--- a/accessible/tests/mochitest/elm/test_HTMLSpec.html
+++ b/accessible/tests/mochitest/elm/test_HTMLSpec.html
@@ -903,33 +903,16 @@
children: [
{ role: ROLE_TEXT_LEAF }, // plain text
{ role: ROLE_TEXT_LEAF } // HTML:kbd text
]
};
testElm("kbd_container", obj);
// ////////////////////////////////////////////////////////////////////////
- // HTML:keygen
-
- obj = {
- role: ROLE_COMBOBOX,
- states: STATE_COLLAPSED | STATE_HASPOPUP,
- extraStates: EXT_STATE_EXPANDABLE,
- actions: "open",
- children: [
- { COMBOBOX_LIST: [
- { role: ROLE_COMBOBOX_OPTION }, // high grade
- { role: ROLE_COMBOBOX_OPTION } // medium grade
- ] }
- ]
- };
- testElm("keygen", obj);
-
- // ////////////////////////////////////////////////////////////////////////
// HTML:label
obj = {
role: ROLE_LABEL,
todo_relations: {
RELATION_LABEL_FOR: "label_input"
},
children: [
@@ -1633,17 +1616,16 @@
<form>
<input id="input_reset" type="reset">
</form>
<input id="input_time" type="time" value="23:23">
<input id="input_date" type="date" value="2017-11-10">
<p id="ins_container">normal<ins>Inserted</ins></p>
<p id="kbd_container">normal<kbd>cmd</kbd></p>
- <keygen id="keygen" name="RSA public key" challenge="123456789" keytype="RSA">
<label id="label">label<input id="label_input"></label>
<label id="label_for" for="label_for_input">label</label>
<input id="label_for_input">
<ul id="ul">
<li>item1</li>
</ul>
--- a/dom/base/nsTreeSanitizer.cpp
+++ b/dom/base/nsTreeSanitizer.cpp
@@ -966,17 +966,16 @@ nsTreeSanitizer::MustFlatten(int32_t aNa
{
if (aNamespace == kNameSpaceID_XHTML) {
if (mDropNonCSSPresentation && (nsGkAtoms::font == aLocal ||
nsGkAtoms::center == aLocal)) {
return true;
}
if (mDropForms && (nsGkAtoms::form == aLocal ||
nsGkAtoms::input == aLocal ||
- nsGkAtoms::keygen == aLocal ||
nsGkAtoms::option == aLocal ||
nsGkAtoms::optgroup == aLocal)) {
return true;
}
if (mFullDocument && (nsGkAtoms::title == aLocal ||
nsGkAtoms::html == aLocal ||
nsGkAtoms::head == aLocal ||
nsGkAtoms::body == aLocal)) {
--- a/dom/bindings/BindingDeclarations.h
+++ b/dom/bindings/BindingDeclarations.h
@@ -55,16 +55,18 @@ protected:
private:
// aString is expected to actually be an nsAString*. Should only be
// called from StringifyToJSON.
static bool AppendJSONToString(const char16_t* aJSONData,
uint32_t aDataLength, void* aString);
public:
+ explicit DictionaryBase() {}
+
bool IsAnyMemberPresent() const
{
return mIsAnyMemberPresent;
}
};
template<typename T>
inline typename EnableIf<IsBaseOf<DictionaryBase, T>::value, void>::Type
--- a/dom/html/nsGenericHTMLElement.cpp
+++ b/dom/html/nsGenericHTMLElement.cpp
@@ -1607,18 +1607,17 @@ nsGenericHTMLElement::Labels()
RefPtr<nsLabelsNodeList> labels = slots->mLabelsList;
return labels.forget();
}
bool
nsGenericHTMLElement::IsInteractiveHTMLContent(bool aIgnoreTabindex) const
{
- return IsAnyOfHTMLElements(nsGkAtoms::details, nsGkAtoms::embed,
- nsGkAtoms::keygen) ||
+ return IsAnyOfHTMLElements(nsGkAtoms::details, nsGkAtoms::embed) ||
(!aIgnoreTabindex && HasAttr(kNameSpaceID_None, nsGkAtoms::tabindex));
}
// static
bool
nsGenericHTMLElement::TouchEventsEnabled(JSContext* aCx, JSObject* aGlobal)
{
return TouchEvent::PrefEnabled(aCx, aGlobal);
@@ -2379,21 +2378,19 @@ void
nsGenericHTMLFormElement::FieldSetDisabledChanged(bool aNotify)
{
UpdateDisabledState(aNotify);
}
bool
nsGenericHTMLFormElement::IsLabelable() const
{
- // TODO: keygen should be in that list, see bug 101019.
uint32_t type = ControlType();
return (type & NS_FORM_INPUT_ELEMENT && type != NS_FORM_INPUT_HIDDEN) ||
type & NS_FORM_BUTTON_ELEMENT ||
- // type == NS_FORM_KEYGEN ||
type == NS_FORM_OUTPUT ||
type == NS_FORM_SELECT ||
type == NS_FORM_TEXTAREA;
}
void
nsGenericHTMLFormElement::GetFormAction(nsString& aValue)
{
--- a/dom/html/test/forms/test_interactive_content_in_label.html
+++ b/dom/html/test/forms/test_interactive_content_in_label.html
@@ -21,17 +21,17 @@ https://bugzilla.mozilla.org/show_bug.cg
<a class="yes" href="#">a</a>
<audio class="yes" controls></audio>
<button class="yes">button</button>
<details class="yes">details</details>
<embed class="yes">embed</embed>
<iframe class="yes" src="data:text/plain," style="width: 16px; height: 16px;"></iframe>
<img class="yes" src="data:image/png," usemap="#map">
<input class="yes" type="text" size="4">
- <keygen class="yes">
+ <keygen class="no">
<label class="yes">label</label>
<object class="yes" usemap="#map">object</object>
<select class="yes"><option>select</option></select>
<textarea class="yes" cols="1" rows="1"></textarea>
<video class="yes" controls></video>
<a class="no">a</a>
<audio class="no"></audio>
--- a/dom/html/test/forms/test_reportValidation_preventDefault.html
+++ b/dom/html/test/forms/test_reportValidation_preventDefault.html
@@ -3,42 +3,40 @@
<!--
https://bugzilla.mozilla.org/show_bug.cgi?id=1088761
-->
<head>
<title>Test for Bug 1088761</title>
<script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
<style>
- input, textarea, fieldset, button, select, keygen, output, object { background-color: rgb(0,0,0) !important; }
+ input, textarea, fieldset, button, select, output, object { background-color: rgb(0,0,0) !important; }
:valid { background-color: rgb(0,255,0) !important; }
:invalid { background-color: rgb(255,0,0) !important; }
</style>
</head>
<body>
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1088761">Mozilla Bug 1088761</a>
<p id="display"></p>
<div id="content" style="display: none">
<fieldset id='f' oninvalid="invalidEventHandler(event, true);"></fieldset>
<input id='i' required oninvalid="invalidEventHandler(event, true);">
<button id='b' oninvalid="invalidEventHandler(event, true);"></button>
<select id='s' required oninvalid="invalidEventHandler(event, true);"></select>
<textarea id='t' required oninvalid="invalidEventHandler(event, true);"></textarea>
<output id='o' oninvalid="invalidEventHandler(event, true);"></output>
- <keygen id='k' oninvalid="invalidEventHandler(event, true);"></keygen>
<object id='obj' oninvalid="invalidEventHandler(event, true);"></object>
</div>
<div id="content2" style="display: none">
<fieldset id='f2' oninvalid="invalidEventHandler(event, false);"></fieldset>
<input id='i2' required oninvalid="invalidEventHandler(event, false);">
<button id='b2' oninvalid="invalidEventHandler(event, false);"></button>
<select id='s2' required oninvalid="invalidEventHandler(event, false);"></select>
<textarea id='t2' required oninvalid="invalidEventHandler(event, false);"></textarea>
<output id='o2' oninvalid="invalidEventHandler(event, false);"></output>
- <keygen id='k2' oninvalid="invalidEventHandler(event, false);"></keygen>
<object id='obj2' oninvalid="invalidEventHandler(event, false);"></object>
</div>
<pre id="test">
<script type="application/javascript">
/** Test for Bug 1088761 **/
var gInvalid = false;
@@ -73,21 +71,19 @@ checkReportValidityForInvalid(document.g
checkReportValidityForInvalid(document.getElementById('s'));
checkReportValidityForInvalid(document.getElementById('t'));
checkReportValidityForInvalid(document.getElementById('i2'));
checkReportValidityForInvalid(document.getElementById('s2'));
checkReportValidityForInvalid(document.getElementById('t2'));
checkReportValidityForValid(document.getElementById('o'));
-checkReportValidityForValid(document.getElementById('k'));
checkReportValidityForValid(document.getElementById('obj'));
checkReportValidityForValid(document.getElementById('f'));
checkReportValidityForValid(document.getElementById('o2'));
-checkReportValidityForValid(document.getElementById('k2'));
checkReportValidityForValid(document.getElementById('obj2'));
checkReportValidityForValid(document.getElementById('f2'));
</script>
</pre>
</body>
</html>
--- a/dom/html/test/test_bug595449.html
+++ b/dom/html/test/test_bug595449.html
@@ -62,25 +62,23 @@ var testData = [
[ "<output></output>", 1, [ HTMLOutputElement ] ],
[ "<select></select>", 1, [ HTMLSelectElement ] ],
[ "<select><option>foo</option></select>", 1, [ HTMLSelectElement ] ],
[ "<select><option>foo</option><input></select>", 2, [ HTMLSelectElement, HTMLInputElement ] ],
[ "<textarea></textarea>", 1, [ HTMLTextAreaElement ] ],
[ "<label>foo</label>", 0 ],
[ "<progress>", 0 ],
[ "<meter>", 0 ],
- [ "<keygen>", 1, [ HTMLSelectElement ] ],
[ "<legend></legend>", 0 ],
[ "<legend><input></legend>", 1, [ HTMLInputElement ] ],
[ "<legend><input></legend><legend><input></legend>", 2, [ HTMLInputElement, HTMLInputElement ] ],
[ "<legend><input></legend><input>", 2, [ HTMLInputElement, HTMLInputElement ] ],
[ "<fieldset></fieldset>", 1, [ HTMLFieldSetElement ] ],
[ "<fieldset><input></fieldset>", 2, [ HTMLFieldSetElement, HTMLInputElement ] ],
[ "<fieldset><fieldset><input></fieldset></fieldset>", 3, [ HTMLFieldSetElement, HTMLFieldSetElement, HTMLInputElement ] ],
- [ "<button></button><fieldset></fieldset><input><keygen><object><output></output><select></select><textarea></textarea>", 8, [ HTMLButtonElement, HTMLFieldSetElement, HTMLInputElement, HTMLSelectElement, HTMLObjectElement, HTMLOutputElement, HTMLSelectElement, HTMLTextAreaElement ] ],
];
for (var data of testData) {
fieldset.innerHTML = data[0];
is(fieldset.elements.length, data[1],
"fieldset.elements should contain " + data[1] + " elements");
for (var i=0; i<data[1]; ++i) {
--- a/editor/libeditor/HTMLEditUtils.cpp
+++ b/editor/libeditor/HTMLEditUtils.cpp
@@ -284,17 +284,16 @@ HTMLEditUtils::IsMailCite(nsINode* aNode
bool
HTMLEditUtils::IsFormWidget(nsINode* aNode)
{
MOZ_ASSERT(aNode);
return aNode->IsAnyOfHTMLElements(nsGkAtoms::textarea,
nsGkAtoms::select,
nsGkAtoms::button,
nsGkAtoms::output,
- nsGkAtoms::keygen,
nsGkAtoms::progress,
nsGkAtoms::meter,
nsGkAtoms::input);
}
bool
HTMLEditUtils::SupportsAlignAttr(nsINode& aNode)
{
@@ -509,17 +508,16 @@ static const ElementInfo kElements[eHTML
ELEM(html, true, false, GROUP_TOPLEVEL, GROUP_TOPLEVEL),
ELEM(i, true, true, GROUP_FONTSTYLE, GROUP_INLINE_ELEMENT),
ELEM(iframe, true, true, GROUP_SPECIAL | GROUP_BLOCK, GROUP_FLOW_ELEMENT),
ELEM(image, false, false, GROUP_NONE, GROUP_NONE),
ELEM(img, false, false, GROUP_SPECIAL | GROUP_PICTURE_CONTENT, GROUP_NONE),
ELEM(input, false, false, GROUP_FORMCONTROL, GROUP_NONE),
ELEM(ins, true, true, GROUP_PHRASE | GROUP_BLOCK, GROUP_FLOW_ELEMENT),
ELEM(kbd, true, true, GROUP_PHRASE, GROUP_INLINE_ELEMENT),
- ELEM(keygen, false, false, GROUP_FORMCONTROL, GROUP_NONE),
ELEM(label, true, false, GROUP_FORMCONTROL, GROUP_INLINE_ELEMENT),
ELEM(legend, true, true, GROUP_NONE, GROUP_INLINE_ELEMENT),
ELEM(li, true, false, GROUP_LI, GROUP_FLOW_ELEMENT),
ELEM(link, false, false, GROUP_HEAD_CONTENT, GROUP_NONE),
ELEM(listing, false, false, GROUP_NONE, GROUP_NONE),
ELEM(main, true, true, GROUP_BLOCK, GROUP_FLOW_ELEMENT),
ELEM(map, true, true, GROUP_SPECIAL, GROUP_BLOCK | GROUP_MAP_CONTENT),
ELEM(mark, true, true, GROUP_PHRASE, GROUP_INLINE_ELEMENT),
--- a/editor/spellchecker/TextServicesDocument.cpp
+++ b/editor/spellchecker/TextServicesDocument.cpp
@@ -1856,17 +1856,16 @@ TextServicesDocument::IsBlockNode(nsICon
nsGkAtoms::b != atom &&
nsGkAtoms::cite != atom &&
nsGkAtoms::code != atom &&
nsGkAtoms::dfn != atom &&
nsGkAtoms::em != atom &&
nsGkAtoms::font != atom &&
nsGkAtoms::i != atom &&
nsGkAtoms::kbd != atom &&
- nsGkAtoms::keygen != atom &&
nsGkAtoms::nobr != atom &&
nsGkAtoms::s != atom &&
nsGkAtoms::samp != atom &&
nsGkAtoms::small != atom &&
nsGkAtoms::spacer != atom &&
nsGkAtoms::span != atom &&
nsGkAtoms::strike != atom &&
nsGkAtoms::strong != atom &&
--- a/nsprpub/pr/src/md/windows/ntthread.c
+++ b/nsprpub/pr/src/md/windows/ntthread.c
@@ -22,17 +22,17 @@ DWORD _pr_intsOffIndex;
_MDLock _nt_idleLock;
PRCList _nt_idleList;
PRUint32 _nt_idleCount;
extern __declspec(thread) PRThread *_pr_io_restarted_io;
extern DWORD _pr_io_restartedIOIndex;
-typedef HRESULT (WINAPI *SETTHREADDESCRIPTION)(HANDLE, PCWSTR);
+typedef HRESULT(WINAPI* SETTHREADDESCRIPTION)(HANDLE, PCWSTR);
static SETTHREADDESCRIPTION sSetThreadDescription = NULL;
/* Must check the restarted_io *before* decrementing no_sched to 0 */
#define POST_SWITCH_WORK() \
PR_BEGIN_MACRO \
PRThread *restarted_io = \
(_pr_use_static_tls ? _pr_io_restarted_io \
: (PRThread *) TlsGetValue(_pr_io_restartedIOIndex)); \
@@ -77,21 +77,21 @@ void
} else {
TlsSetValue(_pr_io_restartedIOIndex, NULL);
}
}
void
_PR_MD_EARLY_INIT()
{
- HMODULE hModule;
+ HMODULE hModule;
- _MD_NEW_LOCK( &_nt_idleLock );
- _nt_idleCount = 0;
- PR_INIT_CLIST(&_nt_idleList);
+ _MD_NEW_LOCK(&_nt_idleLock);
+ _nt_idleCount = 0;
+ PR_INIT_CLIST(&_nt_idleList);
#if 0
/* Make the clock tick at least once per millisecond */
if ( timeBeginPeriod(1) == TIMERR_NOCANDO) {
/* deep yoghurt; clock doesn't tick fast enough! */
PR_ASSERT(0);
}
#endif
@@ -102,20 +102,18 @@ void
_pr_currentCPUIndex = TlsAlloc();
_pr_intsOffIndex = TlsAlloc();
_pr_io_restartedIOIndex = TlsAlloc();
}
// SetThreadDescription is Windows 10 build 1607+
hModule = GetModuleHandleW(L"kernel32.dll");
if (hModule) {
- sSetThreadDescription =
- (SETTHREADDESCRIPTION) GetProcAddress(
- hModule,
- "SetThreadDescription");
+ sSetThreadDescription =
+ (SETTHREADDESCRIPTION)GetProcAddress(hModule, "SetThreadDescription");
}
}
void _PR_MD_CLEANUP_BEFORE_EXIT(void)
{
_PR_NT_FreeSids();
WSACleanup();
@@ -305,20 +303,20 @@ typedef struct tagTHREADNAME_INFO
void
_PR_MD_SET_CURRENT_THREAD_NAME(const char *name)
{
#ifdef _MSC_VER
THREADNAME_INFO info;
#endif
if (sSetThreadDescription) {
- WCHAR wideName[MAX_PATH];
- if (MultiByteToWideChar(CP_ACP, 0, name, -1, wideName, MAX_PATH)) {
- sSetThreadDescription(GetCurrentThread(), wideName);
- }
+ WCHAR wideName[MAX_PATH];
+ if (MultiByteToWideChar(CP_ACP, 0, name, -1, wideName, MAX_PATH)) {
+ sSetThreadDescription(GetCurrentThread(), wideName);
+ }
}
#ifdef _MSC_VER
if (!IsDebuggerPresent())
return;
info.dwType = 0x1000;
info.szName = (char*) name;
--- a/nsprpub/pr/src/md/windows/w95thred.c
+++ b/nsprpub/pr/src/md/windows/w95thred.c
@@ -23,41 +23,39 @@ typedef DWORD DWORD_PTR;
#else
DWORD _pr_currentThreadIndex;
DWORD _pr_lastThreadIndex;
DWORD _pr_currentCPUIndex;
#endif
int _pr_intsOff = 0;
_PRInterruptTable _pr_interruptTable[] = { { 0 } };
-typedef HRESULT (WINAPI *SETTHREADDESCRIPTION)(HANDLE, PCWSTR);
+typedef HRESULT(WINAPI* SETTHREADDESCRIPTION)(HANDLE, PCWSTR);
static SETTHREADDESCRIPTION sSetThreadDescription = NULL;
void
_PR_MD_EARLY_INIT()
{
- HMODULE hModule;
+ HMODULE hModule;
#ifndef _PR_USE_STATIC_TLS
_pr_currentThreadIndex = TlsAlloc();
_pr_lastThreadIndex = TlsAlloc();
_pr_currentCPUIndex = TlsAlloc();
#endif
#if defined(_WIN64) && defined(WIN95)
_fd_waiting_for_overlapped_done_lock = PR_NewLock();
#endif
// SetThreadDescription is Windows 10 build 1607+
hModule = GetModuleHandleW(L"kernel32.dll");
if (hModule) {
- sSetThreadDescription =
- (SETTHREADDESCRIPTION) GetProcAddress(
- hModule,
- "SetThreadDescription");
+ sSetThreadDescription =
+ (SETTHREADDESCRIPTION)GetProcAddress(hModule, "SetThreadDescription");
}
}
void _PR_MD_CLEANUP_BEFORE_EXIT(void)
{
_PR_NT_FreeSids();
_PR_MD_CleanupSockets();
@@ -230,20 +228,20 @@ typedef struct tagTHREADNAME_INFO
void
_PR_MD_SET_CURRENT_THREAD_NAME(const char *name)
{
#ifdef _MSC_VER
THREADNAME_INFO info;
#endif
if (sSetThreadDescription) {
- WCHAR wideName[MAX_PATH];
- if (MultiByteToWideChar(CP_ACP, 0, name, -1, wideName, MAX_PATH)) {
- sSetThreadDescription(GetCurrentThread(), wideName);
- }
+ WCHAR wideName[MAX_PATH];
+ if (MultiByteToWideChar(CP_ACP, 0, name, -1, wideName, MAX_PATH)) {
+ sSetThreadDescription(GetCurrentThread(), wideName);
+ }
}
#ifdef _MSC_VER
if (!IsDebuggerPresent())
return;
info.dwType = 0x1000;
info.szName = (char*) name;
--- a/parser/html/nsHtml5TreeOperation.cpp
+++ b/parser/html/nsHtml5TreeOperation.cpp
@@ -359,22 +359,16 @@ nsIContent*
nsHtml5TreeOperation::CreateHTMLElement(
nsAtom* aName,
nsHtml5HtmlAttributes* aAttributes,
mozilla::dom::FromParser aFromParser,
nsNodeInfoManager* aNodeInfoManager,
nsHtml5DocumentBuilder* aBuilder,
mozilla::dom::HTMLContentCreatorFunction aCreator)
{
- bool isKeygen = (aName == nsGkAtoms::keygen);
- if (MOZ_UNLIKELY(isKeygen)) {
- aName = nsGkAtoms::select;
- aCreator = NS_NewHTMLSelectElement;
- }
-
RefPtr<dom::NodeInfo> nodeInfo = aNodeInfoManager->GetNodeInfo(
aName, nullptr, kNameSpaceID_XHTML, nsINode::ELEMENT_NODE);
NS_ASSERTION(nodeInfo, "Got null nodeinfo.");
dom::Element* newContent = nullptr;
nsIDocument* document = nodeInfo->GetDocument();
bool willExecuteScript = false;
bool isCustomElement = false;
@@ -461,47 +455,16 @@ nsHtml5TreeOperation::CreateHTMLElement(
aBuilder->HoldElement(newElement.forget());
if (MOZ_UNLIKELY(aName == nsGkAtoms::style || aName == nsGkAtoms::link)) {
nsCOMPtr<nsIStyleSheetLinkingElement> ssle(do_QueryInterface(newContent));
if (ssle) {
ssle->InitStyleLinkElement(false);
ssle->SetEnableUpdates(false);
}
- } else if (MOZ_UNLIKELY(isKeygen)) {
- // Adapted from CNavDTD
- nsresult rv;
- nsCOMPtr<nsIFormProcessor> theFormProcessor =
- do_GetService(kFormProcessorCID, &rv);
- if (NS_FAILED(rv)) {
- return newContent;
- }
-
- nsTArray<nsString> theContent;
- nsAutoString theAttribute;
-
- (void)theFormProcessor->ProvideContent(
- NS_LITERAL_STRING("select"), theContent, theAttribute);
-
- newContent->SetAttr(
- kNameSpaceID_None, nsGkAtoms::moztype, nullptr, theAttribute, false);
-
- RefPtr<dom::NodeInfo> optionNodeInfo = aNodeInfoManager->GetNodeInfo(
- nsGkAtoms::option, nullptr, kNameSpaceID_XHTML, nsINode::ELEMENT_NODE);
-
- for (uint32_t i = 0; i < theContent.Length(); ++i) {
- RefPtr<dom::NodeInfo> ni = optionNodeInfo;
- nsCOMPtr<dom::Element> optionElt =
- NS_NewHTMLOptionElement(ni.forget(), aFromParser);
- RefPtr<nsTextNode> optionText = new nsTextNode(aNodeInfoManager);
- (void)optionText->SetText(theContent[i], false);
- optionElt->AppendChildTo(optionText, false);
- newContent->AppendChildTo(optionElt, false);
- }
- newContent->DoneAddingChildren(false);
}
if (!aAttributes) {
return newContent;
}
SetHTMLElementAttributes(newContent, aName, aAttributes);
}
@@ -633,25 +596,24 @@ nsHtml5TreeOperation::CreateMathMLElemen
}
void
nsHtml5TreeOperation::SetFormElement(nsIContent* aNode, nsIContent* aParent)
{
nsCOMPtr<nsIFormControl> formControl(do_QueryInterface(aNode));
RefPtr<dom::HTMLImageElement> domImageElement =
dom::HTMLImageElement::FromNodeOrNull(aNode);
- // NS_ASSERTION(formControl, "Form-associated element did not implement
- // nsIFormControl.");
+ // TODO check line below, even with no keygen it seems to break things.
+ //NS_ASSERTION(formControl, "Form-associated element did not implement nsIFormControl.");
// TODO: uncomment the above line when <keygen> (bug 101019) is supported by
// Gecko
RefPtr<dom::HTMLFormElement> formElement =
dom::HTMLFormElement::FromNodeOrNull(aParent);
NS_ASSERTION(formElement,
"The form element doesn't implement HTMLFormElement.");
- // avoid crashing on <keygen>
if (formControl &&
!aNode->AsElement()->HasAttr(kNameSpaceID_None, nsGkAtoms::form)) {
formControl->SetForm(formElement);
} else if (domImageElement) {
domImageElement->SetForm(formElement);
}
}
--- a/parser/htmlparser/tests/mochitest/html5_tree_construction_exceptions.js
+++ b/parser/htmlparser/tests/mochitest/html5_tree_construction_exceptions.js
@@ -1,13 +1,10 @@
/*
* These are the tests we don't pass. The test data comes from the .dat
* files under html5lib_tree_construction/. Please see
* html5lib_tree_construction/html5lib_license.txt for the license for these
* tests.
*/
var html5Exceptions = {
- "<!doctype html><keygen><frameset>" : true, // Bug 101019
- "<select><keygen>" : true, // Bug 101019
- "<!DOCTYPE html><body><keygen>A" : true, // Bug 101019
"<p><table></p>" : true, // parser_web_testrunner.js uses srcdoc which forces quirks mode
"<p><table></table>" : true, // parser_web_testrunner.js uses srcdoc which forces quirks mode
}
--- a/security/manager/locales/en-US/chrome/pipnss/nsserrors.properties
+++ b/security/manager/locales/en-US/chrome/pipnss/nsserrors.properties
@@ -233,17 +233,16 @@ SEC_ERROR_INADEQUATE_CERT_TYPE=Certifica
SEC_ERROR_CERT_ADDR_MISMATCH=Address in signing certificate does not match address in message headers.
SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY=Unable to import. Error attempting to import private key.
SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN=Unable to import. Error attempting to import certificate chain.
SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME=Unable to export. Unable to locate certificate or key by nickname.
SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY=Unable to export. Private Key could not be located and exported.
SEC_ERROR_PKCS12_UNABLE_TO_WRITE=Unable to export. Unable to write the export file.
SEC_ERROR_PKCS12_UNABLE_TO_READ=Unable to import. Unable to read the import file.
SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED=Unable to export. Key database corrupt or deleted.
-SEC_ERROR_KEYGEN_FAIL=Unable to generate public/private key pair.
SEC_ERROR_INVALID_PASSWORD=Password entered is invalid. Please pick a different one.
SEC_ERROR_RETRY_OLD_PASSWORD=Old password entered incorrectly. Please try again.
SEC_ERROR_BAD_NICKNAME=Certificate nickname already in use.
SEC_ERROR_NOT_FORTEZZA_ISSUER=Peer FORTEZZA chain has a non-FORTEZZA Certificate.
SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY=A sensitive key cannot be moved to the slot where it is needed.
SEC_ERROR_JS_INVALID_MODULE_NAME=Invalid module name.
SEC_ERROR_JS_INVALID_DLL=Invalid module path/filename
SEC_ERROR_JS_ADD_MOD_FAILURE=Unable to add module
--- a/security/manager/locales/en-US/chrome/pipnss/pipnss.properties
+++ b/security/manager/locales/en-US/chrome/pipnss/pipnss.properties
@@ -57,18 +57,16 @@ Fips140TokenDescription=Software Securit
# length_limit = 64 bytes
Fips140SlotDescription=FIPS 140 Cryptographic, Key and Certificate Services
VerifySSLClient=SSL Client Certificate
VerifySSLServer=SSL Server Certificate
VerifySSLCA=SSL Certificate Authority
VerifyEmailSigner=Email Signer Certificate
VerifyEmailRecip=Email Recipient Certificate
-HighGrade=High Grade
-MediumGrade=Medium Grade
# LOCALIZATION NOTE (nick_template): $1s is the common name from a cert (e.g. "Mozilla"), $2s is the CA name (e.g. VeriSign)
nick_template=%1$s’s %2$s ID
#These are the strings set for the ASN1 objects in a certificate.
