The spec never mentions the possibility for the `hash` member of
`RsaHashedKeyAlgorithm` to be a string, it should be a `KeyAlgorithm`
object containing a `name` string member.
Spec: https://w3c.github.io/webcrypto/#dfn-RsaHashedKeyAlgorithm
Make sure that `HashAlgorithmIdentifier` is passed through
`normalize_an_algorithm` to verify that the hash is valid and supported.
This is required by the spec, but we are not following it very strictly
in `normalize_an_algorithm` because it is pretty convoluted.
Fixes ~60 tests.
Fixes multiple slightly wrong behaviours of the `deriveBits` method
across various algorithms. Some of them might be due to a spec update.
Add tests related to fixes.
Add support for AES-KW for key wrapping/unwrapping. Very similar
implementation to other AES modes.
Added generic tests for symmetric import and specific AES-KW ones.
Adds ~400 test passes on WPT. Now we do better than Firefox in
`WebCryptoAPI/wrapKey_unwrapKey`!
This implements the last WebCryptoAPI methods `wrapKey` and `unwrapKey`.
Most of the functionality is already there because they rely on
`encrypt` and `decrypt`. The only test failures are for `AES-GCM` which
is not implemented yet.
The ASN1 structure for PCKS#8 was wrong and missing one wrapping of the
key in a OctetString.
The issue was discovered while implementing `wrapKey` and `unwrapKey` in
the next commits.
The ASN1 structure for PCKS#8 was wrong and missing one wrapping of the
key in a OctetString.
The issue was discovered while implementing `wrapKey` and `unwrapKey` in
the next commits.
The presence of padding in the base64 fields made plenty of WPT tests
fail. Additionally, export was performed with the wrong public key.
The issue was discovered while implementing `wrapKey` and `unwrapKey` in
the next commits.
The presence of padding in the base64 fields made plenty of WPT tests
fail.
The issue was discovered while implementing `wrapKey` and `unwrapKey` in
the next commits.
Previously, if `nullptr` was passed as params for
`wrap_in_private_key_info` or `wrap_in_subject_public_key_info` an ASN1
null was serialized. This was not the intended behaviour for many.
The issue was discovered while implementing `wrapKey` and `unwrapKey` in
the next commits.
The presence of padding in the base64 fields and the typo made plenty of
WPT tests fail.
The issue was discovered while implementing `wrapKey` and `unwrapKey` in
the next commits.
In order for public/private key serialization to work correctly we must
store the size of the key because P-521 cannot be stored as full words
inside `UnsignedBigInteger` and therefore is exported as the wrong
length (68 instead of 66).
This makes it also possible to refactor some methods and cleanup
constants scattered around.
Gets almost all import/export tests, expect the JWK ones that calculate
the public key on export. The `SECPxxxr1` implementation currently fails
to do calculations for P-521.
This allows us to disable test output, which performs expensive assert
tracking. This was making our imported tests run significantly slower
than tests run via `WPT.sh`.
Formatting the output ourselves also allows us to remove unnecessary
information from the test output.
This commit also rebaselines all existing imported WPT tests to follow
the new format.
Replicate what we are doing with RSA and parse both the private and
public key when parsing the ASN1.
The only thing that changed in the tests is the error message.
I have divided ANS1 constants by length so that they don't have
trailing zeros that need to be removed.
Also moved OIDs lists to the only place they are used for clarity.
Fixed a couple of WPT tests by adding SECP521r1 to the list of known
curves.
I dug through the code and the WebCryptoAPI spec to figure out the
reason for `... mixed case parameters` WPT tests and figured out that
our implementation was slightly wrong.
By being closer to the spec we can now pass those tests and also remove
a bunch of duplicated code.
Context: https://github.com/LadybirdBrowser/ladybird/pull/2598#discussion_r1859263798
