Changeset 212465 in webkit

Timestamp:

Feb 16, 2017 2:31:14 PM (7 years ago)

Author:

jiewen_tan@apple.com

Message:

[WebCrypto] remove toJSValueFromJsonWebKey from custom SubtleCrypto binding codes
​https://bugs.webkit.org/show_bug.cgi?id=167026

Reviewed by Chris Dumez.

Source/WebCore:

Covered by existing tests.

• bindings/js/JSSubtleCryptoCustom.cpp:

(WebCore::jsSubtleCryptoFunctionExportKeyPromise):
(WebCore::jsSubtleCryptoFunctionWrapKeyPromise):
(WebCore::toJSValueFromJsonWebKey): Deleted.

• crypto/JsonWebKey.h:
• crypto/JsonWebKey.idl:
• crypto/RsaOtherPrimesInfo.idl:

Change std::optional<String> to String in order to use toJS<IDLDictionary<JsonWebKey>>.

• crypto/algorithms/CryptoAlgorithmAES_CBC.cpp:

(WebCore::CryptoAlgorithmAES_CBC::importKey):

• crypto/algorithms/CryptoAlgorithmAES_KW.cpp:

(WebCore::CryptoAlgorithmAES_KW::importKey):

• crypto/algorithms/CryptoAlgorithmHMAC.cpp:

(WebCore::CryptoAlgorithmHMAC::importKey):

• crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp:

(WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::importKey):

• crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp:

(WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::importKey):

• crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp:

(WebCore::CryptoAlgorithmRSA_OAEP::importKey):

• crypto/keys/CryptoKeyAES.cpp:

(WebCore::CryptoKeyAES::importJwk):
Only check if key_ops contains all of the specified usages when key_ops field of jwk is present,
as per the specification: ​https://www.w3.org/TR/WebCryptoAPI/#aes-cbc-operations

• crypto/keys/CryptoKeyAES.h:
• crypto/keys/CryptoKeyHMAC.cpp:

(WebCore::CryptoKeyHMAC::importJwk):

• crypto/keys/CryptoKeyHMAC.h:
• crypto/keys/CryptoKeyRSA.cpp:

(WebCore::CryptoKeyRSA::importJwk):
Accommodate the change from std::optional<String> to String.

• crypto/mac/CryptoKeyRSAMac.cpp:

(WebCore::CryptoKeyRSA::create):
Add a null check for p.

LayoutTests:

• crypto/subtle/aes-cbc-import-key-wrap-jwk-rsa-key-private.html:
• crypto/subtle/aes-cbc-import-key-wrap-jwk-rsa-key-public.html:

Order of attributes inside JWK is different after this patch.

• crypto/subtle/aes-import-key-malformed-parameters-expected.txt:
• crypto/subtle/aes-import-key-malformed-parameters.html:
• crypto/subtle/hmac-import-key-malformed-parameters-expected.txt:
• crypto/subtle/hmac-import-key-malformed-parameters.html:
• crypto/subtle/rsa-import-key-malformed-parameters-expected.txt:
• crypto/subtle/rsa-import-key-malformed-parameters.html:
• crypto/workers/subtle/resources/aes-cbc-import-key-wrap-key.js:

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/crypto/subtle/aes-cbc-import-key-wrap-jwk-rsa-key-private.html (modified) (1 diff)
• LayoutTests/crypto/subtle/aes-cbc-import-key-wrap-jwk-rsa-key-public.html (modified) (1 diff)
• LayoutTests/crypto/subtle/aes-import-key-malformed-parameters-expected.txt (modified) (1 diff)
• LayoutTests/crypto/subtle/aes-import-key-malformed-parameters.html (modified) (1 diff)
• LayoutTests/crypto/subtle/hmac-import-key-malformed-parameters-expected.txt (modified) (1 diff)
• LayoutTests/crypto/subtle/hmac-import-key-malformed-parameters.html (modified) (1 diff)
• LayoutTests/crypto/subtle/rsa-import-key-malformed-parameters-expected.txt (modified) (4 diffs)
• LayoutTests/crypto/subtle/rsa-import-key-malformed-parameters.html (modified) (4 diffs)
• LayoutTests/crypto/workers/subtle/resources/aes-cbc-import-key-wrap-key.js (modified) (1 diff)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/bindings/js/JSSubtleCryptoCustom.cpp (modified) (3 diffs)
• Source/WebCore/crypto/JsonWebKey.h (modified) (1 diff)
• Source/WebCore/crypto/JsonWebKey.idl (modified) (1 diff)
• Source/WebCore/crypto/RsaOtherPrimesInfo.idl (modified) (1 diff)
• Source/WebCore/crypto/algorithms/CryptoAlgorithmAES_CBC.cpp (modified) (1 diff)
• Source/WebCore/crypto/algorithms/CryptoAlgorithmAES_KW.cpp (modified) (1 diff)
• Source/WebCore/crypto/algorithms/CryptoAlgorithmHMAC.cpp (modified) (1 diff)
• Source/WebCore/crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp (modified) (1 diff)
• Source/WebCore/crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp (modified) (2 diffs)
• Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp (modified) (3 diffs)
• Source/WebCore/crypto/keys/CryptoKeyAES.cpp (modified) (1 diff)
• Source/WebCore/crypto/keys/CryptoKeyAES.h (modified) (1 diff)
• Source/WebCore/crypto/keys/CryptoKeyHMAC.cpp (modified) (1 diff)
• Source/WebCore/crypto/keys/CryptoKeyHMAC.h (modified) (1 diff)
• Source/WebCore/crypto/keys/CryptoKeyRSA.cpp (modified) (3 diffs)
• Source/WebCore/crypto/mac/CryptoKeyRSAMac.cpp (modified) (1 diff)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2017-02-16  Jiewen Tan  <jiewen_tan@apple.com>
+
+        [WebCrypto] remove toJSValueFromJsonWebKey from custom SubtleCrypto binding codes
+        https://bugs.webkit.org/show_bug.cgi?id=167026
+
+        Reviewed by Chris Dumez.
+
+        * crypto/subtle/aes-cbc-import-key-wrap-jwk-rsa-key-private.html:
+        * crypto/subtle/aes-cbc-import-key-wrap-jwk-rsa-key-public.html:
+        Order of attributes inside JWK is different after this patch.
+
+        * crypto/subtle/aes-import-key-malformed-parameters-expected.txt:
+        * crypto/subtle/aes-import-key-malformed-parameters.html:
+        * crypto/subtle/hmac-import-key-malformed-parameters-expected.txt:
+        * crypto/subtle/hmac-import-key-malformed-parameters.html:
+        * crypto/subtle/rsa-import-key-malformed-parameters-expected.txt:
+        * crypto/subtle/rsa-import-key-malformed-parameters.html:
+        * crypto/workers/subtle/resources/aes-cbc-import-key-wrap-key.js:
+
 2017-02-16  Ryan Haddad  <ryanhaddad@apple.com>
 

trunk/LayoutTests/crypto/subtle/aes-cbc-import-key-wrap-jwk-rsa-key-private.html

@@ -35 +35 @@
     iv: asciiToUint8Array("jnOw99oOZFLIEPMr"),
 }
-var expectWrappedKey = "848aa2f70ee18e2953520132a79cf479b03a8732a3cc73f8c51c68456d3c2557e8be9d5911b2a74267e282a87ffeed88dfbac38a22c26ba621f83915d7539420a4dc0b2329c585b442967367c1ea6c1126f98c4f13b7c8cb7402b86a5844c19420ea333dc33d908be89172f8bac59b403fe202f32c8eed19f431cedfc3383f536f3557163b1311ae42ee5486c6dafee968640d6b6999c687f37fba8d65cc662f1c84f16245665e4af41c98e8b63632cc1d19e2bece2154c7eab1905f3f6ab17b495cefec3508e9b451f2ea1422b97f275dfdc118f46af02040250d0e55d8d8d172b969bbcf7314a257f10b98d2c47c6c72a727acaf4c96340d590ebcebc61f73b7a868b490f3c1e17c59ea479a3b8db5574153de46cfdbb07cfc5e95ebcf7ad3d5fa057ba946d6da872c4bef3af6d7013e222c227650d0022c94d306cb14e203aad378d171c7c24f824c31b81fd18265e0de2f4b415584ebc4adeb5880c4eddbc88b854699f7aa74d6a10ca5df8978f27b5d1372b31ea67a9c4841ae101ea6ad78df0580b70358e6933ac92f7faee5320af329d8349a7b98690708a388737604be0affaa0669410d8d93dc4e4f57e14583253f11e5b27c89b84f1f3038bae6d9b37e3eb64b63ad1880627aef3b19e3e851cfae639ec46dd06fd131b51f530b37260b836d9013d8ad7c8640096070f96984c528ee5e20b69f3cd98a269621cd886ccb16d9c526a87cd5c458541309bb7fa4f3337305d76fc050d39ca8b1fdb0675a11a40ffde9cebb33ddc485e5dc5e7667b08c2a3e0136d063a447aee5a8f650429c5e422a706c4c240a4d11f4a9b5782f2cba2575f0c32cb477a9f0cef97fa993977104181315ff90e46f3b12b8b00f4a7611c42b1bb53d0e6021ab21ee8ae606d9f06dfedb891763007e020977c28b46d5f33bc35c12061d90ebbe02cab58783c0cac0c6f14ed735204f23d0eb6a9fe9edea2aecb1ac213f58b42d5d96374ec70ca288a31016ba02adef43250d717e9fab8982a1a180b1f3944d450c159010fd23f354d88502ec702882ae3edd567c6a6edf3cb2e34edc13f410a25d97298ab9062ddb566576fa8b6599bba205bab55aa5f3f37edaf7733cf249e69c74da975ef249ca673da749d86babebdf55410a389720ac943f1e9d921f5d69c5789636cb904fb9263744236eade9acae889a01c237ab3436101463dfa9d92f936c1b652c80f3abba76023ebe5b9bfdd54735e3a3494de18a456967f58758e546021feef3fa3e6c239981aa06f1f7ddc415d957ff9919bbec5f36af092a81ba6c14fe644d2ee98a2fcdee2ed70b87a53ffa327b25b4569c5886b15f2bd583d6f5bd7e951a915142baa08c6a9c343c200678a005fad22a337d2c5627f8c816db2525a7e121849b9da756eee68a240452849ffdb9651f998257c62e8fdcdc48dadfc3ebb18f7eb5461442008846a629ec8149c052f357bf5889095047b272bce0ff505953e7cd525b24c838ba6e9ed91922a30eeb858de8556f19f761d0287d768876346a5dcac3dbadd7a30072c9338162be5812166d961f4031f962ef668781d39d0fc69fe5f4494e31ec082d4a0140e368b69975beeba120ef9b651ead531b4d44296bd3cfe2ce7f97bb5bb4921061b12c2e1c4c10928c0980ff8d488a2282d0c056a40260167410e39664f75ff1f1249820e174eed978318a05e654b8aa6c60b70001a7a04f0aff17597dd9ab3ccc34f5ba2e352b7244dd3dccb462d7175b95ae3970ec5858e2312aac7c2c79a37b53d089f988720a4c04df6328a384004d0d51eafb9486623099a98e69be5169201c88824acc2bb0e1790889014a1797c168e98d19f0787c2935cfbc3bf24c4adad69a81e0e6adf8c21e3c4789064aa31a025dff5cc6eaba3f3e43f10a9d531f47963372120e2366b84c281ed968d9d11c1d103826c9362741e1267d1a3e8d2188761fa876b7b09617df14130c07209f1f1188ff40971b86607dee14d556a880447901c69d29cb16c027c3aae316ff00132bdfcd0e39c5e201252c9771483ccb275b0c67b3cb4dcd19198c7718634460254dfd6f8df4374b8bedee7dd20ce411b5f987cac2ce17492aa78f919c6d5e555000f47f7b8a9896d448bc4fc13e40a9e5c02258d509a7289f44d7250e89260233bf96702bb3d350451f03d802e0e37d9f01cce4c78869403493eb9890c2c09109d1f427f59cf091cd1c836e25a9bb065041407c2183f643bce2e72db1e7caeac42e2d8379f8b84df2cc7b1d055f42d6f62e0cb5771a14ae8872792350e5f770115a86564f60a785c53325c8c084afe214da3cac1783e2be9099d96ddbe9cc3ea3dd1d3ae50526b4afe24397420a3e4fa697613421";
+var expectWrappedKey = "995a93379575a0c677a7d48dbe7d496f64a53769eafae1e6a1d0f6a57d2c7f69748cdaeeff1fe7e13eb9c6d4597458ed22d369d5c6043b6ab30c79f1e7082cb3a57e19e53e607a0b26090317f45b24266c662923bb3b8c0fd7447860c52b3052da1bddda729a8bc19c447e4acd2b7da6b13fad0c4e022f7d76cb804c8aaebaed4566e2e14b02e81689f47314bf49c599c9b3700f2e23df498816bbe3ffe139cc0ed0500e762b4f3341b159950abd362ada4158e21b8ba0ed0f01a441d6a730e6a5717fd939b2e8b418d86f632ed2f3c7fea57d1ad67914afc41e4153c5b799f91c49f4db257d06477c748f7405c1394fbc8523c0a6fd31bf8368573defb47353d55c3bd5a7adfa5d9a54412823a5cfed93e632af8bdb929f0113d5ff021c0cf40d98e0f8dbaadf2c8c3878196a616e607fb5f7db4420a587cac87771c2ee6028d7f5036e1ffcb88b7f4c72a155890e8bb99c74a02aa80d4ed22ad27d4a60e9d532ab4c461a776a16e6b88ae8365b3987eab6fd2d02f9de9febc28d6f4a5467a3ef8e92c36d4e971d8c0801526393260f11eed75b6fb70ed3822c60bf7dcc6c8d4ef21ce74449365019033dfb9b8f9793198d68d406ca5dce366fb7b515c85c4ff47f6b5b3692397632d22eb6026f05a9e39f2be3be75d8aa1876aa4bac108d3ce67914c95cba31c5c072d9ddcbbbb90e34bc16c60ce812bfbb34cb76e4e7f68c0e5d6eb7647853731cab8ef4b8e3a557c84ca2b6aae9eec06bef30edf1280ef534c8698baa265d08b75ca3a29a4fbed50afdaa48e8cfebff211e9d64e63c0e3ba077f9a9c6f77a5b865a25850334d42df4f55cb7d0e1fb59590fea96d757eac310be056427b55b10342a3dd522a712d86e589183fa278dbc3c6654c12d777e9fa2a030aba5747aa345a46e7754bda59f530e5e8dfdedfc343bb789fdfc138210d5ab587f581c006760ba3d6b5875e2a34ae16f9cbded2882f5e6ffd9904518b789123ca6d19eeda979dab4ba8437b8d660354a28dac7e917cdf061cd7748d624e0af4ab9c2a5c18389e71accc495945dc83e7ea7c7724434ab375551c6fd2b0070229ec791aa680be539799aa168cf5a955721d249e676ee434141f93d1977fd8d635e387496cac6c3509a71df4fac016ca7885ae7fa7fe601c6ed62a83d0313b7d07476501e5e8b3821a1fedfa91e842cffa3cc255db1a50091aa6b391d1014cc1e59c3f36425102a03acabf06525f44c87422a889ed78c1e78a2a4d9ab244a30155005e954111d4c3384f63153adc276861021a76289f266fb7d6eda300d39102bee7d7047e32b0ced7a90e0b27f201ad8960ecb83a8003ef1e3de97b2ddf00f5b8344f1f103c6b0c5a90804201f9ac26c544e7f3cca7d4d10a7388b2460a83dfbc9c7544b9e7ce2488907f2da06b48ec209c8e9a4688261c1a1b63c940b07c2053b60b06b20421810ffbef6a4d482d7ba7d80cb6ea04222797e4ee40564612bfb15b57b34afcab259efb03e2f7a7a1622b06df5825d6cf2fd0bf63749e2c6e89b358cfe0167f0577c571953dba4b4bb3591c922b2605ccc4ccb5a3ba1a38a8983d885d867713be90d2e796fd7cb8d465925927feaeae45ef931dc7806a6ecc94810a7a39a87c6158e85866a8c2bdd3b88522c23fc4a969f60994e3cfb1be584c3f418b1e19009ac53b38d9d015af213acd5f0e9d65ee78d59c10e94973eb08b79403483591662cc9b45ac13360e262c77bb3f71f32f0f3fa35ce75daf7ca39c4c81abbabc478d6c51ffdadee0787bc98617e3ef85d87a2447103e43f910019ee95d829a4dda87339fb1437aabf4bdc884ac470853622835e825229299b838ed75024ed28050ac858aa5ba9df18ff072e878c7f1fb2da444a8eb92de07e77fd1cf7c19e589646cdbce436de837b44b78420ee9ed1bc74b5b49d98758b1b80bf17f1a2836a2a9958990a6205bd20e969c91ed56b196b0dd64fc3545e5d9278a75f0368bd4ec1a88f396e374d19a3e622f65709a522b2b1ffc70aac843f879e4507cc675a513eb868e1116fa2c8e0215afa1ddaaa99d2698879944180a4da38873c512998a7a0c51b44c8655302b703a9251a9f3acd9465d9f3eab1b7555317fdd97ccf0305a56e32a34daa62a8a4d16f280db7fd54bff1ed916d04c3e346b5de79b833d9ba42789be91a42fdad20c239eaa51f411fde79f0d6274a055fa98fabbc583714ed4baa168660493a55a7fdf5b66dc4d6afb05224da3b3f81ca8274b1be0d31da40b80ee9f0a56448bcbc6f8142aea8ab0169764dac201c7c8733e3f9b7212be22a39c12e30cde9ed5fe3042db4a51a1b85e0d23fc7b237224473be41ef6a8db014cda53969b1acdd0b732a5";
 
 crypto.subtle.importKey("raw", rawKey, "aes-cbc", extractable, ["wrapKey"]).then(function(result) {

trunk/LayoutTests/crypto/subtle/aes-cbc-import-key-wrap-jwk-rsa-key-public.html

@@ -29 +29 @@
     iv: asciiToUint8Array("jnOw99oOZFLIEPMr"),
 }
-var expectWrappedKey = "848aa2f70ee18e2953520132a79cf47946e00c99362340bb690edc9ab5315757462c128278c6232e770e7437c56ed722a8e1703855f7f3e565394e1a6a0305c4ef1b30fa4c7f72d1a239cc6c6ba067898798a36a75132c66b4a2d3fb942886affd3ea3b2756b0ddc886c01e3b93107469b82124468408ef8ab548b85aa8f206c312d74ce4f2c679eb147a275cefda64d5bdc4a2b5b90a4ac9ad3eb5f2cf19f5f87653211f59b4731ba61125582a233951097dea65db05899d587d1dcfccab9ab7410ab3010b89066506dbacbc6b73e4b564792751388fa0f58d55c59c14a08c9dfb0f78100b0f5cc29d62328822636d30a6a153ec5cd4727ad5e47b419c48544565637ac5789863d43b7da78cf4383d09d66e9d458e436dbfbee75e382b2bab49eec2c7491ff93cf099fe92feaf4658e30889fd12d3ae61cd5e8c8e1e56a079b662f90cd10cdbdbb4d12eefb36d825e1a043e82f5a98f8960d655d3f9ed5af31e581fa846cc582f6cee5c25e0b3c32050534ae957ce27860d470ba26da2c7d6fa621b0faa8becad58e9e55bb2a9d984b042f25df21482529870d271cbf5508a0edfc3cb37316c11f16b342bc1f1f98aa";
+var expectWrappedKey = "995a93379575a0c677a7d48dbe7d496fe4d8c9be49cdaf48e88398a769c2825d94396edb75683ed54e3ca0ac1f352f6b92486ef68186ef37d2b6be27ddd4bdaafbea98ec8c0dfc62353714f11219d4c69271a06507909f6dc50fd136f06265e5bfe9b2de09a704db4b4acd1d2834eefaab814484b70d77984455a1bad47e94cedc467939ea7495387087aff0eec9dfa4bf6c5baa6df37328a7068128930adc129a1874c323f315e993a27c667f1e02ffab5cc235bb7d270696875f43bb198f453cdef134ffe171c855c4641678527819dce552e4cd97fb30404075869aba085634327774cd7b71e7d0ea306f2d92d64658778897489fff205645e1a1b57832349ef1e6abef7c6780aa085b7d55c55693d69cf439497925dc8239791130d4387387188f2dea13d2825b2690456df80f6f1694351c8f33eb37bc44f2ad3f8f6d0a0e98c1510c6a5f64209288516aec0b30f85ed0b129a5ffc4840a9b5f0374c37304ad4f3d81572417813172929dd08f8a853ab57d3bc5d72eeeca932d8a05d3eb74d2ceba39b87cd7113abb30de3d05448162b50b17de8603fa4b5e7f8ab267cc6b8fdc830d76a35eb4078597b6301176";
 
 crypto.subtle.importKey("raw", rawKey, "aes-cbc", extractable, ["wrapKey"]).then(function(result) {

trunk/LayoutTests/crypto/subtle/aes-import-key-malformed-parameters-expected.txt

@@ -10 +10 @@
 PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k192, alg: "A256CBC"}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k256, alg: "A128CBC"}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "oct", k: "A72F", alg: "foo"}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k128, alg: ""}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k192, alg: ""}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k256, alg: ""}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k128, alg: "A192KW"}, "aes-kw", extractable, ["wrapKey", "unwrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k192, alg: "A256KW"}, "aes-kw", extractable, ["wrapKey", "unwrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k256, alg: "A128KW"}, "aes-kw", extractable, ["wrapKey", "unwrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
-PASS crypto.subtle.importKey("jwk", {kty: "oct", k: "A72F", alg: "foo"}, "aes-cbc", extractable, ["wrapKey", "unwrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "oct", k: "A72F", alg: "foo"}, "aes-kw", extractable, ["wrapKey", "unwrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k128, alg: ""}, "aes-kw", extractable, ["wrapKey", "unwrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k192, alg: ""}, "aes-kw", extractable, ["wrapKey", "unwrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k256, alg: ""}, "aes-kw", extractable, ["wrapKey", "unwrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "oct", k: "!!!", alg: "foo"}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "oct", k: "", alg: "foo"}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k128, alg: "A128CBC", use: "sig"}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k128, alg: "A128CBC", use: ""}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k128, alg: "A128CBC", key_ops: ["encrypt", "decrypt"]}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k128, alg: "A128CBC", key_ops: [ ]}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k128, alg: "A128CBC", ext: false}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS successfullyParsed is true

trunk/LayoutTests/crypto/subtle/aes-import-key-malformed-parameters.html

@@ -27 +27 @@
 shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k192, alg: "A256CBC"}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"])');
 shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k256, alg: "A128CBC"}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: "A72F", alg: "foo"}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k128, alg: ""}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k192, alg: ""}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k256, alg: ""}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"])');
 shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k128, alg: "A192KW"}, "aes-kw", extractable, ["wrapKey", "unwrapKey"])');
 shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k192, alg: "A256KW"}, "aes-kw", extractable, ["wrapKey", "unwrapKey"])');
 shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k256, alg: "A128KW"}, "aes-kw", extractable, ["wrapKey", "unwrapKey"])');
-shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: "A72F", alg: "foo"}, "aes-cbc", extractable, ["wrapKey", "unwrapKey"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: "A72F", alg: "foo"}, "aes-kw", extractable, ["wrapKey", "unwrapKey"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k128, alg: ""}, "aes-kw", extractable, ["wrapKey", "unwrapKey"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k192, alg: ""}, "aes-kw", extractable, ["wrapKey", "unwrapKey"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k256, alg: ""}, "aes-kw", extractable, ["wrapKey", "unwrapKey"])');
 // Jwk: wrong k format
 shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: "!!!", alg: "foo"}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: "", alg: "foo"}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"])');
 // Jwk: wrong use
 shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k128, alg: "A128CBC", use: "sig"}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k128, alg: "A128CBC", use: ""}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"])');
 // Jwk: wrong key_ops
 shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k128, alg: "A128CBC", key_ops: ["encrypt", "decrypt"]}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k128, alg: "A128CBC", key_ops: [ ]}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"])');
 // Jwk: wrong ext
 shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k128, alg: "A128CBC", ext: false}, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"])');

trunk/LayoutTests/crypto/subtle/hmac-import-key-malformed-parameters-expected.txt

@@ -14 +14 @@
 PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k, alg: "HS512"}, {name: "hmac", hash: "sha-384"}, extractable, ["sign", "verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k, alg: "HS1"}, {name: "hmac", hash: "sha-512"}, extractable, ["sign", "verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k, alg: ""}, {name: "hmac", hash: "sha-1"}, extractable, ["sign", "verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k, alg: ""}, {name: "hmac", hash: "sha-224"}, extractable, ["sign", "verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k, alg: ""}, {name: "hmac", hash: "sha-256"}, extractable, ["sign", "verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k, alg: ""}, {name: "hmac", hash: "sha-384"}, extractable, ["sign", "verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k, alg: ""}, {name: "hmac", hash: "sha-512"}, extractable, ["sign", "verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "oct", k: "!!!", alg: "foo"}, {name: "hmac", hash: "sha-1"}, extractable, ["sign", "verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "oct", k: "", alg: "foo"}, {name: "hmac", hash: "sha-1"}, extractable, ["sign", "verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k, alg: "HS1", use: "enc"}, {name: "hmac", hash: "sha-1"}, extractable, ["sign", "verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k, alg: "HS1", use: ""}, {name: "hmac", hash: "sha-1"}, extractable, ["sign", "verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k, alg: "HS1", key_ops: ["sign"]}, {name: "hmac", hash: "sha-1"}, extractable, ["sign", "verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "oct", k: k, alg: "HS1", ext: false}, {name: "hmac", hash: "sha-1"}, extractable, ["sign", "verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.

trunk/LayoutTests/crypto/subtle/hmac-import-key-malformed-parameters.html

@@ -31 +31 @@
 shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k, alg: "HS512"}, {name: "hmac", hash: "sha-384"}, extractable, ["sign", "verify"])');
 shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k, alg: "HS1"}, {name: "hmac", hash: "sha-512"}, extractable, ["sign", "verify"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k, alg: ""}, {name: "hmac", hash: "sha-1"}, extractable, ["sign", "verify"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k, alg: ""}, {name: "hmac", hash: "sha-224"}, extractable, ["sign", "verify"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k, alg: ""}, {name: "hmac", hash: "sha-256"}, extractable, ["sign", "verify"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k, alg: ""}, {name: "hmac", hash: "sha-384"}, extractable, ["sign", "verify"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k, alg: ""}, {name: "hmac", hash: "sha-512"}, extractable, ["sign", "verify"])');
 // Jwk: wrong k format
 shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: "!!!", alg: "foo"}, {name: "hmac", hash: "sha-1"}, extractable, ["sign", "verify"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: "", alg: "foo"}, {name: "hmac", hash: "sha-1"}, extractable, ["sign", "verify"])');
 // Jwk: wrong use
 shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k, alg: "HS1", use: "enc"}, {name: "hmac", hash: "sha-1"}, extractable, ["sign", "verify"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k, alg: "HS1", use: ""}, {name: "hmac", hash: "sha-1"}, extractable, ["sign", "verify"])');
 // Jwk: wrong key_ops
 shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", k: k, alg: "HS1", key_ops: ["sign"]}, {name: "hmac", hash: "sha-1"}, extractable, ["sign", "verify"])');

trunk/LayoutTests/crypto/subtle/rsa-import-key-malformed-parameters-expected.txt

@@ -6 +6 @@
 PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e}, "RSAES-PKCS1-v1_5", extractable, ["decrypt"]) rejected promise  with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range.
 PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: d}, "RSAES-PKCS1-v1_5", extractable, ["encrypt"]) rejected promise  with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range.
+PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: ""}, "RSAES-PKCS1-v1_5", extractable, ["encrypt"]) rejected promise  with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range.
 PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-1"}, extractable, ["sign"]) rejected promise  with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range.
 PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: d}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-1"}, extractable, ["verify"]) rejected promise  with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range.
+PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: ""}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-1"}, extractable, ["verify"]) rejected promise  with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range.
 PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e}, {name: "RSA-OAEP", hash: "sha-1"}, extractable, ["decrypt", "unwrapKey"]) rejected promise  with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range.
 PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: d}, {name: "RSA-OAEP", hash: "sha-1"}, extractable, ["encrypt", "wrapKey"]) rejected promise  with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range.
+PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: ""}, {name: "RSA-OAEP", hash: "sha-1"}, extractable, ["encrypt", "wrapKey"]) rejected promise  with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range.
 PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, use: "sig"}, "RSAES-PKCS1-v1_5", extractable, ["encrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, use: ""}, "RSAES-PKCS1-v1_5", extractable, ["encrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, use: "enc"}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-1"}, extractable, ["verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, use: ""}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-1"}, extractable, ["verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, use: "sig"}, {name: "RSA-OAEP", hash: "sha-1"}, extractable, ["encrypt", "wrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, use: ""}, {name: "RSA-OAEP", hash: "sha-1"}, extractable, ["encrypt", "wrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: "foo"}, "RSAES-PKCS1-v1_5", extractable, ["encrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, "RSAES-PKCS1-v1_5", extractable, ["encrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: "RS224"}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-1"}, extractable, ["verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: "RS256"}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-224"}, extractable, ["verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
@@ -19 +26 @@
 PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: "RS512"}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-384"}, extractable, ["verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: "RS1"}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-512"}, extractable, ["verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-1"}, extractable, ["verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-224"}, extractable, ["verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-256"}, extractable, ["verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-384"}, extractable, ["verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-512"}, extractable, ["verify"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: "RSA-OAEP-224"}, {name: "RSA-OAEP", hash: "sha-1"}, extractable, ["encrypt", "wrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: "RSA-OAEP-256"}, {name: "RSA-OAEP", hash: "sha-224"}, extractable, ["encrypt", "wrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
@@ -24 +36 @@
 PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: "RSA-OAEP-512"}, {name: "RSA-OAEP", hash: "sha-384"}, extractable, ["encrypt", "wrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: "RSA-OAEP"}, {name: "RSA-OAEP", hash: "sha-512"}, extractable, ["encrypt", "wrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, {name: "RSA-OAEP", hash: "sha-1"}, extractable, ["encrypt", "wrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, {name: "RSA-OAEP", hash: "sha-224"}, extractable, ["encrypt", "wrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, {name: "RSA-OAEP", hash: "sha-256"}, extractable, ["encrypt", "wrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, {name: "RSA-OAEP", hash: "sha-384"}, extractable, ["encrypt", "wrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, {name: "RSA-OAEP", hash: "sha-512"}, extractable, ["encrypt", "wrapKey"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "oct", n: n, e: e}, "RSAES-PKCS1-v1_5", extractable, ["encrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, key_ops: ["sign", "verify"]}, "RSAES-PKCS1-v1_5", extractable, ["encrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
@@ -37 +54 @@
 PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: d, p: p, q: q, dp: dp, qi: qi}, "RSAES-PKCS1-v1_5", extractable, ["decrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: d, p: p, q: q, dp: dp, dq: dq}, "RSAES-PKCS1-v1_5", extractable, ["decrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: "", e: e, d: d, p: p, q: q, dp: dp, dq: dq, qi: qi}, "RSAES-PKCS1-v1_5", extractable, ["decrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
+PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: d, p: "", q: q, dp: dp, dq: dq, qi: qi}, "RSAES-PKCS1-v1_5", extractable, ["decrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
 PASS crypto.subtle.importKey("spki", spkiKey, "RSAES-PKCS1-v1_5", extractable, ["decrypt"]) rejected promise  with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range.
 PASS crypto.subtle.importKey("spki", spkiKey, {name: "RSASSA-PKCS1-v1_5", hash: "sha-1"}, extractable, ["sign"]) rejected promise  with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range.

trunk/LayoutTests/crypto/subtle/rsa-import-key-malformed-parameters.html

@@ -36 +36 @@
 shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e}, "RSAES-PKCS1-v1_5", extractable, ["decrypt"])');
 shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: d}, "RSAES-PKCS1-v1_5", extractable, ["encrypt"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: ""}, "RSAES-PKCS1-v1_5", extractable, ["encrypt"])');
 shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-1"}, extractable, ["sign"])');
 shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: d}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-1"}, extractable, ["verify"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: ""}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-1"}, extractable, ["verify"])');
 shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e}, {name: "RSA-OAEP", hash: "sha-1"}, extractable, ["decrypt", "unwrapKey"])');
 shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: d}, {name: "RSA-OAEP", hash: "sha-1"}, extractable, ["encrypt", "wrapKey"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: ""}, {name: "RSA-OAEP", hash: "sha-1"}, extractable, ["encrypt", "wrapKey"])');
 // Jwk: Wrong use
 shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, use: "sig"}, "RSAES-PKCS1-v1_5", extractable, ["encrypt"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, use: ""}, "RSAES-PKCS1-v1_5", extractable, ["encrypt"])');
 shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, use: "enc"}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-1"}, extractable, ["verify"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, use: ""}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-1"}, extractable, ["verify"])');
 shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, use: "sig"}, {name: "RSA-OAEP", hash: "sha-1"}, extractable, ["encrypt", "wrapKey"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, use: ""}, {name: "RSA-OAEP", hash: "sha-1"}, extractable, ["encrypt", "wrapKey"])');
 // Jwk: Wrong alg
 shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: "foo"}, "RSAES-PKCS1-v1_5", extractable, ["encrypt"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, "RSAES-PKCS1-v1_5", extractable, ["encrypt"])');
 shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: "RS224"}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-1"}, extractable, ["verify"])');
 shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: "RS256"}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-224"}, extractable, ["verify"])');
@@ -51 +58 @@
 shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: "RS512"}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-384"}, extractable, ["verify"])');
 shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: "RS1"}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-512"}, extractable, ["verify"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-1"}, extractable, ["verify"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-224"}, extractable, ["verify"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-256"}, extractable, ["verify"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-384"}, extractable, ["verify"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, {name: "RSASSA-PKCS1-v1_5", hash: "sha-512"}, extractable, ["verify"])');
 shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: "RSA-OAEP-224"}, {name: "RSA-OAEP", hash: "sha-1"}, extractable, ["encrypt", "wrapKey"])');
 shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: "RSA-OAEP-256"}, {name: "RSA-OAEP", hash: "sha-224"}, extractable, ["encrypt", "wrapKey"])');
@@ -56 +68 @@
 shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: "RSA-OAEP-512"}, {name: "RSA-OAEP", hash: "sha-384"}, extractable, ["encrypt", "wrapKey"])');
 shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: "RSA-OAEP"}, {name: "RSA-OAEP", hash: "sha-512"}, extractable, ["encrypt", "wrapKey"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, {name: "RSA-OAEP", hash: "sha-1"}, extractable, ["encrypt", "wrapKey"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, {name: "RSA-OAEP", hash: "sha-224"}, extractable, ["encrypt", "wrapKey"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, {name: "RSA-OAEP", hash: "sha-256"}, extractable, ["encrypt", "wrapKey"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, {name: "RSA-OAEP", hash: "sha-384"}, extractable, ["encrypt", "wrapKey"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, alg: ""}, {name: "RSA-OAEP", hash: "sha-512"}, extractable, ["encrypt", "wrapKey"])');
 // Jwk: Wrong kty
 shouldReject('crypto.subtle.importKey("jwk", {kty: "oct", n: n, e: e}, "RSAES-PKCS1-v1_5", extractable, ["encrypt"])');
@@ -75 +92 @@
 shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: d, p: p, q: q, dp: dp, qi: qi}, "RSAES-PKCS1-v1_5", extractable, ["decrypt"])');
 shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: d, p: p, q: q, dp: dp, dq: dq}, "RSAES-PKCS1-v1_5", extractable, ["decrypt"])');
+// Empty n, p
+shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: "", e: e, d: d, p: p, q: q, dp: dp, dq: dq, qi: qi}, "RSAES-PKCS1-v1_5", extractable, ["decrypt"])');
+shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: d, p: "", q: q, dp: dp, dq: dq, qi: qi}, "RSAES-PKCS1-v1_5", extractable, ["decrypt"])');
 // Spki: Wrong usages
 shouldReject('crypto.subtle.importKey("spki", spkiKey, "RSAES-PKCS1-v1_5", extractable, ["decrypt"])');

trunk/LayoutTests/crypto/workers/subtle/resources/aes-cbc-import-key-wrap-key.js

@@ -21 +21 @@
     iv: asciiToUint8Array("jnOw99oOZFLIEPMr"),
 }
-var expectWrappedKey = "848aa2f70ee18e2953520132a79cf47946e00c99362340bb690edc9ab5315757462c128278c6232e770e7437c56ed722a8e1703855f7f3e565394e1a6a0305c4ef1b30fa4c7f72d1a239cc6c6ba067898798a36a75132c66b4a2d3fb942886affd3ea3b2756b0ddc886c01e3b93107469b82124468408ef8ab548b85aa8f206c312d74ce4f2c679eb147a275cefda64d5bdc4a2b5b90a4ac9ad3eb5f2cf19f5f87653211f59b4731ba61125582a233951097dea65db05899d587d1dcfccab9ab7410ab3010b89066506dbacbc6b73e4b564792751388fa0f58d55c59c14a08c9dfb0f78100b0f5cc29d62328822636d30a6a153ec5cd4727ad5e47b419c48544565637ac5789863d43b7da78cf4383d09d66e9d458e436dbfbee75e382b2bab49eec2c7491ff93cf099fe92feaf4658e30889fd12d3ae61cd5e8c8e1e56a079b662f90cd10cdbdbb4d12eefb36d825e1a043e82f5a98f8960d655d3f9ed5af31e581fa846cc582f6cee5c25e0b3c32050534ae957ce27860d470ba26da2c7d6fa621b0faa8becad58e9e55bb2a9d984b042f25df21482529870d271cbf5508a0edfc3cb37316c11f16b342bc1f1f98aa";
+var expectWrappedKey = "995a93379575a0c677a7d48dbe7d496fe4d8c9be49cdaf48e88398a769c2825d94396edb75683ed54e3ca0ac1f352f6b92486ef68186ef37d2b6be27ddd4bdaafbea98ec8c0dfc62353714f11219d4c69271a06507909f6dc50fd136f06265e5bfe9b2de09a704db4b4acd1d2834eefaab814484b70d77984455a1bad47e94cedc467939ea7495387087aff0eec9dfa4bf6c5baa6df37328a7068128930adc129a1874c323f315e993a27c667f1e02ffab5cc235bb7d270696875f43bb198f453cdef134ffe171c855c4641678527819dce552e4cd97fb30404075869aba085634327774cd7b71e7d0ea306f2d92d64658778897489fff205645e1a1b57832349ef1e6abef7c6780aa085b7d55c55693d69cf439497925dc8239791130d4387387188f2dea13d2825b2690456df80f6f1694351c8f33eb37bc44f2ad3f8f6d0a0e98c1510c6a5f64209288516aec0b30f85ed0b129a5ffc4840a9b5f0374c37304ad4f3d81572417813172929dd08f8a853ab57d3bc5d72eeeca932d8a05d3eb74d2ceba39b87cd7113abb30de3d05448162b50b17de8603fa4b5e7f8ab267cc6b8fdc830d76a35eb4078597b6301176";
 
 crypto.subtle.importKey("raw", rawKey, "aes-cbc", extractable, ["wrapKey"]).then(function(result) {

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2017-02-16  Jiewen Tan  <jiewen_tan@apple.com>
+
+        [WebCrypto] remove toJSValueFromJsonWebKey from custom SubtleCrypto binding codes
+        https://bugs.webkit.org/show_bug.cgi?id=167026
+
+        Reviewed by Chris Dumez.
+
+        Covered by existing tests.
+
+        * bindings/js/JSSubtleCryptoCustom.cpp:
+        (WebCore::jsSubtleCryptoFunctionExportKeyPromise):
+        (WebCore::jsSubtleCryptoFunctionWrapKeyPromise):
+        (WebCore::toJSValueFromJsonWebKey): Deleted.
+        * crypto/JsonWebKey.h:
+        * crypto/JsonWebKey.idl:
+        * crypto/RsaOtherPrimesInfo.idl:
+        Change std::optional<String> to String in order to use toJS<IDLDictionary<JsonWebKey>>.
+        * crypto/algorithms/CryptoAlgorithmAES_CBC.cpp:
+        (WebCore::CryptoAlgorithmAES_CBC::importKey):
+        * crypto/algorithms/CryptoAlgorithmAES_KW.cpp:
+        (WebCore::CryptoAlgorithmAES_KW::importKey):
+        * crypto/algorithms/CryptoAlgorithmHMAC.cpp:
+        (WebCore::CryptoAlgorithmHMAC::importKey):
+        * crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp:
+        (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::importKey):
+        * crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp:
+        (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::importKey):
+        * crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp:
+        (WebCore::CryptoAlgorithmRSA_OAEP::importKey):
+        * crypto/keys/CryptoKeyAES.cpp:
+        (WebCore::CryptoKeyAES::importJwk):
+        Only check if key_ops contains all of the specified usages when key_ops field of jwk is present,
+        as per the specification: https://www.w3.org/TR/WebCryptoAPI/#aes-cbc-operations
+        * crypto/keys/CryptoKeyAES.h:
+        * crypto/keys/CryptoKeyHMAC.cpp:
+        (WebCore::CryptoKeyHMAC::importJwk):
+        * crypto/keys/CryptoKeyHMAC.h:
+        * crypto/keys/CryptoKeyRSA.cpp:
+        (WebCore::CryptoKeyRSA::importJwk):
+        Accommodate the change from std::optional<String> to String.
+        * crypto/mac/CryptoKeyRSAMac.cpp:
+        (WebCore::CryptoKeyRSA::create):
+        Add a null check for p.
+
 2017-02-16  Antti Koivisto  <antti@apple.com>
 

trunk/Source/WebCore/bindings/js/JSSubtleCryptoCustom.cpp

@@ -360 +360 @@
 }
 
-// FIXME: We should get rid of this once https://bugs.webkit.org/show_bug.cgi?id=163711 is fixed.
-static JSValue toJSValueFromJsonWebKey(JSDOMGlobalObject& globalObject, JsonWebKey&& key)
-{
-    ExecState& state = *globalObject.globalExec();
-    VM& vm = state.vm();
-
-    auto* result = constructEmptyObject(&state);
-    result->putDirect(vm, Identifier::fromString(&vm, "kty"), toJS<IDLDOMString>(state, key.kty));
-    if (key.use)
-        result->putDirect(vm, Identifier::fromString(&vm, "use"), toJS<IDLDOMString>(state, key.use.value()));
-    if (key.key_ops)
-        result->putDirect(vm, Identifier::fromString(&vm, "key_ops"), toJS<IDLSequence<IDLEnumeration<CryptoKeyUsage>>>(state, globalObject, key.key_ops.value()));
-    if (key.alg)
-        result->putDirect(vm, Identifier::fromString(&vm, "alg"), toJS<IDLDOMString>(state, key.alg.value()));
-    if (key.ext)
-        result->putDirect(vm, Identifier::fromString(&vm, "ext"), toJS<IDLBoolean>(state, key.ext.value()));
-    if (key.crv)
-        result->putDirect(vm, Identifier::fromString(&vm, "crv"), toJS<IDLDOMString>(state, key.crv.value()));
-    if (key.x)
-        result->putDirect(vm, Identifier::fromString(&vm, "x"), toJS<IDLDOMString>(state, key.x.value()));
-    if (key.y)
-        result->putDirect(vm, Identifier::fromString(&vm, "y"), toJS<IDLDOMString>(state, key.y.value()));
-    if (key.d)
-        result->putDirect(vm, Identifier::fromString(&vm, "d"), toJS<IDLDOMString>(state, key.d.value()));
-    if (key.n)
-        result->putDirect(vm, Identifier::fromString(&vm, "n"), toJS<IDLDOMString>(state, key.n.value()));
-    if (key.e)
-        result->putDirect(vm, Identifier::fromString(&vm, "e"), toJS<IDLDOMString>(state, key.e.value()));
-    if (key.p)
-        result->putDirect(vm, Identifier::fromString(&vm, "p"), toJS<IDLDOMString>(state, key.p.value()));
-    if (key.q)
-        result->putDirect(vm, Identifier::fromString(&vm, "q"), toJS<IDLDOMString>(state, key.q.value()));
-    if (key.dp)
-        result->putDirect(vm, Identifier::fromString(&vm, "dp"), toJS<IDLDOMString>(state, key.dp.value()));
-    if (key.dq)
-        result->putDirect(vm, Identifier::fromString(&vm, "dq"), toJS<IDLDOMString>(state, key.dq.value()));
-    if (key.qi)
-        result->putDirect(vm, Identifier::fromString(&vm, "qi"), toJS<IDLDOMString>(state, key.qi.value()));
-    if (key.oth) {
-        MarkedArgumentBuffer list;
-        for (auto& value : key.oth.value()) {
-            auto* info = constructEmptyObject(&state);
-            info->putDirect(vm, Identifier::fromString(&vm, "r"), toJS<IDLDOMString>(state, value.r));
-            info->putDirect(vm, Identifier::fromString(&vm, "d"), toJS<IDLDOMString>(state, value.d));
-            info->putDirect(vm, Identifier::fromString(&vm, "t"), toJS<IDLDOMString>(state, value.t));
-            list.append(info);
-        }
-        result->putDirect(vm, Identifier::fromString(&vm, "oth"), constructArray(&state, static_cast<Structure*>(nullptr), list));
-    }
-    if (key.k)
-        result->putDirect(vm, Identifier::fromString(&vm, "k"), toJS<IDLDOMString>(state, key.k.value()));
-
-    return result;
-}
-
 static RefPtr<CryptoKey> toCryptoKey(ExecState& state, JSValue value)
 {
@@ -866 +811 @@
         }
         case SubtleCrypto::KeyFormat::Jwk:
-            capturedPromise->resolve<IDLAny>(toJSValueFromJsonWebKey(*(capturedPromise->globalObject()), WTFMove(WTF::get<JsonWebKey>(key))));
+            capturedPromise->resolve<IDLDictionary<JsonWebKey>>(WTFMove(WTF::get<JsonWebKey>(key)));
             return;
         }
@@ -955 +900 @@
             break;
         case SubtleCrypto::KeyFormat::Jwk: {
-            auto jwk = toJSValueFromJsonWebKey(*(promise->globalObject()), WTFMove(WTF::get<JsonWebKey>(key)));
+            auto jwk = toJS<IDLDictionary<JsonWebKey>>(*(promise->globalObject()->globalExec()), *(promise->globalObject()), WTFMove(WTF::get<JsonWebKey>(key)));
             String jwkString = JSONStringify(promise->globalObject()->globalExec(), jwk, 0);
             CString jwkUtf8String = jwkString.utf8(StrictConversion);

trunk/Source/WebCore/crypto/JsonWebKey.h

@@ -36 +36 @@
 struct JsonWebKey {
     String kty;
-    std::optional<String> use;
+    String use;
     // FIXME: Consider merging key_ops and usages.
     std::optional<Vector<CryptoKeyUsage>> key_ops;
     CryptoKeyUsageBitmap usages;
-    std::optional<String> alg;
+    String alg;
 
     std::optional<bool> ext;
 
-    std::optional<String> crv;
-    std::optional<String> x;
-    std::optional<String> y;
-    std::optional<String> d;
-    std::optional<String> n;
-    std::optional<String> e;
-    std::optional<String> p;
-    std::optional<String> q;
-    std::optional<String> dp;
-    std::optional<String> dq;
-    std::optional<String> qi;
+    String crv;
+    String x;
+    String y;
+    String d;
+    String n;
+    String e;
+    String p;
+    String q;
+    String dp;
+    String dq;
+    String qi;
     std::optional<Vector<RsaOtherPrimesInfo>> oth;
-    std::optional<String> k;
+    String k;
 };
 

trunk/Source/WebCore/crypto/JsonWebKey.idl

@@ -26 +26 @@
 [
     Conditional=SUBTLE_CRYPTO,
+    JSGenerateToJSObject,
 ] dictionary JsonWebKey {
     // The following fields are defined in Section 3.1 of JSON Web Key

trunk/Source/WebCore/crypto/RsaOtherPrimesInfo.idl

@@ -26 +26 @@
 [
     Conditional=SUBTLE_CRYPTO,
+    JSGenerateToJSObject,
 ] dictionary RsaOtherPrimesInfo {
     // The following fields are defined in Section 6.3.2.7 of JSON Web Algorithms

trunk/Source/WebCore/crypto/algorithms/CryptoAlgorithmAES_CBC.cpp

@@ -121 +121 @@
         break;
     case SubtleCrypto::KeyFormat::Jwk: {
-        auto checkAlgCallback = [](size_t length, const std::optional<String>& alg) -> bool {
+        auto checkAlgCallback = [](size_t length, const String& alg) -> bool {
             switch (length) {
             case CryptoKeyAES::s_length128:
-                return !alg || alg.value() == ALG128;
+                return alg.isNull() || alg == ALG128;
             case CryptoKeyAES::s_length192:
-                return !alg || alg.value() == ALG192;
+                return alg.isNull() || alg == ALG192;
             case CryptoKeyAES::s_length256:
-                return !alg || alg.value() == ALG256;
+                return alg.isNull() || alg == ALG256;
             }
             return false;

trunk/Source/WebCore/crypto/algorithms/CryptoAlgorithmAES_KW.cpp

@@ -95 +95 @@
         break;
     case SubtleCrypto::KeyFormat::Jwk: {
-        result = CryptoKeyAES::importJwk(parameters->identifier, WTFMove(WTF::get<JsonWebKey>(data)), extractable, usages, [](size_t length, const std::optional<String>& alg) -> bool {
+        result = CryptoKeyAES::importJwk(parameters->identifier, WTFMove(WTF::get<JsonWebKey>(data)), extractable, usages, [](size_t length, const String& alg) -> bool {
             switch (length) {
             case CryptoKeyAES::s_length128:
-                return !alg || alg.value() == ALG128;
+                return alg.isNull() || alg == ALG128;
             case CryptoKeyAES::s_length192:
-                return !alg || alg.value() == ALG192;
+                return alg.isNull() || alg == ALG192;
             case CryptoKeyAES::s_length256:
-                return !alg || alg.value() == ALG256;
+                return alg.isNull() || alg == ALG256;
             }
             return false;

trunk/Source/WebCore/crypto/algorithms/CryptoAlgorithmHMAC.cpp

@@ -120 +120 @@
         break;
     case SubtleCrypto::KeyFormat::Jwk: {
-        auto checkAlgCallback = [](CryptoAlgorithmIdentifier hash, const std::optional<String>& alg) -> bool {
+        auto checkAlgCallback = [](CryptoAlgorithmIdentifier hash, const String& alg) -> bool {
             switch (hash) {
             case CryptoAlgorithmIdentifier::SHA_1:
-                return !alg || alg.value() == ALG1;
+                return alg.isNull() || alg == ALG1;
             case CryptoAlgorithmIdentifier::SHA_224:
-                return !alg || alg.value() == ALG224;
+                return alg.isNull() || alg == ALG224;
             case CryptoAlgorithmIdentifier::SHA_256:
-                return !alg || alg.value() == ALG256;
+                return alg.isNull() || alg == ALG256;
             case CryptoAlgorithmIdentifier::SHA_384:
-                return !alg || alg.value() == ALG384;
+                return alg.isNull() || alg == ALG384;
             case CryptoAlgorithmIdentifier::SHA_512:
-                return !alg || alg.value() == ALG512;
+                return alg.isNull() || alg == ALG512;
             default:
                 return false;

trunk/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp

@@ -107 +107 @@
     case SubtleCrypto::KeyFormat::Jwk: {
         JsonWebKey key = WTFMove(WTF::get<JsonWebKey>(data));
-        if (usages && ((key.d && (usages ^ CryptoKeyUsageDecrypt)) || (!key.d && (usages ^ CryptoKeyUsageEncrypt)))) {
+        if (usages && ((!key.d.isNull() && (usages ^ CryptoKeyUsageDecrypt)) || (key.d.isNull() && (usages ^ CryptoKeyUsageEncrypt)))) {
             exceptionCallback(SYNTAX_ERR);
             return;
         }
-        if (usages && key.use && key.use.value() != "enc") {
+        if (usages && !key.use.isNull() && key.use != "enc") {
             exceptionCallback(DataError);
             return;
         }
-        if (key.alg && key.alg.value() != ALG) {
+        if (!key.alg.isNull() && key.alg != ALG) {
             exceptionCallback(DataError);
             return;

trunk/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp

@@ -118 +118 @@
         JsonWebKey key = WTFMove(WTF::get<JsonWebKey>(data));
 
-        if (usages && ((key.d && (usages ^ CryptoKeyUsageSign)) || (!key.d && (usages ^ CryptoKeyUsageVerify)))) {
+        if (usages && ((!key.d.isNull() && (usages ^ CryptoKeyUsageSign)) || (key.d.isNull() && (usages ^ CryptoKeyUsageVerify)))) {
             exceptionCallback(SYNTAX_ERR);
             return;
         }
-        if (usages && key.use && key.use.value() != "sig") {
+        if (usages && !key.use.isNull() && key.use != "sig") {
             exceptionCallback(DataError);
             return;
@@ -130 +130 @@
         switch (rsaParameters.hashIdentifier) {
         case CryptoAlgorithmIdentifier::SHA_1:
-            isMatched = !key.alg || key.alg.value() == ALG1;
+            isMatched = key.alg.isNull() || key.alg == ALG1;
             break;
         case CryptoAlgorithmIdentifier::SHA_224:
-            isMatched = !key.alg || key.alg.value() == ALG224;
+            isMatched = key.alg.isNull() || key.alg == ALG224;
             break;
         case CryptoAlgorithmIdentifier::SHA_256:
-            isMatched = !key.alg || key.alg.value() == ALG256;
+            isMatched = key.alg.isNull() || key.alg == ALG256;
             break;
         case CryptoAlgorithmIdentifier::SHA_384:
-            isMatched = !key.alg || key.alg.value() == ALG384;
+            isMatched = key.alg.isNull() || key.alg == ALG384;
             break;
         case CryptoAlgorithmIdentifier::SHA_512:
-            isMatched = !key.alg || key.alg.value() == ALG512;
+            isMatched = key.alg.isNull() || key.alg == ALG512;
             break;
         default:

trunk/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp

@@ -121 +121 @@
 
         bool isUsagesAllowed = false;
-        if (key.d) {
+        if (!key.d.isNull()) {
             isUsagesAllowed = isUsagesAllowed || !(usages ^ CryptoKeyUsageDecrypt);
             isUsagesAllowed = isUsagesAllowed || !(usages ^ CryptoKeyUsageUnwrapKey);
@@ -136 +136 @@
         }
 
-        if (usages && key.use && key.use.value() != "enc") {
+        if (usages && !key.use.isNull() && key.use != "enc") {
             exceptionCallback(DataError);
             return;
@@ -144 +144 @@
         switch (rsaParameters.hashIdentifier) {
         case CryptoAlgorithmIdentifier::SHA_1:
-            isMatched = !key.alg || key.alg.value() == ALG1;
+            isMatched = key.alg.isNull() || key.alg == ALG1;
             break;
         case CryptoAlgorithmIdentifier::SHA_224:
-            isMatched = !key.alg || key.alg.value() == ALG224;
+            isMatched = key.alg.isNull() || key.alg == ALG224;
             break;
         case CryptoAlgorithmIdentifier::SHA_256:
-            isMatched = !key.alg || key.alg.value() == ALG256;
+            isMatched = key.alg.isNull() || key.alg == ALG256;
             break;
         case CryptoAlgorithmIdentifier::SHA_384:
-            isMatched = !key.alg || key.alg.value() == ALG384;
+            isMatched = key.alg.isNull() || key.alg == ALG384;
             break;
         case CryptoAlgorithmIdentifier::SHA_512:
-            isMatched = !key.alg || key.alg.value() == ALG512;
+            isMatched = key.alg.isNull() || key.alg == ALG512;
             break;
         default:

trunk/Source/WebCore/crypto/keys/CryptoKeyAES.cpp

@@ -88 +88 @@
     if (keyData.kty != "oct")
         return nullptr;
-    if (!keyData.k)
+    if (keyData.k.isNull())
         return nullptr;
     Vector<uint8_t> octetSequence;
-    if (!base64URLDecode(keyData.k.value(), octetSequence))
+    if (!base64URLDecode(keyData.k, octetSequence))
         return nullptr;
     if (!callback(octetSequence.size() * 8, keyData.alg))
         return nullptr;
-    if (usages && keyData.use && keyData.use.value() != "enc")
+    if (usages && !keyData.use.isNull() && keyData.use != "enc")
         return nullptr;
-    if (keyData.usages && ((keyData.usages & usages) != usages))
+    if (keyData.key_ops && ((keyData.usages & usages) != usages))
         return nullptr;
     if (keyData.ext && !keyData.ext.value() && extractable)

trunk/Source/WebCore/crypto/keys/CryptoKeyAES.h

@@ -69 +69 @@
     static RefPtr<CryptoKeyAES> generate(CryptoAlgorithmIdentifier, size_t lengthBits, bool extractable, CryptoKeyUsageBitmap);
     static RefPtr<CryptoKeyAES> importRaw(CryptoAlgorithmIdentifier, Vector<uint8_t>&& keyData, bool extractable, CryptoKeyUsageBitmap);
-    using CheckAlgCallback = WTF::Function<bool(size_t, const std::optional<String>&)>;
+    using CheckAlgCallback = Function<bool(size_t, const String&)>;
     static RefPtr<CryptoKeyAES> importJwk(CryptoAlgorithmIdentifier, JsonWebKey&&, bool extractable, CryptoKeyUsageBitmap, CheckAlgCallback&&);
 

trunk/Source/WebCore/crypto/keys/CryptoKeyHMAC.cpp

@@ -98 +98 @@
     if (keyData.kty != "oct")
         return nullptr;
-    if (!keyData.k)
+    if (keyData.k.isNull())
         return nullptr;
     Vector<uint8_t> octetSequence;
-    if (!base64URLDecode(keyData.k.value(), octetSequence))
+    if (!base64URLDecode(keyData.k, octetSequence))
         return nullptr;
     if (!callback(hash, keyData.alg))
         return nullptr;
-    if (usages && keyData.use && keyData.use.value() != "sig")
+    if (usages && !keyData.use.isNull() && keyData.use != "sig")
         return nullptr;
     if (keyData.usages && ((keyData.usages & usages) != usages))

trunk/Source/WebCore/crypto/keys/CryptoKeyHMAC.h

@@ -65 +65 @@
     static RefPtr<CryptoKeyHMAC> generate(size_t lengthBits, CryptoAlgorithmIdentifier hash, bool extractable, CryptoKeyUsageBitmap);
     static RefPtr<CryptoKeyHMAC> importRaw(size_t lengthBits, CryptoAlgorithmIdentifier hash, Vector<uint8_t>&& keyData, bool extractable, CryptoKeyUsageBitmap);
-    using CheckAlgCallback = WTF::Function<bool(CryptoAlgorithmIdentifier, const std::optional<String>&)>;
+    using CheckAlgCallback = Function<bool(CryptoAlgorithmIdentifier, const String&)>;
     static RefPtr<CryptoKeyHMAC> importJwk(size_t lengthBits, CryptoAlgorithmIdentifier hash, JsonWebKey&&, bool extractable, CryptoKeyUsageBitmap, CheckAlgCallback&&);
 

trunk/Source/WebCore/crypto/keys/CryptoKeyRSA.cpp

@@ -44 +44 @@
         return nullptr;
 
-    if (!keyData.n || !keyData.e)
+    if (keyData.n.isNull() || keyData.e.isNull())
         return nullptr;
     Vector<uint8_t> modulus;
-    if (!WTF::base64URLDecode(keyData.n.value(), modulus))
+    if (!WTF::base64URLDecode(keyData.n, modulus))
         return nullptr;
     // Per RFC 7518 Section 6.3.1.1: https://tools.ietf.org/html/rfc7518#section-6.3.1.1
-    if (!modulus[0])
+    if (!modulus.isEmpty() && !modulus[0])
         modulus.remove(0);
     Vector<uint8_t> exponent;
-    if (!WTF::base64URLDecode(keyData.e.value(), exponent))
+    if (!WTF::base64URLDecode(keyData.e, exponent))
         return nullptr;
-    if (!keyData.d) {
+    if (keyData.d.isNull()) {
         // import public key
         auto publicKeyComponents = CryptoKeyDataRSAComponents::createPublic(WTFMove(modulus), WTFMove(exponent));
@@ -64 +64 @@
     // import private key
     Vector<uint8_t> privateExponent;
-    if (!WTF::base64URLDecode(keyData.d.value(), privateExponent))
+    if (!WTF::base64URLDecode(keyData.d, privateExponent))
         return nullptr;
-    if (!keyData.p && !keyData.q && !keyData.dp && !keyData.dp && !keyData.qi) {
+    if (keyData.p.isNull() && keyData.q.isNull() && keyData.dp.isNull() && keyData.dp.isNull() && keyData.qi.isNull()) {
         auto privateKeyComponents = CryptoKeyDataRSAComponents::createPrivate(WTFMove(modulus), WTFMove(exponent), WTFMove(privateExponent));
         // Notice: CryptoAlgorithmIdentifier::SHA_1 is just a placeholder. It should not have any effect if hash is std::nullopt.
@@ -72 +72 @@
     }
 
-    if (!keyData.p || !keyData.q || !keyData.dp || !keyData.dq || !keyData.qi)
+    if (keyData.p.isNull() || keyData.q.isNull() || keyData.dp.isNull() || keyData.dq.isNull() || keyData.qi.isNull())
         return nullptr;
     CryptoKeyDataRSAComponents::PrimeInfo firstPrimeInfo;
     CryptoKeyDataRSAComponents::PrimeInfo secondPrimeInfo;
-    if (!WTF::base64URLDecode(keyData.p.value(), firstPrimeInfo.primeFactor))
+    if (!WTF::base64URLDecode(keyData.p, firstPrimeInfo.primeFactor))
         return nullptr;
-    if (!WTF::base64URLDecode(keyData.dp.value(), firstPrimeInfo.factorCRTExponent))
+    if (!WTF::base64URLDecode(keyData.dp, firstPrimeInfo.factorCRTExponent))
         return nullptr;
-    if (!WTF::base64URLDecode(keyData.q.value(), secondPrimeInfo.primeFactor))
+    if (!WTF::base64URLDecode(keyData.q, secondPrimeInfo.primeFactor))
         return nullptr;
-    if (!WTF::base64URLDecode(keyData.dq.value(), secondPrimeInfo.factorCRTExponent))
+    if (!WTF::base64URLDecode(keyData.dq, secondPrimeInfo.factorCRTExponent))
         return nullptr;
-    if (!WTF::base64URLDecode(keyData.qi.value(), secondPrimeInfo.factorCRTCoefficient))
+    if (!WTF::base64URLDecode(keyData.qi, secondPrimeInfo.factorCRTCoefficient))
         return nullptr;
     if (!keyData.oth) {

trunk/Source/WebCore/crypto/mac/CryptoKeyRSAMac.cpp

@@ -132 +132 @@
         return nullptr;
     }
+    // When an empty vector p is provided to CCRSACryptorCreateFromData to create a private key, it crashes.
+    // <rdar://problem/30550228> tracks the issue.
+    if (keyData.type() == CryptoKeyDataRSAComponents::Type::Private && keyData.firstPrimeInfo().primeFactor.isEmpty())
+        return nullptr;
+
     CCRSACryptorRef cryptor;
     // FIXME: It is so weired that we recaculate the private exponent from first prime factor and second prime factor,