Changeset 160061 in webkit


Ignore:
Timestamp:
Dec 3, 2013 4:51:14 PM (10 years ago)
Author:
ap@apple.com
Message:

Update WebCrypto JWK mapping to newer proposal
https://bugs.webkit.org/show_bug.cgi?id=124218

Reviewed by Anders Carlsson.

Source/WebCore:

Tests: crypto/subtle/jwk-export-use-values.html

crypto/subtle/jwk-import-use-values.html

  1. "extractable" renamed to "ext" in JWK.
  2. New values for "use" mapping, which can now be combined into comma separated lists,

and cover all possible WebCrypto usages.

  • bindings/js/JSCryptoKeySerializationJWK.cpp:

(WebCore::JSCryptoKeySerializationJWK::reconcileUsages):
(WebCore::JSCryptoKeySerializationJWK::reconcileExtractable):
(WebCore::JSCryptoKeySerializationJWK::addJWKAlgorithmToJSON):
(WebCore::processUseValue):
(WebCore::JSCryptoKeySerializationJWK::addJWKUseToJSON):
(WebCore::JSCryptoKeySerializationJWK::serialize):

LayoutTests:

  • crypto/subtle/jwk-export-use-values-expected.txt: Added.
  • crypto/subtle/jwk-export-use-values.html: Added.
  • crypto/subtle/jwk-import-use-values-expected.txt: Added.
  • crypto/subtle/jwk-import-use-values.html: Added.

New tests for "use" mapping.

  • crypto/subtle/aes-cbc-import-jwk.html:
  • crypto/subtle/aes-cbc-unwrap-rsa.html:
  • crypto/subtle/aes-cbc-wrap-rsa-non-extractable.html:
  • crypto/subtle/aes-cbc-wrap-rsa.html:
  • crypto/subtle/aes-export-key-expected.txt:
  • crypto/subtle/aes-export-key.html:
  • crypto/subtle/hmac-export-key-expected.txt:
  • crypto/subtle/hmac-export-key.html:
  • crypto/subtle/hmac-import-jwk.html:
  • crypto/subtle/import-jwk-expected.txt:
  • crypto/subtle/import-jwk.html:
  • crypto/subtle/rsa-export-key-expected.txt:
  • crypto/subtle/rsa-export-key.html:
  • crypto/subtle/rsa-export-private-key-expected.txt:
  • crypto/subtle/rsa-export-private-key.html:
  • crypto/subtle/rsa-oaep-key-manipulation-expected.txt:
  • crypto/subtle/rsa-oaep-key-manipulation.html:
Location:
trunk
Files:
4 added
20 edited

Legend:

Unmodified
Added
Removed

  • trunk/LayoutTests/ChangeLog

    r160049 r160061  
     12013-12-03  Alexey Proskuryakov  <ap@apple.com>
     2
     3        Update WebCrypto JWK mapping to newer proposal
     4        https://bugs.webkit.org/show_bug.cgi?id=124218
     5
     6        Reviewed by Anders Carlsson.
     7
     8        * crypto/subtle/jwk-export-use-values-expected.txt: Added.
     9        * crypto/subtle/jwk-export-use-values.html: Added.
     10        * crypto/subtle/jwk-import-use-values-expected.txt: Added.
     11        * crypto/subtle/jwk-import-use-values.html: Added.
     12        New tests for "use" mapping.
     13
     14        * crypto/subtle/aes-cbc-import-jwk.html:
     15        * crypto/subtle/aes-cbc-unwrap-rsa.html:
     16        * crypto/subtle/aes-cbc-wrap-rsa-non-extractable.html:
     17        * crypto/subtle/aes-cbc-wrap-rsa.html:
     18        * crypto/subtle/aes-export-key-expected.txt:
     19        * crypto/subtle/aes-export-key.html:
     20        * crypto/subtle/hmac-export-key-expected.txt:
     21        * crypto/subtle/hmac-export-key.html:
     22        * crypto/subtle/hmac-import-jwk.html:
     23        * crypto/subtle/import-jwk-expected.txt:
     24        * crypto/subtle/import-jwk.html:
     25        * crypto/subtle/rsa-export-key-expected.txt:
     26        * crypto/subtle/rsa-export-key.html:
     27        * crypto/subtle/rsa-export-private-key-expected.txt:
     28        * crypto/subtle/rsa-export-private-key.html:
     29        * crypto/subtle/rsa-oaep-key-manipulation-expected.txt:
     30        * crypto/subtle/rsa-oaep-key-manipulation.html:
     31
    1322013-12-03  Alexey Proskuryakov  <ap@apple.com>
    233

  • trunk/LayoutTests/crypto/subtle/aes-cbc-import-jwk.html

    r159379 r160061  
    2323    "alg": "A192CBC",
    2424    "use": "enc",
    25     "extractable": true,
     25    "ext": true,
    2626    "k": "jnOw99oOZFLIEPMrgJB55WL46tJSLGt7"
    2727};

  • trunk/LayoutTests/crypto/subtle/aes-cbc-unwrap-rsa.html

    r159637 r160061  
    2222    n: "rcCUCv7Oc1HVam1DIhCzqknThWawOp8QLk8Ziy2p10ByjQFCajoFiyuAWl-R1WXZaf4xitLRracT9agpzIzc-MbLSHIGgWQGO21lGiImy5ftZ-D8bHAqRz2y15pzD4c4CEou7XSSLDoRnR0QG5MsDhD6s2gV9mwHkrtkCxtMWdBi-77as8wGmlNRldcOSgZDLK8UnCSgA1OguZ989bFyc8tOOEIb0xUSfPSz3LPSCnyYz68aDjmKVeNH-ig857OScyWbGyEy3Biw64qun3juUlNWsJ3zngkOdteYWytx5Qr4XKNs6R-Myyq72KUp02mJDZiiyiglxML_i3-_CeecCw",
    2323    e: "AQAB",
    24     extractable: false,
     24    ext: false,
    2525    use: "sig"
    2626};
    2727
    2828var unwrappingKeyOctets = hexStringToUint8Array("2a00e0e776e94e4dc89bf947cebdebe1");
    29 var wrappedKey = hexStringToUint8Array("3511f6028db04ea97e7cfad3c4cc60837bceff25cb6c88292fbcb4547570afdc32e4003fe4d65f1e7df60dc1fdb3df36c3f58ab228e33aa31005852d46d0c2ad1318435a071bbb5bbb05650ea63d551698b0c040dd95ed0d379b5e2eccb545ae5620acb8051174cd2ad647328ad99dcd462fec40748724eb1e68f209f779faa2c35b4d4d1b6604a74e62a1846249ea6192954a5af10c71ebfea79948142441ed307e9f52e797a51a8007a6f87b57c51f9e7eef54b7e4a1f818ba6ac25ee5935c23b3253d6d9d222262c79ccdb7147d9c07527c22fe7a4ab91af20479edf5930b3c053c0a0b27092cfb53203633d01dcf6e333b5be7c1933c321c953f962b934ebefd9df8cca6c0a25fcd5fb96105435c42d9902406f82bc8daa8ec12fa85d9afa65adbfe3f60828ef64adaf43ad8e3b0af104cbfafd994323732bba08f84d5cac1d157b276233dffecafe47942b83c85ead6d5886c6badf534d4a32d3f545e8032dd5e419d7bff3acde2c37a96fc34fda8747d89500bf9f7ef45873c6b3b274197c184fe91badeeddf5045f982ecc66b61e0c4d75fd496c61ffcbb36e079faf20aa0c05cd12742aefdf1f6a39c4a9c5a");
     29var wrappedKey = hexStringToUint8Array("3511f6028db04ea97e7cfad3c4cc60837bceff25cb6c88292fbcb4547570afdc32e4003fe4d65f1e7df60dc1fdb3df36c3f58ab228e33aa31005852d46d0c2ad1318435a071bbb5bbb05650ea63d551698b0c040dd95ed0d379b5e2eccb545ae5620acb8051174cd2ad647328ad99dcd462fec40748724eb1e68f209f779faa2c35b4d4d1b6604a74e62a1846249ea6192954a5af10c71ebfea79948142441ed307e9f52e797a51a8007a6f87b57c51f9e7eef54b7e4a1f818ba6ac25ee5935c23b3253d6d9d222262c79ccdb7147d9c07527c22fe7a4ab91af20479edf5930b3c053c0a0b27092cfb53203633d01dcf6e333b5be7c1933c321c953f962b934ebefd9df8cca6c0a25fcd5fb96105435c42d9902406f82bc8daa8ec12fa85d9afa65adbfe3f60828ef64adaf43ad8e3b0af104cbfafd994323732bba08f84d5cac1d157b276233dffecafe47942b83c85ead6d5886c6badf534d4a32d3f545e8032dd5e419d7bff3acde2c37a96fc34fda8747d89500bf9f7ef45873c6b3b2741aaf74ff96a2f950028f38eb62f1be936fe0a994ebfa928021c0c96172d84584e");
    3030
    3131debug("Importing an unwrapping key...");

  • trunk/LayoutTests/crypto/subtle/aes-cbc-wrap-rsa-non-extractable.html

    r159644 r160061  
    2222    n: "rcCUCv7Oc1HVam1DIhCzqknThWawOp8QLk8Ziy2p10ByjQFCajoFiyuAWl-R1WXZaf4xitLRracT9agpzIzc-MbLSHIGgWQGO21lGiImy5ftZ-D8bHAqRz2y15pzD4c4CEou7XSSLDoRnR0QG5MsDhD6s2gV9mwHkrtkCxtMWdBi-77as8wGmlNRldcOSgZDLK8UnCSgA1OguZ989bFyc8tOOEIb0xUSfPSz3LPSCnyYz68aDjmKVeNH-ig857OScyWbGyEy3Biw64qun3juUlNWsJ3zngkOdteYWytx5Qr4XKNs6R-Myyq72KUp02mJDZiiyiglxML_i3-_CeecCw",
    2323    e: "AQAB",
    24     extractable: false,
     24    ext: false,
    2525    use: "sig"
    2626};

  • trunk/LayoutTests/crypto/subtle/aes-cbc-wrap-rsa.html

    r159644 r160061  
    2222    n: "rcCUCv7Oc1HVam1DIhCzqknThWawOp8QLk8Ziy2p10ByjQFCajoFiyuAWl-R1WXZaf4xitLRracT9agpzIzc-MbLSHIGgWQGO21lGiImy5ftZ-D8bHAqRz2y15pzD4c4CEou7XSSLDoRnR0QG5MsDhD6s2gV9mwHkrtkCxtMWdBi-77as8wGmlNRldcOSgZDLK8UnCSgA1OguZ989bFyc8tOOEIb0xUSfPSz3LPSCnyYz68aDjmKVeNH-ig857OScyWbGyEy3Biw64qun3juUlNWsJ3zngkOdteYWytx5Qr4XKNs6R-Myyq72KUp02mJDZiiyiglxML_i3-_CeecCw",
    2323    e: "AQAB",
    24     extractable: true,
     24    ext: true,
    2525    use: "sig"
    2626};

  • trunk/LayoutTests/crypto/subtle/aes-export-key-expected.txt

    r159644 r160061  
    2323PASS exportedJWK.k is 'jnOw99oOZFLIEPMrgJB55WL46tJSLGt7'
    2424PASS exportedJWK.alg is 'A192CBC'
    25 PASS exportedJWK.extractable is true
     25PASS exportedJWK.ext is true
    2626PASS exportedJWK.use is 'enc'
    2727
     
    3232Trying to export as jwk...
    3333PASS Rejected, as expected
    34 
    35 Importing a key with only encrypt+decrypt usage (this doesn't map to anything in JWK, as 'enc' also allows wrap/unwrap)...
    36 PASS crypto.subtle.exportKey("jwk", key) threw exception TypeError: Key usages cannot be represented in JWK. Only two variants are supported: sign+verify and encrypt+decrypt+wrapKey+unwrapKey.
    3734PASS successfullyParsed is true
    3835

  • trunk/LayoutTests/crypto/subtle/aes-export-key.html

    r159392 r160061  
    5353    shouldBe("exportedJWK.k", "'jnOw99oOZFLIEPMrgJB55WL46tJSLGt7'");
    5454    shouldBe("exportedJWK.alg", "'A192CBC'");
    55     shouldBe("exportedJWK.extractable", "true");
     55    shouldBe("exportedJWK.ext", "true");
    5656    shouldBe("exportedJWK.use", "'enc'");
    5757
     
    7777    testPassed("Rejected, as expected");
    7878
    79     // If this test starts to fail because a way to encode encrypt+decrypt is added to JWK, change to something that's not there.
    80     // If all WebCrypto modes are added to JWK, then this test will be obsolete.
    81     debug("\nImporting a key with only encrypt+decrypt usage (this doesn't map to anything in JWK, as 'enc' also allows wrap/unwrap)...");
    82     return crypto.subtle.importKey("jwk", jwkKeyAsArrayBuffer, "AES-CBC", extractable, ['encrypt', 'decrypt'])
    83 }).then(function(result) {
    84     key = result;
    85 
    86     // Maybe this should be a rejected promise, not an exception. We'll need to find a way to provide meaningful error messages with such failures.
    87     shouldThrow('crypto.subtle.exportKey("jwk", key)');
    88 
    8979    finishJSTest();
    9080});

