[tor-commits] [tor-browser/tor-browser-31.3.0esr-4.5-1] Bug 902761 - Stop storing certs used for MAR verification in EXE resource files. r=rstrong

brade at torproject.org brade at torproject.org
Wed Dec 17 22:06:24 UTC 2014 

commit 9c7ea1fb1df0545990a85aabcef8180ea287305f
Author: Brian R. Bondy <netzen at gmail.com>
Date:   Wed Oct 15 23:01:11 2014 -0400

    Bug 902761 - Stop storing certs used for MAR verification in EXE resource files. r=rstrong
---
 toolkit/mozapps/update/updater/archivereader.cpp |   70 ++++++----------------
 toolkit/mozapps/update/updater/updater.rc        |   19 ------
 2 files changed, 18 insertions(+), 71 deletions(-)

diff --git a/toolkit/mozapps/update/updater/archivereader.cpp b/toolkit/mozapps/update/updater/archivereader.cpp
index 271905d..f0e6ea3 100644
--- a/toolkit/mozapps/update/updater/archivereader.cpp
+++ b/toolkit/mozapps/update/updater/archivereader.cpp
@@ -15,6 +15,14 @@
 #include "updatehelper.h"
 #endif
 
+#ifdef XP_WIN
+// These are generated at compile time based on the DER file for the channel
+// being used
+#include "primaryCert.h"
+#include "secondaryCert.h"
+#include "xpcshellCert.h"
+#endif
+
 #define UPDATER_NO_STRING_GLUE_STL
 #include "nsVersionComparator.cpp"
 #undef UPDATER_NO_STRING_GLUE_STL
@@ -34,61 +42,19 @@ static char *outbuf = nullptr;
 #include "resource.h"
 
 /**
- * Obtains the data of the specified resource name and type.
- *
- * @param  name The name ID of the resource
- * @param  type The type ID of the resource
- * @param  data Out parameter which sets the pointer to a buffer containing
- *                  the needed data.
- * @param  size Out parameter which sets the size of the returned data buffer 
- * @return TRUE on success
-*/
-BOOL
-LoadFileInResource(int name, int type, const uint8_t *&data, uint32_t& size)
-{
-  HMODULE handle = GetModuleHandle(nullptr);
-  if (!handle) {
-    return FALSE;
-  }
-
-  HRSRC resourceInfoBlockHandle = FindResource(handle, 
-                                               MAKEINTRESOURCE(name),
-                                               MAKEINTRESOURCE(type));
-  if (!resourceInfoBlockHandle) {
-    FreeLibrary(handle);
-    return FALSE;
-  }
-
-  HGLOBAL resourceHandle = LoadResource(handle, resourceInfoBlockHandle);
-  if (!resourceHandle) {
-    FreeLibrary(handle);
-    return FALSE;
-  }
-
-  size = SizeofResource(handle, resourceInfoBlockHandle);
-  data = static_cast<const uint8_t*>(::LockResource(resourceHandle));
-  FreeLibrary(handle);
-  return TRUE;
-}
-
-/**
  * Performs a verification on the opened MAR file with the passed in
  * certificate name ID and type ID.
  *
- * @param  archive   The MAR file to verify the signature on
- * @param  name      The name ID of the resource
- * @param  type      THe type ID of the resource
- * @return OK on success, CERT_LOAD_ERROR or CERT_VERIFY_ERROR on failure.
+ * @param  archive   The MAR file to verify the signature on.
+ * @param  certData  The certificate data.
+ * @return OK on success, CERT_VERIFY_ERROR on failure.
 */
+template<uint32_t SIZE>
 int
-VerifyLoadedCert(MarFile *archive, int name, int type)
+VerifyLoadedCert(MarFile *archive, const uint8_t (&certData)[SIZE])
 {
-  uint32_t size = 0;
-  const uint8_t *data = nullptr;
-  if (!LoadFileInResource(name, type, data, size) || !data || !size) {
-    return CERT_LOAD_ERROR;
-  }
-
+  const uint32_t size = SIZE;
+  const uint8_t * const data = &certData[0];
   if (mar_verify_signaturesW(archive, &data, &size, 1)) {
     return CERT_VERIFY_ERROR;
   }
@@ -118,11 +84,11 @@ ArchiveReader::VerifySignature()
   // use the XPCShell specific cert for the signed MAR.
   int rv;
   if (DoesFallbackKeyExist()) {
-    rv = VerifyLoadedCert(mArchive, IDR_XPCSHELL_CERT, TYPE_CERT);
+    rv = VerifyLoadedCert(mArchive, xpcshellCertData);
   } else {
-    rv = VerifyLoadedCert(mArchive, IDR_PRIMARY_CERT, TYPE_CERT);
+    rv = VerifyLoadedCert(mArchive, primaryCertData);
     if (rv != OK) {
-      rv = VerifyLoadedCert(mArchive, IDR_BACKUP_CERT, TYPE_CERT);
+      rv = VerifyLoadedCert(mArchive, secondaryCertData);
     }
   }
   return rv;
diff --git a/toolkit/mozapps/update/updater/updater.rc b/toolkit/mozapps/update/updater/updater.rc
index acea427..5dc4c85 100644
--- a/toolkit/mozapps/update/updater/updater.rc
+++ b/toolkit/mozapps/update/updater/updater.rc
@@ -42,25 +42,6 @@ IDI_DIALOG ICON "updater.ico"
 
 /////////////////////////////////////////////////////////////////////////////
 //
-// Embedded certificates for allowed MARs
-//
-
-#if defined(MAR_SIGNING_RELEASE_BETA)
-IDR_PRIMARY_CERT TYPE_CERT "release_primary.der"
-IDR_BACKUP_CERT TYPE_CERT  "release_secondary.der"
-#elif defined(MAR_SIGNING_AURORA_NIGHTLY)
-IDR_PRIMARY_CERT TYPE_CERT "nightly_aurora_level3_primary.der"
-IDR_BACKUP_CERT TYPE_CERT  "nightly_aurora_level3_secondary.der"
-#else
-IDR_PRIMARY_CERT TYPE_CERT "dep1.der"
-IDR_BACKUP_CERT TYPE_CERT  "dep2.der"
-#endif
-
-IDR_XPCSHELL_CERT TYPE_CERT "xpcshellCertificate.der"
- 
-
-/////////////////////////////////////////////////////////////////////////////
-//
 // Embedded an identifier to uniquely identiy this as a Mozilla updater.
 //

More information about the tor-commits mailing list