src/third_party/web_platform_tests/WebCryptoAPI/encrypt_decrypt/rsa.js - cobalt - Git at Google


 function run_test() {
     var subtle = self.crypto.subtle; // Change to test prefixed implementations

     // When are all these tests really done? When all the promises they use have resolved.
     var all_promises = [];

     // Source file rsa_vectors.js provides the getTestVectors method
     // for the RSA-OAEP algorithm that drives these tests.
     var vectors = getTestVectors();
     var passingVectors = vectors.passing;
     var failingVectors = vectors.failing;

     // Test decryption, first, because encryption tests rely on that working
     passingVectors.forEach(function(vector) {
         var promise = importVectorKeys(vector, ["encrypt"], ["decrypt"])
         .then(function(vectors) {
             // Get a one byte longer plaintext to encrypt
             if (!("ciphertext" in vector)) {
                 return;
             }

             promise_test(function(test) {
                 return subtle.decrypt(vector.algorithm, vector.privateKey, vector.ciphertext)
                 .then(function(plaintext) {
                     assert_true(equalBuffers(plaintext, vector.plaintext, "Decryption works"));
                 }, function(err) {
                     assert_unreached("Decryption should not throw error " + vector.name + ": " + err.message + "'");
                 });
             }, vector.name + " decryption");

         }, function(err) {
             // We need a failed test if the importVectorKey operation fails, so
             // we know we never tested encryption
             promise_test(function(test) {
                 assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
             }, "importVectorKeys step: " + vector.name + " decryption");
         });

         all_promises.push(promise);
     });

     // Test decryption with an altered buffer
     passingVectors.forEach(function(vector) {
         var promise = importVectorKeys(vector, ["encrypt"], ["decrypt"])
         .then(function(vectors) {
             // Get a one byte longer plaintext to encrypt
             if (!("ciphertext" in vector)) {
                 return;
             }

             promise_test(function(test) {
                 var ciphertext = copyBuffer(vector.ciphertext);
                 var operation = subtle.decrypt(vector.algorithm, vector.privateKey, ciphertext)
                 .then(function(plaintext) {
                     assert_true(equalBuffers(plaintext, vector.plaintext, "Decryption works"));
                 }, function(err) {
                     assert_unreached("Decryption should not throw error " + vector.name + ": " + err.message + "'");
                 });
                 ciphertext[0] = 255 - ciphertext[0];
                 return operation;
             }, vector.name + " decryption with altered ciphertext");

         }, function(err) {
             // We need a failed test if the importVectorKey operation fails, so
             // we know we never tested encryption
             promise_test(function(test) {
                 assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
             }, "importVectorKeys step: " + vector.name + " decryption with altered ciphertext");
         });

         all_promises.push(promise);
     });

     // Check for failures due to using publicKey to decrypt.
     passingVectors.forEach(function(vector) {
         var promise = importVectorKeys(vector, ["encrypt"], ["decrypt"])
         .then(function(vectors) {
             promise_test(function(test) {
                 return subtle.decrypt(vector.algorithm, vector.publicKey, vector.ciphertext)
                 .then(function(plaintext) {
                     assert_unreached("Should have thrown error for using publicKey to decrypt in " + vector.name + ": " + err.message + "'");
                 }, function(err) {
                     assert_equals(err.name, "InvalidAccessError", "Should throw InvalidAccessError instead of " + err.message);
                 });
             }, vector.name + " using publicKey to decrypt");

         }, function(err) {
             // We need a failed test if the importVectorKey operation fails, so
             // we know we never tested encryption
             promise_test(function(test) {
                 assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
             }, "importVectorKeys step: " + vector.name + " using publicKey to decrypt");
         });

         all_promises.push(promise);
     });


     // Check for failures due to no "decrypt" usage.
     passingVectors.forEach(function(originalVector) {
         var vector = Object.assign({}, originalVector);

         var promise = importVectorKeys(vector, ["encrypt"], ["unwrapKey"])
         .then(function(vectors) {
             // Get a one byte longer plaintext to encrypt
             promise_test(function(test) {
                 return subtle.decrypt(vector.algorithm, vector.publicKey, vector.ciphertext)
                 .then(function(plaintext) {
                     assert_unreached("Should have thrown error for no decrypt usage in " + vector.name + ": " + err.message + "'");
                 }, function(err) {
                     assert_equals(err.name, "InvalidAccessError", "Should throw InvalidAccessError instead of " + err.message);
                 });
             }, vector.name + " no decrypt usage");

         }, function(err) {
             // We need a failed test if the importVectorKey operation fails, so
             // we know we never tested encryption
             promise_test(function(test) {
                 assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
             }, "importVectorKeys step: " + vector.name + " no decrypt usage");
         });

         all_promises.push(promise);
     });


     // Check for successful encryption even if plaintext is altered after call.
     passingVectors.forEach(function(vector) {
         var promise = importVectorKeys(vector, ["encrypt"], ["decrypt"])
         .then(function(vectors) {
             promise_test(function(test) {
                 var plaintext = copyBuffer(vector.plaintext);
                 var operation = subtle.encrypt(vector.algorithm, vector.publicKey, plaintext)
                 .then(function(ciphertext) {
                     assert_equals(ciphertext.byteLength * 8, vector.privateKey.algorithm.modulusLength, "Ciphertext length matches modulus length");
                     // Can we get the original plaintext back via decrypt?
                     return subtle.decrypt(vector.algorithm, vector.privateKey, ciphertext)
                     .then(function(result) {
                         assert_true(equalBuffers(result, vector.plaintext), "Round trip returns original plaintext");
                         return ciphertext;
                     }, function(err) {
                         assert_unreached("decrypt error for test " + vector.name + ": " + err.message + "'");
                     });
                 })
                 .then(function(priorCiphertext) {
                     // Will a second encrypt give us different ciphertext, as it should?
                     return subtle.encrypt(vector.algorithm, vector.publicKey, vector.plaintext)
                     .then(function(ciphertext) {
                         assert_false(equalBuffers(priorCiphertext, ciphertext), "Two encrypts give different results")
                     }, function(err) {
                         assert_unreached("second time encrypt error for test " + vector.name + ": '" + err.message + "'");
                     });
                 }, function(err) {
                     assert_unreached("decrypt error for test " + vector.name + ": '" + err.message + "'");
                 });

                 plaintext[0] = 255 - plaintext[0];
                 return operation;
             }, vector.name + " with altered plaintext");

         }, function(err) {
             // We need a failed test if the importVectorKey operation fails, so
             // we know we never tested encryption
             promise_test(function(test) {
                 assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
             }, "importVectorKeys step: " + vector.name + " with altered plaintext");
         });

         all_promises.push(promise);
     });

     // Check for successful encryption.
     passingVectors.forEach(function(vector) {
         var promise = importVectorKeys(vector, ["encrypt"], ["decrypt"])
         .then(function(vectors) {
             promise_test(function(test) {
                 return subtle.encrypt(vector.algorithm, vector.publicKey, vector.plaintext)
                 .then(function(ciphertext) {
                     assert_equals(ciphertext.byteLength * 8, vector.privateKey.algorithm.modulusLength, "Ciphertext length matches modulus length");

                     // Can we get the original plaintext back via decrypt?
                     return subtle.decrypt(vector.algorithm, vector.privateKey, ciphertext)
                     .then(function(result) {
                         assert_true(equalBuffers(result, vector.plaintext), "Round trip returns original plaintext");
                         return ciphertext;
                     }, function(err) {
                         assert_unreached("decrypt error for test " + vector.name + ": " + err.message + "'");
                     });
                 })
                 .then(function(priorCiphertext) {
                     // Will a second encrypt give us different ciphertext, as it should?
                     return subtle.encrypt(vector.algorithm, vector.publicKey, vector.plaintext)
                     .then(function(ciphertext) {
                         assert_false(equalBuffers(priorCiphertext, ciphertext), "Two encrypts give different results")
                     }, function(err) {
                         assert_unreached("second time encrypt error for test " + vector.name + ": '" + err.message + "'");
                     });
                 }, function(err) {
                     assert_unreached("decrypt error for test " + vector.name + ": '" + err.message + "'");
                 });
             }, vector.name);

         }, function(err) {
             // We need a failed test if the importVectorKey operation fails, so
             // we know we never tested encryption
             promise_test(function(test) {
                 assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
             }, "importVectorKeys step: " + vector.name);
         });

         all_promises.push(promise);
     });

     // Check for failures due to too long plaintext.
     passingVectors.forEach(function(vector) {
         var promise = importVectorKeys(vector, ["encrypt"], ["decrypt"])
         .then(function(vectors) {
             // Get a one byte longer plaintext to encrypt
             var plaintext = new Uint8Array(vector.plaintext.byteLength + 1);
             plaintext.set(plaintext, 0);
             plaintext.set(new Uint8Array([32]), vector.plaintext.byteLength);
             promise_test(function(test) {
                 return subtle.encrypt(vector.algorithm, vector.publicKey, plaintext)
                 .then(function(ciphertext) {
                     assert_unreached("Should have thrown error for too long plaintext in " + vector.name + ": " + err.message + "'");
                 }, function(err) {
                     assert_equals(err.name, "OperationError", "Should throw OperationError instead of " + err.message);
                 });
             }, vector.name + " too long plaintext");

         }, function(err) {
             // We need a failed test if the importVectorKey operation fails, so
             // we know we never tested encryption
             promise_test(function(test) {
                 assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
             }, "importVectorKeys step: " + vector.name + " too long plaintext");
         });

         all_promises.push(promise);
     });


     // Check for failures due to using privateKey to encrypt.
     passingVectors.forEach(function(vector) {
         var promise = importVectorKeys(vector, ["encrypt"], ["decrypt"])
         .then(function(vectors) {
             promise_test(function(test) {
                 return subtle.encrypt(vector.algorithm, vector.privateKey, vector.plaintext)
                 .then(function(ciphertext) {
                     assert_unreached("Should have thrown error for using privateKey to encrypt in " + vector.name + ": " + err.message + "'");
                 }, function(err) {
                     assert_equals(err.name, "InvalidAccessError", "Should throw InvalidAccessError instead of " + err.message);
                 });
             }, vector.name + " using privateKey to encrypt");

         }, function(err) {
             // We need a failed test if the importVectorKey operation fails, so
             // we know we never tested encryption
             promise_test(function(test) {
                 assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
             }, "importVectorKeys step: " + vector.name + " using privateKey to encrypt");
         });

         all_promises.push(promise);
     });


     // Check for failures due to no "encrypt usage".
     passingVectors.forEach(function(originalVector) {
         var vector = Object.assign({}, originalVector);

         var promise = importVectorKeys(vector, [], ["decrypt"])
         .then(function(vectors) {
             // Get a one byte longer plaintext to encrypt
             promise_test(function(test) {
                 return subtle.encrypt(vector.algorithm, vector.publicKey, vector.plaintext)
                 .then(function(ciphertext) {
                     assert_unreached("Should have thrown error for no encrypt usage in " + vector.name + ": " + err.message + "'");
                 }, function(err) {
                     assert_equals(err.name, "InvalidAccessError", "Should throw InvalidAccessError instead of " + err.message);
                 });
             }, vector.name + " no encrypt usage");

         }, function(err) {
             // We need a failed test if the importVectorKey operation fails, so
             // we know we never tested encryption
             promise_test(function(test) {
                 assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
             }, "importVectorKeys step: " + vector.name + " no encrypt usage");
         });

         all_promises.push(promise);
     });

     Promise.all(all_promises)
     .then(function() {done();})
     .catch(function() {done();})

