From 6cded0a2aa23bdf32494967f312eac87cf2fc9b2 Mon Sep 17 00:00:00 2001 From: Iulian Moraru Date: Wed, 7 Jun 2023 20:12:09 +0300 Subject: [PATCH] Backed out changeset 2b647eb982bc (bug 1834862) for causing build bustages. CLOSED TREE --- Cargo.lock | 24 --- security/manager/ssl/components.conf | 4 +- security/manager/ssl/crypto_hash/Cargo.toml | 14 -- security/manager/ssl/crypto_hash/crypto_hash.h | 46 ------ security/manager/ssl/crypto_hash/src/lib.rs | 176 -------------------- security/manager/ssl/moz.build | 1 + security/manager/ssl/nsCryptoHash.cpp | 213 +++++++++++++++++++++++++ security/manager/ssl/nsCryptoHash.h | 38 +++++ security/manager/ssl/nsICryptoHash.idl | 16 +- security/manager/ssl/nsNSSModule.cpp | 2 + supply-chain/audits.toml | 10 -- supply-chain/config.toml | 4 + third_party/rust/md-5/.cargo-checksum.json | 1 - third_party/rust/md-5/CHANGELOG.md | 84 ---------- third_party/rust/md-5/Cargo.toml | 54 ------- third_party/rust/md-5/LICENSE-APACHE | 201 ----------------------- third_party/rust/md-5/LICENSE-MIT | 27 ---- third_party/rust/md-5/README.md | 72 --------- third_party/rust/md-5/benches/mod.rs | 14 -- third_party/rust/md-5/src/compress.rs | 165 ------------------- third_party/rust/md-5/src/lib.rs | 146 ----------------- third_party/rust/md-5/tests/data/md5.blb | Bin 3271 -> 0 bytes third_party/rust/md-5/tests/mod.rs | 15 -- toolkit/library/rust/shared/Cargo.toml | 1 - toolkit/library/rust/shared/lib.rs | 1 - 25 files changed, 270 insertions(+), 1059 deletions(-) delete mode 100644 security/manager/ssl/crypto_hash/Cargo.toml delete mode 100644 security/manager/ssl/crypto_hash/crypto_hash.h delete mode 100644 security/manager/ssl/crypto_hash/src/lib.rs create mode 100644 security/manager/ssl/nsCryptoHash.cpp create mode 100644 security/manager/ssl/nsCryptoHash.h delete mode 100644 third_party/rust/md-5/.cargo-checksum.json delete mode 100644 third_party/rust/md-5/CHANGELOG.md delete mode 100644 third_party/rust/md-5/Cargo.toml delete mode 100644 third_party/rust/md-5/LICENSE-APACHE delete mode 100644 third_party/rust/md-5/LICENSE-MIT delete mode 100644 third_party/rust/md-5/README.md delete mode 100644 third_party/rust/md-5/benches/mod.rs delete mode 100644 third_party/rust/md-5/src/compress.rs delete mode 100644 third_party/rust/md-5/src/lib.rs delete mode 100644 third_party/rust/md-5/tests/data/md5.blb delete mode 100644 third_party/rust/md-5/tests/mod.rs diff --git a/Cargo.lock b/Cargo.lock index be7101e52874..dbaf016d01b1 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1001,20 +1001,6 @@ dependencies = [ ] [[package]] -name = "crypto_hash" -version = "0.1.0" -dependencies = [ - "base64 0.21.0", - "digest", - "md-5", - "nserror", - "nsstring", - "sha1", - "sha2", - "xpcom", -] - -[[package]] name = "cssparser" version = "0.31.0" dependencies = [ @@ -2087,7 +2073,6 @@ dependencies = [ "cert_storage", "chardetng_c", "cose-c", - "crypto_hash", "cubeb-coreaudio", "cubeb-pulse", "cubeb-sys", @@ -3106,15 +3091,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2532096657941c2fea9c289d370a250971c689d4f143798ff67113ec042024a5" [[package]] -name = "md-5" -version = "0.10.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6365506850d44bff6e2fbcb5176cf63650e48bd45ef2fe2665ae1570e0f4b9ca" -dependencies = [ - "digest", -] - -[[package]] name = "mdns_service" version = "0.1.1" dependencies = [ diff --git a/security/manager/ssl/components.conf b/security/manager/ssl/components.conf index b7b3e135beff..2cdf1e1faf59 100644 --- a/security/manager/ssl/components.conf +++ b/security/manager/ssl/components.conf @@ -69,8 +69,8 @@ Classes = [ { 'cid': '{36a1d3b3-d886-4317-96ff-87b0005cfef7}', 'contract_ids': ['@mozilla.org/security/hash;1'], - 'headers': ['/security/manager/ssl/crypto_hash/crypto_hash.h'], - 'legacy_constructor': 'crypto_hash_constructor', + 'type': 'nsCryptoHash', + 'legacy_constructor': 'mozilla::psm::NSSConstructor', }, { 'cid': '{45a5fe2f-c350-4b86-962d-02d5aaaa955a}', diff --git a/security/manager/ssl/crypto_hash/Cargo.toml b/security/manager/ssl/crypto_hash/Cargo.toml deleted file mode 100644 index aa3ba4b9a638..000000000000 --- a/security/manager/ssl/crypto_hash/Cargo.toml +++ /dev/null @@ -1,14 +0,0 @@ -[package] -name = "crypto_hash" -version = "0.1.0" -edition = "2021" - -[dependencies] -base64 = "0.21" -digest = "0.10.2" -md-5 = "0.10.2" -nserror = { path = "../../../../xpcom/rust/nserror" } -nsstring = { path = "../../../../xpcom/rust/nsstring" } -sha1 = "0.10.2" -sha2 = "0.10.2" -xpcom = { path = "../../../../xpcom/rust/xpcom" } diff --git a/security/manager/ssl/crypto_hash/crypto_hash.h b/security/manager/ssl/crypto_hash/crypto_hash.h deleted file mode 100644 index a85993b04165..000000000000 --- a/security/manager/ssl/crypto_hash/crypto_hash.h +++ /dev/null @@ -1,46 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "nsICryptoHash.h" - -extern "C" { -nsresult crypto_hash_constructor(REFNSIID iid, void** result); -}; - -nsresult NS_NewCryptoHash(uint32_t aHashType, nsICryptoHash** aOutHasher) { - MOZ_ASSERT(aOutHasher); - - nsCOMPtr hasher; - nsresult rv = - crypto_hash_constructor(NS_ICRYPTOHASH_IID, getter_AddRefs(hasher)); - if (NS_FAILED(rv)) { - return rv; - } - rv = hasher->Init(aHashType); - if (NS_FAILED(rv)) { - return rv; - } - hasher.forget(aOutHasher); - - return NS_OK; -} - -nsresult NS_NewCryptoHash(const nsACString& aHashType, - nsICryptoHash** aOutHasher) { - MOZ_ASSERT(aOutHasher); - - nsCOMPtr hasher; - nsresult rv = - crypto_hash_constructor(NS_ICRYPTOHASH_IID, getter_AddRefs(hasher)); - if (NS_FAILED(rv)) { - return rv; - } - rv = hasher->InitWithString(aHashType); - if (NS_FAILED(rv)) { - return