Implement AES-OCB AEAD using OpenSSL and expose it through
the WebCrypto API, including key management and AEAD parameters.
Add WPT:
/encrypt_decrypt/aes_ocb.tentative.https.any.html
While this does cost us an extra byte to serialize as it
contains _all_ interface names instead of the set of serializable
types, doing this will allow us to remove to use the same
enum for checking whether that interface is exposed in a future
commit.
The WebCrypto specification does not require the "alg" member
to be present when importing a symmetric JWK, as long as the
key material itself is valid.
Add tests covering JWK import without an "alg" field.
This fixes the following WPT:
WebCryptoAPI/import_export/ChaCha20-Poly1305_importKey
The key_ops vector is pre-sized with ensure_capacity(), so
bounds-checked append() is unnecessary here.
Switch to unchecked_append() to avoid redundant checks.
This change was suggested in a previous pull request #7563.
Add some typo and wrong comment.
Add a clang plugin check that flags GC::Cell subclasses (and their
base classes within the Cell hierarchy) that have destructors with
non-trivial bodies. Such logic should use Cell::finalize() instead.
Add GC_ALLOW_CELL_DESTRUCTOR annotation macro for opting out in
exceptional cases (currently only JS::Object).
This prevents us from accidentally adding code in destructors that
runs after something we're pointing to may have been destroyed.
(This could become a problem when the garbage collector sweeps
objects in an unfortunate order.)
This new check uncovered a handful of bugs which are then also fixed
in this commit. :^)
Implement ChaCha20-Poly1305 AEAD using OpenSSL and expose it through
the WebCrypto API, including key management and AEAD parameters.
Add WPT:
/encrypt_decrypt/chacha20_poly1305.tentative.https.any.worker.html
AK/Random is already the same as SecureRandom. See PR for more details.
ProcessPrng is used on Windows for compatibility w/ sandboxing measures
See e.g. https://crbug.com/40277768
Introduce a new SHAKE hash wrapper in LibCrypto backed by OpenSSL.
Wire cSHAKE128 and cSHAKE256 into WebCrypto.
Note that cSHAKE with non-empty functionName or customization is
currently rejected due to OpenSSL EVP limitations.
This fixes WPT:
WebCryptoAPI/digest/cshake.tentative.https.any.html
