[webkit-changes] [WebKit/WebKit] 049cd4: Integrity check for the X25519 JWK import
Javier Fernandez Garcia-Boente
noreply at github.com
Tue Dec 3 03:54:12 PST 2024
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 049cd4cf1bf991a083080743403c1ef8e4d34428
https://github.com/WebKit/WebKit/commit/049cd4cf1bf991a083080743403c1ef8e4d34428
Author: Javier Fernandez <jfernandez at igalia.com>
Date: 2024-12-03 (Tue, 03 Dec 2024)
Changed paths:
M LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/import_export/okp_importKey_failures_X25519.https.any-expected.txt
M LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/import_export/okp_importKey_failures_X25519.https.any.worker-expected.txt
M LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/wrapKey_unwrapKey/wrapKey_unwrapKey.https.any-expected.txt
M LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/wrapKey_unwrapKey/wrapKey_unwrapKey.https.any.worker-expected.txt
M Source/WebCore/crypto/keys/CryptoKeyOKP.cpp
Log Message:
-----------
Integrity check for the X25519 JWK import
https://bugs.webkit.org/show_bug.cgi?id=282578
Reviewed by David Kilzer.
The test case attahced in the bug forces wrapping into a non-extractable
key and the tries to unwrap it into an extractable key. This shouldn't be
allowed, since the JWK import operation perform internally must ensure the
expected value of the 'ext' attribute is the correct one.
This change implements additional integrity checks in the X25518 importKey
operation when it's using the JWK format.
This bug is the root cause of the failure in one of the X25519 test cases
defined in the wrapKey_unwrapKey.https.any.js file of the WPT WebCrypto API
test suite.
Regarding tests, I've added new test cases to the import_key_failures tests
to cover the change in the X25519 JWK import logic. Additionally, this change
also updates the test expectations for this test since it seems it's all PASS
now for all the platforms.
* LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/import_export/okp_importKey_failures_X25519.https.any-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/import_export/okp_importKey_failures_X25519.https.any.worker-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/wrapKey_unwrapKey/wrapKey_unwrapKey.https.any-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/wrapKey_unwrapKey/wrapKey_unwrapKey.https.any.worker-expected.txt:
* Source/WebCore/crypto/keys/CryptoKeyOKP.cpp:
(WebCore::CryptoKeyOKP::importJwk):
Canonical link: https://commits.webkit.org/287273@main
To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications
More information about the webkit-changes
mailing list