Bug 1078847 - GenerateAsymmetricKeyTask should allow generating key pairs where only the public key or the private key has any usages r=rbarnes
--- a/dom/crypto/WebCryptoTask.cpp
+++ b/dom/crypto/WebCryptoTask.cpp
@@ -2043,17 +2043,17 @@ public:
mEarlyRv = mKeyPair.mPublicKey.get()->AddUsageIntersecting(aKeyUsages[i],
publicAllowedUsages);
if (NS_FAILED(mEarlyRv)) {
return;
}
}
// If no usages ended up being allowed, DataError
- if (!mKeyPair.mPrivateKey.get()->HasAnyUsage() ||
+ if (!mKeyPair.mPublicKey.get()->HasAnyUsage() &&
!mKeyPair.mPrivateKey.get()->HasAnyUsage()) {
mEarlyRv = NS_ERROR_DOM_DATA_ERR;
return;
}
}
private:
CryptoKeyPair mKeyPair;
--- a/dom/crypto/test/test_WebCrypto.html
+++ b/dom/crypto/test/test_WebCrypto.html
@@ -1303,16 +1303,42 @@ TestArray.addTest(
}
return crypto.subtle.generateKey(alg, false, ["sign"]).then(doSign);
}
doCheckRSASSA().then(error(that), complete(that));
}
);
+
+// -----------------------------------------------------------------------------
+TestArray.addTest(
+ "Test that we reject generating keys without any usage",
+ function() {
+ var that = this;
+ var alg = {
+ name: "RSA-OAEP",
+ hash: "SHA-256",
+ modulusLength: 2048,
+ publicExponent: new Uint8Array([0x01, 0x00, 0x01])
+ };
+
+ function generateKey(usages) {
+ return crypto.subtle.generateKey(alg, false, usages);
+ }
+
+ generateKey(["encrypt", "decrypt"]).then(function () {
+ return generateKey(["encrypt"]);
+ }).then(function () {
+ return generateKey(["decrypt"]);
+ }).then(function () {
+ return generateKey(["sign"])
+ }, error(that)).then(error(that), complete(that));
+ }
+);
/*]]>*/</script>
</head>
<body>
<div id="content">
<div id="head">
<b>Web</b>Crypto<br>