rv; - } - hasher.forget(aOutHasher); - - return NS_OK; -} diff --git a/security/manager/ssl/crypto_hash/src/lib.rs b/security/manager/ssl/crypto_hash/src/lib.rs deleted file mode 100644 index 31130a94d9fa..000000000000 --- a/security/manager/ssl/crypto_hash/src/lib.rs +++ /dev/null @@ -1,176 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -extern crate base64; -extern crate digest; -extern crate md5; -extern crate nsstring; -extern crate sha1; -extern crate sha2; -#[macro_use] -extern crate xpcom; - -use base64::Engine; -use digest::{Digest, DynDigest}; -use nserror::{ - nsresult, NS_ERROR_FAILURE, NS_ERROR_INVALID_ARG, NS_ERROR_NOT_AVAILABLE, - NS_ERROR_NOT_INITIALIZED, NS_OK, -}; -use nsstring::{nsACString, nsCString}; -use xpcom::interfaces::{nsICryptoHash, nsIInputStream}; -use xpcom::xpcom_method; - -use std::borrow::Borrow; -use std::sync::Mutex; - -enum Algorithm { - Md5, - Sha1, - Sha256, - Sha384, - Sha512, -} - -impl TryFrom for Algorithm { - type Error = nsresult; - - fn try_from(value: u32) -> Result { - match value { - nsICryptoHash::MD5 => Ok(Algorithm::Md5), - nsICryptoHash::SHA1 => Ok(Algorithm::Sha1), - nsICryptoHash::SHA256 => Ok(Algorithm::Sha256), - nsICryptoHash::SHA384 => Ok(Algorithm::Sha384), - nsICryptoHash::SHA512 => Ok(Algorithm::Sha512), - _ => Err(NS_ERROR_INVALID_ARG), - } - } -} - -impl TryFrom<&nsACString> for Algorithm { - type Error = nsresult; - - fn try_from(value: &nsACString) -> Result { - match value.to_utf8().borrow() { - "md5" => Ok(Algorithm::Md5), - "sha1" => Ok(Algorithm::Sha1), - "sha256" => Ok(Algorithm::Sha256), - "sha384" => Ok(Algorithm::Sha384), - "sha512" => Ok(Algorithm::Sha512), - _ => Err(NS_ERROR_INVALID_ARG), - } - } -} - -#[xpcom(implement(nsICryptoHash), atomic)] -struct CryptoHash { - digest: Mutex>>, -} - -impl CryptoHash { - xpcom_method!(init => Init(algorithm: u32)); - fn init(&self, algorithm: u32) -> Result<(), nsresult> { - let algorithm = algorithm.try_into()?; - self.init_with_algorithm(algorithm) - } - - xpcom_method!(init_with_string => InitWithString(algorithm: *const nsACString)); - fn init_with_string(&self, algorithm: &nsACString) -> Result<(), nsresult> { - let algorithm = algorithm.try_into()?; - self.init_with_algorithm(algorithm) - } - - fn init_with_algorithm(&self, algorithm: Algorithm) -> Result<(), nsresult> { - let digest = match algorithm { - Algorithm::Md5 => Box::new(md5::Md5::new()) as Box, - Algorithm::Sha1 => Box::new(sha1::Sha1::new()) as Box, - Algorithm::Sha256 => Box::new(sha2::Sha256::new()) as Box, - Algorithm::Sha384 => Box::new(sha2::Sha384::new()) as Box, - Algorithm::Sha512 => Box::new(sha2::Sha512::new()) as Box, - }; - let mut guard = self.digest.lock().map_err(|_| NS_ERROR_FAILURE)?; - if let Some(_expected_none_digest) = (*guard).replace(digest) { - return Err(NS_ERROR_FAILURE); - } - Ok(()) - } - - xpcom_method!(update => Update(data: *const u8, len: u32)); - fn update(&self, data: *const u8, len: u32) -> Result<(), nsresult> { - let mut guard = self.digest.lock().map_err(|_| NS_ERROR_FAILURE)?; - let digest = match (*guard).as_mut() { - Some(digest) => digest, - None => return Err(NS_ERROR_NOT_INITIALIZED), - }; - // Safety: this is safe as long as xpcom gave us valid arguments. - let data = unsafe { - std::slice::from_raw_parts(data, len.try_into().map_err(|_| NS_ERROR_INVALID_ARG)?) - }; - digest.update(data); - Ok(()) - } - - xpcom_method!(update_from_stream => UpdateFromStream(stream: *const nsIInputStream, len: u32)); - fn update_from_stream(&self, stream: &nsIInputStream, len: u32) -> Result<(), nsresult> { - let mut guard = self.digest.lock().map_err(|_| NS_ERROR_FAILURE)?; - let digest = match (*guard).as_mut() { - Some(digest) => digest, - None => return Err(NS_ERROR_NOT_INITIALIZED), - }; - let mut available = 0u64; - unsafe { stream.Available(&mut available as *mut u64).to_result()? }; - let mut to_read = if len == u32::MAX { available } else { len as u64 }; - if available == 0 || available < to_read { - return Err(NS_ERROR_NOT_AVAILABLE); - } - let mut buf = vec![0u8; 4096]; - let buf_len = buf.len() as u64; - while to_read > 0 { - let chunk_len = if to_read >= buf_len { buf_len as u32 } else { to_read as u32 }; - let mut read = 0u32; - unsafe { - stream - .Read( - buf.as_mut_ptr() as *mut i8, - chunk_len, - &mut read as *mut u32, - ) - .to_result()? - }; - if read > chunk_len { - return Err(NS_ERROR_FAILURE); - } - digest.update(&buf[0..read.try_into().map_err(|_| NS_ERROR_FAILURE)?]); - to_read -= read as u64; - } - Ok(()) - } - - xpcom_method!(finish => Finish(ascii: bool) -> nsACString); - fn finish(&self, ascii: bool) -> Result { - let mut guard = self.digest.lock().map_err(|_| NS_ERROR_FAILURE)?; - let digest = match (*guard).take() { - Some(digest) => digest, - None => return Err(NS_ERROR_NOT_INITIALIZED), - }; - let result = digest.finalize(); - if ascii { - Ok(nsCString::from( - base64::engine::general_purpose::STANDARD.encode(result), - )) - } else { - Ok(nsCString::from(result)) - } - } -} - -#[no_mangle] -pub extern "C" fn crypto_hash_constructor( - iid: *const xpcom::nsIID, - result: *mut *mut xpcom::reexports::libc::c_void, -) -> nserror::nsresult { - let crypto_hash = CryptoHash::allocate(InitCryptoHash { - digest: Mutex::new(None), - }); - unsafe { crypto_hash.QueryInterface(iid, result) } -} diff --git a/security/manager/ssl/moz.build b/security/manager/ssl/moz.build index f56af70ef96b..65adeb3ad43a 100644 --- a/security/manager/ssl/moz.build +++ b/security/manager/ssl/moz.build @@ -113,6 +113,7 @@ UNIFIED_SOURCES += [ "nsCertOverrideService.cpp", "nsCertTree.cpp", "nsClientAuthRemember.cpp", + "nsCryptoHash.cpp", "nsNSSCallbacks.cpp", "nsNSSCertHelper.cpp", "nsNSSCertificate.cpp", diff --git a/security/manager/ssl/nsCryptoHash.cpp b/security/manager/ssl/nsCryptoHash.cpp new file mode 100644 index 000000000000..4755da5cf589 --- /dev/null +++ b/security/manager/ssl/nsCryptoHash.cpp @@ -0,0 +1,213 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "nsCryptoHash.h" + +#include + +#include "mozilla/ArrayUtils.h" +#include "mozilla/Base64.h" +#include "mozilla/Casting.h" +#include "nsDependentString.h" +#include "nsIInputStream.h" +#include "nsNSSComponent.h" +#include "nsString.h" +#include "pk11pub.h" +#include "sechash.h" + +using namespace mozilla; + +namespace { + +static const uint64_t STREAM_BUFFER_SIZE = 4096; + +} // namespace + +//--------------------------------------------- +// Implementing nsICryptoHash +//--------------------------------------------- + +nsCryptoHash::nsCryptoHash() : mHashContext(nullptr), mInitialized(false) {} + +NS_IMPL_ISUPPORTS(nsCryptoHash, nsICryptoHash) + +NS_IMETHODIMP +nsCryptoHash::Init(uint32_t algorithm) { + HASH_HashType hashType; + switch (algorithm) { + case nsICryptoHash::MD5: + hashType = HASH_AlgMD5; + break; + case nsICryptoHash::SHA1: + hashType = HASH_AlgSHA1; + break; + case nsICryptoHash::SHA256: + hashType = HASH_AlgSHA256; + break; + case nsICryptoHash::SHA384: + hashType = HASH_AlgSHA384; + break; + case nsICryptoHash::SHA512: + hashType = HASH_AlgSHA512; + break; + default: + return NS_ERROR_INVALID_ARG; + } + + if (mHashContext) { + if (!mInitialized && HASH_GetType(mHashContext.get()) == hashType) { + mInitialized = true; + HASH_Begin(mHashContext.get()); + return NS_OK; + } + + // Destroy current hash context if the type was different + // or Finish method wasn't called. + mHashContext = nullptr; + mInitialized = false; + } + + mHashContext.reset(HASH_Create(hashType)); + if (!mHashContext) { + return NS_ERROR_INVALID_ARG; + } + + HASH_Begin(mHashContext.get()); + mInitialized = true; + return NS_OK; +} + +NS_IMETHODIMP +nsCryptoHash::InitWithString(const nsACString& aAlgorithm) { + if (aAlgorithm.LowerCaseEqualsLiteral("md5")) return Init(nsICryptoHash::MD5); + + if (aAlgorithm.LowerCaseEqualsLiteral("sha1")) + return Init(nsICryptoHash::SHA1); + + if (aAlgorithm.LowerCaseEqualsLiteral("sha256")) + return Init(nsICryptoHash::SHA256); + + if (aAlgorithm.LowerCaseEqualsLiteral("sha384")) + return Init(nsICryptoHash::SHA384); + + if (aAlgorithm.LowerCaseEqualsLiteral("sha512")) + return Init(nsICryptoHash::SHA512); + + return NS_ERROR_INVALID_ARG; +} + +NS_IMETHODIMP +nsCryptoHash::Update(const uint8_t* data, uint32_t len) { + if (!mInitialized) { + return NS_ERROR_NOT_INITIALIZED; + } + + HASH_Update(mHashContext.get(), data, len); + return NS_OK; +} + +NS_IMETHODIMP +nsCryptoHash::UpdateFromStream(nsIInputStream* data, uint32_t aLen) { + if (!mInitialized) return NS_ERROR_NOT_INITIALIZED; + + if (!data) return NS_ERROR_INVALID_ARG; + + uint64_t n; + nsresult rv = data->Available(&n); + if (NS_FAILED(rv)) return rv; + + // if the user has passed UINT32_MAX, then read + // everything in the stream + + uint64_t len = aLen; + if (aLen == UINT32_MAX) len = n; + + // So, if the stream has NO data available for the hash, + // or if the data available is less then what the caller + // requested, we can not fulfill the hash update. In this + // case, just return NS_ERROR_NOT_AVAILABLE indicating + // that there is not enough data in the stream to satisify + // the request. + + if (n == 0 || n < len) { + return NS_ERROR_NOT_AVAILABLE; + } + + char buffer[STREAM_BUFFER_SIZE]; + while (len > 0) { + uint64_t readLimit = std::min(STREAM_BUFFER_SIZE, len); + uint32_t read; + rv = data->Read(buffer, AssertedCast(readLimit), &read); + if (NS_FAILED(rv)) { + return rv; + } + + rv = Update(BitwiseCast(buffer), read); + if (NS_FAILED(rv)) { + return rv; + } + + len -= read; + } + + return NS_OK; +} + +NS_IMETHODIMP +nsCryptoHash::Finish(bool ascii, nsACString& _retval) { + if (!mInitialized) { + return NS_ERROR_NOT_INITIALIZED; + } + + uint32_t hashLen = 0; + unsigned char buffer[HASH_LENGTH_MAX]; + HASH_End(mHashContext.get(), buffer, &hashLen, HASH_LENGTH_MAX); + + mInitialized = false; + + if (ascii) { + nsDependentCSubstring dataStr(BitwiseCast(buffer), hashLen); + return Base64Encode(dataStr, _retval); + } + + _retval.Assign(BitwiseCast(buffer), hashLen); + return NS_OK; +} + +nsresult NS_NewCryptoHash(uint32_t aHashType, nsICryptoHash** aOutHasher) { + MOZ_ASSERT(aOutHasher); + + if (NS_WARN_IF(!EnsureNSSInitializedChromeOrContent())) { + return NS_ERROR_FAILURE; + } + + nsCOMPtr hasher = new nsCryptoHash(); + nsresult rv = hasher->Init(aHashType); + + if (NS_SUCCEEDED(rv)) { + hasher.forget(aOutHasher); + } + + return rv; +} + +nsresult NS_NewCryptoHash(const nsACString& aHashType, + nsICryptoHash** aOutHasher) { + MOZ_ASSERT(aOutHasher); + + if (NS_WARN_IF(!EnsureNSSInitializedChromeOrContent())) { + return NS_ERROR_FAILURE; + } + + nsCOMPtr hasher = new nsCryptoHash(); + nsresult rv = hasher->InitWithString(aHashType); + + if (NS_SUCCEEDED(rv)) { + hasher.forget(aOutHasher); + } + + return rv; +} diff --git a/security/manager/ssl/nsCryptoHash.h b/security/manager/ssl/nsCryptoHash.h new file mode 100644 index 000000000000..b39adae1694a --- /dev/null +++ b/security/manager/ssl/nsCryptoHash.h @@ -0,0 +1,38 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef nsCryptoHash_h +#define nsCryptoHash_h + +#include "ScopedNSSTypes.h" +#include "hasht.h" +#include "nsICryptoHash.h" +#include "secmodt.h" + +class nsIInputStream; + +#define NS_CRYPTO_HASH_CID \ + { \ + 0x36a1d3b3, 0xd886, 0x4317, { \ + 0x96, 0xff, 