Diff
Modified: trunk/LayoutTests/ChangeLog (279722 => 279723)
--- trunk/LayoutTests/ChangeLog 2021-07-08 15:52:51 UTC (rev 279722)
+++ trunk/LayoutTests/ChangeLog 2021-07-08 16:29:15 UTC (rev 279723)
@@ -1,3 +1,15 @@
+2021-07-08 Chris Dumez <[email protected]>
+
+ [WebCrypto] deriveBits() fails if length is not a multiple of 8 for ECDH algorithm
+ https://bugs.webkit.org/show_bug.cgi?id=227796
+
+ Reviewed by Alex Christensen.
+
+ Update existing layout test due to behavior change.
+
+ * crypto/subtle/ecdh-derive-bits-malformed-parametrs-expected.txt:
+ * crypto/subtle/ecdh-derive-bits-malformed-parametrs.html:
+
2021-07-08 Myles C. Maxfield <[email protected]>
[GPU Process] Canvas image rendering can render arbitrary DOM content in the GPU process, which is against policy (for now)
Modified: trunk/LayoutTests/crypto/subtle/ecdh-derive-bits-malformed-parametrs-expected.txt (279722 => 279723)
--- trunk/LayoutTests/crypto/subtle/ecdh-derive-bits-malformed-parametrs-expected.txt 2021-07-08 15:52:51 UTC (rev 279722)
+++ trunk/LayoutTests/crypto/subtle/ecdh-derive-bits-malformed-parametrs-expected.txt 2021-07-08 16:29:15 UTC (rev 279723)
@@ -11,7 +11,6 @@
PASS crypto.subtle.deriveBits({name: "ecdh", public: Symbol()}, privateKey, null) rejected promise with TypeError: Type error.
PASS crypto.subtle.deriveBits({name: "ecdh", public: { }}, privateKey, null) rejected promise with TypeError: Type error.
PASS crypto.subtle.deriveBits({name: "ecdh", public: 1}, privateKey, null) rejected promise with TypeError: Type error.
-PASS crypto.subtle.deriveBits({ name:"ECDH", public:publicKey }, privateKey, 1) rejected promise with OperationError: The operation failed for an operation-specific reason.
PASS crypto.subtle.deriveBits({ name:"ECDH", public:publicKey }, publicKey, null) rejected promise with InvalidAccessError: CryptoKey doesn't support bits derivation.
PASS crypto.subtle.deriveBits({ name:"ECDH", public:privateKey }, privateKey, null) rejected promise with InvalidAccessError: The requested operation is not valid for the provided key.
PASS crypto.subtle.deriveBits({ name:"ECDH", public:fakeKey }, privateKey, null) rejected promise with InvalidAccessError: The requested operation is not valid for the provided key.
Modified: trunk/LayoutTests/crypto/subtle/ecdh-derive-bits-malformed-parametrs.html (279722 => 279723)
--- trunk/LayoutTests/crypto/subtle/ecdh-derive-bits-malformed-parametrs.html 2021-07-08 15:52:51 UTC (rev 279722)
+++ trunk/LayoutTests/crypto/subtle/ecdh-derive-bits-malformed-parametrs.html 2021-07-08 16:29:15 UTC (rev 279723)
@@ -55,8 +55,6 @@
shouldReject('crypto.subtle.deriveBits({name: "ecdh", public: Symbol()}, privateKey, null)');
shouldReject('crypto.subtle.deriveBits({name: "ecdh", public: { }}, privateKey, null)');
shouldReject('crypto.subtle.deriveBits({name: "ecdh", public: 1}, privateKey, null)');
- // Wrong length
- shouldReject('crypto.subtle.deriveBits({ name:"ECDH", public:publicKey }, privateKey, 1)');
// base key is public
shouldReject('crypto.subtle.deriveBits({ name:"ECDH", public:publicKey }, publicKey, null)');
// public key is private
Modified: trunk/LayoutTests/imported/w3c/ChangeLog (279722 => 279723)
--- trunk/LayoutTests/imported/w3c/ChangeLog 2021-07-08 15:52:51 UTC (rev 279722)
+++ trunk/LayoutTests/imported/w3c/ChangeLog 2021-07-08 16:29:15 UTC (rev 279723)
@@ -1,3 +1,15 @@
+2021-07-08 Chris Dumez <[email protected]>
+
+ [WebCrypto] deriveBits() fails if length is not a multiple of 8 for ECDH algorithm
+ https://bugs.webkit.org/show_bug.cgi?id=227796
+
+ Reviewed by Alex Christensen.
+
+ Rebaseline WPT tests now that more checks are passing.
+
+ * web-platform-tests/WebCryptoAPI/derive_bits_keys/ecdh_bits.https.any-expected.txt:
+ * web-platform-tests/WebCryptoAPI/derive_bits_keys/ecdh_bits.https.any.worker-expected.txt:
+
2021-07-08 Myles C. Maxfield <[email protected]>
[GPU Process] Canvas image rendering can render arbitrary DOM content in the GPU process, which is against policy (for now)
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/ecdh_bits.https.any-expected.txt (279722 => 279723)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/ecdh_bits.https.any-expected.txt 2021-07-08 15:52:51 UTC (rev 279722)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/ecdh_bits.https.any-expected.txt 2021-07-08 16:29:15 UTC (rev 279723)
@@ -4,7 +4,7 @@
PASS P-521 mixed case parameters
PASS P-521 with null length
PASS P-521 short result
-FAIL P-521 non-multiple of 8 bits assert_unreached: deriveBits failed with error OperationError: The operation failed for an operation-specific reason Reached unreachable code
+PASS P-521 non-multiple of 8 bits
PASS P-521 missing public curve
PASS P-521 public property of algorithm is not a CryptoKey
PASS P-521 mismatched curves
@@ -18,7 +18,7 @@
PASS P-256 mixed case parameters
PASS P-256 with null length
PASS P-256 short result
-FAIL P-256 non-multiple of 8 bits assert_unreached: deriveBits failed with error OperationError: The operation failed for an operation-specific reason Reached unreachable code
+PASS P-256 non-multiple of 8 bits
PASS P-256 missing public curve
PASS P-256 public property of algorithm is not a CryptoKey
PASS P-256 mismatched curves
@@ -32,7 +32,7 @@
PASS P-384 mixed case parameters
PASS P-384 with null length
PASS P-384 short result
-FAIL P-384 non-multiple of 8 bits assert_unreached: deriveBits failed with error OperationError: The operation failed for an operation-specific reason Reached unreachable code
+PASS P-384 non-multiple of 8 bits
PASS P-384 missing public curve
PASS P-384 public property of algorithm is not a CryptoKey
PASS P-384 mismatched curves
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/ecdh_bits.https.any.worker-expected.txt (279722 => 279723)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/ecdh_bits.https.any.worker-expected.txt 2021-07-08 15:52:51 UTC (rev 279722)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/ecdh_bits.https.any.worker-expected.txt 2021-07-08 16:29:15 UTC (rev 279723)
@@ -4,7 +4,7 @@
PASS P-521 mixed case parameters
PASS P-521 with null length
PASS P-521 short result
-FAIL P-521 non-multiple of 8 bits assert_unreached: deriveBits failed with error OperationError: The operation failed for an operation-specific reason Reached unreachable code
+PASS P-521 non-multiple of 8 bits
PASS P-521 missing public curve
PASS P-521 public property of algorithm is not a CryptoKey
PASS P-521 mismatched curves
@@ -18,7 +18,7 @@
PASS P-256 mixed case parameters
PASS P-256 with null length
PASS P-256 short result
-FAIL P-256 non-multiple of 8 bits assert_unreached: deriveBits failed with error OperationError: The operation failed for an operation-specific reason Reached unreachable code
+PASS P-256 non-multiple of 8 bits
PASS P-256 missing public curve
PASS P-256 public property of algorithm is not a CryptoKey
PASS P-256 mismatched curves
@@ -32,7 +32,7 @@
PASS P-384 mixed case parameters
PASS P-384 with null length
PASS P-384 short result
-FAIL P-384 non-multiple of 8 bits assert_unreached: deriveBits failed with error OperationError: The operation failed for an operation-specific reason Reached unreachable code
+PASS P-384 non-multiple of 8 bits
PASS P-384 missing public curve
PASS P-384 public property of algorithm is not a CryptoKey
PASS P-384 mismatched curves
Modified: trunk/Source/WebCore/ChangeLog (279722 => 279723)
--- trunk/Source/WebCore/ChangeLog 2021-07-08 15:52:51 UTC (rev 279722)
+++ trunk/Source/WebCore/ChangeLog 2021-07-08 16:29:15 UTC (rev 279723)
@@ -1,3 +1,18 @@
+2021-07-08 Chris Dumez <[email protected]>
+
+ [WebCrypto] deriveBits() fails if length is not a multiple of 8 for ECDH algorithm
+ https://bugs.webkit.org/show_bug.cgi?id=227796
+
+ Reviewed by Alex Christensen.
+
+ deriveBits() fails if length is not a multiple of 8 for ECDH algorithm. This doesn't match
+ the specification or the behavior of Chrome.
+
+ No new tests, rebaselined existing tests.
+
+ * crypto/algorithms/CryptoAlgorithmECDH.cpp:
+ (WebCore::CryptoAlgorithmECDH::deriveBits):
+
2021-07-08 Myles C. Maxfield <[email protected]>
[GPU Process] Canvas image rendering can render arbitrary DOM content in the GPU process, which is against policy (for now)
Modified: trunk/Source/WebCore/crypto/algorithms/CryptoAlgorithmECDH.cpp (279722 => 279723)
--- trunk/Source/WebCore/crypto/algorithms/CryptoAlgorithmECDH.cpp 2021-07-08 15:52:51 UTC (rev 279722)
+++ trunk/Source/WebCore/crypto/algorithms/CryptoAlgorithmECDH.cpp 2021-07-08 16:29:15 UTC (rev 279723)
@@ -68,12 +68,6 @@
void CryptoAlgorithmECDH::deriveBits(const CryptoAlgorithmParameters& parameters, Ref<CryptoKey>&& baseKey, size_t length, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue)
{
- // We only accept length that is a multiple of 8.
- if (length % 8) {
- exceptionCallback(OperationError);
- return;
- }
-
auto& ecParameters = downcast<CryptoAlgorithmEcdhKeyDeriveParams>(parameters);
if (baseKey->type() != CryptoKey::Type::Private) {
@@ -105,11 +99,12 @@
callback(WTFMove(*derivedKey));
return;
}
- if (length / 8 > (*derivedKey).size()) {
+ auto lengthInBytes = std::ceil(length / 8.);
+ if (lengthInBytes > (*derivedKey).size()) {
exceptionCallback(OperationError);
return;
}
- (*derivedKey).shrink(length / 8);
+ (*derivedKey).shrink(lengthInBytes);
callback(WTFMove(*derivedKey));
};
