Skip to content

Properly handle Lox key rotations

onyinyang requested to merge onyinyang/tor-browser:tor-browser-128.1.0esr-14.0-1 into tor-browser-128.2.0esr-14.0-1

Merge Info

Related Issues

  • #42502
  • tor-browser-build#TBD (commit hashes for wasm-bindgen and lox-wasm were updated to generate the files included here)

Backporting

Timeline

  • Immediate: patchset needed as soon as possible
  • Next Minor Stable Release: patchset that needs to be verified in nightly before backport
  • Eventually: patchset that needs to be verified in alpha before backport
  • No Backport (preferred): patchset for the next major stable

(Optional) Justification

  • Emergency security update: patchset fixes CVEs, 0-days, etc
  • Censorship event: patchset enables censorship circumvention
  • Critical bug-fix: patchset fixes a bug in core-functionality
  • Consistency: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
  • Sponsor required: patchset required for sponsor
  • Localization: typos and other localization changes that should be also in the release branch
  • Other: Critical for long-term Lox functionality, but Lox is not yet in widespread use.

Merging

  • Merge to tor-browser - !fixups to tor-browser-specific commits, new features, security backports
  • Merge to base-browser - !fixups to base-browser-specific commits, new features to be shared with mullvad-browser, and security backports
    • NOTE: if your changeset includes patches to both base-browser and tor-browser please clearly label in the change description which commits should be cherry-picked to base-browser after merging

Issue Tracking

Review

Request Reviewer

  • Request review from an applications developer depending on modified system:
    • NOTE: if the MR modifies multiple areas, please /cc all the relevant reviewers (since gitlab only allows 1 reviewer)
    • accessibility : henry
    • android : clairehurst, dan
    • build system : boklm
    • extensions : ma1
    • firefox internals (XUL/JS/XPCOM) : jwilde, ma1
    • fonts : pierov
    • frontend (implementation) : henry
    • frontend (review) : donuts, richard
    • localization : henry, pierov
    • macOS : clairehurst, dan
    • nightly builds : boklm
    • rebases/release-prep : dan, ma1, pierov, richard
    • security : jwilde, ma1
    • signing : boklm, richard
    • updater : pierov
    • windows : jwilde, richard
    • misc/other : pierov, richard /cc @henry @pierov

Change Description

This change updates the generated wasm files that Lox uses and the Lox module to enable proper handling of Lox key rotations. This was discussed in #42502 and lox!183

How Tested

I first generated the lox_wasm.jsm and lox_wasm_bg.wasm files by updating commit hashes in tor-browser-build. I was unable to build Tor browser locally from source, so downloaded a Tor browser release tarball and updated these files in the omni.ja zip, then made sure I could run Tor browser locally with these changes and that the Lox module successfully loads with the updated files. I then proceeded to update the Lox.sys.mjs file and made sure that the Lox module ran with the browser. However, I'm not exactly sure how to test that the correct functionality was achieved (namely that keys were fetched as expected).

Merge request reports