RESOLVED FIXED Bug 143458
Implement PBKDF2 in WebCrypto 
https://bugs.webkit.org/show_bug.cgi?id=143458
Summary Implement PBKDF2 in WebCrypto
ryan
Reported 2015-04-06 16:18:39 PDT
The Password Based Key Derivation Function 2.0 (PBKDF2) is crucial for sites that wish to use a password to derive a key versus generating one for a user: https://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html#pbkdf2
Attachments
Patch (5.36 MB, patch)
2017-03-09 04:41 PST, Jiewen Tan 		bfulgham: review+
buildbot: commit-queue-
DetailsFormatted DiffDiff
Archive of layout-test-results from ews103 for mac-elcapitan (904.31 KB, application/zip)
2017-03-09 05:46 PST, Build Bot 		no flags
Details
Archive of layout-test-results from ews105 for mac-elcapitan-wk2 (907.24 KB, application/zip)
2017-03-09 05:50 PST, Build Bot 		no flags
Details
Archive of layout-test-results from ews113 for mac-elcapitan (1.68 MB, application/zip)
2017-03-09 05:53 PST, Build Bot 		no flags
Details
Archive of layout-test-results from ews126 for ios-simulator-wk2 (860.29 KB, application/zip)
2017-03-09 06:03 PST, Build Bot 		no flags
Details
Patch for landing (5.36 MB, patch)
2017-03-09 13:04 PST, Jiewen Tan 		no flags
DetailsFormatted DiffDiff
Show Obsolete (4) View All Add attachment proposed patch, testcase, etc.
Yingle
Comment 1 2016-04-16 13:29:53 PDT
WebKit is lagging on web API support, this is one example. Can someone work on this?
unsung_hero-97
Comment 2 2016-05-19 10:37:48 PDT
+1
Radar WebKit Bug Importer
Comment 3 2016-07-12 16:06:35 PDT
<rdar://problem/27311703>
Jiewen Tan
Comment 4 2017-03-09 04:41:16 PST
Created attachment 303906 [details] Patch
Jiewen Tan
Comment 5 2017-03-09 04:42:06 PST
90% of the patch is w3c tests rebaseline.
WebKit Commit Bot
Comment 6 2017-03-09 04:43:26 PST
Attachment 303906 [details] did not pass style-queue: ERROR: Source/WebCore/crypto/CryptoKey.h:48: enum members should use InterCaps with an initial capital letter or initial 'k' for C-style enums. [readability/enum_casing] [4] Total errors found: 1 in 49 files If any of these errors are false positives, please file a bug against check-webkit-style.
Build Bot
Comment 7 2017-03-09 05:46:10 PST
Comment on attachment 303906 [details] Patch Attachment 303906 [details] did not pass mac-ews (mac): Output: http://webkit-queues.webkit.org/results/3276047 New failing tests: crypto/subtle/derive-key-malformed-parameters.html
Build Bot
Comment 8 2017-03-09 05:46:13 PST
Created attachment 303910 [details] Archive of layout-test-results from ews103 for mac-elcapitan The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: ews103 Port: mac-elcapitan Platform: Mac OS X 10.11.6
Build Bot
Comment 9 2017-03-09 05:50:46 PST
Comment on attachment 303906 [details] Patch Attachment 303906 [details] did not pass mac-wk2-ews (mac-wk2): Output: http://webkit-queues.webkit.org/results/3276078 New failing tests: crypto/subtle/derive-key-malformed-parameters.html
Build Bot
Comment 10 2017-03-09 05:50:49 PST
Created attachment 303912 [details] Archive of layout-test-results from ews105 for mac-elcapitan-wk2 The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews. Bot: ews105 Port: mac-elcapitan-wk2 Platform: Mac OS X 10.11.6
Build Bot
Comment 11 2017-03-09 05:53:23 PST
Comment on attachment 303906 [details] Patch Attachment 303906 [details] did not pass mac-debug-ews (mac): Output: http://webkit-queues.webkit.org/results/3276051 New failing tests: crypto/subtle/derive-key-malformed-parameters.html
Build Bot
Comment 12 2017-03-09 05:53:26 PST
Created attachment 303913 [details] Archive of layout-test-results from ews113 for mac-elcapitan The attached test failures were seen while running run-webkit-tests on the mac-debug-ews. Bot: ews113 Port: mac-elcapitan Platform: Mac OS X 10.11.6
Build Bot
Comment 13 2017-03-09 06:03:03 PST
Comment on attachment 303906 [details] Patch Attachment 303906 [details] did not pass ios-sim-ews (ios-simulator-wk2): Output: http://webkit-queues.webkit.org/results/3276084 New failing tests: crypto/subtle/derive-key-malformed-parameters.html
Build Bot
Comment 14 2017-03-09 06:03:06 PST
Created attachment 303915 [details] Archive of layout-test-results from ews126 for ios-simulator-wk2 The attached test failures were seen while running run-webkit-tests on the ios-sim-ews. Bot: ews126 Port: ios-simulator-wk2 Platform: Mac OS X 10.11.6
Brent Fulgham
Comment 15 2017-03-09 10:40:05 PST
Test failure on Mac (64-bit): crypto/subtle/derive-key-malformed-parameters.html
Brent Fulgham
Comment 16 2017-03-09 10:41:22 PST
