Bug 1817756 - Add a seed to the network ID. r=valentin,necko-reviewers

This helps to prevent linkability of users in the same network. Differential Revision: https://phabricator.services.mozilla.com/D170373

Bug 1817756 - Add a seed to the network ID. r=valentin,necko-reviewers
8d444ef4 · Pier Angelo Vendrame · 30970659 · 8d444ef4 · 8d444ef4 · 8d444ef4
Verified Commit 8d444ef4 authored 2 years ago by Pier Angelo Vendrame
--- a/netwerk/system/LinkServiceCommon.cpp
+++ b/netwerk/system/LinkServiceCommon.cpp
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "LinkServiceCommon.h"
+
+#include "mozilla/Maybe.h"
+#include "mozilla/SHA1.h"
+#include "mozilla/TimeStamp.h"
+#include "nsID.h"
+
+using namespace mozilla;
+
+void SeedNetworkId(SHA1Sum& aSha1) {
+  static Maybe<nsID> seed = ([]() {
+    Maybe<nsID> uuid(std::in_place);
+    if (NS_FAILED(nsID::GenerateUUIDInPlace(*uuid))) {
+      uuid.reset();
+    }
+    return uuid;
+  })();
+  if (seed) {
+    aSha1.update(seed.ptr(), sizeof(*seed));
+  } else {
+    TimeStamp timestamp = TimeStamp::ProcessCreation();
+    aSha1.update(&timestamp, sizeof(timestamp));
+  }
+}
--- a/netwerk/system/LinkServiceCommon.h
+++ b/netwerk/system/LinkServiceCommon.h
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef LINK_SERVICE_COMMON_H_
+#define LINK_SERVICE_COMMON_H_
+
+namespace mozilla {
+class SHA1Sum;
+}
+
+// Add a seed to the computed network ID to prevent user linkability.
+void SeedNetworkId(mozilla::SHA1Sum& aSha1);
+
+#endif  // LINK_SERVICE_COMMON_H_
--- a/netwerk/system/mac/nsNetworkLinkService.mm
+++ b/netwerk/system/mac/nsNetworkLinkService.mm
@@ -35,6 +35,7 @@
 #include "mozilla/Telemetry.h"
 #include "nsNetworkLinkService.h"
 #include "../../base/IPv6Utils.h"
+#include "../LinkServiceCommon.h"
 #include "../NetworkLinkServiceDefines.h"

 #import <Cocoa/Cocoa.h>
@@ -600,11 +601,8 @@ void nsNetworkLinkService::calculateNetworkIdInternal(void) {
  bool found6 = IPv6NetworkId(&sha1);

  if (found4 || found6) {
-    // This 'addition' could potentially be a fixed number from the
-    // profile or something.
-    nsAutoCString addition("local-rubbish");
    nsAutoCString output;
-    sha1.update(addition.get(), addition.Length());
+    SeedNetworkId(sha1);
    uint8_t digest[SHA1Sum::kHashSize];
    sha1.finish(digest);
    nsAutoCString newString(reinterpret_cast<char*>(digest), SHA1Sum::kHashSize);

--- a/netwerk/system/moz.build
+++ b/netwerk/system/moz.build
@@ -15,3 +15,9 @@ if CONFIG["MOZ_WIDGET_TOOLKIT"] == "android":

 elif CONFIG["OS_ARCH"] == "Linux":
    DIRS += ["linux", "netlink"]
+
+SOURCES += [
+    "LinkServiceCommon.cpp",
+]
+
+FINAL_LIBRARY = "xul"
--- a/netwerk/system/netlink/NetlinkService.cpp
+++ b/netwerk/system/netlink/NetlinkService.cpp
@@ -18,6 +18,7 @@
 #include "nsPrintfCString.h"
 #include "mozilla/Logging.h"
 #include "../../base/IPv6Utils.h"
+#include "../LinkServiceCommon.h"
 #include "../NetworkLinkServiceDefines.h"

 #include "mozilla/Base64.h"
@@ -1812,11 +1813,8 @@ void NetlinkService::CalculateNetworkID() {
  bool found6 = CalculateIDForFamily(AF_INET6, &sha1);

  if (found4 || found6) {
-    // This 'addition' could potentially be a fixed number from the
-    // profile or something.
-    nsAutoCString addition("local-rubbish");
    nsAutoCString output;
-    sha1.update(addition.get(), addition.Length());
+    SeedNetworkId(sha1);
    uint8_t digest[SHA1Sum::kHashSize];
    sha1.finish(digest);
    nsAutoCString newString(reinterpret_cast<char*>(digest),

--- a/netwerk/system/win32/nsNotifyAddrListener.cpp
+++ b/netwerk/system/win32/nsNotifyAddrListener.cpp
@@ -45,6 +45,7 @@
 #include "mozilla/Base64.h"
 #include "mozilla/ScopeExit.h"
 #include "mozilla/Telemetry.h"
+#include "../LinkServiceCommon.h"
 #include <iptypes.h>
 #include <iphlpapi.h>

@@ -248,7 +249,7 @@ void nsNotifyAddrListener::calculateNetworkId(void) {
  nsAutoCString output;
  SHA1Sum::Hash digest;
  HashSortedNetworkIds(nwGUIDS, sha1);
-
+  SeedNetworkId(sha1);
  sha1.finish(digest);
  nsCString newString(reinterpret_cast<char*>(digest), SHA1Sum::kHashSize);
  nsresult rv = Base64Encode(newString, output);