crypto: Implement encrypt/decrypt for AES-CBC + JWK support (#33795)

* Add support for raw importKey with AES-CBC Signed-off-by: Daniel Adams <msub2official@gmail.com> * Support JWK import/export, importKey for AES-CBC Signed-off-by: Daniel Adams <msub2official@gmail.com> * Implement encrypt/decrypt for AES-CBC Signed-off-by: Daniel Adams <msub2official@gmail.com> * Update expectations Signed-off-by: Daniel Adams <msub2official@gmail.com> * Update Cargo.lock Signed-off-by: Daniel Adams <msub2official@gmail.com> * Pass MutableHandleObject as arg instead of returning raw pointer Signed-off-by: Daniel Adams <msub2official@gmail.com> * Swap order of checks in generate_key_aes_cbc - Fixes WPT tests that expect to error on algorithm first before usages Signed-off-by: Daniel Adams <msub2official@gmail.com> * Avoid potential GC hazard with array_buffer_ptr Signed-off-by: Daniel Adams <msub2official@gmail.com> * Update expectations for discards context Signed-off-by: Daniel Adams <msub2official@gmail.com> --------- Signed-off-by: Daniel Adams <msub2official@gmail.com>
2025-08-13 01:15:34 +01:00 · 2024-10-20 21:32:19 -10:00 · 2024-10-20 21:32:19 -10:00 · 45267c9f28
commit 45267c9f28
parent 397c5adf79
55 changed files with 163938 additions and 2799 deletions
--- a/tests/wpt/meta/WebCryptoAPI/sign_verify/hmac.https.any.js.ini
+++ b/tests/wpt/meta/WebCryptoAPI/sign_verify/hmac.https.any.js.ini
@ -1,5 +1,242 @@
 [hmac.https.any.html]
-  expected: ERROR
+  [generate wrong key step: HMAC with SHA-1 signing with wrong algorithm name]
+    expected: FAIL
+
+  [generate wrong key step: HMAC with SHA-256 signing with wrong algorithm name]
+    expected: FAIL
+
+  [generate wrong key step: HMAC with SHA-384 signing with wrong algorithm name]
+    expected: FAIL
+
+  [generate wrong key step: HMAC with SHA-512 signing with wrong algorithm name]
+    expected: FAIL
+
+  [generate wrong key step: HMAC with SHA-1 verifying with wrong algorithm name]
+    expected: FAIL
+
+  [generate wrong key step: HMAC with SHA-256 verifying with wrong algorithm name]
+    expected: FAIL
+
+  [generate wrong key step: HMAC with SHA-384 verifying with wrong algorithm name]
+    expected: FAIL
+
+  [generate wrong key step: HMAC with SHA-512 verifying with wrong algorithm name]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-1 verification]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-256 verification]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-384 verification]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-512 verification]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-1 verification with altered signature after call]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-256 verification with altered signature after call]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-384 verification with altered signature after call]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-512 verification with altered signature after call]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-1 with altered plaintext]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-256 with altered plaintext]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-384 with altered plaintext]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-512 with altered plaintext]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-1 no verify usage]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-256 no verify usage]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-384 no verify usage]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-512 no verify usage]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-1 round trip]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-256 round trip]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-384 round trip]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-512 round trip]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-1 verification failure due to wrong plaintext]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-256 verification failure due to wrong plaintext]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-384 verification failure due to wrong plaintext]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-512 verification failure due to wrong plaintext]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-1 verification failure due to wrong signature]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-256 verification failure due to wrong signature]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-384 verification failure due to wrong signature]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-512 verification failure due to wrong signature]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-1 verification failure due to short signature]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-256 verification failure due to short signature]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-384 verification failure due to short signature]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-512 verification failure due to short signature]
+    expected: FAIL
+

 [hmac.https.any.worker.html]
-  expected: ERROR
+  [generate wrong key step: HMAC with SHA-1 signing with wrong algorithm name]
+    expected: FAIL
+
+  [generate wrong key step: HMAC with SHA-256 signing with wrong algorithm name]
+    expected: FAIL
+
+  [generate wrong key step: HMAC with SHA-384 signing with wrong algorithm name]
+    expected: FAIL
+
+  [generate wrong key step: HMAC with SHA-512 signing with wrong algorithm name]
+    expected: FAIL
+
+  [generate wrong key step: HMAC with SHA-1 verifying with wrong algorithm name]
+    expected: FAIL
+
+  [generate wrong key step: HMAC with SHA-256 verifying with wrong algorithm name]
+    expected: FAIL
+
+  [generate wrong key step: HMAC with SHA-384 verifying with wrong algorithm name]
+    expected: FAIL
+
+  [generate wrong key step: HMAC with SHA-512 verifying with wrong algorithm name]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-1 verification]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-256 verification]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-384 verification]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-512 verification]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-1 verification with altered signature after call]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-256 verification with altered signature after call]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-384 verification with altered signature after call]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-512 verification with altered signature after call]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-1 with altered plaintext]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-256 with altered plaintext]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-384 with altered plaintext]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-512 with altered plaintext]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-1 no verify usage]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-256 no verify usage]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-384 no verify usage]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-512 no verify usage]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-1 round trip]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-256 round trip]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-384 round trip]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-512 round trip]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-1 verification failure due to wrong plaintext]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-256 verification failure due to wrong plaintext]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-384 verification failure due to wrong plaintext]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-512 verification failure due to wrong plaintext]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-1 verification failure due to wrong signature]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-256 verification failure due to wrong signature]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-384 verification failure due to wrong signature]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-512 verification failure due to wrong signature]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-1 verification failure due to short signature]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-256 verification failure due to short signature]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-384 verification failure due to short signature]
+    expected: FAIL
+
+  [importVectorKeys step: HMAC with SHA-512 verification failure due to short signature]
+    expected: FAIL