  • trunk/LayoutTests/crypto/subtle/hmac-export-key-expected.txt

    r159644 r160061  
    1616PASS exportedJWK.k is 'ahjkn-_387fgnsibf23qsvahjkn-_387fgnsibf23qs'
    1717PASS exportedJWK.alg is 'HS256'
    18 PASS exportedJWK.extractable is true
     18PASS exportedJWK.ext is true
    1919PASS exportedJWK.use is 'sig'
    2020
     
    2525Trying to export as jwk...
    2626PASS Rejected, as expected
    27 
    28 Importing a key with only sign usage (this doesn't map to anything in JWK, as 'sig' allows both sign and verify)...
    29 PASS crypto.subtle.exportKey("jwk", key) threw exception TypeError: Key usages cannot be represented in JWK. Only two variants are supported: sign+verify and encrypt+decrypt+wrapKey+unwrapKey.
    3027PASS successfullyParsed is true
    3128

  • trunk/LayoutTests/crypto/subtle/hmac-export-key.html

    r159392 r160061  
    4747    shouldBe("exportedJWK.k", "'ahjkn-_387fgnsibf23qsvahjkn-_387fgnsibf23qs'");
    4848    shouldBe("exportedJWK.alg", "'HS256'");
    49     shouldBe("exportedJWK.extractable", "true");
     49    shouldBe("exportedJWK.ext", "true");
    5050    shouldBe("exportedJWK.use", "'sig'");
    5151
     
    7171    testPassed("Rejected, as expected");
    7272
    73     // If this test starts to fail because a way to encode encrypt+decrypt is added to JWK, change to something that's not there.
    74     // If all WebCrypto modes are added to JWK, then this test will be obsolete.
    75     debug("\nImporting a key with only sign usage (this doesn't map to anything in JWK, as 'sig' allows both sign and verify)...");
    76     return crypto.subtle.importKey("jwk", jwkKeyAsArrayBuffer, { name: "HMAC", hash: "SHA-256" }, extractable, ['sign'])
    77 }).then(function(result) {
    78     key = result;
    79 
    80     // Maybe this should be a rejected promise, not an exception. We'll need to find a way to provide meaningful error messages with such failures.
    81     shouldThrow('crypto.subtle.exportKey("jwk", key)');
    82 
    8373    finishJSTest();
    8474});

  • trunk/LayoutTests/crypto/subtle/hmac-import-jwk.html

    r159379 r160061  
    2020    "alg": "HS256",
    2121    "use": "sig",
    22     "extractable": false,
     22    "ext": false,
    2323    "k": "ahjkn-_387fgnsibf23qsvahjkn-_387fgnsibf23qs"
    2424};

  • trunk/LayoutTests/crypto/subtle/import-jwk-expected.txt

    r159327 r160061  
    1212PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "foobar", "alg": "HS256", "use": "sig", "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }'), null) threw exception TypeError: Unsupported JWK key type foobar.
    1313PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": "foobar", "use": "sig", "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }'), null) threw exception TypeError: Unsupported JWK algorithm foobar.
    14 PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": "HS256", "use": "sig", "extractable": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }'), "aes-cbc") threw exception TypeError: Algorithm specified in key is not compatible with one passed to importKey as argument.
    15 PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": "HS256", "use": "sig", "extractable": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }'), { name: "hmac", hash: "sha-1" }) threw exception TypeError: Algorithm specified in key is not compatible with one passed to importKey as argument.
     14PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": "HS256", "use": "sig", "ext": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }'), "aes-cbc") threw exception TypeError: Algorithm specified in key is not compatible with one passed to importKey as argument.
     15PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": "HS256", "use": "sig", "ext": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }'), { name: "hmac", hash: "sha-1" }) threw exception TypeError: Algorithm specified in key is not compatible with one passed to importKey as argument.
    1616PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": "HS256" }'), null) threw exception TypeError: Secret key data is not present is JWK.
    1717PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": "A128CBC" }'), null) threw exception TypeError: Secret key data is not present is JWK.
    18 PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": "HS256", "use": "sig", "extractable": false, "k": "1234" }'), null) threw exception TypeError: Key size is not valid for HS256.
    19 PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": "A128CBC", "use": "sig", "extractable": false, "k": "1234" }'), null) threw exception TypeError: Key size is not valid for A128CBC.
    20 PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": "A128CBC", "use": "sig", "extractable": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }'), null) threw exception TypeError: Key size is not valid for A128CBC.
    21 PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": "HS256", "use": "sig", "extractable": false, "k": "ahjkn23387f+nsibf23qsvahjkn37387fgnsibf23qs" }'), null) threw exception TypeError: Cannot decode base64url key data in JWK.
    22 PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": 1, "alg": "HS256", "use": "sig", "extractable": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }'), null) threw exception TypeError: Expected a string value for "kty" JSON key.
    23 PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": 1, "use": "sig", "extractable": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }'), null) threw exception TypeError: Expected a string value for "alg" JSON key.
    24 PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": "HS256", "use": 1, "extractable": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }'), null) threw exception TypeError: Expected a string value for "use" JSON key.
    25 PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": "HS256", "use": "sig", "extractable": "false", "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }'), null) threw exception TypeError: Expected a boolean value for "extractable" JSON key.
    26 PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": "HS256", "use": "sig", "extractable": false, "k": 1 }'), null) threw exception TypeError: Expected a string value for "k" JSON key.
     18PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": "HS256", "use": "sig", "ext": false, "k": "1234" }'), null) threw exception TypeError: Key size is not valid for HS256.
     19PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": "A128CBC", "use": "sig", "ext": false, "k": "1234" }'), null) threw exception TypeError: Key size is not valid for A128CBC.
     20PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": "A128CBC", "use": "sig", "ext": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }'), null) threw exception TypeError: Key size is not valid for A128CBC.
     21PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": "HS256", "use": "sig", "ext": false, "k": "ahjkn23387f+nsibf23qsvahjkn37387fgnsibf23qs" }'), null) threw exception TypeError: Cannot decode base64url key data in JWK.
     22PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": 1, "alg": "HS256", "use": "sig", "ext": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }'), null) threw exception TypeError: Expected a string value for "kty" JSON key.
     23PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": 1, "use": "sig", "ext": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }'), null) threw exception TypeError: Expected a string value for "alg" JSON key.
     24PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": "HS256", "use": 1, "ext": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }'), null) threw exception TypeError: Expected a string value for "use" JSON key.
     25PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": "HS256", "use": "sig", "ext": "false", "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }'), null) threw exception TypeError: Expected a boolean value for "ext" JSON key.
     26PASS crypto.subtle.importKey("jwk", asciiToUint8Array('{ "kty": "oct", "alg": "HS256", "use": "sig", "ext": false, "k": 1 }'), null) threw exception TypeError: Expected a string value for "k" JSON key.
    2727PASS successfullyParsed is true
    2828

  • trunk/LayoutTests/crypto/subtle/import-jwk.html

    r159327 r160061  
    2424
    2525// Algorithm mismatch.
    26 shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": "oct", "alg": "HS256", "use": "sig", "extractable": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }\'), "aes-cbc")')
    27 shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": "oct", "alg": "HS256", "use": "sig", "extractable": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }\'), { name: "hmac", hash: "sha-1" })')
     26shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": "oct", "alg": "HS256", "use": "sig", "ext": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }\'), "aes-cbc")')
     27shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": "oct", "alg": "HS256", "use": "sig", "ext": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }\'), { name: "hmac", hash: "sha-1" })')
    2828
    2929// No key data.
     
    3232
    3333// Key data length is incorrect, not allowed in JWK.
    34 shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": "oct", "alg": "HS256", "use": "sig", "extractable": false, "k": "1234" }\'), null)')
    35 shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": "oct", "alg": "A128CBC", "use": "sig", "extractable": false, "k": "1234" }\'), null)')
    36 shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": "oct", "alg": "A128CBC", "use": "sig", "extractable": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }\'), null)')
     34shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": "oct", "alg": "HS256", "use": "sig", "ext": false, "k": "1234" }\'), null)')
     35shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": "oct", "alg": "A128CBC", "use": "sig", "ext": false, "k": "1234" }\'), null)')
     36shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": "oct", "alg": "A128CBC", "use": "sig", "ext": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }\'), null)')
    3737
    3838// Key data is not valid base64url.
    39 shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": "oct", "alg": "HS256", "use": "sig", "extractable": false, "k": "ahjkn23387f+nsibf23qsvahjkn37387fgnsibf23qs" }\'), null)')
     39shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": "oct", "alg": "HS256", "use": "sig", "ext": false, "k": "ahjkn23387f+nsibf23qsvahjkn37387fgnsibf23qs" }\'), null)')
    4040
    4141// Incorrect data types.
    42 shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": 1, "alg": "HS256", "use": "sig", "extractable": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }\'), null)')
    43 shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": "oct", "alg": 1, "use": "sig", "extractable": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }\'), null)')
    44 shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": "oct", "alg": "HS256", "use": 1, "extractable": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }\'), null)')
    45 shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": "oct", "alg": "HS256", "use": "sig", "extractable": "false", "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }\'), null)')
    46 shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": "oct", "alg": "HS256", "use": "sig", "extractable": false, "k": 1 }\'), null)')
     42shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": 1, "alg": "HS256", "use": "sig", "ext": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }\'), null)')
     43shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": "oct", "alg": 1, "use": "sig", "ext": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }\'), null)')
     44shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": "oct", "alg": "HS256", "use": 1, "ext": false, "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }\'), null)')
     45shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": "oct", "alg": "HS256", "use": "sig", "ext": "false", "k": "ahjkn23387fgnsibf23qsvahjkn37387fgnsibf23qs" }\'), null)')
     46shouldThrow('crypto.subtle.importKey("jwk", asciiToUint8Array(\'{ "kty": "oct", "alg": "HS256", "use": "sig", "ext": false, "k": 1 }\'), null)')
    4747</script>
    4848

  • trunk/LayoutTests/crypto/subtle/rsa-export-key-expected.txt

    r159403 r160061  
    1717PASS exportedJWK.e is publicKeyJSON.e
    1818PASS exportedJWK.alg is 'RS256'
    19 PASS exportedJWK.extractable is true
     19PASS exportedJWK.ext is true
    2020PASS exportedJWK.use is 'sig'
    2121PASS successfullyParsed is true

  • trunk/LayoutTests/crypto/subtle/rsa-export-key.html

    r159403 r160061  
    4545    shouldBe("exportedJWK.e", "publicKeyJSON.e");
    4646    shouldBe("exportedJWK.alg", "'RS256'");
    47     shouldBe("exportedJWK.extractable", "true");
     47    shouldBe("exportedJWK.ext", "true");
    4848    shouldBe("exportedJWK.use", "'sig'");
    4949

  • trunk/LayoutTests/crypto/subtle/rsa-export-private-key-expected.txt

    r160029 r160061  
    1919PASS exportedJWK.oth is privateKeyJSON.oth
    2020PASS exportedJWK.alg is privateKeyJSON.alg
    21 PASS exportedJWK.extractable is true
     21PASS exportedJWK.ext is true
    2222PASS exportedJWK.use is 'sig'
    2323PASS successfullyParsed is true

  • trunk/LayoutTests/crypto/subtle/rsa-export-private-key.html

    r160029 r160061  
    5353    shouldBe("exportedJWK.oth", "privateKeyJSON.oth");
    5454    shouldBe("exportedJWK.alg", "privateKeyJSON.alg");
    55     shouldBe("exportedJWK.extractable", "true");
     55    shouldBe("exportedJWK.ext", "true");
    5656    shouldBe("exportedJWK.use", "'sig'");
    5757

  • trunk/LayoutTests/crypto/subtle/rsa-oaep-key-manipulation-expected.txt

    r159944 r160061  
    2727Exporting public key to JWK...
    2828PASS jwkPublicKey.alg is 'RSA-OAEP'
    29 PASS jwkPublicKey.extractable is true
     29PASS jwkPublicKey.ext is true
    3030PASS jwkPublicKey.use is 'enc'
    3131PASS jwkPublicKey.kty is 'RSA'

  • trunk/LayoutTests/crypto/subtle/rsa-oaep-key-manipulation.html

    r159944 r160061  
    5656    jwkPublicKey = JSON.parse(bytesToASCIIString(jwkPublicKeyArray));
    5757    shouldBe("jwkPublicKey.alg", "'RSA-OAEP'");
    58     shouldBe("jwkPublicKey.extractable", "true");
     58    shouldBe("jwkPublicKey.ext", "true");
    5959    shouldBe("jwkPublicKey.use", "'enc'");
    6060    shouldBe("jwkPublicKey.kty", "'RSA'");

