- From: Charles Engelke <w3c@engelke.com>
- Date: Mon, 22 Aug 2016 17:20:55 -0400
- To: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
- Message-ID: <CAFeVzdxieYk5PfwtomH9DTn9j5V8nUEZcA=H=GRBN+VmVY3FyA@mail.gmail.com>
I've submitted PR 3532 (https://github.com/w3c/web-platform-tests/pull/3532) which tests these operations for all algorithms. However, the tests cases only include parameters that should succeed. Unlike other test branches, there are no tests to make sure that bad parameters fail, and fail with the correct errors. The latest version of Chrome on Windows passes all the tests except for those using 192-bit AES (which Chrome does not support). The latest version of Firefox passes all tests except for ECDH and ECDSA import/export with pkcs8 or spki, which Firefox does not yet support (there are filed bugs asking for support to be added). Edge does not support EC keys yet. RSA keys pass many of the tests, with two exceptions: RSA-PSS isn't yet supported, and pkcs8 round tripping fails (spki and jwk round trip works). I haven't got to the point of decoding the DER exported values yet to see how it disagrees, but I suspect that the different will turn out to be some ambiguity in the format such as the order of primes. For symmetric keys, AES-CTR, HKDF, and PBKDF2 fail, everything else passes. I haven't had any feedback on the earlier PRs and I want to get some closure, so I'll probably merge them myself in a few days. The only operations that don't yet have tests are wrapKey and unwrapKey. I'm going to do a minimal set of tests for them next (only using test cases that should succeed). Charlie
Received on Monday, 22 August 2016 21:21:24 UTC