Bug 902761 - Stop storing certs used for MAR verification in EXE resource files. r=rstrong
authorBrian R. Bondy <netzen@gmail.com>
Wed, 15 Oct 2014 23:01:11 -0400
changeset 235939 c249afdad74433e001d8844053cee1805f79346c
parent 235938 e3318daf0ca69d416c492f3c9a21968e97d6425c
child 235940 149fc4026b50bf05fecee313b8172cd34c12ae89
push id4311
push userraliiev@mozilla.com
push dateMon, 12 Jan 2015 19:37:41 +0000
treeherdermozilla-beta@150c9fed433b [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersrstrong
bugs902761
milestone36.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 902761 - Stop storing certs used for MAR verification in EXE resource files. r=rstrong
toolkit/mozapps/update/updater/archivereader.cpp
toolkit/mozapps/update/updater/updater.rc
--- a/toolkit/mozapps/update/updater/archivereader.cpp
+++ b/toolkit/mozapps/update/updater/archivereader.cpp
@@ -10,16 +10,24 @@
 #include "bzlib.h"
 #include "archivereader.h"
 #include "errors.h"
 #ifdef XP_WIN
 #include "nsAlgorithm.h" // Needed by nsVersionComparator.cpp
 #include "updatehelper.h"
 #endif
 
+#ifdef XP_WIN
+// These are generated at compile time based on the DER file for the channel
+// being used
+#include "primaryCert.h"
+#include "secondaryCert.h"
+#include "xpcshellCert.h"
+#endif
+
 #define UPDATER_NO_STRING_GLUE_STL
 #include "nsVersionComparator.cpp"
 #undef UPDATER_NO_STRING_GLUE_STL
 
 #if defined(XP_UNIX)
 # include <sys/types.h>
 #elif defined(XP_WIN)
 # include <io.h>
@@ -29,71 +37,29 @@ static int inbuf_size  = 262144;
 static int outbuf_size = 262144;
 static char *inbuf  = nullptr;
 static char *outbuf = nullptr;
 
 #ifdef XP_WIN
 #include "resource.h"
 
 /**
- * Obtains the data of the specified resource name and type.
- *
- * @param  name The name ID of the resource
- * @param  type The type ID of the resource
- * @param  data Out parameter which sets the pointer to a buffer containing
- *                  the needed data.
- * @param  size Out parameter which sets the size of the returned data buffer 
- * @return TRUE on success
-*/
-BOOL
-LoadFileInResource(int name, int type, const uint8_t *&data, uint32_t& size)
-{
-  HMODULE handle = GetModuleHandle(nullptr);
-  if (!handle) {
-    return FALSE;
-  }
-
-  HRSRC resourceInfoBlockHandle = FindResource(handle, 
-                                               MAKEINTRESOURCE(name),
-                                               MAKEINTRESOURCE(type));
-  if (!resourceInfoBlockHandle) {
-    FreeLibrary(handle);
-    return FALSE;
-  }
-
-  HGLOBAL resourceHandle = LoadResource(handle, resourceInfoBlockHandle);
-  if (!resourceHandle) {
-    FreeLibrary(handle);
-    return FALSE;
-  }
-
-  size = SizeofResource(handle, resourceInfoBlockHandle);
-  data = static_cast<const uint8_t*>(::LockResource(resourceHandle));
-  FreeLibrary(handle);
-  return TRUE;
-}
-
-/**
  * Performs a verification on the opened MAR file with the passed in
  * certificate name ID and type ID.
  *
- * @param  archive   The MAR file to verify the signature on
- * @param  name      The name ID of the resource
- * @param  type      THe type ID of the resource
- * @return OK on success, CERT_LOAD_ERROR or CERT_VERIFY_ERROR on failure.
+ * @param  archive   The MAR file to verify the signature on.
+ * @param  certData  The certificate data.
+ * @return OK on success, CERT_VERIFY_ERROR on failure.
 */
+template<uint32_t SIZE>
 int
-VerifyLoadedCert(MarFile *archive, int name, int type)
+VerifyLoadedCert(MarFile *archive, const uint8_t (&certData)[SIZE])
 {
-  uint32_t size = 0;
-  const uint8_t *data = nullptr;
-  if (!LoadFileInResource(name, type, data, size) || !data || !size) {
-    return CERT_LOAD_ERROR;
-  }
-
+  const uint32_t size = SIZE;
+  const uint8_t * const data = &certData[0];
   if (mar_verify_signaturesW(archive, &data, &size, 1)) {
     return CERT_VERIFY_ERROR;
   }
 
   return OK;
 }
 #endif
 
@@ -113,21 +79,21 @@ ArchiveReader::VerifySignature()
     return ARCHIVE_NOT_OPEN;
   }
 
 #ifdef XP_WIN
   // If the fallback key exists we're running an XPCShell test and we should
   // use the XPCShell specific cert for the signed MAR.
   int rv;
   if (DoesFallbackKeyExist()) {
-    rv = VerifyLoadedCert(mArchive, IDR_XPCSHELL_CERT, TYPE_CERT);
+    rv = VerifyLoadedCert(mArchive, xpcshellCertData);
   } else {
-    rv = VerifyLoadedCert(mArchive, IDR_PRIMARY_CERT, TYPE_CERT);
+    rv = VerifyLoadedCert(mArchive, primaryCertData);
     if (rv != OK) {
-      rv = VerifyLoadedCert(mArchive, IDR_BACKUP_CERT, TYPE_CERT);
+      rv = VerifyLoadedCert(mArchive, secondaryCertData);
     }
   }
   return rv;
 #else
   return OK;
 #endif
 }
 
--- a/toolkit/mozapps/update/updater/updater.rc
+++ b/toolkit/mozapps/update/updater/updater.rc
@@ -37,35 +37,16 @@ 1                       RT_MANIFEST     
 // Icon
 //
 
 IDI_DIALOG ICON "updater.ico"
 
 
 /////////////////////////////////////////////////////////////////////////////
 //
-// Embedded certificates for allowed MARs
-//
-
-#if defined(MAR_SIGNING_RELEASE_BETA)
-IDR_PRIMARY_CERT TYPE_CERT "release_primary.der"
-IDR_BACKUP_CERT TYPE_CERT  "release_secondary.der"
-#elif defined(MAR_SIGNING_AURORA_NIGHTLY)
-IDR_PRIMARY_CERT TYPE_CERT "nightly_aurora_level3_primary.der"
-IDR_BACKUP_CERT TYPE_CERT  "nightly_aurora_level3_secondary.der"
-#else
-IDR_PRIMARY_CERT TYPE_CERT "dep1.der"
-IDR_BACKUP_CERT TYPE_CERT  "dep2.der"
-#endif
-
-IDR_XPCSHELL_CERT TYPE_CERT "xpcshellCertificate.der"
- 
-
-/////////////////////////////////////////////////////////////////////////////
-//
 // Embedded an identifier to uniquely identiy this as a Mozilla updater.
 //
 
 STRINGTABLE
 {
   IDS_UPDATER_IDENTITY, "moz-updater.exe-4cdccec4-5ee0-4a06-9817-4cd899a9db49"
 }