Chrome currently supports ietf-webpush-encryption-03. The latest draft is ietf-webpush-encryption-07, which removes use of the Crypto-Key and Encryption headers by introducing a binary header, and slightly cleans up the steps required to decrypt the ciphertext. Since -03 has lots of users (read: all existing users), we should continue to support both. https://tools.ietf.org/html/draft-ietf-webpush-encryption-03 https://tools.ietf.org/html/draft-ietf-webpush-encryption-07
Chrome currently supports ietf-webpush-encryption-03. The latest draft is ietf-webpush-encryption-08, which removes use of the Crypto-Key and Encryption headers by introducing a binary header, and slightly cleans up the steps required to decrypt the ciphertext. Since -03 has lots of users (read: all existing users), we should continue to support both. https://tools.ietf.org/html/draft-ietf-webpush-encryption-03 https://tools.ietf.org/html/draft-ietf-webpush-encryption-08
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/ee0b6869f2fa3f22f107058ed8f2ba868e5f01ff commit ee0b6869f2fa3f22f107058ed8f2ba868e5f01ff Author: peter <peter@chromium.org> Date: Tue Jan 10 19:15:27 2017 Remove GCMMessageCryptographer::Label It's only got one value, and there are no plans to add more. BUG= 679789 Review-Url: https://codereview.chromium.org/2621103002 Cr-Commit-Position: refs/heads/master@{#442650} [modify] https://crrev.com/ee0b6869f2fa3f22f107058ed8f2ba868e5f01ff/components/gcm_driver/crypto/gcm_crypto_test_helpers.cc [modify] https://crrev.com/ee0b6869f2fa3f22f107058ed8f2ba868e5f01ff/components/gcm_driver/crypto/gcm_encryption_provider.cc [modify] https://crrev.com/ee0b6869f2fa3f22f107058ed8f2ba868e5f01ff/components/gcm_driver/crypto/gcm_encryption_provider_unittest.cc [modify] https://crrev.com/ee0b6869f2fa3f22f107058ed8f2ba868e5f01ff/components/gcm_driver/crypto/gcm_message_cryptographer.cc [modify] https://crrev.com/ee0b6869f2fa3f22f107058ed8f2ba868e5f01ff/components/gcm_driver/crypto/gcm_message_cryptographer.h [modify] https://crrev.com/ee0b6869f2fa3f22f107058ed8f2ba868e5f01ff/components/gcm_driver/crypto/gcm_message_cryptographer_unittest.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/17ae9f3ad85e9ad139bd283908ba4c0529659fce commit 17ae9f3ad85e9ad139bd283908ba4c0529659fce Author: peter <peter@chromium.org> Date: Mon May 08 18:56:25 2017 Separate out the scheme from the GCMMessageCryptographer Chrome currently implements draft-ietf-webpush-encryption-03, but following more discussion and a number of changes the Web Push working group last week announced last call for draft-ietf-webpush-encryption-08. In order to be able to support both schemes, this CL refactors the GCMMessageCryptographer to separate out the operations associated with the version of the encryption scheme. In addition, the tests are refactored to easily enable using parameterized tests for those that can be shared between the drafts. The reference test that doesn't use the auth_secret has been removed, since we don't actually ship that functionality. BUG= 679789 Review-Url: https://codereview.chromium.org/2713673002 Cr-Commit-Position: refs/heads/master@{#470067} [modify] https://crrev.com/17ae9f3ad85e9ad139bd283908ba4c0529659fce/components/gcm_driver/crypto/gcm_crypto_test_helpers.cc [modify] https://crrev.com/17ae9f3ad85e9ad139bd283908ba4c0529659fce/components/gcm_driver/crypto/gcm_encryption_provider.cc [modify] https://crrev.com/17ae9f3ad85e9ad139bd283908ba4c0529659fce/components/gcm_driver/crypto/gcm_encryption_provider_unittest.cc [modify] https://crrev.com/17ae9f3ad85e9ad139bd283908ba4c0529659fce/components/gcm_driver/crypto/gcm_message_cryptographer.cc [modify] https://crrev.com/17ae9f3ad85e9ad139bd283908ba4c0529659fce/components/gcm_driver/crypto/gcm_message_cryptographer.h [modify] https://crrev.com/17ae9f3ad85e9ad139bd283908ba4c0529659fce/components/gcm_driver/crypto/gcm_message_cryptographer_unittest.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/33f2124d4b3245ca20d3ceb683b15858ffa524c4 commit 33f2124d4b3245ca20d3ceb683b15858ffa524c4 Author: peter <peter@chromium.org> Date: Tue May 09 11:35:34 2017 Be strict about input in the GCMMessageCryptographer The cryptographer used to be lenient about input, which was reflected by a series of unit tests that passed in values that wouldn't match real world input. The GCMEncryptionProvider's job is to validate the received input, whereas the GCMMessageCryptographer should assume it's correct. This CL adds a bunch of DCHECKs, and updates the tests to make sure valid values are passed in where expected. BUG= 679789 Review-Url: https://codereview.chromium.org/2708383002 Cr-Commit-Position: refs/heads/master@{#470284} [modify] https://crrev.com/33f2124d4b3245ca20d3ceb683b15858ffa524c4/components/gcm_driver/crypto/gcm_message_cryptographer.cc [modify] https://crrev.com/33f2124d4b3245ca20d3ceb683b15858ffa524c4/components/gcm_driver/crypto/gcm_message_cryptographer_unittest.