Merged my changes with the main repository.
authorjonathandicarlo@jonathan-dicarlos-macbook-pro.local
Wed, 30 Apr 2008 16:27:52 -0700
changeset 44435 e24e261c3c1f82aa49077883772c097c468bd987
parent 44434 f2c2a3a7111c04c79c8ffd1f4895d3e03586fdbd (current diff)
parent 44432 161430ec0b76cac424b475d2154dd788aa729a63 (diff)
child 44436 7b022ef274adbc27c27362d9c4bfa40ee6ec909b
push id1
push userroot
push dateTue, 26 Apr 2011 22:38:44 +0000
treeherdermozilla-beta@bfdb6e623a36 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
Merged my changes with the main repository.
new file mode 100644
--- /dev/null
+++ b/services/crypto/IWeaveCrypto.idl
@@ -0,0 +1,93 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Mozilla Public License Version
+ * 1.1 (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is Weave code.
+ *
+ * The Initial Developer of the Original Code is
+ * Mozilla Corporation
+ * Portions created by the Initial Developer are Copyright (C) 2007
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ *   Dan Mills <thunder@mozilla.com> (original author)
+ *   Honza Bambas <honzab@allpeers.com>
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the MPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the MPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+
+#include "nsISupports.idl"
+
+[scriptable, uuid(d3b0f750-c976-46d0-be20-96b24f4684bc)]
+interface IWeaveCrypto : nsISupports
+{
+  /**
+   * Shortcuts for some algorithm SEC OIDs.  Full list available here:
+   * http://lxr.mozilla.org/seamonkey/source/security/nss/lib/util/secoidt.h
+   */
+
+  const unsigned long DES_EDE3_CBC = 156;
+
+  // Unsupported now...
+  const unsigned long AES_128_ECB = 183;
+  const unsigned long AES_128_CBC = 184;
+  const unsigned long AES_192_ECB = 185;
+  const unsigned long AES_192_CBC = 186;
+  const unsigned long AES_256_ECB = 187;
+  const unsigned long AES_256_CBC = 188;
+
+  /**
+   * One of the above constants. Assigning differnt value
+   * will fail cause the encrypt method fail. 
+   * Default value is DES_EDE3_CBC.
+   */
+  attribute unsigned long algorithm;
+
+  /**
+   * Encrypt data using a passphrase
+   * See algorithm attribute, it determines which mechanisms will be used
+   *
+   * @param   pass
+   *          Passphrase to encrypt with
+   * @param   iter
+   *          Number of iterations for key strengthening
+   *          This parameter is currently ignored and is always 1
+   * @param   clearText
+   *          Data to be encrypted
+   * @returns Encrypted data, base64 encoded
+   */
+  ACString encrypt(in ACString pass, in ACString clearText);
+
+  /**
+   * Decrypt data using a passphrase
+   *
+   * @param   pass
+   *          Passphrase to decrypt with
+   * @param   cipherText
+   *          Base64 encoded data to be decrypted
+   * @returns Decrypted data
+   */
+  ACString decrypt(in ACString pass, in ACString cipherText);
+};
+
new file mode 100644
--- /dev/null
+++ b/services/crypto/Makefile
@@ -0,0 +1,189 @@
+#
+# ***** BEGIN LICENSE BLOCK *****
+# Version: MPL 1.1/GPL 2.0/LGPL 2.1
+#
+# The contents of this file are subject to the Mozilla Public License Version
+# 1.1 (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+# http://www.mozilla.org/MPL/
+#
+# Software distributed under the License is distributed on an "AS IS" basis,
+# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+# for the specific language governing rights and limitations under the
+# License.
+#
+# The Original Code is Weave code.
+#
+# The Initial Developer of the Original Code is
+# Mozilla Corporation
+# Portions created by the Initial Developer are Copyright (C) 2008
+# the Initial Developer. All Rights Reserved.
+#
+# Contributor(s):
+#   Dan Mills <thunder@mozilla.com> (original author)
+#
+# Alternatively, the contents of this file may be used under the terms of
+# either the GNU General Public License Version 2 or later (the "GPL"), or
+# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+# in which case the provisions of the GPL or the LGPL are applicable instead
+# of those above. If you wish to allow use of your version of this file only
+# under the terms of either the GPL or the LGPL, and not to allow others to
+# use your version of this file under the terms of the MPL, indicate your
+# decision by deleting the provisions above and replace them with the notice
+# and other provisions required by the GPL or the LGPL. If you do not delete
+# the provisions above, a recipient may use your version of this file under
+# the terms of any one of the MPL, the GPL or the LGPL.
+#
+# ***** END LICENSE BLOCK *****
+
+idl = IWeaveCrypto.idl
+cpp_sources = WeaveCrypto.cpp WeaveCryptoModule.cpp
+target = WeaveCrypto # will have .so / .dylib / .dll appended
+
+sdkdir ?= ${MOZSDKDIR}
+destdir = ..
+platformdir = $(destdir)/platform/$(platform)
+
+xpidl = $(sdkdir)/bin/xpidl
+
+# FIXME: we don't actually require this for e.g. clean
+ifndef sdkdir
+  $(warning No 'sdkdir' variable given)
+  $(warning It should point to the location of the Gecko SDK)
+  $(warning For example: "make sdkdir=/foo/bar/baz")
+  $(error )
+endif
+
+######################################################################
+
+headers = -I$(sdkdir)/include \
+          -I$(sdkdir)/include/system_wrappers \
+          -I$(sdkdir)/include/nss \
+          -I$(sdkdir)/include/xpcom \
+          -I$(sdkdir)/include/string \
+          -I$(sdkdir)/include/pipnss \
+          -I$(sdkdir)/include/nspr \
+          -I$(sdkdir)/sdk/include
+
+cppflags += -c -pipe -Os \
+            -fPIC -fno-rtti -fno-exceptions -fno-strict-aliasing \
+            -fpascal-strings -fno-common -fshort-wchar -pthread \
+            -Wall -Wconversion -Wpointer-arith -Woverloaded-virtual -Wsynth \
+            -Wno-ctor-dtor-privacy -Wno-non-virtual-dtor -Wcast-align \
+            -Wno-long-long \
+            -include xpcom-config.h $(headers)
+
+libdirs = -L$(sdkdir)/lib -L$(sdkdir)/bin
+libs = -lxpcomglue_s -lxpcom \
+       -lcrmf -lsmime3 -lssl3 -lnss3 -lnssutil3 -lsoftokn3 \
+       -lplds4 -lplc4 -lnspr4
+
+ldflags += -pthread -pipe -bundle \
+           -Wl,-executable_path,$(sdkdir)/bin \
+           -Wl,-dead_strip \
+           -Wl,-exported_symbol \
+           -Wl,_NSGetModule \
+           $(libdirs) $(libs)
+
+######################################################################
+# Platform detection
+
+sys := $(shell uname -s)
+
+ifeq ($(sys), Linux)
+  os = Linux
+  compiler = gcc3
+  cxx = c++
+  so = so
+  cppflags += -shared
+else
+  ifeq ($(sys), Darwin)
+    os = Darwin
+    compiler = gcc3
+    cxx = c++
+    so = dylib
+    cppflags += -dynamiclib
+  else
+    ifeq ($(os), MINGW32_NT-5.1)
+      $(error Sorry, windows is not supported yet)
+      os = WINNT
+      compiler = msvc
+      cxx = c++ # fixme
+      so = dll
+      cppflags += -shared
+    else
+      $(error Sorry, your os is unknown/unsupported: $(os))
+    endif
+  endif
+endif
+
+machine := $(shell uname -m)
+
+ifeq ($(machine), i386)
+  arch = x86
+else
+  ifeq ($(machine), i586)
+    arch = x86
+  else
+    ifeq ($(machine), i686)
+      arch = x86
+    else
+      ifeq ($(machine), ppc) # FIXME: verify
+        arch = ppc
+      else
+        # FIXME: x86_64, ia64, sparc, Alpha
+        $(error Sorry, your arch is unknown/unsupported: $(machine))
+      endif
+    endif
+  endif
+endif
+
+platform = $(os)_$(arch)-$(compiler)
+
+idl_headers = $(idl:.idl=.h)
+idl_typelib = $(idl:.idl=.xpt)
+cpp_objects = $(cpp_sources:.cpp=.o)
+so_target = $(target:=.$(so))
+
+######################################################################
+
+.PHONY: all build install test-install clean
+
+all: build # default target
+
+build: $(so_target) $(idl_typelib)
+
+install: build
+	mkdir -p $(destdir)/components
+	mkdir -p $(platformdir)/components
+	cp $(idl_typelib) $(destdir)/components
+	cp $(so_target) $(platformdir)/components
+
+# gross hack to get around component registration for xpcshell tests
+test-install: install
+	ln -sf `pwd`/$(destdir)/defaults/preferences/sync.js $(sdkdir)/bin/defaults/pref/sync.js # fixme!!
+	ln -sf `pwd`/$(destdir)/components/$(idl_typelib) $(sdkdir)/bin/components/$(idl_typelib)
+	ln -sf `pwd`/$(platformdir)/components/$(so_target) $(sdkdir)/bin/components/$(so_target)
+	rm -f $(sdkdir)/bin/components/compreg.dat
+	rm -f $(sdkdir)/bin/components/xpti.dat
+
+clean: 
+	rm -f $(so_target) $(cpp_objects) $(idl_typelib) $(idl_headers)
+
+# rules to build the c headers and .xpt from idl
+
+$(idl_headers): $(idl)
