Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(ext/crypto): throw on key & op algo mismatch #12838

Merged
merged 6 commits into from Nov 25, 2021
Merged

fix(ext/crypto): throw on key & op algo mismatch #12838

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
e085b05
fix(ext/crypto): throw on key & op algo mismatch
lucacasonato Nov 22, 2021
b36cc7a
fix test
lucacasonato Nov 22, 2021
844a63a
actually fix issue
lucacasonato Nov 22, 2021
5ad6c36
fix
lucacasonato Nov 22, 2021
6ee0592
Merge branch 'main' into some_crypto_fixes
lucacasonato Nov 23, 2021
852a8d4
Apply suggestions from code review
bnoordhuis Nov 25, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
36 changes: 34 additions & 2 deletions ext/crypto/00_crypto.js
View file
Open in desktop
Expand Up @@ -472,6 +472,22 @@
// 3.
const normalizedAlgorithm = normalizeAlgorithm(algorithm, "encrypt");

// 8.
if (normalizedAlgorithm.name !== key[_algorithm].name) {
throw new DOMException(
"Encryption algorithm doesn't match key algorithm.",
"InvalidAccessError",
);
}

// 9.
if (!ArrayPrototypeIncludes(key[_usages], "encrypt")) {
throw new DOMException(
"Key does not support the 'encrypt' operation.",
"InvalidAccessError",
);
}

const handle = key[_handle];
const keyData = WeakMapPrototypeGet(KEY_STORE, handle);

Expand Down Expand Up @@ -590,6 +606,22 @@
// 3.
const normalizedAlgorithm = normalizeAlgorithm(algorithm, "decrypt");

// 8.
if (normalizedAlgorithm.name !== key[_algorithm].name) {
throw new DOMException(
"Decryption algorithm doesn't match key algorithm.",
"OperationError",
);
}

// 9.
if (!ArrayPrototypeIncludes(key[_usages], "decrypt")) {
throw new DOMException(
"Key does not support the 'decrypt' operation.",
"InvalidAccessError",
);
}

const handle = key[_handle];
const keyData = WeakMapPrototypeGet(KEY_STORE, handle);

Expand Down Expand Up @@ -1415,7 +1447,7 @@

// 4-7.
const algorithm = {
name: "AES-CBC",
name: "AES-CTR",
lucacasonato marked this conversation as resolved.
Show resolved Hide resolved
length: keyData.byteLength * 8,
};

Expand Down Expand Up @@ -1471,7 +1503,7 @@

// 4-7.
const algorithm = {
name: "AES-CTR",
name: "AES-CBC",
length: keyData.byteLength * 8,
};

Expand Down
102 changes: 0 additions & 102 deletions tools/wpt/expectation.json
View file
Open in desktop
Expand Up @@ -3090,15 +3090,9 @@
},
"encrypt_decrypt": {
"aes_cbc.https.any.html": [
"AES-CBC 128-bit key without encrypt usage",
"AES-CBC 192-bit key without encrypt usage",
"AES-CBC 256-bit key without encrypt usage",
"AES-CBC 128-bit key with mismatched key and algorithm",
"AES-CBC 192-bit key with mismatched key and algorithm",
"AES-CBC 256-bit key with mismatched key and algorithm",
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These fail because AES-CTR is not implemented.

