[webkit-changes] [WebKit/WebKit] e3c704: Implement Zeros check for X25519 output

[Commit Queue]

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: e3c7046e8e5ab56778c717a6d3cfee571fc9d1ec
      https://github.com/WebKit/WebKit/commit/e3c7046e8e5ab56778c717a6d3cfee571fc9d1ec
  Author: Nitin Mahendru <nitinmahendru at apple.com>
  Date:   2024-09-23 (Mon, 23 Sep 2024)

  Changed paths:
    M LayoutTests/platform/glib/TestExpectations
    M LayoutTests/platform/mac-wk1/TestExpectations
    M Source/WTF/wtf/PlatformHave.h
    M Source/WebCore/crypto/algorithms/CryptoAlgorithmX25519.cpp

  Log Message:
  -----------
  Implement Zeros check for X25519 output
https://bugs.webkit.org/show_bug.cgi?id=276371
rdar://131848801

Reviewed by Alex Christensen.

Check for all zero key and reject it.
The why is explained below:
https://datatracker.ietf.org/doc/html/rfc7748#section-6.1

This should make the below tests pass:
LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/cfrg_curves_bits.https.any-expected.txt
LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/cfrg_curves_bits.https.any.worker-expected.txt
LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/cfrg_curves_keys.https.any-expected.txt
LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/cfrg_curves_keys.https.any.worker-expected.txt

* LayoutTests/platform/mac-wk1/TestExpectations:
* Source/WTF/wtf/PlatformHave.h:
* Source/WebCore/crypto/algorithms/CryptoAlgorithmX25519.cpp:
(WebCore::CryptoAlgorithmX25519::deriveBits):

Canonical link: https://commits.webkit.org/284127@main



To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications