Check for empty key usages *after* key creation rather than before (to match the spec's order of failures)
Reported by
charles....@gmail.com,
May 13 2016
|
||||
Issue description
Chrome Version : 50.0.2661.102 (64-bit)
URLs (if applicable) : N/A
Other browsers tested: Firefox, which had a different error
Add OK or FAIL, along with the version, after other browsers where you
have tested this issue:
Safari:
Firefox:
IE:
What steps will reproduce the problem?
(1) Go to a secure page (https)
(2) Open the developer console
(3) Enter and run the following code:
window.crypto.subtle.generateKey({name: "AES-CBC", length: 64}, true, []).then(function(k) {console.log("Generated a key.");}).catch(function(err) {console.log("Error: " + err.name);})
What is the expected result?
It displays "Error: OperationError"
What happens instead?
It displays "Error: SyntaxError"
Please provide any additional information below. Attach a screenshot if
possible.
The Web Cryptography API specification at https://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html defines the generateKey operation in general in section 14.3.6, with specifics for AES-CBC in section 26.4.
In section 26.4, the first step is to make sure no requested usage is anything other than "encrypt", "decrypt", "wrapKey", or "unwrapKey", which this code passes. The second step is the check that the length parameter is 128, 192, or 256, which this code fails. The step says to throw an OperationError in this case.
Note that if a non-empty usages parameter is passed, as in the following code:
window.crypto.subtle.generateKey({name: "AES-CBC", length: 64}, true, ["encrypt"]).then(function(k) {console.log("Generated a key.");}).catch(function(err) {console.log("Error: " + err.name);})
then it does throw an OperationError as specified in section 26.4.
The second to last step of the general specification in section 14.3.6 checks that the result of the operation has a non-empty usages, and throws a SyntaxError if it does.
The code demonstrating the error has two problems with it: a bad length and an empty usages. The specification says that the bad length should be checked first, and cause an OperationError. Instead, a SyntaxError is thrown, which would be the correct response if the earlier error had not occurred.
,
Jul 14 2016
This was also discussed at: https://github.com/w3c/webcrypto/issues/50 In the case of generateKey() and importKey(), Chrome tests for valid key usages prior to attempting to generate/import a key, at the same time valid usages for an algorithm are checked. Whereas the spec tests for it after attempting to generate/import the key. I was hesitant to change to match the spec order because I think it is more logical to test key usage in one place. But given the upstream's bug's resolution, the right course of action is to match the spec.
,
Jul 19 2016
,
Jul 20 2016
,
Aug 3 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5 commit 0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5 Author: eroman <eroman@chromium.org> Date: Wed Aug 03 06:36:38 2016 [webcrypto] Check for empty key usages *after* key creation rather than before, to match the spec's order of failures. This affects: * importKey() * generateKey() * unwrapKey() This also removes a "fail-fast optimization" on key usage when importing JWK asymmetric keys, as that was not supported by the spec. BUG= 611801 Review-Url: https://codereview.chromium.org/2163053002 Cr-Commit-Position: refs/heads/master@{#409471} [modify] https://crrev.com/0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5/components/webcrypto/algorithm_dispatch.cc [modify] https://crrev.com/0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5/components/webcrypto/algorithm_implementation.cc [modify] https://crrev.com/0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5/components/webcrypto/algorithm_implementation.h [modify] https://crrev.com/0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5/components/webcrypto/algorithms/aes.cc [modify] https://crrev.com/0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5/components/webcrypto/algorithms/aes.h [modify] https://crrev.com/0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5/components/webcrypto/algorithms/asymmetric_key_util.cc [modify] https://crrev.com/0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5/components/webcrypto/algorithms/asymmetric_key_util.h [modify] https://crrev.com/0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5/components/webcrypto/algorithms/ec.cc [modify] https://crrev.com/0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5/components/webcrypto/algorithms/ec.h [modify] https://crrev.com/0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5/components/webcrypto/algorithms/hkdf.cc [modify] https://crrev.com/0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5/components/webcrypto/algorithms/hmac.cc [modify] https://crrev.com/0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5/components/webcrypto/algorithms/pbkdf2.cc [modify] https://crrev.com/0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5/components/webcrypto/algorithms/rsa.cc [modify] https://crrev.com/0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5/components/webcrypto/algorithms/rsa.h [modify] https://crrev.com/0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5/components/webcrypto/algorithms/rsa_ssa_unittest.cc [modify] https://crrev.com/0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5/components/webcrypto/algorithms/secret_key_util.cc [modify] https://crrev.com/0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5/components/webcrypto/algorithms/secret_key_util.h [modify] https://crrev.com/0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5/components/webcrypto/algorithms/util.cc [modify] https://crrev.com/0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5/components/webcrypto/algorithms/util.h [modify] https://crrev.com/0bb976e4a86cd456a35d861e7fb7f9e9a729a1a5/third_party/WebKit/LayoutTests/crypto/subtle/hkdf/exportKey-expected.txt
,
Aug 3 2016
|
||||
►
Sign in to add a comment |
||||
Comment 1 by eroman@chromium.org
, May 14 2016Labels: OS-All
Status: Available (was: Unconfirmed)