<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[163244] trunk</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/163244">163244</a></dd>
<dt>Author</dt> <dd>ap@apple.com</dd>
<dt>Date</dt> <dd>2014-02-01 10:14:17 -0800 (Sat, 01 Feb 2014)</dd>
</dl>
<h3>Log Message</h3>
<pre>Update WebCrypto JWK mapping to use key_ops
https://bugs.webkit.org/show_bug.cgi?id=127609
Reviewed by Sam Weinig.
Source/WebCore:
Updated JWK support ot match current editor draft.
* bindings/js/JSCryptoKeySerializationJWK.cpp:
(WebCore::getJSArrayFromJSON): Fixed this previously untested function to actually work.
(WebCore::tryJWKKeyOpsValue):
(WebCore::JSCryptoKeySerializationJWK::reconcileUsages):
(WebCore::JSCryptoKeySerializationJWK::reconcileExtractable): Removed an old comment,
these things are now specced.
(WebCore::addToJSON): Made static functions file static, there is no reason for
them to be class members.
(WebCore::buildJSONForOctetSequence):
(WebCore::buildJSONForRSAComponents):
(WebCore::addBoolToJSON):
(WebCore::addJWKAlgorithmToJSON):
(WebCore::addUsagesToJSON):
(WebCore::JSCryptoKeySerializationJWK::serialize):
* bindings/js/JSCryptoKeySerializationJWK.h:
* crypto/mac/CryptoAlgorithmAES_KWMac.cpp:
(WebCore::CryptoAlgorithmAES_KW::platformEncrypt):
(WebCore::CryptoAlgorithmAES_KW::platformDecrypt):
Check for length, so that we don't fail silently.
LayoutTests:
* crypto/subtle/aes-kw-wrap-unwrap-aes-expected.txt:
* crypto/subtle/aes-kw-wrap-unwrap-aes.html:
Removed a subtest for wrapping JWK. That doesn't really work per the spec, because
JWK is arbitatry length, and AES-KW requires 8*n bytes.
* crypto/subtle/aes-export-key-expected.txt:
* crypto/subtle/aes-export-key.html:
* crypto/subtle/hmac-export-key-expected.txt:
* crypto/subtle/hmac-export-key.html:
* crypto/subtle/jwk-export-use-values-expected.txt:
* crypto/subtle/jwk-export-use-values.html:
* crypto/subtle/jwk-import-use-values-expected.txt:
* crypto/subtle/jwk-import-use-values.html:
* crypto/subtle/rsa-export-key-expected.txt:
* crypto/subtle/rsa-export-key.html:
* crypto/subtle/rsa-export-private-key-expected.txt:
* crypto/subtle/rsa-export-private-key.html:
* crypto/subtle/rsa-oaep-key-manipulation-expected.txt:
* crypto/subtle/rsa-oaep-key-manipulation.html:
* crypto/subtle/rsa-postMessage-expected.txt:
* crypto/subtle/rsa-postMessage.html:
Updated for the fix.</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkLayoutTestsChangeLog">trunk/LayoutTests/ChangeLog</a></li>
<li><a href="#trunkLayoutTestscryptosubtleaesexportkeyexpectedtxt">trunk/LayoutTests/crypto/subtle/aes-export-key-expected.txt</a></li>
<li><a href="#trunkLayoutTestscryptosubtleaesexportkeyhtml">trunk/LayoutTests/crypto/subtle/aes-export-key.html</a></li>
<li><a href="#trunkLayoutTestscryptosubtleaeskwwrapunwrapaesexpectedtxt">trunk/LayoutTests/crypto/subtle/aes-kw-wrap-unwrap-aes-expected.txt</a></li>
<li><a href="#trunkLayoutTestscryptosubtleaeskwwrapunwrapaeshtml">trunk/LayoutTests/crypto/subtle/aes-kw-wrap-unwrap-aes.html</a></li>
<li><a href="#trunkLayoutTestscryptosubtlehmacexportkeyexpectedtxt">trunk/LayoutTests/crypto/subtle/hmac-export-key-expected.txt</a></li>
<li><a href="#trunkLayoutTestscryptosubtlehmacexportkeyhtml">trunk/LayoutTests/crypto/subtle/hmac-export-key.html</a></li>
<li><a href="#trunkLayoutTestscryptosubtlejwkexportusevaluesexpectedtxt">trunk/LayoutTests/crypto/subtle/jwk-export-use-values-expected.txt</a></li>
<li><a href="#trunkLayoutTestscryptosubtlejwkexportusevalueshtml">trunk/LayoutTests/crypto/subtle/jwk-export-use-values.html</a></li>
<li><a href="#trunkLayoutTestscryptosubtlejwkimportusevaluesexpectedtxt">trunk/LayoutTests/crypto/subtle/jwk-import-use-values-expected.txt</a></li>
<li><a href="#trunkLayoutTestscryptosubtlejwkimportusevalueshtml">trunk/LayoutTests/crypto/subtle/jwk-import-use-values.html</a></li>
<li><a href="#trunkLayoutTestscryptosubtlersaexportkeyexpectedtxt">trunk/LayoutTests/crypto/subtle/rsa-export-key-expected.txt</a></li>
<li><a href="#trunkLayoutTestscryptosubtlersaexportkeyhtml">trunk/LayoutTests/crypto/subtle/rsa-export-key.html</a></li>
<li><a href="#trunkLayoutTestscryptosubtlersaexportprivatekeyexpectedtxt">trunk/LayoutTests/crypto/subtle/rsa-export-private-key-expected.txt</a></li>
<li><a href="#trunkLayoutTestscryptosubtlersaexportprivatekeyhtml">trunk/LayoutTests/crypto/subtle/rsa-export-private-key.html</a></li>
<li><a href="#trunkLayoutTestscryptosubtlersaoaepkeymanipulationexpectedtxt">trunk/LayoutTests/crypto/subtle/rsa-oaep-key-manipulation-expected.txt</a></li>
<li><a href="#trunkLayoutTestscryptosubtlersaoaepkeymanipulationhtml">trunk/LayoutTests/crypto/subtle/rsa-oaep-key-manipulation.html</a></li>
<li><a href="#trunkLayoutTestscryptosubtlersapostMessageexpectedtxt">trunk/LayoutTests/crypto/subtle/rsa-postMessage-expected.txt</a></li>
<li><a href="#trunkLayoutTestscryptosubtlersapostMessagehtml">trunk/LayoutTests/crypto/subtle/rsa-postMessage.html</a></li>
<li><a href="#trunkSourceWebCoreChangeLog">trunk/Source/WebCore/ChangeLog</a></li>
<li><a href="#trunkSourceWebCorebindingsjsJSCryptoKeySerializationJWKcpp">trunk/Source/WebCore/bindings/js/JSCryptoKeySerializationJWK.cpp</a></li>
<li><a href="#trunkSourceWebCorebindingsjsJSCryptoKeySerializationJWKh">trunk/Source/WebCore/bindings/js/JSCryptoKeySerializationJWK.h</a></li>
<li><a href="#trunkSourceWebCorecryptomacCryptoAlgorithmAES_KWMaccpp">trunk/Source/WebCore/crypto/mac/CryptoAlgorithmAES_KWMac.cpp</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkLayoutTestsChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/ChangeLog (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/ChangeLog 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/LayoutTests/ChangeLog 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -1,3 +1,33 @@
</span><ins>+2014-02-01 Alexey Proskuryakov <ap@apple.com>
+
+ Update WebCrypto JWK mapping to use key_ops
+ https://bugs.webkit.org/show_bug.cgi?id=127609
+
+ Reviewed by Sam Weinig.
