Bug 169231 - [WebCrypto] Support Elliptic Curve P-521
Summary: [WebCrypto] Support Elliptic Curve P-521
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore Misc. (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Zan Dobersek
URL:
Keywords: InRadar
Depends on: 175659
Blocks: 175199
  Show dependency treegraph
 
Reported: 2017-03-06 15:57 PST by Jiewen Tan
Modified: 2017-09-21 02:51 PDT (History)
7 users (show)

See Also:


Attachments
WIP patch (12.12 KB, patch)
2017-08-30 08:47 PDT, Zan Dobersek
no flags Details | Formatted Diff | Diff
Patch (14.36 KB, patch)
2017-09-01 01:51 PDT, Zan Dobersek
no flags Details | Formatted Diff | Diff
Patch for landing (14.41 KB, patch)
2017-09-21 02:09 PDT, Zan Dobersek
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Jiewen Tan 2017-03-06 15:57:10 PST
Support Elliptic Curve P-521.
Comment 1 Radar WebKit Bug Importer 2017-03-06 15:57:46 PST
<rdar://problem/30881703>
Comment 2 Jiewen Tan 2017-03-08 18:57:00 PST
Consider writing a test to derive hmac key with length unset. Currently the smallest hmac default length key is 512. No way to derive such large keys from current ECDH.
Comment 3 Zan Dobersek 2017-08-09 12:32:55 PDT
Jiewen, any plans for this?

I implemented some support for this in the WIP patch in bug #175199, but for the tests I focused on the W3C ones, and the libgcrypt implementation is capable of passing a big majority of them.

Do you have some work already lined up? Should we first come up with P-521 versions of the current WebKit layout tests covering EC?
Comment 4 Jiewen Tan 2017-08-09 12:47:35 PDT
(In reply to Zan Dobersek from comment #3)
> Jiewen, any plans for this?
> 
> I implemented some support for this in the WIP patch in bug #175199, but for
> the tests I focused on the W3C ones, and the libgcrypt implementation is
> capable of passing a big majority of them.
> 
> Do you have some work already lined up? Should we first come up with P-521
> versions of the current WebKit layout tests covering EC?

No, I don't have any plans for supporting P-521 yet since it needs the underlying CommonCrypto's support. Given the security strength of P-521, I think it is not needed in a near future. Feel free to implement a GCrypt support with sufficient WebKit tests.
Comment 5 Zan Dobersek 2017-08-30 08:47:38 PDT
Created attachment 319363 [details]
WIP patch
Comment 6 Build Bot 2017-08-30 08:50:09 PDT
Attachment 319363 [details] did not pass style-queue:


ERROR: Source/WebCore/crypto/keys/CryptoKeyEC.h:55:  enum members should use InterCaps with an initial capital letter or initial 'k' for C-style enums.  [readability/enum_casing] [4]
ERROR: Source/WebCore/ChangeLog:8:  You should remove the 'No new tests' and either add and list tests, or explain why no new tests were possible.  [changelog/nonewtests] [5]
Total errors found: 2 in 6 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 7 Zan Dobersek 2017-09-01 01:51:46 PDT
Created attachment 319587 [details]
Patch
Comment 8 Build Bot 2017-09-01 01:53:28 PDT
Attachment 319587 [details] did not pass style-queue:


ERROR: Source/WebCore/crypto/keys/CryptoKeyEC.h:55:  enum members should use InterCaps with an initial capital letter or initial 'k' for C-style enums.  [readability/enum_casing] [4]
Total errors found: 1 in 6 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 9 Jiewen Tan 2017-09-15 13:01:54 PDT
Comment on attachment 319587 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=319587&action=review

Looks good to me. Thanks for adding the support for P-521.

> Source/WebCore/crypto/mac/CryptoKeyECMac.cpp:226
> +        ASSERT_NOT_REACHED();

Probably ASSERT_NOT_REACHED() is better?
Comment 10 Jiewen Tan 2017-09-15 13:03:12 PDT
Comment on attachment 319587 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=319587&action=review

>> Source/WebCore/crypto/mac/CryptoKeyECMac.cpp:226
>> +        ASSERT_NOT_REACHED();
> 
> Probably ASSERT_NOT_REACHED() is better?

Sorry, please ignore this comment.
Comment 11 Zan Dobersek 2017-09-21 02:09:03 PDT
Created attachment 321416 [details]
Patch for landing
Comment 12 Zan Dobersek 2017-09-21 02:09:42 PDT
(In reply to Zan Dobersek from comment #11)
> Created attachment 321416 [details]
> Patch for landing

Thanks for the review. This is just the rebased patch that I'll land in a moment.
Comment 13 Build Bot 2017-09-21 02:12:58 PDT
Attachment 321416 [details] did not pass style-queue:


ERROR: Source/WebCore/crypto/keys/CryptoKeyEC.h:55:  enum members should use InterCaps with an initial capital letter or initial 'k' for C-style enums.  [readability/enum_casing] [4]
Total errors found: 1 in 6 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 14 Zan Dobersek 2017-09-21 02:51:50 PDT
Comment on attachment 321416 [details]
Patch for landing

Clearing flags on attachment: 321416

Committed r222316: <http://trac.webkit.org/changeset/222316>
Comment 15 Zan Dobersek 2017-09-21 02:51:54 PDT
All reviewed patches have been landed.  Closing bug.