Closed Bug 1285986 Opened 9 years ago Closed 3 years ago

crypto.subtle.encrypt throws wrong error for bad IV length with AES-CBC

Categories

(Core :: DOM: Web Crypto, defect)

46 Branch
defect

Tracking

()

RESOLVED FIXED
107 Branch
Tracking Status
firefox107 --- fixed

People

(Reporter: bugzilla, Assigned: carter, NeedInfo)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36 Steps to reproduce: Open the JavaScript console. Enter the following code: crypto.subtle.generateKey({name: "AES-CBC", length:128}, false, ["encrypt", "decrypt"]) .then(function(key) { crypto.subtle.encrypt( {name: "AES-CBC", iv: crypto.getRandomValues(new Uint8Array(8))}, key, crypto.getRandomValues(new Uint8Array(32))) .then(function(plaintext) {console.log(plaintext.byteLength);}) .catch(function(err) {console.log(err.name);}); }); Actual results: The console displays "DataError". Expected results: The console should have displayed "OperationError" because the IV is not 16 bytes long. See https://w3c.github.io/webcrypto/Overview.html#aes-cbc-operations .
Component: Untriaged → Security
Product: Firefox → Core
Component: Security → DOM: Security
Component: DOM: Security → Security
Component: Security → Security: PSM
Priority: -- → P3
Whiteboard: [psm-backlog]
Severity: normal → S4
Component: Security: PSM → DOM: Web Crypto
Priority: P3 → --
Whiteboard: [psm-backlog]
Assignee: nobody → cartersellgren1
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Attachment #9297065 - Attachment description: Bug 1285986 - [Web Crypto] Changed error when AES-CBC has wrong iv length r=keeler → Bug 1285986 - [Web Crypto] Changed error when AES-CBC, AES-CTR has wrong iv length r=keeler
Pushed by dkeeler@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/dc1d2b9d698b [Web Crypto] Changed error when AES-CBC, AES-CTR has wrong iv length r=keeler

Backed out for causing wpt failures on aes_cbc.https.any.worker.html

Flags: needinfo?(carter)
Pushed by dkeeler@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/48b456031b04 [Web Crypto] Changed error when AES-CBC, AES-CTR has wrong iv length r=keeler
Status: ASSIGNED → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
Target Milestone: --- → 107 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: