Skip to content

Commit

Permalink
LibWeb: Use correct default key size for HMAC
Browse files Browse the repository at this point in the history
When the default key size was requested it was expressed in bytes
(instead of bits) and from the digest size instead of the block size.
  • Loading branch information
devgianlu committed Dec 31, 2024
1 parent a340186 commit e5a7920
Show file tree
Hide file tree
Showing 2 changed files with 103 additions and 104 deletions.
12 changes: 6 additions & 6 deletions Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -6111,13 +6111,13 @@ static WebIDL::ExceptionOr<WebIDL::UnsignedLong> hmac_hash_block_size(JS::Realm&
{
auto hash_name = TRY(hash.name(realm.vm()));
if (hash_name == "SHA-1")
return ::Crypto::Hash::SHA1::digest_size();
return ::Crypto::Hash::SHA1::block_size();
if (hash_name == "SHA-256")
return ::Crypto::Hash::SHA256::digest_size();
return ::Crypto::Hash::SHA256::block_size();
if (hash_name == "SHA-384")
return ::Crypto::Hash::SHA384::digest_size();
return ::Crypto::Hash::SHA384::block_size();
if (hash_name == "SHA-512")
return ::Crypto::Hash::SHA512::digest_size();
return ::Crypto::Hash::SHA512::block_size();
return WebIDL::NotSupportedError::create(realm, MUST(String::formatted("Invalid hash function '{}'", hash_name)));
}

Expand Down Expand Up @@ -6166,7 +6166,7 @@ WebIDL::ExceptionOr<Variant<GC::Ref<CryptoKey>, GC::Ref<CryptoKeyPair>>> HMAC::g
if (!normalized_algorithm.length.has_value()) {
// Let length be the block size in bits of the hash function identified by the hash member
// of normalizedAlgorithm.
length = TRY(hmac_hash_block_size(m_realm, normalized_algorithm.hash));
length = TRY(hmac_hash_block_size(m_realm, normalized_algorithm.hash)) * 8;
}

// Otherwise, if the length member of normalizedAlgorithm is non-zero:
Expand Down Expand Up @@ -6488,7 +6488,7 @@ WebIDL::ExceptionOr<JS::Value> HMAC::get_key_length(AlgorithmParams const& param
if (!normalized_derived_key_algorithm.length.has_value()) {
// Let length be the block size in bits of the hash function identified by the hash member of
// normalizedDerivedKeyAlgorithm.
length = TRY(hmac_hash_block_size(m_realm, normalized_derived_key_algorithm.hash));
length = TRY(hmac_hash_block_size(m_realm, normalized_derived_key_algorithm.hash)) * 8;
}

// Otherwise, if the length member of normalizedDerivedKeyAlgorithm is non-zero:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,7 @@ Harness status: OK

