Merged

services/sync/modules/crypto.js

@@ -65,16 +65,6 @@ CryptoSvc.prototype = {
     return this.__os;
   },
 
-  __xxtea: {},
-  __xxteaLoaded: false,
-  get _xxtea() {
-    if (!this.__xxteaLoaded) {
-      Cu.import("resource://weave/xxtea.js", this.__xxtea);
-      this.__xxteaLoaded = true;
-    }
-    return this.__xxtea;
-  },
-
   get defaultAlgorithm() {
     let branch = Cc["@mozilla.org/preferences-service;1"]
       .getService(Ci.nsIPrefBranch);
@@ -374,20 +364,17 @@ CryptoSvc.prototype = {
 
       let cur = branch.getCharPref("extensions.weave.encryption");
       if (cur == data)
-	return;
+        return;
 
       switch (data) {
-      case "none":
-        this._log.info("Encryption disabled");
-        break;
-      case "XXTEA":
-      case "XXXTEA": // Weave 0.1 had this typo
-        this._log.info("Using encryption algorithm: " + data);
-        break;
-      default:
-	this._log.warn("Unknown encryption algorithm, resetting");
-	branch.setCharPref("extensions.weave.encryption", "XXTEA");
-	return; // otherwise we'll send the alg changed event twice
+        case "none":
+          this._log.info("Encryption disabled");
+          break;
+
+        default:
+          this._log.warn("Unknown encryption algorithm, resetting");
+          branch.clearUserPref("extensions.weave.encryption");
+          return; // otherwise we'll send the alg changed event twice
       }
       // FIXME: listen to this bad boy somewhere
       this._os.notifyObservers(null, "weave:encryption:algorithm-changed", "");
@@ -414,23 +401,6 @@ CryptoSvc.prototype = {
       ret = data;
       break;
 
-    case "XXXTEA": // Weave 0.1.12.10 and below had this typo
-    case "XXTEA": {
-      let gen = this._xxtea.encrypt(data, identity.password);
-      ret = gen.next();
-      let timer = Cc["@mozilla.org/timer;1"].createInstance(Ci.nsITimer);
-      try {
-        while (typeof(ret) == "object") {
-          timer.initWithCallback(self.listener, 0, timer.TYPE_ONE_SHOT);
-          yield; // Yield to main loop
-          ret = gen.next();
-        }
-        gen.close();
-      } finally {
-        timer = null;
-      }
-    } break;
-
     case "aes-128-cbc":
     case "aes-192-cbc":
     case "aes-256-cbc":
@@ -464,23 +434,6 @@ CryptoSvc.prototype = {
       ret = data;
       break;
 
-    case "XXXTEA": // Weave 0.1.12.10 and below had this typo
-    case "XXTEA": {
-      let gen = this._xxtea.decrypt(data, identity.password);
-      ret = gen.next();
-      let timer = Cc["@mozilla.org/timer;1"].createInstance(Ci.nsITimer);
-      try {
-        while (typeof(ret) == "object") {
-          timer.initWithCallback(self.listener, 0, timer.TYPE_ONE_SHOT);
-          yield; // Yield to main loop
-          ret = gen.next();
-        }
-        gen.close();
-      } finally {
-        timer = null;
-      }
-    } break;
-
     case "aes-128-cbc":
     case "aes-192-cbc":
     case "aes-256-cbc":

services/sync/modules/stores.js

@@ -124,14 +124,6 @@ SnapshotStore.prototype = {
     this._filename = value + ".json";
   },
 
-  __dirSvc: null,
-  get _dirSvc() {
-    if (!this.__dirSvc)
-      this.__dirSvc = Cc["@mozilla.org/file/directory_service;1"].
-        getService(Ci.nsIProperties);
-    return this.__dirSvc;
-  },
-
   // Last synced tree, version, and GUID (to detect if the store has
   // been completely replaced and invalidate the snapshot)
 
@@ -193,14 +185,10 @@ SnapshotStore.prototype = {
   save: function SStore_save() {
     this._log.info("Saving snapshot to disk");
 
