mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1804788 - WebCrypto: Enable X25519 algorithm r=keeler,jschanck 

Important:

Requires NSS patch: https://phabricator.services.mozilla.com/D214541

Differential Revision: https://phabricator.services.mozilla.com/D213261
This commit is contained in:
Anna Weine 2024-07-25 17:39:09 +00:00
Родитель 590c2ba3c8
Коммит 34ce091cbe
13 изменённых файлов: 213 добавлений и 1866 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

51
dom/crypto/CryptoKey.cpp
Просмотреть файл

@ -212,7 +212,7 @@ void CryptoKey::GetAlgorithm(JSContext* cx,
case KeyAlgorithmProxy::EC:
converted = ToJSValue(cx, mAlgorithm.mEc, &val);
break;
case KeyAlgorithmProxy::ED:
case KeyAlgorithmProxy::OKP:
converted = ToJSValue(cx, mAlgorithm.mEd, &val);
break;
}
@ -447,7 +447,8 @@ uint32_t CryptoKey::GetAllowedUsagesForAlgorithm(const nsString& aAlgorithm) {
allowedUsages = SIGN | VERIFY;
} else if (aAlgorithm.EqualsASCII(WEBCRYPTO_ALG_ECDH) ||
aAlgorithm.EqualsASCII(WEBCRYPTO_ALG_HKDF) ||
aAlgorithm.EqualsASCII(WEBCRYPTO_ALG_PBKDF2)) {
aAlgorithm.EqualsASCII(WEBCRYPTO_ALG_PBKDF2) ||
aAlgorithm.EqualsASCII(WEBCRYPTO_ALG_X25519)) {
allowedUsages = DERIVEBITS | DERIVEKEY;
}
return allowedUsages;
@ -768,7 +769,8 @@ UniqueSECKEYPrivateKey CryptoKey::PrivateKeyFromJwk(const JsonWebKey& aJwk) {
return nullptr;
}
if (!namedCurve.EqualsLiteral(WEBCRYPTO_NAMED_CURVE_ED25519)) {
if (!namedCurve.EqualsLiteral(WEBCRYPTO_NAMED_CURVE_ED25519) &&
!namedCurve.EqualsLiteral(WEBCRYPTO_NAMED_CURVE_CURVE25519)) {
return nullptr;
}
@ -793,7 +795,15 @@ UniqueSECKEYPrivateKey CryptoKey::PrivateKeyFromJwk(const JsonWebKey& aJwk) {
}
// Populate template from parameters
CK_KEY_TYPE ecValue = CKK_EC_EDWARDS;
CK_KEY_TYPE ecValue;
if (namedCurve.EqualsLiteral(WEBCRYPTO_NAMED_CURVE_ED25519)) {
ecValue = CKK_EC_EDWARDS;
} else if (namedCurve.EqualsLiteral(WEBCRYPTO_NAMED_CURVE_CURVE25519)) {
ecValue = CKK_EC_MONTGOMERY;
} else {
return nullptr;
}
CK_ATTRIBUTE keyTemplate[9] = {
{CKA_CLASS, &privateKeyValue, sizeof(privateKeyValue)},
{CKA_KEY_TYPE, &ecValue, sizeof(ecValue)},
@ -835,8 +845,8 @@ bool ReadAndEncodeAttribute(SECKEYPrivateKey* aKey,
return true;
}
bool EDKeyToJwk(const SECItem* aEcParams, const SECItem* aPublicValue,
JsonWebKey& aRetVal) {
bool OKPKeyToJwk(const SECItem* aEcParams, const SECItem* aPublicValue,
JsonWebKey& aRetVal) {
aRetVal.mX.Construct();
SECOidTag tag;
@ -851,6 +861,11 @@ bool EDKeyToJwk(const SECItem* aEcParams, const SECItem* aPublicValue,
aRetVal.mCrv.Construct(
NS_LITERAL_STRING_FROM_CSTRING(WEBCRYPTO_NAMED_CURVE_ED25519));
break;
case SEC_OID_X25519:
flen = 32;
aRetVal.mCrv.Construct(
NS_LITERAL_STRING_FROM_CSTRING(WEBCRYPTO_NAMED_CURVE_CURVE25519));
break;
default:
return false;
}
@ -961,7 +976,9 @@ nsresult CryptoKey::PrivateKeyToJwk(SECKEYPrivateKey* aPrivKey,
aRetVal.mKty = NS_LITERAL_STRING_FROM_CSTRING(JWK_TYPE_RSA);
return NS_OK;
}
case edKey: {
case edKey:
case ecMontKey: {
// Read EC params.
ScopedAutoSECItem params;
SECStatus rv = PK11_ReadRawAttribute(PK11_TypePrivKey, aPrivKey,
@ -979,7 +996,7 @@ nsresult CryptoKey::PrivateKeyToJwk(SECKEYPrivateKey* aPrivKey,
return NS_ERROR_DOM_OPERATION_ERR;
}
if (!EDKeyToJwk(&params, &ecPoint, aRetVal)) {
if (!OKPKeyToJwk(&params, &ecPoint, aRetVal)) {
return NS_ERROR_DOM_OPERATION_ERR;
}
@ -1034,7 +1051,8 @@ KeyType KeyTypeFromCurveName(const nsAString& aNamedCurve) {
aNamedCurve.EqualsLiteral(WEBCRYPTO_NAMED_CURVE_P384) ||
aNamedCurve.EqualsLiteral(WEBCRYPTO_NAMED_CURVE_P521)) {
t = ecKey;
} else if (aNamedCurve.EqualsLiteral(WEBCRYPTO_NAMED_CURVE_ED25519)) {
} else if (aNamedCurve.EqualsLiteral(WEBCRYPTO_NAMED_CURVE_ED25519) ||
aNamedCurve.EqualsLiteral(WEBCRYPTO_NAMED_CURVE_CURVE25519)) {
t = edKey;
}
return t;
@ -1186,7 +1204,8 @@ UniqueSECKEYPublicKey CryptoKey::PublicKeyFromJwk(const JsonWebKey& aJwk) {
return nullptr;
}
if (!namedCurve.EqualsLiteral(WEBCRYPTO_NAMED_CURVE_ED25519)) {
if (!namedCurve.EqualsLiteral(WEBCRYPTO_NAMED_CURVE_ED25519) &&
!namedCurve.EqualsLiteral(WEBCRYPTO_NAMED_CURVE_CURVE25519)) {
return nullptr;
}
@ -1215,17 +1234,19 @@ nsresult CryptoKey::PublicKeyToJwk(SECKEYPublicKey* aPubKey,
return NS_OK;
}
case edKey:
if (!EDKeyToJwk(&aPubKey->u.ec.DEREncodedParams,
&aPubKey->u.ec.publicValue, aRetVal)) {
case ecMontKey:
if (!OKPKeyToJwk(&aPubKey->u.ec.DEREncodedParams,
&aPubKey->u.ec.publicValue, aRetVal)) {
return NS_ERROR_DOM_OPERATION_ERR;
}
return NS_OK;
case ecKey:
case ecKey: {
if (!ECKeyToJwk(PK11_TypePubKey, aPubKey, &aPubKey->u.ec.DEREncodedParams,
&aPubKey->u.ec.publicValue, aRetVal)) {
return NS_ERROR_DOM_OPERATION_ERR;
}
return NS_OK;
}
default:
return NS_ERROR_DOM_NOT_SUPPORTED_ERR;
}
@ -1276,7 +1297,7 @@ nsresult CryptoKey::PublicECKeyToRaw(SECKEYPublicKey* aPubKey,
return NS_OK;
}
UniqueSECKEYPublicKey CryptoKey::PublicEDKeyFromRaw(
UniqueSECKEYPublicKey CryptoKey::PublicOKPKeyFromRaw(
CryptoBuffer& aKeyData, const nsString& aNamedCurve) {
UniquePLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
if (!arena) {
@ -1291,6 +1312,8 @@ UniqueSECKEYPublicKey CryptoKey::PublicEDKeyFromRaw(
uint32_t flen;
if (aNamedCurve.EqualsLiteral(WEBCRYPTO_NAMED_CURVE_ED25519)) {
flen = 32; // bytes
} else if (aNamedCurve.EqualsLiteral(WEBCRYPTO_NAMED_CURVE_CURVE25519)) {
flen = 32;
} else {
return nullptr;
}

4
dom/crypto/CryptoKey.h
Просмотреть файл

@ -172,8 +172,8 @@ class CryptoKey final : public nsISupports, public nsWrapperCache {
static nsresult PublicECKeyToRaw(SECKEYPublicKey* aPubKey,
CryptoBuffer& aRetVal);
static UniqueSECKEYPublicKey PublicEDKeyFromRaw(CryptoBuffer& aKeyData,
const nsString& aNamedCurve);
static UniqueSECKEYPublicKey PublicOKPKeyFromRaw(CryptoBuffer& aKeyData,
const nsString& aNamedCurve);
static bool PublicKeyValid(SECKEYPublicKey* aPubKey);

2
dom/crypto/KeyAlgorithmProxy.cpp
Просмотреть файл

@ -35,7 +35,7 @@ bool KeyAlgorithmProxy::WriteStructuredClone(
}
case EC:
return StructuredCloneHolder::WriteString(aWriter, mEc.mNamedCurve);
case ED:
case OKP:
return true;
}

6
dom/crypto/KeyAlgorithmProxy.h
Просмотреть файл

@ -55,7 +55,7 @@ struct RsaHashedKeyAlgorithmStorage {
// This class encapuslates a KeyAlgorithm object, and adds several
// methods that make WebCrypto operations simpler.
struct KeyAlgorithmProxy {
enum KeyAlgorithmType { AES, HMAC, RSA, EC, KDF, ED };
enum KeyAlgorithmType { AES, HMAC, RSA, EC, KDF, OKP };
KeyAlgorithmType mType;
// Plain is always populated with the algorithm name
@ -123,8 +123,8 @@ struct KeyAlgorithmProxy {
mEc.mNamedCurve = aNamedCurve;
}
void MakeEd(const nsString& aName) {
mType = ED;
void MakeOKP(const nsString& aName) {
mType = OKP;
mName = aName;
mEd.mName = aName;
}

8
dom/crypto/WebCryptoCommon.h
Просмотреть файл

@ -50,6 +50,7 @@ struct JSStructuredCloneWriter;
#define WEBCRYPTO_ALG_ECDH "ECDH"
#define WEBCRYPTO_ALG_ECDSA "ECDSA"
#define WEBCRYPTO_ALG_ED25519 "Ed25519"
#define WEBCRYPTO_ALG_X25519 "X25519"
// WebCrypto key formats
#define WEBCRYPTO_KEY_FORMAT_RAW "raw"
@ -77,6 +78,7 @@ struct JSStructuredCloneWriter;
#define WEBCRYPTO_NAMED_CURVE_P384 "P-384"
#define WEBCRYPTO_NAMED_CURVE_P521 "P-521"
#define WEBCRYPTO_NAMED_CURVE_ED25519 "Ed25519"
#define WEBCRYPTO_NAMED_CURVE_CURVE25519 "X25519"
// JWK key types
#define JWK_TYPE_SYMMETRIC "oct"
@ -240,6 +242,8 @@ inline bool NormalizeToken(const nsString& aName, nsString& aDest) {
aDest.AssignLiteral(WEBCRYPTO_ALG_ECDSA);
} else if (NORMALIZED_EQUALS(aName, WEBCRYPTO_ALG_ED25519)) {
aDest.AssignLiteral(WEBCRYPTO_ALG_ED25519);
} else if (NORMALIZED_EQUALS(aName, WEBCRYPTO_ALG_X25519)) {
aDest.AssignLiteral(WEBCRYPTO_ALG_X25519);
// Named curve values
} else if (NORMALIZED_EQUALS(aName, WEBCRYPTO_NAMED_CURVE_P256)) {
aDest.AssignLiteral(WEBCRYPTO_NAMED_CURVE_P256);
@ -249,6 +253,8 @@ inline bool NormalizeToken(const nsString& aName, nsString& aDest) {
aDest.AssignLiteral(WEBCRYPTO_NAMED_CURVE_P521);
} else if (NORMALIZED_EQUALS(aName, WEBCRYPTO_NAMED_CURVE_ED25519)) {
aDest.AssignLiteral(WEBCRYPTO_NAMED_CURVE_ED25519);
} else if (NORMALIZED_EQUALS(aName, WEBCRYPTO_NAMED_CURVE_CURVE25519)) {
aDest.AssignLiteral(WEBCRYPTO_NAMED_CURVE_CURVE25519);
} else {
return false;
@ -310,6 +316,8 @@ inline SECItem* CreateECParamsForCurve(const nsAString& aNamedCurve,
curveOIDTag = SEC_OID_SECG_EC_SECP521R1;
} else if (aNamedCurve.EqualsLiteral(WEBCRYPTO_NAMED_CURVE_ED25519)) {
curveOIDTag = SEC_OID_ED25519_PUBLIC_KEY;
} else if (aNamedCurve.EqualsLiteral(WEBCRYPTO_NAMED_CURVE_CURVE25519)) {
curveOIDTag = SEC_OID_X25519;
} else {
return nullptr;
}

