Bug 1558650. Stop using [array] in nsIOSKeyStore. r=keeler

This also removes the two extra copies of the byte buffer that we had; we don't need to copy it more than once. Once we have it in an std::vector, we can pass that around by reference, not by value or by creating new vectors from copies of its buffer. Differential Revision: https://phabricator.services.mozilla.com/D34630 --HG-- extra : moz-landing-system : lando
2019-06-12 23:25:27 +00:00 · 2019-06-12 23:25:27 +00:00 · 2e99da1fb9
--- a/browser/extensions/formautofill/OSKeyStore.jsm
+++ b/browser/extensions/formautofill/OSKeyStore.jsm
@ -202,7 +202,7 @@ var OSKeyStore = {
      textArr.push(char.charCodeAt(0));
    }

-    let rawEncryptedText = await nativeOSKeyStore.asyncEncryptBytes(this.STORE_LABEL, textArr.length, textArr);
+    let rawEncryptedText = await nativeOSKeyStore.asyncEncryptBytes(this.STORE_LABEL, textArr);

    // Mark the output with a version number.
    return rawEncryptedText;
--- a/security/manager/ssl/OSKeyStore.cpp
+++ b/security/manager/ssl/OSKeyStore.cpp
@ -172,17 +172,15 @@ nsresult OSKeyStore::DeleteSecret(const nsACString& aLabel) {

 enum Cipher { Encrypt = true, Decrypt = false };

-nsresult OSKeyStore::EncryptBytes(const nsACString& aLabel, uint32_t inLen,
-                                  uint8_t* inBytes,
+nsresult OSKeyStore::EncryptBytes(const nsACString& aLabel,
+                                  const std::vector<uint8_t>& aInBytes,
                                  /*out*/ nsACString& aEncryptedBase64Text) {
  NS_ENSURE_STATE(mKs);
-  NS_ENSURE_ARG_POINTER(inBytes);

  nsAutoCString label = mLabelPrefix + aLabel;
  aEncryptedBase64Text.Truncate();
-  const std::vector<uint8_t> in(inBytes, inBytes + inLen);
  std::vector<uint8_t> outBytes;
-  nsresult rv = mKs->EncryptDecrypt(label, in, outBytes, Cipher::Encrypt);
+  nsresult rv = mKs->EncryptDecrypt(label, aInBytes, outBytes, Cipher::Encrypt);
  if (NS_FAILED(rv)) {
    return rv;
  }
@ -526,13 +524,12 @@ OSKeyStore::AsyncDeleteSecret(const nsACString& aLabel, JSContext* aCx,
  return mKsThread->Dispatch(runnable.forget());
 }

-void BackgroundEncryptBytes(const nsACString& aLabel,
-                            std::vector<uint8_t> inBytes,
-                            RefPtr<Promise>& aPromise,
-                            RefPtr<OSKeyStore> self) {
+static void BackgroundEncryptBytes(const nsACString& aLabel,
+                                   const std::vector<uint8_t>& aInBytes,
+                                   RefPtr<Promise>& aPromise,
+                                   RefPtr<OSKeyStore> self) {
  nsAutoCString ciphertext;
-  nsresult rv =
-      self->EncryptBytes(aLabel, inBytes.size(), inBytes.data(), ciphertext);
+  nsresult rv = self->EncryptBytes(aLabel, aInBytes, ciphertext);
  nsAutoString ctext;
  CopyUTF8toUTF16(ciphertext, ctext);

@ -549,8 +546,8 @@ void BackgroundEncryptBytes(const nsACString& aLabel,
 }

 NS_IMETHODIMP
-OSKeyStore::AsyncEncryptBytes(const nsACString& aLabel, uint32_t inLen,
-                              uint8_t* inBytes, JSContext* aCx,
+OSKeyStore::AsyncEncryptBytes(const nsACString& aLabel,
+                              const nsTArray<uint8_t>& inBytes, JSContext* aCx,
                              Promise** promiseOut) {
  MOZ_ASSERT(NS_IsMainThread());
  if (!NS_IsMainThread()) {
@ -558,7 +555,6 @@ OSKeyStore::AsyncEncryptBytes(const nsACString& aLabel, uint32_t inLen,
  }

  NS_ENSURE_ARG_POINTER(aCx);
-  NS_ENSURE_ARG_POINTER(inBytes);
  NS_ENSURE_STATE(mKsThread);

  RefPtr<Promise> promiseHandle;
@ -570,7 +566,9 @@ OSKeyStore::AsyncEncryptBytes(const nsACString& aLabel, uint32_t inLen,
  RefPtr<OSKeyStore> self = this;
  nsCOMPtr<nsIRunnable> runnable(NS_NewRunnableFunction(
      "BackgroundEncryptBytes",
-      [promiseHandle, inBytes = std::vector<uint8_t>(inBytes, inBytes + inLen),
+      [promiseHandle,
+       inBytes = std::vector<uint8_t>(inBytes.Elements(),
+                                      inBytes.Elements() + inBytes.Length()),
       aLabel = nsAutoCString(aLabel), self]() mutable {
        BackgroundEncryptBytes(aLabel, inBytes, promiseHandle, self);
      }));
--- a/security/manager/ssl/OSKeyStore.h
+++ b/security/manager/ssl/OSKeyStore.h
@ -83,8 +83,8 @@ class OSKeyStore final : public nsIOSKeyStore, public nsIObserver {
  nsresult RecoverSecret(const nsACString& aLabel,
                         const nsACString& aRecoveryPhrase);
  nsresult DeleteSecret(const nsACString& aLabel);
-  nsresult EncryptBytes(const nsACString& aLabel, uint32_t inLen,
-                        uint8_t* inBytes,
+  nsresult EncryptBytes(const nsACString& aLabel,
+                        const std::vector<uint8_t>& aInBytes,
                        /*out*/ nsACString& aEncryptedBase64Text);
  nsresult DecryptBytes(const nsACString& aLabel,
                        const nsACString& aEncryptedBase64Text,
--- a/security/manager/ssl/nsIOSKeyStore.idl
+++ b/security/manager/ssl/nsIOSKeyStore.idl
@ -99,14 +99,12 @@ interface nsIOSKeyStore: nsISupports {
   * string.
   *
   * @param label The label of the key to use to encrypt.
-   * @param inLen The length of the bytes to encrypt.
-   * @param inBytes The bytes to encrypt of length inLen.
+   * @param inBytes The bytes to encrypt.
   * @return Promise resolving to the encrypted text, encoded as Base64, or an
   *         error.
   */
  [implicit_jscontext, must_use]
-  Promise asyncEncryptBytes(in ACString label, in unsigned long inLen,
-                            [array, size_is(inLen)] in uint8_t inBytes);
+  Promise asyncEncryptBytes(in ACString label, in Array<uint8_t> inBytes);

  /**
   * Decode and then decrypt the given base64-encoded string.
--- a/security/manager/ssl/tests/unit/test_oskeystore.js
+++ b/security/manager/ssl/tests/unit/test_oskeystore.js
@ -74,7 +74,7 @@ async function encrypt_decrypt_test() {
  let text = new Uint8Array([0x01, 0x00, 0x01]);
  let ciphertext = "";
  try {
-    ciphertext = await keystore.asyncEncryptBytes(LABELS[0], text.length, text);
+    ciphertext = await keystore.asyncEncryptBytes(LABELS[0], text);
    ok(ciphertext, "We should have a ciphertext now.");
  } catch (e) {
    ok(false, "Error encrypting " + e);
@ -176,7 +176,7 @@ add_task(async function() {

  try {
    let text = new Uint8Array(8192);
-    let promise = keystore.asyncEncryptBytes(LABELS[0], text.length, text);
+    let promise = keystore.asyncEncryptBytes(LABELS[0], text);
    /* eslint-disable no-unused-expressions */
    keystore.isNSSKeyStore; // we don't care what this is - we just need to access it
    /* eslint-enable no-unused-expressions */
@ -200,7 +200,7 @@ add_task(async function() {
  ok(recoveryPhrase, "A recovery phrase should've been created.");

  let text = new Uint8Array([0x01, 0x00, 0x01]);
-  let ciphertext = await keystore.asyncEncryptBytes(LABELS[0], text.length, text);
+  let ciphertext = await keystore.asyncEncryptBytes(LABELS[0], text);
  ok(ciphertext, "We should have a ciphertext now.");

  await keystore.asyncDeleteSecret(LABELS[0]);
@ -245,7 +245,7 @@ add_task(async function() {
  ok(recoveryPhrase, "A recovery phrase should've been created.");

  let text = new Uint8Array([0x66, 0x6f, 0x6f, 0x66]);
-  let ciphertext = await keystore.asyncEncryptBytes(LABELS[0], text.length, text);
+  let ciphertext = await keystore.asyncEncryptBytes(LABELS[0], text);
  ok(ciphertext, "We should have a ciphertext now.");

  let newRecoveryPhrase = await keystore.asyncGenerateSecret(LABELS[0]);
@ -279,7 +279,7 @@ add_task(async function() {
  ok(newRecoveryPhrase, "A new recovery phrase should've been created.");

  let text = new Uint8Array([0x66, 0x6f, 0x6f, 0x66]);
-  let ciphertext = await keystore.asyncEncryptBytes(LABELS[0], text.length, text);
+  let ciphertext = await keystore.asyncEncryptBytes(LABELS[0], text);
  ok(ciphertext, "We should have a ciphertext now.");

  await keystore.asyncRecoverSecret(LABELS[0], recoveryPhrase);