0x87, 0xb0, 0x00, 0x5c, 0xfe, 0xf7 \ + } \ + } + +class nsCryptoHash final : public nsICryptoHash { + public: + NS_DECL_ISUPPORTS + NS_DECL_NSICRYPTOHASH + + nsCryptoHash(); + + private: + virtual ~nsCryptoHash() = default; + + mozilla::UniqueHASHContext mHashContext; + bool mInitialized; +}; + +#endif // nsCryptoHash_h diff --git a/security/manager/ssl/nsICryptoHash.idl b/security/manager/ssl/nsICryptoHash.idl index 2aa0ebb242b4..71cb5854ca39 100644 --- a/security/manager/ssl/nsICryptoHash.idl +++ b/security/manager/ssl/nsICryptoHash.idl @@ -3,9 +3,12 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "nsISupports.idl" - interface nsIInputStream; +%{C++ +#include "mozilla/AlreadyAddRefed.h" +%} + /** * nsICryptoHash * This interface provides crytographic hashing algorithms. @@ -22,11 +25,11 @@ interface nsICryptoHash : nsISupports * This allows us to use NSS mapping functions like * HASH_GetHashOidTagByHashType with these values. */ - const unsigned long MD5 = 2; /* String value: "md5" */ - const unsigned long SHA1 = 3; /* String value: "sha1" */ - const unsigned long SHA256 = 4; /* String value: "sha256" */ - const unsigned long SHA384 = 5; /* String value: "sha384" */ - const unsigned long SHA512 = 6; /* String value: "sha512" */ + const short MD5 = 2; /* String value: "md5" */ + const short SHA1 = 3; /* String value: "sha1" */ + const short SHA256 = 4; /* String value: "sha256" */ + const short SHA384 = 5; /* String value: "sha384" */ + const short SHA512 = 6; /* String value: "sha512" */ /** * Initialize the hashing object. This method may be @@ -104,6 +107,7 @@ interface nsICryptoHash : nsISupports }; %{C++ +already_AddRefed NS_NewCryptoHash(); nsresult NS_NewCryptoHash(uint32_t aHashType, nsICryptoHash** aOutHasher); nsresult NS_NewCryptoHash(const nsACString& aHashType, nsICryptoHash** aOutHasher); %} diff --git a/security/manager/ssl/nsNSSModule.cpp b/security/manager/ssl/nsNSSModule.cpp index ec62d25fc76a..db202b9b085e 100644 --- a/security/manager/ssl/nsNSSModule.cpp +++ b/security/manager/ssl/nsNSSModule.cpp @@ -15,6 +15,7 @@ #include "mozilla/ModuleUtils.h" #include "mozilla/SyncRunnable.h" #include "nsCertTree.h" +#include "nsCryptoHash.h" #include "nsNSSCertificateDB.h" #include "nsPK11TokenDB.h" #include "nsRandomGenerator.h" @@ -95,6 +96,7 @@ IMPL(nsPK11TokenDB, nullptr) IMPL(PKCS11ModuleDB, nullptr) IMPL(nsNSSCertificateDB, nullptr) IMPL(nsCertTree, nullptr) +IMPL(nsCryptoHash, nullptr, ProcessRestriction::AnyProcess) IMPL(ContentSignatureVerifier, nullptr) IMPL(nsRandomGenerator, nullptr, ProcessRestriction::AnyProcess) IMPL(OSKeyStore, nullptr, ProcessRestriction::ParentProcessOnly, diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml index 9079d5a32484..a34320f7ae04 100644 --- a/supply-chain/audits.toml +++ b/supply-chain/audits.toml @@ -1789,11 +1789,6 @@ who = "Mike Hommey " criteria = "safe-to-deploy" delta = "0.1.9 -> 0.1.10" -[[audits.md-5]] -who = "Dana Keeler " -criteria = "safe-to-deploy" -version = "0.10.5" - [[audits.memmap2]] who = "Mike Hommey " criteria = "safe-to-deploy" @@ -2674,11 +2669,6 @@ criteria = "safe-to-deploy" delta = "0.9.2 -> 0.9.3" [[audits.sha1]] -who = "Dana Keeler " -criteria = "safe-to-deploy" -version = "0.10.5" - -[[audits.sha1]] who = "Mike Hommey " criteria = "safe-to-run" delta = "0.10.0 -> 0.10.5" diff --git a/supply-chain/config.toml b/supply-chain/config.toml index 0cacef3fa2cc..fd9498b68f17 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -777,6 +777,10 @@ criteria = "safe-to-deploy" version = "0.9.2" criteria = "safe-to-deploy" +[[exemptions.sha1]] +version = "0.10.0" +criteria = "safe-to-run" + [[exemptions.sha2]] version = "0.10.2" criteria = "safe-to-deploy" diff --git a/third_party/rust/md-5/.cargo-checksum.json b/third_party/rust/md-5/.cargo-checksum.json deleted file mode 100644 index abcc52a8ba16..000000000000 --- a/third_party/rust/md-5/.cargo-checksum.json +++ /dev/null @@ -1 +0,0 @@ -{"files":{"CHANGELOG.md":"75ed9e0b2e0941de92a0d5eeedb6d413da8f959acfa393a50a2a5866857bb14e","Cargo.toml":"68a313a16ee100979d0c77b4844dbf232f8cf55104799dd8e0bb086ebb2812c4","LICENSE-APACHE":"a9040321c3712d8fd0b09cf52b17445de04a23a10165049ae187cd39e5c86be5","LICENSE-MIT":"b4eb00df6e2a4d22518fcaa6a2b4646f249b3a3c9814509b22bd2091f1392ff1","README.md":"23c2e70875a8ccdd29c0c7e929f1769dd8ae1f3e5be5dcd0a368f1d9fab1917b","benches/mod.rs":"10a5c151bf7b145838ab754013d49463e3123297778cfe275c95ebec28c4f7c9","src/compress.rs":"0b6392b665e9ac4e6c380d06370c44380a75f0eb3532ca2e7d50a26c39b3b286","src/lib.rs":"8b71d4d7999456b0eb538819d470ff472cea28bd6201569689d4de7e1c8c3c78","tests/data/md5.blb":"d32b41b81a906139c80f2bdf20920a547a5b5a6aaba2797fc2629665c42aaa47","tests/mod.rs":"b729eff5e20d0fee8da37aa101e6bc36919be11197350fffe2dc2b976f178f96"},"package":"6365506850d44bff6e2fbcb5176cf63650e48bd45ef2fe2665ae1570e0f4b9ca"} \ No newline at end of file diff --git a/third_party/rust/md-5/CHANGELOG.md b/third_party/rust/md-5/CHANGELOG.md deleted file mode 100644 index 87fec720d243..000000000000 --- a/third_party/rust/md-5/CHANGELOG.md +++ /dev/null @@ -1,84 +0,0 @@ -# Changelog - -All notable changes to this project will be documented in this file. - -The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), -and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). - -## 0.10.5 (2022-09-32) -### Added -- Feature-gated OID support ([#413]) - -[#413]: https://github.com/RustCrypto/hashes/pull/413 - -## 0.10.4 (2022-09-02) -### Fixed -- MSRV issue which was not resolved by v0.10.3 ([#401]) - -[#401]: https://github.com/RustCrypto/hashes/pull/401 - -## 0.10.3 (2022-09-02) -### Fixed -- MSRV issue caused by publishing