Commit 48c4fbd3 authored by ap@apple.com's avatar ap@apple.com

RSASSA-PKCS1-v1_5 JWK import doesn't check key size

https://bugs.webkit.org/show_bug.cgi?id=124472

Reviewed by Sam Weinig.

Source/WebCore: 

Test: crypto/subtle/rsassa-pkcs1-v1_5-import-jwk-small-key.html

* bindings/js/JSCryptoKeySerializationJWK.cpp:
(WebCore::JSCryptoKeySerializationJWK::keySizeIsValid): Added the checks.
(WebCore::JSCryptoKeySerializationJWK::keyDataRSAComponents): Check key size when
importing.
(WebCore::JSCryptoKeySerializationJWK::serialize): Updated a comment.

* crypto/keys/CryptoKeySerializationRaw.cpp: (WebCore::CryptoKeySerializationRaw::serialize):
Updated a comment.

LayoutTests: 

* crypto/subtle/rsassa-pkcs1-v1_5-import-jwk-small-key-expected.txt: Added.
* crypto/subtle/rsassa-pkcs1-v1_5-import-jwk-small-key.html: Added.



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@159393 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent 106eb707
2013-11-17 Alexey Proskuryakov <ap@apple.com>
RSASSA-PKCS1-v1_5 JWK import doesn't check key size
https://bugs.webkit.org/show_bug.cgi?id=124472
Reviewed by Sam Weinig.
* crypto/subtle/rsassa-pkcs1-v1_5-import-jwk-small-key-expected.txt: Added.
* crypto/subtle/rsassa-pkcs1-v1_5-import-jwk-small-key.html: Added.
2013-11-17 Alexey Proskuryakov <ap@apple.com>
JWK crypto key export result is a DOM string instead of an array buffer
......
A key of size 2048 bits or larger MUST be used with RS256, RS384, RS512 JWK algorithms.
On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
PASS crypto.subtle.importKey("jwk", asciiToUint8Array(JSON.stringify(publicKeyJSON)), null, extractable, ["sign", "verify"]) threw exception TypeError: Key size is not valid for RS256.
PASS crypto.subtle.importKey("jwk", asciiToUint8Array(JSON.stringify(privateKeyJSON)), null, extractable, ["sign", "verify"]) threw exception TypeError: Key size is not valid for RS512.
PASS successfullyParsed is true
TEST COMPLETE
<!DOCTYPE html>
<html>
<head>
<script src="../../resources/js-test-pre.js"></script>
<script src="resources/common.js"></script>
</head>
<body>
<p id="description"></p>
<div id="console"></div>
<script>
description("A key of size 2048 bits or larger MUST be used with RS256, RS384, RS512 JWK algorithms.");
var extractable = true;
// openssl genrsa 1024 >1024.pem
// openssl asn1parse -in 1024.pem
var publicKeyJSON = {
kty: "RSA",
alg: "RS256",
n: Base64URL.stringify(hexStringToUint8Array("B7F103F8412CCD26F5D54FC3157CD8CE1F134F4EABF0A042350BDD7F00FEA2B77EEF19915B10AA2417BB2CB4EC1D57B9661A20072469B9DF9C6E89CB35CCC8543CC40770DCC30D0BBFF1BF9DA1E2549F40476EDADB9312985DAE8C7527C1C12AAFEDF4584989968CDCC9EFEB197438C534D1BFAAC30B1D41F75EADB86CC581B9")),
e: Base64URL.stringify(hexStringToUint8Array("010001"))
};
var privateKeyJSON = {
kty: "RSA",
alg: "RS512",
n: Base64URL.stringify(hexStringToUint8Array("B7F103F8412CCD26F5D54FC3157CD8CE1F134F4EABF0A042350BDD7F00FEA2B77EEF19915B10AA2417BB2CB4EC1D57B9661A20072469B9DF9C6E89CB35CCC8543CC40770DCC30D0BBFF1BF9DA1E2549F40476EDADB9312985DAE8C7527C1C12AAFEDF4584989968CDCC9EFEB197438C534D1BFAAC30B1D41F75EADB86CC581B9")),
e: Base64URL.stringify(hexStringToUint8Array("010001")),
d: Base64URL.stringify(hexStringToUint8Array("5BA6F4F26B0F36BDB5FA6EBEE6E3096853259CFBB742B3A7A9A4DADDE0920063EC149929CB3557819A6D824E37E43B04BF323F492FC49A8028031017B81BECA8EC2A85ABCF193501D80DC251DB8863B8673D8B6772DB2D2AE08CD1829C3F542141461CACE4E8A1F112AD13FF4A4DD865A89AEA94E984D487E5798EF07643B9CD")),
p: Base64URL.stringify(hexStringToUint8Array("E06BFE5722A68E5D597DD8DB937483CBA352AB817209275ADAD103772B7A8EF4EA946311A2B51805959818CEB362F257D6998B475FEA9E34F2A30205B5F5A7FF")),
q: Base64URL.stringify(hexStringToUint8Array("D1D2DBDB1F4DCBFE8D16CDD2CF83C7B5FADFC7891F22FC527BF208F81B92F2543569C3AD22224B82D407DEB65F651D09D2558FEE8BC6E5DA51F6F13206CC1647")),
dp: Base64URL.stringify(hexStringToUint8Array("73ECB4F3D3AD4F6ABEF877D56C84CA339D88ED98AF0C356D040CE58A60462DA42BAC3CC47654AF34EB4226C656F96C8F9D05B1614C1588657754668E06A0FF87")),
dq: Base64URL.stringify(hexStringToUint8Array("5B9C5ACDB33F3E5FE7AE1B337DD325B138D5D7C2F0CB4FAB9BDE333850A1BA183631F5737441D102501D178A3CE062EB54E072B54E660B19654C12472B5C9425")),
qi: Base64URL.stringify(hexStringToUint8Array("D6A920B241178923C59BCBD1A815764619225A90F2C090A9FBD594A61561542D0DF179590413C26C8A72FC6E14EC63A377169970671B3A1EB5E4F4DF1A4CA725"))
};
shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(JSON.stringify(publicKeyJSON)), null, extractable, ["sign", "verify"])');
shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(JSON.stringify(privateKeyJSON)), null, extractable, ["sign", "verify"])');
</script>
<script src="../../resources/js-test-post.js"></script>
</body>
</html>
2013-11-17 Alexey Proskuryakov <ap@apple.com>
RSASSA-PKCS1-v1_5 JWK import doesn't check key size
https://bugs.webkit.org/show_bug.cgi?id=124472
Reviewed by Sam Weinig.
Test: crypto/subtle/rsassa-pkcs1-v1_5-import-jwk-small-key.html
* bindings/js/JSCryptoKeySerializationJWK.cpp:
(WebCore::JSCryptoKeySerializationJWK::keySizeIsValid): Added the checks.
(WebCore::JSCryptoKeySerializationJWK::keyDataRSAComponents): Check key size when
importing.
(WebCore::JSCryptoKeySerializationJWK::serialize): Updated a comment.
* crypto/keys/CryptoKeySerializationRaw.cpp: (WebCore::CryptoKeySerializationRaw::serialize):
Updated a comment.
2013-11-17 Alexey Proskuryakov <ap@apple.com>
JWK crypto key export result is a DOM string instead of an array buffer
......
......@@ -277,6 +277,12 @@ bool JSCryptoKeySerializationJWK::keySizeIsValid(size_t sizeInBits) const
return sizeInBits == 192;
if (m_jwkAlgorithmName == "A256CBC")
return sizeInBits == 256;
if (m_jwkAlgorithmName == "RS256")
return sizeInBits >= 2048;
if (m_jwkAlgorithmName == "RS384")
return sizeInBits >= 2048;
if (m_jwkAlgorithmName == "RS512")
return sizeInBits >= 2048;
return true;
}
......@@ -315,6 +321,11 @@ std::unique_ptr<CryptoKeyData> JSCryptoKeySerializationJWK::keyDataRSAComponents
return nullptr;
}
if (!keySizeIsValid(modulus.size() * 8)) {
throwTypeError(m_exec, "Key size is not valid for " + m_jwkAlgorithmName);
return nullptr;
}
if (!getBigIntegerVectorFromJSON(m_exec, m_json.get(), "e", exponent)) {
if (!m_exec->hadException())
throwTypeError(m_exec, "Required JWK \"e\" member is missing");
......@@ -504,8 +515,8 @@ String JSCryptoKeySerializationJWK::serialize(ExecState* exec, const CryptoKey&
{
std::unique_ptr<CryptoKeyData> keyData = key.exportData();
if (!keyData) {
// FIXME: Shouldn't happen once all key types implement exportData().
throwTypeError(exec, "Key doesn't support exportKey");
// This generally shouldn't happen as long as all key types implement exportData(), but as underlying libraries return errors, there may be some rare failure conditions.
throwTypeError(exec, "Couldn't export key material");
return String();
}
......
......@@ -65,7 +65,7 @@ bool CryptoKeySerializationRaw::serialize(const CryptoKey& key, Vector<uint8_t>&
{
std::unique_ptr<CryptoKeyData> keyData = key.exportData();
if (!keyData) {
// FIXME: Shouldn't happen once all key types implement exportData().
// This generally shouldn't happen as long as all key types implement exportData(), but as underlying libraries return errors, there may be some rare failure conditions.
return false;
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment