mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1346299 - Remove Telemetry Probe: KEYGEN_GENERATED_KEY_TYPE r=jcj,keeler 

Removed the probe in Histogram.json and the code related to it in nsKeygenHandler.cpp

MozReview-Commit-ID: E8lGbx19e2C

--HG--
extra : rebase_source : ef958749e6ad2e2b617fd1efdd09cdd3185bef18
This commit is contained in:
flyingrub 2017-03-14 11:54:57 +01:00
Родитель 8c5524fc2e
Коммит a8f1cea361
2 изменённых файлов: 20 добавлений и 79 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

90
security/manager/ssl/nsKeygenHandler.cpp
Просмотреть файл

@ -8,7 +8,6 @@
#include "cryptohi.h"
#include "keyhi.h"
#include "mozilla/Assertions.h"
#include "mozilla/Telemetry.h"
#include "nsIContent.h"
#include "nsIDOMHTMLSelectElement.h"
#include "nsIGenKeypairInfoDlg.h"
@ -66,7 +65,7 @@ typedef struct curveNameTagPairStr {
} CurveNameTagPair;
static CurveNameTagPair nameTagPair[] =
{
{
{ "prime192v1", SEC_OID_ANSIX962_EC_PRIME192V1 },
{ "prime192v2", SEC_OID_ANSIX962_EC_PRIME192V2 },
{ "prime192v3", SEC_OID_ANSIX962_EC_PRIME192V3 },
@ -157,7 +156,7 @@ DecodeECParams(const char* curve)
if (curve && *curve) {
numCurves = sizeof(nameTagPair)/sizeof(CurveNameTagPair);
for (i = 0; ((i < numCurves) && (curveOidTag == SEC_OID_UNKNOWN));
for (i = 0; ((i < numCurves) && (curveOidTag == SEC_OID_UNKNOWN));
i++) {
if (PL_strcmp(curve, nameTagPair[i].curveName) == 0)
curveOidTag = nameTagPair[i].curveOidTag;
@ -165,7 +164,7 @@ DecodeECParams(const char* curve)
}
/* Return nullptr if curve name is not recognized */
if ((curveOidTag == SEC_OID_UNKNOWN) ||
if ((curveOidTag == SEC_OID_UNKNOWN) ||
(oidData = SECOID_FindOIDByTag(curveOidTag)) == nullptr) {
return nullptr;
}
@ -176,9 +175,9 @@ DecodeECParams(const char* curve)
return nullptr;
}
/*
/*
* ecparams->data needs to contain the ASN encoding of an object ID (OID)
* representing the named curve. The actual OID is in
* representing the named curve. The actual OID is in
* oidData->oid.data so we simply prepend 0x06 and OID length
*/
ecparams->data[0] = SEC_ASN1_OBJECT_ID;
@ -191,9 +190,9 @@ DecodeECParams(const char* curve)
NS_IMPL_ISUPPORTS(nsKeygenFormProcessor, nsIFormProcessor)
nsKeygenFormProcessor::nsKeygenFormProcessor()
{
{
m_ctx = new PipUIContext();
}
}
nsKeygenFormProcessor::~nsKeygenFormProcessor()
{
@ -307,7 +306,7 @@ GetSlotWithMechanism(uint32_t aMechanism, nsIInterfaceRequestor* m_ctx,
*aSlot = nullptr;
// Get the slot
slotList = PK11_GetAllTokens(MapGenMechToAlgoMech(aMechanism),
slotList = PK11_GetAllTokens(MapGenMechToAlgoMech(aMechanism),
true, true, m_ctx);
if (!slotList || !slotList->head) {
rv = NS_ERROR_FAILURE;
@ -340,7 +339,7 @@ GetSlotWithMechanism(uint32_t aMechanism, nsIInterfaceRequestor* m_ctx,
if (tokenNameList[i])
i++;
else {
// OOM. adjust numSlots so we don't free unallocated memory.
// OOM. adjust numSlots so we don't free unallocated memory.
numSlots = i;
PK11_FreeSlotListElement(slotList, slotElement);
rv = NS_ERROR_OUT_OF_MEMORY;
@ -394,54 +393,6 @@ loser:
return rv;
}
void
GatherKeygenTelemetry(uint32_t keyGenMechanism, int keysize, char* curve)
{
if (keyGenMechanism == CKM_RSA_PKCS_KEY_PAIR_GEN) {
if (keysize > 8196 || keysize < 0) {
return;
}
nsCString telemetryValue("rsa");
telemetryValue.AppendPrintf("%d", keysize);
mozilla::Telemetry::Accumulate(
mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, telemetryValue);
} else if (keyGenMechanism == CKM_EC_KEY_PAIR_GEN) {
nsCString secp384r1 = NS_LITERAL_CSTRING("secp384r1");
nsCString secp256r1 = NS_LITERAL_CSTRING("secp256r1");
mozilla::UniqueSECItem decoded = DecodeECParams(curve);
if (!decoded) {
switch (keysize) {
case 2048:
mozilla::Telemetry::Accumulate(
mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, secp384r1);
break;
case 1024:
case 512:
mozilla::Telemetry::Accumulate(
mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, secp256r1);
break;
}
} else {
if (secp384r1.EqualsIgnoreCase(curve, secp384r1.Length())) {
mozilla::Telemetry::Accumulate(
mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, secp384r1);
} else if (secp256r1.EqualsIgnoreCase(curve, secp256r1.Length())) {
mozilla::Telemetry::Accumulate(
mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, secp256r1);
} else {
mozilla::Telemetry::Accumulate(
mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, NS_LITERAL_CSTRING("other_ec"));
}
}
} else {
MOZ_CRASH("Unknown keygen algorithm");
return;
}
}
nsresult
nsKeygenFormProcessor::GetPublicKey(const nsAString& aValue,
const nsAString& aChallenge,
@ -525,17 +476,17 @@ nsKeygenFormProcessor::GetPublicKey(const nsAString& aValue,
params = &rsaParams;
break;
case CKM_EC_KEY_PAIR_GEN:
/* XXX We ought to rethink how the KEYGEN tag is
/* XXX We ought to rethink how the KEYGEN tag is
* displayed. The pulldown selections presented
* to the user must depend on the keytype.
* The displayed selection could be picked
* from the keyparams attribute (this is currently called
* the pqg attribute).
* For now, we pick ecparams from the keyparams field
* if it specifies a valid supported curve, or else
* if it specifies a valid supported curve, or else
* we pick one of secp384r1, secp256r1 or secp192r1
* respectively depending on the user's selection
* (High, Medium, Low).
* (High, Medium, Low).
* (RSA uses RSA-2048, RSA-1024 and RSA-512 for historical
* reasons, while ECC choices represent a stronger mapping)
* NOTE: The user's selection
@ -559,7 +510,7 @@ nsKeygenFormProcessor::GetPublicKey(const nsAString& aValue,
case 512:
ecParams = DecodeECParams("secp256r1");
break;
}
}
}
MOZ_ASSERT(ecParams);
params = ecParams.get();
@ -616,7 +567,7 @@ nsKeygenFormProcessor::GetPublicKey(const nsAString& aValue,
}
}
}
if (NS_FAILED(rv) || !privateKey) {
goto loser;
}
@ -680,7 +631,6 @@ nsKeygenFormProcessor::GetPublicKey(const nsAString& aValue,
rv = NS_OK;
GatherKeygenTelemetry(keyGenMechanism, keysize, keyparamsString);
loser:
if (srv != SECSuccess) {
if ( privateKey ) {
@ -729,12 +679,12 @@ nsKeygenFormProcessor::ExtractParams(nsIDOMHTMLElement* aElement,
aElement->GetAttribute(NS_LITERAL_STRING("pqg"),
keyParamsValue);
/* XXX We can still support the pqg attribute in the keygen
* tag for backward compatibility while introducing a more
/* XXX We can still support the pqg attribute in the keygen
* tag for backward compatibility while introducing a more
* general attribute named keyparams.
*/
if (keyParamsValue.IsEmpty()) {
aElement->GetAttribute(NS_LITERAL_STRING("keyparams"),
aElement->GetAttribute(NS_LITERAL_STRING("keyparams"),
keyParamsValue);
}
@ -751,7 +701,7 @@ nsKeygenFormProcessor::ProcessValue(nsIDOMHTMLElement* aElement,
nsAutoString keyParamsValue;
ExtractParams(aElement, challengeValue, keyTypeValue, keyParamsValue);
return GetPublicKey(aValue, challengeValue, keyTypeValue,
return GetPublicKey(aValue, challengeValue, keyTypeValue,
aValue, keyParamsValue);
}
@ -770,7 +720,7 @@ nsresult
nsKeygenFormProcessor::ProvideContent(const nsAString& aFormType,
nsTArray<nsString>& aContent,
nsAString& aAttribute)
{
{
if (Compare(aFormType, NS_LITERAL_STRING("SELECT"),
nsCaseInsensitiveStringComparator()) == 0) {
@ -780,5 +730,5 @@ nsKeygenFormProcessor::ProvideContent(const nsAString& aFormType,
aAttribute.AssignLiteral("-mozilla-keygen");
}
return NS_OK;
}
}

9
toolkit/components/telemetry/Histograms.json
Просмотреть файл

@ -2148,15 +2148,6 @@
"releaseChannelCollection": "opt-out",
"description": "The lifetime of accepted HTTPS server certificates, in weeks, up to 2 years. Bucket 105 is all end-entity HTTPS server certificates with a lifetime > 2 years."
},
"KEYGEN_GENERATED_KEY_TYPE": {
"expires_in_version": "55",
"alert_emails": ["seceng-telemetry@mozilla.com"],
"kind": "count",
"keyed": true,
"releaseChannelCollection": "opt-out",
"bug_numbers": [1191414,1284945],
"description": "The number of times we generate a key via keygen, keyed on algorithm and keysize. Keys include RSA with key size (512, 1024, 2048, possibly others), secp384r1, secp256r1, and 'other_ec'."
},
"WEBSOCKETS_HANDSHAKE_TYPE": {
"expires_in_version": "never",
"kind": "enumerated",