Found 192 tests

96 Pass
96 Fail
192 Pass
Pass Success: generateKey({hash: SHA-1, length: 160, name: HMAC}, false, [sign])
Pass Success: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [sign])
Pass Success: generateKey({hash: SHA-1, length: 160, name: HMAC}, false, [verify, sign])
Expand Down Expand Up @@ -36,38 +35,38 @@ Pass Success: generateKey({hash: SHA-512, length: 512, name: HMAC}, false, [veri
Pass Success: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [verify])
Pass Success: generateKey({hash: SHA-512, length: 512, name: HMAC}, false, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-1, name: HMAC}, false, [sign])
Fail Success: generateKey({hash: SHA-1, name: HMAC}, true, [sign])
Fail Success: generateKey({hash: SHA-1, name: HMAC}, false, [verify, sign])
Fail Success: generateKey({hash: SHA-1, name: HMAC}, true, [verify, sign])
Fail Success: generateKey({hash: SHA-1, name: HMAC}, false, [verify])
Fail Success: generateKey({hash: SHA-1, name: HMAC}, true, [verify])
Fail Success: generateKey({hash: SHA-1, name: HMAC}, false, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-1, name: HMAC}, true, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-256, name: HMAC}, false, [sign])
Fail Success: generateKey({hash: SHA-256, name: HMAC}, true, [sign])
Fail Success: generateKey({hash: SHA-256, name: HMAC}, false, [verify, sign])
Fail Success: generateKey({hash: SHA-256, name: HMAC}, true, [verify, sign])
Fail Success: generateKey({hash: SHA-256, name: HMAC}, false, [verify])
Fail Success: generateKey({hash: SHA-256, name: HMAC}, true, [verify])
Fail Success: generateKey({hash: SHA-256, name: HMAC}, false, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-256, name: HMAC}, true, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-384, name: HMAC}, false, [sign])
Fail Success: generateKey({hash: SHA-384, name: HMAC}, true, [sign])
Fail Success: generateKey({hash: SHA-384, name: HMAC}, false, [verify, sign])
Fail Success: generateKey({hash: SHA-384, name: HMAC}, true, [verify, sign])
Fail Success: generateKey({hash: SHA-384, name: HMAC}, false, [verify])
Fail Success: generateKey({hash: SHA-384, name: HMAC}, true, [verify])
Fail Success: generateKey({hash: SHA-384, name: HMAC}, false, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-384, name: HMAC}, true, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-512, name: HMAC}, false, [sign])
Fail Success: generateKey({hash: SHA-512, name: HMAC}, true, [sign])
Fail Success: generateKey({hash: SHA-512, name: HMAC}, false, [verify, sign])
Fail Success: generateKey({hash: SHA-512, name: HMAC}, true, [verify, sign])
Fail Success: generateKey({hash: SHA-512, name: HMAC}, false, [verify])
Fail Success: generateKey({hash: SHA-512, name: HMAC}, true, [verify])
Fail Success: generateKey({hash: SHA-512, name: HMAC}, false, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-512, name: HMAC}, true, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-1, name: HMAC}, false, [sign])
Pass Success: generateKey({hash: SHA-1, name: HMAC}, true, [sign])
Pass Success: generateKey({hash: SHA-1, name: HMAC}, false, [verify, sign])
Pass Success: generateKey({hash: SHA-1, name: HMAC}, true, [verify, sign])
Pass Success: generateKey({hash: SHA-1, name: HMAC}, false, [verify])
Pass Success: generateKey({hash: SHA-1, name: HMAC}, true, [verify])
Pass Success: generateKey({hash: SHA-1, name: HMAC}, false, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-1, name: HMAC}, true, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-256, name: HMAC}, false, [sign])
Pass Success: generateKey({hash: SHA-256, name: HMAC}, true, [sign])
Pass Success: generateKey({hash: SHA-256, name: HMAC}, false, [verify, sign])
Pass Success: generateKey({hash: SHA-256, name: HMAC}, true, [verify, sign])
Pass Success: generateKey({hash: SHA-256, name: HMAC}, false, [verify])
Pass Success: generateKey({hash: SHA-256, name: HMAC}, true, [verify])
