Bug 1253740 - Hash extension ID to obfuscate installed add-ons, r=kmag
MozReview-Commit-ID: ASBrDxIq2lF
--- a/toolkit/components/extensions/ExtensionStorageSync.jsm
+++ b/toolkit/components/extensions/ExtensionStorageSync.jsm
@@ -299,19 +299,16 @@ function cleanUpForContext(extension, co
* be opened.
* @param {Context} context
* The context for this extension. The Collection
* will shut down automatically when all contexts
* close.
* @returns {Promise<Collection>}
*/
const openCollection = Task.async(function* (extension, context) {
- // FIXME: This leaks metadata about what extensions a user has
- // installed. We should calculate collection ID using a hash of
- // user ID, extension ID, and some secret.
let collectionId = extension.id;
const {kinto} = yield storageSyncInit;
const coll = kinto.collection(collectionId, {
idSchema: storageSyncIdSchema,
remoteTransformers: [new CollectionKeyEncryptionRemoteTransformer(extension.id)],
});
return coll;
});
@@ -361,18 +358,17 @@ this.ExtensionStorageSync = {
sync: Task.async(function* (extension, collection) {
const signedInUser = yield this._fxaService.getSignedInUser();
if (!signedInUser) {
// FIXME: this should support syncing to self-hosted
log.info("User was not signed into FxA; cannot sync");
throw new Error("Not signed in to FxA");
}
- // FIXME: this leaks metadata about what extensions are being used
- const collectionId = extension.id;
+ const collectionId = extensionIdToCollectionId(signedInUser, extension.id);
let syncResults;
try {
syncResults = yield this._syncCollection(collection, {
strategy: "client_wins",
collection: collectionId,
});
} catch (err) {
log.warn("Syncing failed", err);
--- a/toolkit/components/extensions/test/xpcshell/test_ext_storage_sync.js
+++ b/toolkit/components/extensions/test/xpcshell/test_ext_storage_sync.js
@@ -323,31 +323,30 @@ function assertKeyRingKey(keyRing, exten
ok(keyRing.hasKeysFor([extensionId]),
`expected keyring to have a key for ${extensionId}\n`);
deepEqual(keyRing.keyForCollection(extensionId).keyPairB64, expectedKey.keyPairB64,
message);
}
// Tests using this ID will share keys in local storage, so be careful.
const defaultExtensionId = "{13bdde76-4dc7-11e6-9bdc-54ee758d6342}";
-// FIXME: need to access whatever mechanism we use in the syncing code
-const defaultCollectionId = defaultExtensionId;
const defaultExtension = {id: defaultExtensionId};
const BORING_KB = "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef";
const ANOTHER_KB = "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcde0";
const loggedInUser = {
uid: "0123456789abcdef0123456789abcdef",
kB: BORING_KB,
oauthTokens: {
"sync:addon-storage": {
token: "some-access-token",
},
},
};
+const defaultCollectionId = extensionIdToCollectionId(loggedInUser, defaultExtensionId);
function uuid() {
const uuidgen = Cc["@mozilla.org/uuid-generator;1"].getService(Ci.nsIUUIDGenerator);
return uuidgen.generateUUID();
}
add_task(function* test_key_to_id() {
equal(keyToId("foo"), "key-foo");