[Webkit-unassigned] [Bug 207176] [OpenSSL] Implement WebCrypto APIs for AES family except AES-KW

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Feb 3 20:30:34 PST 2020


https://bugs.webkit.org/show_bug.cgi?id=207176

--- Comment #4 from Yoshiaki Jitsukawa <yoshiaki.jitsukawa at sony.com> ---
Comment on attachment 389617
  --> https://bugs.webkit.org/attachment.cgi?id=389617
patch

View in context: https://bugs.webkit.org/attachment.cgi?id=389617&action=review

>> Source/WebCore/crypto/openssl/CryptoAlgorithmAES_CBCOpenSSL.cpp:64
>> +
> 
> Ensure that the iv size is equal to the block size.

Never mind. IV size is checked in CryptoAlgorithmAES_CBC::decrypt().

>> Source/WebCore/crypto/openssl/CryptoAlgorithmAES_CBCOpenSSL.cpp:100
>> +
> 
> Please check the IV size.
> 
> It'd be nice to check if cipherSize is a multiple of the block size.

Never mind. IV size is checked in CryptoAlgorithmAES_CBC::encrypt().

> Source/WebCore/crypto/openssl/CryptoAlgorithmAES_CFBOpenSSL.cpp:53
> +    Vector<uint8_t> cipher(plainText.size());

"cipher" should be renamed to "cipherText" for better consistency?

> Source/WebCore/crypto/openssl/CryptoAlgorithmAES_GCMOpenSSL.cpp:50
> +    if (iv.size() != EVP_MAX_IV_LENGTH)

Is this intended to be "if (iv.size() > EVP_MAX_IV_LENGTH)" ?

> Source/WebCore/crypto/openssl/CryptoAlgorithmAES_GCMOpenSSL.cpp:111
> +    if (iv.size() != EVP_MAX_IV_LENGTH)

Is this intended to be "if (iv.size() > EVP_MAX_IV_LENGTH)" ?

> Source/WebCore/crypto/openssl/CryptoAlgorithmAES_GCMOpenSSL.cpp:114
> +    if (cipherText.size() <= tagLength)

This is already checked in CryptoAlgorithmAES_GCM::decrypt().

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200204/4ea564b6/attachment.htm>


More information about the webkit-unassigned mailing list