Open Bug 1245252 Opened 8 years ago Updated 2 years ago

Clean up WebCrypto API EC key import checks

Categories

(Core :: DOM: Web Crypto, defect, P3)

defect

Tracking

()

People

(Reporter: ttaubert, Unassigned)

References

(Depends on 2 open bugs)

Details

(Whiteboard: [domsecurity-backlog2])

Attachments

(1 file, 2 obsolete files)

The current CryptoKey::PublicKeyValid() method imports a public key and assumes that it's a point on the curve when that doesn't fail. While that's a fair assumption and will probably always be, it would be nice if we wouldn't have to do that. Passing SECItems instead of a public key would be nice for pending PKCS#8 patches too.

Also, due to how PK11_ImportPublicKey() works, this method fails if called twice in a row with the same public key. That's rather unexpected.

Bug 1245244 suggests exposing EC_ValidatePublicKey() via the PKCS#11 API.
Depends on: 1245777
Summary: Replace PublicKeyValid() with a proper PK11 method to validate curve points → Clean up WebCrypto API EC key import checks
Blocks: 1048931
Component: DOM: Security → Security
Component: Security → DOM: Security
Priority: -- → P3
Whiteboard: [domsecurity-backlog2]
Assignee: ttaubert → nobody
Status: ASSIGNED → NEW
Component: DOM: Security → DOM: Web Crypto
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: