mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

bug 882865 - cryptojs key gen cleanup: use EqualsLiteral() r=bsmith r=Ms2ger r=khuey

This commit is contained in:
David Keeler 2013-07-12 10:00:22 -07:00
Родитель 972a7ce908
Коммит e8b27b70d3
3 изменённых файлов: 88 добавлений и 36 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

77
security/manager/ssl/src/nsCrypto.cpp
Просмотреть файл

@ -37,6 +37,7 @@
#include "nsContentUtils.h" #include "nsContentUtils.h"
#include "nsCxPusher.h" #include "nsCxPusher.h"
#include "nsDOMJSUtils.h" #include "nsDOMJSUtils.h"
#include "nsJSUtils.h"
#include "nsIXPConnect.h" #include "nsIXPConnect.h"
#include "nsIRunnable.h" #include "nsIRunnable.h"
#include "nsIWindowWatcher.h" #include "nsIWindowWatcher.h"
@ -339,53 +340,53 @@ cryptojs_convert_to_mechanism(nsKeyGenType keyGenType)
} }
/* /*
* This function converts a string read through JavaScript parameters * This function takes a string read through JavaScript parameters
* and translates it to the internal enumeration representing the * and translates it to the internal enumeration representing the
* key gen type. * key gen type. Leading and trailing whitespace must be already removed.
*/ */
static nsKeyGenType static nsKeyGenType
cryptojs_interpret_key_gen_type(char *keyAlg) cryptojs_interpret_key_gen_type(const nsAString& keyAlg)
{ {
char *end; if (keyAlg.EqualsLiteral("rsa-ex")) {
if (!keyAlg) {
return invalidKeyGen;
}
/* First let's remove all leading and trailing white space */
while (isspace(keyAlg[0])) keyAlg++;
end = strchr(keyAlg, '\0');
if (!end) {
return invalidKeyGen;
}
end--;
while (isspace(*end)) end--;
end[1] = '\0';
if (strcmp(keyAlg, "rsa-ex") == 0) {
return rsaEnc; return rsaEnc;
} else if (strcmp(keyAlg, "rsa-dual-use") == 0) { }
if (keyAlg.EqualsLiteral("rsa-dual-use")) {
return rsaDualUse; return rsaDualUse;
} else if (strcmp(keyAlg, "rsa-sign") == 0) { }
if (keyAlg.EqualsLiteral("rsa-sign")) {
return rsaSign; return rsaSign;
} else if (strcmp(keyAlg, "rsa-sign-nonrepudiation") == 0) { }
if (keyAlg.EqualsLiteral("rsa-sign-nonrepudiation")) {
return rsaSignNonrepudiation; return rsaSignNonrepudiation;
} else if (strcmp(keyAlg, "rsa-nonrepudiation") == 0) { }
if (keyAlg.EqualsLiteral("rsa-nonrepudiation")) {
return rsaNonrepudiation; return rsaNonrepudiation;
} else if (strcmp(keyAlg, "ec-ex") == 0) { }
if (keyAlg.EqualsLiteral("ec-ex")) {
return ecEnc; return ecEnc;
} else if (strcmp(keyAlg, "ec-dual-use") == 0) { }
if (keyAlg.EqualsLiteral("ec-dual-use")) {
return ecDualUse; return ecDualUse;
} else if (strcmp(keyAlg, "ec-sign") == 0) { }
if (keyAlg.EqualsLiteral("ec-sign")) {
return ecSign; return ecSign;
} else if (strcmp(keyAlg, "ec-sign-nonrepudiation") == 0) { }
if (keyAlg.EqualsLiteral("ec-sign-nonrepudiation")) {
return ecSignNonrepudiation; return ecSignNonrepudiation;
} else if (strcmp(keyAlg, "ec-nonrepudiation") == 0) { }
if (keyAlg.EqualsLiteral("ec-nonrepudiation")) {
return ecNonrepudiation; return ecNonrepudiation;
} else if (strcmp(keyAlg, "dsa-sign-nonrepudiation") == 0) { }
if (keyAlg.EqualsLiteral("dsa-sign-nonrepudiation")) {
return dsaSignNonrepudiation; return dsaSignNonrepudiation;
} else if (strcmp(keyAlg, "dsa-sign") ==0 ){ }
if (keyAlg.EqualsLiteral("dsa-sign")) {
return dsaSign; return dsaSign;
} else if (strcmp(keyAlg, "dsa-nonrepudiation") == 0) { }
if (keyAlg.EqualsLiteral("dsa-nonrepudiation")) {
return dsaNonrepudiation; return dsaNonrepudiation;
} else if (strcmp(keyAlg, "dh-ex") == 0) { }
if (keyAlg.EqualsLiteral("dh-ex")) {
return dhEx; return dhEx;
} }
return invalidKeyGen; return invalidKeyGen;
@ -916,7 +917,7 @@ cryptojs_ReadArgsAndGenerateKey(JSContext *cx,
PK11SlotInfo **slot, bool willEscrow) PK11SlotInfo **slot, bool willEscrow)
{ {
JSString *jsString; JSString *jsString;
JSAutoByteString params, keyGenAlg; JSAutoByteString params;
int keySize; int keySize;
nsresult rv; nsresult rv;
@ -942,13 +943,16 @@ cryptojs_ReadArgsAndGenerateKey(JSContext *cx,
jsString = JS_ValueToString(cx, argv[2]); jsString = JS_ValueToString(cx, argv[2]);
NS_ENSURE_TRUE(jsString, NS_ERROR_OUT_OF_MEMORY); NS_ENSURE_TRUE(jsString, NS_ERROR_OUT_OF_MEMORY);
argv[2] = STRING_TO_JSVAL(jsString); argv[2] = STRING_TO_JSVAL(jsString);
keyGenAlg.encodeLatin1(cx, jsString); nsDependentJSString dependentKeyGenAlg;
NS_ENSURE_TRUE(!!keyGenAlg, NS_ERROR_OUT_OF_MEMORY); NS_ENSURE_TRUE(dependentKeyGenAlg.init(cx, jsString), NS_ERROR_UNEXPECTED);
keyGenType->keyGenType = cryptojs_interpret_key_gen_type(keyGenAlg.ptr()); nsAutoString keyGenAlg(dependentKeyGenAlg);
keyGenAlg.Trim("\r\n\t ");
keyGenType->keyGenType = cryptojs_interpret_key_gen_type(keyGenAlg);
if (keyGenType->keyGenType == invalidKeyGen) { if (keyGenType->keyGenType == invalidKeyGen) {
NS_LossyConvertUTF16toASCII keyGenAlgNarrow(dependentKeyGenAlg);
JS_ReportError(cx, "%s%s%s", JS_ERROR, JS_ReportError(cx, "%s%s%s", JS_ERROR,
"invalid key generation argument:", "invalid key generation argument:",
keyGenAlg.ptr()); keyGenAlgNarrow.get());
goto loser; goto loser;
} }
if (!*slot) { if (!*slot) {
@ -961,9 +965,10 @@ cryptojs_ReadArgsAndGenerateKey(JSContext *cx,
*slot,willEscrow); *slot,willEscrow);
if (rv != NS_OK) { if (rv != NS_OK) {
NS_LossyConvertUTF16toASCII keyGenAlgNarrow(dependentKeyGenAlg);
JS_ReportError(cx,"%s%s%s", JS_ERROR, JS_ReportError(cx,"%s%s%s", JS_ERROR,
"could not generate the key for algorithm ", "could not generate the key for algorithm ",
keyGenAlg.ptr()); keyGenAlgNarrow.get());
goto loser; goto loser;
} }
return NS_OK; return NS_OK;

8
security/manager/ssl/tests/mochitest/bugs/Makefile.in
Просмотреть файл

@ -19,6 +19,14 @@ MOCHITEST_FILES = \
test_ev_validation_child.html \ test_ev_validation_child.html \
$(NULL) $(NULL)
# test_bug882865.html tests crypto.generateCRMFRequest, which isn't
# available if legacy crypto has been disabled.
ifndef MOZ_DISABLE_CRYPTOLEGACY
MOCHITEST_FILES += \
test_bug882865.html \
$(NULL)
endif
MOCHITEST_CHROME_FILES = \ MOCHITEST_CHROME_FILES = \
test_certificate_overrides.html \ test_certificate_overrides.html \
test_bug413909.html \ test_bug413909.html \

39
security/manager/ssl/tests/mochitest/bugs/test_bug882865.html Normal file
Просмотреть файл

@ -0,0 +1,39 @@
<!DOCTYPE HTML>
<html>
<head>
<title>Test bug 882865</title>
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body onload="onWindowLoad()">
<script class="testbody" type="text/javascript">
SimpleTest.waitForExplicitFinish();
function onWindowLoad()
{
try {
var crmfObject = crypto.generateCRMFRequest("CN=undefined", "regToken",
"authenticator", null, "",
512, null, " rsa-ex ",
1024, null, "\r\n\t rsa-sign\t");
ok(true, "no exception thrown in generateCRMFRequest");
} catch (e) {
ok(false, "unexpected exception: " + e);
}
var o200 = document.documentElement;
var o1 = crypto;
try {
o1.generateCRMFRequest(o200.writeln, o200, 'X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X', null, o1, 1404343237, Math.PI, []);
ok(false, "execution should not reach this line");
} catch (e) {
// The 'key generation argument' in this case was an empty array,
// which gets interpreted as an empty string.
is(e.toString(), "Error: error:invalid key generation argument:", "expected exception");
}
SimpleTest.finish();
}
</script>
</body>
</html>