Source/WebCore:
authorzandobersek@gmail.com <zandobersek@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 25 Jun 2018 07:05:51 +0000 (07:05 +0000)
committerzandobersek@gmail.com <zandobersek@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 25 Jun 2018 07:05:51 +0000 (07:05 +0000)
commit70a4323e37da7f87de638e4e3823a79c32de3ecd
tree9fc7f83ab7d67613c9219a7de1e6a1107ddd89ff
parent4b84f096e440222edc0354be577691810e887641
Source/WebCore:
[GCrypt] Zero-prefix (if necessary) output of RSA-based encryption and signing operations
https://bugs.webkit.org/show_bug.cgi?id=186967

Reviewed by Michael Catanzaro.

Output for RSA-based encryption and signing operations should match the
length of the RSA key. The way we retrieve the MPI data means libgcrypt
can ignore the high-bit zero values and leave us with a valid result
that's shorter in length compared to the RSA key. For instance, if the
output MPI fits into 2040 bits while a 2048-bit key was used we'll end
up with MPI data that will be fitted into a 255-byte Vector, one byte
short of the expected output length.

To avoid this, mpiZeroPrefixedData() is now used when retrieving output
of these RSA operations, and the value of the key size in bytes is
passed to it. This efficiently prepares the output Vector and then
copies the MPI data into it, respecting the MPI data length as well as
the desired length of the output.

No new tests -- relevant tests are now stable (i.e. not sporadically
failing anymore), associated expectations are removed.

* crypto/gcrypt/CryptoAlgorithmECDHGCrypt.cpp:
(WebCore::gcryptDerive): Also use mpiZeroPrefixedData().
* crypto/gcrypt/CryptoAlgorithmRSAES_PKCS1_v1_5GCrypt.cpp:
(WebCore::gcryptEncrypt):
(WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::platformEncrypt):
* crypto/gcrypt/CryptoAlgorithmRSASSA_PKCS1_v1_5GCrypt.cpp:
(WebCore::gcryptSign):
(WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::platformSign):
* crypto/gcrypt/CryptoAlgorithmRSA_OAEPGCrypt.cpp:
(WebCore::gcryptEncrypt):
(WebCore::CryptoAlgorithmRSA_OAEP::platformEncrypt):
* crypto/gcrypt/CryptoAlgorithmRSA_PSSGCrypt.cpp:
(WebCore::gcryptSign):
(WebCore::CryptoAlgorithmRSA_PSS::platformSign):
* crypto/gcrypt/GCryptUtilities.h:
(WebCore::mpiZeroPrefixedData):

LayoutTests:
[GCrypt] Zero-prefix (if necessary) RSA-OAEP encryption, RSA-PSS signing output
https://bugs.webkit.org/show_bug.cgi?id=186967

Reviewed by Michael Catanzaro.

* platform/gtk/TestExpectations: Remove flaky failures for RSA-OAEP and RSA-PSS tests.
* platform/wpe/TestExpectations: Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233138 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/platform/gtk/TestExpectations
LayoutTests/platform/wpe/TestExpectations
Source/WebCore/ChangeLog
Source/WebCore/crypto/gcrypt/CryptoAlgorithmECDHGCrypt.cpp
Source/WebCore/crypto/gcrypt/CryptoAlgorithmRSAES_PKCS1_v1_5GCrypt.cpp
Source/WebCore/crypto/gcrypt/CryptoAlgorithmRSASSA_PKCS1_v1_5GCrypt.cpp
Source/WebCore/crypto/gcrypt/CryptoAlgorithmRSA_OAEPGCrypt.cpp
Source/WebCore/crypto/gcrypt/CryptoAlgorithmRSA_PSSGCrypt.cpp
Source/WebCore/crypto/gcrypt/GCryptUtilities.h