[tor-bugs] #13379 [Tor Browser]: Sign our MAR files

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Dec 17 12:06:08 UTC 2014 

#13379: Sign our MAR files
-------------------------+-------------------------------------------------
     Reporter:           |      Owner:  mcs
  mikeperry              |     Status:  needs_review
         Type:  defect   |  Milestone:
     Priority:  major    |    Version:
    Component:  Tor      |   Keywords:  tbb-security,
  Browser                |  TorBrowserTeam201412,TorBrowserTeam201412R
   Resolution:           |  Parent ID:
Actual Points:           |
       Points:           |
-------------------------+-------------------------------------------------

Comment (by gk):

 Replying to [comment:42 mcs]:
 > Replying to [comment:41 gk]:
 > > 9) `update.log` shows basically "failed: 19" and the above error
 messages are shown
 >
 > Based on the info you provided, I think the MAR file has been signed
 using the older (now wrong) algorithm.  Kathy and I added the "Unsupported
 signature algorithm (SHA1 with RSA)" log message to make it easier to
 detect this situation.  But it sounds like you did everything correctly.
 Is there any chance you used an older signmar program (from mar-tools)?
 If you used the signmars-alpha make target the correct signmar should have
 been used though.

 Yes, you guessed correctly. I am not signing on my build server as I don't
 put the private keys there and had forgotten to update my local signmar
 copy. Interesting that it signed the .mar at all with the new key...
 Anyway, I found a new problem: signature verification works but for some
 reason my incremental update is broken now. In the update.log I get:
 {{{
 SOURCE DIRECTORY /home/firefox64/signtest/tor-browser_en-
 US/Browser/updates
 DESTINATION DIRECTORY /home/firefox64/signtest/tor-browser_en-US/Browser
 failed: 23
 calling QuitProgressUI
 }}}
 The full update is working fine, though. I was curious and tested a
 vanilla 4.5-alpha-2 and made exactly the same changes as I did when
 testing your patch and it turned out that incremental update is working.
 Thus, I suspect there is something in the new code that is causing this.
 Any ideas?

 And one request: Could you make the path to the nssdb configurable by an
 environment variable (e.g. NSSDBPATH)? For security reasons I plan to keep
 my signing keys offline using them offline directly from the storage
 device and hard-coding the path to the database does not work so well
 under that scenario.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13379#comment:43>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list