+	$(xpidl) -m header -I$(sdkdir)/idl $(@:.h=.idl)
+
+$(idl_typelib): $(idl)
+	$(xpidl) -m typelib -I$(sdkdir)/idl $(@:.xpt=.idl)
+
+# "main" (internal) rules, build sources and link the component
+
+$(cpp_objects): $(cpp_sources)
+	$(cxx) -o $@ $(cppflags) $(@:.o=.cpp)
+
+$(so_target): $(idl_headers) $(cpp_objects)
+	$(cxx) -o $@ $(ldflags) $(cpp_objects)
+	chmod +x $@
+#	strip $@
new file mode 100644
--- /dev/null
+++ b/services/crypto/WeaveCrypto.cpp
@@ -0,0 +1,219 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Mozilla Public License Version
+ * 1.1 (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is Weave code.
+ *
+ * The Initial Developer of the Original Code is
+ * Mozilla Corporation
+ * Portions created by the Initial Developer are Copyright (C) 2007
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ *   Dan Mills <thunder@mozilla.com> (original author)
+ *   Honza Bambas <honzab@allpeers.com>
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the MPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the MPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+
+#include "WeaveCrypto.h"
+
+#include "nsStringAPI.h"
+#include "nsAutoPtr.h"
+#include "plbase64.h"
+#include "secerr.h"
+#include "secpkcs7.h"
+
+NS_IMPL_ISUPPORTS1(WeaveCrypto, IWeaveCrypto)
+
+WeaveCrypto::WeaveCrypto()
+: mAlgorithm(SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC)
+{
+}
+
+WeaveCrypto::~WeaveCrypto()
+{
+}
+
+nsresult 
+WeaveCrypto::EncodeBase64(const nsACString& binary, nsACString& retval)
+{
+  PRUint32 encodedLength = (binary.Length() * 4 + 2) / 3;
+
+  nsAutoArrayPtr<char> encoded;
+  encoded = new char[encodedLength + 2];
+  NS_ENSURE_TRUE(encoded, NS_ERROR_OUT_OF_MEMORY);
+
+  PromiseFlatCString fBinary(binary);
+  PL_Base64Encode(fBinary.get(), fBinary.Length(), encoded);
+
+  retval.Assign(encoded, encodedLength);
+  return NS_OK;
+}
+
+nsresult 
+WeaveCrypto::DecodeBase64(const nsACString& base64, nsACString& retval)
+{
+  PromiseFlatCString flat(base64);
+
+  PRUint32 decodedLength = (flat.Length() * 3) / 4;
+
+  nsAutoArrayPtr<char> decoded;
+  decoded = new char[decodedLength];
+  NS_ENSURE_TRUE(decoded, NS_ERROR_OUT_OF_MEMORY);
+
+  if (!PL_Base64Decode(flat.get(), flat.Length(), decoded))
+    return NS_ERROR_ILLEGAL_VALUE;
+
+  retval.Assign(decoded, decodedLength);
+  return NS_OK;
+}
+
+// static
+void
+WeaveCrypto::StoreToStringCallback(void *arg, const char *buf, unsigned long len)
+{
+  nsACString* aText = (nsACString*)arg;
+  aText->Append(buf, len);
+}
+
+// static
+PK11SymKey * 
+WeaveCrypto::GetSymmetricKeyCallback(void *arg, SECAlgorithmID *algid)
+{
+  SECItem *pwitem = (SECItem *)arg;
+
+  PK11SlotInfo *slot = PK11_GetInternalSlot();
+  if (!slot)
+    return nsnull;
+
+  PK11SymKey *key = PK11_PBEKeyGen(slot, algid, pwitem, PR_FALSE, nsnull);
+  PK11_FreeSlot(slot);
+
+  if (key)
+    PK11_SetSymKeyUserData(key, pwitem, nsnull);
+
+  return key;
+}
+
+// static
+PRBool 
+WeaveCrypto::DecryptionAllowedCallback(SECAlgorithmID *algid, PK11SymKey *key)
+{
+  return PR_TRUE;
+}
+
+//////////////////////////////////////////////////////////////////////////////
+// nsIPBECipher
+
+NS_IMETHODIMP
+WeaveCrypto::GetAlgorithm(PRUint32 *aAlgorithm)
+{
+  *aAlgorithm = mAlgorithm;
+  return NS_OK;
+}
+
+NS_IMETHODIMP
+WeaveCrypto::SetAlgorithm(PRUint32 aAlgorithm)
+{
+  mAlgorithm = (SECOidTag)aAlgorithm;
+  return NS_OK;
+}
+
+NS_IMETHODIMP
+WeaveCrypto::Encrypt(const nsACString& aPass,
+                     const nsACString& aClearText,
+                     nsACString& aCipherText)
+{
+  nsresult rv = NS_ERROR_FAILURE;
+
+  SEC_PKCS7ContentInfo *cinfo = SEC_PKCS7CreateEncryptedData(mAlgorithm, 0, nsnull, nsnull);
+  NS_ENSURE_TRUE(cinfo, NS_ERROR_FAILURE);
+  
+  SECAlgorithmID* encalgid = SEC_PKCS7GetEncryptionAlgorithm(cinfo);
+  if (encalgid)
+  {
+    PromiseFlatCString fPass(aPass);
+    SECItem pwitem = {siBuffer, (unsigned char*)fPass.get(), fPass.Length()}; 
+    PK11SymKey *key = GetSymmetricKeyCallback(&pwitem, encalgid);
+    if (key)
+    {
+      nsCString result;
+      SEC_PKCS7EncoderContext *ecx = SEC_PKCS7EncoderStart(
+          cinfo, StoreToStringCallback, &result, key);
+      PK11_FreeSymKey(key);
+
+      if (ecx) 
+      {
+        SECStatus srv;
+        
+        PromiseFlatCString fClearText(aClearText);
+        srv = SEC_PKCS7EncoderUpdate(ecx, fClearText.get(), fClearText.Length());
+
+        SEC_PKCS7EncoderFinish(ecx, nsnull, nsnull);
+
+        if (SECSuccess == srv)
+          rv = EncodeBase64(result, aCipherText);
+      }
+      else
+      {
+        NS_WARNING("Could not create PKCS#7 encoder context");
+      } 
+    }
+  }
+
+  SEC_PKCS7DestroyContentInfo(cinfo);
+  return rv;
+}
+
+NS_IMETHODIMP
+WeaveCrypto::Decrypt(const nsACString& aPass,
+                     const nsACString& aCipherText,
+                     nsACString& aClearText)
+{
+  nsresult rv;
+
+  nsCString fCipherText;
+  rv = DecodeBase64(aCipherText, fCipherText);
+  NS_ENSURE_SUCCESS(rv, rv);  
+
+  aClearText.Truncate();
+
+  PromiseFlatCString fPass(aPass);
+  SECItem pwitem = {siBuffer, (unsigned char*)fPass.get(), fPass.Length()}; 
+  SEC_PKCS7DecoderContext *dcx = SEC_PKCS7DecoderStart(
+      StoreToStringCallback, &aClearText, nsnull, nsnull,
+      GetSymmetricKeyCallback, &pwitem, 
+      DecryptionAllowedCallback);
+  NS_ENSURE_TRUE(dcx, NS_ERROR_FAILURE);
+
+  SECStatus srv = SEC_PKCS7DecoderUpdate(dcx, fCipherText.get(), fCipherText.Length());
+  rv = (SECSuccess == srv) ? NS_OK : NS_ERROR_FAILURE;
+
+  SEC_PKCS7ContentInfo *cinfo = SEC_PKCS7DecoderFinish(dcx);
+  if (cinfo)
+    SEC_PKCS7DestroyContentInfo(cinfo);
+
+  return rv;
+}
new file mode 100644
--- /dev/null
+++ b/services/crypto/WeaveCrypto.h
@@ -0,0 +1,72 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Mozilla Public License Version
+ * 1.1 (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is WeaveCrypto code.
+ *
+ * The Initial Developer of the Original Code is
+ * Mozilla Corporation
+ * Portions created by the Initial Developer are Copyright (C) 2007
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ *   Dan Mills <thunder@mozilla.com> (original author)
+ *   Honza Bambas <honzab@allpeers.com>
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the MPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the MPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+
+#ifndef WeaveCrypto_h_
+#define WeaveCrypto_h_
+
+#include "IWeaveCrypto.h"
+#include "pk11pub.h"
+
+#define WEAVE_CRYPTO_CONTRACTID "@labs.mozilla.com/Weave/Crypto;1"
+#define WEAVE_CRYPTO_CLASSNAME "A Simple XPCOM Sample"
+#define WEAVE_CRYPTO_CID { 0xd3b0f750, 0xc976, 0x46d0, \
+                           { 0xbe, 0x20, 0x96, 0xb2, 0x4f, 0x46, 0x84, 0xbc } }
+
+class WeaveCrypto : public IWeaveCrypto
+{
+public:
+  WeaveCrypto();
+
+  NS_DECL_ISUPPORTS
+  NS_DECL_IWEAVECRYPTO
+
+private:
+  ~WeaveCrypto();
+
+  SECOidTag mAlgorithm;
+
+  nsresult DecodeBase64(const nsACString& base64, nsACString& retval);
+  nsresult EncodeBase64(const nsACString& binary, nsACString& retval);
+
+  static void WeaveCrypto::StoreToStringCallback(void *arg, const char *buf, unsigned long len);
+  static PK11SymKey *GetSymmetricKeyCallback(void *arg, SECAlgorithmID *algid);
+  static PRBool DecryptionAllowedCallback(SECAlgorithmID *algid, PK11SymKey *key);
+};
+
+#endif // WeaveCrypto_h_
new file mode 100644
--- /dev/null
+++ b/services/crypto/WeaveCryptoModule.cpp
@@ -0,0 +1,54 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Mozilla Public License Version
+ * 1.1 (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is Weave code.
+ *
+ * The Initial Developer of the Original Code is
+ * Mozilla Corporation
+ * Portions created by the Initial Developer are Copyright (C) 2008
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ *   Dan Mills <thunder@mozilla.com> (original author)
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the MPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the MPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+
+#include "nsIGenericFactory.h"
+#include "WeaveCrypto.h"
+
+NS_GENERIC_FACTORY_CONSTRUCTOR(WeaveCrypto)
+
+static nsModuleComponentInfo components[] =
+{
+  {
+    WEAVE_CRYPTO_CLASSNAME,
+    WEAVE_CRYPTO_CID,
+    WEAVE_CRYPTO_CONTRACTID,
+    WeaveCryptoConstructor,
+  }
+};
+
+NS_IMPL_NSGETMODULE("WeaveCryptoModule", components) 
--- a/services/sync/modules/async.js
+++ b/services/sync/modules/async.js
@@ -43,67 +43,54 @@ const Cu = Components.utils;
 
 Cu.import("resource://weave/log4moz.js");
 Cu.import("resource://weave/util.js");
 
 /*
  * Asynchronous generator helpers
  */
 
-function AsyncException(generator, message) {
-  this.generator = generator;
+function AsyncException(initFrame, message) {
   this.message = message;
-  this._trace = this.generator.trace;
+  this._trace = initFrame;
 }
 AsyncException.prototype = {
-  get generator() { return this._generator; },
-  set generator(value) {
-    if (!(value instanceof Generator))
-      throw "expected type 'Generator'";
-    this._generator = value;
-  },
-
   get message() { return this._message; },
   set message(value) { this._message = value; },
 
   get trace() { return this._trace; },
   set trace(value) { this._trace = value; },
-  
+
+  addFrame: function AsyncException_addFrame(frame) {
+    this.trace += (this.trace? "\n" : "") + formatFrame(frame);
+  },
+
   toString: function AsyncException_toString() {
     return this.message;
   }
 };
 
 function Generator(object, method, onComplete, args) {
   this._log = Log4Moz.Service.getLogger("Async.Generator");
   this._log.level =
     Log4Moz.Level[Utils.prefs.getCharPref("log.logger.async")];
   this._object = object;
   this._method = method;
   this.onComplete = onComplete;
   this._args = args;
-
-  let frame = Components.stack.caller;
-  if (frame.name == "Async_run")
-    frame = frame.caller;
-  if (frame.name == "Async_sugar")
-    frame = frame.caller;
-
-  this._initFrame = frame;
+  this._initFrame = Components.stack.caller;
+  // skip our frames
+  // FIXME: we should have a pref for this, for debugging async.js itself
+  while (this._initFrame.name.match(/^Async(Gen|)_/))
+    this._initFrame = this._initFrame.caller;
 }
 Generator.prototype = {
   get name() { return this._method.name; },
   get generator() { return this._generator; },
 
-  // set to true to error when generators to bottom out/return.
-  // you will then have to ensure that all generators yield as the
-  // last thing they do, and never call 'return'
-  get errorOnStop() { return this._errorOnStop; },
-  set errorOnStop(value) { this._errorOnStop = value; },
-
   get cb() {
     let self = this, cb = function(data) { self.cont(data); };
     cb.parentGenerator = this;
     return cb;
   },
   get listener() { return new Utils.EventListener(this.cb); },
 
   get _object() { return this.__object; },
@@ -129,67 +116,67 @@ Generator.prototype = {
   },
   set onComplete(value) {
     if (value && typeof value != "function")
       throw "expected type 'function', got type '" + typeof(value) + "'";
     this._onComplete = value;
   },
 
   get trace() {
-    return Utils.stackTrace(this._initFrame) +
-      "JS frame :: unknown (async) :: " + this.name;
+    return "unknown (async) :: " + this.name + "\n" + trace(this._initFrame);
   },
 
   _handleException: function AsyncGen__handleException(e) {
     if (e instanceof StopIteration) {
-      if (this.errorOnStop) {
-        this._log.error("[" + this.name + "] Generator stopped unexpectedly");
-        this._log.trace("Stack trace:\n" + this.trace);
-        this._exception = "Generator stopped unexpectedly"; // don't propagate StopIteration
-      }
+      // skip to calling done()
 
     } else if (this.onComplete.parentGenerator instanceof Generator) {
       this._log.trace("[" + this.name + "] Saving exception and stack trace");
-      this._log.trace(Async.exceptionStr(this, e));
+      this._log.trace("Exception: " + Utils.exceptionStr(e));
 
-      if (e instanceof AsyncException)
-        e.trace = this.trace + e.trace? "\n" + e.trace : "";
-      else
-        e = new AsyncException(this, e);
+        if (e instanceof AsyncException) {
+          // FIXME: attempt to skip repeated frames, which can happen if the
+          // child generator never yielded.  Would break for valid repeats (recursion)
+          if (e.trace.indexOf(formatFrame(this._initFrame)) == -1)
+            e.addFrame(this._initFrame);
+        } else {
+          e = new AsyncException(this.trace, e);
+        }
 
       this._exception = e;
 
     } else {
-      this._log.error(Async.exceptionStr(this, e));
-      this._log.debug("Stack trace:\n" + this.trace +
-                      (e.trace? "\n" + e.trace : ""));
+      this._log.error("Exception: " + Utils.exceptionStr(e));
+      this._log.debug("Stack trace:\n" + (e.trace? e.trace : this.trace));
     }
 
     // continue execution of caller.
     // in the case of StopIteration we could return an error right
     // away, but instead it's easiest/best to let the caller handle
     // the error after a yield / in a callback.
     if (!this._timer) {
       this._log.trace("[" + this.name + "] running done() from _handleException()");
       this.done();
     }
   },
 
   run: function AsyncGen_run() {
+    this._continued = false;
     try {
       this._generator = this._method.apply(this._object, this._args);
       this.generator.next(); // must initialize before sending
       this.generator.send(this);
     } catch (e) {
       if (!(e instanceof StopIteration) || !this._timer)
         this._handleException(e);
     }
   },
 
   cont: function AsyncGen_cont(data) {
+    this._continued = true;
     try { this.generator.send(data); }
     catch (e) {
       if (!(e instanceof StopIteration) || !this._timer)
         this._handleException(e);
     }
   },
 
   throw: function AsyncGen_throw(exception) {
@@ -234,23 +221,48 @@ Generator.prototype = {
     } else {
       try {
         this._log.trace("[" + this.name + "] Running onComplete()");
         this.onComplete(retval);
       } catch (e) {
         this._log.error("Exception caught from onComplete handler of " +
                         this.name + " generator");
         this._log.error("Exception: " + Utils.exceptionStr(e));
-        this._log.trace("Current stack trace:\n" + Utils.stackTrace(Components.stack));
+        this._log.trace("Current stack trace:\n" + trace(Components.stack));
         this._log.trace("Initial stack trace:\n" + this.trace);
       }
     }
   }
 };
 
+function formatFrame(frame) {
+  // FIXME: sort of hackish, might be confusing if there are multiple
+  // extensions with similar filenames
+  let tmp = frame.filename.replace(/^file:\/\/.*\/([^\/]+.js)$/, "module:$1");
+  tmp += ":" + frame.lineNumber + " :: " + frame.name;
+  return tmp;
+}
+
+function trace(frame, str) {
+  if (!str)
+    str = "";
+
+  // skip our frames
+  // FIXME: we should have a pref for this, for debugging async.js itself
+  while (frame.name.match(/^Async(Gen|)_/))
+    frame = frame.caller;
+
+  if (frame.caller)
+    str = trace(frame.caller, str);
+  str = formatFrame(frame) + (str? "\n" : "") + str;
+
+  return str;
+}
+
+
 Async = {
 
   // Use:
   // let gen = Async.run(this, this.fooGen, ...);
   // let ret = yield;
   //
   // where fooGen is a generator function, and gen is a Generator instance
   // ret is whatever the generator 'returns' via Generator.done().
--- a/services/sync/modules/dav.js
+++ b/services/sync/modules/dav.js
@@ -38,64 +38,73 @@ const EXPORTED_SYMBOLS = ['DAV', 'DAVCol
 
 const Cc = Components.classes;
 const Ci = Components.interfaces;
 const Cr = Components.results;
 const Cu = Components.utils;
 
 Cu.import("resource://gre/modules/XPCOMUtils.jsm");
 Cu.import("resource://weave/log4moz.js");
+Cu.import("resource://weave/constants.js");
 Cu.import("resource://weave/util.js");
+Cu.import("resource://weave/identity.js");
 Cu.import("resource://weave/async.js");
-Cu.import("resource://weave/constants.js");
 
 Function.prototype.async = Async.sugar;
 
 Utils.lazy(this, 'DAV', DAVCollection);
 
+let DAVLocks = {};
+
 /*
  * DAV object
  * Abstracts the raw DAV commands
  */
 
-function DAVCollection(baseURL) {
-  this._baseURL = baseURL;
+function DAVCollection(baseURL, defaultPrefix) {
+  this.baseURL = baseURL;
+  this.defaultPrefix = defaultPrefix;
   this._authProvider = new DummyAuthProvider();
   this._log = Log4Moz.Service.getLogger("Service.DAV");
   this._log.level =
     Log4Moz.Level[Utils.prefs.getCharPref("log.logger.service.dav")];
 }
 DAVCollection.prototype = {
 
   __dp: null,
   get _dp() {
     if (!this.__dp)
       this.__dp = Cc["@mozilla.org/xmlextras/domparser;1"].
         createInstance(Ci.nsIDOMParser);
     return this.__dp;
   },
 
-  _auth: null,
-
   get baseURL() {
     return this._baseURL;
   },
   set baseURL(value) {
-    if (value[value.length-1] != '/')
+    if (value && value[value.length-1] != '/')
       value = value + '/';
     this._baseURL = value;
   },
 
-  _loggedIn: false,
-  get loggedIn() {
-    return this._loggedIn;
+  get defaultPrefix() {
+    return this._defaultPrefix;
+  },
+  set defaultPrefix(value) {
+    if (value && value[value.length-1] != '/')
+      value = value + '/';
+    if (value && value[0] == '/')
+      value = value.slice(1);
+    this._defaultPrefix = value;
   },
 
   get locked() {
-    return !this._lockAllowed || this._token != null;
+    return !this._lockAllowed || (DAVLocks['default'] &&
+                                  DAVLocks['default'].token);
   },
 
   _lockAllowed: true,
   get allowLock() {
     return this._lockAllowed;
   },
   set allowLock(value) {
     this._lockAllowed = value;
@@ -143,20 +152,24 @@ DAVCollection.prototype = {
       this._log.warn("_makeRequest: authentication failed");
     if (ret.status < 200 || ret.status >= 300)
       this._log.warn("_makeRequest: got status " + ret.status);
 
     self.done(ret);
   },
 
   get _defaultHeaders() {
-    return {'Authorization': this._auth? this._auth : '',
-            'Content-type': 'text/plain',
-            'If': this._token?
-            "<" + this._baseURL + "> (<" + this._token + ">)" : ''};
+    let h = {'Content-type': 'text/plain'},
+      id = ID.get('DAV:default'),
+      lock = DAVLocks['default'];
+    if (id)
+      h['Authorization'] = 'Basic ' + btoa(id.username + ":" + id.password);
+    if (lock)
+      h['If'] = "<" + lock.URL + "> (<" + lock.token + ">)";
+    return h;
   },
 
   // mkdir -p
   _mkcol: function DC__mkcol(path) {
     let self = yield;
     let ok = true;
 
     try {
@@ -237,17 +250,17 @@ DAVCollection.prototype = {
     let headers = {'Content-type': 'text/xml; charset="utf-8"',
                    'Depth': 'infinity',
                    'Timeout': 'Second-600'};
     headers.__proto__ = this._defaultHeaders;
     return this._makeRequest.async(this, onComplete, "LOCK", path, headers, data);
   },
 
   UNLOCK: function DC_UNLOCK(path, onComplete) {
-    let headers = {'Lock-Token': '<' + this._token + '>'};
+    let headers = {'Lock-Token': '<' + DAVLocks['default'].token + '>'};
     headers.__proto__ = this._defaultHeaders;
     return this._makeRequest.async(this, onComplete, "UNLOCK", path, headers);
   },
 
   // Get all files
   listFiles: function DC_listFiles(path) {
     let self = yield;
 
@@ -261,65 +274,48 @@ DAVCollection.prototype = {
     this._makeRequest.async(this, self.cb, "PROPFIND", path, headers,
                            "<?xml version=\"1.0\" encoding=\"utf-8\" ?>" +
                             "<D:propfind xmlns:D='DAV:'><D:prop/></D:propfind>");
     let resp = yield;
     Utils.ensureStatus(resp.status, "propfind failed");
 
     let ret = [];
     try {
-      let tokens = Utils.xpath(resp.responseXML, '//D:href');
+      let elts = Utils.xpath(resp.responseXML, '//D:href');
       // FIXME: shouldn't depend on the first one being the root
-      let root = tokens.iterateNext();
+      let root = elts.iterateNext();
       root = root.textContent;
-      let token;
-      while (token = tokens.iterateNext())
-        ret.push(token.textContent.replace(root, ''));
+      let elt;
+      while (elt = elts.iterateNext())
+        ret.push(elt.textContent.replace(root, ''));
     } catch (e) {}
 
     self.done(ret);
   },
 
   // Login / Logout
 
-  login: function DC_login(username, password) {
+  checkLogin: function DC_checkLogin() {
     let self = yield;
 
-    if (this._loggedIn) {
-      this._log.debug("Login requested, but already logged in");
-      self.done(true);
-      yield;
-    }
-
-    this._log.debug("Logging in");
-
-    let URI = Utils.makeURI(this._baseURL);
-    this._auth = "Basic " + btoa(username + ":" + password);
+    this._log.debug("Checking login");
 
     // Make a call to make sure it's working
     this.GET("", self.cb);
     let resp = yield;
 
     if (this._authProvider._authFailed ||
         resp.status < 200 || resp.status >= 300) {
       self.done(false);
       yield;
     }
 
-    this._loggedIn = true;
-
     self.done(true);
   },
 
-  logout: function DC_logout() {
-    this._log.trace("Logging out (forgetting auth header)");
-    this._loggedIn = false;
-    this.__auth = null;
-  },
-
   // Locking
 
   _getActiveLock: function DC__getActiveLock() {
     let self = yield;
     let ret = null;
 
     this._log.debug("Getting active lock token");
     this.PROPFIND("",
@@ -339,127 +335,112 @@ DAVCollection.prototype = {
     let token = tokens.iterateNext();
     if (token)
       ret = token.textContent;
 
     if (ret)
       this._log.trace("Found an active lock token");
     else
       this._log.trace("No active lock token found");
-    self.done(ret);
+    self.done({URL: this._baseURL, token: ret});
   },
 
   lock: function DC_lock() {
     let self = yield;
-    this._token = null;
 
     this._log.trace("Acquiring lock");
 
-    if (this._token) {
+    if (DAVLocks['default']) {
       this._log.debug("Lock called, but we already hold a token");
-      self.done(this._token);
+      self.done(DAVLocks['default']);
       yield;
     }
 
-    this.LOCK("",
+    this.LOCK("lock",
               "<?xml version=\"1.0\" encoding=\"utf-8\" ?>\n" +
               "<D:lockinfo xmlns:D=\"DAV:\">\n" +
               "  <D:locktype><D:write/></D:locktype>\n" +
               "  <D:lockscope><D:exclusive/></D:lockscope>\n" +
               "</D:lockinfo>", self.cb);
     let resp = yield;
 
     if (this._authProvider._authFailed ||
         resp.status < 200 || resp.status >= 300) {
-      self.done(this._token);
+      self.done();
       yield;
     }
 
     let tokens = Utils.xpath(resp.responseXML, '//D:locktoken/D:href');
     let token = tokens.iterateNext();
-    if (token)
-      this._token = token.textContent;
+    if (token) {
+      DAVLocks['default'] = {
+        URL: this._baseURL,
+        token: token.textContent
+      };
+    }
 
-    if (this._token)
-      this._log.trace("Lock acquired");
-    else
+    if (!DAVLocks['default']) {
       this._log.warn("Could not acquire lock");
+      self.done();
+      return;
+    }
 
-    self.done(this._token);
+    this._log.trace("Lock acquired");
+    self.done(DAVLocks['default']);
   },
 
   unlock: function DC_unlock() {
     let self = yield;
 
     this._log.trace("Releasing lock");
 
     if (!this.locked) {
       this._log.debug("Unlock called, but we don't hold a token right now");
       self.done(true);
       yield;
     }
 
-    this.UNLOCK("", self.cb);
+    this.UNLOCK("lock", self.cb);
     let resp = yield;
 
     if (this._authProvider._authFailed ||
         resp.status < 200 || resp.status >= 300) {
       self.done(false);
       yield;
     }
 
-    this._token = null;
-
-    if (this._token)
-      this._log.trace("Could not release lock");
-    else
-      this._log.trace("Lock released (or we didn't have one)");
-
-    self.done(!this._token);
+    delete DAVLocks['default']
+    this._log.trace("Lock released (or we didn't have one)");
+    self.done(true);
   },
 
   forceUnlock: function DC_forceUnlock() {
     let self = yield;
     let unlocked = true;
 
     this._log.debug("Forcibly releasing any server locks");
 
     this._getActiveLock.async(this, self.cb);
-    this._token = yield;
+    DAVLocks['default'] = yield;
 
-    if (!this._token) {
+    if (!DAVLocks['default']) {
       this._log.debug("No server lock found");
       self.done(true);
       yield;
     }
 
     this._log.trace("Server lock found, unlocking");
     this.unlock.async(this, self.cb);
     unlocked = yield;
 
     if (unlocked)
       this._log.trace("Lock released");
     else
       this._log.trace("No lock released");
     self.done(unlocked);
-  },
-
-  stealLock: function DC_stealLock() {
-    let self = yield;
-    let stolen = null;
-
-    this.forceUnlock.async(this, self.cb);
-    let unlocked = yield;
-
-    if (unlocked) {
-      this.lock.async(this, self.cb);
-      stolen = yield;
-    }
-
-    self.done(stolen);
   }
 };
 
 
 /*
  * Auth provider object
  * Taken from nsMicrosummaryService.js and massaged slightly
  */
--- a/services/sync/modules/engines.js
+++ b/services/sync/modules/engines.js
@@ -29,17 +29,18 @@
  * use your version of this file under the terms of the MPL, indicate your
  * decision by deleting the provisions above and replace them with the notice
  * and other provisions required by the GPL or the LGPL. If you do not delete
  * the provisions above, a recipient may use your version of this file under
  * the terms of any one of the MPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */
 
-const EXPORTED_SYMBOLS = ['Engine', 'BookmarksEngine', 'HistoryEngine', 'CookieEngine'];
+const EXPORTED_SYMBOLS = ['Engines', 'Engine',
+                          'BookmarksEngine', 'HistoryEngine', 'CookieEngine'];
 
 const Cc = Components.classes;
 const Ci = Components.interfaces;
 const Cr = Components.results;
 const Cu = Components.utils;
 
 Cu.import("resource://gre/modules/XPCOMUtils.jsm");
 Cu.import("resource://weave/log4moz.js");
@@ -49,19 +50,46 @@ Cu.import("resource://weave/crypto.js");
 Cu.import("resource://weave/dav.js");
 Cu.import("resource://weave/identity.js");
 Cu.import("resource://weave/stores.js");
 Cu.import("resource://weave/syncCores.js");
 Cu.import("resource://weave/async.js");
 
 Function.prototype.async = Async.sugar;
 
-function Engine(davCollection, pbeId) {
-  //this._init(davCollection, pbeId);
+// Singleton service, holds registered engines
+
+Utils.lazy(this, 'Engines', EngineManagerSvc);
+
+function EngineManagerSvc() {
+  this._engines = {};
 }
+EngineManagerSvc.prototype = {
+  get: function EngMgr_get(name) {
+    return this._engines[name]
+  },
+  getAll: function EngMgr_getAll() {
+    let ret = [];
+    for (key in this._engines) {
+      ret.push(this._engines[key]);
+    }
+    return ret;
+  },
+  register: function EngMgr_register(engine) {
+    this._engines[engine.name] = engine;
+  },
+  unregister: function EngMgr_unregister(val) {
+    let name = val;
+    if (val instanceof Engine)
+      name = val.name;
+    delete this._engines[name];
+  }
+};
+
+function Engine() {}
 Engine.prototype = {
   // "default-engine";
   get name() { throw "name property must be overridden in subclasses"; },
 
   // "DefaultEngine";
   get logName() { throw "logName property must be overridden in subclasses"; },
 
   // "user-data/default-engine/";
@@ -69,16 +97,20 @@ Engine.prototype = {
 
   // These can be overridden in subclasses, but don't need to be (assuming
   // serverPrefix is not shared with anything else)
   get statusFile() { return this.serverPrefix + "status.json"; },
   get keysFile() { return this.serverPrefix + "keys.json"; },
   get snapshotFile() { return this.serverPrefix + "snapshot.json"; },
   get deltasFile() { return this.serverPrefix + "deltas.json"; },
 