Pass Success: generateKey({hash: SHA-256, name: HMAC}, false, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-256, name: HMAC}, true, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-384, name: HMAC}, false, [sign])
Pass Success: generateKey({hash: SHA-384, name: HMAC}, true, [sign])
Pass Success: generateKey({hash: SHA-384, name: HMAC}, false, [verify, sign])
Pass Success: generateKey({hash: SHA-384, name: HMAC}, true, [verify, sign])
Pass Success: generateKey({hash: SHA-384, name: HMAC}, false, [verify])
Pass Success: generateKey({hash: SHA-384, name: HMAC}, true, [verify])
Pass Success: generateKey({hash: SHA-384, name: HMAC}, false, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-384, name: HMAC}, true, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-512, name: HMAC}, false, [sign])
Pass Success: generateKey({hash: SHA-512, name: HMAC}, true, [sign])
Pass Success: generateKey({hash: SHA-512, name: HMAC}, false, [verify, sign])
Pass Success: generateKey({hash: SHA-512, name: HMAC}, true, [verify, sign])
Pass Success: generateKey({hash: SHA-512, name: HMAC}, false, [verify])
Pass Success: generateKey({hash: SHA-512, name: HMAC}, true, [verify])
Pass Success: generateKey({hash: SHA-512, name: HMAC}, false, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-512, name: HMAC}, true, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-1, length: 160, name: hmac}, false, [sign])
Pass Success: generateKey({hash: SHA-1, length: 160, name: hmac}, true, [sign])
Pass Success: generateKey({hash: SHA-1, length: 160, name: hmac}, false, [verify, sign])
Expand Down Expand Up @@ -100,38 +99,38 @@ Pass Success: generateKey({hash: SHA-512, length: 512, name: hmac}, false, [veri
Pass Success: generateKey({hash: SHA-512, length: 512, name: hmac}, true, [verify])
Pass Success: generateKey({hash: SHA-512, length: 512, name: hmac}, false, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-512, length: 512, name: hmac}, true, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-1, name: hmac}, false, [sign])
Fail Success: generateKey({hash: SHA-1, name: hmac}, true, [sign])
Fail Success: generateKey({hash: SHA-1, name: hmac}, false, [verify, sign])
Fail Success: generateKey({hash: SHA-1, name: hmac}, true, [verify, sign])
Fail Success: generateKey({hash: SHA-1, name: hmac}, false, [verify])
Fail Success: generateKey({hash: SHA-1, name: hmac}, true, [verify])
Fail Success: generateKey({hash: SHA-1, name: hmac}, false, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-1, name: hmac}, true, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-256, name: hmac}, false, [sign])
Fail Success: generateKey({hash: SHA-256, name: hmac}, true, [sign])
Fail Success: generateKey({hash: SHA-256, name: hmac}, false, [verify, sign])
Fail Success: generateKey({hash: SHA-256, name: hmac}, true, [verify, sign])
Fail Success: generateKey({hash: SHA-256, name: hmac}, false, [verify])
Fail Success: generateKey({hash: SHA-256, name: hmac}, true, [verify])
Fail Success: generateKey({hash: SHA-256, name: hmac}, false, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-256, name: hmac}, true, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-384, name: hmac}, false, [sign])
Fail Success: generateKey({hash: SHA-384, name: hmac}, true, [sign])
Fail Success: generateKey({hash: SHA-384, name: hmac}, false, [verify, sign])
Fail Success: generateKey({hash: SHA-384, name: hmac}, true, [verify, sign])
Fail Success: generateKey({hash: SHA-384, name: hmac}, false, [verify])
Fail Success: generateKey({hash: SHA-384, name: hmac}, true, [verify])
Fail Success: generateKey({hash: SHA-384, name: hmac}, false, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-384, name: hmac}, true, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-512, name: hmac}, false, [sign])
Fail Success: generateKey({hash: SHA-512, name: hmac}, true, [sign])
Fail Success: generateKey({hash: SHA-512, name: hmac}, false, [verify, sign])
Fail Success: generateKey({hash: SHA-512, name: hmac}, true, [verify, sign])
Fail Success: generateKey({hash: SHA-512, name: hmac}, false, [verify])
Fail Success: generateKey({hash: SHA-512, name: hmac}, true, [verify])
Fail Success: generateKey({hash: SHA-512, name: hmac}, false, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-512, name: hmac}, true, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-1, name: hmac}, false, [sign])
Pass Success: generateKey({hash: SHA-1, name: hmac}, true, [sign])
Pass Success: generateKey({hash: SHA-1, name: hmac}, false, [verify, sign])
Pass Success: generateKey({hash: SHA-1, name: hmac}, true, [verify, sign])
Pass Success: generateKey({hash: SHA-1, name: hmac}, false, [verify])
Pass Success: generateKey({hash: SHA-1, name: hmac}, true, [verify])
Pass Success: generateKey({hash: SHA-1, name: hmac}, false, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-1, name: hmac}, true, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-256, name: hmac}, false, [sign])
Pass Success: generateKey({hash: SHA-256, name: hmac}, true, [sign])
Pass Success: generateKey({hash: SHA-256, name: hmac}, false, [verify, sign])
Pass Success: generateKey({hash: SHA-256, name: hmac}, true, [verify, sign])
Pass Success: generateKey({hash: SHA-256, name: hmac}, false, [verify])
Pass Success: generateKey({hash: SHA-256, name: hmac}, true, [verify])
Pass Success: generateKey({hash: SHA-256, name: hmac}, false, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-256, name: hmac}, true, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-384, name: hmac}, false, [sign])
Pass Success: generateKey({hash: SHA-384, name: hmac}, true, [sign])
Pass Success: generateKey({hash: SHA-384, name: hmac}, false, [verify, sign])
Pass Success: generateKey({hash: SHA-384, name: hmac}, true, [verify, sign])
Pass Success: generateKey({hash: SHA-384, name: hmac}, false, [verify])
Pass Success: generateKey({hash: SHA-384, name: hmac}, true, [verify])
Pass Success: generateKey({hash: SHA-384, name: hmac}, false, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-384, name: hmac}, true, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-512, name: hmac}, false, [sign])
Pass Success: generateKey({hash: SHA-512, name: hmac}, true, [sign])
Pass Success: generateKey({hash: SHA-512, name: hmac}, false, [verify, sign])
Pass Success: generateKey({hash: SHA-512, name: hmac}, true, [verify, sign])
Pass Success: generateKey({hash: SHA-512, name: hmac}, false, [verify])
Pass Success: generateKey({hash: SHA-512, name: hmac}, true, [verify])
Pass Success: generateKey({hash: SHA-512, name: hmac}, false, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-512, name: hmac}, true, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-1, length: 160, name: Hmac}, false, [sign])
Pass Success: generateKey({hash: SHA-1, length: 160, name: Hmac}, true, [sign])
Pass Success: generateKey({hash: SHA-1, length: 160, name: Hmac}, false, [verify, sign])
Expand Down Expand Up @@ -164,35 +163,35 @@ Pass Success: generateKey({hash: SHA-512, length: 512, name: Hmac}, false, [veri
Pass Success: generateKey({hash: SHA-512, length: 512, name: Hmac}, true, [verify])
Pass Success: generateKey({hash: SHA-512, length: 512, name: Hmac}, false, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-512, length: 512, name: Hmac}, true, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-1, name: Hmac}, false, [sign])
Fail Success: generateKey({hash: SHA-1, name: Hmac}, true, [sign])
Fail Success: generateKey({hash: SHA-1, name: Hmac}, false, [verify, sign])
Fail Success: generateKey({hash: SHA-1, name: Hmac}, true, [verify, sign])
Fail Success: generateKey({hash: SHA-1, name: Hmac}, false, [verify])
Fail Success: generateKey({hash: SHA-1, name: Hmac}, true, [verify])
Fail Success: generateKey({hash: SHA-1, name: Hmac}, false, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-1, name: Hmac}, true, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-256, name: Hmac}, false, [sign])
Fail Success: generateKey({hash: SHA-256, name: Hmac}, true, [sign])
Fail Success: generateKey({hash: SHA-256, name: Hmac}, false, [verify, sign])
