[webkit-changes] [WebKit/WebKit] 0b4603: The ECDH and X25519 deriveBits returns an empty st...

Fri, 18 Oct 2024 01:04:55 -0700 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 0b46039641c2700f55501d4121d825aa86f22b98
      
https://github.com/WebKit/WebKit/commit/0b46039641c2700f55501d4121d825aa86f22b98
  Author: Javier Fernandez <[email protected]>
  Date:   2024-10-18 (Fri, 18 Oct 2024)

  Changed paths:
    M LayoutTests/crypto/subtle/ecdh-derive-bits-length-limits-expected.txt
    M LayoutTests/crypto/subtle/ecdh-derive-bits-length-limits.html
    M 
LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/derived_bits_length.https.any-expected.txt
    M 
LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/derived_bits_length.https.any.worker-expected.txt
    M Source/WebCore/crypto/algorithms/CryptoAlgorithmECDH.cpp
    M Source/WebCore/crypto/algorithms/CryptoAlgorithmX25519.cpp

  Log Message:
  -----------
  The ECDH and X25519 deriveBits returns an empty string when 'length' is 0
https://bugs.webkit.org/show_bug.cgi?id=276916

Reviewed by Matthew Finkel.

The WebCrypto API spec's draft states that the ECDH's deriveBits should
handle a zero length as any regular number, only throwing an exception
in case of 'null'. The same is stated in the Secure Curves specification
draft for the X25519 algorithm.

We were not supporting 'null' value before, but since r281240 the 'length'
parameter is defined as optional, with 'null' as default value. Hence
in case of a zero length the derived bits are truncated so that the
operation returns an empty string.

* LayoutTests/crypto/subtle/ecdh-derive-bits-length-limits-expected.txt:
* LayoutTests/crypto/subtle/ecdh-derive-bits-length-limits.html:
* 
LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/derived_bits_length.https.any-expected.txt:
* 
LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/derived_bits_length.https.any.worker-expected.txt:
* Source/WebCore/crypto/algorithms/CryptoAlgorithmECDH.cpp:
(WebCore::CryptoAlgorithmECDH::deriveBits):
* Source/WebCore/crypto/algorithms/CryptoAlgorithmX25519.cpp:
(WebCore::CryptoAlgorithmX25519::deriveBits):

Canonical link: https://commits.webkit.org/285383@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to