Changeset 214074 in webkit
- Timestamp:
- Mar 16, 2017 3:32:20 PM (7 years ago)
- Location:
- trunk
- Files:
-
- 43 added
- 18 edited
- 6 copied
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r214072 r214074 1 2017-03-16 Jiewen Tan <jiewen_tan@apple.com> 2 3 [WebCrypto] Support SPKI/PKCS8 for Elliptic Curve 4 https://bugs.webkit.org/show_bug.cgi?id=169318 5 <rdar://problem/31081956> 6 7 Reviewed by Brent Fulgham. 8 9 * crypto/subtle/ec-export-key-malformed-parameters-expected.txt: 10 * crypto/subtle/ec-export-key-malformed-parameters.html: 11 * crypto/subtle/ec-import-jwk-key-export-jwk-key-private-expected.txt: 12 * crypto/subtle/ec-import-jwk-key-export-jwk-key-private.html: 13 * crypto/subtle/ec-import-jwk-key-export-pkcs8-key-expected.txt: Added. 14 * crypto/subtle/ec-import-jwk-key-export-pkcs8-key.html: Added. 15 * crypto/subtle/ec-import-jwk-key-export-spki-key-expected.txt: Added. 16 * crypto/subtle/ec-import-jwk-key-export-spki-key.html: Added. 17 * crypto/subtle/ec-import-key-malformed-parameters-expected.txt: 18 * crypto/subtle/ec-import-key-malformed-parameters.html: 19 * crypto/subtle/ec-import-pkcs8-key-export-jwk-key-expected.txt: Added. 20 * crypto/subtle/ec-import-pkcs8-key-export-jwk-key.html: Added. 21 * crypto/subtle/ec-import-pkcs8-key-export-pkcs8-key-p256-expected.txt: Added. 22 * crypto/subtle/ec-import-pkcs8-key-export-pkcs8-key-p256.html: Added. 23 * crypto/subtle/ec-import-pkcs8-key-export-pkcs8-key-p384-expected.txt: Added. 24 * crypto/subtle/ec-import-pkcs8-key-export-pkcs8-key-p384.html: Added. 25 * crypto/subtle/ec-import-raw-key-export-spki-key-expected.txt: Added. 26 * crypto/subtle/ec-import-raw-key-export-spki-key.html: Added. 27 * crypto/subtle/ec-import-spki-key-export-jwk-key-expected.txt: Added. 28 * crypto/subtle/ec-import-spki-key-export-jwk-key.html: Added. 29 * crypto/subtle/ec-import-spki-key-export-raw-key-expected.txt: Added. 30 * crypto/subtle/ec-import-spki-key-export-raw-key.html: Added. 31 * crypto/subtle/ec-import-spki-key-export-spki-key-p256-expected.txt: Added. 32 * crypto/subtle/ec-import-spki-key-export-spki-key-p256.html: Added. 33 * crypto/subtle/ec-import-spki-key-export-spki-key-p384-expected.txt: Added. 34 * crypto/subtle/ec-import-spki-key-export-spki-key-p384.html: Added. 35 * crypto/subtle/ecdh-generate-export-key-spki-p256-expected.txt: Added. 36 * crypto/subtle/ecdh-generate-export-key-spki-p256.html: Added. 37 * crypto/subtle/ecdh-generate-export-key-spki-p384-expected.txt: Added. 38 * crypto/subtle/ecdh-generate-export-key-spki-p384.html: Added. 39 * crypto/subtle/ecdh-generate-export-pkcs8-p256-expected.txt: Added. 40 * crypto/subtle/ecdh-generate-export-pkcs8-p256.html: Added. 41 * crypto/subtle/ecdh-generate-export-pkcs8-p384-expected.txt: Added. 42 * crypto/subtle/ecdh-generate-export-pkcs8-p384.html: Added. 43 * crypto/subtle/ecdh-import-pkcs8-key-p256-expected.txt: Added. 44 * crypto/subtle/ecdh-import-pkcs8-key-p256.html: Added. 45 * crypto/subtle/ecdh-import-pkcs8-key-p384-expected.txt: Added. 46 * crypto/subtle/ecdh-import-pkcs8-key-p384.html: Added. 47 * crypto/subtle/ecdh-import-spki-key-p256-expected.txt: Added. 48 * crypto/subtle/ecdh-import-spki-key-p256.html: Added. 49 * crypto/subtle/ecdh-import-spki-key-p384-expected.txt: Added. 50 * crypto/subtle/ecdh-import-spki-key-p384.html: Added. 51 * crypto/workers/subtle/ec-generate-export-pkcs8-key-expected.txt: Added. 52 * crypto/workers/subtle/ec-generate-export-pkcs8-key.html: Added. 53 * crypto/workers/subtle/ec-generate-export-spki-key-expected.txt: Added. 54 * crypto/workers/subtle/ec-generate-export-spki-key.html: Added. 55 * crypto/workers/subtle/ec-import-pkcs8-key-expected.txt: Added. 56 * crypto/workers/subtle/ec-import-pkcs8-key.html: Added. 57 * crypto/workers/subtle/ec-import-spki-key-expected.txt: Added. 58 * crypto/workers/subtle/ec-import-spki-key.html: Added. 59 * crypto/workers/subtle/resources/ec-generate-export-pkcs8-key.js: Added. 60 * crypto/workers/subtle/resources/ec-generate-export-spki-key.js: Added. 61 * crypto/workers/subtle/resources/ec-import-pkcs8-key.js: Added. 62 * crypto/workers/subtle/resources/ec-import-spki-key.js: Added. 63 1 64 2017-03-16 Zalan Bujtas <zalan@apple.com> 2 65 -
trunk/LayoutTests/crypto/subtle/ec-export-key-malformed-parameters-expected.txt
r213560 r214074 5 5 6 6 PASS crypto.subtle.exportKey("raw", privateKey) rejected promise with InvalidAccessError (DOM Exception 15): The requested operation is not valid for the provided key. 7 PASS crypto.subtle.exportKey("spki", privateKey) rejected promise with InvalidAccessError (DOM Exception 15): The requested operation is not valid for the provided key. 8 PASS crypto.subtle.exportKey("pkcs8", publicKey) rejected promise with InvalidAccessError (DOM Exception 15): The requested operation is not valid for the provided key. 7 9 PASS successfullyParsed is true 8 10 -
trunk/LayoutTests/crypto/subtle/ec-export-key-malformed-parameters.html
r213560 r214074 22 22 crypto.subtle.generateKey(algorithmKeyGen, extractable, ["deriveKey", "deriveBits"]).then(function(result) { 23 23 privateKey = result.privateKey; 24 publicKey = result.publicKey; 24 25 25 26 // Wrong key and format. 26 27 return shouldReject('crypto.subtle.exportKey("raw", privateKey)'); 28 }).then(function() { 29 // Wrong key and format. 30 return shouldReject('crypto.subtle.exportKey("spki", privateKey)'); 31 }).then(function() { 32 // Wrong key and format. 33 return shouldReject('crypto.subtle.exportKey("pkcs8", publicKey)'); 27 34 }).then(finishJSTest, finishJSTest); 28 35 -
trunk/LayoutTests/crypto/subtle/ec-import-jwk-key-export-jwk-key-private-expected.txt
r213560 r214074 5 5 6 6 Importing a key... 7 PASS p ublicKey.kty is jwkKey.kty8 PASS p ublicKey.crv is jwkKey.crv9 PASS p ublicKey.x is jwkKey.x10 PASS p ublicKey.y is jwkKey.y11 PASS p ublicKey.d is jwkKey.d12 PASS p ublicKey.key_ops is jwkKey.key_ops13 PASS p ublicKey.ext is jwkKey.ext7 PASS privateKey.kty is jwkKey.kty 8 PASS privateKey.crv is jwkKey.crv 9 PASS privateKey.x is jwkKey.x 10 PASS privateKey.y is jwkKey.y 11 PASS privateKey.d is jwkKey.d 12 PASS privateKey.key_ops is jwkKey.key_ops 13 PASS privateKey.ext is jwkKey.ext 14 14 PASS successfullyParsed is true 15 15 -
trunk/LayoutTests/crypto/subtle/ec-import-jwk-key-export-jwk-key-private.html
r213560 r214074 29 29 return crypto.subtle.exportKey("jwk", result); 30 30 }).then(function(result) { 31 p ublicKey = result;31 privateKey = result; 32 32 33 shouldBe("p ublicKey.kty", "jwkKey.kty");34 shouldBe("p ublicKey.crv", "jwkKey.crv");35 shouldBe("p ublicKey.x", "jwkKey.x");36 shouldBe("p ublicKey.y", "jwkKey.y");37 shouldBe("p ublicKey.d", "jwkKey.d");38 shouldBe("p ublicKey.key_ops", "jwkKey.key_ops");39 shouldBe("p ublicKey.ext", "jwkKey.ext");33 shouldBe("privateKey.kty", "jwkKey.kty"); 34 shouldBe("privateKey.crv", "jwkKey.crv"); 35 shouldBe("privateKey.x", "jwkKey.x"); 36 shouldBe("privateKey.y", "jwkKey.y"); 37 shouldBe("privateKey.d", "jwkKey.d"); 38 shouldBe("privateKey.key_ops", "jwkKey.key_ops"); 39 shouldBe("privateKey.ext", "jwkKey.ext"); 40 40 41 41 finishJSTest(); -
trunk/LayoutTests/crypto/subtle/ec-import-jwk-key-export-pkcs8-key.html
r214073 r214074 10 10 11 11 <script> 12 description("Test importing a jwk private ECDH key and then export it in jwkformat");12 description("Test importing a jwk private ECDH key and then export it in PKCS8 format"); 13 13 14 14 jsTestIsAsync = true; … … 23 23 d: "ppxBSov3N8_AUcisAuvmLV4yE8e_L_BLE8bZb9Z1Xjg", 24 24 }; 25 var expectedPkcs8KeyHex = "308187020100301306072a8648ce3d020106082a8648ce3d030107046d306b0201010420a69c414a8bf737cfc051c8ac02ebe62d5e3213c7bf2ff04b13c6d96fd6755e38a14403420004d454955a2793be2905906d4d3b286450268c6dd421c701fa682bb8133fac46d0f6398d4cba8ce1c8c185d0271dc348f58415dcef0b166a3e11d65693c9ed01a2"; 25 26 var extractable = true; 26 27 27 28 debug("Importing a key..."); 28 29 crypto.subtle.importKey("jwk", jwkKey, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey", "deriveBits"]).then(function(result) { 29 return crypto.subtle.exportKey(" jwk", result);30 return crypto.subtle.exportKey("pkcs8", result); 30 31 }).then(function(result) { 31 p ublicKey = result;32 privateKey = result; 32 33 33 shouldBe("publicKey.kty", "jwkKey.kty"); 34 shouldBe("publicKey.crv", "jwkKey.crv"); 35 shouldBe("publicKey.x", "jwkKey.x"); 36 shouldBe("publicKey.y", "jwkKey.y"); 37 shouldBe("publicKey.d", "jwkKey.d"); 38 shouldBe("publicKey.key_ops", "jwkKey.key_ops"); 39 shouldBe("publicKey.ext", "jwkKey.ext"); 34 shouldBe("bytesToHexString(privateKey)", "expectedPkcs8KeyHex"); 40 35 41 36 finishJSTest(); -
trunk/LayoutTests/crypto/subtle/ec-import-jwk-key-export-spki-key.html
