LibWeb: Correctly normalize HashAlgorithmIdentifier

Make sure that `HashAlgorithmIdentifier` is passed through `normalize_an_algorithm` to verify that the hash is valid and supported. This is required by the spec, but we are not following it very strictly in `normalize_an_algorithm` because it is pretty convoluted. Fixes ~60 tests.
Author: https://github.com/devgianlu Commit: https://github.com/LadybirdBrowser/ladybird/commit/637f934f695 Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/2968
2024-12-18 18:40:49 +01:00 · 2024-12-18 18:40:49 +01:00 · 637f934f69 · 2024-12-18 20:46:00 +00:00
commit 637f934f69
parent 4c5a40579a
4 changed files with 107 additions and 95 deletions
--- a/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
+++ b/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
@ -33,6 +33,7 @@
 #include <LibJS/Runtime/ArrayBuffer.h>
 #include <LibJS/Runtime/DataView.h>
 #include <LibJS/Runtime/TypedArray.h>
+#include <LibWeb/Bindings/ExceptionOrUtils.h>
 #include <LibWeb/Crypto/CryptoAlgorithms.h>
 #include <LibWeb/Crypto/KeyAlgorithms.h>
 #include <LibWeb/Crypto/SubtleCrypto.h>
@ -42,13 +43,26 @@ namespace Web::Crypto {

 static JS::ThrowCompletionOr<HashAlgorithmIdentifier> hash_algorithm_identifier_from_value(JS::VM& vm, JS::Value hash_value)
 {
-    if (hash_value.is_string()) {
-        auto hash_string = TRY(hash_value.to_string(vm));
-        return HashAlgorithmIdentifier { hash_string };
+    auto* realm = vm.current_realm();
+
+    auto maybe_normalized_algorithm = [&]() -> WebIDL::ExceptionOr<NormalizedAlgorithmAndParameter> {
+        if (hash_value.is_string()) {
+            auto hash_string = TRY(hash_value.to_string(vm));
+            return normalize_an_algorithm(*realm, hash_string, "digest"_string);
+        } else if (hash_value.is_object()) {
+            auto hash_object = TRY(hash_value.to_object(vm));
+            auto hash_object_root = GC::make_root(hash_object);
+            return normalize_an_algorithm(*realm, hash_object_root, "digest"_string);
+        } else {
+            VERIFY_NOT_REACHED();
+        }
+    }();
+
+    if (maybe_normalized_algorithm.is_error()) {
+        return Bindings::exception_to_throw_completion(vm, maybe_normalized_algorithm.exception());
    }

-    auto hash_object = TRY(hash_value.to_object(vm));
-    return HashAlgorithmIdentifier { hash_object };
+    return HashAlgorithmIdentifier { maybe_normalized_algorithm.value().parameter->name };
 }

 // https://w3c.github.io/webcrypto/#concept-usage-intersection
--- a/Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/generateKey/failures_AES-KW.https.any.txt
+++ b/Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/generateKey/failures_AES-KW.https.any.txt
@ -2,8 +2,7 @@ Harness status: OK

 Found 516 tests

-488 Pass
-28 Fail
+516 Pass
 Pass	Bad algorithm: generateKey(AES, false, [decrypt])
 Pass	Bad algorithm: generateKey(AES, true, [decrypt])
 Pass	Bad algorithm: generateKey(AES, RED, [decrypt])
@ -184,42 +183,42 @@ Pass	Bad algorithm: generateKey({length: 128, name: AES-CFB}, false, [decrypt, s
 Pass	Bad algorithm: generateKey({length: 128, name: AES-CFB}, true, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
 Pass	Bad algorithm: generateKey({length: 128, name: AES-CFB}, RED, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
 Pass	Bad algorithm: generateKey({length: 128, name: AES-CFB}, 7, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits, sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits, sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits, sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits, sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits, sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits, sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits, sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits, sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits, decrypt])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [sign])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [sign])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [sign])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [sign])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits, sign])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits, sign])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits, sign])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits, sign])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits, sign])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits, sign])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits, sign])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits, sign])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
 Pass	Bad algorithm: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [decrypt])
 Pass	Bad algorithm: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt])
 Pass	Bad algorithm: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA, publicExponent: {0: 1, 1: 0, 2: 1}}, RED, [decrypt])
--- a/Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/generateKey/failures_ECDH.https.any.txt
+++ b/Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/generateKey/failures_ECDH.https.any.txt
@ -2,8 +2,8 @@ Harness status: OK

 Found 476 tests

-446 Pass
-30 Fail
+474 Pass
+2 Fail
 Pass	Bad algorithm: generateKey(AES, false, [decrypt])
 Pass	Bad algorithm: generateKey(AES, true, [decrypt])
 Pass	Bad algorithm: generateKey(AES, RED, [decrypt])
@ -184,42 +184,42 @@ Pass	Bad algorithm: generateKey({length: 128, name: AES-CFB}, false, [decrypt, s
 Pass	Bad algorithm: generateKey({length: 128, name: AES-CFB}, true, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
 Pass	Bad algorithm: generateKey({length: 128, name: AES-CFB}, RED, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
 Pass	Bad algorithm: generateKey({length: 128, name: AES-CFB}, 7, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits, sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits, sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits, sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits, sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits, sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits, sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits, sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits, sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits, decrypt])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [sign])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [sign])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [sign])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [sign])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits, sign])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits, sign])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits, sign])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits, sign])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits, sign])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits, sign])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits, sign])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits, sign])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
 Pass	Bad algorithm: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [decrypt])
 Pass	Bad algorithm: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt])
 Pass	Bad algorithm: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA, publicExponent: {0: 1, 1: 0, 2: 1}}, RED, [decrypt])
--- a/Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/generateKey/failures_X448.https.any.txt
+++ b/Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/generateKey/failures_X448.https.any.txt
@ -2,8 +2,7 @@ Harness status: OK

 Found 392 tests

-364 Pass
-28 Fail
+392 Pass
 Pass	Bad algorithm: generateKey(AES, false, [decrypt])
 Pass	Bad algorithm: generateKey(AES, true, [decrypt])
 Pass	Bad algorithm: generateKey(AES, RED, [decrypt])
@ -184,42 +183,42 @@ Pass	Bad algorithm: generateKey({length: 128, name: AES-CFB}, false, [decrypt, s
 Pass	Bad algorithm: generateKey({length: 128, name: AES-CFB}, true, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
 Pass	Bad algorithm: generateKey({length: 128, name: AES-CFB}, RED, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
 Pass	Bad algorithm: generateKey({length: 128, name: AES-CFB}, 7, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits, sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits, sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits, sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits, sign, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits, decrypt])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits, sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits, sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits, sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits, sign, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits, decrypt])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits, decrypt])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [sign])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [sign])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [sign])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [sign])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits, sign])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits, sign])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits, sign])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits, sign])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits, sign])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits, sign])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits, sign])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits, sign])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [deriveBits])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [])
 Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
-Fail	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, false, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, true, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, RED, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
+Pass	Bad algorithm: generateKey({hash: MD5, name: HMAC}, 7, [decrypt, sign, deriveBits, decrypt, sign, deriveBits])
 Pass	Bad algorithm: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [decrypt])
 Pass	Bad algorithm: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt])
 Pass	Bad algorithm: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA, publicExponent: {0: 1, 1: 0, 2: 1}}, RED, [decrypt])