CertDumpCertificate=Certificate
CertDumpVersion=Version
# LOCALIZATION NOTE (CertDumpVersionValue): %S is a version number (e.g. "3" in "Version 3")
CertDumpVersionValue=Version %S
CertDumpSerialNo=Serial Number
--- a/security/manager/locales/en-US/chrome/pippki/pippki.dtd
+++ b/security/manager/locales/en-US/chrome/pippki/pippki.dtd
@@ -34,17 +34,12 @@
<!ENTITY pkcs12.setpassword.message "The certificate backup password you set here protects the backup file that you are about to create. You must set this password to proceed with the backup.">
<!ENTITY pkcs12.setpassword.label1 "Certificate backup password:">
<!ENTITY pkcs12.setpassword.label2 "Certificate backup password (again):">
<!ENTITY pkcs12.setpassword.reminder "Important: If you forget your certificate backup password, you will not be able to restore this backup later. Please record it in a safe location.">
<!ENTITY chooseToken.title "Choose Token Dialog">
<!ENTITY chooseToken.message1 "Please choose a token.">
-<!-- Strings for the CreateCertInfo dialog -->
-<!ENTITY createCertInfo.title "Generating A Private Key">
-<!ENTITY createCertInfo.msg1 "Key Generation in progress… This may take a few minutes….">
-<!ENTITY createCertInfo.msg2 "Please wait…">
-
<!-- Strings for protectedAuth dialog -->
<!ENTITY protectedAuth.title "Protected Token Authentication">
<!ENTITY protectedAuth.msg "Please authenticate to the token. Authentication method depends on the type of your token.">
<!ENTITY protectedAuth.tokenName.label "Token:">
--- a/security/manager/pki/nsNSSDialogHelper.cpp
+++ b/security/manager/pki/nsNSSDialogHelper.cpp
@@ -28,17 +28,17 @@ nsNSSDialogHelper::openDialog(mozIDOMWin
if (!parent) {
windowWatcher->GetActiveWindow(getter_AddRefs(parent));
}
// We're loading XUL into this window, and it's happening on behalf of the
// system, not on behalf of content. Make sure the initial about:blank window
// gets a system principal, otherwise we'll bork when trying to wrap the
- // nsIKeyGenThread |arguments| property into the unprivileged scoope.
+ // nsIKeyGenThread |arguments| property into the unprivileged scope.
MOZ_ASSERT(!strncmp("chrome://", url, strlen("chrome://")));
mozilla::dom::AutoNoJSAPI nojsapi;
nsCOMPtr<mozIDOMWindowProxy> newWindow;
rv = windowWatcher->OpenWindow(parent,
url,
"_blank",
modal
--- a/security/manager/pki/nsNSSDialogs.cpp
+++ b/security/manager/pki/nsNSSDialogs.cpp
@@ -12,17 +12,16 @@
#include "mozIDOMWindow.h"
#include "nsArray.h"
#include "nsEmbedCID.h"
#include "nsHashPropertyBag.h"
#include "nsIDialogParamBlock.h"
#include "nsIInterfaceRequestor.h"
#include "nsIInterfaceRequestorUtils.h"
-#include "nsIKeygenThread.h"
#include "nsIPK11Token.h"
#include "nsIPromptService.h"
#include "nsIProtectedAuthThread.h"
#include "nsIWindowWatcher.h"
#include "nsIX509CertDB.h"
#include "nsIX509Cert.h"
#include "nsNSSDialogHelper.h"
#include "nsPromiseFlatString.h"
@@ -37,18 +36,17 @@ nsNSSDialogs::nsNSSDialogs()
nsNSSDialogs::~nsNSSDialogs()
{
}
NS_IMPL_ISUPPORTS(nsNSSDialogs, nsITokenPasswordDialogs,
nsICertificateDialogs,
nsIClientAuthDialogs,
- nsITokenDialogs,
- nsIGeneratingKeypairInfoDialogs)
+ nsITokenDialogs)
nsresult
nsNSSDialogs::Init()
{
nsresult rv;
nsCOMPtr<nsIStringBundleService> service =
do_GetService(NS_STRINGBUNDLE_CONTRACTID, &rv);
@@ -357,30 +355,16 @@ nsNSSDialogs::ViewCert(nsIInterfaceReque
nsCOMPtr<mozIDOMWindowProxy> parent = do_GetInterface(ctx);
return nsNSSDialogHelper::openDialog(parent,
"chrome://pippki/content/certViewer.xul",
cert,
false /*modal*/);
}
NS_IMETHODIMP
-nsNSSDialogs::DisplayGeneratingKeypairInfo(nsIInterfaceRequestor *aCtx, nsIKeygenThread *runnable)
-{
- nsresult rv;
-
- // Get the parent window for the dialog
- nsCOMPtr<mozIDOMWindowProxy> parent = do_GetInterface(aCtx);
-
- rv = nsNSSDialogHelper::openDialog(parent,
- "chrome://pippki/content/createCertInfo.xul",
- runnable);
- return rv;
-}
-
-NS_IMETHODIMP
nsNSSDialogs::ChooseToken(nsIInterfaceRequestor* /*aCtx*/,
const char16_t** aTokenList,
uint32_t aCount,
/*out*/ nsAString& aTokenChosen,
/*out*/ bool* aCanceled)
{
NS_ENSURE_ARG(aTokenList);
NS_ENSURE_ARG(aCanceled);
--- a/security/manager/pki/nsNSSDialogs.h
+++ b/security/manager/pki/nsNSSDialogs.h
@@ -5,38 +5,35 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef nsNSSDialogs_h
#define nsNSSDialogs_h
#include "nsCOMPtr.h"
#include "nsICertificateDialogs.h"
#include "nsIClientAuthDialogs.h"
-#include "nsIGenKeypairInfoDlg.h"
#include "nsIStringBundle.h"
#include "nsITokenDialogs.h"
#include "nsITokenPasswordDialogs.h"
#define NS_NSSDIALOGS_CID \
{ 0x518e071f, 0x1dd2, 0x11b2, \
{ 0x93, 0x7e, 0xc4, 0x5f, 0x14, 0xde, 0xf7, 0x78 }}
class nsNSSDialogs : public nsICertificateDialogs
, public nsIClientAuthDialogs
- , public nsIGeneratingKeypairInfoDialogs
, public nsITokenDialogs
, public nsITokenPasswordDialogs
{
public:
NS_DECL_THREADSAFE_ISUPPORTS
NS_DECL_NSITOKENPASSWORDDIALOGS
NS_DECL_NSICERTIFICATEDIALOGS
NS_DECL_NSICLIENTAUTHDIALOGS
NS_DECL_NSITOKENDIALOGS
- NS_DECL_NSIGENERATINGKEYPAIRINFODIALOGS
nsNSSDialogs();
nsresult Init();
protected:
virtual ~nsNSSDialogs();
nsCOMPtr<nsIStringBundle> mPIPStringBundle;
};
--- a/security/manager/pki/nsPKIModule.cpp
+++ b/security/manager/pki/nsPKIModule.cpp
@@ -21,17 +21,16 @@ static const mozilla::Module::CIDEntry k
{ nullptr }
};
static const mozilla::Module::ContractIDEntry kPKIContracts[] = {
{ NS_TOKENPASSWORDSDIALOG_CONTRACTID, &kNS_NSSDIALOGS_CID },
{ NS_CERTIFICATEDIALOGS_CONTRACTID, &kNS_NSSDIALOGS_CID },
{ NS_CLIENTAUTHDIALOGS_CONTRACTID, &kNS_NSSDIALOGS_CID },
{ NS_TOKENDIALOGS_CONTRACTID, &kNS_NSSDIALOGS_CID },
- { NS_GENERATINGKEYPAIRINFODIALOGS_CONTRACTID, &kNS_NSSDIALOGS_CID },
{ NS_ASN1TREE_CONTRACTID, &kNS_NSSASN1OUTINER_CID },
{ nullptr }
};
static const mozilla::Module kPKIModule = {
mozilla::Module::kVersion,
kPKICIDs,
kPKIContracts
deleted file mode 100644
--- a/security/manager/pki/resources/content/createCertInfo.js
+++ /dev/null
@@ -1,37 +0,0 @@
-/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*-
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-/* import-globals-from pippki.js */
-"use strict";
-
-var keygenThread;
-
-function onLoad() {
- keygenThread = window.arguments[0].QueryInterface(Ci.nsIKeygenThread);
-
- if (!keygenThread) {
- window.close();
- return;
- }
-
- window.setCursor("wait");
-
- var obs = {
- observe: function keygenListenerObserve(subject, topic, data) {
- if (topic == "keygen-finished") {
- window.close();
- }
- }
- };
-
- keygenThread.startKeyGeneration(obs);
-}
-
-function onClose() {
- window.setCursor("auto");
-
- var alreadyClosed = {};
- keygenThread.userCanceled(alreadyClosed);
-}
deleted file mode 100644
--- a/security/manager/pki/resources/content/createCertInfo.xul
+++ /dev/null
@@ -1,30 +0,0 @@
-<?xml version="1.0"?>
-<!-- This Source Code Form is subject to the terms of the Mozilla Public
- - License, v. 2.0. If a copy of the MPL was not distributed with this
- - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
-
-<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
-
-<!DOCTYPE window SYSTEM "chrome://pippki/locale/pippki.dtd">
-
-<window
- id="domainMismatch" title="&createCertInfo.title;"
- xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
- onload="onLoad();"
- onclose="onClose();"
->
-
-<stringbundle id="pippki_bundle" src="chrome://pippki/locale/pippki.properties"/>
-
-<script type="application/javascript" src="pippki.js" />
-<script type="application/javascript" src="createCertInfo.js" />
-
-<vbox style="margin: 5px; max-width: 50em;">
-
- <description>&createCertInfo.msg1;</description>
- <separator/>
- <description style="font-weight: bold; text-align: center;">&createCertInfo.msg2;</description>
- <separator/>
-
-</vbox>
-</window>
--- a/security/manager/pki/resources/jar.mn
+++ b/security/manager/pki/resources/jar.mn
@@ -9,18 +9,16 @@ pippki.jar:
content/pippki/certViewer.js (content/certViewer.js)
content/pippki/certViewer.xul (content/certViewer.xul)
content/pippki/changepassword.js (content/changepassword.js)
content/pippki/changepassword.xul (content/changepassword.xul)
content/pippki/choosetoken.js (content/choosetoken.js)
content/pippki/choosetoken.xul (content/choosetoken.xul)
content/pippki/clientauthask.js (content/clientauthask.js)
content/pippki/clientauthask.xul (content/clientauthask.xul)
- content/pippki/createCertInfo.js (content/createCertInfo.js)
- content/pippki/createCertInfo.xul (content/createCertInfo.xul)
content/pippki/deletecert.js (content/deletecert.js)
content/pippki/deletecert.xul (content/deletecert.xul)
content/pippki/device_manager.js (content/device_manager.js)
content/pippki/device_manager.xul (content/device_manager.xul)
content/pippki/downloadcert.js (content/downloadcert.js)
content/pippki/downloadcert.xul (content/downloadcert.xul)
content/pippki/editcacert.js (content/editcacert.js)
content/pippki/editcacert.xul (content/editcacert.xul)
--- a/security/manager/ssl/ContentSignatureVerifier.h
+++ b/security/manager/ssl/ContentSignatureVerifier.h
@@ -5,19 +5,22 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef ContentSignatureVerifier_h
#define ContentSignatureVerifier_h
#include "cert.h"
#include "CSTrustDomain.h"
+#include "nsIChannel.h"
#include "nsIContentSignatureVerifier.h"
+#include "nsIInterfaceRequestor.h"
#include "nsIStreamListener.h"
#include "nsString.h"
+#include "nsTArray.h"
#include "ScopedNSSTypes.h"
// 45a5fe2f-c350-4b86-962d-02d5aaaa955a
#define NS_CONTENTSIGNATUREVERIFIER_CID \
{ 0x45a5fe2f, 0xc350, 0x4b86, \
{ 0x96, 0x2d, 0x02, 0xd5, 0xaa, 0xaa, 0x95, 0x5a } }
#define NS_CONTENTSIGNATUREVERIFIER_CONTRACTID \
"@mozilla.org/security/contentsignatureverifier;1"
deleted file mode 100644
--- a/security/manager/ssl/crashtests/398665-1.html
+++ /dev/null
@@ -1,1 +0,0 @@
-<html><body><keygen></keygen></body></html>
deleted file mode 100644
--- a/security/manager/ssl/crashtests/crashtests.list
+++ /dev/null
@@ -1,1 +0,0 @@
-load 398665-1.html
--- a/security/manager/ssl/moz.build
+++ b/security/manager/ssl/moz.build
@@ -14,18 +14,16 @@ XPIDL_SOURCES += [
'nsIBadCertListener2.idl',
'nsICertBlocklist.idl',
'nsICertificateDialogs.idl',
'nsICertOverrideService.idl',
'nsIClientAuthDialogs.idl',
'nsIContentSignatureVerifier.idl',
'nsICryptoHash.idl',
'nsICryptoHMAC.idl',
- 'nsIGenKeypairInfoDlg.idl',
- 'nsIKeygenThread.idl',
'nsIKeyModule.idl',
'nsILocalCertService.idl',
'nsINSSErrorsService.idl',
'nsINSSVersion.idl',
'nsIPK11Token.idl',
'nsIPK11TokenDB.idl',
'nsIPKCS11Module.idl',
'nsIPKCS11ModuleDB.idl',
@@ -92,19 +90,17 @@ UNIFIED_SOURCES += [
'ContentSignatureVerifier.cpp',
'CryptoTask.cpp',
'CSTrustDomain.cpp',
'DataStorage.cpp',
'LocalCertService.cpp',
'nsCertOverrideService.cpp',
'nsClientAuthRemember.cpp',
'nsCryptoHash.cpp',
- 'nsKeygenHandler.cpp',
- 'nsKeygenHandlerContent.cpp',
- 'nsKeygenThread.cpp',
+
'nsKeyModule.cpp',
'nsNSSASN1Object.cpp',
'nsNSSCallbacks.cpp',
'nsNSSCertHelper.cpp',
'nsNSSCertificate.cpp',
'nsNSSCertificateDB.cpp',
'nsNSSCertTrust.cpp',
'nsNSSCertValidity.cpp',
deleted file mode 100644
--- a/security/manager/ssl/nsIGenKeypairInfoDlg.idl
+++ /dev/null
@@ -1,35 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#include "nsISupports.idl"
-
-interface nsIInterfaceRequestor;
-interface nsIKeygenThread;
-
-/**
- * nsIGeneratingKeypairInfoDialogs
- * This is the interface for giving feedback to the user
- * while generating a key pair.
- */
-[scriptable, uuid(11bf5cdc-1dd2-11b2-ba6a-c76afb326fa1)]
-interface nsIGeneratingKeypairInfoDialogs : nsISupports
-{
- [must_use]
- void displayGeneratingKeypairInfo(in nsIInterfaceRequestor ctx,
- in nsIKeygenThread runnable);
-};
-
-%{C++
-/**
- * This component is to be implemented by the embeddor. It is used to show
- * feedback to the user while a private key is being generated.
