Title: [209822] trunk/Source/WebCore
- Revision
- 209822
- Author
- wilan...@apple.com
- Date
- 2016-12-14 12:30:51 -0800 (Wed, 14 Dec 2016)
Log Message
Handle key generation with empty challenge string
https://bugs.webkit.org/show_bug.cgi?id=165835
<rdar://problem/29128710>
Reviewed by Anders Carlsson.
https://bugs.webkit.org/show_bug.cgi?id=160945 didn't set the challenge length to
1 for empty challenge strings. Thus the null terminator was not included. Empty
challenge strings are allowed:
"If the element has a challenge attribute, then let challenge be that attribute's
value. Otherwise, let challenge be the empty string."
https://www.w3.org/TR/html5/forms.html#the-keygen-element (fetched 2016-12-13)
Email certificate generation at
https://www.comodo.com/home/email-security/free-email-certificate.php broke
because of https://bugs.webkit.org/show_bug.cgi?id=160945.
No new tests. The original patch did not have tests and the breakage was in the
produced key material so a test would have to validate the crypto output.
* platform/mac/SSLKeyGeneratorMac.mm:
(WebCore::signedPublicKeyAndChallengeString):
Now adds 1 to the length of the challenge to account for its null terminator.
This matches the old behavior.
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (209821 => 209822)
--- trunk/Source/WebCore/ChangeLog 2016-12-14 20:17:28 UTC (rev 209821)
+++ trunk/Source/WebCore/ChangeLog 2016-12-14 20:30:51 UTC (rev 209822)
@@ -1,3 +1,30 @@
+2016-12-14 John Wilander <wilan...@apple.com>
+
+ Handle key generation with empty challenge string
+ https://bugs.webkit.org/show_bug.cgi?id=165835
+ <rdar://problem/29128710>
+
+ Reviewed by Anders Carlsson.
+
+ https://bugs.webkit.org/show_bug.cgi?id=160945 didn't set the challenge length to
+ 1 for empty challenge strings. Thus the null terminator was not included. Empty
+ challenge strings are allowed:
+ "If the element has a challenge attribute, then let challenge be that attribute's
+ value. Otherwise, let challenge be the empty string."
+ https://www.w3.org/TR/html5/forms.html#the-keygen-element (fetched 2016-12-13)
+
+ Email certificate generation at
+ https://www.comodo.com/home/email-security/free-email-certificate.php broke
+ because of https://bugs.webkit.org/show_bug.cgi?id=160945.
+
+ No new tests. The original patch did not have tests and the breakage was in the
+ produced key material so a test would have to validate the crypto output.
+
+ * platform/mac/SSLKeyGeneratorMac.mm:
+ (WebCore::signedPublicKeyAndChallengeString):
+ Now adds 1 to the length of the challenge to account for its null terminator.
+ This matches the old behavior.
+
2016-12-14 Daniel Bates <daba...@apple.com>
CSP: Allow HTTPS URL to match HTTP source _expression_
Modified: trunk/Source/WebCore/platform/mac/SSLKeyGeneratorMac.mm (209821 => 209822)
--- trunk/Source/WebCore/platform/mac/SSLKeyGeneratorMac.mm 2016-12-14 20:17:28 UTC (rev 209821)
+++ trunk/Source/WebCore/platform/mac/SSLKeyGeneratorMac.mm 2016-12-14 20:30:51 UTC (rev 209822)
@@ -177,7 +177,8 @@
ASSERT(challenge.data());
- signedPublicKeyAndChallenge.publicKeyAndChallenge.challenge.Length = challenge.length();
+ // Length needs to account for the null terminator.
+ signedPublicKeyAndChallenge.publicKeyAndChallenge.challenge.Length = challenge.length() + 1;
signedPublicKeyAndChallenge.publicKeyAndChallenge.challenge.Data = ""
CSSM_DATA encodedPublicKeyAndChallenge { 0, nullptr };
@@ -220,7 +221,7 @@
}
String signedPublicKeyAndChallengeString(unsigned keySizeIndex, const String& challengeString, const URL& url)
-{
+{
// This switch statement must always be synced with the UI strings returned by getSupportedKeySizes.
UInt32 keySize;
switch (keySizeIndex) {
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
