Partial implementation for SubtleCrypto by duonglaiquang · Pull Request #1103 · HtmlUnit/htmlunit

duonglaiquang · 2026-03-16T09:12:48Z

This PR does the following

Partially implements SubtleCrypto operations following W3C Web Cryptography API.

What's implemented

Operation	Supported algorithms
`digest()`	SHA-1, SHA-256, SHA-384, SHA-512
`generateKey()`	RSASSA-PKCS1-v1_5, RSA-PSS, RSA-OAEP, ECDSA, ECDH, AES-CBC, AES-CTR, AES-GCM, AES-KW, HMAC
`importKey("raw")`	HMAC, AES-CBC, AES-CTR, AES-GCM, AES-KW
`exportKey("raw")`	HMAC, AES-CBC, AES-CTR, AES-GCM, AES-KW
`sign()`	HMAC, RSASSA-PKCS1-v1_5, RSA-PSS, ECDSA
`verify()`	HMAC, RSASSA-PKCS1-v1_5, RSA-PSS, ECDSA
`encrypt()`	AES-CBC, AES-GCM, AES-CTR, RSA-OAEP
`decrypt()`	AES-CBC, AES-GCM, AES-CTR, RSA-OAEP

Not yet implemented

importKey for formats pkcs8, spki, jwk
exportKey for formats pkcs8, spki, jwk
exportKey("raw") for ECDSA, ECDH
wrapKey, unwrapKey
deriveKey, deriveBits

sonarqubecloud · 2026-03-16T09:14:36Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

src/main/java/org/htmlunit/javascript/host/crypto/SubtleCrypto.java

+                                "Data provided to an operation does not meet requirements");
+                    }
+                    final SecretKey secretKey = getInternalKey(key, SecretKey.class);
+                    final Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");


rbri · 2026-03-16T09:16:26Z

Wow 😮

duonglaiquang added 6 commits March 16, 2026 16:23

SubtleCrypto: implement digest()

749f376

SubtleCrypto: add CryptoKey

ef1a322

SubtleCrypto: implement generateKey()

cc16631

SubtleCrypto: implement importKey() and exportKey()

0846fd7

SubtleCrypto: implement sign() and verify()

5d84cf8

SubtleCrypto: implement encrypt() and decrypt()

601c035

github-advanced-security bot found potential problems Mar 16, 2026

View reviewed changes

rbri merged commit 6400fb9 into HtmlUnit:master Mar 16, 2026
5 of 8 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Partial implementation for SubtleCrypto#1103

Partial implementation for SubtleCrypto#1103
rbri merged 6 commits intoHtmlUnit:masterfrom
duonglaiquang:duong_crypto

duonglaiquang commented Mar 16, 2026

Uh oh!

sonarqubecloud bot commented Mar 16, 2026

Uh oh!

Check failure

rbri commented Mar 16, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Uh oh!

Conversation

duonglaiquang commented Mar 16, 2026

This PR does the following

What's implemented

Not yet implemented

Uh oh!

sonarqubecloud bot commented Mar 16, 2026

Quality Gate passed

Uh oh!

Check failure

Uh oh!

rbri commented Mar 16, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants