Re: [Tails-dev] HTML prototype for new download page

Üzenet törlése

Válasz az üzenetre
Szerző: Uzair Farooq
Dátum:  
Címzett: sajolida
CC: Muhammad Usman Subhani, The Tails public development discussion list
Tárgy: Re: [Tails-dev] HTML prototype for new download page
Hey,

> But then the extension doesn't work: it takes a full core starts eating

as much RAM as it can. See this screencast:

The SHA 256 takes time and CPU to compute for such large files. In the
previous add-on we were using a native method (which is not supported in
web extensions) which was probably fast because it was a native methods are
native are not bound to Javascript while the SHA libs must javascript to
compute hash.

What we can do as a workaround is that we compute hash in a webworker. A
web worker won't hang the page/browser but it'll still take CPU and RAM.


> That you are embedding a crypto library to compute the SHA256

(scripts/vendor/sha256.js) while the previous code didn't do that.
In tails-download-and-verify/lib/hash.js he seems to use a build-in
function from Firefox with:

This is not possible in web extensions, that api only works Add-on SD.

> That you don't pin on the SSL certificate of our certificate authority

(Let's Encrypt).

This library is also addon SDK specific and is not supported in Web
Extensions. There's this certificate pinning feature in HTML5
https://developer.mozilla.org/en-US/docs/Web/HTTP/Public_Key_Pinning in
which pinned certificates are returned in header of request when user
visits the site first time.


It'd have been easier for us to reuse Giorgio's code instead of rewriting
from scratch but because of the fact that a lot of API's being used in
Giorgio's
code are add-on SDK specific and aren't supported in WebExtensions, it was
better to rewrite.



On Sun, Oct 15, 2017 at 10:07 PM, sajolida <sajolida@???> wrote:

> Uzair Farooq:
> > We made the commit on top of existing repo, here
> > https://github.com/usman-subhani/Tails-repos
>
> Yeah, I like that!
>
> I merged your changes in the production website so you can test it from:
>
>         http://tails.boum.org/install/download_2

>
> I also:
>
> - Hid the "Update extension" that was displayed by default.
> - Hid the <input> that you added for the file chooser.
>
> So far so good!
>
> > Here's how to install Firefox extension
> > https://developer.mozilla.org/en-US/Add-ons/WebExtensions/
> Temporary_Installation_in_Firefox
> > . There's a video tutorial at the end.
>
> I tried this as well and installing the extension like this works, yeah!
>
> But then the extension doesn't work: it takes a full core starts eating
> as much RAM as it can. See this screencast:
>
> https://dl.poivron.org/n7exagegay7wmynbugh4-ekzsjrqmajdq5lyn
>
> Also, I see in the report for the extension itself that you decided to
> start a code base from scratch. Our initial idea was to instead base
> your work on the current code base from Giorgio Maone, but I also
> understand that given the fact that the scope of the extension has been
> drastically reduced after we removed the download from it and that the
> download page has been completely rewritten, it might make more sense
> for you to start from scratch. So that's not a problem as such.
>
> Still, as initial comments (because I can't really understand your code
> beyond that), I see:
>
> - That you are embedding a crypto library to compute the SHA256
> (scripts/vendor/sha256.js) while the previous code didn't do that.
> In tails-download-and-verify/lib/hash.js he seems to use a build-in
> function from Firefox with:
>
>   let hasher = Cc["@mozilla.org/security/hash;1"]
>                  .createInstance(Ci.nsICryptoHash);
>   hasher.init(hasher.SHA256);

>
> https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM/
> Reference/Interface/nsICryptoHash
>
> If this is still possible with WebExtensions, why not do that?
>
> Because auditing and maintaining crypto primitives is not really
> something we want to go into...
>
> - That you don't pin on the SSL certificate of our certificate authority
> (Let's Encrypt).
>
> See:
>
> - https://tails.boum.org/blueprint/bootstrapping/extension/#index5h2
> - tails-download-and-verify/lib/cert-pinner.js in the current code
>
> I'm sorry if I didn't point you to this document before but I didn't
> expect that you would rewrite the internals of the verification
> mechanism and would rather reuse Giorgio's code.
>