https://bugs.webkit.org/show_bug.cgi?id=164874
<rdar://problem/
22618141>
Reviewed by Dean Jackson.
Source/WebCore:
Remove the two insecure RSA choices (512-bit and 1024-bit) so that users
do not accidentally select a bad key length.
Tested by fast/html/keygen.html
* platform/LocalizedStrings.cpp:
(WebCore::keygenMenuItem512): Deleted.
(WebCore::keygenMenuItem1024): Deleted.
* platform/LocalizedStrings.h:
* platform/mac/SSLKeyGeneratorMac.mm:
(WebCore::signedPublicKeyAndChallengeString): ASSERT on bad key size.
(WebCore::getSupportedKeySizes): Remove bad key sizes.
(WebCore::signedPublicKeyAndChallengeString): Ditto.
* platform/win/SSLKeyGeneratorWin.cpp:
(WebCore::WebCore::getSupportedKeySizes): Ditto.
LayoutTests:
* platform/mac/fast/html/keygen-expected.txt:
* platform/mac-elcapitan/fast/html/keygen-expected.txt:
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@208858
268f45cc-cd09-0410-ab3c-
d52691b4dbfc
+2016-11-17 Brent Fulgham <bfulgham@apple.com>
+
+ keygen element should not support < 2048 RSA key lengths
+ https://bugs.webkit.org/show_bug.cgi?id=164874
+ <rdar://problem/22618141>
+
+ Reviewed by Dean Jackson.
+
+ * platform/mac/fast/html/keygen-expected.txt:
+ * platform/mac-elcapitan/fast/html/keygen-expected.txt:
+
2016-11-17 Devin Rousso <dcrousso+webkit@gmail.com>
Web Inspector: Shift clicking on named color value only shows its hex form
layer at (0,0) size 800x600
RenderBlock {HTML} at (0,0) size 800x600
RenderBody {BODY} at (8,8) size 784x584
- RenderBlock {KEYGEN} at (2,2) size 146x18
- RenderMenuList {SELECT} at (0,0) size 146x18 [bgcolor=#FFFFFF]
- RenderBlock (anonymous) at (0,0) size 146x18
+ RenderBlock {KEYGEN} at (2,2) size 128x18
+ RenderMenuList {SELECT} at (0,0) size 128x18 [bgcolor=#FFFFFF]
+ RenderBlock (anonymous) at (0,0) size 128x18
RenderText at (8,2) size 97x13
text run at (8,2) width 97: "2048 (High Grade)"
RenderText {#text} at (0,0) size 0x0
layer at (0,0) size 800x600
RenderBlock {HTML} at (0,0) size 800x600
RenderBody {BODY} at (8,8) size 784x584
- RenderBlock {KEYGEN} at (2,2) size 145x18
- RenderMenuList {SELECT} at (0,0) size 145x18 [bgcolor=#FFFFFF]
- RenderBlock (anonymous) at (0,0) size 145x18
+ RenderBlock {KEYGEN} at (2,2) size 128x18
+ RenderMenuList {SELECT} at (0,0) size 128x18 [bgcolor=#FFFFFF]
+ RenderBlock (anonymous) at (0,0) size 128x18
RenderText at (8,2) size 99x13
text run at (8,2) width 99: "2048 (High Grade)"
RenderText {#text} at (0,0) size 0x0
+2016-11-17 Brent Fulgham <bfulgham@apple.com>
+
+ keygen element should not support < 2048 RSA key lengths
+ https://bugs.webkit.org/show_bug.cgi?id=164874
+ <rdar://problem/22618141>
+
+ Reviewed by Dean Jackson.
+
+ Remove the two insecure RSA choices (512-bit and 1024-bit) so that users
+ do not accidentally select a bad key length.
+
+ Tested by fast/html/keygen.html
+
+ * platform/LocalizedStrings.cpp:
+ (WebCore::keygenMenuItem512): Deleted.
+ (WebCore::keygenMenuItem1024): Deleted.
+ * platform/LocalizedStrings.h:
+ * platform/mac/SSLKeyGeneratorMac.mm:
+ (WebCore::signedPublicKeyAndChallengeString): ASSERT on bad key size.
+ (WebCore::getSupportedKeySizes): Remove bad key sizes.
+ (WebCore::signedPublicKeyAndChallengeString): Ditto.
+ * platform/win/SSLKeyGeneratorWin.cpp:
+ (WebCore::WebCore::getSupportedKeySizes): Ditto.
+
2016-11-17 Eric Carlson <eric.carlson@apple.com>
[MediaStream][Mac] Use AVCapturePreview object for camera/microphone rendering
return WEB_UI_STRING("PostScript", "Description of the PostScript type supported by the PDF pseudo plug-in. Visible in the Installed Plug-ins page in Safari.");
}
-String keygenMenuItem512()
-{
- return WEB_UI_STRING("512 (Low Grade)", "Menu item title for KEYGEN pop-up menu");
-}
-
-String keygenMenuItem1024()
-{
- return WEB_UI_STRING("1024 (Medium Grade)", "Menu item title for KEYGEN pop-up menu");
-}
-
String keygenMenuItem2048()
{
return WEB_UI_STRING("2048 (High Grade)", "Menu item title for KEYGEN pop-up menu");
WEBCORE_EXPORT String builtInPDFPluginName();
WEBCORE_EXPORT String pdfDocumentTypeDescription();
WEBCORE_EXPORT String postScriptDocumentTypeDescription();
- String keygenMenuItem512();
- String keygenMenuItem1024();
String keygenMenuItem2048();
String keygenKeychainItemName(const String& host);
#endif
static String signedPublicKeyAndChallengeString(unsigned keySize, const CString& challenge, const String& keyDescription)
{
+ ASSERT(keySize >= 2048);
+
SignedPublicKeyAndChallenge signedPublicKeyAndChallenge { };
RetainPtr<SecAccessRef> access;
{
ASSERT(supportedKeySizes.isEmpty());
supportedKeySizes.append(keygenMenuItem2048());
- supportedKeySizes.append(keygenMenuItem1024());
- supportedKeySizes.append(keygenMenuItem512());
}
String signedPublicKeyAndChallengeString(unsigned keySizeIndex, const String& challengeString, const URL& url)
case 0:
keySize = 2048;
break;
- case 1:
- keySize = 1024;
- break;
- case 2:
- keySize = 512;
- break;
default:
ASSERT_NOT_REACHED();
return String();
{
// FIXME: Strings should be localizable.
v.append("High Grade");
- v.append("Medium Grade");
}
String WebCore::signedPublicKeyAndChallengeString(unsigned index, const String& challenge, const URL& url)