Changeset 208858 in webkit


Ignore:
Timestamp:
Nov 17, 2016 1:20:20 PM (7 years ago)
Author:
Brent Fulgham
Message:

keygen element should not support < 2048 RSA key lengths
https://bugs.webkit.org/show_bug.cgi?id=164874
<rdar://problem/22618141>

Reviewed by Dean Jackson.

Source/WebCore:

Remove the two insecure RSA choices (512-bit and 1024-bit) so that users
do not accidentally select a bad key length.

Tested by fast/html/keygen.html

  • platform/LocalizedStrings.cpp:

(WebCore::keygenMenuItem512): Deleted.
(WebCore::keygenMenuItem1024): Deleted.

  • platform/LocalizedStrings.h:
  • platform/mac/SSLKeyGeneratorMac.mm:

(WebCore::signedPublicKeyAndChallengeString): ASSERT on bad key size.
(WebCore::getSupportedKeySizes): Remove bad key sizes.
(WebCore::signedPublicKeyAndChallengeString): Ditto.

  • platform/win/SSLKeyGeneratorWin.cpp:

(WebCore::WebCore::getSupportedKeySizes): Ditto.

LayoutTests:

  • platform/mac/fast/html/keygen-expected.txt:
  • platform/mac-elcapitan/fast/html/keygen-expected.txt:
Location:
trunk
Files:
8 edited

Legend:

Unmodified
Added
Removed
  • trunk/LayoutTests/ChangeLog

    r208857 r208858  
     12016-11-17  Brent Fulgham  <bfulgham@apple.com>
     2
     3        keygen element should not support < 2048 RSA key lengths
     4        https://bugs.webkit.org/show_bug.cgi?id=164874
     5        <rdar://problem/22618141>
     6
     7        Reviewed by Dean Jackson.
     8
     9        * platform/mac/fast/html/keygen-expected.txt:
     10        * platform/mac-elcapitan/fast/html/keygen-expected.txt:
     11
    1122016-11-17  Devin Rousso  <dcrousso+webkit@gmail.com>
    213
  • trunk/LayoutTests/platform/mac-elcapitan/fast/html/keygen-expected.txt

    r202826 r208858  
    44  RenderBlock {HTML} at (0,0) size 800x600
    55    RenderBody {BODY} at (8,8) size 784x584
    6       RenderBlock {KEYGEN} at (2,2) size 146x18
    7         RenderMenuList {SELECT} at (0,0) size 146x18 [bgcolor=#FFFFFF]
    8           RenderBlock (anonymous) at (0,0) size 146x18
     6      RenderBlock {KEYGEN} at (2,2) size 128x18
     7        RenderMenuList {SELECT} at (0,0) size 128x18 [bgcolor=#FFFFFF]
     8          RenderBlock (anonymous) at (0,0) size 128x18
    99            RenderText at (8,2) size 97x13
    1010              text run at (8,2) width 97: "2048 (High Grade)"
  • trunk/LayoutTests/platform/mac/fast/html/keygen-expected.txt

    r202826 r208858  
    44  RenderBlock {HTML} at (0,0) size 800x600
    55    RenderBody {BODY} at (8,8) size 784x584
    6       RenderBlock {KEYGEN} at (2,2) size 145x18
    7         RenderMenuList {SELECT} at (0,0) size 145x18 [bgcolor=#FFFFFF]
    8           RenderBlock (anonymous) at (0,0) size 145x18
     6      RenderBlock {KEYGEN} at (2,2) size 128x18
     7        RenderMenuList {SELECT} at (0,0) size 128x18 [bgcolor=#FFFFFF]
     8          RenderBlock (anonymous) at (0,0) size 128x18
    99            RenderText at (8,2) size 99x13
    1010              text run at (8,2) width 99: "2048 (High Grade)"
  • trunk/Source/WebCore/ChangeLog

    r208851 r208858  
     12016-11-17  Brent Fulgham  <bfulgham@apple.com>
     2
     3        keygen element should not support < 2048 RSA key lengths
     4        https://bugs.webkit.org/show_bug.cgi?id=164874
     5        <rdar://problem/22618141>
     6
     7        Reviewed by Dean Jackson.
     8
     9        Remove the two insecure RSA choices (512-bit and 1024-bit) so that users
     10        do not accidentally select a bad key length.
     11
     12        Tested by fast/html/keygen.html
     13
     14        * platform/LocalizedStrings.cpp:
     15        (WebCore::keygenMenuItem512): Deleted.
     16        (WebCore::keygenMenuItem1024): Deleted.
     17        * platform/LocalizedStrings.h:
     18        * platform/mac/SSLKeyGeneratorMac.mm:
     19        (WebCore::signedPublicKeyAndChallengeString): ASSERT on bad key size.
     20        (WebCore::getSupportedKeySizes): Remove bad key sizes.
     21        (WebCore::signedPublicKeyAndChallengeString): Ditto.
     22        * platform/win/SSLKeyGeneratorWin.cpp:
     23        (WebCore::WebCore::getSupportedKeySizes): Ditto.
     24
    1252016-11-17  Eric Carlson  <eric.carlson@apple.com>
    226
  • trunk/Source/WebCore/platform/LocalizedStrings.cpp

    r207860 r208858  
    868868}
    869869
    870 String keygenMenuItem512()
    871 {
    872     return WEB_UI_STRING("512 (Low Grade)", "Menu item title for KEYGEN pop-up menu");
    873 }
    874 
    875 String keygenMenuItem1024()
    876 {
    877     return WEB_UI_STRING("1024 (Medium Grade)", "Menu item title for KEYGEN pop-up menu");
    878 }
    879 
    880870String keygenMenuItem2048()
    881871{
  • trunk/Source/WebCore/platform/LocalizedStrings.h

    r207583 r208858  
    225225    WEBCORE_EXPORT String pdfDocumentTypeDescription();
    226226    WEBCORE_EXPORT String postScriptDocumentTypeDescription();
    227     String keygenMenuItem512();
    228     String keygenMenuItem1024();
    229227    String keygenMenuItem2048();
    230228    String keygenKeychainItemName(const String& host);
  • trunk/Source/WebCore/platform/mac/SSLKeyGeneratorMac.mm

    r204567 r208858  
    125125static String signedPublicKeyAndChallengeString(unsigned keySize, const CString& challenge, const String& keyDescription)
    126126{
     127    ASSERT(keySize >= 2048);
     128
    127129    SignedPublicKeyAndChallenge signedPublicKeyAndChallenge { };
    128130
     
    216218    ASSERT(supportedKeySizes.isEmpty());
    217219    supportedKeySizes.append(keygenMenuItem2048());
    218     supportedKeySizes.append(keygenMenuItem1024());
    219     supportedKeySizes.append(keygenMenuItem512());
    220220}
    221221
     
    228228        keySize = 2048;
    229229        break;
    230     case 1:
    231         keySize = 1024;
    232         break;
    233     case 2:
    234         keySize = 512;
    235         break;
    236230    default:
    237231        ASSERT_NOT_REACHED();
  • trunk/Source/WebCore/platform/win/SSLKeyGeneratorWin.cpp

    r156550 r208858  
    3333    // FIXME: Strings should be localizable.
    3434    v.append("High Grade");
    35     v.append("Medium Grade");
    3635}
    3736
Note: See TracChangeset for help on using the changeset viewer.