- *
- * This component is only ever used on the UI thread.
- *
- * INTERFACES THAT NEED TO BE IMPLEMENTED:
- * nsIGeneratingKeypairInfoDialogs
- */
-#define NS_GENERATINGKEYPAIRINFODIALOGS_CONTRACTID \
- "@mozilla.org/nsGeneratingKeypairInfoDialogs;1"
-%}
deleted file mode 100644
--- a/security/manager/ssl/nsIKeygenThread.idl
+++ /dev/null
@@ -1,50 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-// make sure to include all the required file headers
-
-#include "nsISupports.idl"
-
-interface nsIObserver;
-
-/**
- * nsIKeygenThread
- * This is used to communicate with the thread generating a key pair,
- * to be used by the dialog displaying status information.
- */
-[scriptable, uuid(8712a243-5539-447c-9f47-8653f40c3a09)]
-interface nsIKeygenThread : nsISupports
-{
- /**
- * startKeyGeneration - run the thread
- * A user interface using this interface needs to
- * call this method as soon as the status information
- * is displaying. This will trigger key generation.
- * To allow the closure of the status information,
- * the thread needs a handle to an observer.
- *
- * observer will be called on the UI thread.
- * When the key generation is done, the observe method will
- * be called with a topic of "keygen-finished" and null data
- * and subject.
- */
- [must_use]
- void startKeyGeneration(in nsIObserver observer);
-
- /**
- * userCanceled - notify the thread
- * If the user canceled, the thread is no longer allowed to
- * close the dialog. However, if the thread already closed
- * it, we are not allowed to close it.
- */
- [must_use]
- void userCanceled(out boolean threadAlreadyClosedDialog);
-};
-
-%{ C++
-// {195763b8-1dd2-11b2-a843-eb44e44aaa37}
-#define NS_KEYGENTHREAD_CID \
-{ 0x195763b8, 0x1dd2, 0x11b2, { 0xa8, 0x43, 0xeb, 0x44, 0xe4, 0x4a, 0xaa, 0x37 } }
-#define NS_KEYGENTHREAD_CONTRACTID "@mozilla.org/security/keygenthread;1"
-%}
--- a/security/manager/ssl/nsKeyModule.h
+++ b/security/manager/ssl/nsKeyModule.h
@@ -27,17 +27,17 @@ public:
NS_DECL_NSIKEYOBJECT
private:
~nsKeyObject() {}
// Disallow copy constructor
nsKeyObject(nsKeyObject&);
- UniquePK11SymKey mSymKey;
+ mozilla::UniquePK11SymKey mSymKey;
};
class nsKeyObjectFactory final : public nsIKeyObjectFactory
{
public:
nsKeyObjectFactory() {}
deleted file mode 100644
--- a/security/manager/ssl/nsKeygenHandler.cpp
+++ /dev/null
@@ -1,732 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#include "nsKeygenHandler.h"
-
-#include "cryptohi.h"
-#include "keyhi.h"
-#include "mozilla/Assertions.h"
-#include "mozilla/Base64.h"
-#include "mozilla/Casting.h"
-
-/* Disable the "base class should be explicitly initialized in the
- copy constructor" warning that some bindings structs trigger while
- including Element.h. Looks like it's an inherent part of -Wextra,
- so we can't just disable it in a targeted way in moz.build. */
-#if defined(__clang__)
-#pragma clang diagnostic push
-#pragma clang diagnostic ignored "-Wextra"
-#elif defined(__GNUC__)
-#pragma GCC diagnostic push
-#pragma GCC diagnostic ignored "-Wextra"
-#endif // __clang__ || __GNUC__
-
-#include "mozilla/dom/Element.h"
-
-#if defined(__clang__)
-#pragma clang diagnostic pop
-#elif defined(__GNUC__)
-#pragma GCC diagnostic pop
-#endif // __clang__ || __GNUC__
-
-#include "nsDependentString.h"
-#include "nsIContent.h"
-#include "nsIGenKeypairInfoDlg.h"
-#include "nsIServiceManager.h"
-#include "nsITokenDialogs.h"
-#include "nsKeygenHandlerContent.h"
-#include "nsKeygenThread.h"
-#include "nsMemory.h"
-#include "nsNSSHelper.h"
-#include "nsReadableUtils.h"
-#include "nsUnicharUtils.h"
-#include "nsXULAppAPI.h"
-#include "nspr.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "secdert.h"
-
-using mozilla::dom::Element;
-
-//These defines are taken from the PKCS#11 spec
-#define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000
-#define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020
-
-DERTemplate SECAlgorithmIDTemplate[] = {
- { DER_SEQUENCE,
- 0, nullptr, sizeof(SECAlgorithmID) },
- { DER_OBJECT_ID,
- offsetof(SECAlgorithmID,algorithm), },
- { DER_OPTIONAL | DER_ANY,
- offsetof(SECAlgorithmID,parameters), },
- { 0, }
-};
-
-DERTemplate CERTSubjectPublicKeyInfoTemplate[] = {
- { DER_SEQUENCE,
- 0, nullptr, sizeof(CERTSubjectPublicKeyInfo) },
- { DER_INLINE,
- offsetof(CERTSubjectPublicKeyInfo,algorithm),
- SECAlgorithmIDTemplate, },
- { DER_BIT_STRING,
- offsetof(CERTSubjectPublicKeyInfo,subjectPublicKey), },
- { 0, }
-};
-
-DERTemplate CERTPublicKeyAndChallengeTemplate[] =
-{
- { DER_SEQUENCE, 0, nullptr, sizeof(CERTPublicKeyAndChallenge) },
- { DER_ANY, offsetof(CERTPublicKeyAndChallenge,spki), },
- { DER_IA5_STRING, offsetof(CERTPublicKeyAndChallenge,challenge), },
- { 0, }
-};
-
-typedef struct curveNameTagPairStr {
- const char *curveName;
- SECOidTag curveOidTag;
-} CurveNameTagPair;
-
-static CurveNameTagPair nameTagPair[] =
-{
- { "prime192v1", SEC_OID_ANSIX962_EC_PRIME192V1 },
- { "prime192v2", SEC_OID_ANSIX962_EC_PRIME192V2 },
- { "prime192v3", SEC_OID_ANSIX962_EC_PRIME192V3 },
- { "prime239v1", SEC_OID_ANSIX962_EC_PRIME239V1 },
- { "prime239v2", SEC_OID_ANSIX962_EC_PRIME239V2 },
- { "prime239v3", SEC_OID_ANSIX962_EC_PRIME239V3 },
- { "prime256v1", SEC_OID_ANSIX962_EC_PRIME256V1 },
-
- { "secp112r1", SEC_OID_SECG_EC_SECP112R1},
- { "secp112r2", SEC_OID_SECG_EC_SECP112R2},
- { "secp128r1", SEC_OID_SECG_EC_SECP128R1},
- { "secp128r2", SEC_OID_SECG_EC_SECP128R2},
- { "secp160k1", SEC_OID_SECG_EC_SECP160K1},
- { "secp160r1", SEC_OID_SECG_EC_SECP160R1},
- { "secp160r2", SEC_OID_SECG_EC_SECP160R2},
- { "secp192k1", SEC_OID_SECG_EC_SECP192K1},
- { "secp192r1", SEC_OID_ANSIX962_EC_PRIME192V1 },
- { "nistp192", SEC_OID_ANSIX962_EC_PRIME192V1 },
- { "secp224k1", SEC_OID_SECG_EC_SECP224K1},
- { "secp224r1", SEC_OID_SECG_EC_SECP224R1},
- { "nistp224", SEC_OID_SECG_EC_SECP224R1},
- { "secp256k1", SEC_OID_SECG_EC_SECP256K1},
- { "secp256r1", SEC_OID_ANSIX962_EC_PRIME256V1 },
- { "nistp256", SEC_OID_ANSIX962_EC_PRIME256V1 },
- { "secp384r1", SEC_OID_SECG_EC_SECP384R1},
- { "nistp384", SEC_OID_SECG_EC_SECP384R1},
- { "secp521r1", SEC_OID_SECG_EC_SECP521R1},
- { "nistp521", SEC_OID_SECG_EC_SECP521R1},
-
- { "c2pnb163v1", SEC_OID_ANSIX962_EC_C2PNB163V1 },
- { "c2pnb163v2", SEC_OID_ANSIX962_EC_C2PNB163V2 },
- { "c2pnb163v3", SEC_OID_ANSIX962_EC_C2PNB163V3 },
- { "c2pnb176v1", SEC_OID_ANSIX962_EC_C2PNB176V1 },
- { "c2tnb191v1", SEC_OID_ANSIX962_EC_C2TNB191V1 },
- { "c2tnb191v2", SEC_OID_ANSIX962_EC_C2TNB191V2 },
- { "c2tnb191v3", SEC_OID_ANSIX962_EC_C2TNB191V3 },
- { "c2onb191v4", SEC_OID_ANSIX962_EC_C2ONB191V4 },
- { "c2onb191v5", SEC_OID_ANSIX962_EC_C2ONB191V5 },
- { "c2pnb208w1", SEC_OID_ANSIX962_EC_C2PNB208W1 },
- { "c2tnb239v1", SEC_OID_ANSIX962_EC_C2TNB239V1 },
- { "c2tnb239v2", SEC_OID_ANSIX962_EC_C2TNB239V2 },
- { "c2tnb239v3", SEC_OID_ANSIX962_EC_C2TNB239V3 },
- { "c2onb239v4", SEC_OID_ANSIX962_EC_C2ONB239V4 },
- { "c2onb239v5", SEC_OID_ANSIX962_EC_C2ONB239V5 },
- { "c2pnb272w1", SEC_OID_ANSIX962_EC_C2PNB272W1 },
- { "c2pnb304w1", SEC_OID_ANSIX962_EC_C2PNB304W1 },
- { "c2tnb359v1", SEC_OID_ANSIX962_EC_C2TNB359V1 },
- { "c2pnb368w1", SEC_OID_ANSIX962_EC_C2PNB368W1 },
- { "c2tnb431r1", SEC_OID_ANSIX962_EC_C2TNB431R1 },
-
- { "sect113r1", SEC_OID_SECG_EC_SECT113R1},
- { "sect113r2", SEC_OID_SECG_EC_SECT113R2},
- { "sect131r1", SEC_OID_SECG_EC_SECT131R1},
- { "sect131r2", SEC_OID_SECG_EC_SECT131R2},
- { "sect163k1", SEC_OID_SECG_EC_SECT163K1},
- { "nistk163", SEC_OID_SECG_EC_SECT163K1},
- { "sect163r1", SEC_OID_SECG_EC_SECT163R1},
- { "sect163r2", SEC_OID_SECG_EC_SECT163R2},
- { "nistb163", SEC_OID_SECG_EC_SECT163R2},
- { "sect193r1", SEC_OID_SECG_EC_SECT193R1},
- { "sect193r2", SEC_OID_SECG_EC_SECT193R2},
- { "sect233k1", SEC_OID_SECG_EC_SECT233K1},
- { "nistk233", SEC_OID_SECG_EC_SECT233K1},
- { "sect233r1", SEC_OID_SECG_EC_SECT233R1},
- { "nistb233", SEC_OID_SECG_EC_SECT233R1},
- { "sect239k1", SEC_OID_SECG_EC_SECT239K1},
- { "sect283k1", SEC_OID_SECG_EC_SECT283K1},
- { "nistk283", SEC_OID_SECG_EC_SECT283K1},
- { "sect283r1", SEC_OID_SECG_EC_SECT283R1},
- { "nistb283", SEC_OID_SECG_EC_SECT283R1},
- { "sect409k1", SEC_OID_SECG_EC_SECT409K1},
- { "nistk409", SEC_OID_SECG_EC_SECT409K1},
- { "sect409r1", SEC_OID_SECG_EC_SECT409R1},
- { "nistb409", SEC_OID_SECG_EC_SECT409R1},
- { "sect571k1", SEC_OID_SECG_EC_SECT571K1},
- { "nistk571", SEC_OID_SECG_EC_SECT571K1},
- { "sect571r1", SEC_OID_SECG_EC_SECT571R1},
- { "nistb571", SEC_OID_SECG_EC_SECT571R1},
-
-};
-
-mozilla::UniqueSECItem
-DecodeECParams(const char* curve)
-{
- SECOidData *oidData = nullptr;
- SECOidTag curveOidTag = SEC_OID_UNKNOWN; /* default */
- int i, numCurves;
-
- if (curve && *curve) {
- numCurves = sizeof(nameTagPair)/sizeof(CurveNameTagPair);
- for (i = 0; ((i < numCurves) && (curveOidTag == SEC_OID_UNKNOWN));
- i++) {
- if (PL_strcmp(curve, nameTagPair[i].curveName) == 0)
- curveOidTag = nameTagPair[i].curveOidTag;
- }
- }
-
- /* Return nullptr if curve name is not recognized */
- if ((curveOidTag == SEC_OID_UNKNOWN) ||
- (oidData = SECOID_FindOIDByTag(curveOidTag)) == nullptr) {
- return nullptr;
- }
-
- mozilla::UniqueSECItem ecparams(SECITEM_AllocItem(nullptr, nullptr,
- 2 + oidData->oid.len));
- if (!ecparams) {
- return nullptr;
- }
-
- /*
- * ecparams->data needs to contain the ASN encoding of an object ID (OID)
- * representing the named curve. The actual OID is in
- * oidData->oid.data so we simply prepend 0x06 and OID length
- */
- ecparams->data[0] = SEC_ASN1_OBJECT_ID;
- ecparams->data[1] = oidData->oid.len;
- memcpy(ecparams->data + 2, oidData->oid.data, oidData->oid.len);
-
- return ecparams;
-}
-
-NS_IMPL_ISUPPORTS(nsKeygenFormProcessor, nsIFormProcessor)
-
-nsKeygenFormProcessor::nsKeygenFormProcessor()
-{
- m_ctx = new PipUIContext();
-}
-
-nsresult
-nsKeygenFormProcessor::Create(nsISupports* aOuter, const nsIID& aIID, void* *aResult)
-{
- if (GeckoProcessType_Content == XRE_GetProcessType()) {
- nsCOMPtr<nsISupports> contentProcessor = new nsKeygenFormProcessorContent();
- return contentProcessor->QueryInterface(aIID, aResult);
- }
-
- nsresult rv;
- NS_ENSURE_NO_AGGREGATION(aOuter);
- nsKeygenFormProcessor* formProc = new nsKeygenFormProcessor();
-
- nsCOMPtr<nsISupports> stabilize = formProc;
- rv = formProc->Init();
- if (NS_SUCCEEDED(rv)) {
- rv = formProc->QueryInterface(aIID, aResult);
- }
- return rv;
-}
-
-nsresult
-nsKeygenFormProcessor::Init()
-{
- // Init possible key size choices.
- GetPIPNSSBundleString("HighGrade", mSECKeySizeChoiceList[0].name);
- mSECKeySizeChoiceList[0].size = 2048;
-
- GetPIPNSSBundleString("MediumGrade", mSECKeySizeChoiceList[1].name);
- mSECKeySizeChoiceList[1].size = 1024;
-
- return NS_OK;
-}
-
-nsresult
-nsKeygenFormProcessor::GetSlot(uint32_t aMechanism, PK11SlotInfo** aSlot)
-{
- return GetSlotWithMechanism(aMechanism, m_ctx, aSlot);
-}
-
-uint32_t MapGenMechToAlgoMech(uint32_t mechanism)
-{
- uint32_t searchMech;
-
- /* We are interested in slots based on the ability to perform
- a given algorithm, not on their ability to generate keys usable
- by that algorithm. Therefore, map keygen-specific mechanism tags
- to tags for the corresponding crypto algorithm. */
- switch(mechanism)
- {
- case CKM_RSA_PKCS_KEY_PAIR_GEN:
- searchMech = CKM_RSA_PKCS;
- break;
- case CKM_RC4_KEY_GEN:
- searchMech = CKM_RC4;
- break;
- case CKM_DH_PKCS_KEY_PAIR_GEN:
- searchMech = CKM_DH_PKCS_DERIVE; /* ### mwelch is this right? */
- break;
- case CKM_DES_KEY_GEN:
- /* What do we do about DES keygen? Right now, we're just using
- DES_KEY_GEN to look for tokens, because otherwise we'll have
- to search the token list three times. */
- case CKM_EC_KEY_PAIR_GEN:
- /* The default should also work for EC key pair generation. */
- default:
- searchMech = mechanism;
- break;
- }
- return searchMech;
-}
-
-
-nsresult
-GetSlotWithMechanism(uint32_t aMechanism, nsIInterfaceRequestor* m_ctx,
- PK11SlotInfo** aSlot)
-{
- PK11SlotList * slotList = nullptr;
- char16_t** tokenNameList = nullptr;
- nsCOMPtr<nsITokenDialogs> dialogs;
- nsAutoString tokenStr;
- PK11SlotListElement *slotElement, *tmpSlot;
- uint32_t numSlots = 0, i = 0;
- bool canceled;
- nsresult rv = NS_OK;
-
- *aSlot = nullptr;
-
- // Get the slot
- slotList = PK11_GetAllTokens(MapGenMechToAlgoMech(aMechanism),
- true, true, m_ctx);
- if (!slotList || !slotList->head) {
- rv = NS_ERROR_FAILURE;
- goto loser;
- }
-
- if (!slotList->head->next) {
- /* only one slot available, just return it */
- *aSlot = slotList->head->slot;
- } else {
- // Gerenate a list of slots and ask the user to choose //
- tmpSlot = slotList->head;
- while (tmpSlot) {
- numSlots++;
- tmpSlot = tmpSlot->next;
- }
-
- // Allocate the slot name buffer //
- tokenNameList = static_cast<char16_t**>(moz_xmalloc(sizeof(char16_t *) * numSlots));
- if (!tokenNameList) {
- rv = NS_ERROR_OUT_OF_MEMORY;
- goto loser;
- }
-
- i = 0;
- slotElement = PK11_GetFirstSafe(slotList);
- while (slotElement) {
- tokenNameList[i] = UTF8ToNewUnicode(nsDependentCString(PK11_GetTokenName(slotElement->slot)));
- slotElement = PK11_GetNextSafe(slotList, slotElement, false);
- if (tokenNameList[i])
- i++;
- else {
- // OOM. adjust numSlots so we don't free unallocated memory.
- numSlots = i;
- PK11_FreeSlotListElement(slotList, slotElement);
- rv = NS_ERROR_OUT_OF_MEMORY;
- goto loser;
- }
- }
-
- // Throw up the token list dialog and get back the token.
- rv = getNSSDialogs(getter_AddRefs(dialogs), NS_GET_IID(nsITokenDialogs),
- NS_TOKENDIALOGS_CONTRACTID);
-
- if (NS_FAILED(rv)) {
- goto loser;
- }
-
- if (!tokenNameList || !*tokenNameList) {
- rv = NS_ERROR_OUT_OF_MEMORY;
- } else {
- rv = dialogs->ChooseToken(m_ctx, (const char16_t**)tokenNameList,
- numSlots, tokenStr, &canceled);
- }
- if (NS_FAILED(rv)) goto loser;
-
- if (canceled) { rv = NS_ERROR_NOT_AVAILABLE; goto loser; }
-
- // Get the slot //
- slotElement = PK11_GetFirstSafe(slotList);
- while (slotElement) {
- if (tokenStr.Equals(NS_ConvertUTF8toUTF16(PK11_GetTokenName(slotElement->slot)))) {
- *aSlot = slotElement->slot;
- PK11_FreeSlotListElement(slotList, slotElement);
- break;
- }
- slotElement = PK11_GetNextSafe(slotList, slotElement, false);
- }
- if(!(*aSlot)) {
- rv = NS_ERROR_FAILURE;
- goto loser;
- }
- }
-
- // Get a reference to the slot //
- PK11_ReferenceSlot(*aSlot);
-loser:
- if (slotList) {
- PK11_FreeSlotList(slotList);
- }
- if (tokenNameList) {
- NS_FREE_XPCOM_ALLOCATED_POINTER_ARRAY(numSlots, tokenNameList);
- }
- return rv;
-}
-
-nsresult
-nsKeygenFormProcessor::GetPublicKey(const nsAString& aValue,
- const nsAString& aChallenge,
- const nsString& aKeyType,
- nsAString& aOutPublicKey,
- const nsAString& aKeyParams)
-{
- nsresult rv = NS_ERROR_FAILURE;
- nsAutoCString keystring;
- char *keyparamsString = nullptr;
- uint32_t keyGenMechanism;
- PK11SlotInfo *slot = nullptr;
- PK11RSAGenParams rsaParams;
- mozilla::UniqueSECItem ecParams;
- SECOidTag algTag;
- int keysize = 0;
- void *params = nullptr; // Non-owning.
- SECKEYPrivateKey *privateKey = nullptr;
- SECKEYPublicKey *publicKey = nullptr;
- CERTSubjectPublicKeyInfo *spkInfo = nullptr;
- SECStatus srv = SECFailure;
- SECItem spkiItem;
- SECItem pkacItem;
- SECItem signedItem;
- nsDependentCSubstring signedItemStr;
- CERTPublicKeyAndChallenge pkac;
- pkac.challenge.data = nullptr;
- nsCOMPtr<nsIGeneratingKeypairInfoDialogs> dialogs;
- nsKeygenThread *KeygenRunnable = 0;
- nsCOMPtr<nsIKeygenThread> runnable;
-
- // permanent and sensitive flags for keygen
- PK11AttrFlags attrFlags = PK11_ATTR_TOKEN | PK11_ATTR_SENSITIVE | PK11_ATTR_PRIVATE;
-
- UniquePLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
- if (!arena) {
- goto loser;
- }
-
- // Get the key size //
- for (size_t i = 0; i < number_of_key_size_choices; ++i) {
- if (aValue.Equals(mSECKeySizeChoiceList[i].name)) {
- keysize = mSECKeySizeChoiceList[i].size;
- break;
- }
- }
- if (!keysize) {
- goto loser;
- }
-
- // Set the keygen mechanism
- if (aKeyType.IsEmpty() || aKeyType.LowerCaseEqualsLiteral("rsa")) {
- keyGenMechanism = CKM_RSA_PKCS_KEY_PAIR_GEN;
- } else if (aKeyType.LowerCaseEqualsLiteral("ec")) {
- keyparamsString = ToNewCString(aKeyParams);
- if (!keyparamsString) {
- rv = NS_ERROR_OUT_OF_MEMORY;
- goto loser;
- }
-
- keyGenMechanism = CKM_EC_KEY_PAIR_GEN;
- /* ecParams are initialized later */
- } else {
- goto loser;
- }
-
- // Get the slot
- rv = GetSlot(keyGenMechanism, &slot);
- if (NS_FAILED(rv)) {
- goto loser;
- }
- switch (keyGenMechanism) {
- case CKM_RSA_PKCS_KEY_PAIR_GEN:
- rsaParams.keySizeInBits = keysize;
- rsaParams.pe = DEFAULT_RSA_KEYGEN_PE;
- algTag = DEFAULT_RSA_KEYGEN_ALG;
- params = &rsaParams;
- break;
- case CKM_EC_KEY_PAIR_GEN:
- /* XXX We ought to rethink how the KEYGEN tag is
- * displayed. The pulldown selections presented
- * to the user must depend on the keytype.
- * The displayed selection could be picked
- * from the keyparams attribute (this is currently called
- * the pqg attribute).
- * For now, we pick ecparams from the keyparams field
- * if it specifies a valid supported curve, or else
- * we pick one of secp384r1, secp256r1 or secp192r1
- * respectively depending on the user's selection
- * (High, Medium, Low).
- * (RSA uses RSA-2048, RSA-1024 and RSA-512 for historical
- * reasons, while ECC choices represent a stronger mapping)
- * NOTE: The user's selection
- * is silently ignored when a valid curve is presented
- * in keyparams.
- */
- ecParams = DecodeECParams(keyparamsString);
- if (!ecParams) {
- /* The keyparams attribute did not specify a valid
- * curve name so use a curve based on the keysize.
- * NOTE: Here keysize is used only as an indication of
- * High/Medium/Low strength; elliptic curve
- * cryptography uses smaller keys than RSA to provide
- * equivalent security.
- */
- switch (keysize) {
- case 2048:
- ecParams = DecodeECParams("secp384r1");
- break;
- case 1024:
- case 512:
- ecParams = DecodeECParams("secp256r1");
- break;
- }
- }
- MOZ_ASSERT(ecParams);
- params = ecParams.get();
- /* XXX The signature algorithm ought to choose the hashing
- * algorithm based on key size once ECDSA variations based
- * on SHA256 SHA384 and SHA512 are standardized.
- */
- algTag = SEC_OID_ANSIX962_ECDSA_SIGNATURE_WITH_SHA1_DIGEST;
- break;
- default:
- goto loser;
- }
-
- /* Make sure token is initialized. */
- rv = setPassword(slot, m_ctx);
- if (NS_FAILED(rv))
- goto loser;
-
- srv = PK11_Authenticate(slot, true, m_ctx);
- if (srv != SECSuccess) {
- goto loser;
- }
-
- rv = getNSSDialogs(getter_AddRefs(dialogs),
- NS_GET_IID(nsIGeneratingKeypairInfoDialogs),
- NS_GENERATINGKEYPAIRINFODIALOGS_CONTRACTID);
-
- if (NS_SUCCEEDED(rv)) {
- KeygenRunnable = new nsKeygenThread();
- NS_IF_ADDREF(KeygenRunnable);
- }
-
- if (NS_FAILED(rv) || !KeygenRunnable) {
- rv = NS_OK;
- privateKey = PK11_GenerateKeyPairWithFlags(slot, keyGenMechanism, params,
- &publicKey, attrFlags, m_ctx);
- } else {
- KeygenRunnable->SetParams( slot, attrFlags, nullptr, 0,
- keyGenMechanism, params, m_ctx );
-
- runnable = do_QueryInterface(KeygenRunnable);
- if (runnable) {
- rv = dialogs->DisplayGeneratingKeypairInfo(m_ctx, runnable);
- // We call join on the thread so we can be sure that no
- // simultaneous access to the passed parameters will happen.
- KeygenRunnable->Join();
-
- if (NS_SUCCEEDED(rv)) {
- PK11SlotInfo *used_slot = nullptr;
- rv = KeygenRunnable->ConsumeResult(&used_slot, &privateKey, &publicKey);
- if (NS_SUCCEEDED(rv) && used_slot) {
- PK11_FreeSlot(used_slot);
- }
- }
- }
- }
-
- if (NS_FAILED(rv) || !privateKey) {
- goto loser;
- }
- // just in case we'll need to authenticate to the db -jp //
- privateKey->wincx = m_ctx;
-
- /*
- * Create a subject public key info from the public key.
- */
- spkInfo = SECKEY_CreateSubjectPublicKeyInfo(publicKey);
- if ( !spkInfo ) {
- goto loser;
- }
-
- /*
- * Now DER encode the whole subjectPublicKeyInfo.
- */
- srv = DER_Encode(arena.get(), &spkiItem, CERTSubjectPublicKeyInfoTemplate,
- spkInfo);
- if (srv != SECSuccess) {
- goto loser;
- }
-
- /*
- * set up the PublicKeyAndChallenge data structure, then DER encode it
- */
- pkac.spki = spkiItem;
- pkac.challenge.len = aChallenge.Length();
- pkac.challenge.data = (unsigned char *)ToNewCString(aChallenge);
- if (!pkac.challenge.data) {
- rv = NS_ERROR_OUT_OF_MEMORY;
- goto loser;
- }
-
- srv = DER_Encode(arena.get(), &pkacItem, CERTPublicKeyAndChallengeTemplate,
- &pkac);
- if (srv != SECSuccess) {
- goto loser;
- }
-
- /*
- * now sign the DER encoded PublicKeyAndChallenge
- */
- srv = SEC_DerSignData(arena.get(), &signedItem, pkacItem.data, pkacItem.len,
- privateKey, algTag);
- if (srv != SECSuccess) {
- goto loser;
- }
-
- /*
- * Convert the signed public key and challenge into base64/ascii.
- */
- signedItemStr.Assign(
- mozilla::BitwiseCast<char*, unsigned char*>(signedItem.data),
- signedItem.len);
- rv = mozilla::Base64Encode(signedItemStr, keystring);
- if (NS_FAILED(rv)) {
- goto loser;
- }
-
- CopyASCIItoUTF16(keystring, aOutPublicKey);
-
- rv = NS_OK;
-
-loser:
- if (srv != SECSuccess) {
- if ( privateKey ) {
- PK11_DestroyTokenObject(privateKey->pkcs11Slot,privateKey->pkcs11ID);
- }
- if ( publicKey ) {
- PK11_DestroyTokenObject(publicKey->pkcs11Slot,publicKey->pkcs11ID);
- }
- }
- if ( spkInfo ) {
- SECKEY_DestroySubjectPublicKeyInfo(spkInfo);
- }
- if ( publicKey ) {
- SECKEY_DestroyPublicKey(publicKey);
- }
- if ( privateKey ) {
- SECKEY_DestroyPrivateKey(privateKey);
- }
- if (slot) {
- PK11_FreeSlot(slot);
- }
- if (KeygenRunnable) {
- NS_RELEASE(KeygenRunnable);
- }
- if (keyparamsString) {
- free(keyparamsString);
- }
- if (pkac.challenge.data) {
- free(pkac.challenge.data);
- }
- return rv;
-}
-
-// static
-void
-nsKeygenFormProcessor::ExtractParams(Element* aElement,
- nsAString& challengeValue,
- nsAString& keyTypeValue,
- nsAString& keyParamsValue)
-{
- aElement->GetAttribute(NS_LITERAL_STRING("keytype"), keyTypeValue);
- if (keyTypeValue.IsEmpty()) {
- // If this field is not present, we default to rsa.
- keyTypeValue.AssignLiteral("rsa");
- }
-
- aElement->GetAttribute(NS_LITERAL_STRING("pqg"),
- keyParamsValue);
- /* XXX We can still support the pqg attribute in the keygen
- * tag for backward compatibility while introducing a more
- * general attribute named keyparams.
- */
- if (keyParamsValue.IsEmpty()) {
- aElement->GetAttribute(NS_LITERAL_STRING("keyparams"),
- keyParamsValue);
- }
-
- aElement->GetAttribute(NS_LITERAL_STRING("challenge"), challengeValue);
-}
-
-nsresult
-nsKeygenFormProcessor::ProcessValue(Element* aElement,
- const nsAString& aName,
- nsAString& aValue)
-{
- nsAutoString challengeValue;
- nsAutoString keyTypeValue;
- nsAutoString keyParamsValue;
- ExtractParams(aElement, challengeValue, keyTypeValue, keyParamsValue);
-
- return GetPublicKey(aValue, challengeValue, keyTypeValue,
- aValue, keyParamsValue);
-}
-
-nsresult
-nsKeygenFormProcessor::ProcessValueIPC(const nsAString& aOldValue,
- const nsAString& aChallenge,
- const nsAString& aKeyType,
- const nsAString& aKeyParams,
- nsAString& newValue)
-{
- return GetPublicKey(aOldValue, aChallenge, PromiseFlatString(aKeyType),
- newValue, aKeyParams);
-}
-
-nsresult
-nsKeygenFormProcessor::ProvideContent(const nsAString& aFormType,
- nsTArray<nsString>& aContent,
- nsAString& aAttribute)
-{
- if (Compare(aFormType, NS_LITERAL_STRING("SELECT"),
- nsCaseInsensitiveStringComparator()) == 0) {
-
- for (size_t i = 0; i < number_of_key_size_choices; ++i) {
- aContent.AppendElement(mSECKeySizeChoiceList[i].name);
- }
- aAttribute.AssignLiteral("-mozilla-keygen");
- }
- return NS_OK;
-}
-
deleted file mode 100644
--- a/security/manager/ssl/nsKeygenHandler.h
+++ /dev/null
@@ -1,77 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#ifndef nsKeygenHandler_h
-#define nsKeygenHandler_h
-
-#include "ScopedNSSTypes.h"
-#include "keythi.h"
-#include "nsCOMPtr.h"
-#include "nsError.h"
-#include "nsIFormProcessor.h"
-#include "nsIInterfaceRequestor.h"
-#include "nsString.h"
-#include "nsTArray.h"
-#include "secmodt.h"
-
-nsresult GetSlotWithMechanism(uint32_t mechanism,
- nsIInterfaceRequestor* ctx,
- PK11SlotInfo** retSlot);
-
-#define DEFAULT_RSA_KEYGEN_PE 65537L
-#define DEFAULT_RSA_KEYGEN_ALG SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION
-
-mozilla::UniqueSECItem DecodeECParams(const char* curve);
-
-class nsKeygenFormProcessor : public nsIFormProcessor
-{
-public:
- nsKeygenFormProcessor();
- nsresult Init();
-
- virtual nsresult ProcessValue(mozilla::dom::Element* aElement,
- const nsAString& aName,
- nsAString& aValue) override;
-
- virtual nsresult ProcessValueIPC(const nsAString& aOldValue,
- const nsAString& aChallenge,
- const nsAString& aKeyType,
- const nsAString& aKeyParams,
- nsAString& aNewValue) override;
-
- virtual nsresult ProvideContent(const nsAString& aFormType,
- nsTArray<nsString>& aContent,
- nsAString& aAttribute) override;
- NS_DECL_THREADSAFE_ISUPPORTS
-
- static nsresult Create(nsISupports* aOuter, const nsIID& aIID, void* *aResult);
-
- static void ExtractParams(mozilla::dom::Element* aElement,
- nsAString& challengeValue,
- nsAString& keyTypeValue,
- nsAString& keyParamsValue);
-
-protected:
- virtual ~nsKeygenFormProcessor() {}
-
- nsresult GetPublicKey(const nsAString& aValue, const nsAString& aChallenge,
- const nsString& akeyType, nsAString& aOutPublicKey,
- const nsAString& aPqg);
- nsresult GetSlot(uint32_t aMechanism, PK11SlotInfo** aSlot);
-private:
- nsCOMPtr<nsIInterfaceRequestor> m_ctx;
-
- typedef struct SECKeySizeChoiceInfoStr {
- nsString name;
- int size;
- } SECKeySizeChoiceInfo;
-
- enum { number_of_key_size_choices = 2 };
-
- SECKeySizeChoiceInfo mSECKeySizeChoiceList[number_of_key_size_choices];
-};
-
-#endif // nsKeygenHandler_h
deleted file mode 100644
--- a/security/manager/ssl/nsKeygenHandlerContent.cpp
+++ /dev/null
@@ -1,80 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
- * vim: set ts=2 sw=2 sts=2 et tw=80:
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#include "nsKeygenHandlerContent.h"
-
-#include "nsIFormProcessor.h"
-#include "nsString.h"
-
-#include "mozilla/dom/ContentChild.h"
-#include "mozilla/dom/Element.h"
-#include "mozilla/Unused.h"
-
-#include "keythi.h"
-#include "nss.h"
-#include "secmodt.h"
-#include "nsKeygenHandler.h"
-
-using mozilla::dom::ContentChild;
-using mozilla::dom::Element;
-using mozilla::Unused;
-
-NS_IMPL_ISUPPORTS(nsKeygenFormProcessorContent, nsIFormProcessor)
-
-nsKeygenFormProcessorContent::nsKeygenFormProcessorContent()
-{
-}
-
-nsKeygenFormProcessorContent::~nsKeygenFormProcessorContent()
-{
-}
-
-nsresult
-nsKeygenFormProcessorContent::ProcessValue(Element* aElement,
- const nsAString& aName,
- nsAString& aValue)
-{
- nsAutoString challengeValue;
- nsAutoString keyTypeValue;
- nsAutoString keyParamsValue;
- nsKeygenFormProcessor::ExtractParams(aElement, challengeValue, keyTypeValue, keyParamsValue);
-
- ContentChild* child = ContentChild::GetSingleton();
-
- nsString oldValue(aValue);
- nsString newValue;
- Unused << child->SendKeygenProcessValue(oldValue, challengeValue,
- keyTypeValue, keyParamsValue,
- &newValue);
-
- aValue.Assign(newValue);
- return NS_OK;
-}
-
-nsresult
-nsKeygenFormProcessorContent::ProcessValueIPC(const nsAString& aOldValue,
- const nsAString& aChallenge,
- const nsAString& aKeyType,
- const nsAString& aKeyParams,
- nsAString& aNewValue)
-{
- MOZ_ASSERT(false, "should never be called in the child process");
- return NS_ERROR_UNEXPECTED;
-}
-
-nsresult
-nsKeygenFormProcessorContent::ProvideContent(const nsAString& aFormType,
- nsTArray<nsString>& aContent,
- nsAString& aAttribute)
-{
- nsString attribute;
- Unused <<
- ContentChild::GetSingleton()->SendKeygenProvideContent(&attribute,
- &aContent);
- aAttribute.Assign(attribute);
- return NS_OK;
-}
deleted file mode 100644
--- a/security/manager/ssl/nsKeygenHandlerContent.h
+++ /dev/null
@@ -1,46 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
- * vim: set ts=2 sw=2 sts=2 et tw=80:
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#ifndef nsKeygenHandlerContent_h
-#define nsKeygenHandlerContent_h
-
-#include "mozilla/Attributes.h"
-#include "nsIFormProcessor.h"
-#include "nsStringFwd.h"
-#include "nsTArray.h"
-
-namespace mozilla {
-namespace dom {
-class Element;
-} // namespace dom
-} // namespace mozilla
-
-class nsKeygenFormProcessorContent final : public nsIFormProcessor {
-public:
- nsKeygenFormProcessorContent();
-
- virtual nsresult ProcessValue(mozilla::dom::Element* aElement,
- const nsAString& aName,
- nsAString& aValue) override;
-
- virtual nsresult ProcessValueIPC(const nsAString& aOldValue,
- const nsAString& aChallenge,
- const nsAString& aKeyType,
- const nsAString& aKeyParams,
- nsAString& aNewValue) override;
-
- virtual nsresult ProvideContent(const nsAString& aFormType,
- nsTArray<nsString>& aContent,
- nsAString& aAttribute) override;
-
- NS_DECL_ISUPPORTS
-
-protected:
- ~nsKeygenFormProcessorContent();
-};
-
-#endif // nsKeygenHandlerContent_h
deleted file mode 100644
--- a/security/manager/ssl/nsKeygenThread.cpp
+++ /dev/null
@@ -1,253 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#include "nsKeygenThread.h"
-
-#include "mozilla/Assertions.h"
-#include "mozilla/DebugOnly.h"
-
-#include "GeckoProfiler.h"
-#include "PSMRunnable.h"
-#include "nsCOMPtr.h"
-#include "nsIObserver.h"
-#include "nsThreadUtils.h"
-#include "pk11func.h"
-
-using namespace mozilla;
-using namespace mozilla::psm;
-
-NS_IMPL_ISUPPORTS(nsKeygenThread, nsIKeygenThread)
-
-
-nsKeygenThread::nsKeygenThread()
-:mutex("nsKeygenThread.mutex"),
- iAmRunning(false),
- keygenReady(false),
- statusDialogClosed(false),
- alreadyReceivedParams(false),
- privateKey(nullptr),
- publicKey(nullptr),
- slot(nullptr),
- flags(0),
- altSlot(nullptr),
- altFlags(0),
- usedSlot(nullptr),
- keyGenMechanism(0),
- params(nullptr),
- wincx(nullptr),
- threadHandle(nullptr)
-{
-}
-
-nsKeygenThread::~nsKeygenThread()
-{
- // clean up in the unlikely case that nobody consumed our results
-
- if (privateKey)
- SECKEY_DestroyPrivateKey(privateKey);
-
- if (publicKey)
- SECKEY_DestroyPublicKey(publicKey);
-
- if (usedSlot)
- PK11_FreeSlot(usedSlot);
-}
-
-void nsKeygenThread::SetParams(
- PK11SlotInfo *a_slot,
- PK11AttrFlags a_flags,
- PK11SlotInfo *a_alternative_slot,
- PK11AttrFlags a_alternative_flags,
- uint32_t a_keyGenMechanism,
- void *a_params,
- void *a_wincx )
-{
- MutexAutoLock lock(mutex);
-
- if (!alreadyReceivedParams) {
- alreadyReceivedParams = true;
- slot = (a_slot) ? PK11_ReferenceSlot(a_slot) : nullptr;
- flags = a_flags;
- altSlot = (a_alternative_slot) ? PK11_ReferenceSlot(a_alternative_slot) : nullptr;
- altFlags = a_alternative_flags;
- keyGenMechanism = a_keyGenMechanism;
- params = a_params;
- wincx = a_wincx;
- }
-}
-
-nsresult nsKeygenThread::ConsumeResult(
- PK11SlotInfo **a_used_slot,
- SECKEYPrivateKey **a_privateKey,
- SECKEYPublicKey **a_publicKey)
-{
- if (!a_used_slot || !a_privateKey || !a_publicKey) {
- return NS_ERROR_FAILURE;
- }
-
- nsresult rv;
-
- MutexAutoLock lock(mutex);
-
- // GetParams must not be called until thread creator called
- // Join on this thread.
- MOZ_ASSERT(keygenReady, "Logic error in nsKeygenThread::GetParams");
-
- if (keygenReady) {
- *a_privateKey = privateKey;
- *a_publicKey = publicKey;
- *a_used_slot = usedSlot;
-
- privateKey = 0;
- publicKey = 0;
- usedSlot = 0;
-
- rv = NS_OK;
- }
- else {
- rv = NS_ERROR_FAILURE;
- }
-
- return rv;
-}
-
-static void nsKeygenThreadRunner(void *arg)
-{
- AUTO_PROFILER_REGISTER_THREAD("Keygen");
- NS_SetCurrentThreadName("Keygen");
- nsKeygenThread *self = static_cast<nsKeygenThread *>(arg);
- self->Run();
-}
-
-nsresult nsKeygenThread::StartKeyGeneration(nsIObserver* aObserver)
-{
- if (!NS_IsMainThread()) {
- NS_ERROR("nsKeygenThread::StartKeyGeneration called off the main thread");
- return NS_ERROR_NOT_SAME_THREAD;
- }
-
- if (!aObserver)
- return NS_OK;
-
- MutexAutoLock lock(mutex);
-
- if (iAmRunning || keygenReady) {
- return NS_OK;
- }
-
- // We must AddRef aObserver only here on the main thread, because it
- // probably does not implement a thread-safe AddRef.
- mNotifyObserver = new NotifyObserverRunnable(aObserver, "keygen-finished");
-
- iAmRunning = true;
-
- threadHandle = PR_CreateThread(PR_USER_THREAD, nsKeygenThreadRunner, static_cast<void*>(this),
- PR_PRIORITY_NORMAL, PR_GLOBAL_THREAD, PR_JOINABLE_THREAD, 0);
-
- // bool thread_started_ok = (threadHandle != nullptr);
- // we might want to return "thread started ok" to caller in the future
- MOZ_ASSERT(threadHandle, "Could not create nsKeygenThreadRunner thread");
- return NS_OK;
-}
-
-nsresult nsKeygenThread::UserCanceled(bool *threadAlreadyClosedDialog)
-{
- if (!threadAlreadyClosedDialog)
- return NS_OK;
-
- *threadAlreadyClosedDialog = false;
-
- MutexAutoLock lock(mutex);
-
- if (keygenReady)
- *threadAlreadyClosedDialog = statusDialogClosed;
-
- // User somehow closed the dialog, but we will not cancel.
