Bug 19416 Enforce key usages in the encrypt, decrypt, sign, verify, deriveKey and deriveBits methods
--- a/spec/Overview-WebCryptoAPI.xml Fri Jan 24 16:45:38 2014 -0800
+++ b/spec/Overview-WebCryptoAPI.xml Fri Jan 24 16:54:49 2014 -0800
@@ -1231,6 +1231,13 @@
</li>
<li>
<p>
+ If <code>key</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
+ contain the <code>"encrypt"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
Create a new Promise object.
</p>
</li>
@@ -1286,6 +1293,13 @@
</li>
<li>
<p>
+ If <code>key</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
+ contain the <code>"decrypt"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
Create a new Promise object.
</p>
</li>
@@ -1340,6 +1354,13 @@
</li>
<li>
<p>
+ If <code>key</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
+ contain the <code>"sign"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
Create a new Promise object.
</p>
</li>
@@ -1394,6 +1415,13 @@
</li>
<li>
<p>
+ If <code>key</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
+ contain the <code>"verify"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
Create a new Promise object.
</p>
</li>
@@ -1564,6 +1592,13 @@
</li>
<li>
<p>
+ If <code>baseKey</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
+ contain the <code>"deriveKey"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var> its associated resolver.
</p>
</li>
@@ -1636,6 +1671,13 @@
</li>
<li>
<p>
+ If <code>baseKey</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
+ contain the <code>"deriveBits"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var> its associated resolver.
</p>
</li>
--- a/spec/Overview.html Fri Jan 24 16:45:38 2014 -0800
+++ b/spec/Overview.html Fri Jan 24 16:54:49 2014 -0800
@@ -1240,6 +1240,13 @@
</li>
<li>
<p>
+ If <code>key</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
+ contain the <code>"encrypt"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
Create a new Promise object.
</p>
</li>
@@ -1295,6 +1302,13 @@
</li>
<li>
<p>
+ If <code>key</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
+ contain the <code>"decrypt"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
Create a new Promise object.
</p>
</li>
@@ -1349,6 +1363,13 @@
</li>
<li>
<p>
+ If <code>key</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
+ contain the <code>"sign"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
Create a new Promise object.
</p>
</li>
@@ -1403,6 +1424,13 @@
</li>
<li>
<p>
+ If <code>key</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
+ contain the <code>"verify"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
Create a new Promise object.
</p>
</li>
@@ -1573,6 +1601,13 @@
</li>
<li>
<p>
+ If <code>baseKey</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
+ contain the <code>"deriveKey"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var> its associated resolver.
</p>
</li>
@@ -1645,6 +1680,13 @@
</li>
<li>
<p>
+ If <code>baseKey</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
+ contain the <code>"deriveBits"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var> its associated resolver.
</p>
</li>