Bug 170869 - [WebCrypto] Support RSA-PSS
Summary: [WebCrypto] Support RSA-PSS
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore Misc. (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Jiewen Tan
URL:
Keywords: InRadar
Depends on:
Blocks: 166746
  Show dependency treegraph
 
Reported: 2017-04-14 18:25 PDT by Jiewen Tan
Modified: 2017-06-01 16:01 PDT (History)
7 users (show)

See Also:

Attachments
Patch (158.57 KB, patch)
2017-05-22 13:55 PDT, Jiewen Tan 		no flags Details | Formatted Diff | Diff
Patch (158.57 KB, patch)
2017-05-22 15:45 PDT, Jiewen Tan 		no flags Details | Formatted Diff | Diff
Patch (159.12 KB, patch)
2017-05-22 16:32 PDT, Jiewen Tan 		bfulgham: review+
Details | Formatted Diff | Diff
Patch for landing (158.95 KB, patch)
2017-05-23 14:29 PDT, Jiewen Tan 		no flags Details | Formatted Diff | Diff
Patch for landing (159.03 KB, patch)
2017-05-23 15:25 PDT, Jiewen Tan 		commit-queue: commit-queue-
Details | Formatted Diff | Diff
Show Obsolete (3) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jiewen Tan 2017-04-14 18:25:25 PDT 
Support RSA-PSS as specified in: https://www.w3.org/TR/WebCryptoAPI/#rsa-pss.
Comment 1 Jiewen Tan 2017-04-14 18:27:11 PDT 
Currently, the underlying Crypto API we are using, i.e. CommonCrypto, doesn't support RSA-PSS. Therefore, the implementation of RSA-PSS is deferred until either CommonCrypto supports it or we transfer to another Crypto API.
Comment 2 Radar WebKit Bug Importer 2017-04-14 18:27:43 PDT 
<rdar://problem/31640672>
Comment 3 Jiewen Tan 2017-05-22 13:55:56 PDT 
Created attachment 310916 [details]
Patch
Comment 4 Build Bot 2017-05-22 13:58:35 PDT 
Attachment 310916 [details] did not pass style-queue:


ERROR: Source/WebCore/crypto/mac/CryptoAlgorithmRSA_PSSMac.cpp:40:  signRSA_PSS is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/mac/CryptoAlgorithmRSA_PSSMac.cpp:65:  verifyRSA_PSS is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/mac/CryptoAlgorithmRSA_PSSMac.cpp:86:  CryptoAlgorithmRSA_PSS::platformSign is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/mac/CryptoAlgorithmRSA_PSSMac.cpp:109:  CryptoAlgorithmRSA_PSS::platformVerify is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:46:  CryptoAlgorithmRSA_PSS::create is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:51:  CryptoAlgorithmRSA_PSS::identifier is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:56:  CryptoAlgorithmRSA_PSS::sign is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:65:  CryptoAlgorithmRSA_PSS::verify is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:74:  CryptoAlgorithmRSA_PSS::generateKey is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:94:  CryptoAlgorithmRSA_PSS::importKey is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:171:  CryptoAlgorithmRSA_PSS::exportKey is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
Total errors found: 11 in 71 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 5 Jiewen Tan 2017-05-22 15:45:44 PDT 
Created attachment 310940 [details]
Patch
Comment 6 Build Bot 2017-05-22 15:48:57 PDT 
Attachment 310940 [details] did not pass style-queue:


ERROR: Source/WebCore/crypto/mac/CryptoAlgorithmRSA_PSSMac.cpp:40:  signRSA_PSS is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/mac/CryptoAlgorithmRSA_PSSMac.cpp:65:  verifyRSA_PSS is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/mac/CryptoAlgorithmRSA_PSSMac.cpp:86:  CryptoAlgorithmRSA_PSS::platformSign is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/mac/CryptoAlgorithmRSA_PSSMac.cpp:109:  CryptoAlgorithmRSA_PSS::platformVerify is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:46:  CryptoAlgorithmRSA_PSS::create is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:51:  CryptoAlgorithmRSA_PSS::identifier is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:56:  CryptoAlgorithmRSA_PSS::sign is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:65:  CryptoAlgorithmRSA_PSS::verify is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:74:  CryptoAlgorithmRSA_PSS::generateKey is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:94:  CryptoAlgorithmRSA_PSS::importKey is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:171:  CryptoAlgorithmRSA_PSS::exportKey is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
Total errors found: 11 in 71 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 7 Jiewen Tan 2017-05-22 16:32:02 PDT 
Created attachment 310951 [details]
Patch
Comment 8 Build Bot 2017-05-22 16:35:20 PDT 
Attachment 310951 [details] did not pass style-queue:


ERROR: Source/WebCore/crypto/mac/CryptoAlgorithmRSA_PSSMac.cpp:40:  signRSA_PSS is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/mac/CryptoAlgorithmRSA_PSSMac.cpp:65:  verifyRSA_PSS is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/mac/CryptoAlgorithmRSA_PSSMac.cpp:86:  CryptoAlgorithmRSA_PSS::platformSign is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/mac/CryptoAlgorithmRSA_PSSMac.cpp:109:  CryptoAlgorithmRSA_PSS::platformVerify is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:46:  CryptoAlgorithmRSA_PSS::create is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:51:  CryptoAlgorithmRSA_PSS::identifier is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:56:  CryptoAlgorithmRSA_PSS::sign is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:65:  CryptoAlgorithmRSA_PSS::verify is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:74:  CryptoAlgorithmRSA_PSS::generateKey is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:94:  CryptoAlgorithmRSA_PSS::importKey is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:171:  CryptoAlgorithmRSA_PSS::exportKey is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
Total errors found: 11 in 72 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 9 Brent Fulgham 2017-05-22 16:35:31 PDT 
Comment on attachment 310951 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=310951&action=review

r=me assuming the GTK build works properly.

> LayoutTests/TestExpectations:1023
> +# WebCryptoAPI features that hasn't been enabled for current OS

"features that HAVEN'T been enabled..."
Comment 10 Jiewen Tan 2017-05-22 16:47:59 PDT 
Comment on attachment 310951 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=310951&action=review

Thanks Brent for r+ my patch.

>> LayoutTests/TestExpectations:1023
>> +# WebCryptoAPI features that hasn't been enabled for current OS
> 
> "features that HAVEN'T been enabled..."

Fixed.
Comment 11 Jiewen Tan 2017-05-23 14:29:35 PDT 
Created attachment 311052 [details]
Patch for landing
Comment 12 Jiewen Tan 2017-05-23 15:25:33 PDT 
Created attachment 311064 [details]
Patch for landing
Comment 13 Build Bot 2017-05-23 15:31:07 PDT 
Attachment 311064 [details] did not pass style-queue:


ERROR: Source/WebCore/crypto/mac/CryptoAlgorithmRSA_PSSMac.cpp:40:  signRSA_PSS is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/mac/CryptoAlgorithmRSA_PSSMac.cpp:65:  verifyRSA_PSS is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/mac/CryptoAlgorithmRSA_PSSMac.cpp:86:  CryptoAlgorithmRSA_PSS::platformSign is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/mac/CryptoAlgorithmRSA_PSSMac.cpp:109:  CryptoAlgorithmRSA_PSS::platformVerify is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:46:  CryptoAlgorithmRSA_PSS::create is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:51:  CryptoAlgorithmRSA_PSS::identifier is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:56:  CryptoAlgorithmRSA_PSS::sign is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:65:  CryptoAlgorithmRSA_PSS::verify is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:74:  CryptoAlgorithmRSA_PSS::generateKey is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:94:  CryptoAlgorithmRSA_PSS::importKey is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
ERROR: Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:171:  CryptoAlgorithmRSA_PSS::exportKey is incorrectly named. Don't use underscores in your identifier names.  [readability/naming/underscores] [4]
Total errors found: 11 in 72 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 14 WebKit Commit Bot 2017-05-23 16:41:18 PDT 
Comment on attachment 311064 [details]
Patch for landing

Rejecting attachment 311064 [details] from commit-queue.

Failed to run "['/Volumes/Data/EWS/WebKit/Tools/Scripts/webkit-patch', '--status-host=webkit-queues.webkit.org', '--bot-id=webkit-cq-03', 'validate-changelog', '--check-oops', '--non-interactive', 311064, '--port=mac']" exit_code: 1 cwd: /Volumes/Data/EWS/WebKit

ChangeLog entry in Source/WTF/ChangeLog contains OOPS!.

Full output: http://webkit-queues.webkit.org/results/3803267
Comment 15 Jiewen Tan 2017-05-23 17:33:32 PDT 
Committed r217315: <http://trac.webkit.org/changeset/217315>
Comment 16 JF Bastien 2017-06-01 15:44:31 PDT 
Comment on attachment 310951 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=310951&action=review

> Source/WebCore/crypto/mac/CryptoAlgorithmRSA_PSSMac.cpp:58
> +    CCCryptorStatus status = CCRSACryptorSign(key, ccRSAPSSPadding, digestData.data(), digestData.size(), digestAlgorithm, saltLength, signature.data(), &signatureSize);

ccRSAPSSPadding here and line 80 isn't defined anywhere, this fails to compile.
Comment 17 Jiewen Tan 2017-06-01 16:01:37 PDT 
(In reply to JF Bastien from comment #16)
> Comment on attachment 310951 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=310951&action=review
> 
> > Source/WebCore/crypto/mac/CryptoAlgorithmRSA_PSSMac.cpp:58
> > +    CCCryptorStatus status = CCRSACryptorSign(key, ccRSAPSSPadding, digestData.data(), digestData.size(), digestAlgorithm, saltLength, signature.data(), &signatureSize);
> 
> ccRSAPSSPadding here and line 80 isn't defined anywhere, this fails to
> compile.

I have added a flag HAVE_RSA_PSS to enable this for future OS release.