     // A test vector has all needed fields for encryption, EXCEPT that the
     // key field may be null. This function replaces that null with the Correct
     // CryptoKey object.
     //
     // Returns a Promise that yields an updated vector on success.
     function importVectorKeys(vector, publicKeyUsages, privateKeyUsages) {
         var publicPromise, privatePromise;

         if (vector.publicKey !== null) {
             publicPromise = new Promise(function(resolve, reject) {
                 resolve(vector);
             });
         } else {
             publicPromise = subtle.importKey(vector.publicKeyFormat, vector.publicKeyBuffer, {name: vector.algorithm.name, hash: vector.hash}, false, publicKeyUsages)
             .then(function(key) {
                 vector.publicKey = key;
                 return vector;
             });        // Returns a copy of the sourceBuffer it is sent.
         function copyBuffer(sourceBuffer) {
             var source = new Uint8Array(sourceBuffer);
             var copy = new Uint8Array(sourceBuffer.byteLength)

             for (var i=0; i<source.byteLength; i++) {
                 copy[i] = source[i];
             }

             return copy;
         }

         }

         if (vector.privateKey !== null) {
             privatePromise = new Promise(function(resolve, reject) {
                 resolve(vector);
             });
         } else {
             privatePromise = subtle.importKey(vector.privateKeyFormat, vector.privateKeyBuffer, {name: vector.algorithm.name, hash: vector.hash}, false, privateKeyUsages)
             .then(function(key) {
                 vector.privateKey = key;
                 return vector;
             });
         }

         return Promise.all([publicPromise, privatePromise]);
     }

     // Returns a copy of the sourceBuffer it is sent.
     function copyBuffer(sourceBuffer) {
         var source = new Uint8Array(sourceBuffer);
         var copy = new Uint8Array(sourceBuffer.byteLength)

         for (var i=0; i<source.byteLength; i++) {
             copy[i] = source[i];
         }

         return copy;
     }

     function equalBuffers(a, b) {
         if (a.byteLength !== b.byteLength) {
             return false;
         }

         var aBytes = new Uint8Array(a);
         var bBytes = new Uint8Array(b);

         for (var i=0; i<a.byteLength; i++) {
             if (aBytes[i] !== bBytes[i]) {
                 return false;
             }
         }

         return true;
     }

     return;
 }

	function run_test() {
	var subtle = self.crypto.subtle; // Change to test prefixed implementations

	// When are all these tests really done? When all the promises they use have resolved.
	var all_promises = [];

	// Source file rsa_vectors.js provides the getTestVectors method
	// for the RSA-OAEP algorithm that drives these tests.
	var vectors = getTestVectors();
	var passingVectors = vectors.passing;
	var failingVectors = vectors.failing;

	// Test decryption, first, because encryption tests rely on that working
	passingVectors.forEach(function(vector) {
	var promise = importVectorKeys(vector, ["encrypt"], ["decrypt"])
	.then(function(vectors) {
	// Get a one byte longer plaintext to encrypt
	if (!("ciphertext" in vector)) {
	return;
	}

	promise_test(function(test) {
	return subtle.decrypt(vector.algorithm, vector.privateKey, vector.ciphertext)
	.then(function(plaintext) {
	assert_true(equalBuffers(plaintext, vector.plaintext, "Decryption works"));
	}, function(err) {
	assert_unreached("Decryption should not throw error " + vector.name + ": " + err.message + "'");
	});
	}, vector.name + " decryption");

	}, function(err) {
	// We need a failed test if the importVectorKey operation fails, so
	// we know we never tested encryption
	promise_test(function(test) {
	assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
	}, "importVectorKeys step: " + vector.name + " decryption");
	});

	all_promises.push(promise);
	});

