mirrors/ladybird
0
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2025-07-24 09:52:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

LibCrypto+LibWeb: Reorganize OID ASN1 constants

Browse source 
I have divided ANS1 constants by length so that they don't have
trailing zeros that need to be removed.

Also moved OIDs lists to the only place they are used for clarity.

Fixed a couple of WPT tests by adding SECP521r1 to the list of known
curves.
This commit is contained in:
devgianlu 2024-11-29 14:54:32 +01:00 committed by Andreas Kling
parent b39fdcfec2
commit ab2960e49f
Notes: github-actions[bot] 2024-11-30 10:19:21 +00:00
8 changed files with 75 additions and 103 deletions
Download patch file Download diff file Expand all files Collapse all files

49
Libraries/LibCrypto/Certificate/Certificate.cpp
View file

@ -109,15 +109,17 @@ ErrorOr<Vector<int>> parse_ec_parameters(Crypto::ASN1::Decoder& decoder, Vector<
// } // }
PUSH_SCOPE("ECParameters"sv); PUSH_SCOPE("ECParameters"sv);
READ_OBJECT(ObjectIdentifier, Vector<int>, named_curve); READ_OBJECT(ObjectIdentifier, Vector<int>, named_curve);
// Note: namedCurve sometimes has 5 nodes, but we need 7 for the comparison below to work.
while (named_curve.size() < 7) {
named_curve.append(0);
}
POP_SCOPE(); POP_SCOPE();
constexpr static Array<Span<int const>, 3> known_curve_identifiers {
secp256r1_oid,
secp384r1_oid,
secp521r1_oid
};
bool is_known_curve = false; bool is_known_curve = false;
for (auto const& curves : known_curve_identifiers) { for (auto const& curves : known_curve_identifiers) {
if (curves.span() == named_curve.span()) { if (curves == named_curve.span()) {
is_known_curve = true; is_known_curve = true;
break; break;
} }
@ -139,15 +141,26 @@ static ErrorOr<AlgorithmIdentifier> parse_algorithm_identifier(Crypto::ASN1::Dec
ENTER_TYPED_SCOPE(Sequence, "AlgorithmIdentifier"sv); ENTER_TYPED_SCOPE(Sequence, "AlgorithmIdentifier"sv);
PUSH_SCOPE("algorithm"sv); PUSH_SCOPE("algorithm"sv);
READ_OBJECT(ObjectIdentifier, Vector<int>, algorithm); READ_OBJECT(ObjectIdentifier, Vector<int>, algorithm);
// Note: ecPublicKey only has 6 nodes, but we need 7 for the comparison below to work.
while (algorithm.size() < 7) {
algorithm.append(0);
}
POP_SCOPE(); POP_SCOPE();
constexpr static Array<Span<int const>, 12> known_algorithm_identifiers {
rsa_encryption_oid,
rsa_md5_encryption_oid,
rsa_sha1_encryption_oid,
rsa_sha256_encryption_oid,
rsa_sha384_encryption_oid,
rsa_sha512_encryption_oid,
ecdsa_with_sha256_encryption_oid,
ecdsa_with_sha384_encryption_oid,
ec_public_key_encryption_oid,
x25519_oid,
ed25519_oid,
x448_oid,
};
bool is_known_algorithm = false; bool is_known_algorithm = false;
for (auto const& inner : known_algorithm_identifiers) { for (auto const& inner : known_algorithm_identifiers) {
if (inner.span() == algorithm.span()) { if (inner == algorithm.span()) {
is_known_algorithm = true; is_known_algorithm = true;
break; break;
} }
@ -166,7 +179,7 @@ static ErrorOr<AlgorithmIdentifier> parse_algorithm_identifier(Crypto::ASN1::Dec
// sha384WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 12 } // sha384WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 12 }
// sha512WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 13 } // sha512WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 13 }
// sha224WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 14 } // sha224WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 14 }
Array<Array<int, 7>, 8> rsa_null_algorithms = { constexpr static Array<Span<int const>, 8> rsa_null_algorithms = {
rsa_encryption_oid, rsa_encryption_oid,
rsa_md5_encryption_oid, rsa_md5_encryption_oid,
rsa_sha1_encryption_oid, rsa_sha1_encryption_oid,
@ -178,7 +191,7 @@ static ErrorOr<AlgorithmIdentifier> parse_algorithm_identifier(Crypto::ASN1::Dec
bool is_rsa_null_algorithm = false; bool is_rsa_null_algorithm = false;
for (auto const& inner : rsa_null_algorithms) { for (auto const& inner : rsa_null_algorithms) {
if (inner.span() == algorithm.span()) { if (inner == algorithm.span()) {
is_rsa_null_algorithm = true; is_rsa_null_algorithm = true;
break; break;
} }
@ -202,7 +215,7 @@ static ErrorOr<AlgorithmIdentifier> parse_algorithm_identifier(Crypto::ASN1::Dec
// https://datatracker.ietf.org/doc/html/rfc8410#section-9 // https://datatracker.ietf.org/doc/html/rfc8410#section-9
// For all of the OIDs, the parameters MUST be absent. // For all of the OIDs, the parameters MUST be absent.
Array<Array<int, 7>, 8> no_parameter_algorithms = { constexpr static Array<Span<int const>, 8> no_parameter_algorithms = {
ecdsa_with_sha224_encryption_oid, ecdsa_with_sha224_encryption_oid,
ecdsa_with_sha256_encryption_oid, ecdsa_with_sha256_encryption_oid,
ecdsa_with_sha384_encryption_oid, ecdsa_with_sha384_encryption_oid,
@ -215,7 +228,7 @@ static ErrorOr<AlgorithmIdentifier> parse_algorithm_identifier(Crypto::ASN1::Dec
bool is_no_parameter_algorithm = false; bool is_no_parameter_algorithm = false;
for (auto const& inner : no_parameter_algorithms) { for (auto const& inner : no_parameter_algorithms) {
if (inner.span() == algorithm.span()) { if (inner == algorithm.span()) {
is_no_parameter_algorithm = true; is_no_parameter_algorithm = true;
} }
} }
@ -381,7 +394,7 @@ ErrorOr<SubjectPublicKey> parse_subject_public_key_info(Crypto::ASN1::Decoder& d
// https://datatracker.ietf.org/doc/html/rfc8410#section-9 // https://datatracker.ietf.org/doc/html/rfc8410#section-9
// For all of the OIDs, the parameters MUST be absent. // For all of the OIDs, the parameters MUST be absent.
Array<Array<int, 7>, 5> no_parameter_algorithms = { constexpr static Array<Span<int const>, 5> no_parameter_algorithms = {
ec_public_key_encryption_oid, ec_public_key_encryption_oid,
x25519_oid, x25519_oid,
x448_oid, x448_oid,
@ -390,7 +403,7 @@ ErrorOr<SubjectPublicKey> parse_subject_public_key_info(Crypto::ASN1::Decoder& d
}; };
for (auto const& inner : no_parameter_algorithms) { for (auto const& inner : no_parameter_algorithms) {
if (public_key.algorithm.identifier.span() == inner.span()) { if (public_key.algorithm.identifier.span() == inner) {
// Note: Raw key is already stored, so we can just exit out at this point. // Note: Raw key is already stored, so we can just exit out at this point.
EXIT_SCOPE(); EXIT_SCOPE();
return public_key; return public_key;
@ -451,7 +464,7 @@ ErrorOr<PrivateKey> parse_private_key_info(Crypto::ASN1::Decoder& decoder, Vecto
// https://datatracker.ietf.org/doc/html/rfc8410#section-9 // https://datatracker.ietf.org/doc/html/rfc8410#section-9
// For all of the OIDs, the parameters MUST be absent. // For all of the OIDs, the parameters MUST be absent.
Array<Array<int, 7>, 5> no_parameter_algorithms = { constexpr static Array<Span<int const>, 5> no_parameter_algorithms = {
ec_public_key_encryption_oid, ec_public_key_encryption_oid,
x25519_oid, x25519_oid,
x448_oid, x448_oid,
@ -460,7 +473,7 @@ ErrorOr<PrivateKey> parse_private_key_info(Crypto::ASN1::Decoder& decoder, Vecto
}; };
for (auto const& inner : no_parameter_algorithms) { for (auto const& inner : no_parameter_algorithms) {
if (private_key.algorithm.identifier.span() == inner.span()) { if (private_key.algorithm.identifier.span() == inner) {
// Note: Raw key is already stored, so we can just exit out at this point. // Note: Raw key is already stored, so we can just exit out at this point.
EXIT_SCOPE(); EXIT_SCOPE();
return private_key; return private_key;

40
Libraries/LibCrypto/Certificate/Certificate.h
View file

@ -31,40 +31,20 @@ constexpr static Array<int, 7>
ecdsa_with_sha256_encryption_oid { 1, 2, 840, 10045, 4, 3, 2 }, ecdsa_with_sha256_encryption_oid { 1, 2, 840, 10045, 4, 3, 2 },
ecdsa_with_sha384_encryption_oid { 1, 2, 840, 10045, 4, 3, 3 }, ecdsa_with_sha384_encryption_oid { 1, 2, 840, 10045, 4, 3, 3 },
ecdsa_with_sha512_encryption_oid { 1, 2, 840, 10045, 4, 3, 4 }, ecdsa_with_sha512_encryption_oid { 1, 2, 840, 10045, 4, 3, 4 },
ec_public_key_encryption_oid { 1, 2, 840, 10045, 2, 1 }, secp256r1_oid { 1, 2, 840, 10045, 3, 1, 7 };
constexpr static Array<int, 6>
ec_public_key_encryption_oid { 1, 2, 840, 10045, 2, 1 };
constexpr static Array<int, 5>
secp384r1_oid { 1, 3, 132, 0, 34 },
secp521r1_oid { 1, 3, 132, 0, 35 };
constexpr static Array<int, 4>
x25519_oid { 1, 3, 101, 110 }, x25519_oid { 1, 3, 101, 110 },
x448_oid { 1, 3, 101, 111 }, x448_oid { 1, 3, 101, 111 },
ed25519_oid { 1, 3, 101, 112 }, ed25519_oid { 1, 3, 101, 112 },
ed448_oid { 1, 3, 101, 113 }, ed448_oid { 1, 3, 101, 113 },
secp256r1_oid { 1, 2, 840, 10045, 3, 1, 7 },
secp384r1_oid { 1, 3, 132, 0, 34 },
secp521r1_oid { 1, 3, 132, 0, 35 };
constexpr static Array<Array<int, 7>, 12> known_algorithm_identifiers {
rsa_encryption_oid,
rsa_md5_encryption_oid,
rsa_sha1_encryption_oid,
rsa_sha256_encryption_oid,
rsa_sha384_encryption_oid,
rsa_sha512_encryption_oid,
ecdsa_with_sha256_encryption_oid,
ecdsa_with_sha384_encryption_oid,
ec_public_key_encryption_oid,
x25519_oid,
ed25519_oid,
x448_oid,
};
constexpr static Array<int, 7>
curve_ansip384r1 { 1, 3, 132, 0, 34 },
curve_prime256 { 1, 2, 840, 10045, 3, 1, 7 };
constexpr static Array<Array<int, 7>, 9> known_curve_identifiers {
curve_ansip384r1,
curve_prime256
};
constexpr static Array<int, 4>
key_usage_oid { 2, 5, 29, 15 }, key_usage_oid { 2, 5, 29, 15 },
subject_alternative_name_oid { 2, 5, 29, 17 }, subject_alternative_name_oid { 2, 5, 29, 17 },
issuer_alternative_name_oid { 2, 5, 29, 18 }, issuer_alternative_name_oid { 2, 5, 29, 18 },

4
Libraries/LibTLS/TLSv12.cpp
View file

@ -597,9 +597,9 @@ ErrorOr<Vector<Certificate>> DefaultRootCACertificates::parse_pem_root_certifica
ErrorOr<SupportedGroup> oid_to_curve(Vector<int> curve) ErrorOr<SupportedGroup> oid_to_curve(Vector<int> curve)
{ {
if (curve == Crypto::Certificate::curve_ansip384r1) if (curve == Crypto::Certificate::secp384r1_oid)
return SupportedGroup::SECP384R1; return SupportedGroup::SECP384R1;
if (curve == Crypto::Certificate::curve_prime256) if (curve == Crypto::Certificate::secp256r1_oid)
return SupportedGroup::SECP256R1; return SupportedGroup::SECP256R1;
return AK::Error::from_string_literal("Unknown curve oid"); return AK::Error::from_string_literal("Unknown curve oid");

