summaryrefslogtreecommitdiffstats
path: root/toolkit/mozapps
diff options
context:
space:
mode:
Diffstat (limited to 'toolkit/mozapps')
-rw-r--r--toolkit/mozapps/extensions/internal/ProductAddonChecker.sys.mjs35
-rw-r--r--toolkit/mozapps/extensions/test/xpcshell/test_ProductAddonChecker_signatures.js15
2 files changed, 32 insertions, 18 deletions
diff --git a/toolkit/mozapps/extensions/internal/ProductAddonChecker.sys.mjs b/toolkit/mozapps/extensions/internal/ProductAddonChecker.sys.mjs
index 1615a551c8..f76ebf0d30 100644
--- a/toolkit/mozapps/extensions/internal/ProductAddonChecker.sys.mjs
+++ b/toolkit/mozapps/extensions/internal/ProductAddonChecker.sys.mjs
@@ -118,12 +118,18 @@ async function conservativeFetch(input) {
* @param contentSignatureHeader
* The contents of the 'content-signature' header received along with
* `data`.
+ * @param trustedRoot
+ * The identifier of the trusted root to use for certificate validation.
* @return A promise that will resolve to nothing if the signature verification
* succeeds, or rejects on failure, with an Error that sets its
* addonCheckerErr property disambiguate failure cases and a message
* explaining the error.
*/
-async function verifyGmpContentSignature(data, contentSignatureHeader) {
+async function verifyGmpContentSignature(
+ data,
+ contentSignatureHeader,
+ trustedRoot
+) {
if (!contentSignatureHeader) {
logger.warn(
"Unexpected missing content signature header during content signature validation"
@@ -186,13 +192,6 @@ async function verifyGmpContentSignature(data, contentSignatureHeader) {
"@mozilla.org/security/contentsignatureverifier;1"
].createInstance(Ci.nsIContentSignatureVerifier);
- // See bug 1771992. In the future, this may need to handle staging and dev
- // environments in addition to just production and testing.
- let root = Ci.nsIContentSignatureVerifier.ContentSignatureProdRoot;
- if (Services.env.exists("XPCSHELL_TEST_PROFILE_DIR")) {
- root = Ci.nsIX509CertDB.AppXPCShellRoot;
- }
-
let valid;
try {
valid = await verifier.asyncVerifyContentSignature(
@@ -200,7 +199,7 @@ async function verifyGmpContentSignature(data, contentSignatureHeader) {
signature,
certChain,
"aus.content-signature.mozilla.org",
- root
+ trustedRoot
);
} catch (err) {
logger.warn(`Unexpected error while validating content signature: ${err}`);
@@ -329,6 +328,9 @@ function downloadXMLWithRequest(
* @param verifyContentSignature
* When true, will verify the content signature information from the
* response header. Failure to verify will result in an error.
+ * @param trustedContentSignatureRoot
+ * The trusted root to use for certificate validation.
+ * Must be set if verifyContentSignature is true.
* @return a promise that resolves to the DOM document downloaded or rejects
* with a JS exception in case of error.
*/
@@ -336,7 +338,8 @@ async function downloadXML(
url,
allowNonBuiltIn = false,
allowedCerts = null,
- verifyContentSignature = false
+ verifyContentSignature = false,
+ trustedContentSignatureRoot = null
) {
let request = await downloadXMLWithRequest(
url,
@@ -346,7 +349,8 @@ async function downloadXML(
if (verifyContentSignature) {
await verifyGmpContentSignature(
request.response,
- request.getResponseHeader("content-signature")
+ request.getResponseHeader("content-signature"),
+ trustedContentSignatureRoot
);
}
return request.responseXML;
@@ -535,6 +539,9 @@ export const ProductAddonChecker = {
* @param verifyContentSignature
* When true, will verify the content signature information from the
* response header. Failure to verify will result in an error.
+ * @param trustedContentSignatureRoot
+ * The trusted root to use for certificate validation.
+ * Must be set if verifyContentSignature is true.
* @return a promise that resolves to an object containing the list of add-ons
* and whether the local fallback was used, or rejects with a JS
* exception in case of error. In the case of an error, a best effort
@@ -545,13 +552,15 @@ export const ProductAddonChecker = {
url,
allowNonBuiltIn = false,
allowedCerts = null,
- verifyContentSignature = false
+ verifyContentSignature = false,
+ trustedContentSignatureRoot = null
) {
return downloadXML(
url,
allowNonBuiltIn,
allowedCerts,
- verifyContentSignature
+ verifyContentSignature,
+ trustedContentSignatureRoot
).then(parseXML);
},
diff --git a/toolkit/mozapps/extensions/test/xpcshell/test_ProductAddonChecker_signatures.js b/toolkit/mozapps/extensions/test/xpcshell/test_ProductAddonChecker_signatures.js
index 5ae61568ef..93602ffac9 100644
--- a/toolkit/mozapps/extensions/test/xpcshell/test_ProductAddonChecker_signatures.js
+++ b/toolkit/mozapps/extensions/test/xpcshell/test_ProductAddonChecker_signatures.js
@@ -98,7 +98,8 @@ add_task(async function test_valid_content_signature() {
signedBaseUri + goodXmlPath + "?" + validSignatureQuery,
/*allowNonBuiltIn*/ false,
/*allowedCerts*/ false,
- /*verifyContentSignature*/ true
+ /*verifyContentSignature*/ true,
+ /*trustedContentSignatureRoot*/ Ci.nsIX509CertDB.AppXPCShellRoot
);
Assert.ok(true, "Should successfully get addon list");
@@ -122,7 +123,8 @@ add_task(async function test_invalid_content_signature() {
signedBaseUri + goodXmlPath + "?" + invalidSignatureQuery,
/*allowNonBuiltIn*/ false,
/*allowedCerts*/ false,
- /*verifyContentSignature*/ true
+ /*verifyContentSignature*/ true,
+ /*trustedContentSignatureRoot*/ Ci.nsIX509CertDB.AppXPCShellRoot
);
Assert.ok(false, "Should fail to get addon list");
} catch (e) {
@@ -143,7 +145,8 @@ add_task(async function test_missing_content_signature_header() {
signedBaseUri + goodXmlPath + "?" + missingSignatureQuery,
/*allowNonBuiltIn*/ false,
/*allowedCerts*/ false,
- /*verifyContentSignature*/ true
+ /*verifyContentSignature*/ true,
+ /*trustedContentSignatureRoot*/ Ci.nsIX509CertDB.AppXPCShellRoot
);
Assert.ok(false, "Should fail to get addon list");
} catch (e) {
@@ -165,7 +168,8 @@ add_task(async function test_incomplete_content_signature_header() {
signedBaseUri + goodXmlPath + "?" + incompleteSignatureQuery,
/*allowNonBuiltIn*/ false,
/*allowedCerts*/ false,
- /*verifyContentSignature*/ true
+ /*verifyContentSignature*/ true,
+ /*trustedContentSignatureRoot*/ Ci.nsIX509CertDB.AppXPCShellRoot
);
Assert.ok(false, "Should fail to get addon list");
} catch (e) {
@@ -187,7 +191,8 @@ add_task(async function test_bad_x5u_content_signature_header() {
signedBaseUri + goodXmlPath + "?" + badX5uSignatureQuery,
/*allowNonBuiltIn*/ false,
/*allowedCerts*/ false,
- /*verifyContentSignature*/ true
+ /*verifyContentSignature*/ true,
+ /*trustedContentSignatureRoot*/ Ci.nsIX509CertDB.AppXPCShellRoot
);
Assert.ok(false, "Should fail to get addon list");
} catch (e) {