192
dom/crypto/WebCryptoTask.cpp
Просмотреть файл

@ -87,6 +87,7 @@ enum TelemetryAlgorithm {
TA_HKDF = 23,
TA_DH = 24,
TA_ED25519 = 25,
TA_X25519 = 26,
};
// Convenience functions for extracting / converting information
@ -275,6 +276,9 @@ inline bool MapOIDTagToNamedCurve(SECOidTag aOIDTag, nsString& aResult) {
case SEC_OID_ED25519_PUBLIC_KEY:
aResult.AssignLiteral(WEBCRYPTO_NAMED_CURVE_ED25519);
break;
case SEC_OID_X25519:
aResult.AssignLiteral(WEBCRYPTO_NAMED_CURVE_CURVE25519);
break;
default:
return false;
}
@ -2013,18 +2017,18 @@ class ImportEcKeyTask : public ImportKeyTask {
}
};
class ImportEdKeyTask : public ImportKeyTask {
class ImportOKPKeyTask : public ImportKeyTask {
public:
ImportEdKeyTask(nsIGlobalObject* aGlobal, JSContext* aCx,
const nsAString& aFormat, const ObjectOrString& aAlgorithm,
bool aExtractable, const Sequence<nsString>& aKeyUsages) {
ImportOKPKeyTask(nsIGlobalObject* aGlobal, JSContext* aCx,
const nsAString& aFormat, const ObjectOrString& aAlgorithm,
bool aExtractable, const Sequence<nsString>& aKeyUsages) {
Init(aGlobal, aCx, aFormat, aAlgorithm, aExtractable, aKeyUsages);
}
ImportEdKeyTask(nsIGlobalObject* aGlobal, JSContext* aCx,
const nsAString& aFormat, JS::Handle<JSObject*> aKeyData,
const ObjectOrString& aAlgorithm, bool aExtractable,
const Sequence<nsString>& aKeyUsages) {
ImportOKPKeyTask(nsIGlobalObject* aGlobal, JSContext* aCx,
const nsAString& aFormat, JS::Handle<JSObject*> aKeyData,
const ObjectOrString& aAlgorithm, bool aExtractable,
const Sequence<nsString>& aKeyUsages) {
Init(aGlobal, aCx, aFormat, aAlgorithm, aExtractable, aKeyUsages);
if (NS_FAILED(mEarlyRv)) {
return;
@ -2060,6 +2064,8 @@ class ImportEdKeyTask : public ImportKeyTask {
// Construct an appropriate KeyAlgorithm
if (algName.EqualsLiteral(WEBCRYPTO_ALG_ED25519)) {
mNamedCurve.AssignLiteral(WEBCRYPTO_NAMED_CURVE_ED25519);
} else if (algName.EqualsLiteral(WEBCRYPTO_ALG_X25519)) {
mNamedCurve.AssignLiteral(WEBCRYPTO_NAMED_CURVE_CURVE25519);
} else {
mEarlyRv = NS_ERROR_DOM_NOT_SUPPORTED_ERR;
return;
@ -2118,7 +2124,7 @@ class ImportEdKeyTask : public ImportKeyTask {
!mJwk.mD.WasPassed())) {
// Public key import
if (mFormat.EqualsLiteral(WEBCRYPTO_KEY_FORMAT_RAW)) {
pubKey = CryptoKey::PublicEDKeyFromRaw(mKeyData, mNamedCurve);
pubKey = CryptoKey::PublicOKPKeyFromRaw(mKeyData, mNamedCurve);
} else if (mFormat.EqualsLiteral(WEBCRYPTO_KEY_FORMAT_SPKI)) {
pubKey = CryptoKey::PublicKeyFromSpki(mKeyData);
} else if (mFormat.EqualsLiteral(WEBCRYPTO_KEY_FORMAT_JWK)) {
@ -2132,7 +2138,7 @@ class ImportEdKeyTask : public ImportKeyTask {
}
if (mFormat.EqualsLiteral(WEBCRYPTO_KEY_FORMAT_SPKI)) {
if (pubKey->keyType != edKey) {
if (pubKey->keyType != edKey && pubKey->keyType != ecMontKey) {
return NS_ERROR_DOM_DATA_ERR;
}
if (!CheckEncodedParameters(&pubKey->u.ec.DEREncodedParams)) {
@ -2172,8 +2178,16 @@ class ImportEdKeyTask : public ImportKeyTask {
virtual nsresult AfterCrypto() override {
// Only Ed25519 is supported.
uint32_t privateAllowedUsages = CryptoKey::SIGN;
uint32_t publicAllowedUsages = CryptoKey::VERIFY;
uint32_t privateAllowedUsages = 0;
uint32_t publicAllowedUsages = 0;
if (mAlgName.EqualsLiteral(WEBCRYPTO_ALG_X25519)) {
privateAllowedUsages = CryptoKey::DERIVEKEY | CryptoKey::DERIVEBITS;
publicAllowedUsages = 0;
} else if (mAlgName.EqualsLiteral(WEBCRYPTO_ALG_ED25519)) {
privateAllowedUsages = CryptoKey::SIGN;
publicAllowedUsages = CryptoKey::VERIFY;
}
// Check permissions for the requested operation
if ((mKey->GetKeyType() == CryptoKey::PUBLIC &&
@ -2190,7 +2204,7 @@ class ImportEdKeyTask : public ImportKeyTask {
return NS_ERROR_DOM_SYNTAX_ERR;
}
mKey->Algorithm().MakeEd(mAlgName);
mKey->Algorithm().MakeOKP(mAlgName);
if (mDataIsJwk && !JwkCompatible(mJwk, mKey)) {
return NS_ERROR_DOM_DATA_ERR;
@ -2261,7 +2275,8 @@ class ExportKeyTask : public WebCryptoTask {
switch (mPrivateKey->keyType) {
case rsaKey:
case edKey:
case ecKey: {
case ecKey:
case ecMontKey: {
nsresult rv =
CryptoKey::PrivateKeyToPkcs8(mPrivateKey.get(), mResult);
if (NS_FAILED(rv)) {
@ -2452,6 +2467,104 @@ class GenerateSymmetricKeyTask : public WebCryptoTask {
virtual void Cleanup() override { mKey = nullptr; }
};
class DeriveX25519BitsTask : public ReturnArrayBufferViewTask {
public:
DeriveX25519BitsTask(JSContext* aCx, const ObjectOrString& aAlgorithm,
CryptoKey& aKey, uint32_t aLength)
: mLength(Some(aLength)), mPrivKey(aKey.GetPrivateKey()) {
Init(aCx, aAlgorithm, aKey);
}
DeriveX25519BitsTask(JSContext* aCx, const ObjectOrString& aAlgorithm,
CryptoKey& aKey, const ObjectOrString& aTargetAlgorithm)
: mPrivKey(aKey.GetPrivateKey()) {
Init(aCx, aAlgorithm, aKey);
}
void Init(JSContext* aCx, const ObjectOrString& aAlgorithm, CryptoKey& aKey) {
Telemetry::Accumulate(Telemetry::WEBCRYPTO_ALG, TA_X25519);
CHECK_KEY_ALGORITHM(aKey.Algorithm(), WEBCRYPTO_ALG_X25519);
// Check that we have a private key.
if (!mPrivKey) {
mEarlyRv = NS_ERROR_DOM_INVALID_ACCESS_ERR;
return;
}
// If specified, length must be a multiple of 8 bigger than zero
// (otherwise, the full output of the key derivation is used).
if (mLength) {
if (*mLength == 0 || *mLength % 8) {
mEarlyRv = NS_ERROR_DOM_DATA_ERR;
return;
}
*mLength = *mLength >> 3; // bits to bytes
}
// Retrieve the peer's public key.
RootedDictionary<EcdhKeyDeriveParams> params(aCx);
mEarlyRv = Coerce(aCx, params, aAlgorithm);
if (NS_FAILED(mEarlyRv)) {
/* The returned code is installed by Coerce function. */
return;
}
CHECK_KEY_ALGORITHM(params.mPublic->Algorithm(), WEBCRYPTO_ALG_X25519);
CryptoKey* publicKey = params.mPublic;
mPubKey = publicKey->GetPublicKey();
if (!mPubKey) {
mEarlyRv = NS_ERROR_DOM_INVALID_ACCESS_ERR;
return;
}
}
private:
Maybe<size_t> mLength;
UniqueSECKEYPrivateKey mPrivKey;
UniqueSECKEYPublicKey mPubKey;
virtual nsresult DoCrypto() override {
// CKM_SHA512_HMAC and CKA_SIGN are key type and usage attributes of the
// derived symmetric key and don't matter because we ignore them anyway.
// Derive Bits requires checking that the generated key is not all-zero
// value. See:
// https://wicg.github.io/webcrypto-secure-curves/#x25519-operations This
// step is performed internally inside PK11_PubDeriveWithKDF function.
UniquePK11SymKey symKey(
PK11_PubDeriveWithKDF(mPrivKey.get(), mPubKey.get(), PR_FALSE, nullptr,
nullptr, CKM_ECDH1_DERIVE, CKM_SHA512_HMAC,
CKA_DERIVE, 0, CKD_NULL, nullptr, nullptr));
if (!symKey.get()) {
return NS_ERROR_DOM_OPERATION_ERR;
}
nsresult rv = MapSECStatus(PK11_ExtractKeyValue(symKey.get()));
if (NS_FAILED(rv)) {
return NS_ERROR_DOM_OPERATION_ERR;
}
// This doesn't leak, because the SECItem* returned by PK11_GetKeyData
// just refers to a buffer managed by symKey. The assignment copies the
// data, so mResult manages one copy, while symKey manages another.
ATTEMPT_BUFFER_ASSIGN(mResult, PK11_GetKeyData(symKey.get()));
if (mLength) {
if (*mLength > mResult.Length()) {
return NS_ERROR_DOM_OPERATION_ERR;
}
if (!mResult.SetLength(*mLength, fallible)) {
return NS_ERROR_DOM_UNKNOWN_ERR;
}
}
return NS_OK;
}
};
GenerateAsymmetricKeyTask::GenerateAsymmetricKeyTask(
nsIGlobalObject* aGlobal, JSContext* aCx, const ObjectOrString& aAlgorithm,
bool aExtractable, const Sequence<nsString>& aKeyUsages)
@ -2537,9 +2650,16 @@ GenerateAsymmetricKeyTask::GenerateAsymmetricKeyTask(
mMechanism = CKM_EC_KEY_PAIR_GEN;
}
else if (mAlgName.EqualsLiteral(WEBCRYPTO_ALG_X25519)) {
mKeyPair->mPublicKey->Algorithm().MakeOKP(mAlgName);
mKeyPair->mPrivateKey->Algorithm().MakeOKP(mAlgName);
mMechanism = CKM_EC_MONTGOMERY_KEY_PAIR_GEN;
mNamedCurve.AssignLiteral(WEBCRYPTO_NAMED_CURVE_CURVE25519);
}
else if (mAlgName.EqualsLiteral(WEBCRYPTO_ALG_ED25519)) {
mKeyPair->mPublicKey->Algorithm().MakeEd(mAlgName);
mKeyPair->mPrivateKey->Algorithm().MakeEd(mAlgName);
mKeyPair->mPublicKey->Algorithm().MakeOKP(mAlgName);
mKeyPair->mPrivateKey->Algorithm().MakeOKP(mAlgName);
mMechanism = CKM_EC_EDWARDS_KEY_PAIR_GEN;
mNamedCurve.AssignLiteral(WEBCRYPTO_NAMED_CURVE_ED25519);
}
@ -2553,15 +2673,14 @@ GenerateAsymmetricKeyTask::GenerateAsymmetricKeyTask(
