Backed out 6 changesets (bug 1286059, bug 1270599, bug 1286250, bug 1286880, bug 1270634, bug 1286878) for multiple perma failures. CLOSED TREE

Backed out changeset 888968797a46 (bug 1270634)
Backed out changeset 73f73d6d927f (bug 1286059)
Backed out changeset de7c4515c92e (bug 1286880)
Backed out changeset a5fe48949cec (bug 1286878)
Backed out changeset 2ae604119d7b (bug 1270599)
Backed out changeset 68692026dcb1 (bug 1286250)

dom/crypto/CryptoKey.cpp

@@ -316,39 +316,16 @@ nsresult CryptoKey::AddPublicKeyData(SECKEYPublicKey* aPublicKey) {
 void CryptoKey::ClearUsages() { mAttributes &= CLEAR_USAGES; }
 
 nsresult CryptoKey::AddUsage(const nsString& aUsage) {
+  return AddUsageIntersecting(aUsage, USAGES_MASK);
+}
+
+nsresult CryptoKey::AddUsageIntersecting(const nsString& aUsage,
+                                         uint32_t aUsageMask) {
   KeyUsage usage;
   if (NS_FAILED(StringToUsage(aUsage, usage))) {
     return NS_ERROR_DOM_SYNTAX_ERR;
   }
 
-  MOZ_ASSERT(usage & USAGES_MASK, "Usages should be valid");
-
-  // This is harmless if usage is 0, so we don't repeat the assertion check
-  AddUsage(usage);
-  return NS_OK;
-}
-
-nsresult CryptoKey::AddAllowedUsage(const nsString& aUsage,
-                                    const nsString& aAlgorithm) {
-  return AddAllowedUsageIntersecting(aUsage, aAlgorithm, USAGES_MASK);
-}
-
-nsresult CryptoKey::AddAllowedUsageIntersecting(const nsString& aUsage,
-                                                const nsString& aAlgorithm,
-                                                uint32_t aUsageMask) {
-  uint32_t allowedUsages = GetAllowedUsagesForAlgorithm(aAlgorithm);
-  KeyUsage usage;
-  if (NS_FAILED(StringToUsage(aUsage, usage))) {
-    return NS_ERROR_DOM_SYNTAX_ERR;
-  }
-
-  if ((usage & allowedUsages) != usage) {
-    return NS_ERROR_DOM_SYNTAX_ERR;
-  }
-
-  MOZ_ASSERT(usage & USAGES_MASK, "Usages should be valid");
-
-  // This is harmless if usage is 0, so we don't repeat the assertion check
   if (usage & aUsageMask) {
     AddUsage(usage);
     return NS_OK;
@@ -384,28 +361,6 @@ bool CryptoKey::AllUsagesRecognized(const Sequence<nsString>& aUsages) {
   return true;
 }
 
-uint32_t CryptoKey::GetAllowedUsagesForAlgorithm(const nsString& aAlgorithm) {
-  uint32_t allowedUsages = 0;
-  if (aAlgorithm.EqualsASCII(WEBCRYPTO_ALG_AES_CTR) ||
-      aAlgorithm.EqualsASCII(WEBCRYPTO_ALG_AES_CBC) ||
-      aAlgorithm.EqualsASCII(WEBCRYPTO_ALG_AES_GCM) ||
-      aAlgorithm.EqualsASCII(WEBCRYPTO_ALG_RSA_OAEP)) {
-    allowedUsages = ENCRYPT | DECRYPT | WRAPKEY | UNWRAPKEY;
-  } else if (aAlgorithm.EqualsASCII(WEBCRYPTO_ALG_AES_KW)) {
-    allowedUsages = WRAPKEY | UNWRAPKEY;
-  } else if (aAlgorithm.EqualsASCII(WEBCRYPTO_ALG_HMAC) ||
-             aAlgorithm.EqualsASCII(WEBCRYPTO_ALG_RSASSA_PKCS1) ||
-             aAlgorithm.EqualsASCII(WEBCRYPTO_ALG_RSA_PSS) ||
-             aAlgorithm.EqualsASCII(WEBCRYPTO_ALG_ECDSA)) {
-    allowedUsages = SIGN | VERIFY;
-  } else if (aAlgorithm.EqualsASCII(WEBCRYPTO_ALG_ECDH) ||
-             aAlgorithm.EqualsASCII(WEBCRYPTO_ALG_HKDF) ||
-             aAlgorithm.EqualsASCII(WEBCRYPTO_ALG_PBKDF2)) {
-    allowedUsages = DERIVEBITS | DERIVEKEY;
-  }
-  return allowedUsages;
-}
-
 nsresult CryptoKey::SetSymKey(const CryptoBuffer& aSymKey) {
   if (!mSymKey.Assign(aSymKey)) {
     return NS_ERROR_OUT_OF_MEMORY;

dom/crypto/CryptoKey.h

@@ -113,17 +113,13 @@ class CryptoKey final : public nsISupports, public nsWrapperCache {
   nsresult AddPublicKeyData(SECKEYPublicKey* point);
   void ClearUsages();
   nsresult AddUsage(const nsString& aUsage);
-  nsresult AddAllowedUsage(const nsString& aUsage, const nsString& aAlgorithm);
-  nsresult AddAllowedUsageIntersecting(const nsString& aUsage,
-                                       const nsString& aAlgorithm,
-                                       uint32_t aUsageMask = USAGES_MASK);
+  nsresult AddUsageIntersecting(const nsString& aUsage, uint32_t aUsageMask);
   void AddUsage(KeyUsage aUsage);
   bool HasAnyUsage();
   bool HasUsage(KeyUsage aUsage);
   bool HasUsageOtherThan(uint32_t aUsages);
   static bool IsRecognizedUsage(const nsString& aUsage);
   static bool AllUsagesRecognized(const Sequence<nsString>& aUsages);
-  static uint32_t GetAllowedUsagesForAlgorithm(const nsString& aAlgorithm);
 
   nsresult SetSymKey(const CryptoBuffer& aSymKey);
   nsresult SetPrivateKey(SECKEYPrivateKey* aPrivateKey);

dom/crypto/WebCryptoTask.cpp

@@ -208,7 +208,7 @@ inline nsresult GetKeyLengthForAlgorithm(JSContext* aCx,
 
     if (params.mLength != 128 && params.mLength != 192 &&
         params.mLength != 256) {
-      return NS_ERROR_DOM_OPERATION_ERR;
+      return NS_ERROR_DOM_DATA_ERR;
     }
 
     aLength = params.mLength;
@@ -535,7 +535,7 @@ class AesTask : public ReturnArrayBufferViewTask, public DeferredData {
       RootedDictionary<AesGcmParams> params(aCx);
       nsresult rv = Coerce(aCx, params, aAlgorithm);
       if (NS_FAILED(rv)) {
-        mEarlyRv = NS_ERROR_DOM_OPERATION_ERR;
+        mEarlyRv = NS_ERROR_DOM_SYNTAX_ERR;
         return;
       }
 
@@ -552,7 +552,7 @@ class AesTask : public ReturnArrayBufferViewTask, public DeferredData {
         if ((mTagLength > 128) ||
             !(mTagLength == 32 || mTagLength == 64 ||
               (mTagLength >= 96 && mTagLength % 8 == 0))) {
-          mEarlyRv = NS_ERROR_DOM_OPERATION_ERR;
+          mEarlyRv = NS_ERROR_DOM_SYNTAX_ERR;
           return;
         }
       }
@@ -2039,6 +2039,7 @@ class GenerateSymmetricKeyTask : public WebCryptoTask {
     }
 
     // Construct an appropriate KeyAlorithm
+    uint32_t allowedUsages = 0;
     if (algName.EqualsLiteral(WEBCRYPTO_ALG_AES_CBC) ||
         algName.EqualsLiteral(WEBCRYPTO_ALG_AES_CTR) ||
         algName.EqualsLiteral(WEBCRYPTO_ALG_AES_GCM) ||
@@ -2049,6 +2050,8 @@ class GenerateSymmetricKeyTask : public WebCryptoTask {
       }
       mKey->Algorithm().MakeAes(algName, mLength);
 