-    let file = this._dirSvc.get("ProfD", Ci.nsIFile);
-    file.QueryInterface(Ci.nsILocalFile);
-
-    file.append("weave");
-    file.append("snapshots");
-    file.append(this.filename);
-    if (!file.exists())
-      file.create(file.NORMAL_FILE_TYPE, PERMS_FILE);
+    let file = Utils.getProfileFile(
+      {path: "weave/snapshots/" + this.filename,
+       autoCreate: true}
+      );
 
     let out = {version: this.version,
                GUID: this.GUID,
@@ -213,11 +201,7 @@ SnapshotStore.prototype = {
   },
 
   load: function SStore_load() {
-    let file = this._dirSvc.get("ProfD", Ci.nsIFile);
-    file.append("weave");
-    file.append("snapshots");
-    file.append(this.filename);
-
+    let file = Utils.getProfileFile("weave/snapshots/" + this.filename);
     if (!file.exists())
       return;
 

services/sync/modules/util.js

@@ -50,6 +50,36 @@ Cu.import("resource://weave/log4moz.js");
  */
 
 let Utils = {
+  // Returns a nsILocalFile representing a file relative to the
+  // current user's profile directory.  If the argument is a string,
+  // it should be a string with unix-style slashes for directory names
+  // (these slashes are automatically converted to platform-specific
+  // path separators).
+  //
+  // Alternatively, if the argument is an object, it should contain
+  // the following attributes:
+  //
+  //   path: the path to the file, relative to the current user's
+  //   profile dir.
+  //
+  //   autoCreate: whether or not the file should be created if it
+  //   doesn't already exist.
+  getProfileFile: function getProfileFile(arg) {
+    if (typeof arg == "string")
+      arg = {path: arg};
+
+    let pathParts = arg.path.split("/");
+    let dirSvc = Cc["@mozilla.org/file/directory_service;1"].
+                 getService(Ci.nsIProperties);
+    let file = dirSvc.get("ProfD", Ci.nsIFile);
+    file.QueryInterface(Ci.nsILocalFile);
+    for (let i = 0; i < pathParts.length; i++)
+      file.append(pathParts[i]);
+    if (arg.autoCreate && !file.exists())
+      file.create(file.NORMAL_FILE_TYPE, PERMS_FILE);
+    return file;
+  },
+
   getLoginManager: function getLoginManager() {
     return Cc["@mozilla.org/login-manager;1"].
            getService(Ci.nsILoginManager);

