Refresh the imported wrapKey_unwrapKey WPT to the current upstream
version and treat the raw-secret and other raw* formats like raw
when wrap_key() and unwrap_key() serialize wrapped key bytes.
The updated test covers ChaCha20-Poly1305 wrapping with the
raw-secret format. Accepting the full set of byte-oriented raw
formats lets those keys round-trip through wrapKey and unwrapKey.
Keep the existing comment wording and wrapping where it already
matched the spec, but fix the places where wrap_key() and
unwrap_key() had drifted from the current wrapKey and unwrapKey
steps.
Add the missing realm and wrappedKey steps, use the spec terms
exportedKey, bytes, and key in the touched blocks, and leave
explicit FIXME comments for the queue-a-task and conversion
steps that we still skip.
Add a LibCrypto::Authentication::KMAC helper over OpenSSL.
Add keygen/import/export logic into WebCrypto.
Register KMAC128/KMAC256 operations with SubtleCrypto.
The WebCrypto spec was updated to normalize the algorithm before
getting a copy of the data bytes, and to queue a global task on the
crypto task source when rejecting or resolving the promise.
This fixes some WPT tests.
The WebCrypto spec was updated to normalize the algorithm before
getting a copy of the input bytes, and to queue a global task on the
crypto task source when rejecting or resolving the promise.
The WebCrypto spec was updated to normalize the algorithm before
getting a copy of the data bytes, and to queue a global task on the
crypto task source when rejecting or resolving the promise.
The error message incorrectly stated "encryption" when checking
for decrypt usage. Updated it to "decryption" for accuracy and
consistency with the operation being performed.
Implement AES-OCB AEAD using OpenSSL and expose it through
the WebCrypto API, including key management and AEAD parameters.
Add WPT:
/encrypt_decrypt/aes_ocb.tentative.https.any.html
While this does cost us an extra byte to serialize as it
contains _all_ interface names instead of the set of serializable
types, doing this will allow us to remove to use the same
enum for checking whether that interface is exposed in a future
commit.
The WebCrypto specification does not require the "alg" member
to be present when importing a symmetric JWK, as long as the
key material itself is valid.
Add tests covering JWK import without an "alg" field.
This fixes the following WPT:
WebCryptoAPI/import_export/ChaCha20-Poly1305_importKey
The key_ops vector is pre-sized with ensure_capacity(), so
bounds-checked append() is unnecessary here.
Switch to unchecked_append() to avoid redundant checks.
This change was suggested in a previous pull request #7563.
Add some typo and wrong comment.
Add a clang plugin check that flags GC::Cell subclasses (and their
base classes within the Cell hierarchy) that have destructors with
non-trivial bodies. Such logic should use Cell::finalize() instead.
Add GC_ALLOW_CELL_DESTRUCTOR annotation macro for opting out in
exceptional cases (currently only JS::Object).
This prevents us from accidentally adding code in destructors that
runs after something we're pointing to may have been destroyed.
(This could become a problem when the garbage collector sweeps
objects in an unfortunate order.)
This new check uncovered a handful of bugs which are then also fixed
in this commit. :^)
Implement ChaCha20-Poly1305 AEAD using OpenSSL and expose it through
the WebCrypto API, including key management and AEAD parameters.
Add WPT:
/encrypt_decrypt/chacha20_poly1305.tentative.https.any.worker.html
AK/Random is already the same as SecureRandom. See PR for more details.
ProcessPrng is used on Windows for compatibility w/ sandboxing measures
See e.g. https://crbug.com/40277768
Introduce a new SHAKE hash wrapper in LibCrypto backed by OpenSSL.
Wire cSHAKE128 and cSHAKE256 into WebCrypto.
Note that cSHAKE with non-empty functionName or customization is
currently rejected due to OpenSSL EVP limitations.
This fixes WPT:
WebCryptoAPI/digest/cshake.tentative.https.any.html