Fail Success: generateKey({hash: SHA-256, name: Hmac}, true, [verify, sign])
Fail Success: generateKey({hash: SHA-256, name: Hmac}, false, [verify])
Fail Success: generateKey({hash: SHA-256, name: Hmac}, true, [verify])
Fail Success: generateKey({hash: SHA-256, name: Hmac}, false, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-256, name: Hmac}, true, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-384, name: Hmac}, false, [sign])
Fail Success: generateKey({hash: SHA-384, name: Hmac}, true, [sign])
Fail Success: generateKey({hash: SHA-384, name: Hmac}, false, [verify, sign])
Fail Success: generateKey({hash: SHA-384, name: Hmac}, true, [verify, sign])
Fail Success: generateKey({hash: SHA-384, name: Hmac}, false, [verify])
Fail Success: generateKey({hash: SHA-384, name: Hmac}, true, [verify])
Fail Success: generateKey({hash: SHA-384, name: Hmac}, false, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-384, name: Hmac}, true, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-512, name: Hmac}, false, [sign])
Fail Success: generateKey({hash: SHA-512, name: Hmac}, true, [sign])
Fail Success: generateKey({hash: SHA-512, name: Hmac}, false, [verify, sign])
Fail Success: generateKey({hash: SHA-512, name: Hmac}, true, [verify, sign])
Fail Success: generateKey({hash: SHA-512, name: Hmac}, false, [verify])
Fail Success: generateKey({hash: SHA-512, name: Hmac}, true, [verify])
Fail Success: generateKey({hash: SHA-512, name: Hmac}, false, [sign, verify, sign, verify])
Fail Success: generateKey({hash: SHA-512, name: Hmac}, true, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-1, name: Hmac}, false, [sign])
Pass Success: generateKey({hash: SHA-1, name: Hmac}, true, [sign])
Pass Success: generateKey({hash: SHA-1, name: Hmac}, false, [verify, sign])
Pass Success: generateKey({hash: SHA-1, name: Hmac}, true, [verify, sign])
Pass Success: generateKey({hash: SHA-1, name: Hmac}, false, [verify])
Pass Success: generateKey({hash: SHA-1, name: Hmac}, true, [verify])
Pass Success: generateKey({hash: SHA-1, name: Hmac}, false, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-1, name: Hmac}, true, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-256, name: Hmac}, false, [sign])
Pass Success: generateKey({hash: SHA-256, name: Hmac}, true, [sign])
Pass Success: generateKey({hash: SHA-256, name: Hmac}, false, [verify, sign])
Pass Success: generateKey({hash: SHA-256, name: Hmac}, true, [verify, sign])
Pass Success: generateKey({hash: SHA-256, name: Hmac}, false, [verify])
Pass Success: generateKey({hash: SHA-256, name: Hmac}, true, [verify])
Pass Success: generateKey({hash: SHA-256, name: Hmac}, false, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-256, name: Hmac}, true, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-384, name: Hmac}, false, [sign])
Pass Success: generateKey({hash: SHA-384, name: Hmac}, true, [sign])
Pass Success: generateKey({hash: SHA-384, name: Hmac}, false, [verify, sign])
Pass Success: generateKey({hash: SHA-384, name: Hmac}, true, [verify, sign])
Pass Success: generateKey({hash: SHA-384, name: Hmac}, false, [verify])
Pass Success: generateKey({hash: SHA-384, name: Hmac}, true, [verify])
Pass Success: generateKey({hash: SHA-384, name: Hmac}, false, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-384, name: Hmac}, true, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-512, name: Hmac}, false, [sign])
Pass Success: generateKey({hash: SHA-512, name: Hmac}, true, [sign])
Pass Success: generateKey({hash: SHA-512, name: Hmac}, false, [verify, sign])
Pass Success: generateKey({hash: SHA-512, name: Hmac}, true, [verify, sign])
Pass Success: generateKey({hash: SHA-512, name: Hmac}, false, [verify])
Pass Success: generateKey({hash: SHA-512, name: Hmac}, true, [verify])
Pass Success: generateKey({hash: SHA-512, name: Hmac}, false, [sign, verify, sign, verify])
Pass Success: generateKey({hash: SHA-512, name: Hmac}, true, [sign, verify, sign, verify])

0 comments on commit e5a7920

Please sign in to comment.