- // Bad luck, we told him not do, and user still has to wait.
- // However, we remember that it's closed and will not close
- // it again to avoid problems.
- statusDialogClosed = true;
-
- return NS_OK;
-}
-
-void nsKeygenThread::Run(void)
-{
- bool canGenerate = false;
-
- {
- MutexAutoLock lock(mutex);
- if (alreadyReceivedParams) {
- canGenerate = true;
- keygenReady = false;
- }
- }
-
- if (canGenerate) {
- privateKey = PK11_GenerateKeyPairWithFlags(slot, keyGenMechanism,
- params, &publicKey,
- flags, wincx);
-
- if (privateKey) {
- usedSlot = PK11_ReferenceSlot(slot);
- }
- else if (altSlot) {
- privateKey = PK11_GenerateKeyPairWithFlags(altSlot, keyGenMechanism,
- params, &publicKey,
- altFlags, wincx);
- if (privateKey) {
- usedSlot = PK11_ReferenceSlot(altSlot);
- }
- }
- }
-
- // This call gave us ownership over privateKey and publicKey.
- // But as the params structure is owner by our caller,
- // we effectively transferred ownership to the caller.
- // As long as key generation can't be canceled, we don't need
- // to care for cleaning this up.
-
- nsCOMPtr<nsIRunnable> notifyObserver;
- {
- MutexAutoLock lock(mutex);
-
- keygenReady = true;
- iAmRunning = false;
-
- // forget our parameters
- if (slot) {
- PK11_FreeSlot(slot);
- slot = 0;
- }
- if (altSlot) {
- PK11_FreeSlot(altSlot);
- altSlot = 0;
- }
- keyGenMechanism = 0;
- params = 0;
- wincx = 0;
-
- if (!statusDialogClosed && mNotifyObserver)
- notifyObserver = mNotifyObserver;
-
- mNotifyObserver = nullptr;
- }
-
- if (notifyObserver) {
- DebugOnly<nsresult> rv = NS_DispatchToMainThread(notifyObserver);
- MOZ_ASSERT(NS_SUCCEEDED(rv),
- "Failed to dispatch keygen thread observer to main thread");
- }
-}
-
-void nsKeygenThread::Join()
-{
- if (!threadHandle)
- return;
-
- PR_JoinThread(threadHandle);
- threadHandle = nullptr;
-}
deleted file mode 100644
--- a/security/manager/ssl/nsKeygenThread.h
+++ /dev/null
@@ -1,72 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#ifndef _NSKEYGENTHREAD_H_
-#define _NSKEYGENTHREAD_H_
-
-#include "keyhi.h"
-#include "nspr.h"
-
-#include "mozilla/Mutex.h"
-#include "nsIKeygenThread.h"
-#include "nsCOMPtr.h"
-
-class nsIRunnable;
-
-class nsKeygenThread : public nsIKeygenThread
-{
-private:
- mozilla::Mutex mutex;
-
- nsCOMPtr<nsIRunnable> mNotifyObserver;
-
- bool iAmRunning;
- bool keygenReady;
- bool statusDialogClosed;
- bool alreadyReceivedParams;
-
- SECKEYPrivateKey *privateKey;
- SECKEYPublicKey *publicKey;
- PK11SlotInfo *slot;
- PK11AttrFlags flags;
- PK11SlotInfo *altSlot;
- PK11AttrFlags altFlags;
- PK11SlotInfo *usedSlot;
- uint32_t keyGenMechanism;
- void *params;
- void *wincx;
-
- PRThread *threadHandle;
-
-protected:
- virtual ~nsKeygenThread();
-
-public:
- nsKeygenThread();
-
- NS_DECL_NSIKEYGENTHREAD
- NS_DECL_THREADSAFE_ISUPPORTS
-
- void SetParams(
- PK11SlotInfo *a_slot,
- PK11AttrFlags a_flags,
- PK11SlotInfo *a_alternative_slot,
- PK11AttrFlags a_alternative_flags,
- uint32_t a_keyGenMechanism,
- void *a_params,
- void *a_wincx );
-
- nsresult ConsumeResult(
- PK11SlotInfo **a_used_slot,
- SECKEYPrivateKey **a_privateKey,
- SECKEYPublicKey **a_publicKey);
-
- void Join(void);
-
- void Run(void);
-};
-
-#endif //_NSKEYGENTHREAD_H_
--- a/security/manager/ssl/nsNSSModule.cpp
+++ b/security/manager/ssl/nsNSSModule.cpp
@@ -13,17 +13,16 @@
#include "TransportSecurityInfo.h"
#include "mozilla/ModuleUtils.h"
#include "mozilla/SyncRunnable.h"
#include "nsCURILoader.h"
#include "nsCertOverrideService.h"
#include "nsCryptoHash.h"
#include "nsICategoryManager.h"
#include "nsKeyModule.h"
-#include "nsKeygenHandler.h"
#include "nsNSSCertificate.h"
#include "nsNSSCertificateDB.h"
#include "nsNSSComponent.h"
#include "nsNSSVersion.h"
#include "nsNTLMAuthModule.h"
#include "nsNetCID.h"
#include "nsPK11TokenDB.h"
#include "nsPKCS11Slot.h"
@@ -136,17 +135,16 @@ NS_DEFINE_NAMED_CID(NS_SSLSOCKETPROVIDER
NS_DEFINE_NAMED_CID(NS_STARTTLSSOCKETPROVIDER_CID);
NS_DEFINE_NAMED_CID(NS_SECRETDECODERRING_CID);
NS_DEFINE_NAMED_CID(NS_PK11TOKENDB_CID);
NS_DEFINE_NAMED_CID(NS_PKCS11MODULEDB_CID);
NS_DEFINE_NAMED_CID(NS_PSMCONTENTLISTEN_CID);
NS_DEFINE_NAMED_CID(NS_X509CERT_CID);
NS_DEFINE_NAMED_CID(NS_X509CERTDB_CID);
NS_DEFINE_NAMED_CID(NS_X509CERTLIST_CID);
-NS_DEFINE_NAMED_CID(NS_FORMPROCESSOR_CID);
#ifdef MOZ_XUL
NS_DEFINE_NAMED_CID(NS_CERTTREE_CID);
#endif
NS_DEFINE_NAMED_CID(NS_CRYPTO_HASH_CID);
NS_DEFINE_NAMED_CID(NS_CRYPTO_HMAC_CID);
NS_DEFINE_NAMED_CID(NS_NTLMAUTHMODULE_CID);
NS_DEFINE_NAMED_CID(NS_KEYMODULEOBJECT_CID);
NS_DEFINE_NAMED_CID(NS_KEYMODULEOBJECTFACTORY_CID);
@@ -176,17 +174,16 @@ static const mozilla::Module::CIDEntry k
{ &kNS_PK11TOKENDB_CID, false, nullptr, Constructor<nsPK11TokenDB> },
{ &kNS_PKCS11MODULEDB_CID, false, nullptr, Constructor<PKCS11ModuleDB> },
{ &kNS_PSMCONTENTLISTEN_CID, false, nullptr, PSMContentListenerConstructor },
{ &kNS_X509CERT_CID, false, nullptr,
Constructor<nsNSSCertificate, nullptr, ProcessRestriction::AnyProcess> },
{ &kNS_X509CERTDB_CID, false, nullptr, Constructor<nsNSSCertificateDB> },
{ &kNS_X509CERTLIST_CID, false, nullptr,
Constructor<nsNSSCertList, nullptr, ProcessRestriction::AnyProcess> },
- { &kNS_FORMPROCESSOR_CID, false, nullptr, nsKeygenFormProcessor::Create },
#ifdef MOZ_XUL
{ &kNS_CERTTREE_CID, false, nullptr, Constructor<nsCertTree> },
#endif
{ &kNS_CRYPTO_HASH_CID, false, nullptr,
Constructor<nsCryptoHash, nullptr, ProcessRestriction::AnyProcess> },
{ &kNS_CRYPTO_HMAC_CID, false, nullptr,
Constructor<nsCryptoHMAC, nullptr, ProcessRestriction::AnyProcess> },
{ &kNS_NTLMAUTHMODULE_CID, false, nullptr,
@@ -229,17 +226,16 @@ static const mozilla::Module::ContractID
{ NS_SSLSOCKETPROVIDER_CONTRACTID, &kNS_SSLSOCKETPROVIDER_CID },
{ NS_STARTTLSSOCKETPROVIDER_CONTRACTID, &kNS_STARTTLSSOCKETPROVIDER_CID },
{ NS_SECRETDECODERRING_CONTRACTID, &kNS_SECRETDECODERRING_CID },
{ NS_PK11TOKENDB_CONTRACTID, &kNS_PK11TOKENDB_CID },
{ NS_PKCS11MODULEDB_CONTRACTID, &kNS_PKCS11MODULEDB_CID },
{ NS_PSMCONTENTLISTEN_CONTRACTID, &kNS_PSMCONTENTLISTEN_CID },
{ NS_X509CERTDB_CONTRACTID, &kNS_X509CERTDB_CID },
{ NS_X509CERTLIST_CONTRACTID, &kNS_X509CERTLIST_CID },
- { NS_FORMPROCESSOR_CONTRACTID, &kNS_FORMPROCESSOR_CID },
#ifdef MOZ_XUL
{ NS_CERTTREE_CONTRACTID, &kNS_CERTTREE_CID },
#endif
{ NS_CRYPTO_HASH_CONTRACTID, &kNS_CRYPTO_HASH_CID },
{ NS_CRYPTO_HMAC_CONTRACTID, &kNS_CRYPTO_HMAC_CID },
{ "@mozilla.org/uriloader/psm-external-content-listener;1", &kNS_PSMCONTENTLISTEN_CID },
{ NS_NTLMAUTHMODULE_CONTRACTID, &kNS_NTLMAUTHMODULE_CID },
{ NS_KEYMODULEOBJECT_CONTRACTID, &kNS_KEYMODULEOBJECT_CID },
--- a/security/manager/ssl/nsNTLMAuthModule.cpp
+++ b/security/manager/ssl/nsNTLMAuthModule.cpp
@@ -4,16 +4,17 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsNTLMAuthModule.h"
#include <time.h>
#include "ScopedNSSTypes.h"
#include "md4.h"
+#include "MainThreadUtils.h"
#include "mozilla/Assertions.h"
#include "mozilla/Base64.h"
#include "mozilla/Casting.h"
#include "mozilla/CheckedInt.h"
#include "mozilla/EndianUtils.h"
#include "mozilla/Likely.h"
#include "mozilla/Logging.h"
#include "mozilla/Preferences.h"
--- a/security/manager/ssl/nsPK11TokenDB.cpp
+++ b/security/manager/ssl/nsPK11TokenDB.cpp
@@ -7,16 +7,17 @@
#include <string.h>
#include "ScopedNSSTypes.h"
#include "mozilla/Casting.h"
#include "mozilla/Unused.h"
#include "nsISupports.h"
#include "nsNSSComponent.h"
+#include "nsNSSCertHelper.h"
#include "nsPromiseFlatString.h"
#include "nsReadableUtils.h"
#include "nsServiceManagerUtils.h"
#include "prerror.h"
#include "secerr.h"
extern mozilla::LazyLogModule gPIPNSSLog;
@@ -26,17 +27,17 @@ nsPK11Token::nsPK11Token(PK11SlotInfo* s
: mUIContext(new PipUIContext())
{
MOZ_ASSERT(slot);
mSlot.reset(PK11_ReferenceSlot(slot));
mIsInternalCryptoToken = PK11_IsInternal(mSlot.get()) &&
!PK11_IsInternalKeySlot(mSlot.get());
mIsInternalKeyToken = PK11_IsInternalKeySlot(mSlot.get());
mSeries = PK11_GetSlotSeries(slot);
- Unused << refreshTokenInfo();
+ mozilla::Unused << refreshTokenInfo();
}
nsresult
nsPK11Token::refreshTokenInfo()
{
if (mIsInternalCryptoToken) {
nsresult rv;
if (PK11_IsFIPS()) {
@@ -52,17 +53,17 @@ nsPK11Token::refreshTokenInfo()
if (NS_FAILED(rv)) {
return rv;
}
} else {
mTokenName.Assign(PK11_GetTokenName(mSlot.get()));
}
CK_TOKEN_INFO tokInfo;
- nsresult rv = MapSECStatus(PK11_GetTokenInfo(mSlot.get(), &tokInfo));
+ nsresult rv = mozilla::MapSECStatus(PK11_GetTokenInfo(mSlot.get(), &tokInfo));
if (NS_FAILED(rv)) {
return rv;
}
// Set the Manufacturer field
if (mIsInternalCryptoToken || mIsInternalKeyToken) {
rv = GetPIPNSSBundleString("ManufacturerID", mTokenManufacturerID);
if (NS_FAILED(rv)) {
@@ -170,25 +171,25 @@ nsPK11Token::Login(bool force)
if (NS_FAILED(rv)) return rv;
if (test && force) {
rv = this->LogoutSimple();
if (NS_FAILED(rv)) return rv;
}
rv = setPassword(mSlot.get(), mUIContext);
if (NS_FAILED(rv)) return rv;
- return MapSECStatus(PK11_Authenticate(mSlot.get(), true, mUIContext));
+ return mozilla::MapSECStatus(PK11_Authenticate(mSlot.get(), true, mUIContext));
}
NS_IMETHODIMP
nsPK11Token::LogoutSimple()
{
// PK11_Logout() can fail if the user wasn't logged in beforehand. We want
// this method to succeed even in this case, so we ignore the return value.
- Unused << PK11_Logout(mSlot.get());
+ mozilla::Unused << PK11_Logout(mSlot.get());
return NS_OK;
}
NS_IMETHODIMP
nsPK11Token::LogoutAndDropAuthenticatedResources()
{
static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
@@ -202,17 +203,17 @@ nsPK11Token::LogoutAndDropAuthenticatedR
return rv;
return nssComponent->LogoutAuthenticatedPK11();
}
NS_IMETHODIMP
nsPK11Token::Reset()
{
- return MapSECStatus(PK11_ResetToken(mSlot.get(), nullptr));
+ return mozilla::MapSECStatus(PK11_ResetToken(mSlot.get(), nullptr));
}
NS_IMETHODIMP
nsPK11Token::GetNeedsUserInit(bool* aNeedsUserInit)
{
NS_ENSURE_ARG_POINTER(aNeedsUserInit);
*aNeedsUserInit = PK11_NeedUserInit(mSlot.get());
return NS_OK;
@@ -246,30 +247,30 @@ nsPK11Token::InitPassword(const nsACStri
// false), but we can't actually call PK11_InitPin again. Instead, we call
// PK11_ChangePW with the empty password.
bool hasPassword;
nsresult rv = GetHasPassword(&hasPassword);
if (NS_FAILED(rv)) {
return rv;
}
if (!PK11_NeedUserInit(mSlot.get()) && !hasPassword) {
- return MapSECStatus(PK11_ChangePW(mSlot.get(), "", passwordCStr.get()));
+ return mozilla::MapSECStatus(PK11_ChangePW(mSlot.get(), "", passwordCStr.get()));
}
- return MapSECStatus(PK11_InitPin(mSlot.get(), "", passwordCStr.get()));
+ return mozilla::MapSECStatus(PK11_InitPin(mSlot.get(), "", passwordCStr.get()));
}
NS_IMETHODIMP
nsPK11Token::ChangePassword(const nsACString& oldPassword,
const nsACString& newPassword)
{
// PK11_ChangePW() has different semantics for the empty string and for
// nullptr. In order to support this difference, we need to check IsVoid() to
// find out if our caller supplied null/undefined args or just empty strings.
