[GCrypt] ECDH bit derivation support
authorzandobersek@gmail.com <zandobersek@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 2 May 2017 06:34:03 +0000 (06:34 +0000)
committerzandobersek@gmail.com <zandobersek@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 2 May 2017 06:34:03 +0000 (06:34 +0000)
commitad9fe352d9f1a394f9c814e5c3bed895049ef1dd
tree575443b7bb895f9f7b3120e2a2f9079a6fc44439
parent5a2c53a62179f243842b3b36f0e21f6632757064
[GCrypt] ECDH bit derivation support
https://bugs.webkit.org/show_bug.cgi?id=171070

Reviewed by Michael Catanzaro.

Source/WebCore:

Implement bit derivation support for the ECDH algorithm for configurations
that use libgcrypt.

This is done by retrieving the private key data and wrapping it in a new
data s-expression. That's then encrypted with the public key, and the
returned s-expression contains the shared point data. That data is then
decoded into an EC point, from which the x-coordinate is retrieved. This
coordinate data is finally our bit derivation result.

* crypto/gcrypt/CryptoAlgorithmECDHGCrypt.cpp:
(WebCore::gcryptDerive):
(WebCore::CryptoAlgorithmECDH::platformDeriveBits):

Source/WebCore/PAL:

Add PAL::GCrypt::HandleDeleter specialization for the
gcry_mpi_point_t type.

* pal/crypto/gcrypt/Handle.h:
(PAL::GCrypt::HandleDeleter<gcry_mpi_point_t>::operator()):

LayoutTests:

The crypto/subtle/ecdh-derive-bits-length-limits.html test is added, testing the
corner-case length values for which the bit derivation operation must succeed or
fail. When specifying 0 as the length, the returned result must match the EC key
size in length. 8, tested as the minimum non-zero value, and the key size for
each key must also correctly resolve and return a resulting ArrayBuffer whose
length in bytes must match the requested length. Derivations for byte-aligned
values should start rejecting immediately for length values that are bigger than
the EC key's length.

* crypto/subtle/ecdh-derive-bits-length-limits-expected.txt: Added.
* crypto/subtle/ecdh-derive-bits-length-limits.html: Added.
* platform/gtk/TestExpectations: Enable Web Crypto ECDH tests under crypto/subtle/
that are passing now that the proper implementation has been added. The remaining
failing ECDH tests use PKCS #8 and SPKI key import/export formats, which are not
supported yet.

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@216060 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/crypto/subtle/ecdh-derive-bits-length-limits-expected.txt [new file with mode: 0644]
LayoutTests/crypto/subtle/ecdh-derive-bits-length-limits.html [new file with mode: 0644]
LayoutTests/platform/gtk/TestExpectations
Source/WebCore/ChangeLog
Source/WebCore/PAL/ChangeLog
Source/WebCore/PAL/pal/crypto/gcrypt/Handle.h
Source/WebCore/crypto/gcrypt/CryptoAlgorithmECDHGCrypt.cpp