crypto: Implement encrypt/decrypt for AES-CBC + JWK support (#33795)

* Add support for raw importKey with AES-CBC Signed-off-by: Daniel Adams <msub2official@gmail.com> * Support JWK import/export, importKey for AES-CBC Signed-off-by: Daniel Adams <msub2official@gmail.com> * Implement encrypt/decrypt for AES-CBC Signed-off-by: Daniel Adams <msub2official@gmail.com> * Update expectations Signed-off-by: Daniel Adams <msub2official@gmail.com> * Update Cargo.lock Signed-off-by: Daniel Adams <msub2official@gmail.com> * Pass MutableHandleObject as arg instead of returning raw pointer Signed-off-by: Daniel Adams <msub2official@gmail.com> * Swap order of checks in generate_key_aes_cbc - Fixes WPT tests that expect to error on algorithm first before usages Signed-off-by: Daniel Adams <msub2official@gmail.com> * Avoid potential GC hazard with array_buffer_ptr Signed-off-by: Daniel Adams <msub2official@gmail.com> * Update expectations for discards context Signed-off-by: Daniel Adams <msub2official@gmail.com> --------- Signed-off-by: Daniel Adams <msub2official@gmail.com>
2025-09-30 00:29:14 +01:00 · 2024-10-20 21:32:19 -10:00 · 2024-10-20 21:32:19 -10:00 · 45267c9f28
commit 45267c9f28
parent 397c5adf79
55 changed files with 163938 additions and 2799 deletions
--- a/tests/wpt/meta/WebCryptoAPI/derive_bits_keys/cfrg_curves_bits_curve25519.https.any.js.ini
+++ b/tests/wpt/meta/WebCryptoAPI/derive_bits_keys/cfrg_curves_bits_curve25519.https.any.js.ini
@ -1,7 +1,5 @@
 [cfrg_curves_bits_curve25519.https.any.html]
-  [setup - define tests]
-    expected: FAIL
-
+  expected: ERROR
  [X25519 key derivation checks for all-zero value result with a key of order 0]
    expected: FAIL

@ -20,11 +18,44 @@
  [X25519 key derivation checks for all-zero value result with a key of order p+1 (=1, order 1)]
    expected: FAIL

+  [X25519 good parameters]
+    expected: FAIL
+
+  [X25519 mixed case parameters]
+    expected: FAIL
+
+  [X25519 short result]
+    expected: FAIL
+
+  [X25519 non-multiple of 8 bits]
+    expected: FAIL
+
+  [X25519 missing public property]
+    expected: FAIL
+
+  [X25519 public property of algorithm is not a CryptoKey]
+    expected: FAIL
+
+  [X25519 mismatched algorithms]
+    expected: FAIL
+
+  [X25519 no deriveBits usage for base key]
+    expected: FAIL
+
+  [X25519 base key is not a private key]
+    expected: FAIL
+
+  [X25519 public property value is a private key]
+    expected: FAIL
+
+  [X25519 public property value is a secret key]
+    expected: FAIL
+
+  [X25519 asking for too many bits]
+    expected: FAIL
+

 [cfrg_curves_bits_curve25519.https.any.worker.html]
-  [setup - define tests]
-    expected: FAIL
-
  [X25519 key derivation checks for all-zero value result with a key of order 0]
    expected: FAIL

@ -42,3 +73,39 @@

  [X25519 key derivation checks for all-zero value result with a key of order p+1 (=1, order 1)]
    expected: FAIL
+
+  [X25519 good parameters]
+    expected: FAIL
+
+  [X25519 mixed case parameters]
+    expected: FAIL
+
+  [X25519 short result]
+    expected: FAIL
+
+  [X25519 non-multiple of 8 bits]
+    expected: FAIL
+
+  [X25519 missing public property]
+    expected: FAIL
+
+  [X25519 public property of algorithm is not a CryptoKey]
+    expected: FAIL
+
+  [X25519 mismatched algorithms]
+    expected: FAIL
+
+  [X25519 no deriveBits usage for base key]
+    expected: FAIL
+
+  [X25519 base key is not a private key]
+    expected: FAIL
+
+  [X25519 public property value is a private key]
+    expected: FAIL
+
+  [X25519 public property value is a secret key]
+    expected: FAIL
+
+  [X25519 asking for too many bits]
+    expected: FAIL
--- a/tests/wpt/meta/WebCryptoAPI/derive_bits_keys/cfrg_curves_bits_curve448.https.any.js.ini
+++ b/tests/wpt/meta/WebCryptoAPI/derive_bits_keys/cfrg_curves_bits_curve448.https.any.js.ini
@ -1,7 +1,4 @@
 [cfrg_curves_bits_curve448.https.any.worker.html]
-  [setup - define tests]
-    expected: FAIL
-
  [X448 key derivation checks for all-zero value result with a key of order 0]
    expected: FAIL

@ -17,11 +14,45 @@
  [X448 key derivation checks for all-zero value result with a key of order p+1 (=1, order 1)]
    expected: FAIL

+  [X448 good parameters]
+    expected: FAIL
+
+  [X448 mixed case parameters]
+    expected: FAIL
+
+  [X448 short result]
+    expected: FAIL
+
+  [X448 non-multiple of 8 bits]
+    expected: FAIL
+
+  [X448 missing public property]
+    expected: FAIL
+
+  [X448 public property of algorithm is not a CryptoKey]
+    expected: FAIL
+
+  [X448 mismatched algorithms]
+    expected: FAIL
+
+  [X448 no deriveBits usage for base key]
+    expected: FAIL
+
+  [X448 base key is not a private key]
+    expected: FAIL
+
+  [X448 public property value is a private key]
+    expected: FAIL
+
+  [X448 public property value is a secret key]
+    expected: FAIL
+
+  [X448 asking for too many bits]
+    expected: FAIL
+

 [cfrg_curves_bits_curve448.https.any.html]
-  [setup - define tests]
-    expected: FAIL
-
+  expected: ERROR
  [X448 key derivation checks for all-zero value result with a key of order 0]
    expected: FAIL

@ -36,3 +67,39 @@

  [X448 key derivation checks for all-zero value result with a key of order p+1 (=1, order 1)]
    expected: FAIL
+
+  [X448 good parameters]
+    expected: FAIL
+
+  [X448 mixed case parameters]
+    expected: FAIL
+
+  [X448 short result]
+    expected: FAIL
+
+  [X448 non-multiple of 8 bits]
+    expected: FAIL
+
+  [X448 missing public property]
+    expected: FAIL
+
+  [X448 public property of algorithm is not a CryptoKey]
+    expected: FAIL
+
+  [X448 mismatched algorithms]
+    expected: FAIL
+
+  [X448 no deriveBits usage for base key]
+    expected: FAIL
+
+  [X448 base key is not a private key]
+    expected: FAIL
+
+  [X448 public property value is a private key]
+    expected: FAIL
+
+  [X448 public property value is a secret key]
+    expected: FAIL
+
+  [X448 asking for too many bits]
+    expected: FAIL
--- a/tests/wpt/meta/WebCryptoAPI/derive_bits_keys/cfrg_curves_keys_curve25519.https.any.js.ini
+++ b/tests/wpt/meta/WebCryptoAPI/derive_bits_keys/cfrg_curves_keys_curve25519.https.any.js.ini
@ -1,7 +1,4 @@
 [cfrg_curves_keys_curve25519.https.any.worker.html]
-  [setup - define tests]
-    expected: FAIL
-
  [X25519 deriveBits checks for all-zero value result with a key of order 0]
    expected: FAIL

@ -23,11 +20,36 @@
  [Key derivation using a X25519 generated keys.]
    expected: FAIL

+  [X25519 good parameters]
+    expected: FAIL
+
+  [X25519 mixed case parameters]
+    expected: FAIL
+
+  [X25519 missing public property]
+    expected: FAIL
+
+  [X25519 public property of algorithm is not a CryptoKey]
+    expected: FAIL
+
+  [X25519 mismatched algorithms]
+    expected: FAIL
+
+  [X25519 no deriveKey usage for base key]
+    expected: FAIL
+
+  [X25519 base key is not a private key]
+    expected: FAIL
+
+  [X25519 public property value is a private key]
+    expected: FAIL
+
+  [X25519 public property value is a secret key]
+    expected: FAIL
+

 [cfrg_curves_keys_curve25519.https.any.html]
-  [setup - define tests]
-    expected: FAIL
-
+  expected: ERROR
  [X25519 deriveBits checks for all-zero value result with a key of order 0]
    expected: FAIL