+  get enabled() {
+    return Utils.prefs.getBoolPref("engine." + this.name);
+  },
+
   __os: null,
   get _os() {
     if (!this.__os)
       this.__os = Cc["@mozilla.org/observer-service;1"]
         .getService(Ci.nsIObserverService);
     return this.__os;
   },
 
@@ -110,20 +142,28 @@ Engine.prototype = {
     if (!this.__snapshot)
       this.__snapshot = new SnapshotStore(this.name);
     return this.__snapshot;
   },
   set _snapshot(value) {
     this.__snapshot = value;
   },
 
-  _init: function Engine__init(davCollection, pbeId) {
-    this._pbeId = pbeId;
-    this._engineId = new Identity(pbeId.realm + " - " + this.logName,
-                                  pbeId.username);
+  get _pbeId() {
+    let id = ID.get('Engine:PBE:' + this.name);
+    if (!id)
+      id = ID.get('Engine:PBE:default');
+    if (!id)
+      throw "No identity found for engine PBE!";
+    return id;
+  },
+
+  _init: function Engine__init() {
+    this._engineId = new Identity(this._pbeId.realm + " - " + this.logName,
+                                  this._pbeId.username);
     this._log = Log4Moz.Service.getLogger("Service." + this.logName);
     this._log.level =
       Log4Moz.Level[Utils.prefs.getCharPref("log.logger.service.engine")];
     this._osPrefix = "weave:" + this.name + ":";
     this._snapshot.load();
   },
 
   _getSymKey: function Engine__getSymKey() {
@@ -785,21 +825,21 @@ Engine.prototype = {
     return this._resetServer.async(this, onComplete);
   },
 
   resetClient: function Engine_resetClient(onComplete) {
     return this._resetClient.async(this, onComplete);
   }
 };
 
-function BookmarksEngine(davCollection, pbeId) {
-  this._init(davCollection, pbeId);
+function BookmarksEngine(pbeId) {
+  this._init(pbeId);
 }
 BookmarksEngine.prototype = {
-  get name() { return "bookmarks-engine"; },
+  get name() { return "bookmarks"; },
   get logName() { return "BmkEngine"; },
   get serverPrefix() { return "user-data/bookmarks/"; },
 
   __core: null,
   get _core() {
     if (!this.__core)
       this.__core = new BookmarksSyncCore();
     return this.__core;
@@ -896,21 +936,21 @@ BookmarksEngine.prototype = {
     this._store.applyCommands.async(this._store, self.cb, diff);
     yield;
 
     this._log.trace("Shared folder from " + user + " successfully synced!");
   }
 };
 BookmarksEngine.prototype.__proto__ = new Engine();
 
-function HistoryEngine(davCollection, pbeId) {
-  this._init(davCollection, pbeId);
+function HistoryEngine(pbeId) {
+  this._init(pbeId);
 }
 HistoryEngine.prototype = {
-  get name() { return "history-engine"; },
+  get name() { return "history"; },
   get logName() { return "HistEngine"; },
   get serverPrefix() { return "user-data/history/"; },
 
   __core: null,
   get _core() {
     if (!this.__core)
       this.__core = new HistorySyncCore();
     return this.__core;
@@ -920,22 +960,21 @@ HistoryEngine.prototype = {
   get _store() {
     if (!this.__store)
       this.__store = new HistoryStore();
     return this.__store;
   }
 };
 HistoryEngine.prototype.__proto__ = new Engine();
 
-// Jono: the following is copy-and-paste code
-function CookieEngine(davCollection, pbeId) {
-  this._init(davCollection, pbeId);
+function CookieEngine(pbeId) {
+  this._init(pbeId);
 }
 CookieEngine.prototype = {
-  get name() { return "cookie-engine"; },
+  get name() { return "cookies"; },
   get logName() { return "CookieEngine"; },
   get serverPrefix() { return "user-data/cookies/"; },
 
   __core: null,
   get _core() {
     if (!this.__core)
       this.__core = new CookieSyncCore();
     return this.__core;
--- a/services/sync/modules/identity.js
+++ b/services/sync/modules/identity.js
@@ -29,28 +29,59 @@
  * use your version of this file under the terms of the MPL, indicate your
  * decision by deleting the provisions above and replace them with the notice
  * and other provisions required by the GPL or the LGPL. If you do not delete
  * the provisions above, a recipient may use your version of this file under
  * the terms of any one of the MPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */
 
-const EXPORTED_SYMBOLS = ['Identity'];
+const EXPORTED_SYMBOLS = ['Identity', 'ID'];
 
 const Cc = Components.classes;
 const Ci = Components.interfaces;
 const Cr = Components.results;
 const Cu = Components.utils;
 
 Cu.import("resource://gre/modules/XPCOMUtils.jsm");
 Cu.import("resource://weave/log4moz.js");
 Cu.import("resource://weave/constants.js");
 Cu.import("resource://weave/util.js");
 
+Utils.lazy(this, 'ID', IDManager);
+
+// For storing identities we'll use throughout Weave
+function IDManager() {
+  this._ids = {};
+  this._aliases = {};
+}
+IDManager.prototype = {
+  get: function IDMgr_get(name) {
+    if (this._aliases[name])
+      return this._ids[this._aliases[name]];
+    else
+      return this._ids[name]
+  },
+  set: function IDMgr_set(name, id) {
+    this._ids[name] = id;
+  },
+  del: function IDMgr_del(name) {
+    delete this._ids[name];
+  },
+  getAlias: function IDMgr_getAlias(alias) {
+    return this._aliases[alias];
+  },
+  setAlias: function IDMgr_setAlias(name, alias) {
+    this._aliases[alias] = name;
+  },
+  delAlias: function IDMgr_delAlias(alias) {
+    delete this._aliases[alias];
+  }
+};
+
 /*
  * Identity
  * These objects hold a realm, username, and password
  * They can hold a password in memory, but will try to fetch it from
  * the password manager if it's not set.
  * FIXME: need to rethink this stuff as part of a bigger identity mgmt framework
  */
 
--- a/services/sync/modules/service.js
+++ b/services/sync/modules/service.js
@@ -72,16 +72,31 @@ Utils.lazy(Weave, 'Service', WeaveSvc);
  * Service singleton
  * Main entry point into Weave's sync framework
  */
 
 function WeaveSvc() {
   this._initLogs();
   this._log.info("Weave Sync Service Initializing");
 
+  // Create Weave identities (for logging in, and for encryption)
+  ID.set('WeaveID', new Identity('Mozilla Services Password', this.username));
+  ID.set('WeaveCryptoID',
+         new Identity('Mozilla Services Encryption Passphrase', this.username));
+
+  // Set up aliases for other modules to use our IDs
+  ID.setAlias('WeaveID', 'DAV:default');
+  ID.setAlias('WeaveCryptoID', 'Engine:PBE:default');
+
+  // Register built-in engines
+  Engines.register(new BookmarksEngine());
+  Engines.register(new HistoryEngine());
+  Engines.register(new CookieEngine());
+
+  // Other misc startup
   Utils.prefs.addObserver("", this, false);
 
   if (!this.enabled) {
     this._log.info("Weave Sync disabled");
     return;
   }
 
   this._setSchedule(this.schedule);
@@ -104,84 +119,43 @@ WeaveSvc.prototype = {
   __dirSvc: null,
   get _dirSvc() {
     if (!this.__dirSvc)
       this.__dirSvc = Cc["@mozilla.org/file/directory_service;1"].
         getService(Ci.nsIProperties);
     return this.__dirSvc;
   },
 
-  // FIXME: engines should be loaded dynamically somehow / need API to register
-
-  __bmkEngine: null,
-  get _bmkEngine() {
-    if (!this.__bmkEngine)
-      this.__bmkEngine = new BookmarksEngine(DAV, this._cryptoId);
-    return this.__bmkEngine;
-  },
-
-  __histEngine: null,
-  get _histEngine() {
-    if (!this.__histEngine)
-      this.__histEngine = new HistoryEngine(DAV, this._cryptoId);
-    return this.__histEngine;
-  },
-
-  __cookieEngine: null,
-  get _cookieEngine() {
-    // This gets an error that "CookieEngine" is undefined.  Why?
-    // BookmarksEngine and HistoryEngine are both defined in engines.js
-    // and so is CookieEngine, but...
-    if (!this.__cookieEngine)
-      this.__cookieEngine = new CookieEngine(DAV, this._cryptoId);
-    return this.__cookieEngine;
-  },
-
   // Timer object for automagically syncing
   _scheduleTimer: null,
 
