Skip to content

LibWeb: HMAC and spec fixes #3092

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
awesomekling merged 3 commits into from
Jan 2, 2025
Merged

LibWeb: HMAC and spec fixes #3092

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
664dc05
LibWeb: Remove spec error comments for RSAOAEP
devgianlu Dec 31, 2024
879ce88
LibWeb: Set algorithm length for HMAC key generation
devgianlu Dec 26, 2024
2a1e02b
LibWeb: Use correct default key size for HMAC
devgianlu Dec 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 16 additions & 15 deletions Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -986,12 +986,10 @@ WebIDL::ExceptionOr<GC::Ref<CryptoKey>> RSAOAEP::import_key(Web::Crypto::Algorit
if (!meets_requirements)
return WebIDL::DataError::create(m_realm, "Invalid JWK private key"_string);

// FIXME: Spec error, it should say 'the RSA private key identified by interpreting jwk according to section 6.3.2'
// 2. Let privateKey represent the RSA public key identified by interpreting jwk according to Section 6.3.1 of JSON Web Algorithms [JWA].
// 2. Let privateKey represent the RSA private key identified by interpreting jwk according to Section 6.3.2 of JSON Web Algorithms [JWA].
auto private_key = TRY(parse_jwk_rsa_private_key(realm, jwk));

// FIXME: Spec error, it should say 'not to be a valid RSA private key'
// 3. If privateKey can be determined to not be a valid RSA public key according to [RFC3447], then throw a DataError.
// 3. If privateKey can be determined to not be a valid RSA private key according to [RFC3447], then throw a DataError.
// FIXME: Validate the private key

// 4. Let key be a new CryptoKey representing privateKey.
Expand Down Expand Up @@ -6113,13 +6111,13 @@ static WebIDL::ExceptionOr<WebIDL::UnsignedLong> hmac_hash_block_size(JS::Realm&
{
auto hash_name = TRY(hash.name(realm.vm()));
if (hash_name == "SHA-1")
return ::Crypto::Hash::SHA1::digest_size();
return ::Crypto::Hash::SHA1::block_size();
if (hash_name == "SHA-256")
return ::Crypto::Hash::SHA256::digest_size();
return ::Crypto::Hash::SHA256::block_size();
if (hash_name == "SHA-384")
return ::Crypto::Hash::SHA384::digest_size();
return ::Crypto::Hash::SHA384::block_size();
if (hash_name == "SHA-512")
return ::Crypto::Hash::SHA512::digest_size();
return ::Crypto::Hash::SHA512::block_size();
return WebIDL::NotSupportedError::create(realm, MUST(String::formatted("Invalid hash function '{}'", hash_name)));
}

Expand Down Expand Up @@ -6168,7 +6166,7 @@ WebIDL::ExceptionOr<Variant<GC::Ref<CryptoKey>, GC::Ref<CryptoKeyPair>>> HMAC::g
if (!normalized_algorithm.length.has_value()) {
// Let length be the block size in bits of the hash function identified by the hash member
// of normalizedAlgorithm.
length = TRY(hmac_hash_block_size(m_realm, normalized_algorithm.hash));
length = TRY(hmac_hash_block_size(m_realm, normalized_algorithm.hash)) * 8;
}

// Otherwise, if the length member of normalizedAlgorithm is non-zero:
Expand Down Expand Up @@ -6207,19 +6205,22 @@ WebIDL::ExceptionOr<Variant<GC::Ref<CryptoKey>, GC::Ref<CryptoKeyPair>>> HMAC::g
// 10. Set the hash attribute of algorithm to hash.
algorithm->set_hash(hash);

// 11. Set the [[type]] internal slot of key to "secret".
// 11. Set the length attribute of algorithm to length.
algorithm->set_length(length);

// 12. Set the [[type]] internal slot of key to "secret".
key->set_type(Bindings::KeyType::Secret);

// 12. Set the [[algorithm]] internal slot of key to algorithm.
// 13. Set the [[algorithm]] internal slot of key to algorithm.
key->set_algorithm(algorithm);

// 13. Set the [[extractable]] internal slot of key to be extractable.
// 14. Set the [[extractable]] internal slot of key to be extractable.
key->set_extractable(extractable);

// 14. Set the [[usages]] internal slot of key to be usages.
// 15. Set the [[usages]] internal slot of key to be usages.
key->set_usages(usages);

// 15. Return key.
// 16. Return key.
return Variant<GC::Ref<CryptoKey>, GC::Ref<CryptoKeyPair>> { key };
}

Expand Down Expand Up @@ -6487,7 +6488,7 @@ WebIDL::ExceptionOr<JS::Value> HMAC::get_key_length(AlgorithmParams const& param
if (!normalized_derived_key_algorithm.length.has_value()) {
// Let length be the block size in bits of the hash function identified by the hash member of
// normalizedDerivedKeyAlgorithm.
length = TRY(hmac_hash_block_size(m_realm, normalized_derived_key_algorithm.hash));
length = TRY(hmac_hash_block_size(m_realm, normalized_derived_key_algorithm.hash)) * 8;
}

// Otherwise, if the length member of normalizedDerivedKeyAlgorithm is non-zero:
Expand Down
Loading
Loading