  • trunk/Source/WebCore/ChangeLog

    r160050 r160061  
     12013-12-03  Alexey Proskuryakov  <ap@apple.com>
     2
     3        Update WebCrypto JWK mapping to newer proposal
     4        https://bugs.webkit.org/show_bug.cgi?id=124218
     5
     6        Reviewed by Anders Carlsson.
     7
     8        Tests: crypto/subtle/jwk-export-use-values.html
     9               crypto/subtle/jwk-import-use-values.html
     10
     11        1. "extractable" renamed to "ext" in JWK.
     12        2. New values for "use" mapping, which can now be combined into comma separated lists,
     13        and cover all possible WebCrypto usages.
     14
     15        * bindings/js/JSCryptoKeySerializationJWK.cpp:
     16        (WebCore::JSCryptoKeySerializationJWK::reconcileUsages):
     17        (WebCore::JSCryptoKeySerializationJWK::reconcileExtractable):
     18        (WebCore::JSCryptoKeySerializationJWK::addJWKAlgorithmToJSON):
     19        (WebCore::processUseValue):
     20        (WebCore::JSCryptoKeySerializationJWK::addJWKUseToJSON):
     21        (WebCore::JSCryptoKeySerializationJWK::serialize):
     22
    1232013-12-03  Simon Fraser  <simon.fraser@apple.com>
    224

  • trunk/Source/WebCore/bindings/js/JSCryptoKeySerializationJWK.cpp

    r159966 r160061  
    246246}
    247247
    248 void JSCryptoKeySerializationJWK::reconcileUsages(CryptoKeyUsage& suggestedUsage) const
     248void JSCryptoKeySerializationJWK::reconcileUsages(CryptoKeyUsage& suggestedUsages) const
    249249{
    250250    String jwkUseString;
     
    254254    }
    255255
    256     // FIXME: CryptoKeyUsageDeriveKey, CryptoKeyUsageDeriveBits - should these be implicitly allowed by any JWK use value?
    257     // FIXME: "use" mapping is in flux, see <https://www.w3.org/Bugs/Public/show_bug.cgi?id=23796>.
    258     if (jwkUseString == "sig")
    259         suggestedUsage = suggestedUsage & (CryptoKeyUsageSign | CryptoKeyUsageVerify);
    260     else if (jwkUseString == "enc")
    261         suggestedUsage = suggestedUsage & (CryptoKeyUsageEncrypt | CryptoKeyUsageDecrypt | CryptoKeyUsageWrapKey | CryptoKeyUsageUnwrapKey);
    262     else if (jwkUseString == "wrap")
    263         suggestedUsage = suggestedUsage & (CryptoKeyUsageWrapKey | CryptoKeyUsageUnwrapKey);
    264     else
    265         suggestedUsage = 0; // Unknown usage, better be safe.
     256    // Implemented according to a proposal in <https://www.w3.org/Bugs/Public/show_bug.cgi?id=23796>.
     257    Vector<String> jwkUsageValues;
     258    jwkUseString.split(',', jwkUsageValues);
     259    CryptoKeyUsage jwkUsages = 0;
     260    for (size_t i = 0, size = jwkUsageValues.size(); i < size; ++i) {
     261        String jwkUse = jwkUsageValues[i];
     262        if (jwkUse == "sig")
     263            jwkUsages |= (CryptoKeyUsageSign | CryptoKeyUsageVerify);
     264        else if (jwkUse == "enc")
     265            jwkUsages |= (CryptoKeyUsageEncrypt | CryptoKeyUsageDecrypt | CryptoKeyUsageWrapKey | CryptoKeyUsageUnwrapKey);
     266        else if (jwkUse == "enconly")
     267            jwkUsages |= CryptoKeyUsageEncrypt;
     268        else if (jwkUse == "deconly")
     269            jwkUsages |= CryptoKeyUsageDecrypt;
     270        else if (jwkUse == "sigonly")
     271            jwkUsages |= CryptoKeyUsageSign;
     272        else if (jwkUse == "vfyonly")
     273            jwkUsages |= CryptoKeyUsageVerify;
     274        else if (jwkUse == "drvkey")
     275            jwkUsages |= CryptoKeyUsageDeriveKey;
     276        else if (jwkUse == "drvbits")
     277            jwkUsages |= CryptoKeyUsageDeriveBits;
     278        else if (jwkUse == "wrap")
     279            jwkUsages |= CryptoKeyUsageWrapKey;
     280        else if (jwkUse == "unwrap")
     281            jwkUsages |= CryptoKeyUsageUnwrapKey;
     282    }
     283
     284    suggestedUsages = suggestedUsages & jwkUsages;
    266285}
    267286
     
    269288{
    270289    bool jwkExtractable;
    271     if (!getBooleanFromJSON(m_exec, m_json.get(), "extractable", jwkExtractable)) {
    272         // "extractable" is a Netflix proposal that's not in any spec yet. It will certainly be optional once specified.
     290    if (!getBooleanFromJSON(m_exec, m_json.get(), "ext", jwkExtractable)) {
     291        // "ext" not in JWK or WebCrypto specs yet, implemented according to a proposal in <https://www.w3.org/Bugs/Public/show_bug.cgi?id=23796>.
    273292        return;
    274293    }
     
    590609    if (jwkAlgorithm.isNull()) {
    591610        // The spec doesn't currently tell whether export should fail, or just skip "alg" (which is an optional key in JWK).
    592         // Perhaps this should depend on whether the key is extractable?
    593611        throwTypeError(exec, "Key algorithm and size do not map to any JWK algorithm identifier");
    594612        return;
     
    598616}
    599617
     618static bool processUseValue(StringBuilder& builder, CryptoKeyUsage& usages, const String& useString, CryptoKeyUsage usagesForUseString)
     619{
     620    if ((usages & usagesForUseString) != usagesForUseString)
     621        return false;
     622
     623    if (!builder.isEmpty())
     624        builder.append(',');
     625    builder.append(useString);
     626
     627    usages &= ~usagesForUseString;
     628
     629    return true;
     630}
     631
    600632void JSCryptoKeySerializationJWK::addJWKUseToJSON(ExecState* exec, JSObject* json, CryptoKeyUsage usages)
    601633{
    602     // FIXME: "use" mapping is in flux, see <https://www.w3.org/Bugs/Public/show_bug.cgi?id=23796>.
    603     switch (usages) {
    604     case CryptoKeyUsageEncrypt | CryptoKeyUsageDecrypt | CryptoKeyUsageWrapKey | CryptoKeyUsageUnwrapKey:
    605         addToJSON(exec, json, "use", "enc");
    606         break;
    607     case CryptoKeyUsageSign | CryptoKeyUsageVerify:
    608         addToJSON(exec, json, "use", "sig");
    609         break;
    610     default:
    611         throwTypeError(exec, "Key usages cannot be represented in JWK. Only two variants are supported: sign+verify and encrypt+decrypt+wrapKey+unwrapKey");
    612     }
     634    // Use mapping implemented according to a proposal in <https://www.w3.org/Bugs/Public/show_bug.cgi?id=23796>.
     635    StringBuilder useBuilder;
     636    CryptoKeyUsage remainingUsages = usages;
     637    while (remainingUsages) {
     638        if (processUseValue(useBuilder, remainingUsages, "enc", CryptoKeyUsageEncrypt | CryptoKeyUsageDecrypt | CryptoKeyUsageWrapKey | CryptoKeyUsageUnwrapKey))
     639            continue;
     640        if (processUseValue(useBuilder, remainingUsages, "sig", CryptoKeyUsageSign | CryptoKeyUsageVerify))
     641            continue;
     642        if (processUseValue(useBuilder, remainingUsages, "enconly", CryptoKeyUsageEncrypt))
     643            continue;
     644        if (processUseValue(useBuilder, remainingUsages, "deconly", CryptoKeyUsageDecrypt))
     645            continue;
     646        if (processUseValue(useBuilder, remainingUsages, "sigonly", CryptoKeyUsageSign))
     647            continue;
     648        if (processUseValue(useBuilder, remainingUsages, "vfyonly", CryptoKeyUsageVerify))
     649            continue;
     650        if (processUseValue(useBuilder, remainingUsages, "drvkey", CryptoKeyUsageDeriveKey))
     651            continue;
     652        if (processUseValue(useBuilder, remainingUsages, "drvbits", CryptoKeyUsageDeriveBits))
     653            continue;
     654        if (processUseValue(useBuilder, remainingUsages, "wrap", CryptoKeyUsageWrapKey))
     655            continue;
     656        if (processUseValue(useBuilder, remainingUsages, "unwrap", CryptoKeyUsageUnwrapKey))
     657            continue;
     658        throwTypeError(exec, "Key usages cannot be represented in JWK.");
     659        return;
     660    }
     661
     662    addToJSON(exec, json, "use", useBuilder.toString());
    613663}
    614664
     
    628678        return String();
    629679
    630     addBoolToJSON(exec, result, "extractable", key.extractable());
     680    addBoolToJSON(exec, result, "ext", key.extractable());
    631681
    632682    addJWKUseToJSON(exec, result, key.usagesBitmap());
Note: See TracChangeset for help on using the changeset viewer.