keygen element should not support < 2048 RSA key lengths
authorbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 17 Nov 2016 21:20:20 +0000 (21:20 +0000)
committerbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 17 Nov 2016 21:20:20 +0000 (21:20 +0000)
https://bugs.webkit.org/show_bug.cgi?id=164874
<rdar://problem/22618141>

Reviewed by Dean Jackson.

Source/WebCore:

Remove the two insecure RSA choices (512-bit and 1024-bit) so that users
do not accidentally select a bad key length.

Tested by fast/html/keygen.html

* platform/LocalizedStrings.cpp:
(WebCore::keygenMenuItem512): Deleted.
(WebCore::keygenMenuItem1024): Deleted.
* platform/LocalizedStrings.h:
* platform/mac/SSLKeyGeneratorMac.mm:
(WebCore::signedPublicKeyAndChallengeString): ASSERT on bad key size.
(WebCore::getSupportedKeySizes): Remove bad key sizes.
(WebCore::signedPublicKeyAndChallengeString): Ditto.
* platform/win/SSLKeyGeneratorWin.cpp:
(WebCore::WebCore::getSupportedKeySizes): Ditto.

LayoutTests:

* platform/mac/fast/html/keygen-expected.txt:
* platform/mac-elcapitan/fast/html/keygen-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@208858 268f45cc-cd09-0410-ab3c-d52691b4dbfc

LayoutTests/ChangeLog
LayoutTests/platform/mac-elcapitan/fast/html/keygen-expected.txt
LayoutTests/platform/mac/fast/html/keygen-expected.txt
Source/WebCore/ChangeLog
Source/WebCore/platform/LocalizedStrings.cpp
Source/WebCore/platform/LocalizedStrings.h
Source/WebCore/platform/mac/SSLKeyGeneratorMac.mm
Source/WebCore/platform/win/SSLKeyGeneratorWin.cpp

index 06fcb9f..9fb0e94 100644 (file)
@@ -1,3 +1,14 @@
+2016-11-17  Brent Fulgham  <bfulgham@apple.com>
+
+        keygen element should not support < 2048 RSA key lengths
+        https://bugs.webkit.org/show_bug.cgi?id=164874
+        <rdar://problem/22618141>
+
+        Reviewed by Dean Jackson.
+
+        * platform/mac/fast/html/keygen-expected.txt:
+        * platform/mac-elcapitan/fast/html/keygen-expected.txt:
+
 2016-11-17  Devin Rousso  <dcrousso+webkit@gmail.com>
 
         Web Inspector: Shift clicking on named color value only shows its hex form
index fbddff7..d9a8898 100644 (file)
@@ -3,9 +3,9 @@ layer at (0,0) size 800x600
 layer at (0,0) size 800x600
   RenderBlock {HTML} at (0,0) size 800x600
     RenderBody {BODY} at (8,8) size 784x584
-      RenderBlock {KEYGEN} at (2,2) size 146x18
-        RenderMenuList {SELECT} at (0,0) size 146x18 [bgcolor=#FFFFFF]
-          RenderBlock (anonymous) at (0,0) size 146x18
+      RenderBlock {KEYGEN} at (2,2) size 128x18
+        RenderMenuList {SELECT} at (0,0) size 128x18 [bgcolor=#FFFFFF]
+          RenderBlock (anonymous) at (0,0) size 128x18
             RenderText at (8,2) size 97x13
               text run at (8,2) width 97: "2048 (High Grade)"
       RenderText {#text} at (0,0) size 0x0
index 89428e3..efae70c 100644 (file)
@@ -3,9 +3,9 @@ layer at (0,0) size 800x600
 layer at (0,0) size 800x600
   RenderBlock {HTML} at (0,0) size 800x600
     RenderBody {BODY} at (8,8) size 784x584
-      RenderBlock {KEYGEN} at (2,2) size 145x18
-        RenderMenuList {SELECT} at (0,0) size 145x18 [bgcolor=#FFFFFF]
-          RenderBlock (anonymous) at (0,0) size 145x18
+      RenderBlock {KEYGEN} at (2,2) size 128x18
+        RenderMenuList {SELECT} at (0,0) size 128x18 [bgcolor=#FFFFFF]
+          RenderBlock (anonymous) at (0,0) size 128x18
             RenderText at (8,2) size 99x13
               text run at (8,2) width 99: "2048 (High Grade)"
       RenderText {#text} at (0,0) size 0x0
index e26d8ce..e1b25b1 100644 (file)
@@ -1,3 +1,27 @@
+2016-11-17  Brent Fulgham  <bfulgham@apple.com>
+
+        keygen element should not support < 2048 RSA key lengths
+        https://bugs.webkit.org/show_bug.cgi?id=164874
+        <rdar://problem/22618141>
+
+        Reviewed by Dean Jackson.
+
+        Remove the two insecure RSA choices (512-bit and 1024-bit) so that users
+        do not accidentally select a bad key length.
+
+        Tested by fast/html/keygen.html
+
+        * platform/LocalizedStrings.cpp:
+        (WebCore::keygenMenuItem512): Deleted.
+        (WebCore::keygenMenuItem1024): Deleted.
+        * platform/LocalizedStrings.h:
+        * platform/mac/SSLKeyGeneratorMac.mm:
+        (WebCore::signedPublicKeyAndChallengeString): ASSERT on bad key size.
+        (WebCore::getSupportedKeySizes): Remove bad key sizes.
+        (WebCore::signedPublicKeyAndChallengeString): Ditto.
+        * platform/win/SSLKeyGeneratorWin.cpp:
+        (WebCore::WebCore::getSupportedKeySizes): Ditto.
+
 2016-11-17  Eric Carlson  <eric.carlson@apple.com>
 
