[webkit-changes] [279628] trunk

Tue, 06 Jul 2021 16:55:37 -0700

Title: [279628] trunk
Revision
279628
Author
cdu...@apple.com
Date
2021-07-06 16:54:54 -0700 (Tue, 06 Jul 2021)

Log Message

SubtleCrypto should only be exposed to secure contexts
https://bugs.webkit.org/show_bug.cgi?id=227725

Reviewed by Darin Adler.

Source/WebCore:

SubtleCrypto should only be exposed to secure contexts:
- https://www.w3.org/TR/WebCryptoAPI/#dfn-Crypto

Gecko and Blink match the specification.

This was causing WebKit to fail the WebCryptoAPI/historical.any.html WPT test.

Test: http/wpt/crypto/historical.html

* crypto/CryptoKey.idl:
* crypto/SubtleCrypto.idl:
* page/Crypto.idl:

LayoutTests:

Add layout test coverage.

* http/wpt/crypto/historical-expected.txt: Added.
* http/wpt/crypto/historical.html: Added.

Modified Paths

Added Paths

Diff

Modified: trunk/LayoutTests/ChangeLog (279627 => 279628)


--- trunk/LayoutTests/ChangeLog	2021-07-06 22:49:32 UTC (rev 279627)
+++ trunk/LayoutTests/ChangeLog	2021-07-06 23:54:54 UTC (rev 279628)
@@ -1,3 +1,15 @@
+2021-07-06  Chris Dumez  <cdu...@apple.com>
+
+        SubtleCrypto should only be exposed to secure contexts
+        https://bugs.webkit.org/show_bug.cgi?id=227725
+
+        Reviewed by Darin Adler.
+
+        Add layout test coverage.
+
+        * http/wpt/crypto/historical-expected.txt: Added.
+        * http/wpt/crypto/historical.html: Added.
+
 2021-07-06  Truitt Savell  <tsav...@apple.com>
 
         Unreviewed, reverting r279542.

Added: trunk/LayoutTests/http/wpt/crypto/historical-expected.txt (0 => 279628)


--- trunk/LayoutTests/http/wpt/crypto/historical-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/http/wpt/crypto/historical-expected.txt	2021-07-06 23:54:54 UTC (rev 279628)
@@ -0,0 +1,5 @@
+
+PASS Non-secure context window does not have access to crypto.subtle
+PASS Non-secure context window does not have access to SubtleCrypto
+PASS Non-secure context window does not have access to CryptoKey
+

Added: trunk/LayoutTests/http/wpt/crypto/historical.html (0 => 279628)


--- trunk/LayoutTests/http/wpt/crypto/historical.html	                        (rev 0)
+++ trunk/LayoutTests/http/wpt/crypto/historical.html	2021-07-06 23:54:54 UTC (rev 279628)
@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<body>
+<script src=""
+<script src=""
+<script>
+// localhost is secure by default.
+internals.markContextAsInsecure();
+
+test(() => {
+  assert_equals(self.crypto.subtle, undefined);
+  assert_false("subtle" in self.crypto);
+}, "Non-secure context window does not have access to crypto.subtle");
+
+test(() => {
+  assert_equals(self.SubtleCrypto, undefined);
+  assert_false("SubtleCrypto" in self);
+}, "Non-secure context window does not have access to SubtleCrypto")
+
+test(() => {
+  assert_equals(self.CryptoKey, undefined);
+  assert_false("CryptoKey" in self);
+}, "Non-secure context window does not have access to CryptoKey")
+</script>
+</body>
+</html>

Modified: trunk/Source/WebCore/ChangeLog (279627 => 279628)


--- trunk/Source/WebCore/ChangeLog	2021-07-06 22:49:32 UTC (rev 279627)
+++ trunk/Source/WebCore/ChangeLog	2021-07-06 23:54:54 UTC (rev 279628)
@@ -1,3 +1,23 @@
+2021-07-06  Chris Dumez  <cdu...@apple.com>
+
+        SubtleCrypto should only be exposed to secure contexts
+        https://bugs.webkit.org/show_bug.cgi?id=227725
+
+        Reviewed by Darin Adler.
+
+        SubtleCrypto should only be exposed to secure contexts:
+        - https://www.w3.org/TR/WebCryptoAPI/#dfn-Crypto
+
+        Gecko and Blink match the specification.
+
+        This was causing WebKit to fail the WebCryptoAPI/historical.any.html WPT test.
+
+        Test: http/wpt/crypto/historical.html
+
+        * crypto/CryptoKey.idl:
+        * crypto/SubtleCrypto.idl:
+        * page/Crypto.idl:
+
 2021-07-06  Ryosuke Niwa  <rn...@webkit.org>
 
         Deploy smart pointers in EventHandler and UserInputBridge

Modified: trunk/Source/WebCore/crypto/CryptoKey.idl (279627 => 279628)


--- trunk/Source/WebCore/crypto/CryptoKey.idl	2021-07-06 22:49:32 UTC (rev 279627)
+++ trunk/Source/WebCore/crypto/CryptoKey.idl	2021-07-06 23:54:54 UTC (rev 279628)
@@ -35,6 +35,7 @@
     Conditional=WEB_CRYPTO,
     Exposed=(Window,Worker),
     GenerateIsReachable=Impl,
+    SecureContext,
     SkipVTableValidation
 ] interface CryptoKey {
     readonly attribute KeyType type;

Modified: trunk/Source/WebCore/crypto/SubtleCrypto.idl (279627 => 279628)


--- trunk/Source/WebCore/crypto/SubtleCrypto.idl	2021-07-06 22:49:32 UTC (rev 279627)
+++ trunk/Source/WebCore/crypto/SubtleCrypto.idl	2021-07-06 23:54:54 UTC (rev 279628)
@@ -31,6 +31,7 @@
     Conditional=WEB_CRYPTO,
     Exposed=(Window,Worker),
     GenerateIsReachable=ImplScriptExecutionContext,
+    SecureContext,
 ] interface SubtleCrypto {
     [CallWith=GlobalObject] Promise<any> encrypt(AlgorithmIdentifier algorithm, CryptoKey key, BufferSource data);
     [CallWith=GlobalObject] Promise<any> decrypt(AlgorithmIdentifier algorithm, CryptoKey key, BufferSource data);

Modified: trunk/Source/WebCore/page/Crypto.idl (279627 => 279628)


--- trunk/Source/WebCore/page/Crypto.idl	2021-07-06 22:49:32 UTC (rev 279627)
+++ trunk/Source/WebCore/page/Crypto.idl	2021-07-06 23:54:54 UTC (rev 279628)
@@ -31,6 +31,6 @@
     Exposed=(Window,Worker),
     GenerateIsReachable=ImplScriptExecutionContext
 ] interface Crypto {
-    [Conditional=WEB_CRYPTO] readonly attribute SubtleCrypto subtle;
+    [Conditional=WEB_CRYPTO, SecureContext] readonly attribute SubtleCrypto subtle;
     ArrayBufferView getRandomValues([ReturnValue] ArrayBufferView array);
 };

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to