-  __mozId: null,
-  get _mozId() {
-    if (this.__mozId === null)
-      this.__mozId = new Identity('Mozilla Services Password', this.username);
-    return this.__mozId;
-  },
-
-  __cryptoId: null,
-  get _cryptoId() {
-    if (this.__cryptoId === null)
-      this.__cryptoId = new Identity('Mozilla Services Encryption Passphrase',
-				     this.username);
-    return this.__cryptoId;
-  },
-
   get username() {
     return Utils.prefs.getCharPref("username");
   },
   set username(value) {
     if (value)
       Utils.prefs.setCharPref("username", value);
     else
       Utils.prefs.clearUserPref("username");
 
     // fixme - need to loop over all Identity objects - needs some rethinking...
-    this._mozId.username = value;
-    this._cryptoId.username = value;
+    ID.get('WeaveID').username = value;
+    ID.get('WeaveCryptoID').username = value;
   },
 
-  get password() { return this._mozId.password; },
-  set password(value) { this._mozId.password = value; },
+  get password() { return ID.get('WeaveID').password; },
+  set password(value) { ID.get('WeaveID').password = value; },
 
-  get passphrase() { return this._cryptoId.password; },
-  set passphrase(value) { this._cryptoId.password = value; },
+  get passphrase() { return ID.get('WeaveCryptoID').password; },
+  set passphrase(value) { ID.get('WeaveCryptoID').password = value; },
 
-  get userPath() { return this._mozId.userHash; },
+  get userPath() { return ID.get('WeaveID').userHash; },
 
   get currentUser() {
-    if (DAV.loggedIn)
+    if (this._loggedIn)
       return this.username;
     return null;
   },
 
   get enabled() {
     return Utils.prefs.getBoolPref("enabled");
   },
 
@@ -345,35 +319,38 @@ WeaveSvc.prototype = {
     let self = yield;
 
     DAV.GET("private/privkey", self.cb);
     let keyResp = yield;
     Utils.ensureStatus(keyResp.status,
                        "Could not get private key from server", [[200,300],404]);
 
     if (keyResp.status != 404) {
-      this._cryptoId.privkey = keyResp.responseText;
-      Crypto.RSAkeydecrypt.async(Crypto, self.cb, this._cryptoId);
-      this._cryptoId.pubkey = yield;
+      let id = ID.get('WeaveCryptoID');
+      id.privkey = keyResp.responseText;
+      Crypto.RSAkeydecrypt.async(Crypto, self.cb, id);
+      id.pubkey = yield;
 
     } else {
       this._generateKeys.async(this, self.cb);
       yield;
     }
   },
 
   _generateKeys: function WeaveSync__generateKeys() {
     let self = yield;
 
     this._log.debug("Generating new RSA key");
-    Crypto.RSAkeygen.async(Crypto, self.cb, this._cryptoId);
+
+    let id = ID.get('WeaveCryptoID');
+    Crypto.RSAkeygen.async(Crypto, self.cb, id);
     let [privkey, pubkey] = yield;
 
-    this._cryptoId.privkey = privkey;
-    this._cryptoId.pubkey = pubkey;
+    id.privkey = privkey;
+    id.pubkey = pubkey;
 
     DAV.MKCOL("private/", self.cb);
     let ret = yield;
     if (!ret)
       throw "Could not create private key directory";
 
     DAV.MKCOL("public/", self.cb);
     ret = yield;
@@ -411,57 +388,59 @@ WeaveSvc.prototype = {
     this._localLock(this._notify("login", this._login,
                                  password, passphrase)).async(this, onComplete);
   },
   _login: function WeaveSync__login(password, passphrase) {
     let self = yield;
 
     // cache password & passphrase
     // if null, we'll try to get them from the pw manager below
-    this._mozId.setTempPassword(password);
-    this._cryptoId.setTempPassword(passphrase);
+    ID.get('WeaveID').setTempPassword(password);
+    ID.get('WeaveCryptoID').setTempPassword(passphrase);
 
     this._log.debug("Logging in");
 
     if (!this.username)
       throw "No username set, login failed";
     if (!this.password)
       throw "No password given or found in password manager";
 
     let serverURL = Utils.prefs.getCharPref("serverURL");
     if (serverURL[serverURL.length-1] != '/')
       serverURL = serverURL + '/';
     DAV.baseURL = serverURL + "user/" + this.userPath + "/";
 
-    DAV.login.async(DAV, self.cb, this.username, this.password);
+    DAV.checkLogin.async(DAV, self.cb, this.username, this.password);
     let success = yield;
     if (!success) {
       try {
         this._checkUserDir.async(this, self.cb);
         yield;
       } catch (e) { /* FIXME: tmp workaround for services.m.c */ }
-      DAV.login.async(DAV, self.cb, this.username, this.password);
+      DAV.checkLogin.async(DAV, self.cb, this.username, this.password);
       let success = yield;
       if (!success)
         throw "Login failed";
     }
 
     this._versionCheck.async(this, self.cb);
     yield;
     this._keyCheck.async(this, self.cb);
     yield;
 
+    this._loggedIn = true;
+
     self.done(true);
   },
 
   logout: function WeaveSync_logout() {
     this._log.info("Logging out");
-    DAV.logout();
-    this._mozId.setTempPassword(null); // clear cached password
-    this._cryptoId.setTempPassword(null); // and passphrase
+    this._loggedIn = false;
+    ID.get('WeaveID').setTempPassword(null); // clear cached password
+    ID.get('WeaveCryptoID').setTempPassword(null); // and passphrase
     this._os.notifyObservers(null, "weave:service:logout:success", "");
   },
 
   resetLock: function WeaveSvc_resetLock(onComplete) {
     this._notify("reset-server-lock", this._resetLock).async(this, onComplete);
   },
   _resetLock: function WeaveSvc__resetLock() {
     let self = yield;
@@ -495,82 +474,85 @@ WeaveSvc.prototype = {
   // These are per-engine
 
   sync: function WeaveSync_sync(onComplete) {
     this._lock(this._notify("sync", this._sync)).async(this, onComplete);
   },
   _sync: function WeaveSync__sync() {
     let self = yield;
 
-    if (!DAV.loggedIn)
+    if (!this._loggedIn)
       throw "Can't sync: Not logged in";
 
     this._versionCheck.async(this, self.cb);
     yield;
 
     this._keyCheck.async(this, self.cb);
     yield;
 
-    if (Utils.prefs.getBoolPref("bookmarks")) {
-      this._notify(this._bmkEngine.name + ":sync",
-                   this._syncEngine, this._bmkEngine).async(this, self.cb);
-      yield;
-      this._bmkEngine.syncMounts(self.cb); // FIXME
-      yield;
-    }
-    if (Utils.prefs.getBoolPref("history")) {
-      this._notify(this._histEngine.name + ":sync",
-                   this._syncEngine, this._histEngine).async(this, self.cb);
-      yield;
-    }
-    if (Utils.prefs.getBoolPref("cookies")) {
-      this._notify(this._cookieEngine.name + ":sync",
-                   this._syncEngine, this._cookieEngine).async(this, self.cb);
-      yield;
+    let engines = Engines.getAll();
+    for (let i = 0; i < engines.length; i++) {
+      if (engines[i].enabled) {
+        this._notify(engines[i].name + "-engine:sync",
+                     this._syncEngine, engines[i]).async(this, self.cb);
+        yield;
+        if (engines[i].name == "bookmarks") { // FIXME
+          Engines.get("bookmarks").syncMounts(self.cb);
+          yield;
+        }
+      }
     }
   },
   _syncEngine: function WeaveSvc__syncEngine(engine) {
     let self = yield;
     engine.sync(self.cb);
     yield;
   },
 
   resetServer: function WeaveSync_resetServer(onComplete) {
     this._lock(this._notify("reset-server",
                             this._resetServer)).async(this, onComplete);
   },
   _resetServer: function WeaveSync__resetServer() {
     let self = yield;
 
