Bug 25820: return an error if private/secret keys with no usages are generated/imported/derived/unwrapped
--- a/spec/Overview-WebCryptoAPI.xml Fri Sep 26 10:54:24 2014 -0700
+++ b/spec/Overview-WebCryptoAPI.xml Fri Sep 26 11:15:09 2014 -0700
@@ -1835,6 +1835,29 @@
</p>
</li>
<li>
+ <dl class="switch">
+ <dt>If <var>result</var> is a <a href="#dfn-CryptoKey">CryptoKey</a> object:</dt>
+ <dd>
+ <p>
+ If the [[<a href="#dfn-CryptoKey-slot-type">type</a>]] internal slot of
+ <var>result</var> is <code>"secret"</code> or <code>"private"</code> and
+ <var>usages</var> is empty, then <a href="#concept-return-an-error">return an error</a>
+ named <a href="#dfn-SyntaxError">SyntaxError</a>.
+ </p>
+ </dd>
+ <dt>If <var>result</var> is a <a href="#dfn-CryptoKeyPair">CryptoKeyPair</a> object:</dt>
+ <dd>
+ <p>
+ If the [[<a href="#dfn-CryptoKey-slot-usages">usages</a>]] internal slot of the
+ <a href="#dfn-CryptoKeyPair-privateKey">privateKey</a> attribute of
+ <var>result</var> is the empty sequence, then
+ <a href="#concept-return-an-error">return an error</a>
+ named <a href="#dfn-SyntaxError">SyntaxError</a>.
+ </p>
+ </dd>
+ </dl>
+ </li>
+ <li>
<p>
Resolve <var>promise</var> with
<var>result</var>.
@@ -1975,6 +1998,14 @@
</li>
<li>
<p>
+ If the [[<a href="#dfn-CryptoKey-slot-type">type</a>]] internal slot of
+ <var>result</var> is <code>"secret"</code> or <code>"private"</code> and
+ <var>usages</var> is empty, then <a href="#concept-return-an-error">return an error</a>
+ named <a href="#dfn-SyntaxError">SyntaxError</a>.
+ </p>
+ </li>
+ <li>
+ <p>
Resolve <var>promise</var> with
<var>result</var>.
</p>
@@ -2192,6 +2223,14 @@
</li>
<li>
<p>
+ If the [[<a href="#dfn-CryptoKey-slot-type">type</a>]] internal slot of
+ <var>result</var> is <code>"secret"</code> or <code>"private"</code> and
+ <var>usages</var> is empty, then <a href="#concept-return-an-error">return an error</a>
+ named <a href="#dfn-SyntaxError">SyntaxError</a>.
+ </p>
+ </li>
+ <li>
+ <p>
Set the [[<a href="#dfn-CryptoKey-slot-extractable">extractable</a>]] internal
slot of <var>result</var> to <var>extractable</var>.
</p>
@@ -2677,6 +2716,14 @@
</li>
<li>
<p>
+ If the [[<a href="#dfn-CryptoKey-slot-type">type</a>]] internal slot of
+ <var>result</var> is <code>"secret"</code> or <code>"private"</code> and
+ <var>usages</var> is empty, then <a href="#concept-return-an-error">return an error</a>
+ named <a href="#dfn-SyntaxError">SyntaxError</a>.
+ </p>
+ </li>
+ <li>
+ <p>
Set the [[<a href="#dfn-CryptoKey-slot-extractable">extractable</a>]] internal
slot of <var>result</var> to <var>extractable</var>.
</p>
--- a/spec/Overview.html Fri Sep 26 10:54:24 2014 -0700
+++ b/spec/Overview.html Fri Sep 26 11:15:09 2014 -0700
@@ -1815,6 +1815,29 @@
</p>
</li>
<li>
+ <dl class="switch">
+ <dt>If <var>result</var> is a <a href="#dfn-CryptoKey">CryptoKey</a> object:</dt>
+ <dd>
+ <p>
+ If the [[<a href="#dfn-CryptoKey-slot-type">type</a>]] internal slot of
+ <var>result</var> is <code>"secret"</code> or <code>"private"</code> and
+ <var>usages</var> is empty, then <a href="#concept-return-an-error">return an error</a>
+ named <a href="#dfn-SyntaxError">SyntaxError</a>.
+ </p>
+ </dd>
+ <dt>If <var>result</var> is a <a href="#dfn-CryptoKeyPair">CryptoKey</a> object:</dt>
+ <dd>
+ <p>
+ If the [[<a href="#dfn-CryptoKey-slot-usages">usages</a>]] internal slot of the
+ <a href="#dfn-CryptoKeyPair-privateKey">privateKey</a> attribute of
+ <var>result</var> is the empty sequence, then
+ <a href="#concept-return-an-error">return an error</a>
+ named <a href="#dfn-SyntaxError">SyntaxError</a>.
+ </p>
+ </dd>
+ </dl>
+ </li>
+ <li>
<p>
Resolve <var>promise</var> with
<var>result</var>.
@@ -1950,6 +1973,14 @@
</li>
<li>
<p>
+ If the [[<a href="#dfn-CryptoKey-slot-type">type</a>]] internal slot of
+ <var>result</var> is <code>"secret"</code> or <code>"private"</code> and
+ <var>usages</var> is empty, then <a href="#concept-return-an-error">return an error</a>
+ named <a href="#dfn-SyntaxError">SyntaxError</a>.
+ </p>
+ </li>
+ <li>
+ <p>
Resolve <var>promise</var> with
<var>result</var>.
</p>
@@ -2162,6 +2193,14 @@
</li>
<li>
<p>
+ If the [[<a href="#dfn-CryptoKey-slot-type">type</a>]] internal slot of
+ <var>result</var> is <code>"secret"</code> or <code>"private"</code> and
+ <var>usages</var> is empty, then <a href="#concept-return-an-error">return an error</a>
+ named <a href="#dfn-SyntaxError">SyntaxError</a>.
+ </p>
+ </li>
+ <li>
+ <p>
Set the [[<a href="#dfn-CryptoKey-slot-extractable">extractable</a>]] internal
slot of <var>result</var> to <var>extractable</var>.
</p>
@@ -2630,6 +2669,14 @@
</li>
<li>
<p>
+ If the [[<a href="#dfn-CryptoKey-slot-type">type</a>]] internal slot of
+ <var>result</var> is <code>"secret"</code> or <code>"private"</code> and
+ <var>usages</var> is empty, then <a href="#concept-return-an-error">return an error</a>
+ named <a href="#dfn-SyntaxError">SyntaxError</a>.
+ </p>
+ </li>
+ <li>
+ <p>
Set the [[<a href="#dfn-CryptoKey-slot-extractable">extractable</a>]] internal
slot of <var>result</var> to <var>extractable</var>.
</p>