// See Bug 447589.
- return MapSECStatus(PK11_ChangePW(
+ return mozilla::MapSECStatus(PK11_ChangePW(
mSlot.get(),
oldPassword.IsVoid() ? nullptr : PromiseFlatCString(oldPassword).get(),
newPassword.IsVoid() ? nullptr : PromiseFlatCString(newPassword).get()));
}
NS_IMETHODIMP
nsPK11Token::GetHasPassword(bool* hasPassword)
{
@@ -292,17 +293,17 @@ nsPK11Token::NeedsLogin(bool* _retval)
/*=========================================================*/
NS_IMPL_ISUPPORTS(nsPK11TokenDB, nsIPK11TokenDB)
NS_IMETHODIMP
nsPK11TokenDB::GetInternalKeyToken(nsIPK11Token** _retval)
{
NS_ENSURE_ARG_POINTER(_retval);
- UniquePK11SlotInfo slot(PK11_GetInternalKeySlot());
+ mozilla::UniquePK11SlotInfo slot(PK11_GetInternalKeySlot());
if (!slot) {
return NS_ERROR_FAILURE;
}
nsCOMPtr<nsIPK11Token> token = new nsPK11Token(slot.get());
token.forget(_retval);
return NS_OK;
--- a/security/manager/ssl/nsPKCS11Slot.cpp
+++ b/security/manager/ssl/nsPKCS11Slot.cpp
@@ -26,24 +26,24 @@ NS_IMPL_ISUPPORTS(nsPKCS11Slot, nsIPKCS1
nsPKCS11Slot::nsPKCS11Slot(PK11SlotInfo* slot)
{
MOZ_ASSERT(slot);
mSlot.reset(PK11_ReferenceSlot(slot));
mIsInternalCryptoSlot = PK11_IsInternal(mSlot.get()) &&
!PK11_IsInternalKeySlot(mSlot.get());
mIsInternalKeySlot = PK11_IsInternalKeySlot(mSlot.get());
mSeries = PK11_GetSlotSeries(slot);
- Unused << refreshSlotInfo();
+ mozilla::Unused << refreshSlotInfo();
}
nsresult
nsPKCS11Slot::refreshSlotInfo()
{
CK_SLOT_INFO slotInfo;
- nsresult rv = MapSECStatus(PK11_GetSlotInfo(mSlot.get(), &slotInfo));
+ nsresult rv = mozilla::MapSECStatus(PK11_GetSlotInfo(mSlot.get(), &slotInfo));
if (NS_FAILED(rv)) {
return rv;
}
// Set the Description field
if (mIsInternalCryptoSlot) {
nsresult rv;
if (PK11_IsFIPS()) {
@@ -274,17 +274,17 @@ nsPKCS11Module::ListSlots(nsISimpleEnume
if (!array) {
return NS_ERROR_FAILURE;
}
/* applications which allow new slot creation (which Firefox now does
* since it uses the WaitForSlotEvent call) need to hold the
* ModuleList Read lock to prevent the slot array from changing out
* from under it. */
- AutoSECMODListReadLock lock;
+ mozilla::AutoSECMODListReadLock lock;
for (int i = 0; i < mModule->slotCount; i++) {
if (mModule->slots[i]) {
nsCOMPtr<nsIPKCS11Slot> slot = new nsPKCS11Slot(mModule->slots[i]);
rv = array->AppendElement(slot);
if (NS_FAILED(rv)) {
return rv;
}
}
--- a/security/manager/ssl/nsPKCS12Blob.cpp
+++ b/security/manager/ssl/nsPKCS12Blob.cpp
@@ -2,16 +2,17 @@
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsPKCS12Blob.h"
#include "ScopedNSSTypes.h"
#include "mozilla/Assertions.h"
#include "mozilla/Casting.h"
+#include "mozilla/UniquePtr.h"
#include "mozilla/Unused.h"
#include "nsICertificateDialogs.h"
#include "nsIFile.h"
#include "nsIInputStream.h"
#include "nsIPrompt.h"
#include "nsIWindowWatcher.h"
#include "nsNSSCertHelper.h"
#include "nsNSSCertificate.h"
--- a/security/manager/ssl/nsPKCS12Blob.h
+++ b/security/manager/ssl/nsPKCS12Blob.h
@@ -7,16 +7,17 @@
#ifndef nsPKCS12Blob_h
#define nsPKCS12Blob_h
#include "nsCOMPtr.h"
#include "nsIMutableArray.h"
#include "nsString.h"
#include "p12.h"
#include "seccomon.h"
+#include "ScopedNSSTypes.h"
class nsIFile;
class nsIX509Cert;
// Class for importing/exporting PKCS#12 blobs
class nsPKCS12Blob
{
public:
@@ -29,22 +30,22 @@ public:
// PKCS#12 Export
nsresult ExportToFile(nsIFile* file, nsIX509Cert** certs, int numCerts);
private:
nsCOMPtr<nsIInterfaceRequestor> mUIContext;
// local helper functions
nsresult getPKCS12FilePassword(uint32_t& passwordBufferLength,
- UniquePtr<uint8_t[]>& passwordBuffer);
+ mozilla::UniquePtr<uint8_t[]>& passwordBuffer);
nsresult newPKCS12FilePassword(uint32_t& passwordBufferLength,
- UniquePtr<uint8_t[]>& passwordBuffer);
- nsresult inputToDecoder(UniqueSEC_PKCS12DecoderContext& dcx, nsIFile* file,
+ mozilla::UniquePtr<uint8_t[]>& passwordBuffer);
+ nsresult inputToDecoder(mozilla::UniqueSEC_PKCS12DecoderContext& dcx, nsIFile* file,
PRErrorCode& nssError);
- UniquePtr<uint8_t[]> stringToBigEndianBytes(const nsString& uni,
+ mozilla::UniquePtr<uint8_t[]> stringToBigEndianBytes(const nsString& uni,
uint32_t& bytesLength);
void handleError(int myerr, PRErrorCode prerr);
// RetryReason and ImportMode are used when importing a PKCS12 file.
// There are two reasons that cause us to retry:
// - When the password entered by the user is incorrect.
// The user will be prompted to try again.
// - When the user entered a zero length password.
--- a/testing/crashtest/crashtests.list
+++ b/testing/crashtest/crashtests.list
@@ -58,17 +58,15 @@ include ../../layout/xul/grid/crashtests
include ../../layout/xul/tree/crashtests/crashtests.list
include ../../media/libpng/crashtests/crashtests.list
include ../../netwerk/test/crashtests/crashtests.list
include ../../parser/htmlparser/tests/crashtests/crashtests.list
-include ../../security/manager/ssl/crashtests/crashtests.list
-
include ../../view/crashtests/crashtests.list
include ../../widget/cocoa/crashtests/crashtests.list
include ../../widget/crashtests/crashtests.list
include ../../widget/gtk/crashtests/crashtests.list
include ../../xpcom/string/crashtests/crashtests.list
--- a/testing/web-platform/meta/html/dom/documents/dom-tree-accessors/document.getElementsByName/document.getElementsByName-newelements.html.ini
+++ b/testing/web-platform/meta/html/dom/documents/dom-tree-accessors/document.getElementsByName/document.getElementsByName-newelements.html.ini
@@ -1,7 +1,4 @@
[document.getElementsByName-newelements.html]
[getElementsByName and newly introduced HTML elements]
expected: FAIL
- [getElementsByName("keygen")]
- expected: FAIL
-
--- a/testing/web-platform/meta/html/infrastructure/common-dom-interfaces/collections/htmlformcontrolscollection.html.ini
+++ b/testing/web-platform/meta/html/infrastructure/common-dom-interfaces/collections/htmlformcontrolscollection.html.ini
@@ -1,10 +1,4 @@
[htmlformcontrolscollection.html]
[HTMLFormControlsCollection(name) must return the named item]
expected: FAIL
- [The length attribute must return the number of elements in the form]
- expected: FAIL
-
- [Keygen controls do not show up at all]
- expected: FAIL
-
--- a/testing/web-platform/meta/html/semantics/forms/the-label-element/labelable-elements.html.ini
+++ b/testing/web-platform/meta/html/semantics/forms/the-label-element/labelable-elements.html.ini
@@ -1,10 +1,5 @@
[labelable-elements.html]
max-asserts:
if webrender: 12
3
- [Check if the keygen element is not a labelable element]
- expected: FAIL
- [Check if the keygen element can access 'labels']
- expected: FAIL
-
--- a/testing/web-platform/meta/html/semantics/interfaces.html.ini
+++ b/testing/web-platform/meta/html/semantics/interfaces.html.ini
@@ -1,23 +1,17 @@
[interfaces.html]
prefs: [dom.dialog_element.enabled: true, dom.webcomponents.shadowdom.enabled:true]
[Interfaces for image]
expected: FAIL
- [Interfaces for keygen]
- expected: FAIL
-
[Interfaces for marquee]
expected: FAIL
[Interfaces for IMAGE]
expected: FAIL
- [Interfaces for KEYGEN]
- expected: FAIL
-
[Interfaces for MARQUEE]
expected: FAIL
[Interfaces for å-bar]
expected: FAIL
deleted file mode 100644
--- a/testing/web-platform/meta/html/semantics/scripting-1/the-template-element/template-element/template-content.html.ini
+++ /dev/null
@@ -1,4 +0,0 @@
-[template-content.html]
- [Template may contain keygen element. The template element and contents are added via body.innerHTML]
- expected: FAIL
-
--- a/testing/web-platform/meta/html/syntax/parsing/html5lib_tests19.html.ini
+++ b/testing/web-platform/meta/html/syntax/parsing/html5lib_tests19.html.ini
@@ -1,22 +1,7 @@
-[html5lib_tests19.html]
- [html5lib_tests19.html d098e8a39897cd8453fc18399622e413872b054c]
- expected: FAIL
-
-
-[html5lib_tests19.html?run_type=write]
- [html5lib_tests19.html d098e8a39897cd8453fc18399622e413872b054c]
- expected: FAIL
-
-
-[html5lib_tests19.html?run_type=uri]
- [html5lib_tests19.html d098e8a39897cd8453fc18399622e413872b054c]
- expected: FAIL
-
-
[html5lib_tests19.html?run_type=write_single]
[html5lib_tests19.html 3984cbe166b42d77ff6dadc8e1687075db7a8e65]
expected: FAIL
[html5lib_tests19.html d098e8a39897cd8453fc18399622e413872b054c]
expected: FAIL
--- a/testing/web-platform/meta/html/syntax/parsing/html5lib_tests25.html.ini
+++ b/testing/web-platform/meta/html/syntax/parsing/html5lib_tests25.html.ini
@@ -1,31 +1,19 @@
[html5lib_tests25.html]
[html5lib_tests25.html d46fa11c0107d59c84778beae84f388f55bffc31]
expected: FAIL
- [html5lib_tests25.html 1ccc6e280f6dc773e2e00f2cb70cd96e97078296]
- expected: FAIL
-
[html5lib_tests25.html?run_type=write_single]
[html5lib_tests25.html d46fa11c0107d59c84778beae84f388f55bffc31]
expected: FAIL
- [html5lib_tests25.html 1ccc6e280f6dc773e2e00f2cb70cd96e97078296]
- expected: FAIL
-
[html5lib_tests25.html?run_type=uri]
[html5lib_tests25.html d46fa11c0107d59c84778beae84f388f55bffc31]
expected: FAIL
- [html5lib_tests25.html 1ccc6e280f6dc773e2e00f2cb70cd96e97078296]
- expected: FAIL
-
[html5lib_tests25.html?run_type=write]
[html5lib_tests25.html d46fa11c0107d59c84778beae84f388f55bffc31]
expected: FAIL
- [html5lib_tests25.html 1ccc6e280f6dc773e2e00f2cb70cd96e97078296]
- expected: FAIL
-
--- a/testing/web-platform/meta/html/syntax/parsing/html5lib_tests7.html.ini
+++ b/testing/web-platform/meta/html/syntax/parsing/html5lib_tests7.html.ini
@@ -1,25 +1,12 @@
[html5lib_tests7.html]
[html5lib_tests7.html 5b0b3edcc3ce9fdc9f58eb62d326865ca0aab8c8]
expected: FAIL
-[html5lib_tests7.html?run_type=write]
- [html5lib_tests7.html 5b0b3edcc3ce9fdc9f58eb62d326865ca0aab8c8]
- expected: FAIL
-
-
-[html5lib_tests7.html?run_type=uri]
- [html5lib_tests7.html 5b0b3edcc3ce9fdc9f58eb62d326865ca0aab8c8]
- expected: FAIL
-
-
[html5lib_tests7.html?run_type=write_single]
[html5lib_tests7.html 0fa23bb5d8b2a591afb1842b8f4c00c490c127b4]
expected: FAIL
[html5lib_tests7.html f6d60b3ae48e2b69b4c25125f9b5a3ab4867521b]
expected: FAIL
- [html5lib_tests7.html 5b0b3edcc3ce9fdc9f58eb62d326865ca0aab8c8]
- expected: FAIL
-
--- a/testing/web-platform/meta/html/syntax/parsing/template/creating-an-element-for-the-token/template-owner-document.html.ini
+++ b/testing/web-platform/meta/html/syntax/parsing/template/creating-an-element-for-the-token/template-owner-document.html.ini
@@ -1,10 +1,4 @@
[template-owner-document.html]
[Test ownerDocument property of the element in a template. Current DOCUMENT has no browsing context. Test template element in the root of the frameset]
expected: FAIL
- [Test ownerDocument for the element keygen in the template]
- expected: FAIL
-
- [Test ownerDocument for the element keygen in the template. Document has browsing context]
- expected: FAIL
-