	// Test decryption with an altered buffer
	passingVectors.forEach(function(vector) {
	var promise = importVectorKeys(vector, ["encrypt"], ["decrypt"])
	.then(function(vectors) {
	// Get a one byte longer plaintext to encrypt
	if (!("ciphertext" in vector)) {
	return;
	}

	promise_test(function(test) {
	var ciphertext = copyBuffer(vector.ciphertext);
	var operation = subtle.decrypt(vector.algorithm, vector.privateKey, ciphertext)
	.then(function(plaintext) {
	assert_true(equalBuffers(plaintext, vector.plaintext, "Decryption works"));
	}, function(err) {
	assert_unreached("Decryption should not throw error " + vector.name + ": " + err.message + "'");
	});
	ciphertext[0] = 255 - ciphertext[0];
	return operation;
	}, vector.name + " decryption with altered ciphertext");

	}, function(err) {
	// We need a failed test if the importVectorKey operation fails, so
	// we know we never tested encryption
	promise_test(function(test) {
	assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
	}, "importVectorKeys step: " + vector.name + " decryption with altered ciphertext");
	});

	all_promises.push(promise);
	});

	// Check for failures due to using publicKey to decrypt.
	passingVectors.forEach(function(vector) {
	var promise = importVectorKeys(vector, ["encrypt"], ["decrypt"])
	.then(function(vectors) {
	promise_test(function(test) {
	return subtle.decrypt(vector.algorithm, vector.publicKey, vector.ciphertext)
	.then(function(plaintext) {
	assert_unreached("Should have thrown error for using publicKey to decrypt in " + vector.name + ": " + err.message + "'");
	}, function(err) {
	assert_equals(err.name, "InvalidAccessError", "Should throw InvalidAccessError instead of " + err.message);
	});
	}, vector.name + " using publicKey to decrypt");

	}, function(err) {
	// We need a failed test if the importVectorKey operation fails, so
	// we know we never tested encryption
	promise_test(function(test) {
	assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
	}, "importVectorKeys step: " + vector.name + " using publicKey to decrypt");
	});

	all_promises.push(promise);
	});


	// Check for failures due to no "decrypt" usage.
	passingVectors.forEach(function(originalVector) {
	var vector = Object.assign({}, originalVector);

	var promise = importVectorKeys(vector, ["encrypt"], ["unwrapKey"])
	.then(function(vectors) {
	// Get a one byte longer plaintext to encrypt
	promise_test(function(test) {
	return subtle.decrypt(vector.algorithm, vector.publicKey, vector.ciphertext)
	.then(function(plaintext) {
	assert_unreached("Should have thrown error for no decrypt usage in " + vector.name + ": " + err.message + "'");
	}, function(err) {
	assert_equals(err.name, "InvalidAccessError", "Should throw InvalidAccessError instead of " + err.message);
	});
	}, vector.name + " no decrypt usage");

	}, function(err) {
	// We need a failed test if the importVectorKey operation fails, so
	// we know we never tested encryption
	promise_test(function(test) {
	assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
	}, "importVectorKeys step: " + vector.name + " no decrypt usage");
	});

	all_promises.push(promise);
	});


	// Check for successful encryption even if plaintext is altered after call.
	passingVectors.forEach(function(vector) {
	var promise = importVectorKeys(vector, ["encrypt"], ["decrypt"])
	.then(function(vectors) {
	promise_test(function(test) {
	var plaintext = copyBuffer(vector.plaintext);
	var operation = subtle.encrypt(vector.algorithm, vector.publicKey, plaintext)
	.then(function(ciphertext) {
	assert_equals(ciphertext.byteLength * 8, vector.privateKey.algorithm.modulusLength, "Ciphertext length matches modulus length");
	// Can we get the original plaintext back via decrypt?
	return subtle.decrypt(vector.algorithm, vector.privateKey, ciphertext)
	.then(function(result) {
	assert_true(equalBuffers(result, vector.plaintext), "Round trip returns original plaintext");
	return ciphertext;
	}, function(err) {
	assert_unreached("decrypt error for test " + vector.name + ": " + err.message + "'");
	});
	})
	.then(function(priorCiphertext) {
	// Will a second encrypt give us different ciphertext, as it should?
	return subtle.encrypt(vector.algorithm, vector.publicKey, vector.plaintext)
	.then(function(ciphertext) {
	assert_false(equalBuffers(priorCiphertext, ciphertext), "Two encrypts give different results")
	}, function(err) {
	assert_unreached("second time encrypt error for test " + vector.name + ": '" + err.message + "'");
	});
	}, function(err) {
	assert_unreached("decrypt error for test " + vector.name + ": '" + err.message + "'");
	});

	plaintext[0] = 255 - plaintext[0];
	return operation;
	}, vector.name + " with altered plaintext");