v0.10.2 using a buggy Nightly toolchain ([#399]) - -[#399]: https://github.com/RustCrypto/hashes/pull/399 - -## 0.10.2 (2022-08-30) -### Changed -- Ignore `asm` feature on unsupported targets ([#388]) - -[#388]: https://github.com/RustCrypto/hashes/pull/388 - -## 0.10.1 (2022-02-17) -### Fixed -- Minimal versions build ([#363]) - -[#363]: https://github.com/RustCrypto/hashes/pull/363 - -## 0.10.0 (2021-12-07) -### Changed -- Update to `digest` v0.10 ([#217]) - -[#217]: https://github.com/RustCrypto/hashes/pull/217 - -## 0.9.1 (2020-06-28) -### Changed -- Update to `block-buffer` v0.9 ([#164]) -- Update to `opaque-debug` v0.3 ([#168]) - -[#164]: https://github.com/RustCrypto/hashes/pull/164 -[#168]: https://github.com/RustCrypto/hashes/pull/168 - -## 0.9.0 (2020-06-09) -### Changed -- Update to `digest` v0.9 release; MSRV 1.41+ ([#155]) -- Use new `*Dirty` traits from the `digest` crate ([#153]) -- Bump `block-buffer` to v0.8 release ([#151]) -- Rename `*result*` to `finalize` ([#148]) -- Update to Rust 2018 edition ([#128]) - -[#155]: https://github.com/RustCrypto/hashes/pull/155 -[#153]: https://github.com/RustCrypto/hashes/pull/153 -[#151]: https://github.com/RustCrypto/hashes/pull/151 -[#148]: https://github.com/RustCrypto/hashes/pull/148 -[#128]: https://github.com/RustCrypto/hashes/pull/128 - -## 0.8.0 (2018-10-02) - -## 0.7.0 (2017-11-15) - -## 0.5.2 (2017-06-13) - -## 0.5.1 (2017-06-13) - -## 0.5.0 (2017-06-12) - -## 0.4.4 (2017-06-02) - -## 0.4.3 (2017-05-09) - -## 0.4.2 (2017-05-02) - -## 0.4.1 (2017-04-18) - -## 0.4.0 (2017-04-06) diff --git a/third_party/rust/md-5/Cargo.toml b/third_party/rust/md-5/Cargo.toml deleted file mode 100644 index fddb804ce7e7..000000000000 --- a/third_party/rust/md-5/Cargo.toml +++ /dev/null @@ -1,54 +0,0 @@ -# THIS FILE IS AUTOMATICALLY GENERATED BY CARGO -# -# When uploading crates to the registry Cargo will automatically -# "normalize" Cargo.toml files for maximal compatibility -# with all versions of Cargo and also rewrite `path` dependencies -# to registry (e.g., crates.io) dependencies. -# -# If you are reading this file be aware that the original Cargo.toml -# will likely look very different (and much more reasonable). -# See Cargo.toml.orig for the original contents. - -[package] -edition = "2018" -name = "md-5" -version = "0.10.5" -authors = ["RustCrypto Developers"] -description = "MD5 hash function" -documentation = "https://docs.rs/md-5" -readme = "README.md" -keywords = [ - "crypto", - "md5", - "hash", - "digest", -] -categories = [ - "cryptography", - "no-std", -] -license = "MIT OR Apache-2.0" -repository = "https://github.com/RustCrypto/hashes" - -[lib] -name = "md5" - -[dependencies.digest] -version = "0.10.4" - -[dev-dependencies.digest] -version = "0.10.4" -features = ["dev"] - -[dev-dependencies.hex-literal] -version = "0.2.2" - -[features] -asm = ["md5-asm"] -default = ["std"] -oid = ["digest/oid"] -std = ["digest/std"] - -[target."cfg(any(target_arch = \"x86\", target_arch = \"x86_64\"))".dependencies.md5-asm] -version = "0.5" -optional = true diff --git a/third_party/rust/md-5/LICENSE-APACHE b/third_party/rust/md-5/LICENSE-APACHE deleted file mode 100644 index 78173fa2e753..000000000000 --- a/third_party/rust/md-5/LICENSE-APACHE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - -TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - -1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - -2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - -3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - -4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - -5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - -6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - -7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - -8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - -9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - -END OF TERMS AND CONDITIONS - -APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - -Copyright [yyyy] [name of copyright owner] - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/third_party/rust/md-5/LICENSE-MIT b/third_party/rust/md-5/LICENSE-MIT deleted file mode 100644 index 66cf75563b39..000000000000 --- a/third_party/rust/md-5/LICENSE-MIT +++ /dev/null @@ -1,27 +0,0 @@ -Copyright (c) 2006-2009 Graydon Hoare -Copyright (c) 2009-2013 Mozilla Foundation -Copyright (c) 2016 Artyom Pavlov - -Permission is hereby granted, free of charge, to any -person obtaining a copy of this software and associated -documentation files (the "Software"), to deal in the -Software without restriction, including without -limitation the rights to use, copy, modify, merge, -publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software -is furnished to do so, subject to the following -conditions: - -The above copyright notice and this permission notice -shall be included in all copies or substantial portions -of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF -ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED -TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A -PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT -SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION -OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR -IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER -DEALINGS IN THE SOFTWARE. diff --git a/third_party/rust/md-5/README.md b/third_party/rust/md-5/README.md deleted file mode 100644 index 56af1749bf8f..000000000000 --- a/third_party/rust/md-5/README.md +++ /dev/null @@ -1,72 +0,0 @@ -# RustCrypto: MD5 - -[![crate][crate-image]][crate-link] -[![Docs][docs-image]][docs-link] -![Apache2/MIT licensed][license-image] -![Rust Version][rustc-image] -[![Project Chat][chat-image]][chat-link] -[![Build Status][build-image]][build-link] - -Pure Rust implementation of the [MD5 hash function][1]. - -[Documentation][docs-link] - -## ⚠️ Security Warning - -This crate is provided for the purposes of legacy interoperability with -protocols and systems which mandate the use of MD5. - -However, MD5 is [cryptographically broken and unsuitable for further use][2]. - -Collision attacks against MD5 are both practical and trivial, and -[theoretical attacks against MD5's preimage resistance have been found][3]. - -[RFC6151][4] advises no new IETF protocols can be designed MD5-based constructions, -including HMAC-MD5. - -## Minimum Supported Rust Version - -Rust **1.41** or higher. - -Minimum supported Rust version can be changed in the future, but it will be -done with a minor version bump. - -## SemVer Policy - -- All on-by-default features of this library are covered by SemVer -- MSRV is considered exempt from SemVer as noted above - -## License - -Licensed under either of: - - * [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0) - * [MIT license](http://opensource.org/licenses/MIT) - -at your option. - -### Contribution - -Unless you explicitly state otherwise, any contribution intentionally submitted -for inclusion in the work by you, as defined in the Apache-2.0 license, shall be -dual licensed as above, without any additional terms or conditions. - -[//]: # (badges) - -[crate-image]: https://img.shields.io/crates/v/md-5.svg -[crate-link]: https://crates.io/crates/md-5 -[docs-image]: https://docs.rs/md-5/badge.svg -[docs-link]: https://docs.rs/md-5/ -[license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg -[rustc-image]: https://img.shields.io/badge/rustc-1.41+-blue.svg -[chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg -[chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/260041-hashes -[build-image]: https://github.com/RustCrypto/hashes/workflows/md5/badge.svg?branch=master -[build-link]: https://github.com/RustCrypto/hashes/actions?query=workflow%3Amd5 - -[//]: # (general links) - -[1]: https://en.wikipedia.org/wiki/MD5 -[2]: https://www.kb.cert.org/vuls/id/836068 -[3]: https://dl.acm.org/citation.cfm?id=1724151 -[4]: https://tools.ietf.org/html/rfc6151 diff --git a/third_party/rust/md-5/benches/mod.rs b/third_party/rust/md-5/benches/mod.rs deleted file mode 100644 index 7729eb708cff..000000000000 --- a/third_party/rust/md-5/benches/mod.rs +++ /dev/null @@ -1,14 +0,0 @@ -#![feature(test)] -extern crate test; - -use digest::bench_update; -use md5::Md5; -use test::Bencher; - -bench_update!( - Md5::default(); - md5_10 10; - md5_100 100; - md5_1000 1000; - md5_10000 10000; -); diff --git a/third_party/rust/md-5/src/compress.rs b/third_party/rust/md-5/src/compress.rs deleted file mode 100644 index 46857038e3b9..000000000000 --- a/third_party/rust/md-5/src/compress.rs +++ /dev/null @@ -1,165 +0,0 @@ -#![allow(clippy::many_single_char_names, clippy::unreadable_literal)] -use core::convert::TryInto; - -const RC: [u32; 64] = [ - // round 1 - 0xd76aa478, 0xe8c7b756, 0x242070db, 0xc1bdceee, 0xf57c0faf, 0x4787c62a, 0xa8304613, 0xfd469501, - 0x698098d8, 0x8b44f7af, 0xffff5bb1, 0x895cd7be, 0x6b901122, 0xfd987193, 0xa679438e, 0x49b40821, - // round 2 - 0xf61e2562, 0xc040b340, 0x265e5a51, 0xe9b6c7aa, 0xd62f105d, 0x02441453, 0xd8a1e681, 0xe7d3fbc8, - 0x21e1cde6, 0xc33707d6, 0xf4d50d87, 0x455a14ed, 0xa9e3e905, 0xfcefa3f8, 0x676f02d9, 0x8d2a4c8a, - // round 3 - 0xfffa3942, 0x8771f681, 0x6d9d6122, 0xfde5380c, 0xa4beea44, 0x4bdecfa9, 0xf6bb4b60, 0xbebfbc70, - 0x289b7ec6, 0xeaa127fa, 0xd4ef3085, 0x04881d05, 0xd9d4d039, 0xe6db99e5, 0x1fa27cf8, 0xc4ac5665, - // round 4 - 0xf4292244, 0x432aff97, 0xab9423a7, 0xfc93a039, 0x655b59c3, 0x8f0ccc92, 0xffeff47d, 0x85845dd1, - 0x6fa87e4f, 0xfe2ce6e0, 0xa3014314, 0x4e0811a1, 0xf7537e82, 0xbd3af235, 0x2ad7d2bb, 0xeb86d391, -]; - -#[inline(always)] -fn op_f(w: u32, x: u32, y: u32, z: u32, m: u32, c: u32, s: u32) -> u32 { - ((x & y) | (!x & z)) - .wrapping_add(w) - .wrapping_add(m) - .wrapping_add(c) - .rotate_left(s) - .wrapping_add(x) -} -#[inline(always)] -fn op_g(w: u32, x: u32, y: u32, z: u32, m: u32, c: u32, s: u32) -> u32 { - ((x & z) | (y & !z)) - .wrapping_add(w) - .wrapping_add(m) - .wrapping_add(c) - .rotate_left(s) - .wrapping_add(x) -} - -#[inline(always)] -fn op_h(w: u32, x: u32, y: u32, z: u32, m: u32, c: u32, s: u32) -> u32 { - (x ^ y ^ z) - .wrapping_add(w) - .wrapping_add(m) - .wrapping_add(c) - .rotate_left(s) - .wrapping_add(x) -} - -#[inline(always)] -fn op_i(w: u32, x: u32, y: u32, z: u32, m: u32, c: u32, s: u32) -> u32 { - (y ^ (x | !z)) - .wrapping_add(w) - .wrapping_add(m) - .wrapping_add(c) - .rotate_left(s) - .wrapping_add(x) -} - -#[inline] -pub fn compress_block(state: &mut [u32; 4], input: &[u8; 64]) { - let mut a = state[0]; - let mut b = state[1]; - let mut c = state[2]; - let mut d = state[3]; - - let mut data = [0u32; 16]; - for (o, chunk) in data.iter_mut().zip(input.chunks_exact(4)) { - *o = u32::from_le_bytes(chunk.try_into().unwrap()); - } - - // round 1 - a = op_f(a, b, c, d, data[0], RC[0], 7); - d = op_f(d, a, b, c, data[1], RC[1], 12); - c = op_f(c, d, a, b, data[2], RC[2], 17); - b = op_f(b, c, d, a, data[3], RC[3], 22); - - a = op_f(a, b, c, d, data[4], RC[4], 7); - d = op_f(d, a, b, c, data[5], RC[5], 12); - c = op_f(c, d, a, b, data[6], RC[6], 17); - b = op_f(b, c, d, a, data[7], RC[7], 22); - - a = op_f(a, b, c, d, data[8], RC[8], 7); - d = op_f(d, a, b, c, data[9], RC[9], 12); - c = op_f(c, d, a, b, data[10], RC[10], 17); - b = op_f(b, c, d, a, data[11], RC[11], 22); - - a = op_f(a, b, c, d, data[12], RC[12], 7); - d = op_f(d, a, b, c, data[13], RC[13], 12); - c = op_f(c, d, a, b, data[14], RC[14], 17); - b = op_f(b, c, d, a, data[15], RC[15], 22); - - // round 2 - a = op_g(a, b, c, d, data[1], RC[16], 5); - d = op_g(d, a, b, c, data[6], RC[17], 9); - c = op_g(c, d, a, b, data[11], RC[18], 14); - b = op_g(b, c, d, a, data[0], RC[19], 20); - - a = op_g(a, b, c, d, data[5], RC[20], 5); - d = op_g(d, a, b, c, data[10], RC[21], 9); - c = op_g(c, d, a, b, data[15], RC[22], 14); - b = op_g(b, c, d, a, data[4], RC[23], 20); - - a = op_g(a, b, c, d, data[9], RC[24], 5); - d = op_g(d, a, b, c, data[14], RC[25], 9); - c = op_g(c, d, a, b, data[3], RC[26], 14); - b = op_g(b, c, d, a, data[8], RC[27], 20); - - a = op_g(a, b, c, d, data[13], RC[28], 5); - d = op_g(d, a, b, c, data[2], RC[29], 9); - c = op_g(c, d, a, b, data[7], RC[30], 14); - b = op_g(b, c, d, a, data[12], RC[31], 20); - - // round 3 - a = op_h(a, b, c, d, data[5], RC[32], 4); - d = op_h(d, a, b, c, data[8], RC[33], 11); - c = op_h(c, d, a, b, data[11], RC[34], 16); - b = op_h(b, c, d, a, data[14], RC[35], 23); - - a = op_h(a, b, c, d, data[1], RC[36], 4); - d = op_h(d, a, b, c, data[4], RC[37], 11); - c = op_h(c, d, a, b, data[7], RC[38], 16); - b = op_h(b, c, d, a, data[10], RC[39], 23); - - a = op_h(a, b, c, d, data[13], RC[40], 4); - d = op_h(d, a, b, c, data[0], RC[41], 11); - c = op_h(c, d, a, b, data[3], RC[42], 16); - b = op_h(b, c, d, a, data[6], RC[43], 23); - - a = op_h(a, b, c, d, data[9], RC[44], 4); - d = op_h(d, a, b, c, data[12], RC[45], 11); - c = op_h(c, d, a, b, data[15], RC[46], 16); - b = op_h(b, c, d, a, data[2], RC[47], 23); - - // round 4 - a = op_i(a, b, c, d, data[0], RC[48], 6); - d = op_i(d, a, b, c, data[7], RC[49], 10); - c = op_i(c, d, a, b, data[14], RC[50], 15); - b = op_i(b, c, d, a, data[5], RC[51], 21); - - a = op_i(a, b, c, d, data[12], RC[52], 6); - d = op_i(d, a, b, c, data[3], RC[53], 10); - c = op_i(c, d, a, b, data[10], RC[54], 15); - b = op_i(b, c, d, a, data[1], RC[55], 21); - - a = op_i(a, b, c, d, data[8], RC[56], 6); - d = op_i(d, a, b, c, data[15], RC[57], 10); - c = op_i(c, d, a, b, data[6], RC[58], 15); - b = op_i(b, c, d, a, data[13], RC[59], 21); - - a = op_i(a, b, c, d, data[4], RC[60], 6); - d = op_i(d, a, b, c, data[11], RC[61], 10); - c = op_i(c, d, a, b, data[2], RC[62], 15); - b = op_i(b, c, d, a, data[9], RC[63], 21); - - state[0] = state[0].wrapping_add(a); - state[1] = state[1].wrapping_add(b); - state[2] = state[2].wrapping_add(c); - state[3] = state[3].wrapping_add(d); -} - -#[inline] -pub fn compress(state: &mut [u32; 4], blocks: &[[u8; 64]]) { - for block in blocks { - compress_block(state, block) - } -} diff --git a/third_party/rust/md-5/src/lib.rs b/third_party/rust/md-5/src/lib.rs deleted file mode 100644 index 87fe9134fb1b..000000000000 --- a/third_party/rust/md-5/src/lib.rs +++ /dev/null @@ -1,146 +0,0 @@ -//! An implementation of the [MD5][1] cryptographic hash algorithm. -//! -//! # Usage -//! -//! ```rust -//! use md5::{Md5, Digest}; -//! use hex_literal::hex; -//! -//! // create a Md5 hasher instance -//! let mut hasher = Md5::new(); -//! -//! // process input message -//! hasher.update(b"hello world"); -//! -//! // acquire hash digest in the form of GenericArray, -//! // which in this case is equivalent to [u8; 16] -//! let result = hasher.finalize(); -//! assert_eq!(result[..], hex!("5eb63bbbe01eeed093cb22bb8f5acdc3")); -//! ``` -//! -//! Also see [RustCrypto/hashes][2] readme. -//! -//! [1]: https://en.wikipedia.org/wiki/MD5 -//! [2]: https://github.com/RustCrypto/hashes - -#![no_std] -#![doc( - html_logo_url = "https://raw.githubusercontent.com/RustCrypto/media/6ee8e381/logo.svg", - html_favicon_url = "https://raw.githubusercontent.com/RustCrypto/media/6ee8e381/logo.svg" -)] -#![warn(missing_docs, rust_2018_idioms)] - -#[cfg(all(feature = "asm", any(target_arch = "x86", target_arch = "x86_64")))] -extern crate md5_asm as compress; - -#[cfg(not(all(feature = "asm", any(target_arch = "x86", target_arch = "x86_64"))))] -mod compress; - -pub use digest::{self, Digest}; - -use compress::compress; - -use core::{fmt, slice::from_ref}; -#[cfg(feature = "oid")] -use digest::const_oid::{AssociatedOid, ObjectIdentifier}; -use digest::{ - block_buffer::Eager, - core_api::{ - AlgorithmName, Block, BlockSizeUser, Buffer, BufferKindUser, CoreWrapper, FixedOutputCore, - OutputSizeUser, Reset, UpdateCore, - }, - typenum::{Unsigned, U16, U64}, - HashMarker, Output, -}; -/// Core MD5 hasher state. -#[derive(Clone)] -pub struct Md5Core { - block_len: u64, - state: [u32; 4], -} - -impl HashMarker for Md5Core {} - -impl BlockSizeUser for Md5Core { - type BlockSize = U64; -} - -impl BufferKindUser for Md5Core { - type BufferKind = Eager; -} - -impl OutputSizeUser for Md5Core { - type OutputSize = U16; -} - -impl UpdateCore for Md5Core { - #[inline] - fn update_blocks(&mut self, blocks: &[Block]) { - self.block_len = self.block_len.wrapping_add(blocks.len() as u64); - compress(&mut self.state, convert(blocks)) - } -} - -impl FixedOutputCore for Md5Core { - #[inline] - fn finalize_fixed_core(&mut self, buffer: &mut Buffer, out: &mut Output) { - let bit_len = self - .block_len - .wrapping_mul(Self::BlockSize::U64) - .wrapping_add(buffer.get_pos() as u64) - .wrapping_mul(8); - let mut s = self.state; - buffer.len64_padding_le(bit_len, |b| compress(&mut s, convert(from_ref(b)))); - for (chunk, v) in out.chunks_exact_mut(4).zip(s.iter()) { - chunk.copy_from_slice(&v.to_le_bytes()); - } - } -} - -impl Default for Md5Core { - #[inline] - fn default() -> Self { - Self { - block_len: 0, - state: [0x6745_2301, 0xEFCD_AB89, 0x98BA_DCFE, 0x1032_5476], - } - } -} - -impl Reset for Md5Core { - #[inline] - fn reset(&mut self) { - *self = Default::default(); - } -} - -impl AlgorithmName for Md5Core { - fn write_alg_name(f: &mut fmt::Formatter<'_>) -> fmt::Result { - f.write_str("Md5") - } -} - -impl fmt::Debug for Md5Core { - fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { - f.write_str("Md5Core { ... }") - } -} - -#[cfg(feature = "oid")] -#[cfg_attr(docsrs, doc(cfg(feature = "oid")))] -impl AssociatedOid for Md5Core { - const OID: ObjectIdentifier = ObjectIdentifier::new_unwrap("1.2.840.113549.2.5"); -} - -/// MD5 hasher state. -pub type Md5 = CoreWrapper; - -const BLOCK_SIZE: usize = ::BlockSize::USIZE; - -#[inline(always)] -fn convert(blocks: &[Block]) -> &[[u8; BLOCK_SIZE]] { - // SAFETY: GenericArray and [u8; 64] have - // exactly the same memory layout - let p = blocks.as_ptr() as *const [u8; BLOCK_SIZE]; - unsafe { core::slice::from_raw_parts(p, blocks.len()) } -} diff --git a/third_party/rust/md-5/tests/data/md5.blb b/third_party/rust/md-5/tests/data/md5.blb deleted file mode 100644 index 3f6d643839fe7be82b7bbe1a2c74a08e7b748468..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcwPel00001 literal 3271 zcwPa=3^?-u03g&IjMvIOaX37G8oLVi|MXk{RAb!lU3AYyWFcWxkNZ+IYTb!~8S zAa8bMav*eQWgu)}dU+sZZ)YH$5Ph9DE4G4b*c~-Oq#4#&RA^-&adl~9Yan8BZ+C7W zW^Z^PYISXJb0BYaWpW^NXk{R5VS0HWWN&9KAmrHz!jRDW9H40bt=}Tc(2oFRW?(+F zy|R}1SS#Cm4D1=eGJ{xn=H)fg!Fdok1Sy~FR4DSSgY%tkz9y z;8R!w<-VxGFo!yt+oG#UG$1m;;&8X_ zlTn^~-&?b1TQSK&E8&Kjuk;S@9TmZ9zy`av-MJY}1YWWM*~F2qqMk2?3KxAs(uHj! zNI2Ci1rcH|Zgl1>9J=jpiXw?rmoePkBrQvX9Oo=dMIV{OrAxk&E`=)IHg10j-S< z&+V|fTI?$S0~>=Y=8&Eec%KYDVCzDdzTx)WH^icrpp^2p6!O^kjeJxKEa7P;$8FKU zKCvA#ko)-_Bwn@pKJ+!jA8<(z*NH!j&!JFTuQJ4_fi>D)B%2i!MPnV}QgU@-xnMg@ zK==fPHpr^`%A{K>eCE#-8kTBRNTZu@vR*^@Mz*nj@CTI~imN~7m5!%D3S(Yk0rSGKW^#p}qaU*oN zcEDBRAv;b2>f>50x7s!#(Z5I`F7O$W9Csb7a;*y4xNAP44CLZwRcYz9zK~!FV6d(? zs%gFQTGxsCHEHEgPa6k)`XtX=ZJf+?+FNMUEs@Pbqs%7;=;>5HKt^?8(`$%2PCh`> zE0uD6Y9Ta72EL{2FTYc1p?c}GUI%bb6NLhx#)M9$@w4Waw1YenBe^$g!-e(}Z-=%k z->Qw5l2U@y4+f{I-g?H^FOw1*8e3i1ym~t z{Ac+;+OzcSTxr!MAg{V6Cg&rc*N`{lXqG#oX{_hvu5;fBw1ot4uy8Ea8C0t?jO&I- zTgZ$@%JWrR#x0h&n1Zg$9OPhcL)bTW9?}-&a3CsG6?*UO|6C*If!UFof08Pz81(eY z3gFj$6M(j7Lrz)ELOakY{1n^v9=0gFS=>uiup>kHOuoEZ9#ecQul`NtTgd<%bfH>& zr=v$w+qLdG^=he=b1_3X(8sx_RhzYnwBU`7Q_-k5V8n;kg~7p3NzG55^9BGcFl?!R zu4_cWPspW5lRylH(Si@Gx`HHp;YvvKcnAlx@?^dXqQO6(_}Uv>D#;c$r~~2>r_Bf{ zq9z`@T`59a$MJ%}9QPs_+JnyongO#d-vPp#*)TOAnZL2Vz+DlJV(o0S=2do^j{xAW zDk+>ZF2|}gQ^G;iRR}Fn*5c$A9uiKc?apb1b^>aGIW|C!m&9FR$M$~wZe2a$hUAt{ zMhNP~tD^FXJNDm6n|5#i;CxK5Kkkf8TE&xc6*-z($gXWFpZ4ykc4Q3|^Bj1QpN<^q zawUeC0`$?55_K&B+F@Xs4npdhFI3}#G*gCI_s6)~E zXHR{vnwEz{-ZwQKG$f`;oktEJu>0@87O7Bz%QjYYFG8RZdL1VLhj?W<#Odtt zwPPLDMlWsH#vSQWvbz*>TQm_=8fkM5*wtnxokpknx{@G?oO3P02i{7l$!@~ouo)Cf zg|6cR&ye$FUc*XBbx$pstk2vs$PJBG`*RS0!<>`{=o>7o zsCRT-kLSMsNH476;TCsI2;m$=l^%dKxbEZ*E}{4ZG^=?AxawYKS-~d$I~TT>D?K(2tU(Jm(_sN0G=$@5hYzF) zJ;H8-flX2$ty~NCA7w6qs4(G|Ip~&oB|}BCi&tGoWqN+wu)Y0mZRq}G8tSR?!^uoa zm%+ztAt>i1aArv0dL%&knP{l`6Tool@N0JrQ%`R|z2G48B)7HV8CE4pfGV=TC|D+s z0Dc{g1Lu!}q7i_XjD0pC5f49k6i@5C>cx_JaEiI>`a+NiriWI>(@L`90~lbTAi)xy zff67rOEE!*;hl#s&t*-xND(>T;fvloOJeTZrPfP@!mw2VY9&g?vH3MuHUPGV)#pd4 zW=%V2W@0C`SMvD1(bII1M3vbd>1)MKJ&mLiJoWDM!%N^K_Z{O z?$b~Fne87;UMo%LRTnOGD^w+vl7i#Uc&e7rx5V9%0Y$U2+&pS0+NXgB>b%X{U6>pJ7QRuz0`9~^`ix8dmUvhiL zNIDoPAa$D|nW2ZYx156`^(2*JzqGv2z$-w!-jMTAD#K6kF#{)to(ky#fadDk59j_mLrnJ*M(Jo4obZ1^RmsfNj+&>oWGU z+RvOs(lb7MK{AVKY4*`2GBCTZ&*mF!DB zac$O1o=T`D6ztgB*oeO>NcAttuUZIycI3k@{%ScjLUMk=tG!eb-cREK9w%QLo%ixn z0^CABSa^(#oTt#TIQ>41yayXe3G#&mM7X&V1>IuQ9f})-iYLIs#e`aFqHg=1Hqi)# zC~HmAL_7pPA{ln^D8QJ?*P>+=jJh}UB-t=20m%e++0Z`3B%lP(wiw4S5&iy+2mr(n zY7)c?@NN*lr6afGk4=%x{lzCrR7|&3vjyh9HjcE#QfGMDfA|a)2_qj-T$=^N%+V|Y zDO~`r+xn@9D=b(9C1}-*XRt~xRfWxs27-?Vi8PrV-ROc7nl$%wlfYgc6#Vb5ErgN+ zma2C%9qP!rQ?p@=Ht{$8&{3erW!lLq**S~;o8o>KdV4K`eBP9W)4=_!hv6H$Vp`4@^^ F1#$74Jq7>( diff --git a/third_party/rust/md-5/tests/mod.rs b/third_party/rust/md-5/tests/mod.rs deleted file mode 100644 index 316cb8fbe900..000000000000 --- a/third_party/rust/md-5/tests/mod.rs +++ /dev/null @@ -1,15 +0,0 @@ -use digest::dev::{feed_rand_16mib, fixed_reset_test}; -use hex_literal::hex; -use md5::{Digest, Md5}; - -digest::new_test!(md5_main, "md5", md5::Md5, fixed_reset_test); - -#[test] -fn md5_rand() { - let mut h = Md5::new(); - feed_rand_16mib(&mut h); - assert_eq!( - h.finalize()[..], - hex!("61aec26f1b909578ef638ae02dac0977")[..] - ); -} diff --git a/toolkit/library/rust/shared/Cargo.toml b/toolkit/library/rust/shared/Cargo.toml index 104b9b8f664d..daf9f75113a7 100644 --- a/toolkit/library/rust/shared/Cargo.toml +++ b/toolkit/library/rust/shared/Cargo.toml @@ -38,7 +38,6 @@ cose-c = { version = "0.1.5" } jsrust_shared = { path = "../../../../js/src/rust/shared" } cascade_bloom_filter = { path = "../../../components/cascade_bloom_filter" } cert_storage = { path = "../../../../security/manager/ssl/cert_storage" } -crypto_hash = { path = "../../../../security/manager/ssl/crypto_hash" } bitsdownload = { path = "../../../components/bitsdownload", optional = true } storage = { path = "../../../../storage/rust" } bookmark_sync = { path = "../../../components/places/bookmark_sync", optional = true } diff --git a/toolkit/library/rust/shared/lib.rs b/toolkit/library/rust/shared/lib.rs index 05367d8bdca6..3d6ecfab002a 100644 --- a/toolkit/library/rust/shared/lib.rs +++ b/toolkit/library/rust/shared/lib.rs @@ -16,7 +16,6 @@ extern crate bitsdownload; extern crate bookmark_sync; extern crate cascade_bloom_filter; extern crate cert_storage; -extern crate crypto_hash; extern crate chardetng_c; extern crate cosec; #[cfg(feature = "cubeb_coreaudio_rust")] -- 2.11.4.GIT