The Tor Browser: services/fxaccounts/FxAccountsClient.jsm@97036ab72558 (annotated)

services/fxaccounts/FxAccountsClient.jsm@97036ab72558 (annotated)

services/fxaccounts/FxAccountsClient.jsm

Tue, 06 Jan 2015 21:39:09 +0100

author: Michael Schloh von Bennewitz <michael@schloh.com>
date: Tue, 06 Jan 2015 21:39:09 +0100
branch: TOR_BUG_9701
changeset 8: 97036ab72558
permissions: -rw-r--r--

Conditionally force memory storage according to privacy.thirdparty.isolate;
This solves Tor bug #9701, complying with disk avoidance documented in
https://www.torproject.org/projects/torbrowser/design/#disk-avoidance.

 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 this.EXPORTED_SYMBOLS = ["FxAccountsClient"];
 const {classes: Cc, interfaces: Ci, utils: Cu} = Components;
 Cu.import("resource://gre/modules/Log.jsm");
 Cu.import("resource://gre/modules/Promise.jsm");
 Cu.import("resource://gre/modules/Services.jsm");
 Cu.import("resource://services-common/utils.js");
 Cu.import("resource://services-common/hawkclient.js");
 Cu.import("resource://services-crypto/utils.js");
 Cu.import("resource://gre/modules/FxAccountsCommon.js");
 Cu.import("resource://gre/modules/Credentials.jsm");
 const HOST = Services.prefs.getCharPref("identity.fxaccounts.auth.uri");
 this.FxAccountsClient = function(host = HOST) {
   this.host = host;
   // The FxA auth server expects requests to certain endpoints to be authorized
   // using Hawk.
   this.hawk = new HawkClient(host);
   this.hawk.observerPrefix = "FxA:hawk";
   // Manage server backoff state. C.f.
   // https://github.com/mozilla/fxa-auth-server/blob/master/docs/api.md#backoff-protocol
   this.backoffError = null;
 };
 this.FxAccountsClient.prototype = {
   /**
    * Return client clock offset, in milliseconds, as determined by hawk client.
    * Provided because callers should not have to know about hawk
    * implementation.
    *
    * The offset is the number of milliseconds that must be added to the client
    * clock to make it equal to the server clock.  For example, if the client is
    * five minutes ahead of the server, the localtimeOffsetMsec will be -300000.
    */
   get localtimeOffsetMsec() {
     return this.hawk.localtimeOffsetMsec;
   },
   /*
    * Return current time in milliseconds
    *
    * Not used by this module, but made available to the FxAccounts.jsm
    * that uses this client.
    */
   now: function() {
     return this.hawk.now();
   },
   /**
    * Create a new Firefox Account and authenticate
    *
    * @param email
    *        The email address for the account (utf8)
    * @param password
    *        The user's password
    * @return Promise
    *        Returns a promise that resolves to an object:
    *        {
    *          uid: the user's unique ID (hex)
    *          sessionToken: a session token (hex)
    *          keyFetchToken: a key fetch token (hex)
    *        }
    */
   signUp: function(email, password) {
     return Credentials.setup(email, password).then((creds) => {
       let data = {
         email: creds.emailUTF8,
         authPW: CommonUtils.bytesAsHex(creds.authPW),
       };
       return this._request("/account/create", "POST", null, data);
     });
   },
   /**
    * Authenticate and create a new session with the Firefox Account API server
    *
    * @param email
    *        The email address for the account (utf8)
    * @param password
    *        The user's password
    * @param [getKeys=false]
    *        If set to true the keyFetchToken will be retrieved
    * @param [retryOK=true]
    *        If capitalization of the email is wrong and retryOK is set to true,
    *        we will retry with the suggested capitalization from the server
    * @return Promise
    *        Returns a promise that resolves to an object:
    *        {
    *          authAt: authentication time for the session (seconds since epoch)
    *          email: the primary email for this account
    *          keyFetchToken: a key fetch token (hex)
    *          sessionToken: a session token (hex)
    *          uid: the user's unique ID (hex)
    *          unwrapBKey: used to unwrap kB, derived locally from the
    *                      password (not revealed to the FxA server)
    *          verified: flag indicating verification status of the email
    *        }
    */
   signIn: function signIn(email, password, getKeys=false, retryOK=true) {
     return Credentials.setup(email, password).then((creds) => {
       let data = {
         authPW: CommonUtils.bytesAsHex(creds.authPW),
         email: creds.emailUTF8,
       };
       let keys = getKeys ? "?keys=true" : "";
       return this._request("/account/login" + keys, "POST", null, data).then(
         // Include the canonical capitalization of the email in the response so
         // the caller can set its signed-in user state accordingly.
         result => {
           result.email = data.email;
           result.unwrapBKey = CommonUtils.bytesAsHex(creds.unwrapBKey);
           return result;
         },
         error => {
           log.debug("signIn error: " + JSON.stringify(error));
           // If the user entered an email with different capitalization from
           // what's stored in the database (e.g., Greta.Garbo@gmail.COM as
           // opposed to greta.garbo@gmail.com), the server will respond with a
           // errno 120 (code 400) and the expected capitalization of the email.
           // We retry with this email exactly once.  If successful, we use the
           // server's version of the email as the signed-in-user's email. This
           // is necessary because the email also serves as salt; so we must be
           // in agreement with the server on capitalization.
           //
           // API reference:
           // https://github.com/mozilla/fxa-auth-server/blob/master/docs/api.md
           if (ERRNO_INCORRECT_EMAIL_CASE === error.errno && retryOK) {
             if (!error.email) {
               log.error("Server returned errno 120 but did not provide email");
               throw error;
             }
             return this.signIn(error.email, password, getKeys, false);
           }
           throw error;
         }
       );
     });
   },
   /**
    * Destroy the current session with the Firefox Account API server
    *
    * @param sessionTokenHex
    *        The session token encoded in hex
    * @return Promise
    */
   signOut: function (sessionTokenHex) {
     return this._request("/session/destroy", "POST",
       this._deriveHawkCredentials(sessionTokenHex, "sessionToken"));
   },
   /**
    * Check the verification status of the user's FxA email address
    *
    * @param sessionTokenHex
    *        The current session token encoded in hex
    * @return Promise
    */
   recoveryEmailStatus: function (sessionTokenHex) {
     return this._request("/recovery_email/status", "GET",
       this._deriveHawkCredentials(sessionTokenHex, "sessionToken"));
   },
   /**
    * Resend the verification email for the user
    *
    * @param sessionTokenHex
    *        The current token encoded in hex
    * @return Promise
    */
   resendVerificationEmail: function(sessionTokenHex) {
     return this._request("/recovery_email/resend_code", "POST",
       this._deriveHawkCredentials(sessionTokenHex, "sessionToken"));
   },
   /**
    * Retrieve encryption keys
    *
    * @param keyFetchTokenHex
    *        A one-time use key fetch token encoded in hex
    * @return Promise
    *        Returns a promise that resolves to an object:
    *        {
    *          kA: an encryption key for recevorable data (bytes)
    *          wrapKB: an encryption key that requires knowledge of the
    *                  user's password (bytes)
    *        }
    */
   accountKeys: function (keyFetchTokenHex) {
     let creds = this._deriveHawkCredentials(keyFetchTokenHex, "keyFetchToken");
     let keyRequestKey = creds.extra.slice(0, 32);
     let morecreds = CryptoUtils.hkdf(keyRequestKey, undefined,
                                      Credentials.keyWord("account/keys"), 3 * 32);
     let respHMACKey = morecreds.slice(0, 32);
     let respXORKey = morecreds.slice(32, 96);
     return this._request("/account/keys", "GET", creds).then(resp => {
       if (!resp.bundle) {
         throw new Error("failed to retrieve keys");
       }
       let bundle = CommonUtils.hexToBytes(resp.bundle);
       let mac = bundle.slice(-32);
       let hasher = CryptoUtils.makeHMACHasher(Ci.nsICryptoHMAC.SHA256,
         CryptoUtils.makeHMACKey(respHMACKey));
       let bundleMAC = CryptoUtils.digestBytes(bundle.slice(0, -32), hasher);
       if (mac !== bundleMAC) {
         throw new Error("error unbundling encryption keys");
       }
       let keyAWrapB = CryptoUtils.xor(respXORKey, bundle.slice(0, 64));
       return {
         kA: keyAWrapB.slice(0, 32),
         wrapKB: keyAWrapB.slice(32)
       };
     });
   },
   /**
    * Sends a public key to the FxA API server and returns a signed certificate
    *
    * @param sessionTokenHex
    *        The current session token encoded in hex
    * @param serializedPublicKey
    *        A public key (usually generated by jwcrypto)
    * @param lifetime
    *        The lifetime of the certificate
    * @return Promise
    *        Returns a promise that resolves to the signed certificate. The certificate
    *        can be used to generate a Persona assertion.
    */
   signCertificate: function (sessionTokenHex, serializedPublicKey, lifetime) {
     let creds = this._deriveHawkCredentials(sessionTokenHex, "sessionToken");
     let body = { publicKey: serializedPublicKey,
                  duration: lifetime };
     return Promise.resolve()
       .then(_ => this._request("/certificate/sign", "POST", creds, body))
       .then(resp => resp.cert,
             err => {
               log.error("HAWK.signCertificate error: " + JSON.stringify(err));
               throw err;
             });
   },
   /**
    * Determine if an account exists
    *
    * @param email
    *        The email address to check
    * @return Promise
    *        The promise resolves to true if the account exists, or false
    *        if it doesn't. The promise is rejected on other errors.
    */
   accountExists: function (email) {
     return this.signIn(email, "").then(
       (cantHappen) => {
         throw new Error("How did I sign in with an empty password?");
       },
       (expectedError) => {
         switch (expectedError.errno) {
           case ERRNO_ACCOUNT_DOES_NOT_EXIST:
             return false;
             break;
           case ERRNO_INCORRECT_PASSWORD:
             return true;
             break;
           default:
             // not so expected, any more ...
             throw expectedError;
             break;
         }
       }
     );
   },
   /**
    * The FxA auth server expects requests to certain endpoints to be authorized using Hawk.
    * Hawk credentials are derived using shared secrets, which depend on the context
    * (e.g. sessionToken vs. keyFetchToken).
    *
    * @param tokenHex
    *        The current session token encoded in hex
    * @param context
    *        A context for the credentials
    * @param size
    *        The size in bytes of the expected derived buffer
    * @return credentials
    *        Returns an object:
    *        {
    *          algorithm: sha256
    *          id: the Hawk id (from the first 32 bytes derived)
    *          key: the Hawk key (from bytes 32 to 64)
    *          extra: size - 64 extra bytes
    *        }
    */
   _deriveHawkCredentials: function (tokenHex, context, size) {
     let token = CommonUtils.hexToBytes(tokenHex);
     let out = CryptoUtils.hkdf(token, undefined, Credentials.keyWord(context), size || 3 * 32);
     return {
       algorithm: "sha256",
       key: out.slice(32, 64),
       extra: out.slice(64),
       id: CommonUtils.bytesAsHex(out.slice(0, 32))
     };
   },
   _clearBackoff: function() {
       this.backoffError = null;
   },
   /**
    * A general method for sending raw API calls to the FxA auth server.
    * All request bodies and responses are JSON.
    *
    * @param path
    *        API endpoint path
    * @param method
    *        The HTTP request method
    * @param credentials
    *        Hawk credentials
    * @param jsonPayload
    *        A JSON payload
    * @return Promise
    *        Returns a promise that resolves to the JSON response of the API call,
    *        or is rejected with an error. Error responses have the following properties:
    *        {
    *          "code": 400, // matches the HTTP status code
    *          "errno": 107, // stable application-level error number
    *          "error": "Bad Request", // string description of the error type
    *          "message": "the value of salt is not allowed to be undefined",
    *          "info": "https://docs.dev.lcip.og/errors/1234" // link to more info on the error
    *        }
    */
   _request: function hawkRequest(path, method, credentials, jsonPayload) {
     let deferred = Promise.defer();
     // We were asked to back off.
     if (this.backoffError) {
       log.debug("Received new request during backoff, re-rejecting.");
       deferred.reject(this.backoffError);
       return deferred.promise;
     }
     this.hawk.request(path, method, credentials, jsonPayload).then(
       (responseText) => {
         try {
           let response = JSON.parse(responseText);
           deferred.resolve(response);
         } catch (err) {
           log.error("json parse error on response: " + responseText);
           deferred.reject({error: err});
         }
       },
       (error) => {
         log.error("error " + method + "ing " + path + ": " + JSON.stringify(error));
         if (error.retryAfter) {
           log.debug("Received backoff response; caching error as flag.");
           this.backoffError = error;
           // Schedule clearing of cached-error-as-flag.
           CommonUtils.namedTimer(
             this._clearBackoff,
             error.retryAfter * 1000,
             this,
             "fxaBackoffTimer"
            );
 	}
         deferred.reject(error);
       }
     );
     return deferred.promise;
   },
 };

The Tor Browser / annotate

services/fxaccounts/FxAccountsClient.jsm@97036ab72558 (annotated)

services/fxaccounts/FxAccountsClient.jsm