mirrors/ladybird
0
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2025-05-20 18:12:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

WebCrypto: Unspoof correctness of AES-GSM encryption/decryption

Browse source
This commit is contained in:
Ben Wiederhake 2024-12-02 04:09:31 +01:00 committed by Jelle Raaijmakers
parent ccd5b5a705
commit 872a6a11a4
Notes: github-actions[bot] 2024-12-12 20:49:50 +00:00
1 changed files with 7 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

13
Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
View file

@ -2056,12 +2056,13 @@ WebIDL::ExceptionOr<GC::Ref<JS::ArrayBuffer>> AesGcm::encrypt(AlgorithmParams co
[[maybe_unused]] Bytes tag_span = tag.bytes();
// FIXME: cipher.encrypt(plaintext, ciphertext_span, normalized_algorithm.iv, additional_data, tag_span);
return WebIDL::NotSupportedError::create(m_realm, "AES GCM encryption not yet implemented"_string);
// 7. Let ciphertext be equal to C | T, where '|' denotes concatenation.
TRY_OR_THROW_OOM(m_realm->vm(), ciphertext.try_append(tag));
// TRY_OR_THROW_OOM(m_realm->vm(), ciphertext.try_append(tag));
// 8. Return the result of creating an ArrayBuffer containing ciphertext.
return JS::ArrayBuffer::create(m_realm, ciphertext);
// return JS::ArrayBuffer::create(m_realm, ciphertext);
}
WebIDL::ExceptionOr<GC::Ref<JS::ArrayBuffer>> AesGcm::decrypt(AlgorithmParams const& params, GC::Ref<CryptoKey> key, ByteBuffer const& ciphertext)
@ -2118,16 +2119,16 @@ WebIDL::ExceptionOr<GC::Ref<JS::ArrayBuffer>> AesGcm::decrypt(AlgorithmParams co
[[maybe_unused]] Bytes tag_span = tag.bytes();
// FIXME: auto result = cipher.decrypt(ciphertext, plaintext_span, normalized_algorithm.iv, additional_data, tag_span);
auto result = ::Crypto::VerificationConsistency::Inconsistent;
return WebIDL::NotSupportedError::create(m_realm, "AES GCM decryption not yet implemented"_string);
// If the result of the algorithm is the indication of inauthenticity, "FAIL": throw an OperationError
if (result == ::Crypto::VerificationConsistency::Inconsistent)
return WebIDL::OperationError::create(m_realm, "Decryption failed"_string);
// if (result == ::Crypto::VerificationConsistency::Inconsistent)
// return WebIDL::OperationError::create(m_realm, "Decryption failed"_string);
// Otherwise: Let plaintext be the output P of the Authenticated Decryption Function.
// 9. Return the result of creating an ArrayBuffer containing plaintext.
return JS::ArrayBuffer::create(m_realm, plaintext);
// return JS::ArrayBuffer::create(m_realm, plaintext);
}
WebIDL::ExceptionOr<Variant<GC::Ref<CryptoKey>, GC::Ref<CryptoKeyPair>>> AesGcm::generate_key(AlgorithmParams const& params, bool extractable, Vector<Bindings::KeyUsage> const& key_usages)