RESOLVED FIXED123628
WebCrypto algorithms should check that key algorithm matches
https://bugs.webkit.org/show_bug.cgi?id=123628
Summary WebCrypto algorithms should check that key algorithm matches
Alexey Proskuryakov
Reported 2013-11-01 12:26:07 PDT
We already check usage, but don't check algorithm yet. Key objects should not be usable in violation of their algorithm attribute.
Attachments
proposed patch (57.98 KB, patch)
2013-11-22 15:29 PST, Alexey Proskuryakov
andersca: review+
Alexey Proskuryakov
Comment 1 2013-11-08 11:38:14 PST
At the moment, we only have HMAC and AES-CBC, which use different keys, so this is not an observable issue. But once we add e.g. AES-GCM, an explicit check will be needed to prevent key reuse.
Alexey Proskuryakov
Comment 2 2013-11-22 15:29:01 PST
Created attachment 217721 [details] proposed patch
WebKit Commit Bot
Comment 3 2013-11-22 15:30:12 PST
Attachment 217721 [details] did not pass style-queue: Failed to run "['Tools/Scripts/check-webkit-style', '--diff-files', u'Source/WebCore/ChangeLog', u'Source/WebCore/WebCore.xcodeproj/project.pbxproj', u'Source/WebCore/bindings/js/JSCryptoAlgorithmDictionary.cpp', u'Source/WebCore/bindings/js/JSCryptoKeySerializationJWK.cpp', u'Source/WebCore/crypto/CryptoAlgorithmParameters.h', u'Source/WebCore/crypto/CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp', u'Source/WebCore/crypto/CryptoAlgorithmRegistry.h', u'Source/WebCore/crypto/algorithms/CryptoAlgorithmAES_CBC.cpp', u'Source/WebCore/crypto/algorithms/CryptoAlgorithmAES_CBC.h', u'Source/WebCore/crypto/algorithms/CryptoAlgorithmHMAC.cpp', u'Source/WebCore/crypto/algorithms/CryptoAlgorithmHMAC.h', u'Source/WebCore/crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp', u'Source/WebCore/crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.h', u'Source/WebCore/crypto/mac/CryptoAlgorithmAES_CBCMac.cpp', u'Source/WebCore/crypto/mac/CryptoAlgorithmHMACMac.cpp', u'Source/WebCore/crypto/mac/CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp', u'Source/WebCore/crypto/mac/CryptoAlgorithmRegistryMac.cpp', u'Source/WebCore/crypto/parameters/CryptoAlgorithmRsaKeyParamsWithHash.h', u'Source/WebCore/crypto/parameters/CryptoAlgorithmRsaSsaKeyParams.h']" exit_code: 1 Source/WebCore/crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.h:58: The parameter name "data" adds no information, so it should be removed. [readability/parameter_name] [5] Source/WebCore/crypto/algorithms/CryptoAlgorithmHMAC.h:58: The parameter name "data" adds no information, so it should be removed. [readability/parameter_name] [5] Source/WebCore/crypto/mac/CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp:38: Missing spaces around / [whitespace/operators] [3] Source/WebCore/crypto/mac/CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp:45: enum members should use InterCaps with an initial capital letter. [readability/enum_casing] [4] Source/WebCore/crypto/mac/CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp:50: enum members should use InterCaps with an initial capital letter. [readability/enum_casing] [4] Source/WebCore/crypto/mac/CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp:51: enum members should use InterCaps with an initial capital letter. [readability/enum_casing] [4] Source/WebCore/crypto/mac/CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp:52: enum members should use InterCaps with an initial capital letter. [readability/enum_casing] [4] Source/WebCore/crypto/mac/CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp:53: enum members should use InterCaps with an initial capital letter. [readability/enum_casing] [4] Source/WebCore/crypto/mac/CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp:54: enum members should use InterCaps with an initial capital letter. [readability/enum_casing] [4] Source/WebCore/crypto/mac/CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp:59: enum members should use InterCaps with an initial capital letter. [readability/enum_casing] [4] Source/WebCore/crypto/mac/CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp:91: CryptoAlgorithmRSASSA_PKCS1_v1_5::platformSign is incorrectly named. Don't use underscores in your identifier names. [readability/naming/underscores] [4] Source/WebCore/crypto/mac/CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp:122: CryptoAlgorithmRSASSA_PKCS1_v1_5::platformVerify is incorrectly named. Don't use underscores in your identifier names. [readability/naming/underscores] [4] Source/WebCore/crypto/mac/CryptoAlgorithmAES_CBCMac.cpp:85: CryptoAlgorithmAES_CBC::platformEncrypt is incorrectly named. Don't use underscores in your identifier names. [readability/naming/underscores] [4] Source/WebCore/crypto/mac/CryptoAlgorithmAES_CBCMac.cpp:90: CryptoAlgorithmAES_CBC::platformDecrypt is incorrectly named. Don't use underscores in your identifier names. [readability/naming/underscores] [4] Source/WebCore/crypto/algorithms/CryptoAlgorithmAES_CBC.cpp:59: CryptoAlgorithmAES_CBC::keyAlgorithmMatches is incorrectly named. Don't use underscores in your identifier names. [readability/naming/underscores] [4] Source/WebCore/crypto/algorithms/CryptoAlgorithmAES_CBC.cpp:68: CryptoAlgorithmAES_CBC::encrypt is incorrectly named. Don't use underscores in your identifier names. [readability/naming/underscores] [4] Source/WebCore/crypto/algorithms/CryptoAlgorithmAES_CBC.cpp:80: CryptoAlgorithmAES_CBC::decrypt is incorrectly named. Don't use underscores in your identifier names. [readability/naming/underscores] [4] Source/WebCore/crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp:60: CryptoAlgorithmRSASSA_PKCS1_v1_5::keyAlgorithmMatches is incorrectly named. Don't use underscores in your identifier names. [readability/naming/underscores] [4] Source/WebCore/crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp:73: CryptoAlgorithmRSASSA_PKCS1_v1_5::sign is incorrectly named. Don't use underscores in your identifier names. [readability/naming/underscores] [4] Source/WebCore/crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp:85: CryptoAlgorithmRSASSA_PKCS1_v1_5::verify is incorrectly named. Don't use underscores in your identifier names. [readability/naming/underscores] [4] Total errors found: 20 in 17 files If any of these errors are false positives, please file a bug against check-webkit-style.
Alexey Proskuryakov
Comment 4 2013-11-22 15:41:53 PST
Note You need to log in before you can comment on or make changes to this bug.