Include what is causing failure and wrap checkSignature in try/catch to simplify caller.
authorEdward Lee <edilee@mozilla.com>
Thu, 07 Oct 2010 17:51:57 -0700
changeset 14 9b95e7f5afcff6487d6a2d2b5d541caaeb324ec6
parent 13 b94b31f857819fe8b1dd0b995df5ea54a6b1a7f6
child 15 3adee3b78d64938c9f6d4573511e3786c9df5467
push id15
push useredward.lee@engineering.uiuc.edu
push dateFri, 08 Oct 2010 00:52:52 +0000
Include what is causing failure and wrap checkSignature in try/catch to simplify caller.
bootstrap.js
--- a/bootstrap.js
+++ b/bootstrap.js
@@ -299,17 +299,22 @@ XPCOMUtils.defineLazyGetter(this, "check
     if (isEncoded)
       input = atob(input);
     let outputData = new ctypes.ArrayType(ctypes.unsigned_char, input.length)();
     byteCompress(input, outputData);
     return new nss_t.SECItem(nss.SIBUFFER, outputData, outputData.length);
   }
 
   return function checkSignature(message, signature) {
-    return verify(message, signature, ENCODED_PUBKEY);
+    try {
+      return verify(message, signature, ENCODED_PUBKEY);
+    }
+    catch(ex) {
+      return false;
+    }
   };
 });
 
 /**
  * Fetch the json manifest and install/uninstall if necessary
  */
 function checkForUpdates() {
   // Skip this update if we're not online
@@ -325,46 +330,40 @@ function checkForUpdates() {
 
   // No need to fetch the manifest if the signature is the same
   let signature = getSigmaFile("sig");
   if (signature == prefs.get("signature"))
     return;
 
   // Fetch the json manifest and check that the signature matches
   let manifest = getSigmaFile("json");
-  try {
-    if (!checkSignature(manifest, signature)) {
-      Cu.reportError("Sigma signature mismatch!");
-      return;
-    }
-  }
-  catch(ex) {
-    Cu.reportError("Sigma signature check failure: '" + signature + "' " + ex);
+  if (!checkSignature(manifest, signature)) {
+    Cu.reportError("Sigma signature mismatch! " + signature);
     return;
   }
 
   // Unpack the data now that we know it's from Mozilla
   let {infoUrl, install, timestamp, uninstall} = manifest.obj;
 
   // Make sure the manifest includes the time it was created
   let newTime = new Date(timestamp);
   if (isNaN(newTime)) {
-    Cu.reportError("Sigma timestamp missing!");
+    Cu.reportError("Sigma timestamp missing! " + newTime);
     return;
   }
   // Ignore manifests that are too old
   else if (newTime < new Date(Date.now() - MAX_MANIFEST_LIFETIME)) {
-    Cu.reportError("Sigma timestamp expired!");
+    Cu.reportError("Sigma timestamp expired! " + newTime);
     return;
   }
 
   // Make sure this new manifest has a newer timestamp
   let oldTime = new Date(prefs.get("timestamp", 0));
   if (newTime <= oldTime) {
-    Cu.reportError("Sigma timestamp misordering!");
+    Cu.reportError("Sigma timestamp misordering! " + newTime);
     return;
   }
 
   // Only open the info page if it's different
   let oldInfo = prefs.get("infoUrl");
   if (infoUrl != oldInfo) {
     prefs.set("infoUrl", infoUrl);
     let browser = Services.wm.getMostRecentWindow("navigator:browser").gBrowser;
@@ -375,17 +374,17 @@ function checkForUpdates() {
   install.forEach(function({hash, id, url, version}) {
     AddonManager.getAddonByID(id, function(addon) {
       // Don't install if it's locally installed or newer
       if (addon != null && Svc.Version.compare(addon.version, version) >= 0)
         return;
 
       // Make sure we have a valid hash algorithm with hex output
       if (typeof hash != "string" || hash.search(/^[^:]+:[0-9a-f]+/) != 0) {
-        Cu.reportError("Sigma xpi hash malformation!");
+        Cu.reportError("Sigma xpi hash malformation! " + hash);
         return;
       }
 
       // Fetch the AddonInstall and install it
       AddonManager.getInstallForURL(url, function(install) {
         if (install == null)
           return;
         install.install();