--- a/mozglue/android/NSSBridge.cpp
+++ b/mozglue/android/NSSBridge.cpp
@@ -13,17 +13,17 @@
#ifndef MOZ_OLD_LINKER
#include "ElfLoader.h"
#endif
#ifdef DEBUG
#define LOG(x...) __android_log_print(ANDROID_LOG_INFO, "GeckoJNI", x)
#else
-#define LOG(x...) printf(x);
+#define LOG(x...)
#endif
static bool initialized = false;
#define NSS_WRAPPER_INT(name) name ## _t f_ ## name;
NSS_WRAPPER_INT(NSS_Initialize)
NSS_WRAPPER_INT(NSS_Shutdown)
NSS_WRAPPER_INT(SECITEM_ZfreeItem)
@@ -39,19 +39,18 @@ NSS_WRAPPER_INT(PL_Base64Encode)
NSS_WRAPPER_INT(PL_Base64Decode)
NSS_WRAPPER_INT(PL_strfree)
int
setup_nss_functions(void *nss_handle,
void *nspr_handle,
void *plc_handle)
{
- __android_log_print(ANDROID_LOG_ERROR, "GeckoLibLoad", "setup nss 1");
if (nss_handle == NULL || nspr_handle == NULL || plc_handle == NULL) {
- LOG("missing handle\n");
+ LOG("Missing handle\n");
return FAILURE;
}
#define GETFUNC(name) f_ ## name = (name ## _t) __wrap_dlsym(nss_handle, #name); \
if (!f_ ##name) return FAILURE;
GETFUNC(NSS_Initialize);
GETFUNC(NSS_Shutdown);
GETFUNC(PK11SDR_Encrypt);
GETFUNC(PK11SDR_Decrypt);
@@ -146,48 +145,49 @@ Java_org_mozilla_gecko_NSSBridge_nativeD
/* Encrypts or decrypts a string. result should be freed with free() when done */
SECStatus
doCrypto(JNIEnv* jenv, const char *path, const char *value, char** result, bool encrypt)
{
SECStatus rv;
PK11SlotInfo *slot;
if (!initialized) {
- LOG("initialize crypto %s\n", path);
+ LOG("Initialize crypto in %s\n", path);
rv = f_NSS_Initialize(path, "", "", "secmod.db", NSS_INIT_NOROOTINIT);
if (rv != SECSuccess) {
throwError(jenv, "NSS_Initialize");
return rv;
}
initialized = true;
}
slot = f_PK11_GetInternalKeySlot();
if (!slot) {
throwError(jenv, "PK11_GetInternalKeySlot");
return SECFailure;
}
if (f_PK11_NeedUserInit(slot)) {
- LOG("Initializing key3.db with default blank password.");
+ LOG("Initializing key3.db with default blank password.\n");
rv = f_PK11_InitPin(slot, NULL, NULL);
if (rv != SECSuccess) {
throwError(jenv, "PK11_InitPin");
return rv;
}
}
SECItem request;
SECItem reply;
reply.data = 0;
reply.len = 0;
if (encrypt) {
- LOG("encrypting %s\n", value);
+ // This can print sensitive data. Uncomment if you need it.
+ // LOG("Encrypting: %s\n", value);
request.data = (unsigned char*)value;
request.len = strlen(value);
SECItem keyid;
keyid.data = 0;
keyid.len = 0;
rv = f_PK11SDR_Encrypt(&keyid, &request, &reply, NULL);
@@ -196,36 +196,37 @@ doCrypto(JNIEnv* jenv, const char *path,
goto done;
}
rv = encode(reply.data, reply.len, result);
if (rv != SECSuccess) {
throwError(jenv, "encode");
goto done;
}
- LOG("encrypted %s\n", *result);
+ LOG("Encrypted: %s\n", *result);
} else {
- LOG("decoding %s\n", value);
+ LOG("Decoding: %s\n", value);
rv = decode(value, &request.data, (PRInt32*)&request.len);
if (rv != SECSuccess) {
throwError(jenv, "decode");
return rv;
}
rv = f_PK11SDR_Decrypt(&request, &reply, NULL);
if (rv != SECSuccess) {
throwError(jenv, "PK11SDR_Decrypt");
goto done;
}
*result = (char *)malloc(reply.len+1);
strncpy(*result, (char *)reply.data, reply.len);
(*result)[reply.len] = '\0';
- LOG("decoded %i letters %s\n", reply.len, *result);
+ // This can print sensitive data. Uncomment if you need it.
+ // LOG("Decoded %i letters: %s\n", reply.len, *result);
free(request.data);
}
done:
f_SECITEM_ZfreeItem(&reply, false);
return rv;
}
@@ -270,24 +271,23 @@ decode(const char *data, unsigned char *
if (data[len-2] == '=') adjust++;
}
char *decoded;
decoded = f_PL_Base64Decode(data, len, NULL);
if (!decoded) {
return SECFailure;
}
-
- LOG("xxx Decoded: %s\n", decoded);
-
if (!*decoded) {
return SECFailure;
}
*length = (len*3)/4 - adjust;
+ LOG("Decoded %i chars into %i chars\n", len, *length);
+
*result = (unsigned char*)malloc((size_t)len);
if (!*result) {
rv = SECFailure;
} else {
memcpy((char*)*result, decoded, len);
}
f_PR_Free(decoded);