Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove dead writes to CryptoKey.extractable in HKDF/PBKDF2.importKey #379

Merged
merged 1 commit into from
Oct 25, 2024
Merged

Remove dead writes to CryptoKey.extractable in HKDF/PBKDF2.importKey #379

merged 1 commit into from
Oct 25, 2024

Conversation

BenWiederhake
Copy link
Collaborator

@BenWiederhake BenWiederhake commented Oct 25, 2024
edited by pr-preview bot
Loading

When these steps execute, it is know due to an earlier step that the argument 'extractable' is false, and that the internal slot will not be read before being overwritten again by SubtleCrypto.importKey:

https://w3c.github.io/webcrypto/#SubtleCrypto-method-importKey

Therefore, it is a dead write. Removing it makes it more similar to all other importKey operations, which do not write the [[extractable]] internal slot either.

Closes #377

As it is a dead write, there is no change in behavior. (Or at least there should be no change in behavior; maybe my reasoning is buggy, but I don't expect it.)

As such, there is no need to extend/adapt the WPT tests. Also, these tests already cover the extractable slot extensively.

Preview | Diff

@BenWiederhake
Remove dead writes to CryptoKey.extractable in HKDF/PBKDF2.importKey
c3d26fb 
When these steps execute, it is know due to an earlier step that the
argument 'extractable' is false, and that the internal slot will not be
read before being overwritten again by SubtleCrypto.importKey:

https://w3c.github.io/webcrypto/#SubtleCrypto-method-importKey

Therefore, it is a dead write. Removing it makes it more similar to all
other importKey operations, which do not write the [[extractable]]
internal slot either.
@w3cbot
Copy link

w3cbot commented Oct 25, 2024

BenWiederhake marked as non substantive for IPR from ash-nazg.

twiss
twiss approved these changes Oct 25, 2024
View reviewed changes
Copy link
Member

@twiss twiss left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 Thanks!

@twiss twiss merged commit 85a4826 into w3c:main Oct 25, 2024
2 checks passed
@BenWiederhake BenWiederhake deleted the dev-dead-writes-hkdf-pbkdf2 branch October 25, 2024 10:48
github-actions bot added a commit that referenced this pull request Oct 25, 2024
@BenWiederhake @github-actions
Remove dead writes to CryptoKey.extractable in HKDF/PBKDF2.importKey (#…
fe51405 
…379)

SHA: 85a4826
Reason: push, by twiss

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
BenWiederhake added a commit to BenWiederhake/ladybird that referenced this pull request Oct 25, 2024
@BenWiederhake
LibWeb: Remove dead write in HKDF/PBKDF importKey operation
0d586ae 
This corresponds to a recent change in the spec:
w3c/webcrypto#379
gmta pushed a commit to LadybirdBrowser/ladybird that referenced this pull request Oct 25, 2024
@BenWiederhake @gmta
LibWeb: Remove dead write in HKDF/PBKDF importKey operation
efad0b5 
This corresponds to a recent change in the spec:
w3c/webcrypto#379
Grubre pushed a commit to Grubre/ladybird that referenced this pull request Oct 26, 2024
@BenWiederhake @Grubre
LibWeb: Remove dead write in HKDF/PBKDF importKey operation
0ae6e2c 
This corresponds to a recent change in the spec:
w3c/webcrypto#379
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@twiss twiss twiss approved these changes

Assignees
No one assigned
Labels
editorial
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

HKDF&PBKDF2: Dead write to "extractable" bit during importKey operation
3 participants
@BenWiederhake @w3cbot @twiss