mirrors/ladybird
0
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2025-09-02 15:46:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

LibWeb: Omit padding in WebCrypto AES-CBC exportKey

Browse source
This commit is contained in:
Ben Wiederhake 2024-10-28 02:50:29 +01:00 committed by Jelle Raaijmakers
commit 3553861046
Notes: github-actions[bot] 2024-10-28 20:16:50 +00:00
3 changed files with 5 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

3
Tests/LibWeb/Text/expected/Crypto/SubtleCrypto-aescbc.txt
View file

@ -1,4 +1,5 @@
exported key: 32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47 exported key, raw: 32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47
exported key, jwk: {"kty":"oct","key_ops":["encrypt","decrypt"],"alg":"A128CBC","ext":true,"k":"ICEiIyQlJicoKSorLC0uLw"}
ciphertext: 193,138,47,224,83,254,87,179,130,27,206,126,144,28,38,111,123,45,177,85,53,201,206,231,38,234,7,146,184,159,64,117,220,3,201,210,82,171,14,237,82,53,162,239,16,172,50,72 ciphertext: 193,138,47,224,83,254,87,179,130,27,206,126,144,28,38,111,123,45,177,85,53,201,206,231,38,234,7,146,184,159,64,117,220,3,201,210,82,171,14,237,82,53,162,239,16,172,50,72
plaintextRoundtrip: 87,101,108,108,72,101,108,108,111,70,114,105,101,110,100,115,16,16,16,16,16,16,255,16,16,16,16,16,16,16,16,16 plaintextRoundtrip: 87,101,108,108,72,101,108,108,111,70,114,105,101,110,100,115,16,16,16,16,16,16,255,16,16,16,16,16,16,16,16,16
odd padding results in: OperationError odd padding results in: OperationError

3
Tests/LibWeb/Text/input/Crypto/SubtleCrypto-aescbc.html
View file

@ -15,7 +15,8 @@
var aesKey = await window.crypto.subtle.importKey("raw", key, aesAlgorithmKeyGen, true, ["encrypt", "decrypt"]); var aesKey = await window.crypto.subtle.importKey("raw", key, aesAlgorithmKeyGen, true, ["encrypt", "decrypt"]);
// Test "exportKey" operation: // Test "exportKey" operation:
println("exported key: " + new Uint8Array(await window.crypto.subtle.exportKey("raw", aesKey))); println("exported key, raw: " + new Uint8Array(await window.crypto.subtle.exportKey("raw", aesKey)));
println("exported key, jwk: " + JSON.stringify(await window.crypto.subtle.exportKey("jwk", aesKey)));
// Test "encrypt" operation. Note, this is an edge case where CMS causes the ciphertext to be 16 bytes *longer* than the plaintext! // Test "encrypt" operation. Note, this is an edge case where CMS causes the ciphertext to be 16 bytes *longer* than the plaintext!
var ciphertext = new Uint8Array(await window.crypto.subtle.encrypt(aesAlgorithmEncryptDecrypt, aesKey, plaintextEvil)); var ciphertext = new Uint8Array(await window.crypto.subtle.encrypt(aesAlgorithmEncryptDecrypt, aesKey, plaintextEvil));

2
Userland/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
View file

@ -1342,7 +1342,7 @@ WebIDL::ExceptionOr<JS::NonnullGCPtr<JS::Object>> AesCbc::export_key(Bindings::K
// 3. Set the k attribute of jwk to be a string containing the raw octets of the key represented by [[handle]] internal slot of key, encoded according to Section 6.4 of JSON Web Algorithms [JWA]. // 3. Set the k attribute of jwk to be a string containing the raw octets of the key represented by [[handle]] internal slot of key, encoded according to Section 6.4 of JSON Web Algorithms [JWA].
auto const& key_bytes = handle.get<ByteBuffer>(); auto const& key_bytes = handle.get<ByteBuffer>();
jwk.k = TRY_OR_THROW_OOM(m_realm->vm(), encode_base64url(key_bytes)); jwk.k = TRY_OR_THROW_OOM(m_realm->vm(), encode_base64url(key_bytes, AK::OmitPadding::Yes));
// 4. -> If the length attribute of key is 128: // 4. -> If the length attribute of key is 128:
// Set the alg attribute of jwk to the string "A128CBC". // Set the alg attribute of jwk to the string "A128CBC".