diff options
author | eroman <eroman@chromium.org> | 2015-10-05 14:18:14 -0700 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2015-10-05 21:19:23 +0000 |
commit | 7961664c905761c2defa01376709e9ea182befaf (patch) | |
tree | 9401edf4dc1a2edbbbd72ddbcfaac960625c21f4 /components/webcrypto | |
parent | ce70785c73a2b7cf2b34de0d8439ca31929b4743 (diff) | |
download | chromium_src-7961664c905761c2defa01376709e9ea182befaf.zip chromium_src-7961664c905761c2defa01376709e9ea182befaf.tar.gz chromium_src-7961664c905761c2defa01376709e9ea182befaf.tar.bz2 |
[webcrypto] Reject PBKDF2 when iterations==0.
BUG=534947
Review URL: https://codereview.chromium.org/1381333002
Cr-Commit-Position: refs/heads/master@{#352430}
Diffstat (limited to 'components/webcrypto')
-rw-r--r-- | components/webcrypto/algorithms/pbkdf2.cc | 3 | ||||
-rw-r--r-- | components/webcrypto/status.cc | 5 | ||||
-rw-r--r-- | components/webcrypto/status.h | 3 |
3 files changed, 11 insertions, 0 deletions
diff --git a/components/webcrypto/algorithms/pbkdf2.cc b/components/webcrypto/algorithms/pbkdf2.cc index b5cf5ca..c3449f5 100644 --- a/components/webcrypto/algorithms/pbkdf2.cc +++ b/components/webcrypto/algorithms/pbkdf2.cc @@ -63,6 +63,9 @@ class Pbkdf2Implementation : public AlgorithmImplementation { const blink::WebCryptoPbkdf2Params* params = algorithm.pbkdf2Params(); + if (params->iterations() == 0) + return Status::ErrorPbkdf2Iterations0(); + const EVP_MD* digest_algorithm = GetDigest(params->hash()); if (!digest_algorithm) return Status::ErrorUnsupported(); diff --git a/components/webcrypto/status.cc b/components/webcrypto/status.cc index 54efffe..4747a7f 100644 --- a/components/webcrypto/status.cc +++ b/components/webcrypto/status.cc @@ -351,6 +351,11 @@ Status Status::ErrorPbkdf2DeriveBitsLengthNotSpecified() { "No length was specified for the PBKDF2 Derive Bits operation."); } +Status Status::ErrorPbkdf2Iterations0() { + return Status(blink::WebCryptoErrorTypeOperation, + "PBKDF2 requires iterations > 0"); +} + Status::Status(blink::WebCryptoErrorType error_type, const std::string& error_details_utf8) : type_(TYPE_ERROR), diff --git a/components/webcrypto/status.h b/components/webcrypto/status.h index 94124db..7143a29 100644 --- a/components/webcrypto/status.h +++ b/components/webcrypto/status.h @@ -265,6 +265,9 @@ class Status { // No length parameter was provided for PBKDF2's Derive Bits operation. static Status ErrorPbkdf2DeriveBitsLengthNotSpecified(); + // PBKDF2 was called with iterations == 0. + static Status ErrorPbkdf2Iterations0(); + private: enum Type { TYPE_ERROR, TYPE_SUCCESS }; |