New issue
Advanced search Search tips
Starred by 4 users
Status: Fixed
Owner:
Closed: Jun 28
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 2
Type: Bug



Sign in to add a comment
Support ietf-webpush-encryption-08
Project Member Reported by peter@chromium.org, Jan 10 2017 Back to list
Chrome currently supports ietf-webpush-encryption-03.

The latest draft is ietf-webpush-encryption-08, which removes use of the Crypto-Key and Encryption headers by introducing a binary header, and slightly cleans up the steps required to decrypt the ciphertext.

Since -03 has lots of users (read: all existing users), we should continue to support both.

https://tools.ietf.org/html/draft-ietf-webpush-encryption-03
https://tools.ietf.org/html/draft-ietf-webpush-encryption-08
 
Comment 2 by peter@chromium.org, May 8 2017
Description: Show this description
Comment 3 by peter@chromium.org, May 8 2017
Cc: eroman@chromium.org
Summary: Support ietf-webpush-encryption-08 (was: Support ietf-webpush-encryption-07)
Project Member Comment 4 by bugdroid1@chromium.org, May 8 2017
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/17ae9f3ad85e9ad139bd283908ba4c0529659fce

commit 17ae9f3ad85e9ad139bd283908ba4c0529659fce
Author: peter <peter@chromium.org>
Date: Mon May 08 18:56:25 2017

Separate out the scheme from the GCMMessageCryptographer

Chrome currently implements draft-ietf-webpush-encryption-03, but
following more discussion and a number of changes the Web Push working
group last week announced last call for draft-ietf-webpush-encryption-08.

In order to be able to support both schemes, this CL refactors the
GCMMessageCryptographer to separate out the operations associated with
the version of the encryption scheme.

In addition, the tests are refactored to easily enable using
parameterized tests for those that can be shared between the drafts. The
reference test that doesn't use the auth_secret has been removed, since
we don't actually ship that functionality.

BUG= 679789 

Review-Url: https://codereview.chromium.org/2713673002
Cr-Commit-Position: refs/heads/master@{#470067}

[modify] https://crrev.com/17ae9f3ad85e9ad139bd283908ba4c0529659fce/components/gcm_driver/crypto/gcm_crypto_test_helpers.cc
[modify] https://crrev.com/17ae9f3ad85e9ad139bd283908ba4c0529659fce/components/gcm_driver/crypto/gcm_encryption_provider.cc
[modify] https://crrev.com/17ae9f3ad85e9ad139bd283908ba4c0529659fce/components/gcm_driver/crypto/gcm_encryption_provider_unittest.cc
[modify] https://crrev.com/17ae9f3ad85e9ad139bd283908ba4c0529659fce/components/gcm_driver/crypto/gcm_message_cryptographer.cc
[modify] https://crrev.com/17ae9f3ad85e9ad139bd283908ba4c0529659fce/components/gcm_driver/crypto/gcm_message_cryptographer.h
[modify] https://crrev.com/17ae9f3ad85e9ad139bd283908ba4c0529659fce/components/gcm_driver/crypto/gcm_message_cryptographer_unittest.cc

Project Member Comment 5 by bugdroid1@chromium.org, May 9 2017
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/33f2124d4b3245ca20d3ceb683b15858ffa524c4

commit 33f2124d4b3245ca20d3ceb683b15858ffa524c4
Author: peter <peter@chromium.org>
Date: Tue May 09 11:35:34 2017

Be strict about input in the GCMMessageCryptographer

The cryptographer used to be lenient about input, which was reflected by
a series of unit tests that passed in values that wouldn't match real
world input.

The GCMEncryptionProvider's job is to validate the received input,
whereas the GCMMessageCryptographer should assume it's correct.

This CL adds a bunch of DCHECKs, and updates the tests to make sure
valid values are passed in where expected.

BUG= 679789 

Review-Url: https://codereview.chromium.org/2708383002
Cr-Commit-Position: refs/heads/master@{#470284}

[modify] https://crrev.com/33f2124d4b3245ca20d3ceb683b15858ffa524c4/components/gcm_driver/crypto/gcm_message_cryptographer.cc
[modify] https://crrev.com/33f2124d4b3245ca20d3ceb683b15858ffa524c4/components/gcm_driver/crypto/gcm_message_cryptographer_unittest.cc

Project Member Comment 6 by bugdroid1@chromium.org, May 23 2017
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/8b48bde152a8e3a8bb1a1066854ab6e9c28a7e86

commit 8b48bde152a8e3a8bb1a1066854ab6e9c28a7e86
Author: peter <peter@chromium.org>
Date: Tue May 23 13:30:48 2017

Implement support for draft-ietf-webpush-encryption-08

This CL builds upon the previous refactorings to implement support for
the latest drafts (which is WGLC) of the Web Push Encryption scheme.

Support is not yet enabled for incoming messages - since the message
format changed slightly as well, a more trivial update to
GCMEncryptionProvider is necessary as well.

BUG= 679789 

Review-Url: https://codereview.chromium.org/2716443002
Cr-Commit-Position: refs/heads/master@{#473876}

[modify] https://crrev.com/8b48bde152a8e3a8bb1a1066854ab6e9c28a7e86/components/gcm_driver/crypto/gcm_message_cryptographer.cc
[modify] https://crrev.com/8b48bde152a8e3a8bb1a1066854ab6e9c28a7e86/components/gcm_driver/crypto/gcm_message_cryptographer.h
[modify] https://crrev.com/8b48bde152a8e3a8bb1a1066854ab6e9c28a7e86/components/gcm_driver/crypto/gcm_message_cryptographer_unittest.cc

Project Member Comment 8 by bugdroid1@chromium.org, May 24 2017
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/9148da4ab010a58d8ac6c0f2247cd9a06512d9ca

commit 9148da4ab010a58d8ac6c0f2247cd9a06512d9ca
Author: peter <peter@chromium.org>
Date: Wed May 24 10:55:42 2017

Enable support for draft-ietf-webpush-encryption-08

This CL hooks up the ability to decrypt incoming Push messages according
to the draft-ietf-webpush-encryption-08 encryption scheme. It also adds
the "aes128gcm" content coding to PushManager.supportedContentEncodings.

Standard:
https://tools.ietf.org/html/draft-ietf-webpush-encryption-08
https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-08

Intent to Implement and Ship:
https://groups.google.com/a/chromium.org/d/topic/blink-dev/SX9_nZ1NHy8/discussion

BUG= 679789 

Review-Url: https://codereview.chromium.org/2892033002
Cr-Commit-Position: refs/heads/master@{#474246}

[modify] https://crrev.com/9148da4ab010a58d8ac6c0f2247cd9a06512d9ca/components/gcm_driver/crypto/gcm_encryption_provider.cc
[modify] https://crrev.com/9148da4ab010a58d8ac6c0f2247cd9a06512d9ca/components/gcm_driver/crypto/gcm_encryption_provider.h
[modify] https://crrev.com/9148da4ab010a58d8ac6c0f2247cd9a06512d9ca/components/gcm_driver/crypto/gcm_encryption_provider_unittest.cc
[modify] https://crrev.com/9148da4ab010a58d8ac6c0f2247cd9a06512d9ca/components/gcm_driver/gcm_driver.cc
[modify] https://crrev.com/9148da4ab010a58d8ac6c0f2247cd9a06512d9ca/components/gcm_driver/gcm_stats_recorder_android.cc
[modify] https://crrev.com/9148da4ab010a58d8ac6c0f2247cd9a06512d9ca/components/gcm_driver/gcm_stats_recorder_impl.cc
[modify] https://crrev.com/9148da4ab010a58d8ac6c0f2247cd9a06512d9ca/third_party/WebKit/LayoutTests/http/tests/push_messaging/pushmanager-supported-content-encodings.html
[modify] https://crrev.com/9148da4ab010a58d8ac6c0f2247cd9a06512d9ca/third_party/WebKit/Source/modules/push_messaging/PushManager.cpp
[modify] https://crrev.com/9148da4ab010a58d8ac6c0f2247cd9a06512d9ca/tools/metrics/histograms/enums.xml

Project Member Comment 9 by bugdroid1@chromium.org, May 24 2017
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/01f5fe9f3bf0c8574a78037f7ac07d8bc2dceffc

commit 01f5fe9f3bf0c8574a78037f7ac07d8bc2dceffc
Author: peter <peter@chromium.org>
Date: Wed May 24 10:56:15 2017

Reduce string building complexity when needing to add a NUL byte

sizeof() enables us to copy over the NUL terminator included with the
string constant as well, so indicate the size explicitly.

BUG= 679789 

Review-Url: https://codereview.chromium.org/2901923002
Cr-Commit-Position: refs/heads/master@{#474247}

[modify] https://crrev.com/01f5fe9f3bf0c8574a78037f7ac07d8bc2dceffc/components/gcm_driver/crypto/gcm_message_cryptographer.cc

Status: Fixed
Sign in to add a comment