	}, function(err) {
	// We need a failed test if the importVectorKey operation fails, so
	// we know we never tested encryption
	promise_test(function(test) {
	assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
	}, "importVectorKeys step: " + vector.name + " with altered plaintext");
	});

	all_promises.push(promise);
	});

	// Check for successful encryption.
	passingVectors.forEach(function(vector) {
	var promise = importVectorKeys(vector, ["encrypt"], ["decrypt"])
	.then(function(vectors) {
	promise_test(function(test) {
	return subtle.encrypt(vector.algorithm, vector.publicKey, vector.plaintext)
	.then(function(ciphertext) {
	assert_equals(ciphertext.byteLength * 8, vector.privateKey.algorithm.modulusLength, "Ciphertext length matches modulus length");

	// Can we get the original plaintext back via decrypt?
	return subtle.decrypt(vector.algorithm, vector.privateKey, ciphertext)
	.then(function(result) {
	assert_true(equalBuffers(result, vector.plaintext), "Round trip returns original plaintext");
	return ciphertext;
	}, function(err) {
	assert_unreached("decrypt error for test " + vector.name + ": " + err.message + "'");
	});
	})
	.then(function(priorCiphertext) {
	// Will a second encrypt give us different ciphertext, as it should?
	return subtle.encrypt(vector.algorithm, vector.publicKey, vector.plaintext)
	.then(function(ciphertext) {
	assert_false(equalBuffers(priorCiphertext, ciphertext), "Two encrypts give different results")
	}, function(err) {
	assert_unreached("second time encrypt error for test " + vector.name + ": '" + err.message + "'");
	});
	}, function(err) {
	assert_unreached("decrypt error for test " + vector.name + ": '" + err.message + "'");
	});
	}, vector.name);

	}, function(err) {
	// We need a failed test if the importVectorKey operation fails, so
	// we know we never tested encryption
	promise_test(function(test) {
	assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
	}, "importVectorKeys step: " + vector.name);
	});

	all_promises.push(promise);
	});

	// Check for failures due to too long plaintext.
	passingVectors.forEach(function(vector) {
	var promise = importVectorKeys(vector, ["encrypt"], ["decrypt"])
	.then(function(vectors) {
	// Get a one byte longer plaintext to encrypt
	var plaintext = new Uint8Array(vector.plaintext.byteLength + 1);
	plaintext.set(plaintext, 0);
	plaintext.set(new Uint8Array([32]), vector.plaintext.byteLength);
	promise_test(function(test) {
	return subtle.encrypt(vector.algorithm, vector.publicKey, plaintext)
	.then(function(ciphertext) {
	assert_unreached("Should have thrown error for too long plaintext in " + vector.name + ": " + err.message + "'");
	}, function(err) {
	assert_equals(err.name, "OperationError", "Should throw OperationError instead of " + err.message);
	});
	}, vector.name + " too long plaintext");

	}, function(err) {
	// We need a failed test if the importVectorKey operation fails, so
	// we know we never tested encryption
	promise_test(function(test) {
	assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
	}, "importVectorKeys step: " + vector.name + " too long plaintext");
	});

	all_promises.push(promise);
	});


	// Check for failures due to using privateKey to encrypt.
	passingVectors.forEach(function(vector) {
	var promise = importVectorKeys(vector, ["encrypt"], ["decrypt"])
	.then(function(vectors) {
	promise_test(function(test) {
	return subtle.encrypt(vector.algorithm, vector.privateKey, vector.plaintext)
	.then(function(ciphertext) {
	assert_unreached("Should have thrown error for using privateKey to encrypt in " + vector.name + ": " + err.message + "'");
	}, function(err) {
	assert_equals(err.name, "InvalidAccessError", "Should throw InvalidAccessError instead of " + err.message);
	});
	}, vector.name + " using privateKey to encrypt");

