crypto: Implement encrypt/decrypt for AES-CBC + JWK support (#33795)

* Add support for raw importKey with AES-CBC Signed-off-by: Daniel Adams <msub2official@gmail.com> * Support JWK import/export, importKey for AES-CBC Signed-off-by: Daniel Adams <msub2official@gmail.com> * Implement encrypt/decrypt for AES-CBC Signed-off-by: Daniel Adams <msub2official@gmail.com> * Update expectations Signed-off-by: Daniel Adams <msub2official@gmail.com> * Update Cargo.lock Signed-off-by: Daniel Adams <msub2official@gmail.com> * Pass MutableHandleObject as arg instead of returning raw pointer Signed-off-by: Daniel Adams <msub2official@gmail.com> * Swap order of checks in generate_key_aes_cbc - Fixes WPT tests that expect to error on algorithm first before usages Signed-off-by: Daniel Adams <msub2official@gmail.com> * Avoid potential GC hazard with array_buffer_ptr Signed-off-by: Daniel Adams <msub2official@gmail.com> * Update expectations for discards context Signed-off-by: Daniel Adams <msub2official@gmail.com> --------- Signed-off-by: Daniel Adams <msub2official@gmail.com>
2025-08-07 06:25:32 +01:00 · 2024-10-20 21:32:19 -10:00 · 2024-10-20 21:32:19 -10:00 · 45267c9f28
commit 45267c9f28
parent 397c5adf79
55 changed files with 163938 additions and 2799 deletions
--- a/components/script/dom/webidls/SubtleCrypto.webidl
+++ b/components/script/dom/webidls/SubtleCrypto.webidl
@ -20,12 +20,12 @@ enum KeyFormat { "raw", "spki", "pkcs8", "jwk" };

 [SecureContext,Exposed=(Window,Worker),Pref="dom.crypto.subtle.enabled"]
 interface SubtleCrypto {
-  // Promise<any> encrypt(AlgorithmIdentifier algorithm,
-  //                      CryptoKey key,
-  //                      BufferSource data);
-  // Promise<any> decrypt(AlgorithmIdentifier algorithm,
-  //                      CryptoKey key,
-  //                      BufferSource data);
+  Promise<any> encrypt(AlgorithmIdentifier algorithm,
+                       CryptoKey key,
+                       BufferSource data);
+  Promise<any> decrypt(AlgorithmIdentifier algorithm,
+                       CryptoKey key,
+                       BufferSource data);
  // Promise<any> sign(AlgorithmIdentifier algorithm,
  //                   CryptoKey key,
  //                   BufferSource data);
@ -48,11 +48,11 @@ interface SubtleCrypto {
  //                         CryptoKey baseKey,
  //                         optional unsigned long? length = null);

-  // Promise<CryptoKey> importKey(KeyFormat format,
-  //                        (BufferSource or JsonWebKey) keyData,
-  //                        AlgorithmIdentifier algorithm,
-  //                        boolean extractable,
-  //                        sequence<KeyUsage> keyUsages );
+  Promise<CryptoKey> importKey(KeyFormat format,
+                         (BufferSource or JsonWebKey) keyData,
+                         AlgorithmIdentifier algorithm,
+                         boolean extractable,
+                         sequence<KeyUsage> keyUsages );
  Promise<any> exportKey(KeyFormat format, CryptoKey key);

  // Promise<any> wrapKey(KeyFormat format,
@ -85,3 +85,37 @@ dictionary AesDerivedKeyParams : Algorithm {
 dictionary AesCbcParams : Algorithm {
  required BufferSource iv;
 };
+
+// JWK
+dictionary RsaOtherPrimesInfo {
+  // The following fields are defined in Section 6.3.2.7 of JSON Web Algorithms
+  DOMString r;
+  DOMString d;
+  DOMString t;
+};
+
+dictionary JsonWebKey {
+  // The following fields are defined in Section 3.1 of JSON Web Key
+  DOMString kty;
+  DOMString use;
+  sequence<DOMString> key_ops;
+  DOMString alg;
+
+  // The following fields are defined in JSON Web Key Parameters Registration
+  boolean ext;
+
+  // The following fields are defined in Section 6 of JSON Web Algorithms
+  DOMString crv;
+  DOMString x;
+  DOMString y;
+  DOMString d;
+  DOMString n;
+  DOMString e;
+  DOMString p;
+  DOMString q;
+  DOMString dp;
+  DOMString dq;
+  DOMString qi;
+  sequence<RsaOtherPrimesInfo> oth;
+  DOMString k;
+};