r=keeler r=mossop (a6e17d09aa) - Bug 1243636. Switch to gfx::CriticalSection (a4d6172870) - Bug 1137561 part.1 Implement WinTextEventDispatcherListener as a singleton class for using TextEventDispatcher at handling native keyboard and IME events r=m_kato (f4582070b0) - Bug 1137572 part.1 TextEventDispatcher should manage its input transaction type r=smaug (ccafc27024) - Bug 1137572 part.2 Add nsIWidget::GetNativeTextEventDispatcherListener() for TextEventDispatcher::NotifyIME() r=smaug, sr=smaug (21571501e8) - Bug 1137572 part.3 Use pseudo IME context when TextEventDispatcher has input transaction which is not for native event handler r=smaug (40be7193b1) - Bug 1137572 part.4 TextEventDispatcher::DispatchInputEvent() should decide if dispatches events with nsIWidget::DispatchInputEvent() with input transaction type r=smaug (ae71f47af2) - Bug 1137572 part.5 Implement TextEventDispatcher::SetPendingComposition() for some platforms whose clause information may overlap each other or the order may not be from start to the end r=smaug (fd046de0fc) - Bug 1137572 part.6 TextEventDispatcher::DispatchKeyboardEventInternal() should copy mNativeKeyEvent when it's in native text input transaction r=smaug (eb17ab1738) - Bug 1137572 part.7 Add TextEventDispatcherListener::WillDispatchKeyboardEvent() for easier to maintain r=smaug (e66759a731) - Bug 1137572 part.8 Callers of methods to dispatch composition events of TextEventDispatcher should be able to specify specific time/timeStamp r=smaug (2cdfd2f3d4) - Bug 1137572 part.9 TextEventDispatcher should not allow WillDispatchKeyboardEvent() modifies unexpected members of WidgetKeyboardEvent r=smaug (94f97ff72d) - Bug 1137561 part.2 Make TSFTextStore use TextEventDispatcher r=m_kato (5b0d92117d) - Bug 1137561 part.3 Make IMMHandler use TextEventDispatcher r=m_kato (2b5ef42de7) - Bug 1137561 part.4 Make NativeKey use TextEventDispatcher r=m_kato (e98eb8b72f) - Bug 1137561 part.5 TextEventDispatcher should decide if keypress events should be fired for specific keys r=m_kato (b5ad4d702c)
375 lines
12 KiB
C++
375 lines
12 KiB
C++
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#include "ContentVerifier.h"
|
|
|
|
#include "mozilla/fallible.h"
|
|
#include "mozilla/Logging.h"
|
|
#include "mozilla/Preferences.h"
|
|
#include "mozilla/StaticPtr.h"
|
|
#include "nsCharSeparatedTokenizer.h"
|
|
#include "nsIInputStream.h"
|
|
#include "nsIRequest.h"
|
|
#include "nssb64.h"
|
|
#include "nsSecurityHeaderParser.h"
|
|
#include "nsServiceManagerUtils.h"
|
|
#include "nsStringStream.h"
|
|
#include "nsThreadUtils.h"
|
|
|
|
using namespace mozilla;
|
|
|
|
static LazyLogModule gContentVerifierPRLog("ContentVerifier");
|
|
#define CSV_LOG(args) MOZ_LOG(gContentVerifierPRLog, LogLevel::Debug, args)
|
|
|
|
// Content-Signature prefix
|
|
const nsLiteralCString kPREFIX = NS_LITERAL_CSTRING("Content-Signature:\x00");
|
|
|
|
NS_IMPL_ISUPPORTS(ContentVerifier, nsIStreamListener, nsISupports);
|
|
|
|
nsresult
|
|
ContentVerifier::Init(const nsAString& aContentSignatureHeader)
|
|
{
|
|
mVks = Preferences::GetString("browser.newtabpage.remote.keys");
|
|
|
|
if (aContentSignatureHeader.IsEmpty() || mVks.IsEmpty()) {
|
|
CSV_LOG(
|
|
("Content-Signature header and verification keys must not be empty!\n"));
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
|
|
nsresult rv = ParseContentSignatureHeader(aContentSignatureHeader);
|
|
NS_ENSURE_SUCCESS(rv, NS_ERROR_INVALID_SIGNATURE);
|
|
return CreateContext();
|
|
}
|
|
|
|
/**
|
|
* Implement nsIStreamListener
|
|
* We buffer the entire content here and kick off verification
|
|
*/
|
|
NS_METHOD
|
|
AppendNextSegment(nsIInputStream* aInputStream, void* aClosure,
|
|
const char* aRawSegment, uint32_t aToOffset, uint32_t aCount,
|
|
uint32_t* outWrittenCount)
|
|
{
|
|
FallibleTArray<nsCString>* decodedData =
|
|
static_cast<FallibleTArray<nsCString>*>(aClosure);
|
|
nsAutoCString segment(aRawSegment, aCount);
|
|
if (!decodedData->AppendElement(segment, fallible)) {
|
|
return NS_ERROR_OUT_OF_MEMORY;
|
|
}
|
|
*outWrittenCount = aCount;
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
ContentVerifier::OnStartRequest(nsIRequest* aRequest, nsISupports* aContext)
|
|
{
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
ContentVerifier::OnStopRequest(nsIRequest* aRequest, nsISupports* aContext,
|
|
nsresult aStatus)
|
|
{
|
|
// Verify the content:
|
|
// If this fails, we return an invalid signature error to load a fallback page.
|
|
// If everthing is good, we return a new stream to the next listener and kick
|
|
// that one of.
|
|
CSV_LOG(("VerifySignedContent, b64signature: %s\n", mSignature.get()));
|
|
CSV_LOG(("VerifySignedContent, key: \n[\n%s\n]\n", mKey.get()));
|
|
bool verified = false;
|
|
nsresult rv = End(&verified);
|
|
if (NS_FAILED(rv) || !verified || NS_FAILED(aStatus)) {
|
|
// cancel the request and return error
|
|
if (NS_FAILED(aStatus)) {
|
|
rv = aStatus;
|
|
} else {
|
|
rv = NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
CSV_LOG(("failed to verify content\n"));
|
|
mNextListener->OnStartRequest(aRequest, aContext);
|
|
mNextListener->OnStopRequest(aRequest, aContext, rv);
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
CSV_LOG(("Successfully verified content signature.\n"));
|
|
|
|
// start the next listener
|
|
rv = mNextListener->OnStartRequest(aRequest, aContext);
|
|
if (NS_SUCCEEDED(rv)) {
|
|
// We emptied aInStr so we have to create a new one from buf to hand it
|
|
// to the consuming listener.
|
|
for (uint32_t i = 0; i < mContent.Length(); ++i) {
|
|
nsCOMPtr<nsIInputStream> oInStr;
|
|
rv = NS_NewCStringInputStream(getter_AddRefs(oInStr), mContent[i]);
|
|
if (NS_FAILED(rv)) {
|
|
break;
|
|
}
|
|
// let the next listener know that there is data in oInStr
|
|
rv = mNextListener->OnDataAvailable(aRequest, aContext, oInStr, 0,
|
|
mContent[i].Length());
|
|
if (NS_FAILED(rv)) {
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
// propagate OnStopRequest and return
|
|
return mNextListener->OnStopRequest(aRequest, aContext, rv);
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
ContentVerifier::OnDataAvailable(nsIRequest* aRequest, nsISupports* aContext,
|
|
nsIInputStream* aInputStream, uint64_t aOffset,
|
|
uint32_t aCount)
|
|
{
|
|
// buffer the entire stream
|
|
uint32_t read;
|
|
nsresult rv = aInputStream->ReadSegments(AppendNextSegment, &mContent, aCount,
|
|
&read);
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
|
|
// update the signature verifier
|
|
return Update(mContent[mContent.Length()-1]);
|
|
}
|
|
|
|
/**
|
|
* ContentVerifier logic and utils
|
|
*/
|
|
|
|
nsresult
|
|
ContentVerifier::GetVerificationKey(const nsAString& aKeyId)
|
|
{
|
|
// get verification keys from the pref and see if we have |aKeyId|
|
|
nsCharSeparatedTokenizer tokenizerVK(mVks, ';');
|
|
while (tokenizerVK.hasMoreTokens()) {
|
|
nsDependentSubstring token = tokenizerVK.nextToken();
|
|
nsCharSeparatedTokenizer tokenizerKey(token, '=');
|
|
nsString prefKeyId;
|
|
if (tokenizerKey.hasMoreTokens()) {
|
|
prefKeyId = tokenizerKey.nextToken();
|
|
}
|
|
nsString key;
|
|
if (tokenizerKey.hasMoreTokens()) {
|
|
key = tokenizerKey.nextToken();
|
|
}
|
|
if (prefKeyId.Equals(aKeyId)) {
|
|
mKey.Assign(NS_ConvertUTF16toUTF8(key));
|
|
return NS_OK;
|
|
}
|
|
}
|
|
|
|
// we didn't find the appropriate key
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
|
|
nsresult
|
|
ContentVerifier::ParseContentSignatureHeader(
|
|
const nsAString& aContentSignatureHeader)
|
|
{
|
|
// We only support p384 ecdsa according to spec
|
|
NS_NAMED_LITERAL_CSTRING(keyid_var, "keyid");
|
|
NS_NAMED_LITERAL_CSTRING(signature_var, "p384ecdsa");
|
|
|
|
nsAutoString contentSignature;
|
|
nsAutoString keyId;
|
|
nsAutoCString header = NS_ConvertUTF16toUTF8(aContentSignatureHeader);
|
|
nsSecurityHeaderParser parser(header.get());
|
|
nsresult rv = parser.Parse();
|
|
if (NS_FAILED(rv)) {
|
|
CSV_LOG(("ContentVerifier: could not parse ContentSignature header\n"));
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
LinkedList<nsSecurityHeaderDirective>* directives = parser.GetDirectives();
|
|
|
|
for (nsSecurityHeaderDirective* directive = directives->getFirst();
|
|
directive != nullptr; directive = directive->getNext()) {
|
|
CSV_LOG(("ContentVerifier: found directive %s\n", directive->mName.get()));
|
|
if (directive->mName.Length() == keyid_var.Length() &&
|
|
directive->mName.EqualsIgnoreCase(keyid_var.get(),
|
|
keyid_var.Length())) {
|
|
if (!keyId.IsEmpty()) {
|
|
CSV_LOG(("ContentVerifier: found two keyIds\n"));
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
|
|
CSV_LOG(("ContentVerifier: found a keyid directive\n"));
|
|
keyId = NS_ConvertUTF8toUTF16(directive->mValue);
|
|
rv = GetVerificationKey(keyId);
|
|
NS_ENSURE_SUCCESS(rv, NS_ERROR_INVALID_SIGNATURE);
|
|
}
|
|
if (directive->mName.Length() == signature_var.Length() &&
|
|
directive->mName.EqualsIgnoreCase(signature_var.get(),
|
|
signature_var.Length())) {
|
|
if (!contentSignature.IsEmpty()) {
|
|
CSV_LOG(("ContentVerifier: found two ContentSignatures\n"));
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
|
|
CSV_LOG(("ContentVerifier: found a ContentSignature directive\n"));
|
|
contentSignature = NS_ConvertUTF8toUTF16(directive->mValue);
|
|
mSignature = directive->mValue;
|
|
}
|
|
}
|
|
|
|
// we have to ensure that we found a key and a signature at this point
|
|
if (mKey.IsEmpty()) {
|
|
CSV_LOG(("ContentVerifier: got a Content-Signature header but didn't find "
|
|
"an appropriate key.\n"));
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
if (mSignature.IsEmpty()) {
|
|
CSV_LOG(("ContentVerifier: got a Content-Signature header but didn't find "
|
|
"a signature.\n"));
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
|
|
return NS_OK;
|
|
}
|
|
|
|
/**
|
|
* Parse signature, public key, and algorithm data for input to verification
|
|
* functions in VerifyData and CreateContext.
|
|
*
|
|
* https://datatracker.ietf.org/doc/draft-thomson-http-content-signature/
|
|
* If aSignature is a content signature, the function returns
|
|
* NS_ERROR_INVALID_SIGNATURE if anything goes wrong. Only p384 with sha384
|
|
* is supported and aSignature is a raw signature (r||s).
|
|
*/
|
|
nsresult
|
|
ContentVerifier::ParseInput(ScopedSECKEYPublicKey& aPublicKeyOut,
|
|
ScopedSECItem& aSignatureItemOut,
|
|
SECOidTag& aOidOut,
|
|
const nsNSSShutDownPreventionLock&)
|
|
{
|
|
// Base 64 decode the key
|
|
ScopedSECItem keyItem(::SECITEM_AllocItem(nullptr, nullptr, 0));
|
|
if (!keyItem ||
|
|
!NSSBase64_DecodeBuffer(nullptr, keyItem,
|
|
mKey.get(),
|
|
mKey.Length())) {
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
|
|
// Extract the public key from the keyItem
|
|
ScopedCERTSubjectPublicKeyInfo pki(
|
|
SECKEY_DecodeDERSubjectPublicKeyInfo(keyItem));
|
|
if (!pki) {
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
aPublicKeyOut = SECKEY_ExtractPublicKey(pki.get());
|
|
|
|
// in case we were not able to extract a key
|
|
if (!aPublicKeyOut) {
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
|
|
// Base 64 decode the signature
|
|
ScopedSECItem rawSignatureItem(::SECITEM_AllocItem(nullptr, nullptr, 0));
|
|
if (!rawSignatureItem ||
|
|
!NSSBase64_DecodeBuffer(nullptr, rawSignatureItem,
|
|
mSignature.get(),
|
|
mSignature.Length())) {
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
|
|
// get signature object and oid
|
|
if (!aSignatureItemOut) {
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
// We have a raw ecdsa signature r||s so we have to DER-encode it first
|
|
// Note that we have to check rawSignatureItem->len % 2 here as
|
|
// DSAU_EncodeDerSigWithLen asserts this
|
|
if (rawSignatureItem->len == 0 || rawSignatureItem->len % 2 != 0) {
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
if (DSAU_EncodeDerSigWithLen(aSignatureItemOut, rawSignatureItem,
|
|
rawSignatureItem->len) != SECSuccess) {
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
aOidOut = SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE;
|
|
|
|
return NS_OK;
|
|
}
|
|
|
|
/**
|
|
* Create a context for a signature verification.
|
|
* It sets signature, public key, and algorithms that should be used to verify
|
|
* the data. It also updates the verification buffer with the content-signature
|
|
* prefix.
|
|
*/
|
|
nsresult
|
|
ContentVerifier::CreateContext()
|
|
{
|
|
nsNSSShutDownPreventionLock locker;
|
|
if (isAlreadyShutDown()) {
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
|
|
// Bug 769521: We have to change b64 url to regular encoding as long as we
|
|
// don't have a b64 url decoder. This should change soon, but in the meantime
|
|
// we have to live with this.
|
|
mSignature.ReplaceChar('-', '+');
|
|
mSignature.ReplaceChar('_', '/');
|
|
|
|
ScopedSECKEYPublicKey publicKey;
|
|
ScopedSECItem signatureItem(::SECITEM_AllocItem(nullptr, nullptr, 0));
|
|
SECOidTag oid;
|
|
nsresult rv = ParseInput(publicKey, signatureItem, oid, locker);
|
|
if (NS_FAILED(rv)) {
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
|
|
mCx = UniqueVFYContext(VFY_CreateContext(publicKey, signatureItem, oid, NULL));
|
|
if (!mCx) {
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
|
|
if (VFY_Begin(mCx.get()) != SECSuccess) {
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
|
|
// add the prefix to the verification buffer
|
|
return Update(kPREFIX);
|
|
}
|
|
|
|
/**
|
|
* Add data to the context that should be verified.
|
|
*/
|
|
nsresult
|
|
ContentVerifier::Update(const nsACString& aData)
|
|
{
|
|
nsNSSShutDownPreventionLock locker;
|
|
if (isAlreadyShutDown()) {
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
|
|
if (!aData.IsEmpty()) {
|
|
if (VFY_Update(mCx.get(),
|
|
(const unsigned char*)nsPromiseFlatCString(aData).get(),
|
|
aData.Length()) != SECSuccess) {
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
}
|
|
|
|
return NS_OK;
|
|
}
|
|
|
|
/**
|
|
* Finish signature verification and return the result in _retval.
|
|
*/
|
|
nsresult
|
|
ContentVerifier::End(bool* _retval)
|
|
{
|
|
nsNSSShutDownPreventionLock locker;
|
|
if (isAlreadyShutDown()) {
|
|
return NS_ERROR_INVALID_SIGNATURE;
|
|
}
|
|
|
|
*_retval = (VFY_End(mCx.get()) == SECSuccess);
|
|
|
|
return NS_OK;
|
|
} |