Bug 40209: Implement Basic Crypto Safety

Adds a CryptoSafety actor which detects when you've copied a crypto
address from a HTTP webpage and shows a warning.

Closes #40209.

Bug 40428: Fix string attribute names

browser/actors/CryptoSafetyChild.jsm

+/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
+/* Copyright (c) 2020, The Tor Project, Inc.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+var EXPORTED_SYMBOLS = ["CryptoSafetyChild"];
+
+const { Bech32Decode } = ChromeUtils.import(
+  "resource://gre/modules/Bech32Decode.jsm"
+);
+
+const { XPCOMUtils } = ChromeUtils.import(
+  "resource://gre/modules/XPCOMUtils.jsm"
+);
+
+XPCOMUtils.defineLazyPreferenceGetter(
+  this,
+  "isCryptoSafetyEnabled",
+  "security.cryptoSafety",
+  true // Defaults to true.
+);
+
+function looksLikeCryptoAddress(s) {
+  // P2PKH and P2SH addresses
+  // https://stackoverflow.com/a/24205650
+  const bitcoinAddr = /^[13][a-km-zA-HJ-NP-Z1-9]{25,39}$/;
+  if (bitcoinAddr.test(s)) {
+    return true;
+  }
+
+  // Bech32 addresses
+  if (Bech32Decode(s) !== null) {
+    return true;
+  }
+
+  // regular addresses
+  const etherAddr = /^0x[a-fA-F0-9]{40}$/;
+  if (etherAddr.test(s)) {
+    return true;
+  }
+
+  // t-addresses
+  // https://www.reddit.com/r/zec/comments/8mxj6x/simple_regex_to_validate_a_zcash_tz_address/dzr62p5/
+  const zcashAddr = /^t1[a-zA-Z0-9]{33}$/;
+  if (zcashAddr.test(s)) {
+    return true;
+  }
+
+  // Standard, Integrated, and 256-bit Integrated addresses
+  // https://monero.stackexchange.com/a/10627
+  const moneroAddr = /^4(?:[0-9AB]|[1-9A-HJ-NP-Za-km-z]{12}(?:[1-9A-HJ-NP-Za-km-z]{30})?)[1-9A-HJ-NP-Za-km-z]{93}$/;
+  if (moneroAddr.test(s)) {
+    return true;
+  }
+
+  return false;
+}
+
+class CryptoSafetyChild extends JSWindowActorChild {
+  handleEvent(event) {
+    if (
+      !isCryptoSafetyEnabled ||
+      // Ignore non-HTTP addresses.
+      // We do this before reading the host property since this is not available
+      // for about: pages.
+      !this.document.documentURIObject.schemeIs("http") ||
+      // Ignore onion addresses.
+      this.document.documentURIObject.host.endsWith(".onion") ||
+      (event.type !== "copy" && event.type !== "cut")
+    ) {
+      return;
+    }
+
+    this.contentWindow.navigator.clipboard.readText().then(clipText => {
+      const selection = clipText.replace(/\s+/g, "");
+      if (!looksLikeCryptoAddress(selection)) {
+        return;
+      }
+      this.sendAsyncMessage("CryptoSafety:CopiedText", {
+        selection,
+        host: this.document.documentURIObject.host,
+      });
+    });
+  }
+}

browser/actors/CryptoSafetyParent.jsm

+/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
+/* Copyright (c) 2020, The Tor Project, Inc.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+var EXPORTED_SYMBOLS = ["CryptoSafetyParent"];
+
+const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm");
+const { XPCOMUtils } = ChromeUtils.import(
+  "resource://gre/modules/XPCOMUtils.jsm"
+);
+
+XPCOMUtils.defineLazyGetter(this, "cryptoSafetyBundle", () => {
+  return Services.strings.createBundle(
+    "chrome://torbutton/locale/cryptoSafetyPrompt.properties"
+  );
+});
+
+// en-US fallback in case a locale is missing a string.
+XPCOMUtils.defineLazyGetter(this, "fallbackCryptoSafetyBundle", () => {
+  return Services.strings.createBundle(
+    "resource://gre/chrome/torbutton/locale/en-US/cryptoSafetyPrompt.properties"
+  );
+});
+
+XPCOMUtils.defineLazyPreferenceGetter(
+  this,
+  "isCryptoSafetyEnabled",
+  "security.cryptoSafety",
+  true // Defaults to true.
+);
+
+/**
+ * Get a formatted string from the locale's bundle, or the en-US bundle if the
+ * string is missing.
+ *
+ * @param {string} name - The string's name.
+ * @param {string[]} [args] - Positional arguments to pass to the format string,
+ *   or leave empty if none are needed.
+ *
+ * @returns {string} - The formatted string.
+ */
+function getString(name, args = []) {
+  try {
+    return cryptoSafetyBundle.formatStringFromName(name, args);
+  } catch {
+    return fallbackCryptoSafetyBundle.formatStringFromName(name, args);
+  }
+}
+
+class CryptoSafetyParent extends JSWindowActorParent {
+  receiveMessage(aMessage) {
+    if (!isCryptoSafetyEnabled || aMessage.name !== "CryptoSafety:CopiedText") {
+      return;
+    }
+
+    let address = aMessage.data.selection;
+    if (address.length > 32) {
+      address = `${address.substring(0, 32)}…`;
+    }
+
+    const buttonPressed = Services.prompt.confirmEx(
+      this.browsingContext.topChromeWindow,
+      getString("cryptoSafetyPrompt.cryptoTitle"),
+      getString("cryptoSafetyPrompt.cryptoBody", [address, aMessage.data.host]),
+      Services.prompt.BUTTON_TITLE_IS_STRING * Services.prompt.BUTTON_POS_0 +
+        Services.prompt.BUTTON_TITLE_IS_STRING * Services.prompt.BUTTON_POS_1,
+      getString("cryptoSafetyPrompt.primaryAction"),
+      getString("cryptoSafetyPrompt.secondaryAction"),
+      null,
+      null,
+      {}
+    );
+
+    if (buttonPressed === 0) {
+      this.browsingContext.topChromeWindow.torbutton_new_circuit();
+    }
+  }
+}

browser/actors/moz.build

@@ -57,6 +57,8 @@ FINAL_TARGET_FILES.actors += [
     "ContentSearchParent.jsm",
     "ContextMenuChild.jsm",
     "ContextMenuParent.jsm",
+    "CryptoSafetyChild.jsm",
+    "CryptoSafetyParent.jsm",
     "DecoderDoctorChild.jsm",
     "DecoderDoctorParent.jsm",
     "DOMFullscreenChild.jsm",

browser/components/BrowserGlue.jsm

@@ -451,6 +451,24 @@ let JSWINDOWACTORS = {
     },
 
     messageManagerGroups: ["browsers"],
+
+    allFrames: true,
+  },
+
+  CryptoSafety: {
+    parent: {
+      moduleURI: "resource:///actors/CryptoSafetyParent.jsm",
+    },
+
+    child: {
+      moduleURI: "resource:///actors/CryptoSafetyChild.jsm",
+      group: "browsers",
+      events: {
+        copy: { mozSystemGroup: true },
+        cut: { mozSystemGroup: true },
+      },
+    },
+
     allFrames: true,
   },
 

toolkit/content/license.html

@@ -71,6 +71,7 @@
       <li><a href="about:license#arm">ARM License</a></li>
       <li><a href="about:license#babel">Babel License</a></li>
       <li><a href="about:license#babylon">Babylon License</a></li>
+      <li><a href="about:license#bech32">Bech32 License</a></li>
       <li><a href="about:license#bincode">bincode License</a></li>
       <li><a href="about:license#bsd2clause">BSD 2-Clause License</a></li>
       <li><a href="about:license#bsd3clause">BSD 3-Clause License</a></li>
@@ -2106,6 +2107,37 @@ furnished to do so, subject to the following conditions:
 The above copyright notice and this permission notice shall be included in
 all copies or substantial portions of the Software.
 
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+</pre>
+
+
+    <hr>
+
+    <h1><a id="bech32"></a>Bech32 License</h1>
+
+    <p>This license applies to the file
+      <code>toolkit/modules/Bech32Decode.jsm</code>.
+    </p>
+
+<pre>
+Copyright (c) 2017 Pieter Wuille
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE

toolkit/modules/Bech32Decode.jsm

+// Adapted from the reference implementation of Bech32
+// https://github.com/sipa/bech32
+
+// Copyright (c) 2017 Pieter Wuille
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+
+"use strict";
+
+/**
+ * JS module implementation of Bech32 decoding adapted from the reference
+ * implementation https://github.com/sipa/bech32.
+ */
+
+var EXPORTED_SYMBOLS = ["Bech32Decode"];
+
+var CHARSET = "qpzry9x8gf2tvdw0s3jn54khce6mua7l";
+var GENERATOR = [0x3b6a57b2, 0x26508e6d, 0x1ea119fa, 0x3d4233dd, 0x2a1462b3];
+
+function polymod(values) {
+  var chk = 1;
+  for (var p = 0; p < values.length; ++p) {
+    var top = chk >> 25;
+    chk = ((chk & 0x1ffffff) << 5) ^ values[p];
+    for (var i = 0; i < 5; ++i) {
+      if ((top >> i) & 1) {
+        chk ^= GENERATOR[i];
+      }
+    }
+  }
+  return chk;
+}
+
+function hrpExpand(hrp) {
+  var ret = [];
+  var p;
+  for (p = 0; p < hrp.length; ++p) {
+    ret.push(hrp.charCodeAt(p) >> 5);
+  }
+  ret.push(0);
+  for (p = 0; p < hrp.length; ++p) {
+    ret.push(hrp.charCodeAt(p) & 31);
+  }
+  return ret;
+}
+
+function verifyChecksum(hrp, data) {
+  return polymod(hrpExpand(hrp).concat(data)) === 1;
+}
+
+function Bech32Decode(bechString) {
+  var p;
+  var has_lower = false;
+  var has_upper = false;
+  for (p = 0; p < bechString.length; ++p) {
+    if (bechString.charCodeAt(p) < 33 || bechString.charCodeAt(p) > 126) {
+      return null;
+    }
+    if (bechString.charCodeAt(p) >= 97 && bechString.charCodeAt(p) <= 122) {
+      has_lower = true;
+    }
+    if (bechString.charCodeAt(p) >= 65 && bechString.charCodeAt(p) <= 90) {
+      has_upper = true;
+    }
+  }
+  if (has_lower && has_upper) {
+    return null;
+  }
+  bechString = bechString.toLowerCase();
+  var pos = bechString.lastIndexOf("1");
+  if (pos < 1 || pos + 7 > bechString.length || bechString.length > 90) {
+    return null;
+  }
+  var hrp = bechString.substring(0, pos);
+  var data = [];
+  for (p = pos + 1; p < bechString.length; ++p) {
+    var d = CHARSET.indexOf(bechString.charAt(p));
+    if (d === -1) {
+      return null;
+    }
+    data.push(d);
+  }
+  if (!verifyChecksum(hrp, data)) {
+    return null;
+  }
+  return { hrp, data: data.slice(0, data.length - 6) };
+}

toolkit/modules/moz.build

@@ -155,6 +155,7 @@ EXTRA_JS_MODULES += [
     "ActorManagerParent.jsm",
     "AppMenuNotifications.jsm",
     "AsyncPrefs.jsm",
+    "Bech32Decode.jsm",
     "BinarySearch.jsm",
     "BrowserTelemetryUtils.jsm",
     "BrowserUtils.jsm",

toolkit/torbutton/chrome/locale/en-US/cryptoSafetyPrompt.properties

+# Copyright (c) 2022, The Tor Project, Inc.
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+cryptoSafetyPrompt.cryptoTitle=Cryptocurrency address copied from an insecure website
+# LOCALIZATION NOTE:
+# %1$S is the copied cryptocurrency address.
+# %2$S is the website host.
+cryptoSafetyPrompt.cryptoBody=The copied text (%1$S) appears to be a cryptocurrency address. Since the connection to %2$S is not secure, the address may have been modified and should not be trusted. You can try establishing a secure connection by reconnecting with a new circuit.
+# LOCALIZATION NOTE: %S will be replaced with the cryptocurrency address.
+cryptoSafetyPrompt.cryptoWarning=A cryptocurrency address (%S) has been copied from an insecure website. It could have been modified.
+cryptoSafetyPrompt.whatCanHeading=What can you do about it?
+cryptoSafetyPrompt.whatCanBody=You can try reconnecting with a new circuit to establish a secure connection, or accept the risk and dismiss this warning.
+cryptoSafetyPrompt.learnMore=Learn more
+cryptoSafetyPrompt.primaryAction=Reload Tab with a New Circuit
+cryptoSafetyPrompt.primaryActionAccessKey=R
+cryptoSafetyPrompt.secondaryAction=Dismiss Warning
+cryptoSafetyPrompt.secondaryActionAccessKey=B