Bug 1078847 - GenerateAsymmetricKeyTask should allow generating key pairs where only the public key or the private key has any usages r=rbarnes
authorTim Taubert <ttaubert@mozilla.com>
Tue, 07 Oct 2014 00:47:21 +0200
changeset 210674 5c095b4e178cdd5e86f0156e348d2a84e23fa6c2
parent 210673 4431e4327a4fd3edb8acbd17f519e7dac2428c30
child 210675 830500259c5ad5329f38d6cb33d267ab6729ec77
push id1
push userroot
push dateMon, 20 Oct 2014 17:29:22 +0000
reviewersrbarnes
bugs1078847
milestone36.0a1
Bug 1078847 - GenerateAsymmetricKeyTask should allow generating key pairs where only the public key or the private key has any usages r=rbarnes
dom/crypto/WebCryptoTask.cpp
dom/crypto/test/test_WebCrypto.html
--- a/dom/crypto/WebCryptoTask.cpp
+++ b/dom/crypto/WebCryptoTask.cpp
@@ -2043,17 +2043,17 @@ public:
       mEarlyRv = mKeyPair.mPublicKey.get()->AddUsageIntersecting(aKeyUsages[i],
                                                                  publicAllowedUsages);
       if (NS_FAILED(mEarlyRv)) {
         return;
       }
     }
 
     // If no usages ended up being allowed, DataError
-    if (!mKeyPair.mPrivateKey.get()->HasAnyUsage() ||
+    if (!mKeyPair.mPublicKey.get()->HasAnyUsage() &&
         !mKeyPair.mPrivateKey.get()->HasAnyUsage()) {
       mEarlyRv = NS_ERROR_DOM_DATA_ERR;
       return;
     }
   }
 
 private:
   CryptoKeyPair mKeyPair;
--- a/dom/crypto/test/test_WebCrypto.html
+++ b/dom/crypto/test/test_WebCrypto.html
@@ -1303,16 +1303,42 @@ TestArray.addTest(
       }
 
       return crypto.subtle.generateKey(alg, false, ["sign"]).then(doSign);
     }
 
     doCheckRSASSA().then(error(that), complete(that));
   }
 );
+
+// -----------------------------------------------------------------------------
+TestArray.addTest(
+  "Test that we reject generating keys without any usage",
+  function() {
+    var that = this;
+    var alg = {
+      name: "RSA-OAEP",
+      hash: "SHA-256",
+      modulusLength: 2048,
+      publicExponent: new Uint8Array([0x01, 0x00, 0x01])
+    };
+
+    function generateKey(usages) {
+      return crypto.subtle.generateKey(alg, false, usages);
+    }
+
+    generateKey(["encrypt", "decrypt"]).then(function () {
+      return generateKey(["encrypt"]);
+    }).then(function () {
+      return generateKey(["decrypt"]);
+    }).then(function () {
+      return generateKey(["sign"])
+    }, error(that)).then(error(that), complete(that));
+  }
+);
 /*]]>*/</script>
 </head>
 
 <body>
 
 <div id="content">
 	<div id="head">
 		<b>Web</b>Crypto<br>