[webkit-changes] [279742] trunk

Thu, 08 Jul 2021 12:27:48 -0700

Title: [279742] trunk
Revision
279742
Author
[email protected]
Date
2021-07-08 12:26:52 -0700 (Thu, 08 Jul 2021)

Log Message

[OpenSSL] Implement HKDF and PBKDF2 support
https://bugs.webkit.org/show_bug.cgi?id=227656

Reviewed by Fujii Hironori.

Source/WebCore:

* crypto/openssl/CryptoAlgorithmHKDFOpenSSL.cpp:
(WebCore::CryptoAlgorithmHKDF::platformDeriveBits): Implemented with HKDF().
* crypto/openssl/CryptoAlgorithmPBKDF2OpenSSL.cpp:
(WebCore::CryptoAlgorithmPBKDF2::platformDeriveBits):
* crypto/openssl/CryptoAlgorithmRegistryOpenSSL.cpp: Implemented with PKCS5_PBKDF2_HMAC().
(WebCore::CryptoAlgorithmRegistry::platformRegisterAlgorithms): Register HKDF and PBKDF2.

LayoutTests:

Enable HKDF and PBKDF2 tests.

* platform/wincairo/TestExpectations:

Modified Paths

Diff

Modified: trunk/LayoutTests/ChangeLog (279741 => 279742)


--- trunk/LayoutTests/ChangeLog	2021-07-08 19:11:05 UTC (rev 279741)
+++ trunk/LayoutTests/ChangeLog	2021-07-08 19:26:52 UTC (rev 279742)
@@ -1,3 +1,14 @@
+2021-07-08  Yoshiaki Jitsukawa  <[email protected]>
+
+        [OpenSSL] Implement HKDF and PBKDF2 support
+        https://bugs.webkit.org/show_bug.cgi?id=227656
+
+        Reviewed by Fujii Hironori.
+
+        Enable HKDF and PBKDF2 tests.
+
+        * platform/wincairo/TestExpectations:
+
 2021-07-08  Myles C. Maxfield  <[email protected]>
 
         [GPU Process] Temporarily disable drawing large PDFs in display list drawing

Modified: trunk/LayoutTests/platform/wincairo/TestExpectations (279741 => 279742)


--- trunk/LayoutTests/platform/wincairo/TestExpectations	2021-07-08 19:11:05 UTC (rev 279741)
+++ trunk/LayoutTests/platform/wincairo/TestExpectations	2021-07-08 19:26:52 UTC (rev 279742)
@@ -760,21 +760,6 @@
 crypto/subtle/rsa-pss-import-spki-key.html [ Pass ]
 crypto/subtle/rsa-pss-import-spki-key-empty-usages.html [ Pass ]
 
-# HKDF and PBKDF2 are not yet supported.
-crypto/subtle/ecdh-import-key-derive-hkdf-key.html [ Skip ]
-crypto/subtle/ecdh-import-key-derive-pbkdf2-key.html [ Skip ]
-crypto/subtle/hkdf-derive-bits-length-limits.html [ Skip ]
-crypto/subtle/hkdf-derive-bits-malformed-parametrs.html [ Skip ]
-crypto/subtle/hkdf-import-key.html [ Skip ]
-crypto/subtle/hkdf-import-key-derive-bits.html [ Skip ]
-crypto/subtle/hkdf-import-key-derive-hmac-key.html [ Skip ]
-crypto/subtle/hkdf-import-key-malformed-parameters.html [ Skip ]
-crypto/subtle/pbkdf2-derive-bits-malformed-parametrs.html [ Skip ]
-crypto/subtle/pbkdf2-import-key.html [ Skip ]
-crypto/subtle/pbkdf2-import-key-derive-bits.html [ Skip ]
-crypto/subtle/pbkdf2-import-key-derive-hmac-key.html [ Skip ]
-crypto/subtle/pbkdf2-import-key-malformed-parameters.html [ Skip ]
-
 # Large salt should be supported.
 crypto/subtle/rsa-pss-import-key-sign-large-salt.html [ Failure ]

Modified: trunk/Source/WebCore/ChangeLog (279741 => 279742)


--- trunk/Source/WebCore/ChangeLog	2021-07-08 19:11:05 UTC (rev 279741)
+++ trunk/Source/WebCore/ChangeLog	2021-07-08 19:26:52 UTC (rev 279742)
@@ -1,3 +1,17 @@
+2021-07-08  Yoshiaki Jitsukawa  <[email protected]>
+
+        [OpenSSL] Implement HKDF and PBKDF2 support
+        https://bugs.webkit.org/show_bug.cgi?id=227656
+
+        Reviewed by Fujii Hironori.
+
+        * crypto/openssl/CryptoAlgorithmHKDFOpenSSL.cpp:
+        (WebCore::CryptoAlgorithmHKDF::platformDeriveBits): Implemented with HKDF().
+        * crypto/openssl/CryptoAlgorithmPBKDF2OpenSSL.cpp:
+        (WebCore::CryptoAlgorithmPBKDF2::platformDeriveBits):
+        * crypto/openssl/CryptoAlgorithmRegistryOpenSSL.cpp: Implemented with PKCS5_PBKDF2_HMAC().
+        (WebCore::CryptoAlgorithmRegistry::platformRegisterAlgorithms): Register HKDF and PBKDF2.
+
 2021-07-08  Myles C. Maxfield  <[email protected]>
 
         [GPU Process] Draw PDFs using an intermediate ImageBuffer when using the GPU process

Modified: trunk/Source/WebCore/crypto/openssl/CryptoAlgorithmHKDFOpenSSL.cpp (279741 => 279742)