Some kind of whitespace issue: --- /Volumes/Data/EWS/WebKit/WebKitBuild/Release/layout-test-results/crypto/subtle/derive-key-malformed-parameters-expected.txt +++ /Volumes/Data/EWS/WebKit/WebKitBuild/Release/layout-test-results/crypto/subtle/derive-key-malformed-parameters-actual.txt @@ -17,7 +17,7 @@ PASS crypto.subtle.deriveKey({ name:"ECDH", public:publicKey }, privateKey, {name: "aes-cbc", length: 1}, extractable, ["encrypt"]) rejected promise with OperationError (DOM Exception 34): Cannot get key length from derivedKeyType. PASS crypto.subtle.deriveKey({ name:"ECDH", public:publicKey }, privateKey, {name: "hmac", hash: "hmac"}, extractable, ["sign"]) rejected promise with NotSupportedError (DOM Exception 9): The operation is not supported.. PASS crypto.subtle.deriveKey({ name:"ECDH", public:publicKey }, privateKey, {name: "hmac", hash: "sha-1", length: 0}, extractable, ["sign"]) rejected promise with TypeError: Cannot get key length from derivedKeyType. -PASS crypto.subtle.deriveKey({ name:"ECDH", public:publicKey }, privateKey, {name: "aes-cbc", length: 128}, extractable, []) rejected promise with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range. +PASS crypto.subtle.deriveKey({ name:"ECDH", public:publicKey }, privateKey, {name: "aes-cbc", length: 128}, extractable, [ ]) rejected promise with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range. PASS successfullyParsed is true TEST COMPLETE
Brent Fulgham
Comment 17 2017-03-09 10:54:21 PST
Comment on attachment 303906 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=303906&action=review Looks great! You have a whitespace error in your tests (which I think I noted below). r=me, but please fix the test. > LayoutTests/crypto/subtle/derive-key-malformed-parameters.html:71 > + return shouldReject('crypto.subtle.deriveKey({ name:"ECDH", public:publicKey }, privateKey, {name: "aes-cbc", length: 128}, extractable, [ ])'); This is either causing your test failure, or you need to add this space somewhere else to match the test output. > LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.worker-expected.txt:3 > +PASS Derived key of type name: AES-CBC length: 128 using short password, short salt, SHA-384, with 1 iterations Yay! > LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.worker-expected.txt:35 > +PASS Derived key of type name: AES-GCM length: 256 using short password, short salt, SHA-384, with 1 iterations Hooray! So many new passes! > LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.worker-expected.txt:8689 > +PASS Derived key of type name: HMAC hash: SHA-512 length: 256 using empty password, empty salt, SHA-256, with 0 iterations That's a lot of new passes! > LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/test_pbkdf2-expected.txt:8691 > +PASS Derived key of type name: HMAC hash: SHA-512 length: 256 using empty password, empty salt, SHA-256, with 0 iterations I'm tired after scanning all of that!
Alexey Proskuryakov
Comment 18 2017-03-09 12:06:24 PST
One general comment. > + * crypto/mac/CryptoAlgorithmPBKDF2Mac.cpp: Added. Mac is not a good directory or name for these, as they are in use on iOS too. I think that CoreCrypto would be best for most, and maybe Darwin for others?
Brent Fulgham
Comment 19 2017-03-09 12:28:14 PST
(In reply to comment #18) > One general comment. > > > + * crypto/mac/CryptoAlgorithmPBKDF2Mac.cpp: Added. > > Mac is not a good directory or name for these, as they are in use on iOS > too. I think that CoreCrypto would be best for most, and maybe Darwin for > others? That's a good point. Jiewen, can you file a radar to do that reorganization? We should tackle that as clean-up in a few weeks.
Jiewen Tan
Comment 20 2017-03-09 12:57:15 PST
(In reply to comment #18) > One general comment. > > > + * crypto/mac/CryptoAlgorithmPBKDF2Mac.cpp: Added. > > Mac is not a good directory or name for these, as they are in use on iOS > too. I think that CoreCrypto would be best for most, and maybe Darwin for > others? Filed: Bug 169432.
Jiewen Tan
Comment 21 2017-03-09 13:04:13 PST
Created attachment 303965 [details] Patch for landing
WebKit Commit Bot
Comment 22 2017-03-09 13:12:48 PST
Attachment 303965 [details] did not pass style-queue: ERROR: Source/WebCore/crypto/CryptoKey.h:48: enum members should use InterCaps with an initial capital letter or initial 'k' for C-style enums. [readability/enum_casing] [4] Total errors found: 1 in 50 files If any of these errors are false positives, please file a bug against check-webkit-style.
Jiewen Tan
Comment 23 2017-03-09 14:24:38 PST
Committed r213671: <http://trac.webkit.org/changeset/213671>
Javier Fernandez
Comment 24 2017-03-10 08:10:26 PST
This patch caused several tests to fail in GTK. see bug #169468 for details.
Note You need to log in before you can comment on or make changes to this bug.