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/8b48bde152a8e3a8bb1a1066854ab6e9c28a7e86 commit 8b48bde152a8e3a8bb1a1066854ab6e9c28a7e86 Author: peter <peter@chromium.org> Date: Tue May 23 13:30:48 2017 Implement support for draft-ietf-webpush-encryption-08 This CL builds upon the previous refactorings to implement support for the latest drafts (which is WGLC) of the Web Push Encryption scheme. Support is not yet enabled for incoming messages - since the message format changed slightly as well, a more trivial update to GCMEncryptionProvider is necessary as well. BUG= 679789 Review-Url: https://codereview.chromium.org/2716443002 Cr-Commit-Position: refs/heads/master@{#473876} [modify] https://crrev.com/8b48bde152a8e3a8bb1a1066854ab6e9c28a7e86/components/gcm_driver/crypto/gcm_message_cryptographer.cc [modify] https://crrev.com/8b48bde152a8e3a8bb1a1066854ab6e9c28a7e86/components/gcm_driver/crypto/gcm_message_cryptographer.h [modify] https://crrev.com/8b48bde152a8e3a8bb1a1066854ab6e9c28a7e86/components/gcm_driver/crypto/gcm_message_cryptographer_unittest.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/006f9034020134314605f8a64b0b3f925d1b6012 commit 006f9034020134314605f8a64b0b3f925d1b6012 Author: peter <peter@chromium.org> Date: Tue May 23 14:37:46 2017 Add a parser for messages with a Web Push Protocol-based payload This will help to avoid doing manual parsing and verification of the inbound messages in multiple places. BUG= 679789 Review-Url: https://codereview.chromium.org/2888763006 Cr-Commit-Position: refs/heads/master@{#473889} [modify] https://crrev.com/006f9034020134314605f8a64b0b3f925d1b6012/components/gcm_driver/crypto/BUILD.gn [modify] https://crrev.com/006f9034020134314605f8a64b0b3f925d1b6012/components/gcm_driver/crypto/gcm_message_cryptographer_unittest.cc [add] https://crrev.com/006f9034020134314605f8a64b0b3f925d1b6012/components/gcm_driver/crypto/message_payload_parser.cc [add] https://crrev.com/006f9034020134314605f8a64b0b3f925d1b6012/components/gcm_driver/crypto/message_payload_parser.h [add] https://crrev.com/006f9034020134314605f8a64b0b3f925d1b6012/components/gcm_driver/crypto/message_payload_parser_unittest.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/9148da4ab010a58d8ac6c0f2247cd9a06512d9ca commit 9148da4ab010a58d8ac6c0f2247cd9a06512d9ca Author: peter <peter@chromium.org> Date: Wed May 24 10:55:42 2017 Enable support for draft-ietf-webpush-encryption-08 This CL hooks up the ability to decrypt incoming Push messages according to the draft-ietf-webpush-encryption-08 encryption scheme. It also adds the "aes128gcm" content coding to PushManager.supportedContentEncodings. Standard: https://tools.ietf.org/html/draft-ietf-webpush-encryption-08 https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-08 Intent to Implement and Ship: https://groups.google.com/a/chromium.org/d/topic/blink-dev/SX9_nZ1NHy8/discussion BUG= 679789 Review-Url: https://codereview.chromium.org/2892033002 Cr-Commit-Position: refs/heads/master@{#474246} [modify] https://crrev.com/9148da4ab010a58d8ac6c0f2247cd9a06512d9ca/components/gcm_driver/crypto/gcm_encryption_provider.cc [modify] https://crrev.com/9148da4ab010a58d8ac6c0f2247cd9a06512d9ca/components/gcm_driver/crypto/gcm_encryption_provider.h [modify] https://crrev.com/9148da4ab010a58d8ac6c0f2247cd9a06512d9ca/components/gcm_driver/crypto/gcm_encryption_provider_unittest.cc [modify] https://crrev.com/9148da4ab010a58d8ac6c0f2247cd9a06512d9ca/components/gcm_driver/gcm_driver.cc [modify] https://crrev.com/9148da4ab010a58d8ac6c0f2247cd9a06512d9ca/components/gcm_driver/gcm_stats_recorder_android.cc [modify] https://crrev.com/9148da4ab010a58d8ac6c0f2247cd9a06512d9ca/components/gcm_driver/gcm_stats_recorder_impl.cc [modify] https://crrev.com/9148da4ab010a58d8ac6c0f2247cd9a06512d9ca/third_party/WebKit/LayoutTests/http/tests/push_messaging/pushmanager-supported-content-encodings.html [modify] https://crrev.com/9148da4ab010a58d8ac6c0f2247cd9a06512d9ca/third_party/WebKit/Source/modules/push_messaging/PushManager.cpp [modify] https://crrev.com/9148da4ab010a58d8ac6c0f2247cd9a06512d9ca/tools/metrics/histograms/enums.xml
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/01f5fe9f3bf0c8574a78037f7ac07d8bc2dceffc commit 01f5fe9f3bf0c8574a78037f7ac07d8bc2dceffc Author: peter <peter@chromium.org> Date: Wed May 24 10:56:15 2017 Reduce string building complexity when needing to add a NUL byte sizeof() enables us to copy over the NUL terminator included with the string constant as well, so indicate the size explicitly. BUG= 679789 Review-Url: https://codereview.chromium.org/2901923002 Cr-Commit-Position: refs/heads/master@{#474247} [modify] https://crrev.com/01f5fe9f3bf0c8574a78037f7ac07d8bc2dceffc/components/gcm_driver/crypto/gcm_message_cryptographer.cc
Comment 1 by bugdroid1@chromium.org
, Jan 10 2017