	}, function(err) {
	// We need a failed test if the importVectorKey operation fails, so
	// we know we never tested encryption
	promise_test(function(test) {
	assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
	}, "importVectorKeys step: " + vector.name + " using privateKey to encrypt");
	});

	all_promises.push(promise);
	});


	// Check for failures due to no "encrypt usage".
	passingVectors.forEach(function(originalVector) {
	var vector = Object.assign({}, originalVector);

	var promise = importVectorKeys(vector, [], ["decrypt"])
	.then(function(vectors) {
	// Get a one byte longer plaintext to encrypt
	promise_test(function(test) {
	return subtle.encrypt(vector.algorithm, vector.publicKey, vector.plaintext)
	.then(function(ciphertext) {
	assert_unreached("Should have thrown error for no encrypt usage in " + vector.name + ": " + err.message + "'");
	}, function(err) {
	assert_equals(err.name, "InvalidAccessError", "Should throw InvalidAccessError instead of " + err.message);
	});
	}, vector.name + " no encrypt usage");

	}, function(err) {
	// We need a failed test if the importVectorKey operation fails, so
	// we know we never tested encryption
	promise_test(function(test) {
	assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
	}, "importVectorKeys step: " + vector.name + " no encrypt usage");
	});

	all_promises.push(promise);
	});

	Promise.all(all_promises)
	.then(function() {done();})
	.catch(function() {done();})

	// A test vector has all needed fields for encryption, EXCEPT that the
	// key field may be null. This function replaces that null with the Correct
	// CryptoKey object.
	//
	// Returns a Promise that yields an updated vector on success.
	function importVectorKeys(vector, publicKeyUsages, privateKeyUsages) {
	var publicPromise, privatePromise;

	if (vector.publicKey !== null) {
	publicPromise = new Promise(function(resolve, reject) {
	resolve(vector);
	});
	} else {
	publicPromise = subtle.importKey(vector.publicKeyFormat, vector.publicKeyBuffer, {name: vector.algorithm.name, hash: vector.hash}, false, publicKeyUsages)
	.then(function(key) {
	vector.publicKey = key;
	return vector;
	}); // Returns a copy of the sourceBuffer it is sent.
	function copyBuffer(sourceBuffer) {
	var source = new Uint8Array(sourceBuffer);
	var copy = new Uint8Array(sourceBuffer.byteLength)

	for (var i=0; i<source.byteLength; i++) {
	copy[i] = source[i];
	}

	return copy;
	}

	}

	if (vector.privateKey !== null) {
	privatePromise = new Promise(function(resolve, reject) {
	resolve(vector);
	});
	} else {
	privatePromise = subtle.importKey(vector.privateKeyFormat, vector.privateKeyBuffer, {name: vector.algorithm.name, hash: vector.hash}, false, privateKeyUsages)
	.then(function(key) {
	vector.privateKey = key;
	return vector;
	});
	}

	return Promise.all([publicPromise, privatePromise]);
	}

	// Returns a copy of the sourceBuffer it is sent.
	function copyBuffer(sourceBuffer) {
	var source = new Uint8Array(sourceBuffer);
	var copy = new Uint8Array(sourceBuffer.byteLength)

	for (var i=0; i<source.byteLength; i++) {
	copy[i] = source[i];
	}

	return copy;
	}

	function equalBuffers(a, b) {
	if (a.byteLength !== b.byteLength) {
	return false;
	}

	var aBytes = new Uint8Array(a);
	var bBytes = new Uint8Array(b);

	for (var i=0; i<a.byteLength; i++) {
	if (aBytes[i] !== bBytes[i]) {
	return false;
	}
	}

	return true;
	}

	return;
	}