Bug 164874

Summary: keygen element should not support < 2048 RSA key lengths
Product: WebKit Reporter: Brent Fulgham <bfulgham>
Component: WebCore Misc.Assignee: Brent Fulgham <bfulgham>
Status: RESOLVED FIXED    
Severity: Normal CC: aestes, bfulgham, buildbot, darin, ddkilzer, rniwa, zalan
Priority: P2    
Version: WebKit Nightly Build   
Hardware: All   
OS: All   
Attachments:
Description Flags
Patch
none
Archive of layout-test-results from ews107 for mac-yosemite-wk2
none
Archive of layout-test-results from ews103 for mac-yosemite
none
Patch
none
Archive of layout-test-results from ews112 for mac-yosemite
none
Patch dino: review+

Brent Fulgham
Reported 2016-11-17 10:41:04 PST
The <kengen> tag is currently rendered as a dropdown prompting for RSA key length. The of the three options, 512 and 1024 are insecure and shouldn't be available.
Attachments
Patch (5.98 KB, patch)
2016-11-17 10:48 PST, Brent Fulgham 		no flags
DetailsFormatted DiffDiff
Archive of layout-test-results from ews107 for mac-yosemite-wk2 (1.04 MB, application/zip)
2016-11-17 11:35 PST, Build Bot 		no flags
Details
Archive of layout-test-results from ews103 for mac-yosemite (1.05 MB, application/zip)
2016-11-17 11:38 PST, Build Bot 		no flags
Details
Patch (7.00 KB, patch)
2016-11-17 11:39 PST, Brent Fulgham 		no flags
DetailsFormatted DiffDiff
Archive of layout-test-results from ews112 for mac-yosemite (1.65 MB, application/zip)
2016-11-17 12:32 PST, Build Bot 		no flags
Details
Patch (7.08 KB, patch)
2016-11-17 12:38 PST, Brent Fulgham 		dino: review+
DetailsFormatted DiffDiff
Show Obsolete (5) View All Add attachment proposed patch, testcase, etc.
Brent Fulgham
Comment 1 2016-11-17 10:41:47 PST
We can add new key lengths in a future patch if necessary, but for now we can just help people avoid making bad choices.
Brent Fulgham
Comment 2 2016-11-17 10:48:28 PST
Created attachment 295056 [details] Patch
Build Bot
Comment 3 2016-11-17 11:35:07 PST
Comment on attachment 295056 [details] Patch Attachment 295056 [details] did not pass mac-wk2-ews (mac-wk2): Output: http://webkit-queues.webkit.org/results/2532702 New failing tests: fast/html/keygen.html
Build Bot
Comment 4 2016-11-17 11:35:09 PST
Created attachment 295060 [details] Archive of layout-test-results from ews107 for mac-yosemite-wk2 The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews. Bot: ews107 Port: mac-yosemite-wk2 Platform: Mac OS X 10.10.5
Build Bot
Comment 5 2016-11-17 11:38:49 PST
Comment on attachment 295056 [details] Patch Attachment 295056 [details] did not pass mac-ews (mac): Output: http://webkit-queues.webkit.org/results/2532720 New failing tests: fast/html/keygen.html
Build Bot
Comment 6 2016-11-17 11:38:52 PST
Created attachment 295061 [details] Archive of layout-test-results from ews103 for mac-yosemite The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: ews103 Port: mac-yosemite Platform: Mac OS X 10.10.5
Brent Fulgham
Comment 7 2016-11-17 11:39:37 PST
Created attachment 295062 [details] Patch
Build Bot
Comment 8 2016-11-17 12:32:24 PST
Comment on attachment 295062 [details] Patch Attachment 295062 [details] did not pass mac-debug-ews (mac): Output: http://webkit-queues.webkit.org/results/2532915 New failing tests: fast/html/keygen.html
Build Bot
Comment 9 2016-11-17 12:32:28 PST
Created attachment 295070 [details] Archive of layout-test-results from ews112 for mac-yosemite The attached test failures were seen while running run-webkit-tests on the mac-debug-ews. Bot: ews112 Port: mac-yosemite Platform: Mac OS X 10.10.5
Brent Fulgham
Comment 10 2016-11-17 12:38:20 PST
Created attachment 295071 [details] Patch
Dean Jackson
Comment 11 2016-11-17 12:58:30 PST
Comment on attachment 295071 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=295071&action=review > LayoutTests/ChangeLog:10 > + * platform/mac/fast/html/keygen-expected.txt: > + * platform/mac-elcapitan/fast/html/keygen-expected.txt: Can this be a ref test?
Brent Fulgham
Comment 12 2016-11-17 13:20:26 PST
Committed r208858: <http://trac.webkit.org/changeset/208858>
Note You need to log in before you can comment on or make changes to this bug.