+
+ * crypto/subtle/aes-kw-wrap-unwrap-aes-expected.txt:
+ * crypto/subtle/aes-kw-wrap-unwrap-aes.html:
+ Removed a subtest for wrapping JWK. That doesn't really work per the spec, because
+ JWK is arbitatry length, and AES-KW requires 8*n bytes.
+
+ * crypto/subtle/aes-export-key-expected.txt:
+ * crypto/subtle/aes-export-key.html:
+ * crypto/subtle/hmac-export-key-expected.txt:
+ * crypto/subtle/hmac-export-key.html:
+ * crypto/subtle/jwk-export-use-values-expected.txt:
+ * crypto/subtle/jwk-export-use-values.html:
+ * crypto/subtle/jwk-import-use-values-expected.txt:
+ * crypto/subtle/jwk-import-use-values.html:
+ * crypto/subtle/rsa-export-key-expected.txt:
+ * crypto/subtle/rsa-export-key.html:
+ * crypto/subtle/rsa-export-private-key-expected.txt:
+ * crypto/subtle/rsa-export-private-key.html:
+ * crypto/subtle/rsa-oaep-key-manipulation-expected.txt:
+ * crypto/subtle/rsa-oaep-key-manipulation.html:
+ * crypto/subtle/rsa-postMessage-expected.txt:
+ * crypto/subtle/rsa-postMessage.html:
+ Updated for the fix.
+
</ins><span class="cx"> 2014-02-01 Benjamin Poulain <bpoulain@apple.com>
</span><span class="cx">
</span><span class="cx"> Improve the JavaScript bindings of DatasetDOMStringMap
</span></span></pre></div>
<a id="trunkLayoutTestscryptosubtleaesexportkeyexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/crypto/subtle/aes-export-key-expected.txt (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/crypto/subtle/aes-export-key-expected.txt 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/LayoutTests/crypto/subtle/aes-export-key-expected.txt 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -23,7 +23,8 @@
</span><span class="cx"> PASS exportedJWK.k is 'jnOw99oOZFLIEPMrgJB55WL46tJSLGt7'
</span><span class="cx"> PASS exportedJWK.alg is 'A192CBC'
</span><span class="cx"> PASS exportedJWK.ext is true
</span><del>-PASS exportedJWK.use is 'enc'
</del><ins>+PASS exportedJWK.use is undefined
+PASS exportedJWK.key_ops is ['encrypt', 'decrypt', 'wrap', 'unwrap']
</ins><span class="cx">
</span><span class="cx"> Importing a key that's not extractable...
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestscryptosubtleaesexportkeyhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/crypto/subtle/aes-export-key.html (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/crypto/subtle/aes-export-key.html 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/LayoutTests/crypto/subtle/aes-export-key.html 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -53,7 +53,8 @@
</span><span class="cx"> shouldBe("exportedJWK.k", "'jnOw99oOZFLIEPMrgJB55WL46tJSLGt7'");
</span><span class="cx"> shouldBe("exportedJWK.alg", "'A192CBC'");
</span><span class="cx"> shouldBe("exportedJWK.ext", "true");
</span><del>- shouldBe("exportedJWK.use", "'enc'");
</del><ins>+ shouldBe("exportedJWK.use", "undefined");
+ shouldBe("exportedJWK.key_ops", "['encrypt', 'decrypt', 'wrap', 'unwrap']");
</ins><span class="cx">
</span><span class="cx"> debug("\nImporting a key that's not extractable...");
</span><span class="cx"> return crypto.subtle.importKey("jwk", jwkKeyAsArrayBuffer, "AES-CBC", nonExtractable, ['encrypt', 'decrypt', 'wrapKey', 'unwrapKey'])
</span></span></pre></div>
<a id="trunkLayoutTestscryptosubtleaeskwwrapunwrapaesexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/crypto/subtle/aes-kw-wrap-unwrap-aes-expected.txt (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/crypto/subtle/aes-kw-wrap-unwrap-aes-expected.txt 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/LayoutTests/crypto/subtle/aes-kw-wrap-unwrap-aes-expected.txt 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -16,17 +16,6 @@
</span><span class="cx"> PASS unwrappedKey.usages is ['decrypt', 'encrypt', 'unwrapKey', 'wrapKey']
</span><span class="cx"> Exporting it...
</span><span class="cx"> PASS bytesToHexString(unwrappedKeyData) is bytesToHexString(keyData)
</span><del>-
-Wrapping it as JWK...
-Unwrapping it...
-PASS unwrappedKey.toString() is '[object Key]'
-PASS unwrappedKey.type is 'secret'
-PASS unwrappedKey.extractable is true
-PASS unwrappedKey.algorithm.name is 'AES-CBC'
-PASS unwrappedKey.algorithm.length is 128
-PASS unwrappedKey.usages is ['decrypt', 'encrypt', 'unwrapKey', 'wrapKey']
-Exporting it...
-PASS bytesToHexString(unwrappedKeyData) is bytesToHexString(keyData)
</del><span class="cx"> PASS successfullyParsed is true
</span><span class="cx">
</span><span class="cx"> TEST COMPLETE
</span></span></pre></div>
<a id="trunkLayoutTestscryptosubtleaeskwwrapunwrapaeshtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/crypto/subtle/aes-kw-wrap-unwrap-aes.html (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/crypto/subtle/aes-kw-wrap-unwrap-aes.html 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/LayoutTests/crypto/subtle/aes-kw-wrap-unwrap-aes.html 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -49,28 +49,6 @@
</span><span class="cx"> unwrappedKeyData = result;
</span><span class="cx"> shouldBe("bytesToHexString(unwrappedKeyData)", "bytesToHexString(keyData)");
</span><span class="cx">
</span><del>- debug("\nWrapping it as JWK...");
- return crypto.subtle.wrapKey("jwk", key, kek, "aes-kw");
-}).then(function(result) {
- wrappedKey = result;
-
- debug("Unwrapping it...");
- return crypto.subtle.unwrapKey("jwk", wrappedKey, kek, "aes-kw", "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]);
-}).then(function(result) {
- unwrappedKey = result;
- shouldBe("unwrappedKey.toString()", "'[object Key]'");
- shouldBe("unwrappedKey.type", "'secret'");
- shouldBe("unwrappedKey.extractable", "true");
- shouldBe("unwrappedKey.algorithm.name", "'AES-CBC'");
- shouldBe("unwrappedKey.algorithm.length", "128");
- shouldBe("unwrappedKey.usages", "['decrypt', 'encrypt', 'unwrapKey', 'wrapKey']");
-
- debug("Exporting it...");
- return crypto.subtle.exportKey("raw", unwrappedKey);
-}).then(function(result) {
- unwrappedKeyData = result;
- shouldBe("bytesToHexString(unwrappedKeyData)", "bytesToHexString(keyData)");
-
</del><span class="cx"> finishJSTest();
</span><span class="cx"> });
</span><span class="cx"> </script>
</span></span></pre></div>
<a id="trunkLayoutTestscryptosubtlehmacexportkeyexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/crypto/subtle/hmac-export-key-expected.txt (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/crypto/subtle/hmac-export-key-expected.txt 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/LayoutTests/crypto/subtle/hmac-export-key-expected.txt 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -16,7 +16,8 @@
</span><span class="cx"> PASS exportedJWK.k is 'ahjkn-_387fgnsibf23qsvahjkn-_387fgnsibf23qs'
</span><span class="cx"> PASS exportedJWK.alg is 'HS256'
</span><span class="cx"> PASS exportedJWK.ext is true
</span><del>-PASS exportedJWK.use is 'sig'
</del><ins>+PASS exportedJWK.use is undefined
+PASS exportedJWK.key_ops is ['sign', 'verify']
</ins><span class="cx">
</span><span class="cx"> Importing a key that's not extractable...
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestscryptosubtlehmacexportkeyhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/crypto/subtle/hmac-export-key.html (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/crypto/subtle/hmac-export-key.html 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/LayoutTests/crypto/subtle/hmac-export-key.html 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -47,7 +47,8 @@
</span><span class="cx"> shouldBe("exportedJWK.k", "'ahjkn-_387fgnsibf23qsvahjkn-_387fgnsibf23qs'");
</span><span class="cx"> shouldBe("exportedJWK.alg", "'HS256'");
</span><span class="cx"> shouldBe("exportedJWK.ext", "true");
</span><del>- shouldBe("exportedJWK.use", "'sig'");
</del><ins>+ shouldBe("exportedJWK.use", "undefined");
+ shouldBe("exportedJWK.key_ops", "['sign', 'verify']");
</ins><span class="cx">
</span><span class="cx"> debug("\nImporting a key that's not extractable...");
</span><span class="cx"> return crypto.subtle.importKey("jwk", jwkKeyAsArrayBuffer, { name: "HMAC", hash: "SHA-256" }, nonExtractable, ["sign", "verify"]);
</span></span></pre></div>
<a id="trunkLayoutTestscryptosubtlejwkexportusevaluesexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/crypto/subtle/jwk-export-use-values-expected.txt (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/crypto/subtle/jwk-export-use-values-expected.txt 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/LayoutTests/crypto/subtle/jwk-export-use-values-expected.txt 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -4,37 +4,48 @@
</span><span class="cx">
</span><span class="cx">
</span><span class="cx"> encrypt:
</span><del>-PASS jwk.use is 'enconly'
</del><ins>+PASS jwk.use is undefined
+PASS jwk.key_ops is ["encrypt"]
</ins><span class="cx">
</span><span class="cx"> decrypt:
</span><del>-PASS jwk.use is 'deconly'
</del><ins>+PASS jwk.use is undefined
+PASS jwk.key_ops is ["decrypt"]
</ins><span class="cx">
</span><span class="cx"> encrypt,decrypt:
</span><del>-PASS jwk.use is 'enconly,deconly'
</del><ins>+PASS jwk.use is undefined
+PASS jwk.key_ops is ["encrypt","decrypt"]
</ins><span class="cx">
</span><span class="cx"> wrapKey:
</span><del>-PASS jwk.use is 'wrap'
</del><ins>+PASS jwk.use is undefined
+PASS jwk.key_ops is ["wrap"]
</ins><span class="cx">
</span><span class="cx"> unwrapKey:
</span><del>-PASS jwk.use is 'unwrap'
</del><ins>+PASS jwk.use is undefined
+PASS jwk.key_ops is ["unwrap"]
</ins><span class="cx">
</span><span class="cx"> wrapKey,unwrapKey:
</span><del>-PASS jwk.use is 'wrap,unwrap'
</del><ins>+PASS jwk.use is undefined
+PASS jwk.key_ops is ["wrap","unwrap"]
</ins><span class="cx">
</span><span class="cx"> encrypt,decrypt,wrapKey:
</span><del>-PASS jwk.use is 'enconly,deconly,wrap'
</del><ins>+PASS jwk.use is undefined
+PASS jwk.key_ops is ["encrypt","decrypt","wrap"]
</ins><span class="cx">
</span><span class="cx"> encrypt,decrypt,wrapKey,unwrapKey:
</span><del>-PASS jwk.use is 'enc'
</del><ins>+PASS jwk.use is undefined
+PASS jwk.key_ops is ["encrypt","decrypt","wrap","unwrap"]
</ins><span class="cx">
</span><span class="cx"> sign:
</span><del>-PASS jwk.use is 'sigonly'
</del><ins>+PASS jwk.use is undefined
+PASS jwk.key_ops is ["sign"]
</ins><span class="cx">
</span><span class="cx"> verify:
</span><del>-PASS jwk.use is 'vfyonly'
</del><ins>+PASS jwk.use is undefined
+PASS jwk.key_ops is ["verify"]
</ins><span class="cx">
</span><span class="cx"> sign,verify:
</span><del>-PASS jwk.use is 'sig'
</del><ins>+PASS jwk.use is undefined
+PASS jwk.key_ops is ["sign","verify"]
</ins><span class="cx">
</span><span class="cx"> PASS successfullyParsed is true
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestscryptosubtlejwkexportusevalueshtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/crypto/subtle/jwk-export-use-values.html (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/crypto/subtle/jwk-export-use-values.html 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/LayoutTests/crypto/subtle/jwk-export-use-values.html 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -18,42 +18,44 @@
</span><span class="cx"> var aesKeyAsArrayBuffer = Base64URL.parse("jnOw99oOZFLIEPMrgJB55WL46tJSLGt7");
</span><span class="cx"> var hmacKeyAsArrayBuffer = Base64URL.parse("ahjkn-_387fgnsibf23qsvahjkn-_387fgnsibf23qs");
</span><span class="cx">
</span><del>-function testWithAESCBC(usages, expectedUse)
</del><ins>+function testWithAESCBC(usages, expectedKeyOps)
</ins><span class="cx"> {
</span><span class="cx"> return crypto.subtle.importKey("raw", aesKeyAsArrayBuffer, "AES-CBC", extractable, usages).then(function(result) {
</span><span class="cx"> return crypto.subtle.exportKey("jwk", result);
</span><span class="cx"> }).then(function(result) {
</span><span class="cx"> jwk = JSON.parse(bytesToASCIIString(result));
</span><span class="cx"> debug(usages + ":");
</span><del>- shouldBe("jwk.use", "'" + expectedUse + "'");
</del><ins>+ shouldBe("jwk.use", "undefined");
+ shouldBe("jwk.key_ops", JSON.stringify(expectedKeyOps));
</ins><span class="cx"> debug("");
</span><span class="cx"> });
</span><span class="cx"> }
</span><span class="cx">
</span><del>-function testWithHMAC(usages, expectedUse)
</del><ins>+function testWithHMAC(usages, expectedKeyOps)
</ins><span class="cx"> {
</span><span class="cx"> return crypto.subtle.importKey("raw", hmacKeyAsArrayBuffer, {name: 'hmac', hash: {name: 'sha-256'}}, extractable, usages).then(function(result) {
</span><span class="cx"> return crypto.subtle.exportKey("jwk", result);
</span><span class="cx"> }).then(function(result) {
</span><span class="cx"> jwk = JSON.parse(bytesToASCIIString(result));
</span><span class="cx"> debug(usages + ":");
</span><del>- shouldBe("jwk.use", "'" + expectedUse + "'");
</del><ins>+ shouldBe("jwk.use", "undefined");
+ shouldBe("jwk.key_ops", JSON.stringify(expectedKeyOps));
</ins><span class="cx"> debug("");
</span><span class="cx"> });
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> Promise.all([
</span><del>- testWithAESCBC(["encrypt"], "enconly"),
- testWithAESCBC(["decrypt"], "deconly"),
- testWithAESCBC(["encrypt", "decrypt"], "enconly,deconly"),
- testWithAESCBC(["wrapKey"], "wrap"),
- testWithAESCBC(["unwrapKey"], "unwrap"),
- testWithAESCBC(["wrapKey", "unwrapKey"], "wrap,unwrap"),
- testWithAESCBC(["encrypt", "decrypt", "wrapKey"], "enconly,deconly,wrap"),
- testWithAESCBC(["encrypt", "decrypt", "wrapKey", "unwrapKey"], "enc"),
- testWithHMAC(["sign"], "sigonly"),
- testWithHMAC(["verify"], "vfyonly"),
- testWithHMAC(["sign", "verify"], "sig"),
</del><ins>+ testWithAESCBC(["encrypt"], ["encrypt"]),
+ testWithAESCBC(["decrypt"], ["decrypt"]),
+ testWithAESCBC(["encrypt", "decrypt"], ["encrypt", "decrypt"]),
+ testWithAESCBC(["wrapKey"], ["wrap"]),
+ testWithAESCBC(["unwrapKey"], ["unwrap"]),
+ testWithAESCBC(["wrapKey", "unwrapKey"], ["wrap", "unwrap"]),
+ testWithAESCBC(["encrypt", "decrypt", "wrapKey"], ["encrypt", "decrypt", "wrap"]),
+ testWithAESCBC(["encrypt", "decrypt", "wrapKey", "unwrapKey"], ["encrypt", "decrypt", "wrap", "unwrap"]),
+ testWithHMAC(["sign"], ["sign"]),
+ testWithHMAC(["verify"], ["verify"]),
+ testWithHMAC(["sign", "verify"], ["sign", "verify"]),
</ins><span class="cx"> ]).then(function() { finishJSTest(); } );
</span><span class="cx"> </script>
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestscryptosubtlejwkimportusevaluesexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/crypto/subtle/jwk-import-use-values-expected.txt (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/crypto/subtle/jwk-import-use-values-expected.txt 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/LayoutTests/crypto/subtle/jwk-import-use-values-expected.txt 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -3,54 +3,50 @@
</span><span class="cx"> On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
</span><span class="cx">
</span><span class="cx">
</span><del>-enconly:
</del><ins>+PASS testWithAESCBC(["encrypt"], {key_ops: ["encrypt", "encrypt"]}) threw exception TypeError: JWK key_ops contains a duplicate operation.
+
+{"key_ops":["encrypt"]}:
</ins><span class="cx"> PASS key.usages is ["encrypt"]
</span><span class="cx">
</span><del>-deconly:
</del><ins>+{"key_ops":["decrypt"]}:
</ins><span class="cx"> PASS key.usages is ["decrypt"]
</span><span class="cx">
</span><del>-enconly,deconly:
</del><ins>+{"key_ops":["encrypt","decrypt"]}:
</ins><span class="cx"> PASS key.usages is ["decrypt","encrypt"]
</span><span class="cx">
</span><del>-wrap:
</del><ins>+{"key_ops":["wrap"]}:
</ins><span class="cx"> PASS key.usages is ["wrapKey"]
</span><span class="cx">
</span><del>-unwrap:
</del><ins>+{"key_ops":["unwrap"]}:
</ins><span class="cx"> PASS key.usages is ["unwrapKey"]
</span><span class="cx">
</span><del>-wrap,unwrap:
</del><ins>+{"key_ops":["wrap","unwrap"]}:
</ins><span class="cx"> PASS key.usages is ["unwrapKey","wrapKey"]
</span><span class="cx">
</span><del>-enconly,deconly,wrap:
</del><ins>+{"key_ops":["encrypt","decrypt","wrap"]}:
</ins><span class="cx"> PASS key.usages is ["decrypt","encrypt","wrapKey"]
</span><span class="cx">
</span><del>-enc:
</del><ins>+{"use":"enc"}:
</ins><span class="cx"> PASS key.usages is ["decrypt","encrypt","unwrapKey","wrapKey"]
</span><span class="cx">
</span><del>-sigonly:
</del><ins>+{"key_ops":["sign"]}:
</ins><span class="cx"> PASS key.usages is ["sign"]
</span><span class="cx">
</span><del>-vfyonly:
</del><ins>+{"key_ops":["verify"]}:
</ins><span class="cx"> PASS key.usages is ["verify"]
</span><span class="cx">
</span><del>-sig:
</del><ins>+{"use":"sig"}:
</ins><span class="cx"> PASS key.usages is ["sign","verify"]
</span><span class="cx">
</span><del>-'enconly':
</del><ins>+{"key_ops":["'encrypt'"]}:
</ins><span class="cx"> PASS key.usages is []
</span><span class="cx">
</span><del>-enconly :
</del><ins>+{"key_ops":["encrypt "]}:
</ins><span class="cx"> PASS key.usages is []
</span><span class="cx">
</span><del>-EncOnly:
</del><ins>+{"key_ops":["Encrypt"]}:
</ins><span class="cx"> PASS key.usages is []
</span><span class="cx">
</span><del>-enconly, deconly:
-PASS key.usages is ["encrypt"]
-
-enconly,,deconly:
-PASS key.usages is ["decrypt","encrypt"]
-
</del><span class="cx"> PASS successfullyParsed is true
</span><span class="cx">
</span><span class="cx"> TEST COMPLETE
</span></span></pre></div>
<a id="trunkLayoutTestscryptosubtlejwkimportusevalueshtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/crypto/subtle/jwk-import-use-values.html (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/crypto/subtle/jwk-import-use-values.html 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/LayoutTests/crypto/subtle/jwk-import-use-values.html 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -29,47 +29,63 @@
</span><span class="cx"> "k": "ahjkn-_387fgnsibf23qsvahjkn-_387fgnsibf23qs"
</span><span class="cx"> };
</span><span class="cx">
</span><del>-function testWithAESCBC(expectedUsages, use)
</del><ins>+function testWithAESCBC(expectedUsages, jwkUsages)
</ins><span class="cx"> {
</span><del>- aesKeyAsJSON.use = use;
</del><ins>+ if (jwkUsages.key_ops) {
+ aesKeyAsJSON.key_ops = jwkUsages.key_ops;
+ delete aesKeyAsJSON.use;
+ } else {
+ delete aesKeyAsJSON.key_ops;
+ aesKeyAsJSON.use = jwkUsages.use;
+ }
+
</ins><span class="cx"> return crypto.subtle.importKey("jwk", asciiToUint8Array(JSON.stringify(aesKeyAsJSON)), "AES-CBC", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]).then(function(result) {
</span><span class="cx"> key = result;
</span><del>- debug(use + ":");
</del><ins>+ debug(JSON.stringify(jwkUsages) + ":");
</ins><span class="cx"> shouldBe("key.usages", JSON.stringify(expectedUsages));
</span><span class="cx"> debug("");
</span><span class="cx"> });
</span><span class="cx"> }
</span><span class="cx">
</span><del>-function testWithHMAC(expectedUsages, use)
</del><ins>+function testWithHMAC(expectedUsages, jwkUsages)
</ins><span class="cx"> {
</span><del>- hmacKeyAsJSON.use = use;
</del><ins>+ if (jwkUsages.key_ops) {
+ hmacKeyAsJSON.key_ops = jwkUsages.key_ops;
+ delete hmacKeyAsJSON.use;
+ } else {
+ delete hmacKeyAsJSON.key_ops;
+ hmacKeyAsJSON.use = jwkUsages.use;
+ }
+
</ins><span class="cx"> return crypto.subtle.importKey("jwk", asciiToUint8Array(JSON.stringify(hmacKeyAsJSON)), {name: 'hmac', hash: {name: 'sha-256'}}, extractable, ["sign", "verify"]).then(function(result) {
</span><span class="cx"> key = result;
</span><del>- debug(use + ":");
</del><ins>+ debug(JSON.stringify(jwkUsages) + ":");
</ins><span class="cx"> shouldBe("key.usages", JSON.stringify(expectedUsages));
</span><span class="cx"> debug("");
</span><span class="cx"> });
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+// Duplicates are not allowed. We currently raise an exception, although we should reject the promise instead.
+shouldThrow('testWithAESCBC(["encrypt"], {key_ops: ["encrypt", "encrypt"]})');
+debug("");
+
</ins><span class="cx"> Promise.all([
</span><del>- testWithAESCBC(["encrypt"], "enconly"),
- testWithAESCBC(["decrypt"], "deconly"),
- testWithAESCBC(["decrypt", "encrypt"], "enconly,deconly"),
- testWithAESCBC(["wrapKey"], "wrap"),
- testWithAESCBC(["unwrapKey"], "unwrap"),
- testWithAESCBC(["unwrapKey", "wrapKey"], "wrap,unwrap"),
- testWithAESCBC(["decrypt", "encrypt", "wrapKey"], "enconly,deconly,wrap"),
- testWithAESCBC(["decrypt", "encrypt", "unwrapKey", "wrapKey"], "enc"),
- testWithHMAC(["sign"], "sigonly"),
- testWithHMAC(["verify"], "vfyonly"),
- testWithHMAC(["sign", "verify"], "sig"),
</del><ins>+ testWithAESCBC(["encrypt"], {key_ops: ["encrypt"]}),
+ testWithAESCBC(["decrypt"], {key_ops: ["decrypt"]}),
+ testWithAESCBC(["decrypt", "encrypt"], {key_ops: ["encrypt", "decrypt"]}),
+ testWithAESCBC(["wrapKey"], {key_ops: ["wrap"]}),
+ testWithAESCBC(["unwrapKey"], {key_ops: ["unwrap"]}),
+ testWithAESCBC(["unwrapKey", "wrapKey"], {key_ops: ["wrap", "unwrap"]}),
+ testWithAESCBC(["decrypt", "encrypt", "wrapKey"], {key_ops: ["encrypt", "decrypt", "wrap"]}),
+ testWithAESCBC(["decrypt", "encrypt", "unwrapKey", "wrapKey"], {use: "enc"}),
+ testWithHMAC(["sign"], {key_ops: ["sign"]}),
+ testWithHMAC(["verify"], {key_ops: ["verify"]}),
+ testWithHMAC(["sign", "verify"], {use: "sig"}),
</ins><span class="cx">
</span><del>-// Incorrect use strings. There is currently no spec for what to do, but ignoring unknown uses seems right.
- testWithAESCBC([], "'enconly'"),
- testWithAESCBC([], "enconly "),
- testWithAESCBC([], "EncOnly"),
- testWithAESCBC(["encrypt"], "enconly, deconly"),
- testWithAESCBC(["decrypt","encrypt"], "enconly,,deconly"),
</del><ins>+// Unknown key_ops strings are ignored.
+ testWithAESCBC([], {key_ops: ["'encrypt'"]}),
+ testWithAESCBC([], {key_ops: ["encrypt "]}),
+ testWithAESCBC([], {key_ops: ["Encrypt"]}),
</ins><span class="cx">
</span><span class="cx"> ]).then(function() { finishJSTest(); } );
</span><span class="cx"> </script>
</span></span></pre></div>
<a id="trunkLayoutTestscryptosubtlersaexportkeyexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/crypto/subtle/rsa-export-key-expected.txt (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/crypto/subtle/rsa-export-key-expected.txt 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/LayoutTests/crypto/subtle/rsa-export-key-expected.txt 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -17,7 +17,8 @@
</span><span class="cx"> PASS exportedJWK.e is publicKeyJSON.e
</span><span class="cx"> PASS exportedJWK.alg is 'RS256'
</span><span class="cx"> PASS exportedJWK.ext is true
</span><del>-PASS exportedJWK.use is 'sig'
</del><ins>+PASS exportedJWK.use is undefined
+PASS exportedJWK.key_ops is ['sign', 'verify']
</ins><span class="cx"> PASS successfullyParsed is true
</span><span class="cx">
</span><span class="cx"> TEST COMPLETE
</span></span></pre></div>
<a id="trunkLayoutTestscryptosubtlersaexportkeyhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/crypto/subtle/rsa-export-key.html (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/crypto/subtle/rsa-export-key.html 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/LayoutTests/crypto/subtle/rsa-export-key.html 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -45,7 +45,8 @@
</span><span class="cx"> shouldBe("exportedJWK.e", "publicKeyJSON.e");
</span><span class="cx"> shouldBe("exportedJWK.alg", "'RS256'");
</span><span class="cx"> shouldBe("exportedJWK.ext", "true");
</span><del>- shouldBe("exportedJWK.use", "'sig'");
</del><ins>+ shouldBe("exportedJWK.use", "undefined");
+ shouldBe("exportedJWK.key_ops", "['sign', 'verify']");
</ins><span class="cx">
</span><span class="cx"> finishJSTest();
</span><span class="cx"> });
</span></span></pre></div>
<a id="trunkLayoutTestscryptosubtlersaexportprivatekeyexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/crypto/subtle/rsa-export-private-key-expected.txt (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/crypto/subtle/rsa-export-private-key-expected.txt 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/LayoutTests/crypto/subtle/rsa-export-private-key-expected.txt 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -19,7 +19,8 @@
</span><span class="cx"> PASS exportedJWK.oth is privateKeyJSON.oth
</span><span class="cx"> PASS exportedJWK.alg is privateKeyJSON.alg
</span><span class="cx"> PASS exportedJWK.ext is true
</span><del>-PASS exportedJWK.use is 'sig'
</del><ins>+PASS exportedJWK.key_ops is ['sign', 'verify']
+PASS exportedJWK.use is undefined
</ins><span class="cx"> PASS successfullyParsed is true
</span><span class="cx">
</span><span class="cx"> TEST COMPLETE
</span></span></pre></div>
<a id="trunkLayoutTestscryptosubtlersaexportprivatekeyhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/crypto/subtle/rsa-export-private-key.html (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/crypto/subtle/rsa-export-private-key.html 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/LayoutTests/crypto/subtle/rsa-export-private-key.html 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -53,7 +53,8 @@
</span><span class="cx"> shouldBe("exportedJWK.oth", "privateKeyJSON.oth");
</span><span class="cx"> shouldBe("exportedJWK.alg", "privateKeyJSON.alg");
</span><span class="cx"> shouldBe("exportedJWK.ext", "true");
</span><del>- shouldBe("exportedJWK.use", "'sig'");
</del><ins>+ shouldBe("exportedJWK.key_ops", "['sign', 'verify']");
+ shouldBe("exportedJWK.use", "undefined");
</ins><span class="cx">
</span><span class="cx"> finishJSTest();
</span><span class="cx"> });
</span></span></pre></div>
<a id="trunkLayoutTestscryptosubtlersaoaepkeymanipulationexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/crypto/subtle/rsa-oaep-key-manipulation-expected.txt (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/crypto/subtle/rsa-oaep-key-manipulation-expected.txt 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/LayoutTests/crypto/subtle/rsa-oaep-key-manipulation-expected.txt 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -27,7 +27,8 @@
</span><span class="cx"> Exporting public key to JWK...
</span><span class="cx"> PASS jwkPublicKey.alg is 'RSA-OAEP'
</span><span class="cx"> PASS jwkPublicKey.ext is true
</span><del>-PASS jwkPublicKey.use is 'enc'
</del><ins>+PASS jwkPublicKey.key_ops is ['encrypt', 'decrypt', 'wrap', 'unwrap']
+PASS jwkPublicKey.use is undefined
</ins><span class="cx"> PASS jwkPublicKey.kty is 'RSA'
</span><span class="cx"> PASS bytesToHexString(Base64URL.parse(jwkPublicKey.e)) is '010001'
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestscryptosubtlersaoaepkeymanipulationhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/crypto/subtle/rsa-oaep-key-manipulation.html (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/crypto/subtle/rsa-oaep-key-manipulation.html 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/LayoutTests/crypto/subtle/rsa-oaep-key-manipulation.html 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -56,7 +56,8 @@
</span><span class="cx"> jwkPublicKey = JSON.parse(bytesToASCIIString(jwkPublicKeyArray));
</span><span class="cx"> shouldBe("jwkPublicKey.alg", "'RSA-OAEP'");
</span><span class="cx"> shouldBe("jwkPublicKey.ext", "true");
</span><del>- shouldBe("jwkPublicKey.use", "'enc'");
</del><ins>+ shouldBe("jwkPublicKey.key_ops", "['encrypt', 'decrypt', 'wrap', 'unwrap']");
+ shouldBe("jwkPublicKey.use", "undefined");
</ins><span class="cx"> shouldBe("jwkPublicKey.kty", "'RSA'");
</span><span class="cx"> shouldBe("bytesToHexString(Base64URL.parse(jwkPublicKey.e))", "'010001'");
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestscryptosubtlersapostMessageexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/crypto/subtle/rsa-postMessage-expected.txt (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/crypto/subtle/rsa-postMessage-expected.txt 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/LayoutTests/crypto/subtle/rsa-postMessage-expected.txt 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -15,7 +15,8 @@
</span><span class="cx"> PASS exportedJWK.kty is 'RSA'
</span><span class="cx"> PASS exportedJWK.alg is 'RS256'
</span><span class="cx"> PASS exportedJWK.ext is true
</span><del>-PASS exportedJWK.use is 'sig'
</del><ins>+PASS exportedJWK.key_ops is ['sign','verify']
+PASS exportedJWK.use is undefined
</ins><span class="cx"> PASS exportedJWK.n is privateKeyJSON.n
</span><span class="cx"> PASS exportedJWK.e is privateKeyJSON.e
</span><span class="cx"> PASS exportedJWK.d is privateKeyJSON.d
</span></span></pre></div>
<a id="trunkLayoutTestscryptosubtlersapostMessagehtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/crypto/subtle/rsa-postMessage.html (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/crypto/subtle/rsa-postMessage.html 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/LayoutTests/crypto/subtle/rsa-postMessage.html 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -41,7 +41,8 @@
</span><span class="cx"> shouldBe("exportedJWK.kty", "'RSA'");
</span><span class="cx"> shouldBe("exportedJWK.alg", "'RS256'");
</span><span class="cx"> shouldBe("exportedJWK.ext", "true");
</span><del>- shouldBe("exportedJWK.use", "'sig'");
</del><ins>+ shouldBe("exportedJWK.key_ops", "['sign','verify']");
+ shouldBe("exportedJWK.use", "undefined");
</ins><span class="cx"> shouldBe("exportedJWK.n", "privateKeyJSON.n");
</span><span class="cx"> shouldBe("exportedJWK.e", "privateKeyJSON.e");
</span><span class="cx"> shouldBe("exportedJWK.d", "privateKeyJSON.d");
</span></span></pre></div>
<a id="trunkSourceWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/ChangeLog (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/ChangeLog 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/Source/WebCore/ChangeLog 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -1,3 +1,33 @@
</span><ins>+2014-02-01 Alexey Proskuryakov <ap@apple.com>
+
+ Update WebCrypto JWK mapping to use key_ops
+ https://bugs.webkit.org/show_bug.cgi?id=127609
+
+ Reviewed by Sam Weinig.
+
+ Updated JWK support ot match current editor draft.
+
+ * bindings/js/JSCryptoKeySerializationJWK.cpp:
+ (WebCore::getJSArrayFromJSON): Fixed this previously untested function to actually work.
+ (WebCore::tryJWKKeyOpsValue):
+ (WebCore::JSCryptoKeySerializationJWK::reconcileUsages):
+ (WebCore::JSCryptoKeySerializationJWK::reconcileExtractable): Removed an old comment,
+ these things are now specced.
+ (WebCore::addToJSON): Made static functions file static, there is no reason for
+ them to be class members.
+ (WebCore::buildJSONForOctetSequence):
+ (WebCore::buildJSONForRSAComponents):
+ (WebCore::addBoolToJSON):
+ (WebCore::addJWKAlgorithmToJSON):
+ (WebCore::addUsagesToJSON):
+ (WebCore::JSCryptoKeySerializationJWK::serialize):
+ * bindings/js/JSCryptoKeySerializationJWK.h:
+
+ * crypto/mac/CryptoAlgorithmAES_KWMac.cpp:
+ (WebCore::CryptoAlgorithmAES_KW::platformEncrypt):
+ (WebCore::CryptoAlgorithmAES_KW::platformDecrypt):
+ Check for length, so that we don't fail silently.
+
</ins><span class="cx"> 2014-02-01 David Kilzer <ddkilzer@apple.com>
</span><span class="cx">
</span><span class="cx"> Add security-checked casts for all WebCore::CachedResource subclasses
</span></span></pre></div>
<a id="trunkSourceWebCorebindingsjsJSCryptoKeySerializationJWKcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/bindings/js/JSCryptoKeySerializationJWK.cpp (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/bindings/js/JSCryptoKeySerializationJWK.cpp 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/Source/WebCore/bindings/js/JSCryptoKeySerializationJWK.cpp 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -60,7 +60,7 @@
</span><span class="cx">
</span><span class="cx"> JSValue value = slot.getValue(exec, identifier);
</span><span class="cx"> ASSERT(!exec->hadException());
</span><del>- if (isJSArray(value)) {
</del><ins>+ if (!isJSArray(value)) {
</ins><span class="cx"> throwTypeError(exec, String::format("Expected an array for \"%s\" JSON key", key));
</span><span class="cx"> return false;
</span><span class="cx"> }
</span><span class="lines">@@ -248,40 +248,67 @@
</span><span class="cx"> return true;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void JSCryptoKeySerializationJWK::reconcileUsages(CryptoKeyUsage& suggestedUsages) const
</del><ins>+static bool tryJWKKeyOpsValue(ExecState* exec, CryptoKeyUsage& usages, const String& operation, const String& tryOperation, CryptoKeyUsage tryUsage)
</ins><span class="cx"> {
</span><del>- String jwkUseString;
- if (!getStringFromJSON(m_exec, m_json.get(), "use", jwkUseString)) {
- // "use" is optional in JWK.
- return;
</del><ins>+ if (operation == tryOperation) {
+ if (usages & tryUsage) {
+ throwTypeError(exec, "JWK key_ops contains a duplicate operation");
+ return false;
+ }
+ usages |= tryUsage;
</ins><span class="cx"> }
</span><ins>+ return true;
+}
</ins><span class="cx">
</span><del>- // Implemented according to a proposal in <https://www.w3.org/Bugs/Public/show_bug.cgi?id=23796>.
- Vector<String> jwkUsageValues;
- jwkUseString.split(',', jwkUsageValues);
</del><ins>+void JSCryptoKeySerializationJWK::reconcileUsages(CryptoKeyUsage& suggestedUsages) const
+{
</ins><span class="cx"> CryptoKeyUsage jwkUsages = 0;
</span><del>- for (size_t i = 0, size = jwkUsageValues.size(); i < size; ++i) {
- String jwkUse = jwkUsageValues[i];
- if (jwkUse == "sig")
</del><ins>+
+ JSArray* keyOps;
+ if (getJSArrayFromJSON(m_exec, m_json.get(), "key_ops", keyOps)) {
+ for (size_t i = 0; i < keyOps->length(); ++i) {
+ JSValue jsValue = keyOps->getIndex(m_exec, i);
+ String operation;
+ if (!jsValue.getString(m_exec, operation)) {
+ if (!m_exec->hadException())
+ throwTypeError(m_exec, "JWK key_ops attribute could not be processed");
+ return;
+ }
+ if (!tryJWKKeyOpsValue(m_exec, jwkUsages, operation, ASCIILiteral("sign"), CryptoKeyUsageSign))
+ return;
+ if (!tryJWKKeyOpsValue(m_exec, jwkUsages, operation, ASCIILiteral("verify"), CryptoKeyUsageVerify))
+ return;
+ if (!tryJWKKeyOpsValue(m_exec, jwkUsages, operation, ASCIILiteral("encrypt"), CryptoKeyUsageEncrypt))
+ return;
+ if (!tryJWKKeyOpsValue(m_exec, jwkUsages, operation, ASCIILiteral("decrypt"), CryptoKeyUsageDecrypt))
+ return;
+ if (!tryJWKKeyOpsValue(m_exec, jwkUsages, operation, ASCIILiteral("wrap"), CryptoKeyUsageWrapKey))
+ return;
+ if (!tryJWKKeyOpsValue(m_exec, jwkUsages, operation, ASCIILiteral("unwrap"), CryptoKeyUsageUnwrapKey))
+ return;
+ if (!tryJWKKeyOpsValue(m_exec, jwkUsages, operation, ASCIILiteral("deriveKey"), CryptoKeyUsageDeriveKey))
+ return;
+ if (!tryJWKKeyOpsValue(m_exec, jwkUsages, operation, ASCIILiteral("deriveBits"), CryptoKeyUsageDeriveBits))
+ return;
+ }
+ } else {
+ if (m_exec->hadException())
+ return;
+
+ String jwkUseString;
+ if (!getStringFromJSON(m_exec, m_json.get(), "use", jwkUseString)) {
+ // We have neither key_ops nor use.
+ return;
+ }
+
+ if (jwkUseString == "enc")
+ jwkUsages |= (CryptoKeyUsageEncrypt | CryptoKeyUsageDecrypt | CryptoKeyUsageWrapKey | CryptoKeyUsageUnwrapKey);
+ else if (jwkUseString == "sig")
</ins><span class="cx"> jwkUsages |= (CryptoKeyUsageSign | CryptoKeyUsageVerify);
</span><del>- else if (jwkUse == "enc")
- jwkUsages |= (CryptoKeyUsageEncrypt | CryptoKeyUsageDecrypt | CryptoKeyUsageWrapKey | CryptoKeyUsageUnwrapKey);
- else if (jwkUse == "enconly")
- jwkUsages |= CryptoKeyUsageEncrypt;
- else if (jwkUse == "deconly")
- jwkUsages |= CryptoKeyUsageDecrypt;
- else if (jwkUse == "sigonly")
- jwkUsages |= CryptoKeyUsageSign;
- else if (jwkUse == "vfyonly")
- jwkUsages |= CryptoKeyUsageVerify;
- else if (jwkUse == "drvkey")
- jwkUsages |= CryptoKeyUsageDeriveKey;
- else if (jwkUse == "drvbits")
- jwkUsages |= CryptoKeyUsageDeriveBits;
- else if (jwkUse == "wrap")
- jwkUsages |= CryptoKeyUsageWrapKey;
- else if (jwkUse == "unwrap")
- jwkUsages |= CryptoKeyUsageUnwrapKey;
</del><ins>+ else {
+ throwTypeError(m_exec, "Unsupported JWK key use value \"" + jwkUseString + "\"");
+ return;
+ }
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> suggestedUsages = suggestedUsages & jwkUsages;
</span><span class="lines">@@ -290,10 +317,8 @@
</span><span class="cx"> void JSCryptoKeySerializationJWK::reconcileExtractable(bool& suggestedExtractable) const
</span><span class="cx"> {
</span><span class="cx"> bool jwkExtractable;
</span><del>- if (!getBooleanFromJSON(m_exec, m_json.get(), "ext", jwkExtractable)) {
- // "ext" not in JWK or WebCrypto specs yet, implemented according to a proposal in <https://www.w3.org/Bugs/Public/show_bug.cgi?id=23796>.
</del><ins>+ if (!getBooleanFromJSON(m_exec, m_json.get(), "ext", jwkExtractable))
</ins><span class="cx"> return;
</span><del>- }
</del><span class="cx">
</span><span class="cx"> suggestedExtractable = suggestedExtractable && jwkExtractable;
</span><span class="cx"> }
</span><span class="lines">@@ -472,13 +497,20 @@
</span><span class="cx"> return nullptr;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void JSCryptoKeySerializationJWK::buildJSONForOctetSequence(ExecState* exec, const Vector<uint8_t>& keyData, JSObject* result)
</del><ins>+static void addToJSON(ExecState* exec, JSObject* json, const char* key, const String& value)
</ins><span class="cx"> {
</span><ins>+ VM& vm = exec->vm();
+ Identifier identifier(&vm, key);
+ json->putDirect(vm, identifier, jsString(exec, value));
+}
+
+static void buildJSONForOctetSequence(ExecState* exec, const Vector<uint8_t>& keyData, JSObject* result)
+{
</ins><span class="cx"> addToJSON(exec, result, "kty", "oct");
</span><span class="cx"> addToJSON(exec, result, "k", base64URLEncode(keyData));
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void JSCryptoKeySerializationJWK::buildJSONForRSAComponents(JSC::ExecState* exec, const CryptoKeyDataRSAComponents& data, JSC::JSObject* result)
</del><ins>+static void buildJSONForRSAComponents(JSC::ExecState* exec, const CryptoKeyDataRSAComponents& data, JSC::JSObject* result)
</ins><span class="cx"> {
</span><span class="cx"> addToJSON(exec, result, "kty", "RSA");
</span><span class="cx"> addToJSON(exec, result, "n", base64URLEncode(data.modulus()));
</span><span class="lines">@@ -512,21 +544,14 @@
</span><span class="cx"> result->putDirect(exec->vm(), Identifier(exec, "oth"), oth);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void JSCryptoKeySerializationJWK::addToJSON(ExecState* exec, JSObject* json, const char* key, const String& value)
</del><ins>+static void addBoolToJSON(ExecState* exec, JSObject* json, const char* key, bool value)
</ins><span class="cx"> {
</span><span class="cx"> VM& vm = exec->vm();
</span><span class="cx"> Identifier identifier(&vm, key);
</span><del>- json->putDirect(vm, identifier, jsString(exec, value));
-}
-
-void JSCryptoKeySerializationJWK::addBoolToJSON(ExecState* exec, JSObject* json, const char* key, bool value)
-{
- VM& vm = exec->vm();
- Identifier identifier(&vm, key);
</del><span class="cx"> json->putDirect(vm, identifier, jsBoolean(value));
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void JSCryptoKeySerializationJWK::addJWKAlgorithmToJSON(ExecState* exec, JSObject* json, const CryptoKey& key)
</del><ins>+static void addJWKAlgorithmToJSON(ExecState* exec, JSObject* json, const CryptoKey& key)
</ins><span class="cx"> {
</span><span class="cx"> String jwkAlgorithm;
</span><span class="cx"> switch (key.algorithmIdentifier()) {
</span><span class="lines">@@ -627,53 +652,31 @@
</span><span class="cx"> addToJSON(exec, json, "alg", jwkAlgorithm);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-static bool processUseValue(StringBuilder& builder, CryptoKeyUsage& usages, const String& useString, CryptoKeyUsage usagesForUseString)
</del><ins>+static void addUsagesToJSON(ExecState* exec, JSObject* json, CryptoKeyUsage usages)
</ins><span class="cx"> {
</span><del>- if ((usages & usagesForUseString) != usagesForUseString)
- return false;
</del><ins>+ JSArray* keyOps = constructEmptyArray(exec, 0, exec->lexicalGlobalObject(), 0);
</ins><span class="cx">
</span><del>- if (!builder.isEmpty())
- builder.append(',');
- builder.append(useString);
</del><ins>+ unsigned index = 0;
+ if (usages & CryptoKeyUsageSign)
+ keyOps->putDirectIndex(exec, index++, jsString(exec, ASCIILiteral("sign")));
+ if (usages & CryptoKeyUsageVerify)
+ keyOps->putDirectIndex(exec, index++, jsString(exec, ASCIILiteral("verify")));
+ if (usages & CryptoKeyUsageEncrypt)
+ keyOps->putDirectIndex(exec, index++, jsString(exec, ASCIILiteral("encrypt")));
+ if (usages & CryptoKeyUsageDecrypt)
+ keyOps->putDirectIndex(exec, index++, jsString(exec, ASCIILiteral("decrypt")));
+ if (usages & CryptoKeyUsageWrapKey)
+ keyOps->putDirectIndex(exec, index++, jsString(exec, ASCIILiteral("wrap")));
+ if (usages & CryptoKeyUsageUnwrapKey)
+ keyOps->putDirectIndex(exec, index++, jsString(exec, ASCIILiteral("unwrap")));
+ if (usages & CryptoKeyUsageDeriveKey)
+ keyOps->putDirectIndex(exec, index++, jsString(exec, ASCIILiteral("deriveKey")));
+ if (usages & CryptoKeyUsageDeriveBits)
+ keyOps->putDirectIndex(exec, index++, jsString(exec, ASCIILiteral("deriveBits")));
</ins><span class="cx">
</span><del>- usages &= ~usagesForUseString;
-
- return true;
</del><ins>+ json->putDirect(exec->vm(), Identifier(exec, "key_ops"), keyOps);
</ins><span class="cx"> }
</span><span class="cx">
</span><del>-void JSCryptoKeySerializationJWK::addJWKUseToJSON(ExecState* exec, JSObject* json, CryptoKeyUsage usages)
-{
- // Use mapping implemented according to a proposal in <https://www.w3.org/Bugs/Public/show_bug.cgi?id=23796>.
- StringBuilder useBuilder;
- CryptoKeyUsage remainingUsages = usages;
- while (remainingUsages) {
- if (processUseValue(useBuilder, remainingUsages, "enc", CryptoKeyUsageEncrypt | CryptoKeyUsageDecrypt | CryptoKeyUsageWrapKey | CryptoKeyUsageUnwrapKey))
- continue;
- if (processUseValue(useBuilder, remainingUsages, "sig", CryptoKeyUsageSign | CryptoKeyUsageVerify))
- continue;
- if (processUseValue(useBuilder, remainingUsages, "enconly", CryptoKeyUsageEncrypt))
- continue;
- if (processUseValue(useBuilder, remainingUsages, "deconly", CryptoKeyUsageDecrypt))
- continue;
- if (processUseValue(useBuilder, remainingUsages, "sigonly", CryptoKeyUsageSign))
- continue;
- if (processUseValue(useBuilder, remainingUsages, "vfyonly", CryptoKeyUsageVerify))
- continue;
- if (processUseValue(useBuilder, remainingUsages, "drvkey", CryptoKeyUsageDeriveKey))
- continue;
- if (processUseValue(useBuilder, remainingUsages, "drvbits", CryptoKeyUsageDeriveBits))
- continue;
- if (processUseValue(useBuilder, remainingUsages, "wrap", CryptoKeyUsageWrapKey))
- continue;
- if (processUseValue(useBuilder, remainingUsages, "unwrap", CryptoKeyUsageUnwrapKey))
- continue;
- throwTypeError(exec, "Key usages cannot be represented in JWK.");
- return;
- }
-
- addToJSON(exec, json, "use", useBuilder.toString());
-}
-
</del><span class="cx"> String JSCryptoKeySerializationJWK::serialize(ExecState* exec, const CryptoKey& key)
</span><span class="cx"> {
</span><span class="cx"> std::unique_ptr<CryptoKeyData> keyData = key.exportData();
</span><span class="lines">@@ -691,7 +694,7 @@
</span><span class="cx">
</span><span class="cx"> addBoolToJSON(exec, result, "ext", key.extractable());
</span><span class="cx">
</span><del>- addJWKUseToJSON(exec, result, key.usagesBitmap());
</del><ins>+ addUsagesToJSON(exec, result, key.usagesBitmap());
</ins><span class="cx"> if (exec->hadException())
</span><span class="cx"> return String();
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCorebindingsjsJSCryptoKeySerializationJWKh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/bindings/js/JSCryptoKeySerializationJWK.h (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/bindings/js/JSCryptoKeySerializationJWK.h 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/Source/WebCore/bindings/js/JSCryptoKeySerializationJWK.h 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -66,13 +66,6 @@
</span><span class="cx">
</span><span class="cx"> virtual std::unique_ptr<CryptoKeyData> keyData() const override;
</span><span class="cx">
</span><del>- static void buildJSONForOctetSequence(JSC::ExecState*, const Vector<uint8_t>&, JSC::JSObject* result);
- static void buildJSONForRSAComponents(JSC::ExecState*, const CryptoKeyDataRSAComponents&, JSC::JSObject* result);
- static void addJWKAlgorithmToJSON(JSC::ExecState*, JSC::JSObject*, const CryptoKey& key);
- static void addJWKUseToJSON(JSC::ExecState*, JSC::JSObject*, CryptoKeyUsage);
- static void addToJSON(JSC::ExecState*, JSC::JSObject*, const char* key, const String& value);
- static void addBoolToJSON(JSC::ExecState*, JSC::JSObject*, const char* key, bool value);
-
</del><span class="cx"> bool keySizeIsValid(size_t sizeInBits) const;
</span><span class="cx"> std::unique_ptr<CryptoKeyData> keyDataOctetSequence() const;
</span><span class="cx"> std::unique_ptr<CryptoKeyData> keyDataRSAComponents() const;
</span></span></pre></div>
<a id="trunkSourceWebCorecryptomacCryptoAlgorithmAES_KWMaccpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/crypto/mac/CryptoAlgorithmAES_KWMac.cpp (163243 => 163244)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/crypto/mac/CryptoAlgorithmAES_KWMac.cpp 2014-02-01 17:31:48 UTC (rev 163243)
+++ trunk/Source/WebCore/crypto/mac/CryptoAlgorithmAES_KWMac.cpp 2014-02-01 18:14:17 UTC (rev 163244)
</span><span class="lines">@@ -36,6 +36,13 @@
</span><span class="cx">
</span><span class="cx"> void CryptoAlgorithmAES_KW::platformEncrypt(const CryptoKeyAES& key, const CryptoOperationData& data, VectorCallback callback, VoidCallback failureCallback, ExceptionCode&)
</span><span class="cx"> {
</span><ins>+ if (data.second % 8) {
+ // RFC 3394 uses 64-bit blocks as input.
+ // <rdar://problem/15949992> CommonCrypto doesn't detect incorrect data length, silently producing a bad cyphertext.
+ failureCallback();
+ return;
+ }
+
</ins><span class="cx"> Vector<uint8_t> result(CCSymmetricWrappedSize(kCCWRAPAES, data.second));
</span><span class="cx"> size_t resultSize = result.size();
</span><span class="cx"> int status = CCSymmetricKeyWrap(kCCWRAPAES, CCrfc3394_iv, CCrfc3394_ivLen, key.key().data(), key.key().size(), data.first, data.second, result.data(), &resultSize);
</span><span class="lines">@@ -51,6 +58,12 @@
</span><span class="cx"> {
</span><span class="cx"> Vector<uint8_t> result(CCSymmetricUnwrappedSize(kCCWRAPAES, data.second));
</span><span class="cx"> size_t resultSize = result.size();
</span><ins>+
+ if (resultSize % 8) {
+ failureCallback();
+ return;
+ }
+
</ins><span class="cx"> int status = CCSymmetricKeyUnwrap(kCCWRAPAES, CCrfc3394_iv, CCrfc3394_ivLen, key.key().data(), key.key().size(), data.first, data.second, result.data(), &resultSize);
</span><span class="cx"> if (status) {
</span><span class="cx"> failureCallback();
</span></span></pre>
</div>
</div>
</body>
</html>