r214073 r214074 10 10 11 11 <script> 12 description("Test importing a jwk private ECDH key and then export it in jwkformat");12 description("Test importing a JWK ECDH public key and export it in SPKI format"); 13 13 14 14 jsTestIsAsync = true; … … 16 16 var jwkKey = { 17 17 kty: "EC", 18 ext: true,19 key_ops: ["deriveBits", "deriveKey"],20 18 crv: "P-256", 21 19 x: "1FSVWieTvikFkG1NOyhkUCaMbdQhxwH6aCu4Ez-sRtA", 22 20 y: "9jmNTLqM4cjBhdAnHcNI9YQV3O8LFmo-EdZWk8ntAaI", 23 d: "ppxBSov3N8_AUcisAuvmLV4yE8e_L_BLE8bZb9Z1Xjg",24 21 }; 22 var expectedSpkiKey = "3059301306072a8648ce3d020106082a8648ce3d03010703420004d454955a2793be2905906d4d3b286450268c6dd421c701fa682bb8133fac46d0f6398d4cba8ce1c8c185d0271dc348f58415dcef0b166a3e11d65693c9ed01a2"; 25 23 var extractable = true; 26 24 27 25 debug("Importing a key..."); 28 crypto.subtle.importKey("jwk", jwkKey, { name: "ECDH", namedCurve: "P-256" }, extractable, [ "deriveKey", "deriveBits"]).then(function(result) {29 return crypto.subtle.exportKey(" jwk", result);26 crypto.subtle.importKey("jwk", jwkKey, { name: "ECDH", namedCurve: "P-256" }, extractable, [ ]).then(function(key) { 27 return crypto.subtle.exportKey("spki", key); 30 28 }).then(function(result) { 31 29 publicKey = result; 32 30 33 shouldBe("publicKey.kty", "jwkKey.kty"); 34 shouldBe("publicKey.crv", "jwkKey.crv"); 35 shouldBe("publicKey.x", "jwkKey.x"); 36 shouldBe("publicKey.y", "jwkKey.y"); 37 shouldBe("publicKey.d", "jwkKey.d"); 38 shouldBe("publicKey.key_ops", "jwkKey.key_ops"); 39 shouldBe("publicKey.ext", "jwkKey.ext"); 31 shouldBe("bytesToHexString(publicKey)", "expectedSpkiKey"); 40 32 41 33 finishJSTest(); -
trunk/LayoutTests/crypto/subtle/ec-import-key-malformed-parameters-expected.txt
r213560 r214074 28 28 PASS crypto.subtle.importKey("jwk", {kty: "EC", crv: "P-384", x:x, y:y384}, { name: "ECDH", namedCurve: "P-384" }, extractable, [ ]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 29 29 PASS crypto.subtle.importKey("jwk", {kty: "EC", crv: "P-384", x:x384, y:y384, d:d}, { name: "ECDH", namedCurve: "P-384" }, extractable, [ ]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 30 PASS crypto.subtle.importKey("spki", spkiP256Key, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveBits"]) rejected promise with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range. 31 PASS crypto.subtle.importKey("spki", truncatedSpkiP256Key1, { name: "ECDH", namedCurve: "P-256" }, extractable, [ ]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 32 PASS crypto.subtle.importKey("spki", truncatedSpkiP256Key2, { name: "ECDH", namedCurve: "P-256" }, extractable, [ ]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 33 PASS crypto.subtle.importKey("spki", truncatedSpkiP256Key3, { name: "ECDH", namedCurve: "P-256" }, extractable, [ ]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 34 PASS crypto.subtle.importKey("spki", truncatedSpkiP256Key4, { name: "ECDH", namedCurve: "P-256" }, extractable, [ ]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 35 PASS crypto.subtle.importKey("spki", truncatedSpkiP256Key5, { name: "ECDH", namedCurve: "P-256" }, extractable, [ ]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 36 PASS crypto.subtle.importKey("spki", truncatedSpkiP256Key6, { name: "ECDH", namedCurve: "P-256" }, extractable, [ ]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 37 PASS crypto.subtle.importKey("spki", truncatedSpkiP256Key7, { name: "ECDH", namedCurve: "P-256" }, extractable, [ ]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 38 PASS crypto.subtle.importKey("spki", truncatedSpkiP256Key8, { name: "ECDH", namedCurve: "P-256" }, extractable, [ ]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 39 PASS crypto.subtle.importKey("spki", truncatedSpkiP384Key1, { name: "ECDH", namedCurve: "P-384" }, extractable, [ ]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 40 PASS crypto.subtle.importKey("spki", truncatedSpkiP384Key2, { name: "ECDH", namedCurve: "P-384" }, extractable, [ ]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 41 PASS crypto.subtle.importKey("spki", truncatedSpkiP384Key3, { name: "ECDH", namedCurve: "P-384" }, extractable, [ ]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 42 PASS crypto.subtle.importKey("spki", spkiP256Key, { name: "ECDH", namedCurve: "P-384" }, extractable, [ ]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 43 PASS crypto.subtle.importKey("spki", spkiP384Key, { name: "ECDH", namedCurve: "P-256" }, extractable, [ ]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 44 PASS crypto.subtle.importKey("spki", corruptedSpkiP256Key, { name: "ECDH", namedCurve: "P-256" }, extractable, [ ]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 45 PASS crypto.subtle.importKey("pkcs8", pkcs8P256Key, { name: "ECDH", namedCurve: "P-256" }, extractable, ["encrypt"]) rejected promise with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range. 46 PASS crypto.subtle.importKey("pkcs8", pkcs8P256Key, { name: "ECDH", namedCurve: "P-256" }, extractable, ["decrypt"]) rejected promise with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range. 47 PASS crypto.subtle.importKey("pkcs8", pkcs8P256Key, { name: "ECDH", namedCurve: "P-256" }, extractable, ["sign"]) rejected promise with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range. 48 PASS crypto.subtle.importKey("pkcs8", pkcs8P256Key, { name: "ECDH", namedCurve: "P-256" }, extractable, ["verify"]) rejected promise with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range. 49 PASS crypto.subtle.importKey("pkcs8", pkcs8P256Key, { name: "ECDH", namedCurve: "P-256" }, extractable, ["wrapKey"]) rejected promise with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range. 50 PASS crypto.subtle.importKey("pkcs8", pkcs8P256Key, { name: "ECDH", namedCurve: "P-256" }, extractable, ["unwrapKey"]) rejected promise with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range. 51 PASS crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key1, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 52 PASS crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key2, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 53 PASS crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key3, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 54 PASS crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key4, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 55 PASS crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key5, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 56 PASS crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key6, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 57 PASS crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key7, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 58 PASS crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key8, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 59 PASS crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key9, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 60 PASS crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key10, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 61 PASS crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key11, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 62 PASS crypto.subtle.importKey("pkcs8", truncatedPkcs8P384Key1, { name: "ECDH", namedCurve: "P-384" }, extractable, ["deriveKey"]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 63 PASS crypto.subtle.importKey("pkcs8", truncatedPkcs8P384Key2, { name: "ECDH", namedCurve: "P-384" }, extractable, ["deriveKey"]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 64 PASS crypto.subtle.importKey("pkcs8", longPkcs8P256Key, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 65 PASS crypto.subtle.importKey("pkcs8", corruptedPkcs8P256Key, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"]) rejected promise with DataError (DOM Exception 30): Data provided to an operation does not meet requirements. 30 66 PASS successfullyParsed is true 31 67 -
trunk/LayoutTests/crypto/subtle/ec-import-key-malformed-parameters.html
r213560 r214074 20 20 var x384 = "1bHwFrsaPRjYq-zFOyLXK8Ugv3EqbVF075ct7ouTl_pwyhjeBu03JHjKTsyVbNWK"; 21 21 var y384 = "1bHwFrsaPRjYq-zFOyLXK8Ugv3EqbVF075ct7ouTl_pwyhjeBu03JHjKTsyVbNWK"; 22 var spkiP256Key = hexStringToUint8Array("3059301306072a8648ce3d020106082a8648ce3d03010703420004c3ee3a2c3380072b9b2a59fed2cada65121806e22c4f4f8a25e740fc3e54d75d86c200298e6dfc1611d185eedbdb3c2661b0eb0441f7fd57c90d08112e9ae71c"); 23 var spkiP384Key = hexStringToUint8Array("3076301006072a8648ce3d020106052b8104002203620004478f6119747475f94b742654be32ab6ebbdc371afa34fbee6d12c32fe2d586231262b17d13a1f271f19c8008c034d8716b7df0ce1d987990c5b175ecae1aa40f2fb89e4778528e1234e56d69638db135d103fa68448fee2b4f58ecc86d7f4b7a"); 24 var truncatedSpkiP256Key1 = hexStringToUint8Array("30"); 25 var truncatedSpkiP256Key2 = hexStringToUint8Array("305930"); 26 var truncatedSpkiP256Key3 = hexStringToUint8Array("305930130607"); 27 var truncatedSpkiP256Key4 = hexStringToUint8Array("3059301306072b8648ce3d0201"); 28 var truncatedSpkiP256Key5 = hexStringToUint8Array("3059301306072a8648ce3d02010608"); 29 var truncatedSpkiP256Key6 = hexStringToUint8Array("3059301306072a8648ce3d020106082a8648ce3d030108"); 30 var truncatedSpkiP256Key7 = hexStringToUint8Array("3059301306072a8648ce3d020106082a8648ce3d030107034200"); 31 var truncatedSpkiP256Key8 = hexStringToUint8Array("3059301306072a8648ce3d020106082a8648ce3d03010703420004c3ee3a2c3380072b9b2a59fed2cada65121806e22c4f4f8a25e740fc3e54d75d86c200298e6dfc1611d185eedbdb3c2661b0eb0441f7fd57c90d08112e9ae7"); 32 var truncatedSpkiP384Key1 = hexStringToUint8Array("3076301006072a8648ce3d02010605"); 33 var truncatedSpkiP384Key2 = hexStringToUint8Array("3076301006072a8648ce3d020106052b81040022"); 34 var truncatedSpkiP384Key3 = hexStringToUint8Array("3076301006072a8648ce3d020106052b8104002203620004478f6119747475f94b742654be32ab6ebbdc371afa34fbee6d12c32fe2d586231262b17d13a1f271f19c8008c034d8716b7df0ce1d987990c5b175ecae1aa40f2fb89e4778528e1234e56d69638db135d103fa68448fee2b4f58ecc86d7f4b"); 35 var corruptedSpkiP256Key = hexStringToUint8Array("3059301306072a8648ce3d020106082a8648ce3d03010703420000c3ee3a2c3380072b9b2a59fed2cada65121806e22c4f4f8a25e740fc3e54d75d86c200298e6dfc1611d185eedbdb3c2661b0eb0441f7fd57c90d08112e9ae71c"); 36 var pkcs8P256Key = hexStringToUint8Array("308187020100301306072a8648ce3d020106082a8648ce3d030107046d306b02010104200a21f3f048b893b0f2b5a8459bd6d2bc112614aa86437f8fa2496a0e27f5b0a8a14403420004d726bd565878f24ee3616890d3668503334b84da3434b2774a44d6e4b9c536dd60e9181e1d1469ba3e6aba8987225f6e797d01a0dc400a4a298c902bae66abe2"); 37 var pkcs8P384Key = hexStringToUint8Array("3081b6020100301006072a8648ce3d020106052b8104002204819e30819b0201010430c38e34a7cd58961c8deda9c9118548724945d3f3b3bd71f03c93247304c1f7d86b8507501e4e05a0fbae76e44bbe8cc2a16403620004cb75013d8ba42edd022e9de8dfe856a2ee3f48ec28a666c4a73cf3d16e09c7d5747e6c5b5795a656e175c71feed01ec5e282b19e6650f6ea31970114f3e1e6e2275dd6811f87e7f7128c48806a9763785ac31bd345436e57eae23a1151355ef2"); 38 var truncatedPkcs8P256Key1 = hexStringToUint8Array("30"); 39 var truncatedPkcs8P256Key2 = hexStringToUint8Array("30818702010030"); 40 var truncatedPkcs8P256Key3 = hexStringToUint8Array("3081870201003013"); 41 var truncatedPkcs8P256Key4 = hexStringToUint8Array("308187020100301306072b8648ce3d0201"); 42 var truncatedPkcs8P256Key5 = hexStringToUint8Array("308187020100301306072a8648ce3d0201"); 43 var truncatedPkcs8P256Key6 = hexStringToUint8Array("308187020100301306072a8648ce3d020106082b8648ce3d030107"); 44 var truncatedPkcs8P256Key7 = hexStringToUint8Array("308187020100301306072a8648ce3d020106082a8648ce3d03010704"); 45 var truncatedPkcs8P256Key8 = hexStringToUint8Array("308187020100301306072a8648ce3d020106082a8648ce3d030107046d30"); 46 var truncatedPkcs8P256Key9 = hexStringToUint8Array("308187020100301306072a8648ce3d020106082a8648ce3d030107046d306b02010104"); 47 var truncatedPkcs8P256Key10 = hexStringToUint8Array("308187020100301306072a8648ce3d020106082a8648ce3d030107046d306b0201010420"); 48 var truncatedPkcs8P256Key11 = hexStringToUint8Array("308187020100301306072a8648ce3d020106082a8648ce3d030107046d306b02010104200a21f3f048b893b0f2b5a8459bd6d2bc112614aa86437f8fa2496a0e27f5b0a8a14403"); 49 var longPkcs8P256Key = hexStringToUint8Array("308187020100301306072a8648ce3d020106082a8648ce3d030107046d306b02010104200a21f3f048b893b0f2b5a8459bd6d2bc112614aa86437f8fa2496a0e27f5b0a8a14403420004d726bd565878f24ee3616890d3668503334b84da3434b2774a44d6e4b9c536dd60e9181e1d1469ba3e6aba8987225f6e797d01a0dc400a4a298c902bae66abe2badbad"); 50 var corruptedPkcs8P256Key = hexStringToUint8Array("308187020100301306072a8648ce3d020106082a8648ce3d030107046d306b02010104200a21f3f048b893b0f2b5a8459bd6d2bc112614aa86437f8fa2496a0e27f5b0a8a14403420005d726bd565878f24ee3616890d3668503334b84da3434b2774a44d6e4b9c536dd60e9181e1d1469ba3e6aba8987225f6e797d01a0dc400a4a298c902bae66abe2"); 51 var truncatedPkcs8P384Key1 = hexStringToUint8Array("3081b6020100301006072a8648ce3d0201"); 52 var truncatedPkcs8P384Key2 = hexStringToUint8Array("3081b6020100301006072a8648ce3d020106052b81040023"); 22 53 23 54 // Named curves mismatch raw keys … … 58 89 shouldReject('crypto.subtle.importKey("jwk", {kty: "EC", crv: "P-384", x:x, y:y384}, { name: "ECDH", namedCurve: "P-384" }, extractable, [ ])'); 59 90 shouldReject('crypto.subtle.importKey("jwk", {kty: "EC", crv: "P-384", x:x384, y:y384, d:d}, { name: "ECDH", namedCurve: "P-384" }, extractable, [ ])'); 91 // Spki: Non-empty usages 92 shouldReject('crypto.subtle.importKey("spki", spkiP256Key, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveBits"])'); 93 // Spki: Truncated keys 94 shouldReject('crypto.subtle.importKey("spki", truncatedSpkiP256Key1, { name: "ECDH", namedCurve: "P-256" }, extractable, [ ])'); 95 shouldReject('crypto.subtle.importKey("spki", truncatedSpkiP256Key2, { name: "ECDH", namedCurve: "P-256" }, extractable, [ ])'); 96 shouldReject('crypto.subtle.importKey("spki", truncatedSpkiP256Key3, { name: "ECDH", namedCurve: "P-256" }, extractable, [ ])'); 97 shouldReject('crypto.subtle.importKey("spki", truncatedSpkiP256Key4, { name: "ECDH", namedCurve: "P-256" }, extractable, [ ])'); 98 shouldReject('crypto.subtle.importKey("spki", truncatedSpkiP256Key5, { name: "ECDH", namedCurve: "P-256" }, extractable, [ ])'); 99 shouldReject('crypto.subtle.importKey("spki", truncatedSpkiP256Key6, { name: "ECDH", namedCurve: "P-256" }, extractable, [ ])'); 100 shouldReject('crypto.subtle.importKey("spki", truncatedSpkiP256Key7, { name: "ECDH", namedCurve: "P-256" }, extractable, [ ])'); 101 shouldReject('crypto.subtle.importKey("spki", truncatedSpkiP256Key8, { name: "ECDH", namedCurve: "P-256" }, extractable, [ ])'); 102 shouldReject('crypto.subtle.importKey("spki", truncatedSpkiP384Key1, { name: "ECDH", namedCurve: "P-384" }, extractable, [ ])'); 103 shouldReject('crypto.subtle.importKey("spki", truncatedSpkiP384Key2, { name: "ECDH", namedCurve: "P-384" }, extractable, [ ])'); 104 shouldReject('crypto.subtle.importKey("spki", truncatedSpkiP384Key3, { name: "ECDH", namedCurve: "P-384" }, extractable, [ ])'); 105 // Spki: Missmatched Curves 106 shouldReject('crypto.subtle.importKey("spki", spkiP256Key, { name: "ECDH", namedCurve: "P-384" }, extractable, [ ])'); 107 shouldReject('crypto.subtle.importKey("spki", spkiP384Key, { name: "ECDH", namedCurve: "P-256" }, extractable, [ ])'); 108 // Spki: Corrupted Key Data 109 shouldReject('crypto.subtle.importKey("spki", corruptedSpkiP256Key, { name: "ECDH", namedCurve: "P-256" }, extractable, [ ])'); 110 // Pkcs8: Wrong usages 111 shouldReject('crypto.subtle.importKey("pkcs8", pkcs8P256Key, { name: "ECDH", namedCurve: "P-256" }, extractable, ["encrypt"])'); 112 shouldReject('crypto.subtle.importKey("pkcs8", pkcs8P256Key, { name: "ECDH", namedCurve: "P-256" }, extractable, ["decrypt"])'); 113 shouldReject('crypto.subtle.importKey("pkcs8", pkcs8P256Key, { name: "ECDH", namedCurve: "P-256" }, extractable, ["sign"])'); 114 shouldReject('crypto.subtle.importKey("pkcs8", pkcs8P256Key, { name: "ECDH", namedCurve: "P-256" }, extractable, ["verify"])'); 115 shouldReject('crypto.subtle.importKey("pkcs8", pkcs8P256Key, { name: "ECDH", namedCurve: "P-256" }, extractable, ["wrapKey"])'); 116 shouldReject('crypto.subtle.importKey("pkcs8", pkcs8P256Key, { name: "ECDH", namedCurve: "P-256" }, extractable, ["unwrapKey"])'); 117 // Pkcs8: Truncated keys 118 shouldReject('crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key1, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"])'); 119 shouldReject('crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key2, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"])'); 120 shouldReject('crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key3, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"])'); 121 shouldReject('crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key4, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"])'); 122 shouldReject('crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key5, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"])'); 123 shouldReject('crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key6, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"])'); 124 shouldReject('crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key7, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"])'); 125 shouldReject('crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key8, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"])'); 126 shouldReject('crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key9, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"])'); 127 shouldReject('crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key10, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"])'); 128 shouldReject('crypto.subtle.importKey("pkcs8", truncatedPkcs8P256Key11, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"])'); 129 shouldReject('crypto.subtle.importKey("pkcs8", truncatedPkcs8P384Key1, { name: "ECDH", namedCurve: "P-384" }, extractable, ["deriveKey"])'); 130 shouldReject('crypto.subtle.importKey("pkcs8", truncatedPkcs8P384Key2, { name: "ECDH", namedCurve: "P-384" }, extractable, ["deriveKey"])'); 131 // Pkcs8: Long key 132 shouldReject('crypto.subtle.importKey("pkcs8", longPkcs8P256Key, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"])'); 133 // Pkcs8: Corrupted Key Data 134 shouldReject('crypto.subtle.importKey("pkcs8", corruptedPkcs8P256Key, { name: "ECDH", namedCurve: "P-256" }, extractable, ["deriveKey"])'); 60 135 </script> 61 136 -
trunk/LayoutTests/crypto/subtle/ecdh-generate-export-key-spki-p256.html
r214073 r214074 10 10 11 11 <script> 12 description("Test exporting a n EC key with malformed parameters");12 description("Test exporting a P-256 ECDH public key with SPKI format."); 13 13 14 14 jsTestIsAsync = true; … … 20 20 var extractable = true; 21 21 22 var keyPair; 23 debug("Generating a key pair..."); 22 24 crypto.subtle.generateKey(algorithmKeyGen, extractable, ["deriveKey", "deriveBits"]).then(function(result) { 23 privateKey = result.privateKey; 25 keyPair = result; 26 debug("Exporting the public key..."); 27 return crypto.subtle.exportKey("spki", keyPair.publicKey); 28 }).then(function(result) { 29 publicKey = result; 24 30 25 // Wrong key and format. 26 return shouldReject('crypto.subtle.exportKey("raw", privateKey)'); 27 }).then(finishJSTest, finishJSTest); 31 shouldBe("publicKey.byteLength", "91"); 28 32 33 finishJSTest(); 34 }); 29 35 </script> 30 36 -
trunk/LayoutTests/crypto/subtle/ecdh-generate-export-key-spki-p384.html
r214073 r214074 10 10 11 11 <script> 12 description("Test exporting a n EC key with malformed parameters");12 description("Test exporting a P-384 ECDH public key with SPKI format."); 13 13 14 14 jsTestIsAsync = true; … … 16 16 var algorithmKeyGen = { 17 17 name: "ECDH", 18 namedCurve: "P- 256"18 namedCurve: "P-384" 19 19 }; 20 20 var extractable = true; 21 21 22 var keyPair; 23 debug("Generating a key pair..."); 22 24 crypto.subtle.generateKey(algorithmKeyGen, extractable, ["deriveKey", "deriveBits"]).then(function(result) { 23 privateKey = result.privateKey; 25 keyPair = result; 26 debug("Exporting the public key..."); 27 return crypto.subtle.exportKey("spki", keyPair.publicKey); 28 }).then(function(result) { 29 publicKey = result; 24 30 25 // Wrong key and format. 26 return shouldReject('crypto.subtle.exportKey("raw", privateKey)'); 27 }).then(finishJSTest, finishJSTest); 31 shouldBe("publicKey.byteLength", "120"); 28 32 33 finishJSTest(); 34 }); 29 35 </script> 30 36 -
trunk/LayoutTests/crypto/subtle/ecdh-generate-export-pkcs8-p256.html
r214073 r214074 10 10 11 11 <script> 12 description("Test exporting a n EC key with malformed parameters");12 description("Test exporting a P-256 ECDH private key with PKCS8 format."); 13 13 14 14 jsTestIsAsync = true; … … 20 20 var extractable = true; 21 21 22 var keyPair; 23 debug("Generating a key pair..."); 22 24 crypto.subtle.generateKey(algorithmKeyGen, extractable, ["deriveKey", "deriveBits"]).then(function(result) { 23 privateKey = result.privateKey; 25 keyPair = result; 26 debug("Exporting the public key..."); 27 return crypto.subtle.exportKey("pkcs8", keyPair.privateKey); 28 }).then(function(result) { 29 privateKey = result; 24 30 25 // Wrong key and format. 26 return shouldReject('crypto.subtle.exportKey("raw", privateKey)'); 27 }).then(finishJSTest, finishJSTest); 31 shouldBe("privateKey.byteLength", "138"); 28 32 33 finishJSTest(); 34 }); 29 35 </script> 30 36 -
trunk/LayoutTests/crypto/subtle/ecdh-generate-export-pkcs8-p384.html
r214073 r214074 10 10 11 11 <script> 12 description("Test exporting a n EC key with malformed parameters");12 description("Test exporting a P-384 ECDH private key with PKCS8 format."); 13 13 14 14 jsTestIsAsync = true; … … 16 16 var algorithmKeyGen = { 17 17 name: "ECDH", 18 namedCurve: "P- 256"18 namedCurve: "P-384" 19 19 }; 20 20 var extractable = true; 21 21 22 var keyPair; 23 debug("Generating a key pair..."); 22 24 crypto.subtle.generateKey(algorithmKeyGen, extractable, ["deriveKey", "deriveBits"]).then(function(result) { 23 privateKey = result.privateKey; 25 keyPair = result; 26 debug("Exporting the public key..."); 27 return crypto.subtle.exportKey("pkcs8", keyPair.privateKey); 28 }).then(function(result) { 29 privateKey = result; 24 30 25 // Wrong key and format. 26 return shouldReject('crypto.subtle.exportKey("raw", privateKey)'); 27 }).then(finishJSTest, finishJSTest); 31 shouldBe("privateKey.byteLength", "185"); 28 32 33 finishJSTest(); 34 }); 29 35 </script> 30 36 -
trunk/LayoutTests/imported/w3c/ChangeLog
r213914 r214074 1 2017-03-16 Jiewen Tan <jiewen_tan@apple.com> 2 3 [WebCrypto] Support SPKI/PKCS8 for Elliptic Curve 4 https://bugs.webkit.org/show_bug.cgi?id=169318 5 <rdar://problem/31081956> 6 7 Reviewed by Brent Fulgham. 8 9 * web-platform-tests/WebCryptoAPI/import_export/ec_importKey.worker-expected.txt: 10 * web-platform-tests/WebCryptoAPI/import_export/test_ec_importKey-expected.txt: 11 1 12 2017-03-14 Youenn Fablet <youenn@apple.com> 2 13 -
trunk/LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/import_export/ec_importKey.worker-expected.txt
r213560 r214074 24 24 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The operation is not supported. Reached unreachable code 25 25 FAIL Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, false, [sign]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The operation is not supported. Reached unreachable code 26 FAIL Good parameters: P-256 bits (spki, buffer(91), {name: ECDH, namedCurve: P-256}, true, []) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 26 PASS Good parameters: P-256 bits (spki, buffer(91), {name: ECDH, namedCurve: P-256}, true, []) 27 27 PASS Good parameters: P-256 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-256}, true, []) 28 FAIL Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, true, [deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 28 PASS Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, true, [deriveKey]) 29 29 PASS Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-256}, true, [deriveKey]) 30 FAIL Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 30 PASS Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey]) 31 31 PASS Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey]) 32 FAIL Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, true, [deriveBits]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 32 PASS Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, true, [deriveBits]) 33 33 PASS Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-256}, true, [deriveBits]) 34 FAIL Good parameters: P-256 bits (spki, buffer(91), {name: ECDH, namedCurve: P-256}, false, []) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 34 PASS Good parameters: P-256 bits (spki, buffer(91), {name: ECDH, namedCurve: P-256}, false, []) 35 35 PASS Good parameters: P-256 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-256}, false, []) 36 FAIL Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, false, [deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 36 PASS Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, false, [deriveKey]) 37 37 PASS Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-256}, false, [deriveKey]) 38 FAIL Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, false, [deriveBits, deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 38 PASS Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, false, [deriveBits, deriveKey]) 39 39 PASS Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-256}, false, [deriveBits, deriveKey]) 40 FAIL Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, false, [deriveBits]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 40 PASS Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, false, [deriveBits]) 41 41 PASS Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-256}, false, [deriveBits]) 42 FAIL Good parameters: P-384 bits (spki, buffer(120), {name: ECDH, namedCurve: P-384}, true, []) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 42 PASS Good parameters: P-384 bits (spki, buffer(120), {name: ECDH, namedCurve: P-384}, true, []) 43 43 PASS Good parameters: P-384 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-384}, true, []) 44 FAIL Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 44 PASS Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveKey]) 45 45 PASS Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, true, [deriveKey]) 46 FAIL Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 46 PASS Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey]) 47 47 PASS Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey]) 48 FAIL Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveBits]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 48 PASS Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveBits]) 49 49 PASS Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, true, [deriveBits]) 50 FAIL Good parameters: P-384 bits (spki, buffer(120), {name: ECDH, namedCurve: P-384}, false, []) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 50 PASS Good parameters: P-384 bits (spki, buffer(120), {name: ECDH, namedCurve: P-384}, false, []) 51 51 PASS Good parameters: P-384 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-384}, false, []) 52 FAIL Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 52 PASS Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveKey]) 53 53 PASS Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, false, [deriveKey]) 54 FAIL Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveBits, deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 54 PASS Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveBits, deriveKey]) 55 55 PASS Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, false, [deriveBits, deriveKey]) 56 FAIL Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveBits]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 56 PASS Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveBits]) 57 57 PASS Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, false, [deriveBits]) 58 FAIL Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, true, []) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supportedReached unreachable code58 FAIL Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, true, []) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 59 59 FAIL Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, true, []) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 60 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supportedReached unreachable code60 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveKey]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 61 61 FAIL Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveKey]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 62 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supportedReached unreachable code62 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 63 63 FAIL Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 64 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveBits]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supportedReached unreachable code64 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveBits]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 65 65 FAIL Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveBits]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 66 FAIL Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, false, []) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supportedReached unreachable code66 FAIL Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, false, []) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 67 67 FAIL Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, false, []) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 68 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supportedReached unreachable code68 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveKey]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 69 69 FAIL Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveKey]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 70 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supportedReached unreachable code70 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 71 71 FAIL Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 72 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supportedReached unreachable code72 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 73 73 FAIL Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveBits]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 74 74 -
trunk/LayoutTests/imported/w3c/web-platform-tests/WebCryptoAPI/import_export/test_ec_importKey-expected.txt
r213560 r214074 24 24 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The operation is not supported. Reached unreachable code 25 25 FAIL Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, false, [sign]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The operation is not supported. Reached unreachable code 26 FAIL Good parameters: P-256 bits (spki, buffer(91), {name: ECDH, namedCurve: P-256}, true, []) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 26 PASS Good parameters: P-256 bits (spki, buffer(91), {name: ECDH, namedCurve: P-256}, true, []) 27 27 PASS Good parameters: P-256 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-256}, true, []) 28 FAIL Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, true, [deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 28 PASS Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, true, [deriveKey]) 29 29 PASS Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-256}, true, [deriveKey]) 30 FAIL Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 30 PASS Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey]) 31 31 PASS Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey]) 32 FAIL Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, true, [deriveBits]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 32 PASS Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, true, [deriveBits]) 33 33 PASS Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-256}, true, [deriveBits]) 34 FAIL Good parameters: P-256 bits (spki, buffer(91), {name: ECDH, namedCurve: P-256}, false, []) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 34 PASS Good parameters: P-256 bits (spki, buffer(91), {name: ECDH, namedCurve: P-256}, false, []) 35 35 PASS Good parameters: P-256 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-256}, false, []) 36 FAIL Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, false, [deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 36 PASS Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, false, [deriveKey]) 37 37 PASS Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-256}, false, [deriveKey]) 38 FAIL Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, false, [deriveBits, deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 38 PASS Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, false, [deriveBits, deriveKey]) 39 39 PASS Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-256}, false, [deriveBits, deriveKey]) 40 FAIL Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, false, [deriveBits]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 40 PASS Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, false, [deriveBits]) 41 41 PASS Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-256}, false, [deriveBits]) 42 FAIL Good parameters: P-384 bits (spki, buffer(120), {name: ECDH, namedCurve: P-384}, true, []) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 42 PASS Good parameters: P-384 bits (spki, buffer(120), {name: ECDH, namedCurve: P-384}, true, []) 43 43 PASS Good parameters: P-384 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-384}, true, []) 44 FAIL Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 44 PASS Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveKey]) 45 45 PASS Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, true, [deriveKey]) 46 FAIL Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 46 PASS Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey]) 47 47 PASS Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey]) 48 FAIL Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveBits]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 48 PASS Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveBits]) 49 49 PASS Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, true, [deriveBits]) 50 FAIL Good parameters: P-384 bits (spki, buffer(120), {name: ECDH, namedCurve: P-384}, false, []) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 50 PASS Good parameters: P-384 bits (spki, buffer(120), {name: ECDH, namedCurve: P-384}, false, []) 51 51 PASS Good parameters: P-384 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-384}, false, []) 52 FAIL Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 52 PASS Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveKey]) 53 53 PASS Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, false, [deriveKey]) 54 FAIL Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveBits, deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 54 PASS Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveBits, deriveKey]) 55 55 PASS Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, false, [deriveBits, deriveKey]) 56 FAIL Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveBits]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supported Reached unreachable code 56 PASS Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveBits]) 57 57 PASS Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, false, [deriveBits]) 58 FAIL Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, true, []) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supportedReached unreachable code58 FAIL Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, true, []) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 59 59 FAIL Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, true, []) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 60 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supportedReached unreachable code60 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveKey]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 61 61 FAIL Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveKey]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 62 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supportedReached unreachable code62 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 63 63 FAIL Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 64 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveBits]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supportedReached unreachable code64 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveBits]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 65 65 FAIL Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveBits]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 66 FAIL Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, false, []) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supportedReached unreachable code66 FAIL Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, false, []) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 67 67 FAIL Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, false, []) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 68 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supportedReached unreachable code68 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveKey]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 69 69 FAIL Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveKey]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 70 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supportedReached unreachable code70 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 71 71 FAIL Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 72 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits]) assert_unreached: Threw an unexpected error: NotSupportedError (DOM Exception 9): The algorithm is not supportedReached unreachable code72 FAIL Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 73 73 FAIL Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveBits]) assert_unreached: Threw an unexpected error: DataError (DOM Exception 30): Data provided to an operation does not meet requirements Reached unreachable code 74 74 -
trunk/Source/WebCore/ChangeLog
r214073 r214074 1 2017-03-16 Jiewen Tan <jiewen_tan@apple.com> 2 3 [WebCrypto] Support SPKI/PKCS8 for Elliptic Curve 4 https://bugs.webkit.org/show_bug.cgi?id=169318 5 <rdar://problem/31081956> 6 7 Reviewed by Brent Fulgham. 8 9 This patch adds SPKI/PKCS8 support for Elliptic Curve cryptos. We can now import/export 10 SPKI/PKCS8 Elliptic Curve keys after this change. Few things to note: 1) This patch 11 implements a loose DER encoder/decoder for hacking the underlying CommonCrypto library. 12 2) It only permits id-ecPublicKey as the AlgorithmIdentifier following OpenSSL/Chrome(BoringSSL). 13 3) It follows OpenSSL/Chrome(BoringSSL) to replace ECParameters in ECPrivateKey with custom 14 tags. Hence, we should fully comply with OpenSSL/Chrome(BoringSSL). 15 16 Tests: crypto/subtle/ec-import-jwk-key-export-pkcs8-key.html 17 crypto/subtle/ec-import-jwk-key-export-spki-key.html 18 crypto/subtle/ec-import-pkcs8-key-export-jwk-key.html 19 crypto/subtle/ec-import-pkcs8-key-export-pkcs8-key-p256.html 20 crypto/subtle/ec-import-pkcs8-key-export-pkcs8-key-p384.html 21 crypto/subtle/ec-import-raw-key-export-spki-key.html 22 crypto/subtle/ec-import-spki-key-export-jwk-key.html 23 crypto/subtle/ec-import-spki-key-export-raw-key.html 24 crypto/subtle/ec-import-spki-key-export-spki-key-p256.html 25 crypto/subtle/ec-import-spki-key-export-spki-key-p384.html 26 crypto/subtle/ecdh-generate-export-key-spki-p256.html 27 crypto/subtle/ecdh-generate-export-key-spki-p384.html 28 crypto/subtle/ecdh-generate-export-pkcs8-p256.html 29 crypto/subtle/ecdh-generate-export-pkcs8-p384.html 30 crypto/subtle/ecdh-import-pkcs8-key-p256.html 31 crypto/subtle/ecdh-import-pkcs8-key-p384.html 32 crypto/subtle/ecdh-import-spki-key-p256.html 33 crypto/subtle/ecdh-import-spki-key-p384.html 34 crypto/workers/subtle/ec-generate-export-pkcs8-key.html 35 crypto/workers/subtle/ec-generate-export-spki-key.html 36 crypto/workers/subtle/ec-import-pkcs8-key.html 37 crypto/workers/subtle/ec-import-spki-key.html 38 39 * WebCore.xcodeproj/project.pbxproj: 40 * crypto/algorithms/CryptoAlgorithmECDH.cpp: 41 (WebCore::CryptoAlgorithmECDH::importKey): 42 (WebCore::CryptoAlgorithmECDH::exportKey): 43 * crypto/gnutls/CryptoKeyECGnuTLS.cpp: 44 (WebCore::CryptoKeyEC::platformExportRaw): 45 (WebCore::CryptoKeyEC::platformImportSpki): 46 (WebCore::CryptoKeyEC::platformExportSpki): 47 (WebCore::CryptoKeyEC::platformImportPkcs8): 48 (WebCore::CryptoKeyEC::platformExportPkcs8): 49 (WebCore::CryptoKeyEC::exportRaw): Deleted. 50 * crypto/keys/CryptoKeyEC.cpp: 51 (WebCore::CryptoKeyEC::importSpki): 52 (WebCore::CryptoKeyEC::importPkcs8): 53 (WebCore::CryptoKeyEC::exportRaw): 54 (WebCore::CryptoKeyEC::exportSpki): 55 (WebCore::CryptoKeyEC::exportPkcs8): 56 * crypto/keys/CryptoKeyEC.h: 57 * crypto/mac/CommonCryptoDERUtilities.h: Added. 58 (WebCore::bytesUsedToEncodedLength): 59 (WebCore::extraBytesNeededForEncodedLength): 60 (WebCore::addEncodedASN1Length): 61 (WebCore::bytesNeededForEncodedLength): 62 * crypto/mac/CryptoKeyECMac.cpp: 63 (WebCore::compareBytes): 64 (WebCore::CryptoKeyEC::platformExportRaw): 65 (WebCore::CryptoKeyEC::platformImportJWKPrivate): 66 (WebCore::getOID): 67 (WebCore::CryptoKeyEC::platformImportSpki): 68 (WebCore::CryptoKeyEC::platformExportSpki): 69 (WebCore::CryptoKeyEC::platformImportPkcs8): 70 (WebCore::CryptoKeyEC::platformExportPkcs8): 71 (WebCore::CryptoKeyEC::exportRaw): Deleted. 72 Enlarge the robust of exportRaw. 73 * crypto/mac/CryptoKeyRSAMac.cpp: 74 (WebCore::CryptoKeyRSA::exportSpki): 75 (WebCore::CryptoKeyRSA::exportPkcs8): 76 Enhance the implementation. 77 (WebCore::bytesUsedToEncodedLength): Deleted. 78 (WebCore::bytesNeededForEncodedLength): Deleted. 79 (WebCore::addEncodedASN1Length): Deleted. 80 Moved to CommonCryptoDERUtilities.h. 81 1 82 2017-03-16 Alex Christensen <achristensen@webkit.org> 2 83 -
trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj
r214045 r214074 2583 2583 57E657EF1E71665400F941CA /* JSPbkdf2Params.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 57E657ED1E71665400F941CA /* JSPbkdf2Params.cpp */; }; 2584 2584 57E657F01E71665400F941CA /* JSPbkdf2Params.h in Headers */ = {isa = PBXBuildFile; fileRef = 57E657EE1E71665400F941CA /* JSPbkdf2Params.h */; }; 2585 57E664FC1E73703300765536 /* CommonCryptoDERUtilities.h in Headers */ = {isa = PBXBuildFile; fileRef = 57E664FB1E73703300765536 /* CommonCryptoDERUtilities.h */; }; 2585 2586 57EF5E601D20C83900171E60 /* TextCodecReplacement.h in Headers */ = {isa = PBXBuildFile; fileRef = 57EF5E5F1D20C83900171E60 /* TextCodecReplacement.h */; }; 2586 2587 57EF5E621D20D28700171E60 /* TextCodecReplacement.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 57EF5E611D20D28700171E60 /* TextCodecReplacement.cpp */; }; … … 10258 10259 57E657ED1E71665400F941CA /* JSPbkdf2Params.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSPbkdf2Params.cpp; sourceTree = "<group>"; }; 10259 10260 57E657EE1E71665400F941CA /* JSPbkdf2Params.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSPbkdf2Params.h; sourceTree = "<group>"; }; 10261 57E664FB1E73703300765536 /* CommonCryptoDERUtilities.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CommonCryptoDERUtilities.h; sourceTree = "<group>"; }; 10260 10262 57EF5E5F1D20C83900171E60 /* TextCodecReplacement.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = TextCodecReplacement.h; sourceTree = "<group>"; }; 10261 10263 57EF5E611D20D28700171E60 /* TextCodecReplacement.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = TextCodecReplacement.cpp; sourceTree = "<group>"; }; … … 24201 24203 isa = PBXGroup; 24202 24204 children = ( 24205 57E664FB1E73703300765536 /* CommonCryptoDERUtilities.h */, 24203 24206 E125F843182425C900D84CD9 /* CryptoAlgorithmAES_CBCMac.cpp */, 24204 24207 570440571E53851600356601 /* CryptoAlgorithmAES_CFBMac.cpp */, … … 27069 27072 930908910AF7EDE40081DF01 /* HitTestRequest.h in Headers */, 27070 27073 9307F1D80AF2D59000DBA31A /* HitTestResult.h in Headers */, 27074 57E664FC1E73703300765536 /* CommonCryptoDERUtilities.h in Headers */, 27071 27075 BC3BC29C0E91AB0F00835588 /* HostWindow.h in Headers */, 27072 27076 FD31609912B026F700C1A359 /* HRTFDatabase.h in Headers */, -
trunk/Source/WebCore/crypto/algorithms/CryptoAlgorithmECDH.cpp
r213628 r214074 154 154 result = CryptoKeyEC::importRaw(ecParameters.identifier, ecParameters.namedCurve, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages); 155 155 break; 156 default: 157 exceptionCallback(NOT_SUPPORTED_ERR); 158 return; 156 case SubtleCrypto::KeyFormat::Spki: 157 if (usages) { 158 exceptionCallback(SYNTAX_ERR); 159 return; 160 } 161 result = CryptoKeyEC::importSpki(ecParameters.identifier, ecParameters.namedCurve, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages); 162 break; 163 case SubtleCrypto::KeyFormat::Pkcs8: 164 if (usages && (usages ^ CryptoKeyUsageDeriveKey) && (usages ^ CryptoKeyUsageDeriveBits) && (usages ^ (CryptoKeyUsageDeriveKey | CryptoKeyUsageDeriveBits))) { 165 exceptionCallback(SYNTAX_ERR); 166 return; 167 } 168 result = CryptoKeyEC::importPkcs8(ecParameters.identifier, ecParameters.namedCurve, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages); 169 break; 159 170 } 160 171 if (!result) { … … 177 188 KeyData result; 178 189 switch (format) { 179 case SubtleCrypto::KeyFormat::Jwk: {190 case SubtleCrypto::KeyFormat::Jwk: 180 191 result = ecKey.exportJwk(); 181 192 break; 182 }183 193 case SubtleCrypto::KeyFormat::Raw: { 184 if (ecKey.type() != CryptoKey::Type::Public) { 185 exceptionCallback(INVALID_ACCESS_ERR); 186 return; 187 } 188 result = ecKey.exportRaw(); 189 break; 190 } 191 default: 192 exceptionCallback(NOT_SUPPORTED_ERR); 193 return; 194 auto raw = ecKey.exportRaw(); 195 if (raw.hasException()) { 196 exceptionCallback(raw.releaseException().code()); 197 return; 198 } 199 result = raw.releaseReturnValue(); 200 break; 201 } 202 case SubtleCrypto::KeyFormat::Spki: { 203 auto spki = ecKey.exportSpki(); 204 if (spki.hasException()) { 205 exceptionCallback(spki.releaseException().code()); 206 return; 207 } 208 result = spki.releaseReturnValue(); 209 break; 210 } 211 case SubtleCrypto::KeyFormat::Pkcs8: { 212 auto pkcs8 = ecKey.exportPkcs8(); 213 if (pkcs8.hasException()) { 214 exceptionCallback(pkcs8.releaseException().code()); 215 return; 216 } 217 result = pkcs8.releaseReturnValue(); 218 break; 219 } 194 220 } 195 221 -
trunk/Source/WebCore/crypto/gnutls/CryptoKeyECGnuTLS.cpp
r213560 r214074 49 49 } 50 50 51 Vector<uint8_t> CryptoKeyEC:: exportRaw() const51 Vector<uint8_t> CryptoKeyEC::platformExportRaw() const 52 52 { 53 53 notImplemented(); … … 89 89 } 90 90 91 RefPtr<CryptoKeyEC> CryptoKeyEC::platformImportSpki(CryptoAlgorithmIdentifier, NamedCurve, Vector<uint8_t>&&, bool, CryptoKeyUsageBitmap) 92 { 93 notImplemented(); 94 95 return nullptr; 96 } 97 98 Vector<uint8_t> CryptoKeyEC::platformExportSpki() const 99 { 100 notImplemented(); 101 102 return { }; 103 } 104 105 RefPtr<CryptoKeyEC> CryptoKeyEC::platformImportPkcs8(CryptoAlgorithmIdentifier, NamedCurve, Vector<uint8_t>&&, bool, CryptoKeyUsageBitmap) 106 { 107 notImplemented(); 108 109 return nullptr; 110 } 111 112 Vector<uint8_t> CryptoKeyEC::platformExportPkcs8() const 113 { 114 notImplemented(); 115 116 return { }; 117 } 118 91 119 } // namespace WebCore 92 120 -
trunk/Source/WebCore/crypto/keys/CryptoKeyEC.cpp
r213560 r214074 114 114 } 115 115 116 RefPtr<CryptoKeyEC> CryptoKeyEC::importSpki(CryptoAlgorithmIdentifier identifier, const String& curve, Vector<uint8_t>&& keyData, bool extractable, CryptoKeyUsageBitmap usages) 117 { 118 auto namedCurve = toNamedCurve(curve); 119 if (!namedCurve) 120 return nullptr; 121 122 return platformImportSpki(identifier, *namedCurve, WTFMove(keyData), extractable, usages); 123 } 124 125 RefPtr<CryptoKeyEC> CryptoKeyEC::importPkcs8(CryptoAlgorithmIdentifier identifier, const String& curve, Vector<uint8_t>&& keyData, bool extractable, CryptoKeyUsageBitmap usages) 126 { 127 auto namedCurve = toNamedCurve(curve); 128 if (!namedCurve) 129 return nullptr; 130 131 return platformImportPkcs8(identifier, *namedCurve, WTFMove(keyData), extractable, usages); 132 } 133 134 ExceptionOr<Vector<uint8_t>> CryptoKeyEC::exportRaw() const 135 { 136 if (type() != CryptoKey::Type::Public) 137 return Exception { INVALID_ACCESS_ERR }; 138 139 return platformExportRaw(); 140 } 141 116 142 JsonWebKey CryptoKeyEC::exportJwk() const 117 143 { … … 130 156 platformAddFieldElements(result); 131 157 return result; 158 } 159 160 ExceptionOr<Vector<uint8_t>> CryptoKeyEC::exportSpki() const 161 { 162 if (type() != CryptoKey::Type::Public) 163 return Exception { INVALID_ACCESS_ERR }; 164 165 return platformExportSpki(); 166 } 167 168 ExceptionOr<Vector<uint8_t>> CryptoKeyEC::exportPkcs8() const 169 { 170 if (type() != CryptoKey::Type::Private) 171 return Exception { INVALID_ACCESS_ERR }; 172 173 return platformExportPkcs8(); 132 174 } 133 175 -
trunk/Source/WebCore/crypto/keys/CryptoKeyEC.h
r213624 r214074 80 80 static RefPtr<CryptoKeyEC> importRaw(CryptoAlgorithmIdentifier, const String& curve, Vector<uint8_t>&& keyData, bool extractable, CryptoKeyUsageBitmap); 81 81 static RefPtr<CryptoKeyEC> importJwk(CryptoAlgorithmIdentifier, const String& curve, JsonWebKey&&, bool extractable, CryptoKeyUsageBitmap); 82 static RefPtr<CryptoKeyEC> importSpki(CryptoAlgorithmIdentifier, const String& curve, Vector<uint8_t>&& keyData, bool extractable, CryptoKeyUsageBitmap); 83 static RefPtr<CryptoKeyEC> importPkcs8(CryptoAlgorithmIdentifier, const String& curve, Vector<uint8_t>&& keyData, bool extractable, CryptoKeyUsageBitmap); 82 84 83 Vector<uint8_t> exportRaw() const;85 ExceptionOr<Vector<uint8_t>> exportRaw() const; 84 86 JsonWebKey exportJwk() const; 87 ExceptionOr<Vector<uint8_t>> exportSpki() const; 88 ExceptionOr<Vector<uint8_t>> exportPkcs8() const; 85 89 86 90 size_t keySizeInBits() const; … … 100 104 static RefPtr<CryptoKeyEC> platformImportJWKPublic(CryptoAlgorithmIdentifier, NamedCurve, Vector<uint8_t>&& x, Vector<uint8_t>&& y, bool extractable, CryptoKeyUsageBitmap); 101 105 static RefPtr<CryptoKeyEC> platformImportJWKPrivate(CryptoAlgorithmIdentifier, NamedCurve, Vector<uint8_t>&& x, Vector<uint8_t>&& y, Vector<uint8_t>&& d, bool extractable, CryptoKeyUsageBitmap); 106 static RefPtr<CryptoKeyEC> platformImportSpki(CryptoAlgorithmIdentifier, NamedCurve, Vector<uint8_t>&& keyData, bool extractable, CryptoKeyUsageBitmap); 107 static RefPtr<CryptoKeyEC> platformImportPkcs8(CryptoAlgorithmIdentifier, NamedCurve, Vector<uint8_t>&& keyData, bool extractable, CryptoKeyUsageBitmap); 108 Vector<uint8_t> platformExportRaw() const; 102 109 void platformAddFieldElements(JsonWebKey&) const; 110 Vector<uint8_t> platformExportSpki() const; 111 Vector<uint8_t> platformExportPkcs8() const; 103 112 104 113 PlatformECKey m_platformKey; -
trunk/Source/WebCore/crypto/mac/CryptoKeyECMac.cpp
r213560 r214074 29 29 #if ENABLE(SUBTLE_CRYPTO) 30 30 31 #include "CommonCryptoDERUtilities.h" 31 32 #include "CommonCryptoUtilities.h" 32 33 #include "JsonWebKey.h" … … 35 36 namespace WebCore { 36 37 37 static unsigned char InitialOctet = 0x04; // Per Section 2.3.3 of http://www.secg.org/sec1-v2.pdf 38 static const unsigned char InitialOctetEC = 0x04; // Per Section 2.3.3 of http://www.secg.org/sec1-v2.pdf 39 // OID id-ecPublicKey 1.2.840.10045.2.1. 40 static const unsigned char IdEcPublicKey[] = {0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01}; 41 // OID secp256r1 1.2.840.10045.3.1.7. 42 static constexpr unsigned char Secp256r1[] = {0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07}; 43 // OID secp384r1 1.3.132.0.34 44 static constexpr unsigned char Secp384r1[] = {0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22}; 45 // Version 1. Per https://tools.ietf.org/html/rfc5915#section-3 46 static const unsigned char PrivateKeyVersion[] = {0x02, 0x01, 0x01}; 47 // Custom OpenSSL ECParameters Tags 48 static const size_t CustomTagSize = 2; 49 static constexpr unsigned char EcP256[] = {0xa1, 0x44}; 50 static constexpr unsigned char EcP384[] = {0xa1, 0x64}; 38 51 39 52 // Per Section 2.3.4 of http://www.secg.org/sec1-v2.pdf … … 90 103 } 91 104 92 Vector<uint8_t> CryptoKeyEC:: exportRaw() const105 Vector<uint8_t> CryptoKeyEC::platformExportRaw() const 93 106 { 94 107 Vector<uint8_t> result(keySizeInBits() / 4 + 1); // Per Section 2.3.4 of http://www.secg.org/sec1-v2.pdf … … 142 155 143 156 // A hack to CommonCrypto since it doesn't provide API for creating private keys directly from x, y, d. 144 // BinaryInput = InitialOctet + X + Y + D157 // BinaryInput = InitialOctetEC + X + Y + D 145 158 Vector<uint8_t> binaryInput; 146 binaryInput.append(InitialOctet );159 binaryInput.append(InitialOctetEC); 147 160 binaryInput.appendVector(x); 148 161 binaryInput.appendVector(y); … … 174 187 } 175 188 189 static size_t getOID(CryptoKeyEC::NamedCurve curve, const uint8_t*& oid) 190 { 191 size_t oidSize; 192 switch (curve) { 193 case CryptoKeyEC::NamedCurve::P256: 194 oid = Secp256r1; 195 oidSize = sizeof(Secp256r1); 196 break; 197 case CryptoKeyEC::NamedCurve::P384: 198 oid = Secp384r1; 199 oidSize = sizeof(Secp384r1); 200 } 201 return oidSize; 202 } 203 204 // Per https://www.ietf.org/rfc/rfc5280.txt 205 // SubjectPublicKeyInfo ::= SEQUENCE { algorithm AlgorithmIdentifier, subjectPublicKey BIT STRING } 206 // AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT IDENTIFIER, parameters ANY DEFINED BY algorithm OPTIONAL } 207 // Per https://www.ietf.org/rfc/rfc5480.txt 208 // id-ecPublicKey OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) ansi-X9-62(10045) keyType(2) 1 } 209 // secp256r1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3) prime(1) 7 } 210 // secp384r1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) certicom(132) curve(0) 34 } 211 RefPtr<CryptoKeyEC> CryptoKeyEC::platformImportSpki(CryptoAlgorithmIdentifier identifier, NamedCurve curve, Vector<uint8_t>&& keyData, bool extractable, CryptoKeyUsageBitmap usages) 212 { 213 // The following is a loose check on the provided SPKI key, it aims to extract AlgorithmIdentifier, ECParameters, and Key. 214 // Once the underlying crypto library is updated to accept SPKI EC Key, we should remove this hack. 215 // <rdar://problem/30987628> 216 size_t index = 1; // Read SEQUENCE 217 if (keyData.size() < index + 1) 218 return nullptr; 219 index += bytesUsedToEncodedLength(keyData[index]) + 1; // Read length, SEQUENCE 220 if (keyData.size() < index + 1) 221 return nullptr; 222 index += bytesUsedToEncodedLength(keyData[index]); // Read length 223 if (keyData.size() < index + sizeof(IdEcPublicKey)) 224 return nullptr; 225 if (memcmp(keyData.data() + index, IdEcPublicKey, sizeof(IdEcPublicKey))) 226 return nullptr; 227 index += sizeof(IdEcPublicKey); // Read id-ecPublicKey 228 const uint8_t* oid; 229 size_t oidSize = getOID(curve, oid); 230 if (keyData.size() < index + oidSize) 231 return nullptr; 232 if (memcmp(keyData.data() + index, oid, oidSize)) 233 return nullptr; 234 index += oidSize + 1; // Read named curve OID, BIT STRING 235 if (keyData.size() < index + 1) 236 return nullptr; 237 index += bytesUsedToEncodedLength(keyData[index]) + 1; // Read length, InitialOctet 238 239 if (!doesUncompressedPointMatchNamedCurve(curve, keyData.size() - index)) 240 return nullptr; 241 242 CCECCryptorRef ccPublicKey; 243 if (CCECCryptorImportKey(kCCImportKeyBinary, keyData.data() + index, keyData.size() - index, ccECKeyPublic, &ccPublicKey)) 244 return nullptr; 245 246 return create(identifier, curve, CryptoKeyType::Public, ccPublicKey, extractable, usages); 247 } 248 249 Vector<uint8_t> CryptoKeyEC::platformExportSpki() const 250 { 251 Vector<uint8_t> keyBytes(keySizeInBits() / 4 + 1); // Per Section 2.3.4 of http://www.secg.org/sec1-v2.pdf 252 size_t keySize = keyBytes.size(); 253 CCECCryptorExportKey(kCCImportKeyBinary, keyBytes.data(), &keySize, ccECKeyPublic, m_platformKey); 254 255 // The following addes SPKI header to a raw EC public key. 256 // Once the underlying crypto library is updated to output SPKI EC Key, we should remove this hack. 257 // <rdar://problem/30987628> 258 const uint8_t* oid; 259 size_t oidSize = getOID(namedCurve(), oid); 260 261 // SEQUENCE + length(1) + OID id-ecPublicKey + OID secp256r1/OID secp384r1 + BIT STRING + length(?) + InitialOctet + Key size 262 size_t totalSize = sizeof(IdEcPublicKey) + oidSize + bytesNeededForEncodedLength(keySize + 1) + keySize + 4; 263 264 Vector<uint8_t> result; 265 result.reserveCapacity(totalSize + bytesNeededForEncodedLength(totalSize) + 1); 266 result.append(SequenceMark); 267 addEncodedASN1Length(result, totalSize); 268 result.append(SequenceMark); 269 addEncodedASN1Length(result, sizeof(IdEcPublicKey) + oidSize); 270 result.append(IdEcPublicKey, sizeof(IdEcPublicKey)); 271 result.append(oid, oidSize); 272 result.append(BitStringMark); 273 addEncodedASN1Length(result, keySize + 1); 274 result.append(InitialOctet); 275 result.append(keyBytes.data(), keyBytes.size()); 276 277 return result; 278 } 279 280 // Per https://www.ietf.org/rfc/rfc5208.txt 281 // PrivateKeyInfo ::= SEQUENCE { version INTEGER, privateKeyAlgorithm AlgorithmIdentifier, privateKey OCTET STRING { ECPrivateKey } } 282 // Per https://www.ietf.org/rfc/rfc5915.txt 283 // ECPrivateKey ::= SEQUENCE { version INTEGER { ecPrivkeyVer1(1) }, privateKey OCTET STRING, parameters CustomECParameters, publicKey BIT STRING } 284 // OpenSSL uses custom ECParameters. We follow OpenSSL as a compatibility concern. 285 RefPtr<CryptoKeyEC> CryptoKeyEC::platformImportPkcs8(CryptoAlgorithmIdentifier identifier, NamedCurve curve, Vector<uint8_t>&& keyData, bool extractable, CryptoKeyUsageBitmap usages) 286 { 287 // The following is a loose check on the provided PKCS8 key, it aims to extract AlgorithmIdentifier, ECParameters, and Key. 288 // Once the underlying crypto library is updated to accept PKCS8 EC Key, we should remove this hack. 289 // <rdar://problem/30987628> 290 size_t index = 1; // Read SEQUENCE 291 if (keyData.size() < index + 1) 292 return nullptr; 293 index += bytesUsedToEncodedLength(keyData[index]) + 4; // Read length, version, SEQUENCE 294 if (keyData.size() < index + 1) 295 return nullptr; 296 index += bytesUsedToEncodedLength(keyData[index]); // Read length 297 if (keyData.size() < index + sizeof(IdEcPublicKey)) 298 return nullptr; 299 if (memcmp(keyData.data() + index, IdEcPublicKey, sizeof(IdEcPublicKey))) 300 return nullptr; 301 index += sizeof(IdEcPublicKey); // Read id-ecPublicKey 302 const uint8_t* oid; 303 size_t oidSize = getOID(curve, oid); 304 if (keyData.size() < index + oidSize) 305 return nullptr; 306 if (memcmp(keyData.data() + index, oid, oidSize)) 307 return nullptr; 308 index += oidSize + 1; // Read named curve OID, OCTET STRING 309 if (keyData.size() < index + 1) 310 return nullptr; 311 index += bytesUsedToEncodedLength(keyData[index]) + 1; // Read length, SEQUENCE 312 if (keyData.size() < index + 1) 313 return nullptr; 314 index += bytesUsedToEncodedLength(keyData[index]) + 4; // Read length, version, OCTET STRING 315 if (keyData.size() < index + 1) 316 return nullptr; 317 index += bytesUsedToEncodedLength(keyData[index]); // Read length 318 319 if (keyData.size() < index + getKeySizeFromNamedCurve(curve) / 8) 320 return nullptr; 321 size_t privateKeyPos = index; 322 index += getKeySizeFromNamedCurve(curve) / 8 + CustomTagSize + 1; // Read privateKey, CustomECParameters, BIT STRING 323 if (keyData.size() < index + 1) 324 return nullptr; 325 index += bytesUsedToEncodedLength(keyData[index]) + 1; // Read length, InitialOctet 326 327 // KeyBinary = uncompressed point + private key 328 Vector<uint8_t> keyBinary; 329 keyBinary.append(keyData.data() + index, keyData.size() - index); 330 if (!doesUncompressedPointMatchNamedCurve(curve, keyBinary.size())) 331 return nullptr; 332 keyBinary.append(keyData.data() + privateKeyPos, getKeySizeFromNamedCurve(curve) / 8); 333 334 CCECCryptorRef ccPrivateKey; 335 if (CCECCryptorImportKey(kCCImportKeyBinary, keyBinary.data(), keyBinary.size(), ccECKeyPrivate, &ccPrivateKey)) 336 return nullptr; 337 338 return create(identifier, curve, CryptoKeyType::Private, ccPrivateKey, extractable, usages); 339 } 340 341 Vector<uint8_t> CryptoKeyEC::platformExportPkcs8() const 342 { 343 size_t keySizeInBytes = keySizeInBits() / 8; 344 Vector<uint8_t> keyBytes(keySizeInBytes * 3 + 1); // 04 + X + Y + private key 345 size_t keySize = keyBytes.size(); 346 CCECCryptorExportKey(kCCImportKeyBinary, keyBytes.data(), &keySize, ccECKeyPrivate, m_platformKey); 347 348 // The following addes PKCS8 header to a raw EC private key. 349 // Once the underlying crypto library is updated to output PKCS8 EC Key, we should remove this hack. 350 // <rdar://problem/30987628> 351 const uint8_t* oid; 352 size_t oidSize = getOID(namedCurve(), oid); 353 const uint8_t* customTag; 354 switch (namedCurve()) { 355 case NamedCurve::P256: 356 customTag = EcP256; 357 break; 358 case NamedCurve::P384: 359 customTag = EcP384; 360 } 361 362 // InitialOctet + 04 + X + Y 363 size_t publicKeySize = keySizeInBytes * 2 + 2; 364 // VERSION + OCTET STRING + length(1) + private key + CustomECParameters(2) + BIT STRING + length(?) + publicKeySize 365 size_t ecPrivateKeySize = sizeof(Version) + keySizeInBytes + CustomTagSize + bytesNeededForEncodedLength(publicKeySize) + publicKeySize + 3; 366 // SEQUENCE + length(?) + ecPrivateKeySize 367 size_t privateKeySize = bytesNeededForEncodedLength(ecPrivateKeySize) + ecPrivateKeySize + 1; 368 // VERSION + SEQUENCE + length(1) + OID id-ecPublicKey + OID secp256r1/OID secp384r1 + OCTET STRING + length(?) + privateKeySize 369 size_t totalSize = sizeof(Version) + sizeof(IdEcPublicKey) + oidSize + bytesNeededForEncodedLength(privateKeySize) + privateKeySize + 3; 370 371 Vector<uint8_t> result; 372 result.reserveCapacity(totalSize + bytesNeededForEncodedLength(totalSize) + 1); 373 result.append(SequenceMark); 374 addEncodedASN1Length(result, totalSize); 375 result.append(Version, sizeof(Version)); 376 result.append(SequenceMark); 377 addEncodedASN1Length(result, sizeof(IdEcPublicKey) + oidSize); 378 result.append(IdEcPublicKey, sizeof(IdEcPublicKey)); 379 result.append(oid, oidSize); 380 result.append(OctetStringMark); 381 addEncodedASN1Length(result, privateKeySize); 382 result.append(SequenceMark); 383 addEncodedASN1Length(result, ecPrivateKeySize); 384 result.append(PrivateKeyVersion, sizeof(PrivateKeyVersion)); 385 result.append(OctetStringMark); 386 addEncodedASN1Length(result, keySizeInBytes); 387 result.append(keyBytes.data() + publicKeySize - 1, keySizeInBytes); 388 result.append(customTag, CustomTagSize); 389 result.append(BitStringMark); 390 addEncodedASN1Length(result, publicKeySize); 391 result.append(InitialOctet); 392 result.append(keyBytes.data(), publicKeySize - 1); 393 394 return result; 395 } 396 176 397 } // namespace WebCore 177 398 -
trunk/Source/WebCore/crypto/mac/CryptoKeyRSAMac.cpp
r212465 r214074 29 29 #if ENABLE(SUBTLE_CRYPTO) 30 30 31 #include "CommonCryptoDERUtilities.h" 31 32 #include "CommonCryptoUtilities.h" 32 33 #include "CryptoAlgorithmRegistry.h" … … 40 41 41 42 // OID rsaEncryption: 1.2.840.113549.1.1.1. Per https://tools.ietf.org/html/rfc3279#section-2.3.1 42 static unsigned char RSAOIDHeader[] = {0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00}; 43 // Version 0. Per https://tools.ietf.org/html/rfc5208#section-5 44 static unsigned char Version[] = {0x02, 0x01, 0x00}; 45 46 // Per X.690 08/2015: https://www.itu.int/rec/T-REC-X.680-X.693/en 47 static unsigned char BitStringMark = 0x03; 48 static unsigned char OctetStringMark = 0x04; 49 static unsigned char SequenceMark = 0x30; 50 51 static unsigned char InitialOctet = 0x00; 43 static const unsigned char RSAOIDHeader[] = {0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00}; 52 44 53 45 // FIXME: We should get rid of magic number 16384. It assumes that the length of provided key will not exceed 16KB. … … 254 246 } 255 247 256 static size_t bytesUsedToEncodedLength(uint8_t octet)257 {258 if (octet < 128)259 return 1;260 return octet - 127;261 }262 263 static size_t bytesNeededForEncodedLength(size_t length)264 {265 if (!length)266 return 0;267 size_t result = 1;268 while (result < sizeof(length) && length >= (1 << (result * 8)))269 result += 1;270 return result;271 }272 273 static void addEncodedASN1Length(Vector<uint8_t>& in, size_t length)274 {275 if (length < 128) {276 in.append(length);277 return;278 }279 280 size_t extraBytes = bytesNeededForEncodedLength(length);281 in.append(128 + extraBytes);282 283 size_t lastPosition = in.size() + extraBytes - 1;284 in.grow(in.size() + extraBytes);285 for (size_t i = 0; i < extraBytes; i++) {286 in[lastPosition - i] = length & 0xff;287 length = length >> 8;288 }289 }290 291 248 // FIXME: We should use WorkQueue here instead of dispatch_async once WebKitSubtleCrypto is deprecated. 292 249 // https://bugs.webkit.org/show_bug.cgi?id=164943 … … 374 331 375 332 // RSAOIDHeader + BitStringMark + Length + keySize + InitialOctet 376 size_t totalSize = sizeof(RSAOIDHeader) + bytesNeededForEncodedLength(keySize + 1) + keySize + 3;333 size_t totalSize = sizeof(RSAOIDHeader) + bytesNeededForEncodedLength(keySize + 1) + keySize + 2; 377 334 378 335 // Per https://tools.ietf.org/html/rfc5280#section-4.1. subjectPublicKeyInfo. 379 336 Vector<uint8_t> result; 337 result.reserveCapacity(totalSize + bytesNeededForEncodedLength(totalSize) + 1); 380 338 result.append(SequenceMark); 381 339 addEncodedASN1Length(result, totalSize); … … 432 390 433 391 // Version + RSAOIDHeader + OctetStringMark + Length + keySize 434 size_t totalSize = sizeof(Version) + sizeof(RSAOIDHeader) + bytesNeededForEncodedLength(keySize) + keySize + 2;392 size_t totalSize = sizeof(Version) + sizeof(RSAOIDHeader) + bytesNeededForEncodedLength(keySize) + keySize + 1; 435 393 436 394 // Per https://tools.ietf.org/html/rfc5208#section-5. PrivateKeyInfo. 437 395 Vector<uint8_t> result; 396 result.reserveCapacity(totalSize + bytesNeededForEncodedLength(totalSize) + 1); 438 397 result.append(SequenceMark); 439 398 addEncodedASN1Length(result, totalSize);
Note: See TracChangeset
for help on using the changeset viewer.