--- trunk/Source/WebCore/crypto/openssl/CryptoAlgorithmHKDFOpenSSL.cpp	2021-07-08 19:11:05 UTC (rev 279741)
+++ trunk/Source/WebCore/crypto/openssl/CryptoAlgorithmHKDFOpenSSL.cpp	2021-07-08 19:26:52 UTC (rev 279742)
@@ -29,15 +29,23 @@
 #if ENABLE(WEB_CRYPTO)
 
 #include "CryptoAlgorithmHkdfParams.h"
-#include "CryptoKeyEC.h"
-#include "NotImplemented.h"
+#include "CryptoKeyRaw.h"
+#include "OpenSSLUtilities.h"
+#include <openssl/hkdf.h>
 
 namespace WebCore {
 
-ExceptionOr<Vector<uint8_t>> CryptoAlgorithmHKDF::platformDeriveBits(const CryptoAlgorithmHkdfParams&, const CryptoKeyRaw&, size_t)
+ExceptionOr<Vector<uint8_t>> CryptoAlgorithmHKDF::platformDeriveBits(const CryptoAlgorithmHkdfParams& parameters, const CryptoKeyRaw& key, size_t length)
 {
-    notImplemented();
-    return Exception { NotSupportedError };
+    auto algorithm = digestAlgorithm(parameters.hashIdentifier);
+    if (!algorithm)
+        return Exception { NotSupportedError };
+
+    Vector<uint8_t> output(length / 8);
+    if (HKDF(output.data(), output.size(), algorithm, key.key().data(), key.key().size(), parameters.saltVector().data(), parameters.saltVector().size(), parameters.infoVector().data(), parameters.infoVector().size()) <= 0)
+        return Exception { OperationError };
+
+    return output;
 }
 
 } // namespace WebCore

Modified: trunk/Source/WebCore/crypto/openssl/CryptoAlgorithmPBKDF2OpenSSL.cpp (279741 => 279742)


--- trunk/Source/WebCore/crypto/openssl/CryptoAlgorithmPBKDF2OpenSSL.cpp	2021-07-08 19:11:05 UTC (rev 279741)
+++ trunk/Source/WebCore/crypto/openssl/CryptoAlgorithmPBKDF2OpenSSL.cpp	2021-07-08 19:26:52 UTC (rev 279742)
@@ -30,14 +30,26 @@
 
 #include "CryptoAlgorithmPbkdf2Params.h"
 #include "CryptoKeyRaw.h"
-#include "NotImplemented.h"
+#include "OpenSSLUtilities.h"
+#include <openssl/evp.h>
 
 namespace WebCore {
 
-ExceptionOr<Vector<uint8_t>> CryptoAlgorithmPBKDF2::platformDeriveBits(const CryptoAlgorithmPbkdf2Params&, const CryptoKeyRaw&, size_t)
+ExceptionOr<Vector<uint8_t>> CryptoAlgorithmPBKDF2::platformDeriveBits(const CryptoAlgorithmPbkdf2Params& parameters, const CryptoKeyRaw& key, size_t length)
 {
-    notImplemented();
-    return Exception { NotSupportedError };
+    auto algorithm = digestAlgorithm(parameters.hashIdentifier);
+    if (!algorithm)
+        return Exception { NotSupportedError };
+
+    // iterations must not be zero.
+    if (!parameters.iterations)
+        return Exception { OperationError };
+
+    Vector<uint8_t> output(length / 8);
+    if (PKCS5_PBKDF2_HMAC(reinterpret_cast<const char*>(key.key().data()), key.key().size(), parameters.saltVector().data(), parameters.saltVector().size(), parameters.iterations, algorithm, output.size(), output.data()) <= 0)
+        return Exception { OperationError };
+
+    return output;
 }
 
 } // namespace WebCore

Modified: trunk/Source/WebCore/crypto/openssl/CryptoAlgorithmRegistryOpenSSL.cpp (279741 => 279742)


--- trunk/Source/WebCore/crypto/openssl/CryptoAlgorithmRegistryOpenSSL.cpp	2021-07-08 19:11:05 UTC (rev 279741)
+++ trunk/Source/WebCore/crypto/openssl/CryptoAlgorithmRegistryOpenSSL.cpp	2021-07-08 19:26:52 UTC (rev 279742)
@@ -35,7 +35,9 @@
 #include "CryptoAlgorithmAES_KW.h"
 #include "CryptoAlgorithmECDH.h"
 #include "CryptoAlgorithmECDSA.h"
+#include "CryptoAlgorithmHKDF.h"
 #include "CryptoAlgorithmHMAC.h"
+#include "CryptoAlgorithmPBKDF2.h"
 #include "CryptoAlgorithmRSAES_PKCS1_v1_5.h"
 #include "CryptoAlgorithmRSASSA_PKCS1_v1_5.h"
 #include "CryptoAlgorithmRSA_OAEP.h"
@@ -57,7 +59,9 @@
     registerAlgorithm<CryptoAlgorithmAES_KW>();
     registerAlgorithm<CryptoAlgorithmECDH>();
     registerAlgorithm<CryptoAlgorithmECDSA>();
+    registerAlgorithm<CryptoAlgorithmHKDF>();
     registerAlgorithm<CryptoAlgorithmHMAC>();
+    registerAlgorithm<CryptoAlgorithmPBKDF2>();
     registerAlgorithm<CryptoAlgorithmRSAES_PKCS1_v1_5>();
     registerAlgorithm<CryptoAlgorithmRSASSA_PKCS1_v1_5>();
     registerAlgorithm<CryptoAlgorithmRSA_OAEP>();

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to