+      allowedUsages = CryptoKey::ENCRYPT | CryptoKey::DECRYPT |
+                      CryptoKey::WRAPKEY | CryptoKey::UNWRAPKEY;
     } else if (algName.EqualsLiteral(WEBCRYPTO_ALG_HMAC)) {
       RootedDictionary<HmacKeyGenParams> params(aCx);
       mEarlyRv = Coerce(aCx, params, aAlgorithm);
@@ -2075,6 +2078,7 @@ class GenerateSymmetricKeyTask : public WebCryptoTask {
       }
 
       mKey->Algorithm().MakeHmac(mLength, hashName);
+      allowedUsages = CryptoKey::SIGN | CryptoKey::VERIFY;
     } else {
       mEarlyRv = NS_ERROR_DOM_NOT_SUPPORTED_ERR;
       return;
@@ -2083,15 +2087,11 @@ class GenerateSymmetricKeyTask : public WebCryptoTask {
     // Add key usages
     mKey->ClearUsages();
     for (uint32_t i = 0; i < aKeyUsages.Length(); ++i) {
-      mEarlyRv = mKey->AddAllowedUsageIntersecting(aKeyUsages[i], algName);
+      mEarlyRv = mKey->AddUsageIntersecting(aKeyUsages[i], allowedUsages);
       if (NS_FAILED(mEarlyRv)) {
         return;
       }
     }
-    if (!mKey->HasAnyUsage()) {
-      mEarlyRv = NS_ERROR_DOM_SYNTAX_ERR;
-      return;
-    }
 
     mLength = mLength >> 3;  // bits to bytes
     mMechanism = mKey->Algorithm().Mechanism();
@@ -2183,13 +2183,13 @@ GenerateAsymmetricKeyTask::GenerateAsymmetricKeyTask(
     }
 
     // Create algorithm
-    if (!mKeyPair->mPublicKey->Algorithm().MakeRsa(mAlgName, modulusLength,
-                                                   publicExponent, hashName)) {
+    if (!mKeyPair->mPublicKey.get()->Algorithm().MakeRsa(
+            mAlgName, modulusLength, publicExponent, hashName)) {
       mEarlyRv = NS_ERROR_DOM_OPERATION_ERR;
       return;
     }
-    if (!mKeyPair->mPrivateKey->Algorithm().MakeRsa(mAlgName, modulusLength,
-                                                    publicExponent, hashName)) {
+    if (!mKeyPair->mPrivateKey.get()->Algorithm().MakeRsa(
+            mAlgName, modulusLength, publicExponent, hashName)) {
       mEarlyRv = NS_ERROR_DOM_OPERATION_ERR;
       return;
     }
@@ -2217,8 +2217,8 @@ GenerateAsymmetricKeyTask::GenerateAsymmetricKeyTask(
     }
 
     // Create algorithm.
-    mKeyPair->mPublicKey->Algorithm().MakeEc(mAlgName, mNamedCurve);
-    mKeyPair->mPrivateKey->Algorithm().MakeEc(mAlgName, mNamedCurve);
+    mKeyPair->mPublicKey.get()->Algorithm().MakeEc(mAlgName, mNamedCurve);
+    mKeyPair->mPrivateKey.get()->Algorithm().MakeEc(mAlgName, mNamedCurve);
     mMechanism = CKM_EC_KEY_PAIR_GEN;
   } else {
     mEarlyRv = NS_ERROR_DOM_NOT_SUPPORTED_ERR;
@@ -2241,27 +2241,34 @@ GenerateAsymmetricKeyTask::GenerateAsymmetricKeyTask(
     MOZ_ASSERT(false);  // This shouldn't happen.
   }
 
-  mKeyPair->mPrivateKey->SetExtractable(aExtractable);
-  mKeyPair->mPrivateKey->SetType(CryptoKey::PRIVATE);
+  mKeyPair->mPrivateKey.get()->SetExtractable(aExtractable);
+  mKeyPair->mPrivateKey.get()->SetType(CryptoKey::PRIVATE);
 
-  mKeyPair->mPublicKey->SetExtractable(true);
-  mKeyPair->mPublicKey->SetType(CryptoKey::PUBLIC);
+  mKeyPair->mPublicKey.get()->SetExtractable(true);
+  mKeyPair->mPublicKey.get()->SetType(CryptoKey::PUBLIC);
 
-  mKeyPair->mPrivateKey->ClearUsages();
-  mKeyPair->mPublicKey->ClearUsages();
+  mKeyPair->mPrivateKey.get()->ClearUsages();
+  mKeyPair->mPublicKey.get()->ClearUsages();
   for (uint32_t i = 0; i < aKeyUsages.Length(); ++i) {
-    mEarlyRv = mKeyPair->mPrivateKey->AddAllowedUsageIntersecting(
-        aKeyUsages[i], mAlgName, privateAllowedUsages);
+    mEarlyRv = mKeyPair->mPrivateKey.get()->AddUsageIntersecting(
+        aKeyUsages[i], privateAllowedUsages);
     if (NS_FAILED(mEarlyRv)) {
       return;
     }
 
-    mEarlyRv = mKeyPair->mPublicKey->AddAllowedUsageIntersecting(
-        aKeyUsages[i], mAlgName, publicAllowedUsages);
+    mEarlyRv = mKeyPair->mPublicKey.get()->AddUsageIntersecting(
+        aKeyUsages[i], publicAllowedUsages);
     if (NS_FAILED(mEarlyRv)) {
       return;
     }
   }
+
+  // If no usages ended up being allowed, DataError
+  if (!mKeyPair->mPublicKey.get()->HasAnyUsage() &&
+      !mKeyPair->mPrivateKey.get()->HasAnyUsage()) {
+    mEarlyRv = NS_ERROR_DOM_DATA_ERR;
+    return;
+  }
 }
 
 nsresult GenerateAsymmetricKeyTask::DoCrypto() {
@@ -2295,17 +2302,12 @@ nsresult GenerateAsymmetricKeyTask::DoCrypto() {
   mPublicKey = UniqueSECKEYPublicKey(pubKey);
   pubKey = nullptr;
   if (!mPrivateKey.get() || !mPublicKey.get()) {
-    return NS_ERROR_DOM_OPERATION_ERR;
+    return NS_ERROR_DOM_UNKNOWN_ERR;
   }
 
-  // If no usages ended up being allowed, SyntaxError
-  if (!mKeyPair->mPrivateKey->HasAnyUsage()) {
-    return NS_ERROR_DOM_SYNTAX_ERR;
-  }
-
-  nsresult rv = mKeyPair->mPrivateKey->SetPrivateKey(mPrivateKey.get());
+  nsresult rv = mKeyPair->mPrivateKey.get()->SetPrivateKey(mPrivateKey.get());
   NS_ENSURE_SUCCESS(rv, NS_ERROR_DOM_OPERATION_ERR);
-  rv = mKeyPair->mPublicKey->SetPublicKey(mPublicKey.get());
+  rv = mKeyPair->mPublicKey.get()->SetPublicKey(mPublicKey.get());
   NS_ENSURE_SUCCESS(rv, NS_ERROR_DOM_OPERATION_ERR);
 
   // PK11_GenerateKeyPair() does not set a CKA_EC_POINT attribute on the
@@ -3014,6 +3016,9 @@ WebCryptoTask* WebCryptoTask::CreateGenerateKeyTask(
   Telemetry::Accumulate(Telemetry::WEBCRYPTO_EXTRACTABLE_GENERATE,
                         aExtractable);
 
+  // Verify that aKeyUsages does not contain an unrecognized value
+  // SPEC-BUG: Spec says that this should be InvalidAccessError, but that
+  // is inconsistent with other analogous points in the spec
   if (!CryptoKey::AllUsagesRecognized(aKeyUsages)) {
     return new FailureTask(NS_ERROR_DOM_SYNTAX_ERR);
   }

dom/crypto/test/test_WebCrypto.html

@@ -383,36 +383,7 @@ TestArray.addTest(
 
 // -----------------------------------------------------------------------------
 TestArray.addTest(
-  "Fail generating an AES key of wrong length",
-  function() {
-    var that = this;
-    var alg = { name: "AES-CBC", length: 64 };
-    crypto.subtle.generateKey(alg, false, ["encrypt"]).then(
-      error(that),
-      complete(that, function(e) {
-        return e.name == "OperationError";
-      })
-    );
-  }
-);
-
-// -----------------------------------------------------------------------------
-TestArray.addTest(
-  "Fail generating a key with bad algorithm argument",
-  function() {
-    var that = this;
-    var alg = { name: "AES", length: 128 };
-    crypto.subtle.generateKey(alg, false, ["encrypt"]).then(
-      error(that),
-      complete(that, function(e) {
-        return e.name == "NotSupportedError";
-      })
-    );
-  }
-);
-
-// -----------------------------------------------------------------------------
-TestArray.addTest(  "Generate a 1024-bit RSA key",
+  "Generate a 1024-bit RSA key",
   function() {
     var that = this;
     var alg = {

dom/crypto/test/test_WebCrypto_PBKDF2.html

@@ -290,105 +290,6 @@ TestArray.addTest(
       .then( memcmp_complete(that, tv.pbkdf2_sha256_no_salt.derived), fail );
   }
 );
-
-// -----------------------------------------------------------------------------
-TestArray.addTest(
-  "Fail while deriving key with bad hash name",
-  function() {
-    var that = this;
-    var alg = "PBKDF2";
-    var key = tv.pbkdf2_sha256.password;
-
-    function doDerive(x) {
-      if (!hasKeyFields(x)) {
-        throw new Error("Invalid key; missing field(s)");
-      }
-
-      var algo = {
-        name: "PBKDF2",
-        hash: "SHA256",
-        salt: tv.pbkdf2_sha256.salt,
-        iterations: tv.pbkdf2_sha256.iterations,
-      };
-      return crypto.subtle.deriveBits(algo, x, 32).then(
-        error(that),
-        complete(that, function(e) {
-          return e.name == "NotSupportedError";
-        })
-      );
-    }
-    function fail(x) { console.log("failing"); error(that)(x); }
-
-    crypto.subtle.importKey("raw", key, alg, false, ["deriveKey", "deriveBits"])
-      .then( doDerive, fail );
-  }
-);
-
-// -----------------------------------------------------------------------------
-TestArray.addTest(
-  "Fail while deriving bits given null length",
-  function() {
-    var that = this;
-    var alg = "PBKDF2";
-    var key = tv.pbkdf2_sha256.password;
-
-    function doDerive(x) {
-      if (!hasKeyFields(x)) {
-        throw new Error("Invalid key; missing field(s)");
-      }
-
-      var algo = {
-        name: "PBKDF2",
-        hash: "SHA-256",
-        salt: tv.pbkdf2_sha256.salt,
-        iterations: tv.pbkdf2_sha256.iterations,
-      };
-      return crypto.subtle.deriveBits(algo, x, null).then(
-        error(that),
-        complete(that, function(e) {
-          return e.name == "OperationError";
-        })
-      );
-    }
-    function fail(x) { console.log("failing"); error(that)(x); }
-
-    crypto.subtle.importKey("raw", key, alg, false, ["deriveBits"])
-      .then( doDerive, fail );
-  }
-);
-
-// -----------------------------------------------------------------------------
-TestArray.addTest(
-  "Fail while deriving key of null length",
-  function() {
-    var that = this;
-    var alg = "PBKDF2";
-    var key = tv.pbkdf2_sha256.password;
-
-    function doDerive(x) {
-      if (!hasKeyFields(x)) {
-        throw new Error("Invalid key; missing field(s)");
-      }
-
-      var algo = {
-        name: "PBKDF2",
-        hash: "SHA-256",
-        salt: tv.pbkdf2_sha256.salt,
-        iterations: tv.pbkdf2_sha256.iterations,
-      };
-      return crypto.subtle.deriveKey(algo, x, {name: "AES-GCM", length: null}, true, ["encrypt"]).then(
-        error(that),
-        complete(that, function(e) {
-          return e.name == "OperationError";
-        })
-      );
-    }
-    function fail(x) { console.log("failing"); error(that)(x); }
-
-    crypto.subtle.importKey("raw", key, alg, false, ["deriveKey", "deriveBits"])
-      .then( doDerive, fail );
-  }
-);
 /* ]]>*/</script>
 </head>
 

testing/web-platform/meta/WebCryptoAPI/encrypt_decrypt/aes_gcm.https.worker.js.ini

@@ -0,0 +1,109 @@
+[aes_gcm.https.worker.html]
+  [AES-GCM 128-bit key, illegal tag length 24-bits]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 48-bits]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 72-bits]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 95-bits]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 129-bits]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 256-bits]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 24-bits]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 48-bits]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 72-bits]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 95-bits]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 129-bits]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 256-bits]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 24-bits]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 48-bits]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 72-bits]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 95-bits]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 129-bits]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 256-bits]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 24-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 48-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 72-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 95-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 129-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 256-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 24-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 48-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 72-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 95-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 129-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 256-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 24-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 48-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 72-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 95-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 129-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 256-bits decryption]
+    expected: FAIL
+

testing/web-platform/meta/WebCryptoAPI/encrypt_decrypt/test_aes_gcm.https.html.ini

@@ -0,0 +1,109 @@
+[test_aes_gcm.https.html]
+  [AES-GCM 128-bit key, illegal tag length 24-bits]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 48-bits]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 72-bits]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 95-bits]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 129-bits]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 256-bits]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 24-bits]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 48-bits]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 72-bits]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 95-bits]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 129-bits]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 256-bits]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 24-bits]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 48-bits]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 72-bits]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 95-bits]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 129-bits]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 256-bits]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 24-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 48-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 72-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 95-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 129-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 128-bit key, illegal tag length 256-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 24-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 48-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 72-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 95-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 129-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 192-bit key, illegal tag length 256-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 24-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 48-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 72-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 95-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 129-bits decryption]
+    expected: FAIL
+
+  [AES-GCM 256-bit key, illegal tag length 256-bits decryption]
+    expected: FAIL
+

testing/web-platform/meta/WebCryptoAPI/generateKey/failures_AES-KW.https.any.js.ini

@@ -1,2 +1,472 @@
+[failures_AES-KW.https.any.html]
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, wrapKey, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, wrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, wrapKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, wrapKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, wrapKey, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, wrapKey, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, wrapKey, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, wrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, wrapKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, wrapKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, wrapKey, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, wrapKey, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, wrapKey, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, wrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, wrapKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, wrapKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, wrapKey, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, wrapKey, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, deriveBits\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 64, name: AES-KW}, false, [wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 64, name: AES-KW}, true, [wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 64, name: AES-KW}, false, [unwrapKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 64, name: AES-KW}, true, [unwrapKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 64, name: AES-KW}, false, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 64, name: AES-KW}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 64, name: AES-KW}, false, [\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 64, name: AES-KW}, true, [\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 64, name: AES-KW}, false, [wrapKey, unwrapKey, wrapKey, unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 64, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 127, name: AES-KW}, false, [wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 127, name: AES-KW}, true, [wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 127, name: AES-KW}, false, [unwrapKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 127, name: AES-KW}, true, [unwrapKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 127, name: AES-KW}, false, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 127, name: AES-KW}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 127, name: AES-KW}, false, [\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 127, name: AES-KW}, true, [\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 127, name: AES-KW}, false, [wrapKey, unwrapKey, wrapKey, unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 127, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 129, name: AES-KW}, false, [wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 129, name: AES-KW}, true, [wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 129, name: AES-KW}, false, [unwrapKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 129, name: AES-KW}, true, [unwrapKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 129, name: AES-KW}, false, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 129, name: AES-KW}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 129, name: AES-KW}, false, [\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 129, name: AES-KW}, true, [\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 129, name: AES-KW}, false, [wrapKey, unwrapKey, wrapKey, unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 129, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 255, name: AES-KW}, false, [wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 255, name: AES-KW}, true, [wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 255, name: AES-KW}, false, [unwrapKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 255, name: AES-KW}, true, [unwrapKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 255, name: AES-KW}, false, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 255, name: AES-KW}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 255, name: AES-KW}, false, [\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 255, name: AES-KW}, true, [\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 255, name: AES-KW}, false, [wrapKey, unwrapKey, wrapKey, unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 255, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 257, name: AES-KW}, false, [wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 257, name: AES-KW}, true, [wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 257, name: AES-KW}, false, [unwrapKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 257, name: AES-KW}, true, [unwrapKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 257, name: AES-KW}, false, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 257, name: AES-KW}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 257, name: AES-KW}, false, [\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 257, name: AES-KW}, true, [\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 257, name: AES-KW}, false, [wrapKey, unwrapKey, wrapKey, unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 257, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 512, name: AES-KW}, false, [wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 512, name: AES-KW}, true, [wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 512, name: AES-KW}, false, [unwrapKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 512, name: AES-KW}, true, [unwrapKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 512, name: AES-KW}, false, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 512, name: AES-KW}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 512, name: AES-KW}, false, [\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 512, name: AES-KW}, true, [\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 512, name: AES-KW}, false, [wrapKey, unwrapKey, wrapKey, unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({length: 512, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({length: 128, name: AES-KW}, false, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({length: 128, name: AES-KW}, true, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({length: 192, name: AES-KW}, false, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({length: 192, name: AES-KW}, true, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({length: 256, name: AES-KW}, false, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({length: 256, name: AES-KW}, true, [\])]
+    expected: FAIL
+
+
 [failures_AES-KW.https.any.worker.html]
   expected: ERROR

testing/web-platform/meta/WebCryptoAPI/generateKey/failures_ECDH.https.any.js.ini

@@ -1,2 +1,292 @@
 [failures_ECDH.https.any.worker.html]
   expected: ERROR
+
+[failures_ECDH.https.any.html]
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, unwrapKey\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({name: ECDH, namedCurve: P-256}, false, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({name: ECDH, namedCurve: P-256}, true, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({name: ECDH, namedCurve: P-384}, false, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({name: ECDH, namedCurve: P-384}, true, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({name: ECDH, namedCurve: P-521}, false, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({name: ECDH, namedCurve: P-521}, true, [\])]
+    expected: FAIL
+

testing/web-platform/meta/WebCryptoAPI/generateKey/failures_ECDSA.https.any.js.ini

@@ -1,2 +1,238 @@
+[failures_ECDSA.https.any.html]
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [verify, sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [sign, verify, sign, sign, verify, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [verify, sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [sign, verify, sign, sign, verify, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [verify, sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [sign, verify, sign, sign, verify, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [verify, sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [sign, verify, sign, sign, verify, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [verify, sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [sign, verify, sign, sign, verify, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [verify, sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [sign, verify, sign, sign, verify, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [verify, sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [sign, verify, sign, sign, verify, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [verify, sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [sign, verify, sign, sign, verify, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [verify, sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [sign, verify, sign, sign, verify, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [verify, sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [sign, verify, sign, sign, verify, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [verify, sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [sign, verify, sign, sign, verify, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [verify, sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [sign, verify, sign, sign, verify, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [verify, sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign, verify, sign, sign, verify, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [verify, sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign, verify, sign, sign, verify, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [verify, sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign, verify, sign, sign, verify, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [verify, sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign, verify, sign, sign, verify, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [verify, sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign, verify, sign, sign, verify, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [verify, sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign, verify, sign, sign, verify, deriveBits\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({name: ECDSA, namedCurve: P-256}, false, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({name: ECDSA, namedCurve: P-256}, true, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({name: ECDSA, namedCurve: P-384}, false, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({name: ECDSA, namedCurve: P-384}, true, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({name: ECDSA, namedCurve: P-521}, false, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [\])]
+    expected: FAIL
+
+
 [failures_ECDSA.https.any.worker.html]
   expected: ERROR

testing/web-platform/meta/WebCryptoAPI/generateKey/failures_HMAC.https.any.js.ini

@@ -1,2 +1,388 @@
+[failures_HMAC.https.any.html]
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [verify, sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [verify, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [sign, verify, sign, verify, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [verify, sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [verify, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [sign, verify, sign, verify, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [verify, sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [verify, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [sign, verify, sign, verify, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [verify, sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [verify, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [sign, verify, sign, verify, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [verify, sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [verify, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [sign, verify, sign, verify, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [verify, sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [verify, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [sign, verify, sign, verify, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [verify, sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [verify, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [sign, verify, sign, verify, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [verify, sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [verify, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [sign, verify, sign, verify, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [verify, sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [verify, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [sign, verify, sign, verify, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [verify, sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [verify, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [sign, verify, sign, verify, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [verify, sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [verify, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [sign, verify, sign, verify, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [verify, sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [verify, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [sign, verify, sign, verify, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [verify, sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [verify, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [sign, verify, sign, verify, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [verify, sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [verify, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [sign, verify, sign, verify, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [verify, sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [verify, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [sign, verify, sign, verify, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [verify, sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [verify, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [sign, verify, sign, verify, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [verify, sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [verify, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [sign, verify, sign, verify, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [verify, sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [verify, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [sign, verify, sign, verify, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [verify, sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [verify, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [sign, verify, sign, verify, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [verify, sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [verify, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [sign, verify, sign, verify, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [verify, sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [verify, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [sign, verify, sign, verify, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [verify, sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [verify, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [sign, verify, sign, verify, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [verify, sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [verify, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [sign, verify, sign, verify, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [verify, sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [verify, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [sign, verify, sign, verify, deriveBits\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, false, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, true, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, false, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, true, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, false, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, true, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, false, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, true, [\])]
+    expected: FAIL
+
+
 [failures_HMAC.https.any.worker.html]
   expected: ERROR

testing/web-platform/meta/WebCryptoAPI/generateKey/failures_RSA-OAEP.https.any.js.ini

@@ -1,2 +1,520 @@
+[failures_RSA-OAEP.https.any.html]
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, encrypt, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, encrypt, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, encrypt, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, encrypt, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, encrypt, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, encrypt, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, encrypt, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, encrypt, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, encrypt, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, encrypt, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, encrypt, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, encrypt, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, encrypt, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, encrypt, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, encrypt, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, encrypt, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, encrypt, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, encrypt, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, encrypt, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, encrypt, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, encrypt, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, encrypt, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, encrypt, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, encrypt, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, encrypt, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, encrypt, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, encrypt, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, encrypt, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, sign\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, encrypt, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, encrypt, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, encrypt, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, encrypt, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, encrypt, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, encrypt, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, verify\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, encrypt, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, encrypt, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, encrypt, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, encrypt, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, encrypt, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, encrypt, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, encrypt, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, encrypt, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, encrypt, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, encrypt, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveBits\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [decrypt, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [decrypt, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [wrapKey, decrypt, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [wrapKey, decrypt, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [unwrapKey, wrapKey, decrypt, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [unwrapKey, wrapKey, decrypt, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [unwrapKey, decrypt, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [unwrapKey, decrypt, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [unwrapKey, wrapKey, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [unwrapKey, wrapKey, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [unwrapKey, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [unwrapKey, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [decrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [decrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [wrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [wrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [unwrapKey, wrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [unwrapKey, wrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [unwrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [unwrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [unwrapKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [unwrapKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [decrypt, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [decrypt, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [wrapKey, decrypt, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [wrapKey, decrypt, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [unwrapKey, wrapKey, decrypt, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [unwrapKey, wrapKey, decrypt, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [unwrapKey, decrypt, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [unwrapKey, decrypt, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [unwrapKey, wrapKey, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [unwrapKey, wrapKey, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [unwrapKey, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [unwrapKey, encrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [decrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [decrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [wrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [wrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [unwrapKey, wrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [unwrapKey, wrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [unwrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [unwrapKey, decrypt\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [unwrapKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [unwrapKey, wrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey\])]
+    expected: FAIL
+
+  [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [\])]
+    expected: FAIL
+
+
 [failures_RSA-OAEP.https.any.worker.html]
   expected: ERROR

testing/web-platform/meta/WebCryptoAPI/generateKey/failures_RSA-PSS.https.any.js.ini

@@ -1,4 +1,148 @@
 [failures_RSA-PSS.https.any.html]
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, deriveBits\])]
+    expected: FAIL
+
   [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-PSS, publicExponent: {0: 1}}, false, [sign\])]
     expected: FAIL
 
@@ -47,5 +191,18 @@
   [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [sign, verify, sign, sign, verify\])]
     expected: FAIL
 
+  [Empty usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [\])]
+    expected: FAIL
+
+
 [failures_RSA-PSS.https.any.worker.html]
   expected: ERROR

testing/web-platform/meta/WebCryptoAPI/generateKey/failures_RSASSA-PKCS1-v1_5.https.any.js.ini

@@ -1,4 +1,148 @@
 [failures_RSASSA-PKCS1-v1_5.https.any.html]
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, encrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, decrypt\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, wrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, unwrapKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, deriveKey\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify, sign, deriveBits\])]
+    expected: FAIL
+
+  [Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign, verify, sign, sign, verify, deriveBits\])]
+    expected: FAIL
+
   [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1}}, false, [sign\])]
     expected: FAIL
 
@@ -47,5 +191,18 @@
   [Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [sign, verify, sign, sign, verify\])]
     expected: FAIL
 
+  [Empty usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [\])]
+    expected: FAIL
+
+  [Empty usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [\])]
+    expected: FAIL
+
+
 [failures_RSASSA-PKCS1-v1_5.https.any.worker.html]
   expected: ERROR