services/sync/modules/xxtea.js

@@ -1,163 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is Corrected Block TEA.
- *
- * The Initial Developer of the Original Code is
- * Chris Veness
- * Portions created by the Initial Developer are Copyright (C) 2005
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- * Chris Veness <chrisv@movable-type.co.uk>
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-// Original 'Corrected Block TEA' algorithm David Wheeler & Roger Needham
-// See http://en.wikipedia.org/wiki/XXTEA
-//
-// Javascript version by Chris Veness
-// http://www.movable-type.co.uk/scripts/tea.html
-
-const EXPORTED_SYMBOLS = ['encrypt', 'decrypt'];
-
-function Paused() {
-}
-Paused.prototype = {
-  toString: function Paused_toString() {
-    return "[Generator Paused]";
-  }
-}
-
-// use (16 chars of) 'password' to encrypt 'plaintext'
-//
-// note1:this is a generator so the caller can pause and give control
-// to the UI thread
-//
-// note2: if plaintext or password are passed as string objects, rather
-// than strings, this function will throw an 'Object doesn't support
-// this property or method' error
-
-function encrypt(plaintext, password) {
-  var v = new Array(2), k = new Array(4), s = "", i;
-
-  // use escape() so only have single-byte chars to encode 
-  plaintext = escape(plaintext);
-
-  // build key directly from 1st 16 chars of password
-  for (i = 0; i < 4; i++)
-    k[i] = Str4ToLong(password.slice(i * 4, (i + 1) * 4));
-
-  for (i = 0; i < plaintext.length; i += 8) {
-    // encode plaintext into s in 64-bit (8 char) blocks
-    // ... note this is 'electronic codebook' mode
-    v[0] = Str4ToLong(plaintext.slice(i, i + 4));
-    v[1] = Str4ToLong(plaintext.slice(i + 4, i + 8));
-    code(v, k);
-    s += LongToStr4(v[0]) + LongToStr4(v[1]);
-
-    if (i % 512 == 0)
-      yield new Paused();
-  }
-
-  yield escCtrlCh(s);
-}
-
-// use (16 chars of) 'password' to decrypt 'ciphertext' with xTEA
-
-function decrypt(ciphertext, password) {
-  var v = new Array(2), k = new Array(4), s = "", i;
-
-  for (i = 0; i < 4; i++)
-    k[i] = Str4ToLong(password.slice(i * 4, (i + 1) * 4));
-
-  ciphertext = unescCtrlCh(ciphertext);
-  for (i = 0; i < ciphertext.length; i += 8) {
-    // decode ciphertext into s in 64-bit (8 char) blocks
-    v[0] = Str4ToLong(ciphertext.slice(i, i + 4));
-    v[1] = Str4ToLong(ciphertext.slice(i + 4, i + 8));
-    decode(v, k);
-    s += LongToStr4(v[0]) + LongToStr4(v[1]);
-
-    if (i % 512 == 0)
-      yield new Paused();
-  }
-
-  // strip trailing null chars resulting from filling 4-char blocks:
-  s = s.replace(/\0+$/, '');
-
-  yield unescape(s);
-}
-
-
-function code(v, k) {
-  // Extended TEA: this is the 1997 revised version of Needham & Wheeler's algorithm
-  // params: v[2] 64-bit value block; k[4] 128-bit key
-  var y = v[0], z = v[1];
-  var delta = 0x9E3779B9, limit = delta*32, sum = 0;
-
-  while (sum != limit) {
-    y += (z<<4 ^ z>>>5)+z ^ sum+k[sum & 3];
-    sum += delta;
-    z += (y<<4 ^ y>>>5)+y ^ sum+k[sum>>>11 & 3];
-    // note: unsigned right-shift '>>>' is used in place of original '>>', due to lack 
-    // of 'unsigned' type declaration in JavaScript (thanks to Karsten Kraus for this)
-  }
-  v[0] = y; v[1] = z;
-}
-
-function decode(v, k) {
-  var y = v[0], z = v[1];
-  var delta = 0x9E3779B9, sum = delta*32;
-
-  while (sum != 0) {
-    z -= (y<<4 ^ y>>>5)+y ^ sum+k[sum>>>11 & 3];
-    sum -= delta;
-    y -= (z<<4 ^ z>>>5)+z ^ sum+k[sum & 3];
-  }
-  v[0] = y; v[1] = z;
-}
-
-
-// supporting functions
-
-function Str4ToLong(s) {  // convert 4 chars of s to a numeric long
-  var v = 0;
-  for (var i=0; i<4; i++) v |= s.charCodeAt(i) << i*8;
-  return isNaN(v) ? 0 : v;
-}
-
-function LongToStr4(v) {  // convert a numeric long to 4 char string
-  var s = String.fromCharCode(v & 0xFF, v>>8 & 0xFF, v>>16 & 0xFF, v>>24 & 0xFF);
-  return s;
-}
-
-function escCtrlCh(str) {  // escape control chars which might cause problems with encrypted texts
-  return str.replace(/[\0\t\n\v\f\r\xa0'"!]/g, function(c) { return '!' + c.charCodeAt(0) + '!'; });
-}
-
-function unescCtrlCh(str) {  // unescape potentially problematic nulls and control characters
-  return str.replace(/!\d\d?\d?!/g, function(c) { return String.fromCharCode(c.slice(1,-1)); });
-}

services/sync/tests/unit/test_passwords.js

@@ -20,6 +20,10 @@ function run_test() {
     return {getAllLogins: function() { return [fakeUser]; }};
   };
 
+  Utils.getProfileFile = function fake_getProfileFile(arg) {
+    return {exists: function() {return false;}};
+  };
+
   // Ensure that _hashLoginInfo() works.
   var fakeUserHash = passwords._hashLoginInfo(fakeUser);
   do_check_eq(typeof fakeUserHash, 'string');
@@ -29,4 +33,7 @@ function run_test() {
   var psc = new passwords.PasswordSyncCore();
   do_check_false(psc._itemExists("invalid guid"));
   do_check_true(psc._itemExists(fakeUserHash));
+
+  var engine = new passwords.PasswordEngine();
+
 }