@ -48,3 +70,30 @@

  [Key derivation using a X25519 generated keys.]
    expected: FAIL
+
+  [X25519 good parameters]
+    expected: FAIL
+
+  [X25519 mixed case parameters]
+    expected: FAIL
+
+  [X25519 missing public property]
+    expected: FAIL
+
+  [X25519 public property of algorithm is not a CryptoKey]
+    expected: FAIL
+
+  [X25519 mismatched algorithms]
+    expected: FAIL
+
+  [X25519 no deriveKey usage for base key]
+    expected: FAIL
+
+  [X25519 base key is not a private key]
+    expected: FAIL
+
+  [X25519 public property value is a private key]
+    expected: FAIL
+
+  [X25519 public property value is a secret key]
+    expected: FAIL
--- a/tests/wpt/meta/WebCryptoAPI/derive_bits_keys/cfrg_curves_keys_curve448.https.any.js.ini
+++ b/tests/wpt/meta/WebCryptoAPI/derive_bits_keys/cfrg_curves_keys_curve448.https.any.js.ini
@ -1,7 +1,4 @@
 [cfrg_curves_keys_curve448.https.any.worker.html]
-  [setup - define tests]
-    expected: FAIL
-
  [X448 deriveBits checks for all-zero value result with a key of order 0]
    expected: FAIL

@ -20,11 +17,36 @@
  [Key derivation using a X448 generated keys.]
    expected: FAIL

+  [X448 good parameters]
+    expected: FAIL
+
+  [X448 mixed case parameters]
+    expected: FAIL
+
+  [X448 missing public property]
+    expected: FAIL
+
+  [X448 public property of algorithm is not a CryptoKey]
+    expected: FAIL
+
+  [X448 mismatched algorithms]
+    expected: FAIL
+
+  [X448 no deriveKey usage for base key]
+    expected: FAIL
+
+  [X448 base key is not a private key]
+    expected: FAIL
+
+  [X448 public property value is a private key]
+    expected: FAIL
+
+  [X448 public property value is a secret key]
+    expected: FAIL
+

 [cfrg_curves_keys_curve448.https.any.html]
-  [setup - define tests]
-    expected: FAIL
-
+  expected: ERROR
  [X448 deriveBits checks for all-zero value result with a key of order 0]
    expected: FAIL

@ -42,3 +64,30 @@

  [Key derivation using a X448 generated keys.]
    expected: FAIL
+
+  [X448 good parameters]
+    expected: FAIL
+
+  [X448 mixed case parameters]
+    expected: FAIL
+
+  [X448 missing public property]
+    expected: FAIL
+
+  [X448 public property of algorithm is not a CryptoKey]
+    expected: FAIL
+
+  [X448 mismatched algorithms]
+    expected: FAIL
+
+  [X448 no deriveKey usage for base key]
+    expected: FAIL
+
+  [X448 base key is not a private key]
+    expected: FAIL
+
+  [X448 public property value is a private key]
+    expected: FAIL
+
+  [X448 public property value is a secret key]
+    expected: FAIL
--- a/tests/wpt/meta/WebCryptoAPI/derive_bits_keys/ecdh_bits.https.any.js.ini
+++ b/tests/wpt/meta/WebCryptoAPI/derive_bits_keys/ecdh_bits.https.any.js.ini
@ -1,8 +1,236 @@
 [ecdh_bits.https.any.html]
-  [setup - define tests]
+  [P-521 good parameters]
+    expected: FAIL
+
+  [P-521 mixed case parameters]
+    expected: FAIL
+
+  [P-521 short result]
+    expected: FAIL
+
+  [P-521 non-multiple of 8 bits]
+    expected: FAIL
+
+  [P-521 missing public curve]
+    expected: FAIL
+
+  [P-521 public property of algorithm is not a CryptoKey]
+    expected: FAIL
+
+  [P-521 mismatched curves]
+    expected: FAIL
+
+  [P-521 public property of algorithm is not an ECDSA public key]
+    expected: FAIL
+
+  [P-521 no deriveBits usage for base key]
+    expected: FAIL
+
+  [P-521 base key is not a private key]
+    expected: FAIL
+
+  [P-521 public property value is a private key]
+    expected: FAIL
+
+  [P-521 public property value is a secret key]
+    expected: FAIL
+
+  [P-521 asking for too many bits]
+    expected: FAIL
+
+  [P-256 good parameters]
+    expected: FAIL
+
+  [P-256 mixed case parameters]
+    expected: FAIL
+
+  [P-256 short result]
+    expected: FAIL
+
+  [P-256 non-multiple of 8 bits]
+    expected: FAIL
+
+  [P-256 missing public curve]
+    expected: FAIL
+
+  [P-256 public property of algorithm is not a CryptoKey]
+    expected: FAIL
+
+  [P-256 mismatched curves]
+    expected: FAIL
+
+  [P-256 public property of algorithm is not an ECDSA public key]
+    expected: FAIL
+
+  [P-256 no deriveBits usage for base key]
+    expected: FAIL
+
+  [P-256 base key is not a private key]
+    expected: FAIL
+
+  [P-256 public property value is a private key]
+    expected: FAIL
+
+  [P-256 public property value is a secret key]
+    expected: FAIL
+
+  [P-256 asking for too many bits]
+    expected: FAIL
+
+  [P-384 good parameters]
+    expected: FAIL
+
+  [P-384 mixed case parameters]
+    expected: FAIL
+
+  [P-384 short result]
+    expected: FAIL
+
+  [P-384 non-multiple of 8 bits]
+    expected: FAIL
+
+  [P-384 missing public curve]
+    expected: FAIL
+
+  [P-384 public property of algorithm is not a CryptoKey]
+    expected: FAIL
+
+  [P-384 mismatched curves]
+    expected: FAIL
+
+  [P-384 public property of algorithm is not an ECDSA public key]
+    expected: FAIL
+
+  [P-384 no deriveBits usage for base key]
+    expected: FAIL
+
+  [P-384 base key is not a private key]
+    expected: FAIL
+
+  [P-384 public property value is a private key]
+    expected: FAIL
+
+  [P-384 public property value is a secret key]
+    expected: FAIL
+
+  [P-384 asking for too many bits]
    expected: FAIL


 [ecdh_bits.https.any.worker.html]
-  [setup - define tests]
+  [P-521 good parameters]
+    expected: FAIL
+
+  [P-521 mixed case parameters]
+    expected: FAIL
+
+  [P-521 short result]
+    expected: FAIL
+
+  [P-521 non-multiple of 8 bits]
+    expected: FAIL
+
+  [P-521 missing public curve]
+    expected: FAIL
+
+  [P-521 public property of algorithm is not a CryptoKey]
+    expected: FAIL
+
+  [P-521 mismatched curves]
+    expected: FAIL
+
+  [P-521 public property of algorithm is not an ECDSA public key]
+    expected: FAIL
+
+  [P-521 no deriveBits usage for base key]
+    expected: FAIL
+
+  [P-521 base key is not a private key]
+    expected: FAIL
+
+  [P-521 public property value is a private key]
+    expected: FAIL
+
+  [P-521 public property value is a secret key]
+    expected: FAIL
+
+  [P-521 asking for too many bits]
+    expected: FAIL
+
+  [P-256 good parameters]
+    expected: FAIL
+
+  [P-256 mixed case parameters]
+    expected: FAIL
+
+  [P-256 short result]
+    expected: FAIL
+
+  [P-256 non-multiple of 8 bits]
+    expected: FAIL
+
+  [P-256 missing public curve]
+    expected: FAIL
+
+  [P-256 public property of algorithm is not a CryptoKey]
+    expected: FAIL
+
+  [P-256 mismatched curves]
+    expected: FAIL
+
+  [P-256 public property of algorithm is not an ECDSA public key]
+    expected: FAIL
+
+  [P-256 no deriveBits usage for base key]
+    expected: FAIL
+
+  [P-256 base key is not a private key]
+    expected: FAIL
+
+  [P-256 public property value is a private key]
+    expected: FAIL
+
+  [P-256 public property value is a secret key]
+    expected: FAIL
+
+  [P-256 asking for too many bits]
+    expected: FAIL
+
+  [P-384 good parameters]
+    expected: FAIL
+
+  [P-384 mixed case parameters]
+    expected: FAIL
+
+  [P-384 short result]
+    expected: FAIL
+
+  [P-384 non-multiple of 8 bits]
+    expected: FAIL
+
+  [P-384 missing public curve]
+    expected: FAIL
+
+  [P-384 public property of algorithm is not a CryptoKey]
+    expected: FAIL
+
+  [P-384 mismatched curves]
+    expected: FAIL
+
+  [P-384 public property of algorithm is not an ECDSA public key]
+    expected: FAIL
+
+  [P-384 no deriveBits usage for base key]
+    expected: FAIL
+
+  [P-384 base key is not a private key]
+    expected: FAIL
+
+  [P-384 public property value is a private key]
+    expected: FAIL
+
+  [P-384 public property value is a secret key]
+    expected: FAIL
+
+  [P-384 asking for too many bits]
    expected: FAIL
--- a/tests/wpt/meta/WebCryptoAPI/derive_bits_keys/ecdh_keys.https.any.js.ini
+++ b/tests/wpt/meta/WebCryptoAPI/derive_bits_keys/ecdh_keys.https.any.js.ini
@ -1,8 +1,182 @@
 [ecdh_keys.https.any.html]
-  [setup - define tests]
+  [P-521 good parameters]
+    expected: FAIL
+
+  [P-521 mixed case parameters]
+    expected: FAIL
+
+  [P-521 missing public curve]
+    expected: FAIL
+
+  [P-521 public property of algorithm is not a CryptoKey]
+    expected: FAIL
+
+  [P-521 mismatched curves]
+    expected: FAIL
+
+  [P-521 public property of algorithm is not an ECDSA public key]
+    expected: FAIL
+
+  [P-521 no deriveKey usage for base key]
+    expected: FAIL
+
+  [P-521 base key is not a private key]
+    expected: FAIL
+
+  [P-521 public property value is a private key]
+    expected: FAIL
+
+  [P-521 public property value is a secret key]
+    expected: FAIL
+
+  [P-256 good parameters]
+    expected: FAIL
+
+  [P-256 mixed case parameters]
+    expected: FAIL
+
+  [P-256 missing public curve]
+    expected: FAIL
+
+  [P-256 public property of algorithm is not a CryptoKey]
+    expected: FAIL
+
+  [P-256 mismatched curves]
+    expected: FAIL
+
+  [P-256 public property of algorithm is not an ECDSA public key]
+    expected: FAIL
+
+  [P-256 no deriveKey usage for base key]
+    expected: FAIL
+
+  [P-256 base key is not a private key]
+    expected: FAIL
+
+  [P-256 public property value is a private key]
+    expected: FAIL
+
+  [P-256 public property value is a secret key]
+    expected: FAIL
+
+  [P-384 good parameters]
+    expected: FAIL
+
+  [P-384 mixed case parameters]
+    expected: FAIL
+
+  [P-384 missing public curve]
+    expected: FAIL
+
+  [P-384 public property of algorithm is not a CryptoKey]
+    expected: FAIL
+
+  [P-384 mismatched curves]
+    expected: FAIL
+
+  [P-384 public property of algorithm is not an ECDSA public key]
+    expected: FAIL
+
+  [P-384 no deriveKey usage for base key]
+    expected: FAIL
+
+  [P-384 base key is not a private key]
+    expected: FAIL
+
+  [P-384 public property value is a private key]
+    expected: FAIL
+
+  [P-384 public property value is a secret key]
    expected: FAIL