if (mAlgName.EqualsLiteral(WEBCRYPTO_ALG_RSASSA_PKCS1) ||
mAlgName.EqualsLiteral(WEBCRYPTO_ALG_RSA_PSS) ||
mAlgName.EqualsLiteral(WEBCRYPTO_ALG_ECDSA) ||
mAlgName.EqualsLiteral(WEBCRYPTO_ALG_ED25519)
) {
mAlgName.EqualsLiteral(WEBCRYPTO_ALG_ED25519)) {
privateAllowedUsages = CryptoKey::SIGN;
publicAllowedUsages = CryptoKey::VERIFY;
} else if (mAlgName.EqualsLiteral(WEBCRYPTO_ALG_RSA_OAEP)) {
privateAllowedUsages = CryptoKey::DECRYPT | CryptoKey::UNWRAPKEY;
publicAllowedUsages = CryptoKey::ENCRYPT | CryptoKey::WRAPKEY;
} else if (mAlgName.EqualsLiteral(WEBCRYPTO_ALG_ECDH)) {
} else if (mAlgName.EqualsLiteral(WEBCRYPTO_ALG_ECDH) ||
mAlgName.EqualsLiteral(WEBCRYPTO_ALG_X25519)) {
privateAllowedUsages = CryptoKey::DERIVEKEY | CryptoKey::DERIVEBITS;
publicAllowedUsages = 0;
} else {
@ -2605,6 +2724,7 @@ nsresult GenerateAsymmetricKeyTask::DoCrypto() {
case CKM_DH_PKCS_KEY_PAIR_GEN:
param = &mDhParams;
break;
case CKM_EC_MONTGOMERY_KEY_PAIR_GEN:
case CKM_EC_EDWARDS_KEY_PAIR_GEN:
case CKM_EC_KEY_PAIR_GEN: {
param = CreateECParamsForCurve(mNamedCurve, mArena.get());
@ -3291,9 +3411,10 @@ WebCryptoTask* WebCryptoTask::CreateImportKeyTask(
algName.EqualsLiteral(WEBCRYPTO_ALG_ECDSA)) {
return new ImportEcKeyTask(aGlobal, aCx, aFormat, aKeyData, aAlgorithm,
aExtractable, aKeyUsages);
} else if (algName.EqualsLiteral(WEBCRYPTO_ALG_ED25519)) {
return new ImportEdKeyTask(aGlobal, aCx, aFormat, aKeyData, aAlgorithm,
aExtractable, aKeyUsages);
} else if (algName.EqualsLiteral(WEBCRYPTO_ALG_X25519) ||
algName.EqualsLiteral(WEBCRYPTO_ALG_ED25519)) {
return new ImportOKPKeyTask(aGlobal, aCx, aFormat, aKeyData, aAlgorithm,
aExtractable, aKeyUsages);
} else {
return new FailureTask(NS_ERROR_DOM_NOT_SUPPORTED_ERR);
}
@ -3331,7 +3452,8 @@ WebCryptoTask* WebCryptoTask::CreateExportKeyTask(const nsAString& aFormat,
algName.EqualsLiteral(WEBCRYPTO_ALG_RSA_PSS) ||
algName.EqualsLiteral(WEBCRYPTO_ALG_ECDSA) ||
algName.EqualsLiteral(WEBCRYPTO_ALG_ECDH) ||
algName.EqualsLiteral(WEBCRYPTO_ALG_ED25519)) {
algName.EqualsLiteral(WEBCRYPTO_ALG_ED25519) ||
algName.EqualsLiteral(WEBCRYPTO_ALG_X25519)) {
return new ExportKeyTask(aFormat, aKey);
}
return new FailureTask(NS_ERROR_DOM_NOT_SUPPORTED_ERR);
@ -3365,9 +3487,8 @@ WebCryptoTask* WebCryptoTask::CreateGenerateKeyTask(
algName.EqualsASCII(WEBCRYPTO_ALG_RSA_PSS) ||
algName.EqualsASCII(WEBCRYPTO_ALG_ECDH) ||
algName.EqualsASCII(WEBCRYPTO_ALG_ECDSA) ||
algName.EqualsASCII(WEBCRYPTO_ALG_ED25519)
) {
algName.EqualsASCII(WEBCRYPTO_ALG_ED25519) ||
algName.EqualsASCII(WEBCRYPTO_ALG_X25519)) {
return new GenerateAsymmetricKeyTask(aGlobal, aCx, aAlgorithm, aExtractable,
aKeyUsages);
} else {
@ -3403,6 +3524,12 @@ WebCryptoTask* WebCryptoTask::CreateDeriveKeyTask(
aExtractable, aKeyUsages);
}
if (algName.EqualsASCII(WEBCRYPTO_ALG_X25519)) {
return new DeriveKeyTask<DeriveX25519BitsTask>(aGlobal, aCx, aAlgorithm,
aBaseKey, aDerivedKeyType,
aExtractable, aKeyUsages);
}
if (algName.EqualsASCII(WEBCRYPTO_ALG_PBKDF2)) {
return new DeriveKeyTask<DerivePbkdfBitsTask>(aGlobal, aCx, aAlgorithm,
aBaseKey, aDerivedKeyType,
@ -3446,6 +3573,10 @@ WebCryptoTask* WebCryptoTask::CreateDeriveBitsTask(
return new DeriveHkdfBitsTask(aCx, aAlgorithm, aKey, aLength);
}
if (algName.EqualsASCII(WEBCRYPTO_ALG_X25519)) {
return new DeriveX25519BitsTask(aCx, aAlgorithm, aKey, aLength);
}
return new FailureTask(NS_ERROR_DOM_NOT_SUPPORTED_ERR);
}
@ -3540,10 +3671,11 @@ WebCryptoTask* WebCryptoTask::CreateUnwrapKeyTask(
importTask =
new ImportEcKeyTask(aGlobal, aCx, aFormat, aUnwrappedKeyAlgorithm,
aExtractable, aKeyUsages);
} else if (keyAlgName.EqualsLiteral(WEBCRYPTO_ALG_ED25519)) {
} else if (keyAlgName.EqualsLiteral(WEBCRYPTO_ALG_ED25519) ||
keyAlgName.EqualsLiteral(WEBCRYPTO_ALG_X25519)) {
importTask =
new ImportEdKeyTask(aGlobal, aCx, aFormat, aUnwrappedKeyAlgorithm,
aExtractable, aKeyUsages);
new ImportOKPKeyTask(aGlobal, aCx, aFormat, aUnwrappedKeyAlgorithm,
aExtractable, aKeyUsages);
} else {
return new FailureTask(NS_ERROR_DOM_NOT_SUPPORTED_ERR);
}