28
Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
View file

@ -3144,7 +3144,7 @@ WebIDL::ExceptionOr<GC::Ref<JS::Object>> ECDH::export_key(Bindings::KeyFormat fo
[&](::Crypto::PK::ECPublicKey<> const& public_key) -> ErrorOr<ByteBuffer> { [&](::Crypto::PK::ECPublicKey<> const& public_key) -> ErrorOr<ByteBuffer> {
auto public_key_bytes = TRY(public_key.to_uncompressed()); auto public_key_bytes = TRY(public_key.to_uncompressed());
Array<int, 7> ec_params; Span<int const> ec_params;
if (algorithm.named_curve() == "P-256"sv) if (algorithm.named_curve() == "P-256"sv)
ec_params = ::Crypto::Certificate::secp256r1_oid; ec_params = ::Crypto::Certificate::secp256r1_oid;
else if (algorithm.named_curve() == "P-384"sv) else if (algorithm.named_curve() == "P-384"sv)
@ -3154,17 +3154,7 @@ WebIDL::ExceptionOr<GC::Ref<JS::Object>> ECDH::export_key(Bindings::KeyFormat fo
else else
VERIFY_NOT_REACHED(); VERIFY_NOT_REACHED();
// NOTE: we store OIDs as 7 bytes, but they might be shorter return TRY(::Crypto::PK::wrap_in_subject_public_key_info(public_key_bytes, ::Crypto::Certificate::ec_public_key_encryption_oid, ec_params));
size_t trailing_zeros = 0;
for (size_t i = ec_params.size() - 1; i > 0; --i) {
if (ec_params[i] == 0)
++trailing_zeros;
else
break;
}
auto ec_public_key_oid = ::Crypto::Certificate::ec_public_key_encryption_oid.span().trim(6);
return TRY(::Crypto::PK::wrap_in_subject_public_key_info(public_key_bytes, ec_public_key_oid, ec_params.span().trim(ec_params.size() - trailing_zeros)));
}, },
[](auto) -> ErrorOr<ByteBuffer> { [](auto) -> ErrorOr<ByteBuffer> {
VERIFY_NOT_REACHED(); VERIFY_NOT_REACHED();
@ -3221,7 +3211,7 @@ WebIDL::ExceptionOr<GC::Ref<JS::Object>> ECDH::export_key(Bindings::KeyFormat fo
// NOTE: everything above happens in wrap_in_private_key_info // NOTE: everything above happens in wrap_in_private_key_info
auto maybe_data = handle.visit( auto maybe_data = handle.visit(
[&](::Crypto::PK::ECPrivateKey<> const& private_key) -> ErrorOr<ByteBuffer> { [&](::Crypto::PK::ECPrivateKey<> const& private_key) -> ErrorOr<ByteBuffer> {
Array<int, 7> ec_params; Span<int const> ec_params;
if (algorithm.named_curve() == "P-256"sv) if (algorithm.named_curve() == "P-256"sv)
ec_params = ::Crypto::Certificate::secp256r1_oid; ec_params = ::Crypto::Certificate::secp256r1_oid;
else if (algorithm.named_curve() == "P-384"sv) else if (algorithm.named_curve() == "P-384"sv)
@ -3231,17 +3221,7 @@ WebIDL::ExceptionOr<GC::Ref<JS::Object>> ECDH::export_key(Bindings::KeyFormat fo
else else
VERIFY_NOT_REACHED(); VERIFY_NOT_REACHED();
// NOTE: we store OIDs as 7 bytes, but they might be shorter return TRY(::Crypto::PK::wrap_in_private_key_info(private_key, ::Crypto::Certificate::ec_public_key_encryption_oid, ec_params));
size_t trailing_zeros = 0;
for (size_t i = ec_params.size() - 1; i > 0; --i) {
if (ec_params[i] == 0)
++trailing_zeros;
else
break;
}
auto ec_public_key_oid = ::Crypto::Certificate::ec_public_key_encryption_oid.span().trim(6);
return TRY(::Crypto::PK::wrap_in_private_key_info(private_key, ec_public_key_oid, ec_params.span().trim(ec_params.size() - trailing_zeros)));
}, },
[](auto) -> ErrorOr<ByteBuffer> { [](auto) -> ErrorOr<ByteBuffer> {
VERIFY_NOT_REACHED(); VERIFY_NOT_REACHED();

14
Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/derive_bits_keys/ecdh_bits.https.any.txt
View file

@ -6,8 +6,8 @@ Rerun
Found 40 tests Found 40 tests
25 Pass 30 Pass
15 Fail 10 Fail
Details Details
Result Test Name MessagePass setup - define tests Result Test Name MessagePass setup - define tests
Fail P-521 good parameters Fail P-521 good parameters
@ -16,12 +16,12 @@ Fail P-521 short result
Fail P-521 non-multiple of 8 bits Fail P-521 non-multiple of 8 bits
Pass P-521 missing public curve Pass P-521 missing public curve
Pass P-521 public property of algorithm is not a CryptoKey Pass P-521 public property of algorithm is not a CryptoKey
Fail P-521 mismatched curves Pass P-521 mismatched curves
Fail P-521 public property of algorithm is not an ECDSA public key Cannot access property "publicKey" on null object "ecdsaKeyPairs[namedCurve]" Fail P-521 public property of algorithm is not an ECDSA public key Cannot access property "publicKey" on null object "ecdsaKeyPairs[namedCurve]"
Fail P-521 no deriveBits usage for base key Pass P-521 no deriveBits usage for base key
Fail P-521 base key is not a private key Pass P-521 base key is not a private key
Fail P-521 public property value is a private key Pass P-521 public property value is a private key
Fail P-521 public property value is a secret key Pass P-521 public property value is a secret key
Fail P-521 asking for too many bits Fail P-521 asking for too many bits
Pass P-256 good parameters Pass P-256 good parameters
Pass P-256 mixed case parameters Pass P-256 mixed case parameters

14
Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/derive_bits_keys/ecdh_keys.https.any.txt
View file

@ -6,20 +6,20 @@ Rerun
Found 31 tests Found 31 tests
23 Pass 28 Pass
8 Fail 3 Fail
Details Details
Result Test Name MessagePass setup - define tests Result Test Name MessagePass setup - define tests
Fail P-521 good parameters Fail P-521 good parameters
Fail P-521 mixed case parameters Fail P-521 mixed case parameters
Pass P-521 missing public curve Pass P-521 missing public curve
Pass P-521 public property of algorithm is not a CryptoKey Pass P-521 public property of algorithm is not a CryptoKey
Fail P-521 mismatched curves Pass P-521 mismatched curves
Fail P-521 public property of algorithm is not an ECDSA public key Cannot access property "publicKey" on null object "ecdsaKeyPairs[namedCurve]" Fail P-521 public property of algorithm is not an ECDSA public key Cannot access property "publicKey" on null object "ecdsaKeyPairs[namedCurve]"
Fail P-521 no deriveKey usage for base key Pass P-521 no deriveKey usage for base key
Fail P-521 base key is not a private key Pass P-521 base key is not a private key
Fail P-521 public property value is a private key Pass P-521 public property value is a private key
Fail P-521 public property value is a secret key Pass P-521 public property value is a secret key
Pass P-256 good parameters Pass P-256 good parameters
Pass P-256 mixed case parameters Pass P-256 mixed case parameters
Pass P-256 missing public curve Pass P-256 missing public curve

22
Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/import_export/ec_importKey.https.any.txt
View file

@ -6,8 +6,8 @@ Rerun
Found 246 tests Found 246 tests
90 Pass 97 Pass
144 Fail 137 Fail
12 Optional Feature Unsupported 12 Optional Feature Unsupported
Details Details
Result Test Name MessageFail Good parameters: P-256 bits (spki, buffer(91), {name: ECDSA, namedCurve: P-256}, true, [verify]) Result Test Name MessageFail Good parameters: P-256 bits (spki, buffer(91), {name: ECDSA, namedCurve: P-256}, true, [verify])
@ -217,7 +217,7 @@ Pass Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, n
Pass ECDH any JWK alg: P-384 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-384}, false, [deriveKey, deriveBits, deriveKey, deriveBits]) Pass ECDH any JWK alg: P-384 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-384}, false, [deriveKey, deriveBits, deriveKey, deriveBits])
Pass Empty Usages: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, false, []) Pass Empty Usages: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, false, [])
Fail Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, true, []) Fail Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, true, [])
Optional Feature Unsupported Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDH, namedCurve: P-521}, true, []) Compressed point format not supported: DataError: Error parsing subjectPublicKeyInfo: [ "SubjectPublicKeyInfo"sv, "AlgorithmIdentifier"sv ]: Unknown named curve [ 1, 3, 132, 0, 35, 0, 0 ] Optional Feature Unsupported Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDH, namedCurve: P-521}, true, []) Compressed point format not supported: DataError: Unsupported key format
Fail Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, true, []) Fail Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, true, [])
Pass ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, alg), {name: ECDH, namedCurve: P-521}, true, []) Pass ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, alg), {name: ECDH, namedCurve: P-521}, true, [])
Fail Good parameters: P-521 bits (raw, buffer(133), {name: ECDH, namedCurve: P-521}, true, []) Fail Good parameters: P-521 bits (raw, buffer(133), {name: ECDH, namedCurve: P-521}, true, [])
@ -226,7 +226,7 @@ Fail Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P
Fail Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey]) Fail Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey])
Fail Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveBits]) Fail Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveBits])
Fail Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits]) Fail Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits])
Fail Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, []) Pass Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [])
Fail Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveKey]) Fail Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveKey])
Pass ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, true, [deriveKey]) Pass ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, true, [deriveKey])
Fail Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey]) Fail Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey])
@ -236,17 +236,17 @@ Pass ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: E
Fail Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits]) Fail Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits])
Pass ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits]) Pass ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits])
Pass Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, []) Pass Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [])
Fail Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, false, []) Pass Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, false, [])
Optional Feature Unsupported Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDH, namedCurve: P-521}, false, []) Compressed point format not supported: DataError: Error parsing subjectPublicKeyInfo: [ "SubjectPublicKeyInfo"sv, "AlgorithmIdentifier"sv ]: Unknown named curve [ 1, 3, 132, 0, 35, 0, 0 ] Optional Feature Unsupported Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDH, namedCurve: P-521}, false, []) Compressed point format not supported: DataError: Unsupported key format
Pass Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, false, []) Pass Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, false, [])
Pass ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, alg), {name: ECDH, namedCurve: P-521}, false, []) Pass ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, alg), {name: ECDH, namedCurve: P-521}, false, [])
Pass Good parameters: P-521 bits (raw, buffer(133), {name: ECDH, namedCurve: P-521}, false, []) Pass Good parameters: P-521 bits (raw, buffer(133), {name: ECDH, namedCurve: P-521}, false, [])
Optional Feature Unsupported Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDH, namedCurve: P-521}, false, []) Compressed point format not supported: DataError: Invalid key size Optional Feature Unsupported Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDH, namedCurve: P-521}, false, []) Compressed point format not supported: DataError: Invalid key size
Fail Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveKey]) Pass Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveKey])
Fail Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey]) Pass Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])
Fail Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits]) Pass Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits])
Fail Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits]) Pass Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits])
Fail Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, []) Pass Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [])
Pass Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveKey]) Pass Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveKey])
Pass ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, false, [deriveKey]) Pass ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, false, [deriveKey])
Pass Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey]) Pass Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])

7
Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/import_export/ec_importKey_failures_ECDH.https.any.txt
View file

@ -6,8 +6,7 @@ Rerun
Found 608 tests Found 608 tests
606 Pass 608 Pass
2 Fail
Details Details
Result Test Name MessagePass Bad usages: importKey(spki, {name: ECDH, namedCurve: P-256}, true, [encrypt]) Result Test Name MessagePass Bad usages: importKey(spki, {name: ECDH, namedCurve: P-256}, true, [encrypt])
Pass Bad usages: importKey(spki, {name: ECDH, namedCurve: P-256}, false, [encrypt]) Pass Bad usages: importKey(spki, {name: ECDH, namedCurve: P-256}, false, [encrypt])
@ -473,8 +472,8 @@ Pass Empty usages: importKey(pkcs8, {name: ECDH, namedCurve: P-384}, true, [])
Pass Empty usages: importKey(pkcs8, {name: ECDH, namedCurve: P-384}, false, []) Pass Empty usages: importKey(pkcs8, {name: ECDH, namedCurve: P-384}, false, [])
Pass Empty usages: importKey(jwk(private), {name: ECDH, namedCurve: P-384}, true, []) Pass Empty usages: importKey(jwk(private), {name: ECDH, namedCurve: P-384}, true, [])
Pass Empty usages: importKey(jwk(private), {name: ECDH, namedCurve: P-384}, false, []) Pass Empty usages: importKey(jwk(private), {name: ECDH, namedCurve: P-384}, false, [])
Fail Empty usages: importKey(pkcs8, {name: ECDH, namedCurve: P-521}, true, []) Pass Empty usages: importKey(pkcs8, {name: ECDH, namedCurve: P-521}, true, [])
Fail Empty usages: importKey(pkcs8, {name: ECDH, namedCurve: P-521}, false, []) Pass Empty usages: importKey(pkcs8, {name: ECDH, namedCurve: P-521}, false, [])
Pass Empty usages: importKey(jwk(private), {name: ECDH, namedCurve: P-521}, true, []) Pass Empty usages: importKey(jwk(private), {name: ECDH, namedCurve: P-521}, true, [])
Pass Empty usages: importKey(jwk(private), {name: ECDH, namedCurve: P-521}, false, []) Pass Empty usages: importKey(jwk(private), {name: ECDH, namedCurve: P-521}, false, [])
Pass Bad key length: importKey(spki, {name: ECDH, namedCurve: P-256}, true, []) Pass Bad key length: importKey(spki, {name: ECDH, namedCurve: P-256}, true, [])