bnoordhuis marked this conversation as resolved.
Show resolved Hide resolved
"AES-CBC 128-bit key without decrypt usage",
"AES-CBC 192-bit key without decrypt usage",
"AES-CBC 256-bit key without decrypt usage",
"AES-CBC 128-bit key, zeroPadChar",
"AES-CBC 128-bit key, bigPadChar",
"AES-CBC 128-bit key, inconsistentPadChars",
Expand All @@ -3110,15 +3104,9 @@
"AES-CBC 256-bit key, inconsistentPadChars"
],
"aes_cbc.https.any.worker.html": [
"AES-CBC 128-bit key without encrypt usage",
"AES-CBC 192-bit key without encrypt usage",
"AES-CBC 256-bit key without encrypt usage",
"AES-CBC 128-bit key with mismatched key and algorithm",
"AES-CBC 192-bit key with mismatched key and algorithm",
"AES-CBC 256-bit key with mismatched key and algorithm",
bnoordhuis marked this conversation as resolved.
Show resolved Hide resolved
"AES-CBC 128-bit key without decrypt usage",
"AES-CBC 192-bit key without decrypt usage",
"AES-CBC 256-bit key without decrypt usage",
"AES-CBC 128-bit key, zeroPadChar",
"AES-CBC 128-bit key, bigPadChar",
"AES-CBC 128-bit key, inconsistentPadChars",
Expand All @@ -3145,9 +3133,6 @@
"AES-CTR 128-bit key without encrypt usage",
"AES-CTR 192-bit key without encrypt usage",
"AES-CTR 256-bit key without encrypt usage",
"AES-CTR 128-bit key with mismatched key and algorithm",
"AES-CTR 192-bit key with mismatched key and algorithm",
"AES-CTR 256-bit key with mismatched key and algorithm",
"AES-CTR 128-bit key without decrypt usage",
"AES-CTR 192-bit key without decrypt usage",
"AES-CTR 256-bit key without decrypt usage",
Expand Down Expand Up @@ -3180,9 +3165,6 @@
"AES-CTR 128-bit key without encrypt usage",
"AES-CTR 192-bit key without encrypt usage",
"AES-CTR 256-bit key without encrypt usage",
"AES-CTR 128-bit key with mismatched key and algorithm",
"AES-CTR 192-bit key with mismatched key and algorithm",
"AES-CTR 256-bit key with mismatched key and algorithm",
"AES-CTR 128-bit key without decrypt usage",
"AES-CTR 192-bit key without decrypt usage",
"AES-CTR 256-bit key without decrypt usage",
Expand Down Expand Up @@ -3410,48 +3392,6 @@
"AES-GCM 256-bit key, no additional data, 120-bit tag without encrypt usage",
"AES-GCM 256-bit key, 128-bit tag without encrypt usage",
"AES-GCM 256-bit key, no additional data, 128-bit tag without encrypt usage",
"AES-GCM 128-bit key, 32-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, no additional data, 32-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, 64-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, no additional data, 64-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, 96-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, no additional data, 96-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, 104-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, no additional data, 104-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, 112-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, no additional data, 112-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, 120-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, no additional data, 120-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, 128-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, no additional data, 128-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, 32-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, no additional data, 32-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, 64-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, no additional data, 64-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, 96-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, no additional data, 96-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, 104-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, no additional data, 104-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, 112-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, no additional data, 112-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, 120-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, no additional data, 120-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, 128-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, no additional data, 128-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, 32-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, no additional data, 32-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, 64-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, no additional data, 64-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, 96-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, no additional data, 96-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, 104-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, no additional data, 104-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, 112-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, no additional data, 112-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, 120-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, no additional data, 120-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, 128-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, no additional data, 128-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, 32-bit tag without decrypt usage",
"AES-GCM 128-bit key, no additional data, 32-bit tag without decrypt usage",
"AES-GCM 128-bit key, 64-bit tag without decrypt usage",
Expand Down Expand Up @@ -3742,48 +3682,6 @@
"AES-GCM 256-bit key, no additional data, 120-bit tag without encrypt usage",
"AES-GCM 256-bit key, 128-bit tag without encrypt usage",
"AES-GCM 256-bit key, no additional data, 128-bit tag without encrypt usage",
"AES-GCM 128-bit key, 32-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, no additional data, 32-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, 64-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, no additional data, 64-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, 96-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, no additional data, 96-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, 104-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, no additional data, 104-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, 112-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, no additional data, 112-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, 120-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, no additional data, 120-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, 128-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, no additional data, 128-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, 32-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, no additional data, 32-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, 64-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, no additional data, 64-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, 96-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, no additional data, 96-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, 104-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, no additional data, 104-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, 112-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, no additional data, 112-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, 120-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, no additional data, 120-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, 128-bit tag with mismatched key and algorithm",
"AES-GCM 192-bit key, no additional data, 128-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, 32-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, no additional data, 32-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, 64-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, no additional data, 64-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, 96-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, no additional data, 96-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, 104-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, no additional data, 104-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, 112-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, no additional data, 112-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, 120-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, no additional data, 120-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, 128-bit tag with mismatched key and algorithm",
"AES-GCM 256-bit key, no additional data, 128-bit tag with mismatched key and algorithm",
"AES-GCM 128-bit key, 32-bit tag without decrypt usage",
"AES-GCM 128-bit key, no additional data, 32-bit tag without decrypt usage",
"AES-GCM 128-bit key, 64-bit tag without decrypt usage",
Expand Down