48
testing/web-platform/meta/WebCryptoAPI/derive_bits_keys/cfrg_curves_bits.https.any.js.ini
Просмотреть файл

@ -1,34 +1,10 @@
[cfrg_curves_bits.https.any.html]
[X25519 good parameters]
expected: FAIL
[X25519 mixed case parameters]
expected: FAIL
[X25519 short result]
expected: FAIL
[X25519 non-multiple of 8 bits]
expected: FAIL
[X25519 mismatched algorithms]
expected: FAIL
[X25519 no deriveBits usage for base key]
expected: FAIL
[X25519 base key is not a private key]
expected: FAIL
[X25519 public property value is a private key]
expected: FAIL
[X25519 public property value is a secret key]
expected: FAIL
[X25519 asking for too many bits]
expected: FAIL
[X448 good parameters]
expected: FAIL
@ -94,36 +70,12 @@
[cfrg_curves_bits.https.any.worker.html]
[X25519 good parameters]
expected: FAIL
[X25519 mixed case parameters]
expected: FAIL
[X25519 short result]
expected: FAIL
[X25519 non-multiple of 8 bits]
expected: FAIL
[X25519 mismatched algorithms]
expected: FAIL
[X25519 no deriveBits usage for base key]
expected: FAIL
[X25519 base key is not a private key]
expected: FAIL
[X25519 public property value is a private key]
expected: FAIL
[X25519 public property value is a secret key]
expected: FAIL
[X25519 asking for too many bits]
expected: FAIL
[X448 good parameters]
expected: FAIL

42
testing/web-platform/meta/WebCryptoAPI/derive_bits_keys/cfrg_curves_keys.https.any.js.ini
Просмотреть файл

@ -1,27 +1,9 @@
[cfrg_curves_keys.https.any.html]
expected:
if (os == "android") and fission: [OK, TIMEOUT]
[X25519 good parameters]
expected: FAIL
[X25519 mixed case parameters]
expected: FAIL
[X25519 mismatched algorithms]
expected: FAIL
[X25519 no deriveKey usage for base key]
expected: FAIL
[X25519 base key is not a private key]
expected: FAIL
[X25519 public property value is a private key]
expected: FAIL
[X25519 public property value is a secret key]
expected: FAIL
[X448 good parameters]
expected: FAIL
@ -76,9 +58,6 @@
[X448 deriveBits checks for all-zero value result with a key of order p+1 (=1, order 1)]
expected: FAIL
[Key derivation using a X25519 generated keys.]
expected: FAIL
[Key derivation using a X448 generated keys.]
expected: FAIL
@ -86,27 +65,9 @@
[cfrg_curves_keys.https.any.worker.html]
expected:
if (os == "android") and fission: [OK, TIMEOUT]
[X25519 good parameters]
expected: FAIL
[X25519 mixed case parameters]
expected: FAIL
[X25519 mismatched algorithms]
expected: FAIL
[X25519 no deriveKey usage for base key]
expected: FAIL
[X25519 base key is not a private key]
expected: FAIL
[X25519 public property value is a private key]
expected: FAIL
[X25519 public property value is a secret key]
expected: FAIL
[X448 good parameters]
expected: FAIL
@ -161,8 +122,5 @@
[X448 deriveBits checks for all-zero value result with a key of order p+1 (=1, order 1)]
expected: FAIL
[Key derivation using a X25519 generated keys.]
expected: FAIL
[Key derivation using a X448 generated keys.]
expected: FAIL

6
testing/web-platform/meta/WebCryptoAPI/derive_bits_keys/derived_bits_length.https.any.js.ini
Просмотреть файл

@ -17,9 +17,6 @@
[ECDH derivation with omitted as 'length' parameter]
expected: FAIL
[X25519 derivation with 256 as 'length' parameter]
expected: FAIL
[X25519 derivation with 0 as 'length' parameter]
expected: FAIL
@ -52,9 +49,6 @@
[ECDH derivation with omitted as 'length' parameter]
expected: FAIL
[X25519 derivation with 256 as 'length' parameter]
expected: FAIL
[X25519 derivation with 0 as 'length' parameter]
expected: FAIL

191
testing/web-platform/meta/WebCryptoAPI/generateKey/failures_X25519.https.any.js.ini
Просмотреть файл

@ -1,198 +1,7 @@
[failures_X25519.https.any.html]
expected:
if (os == "android") and fission: [OK, TIMEOUT]
[Bad usages: generateKey({name: X25519}, true, [encrypt\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, encrypt\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, deriveKey, encrypt\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, encrypt\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, encrypt\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [decrypt\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, decrypt\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, deriveKey, decrypt\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, decrypt\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, decrypt\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [sign\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, sign\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, deriveKey, sign\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, sign\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, sign\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [verify\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, verify\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, deriveKey, verify\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, verify\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, verify\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [wrapKey\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, wrapKey\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, deriveKey, wrapKey\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, wrapKey\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, wrapKey\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [unwrapKey\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, unwrapKey\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, deriveKey, unwrapKey\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, unwrapKey\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, unwrapKey\])]
expected: FAIL
[Empty usages: generateKey({name: X25519}, false, [\])]
expected: FAIL
[Empty usages: generateKey({name: X25519}, true, [\])]
expected: FAIL
[failures_X25519.https.any.worker.html]
expected:
if (os == "android") and fission: [OK, TIMEOUT]
[Bad usages: generateKey({name: X25519}, true, [encrypt\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, encrypt\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, deriveKey, encrypt\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, encrypt\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, encrypt\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [decrypt\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, decrypt\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, deriveKey, decrypt\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, decrypt\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, decrypt\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [sign\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, sign\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, deriveKey, sign\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, sign\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, sign\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [verify\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, verify\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, deriveKey, verify\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, verify\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, verify\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [wrapKey\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, wrapKey\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, deriveKey, wrapKey\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, wrapKey\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, wrapKey\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [unwrapKey\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, unwrapKey\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, deriveKey, unwrapKey\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveBits, unwrapKey\])]
expected: FAIL
[Bad usages: generateKey({name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, unwrapKey\])]
expected: FAIL
[Empty usages: generateKey({name: X25519}, false, [\])]
expected: FAIL
[Empty usages: generateKey({name: X25519}, true, [\])]
expected: FAIL

95
testing/web-platform/meta/WebCryptoAPI/generateKey/successes_X25519.https.any.js.ini
Просмотреть файл

@ -1,102 +1,7 @@
[successes_X25519.https.any.worker.html]
expected:
if (os == "android") and fission: [OK, TIMEOUT]
[Success: generateKey({name: X25519}, false, [deriveKey\])]
expected: FAIL
[Success: generateKey({name: X25519}, true, [deriveKey\])]
expected: FAIL
[Success: generateKey({name: X25519}, false, [deriveBits, deriveKey\])]
expected: FAIL
[Success: generateKey({name: X25519}, true, [deriveBits, deriveKey\])]
expected: FAIL
[Success: generateKey({name: X25519}, false, [deriveBits\])]
expected: FAIL
[Success: generateKey({name: X25519}, true, [deriveBits\])]
expected: FAIL
[Success: generateKey({name: X25519}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits\])]
expected: FAIL
[Success: generateKey({name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits\])]
expected: FAIL
[Success: generateKey({name: x25519}, false, [deriveKey\])]
expected: FAIL
[Success: generateKey({name: x25519}, true, [deriveKey\])]
expected: FAIL
[Success: generateKey({name: x25519}, false, [deriveBits, deriveKey\])]
expected: FAIL
[Success: generateKey({name: x25519}, true, [deriveBits, deriveKey\])]
expected: FAIL
[Success: generateKey({name: x25519}, false, [deriveBits\])]
expected: FAIL
[Success: generateKey({name: x25519}, true, [deriveBits\])]
expected: FAIL
[Success: generateKey({name: x25519}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits\])]
expected: FAIL
[Success: generateKey({name: x25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits\])]
expected: FAIL
[successes_X25519.https.any.html]
expected:
if (os == "android") and fission: [OK, TIMEOUT]
[Success: generateKey({name: X25519}, false, [deriveKey\])]
expected: FAIL
[Success: generateKey({name: X25519}, true, [deriveKey\])]
expected: FAIL
[Success: generateKey({name: X25519}, false, [deriveBits, deriveKey\])]
expected: FAIL
[Success: generateKey({name: X25519}, true, [deriveBits, deriveKey\])]
expected: FAIL
[Success: generateKey({name: X25519}, false, [deriveBits\])]
expected: FAIL
[Success: generateKey({name: X25519}, true, [deriveBits\])]
expected: FAIL
[Success: generateKey({name: X25519}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits\])]
expected: FAIL
[Success: generateKey({name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits\])]
expected: FAIL
[Success: generateKey({name: x25519}, false, [deriveKey\])]
expected: FAIL
[Success: generateKey({name: x25519}, true, [deriveKey\])]
expected: FAIL
[Success: generateKey({name: x25519}, false, [deriveBits, deriveKey\])]
expected: FAIL
[Success: generateKey({name: x25519}, true, [deriveBits, deriveKey\])]
expected: FAIL
[Success: generateKey({name: x25519}, false, [deriveBits\])]
expected: FAIL
[Success: generateKey({name: x25519}, true, [deriveBits\])]
expected: FAIL
[Success: generateKey({name: x25519}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits\])]
expected: FAIL
[Success: generateKey({name: x25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits\])]
expected: FAIL

162
testing/web-platform/meta/WebCryptoAPI/import_export/okp_importKey.https.any.js.ini
Просмотреть файл

@ -25,54 +25,6 @@
[Good parameters: Ed448 bits (jwk, object(crv, d, x, kty), {name: Ed448}, false, [sign\])]
expected: FAIL
[Good parameters: X25519 bits (spki, buffer(44), {name: X25519}, true, [\])]
expected: FAIL
[Good parameters: X25519 bits (jwk, object(kty, crv, x), {name: X25519}, true, [\])]
expected: FAIL
[Good parameters: X25519 bits (pkcs8, buffer(48), {name: X25519}, true, [deriveKey\])]
expected: FAIL
[Good parameters: X25519 bits (jwk, object(crv, d, x, kty), {name: X25519}, true, [deriveKey\])]
expected: FAIL
[Good parameters: X25519 bits (pkcs8, buffer(48), {name: X25519}, true, [deriveBits, deriveKey\])]
expected: FAIL
[Good parameters: X25519 bits (jwk, object(crv, d, x, kty), {name: X25519}, true, [deriveBits, deriveKey\])]
expected: FAIL
[Good parameters: X25519 bits (pkcs8, buffer(48), {name: X25519}, true, [deriveBits\])]
expected: FAIL
[Good parameters: X25519 bits (jwk, object(crv, d, x, kty), {name: X25519}, true, [deriveBits\])]
expected: FAIL
[Good parameters: X25519 bits (spki, buffer(44), {name: X25519}, false, [\])]
expected: FAIL
[Good parameters: X25519 bits (jwk, object(kty, crv, x), {name: X25519}, false, [\])]
expected: FAIL
[Good parameters: X25519 bits (pkcs8, buffer(48), {name: X25519}, false, [deriveKey\])]
expected: FAIL
[Good parameters: X25519 bits (jwk, object(crv, d, x, kty), {name: X25519}, false, [deriveKey\])]
expected: FAIL
[Good parameters: X25519 bits (pkcs8, buffer(48), {name: X25519}, false, [deriveBits, deriveKey\])]
expected: FAIL
[Good parameters: X25519 bits (jwk, object(crv, d, x, kty), {name: X25519}, false, [deriveBits, deriveKey\])]
expected: FAIL
[Good parameters: X25519 bits (pkcs8, buffer(48), {name: X25519}, false, [deriveBits\])]
expected: FAIL
[Good parameters: X25519 bits (jwk, object(crv, d, x, kty), {name: X25519}, false, [deriveBits\])]
expected: FAIL
[Good parameters: X448 bits (spki, buffer(68), {name: X448}, true, [\])]
expected: FAIL
@ -127,12 +79,6 @@
[Good parameters: Ed448 bits (raw, buffer(57), {name: Ed448}, false, [\])]
expected: FAIL
[Good parameters: X25519 bits (raw, buffer(32), {name: X25519}, true, [\])]
expected: FAIL
[Good parameters: X25519 bits (raw, buffer(32), {name: X25519}, false, [\])]
expected: FAIL
[Good parameters: X448 bits (raw, buffer(56), {name: X448}, true, [\])]
expected: FAIL
@ -187,18 +133,6 @@
[Good parameters: Ed448 bits (jwk, object(crv, d, x, kty), {name: Ed448}, false, [sign, sign\])]
expected: FAIL
[Good parameters: X25519 bits (pkcs8, buffer(48), {name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits\])]
expected: FAIL
[Good parameters: X25519 bits (jwk, object(crv, d, x, kty), {name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits\])]
expected: FAIL
[Good parameters: X25519 bits (pkcs8, buffer(48), {name: X25519}, false, [deriveKey, deriveBits, deriveKey, deriveBits\])]
expected: FAIL
[Good parameters: X25519 bits (jwk, object(crv, d, x, kty), {name: X25519}, false, [deriveKey, deriveBits, deriveKey, deriveBits\])]
expected: FAIL
[Good parameters: X448 bits (pkcs8, buffer(72), {name: X448}, true, [deriveKey, deriveBits, deriveKey, deriveBits\])]
expected: FAIL
@ -226,21 +160,6 @@
[Good parameters with ignored JWK alg: Ed448 (jwk, object(crv, d, x, kty), {name: Ed448}, true, [sign, sign\])]
expected: FAIL
[Good parameters with ignored JWK alg: X25519 (jwk, object(kty, crv, x), {name: X25519}, true, [\])]
expected: FAIL
[Good parameters with ignored JWK alg: X25519 (jwk, object(crv, d, x, kty), {name: X25519}, true, [deriveKey\])]
expected: FAIL
[Good parameters with ignored JWK alg: X25519 (jwk, object(crv, d, x, kty), {name: X25519}, true, [deriveBits, deriveKey\])]
expected: FAIL
[Good parameters with ignored JWK alg: X25519 (jwk, object(crv, d, x, kty), {name: X25519}, true, [deriveBits\])]
expected: FAIL
[Good parameters with ignored JWK alg: X25519 (jwk, object(crv, d, x, kty), {name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits\])]
expected: FAIL
[Good parameters with ignored JWK alg: X448 (jwk, object(kty, crv, x), {name: X448}, true, [\])]
expected: FAIL
@ -284,54 +203,6 @@
[Good parameters: Ed448 bits (jwk, object(crv, d, x, kty), {name: Ed448}, false, [sign\])]
expected: FAIL
[Good parameters: X25519 bits (spki, buffer(44), {name: X25519}, true, [\])]
expected: FAIL
[Good parameters: X25519 bits (jwk, object(kty, crv, x), {name: X25519}, true, [\])]
expected: FAIL
[Good parameters: X25519 bits (pkcs8, buffer(48), {name: X25519}, true, [deriveKey\])]
expected: FAIL
[Good parameters: X25519 bits (jwk, object(crv, d, x, kty), {name: X25519}, true, [deriveKey\])]
expected: FAIL
[Good parameters: X25519 bits (pkcs8, buffer(48), {name: X25519}, true, [deriveBits, deriveKey\])]
expected: FAIL
[Good parameters: X25519 bits (jwk, object(crv, d, x, kty), {name: X25519}, true, [deriveBits, deriveKey\])]
expected: FAIL
[Good parameters: X25519 bits (pkcs8, buffer(48), {name: X25519}, true, [deriveBits\])]
expected: FAIL
[Good parameters: X25519 bits (jwk, object(crv, d, x, kty), {name: X25519}, true, [deriveBits\])]
expected: FAIL
[Good parameters: X25519 bits (spki, buffer(44), {name: X25519}, false, [\])]
expected: FAIL
[Good parameters: X25519 bits (jwk, object(kty, crv, x), {name: X25519}, false, [\])]
expected: FAIL
[Good parameters: X25519 bits (pkcs8, buffer(48), {name: X25519}, false, [deriveKey\])]
expected: FAIL
[Good parameters: X25519 bits (jwk, object(crv, d, x, kty), {name: X25519}, false, [deriveKey\])]
expected: FAIL
[Good parameters: X25519 bits (pkcs8, buffer(48), {name: X25519}, false, [deriveBits, deriveKey\])]
expected: FAIL
[Good parameters: X25519 bits (jwk, object(crv, d, x, kty), {name: X25519}, false, [deriveBits, deriveKey\])]
expected: FAIL
[Good parameters: X25519 bits (pkcs8, buffer(48), {name: X25519}, false, [deriveBits\])]
expected: FAIL
[Good parameters: X25519 bits (jwk, object(crv, d, x, kty), {name: X25519}, false, [deriveBits\])]
expected: FAIL
[Good parameters: X448 bits (spki, buffer(68), {name: X448}, true, [\])]
expected: FAIL
@ -386,12 +257,6 @@
[Good parameters: Ed448 bits (raw, buffer(57), {name: Ed448}, false, [\])]
expected: FAIL
[Good parameters: X25519 bits (raw, buffer(32), {name: X25519}, true, [\])]
expected: FAIL
[Good parameters: X25519 bits (raw, buffer(32), {name: X25519}, false, [\])]
expected: FAIL
[Good parameters: X448 bits (raw, buffer(56), {name: X448}, true, [\])]
expected: FAIL
@ -446,18 +311,6 @@
[Good parameters: Ed448 bits (jwk, object(crv, d, x, kty), {name: Ed448}, false, [sign, sign\])]
expected: FAIL
[Good parameters: X25519 bits (pkcs8, buffer(48), {name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits\])]
expected: FAIL
[Good parameters: X25519 bits (jwk, object(crv, d, x, kty), {name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits\])]
expected: FAIL
[Good parameters: X25519 bits (pkcs8, buffer(48), {name: X25519}, false, [deriveKey, deriveBits, deriveKey, deriveBits\])]
expected: FAIL
[Good parameters: X25519 bits (jwk, object(crv, d, x, kty), {name: X25519}, false, [deriveKey, deriveBits, deriveKey, deriveBits\])]
expected: FAIL
[Good parameters: X448 bits (pkcs8, buffer(72), {name: X448}, true, [deriveKey, deriveBits, deriveKey, deriveBits\])]
expected: FAIL
@ -485,21 +338,6 @@
[Good parameters with ignored JWK alg: Ed448 (jwk, object(crv, d, x, kty), {name: Ed448}, true, [sign, sign\])]
expected: FAIL
[Good parameters with ignored JWK alg: X25519 (jwk, object(kty, crv, x), {name: X25519}, true, [\])]
expected: FAIL
[Good parameters with ignored JWK alg: X25519 (jwk, object(crv, d, x, kty), {name: X25519}, true, [deriveKey\])]
expected: FAIL
[Good parameters with ignored JWK alg: X25519 (jwk, object(crv, d, x, kty), {name: X25519}, true, [deriveBits, deriveKey\])]
expected: FAIL
[Good parameters with ignored JWK alg: X25519 (jwk, object(crv, d, x, kty), {name: X25519}, true, [deriveBits\])]
expected: FAIL
[Good parameters with ignored JWK alg: X25519 (jwk, object(crv, d, x, kty), {name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits\])]
expected: FAIL
[Good parameters with ignored JWK alg: X448 (jwk, object(kty, crv, x), {name: X448}, true, [\])]
expected: FAIL

1272
testing/web-platform/meta/WebCryptoAPI/import_export/okp_importKey_failures_X25519.https.any.js.ini
Просмотреть файл

Разница между файлами не показана из-за своего большого размера Загрузить разницу