         [MediaStream][Mac] Use AVCapturePreview object for camera/microphone rendering
index 279813d..3d0e158 100644 (file)
@@ -867,16 +867,6 @@ String postScriptDocumentTypeDescription()
     return WEB_UI_STRING("PostScript", "Description of the PostScript type supported by the PDF pseudo plug-in. Visible in the Installed Plug-ins page in Safari.");
 }
 
-String keygenMenuItem512()
-{
-    return WEB_UI_STRING("512 (Low Grade)", "Menu item title for KEYGEN pop-up menu");
-}
-
-String keygenMenuItem1024()
-{
-    return WEB_UI_STRING("1024 (Medium Grade)", "Menu item title for KEYGEN pop-up menu");
-}
-
 String keygenMenuItem2048()
 {
     return WEB_UI_STRING("2048 (High Grade)", "Menu item title for KEYGEN pop-up menu");
index 7929fc3..7977c85 100644 (file)
@@ -224,8 +224,6 @@ namespace WebCore {
     WEBCORE_EXPORT String builtInPDFPluginName();
     WEBCORE_EXPORT String pdfDocumentTypeDescription();
     WEBCORE_EXPORT String postScriptDocumentTypeDescription();
-    String keygenMenuItem512();
-    String keygenMenuItem1024();
     String keygenMenuItem2048();
     String keygenKeychainItemName(const String& host);
 #endif
index a2193d1..1bac1af 100644 (file)
@@ -124,6 +124,8 @@ static bool signPublicKeyAndChallenge(CSSM_CSP_HANDLE cspHandle, const CSSM_DATA
 
 static String signedPublicKeyAndChallengeString(unsigned keySize, const CString& challenge, const String& keyDescription)
 {
+    ASSERT(keySize >= 2048);
+
     SignedPublicKeyAndChallenge signedPublicKeyAndChallenge { };
 
     RetainPtr<SecAccessRef> access;
@@ -215,8 +217,6 @@ void getSupportedKeySizes(Vector<String>& supportedKeySizes)
 {
     ASSERT(supportedKeySizes.isEmpty());
     supportedKeySizes.append(keygenMenuItem2048());
-    supportedKeySizes.append(keygenMenuItem1024());
-    supportedKeySizes.append(keygenMenuItem512());
 }
 
 String signedPublicKeyAndChallengeString(unsigned keySizeIndex, const String& challengeString, const URL& url)
@@ -227,12 +227,6 @@ String signedPublicKeyAndChallengeString(unsigned keySizeIndex, const String& ch
     case 0:
         keySize = 2048;
         break;
-    case 1:
-        keySize = 1024;
-        break;
-    case 2:
-        keySize = 512;
-        break;
     default:
         ASSERT_NOT_REACHED();
         return String();
index 48de387..92b2d83 100644 (file)
@@ -32,7 +32,6 @@ void WebCore::getSupportedKeySizes(Vector<String>& v)
 {
     // FIXME: Strings should be localizable.
     v.append("High Grade");
-    v.append("Medium Grade");
 }
 
 String WebCore::signedPublicKeyAndChallengeString(unsigned index, const String& challenge, const URL& url)