From e5a79200f09496b4554991e039802462965373fd Mon Sep 17 00:00:00 2001 From: devgianlu Date: Thu, 26 Dec 2024 20:04:23 +0100 Subject: [PATCH] LibWeb: Use correct default key size for HMAC When the default key size was requested it was expressed in bytes (instead of bits) and from the digest size instead of the block size. --- Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp | 12 +- .../generateKey/successes_HMAC.https.any.txt | 195 +++++++++--------- 2 files changed, 103 insertions(+), 104 deletions(-) diff --git a/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp b/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp index b7b498b2a3b1f..0af6bca2f493d 100644 --- a/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp +++ b/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp @@ -6111,13 +6111,13 @@ static WebIDL::ExceptionOr hmac_hash_block_size(JS::Realm& { auto hash_name = TRY(hash.name(realm.vm())); if (hash_name == "SHA-1") - return ::Crypto::Hash::SHA1::digest_size(); + return ::Crypto::Hash::SHA1::block_size(); if (hash_name == "SHA-256") - return ::Crypto::Hash::SHA256::digest_size(); + return ::Crypto::Hash::SHA256::block_size(); if (hash_name == "SHA-384") - return ::Crypto::Hash::SHA384::digest_size(); + return ::Crypto::Hash::SHA384::block_size(); if (hash_name == "SHA-512") - return ::Crypto::Hash::SHA512::digest_size(); + return ::Crypto::Hash::SHA512::block_size(); return WebIDL::NotSupportedError::create(realm, MUST(String::formatted("Invalid hash function '{}'", hash_name))); } @@ -6166,7 +6166,7 @@ WebIDL::ExceptionOr, GC::Ref>> HMAC::g if (!normalized_algorithm.length.has_value()) { // Let length be the block size in bits of the hash function identified by the hash member // of normalizedAlgorithm. - length = TRY(hmac_hash_block_size(m_realm, normalized_algorithm.hash)); + length = TRY(hmac_hash_block_size(m_realm, normalized_algorithm.hash)) * 8; } // Otherwise, if the length member of normalizedAlgorithm is non-zero: @@ -6488,7 +6488,7 @@ WebIDL::ExceptionOr HMAC::get_key_length(AlgorithmParams const& param if (!normalized_derived_key_algorithm.length.has_value()) { // Let length be the block size in bits of the hash function identified by the hash member of // normalizedDerivedKeyAlgorithm. - length = TRY(hmac_hash_block_size(m_realm, normalized_derived_key_algorithm.hash)); + length = TRY(hmac_hash_block_size(m_realm, normalized_derived_key_algorithm.hash)) * 8; } // Otherwise, if the length member of normalizedDerivedKeyAlgorithm is non-zero: diff --git a/Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/generateKey/successes_HMAC.https.any.txt b/Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/generateKey/successes_HMAC.https.any.txt index f794e837c640d..df29083f2904d 100644 --- a/Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/generateKey/successes_HMAC.https.any.txt +++ b/Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/generateKey/successes_HMAC.https.any.txt @@ -2,8 +2,7 @@ Harness status: OK Found 192 tests -96 Pass -96 Fail +192 Pass Pass Success: generateKey({hash: SHA-1, length: 160, name: HMAC}, false, [sign]) Pass Success: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [sign]) Pass Success: generateKey({hash: SHA-1, length: 160, name: HMAC}, false, [verify, sign]) @@ -36,38 +35,38 @@ Pass Success: generateKey({hash: SHA-512, length: 512, name: HMAC}, false, [veri Pass Success: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [verify]) Pass Success: generateKey({hash: SHA-512, length: 512, name: HMAC}, false, [sign, verify, sign, verify]) Pass Success: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-1, name: HMAC}, false, [sign]) -Fail Success: generateKey({hash: SHA-1, name: HMAC}, true, [sign]) -Fail Success: generateKey({hash: SHA-1, name: HMAC}, false, [verify, sign]) -Fail Success: generateKey({hash: SHA-1, name: HMAC}, true, [verify, sign]) -Fail Success: generateKey({hash: SHA-1, name: HMAC}, false, [verify]) -Fail Success: generateKey({hash: SHA-1, name: HMAC}, true, [verify]) -Fail Success: generateKey({hash: SHA-1, name: HMAC}, false, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-1, name: HMAC}, true, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-256, name: HMAC}, false, [sign]) -Fail Success: generateKey({hash: SHA-256, name: HMAC}, true, [sign]) -Fail Success: generateKey({hash: SHA-256, name: HMAC}, false, [verify, sign]) -Fail Success: generateKey({hash: SHA-256, name: HMAC}, true, [verify, sign]) -Fail Success: generateKey({hash: SHA-256, name: HMAC}, false, [verify]) -Fail Success: generateKey({hash: SHA-256, name: HMAC}, true, [verify]) -Fail Success: generateKey({hash: SHA-256, name: HMAC}, false, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-256, name: HMAC}, true, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-384, name: HMAC}, false, [sign]) -Fail Success: generateKey({hash: SHA-384, name: HMAC}, true, [sign]) -Fail Success: generateKey({hash: SHA-384, name: HMAC}, false, [verify, sign]) -Fail Success: generateKey({hash: SHA-384, name: HMAC}, true, [verify, sign]) -Fail Success: generateKey({hash: SHA-384, name: HMAC}, false, [verify]) -Fail Success: generateKey({hash: SHA-384, name: HMAC}, true, [verify]) -Fail Success: generateKey({hash: SHA-384, name: HMAC}, false, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-384, name: HMAC}, true, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-512, name: HMAC}, false, [sign]) -Fail Success: generateKey({hash: SHA-512, name: HMAC}, true, [sign]) -Fail Success: generateKey({hash: SHA-512, name: HMAC}, false, [verify, sign]) -Fail Success: generateKey({hash: SHA-512, name: HMAC}, true, [verify, sign]) -Fail Success: generateKey({hash: SHA-512, name: HMAC}, false, [verify]) -Fail Success: generateKey({hash: SHA-512, name: HMAC}, true, [verify]) -Fail Success: generateKey({hash: SHA-512, name: HMAC}, false, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-512, name: HMAC}, true, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-1, name: HMAC}, false, [sign]) +Pass Success: generateKey({hash: SHA-1, name: HMAC}, true, [sign]) +Pass Success: generateKey({hash: SHA-1, name: HMAC}, false, [verify, sign]) +Pass Success: generateKey({hash: SHA-1, name: HMAC}, true, [verify, sign]) +Pass Success: generateKey({hash: SHA-1, name: HMAC}, false, [verify]) +Pass Success: generateKey({hash: SHA-1, name: HMAC}, true, [verify]) +Pass Success: generateKey({hash: SHA-1, name: HMAC}, false, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-1, name: HMAC}, true, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-256, name: HMAC}, false, [sign]) +Pass Success: generateKey({hash: SHA-256, name: HMAC}, true, [sign]) +Pass Success: generateKey({hash: SHA-256, name: HMAC}, false, [verify, sign]) +Pass Success: generateKey({hash: SHA-256, name: HMAC}, true, [verify, sign]) +Pass Success: generateKey({hash: SHA-256, name: HMAC}, false, [verify]) +Pass Success: generateKey({hash: SHA-256, name: HMAC}, true, [verify]) +Pass Success: generateKey({hash: SHA-256, name: HMAC}, false, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-256, name: HMAC}, true, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-384, name: HMAC}, false, [sign]) +Pass Success: generateKey({hash: SHA-384, name: HMAC}, true, [sign]) +Pass Success: generateKey({hash: SHA-384, name: HMAC}, false, [verify, sign]) +Pass Success: generateKey({hash: SHA-384, name: HMAC}, true, [verify, sign]) +Pass Success: generateKey({hash: SHA-384, name: HMAC}, false, [verify]) +Pass Success: generateKey({hash: SHA-384, name: HMAC}, true, [verify]) +Pass Success: generateKey({hash: SHA-384, name: HMAC}, false, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-384, name: HMAC}, true, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-512, name: HMAC}, false, [sign]) +Pass Success: generateKey({hash: SHA-512, name: HMAC}, true, [sign]) +Pass Success: generateKey({hash: SHA-512, name: HMAC}, false, [verify, sign]) +Pass Success: generateKey({hash: SHA-512, name: HMAC}, true, [verify, sign]) +Pass Success: generateKey({hash: SHA-512, name: HMAC}, false, [verify]) +Pass Success: generateKey({hash: SHA-512, name: HMAC}, true, [verify]) +Pass Success: generateKey({hash: SHA-512, name: HMAC}, false, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-512, name: HMAC}, true, [sign, verify, sign, verify]) Pass Success: generateKey({hash: SHA-1, length: 160, name: hmac}, false, [sign]) Pass Success: generateKey({hash: SHA-1, length: 160, name: hmac}, true, [sign]) Pass Success: generateKey({hash: SHA-1, length: 160, name: hmac}, false, [verify, sign]) @@ -100,38 +99,38 @@ Pass Success: generateKey({hash: SHA-512, length: 512, name: hmac}, false, [veri Pass Success: generateKey({hash: SHA-512, length: 512, name: hmac}, true, [verify]) Pass Success: generateKey({hash: SHA-512, length: 512, name: hmac}, false, [sign, verify, sign, verify]) Pass Success: generateKey({hash: SHA-512, length: 512, name: hmac}, true, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-1, name: hmac}, false, [sign]) -Fail Success: generateKey({hash: SHA-1, name: hmac}, true, [sign]) -Fail Success: generateKey({hash: SHA-1, name: hmac}, false, [verify, sign]) -Fail Success: generateKey({hash: SHA-1, name: hmac}, true, [verify, sign]) -Fail Success: generateKey({hash: SHA-1, name: hmac}, false, [verify]) -Fail Success: generateKey({hash: SHA-1, name: hmac}, true, [verify]) -Fail Success: generateKey({hash: SHA-1, name: hmac}, false, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-1, name: hmac}, true, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-256, name: hmac}, false, [sign]) -Fail Success: generateKey({hash: SHA-256, name: hmac}, true, [sign]) -Fail Success: generateKey({hash: SHA-256, name: hmac}, false, [verify, sign]) -Fail Success: generateKey({hash: SHA-256, name: hmac}, true, [verify, sign]) -Fail Success: generateKey({hash: SHA-256, name: hmac}, false, [verify]) -Fail Success: generateKey({hash: SHA-256, name: hmac}, true, [verify]) -Fail Success: generateKey({hash: SHA-256, name: hmac}, false, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-256, name: hmac}, true, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-384, name: hmac}, false, [sign]) -Fail Success: generateKey({hash: SHA-384, name: hmac}, true, [sign]) -Fail Success: generateKey({hash: SHA-384, name: hmac}, false, [verify, sign]) -Fail Success: generateKey({hash: SHA-384, name: hmac}, true, [verify, sign]) -Fail Success: generateKey({hash: SHA-384, name: hmac}, false, [verify]) -Fail Success: generateKey({hash: SHA-384, name: hmac}, true, [verify]) -Fail Success: generateKey({hash: SHA-384, name: hmac}, false, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-384, name: hmac}, true, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-512, name: hmac}, false, [sign]) -Fail Success: generateKey({hash: SHA-512, name: hmac}, true, [sign]) -Fail Success: generateKey({hash: SHA-512, name: hmac}, false, [verify, sign]) -Fail Success: generateKey({hash: SHA-512, name: hmac}, true, [verify, sign]) -Fail Success: generateKey({hash: SHA-512, name: hmac}, false, [verify]) -Fail Success: generateKey({hash: SHA-512, name: hmac}, true, [verify]) -Fail Success: generateKey({hash: SHA-512, name: hmac}, false, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-512, name: hmac}, true, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-1, name: hmac}, false, [sign]) +Pass Success: generateKey({hash: SHA-1, name: hmac}, true, [sign]) +Pass Success: generateKey({hash: SHA-1, name: hmac}, false, [verify, sign]) +Pass Success: generateKey({hash: SHA-1, name: hmac}, true, [verify, sign]) +Pass Success: generateKey({hash: SHA-1, name: hmac}, false, [verify]) +Pass Success: generateKey({hash: SHA-1, name: hmac}, true, [verify]) +Pass Success: generateKey({hash: SHA-1, name: hmac}, false, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-1, name: hmac}, true, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-256, name: hmac}, false, [sign]) +Pass Success: generateKey({hash: SHA-256, name: hmac}, true, [sign]) +Pass Success: generateKey({hash: SHA-256, name: hmac}, false, [verify, sign]) +Pass Success: generateKey({hash: SHA-256, name: hmac}, true, [verify, sign]) +Pass Success: generateKey({hash: SHA-256, name: hmac}, false, [verify]) +Pass Success: generateKey({hash: SHA-256, name: hmac}, true, [verify]) +Pass Success: generateKey({hash: SHA-256, name: hmac}, false, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-256, name: hmac}, true, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-384, name: hmac}, false, [sign]) +Pass Success: generateKey({hash: SHA-384, name: hmac}, true, [sign]) +Pass Success: generateKey({hash: SHA-384, name: hmac}, false, [verify, sign]) +Pass Success: generateKey({hash: SHA-384, name: hmac}, true, [verify, sign]) +Pass Success: generateKey({hash: SHA-384, name: hmac}, false, [verify]) +Pass Success: generateKey({hash: SHA-384, name: hmac}, true, [verify]) +Pass Success: generateKey({hash: SHA-384, name: hmac}, false, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-384, name: hmac}, true, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-512, name: hmac}, false, [sign]) +Pass Success: generateKey({hash: SHA-512, name: hmac}, true, [sign]) +Pass Success: generateKey({hash: SHA-512, name: hmac}, false, [verify, sign]) +Pass Success: generateKey({hash: SHA-512, name: hmac}, true, [verify, sign]) +Pass Success: generateKey({hash: SHA-512, name: hmac}, false, [verify]) +Pass Success: generateKey({hash: SHA-512, name: hmac}, true, [verify]) +Pass Success: generateKey({hash: SHA-512, name: hmac}, false, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-512, name: hmac}, true, [sign, verify, sign, verify]) Pass Success: generateKey({hash: SHA-1, length: 160, name: Hmac}, false, [sign]) Pass Success: generateKey({hash: SHA-1, length: 160, name: Hmac}, true, [sign]) Pass Success: generateKey({hash: SHA-1, length: 160, name: Hmac}, false, [verify, sign]) @@ -164,35 +163,35 @@ Pass Success: generateKey({hash: SHA-512, length: 512, name: Hmac}, false, [veri Pass Success: generateKey({hash: SHA-512, length: 512, name: Hmac}, true, [verify]) Pass Success: generateKey({hash: SHA-512, length: 512, name: Hmac}, false, [sign, verify, sign, verify]) Pass Success: generateKey({hash: SHA-512, length: 512, name: Hmac}, true, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-1, name: Hmac}, false, [sign]) -Fail Success: generateKey({hash: SHA-1, name: Hmac}, true, [sign]) -Fail Success: generateKey({hash: SHA-1, name: Hmac}, false, [verify, sign]) -Fail Success: generateKey({hash: SHA-1, name: Hmac}, true, [verify, sign]) -Fail Success: generateKey({hash: SHA-1, name: Hmac}, false, [verify]) -Fail Success: generateKey({hash: SHA-1, name: Hmac}, true, [verify]) -Fail Success: generateKey({hash: SHA-1, name: Hmac}, false, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-1, name: Hmac}, true, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-256, name: Hmac}, false, [sign]) -Fail Success: generateKey({hash: SHA-256, name: Hmac}, true, [sign]) -Fail Success: generateKey({hash: SHA-256, name: Hmac}, false, [verify, sign]) -Fail Success: generateKey({hash: SHA-256, name: Hmac}, true, [verify, sign]) -Fail Success: generateKey({hash: SHA-256, name: Hmac}, false, [verify]) -Fail Success: generateKey({hash: SHA-256, name: Hmac}, true, [verify]) -Fail Success: generateKey({hash: SHA-256, name: Hmac}, false, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-256, name: Hmac}, true, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-384, name: Hmac}, false, [sign]) -Fail Success: generateKey({hash: SHA-384, name: Hmac}, true, [sign]) -Fail Success: generateKey({hash: SHA-384, name: Hmac}, false, [verify, sign]) -Fail Success: generateKey({hash: SHA-384, name: Hmac}, true, [verify, sign]) -Fail Success: generateKey({hash: SHA-384, name: Hmac}, false, [verify]) -Fail Success: generateKey({hash: SHA-384, name: Hmac}, true, [verify]) -Fail Success: generateKey({hash: SHA-384, name: Hmac}, false, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-384, name: Hmac}, true, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-512, name: Hmac}, false, [sign]) -Fail Success: generateKey({hash: SHA-512, name: Hmac}, true, [sign]) -Fail Success: generateKey({hash: SHA-512, name: Hmac}, false, [verify, sign]) -Fail Success: generateKey({hash: SHA-512, name: Hmac}, true, [verify, sign]) -Fail Success: generateKey({hash: SHA-512, name: Hmac}, false, [verify]) -Fail Success: generateKey({hash: SHA-512, name: Hmac}, true, [verify]) -Fail Success: generateKey({hash: SHA-512, name: Hmac}, false, [sign, verify, sign, verify]) -Fail Success: generateKey({hash: SHA-512, name: Hmac}, true, [sign, verify, sign, verify]) \ No newline at end of file +Pass Success: generateKey({hash: SHA-1, name: Hmac}, false, [sign]) +Pass Success: generateKey({hash: SHA-1, name: Hmac}, true, [sign]) +Pass Success: generateKey({hash: SHA-1, name: Hmac}, false, [verify, sign]) +Pass Success: generateKey({hash: SHA-1, name: Hmac}, true, [verify, sign]) +Pass Success: generateKey({hash: SHA-1, name: Hmac}, false, [verify]) +Pass Success: generateKey({hash: SHA-1, name: Hmac}, true, [verify]) +Pass Success: generateKey({hash: SHA-1, name: Hmac}, false, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-1, name: Hmac}, true, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-256, name: Hmac}, false, [sign]) +Pass Success: generateKey({hash: SHA-256, name: Hmac}, true, [sign]) +Pass Success: generateKey({hash: SHA-256, name: Hmac}, false, [verify, sign]) +Pass Success: generateKey({hash: SHA-256, name: Hmac}, true, [verify, sign]) +Pass Success: generateKey({hash: SHA-256, name: Hmac}, false, [verify]) +Pass Success: generateKey({hash: SHA-256, name: Hmac}, true, [verify]) +Pass Success: generateKey({hash: SHA-256, name: Hmac}, false, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-256, name: Hmac}, true, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-384, name: Hmac}, false, [sign]) +Pass Success: generateKey({hash: SHA-384, name: Hmac}, true, [sign]) +Pass Success: generateKey({hash: SHA-384, name: Hmac}, false, [verify, sign]) +Pass Success: generateKey({hash: SHA-384, name: Hmac}, true, [verify, sign]) +Pass Success: generateKey({hash: SHA-384, name: Hmac}, false, [verify]) +Pass Success: generateKey({hash: SHA-384, name: Hmac}, true, [verify]) +Pass Success: generateKey({hash: SHA-384, name: Hmac}, false, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-384, name: Hmac}, true, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-512, name: Hmac}, false, [sign]) +Pass Success: generateKey({hash: SHA-512, name: Hmac}, true, [sign]) +Pass Success: generateKey({hash: SHA-512, name: Hmac}, false, [verify, sign]) +Pass Success: generateKey({hash: SHA-512, name: Hmac}, true, [verify, sign]) +Pass Success: generateKey({hash: SHA-512, name: Hmac}, false, [verify]) +Pass Success: generateKey({hash: SHA-512, name: Hmac}, true, [verify]) +Pass Success: generateKey({hash: SHA-512, name: Hmac}, false, [sign, verify, sign, verify]) +Pass Success: generateKey({hash: SHA-512, name: Hmac}, true, [sign, verify, sign, verify]) \ No newline at end of file