Closed Bug 1238277 Opened 9 years ago Closed 9 years ago

WebCrypto API doesn't support PBKDF2 with PRFs other than SHA-1

Categories

(Core :: DOM: Security, defect)

Product:
Core
Component:
DOM: Security
Version:
43 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: daniel, Unassigned)

References

Details

Attachments

(1 file)

ff.html
2.47 KB, text/html
Details
Attached file ff.html
User Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.106 Safari/537.36 Steps to reproduce: I start from the example given here : https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/deriveKey I correct few typos and add three basic conversion functions. The test runs correctly on Chrome (47) but fails in Firefox (43.0.1) Actual results: The method deriveKey() does'nt exit on the then() The console gives : OperationError: The operation failed for an operation-specific reason Expected results: Output of the derived key and hex trace for proof
Status: UNCONFIRMED → NEW
Component: Untriaged → Security
Ever confirmed: true
Product: Firefox → Core
Flags: needinfo?(ttaubert)
Line 50 of the HTML : just replace "SHA-256" by "SHA-1" and it works.
This is going to be fixed after bug 1228410. We first need the NSS 3.22 in mozilla-central to support PRFs other than SHA-1 for PBKDF2. I btw fixed that in bug 554827 a while ago.
Depends on: 554827
Flags: needinfo?(ttaubert)
Component: Security → DOM: Security
Summary: web cryptography api deriveKey → WebCrypto API doesn't support PBKDF2 with PRFs other than SHA-1
Depends on: 1228410
Bug 1216109 confirms that this is now fixed for Firefox 47.
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: