Bug 164874 - keygen element should not support < 2048 RSA key lengths
Summary: keygen element should not support < 2048 RSA key lengths
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore Misc. (show other bugs)
Version: WebKit Nightly Build
Hardware: All All
: P2 Normal
Assignee: Brent Fulgham
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-11-17 10:41 PST by Brent Fulgham
Modified: 2016-11-17 13:20 PST (History)
7 users (show)

See Also:

Attachments
Patch (5.98 KB, patch)
2016-11-17 10:48 PST, Brent Fulgham 		no flags Details | Formatted Diff | Diff
Archive of layout-test-results from ews107 for mac-yosemite-wk2 (1.04 MB, application/zip)
2016-11-17 11:35 PST, Build Bot 		no flags Details
Archive of layout-test-results from ews103 for mac-yosemite (1.05 MB, application/zip)
2016-11-17 11:38 PST, Build Bot 		no flags Details
Patch (7.00 KB, patch)
2016-11-17 11:39 PST, Brent Fulgham 		no flags Details | Formatted Diff | Diff
Archive of layout-test-results from ews112 for mac-yosemite (1.65 MB, application/zip)
2016-11-17 12:32 PST, Build Bot 		no flags Details
Patch (7.08 KB, patch)
2016-11-17 12:38 PST, Brent Fulgham 		dino: review+
Details | Formatted Diff | Diff
Show Obsolete (5) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Brent Fulgham 2016-11-17 10:41:04 PST 
The <kengen> tag is currently rendered as a dropdown prompting for RSA key length.  The of the three options, 512 and 1024 are insecure and shouldn't be available.
Comment 1 Brent Fulgham 2016-11-17 10:41:47 PST 
We can add new key lengths in a future patch if necessary, but for now we can just help people avoid making bad choices.
Comment 2 Brent Fulgham 2016-11-17 10:48:28 PST 
Created attachment 295056 [details]
Patch
Comment 3 Build Bot 2016-11-17 11:35:07 PST 
Comment on attachment 295056 [details]
Patch

Attachment 295056 [details] did not pass mac-wk2-ews (mac-wk2):
Output: http://webkit-queues.webkit.org/results/2532702

New failing tests:
fast/html/keygen.html
Comment 4 Build Bot 2016-11-17 11:35:09 PST 
Created attachment 295060 [details]
Archive of layout-test-results from ews107 for mac-yosemite-wk2

The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews.
Bot: ews107  Port: mac-yosemite-wk2  Platform: Mac OS X 10.10.5
Comment 5 Build Bot 2016-11-17 11:38:49 PST 
Comment on attachment 295056 [details]
Patch

Attachment 295056 [details] did not pass mac-ews (mac):
Output: http://webkit-queues.webkit.org/results/2532720

New failing tests:
fast/html/keygen.html
Comment 6 Build Bot 2016-11-17 11:38:52 PST 
Created attachment 295061 [details]
Archive of layout-test-results from ews103 for mac-yosemite

The attached test failures were seen while running run-webkit-tests on the mac-ews.
Bot: ews103  Port: mac-yosemite  Platform: Mac OS X 10.10.5
Comment 7 Brent Fulgham 2016-11-17 11:39:37 PST 
Created attachment 295062 [details]
Patch
Comment 8 Build Bot 2016-11-17 12:32:24 PST 
Comment on attachment 295062 [details]
Patch

Attachment 295062 [details] did not pass mac-debug-ews (mac):
Output: http://webkit-queues.webkit.org/results/2532915

New failing tests:
fast/html/keygen.html
Comment 9 Build Bot 2016-11-17 12:32:28 PST 
Created attachment 295070 [details]
Archive of layout-test-results from ews112 for mac-yosemite

The attached test failures were seen while running run-webkit-tests on the mac-debug-ews.
Bot: ews112  Port: mac-yosemite  Platform: Mac OS X 10.10.5
Comment 10 Brent Fulgham 2016-11-17 12:38:20 PST 
Created attachment 295071 [details]
Patch
Comment 11 Dean Jackson 2016-11-17 12:58:30 PST 
Comment on attachment 295071 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=295071&action=review

> LayoutTests/ChangeLog:10
> +        * platform/mac/fast/html/keygen-expected.txt:
> +        * platform/mac-elcapitan/fast/html/keygen-expected.txt:

Can this be a ref test?
Comment 12 Brent Fulgham 2016-11-17 13:20:26 PST 
Committed r208858: <http://trac.webkit.org/changeset/208858>