-    if (!DAV.loggedIn)
+    if (!this._loggedIn)
       throw "Can't reset server: Not logged in";
 
-    this._bmkEngine.resetServer(self.cb);
-    yield;
-    this._histEngine.resetServer(self.cb);
-    yield;
+    let engines = Engines.getAll();
+    for (let i = 0; i < engines.length; i++) {
+      if (!engines[i].enabled)
+        continue;
+      engines[i].resetServer(self.cb);
+      yield;
+    }
   },
 
   resetClient: function WeaveSync_resetClient(onComplete) {
     this._localLock(this._notify("reset-client",
                                  this._resetClient)).async(this, onComplete);
   },
   _resetClient: function WeaveSync__resetClient() {
     let self = yield;
-    this._bmkEngine.resetClient(self.cb);
-    yield;
-    this._histEngine.resetClient(self.cb);
-    yield;
+    let engines = Engines.getAll();
+    for (let i = 0; i < engines.length; i++) {
+      if (!engines[i].enabled)
+        continue;
+      engines[i].resetClient(self.cb);
+      yield;
+    }
   },
 
   shareBookmarks: function WeaveSync_shareBookmarks(onComplete, username) {
     this._lock(this._notify("share-bookmarks",
                             this._shareBookmarks,
                             username)).async(this, onComplete);
   },
   _shareBookmarks: function WeaveSync__shareBookmarks(username) {
     let self = yield;
-    this._bmkEngine.share(self.cb, username);
+    if (Engines.get("bookmarks").enabled)
+      return;
+    Engines.get("bookmarks").share(self.cb, username);
     let ret = yield;
     self.done(ret);
   }
 
 };
--- a/services/sync/modules/util.js
+++ b/services/sync/modules/util.js
@@ -56,17 +56,17 @@ let Utils = {
   lazy: function Weave_lazy(dest, prop, ctr) {
     let getter = function() {
       delete dest[prop];
       dest[prop] = new ctr();
       return dest[prop];
     };
     dest.__defineGetter__(prop, getter);
   },
-  
+
   deepEquals: function Weave_deepEquals(a, b) {
     if (!a && !b)
       return true;
     if (!a || !b)
       return false;
 
     // if neither is an object, just use ==
     if (typeof(a) != "object" && typeof(b) != "object")
@@ -131,17 +131,17 @@ let Utils = {
   },
 
   stackTrace: function Weave_stackTrace(stackFrame, str) {
     if (stackFrame.caller)
       str = Utils.stackTrace(stackFrame.caller, str);
 
     if (!str)
       str = "";
-    str += stackFrame + "\n";
+    str = stackFrame + "\n" + str;
 
     return str;
   },
 
   checkStatus: function Weave_checkStatus(code, msg, ranges) {
     if (!ranges)
       ranges = [[200,300]];
 
@@ -243,17 +243,17 @@ let Utils = {
     if (!tmp.exists())
       tmp.create(tmp.DIRECTORY_TYPE, PERMS_DIRECTORY);
 
     if (name)
       tmp.append(name);
 
     return tmp;
   },
-  
+
   open: function open(pathOrFile, mode, perms) {
     let stream, file;
 
     if (pathOrFile instanceof Ci.nsIFile) {
       file = pathOrFile;
     } else {
       file = Cc["@mozilla.org/file/local;1"].createInstance(Ci.nsILocalFile);
       dump("PATH IS" + pathOrFile + "\n");
--- a/services/sync/services-sync.js
+++ b/services/sync/services-sync.js
@@ -6,20 +6,20 @@ pref("extensions.weave.encryption", "aes
 pref("extensions.weave.lastversion", "firstrun");
 pref("extensions.weave.lastsync", "0");
 
 pref("extensions.weave.ui.syncnow", true);
 pref("extensions.weave.ui.sharebookmarks", false);
 pref("extensions.weave.rememberpassword", true);
 pref("extensions.weave.autoconnect", true);
 pref("extensions.weave.enabled", true);
-pref("extensions.weave.bookmarks", true);
-pref("extensions.weave.history", true);
-pref("extensions.weave.cookies", false );
 pref("extensions.weave.schedule", 1);
+pref("extensions.weave.engine.bookmarks", true);
+pref("extensions.weave.engine.history", true);
+pref("extensions.weave.engine.cookies", false );
 
 pref("extensions.weave.log.appender.console", "Warn");
 pref("extensions.weave.log.appender.dump", "Error");
 pref("extensions.weave.log.appender.briefLog", "Info");
 pref("extensions.weave.log.appender.debugLog", "Trace");
 
 pref("extensions.weave.log.rootLogger", "Trace");
 pref("extensions.weave.log.logger.async", "Debug");
new file mode 120000
--- /dev/null
+++ b/services/sync/tests/unit/Makefile
@@ -0,0 +1,1 @@
+../harness/Makefile
\ No newline at end of file
new file mode 100644
--- /dev/null
+++ b/services/sync/tests/unit/head_first.js
@@ -0,0 +1,28 @@
+version(180);
+
+const Cc = Components.classes;
+const Ci = Components.interfaces;
+const Cr = Components.results;
+
+let ds = Cc["@mozilla.org/file/directory_service;1"]
+  .getService(Ci.nsIProperties);
+
+let provider = {
+  getFile: function(prop, persistent) {
+    persistent.value = true;
+    if (prop == "ExtPrefDL") {
+      return [ds.get("CurProcD", Ci.nsIFile)];
+    }
+    throw Cr.NS_ERROR_FAILURE;
+  },
+  QueryInterface: function(iid) {
+    if (iid.equals(Ci.nsIDirectoryServiceProvider) ||
+        iid.equals(Ci.nsISupports)) {
+      return this;
+    }
+    throw Cr.NS_ERROR_NO_INTERFACE;
+  }
+};
+ds.QueryInterface(Ci.nsIDirectoryService).registerProvider(provider);
+
+do_bind_resource(do_get_file("modules"), "weave");
new file mode 100644
--- /dev/null
+++ b/services/sync/tests/unit/test_loadall.js
@@ -0,0 +1,15 @@
+function run_test() {
+  Components.utils.import("resource://gre/modules/XPCOMUtils.jsm");
+  Components.utils.import("resource://weave/constants.js");
+  Components.utils.import("resource://weave/log4moz.js");
+  Components.utils.import("resource://weave/util.js");
+  Components.utils.import("resource://weave/async.js");
+  Components.utils.import("resource://weave/crypto.js");
+  Components.utils.import("resource://weave/identity.js");
+  Components.utils.import("resource://weave/dav.js");
+  Components.utils.import("resource://weave/wrap.js");
+  Components.utils.import("resource://weave/stores.js");
+  Components.utils.import("resource://weave/syncCores.js");
+  Components.utils.import("resource://weave/engines.js");
+  Components.utils.import("resource://weave/service.js");
+}
new file mode 100644
--- /dev/null
+++ b/services/sync/tests/unit/test_pbe.js
@@ -0,0 +1,24 @@
+function run_test() {
+  // initialize nss
+  let ch = Cc["@mozilla.org/security/hash;1"].createInstance(Ci.nsICryptoHash);
+
+  let pbe = Cc["@labs.mozilla.com/Weave/Crypto;1"].getService(Ci.IWeaveCrypto);
+
+  pbe.algorithm = pbe.DES_EDE3_CBC;
+  let cipherTxt = pbe.encrypt("passphrase", "my very secret message!");
+
+  do_check_true(cipherTxt != "my very secret message!");
+
+  let clearTxt = pbe.decrypt("passphrase", cipherTxt);
+  do_check_true(clearTxt == "my very secret message!");
+
+  // The following check with wrong password must cause decryption to fail
+  // beuase of used padding-schema cipher, RFC 3852 Section 6.3
+  let failure = false;
+  try {
+    pbe.decrypt("wrongpassphrase", cipherTxt);
+  } catch (e) {
+    failure = true;
+  }
+  do_check_true(failure);
+}