[webkit-reviews] review denied: [Bug 207238] [WebCrypto][CommonCrypto] Incorrect AES-CTR with counterLength longer than 64 : [Attachment 390229] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Feb 11 13:45:44 PST 2020
Jiewen Tan <jiewen_tan at apple.com> has denied Yoshiaki Jitsukawa
<yoshiaki.jitsukawa at sony.com>'s request for review:
Bug 207238: [WebCrypto][CommonCrypto] Incorrect AES-CTR with counterLength
longer than 64
https://bugs.webkit.org/show_bug.cgi?id=207238
Attachment 390229: Patch
https://bugs.webkit.org/attachment.cgi?id=390229&action=review
--- Comment #11 from Jiewen Tan <jiewen_tan at apple.com> ---
Comment on attachment 390229
--> https://bugs.webkit.org/attachment.cgi?id=390229
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=390229&action=review
Overall, the patch looks good to me. Please address some of my comments.
> Source/WebCore/crypto/CryptoAlgorithmCounterBlockHelper.h:1
> +/*
Why don't you have a .cpp file?
> Source/WebCore/crypto/CryptoAlgorithmCounterBlockHelper.h:35
> +template <size_t BlockSize = 16> // Counter block size in bytes.
Any reasons that the BlockSize is not fixed to 16 bytes?
> Source/WebCore/crypto/CryptoAlgorithmCounterBlockHelper.h:36
> +class CryptoAlgorithmCounterBlockHelper {
Could it be more specific about AES-CTR? I guess no other algorithms need this.
> Source/WebCore/crypto/CryptoAlgorithmCounterBlockHelper.h:76
> + for (size_t i = 0; i < sizeof(size_t); i++) {
It is unfortunate that there is no helpers in bitset to get value out.
> Source/WebCore/crypto/CryptoAlgorithmCounterBlockHelper.h:101
> + for (int j = 0; j < 8; j++) {
It looks like that you reverse the endian of the byte? You can use
for (size_t j = 7; j >= 0; j--)
to keep the endian same.
> Source/WebCore/crypto/CryptoAlgorithmCounterBlockHelper.h:102
> + bits.set(i * 8 + j, byte & 0x01); // Test the LSB and set it to
the bit.
This is why I dislike bitset. It is very tedious to manipulate the value and it
is not efficient to do that as well. I guess there are no better options if you
have dealt with counter size larger then size of size_t. The efficiency is
probably no issues here comparing to the bundled decryption/encryption
operations.
> Source/WebCore/crypto/CryptoAlgorithmCounterBlockHelper.h:110
> + for (int j = 0; j < 8; j++) {
Ditto.
More information about the webkit-reviews
mailing list