Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1848)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/renderer/webcrypto/shared_crypto.cc

Issue 165373008: [webcrypto] Reject AES-GCM tag lengths other than 32, 64, 96, 104, 112, 120, 128. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/renderer/webcrypto/platform_crypto_nss.cc ('k') | content/renderer/webcrypto/shared_crypto_unittest.cc » ('j') | content/renderer/webcrypto/shared_crypto_unittest.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/renderer/webcrypto/shared_crypto.cc
diff --git a/content/renderer/webcrypto/shared_crypto.cc b/content/renderer/webcrypto/shared_crypto.cc
index fec723909d992b40f842b49004e875c20c77bb38..b960c7fdaa7d01bf2044f9225fc3ac3a65ab6821 100644
--- a/content/renderer/webcrypto/shared_crypto.cc
+++ b/content/renderer/webcrypto/shared_crypto.cc
@@ -94,13 +94,13 @@ Status EncryptDecryptAesGcm(EncryptOrDecrypt mode,
if (!params)
return Status::ErrorUnexpected();
- // TODO(eroman): The spec doesn't define the default value. Assume 128 for now
- // since that is the maximum tag length:
- // http://www.w3.org/2012/webcrypto/track/issues/46
unsigned int tag_length_bits = 128;
if (params->hasTagLengthBits())
tag_length_bits = params->optionalTagLengthBits();
- if (tag_length_bits > 128)
+
+ if (tag_length_bits != 32 && tag_length_bits != 64 && tag_length_bits != 96 &&
+ tag_length_bits != 104 && tag_length_bits != 112 &&
+ tag_length_bits != 120 && tag_length_bits != 128)
return Status::ErrorInvalidAesGcmTagLength();
return platform::EncryptDecryptAesGcm(
« no previous file with comments | « content/renderer/webcrypto/platform_crypto_nss.cc ('k') | content/renderer/webcrypto/shared_crypto_unittest.cc » ('j') | content/renderer/webcrypto/shared_crypto_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698