LayoutTests crypto/subtle/ecdsa-generate-key-sign-verify-p384.html and crypto/subtle...

https://bugs.webkit.org/show_bug.cgi?id=171059
<rdar://problem/31734958>

Reviewed by Brent Fulgham.

Source/WebCore:

Covered by existing tests.

* crypto/mac/CryptoAlgorithmECDSAMac.cpp:
(WebCore::signECDSA):
Enhance ways to convert the DER signatures produced from CommonCrypto to r||s.

LayoutTests:

* TestExpectations:
Remove test expectations.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@215721 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
index 16538b7..90af825 100644 (file)
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,14 @@
+2017-04-24  Jiewen Tan  <jiewen_tan@apple.com>
+
+        LayoutTests crypto/subtle/ecdsa-generate-key-sign-verify-p384.html and crypto/subtle/ecdsa-generate-key-sign-verify-p256.html are flaky failures
+        https://bugs.webkit.org/show_bug.cgi?id=171059
+        <rdar://problem/31734958>
+
+        Reviewed by Brent Fulgham.
+
+        * TestExpectations:
+        Remove test expectations.
+
 2017-04-24  Manuel Rego Casasnovas  <rego@igalia.com>
 
         [selectors4] :focus-within should use the flat tree

diff --git a/LayoutTests/TestExpectations b/LayoutTests/TestExpectations
index 5a9b81a..1a4e2e3 100644 (file)
--- a/LayoutTests/TestExpectations
+++ b/LayoutTests/TestExpectations
@@ -1287,9 +1287,4 @@ webkit.org/b/170704 webrtc/video-mute.html [ Pass Failure ]
 
 webkit.org/b/171031 imported/w3c/web-platform-tests/XMLHttpRequest/getallresponseheaders-cl.htm [ Failure ]
 
-webkit.org/b/171059 crypto/subtle/ecdsa-generate-key-sign-verify-p384.html [ Pass Failure ]
-webkit.org/b/171059 crypto/subtle/ecdsa-generate-key-sign-verify-p256.html [ Pass Failure ]
-
-webkit.org/b/170921 imported/w3c/web-platform-tests/WebCryptoAPI/sign_verify/ecdsa.worker.html [ Pass Failure ]
-
 webkit.org/b/170701 webrtc/datachannel/bufferedAmountLowThreshold.html [ Pass Failure ]

diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog
index 3db082e..40fc75d 100644 (file)
--- a/Source/WebCore/ChangeLog
+++ b/Source/WebCore/ChangeLog
@@ -1,3 +1,17 @@
+2017-04-24  Jiewen Tan  <jiewen_tan@apple.com>
+
+        LayoutTests crypto/subtle/ecdsa-generate-key-sign-verify-p384.html and crypto/subtle/ecdsa-generate-key-sign-verify-p256.html are flaky failures
+        https://bugs.webkit.org/show_bug.cgi?id=171059
+        <rdar://problem/31734958>
+
+        Reviewed by Brent Fulgham.
+
+        Covered by existing tests.
+
+        * crypto/mac/CryptoAlgorithmECDSAMac.cpp:
+        (WebCore::signECDSA):
+        Enhance ways to convert the DER signatures produced from CommonCrypto to r||s.
+
 2017-04-24  Manuel Rego Casasnovas  <rego@igalia.com>
 
         [selectors4] :focus-within should use the flat tree

diff --git a/Source/WebCore/crypto/mac/CryptoAlgorithmECDSAMac.cpp b/Source/WebCore/crypto/mac/CryptoAlgorithmECDSAMac.cpp
index b0440bb..3af7d02 100644 (file)
--- a/Source/WebCore/crypto/mac/CryptoAlgorithmECDSAMac.cpp
+++ b/Source/WebCore/crypto/mac/CryptoAlgorithmECDSAMac.cpp
@@ -84,16 +84,33 @@ static ExceptionOr<Vector<uint8_t>> signECDSA(CryptoAlgorithmIdentifier hash, co
     // convert the DER binary into r + s
     Vector<uint8_t> newSignature;
     newSignature.reserveCapacity(keyLengthInBytes * 2);
-    size_t offset = 4;
-    if (signature[offset] == InitialOctet)
-        offset += 1;
-    ASSERT_WITH_SECURITY_IMPLICATION(signature.size() > offset + keyLengthInBytes);
-    newSignature.append(signature.data() + offset, keyLengthInBytes);
-    offset += keyLengthInBytes + 2;
-    if (signature[offset] == InitialOctet)
-        offset += 1;
-    ASSERT_WITH_SECURITY_IMPLICATION(signature.size() >= offset + keyLengthInBytes);
-    newSignature.append(signature.data() + offset, keyLengthInBytes);
+    size_t offset = 3; // skip tag, length, tag
+
+    // If r < keyLengthInBytes, fill the head of r with 0s.
+    size_t bytesToCopy = keyLengthInBytes;
+    if (signature[offset] < keyLengthInBytes) {
+        newSignature.resize(keyLengthInBytes - signature[offset]);
+        memset(newSignature.data(), InitialOctet, keyLengthInBytes - signature[offset]);
+        bytesToCopy = signature[offset];
+    } else if (signature[offset] > keyLengthInBytes) // Otherwise skip the leading 0s of r.
+        offset += signature[offset] - keyLengthInBytes;
+    offset++; // skip length
+    ASSERT_WITH_SECURITY_IMPLICATION(signature.size() > offset + bytesToCopy);
+    newSignature.append(signature.data() + offset, bytesToCopy);
+    offset += bytesToCopy + 1; // skip r, tag
+
+    // If s < keyLengthInBytes, fill the head of s with 0s.
+    bytesToCopy = keyLengthInBytes;
+    if (signature[offset] < keyLengthInBytes) {
+        size_t pos = newSignature.size();
+        newSignature.resize(pos + keyLengthInBytes - signature[offset]);
+        memset(newSignature.data() + pos, InitialOctet, keyLengthInBytes - signature[offset]);
+        bytesToCopy = signature[offset];
+    } else if (signature[offset] > keyLengthInBytes) // Otherwise skip the leading 0s of s.
+        offset += signature[offset] - keyLengthInBytes;
+    offset++; // skip length
+    ASSERT_WITH_SECURITY_IMPLICATION(signature.size() >= offset + bytesToCopy);
+    newSignature.append(signature.data() + offset, bytesToCopy);
 
     return WTFMove(newSignature);
 }