[webkit-reviews] review granted: [Bug 229443] WebCrypto uses deprecated CCKeyDerivationHMac : [Attachment 436291] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Aug 24 11:21:04 PDT 2021
Brent Fulgham <bfulgham at webkit.org> has granted Kate Cheney
<katherine_cheney at apple.com>'s request for review:
Bug 229443: WebCrypto uses deprecated CCKeyDerivationHMac
https://bugs.webkit.org/show_bug.cgi?id=229443
Attachment 436291: Patch
https://bugs.webkit.org/attachment.cgi?id=436291&action=review
--- Comment #4 from Brent Fulgham <bfulgham at webkit.org> ---
Comment on attachment 436291
--> https://bugs.webkit.org/attachment.cgi?id=436291
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=436291&action=review
r=me
> Source/WebCore/crypto/mac/CryptoUtilitiesCocoa.cpp:119
> + return rv;
Does an unsuccessful call to CCKDFParametersCreateHkdf guarantee that the
params are properly cleaned up?
> Source/WebCore/crypto/mac/CryptoUtilitiesCocoa.cpp:133
> + if (keyDerivationHMAC(digestAlgorithm, key, keySize, info, infoSize,
salt, saltSize, result.data(), result.size()))
Should this be a check for != kCCSuccess?
More information about the webkit-reviews
mailing list