 [ecdh_keys.https.any.worker.html]
-  [setup - define tests]
+  [P-521 good parameters]
+    expected: FAIL
+
+  [P-521 mixed case parameters]
+    expected: FAIL
+
+  [P-521 missing public curve]
+    expected: FAIL
+
+  [P-521 public property of algorithm is not a CryptoKey]
+    expected: FAIL
+
+  [P-521 mismatched curves]
+    expected: FAIL
+
+  [P-521 public property of algorithm is not an ECDSA public key]
+    expected: FAIL
+
+  [P-521 no deriveKey usage for base key]
+    expected: FAIL
+
+  [P-521 base key is not a private key]
+    expected: FAIL
+
+  [P-521 public property value is a private key]
+    expected: FAIL
+
+  [P-521 public property value is a secret key]
+    expected: FAIL
+
+  [P-256 good parameters]
+    expected: FAIL
+
+  [P-256 mixed case parameters]
+    expected: FAIL
+
+  [P-256 missing public curve]
+    expected: FAIL
+
+  [P-256 public property of algorithm is not a CryptoKey]
+    expected: FAIL
+
+  [P-256 mismatched curves]
+    expected: FAIL
+
+  [P-256 public property of algorithm is not an ECDSA public key]
+    expected: FAIL
+
+  [P-256 no deriveKey usage for base key]
+    expected: FAIL
+
+  [P-256 base key is not a private key]
+    expected: FAIL
+
+  [P-256 public property value is a private key]
+    expected: FAIL
+
+  [P-256 public property value is a secret key]
+    expected: FAIL
+
+  [P-384 good parameters]
+    expected: FAIL
+
+  [P-384 mixed case parameters]
+    expected: FAIL
+
+  [P-384 missing public curve]
+    expected: FAIL
+
+  [P-384 public property of algorithm is not a CryptoKey]
+    expected: FAIL
+
+  [P-384 mismatched curves]
+    expected: FAIL
+
+  [P-384 public property of algorithm is not an ECDSA public key]
+    expected: FAIL
+
+  [P-384 no deriveKey usage for base key]
+    expected: FAIL
+
+  [P-384 base key is not a private key]
+    expected: FAIL
+
+  [P-384 public property value is a private key]
+    expected: FAIL
+
+  [P-384 public property value is a secret key]
    expected: FAIL
--- a/tests/wpt/meta/WebCryptoAPI/derive_bits_keys/hkdf.https.any.js.ini
+++ b/tests/wpt/meta/WebCryptoAPI/derive_bits_keys/hkdf.https.any.js.ini
--- a/tests/wpt/meta/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.js.ini
+++ b/tests/wpt/meta/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.js.ini