diff --git a/Cargo.lock b/Cargo.lock
index 4ffb40c285ff93..951249e204ab4c 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -175,6 +175,12 @@ dependencies = [
  "syn 1.0.65",
 ]
 
+[[package]]
+name = "autocfg"
+version = "0.1.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1d49d90015b3c36167a20fe2810c5cd875ad504b39cff3d4eae7977e6b7c1cb2"
+
 [[package]]
 name = "autocfg"
 version = "1.0.1"
@@ -443,7 +449,7 @@ version = "0.8.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "4feb231f0d4d6af81aed15928e58ecf5816aa62a2393e2c82f46973e92a9a278"
 dependencies = [
- "autocfg",
+ "autocfg 1.0.1",
  "cfg-if 1.0.0",
  "lazy_static",
 ]
@@ -646,8 +652,14 @@ version = "0.24.1"
 dependencies = [
  "deno_core",
  "deno_web",
+ "lazy_static",
+ "num-traits",
  "rand 0.8.4",
  "ring",
+ "rsa",
+ "serde",
+ "sha-1",
+ "sha2",
  "tokio",
  "uuid",
 ]
@@ -953,7 +965,7 @@ checksum = "cd5de0d5e8bdbbad4f6d71d754164803ba4aef42f50db2e65c8a5ca4185ac69f"
 dependencies = [
  "bumpalo",
  "fnv",
- "num-bigint",
+ "num-bigint 0.2.6",
  "swc_atoms",
  "swc_common",
  "swc_ecmascript",
@@ -1247,7 +1259,7 @@ version = "0.3.15"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a4c40298486cdf52cc00cd6d6987892ba502c7656a16a4192a9992b1ccedd121"
 dependencies = [
- "autocfg",
+ "autocfg 1.0.1",
  "proc-macro-hack",
  "proc-macro2 1.0.26",
  "quote 1.0.9",
@@ -1272,7 +1284,7 @@ version = "0.3.15"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "feb5c238d27e2bf94ffdfd27b2c29e3df4a68c4193bb6427384259e2bf191967"
 dependencies = [
- "autocfg",
+ "autocfg 1.0.1",
  "futures-channel",
  "futures-core",
  "futures-io",
@@ -1724,7 +1736,7 @@ version = "1.6.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "824845a0bf897a9042383849b02c1bc219c2383772efcd5c6f9766fa4b81aef3"
 dependencies = [
- "autocfg",
+ "autocfg 1.0.1",
  "hashbrown 0.9.1",
  "serde",
 ]
@@ -1862,6 +1874,9 @@ name = "lazy_static"
 version = "1.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
+dependencies = [
+ "spin",
+]
 
 [[package]]
 name = "lexical"
@@ -1902,6 +1917,12 @@ dependencies = [
  "winapi 0.3.9",
 ]
 
+[[package]]
+name = "libm"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c7d73b3f436185384286bd8098d17ec07c9a7d2388a6599f824d8502b529702a"
+
 [[package]]
 name = "libsqlite3-sys"
 version = "0.22.2"
@@ -2051,7 +2072,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a92518e98c078586bc6c934028adcca4c92a53d6a958196de835170a01d84e4b"
 dependencies = [
  "adler",
- "autocfg",
+ "autocfg 1.0.1",
 ]
 
 [[package]]
@@ -2153,19 +2174,59 @@ version = "0.2.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "090c7f9998ee0ff65aa5b723e4009f7b217707f1fb5ea551329cc4d6231fb304"
 dependencies = [
- "autocfg",
+ "autocfg 1.0.1",
  "num-integer",
  "num-traits",
  "serde",
 ]
 
+[[package]]
+name = "num-bigint"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4e0d047c1062aa51e256408c560894e5251f08925980e53cf1aa5bd00eec6512"
+dependencies = [
+ "autocfg 1.0.1",
+ "num-integer",
+ "num-traits",
+]
+
+[[package]]
+name = "num-bigint-dig"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4547ee5541c18742396ae2c895d0717d0f886d8823b8399cdaf7b07d63ad0480"
+dependencies = [
+ "autocfg 0.1.7",
+ "byteorder",
+ "lazy_static",
+ "libm",
+ "num-integer",
+ "num-iter",
+ "num-traits",
+ "rand 0.8.4",
+ "smallvec",
+ "zeroize",
+]
+
 [[package]]
 name = "num-integer"
 version = "0.1.44"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d2cc698a63b549a70bc047073d2949cce27cd1c7b0a4a862d08a8031bc2801db"
 dependencies = [
- "autocfg",
+ "autocfg 1.0.1",
+ "num-traits",
+]
+
+[[package]]
+name = "num-iter"
+version = "0.1.42"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b2021c8337a54d21aca0d59a92577a029af9431cb59b909b03252b9c164fad59"
+dependencies = [
+ "autocfg 1.0.1",
+ "num-integer",
  "num-traits",
 ]
 
@@ -2175,7 +2236,8 @@ version = "0.2.14"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9a64b1ec5cda2586e284722486d802acf1f7dbdc623e2bfc57e65ca1cd099290"
 dependencies = [
- "autocfg",
+ "autocfg 1.0.1",
+ "libm",
 ]
 
 [[package]]
@@ -2263,6 +2325,17 @@ dependencies = [
  "winapi 0.3.9",
 ]
 
+[[package]]
+name = "pem"
+version = "0.8.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fd56cbd21fea48d0c440b41cd69c589faacade08c992d9a54e471b79d0fd13eb"
+dependencies = [
+ "base64 0.13.0",
+ "once_cell",
+ "regex",
+]
+
 [[package]]
 name = "percent-encoding"
 version = "2.1.0"
@@ -2741,6 +2814,26 @@ dependencies = [
  "serde",
 ]
 
+[[package]]
+name = "rsa"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "68ef841a26fc5d040ced0417c6c6a64ee851f42489df11cdf0218e545b6f8d28"
+dependencies = [
+ "byteorder",
+ "digest",
+ "lazy_static",
+ "num-bigint-dig",
+ "num-integer",
+ "num-iter",
+ "num-traits",
+ "pem",
+ "rand 0.8.4",
+ "simple_asn1",
+ "subtle",
+ "zeroize",
+]
+
 [[package]]
 name = "rusqlite"
 version = "0.25.3"
@@ -2962,6 +3055,19 @@ dependencies = [
  "opaque-debug",
 ]
 
+[[package]]
+name = "sha2"
+version = "0.9.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b362ae5752fd2137731f9fa25fd4d9058af34666ca1966fb969119cc35719f12"
+dependencies = [
+ "block-buffer",
+ "cfg-if 1.0.0",
+ "cpufeatures",
+ "digest",
+ "opaque-debug",
+]
+
 [[package]]
 name = "shell-escape"
 version = "0.1.5"
@@ -2977,6 +3083,18 @@ dependencies = [
  "libc",
 ]
 
+[[package]]
+name = "simple_asn1"
+version = "0.5.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8eb4ea60fb301dc81dfc113df680571045d375ab7345d171c5dc7d7e13107a80"
+dependencies = [
+ "chrono",
+ "num-bigint 0.4.0",
+ "num-traits",
+ "thiserror",
+]
+
 [[package]]
 name = "siphasher"
 version = "0.3.5"
@@ -3136,6 +3254,12 @@ version = "0.9.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6446ced80d6c486436db5c078dde11a9f73d42b57fb273121e160b84f63d894c"
 
+[[package]]
+name = "subtle"
+version = "2.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1e81da0851ada1f3e9d4312c704aa4f8806f0f9d69faaf8df2f3464b4a9437c2"
+
 [[package]]
 name = "swc_atoms"
 version = "0.2.6"
@@ -3187,7 +3311,7 @@ dependencies = [
  "from_variant",
  "fxhash",
  "log",
- "num-bigint",
+ "num-bigint 0.2.6",
  "once_cell",
  "owning_ref",
  "scoped-tls",
@@ -3206,7 +3330,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f8060c27a8932c57e5a878acc1c64b44371cce1c88eb3af1f3d12a2628d606a6"
 dependencies = [
  "is-macro",
- "num-bigint",
+ "num-bigint 0.2.6",
  "serde",
  "string_enum",
  "swc_atoms",
@@ -3220,7 +3344,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "936fd096ebfc8d8c8d7f5cfdc79b13d06e56e0810abbe3de37376b537a40debb"
 dependencies = [
  "bitflags",
- "num-bigint",
+ "num-bigint 0.2.6",
  "sourcemap",
  "swc_atoms",
  "swc_common",
@@ -3278,7 +3402,7 @@ dependencies = [
  "fxhash",
  "lexical",
  "log",
- "num-bigint",
+ "num-bigint 0.2.6",
  "serde",
  "smallvec",
  "swc_atoms",
@@ -3444,7 +3568,7 @@ version = "0.34.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3d5b93c94bd4fca51ad5c2588e34b46dc5a9b1f079c9b1ec595a968eb4ca8acf"
 dependencies = [
- "num-bigint",
+ "num-bigint 0.2.6",
  "swc_atoms",
  "swc_common",
  "swc_ecma_ast",
@@ -3536,6 +3660,18 @@ dependencies = [
  "unicode-xid 0.2.2",
 ]
 
+[[package]]
+name = "synstructure"
+version = "0.12.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b834f2d66f734cb897113e34aaff2f1ab4719ca946f9a7358dba8f8064148701"
+dependencies = [
+ "proc-macro2 1.0.26",
+ "quote 1.0.9",
+ "syn 1.0.65",
+ "unicode-xid 0.2.2",
+]
+
 [[package]]
 name = "sys-info"
 version = "0.9.0"
@@ -3672,7 +3808,7 @@ version = "1.8.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "570c2eb13b3ab38208130eccd41be92520388791207fde783bda7c1e8ace28d4"
 dependencies = [
- "autocfg",
+ "autocfg 1.0.1",
  "bytes",
  "libc",
  "memchr",
@@ -4340,3 +4476,24 @@ checksum = "5d129932f4644ac2396cb456385cbf9e63b5b30c6e8dc4820bdca4eb082037a5"
 dependencies = [
  "winapi 0.3.9",
 ]
+
+[[package]]
+name = "zeroize"
+version = "1.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "81a974bcdd357f0dca4d41677db03436324d45a4c9ed2d0b873a5a360ce41c36"
+dependencies = [
+ "zeroize_derive",
+]
+
+[[package]]
+name = "zeroize_derive"
+version = "1.0.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c3f369ddb18862aba61aa49bf31e74d29f0f162dec753063200e1dc084345d16"
+dependencies = [
+ "proc-macro2 1.0.26",
+ "quote 1.0.9",
+ "syn 1.0.65",
+ "synstructure",
+]
diff --git a/cli/tests/unit/webcrypto_test.ts b/cli/tests/unit/webcrypto_test.ts
new file mode 100644
index 00000000000000..4361d3a10b28ba
--- /dev/null
+++ b/cli/tests/unit/webcrypto_test.ts
@@ -0,0 +1,58 @@
+import { assert, assertEquals, unitTest } from "./test_util.ts";
+
+unitTest(async function testGenerateRSAKey() {
+  const subtle = window.crypto.subtle;
+  assert(subtle);
+
+  const keyPair = await subtle.generateKey(
+    {
+      name: "RSA-PSS",
+      modulusLength: 2048,
+      publicExponent: new Uint8Array([1, 0, 1]),
+      hash: "SHA-256",
+    },
+    true,
+    ["sign", "verify"],
+  );
+
+  assert(keyPair.privateKey);
+  assert(keyPair.publicKey);
+  assertEquals(keyPair.privateKey.extractable, true);
+  assert(keyPair.privateKey.usages.includes("sign"));
+});
+
+unitTest(async function testGenerateHMACKey() {
+  const key = await window.crypto.subtle.generateKey(
+    {
+      name: "HMAC",
+      hash: "SHA-512",
+    },
+    true,
+    ["sign", "verify"],
+  );
+
+  assert(key);
+  assertEquals(key.extractable, true);
+  assert(key.usages.includes("sign"));
+});
+
+unitTest(async function testSignECDSA() {
+  const key = await window.crypto.subtle.generateKey(
+    {
+      name: "ECDSA",
+      namedCurve: "P-384",
+    },
+    true,
+    ["sign", "verify"],
+  );
+
+  const encoder = new TextEncoder();
+  const encoded = encoder.encode("Hello, World!");
+  const signature = await window.crypto.subtle.sign(
+    { name: "ECDSA", hash: "SHA-384" },
+    key.privateKey,
+    encoded,
+  );
+
+  assert(signature);
+});
diff --git a/extensions/crypto/00_crypto.js b/extensions/crypto/00_crypto.js
new file mode 100644
index 00000000000000..a6c6c07225649b
--- /dev/null
+++ b/extensions/crypto/00_crypto.js
@@ -0,0 +1,675 @@
+// Copyright 2018-2021 the Deno authors. All rights reserved. MIT license.
+
+// @ts-check
+/// <reference path="../../core/lib.deno_core.d.ts" />
+/// <reference path="../webidl/internal.d.ts" />
+/// <reference path="../web/lib.deno_web.d.ts" />
+
+"use strict";
+
+((window) => {
+  const core = window.Deno.core;
+  const webidl = window.__bootstrap.webidl;
+  const { DOMException } = window.__bootstrap.domException;
+
+  // P-521 is not yet supported.
+  const supportedNamedCurves = ["P-256", "P-384"];
+
+  const simpleAlgorithmDictionaries = {
+    RsaHashedKeyGenParams: { hash: "HashAlgorithmIdentifier" },
+    EcKeyGenParams: {},
+    HmacKeyGenParams: { hash: "HashAlgorithmIdentifier" },
+    RsaPssParams: {},
+    EcdsaParams: { hash: "HashAlgorithmIdentifier" },
+  };
+
+  const supportedAlgorithms = {
+    "digest": {
+      "SHA-1": null,
+      "SHA-256": null,
+      "SHA-384": null,
+      "SHA-512": null,
+    },
+    "generateKey": {
+      "RSASSA-PKCS1-v1_5": "RsaHashedKeyGenParams",
+      "RSA-PSS": "RsaHashedKeyGenParams",
+      "ECDSA": "EcKeyGenParams",
+      "HMAC": "HmacKeyGenParams",
+    },
+    "sign": {
+      "RSASSA-PKCS1-v1_5": null,
+      "RSA-PSS": "RsaPssParams",
+      "ECDSA": "EcdsaParams",
+      "HMAC": null,
+    },
+  };
+
+  // See https://www.w3.org/TR/WebCryptoAPI/#dfn-normalize-an-algorithm
+  function normalizeAlgorithm(algorithm, op) {
+    if (typeof algorithm == "string") {
+      return normalizeAlgorithm({ name: algorithm }, op);
+    }
+
+    // 1.
+    const registeredAlgorithms = supportedAlgorithms[op];
+    // 2. 3.
+    const initialAlg = webidl.converters.Algorithm(algorithm, {
+      prefix: "Failed to normalize algorithm",
+      context: "passed algorithm",
+    });
+    // 4.
+    let algName = initialAlg.name;
+
+    // 5.
+    let desiredType = undefined;
+    for (const key in registeredAlgorithms) {
+      if (key.toLowerCase() === algName.toLowerCase()) {
+        algName = key;
+        desiredType = registeredAlgorithms[key];
+      }
+    }
+    if (desiredType === undefined) {
+      throw new DOMException(
+        "Unrecognized algorithm name",
+        "NotSupportedError",
+      );
+    }
+
+    // Fast path everything below if the registered dictionary is "None".
+    if (desiredType === null) {
+      return { name: algName };
+    }
+
+    const normalizedAlgorithm = webidl.converters[desiredType](algorithm, {
+      prefix: "Failed to normalize algorithm",
+      context: "passed algorithm",
+    });
+    normalizedAlgorithm.name = algName;
+
+    const dict = simpleAlgorithmDictionaries[desiredType];
+    for (const member in dict) {
+      const idlType = dict[member];
+      const idlValue = normalizedAlgorithm[member];
+
+      if (idlType === "BufferSource") {
+        normalizedAlgorithm[member] = new Uint8Array(
+          (ArrayBuffer.isView(idlValue) ? idlValue.buffer : idlValue).slice(
+            idlValue.byteOffset ?? 0,
+            idlValue.byteLength,
+          ),
+        );
+      } else if (idlType === "HashAlgorithmIdentifier") {
+        normalizedAlgorithm[member] = normalizeAlgorithm(idlValue, "digest");
+      } else if (idlType === "AlgorithmIdentifier") {
+        // TODO(lucacasonato): implement
+        throw new TypeError("unimplemented");
+      }
+    }
+
+    return normalizedAlgorithm;
+  }
+
+  // Should match op_crypto_subtle_digest() in extensions/crypto/lib.rs
+  function digestToId(name) {
+    switch (name) {
+      case "SHA-1":
+        return 0;
+      case "SHA-256":
+        return 1;
+      case "SHA-384":
+        return 2;
+      case "SHA-512":
+        return 3;
+    }
+  }
+
+  const _handle = Symbol("[[handle]]");
+  const _algorithm = Symbol("[[algorithm]]");
+  const _extractable = Symbol("[[extractable]]");
+  const _usages = Symbol("[[usages]]");
+  const _type = Symbol("[[type]]");
+
+  class CryptoKey {
+    /** @type {string} */
+    [_type];
+    /** @type {boolean} */
+    [_extractable];
+    /** @type {object} */
+    [_algorithm];
+    /** @type {string[]} */
+    [_usages];
+    /** @type {object} */
+    [_handle];
+
+    constructor() {
+      webidl.illegalConstructor();
+    }
+
+    /** @returns {string} */
+    get type() {
+      webidl.assertBranded(this, CryptoKey);
+      return this[_type];
+    }
+
+    /** @returns {boolean} */
+    get extractable() {
+      webidl.assertBranded(this, CryptoKey);
+      return this[_extractable];
+    }
+
+    /** @returns {string[]} */
+    get usages() {
+      webidl.assertBranded(this, CryptoKey);
+      // TODO(lucacasonato): return a SameObject copy
+      return this[_usages];
+    }
+
+    /** @returns {object} */
+    get algorithm() {
+      webidl.assertBranded(this, CryptoKey);
+      // TODO(lucacasonato): return a SameObject copy
+      return this[_algorithm];
+    }
+
+    get [Symbol.toStringTag]() {
+      return "CryptoKey";
+    }
+
+    [Symbol.for("Deno.customInspect")](inspect) {
+      return `${this.constructor.name} ${
+        inspect({
+          type: this.type,
+          extractable: this.extractable,
+          algorithm: this.algorithm,
+          usages: this.usages,
+        })
+      }`;
+    }
+  }
+
+  webidl.configurePrototype(CryptoKey);
+
+  /**
+   * @param {string} type
+   * @param {boolean} extractable
+   * @param {string[]} usages
+   * @param {object} algorithm
+   * @param {object} handle
+   * @returns
+   */
+  function constructKey(type, extractable, usages, algorithm, handle) {
+    const key = webidl.createBranded(CryptoKey);
+    key[_type] = type;
+    key[_extractable] = extractable;
+    key[_usages] = usages;
+    key[_algorithm] = algorithm;
+    key[_handle] = handle;
+    return key;
+  }
+
+  // https://w3c.github.io/webcrypto/#concept-usage-intersection
+  // TODO(littledivy): When the need arises, make `b` a list.
+  /**
+   * @param {string[]} a
+   * @param {string} b
+   * @returns
+   */
+  function usageIntersection(a, b) {
+    return a.includes(b) ? [b] : [];
+  }
+
+  // TODO(lucacasonato): this should be moved to rust
+  /** @type {WeakMap<object, object>} */
+  const KEY_STORE = new WeakMap();
+
+  class SubtleCrypto {
+    constructor() {
+      webidl.illegalConstructor();
+    }
+
+    /**
+     * @param {string} algorithm
+     * @param {BufferSource} data
+     * @returns {Promise<Uint8Array>}
+     */
+    async digest(algorithm, data) {
+      webidl.assertBranded(this, SubtleCrypto);
+      const prefix = "Failed to execute 'digest' on 'SubtleCrypto'";
+      webidl.requiredArguments(arguments.length, 2, { prefix });
+      algorithm = webidl.converters.AlgorithmIdentifier(algorithm, {
+        prefix,
+        context: "Argument 1",
+      });
+      data = webidl.converters.BufferSource(data, {
+        prefix,
+        context: "Argument 2",
+      });
+
+      if (ArrayBuffer.isView(data)) {
+        data = new Uint8Array(data.buffer, data.byteOffset, data.byteLength);
+      } else {
+        data = new Uint8Array(data);
+      }
+      data = data.slice();
+
+      algorithm = normalizeAlgorithm(algorithm, "digest");
+
+      const result = await core.opAsync(
+        "op_crypto_subtle_digest",
+        digestToId(algorithm.name),
+        data,
+      );
+
+      return result.buffer;
+    }
+
+    /**
+     * @param {string} algorithm
+     * @param {CryptoKey} key
+     * @param {BufferSource} data
+     * @returns {Promise<any>}
+     */
+    async sign(algorithm, key, data) {
+      webidl.assertBranded(this, SubtleCrypto);
+      const prefix = "Failed to execute 'sign' on 'SubtleCrypto'";
+      webidl.requiredArguments(arguments.length, 3, { prefix });
+      algorithm = webidl.converters.AlgorithmIdentifier(algorithm, {
+        prefix,
+        context: "Argument 1",
+      });
+      key = webidl.converters.CryptoKey(key, {
+        prefix,
+        context: "Argument 2",
+      });
+      data = webidl.converters.BufferSource(data, {
+        prefix,
+        context: "Argument 3",
+      });
+
+      // 1.
+      if (ArrayBuffer.isView(data)) {
+        data = new Uint8Array(data.buffer, data.byteOffset, data.byteLength);
+      } else {
+        data = new Uint8Array(data);
+      }
+      data = data.slice();
+
+      // 2.
+      const normalizedAlgorithm = normalizeAlgorithm(algorithm, "sign");
+
+      const handle = key[_handle];
+      const keyData = KEY_STORE.get(handle);
+
+      // 8.
+      if (normalizedAlgorithm.name !== key[_algorithm].name) {
+        throw new DOMException(
+          "Signing algorithm doesn't match key algorithm.",
+          "InvalidAccessError",
+        );
+      }
+
+      // 9.
+      if (!key[_usages].includes("sign")) {
+        throw new DOMException(
+          "Key does not support the 'sign' operation.",
+          "InvalidAccessError",
+        );
+      }
+
+      switch (normalizedAlgorithm.name) {
+        case "RSASSA-PKCS1-v1_5": {
+          // 1.
+          if (key[_type] !== "private") {
+            throw new DOMException(
+              "Key type not supported",
+              "InvalidAccessError",
+            );
+          }
+
+          // 2.
+          const hashAlgorithm = key[_algorithm].hash.name;
+          const signature = await core.opAsync("op_crypto_sign_key", {
+            key: keyData,
+            algorithm: "RSASSA-PKCS1-v1_5",
+            hash: hashAlgorithm,
+          }, data);
+
+          return signature.buffer;
+        }
+        case "RSA-PSS": {
+          // 1.
+          if (key[_type] !== "private") {
+            throw new DOMException(
+              "Key type not supported",
+              "InvalidAccessError",
+            );
+          }
+
+          // 2.
+          const hashAlgorithm = key[_algorithm].hash.name;
+          const signature = await core.opAsync("op_crypto_sign_key", {
+            key: keyData,
+            algorithm: "RSA-PSS",
+            hash: hashAlgorithm,
+            saltLength: normalizedAlgorithm.saltLength,
+          }, data);
+
+          return signature.buffer;
+        }
+        case "ECDSA": {
+          // 1.
+          if (key[_type] !== "private") {
+            throw new DOMException(
+              "Key type not supported",
+              "InvalidAccessError",
+            );
+          }
+
+          // 2.
+          const hashAlgorithm = normalizedAlgorithm.hash.name;
+          const namedCurve = key[_algorithm].namedCurve;
+          if (!supportedNamedCurves.includes(namedCurve)) {
+            throw new DOMException("Curve not supported", "NotSupportedError");
+          }
+
+          const signature = await core.opAsync("op_crypto_sign_key", {
+            key: keyData,
+            algorithm: "ECDSA",
+            hash: hashAlgorithm,
+            namedCurve,
+          }, data);
+
+          return signature.buffer;
+        }
+        case "HMAC": {
+          const hashAlgorithm = key[_algorithm].hash.name;
+
+          const signature = await core.opAsync("op_crypto_sign_key", {
+            key: keyData,
+            algorithm: "HMAC",
+            hash: hashAlgorithm,
+          }, data);
+
+          return signature.buffer;
+        }
+      }
+
+      throw new TypeError("unreachable");
+    }
+
+    /**
+     * @param {string} algorithm
+     * @param {boolean} extractable
+     * @param {KeyUsage[]} keyUsages
+     * @returns {Promise<any>}
+     */
+    async generateKey(algorithm, extractable, keyUsages) {
+      webidl.assertBranded(this, SubtleCrypto);
+      const prefix = "Failed to execute 'generateKey' on 'SubtleCrypto'";
+      webidl.requiredArguments(arguments.length, 3, { prefix });
+      algorithm = webidl.converters.AlgorithmIdentifier(algorithm, {
+        prefix,
+        context: "Argument 1",
+      });
+      extractable = webidl.converters["boolean"](extractable, {
+        prefix,
+        context: "Argument 2",
+      });
+      keyUsages = webidl.converters["sequence<KeyUsage>"](keyUsages, {
+        prefix,
+        context: "Argument 3",
+      });
+
+      const usages = keyUsages;
+
+      const normalizedAlgorithm = normalizeAlgorithm(algorithm, "generateKey");
+
+      // https://github.com/denoland/deno/pull/9614#issuecomment-866049433
+      if (!extractable) {
+        throw new DOMException(
+          "Non-extractable keys are not supported",
+          "SecurityError",
+        );
+      }
+
+      const result = await generateKey(
+        normalizedAlgorithm,
+        extractable,
+        usages,
+      );
+
+      if (result instanceof CryptoKey) {
+        const type = result[_type];
+        if ((type === "secret" || type === "private") && usages.length === 0) {
+          throw new DOMException("Invalid key usages", "SyntaxError");
+        }
+      } else if (result.privateKey instanceof CryptoKey) {
+        if (result.privateKey[_usages].length === 0) {
+          throw new DOMException("Invalid key usages", "SyntaxError");
+        }
+      }
+
+      return result;
+    }
+  }
+
+  async function generateKey(normalizedAlgorithm, extractable, usages) {
+    switch (normalizedAlgorithm.name) {
+      case "RSASSA-PKCS1-v1_5":
+      case "RSA-PSS": {
+        // 1.
+        if (usages.find((u) => !["sign", "verify"].includes(u)) !== undefined) {
+          throw new DOMException("Invalid key usages", "SyntaxError");
+        }
+
+        // 2.
+        const keyData = await core.opAsync(
+          "op_crypto_generate_key",
+          {
+            name: normalizedAlgorithm.name,
+            modulusLength: normalizedAlgorithm.modulusLength,
+            publicExponent: normalizedAlgorithm.publicExponent,
+          },
+        );
+        const handle = {};
+        KEY_STORE.set(handle, { type: "pkcs8", data: keyData });
+
+        // 4-8.
+        const algorithm = {
+          name: normalizedAlgorithm.name,
+          modulusLength: normalizedAlgorithm.modulusLength,
+          publicExponent: normalizedAlgorithm.publicExponent,
+          hash: normalizedAlgorithm.hash,
+        };
+
+        // 9-13.
+        const publicKey = constructKey(
+          "public",
+          true,
+          usageIntersection(usages, "verify"),
+          algorithm,
+          handle,
+        );
+
+        // 14-18.
+        const privateKey = constructKey(
+          "private",
+          extractable,
+          usageIntersection(usages, "sign"),
+          algorithm,
+          handle,
+        );
+
+        // 19-22.
+        return { publicKey, privateKey };
+      }
+      // TODO(lucacasonato): RSA-OAEP
+      case "ECDSA": {
+        // 1.
+        if (usages.find((u) => !["sign", "verify"].includes(u)) !== undefined) {
+          throw new DOMException("Invalid key usages", "SyntaxError");
+        }
+
+        // 2-3.
+        const handle = {};
+        if (supportedNamedCurves.includes(normalizedAlgorithm.namedCurve)) {
+          const keyData = await core.opAsync("op_crypto_generate_key", {
+            name: "ECDSA",
+            namedCurve: normalizedAlgorithm.namedCurve,
+          });
+          KEY_STORE.set(handle, { type: "pkcs8", data: keyData });
+        } else {
+          throw new DOMException("Curve not supported", "NotSupportedError");
+        }
+
+        // 4-6.
+        const algorithm = {
+          name: "ECDSA",
+          namedCurve: normalizedAlgorithm.namedCurve,
+        };
+
+        // 7-11.
+        const publicKey = constructKey(
+          "public",
+          true,
+          usageIntersection(usages, "verify"),
+          algorithm,
+          handle,
+        );
+
+        // 12-16.
+        const privateKey = constructKey(
+          "private",
+          extractable,
+          usageIntersection(usages, "sign"),
+          algorithm,
+          handle,
+        );
+
+        // 17-20.
+        return { publicKey, privateKey };
+      }
+      // TODO(lucacasonato): ECDH
+      // TODO(lucacasonato): AES-CTR
+      // TODO(lucacasonato): AES-CBC
+      // TODO(lucacasonato): AES-GCM
+      // TODO(lucacasonato): AES-KW
+      case "HMAC": {
+        // 1.
+        if (
+          usages.find((u) => !["sign", "verify"].includes(u)) !== undefined
+        ) {
+          throw new DOMException("Invalid key usages", "SyntaxError");
+        }
+
+        // 2.
+        let length;
+        if (normalizedAlgorithm.length === undefined) {
+          length = null;
+        } else if (normalizedAlgorithm.length !== 0) {
+          length = normalizedAlgorithm.length;
+        } else {
+          throw new DOMException("Invalid length", "OperationError");
+        }
+
+        // 3-4.
+        const keyData = await core.opAsync("op_crypto_generate_key", {
+          name: "HMAC",
+          hash: normalizedAlgorithm.hash.name,
+          length,
+        });
+        const handle = {};
+        KEY_STORE.set(handle, { type: "raw", data: keyData });
+
+        // 6-10.
+        const algorithm = {
+          name: "HMAC",
+          hash: {
+            name: normalizedAlgorithm.hash.name,
+          },
+          length: keyData.byteLength * 8,
+        };
+
+        // 5, 11-13.
+        const key = constructKey(
+          "secret",
+          extractable,
+          usages,
+          algorithm,
+          handle,
+        );
+
+        // 14.
+        return key;
+      }
+    }
+  }
+
+  const subtle = webidl.createBranded(SubtleCrypto);
+
+  class Crypto {
+    constructor() {
+      webidl.illegalConstructor();
+    }
+
+    getRandomValues(arrayBufferView) {
+      webidl.assertBranded(this, Crypto);
+      const prefix = "Failed to execute 'getRandomValues' on 'Crypto'";
+      webidl.requiredArguments(arguments.length, 1, { prefix });
+      arrayBufferView = webidl.converters.ArrayBufferView(arrayBufferView, {
+        prefix,
+        context: "Argument 1",
+      });
+      if (
+        !(
+          arrayBufferView instanceof Int8Array ||
+          arrayBufferView instanceof Uint8Array ||
+          arrayBufferView instanceof Int16Array ||
+          arrayBufferView instanceof Uint16Array ||
+          arrayBufferView instanceof Int32Array ||
+          arrayBufferView instanceof Uint32Array ||
+          arrayBufferView instanceof Uint8ClampedArray
+        )
+      ) {
+        throw new DOMException(
+          "The provided ArrayBufferView is not an integer array type",
+          "TypeMismatchError",
+        );
+      }
+      const ui8 = new Uint8Array(
+        arrayBufferView.buffer,
+        arrayBufferView.byteOffset,
+        arrayBufferView.byteLength,
+      );
+      core.opSync("op_crypto_get_random_values", ui8);
+      return arrayBufferView;
+    }
+
+    randomUUID() {
+      webidl.assertBranded(this, Crypto);
+      return core.opSync("op_crypto_random_uuid");
+    }
+
+    get subtle() {
+      webidl.assertBranded(this, Crypto);
+      return subtle;
+    }
+
+    get [Symbol.toStringTag]() {
+      return "Crypto";
+    }
+
+    [Symbol.for("Deno.customInspect")](inspect) {
+      return `${this.constructor.name} ${inspect({})}`;
+    }
+  }
+
+  webidl.configurePrototype(Crypto);
+
+  window.__bootstrap.crypto = {
+    SubtleCrypto,
+    crypto: webidl.createBranded(Crypto),
+    Crypto,
+    CryptoKey,
+  };
+})(this);
diff --git a/extensions/crypto/00_webidl.js b/extensions/crypto/00_webidl.js
deleted file mode 100644
index 4545526bf945c1..00000000000000
--- a/extensions/crypto/00_webidl.js
+++ /dev/null
@@ -1,26 +0,0 @@
-// Copyright 2018-2021 the Deno authors. All rights reserved. MIT license.
-"use strict";
-
-((window) => {
-  const webidl = window.__bootstrap.webidl;
-  webidl.converters["AlgorithmIdentifier"] = (V, opts) => {
-    // Union for (object or DOMString)
-    if (typeof V == "object") {
-      return webidl.converters["object"](V, opts);
-    }
-
-    return webidl.converters["DOMString"](V, opts);
-  };
-
-  const algorithmDictionary = [
-    {
-      key: "name",
-      converter: webidl.converters["DOMString"],
-    },
-  ];
-
-  webidl.converters["Algorithm"] = webidl.createDictionaryConverter(
-    "Algorithm",
-    algorithmDictionary,
-  );
-})(this);
diff --git a/extensions/crypto/01_crypto.js b/extensions/crypto/01_crypto.js
deleted file mode 100644
index 754e292f7db655..00000000000000
--- a/extensions/crypto/01_crypto.js
+++ /dev/null
@@ -1,169 +0,0 @@
-// Copyright 2018-2021 the Deno authors. All rights reserved. MIT license.
-"use strict";
-
-((window) => {
-  const core = window.Deno.core;
-  const webidl = window.__bootstrap.webidl;
-  const { DOMException } = window.__bootstrap.domException;
-
-  const supportedAlgorithms = {
-    "digest": {
-      "SHA-1": {},
-      "SHA-256": {},
-      "SHA-384": {},
-      "SHA-512": {},
-    },
-  };
-
-  function normalizeAlgorithm(algorithm, op) {
-    if (typeof algorithm == "string") {
-      return normalizeAlgorithm({ name: algorithm }, op);
-    }
-
-    const initialAlgorithm = webidl.converters["Algorithm"](algorithm, {
-      context: "Argument 1",
-    });
-
-    const registeredAlgorithms = supportedAlgorithms[op];
-    const algorithmName = Object.keys(registeredAlgorithms)
-      .find((key) => key.toLowerCase() == initialAlgorithm.name.toLowerCase());
-
-    if (algorithmName === undefined) {
-      throw new DOMException(
-        "Unrecognized algorithm name",
-        "NotSupportedError",
-      );
-    }
-
-    // TODO(caspervonb) Step 6 (create from webidl definition), when the need arises.
-    // See https://www.w3.org/TR/WebCryptoAPI/#dfn-normalize-an-algorithm
-    const normalizedAlgorithm = {};
-    normalizedAlgorithm.name = algorithmName;
-
-    // TODO(caspervonb) Step 9 and 10, when the need arises.
-    // See https://www.w3.org/TR/WebCryptoAPI/#dfn-normalize-an-algorithm
-    return normalizedAlgorithm;
-  }
-
-  // Should match op_crypto_subtle_digest() in extensions/crypto/lib.rs
-  function digestToId(name) {
-    switch (name) {
-      case "SHA-1":
-        return 0;
-      case "SHA-256":
-        return 1;
-      case "SHA-384":
-        return 2;
-      case "SHA-512":
-        return 3;
-    }
-  }
-
-  class SubtleCrypto {
-    constructor() {
-      webidl.illegalConstructor();
-    }
-
-    async digest(algorithm, data) {
-      const prefix = "Failed to execute 'digest' on 'SubtleCrypto'";
-
-      webidl.assertBranded(this, SubtleCrypto);
-      webidl.requiredArguments(arguments.length, 2);
-
-      algorithm = webidl.converters.AlgorithmIdentifier(algorithm, {
-        prefix,
-        context: "Argument 1",
-      });
-
-      data = webidl.converters.BufferSource(data, {
-        prefix,
-        context: "Argument 2",
-      });
-
-      if (ArrayBuffer.isView(data)) {
-        data = new Uint8Array(data.buffer, data.byteOffset, data.byteLength);
-      } else {
-        data = new Uint8Array(data);
-      }
-
-      data = data.slice();
-
-      algorithm = normalizeAlgorithm(algorithm, "digest");
-
-      const result = await core.opAsync(
-        "op_crypto_subtle_digest",
-        digestToId(algorithm.name),
-        data,
-      );
-
-      return result.buffer;
-    }
-  }
-
-  const subtle = webidl.createBranded(SubtleCrypto);
-
-  class Crypto {
-    constructor() {
-      webidl.illegalConstructor();
-    }
-
-    getRandomValues(arrayBufferView) {
-      webidl.assertBranded(this, Crypto);
-      const prefix = "Failed to execute 'getRandomValues' on 'Crypto'";
-      webidl.requiredArguments(arguments.length, 1, { prefix });
-      arrayBufferView = webidl.converters.ArrayBufferView(arrayBufferView, {
-        prefix,
-        context: "Argument 1",
-      });
-      if (
-        !(
-          arrayBufferView instanceof Int8Array ||
-          arrayBufferView instanceof Uint8Array ||
-          arrayBufferView instanceof Int16Array ||
-          arrayBufferView instanceof Uint16Array ||
-          arrayBufferView instanceof Int32Array ||
-          arrayBufferView instanceof Uint32Array ||
-          arrayBufferView instanceof Uint8ClampedArray
-        )
-      ) {
-        throw new DOMException(
-          "The provided ArrayBufferView is not an integer array type",
-          "TypeMismatchError",
-        );
-      }
-      const ui8 = new Uint8Array(
-        arrayBufferView.buffer,
-        arrayBufferView.byteOffset,
-        arrayBufferView.byteLength,
-      );
-      core.opSync("op_crypto_get_random_values", ui8);
-      return arrayBufferView;
-    }
-
-    randomUUID() {
-      webidl.assertBranded(this, Crypto);
-      return core.opSync("op_crypto_random_uuid");
-    }
-
-    get subtle() {
-      webidl.assertBranded(this, Crypto);
-      return subtle;
-    }
-
-    get [Symbol.toStringTag]() {
-      return "Crypto";
-    }
-
-    [Symbol.for("Deno.customInspect")](inspect) {
-      return `${this.constructor.name} ${inspect({})}`;
-    }
-  }
-
-  webidl.configurePrototype(Crypto);
-
-  window.__bootstrap.crypto = {
-    SubtleCrypto,
-    crypto: webidl.createBranded(Crypto),
-    Crypto,
-  };
-})(this);
diff --git a/extensions/crypto/01_webidl.js b/extensions/crypto/01_webidl.js
new file mode 100644
index 00000000000000..d8a9f19cc11e2c
--- /dev/null
+++ b/extensions/crypto/01_webidl.js
@@ -0,0 +1,164 @@
+// Copyright 2018-2021 the Deno authors. All rights reserved. MIT license.
+
+// @ts-check
+/// <reference path="../../core/lib.deno_core.d.ts" />
+/// <reference path="../webidl/internal.d.ts" />
+
+"use strict";
+
+((window) => {
+  const webidl = window.__bootstrap.webidl;
+  const { CryptoKey } = window.__bootstrap.crypto;
+
+  webidl.converters.AlgorithmIdentifier = (V, opts) => {
+    // Union for (object or DOMString)
+    if (webidl.type(V) == "Object") {
+      return webidl.converters.object(V, opts);
+    }
+    return webidl.converters.DOMString(V, opts);
+  };
+
+  webidl.converters.KeyType = webidl.createEnumConverter("KeyType", [
+    "public",
+    "private",
+    "secret",
+  ]);
+
+  webidl.converters.KeyUsage = webidl.createEnumConverter("KeyUsage", [
+    "encrypt",
+    "decrypt",
+    "sign",
+    "verify",
+    "deriveKey",
+    "deriveBits",
+    "wrapKey",
+    "unwrapKey",
+  ]);
+
+  webidl.converters["sequence<KeyUsage>"] = webidl.createSequenceConverter(
+    webidl.converters.KeyUsage,
+  );
+
+  webidl.converters.HashAlgorithmIdentifier =
+    webidl.converters.AlgorithmIdentifier;
+
+  /** @type {__bootstrap.webidl.Dictionary} */
+  const dictAlgorithm = [{
+    key: "name",
+    converter: webidl.converters.DOMString,
+    required: true,
+  }];
+
+  webidl.converters.Algorithm = webidl
+    .createDictionaryConverter("Algorithm", dictAlgorithm);
+
+  webidl.converters.BigInteger = webidl.converters.Uint8Array;
+
+  /** @type {__bootstrap.webidl.Dictionary} */
+  const dictRsaKeyGenParams = [
+    ...dictAlgorithm,
+    {
+      key: "modulusLength",
+      converter: (V, opts) =>
+        webidl.converters["unsigned long"](V, { ...opts, enforceRange: true }),
+      required: true,
+    },
+    {
+      key: "publicExponent",
+      converter: webidl.converters.BigInteger,
+      required: true,
+    },
+  ];
+
+  webidl.converters.RsaKeyGenParams = webidl
+    .createDictionaryConverter("RsaKeyGenParams", dictRsaKeyGenParams);
+
+  const dictRsaHashedKeyGenParams = [
+    ...dictRsaKeyGenParams,
+    {
+      key: "hash",
+      converter: webidl.converters.HashAlgorithmIdentifier,
+      required: true,
+    },
+  ];
+
+  webidl.converters.RsaHashedKeyGenParams = webidl.createDictionaryConverter(
+    "RsaHashedKeyGenParams",
+    dictRsaHashedKeyGenParams,
+  );
+
+  webidl.converters.NamedCurve = webidl.converters.DOMString;
+
+  const dictEcKeyGenParams = [
+    ...dictAlgorithm,
+    {
+      key: "namedCurve",
+      converter: webidl.converters.NamedCurve,
+      required: true,
+    },
+  ];
+
+  webidl.converters.EcKeyGenParams = webidl
+    .createDictionaryConverter("EcKeyGenParams", dictEcKeyGenParams);
+
+  const dictHmacKeyGenParams = [
+    ...dictAlgorithm,
+    {
+      key: "hash",
+      converter: webidl.converters.HashAlgorithmIdentifier,
+      required: true,
+    },
+    {
+      key: "length",
+      converter: (V, opts) =>
+        webidl.converters["unsigned long"](V, { ...opts, enforceRange: true }),
+    },
+  ];
+
+  webidl.converters.HmacKeyGenParams = webidl
+    .createDictionaryConverter("HmacKeyGenParams", dictHmacKeyGenParams);
+
+  const dictRsaPssParams = [
+    ...dictAlgorithm,
+    {
+      key: "saltLength",
+      converter: (V, opts) =>
+        webidl.converters["unsigned long"](V, { ...opts, enforceRange: true }),
+      required: true,
+    },
+  ];
+
+  webidl.converters.RsaPssParams = webidl
+    .createDictionaryConverter("RsaPssParams", dictRsaPssParams);
+
+  const dictEcdsaParams = [
+    ...dictAlgorithm,
+    {
+      key: "hash",
+      converter: webidl.converters.HashAlgorithmIdentifier,
+      required: true,
+    },
+  ];
+
+  webidl.converters["EcdsaParams"] = webidl
+    .createDictionaryConverter("EcdsaParams", dictEcdsaParams);
+
+  webidl.converters.CryptoKey = webidl.createInterfaceConverter(
+    "CryptoKey",
+    CryptoKey,
+  );
+
+  const dictCryptoKeyPair = [
+    {
+      key: "publicKey",
+      converter: webidl.converters.CryptoKey,
+    },
+    {
+      key: "privateKey",
+      converter: webidl.converters.CryptoKey,
+    },
+  ];
+
+  webidl.converters.CryptoKeyPair = webidl
+    .createDictionaryConverter("CryptoKeyPair", dictCryptoKeyPair);
+})(this);
diff --git a/extensions/crypto/Cargo.toml b/extensions/crypto/Cargo.toml
index 6a2cbc542d2b50..a2d4df125e08d9 100644
--- a/extensions/crypto/Cargo.toml
+++ b/extensions/crypto/Cargo.toml
@@ -18,5 +18,11 @@ deno_core = { version = "0.92.0", path = "../../core" }
 deno_web = { version = "0.41.1", path = "../web" }
 tokio = { version = "1.8.0", features = ["full"] }
 rand = "0.8.3"
-ring = "0.16.20"
+ring = { version = "0.16.20", features = ["std"] }
+rsa = "0.4.0" # TODO: remove "pem" feature when next release is on crates.io
+sha-1 = "0.9.6"
+sha2 = "0.9.5"
+serde = { version = "1.0.123", features = ["derive"] }
 uuid = { version = "0.8.2", features = ["v4"] }
+lazy_static = "1.4.0"
+num-traits = "0.2.14"
\ No newline at end of file
diff --git a/extensions/crypto/key.rs b/extensions/crypto/key.rs
new file mode 100644
index 00000000000000..d5801635e034dd
--- /dev/null
+++ b/extensions/crypto/key.rs
@@ -0,0 +1,105 @@
+// Copyright 2018-2021 the Deno authors. All rights reserved. MIT license.
+
+use ring::agreement::Algorithm as RingAlgorithm;
+use ring::hmac::Algorithm as HmacAlgorithm;
+use ring::signature::EcdsaSigningAlgorithm;
+use serde::Deserialize;
+use serde::Serialize;
+
+#[derive(Serialize, Deserialize, Copy, Clone)]
+#[serde(rename_all = "camelCase")]
+pub enum KeyType {
+  Public,
+  Private,
+  Secret,
+}
+
+#[derive(Serialize, Deserialize, Copy, Clone)]
+pub enum CryptoHash {
+  #[serde(rename = "SHA-1")]
+  Sha1,
+  #[serde(rename = "SHA-256")]
+  Sha256,
+  #[serde(rename = "SHA-384")]
+  Sha384,
+  #[serde(rename = "SHA-512")]
+  Sha512,
+}
+
+#[derive(Serialize, Deserialize, Copy, Clone)]
+pub enum CryptoNamedCurve {
+  #[serde(rename = "P-256")]
+  P256,
+  #[serde(rename = "P-384")]
+  P384,
+}
+
+impl From<CryptoNamedCurve> for &RingAlgorithm {
+  fn from(curve: CryptoNamedCurve) -> &'static RingAlgorithm {
+    match curve {
+      CryptoNamedCurve::P256 => &ring::agreement::ECDH_P256,
+      CryptoNamedCurve::P384 => &ring::agreement::ECDH_P384,
+    }
+  }
+}
+
+impl From<CryptoNamedCurve> for &EcdsaSigningAlgorithm {
+  fn from(curve: CryptoNamedCurve) -> &'static EcdsaSigningAlgorithm {
+    match curve {
+      CryptoNamedCurve::P256 => {
+        &ring::signature::ECDSA_P256_SHA256_FIXED_SIGNING
+      }
+      CryptoNamedCurve::P384 => {
+        &ring::signature::ECDSA_P384_SHA384_FIXED_SIGNING
+      }
+    }
+  }
+}
+
+impl From<CryptoHash> for HmacAlgorithm {
+  fn from(hash: CryptoHash) -> HmacAlgorithm {
+    match hash {
+      CryptoHash::Sha1 => ring::hmac::HMAC_SHA1_FOR_LEGACY_USE_ONLY,
+      CryptoHash::Sha256 => ring::hmac::HMAC_SHA256,
+      CryptoHash::Sha384 => ring::hmac::HMAC_SHA384,
+      CryptoHash::Sha512 => ring::hmac::HMAC_SHA512,
+    }
+  }
+}
+
+#[derive(Serialize, Deserialize, Copy, Clone, Debug, PartialEq)]
+#[serde(rename_all = "camelCase")]
+pub enum KeyUsage {
+  Encrypt,
+  Decrypt,
+  Sign,
+  Verify,
+  DeriveKey,
+  DeriveBits,
+  WrapKey,
+  UnwrapKey,
+}
+
+#[derive(Serialize, Deserialize, Clone, Copy)]
+pub enum Algorithm {
+  #[serde(rename = "RSASSA-PKCS1-v1_5")]
+  RsassaPkcs1v15,
+  #[serde(rename = "RSA-PSS")]
+  RsaPss,
+  #[serde(rename = "RSA-OAEP")]
+  RsaOaep,
+  #[serde(rename = "ECDSA")]
+  Ecdsa,
+  #[serde(rename = "ECDH")]
+  Ecdh,
+  #[serde(rename = "AES-CTR")]
+  AesCtr,
+  #[serde(rename = "AES-CBC")]
+  AesCbc,
+  #[serde(rename = "AES-GCM")]
+  AesGcm,
+  #[serde(rename = "AES-KW")]
+  AesKw,
+  #[serde(rename = "HMAC")]
+  Hmac,
+}
diff --git a/extensions/crypto/lib.deno_crypto.d.ts b/extensions/crypto/lib.deno_crypto.d.ts
index c787f5e3ce6507..0798af59f506ad 100644
--- a/extensions/crypto/lib.deno_crypto.d.ts
+++ b/extensions/crypto/lib.deno_crypto.d.ts
@@ -5,10 +5,100 @@
 
 declare var crypto: Crypto;
 
-declare interface Crypto {
-  readonly subtle: SubtleCrypto;
-  getRandomValues<
-    T extends
+interface Algorithm {
+  name: string;
+}
+
+interface KeyAlgorithm {
+  name: string;
+}
+
+type AlgorithmIdentifier = string | Algorithm;
+type HashAlgorithmIdentifier = AlgorithmIdentifier;
+type KeyType = "private" | "public" | "secret";
+type KeyUsage =
+  | "decrypt"
+  | "deriveBits"
+  | "deriveKey"
+  | "encrypt"
+  | "sign"
+  | "unwrapKey"
+  | "verify"
+  | "wrapKey";
+
+type NamedCurve = string;
+
+interface HmacKeyGenParams extends Algorithm {
+  hash: HashAlgorithmIdentifier;
+  length?: number;
+}
+
+interface EcKeyGenParams extends Algorithm {
+  namedCurve: NamedCurve;
+}
+
+interface EcdsaParams extends Algorithm {
+  hash: HashAlgorithmIdentifier;
+}
+
+interface RsaHashedKeyGenParams extends RsaKeyGenParams {
+  hash: HashAlgorithmIdentifier;
+}
+
+interface RsaKeyGenParams extends Algorithm {
+  modulusLength: number;
+  publicExponent: Uint8Array;
+}
+
+interface RsaPssParams extends Algorithm {
+  saltLength: number;
+}
+
+/** The CryptoKey dictionary of the Web Crypto API represents a cryptographic key. */
+interface CryptoKey {
+  readonly algorithm: KeyAlgorithm;
+  readonly extractable: boolean;
+  readonly type: KeyType;
+  readonly usages: KeyUsage[];
+}
+
+declare var CryptoKey: {
+  prototype: CryptoKey;
+  new (): CryptoKey;
+};
+
+/** The CryptoKeyPair dictionary of the Web Crypto API represents a key pair for an asymmetric cryptography algorithm, also known as a public-key algorithm. */
+interface CryptoKeyPair {
+  privateKey: CryptoKey;
+  publicKey: CryptoKey;
+}
+
+declare var CryptoKeyPair: {
+  prototype: CryptoKeyPair;
+  new (): CryptoKeyPair;
+};
+
+/** This Web Crypto API interface provides a number of low-level cryptographic functions. It is accessed via the Crypto.subtle properties available in a window context (via Window.crypto). */
+interface SubtleCrypto {
+  generateKey(
+    algorithm: RsaHashedKeyGenParams | EcKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[],
+  ): Promise<CryptoKeyPair>;
+  generateKey(
+    algorithm: HmacKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[],
+  ): Promise<CryptoKey>;
+  generateKey(
+    algorithm: AlgorithmIdentifier,
+    extractable: boolean,
+    keyUsages: KeyUsage[],
+  ): Promise<CryptoKeyPair | CryptoKey>;
+  sign(
+    algorithm: AlgorithmIdentifier | RsaPssParams | EcdsaParams,
+    key: CryptoKey,
+    data:
       | Int8Array
       | Int16Array
       | Int32Array
@@ -19,19 +109,8 @@ declare interface Crypto {
       | Float32Array
       | Float64Array
       | DataView
-      | null,
-  >(
-    array: T,
-  ): T;
-  randomUUID(): string;
-}
-
-interface Algorithm {
-  name: string;
-}
-
-/** This Web Crypto API interface provides a number of low-level cryptographic functions. It is accessed via the Crypto.subtle properties available in a window context (via Window.crypto). */
-interface SubtleCrypto {
+      | ArrayBuffer,
+  ): Promise<ArrayBuffer>;
   digest(
     algorithm: AlgorithmIdentifier,
     data:
@@ -49,9 +128,32 @@ interface SubtleCrypto {
   ): Promise<ArrayBuffer>;
 }
 
+declare interface Crypto {
+  readonly subtle: SubtleCrypto;
+  getRandomValues<
+    T extends
+      | Int8Array
+      | Int16Array
+      | Int32Array
+      | Uint8Array
+      | Uint16Array
+      | Uint32Array
+      | Uint8ClampedArray
+      | Float32Array
+      | Float64Array
+      | DataView
+      | null,
+  >(
+    array: T,
+  ): T;
+  randomUUID(): string;
+}
+
+interface Algorithm {
+  name: string;
+}
+
 declare var SubtleCrypto: {
   prototype: SubtleCrypto;
   new (): SubtleCrypto;
 };
-
-type AlgorithmIdentifier = string | Algorithm;
diff --git a/extensions/crypto/lib.rs b/extensions/crypto/lib.rs
index 9d71cc761f4cbf..ab1a7134f17447 100644
--- a/extensions/crypto/lib.rs
+++ b/extensions/crypto/lib.rs
@@ -1,6 +1,9 @@
 // Copyright 2018-2021 the Deno authors. All rights reserved. MIT license.
 
+use deno_core::error::custom_error;
+use deno_core::error::not_supported;
 use deno_core::error::null_opbuf;
+use deno_core::error::type_error;
 use deno_core::error::AnyError;
 use deno_core::include_js_files;
 use deno_core::op_async;
@@ -8,29 +11,65 @@ use deno_core::op_sync;
 use deno_core::Extension;
 use deno_core::OpState;
 use deno_core::ZeroCopyBuf;
+use serde::Deserialize;
+
+use std::cell::RefCell;
+use std::convert::TryInto;
+use std::rc::Rc;
+
+use lazy_static::lazy_static;
+use num_traits::cast::FromPrimitive;
+use rand::rngs::OsRng;
 use rand::rngs::StdRng;
 use rand::thread_rng;
 use rand::Rng;
 use rand::SeedableRng;
 use ring::digest;
-use std::cell::RefCell;
+use ring::hmac::Algorithm as HmacAlgorithm;
+use ring::hmac::Key as HmacKey;
+use ring::rand as RingRand;
+use ring::rand::SecureRandom;
+use ring::signature::EcdsaKeyPair;
+use ring::signature::EcdsaSigningAlgorithm;
+use rsa::padding::PaddingScheme;
+use rsa::BigUint;
+use rsa::PrivateKeyEncoding;
+use rsa::RSAPrivateKey;
+use sha1::Sha1;
+use sha2::Digest;
+use sha2::Sha256;
+use sha2::Sha384;
+use sha2::Sha512;
 use std::path::PathBuf;
-use std::rc::Rc;
 
 pub use rand; // Re-export rand
 
+mod key;
+
+use crate::key::Algorithm;
+use crate::key::CryptoHash;
+use crate::key::CryptoNamedCurve;
+
+// Allowlist for RSA public exponents.
+lazy_static! {
+  static ref PUB_EXPONENT_1: BigUint = BigUint::from_u64(3).unwrap();
+  static ref PUB_EXPONENT_2: BigUint = BigUint::from_u64(65537).unwrap();
+}
+
 pub fn init(maybe_seed: Option<u64>) -> Extension {
   Extension::builder()
     .js(include_js_files!(
       prefix "deno:extensions/crypto",
-      "00_webidl.js",
-      "01_crypto.js",
+      "00_crypto.js",
+      "01_webidl.js",
     ))
     .ops(vec![
       (
         "op_crypto_get_random_values",
         op_sync(op_crypto_get_random_values),
       ),
+      ("op_crypto_generate_key", op_async(op_crypto_generate_key)),
+      ("op_crypto_sign_key", op_async(op_crypto_sign_key)),
       ("op_crypto_subtle_digest", op_async(op_crypto_subtle_digest)),
       ("op_crypto_random_uuid", op_sync(op_crypto_random_uuid)),
     ])
@@ -66,6 +105,251 @@ pub fn op_crypto_get_random_values(
   Ok(())
 }
 
+#[derive(Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct AlgorithmArg {
+  name: Algorithm,
+  modulus_length: Option<u32>,
+  public_exponent: Option<ZeroCopyBuf>,
+  named_curve: Option<CryptoNamedCurve>,
+  hash: Option<CryptoHash>,
+  length: Option<usize>,
+}
+
+pub async fn op_crypto_generate_key(
+  _state: Rc<RefCell<OpState>>,
+  args: AlgorithmArg,
+  _: (),
+) -> Result<ZeroCopyBuf, AnyError> {
+  let algorithm = args.name;
+
+  let key = match algorithm {
+    Algorithm::RsassaPkcs1v15 | Algorithm::RsaPss => {
+      let public_exponent = args.public_exponent.ok_or_else(not_supported)?;
+      let modulus_length = args.modulus_length.ok_or_else(not_supported)?;
+
+      let exponent = BigUint::from_bytes_be(&public_exponent);
+      if exponent != *PUB_EXPONENT_1 && exponent != *PUB_EXPONENT_2 {
+        return Err(custom_error(
+          "DOMExceptionOperationError",
+          "Bad public exponent",
+        ));
+      }
+
+      let mut rng = OsRng;
+
+      let private_key: RSAPrivateKey = tokio::task::spawn_blocking(
+        move || -> Result<RSAPrivateKey, rsa::errors::Error> {
+          RSAPrivateKey::new_with_exp(
+            &mut rng,
+            modulus_length as usize,
+            &exponent,
+          )
+        },
+      )
+      .await
+      .unwrap()
+      .map_err(|e| custom_error("DOMExceptionOperationError", e.to_string()))?;
+
+      private_key.to_pkcs8()?
+    }
+    Algorithm::Ecdsa => {
+      let curve: &EcdsaSigningAlgorithm =
+        args.named_curve.ok_or_else(not_supported)?.into();
+      let rng = RingRand::SystemRandom::new();
+      let private_key: Vec<u8> = tokio::task::spawn_blocking(
+        move || -> Result<Vec<u8>, ring::error::Unspecified> {
+          let pkcs8 = EcdsaKeyPair::generate_pkcs8(curve, &rng)?;
+          Ok(pkcs8.as_ref().to_vec())
+        },
+      )
+      .await
+      .unwrap()
+      .map_err(|_| {
+        custom_error("DOMExceptionOperationError", "Key generation failed")
+      })?;
+
+      private_key
+    }
+    Algorithm::Hmac => {
+      let hash: HmacAlgorithm = args.hash.ok_or_else(not_supported)?.into();
+
+      let length = if let Some(length) = args.length {
+        if (length % 8) != 0 {
+          return Err(custom_error(
+            "DOMExceptionOperationError",
+            "hmac block length must be byte aligned",
+          ));
+        }
+        let length = length / 8;
+        if length > ring::digest::MAX_BLOCK_LEN {
+          return Err(custom_error(
+            "DOMExceptionOperationError",
+            "hmac block length is too large",
+          ));
+        }
+        length
+      } else {
+        hash.digest_algorithm().block_len
+      };
+
+      let rng = RingRand::SystemRandom::new();
+      let mut key_bytes = [0; ring::digest::MAX_BLOCK_LEN];
+      let key_bytes = &mut key_bytes[..length];
+      rng.fill(key_bytes).map_err(|_| {
+        custom_error("DOMExceptionOperationError", "Key generation failed")
+      })?;
+
+      key_bytes.to_vec()
+    }
+    _ => return Err(not_supported()),
+  };
+
+  Ok(key.into())
+}
+
+#[derive(Deserialize)]
+#[serde(rename_all = "lowercase")]
+pub enum KeyFormat {
+  Raw,
+  Pkcs8,
+}
+
+#[derive(Deserialize)]
+#[serde(rename_all = "lowercase")]
+pub struct KeyData {
+  // TODO(littledivy): Kept here to be used to importKey() in future.
+  #[allow(dead_code)]
+  r#type: KeyFormat,
+  data: ZeroCopyBuf,
+}
+
+#[derive(Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct SignArg {
+  key: KeyData,
+  algorithm: Algorithm,
+  salt_length: Option<u32>,
+  hash: Option<CryptoHash>,
+  named_curve: Option<CryptoNamedCurve>,
+}
+
+pub async fn op_crypto_sign_key(
+  _state: Rc<RefCell<OpState>>,
+  args: SignArg,
+  zero_copy: Option<ZeroCopyBuf>,
+) -> Result<ZeroCopyBuf, AnyError> {
+  let zero_copy = zero_copy.ok_or_else(null_opbuf)?;
+  let data = &*zero_copy;
+  let algorithm = args.algorithm;
+
+  let signature = match algorithm {
+    Algorithm::RsassaPkcs1v15 => {
+      let private_key = RSAPrivateKey::from_pkcs8(&*args.key.data)?;
+      let padding = match args
+        .hash
+        .ok_or_else(|| type_error("Missing argument hash".to_string()))?
+      {
+        CryptoHash::Sha1 => PaddingScheme::PKCS1v15Sign {
+          hash: Some(rsa::hash::Hash::SHA1),
+        },
+        CryptoHash::Sha256 => PaddingScheme::PKCS1v15Sign {
+          hash: Some(rsa::hash::Hash::SHA2_256),
+        },
+        CryptoHash::Sha384 => PaddingScheme::PKCS1v15Sign {
+          hash: Some(rsa::hash::Hash::SHA2_384),
+        },
+        CryptoHash::Sha512 => PaddingScheme::PKCS1v15Sign {
+          hash: Some(rsa::hash::Hash::SHA2_512),
+        },
+      };
+
+      private_key.sign(padding, &data)?
+    }
+    Algorithm::RsaPss => {
+      let private_key = RSAPrivateKey::from_pkcs8(&*args.key.data)?;
+
+      let salt_len = args
+        .salt_length
+        .ok_or_else(|| type_error("Missing argument saltLength".to_string()))?
+        as usize;
+
+      let rng = OsRng;
+      let (padding, digest_in) = match args
+        .hash
+        .ok_or_else(|| type_error("Missing argument hash".to_string()))?
+      {
+        CryptoHash::Sha1 => {
+          let mut hasher = Sha1::new();
+          hasher.update(&data);
+          (
+            PaddingScheme::new_pss_with_salt::<Sha1, _>(rng, salt_len),
+            hasher.finalize()[..].to_vec(),
+          )
+        }
+        CryptoHash::Sha256 => {
+          let mut hasher = Sha256::new();
+          hasher.update(&data);
+          (
+            PaddingScheme::new_pss_with_salt::<Sha256, _>(rng, salt_len),
+            hasher.finalize()[..].to_vec(),
+          )
+        }
+        CryptoHash::Sha384 => {
+          let mut hasher = Sha384::new();
+          hasher.update(&data);
+          (
+            PaddingScheme::new_pss_with_salt::<Sha384, _>(rng, salt_len),
+            hasher.finalize()[..].to_vec(),
+          )
+        }
+        CryptoHash::Sha512 => {
+          let mut hasher = Sha512::new();
+          hasher.update(&data);
+          (
+            PaddingScheme::new_pss_with_salt::<Sha512, _>(rng, salt_len),
+            hasher.finalize()[..].to_vec(),
+          )
+        }
+      };
+
+      // Sign data based on computed padding and return buffer
+      private_key.sign(padding, &digest_in)?
+    }
+    Algorithm::Ecdsa => {
+      let curve: &EcdsaSigningAlgorithm =
+        args.named_curve.ok_or_else(not_supported)?.try_into()?;
+
+      let key_pair = EcdsaKeyPair::from_pkcs8(curve, &*args.key.data)?;
+      // We only support P256-SHA256 & P384-SHA384. These are recommended signature pairs.
+      // https://briansmith.org/rustdoc/ring/signature/index.html#statics
+      if let Some(hash) = args.hash {
+        match hash {
+          CryptoHash::Sha256 | CryptoHash::Sha384 => (),
+          _ => return Err(type_error("Unsupported algorithm")),
+        }
+      };
+
+      let rng = RingRand::SystemRandom::new();
+      let signature = key_pair.sign(&rng, &data)?;
+
+      // Signature data as buffer.
+      signature.as_ref().to_vec()
+    }
+    Algorithm::Hmac => {
+      let hash: HmacAlgorithm = args.hash.ok_or_else(not_supported)?.into();
+
+      let key = HmacKey::new(hash, &*args.key.data);
+
+      let signature = ring::hmac::sign(&key, &data);
+      signature.as_ref().to_vec()
+    }
+    _ => return Err(type_error("Unsupported algorithm".to_string())),
+  };
+
+  Ok(signature.into())
+}
+
 pub fn op_crypto_random_uuid(
   state: &mut OpState,
   _: (),
diff --git a/runtime/js/99_main.js b/runtime/js/99_main.js
index 41cd0d05bc6184..5d2767969cb2c2 100644
--- a/runtime/js/99_main.js
+++ b/runtime/js/99_main.js
@@ -316,6 +316,7 @@ delete Object.prototype.__proto__;
     CountQueuingStrategy: util.nonEnumerable(
       streams.CountQueuingStrategy,
     ),
+    CryptoKey: util.nonEnumerable(crypto.CryptoKey),
     CustomEvent: util.nonEnumerable(CustomEvent),
     DOMException: util.nonEnumerable(domException.DOMException),
     ErrorEvent: util.nonEnumerable(ErrorEvent),
diff --git a/tools/wpt/expectation.json b/tools/wpt/expectation.json
index 0df43eb9ba8cb0..979d02d63220ae 100644
--- a/tools/wpt/expectation.json
+++ b/tools/wpt/expectation.json
@@ -25,26 +25,1826 @@
       "aes_cbc.https.any.html": false,
       "aes_ctr.https.any.html": false,
       "aes_gcm.https.any.html": false,
-      "rsa.https.any.html": false
+      "rsa.https.any.html": false,
+      "rsa_oaep.https.any.html": false
     },
     "generateKey": {
-      "failures_AES-CBC.https.any.html": false,
-      "failures_AES-CTR.https.any.html": false,
-      "failures_AES-GCM.https.any.html": false,
-      "failures_AES-KW.https.any.html": false,
-      "failures_ECDH.https.any.html": false,
-      "failures_ECDSA.https.any.html": false,
-      "failures_HMAC.https.any.html": false,
-      "failures_RSA-OAEP.https.any.html": false,
-      "failures_RSA-PSS.https.any.html": false,
-      "failures_RSASSA-PKCS1-v1_5.https.any.html": false,
+      "failures_AES-CBC.https.any.html": [
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [wrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, wrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [decrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [wrapKey, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, wrapKey, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [wrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, wrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [decrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [wrapKey, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, wrapKey, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [wrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, wrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [wrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, wrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [unwrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CBC}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [wrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, wrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [decrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [wrapKey, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, wrapKey, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [wrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, wrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [decrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [wrapKey, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, wrapKey, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [wrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, wrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [wrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, wrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [unwrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CBC}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [wrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, wrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [decrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [wrapKey, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, wrapKey, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [wrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, wrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [decrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [wrapKey, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, wrapKey, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [wrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, wrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [wrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, wrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [unwrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CBC}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveBits])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, false, [encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, true, [encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, false, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, true, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, false, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, true, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, false, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, false, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, true, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, false, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, true, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, false, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, false, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, true, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, false, [decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, true, [decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, false, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, true, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, false, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, false, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, true, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, false, [])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, true, [])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, false, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CBC}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, false, [encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, true, [encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, false, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, true, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, false, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, true, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, false, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, false, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, true, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, false, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, true, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, false, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, false, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, true, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, false, [decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, true, [decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, false, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, true, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, false, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, false, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, true, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, false, [])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, true, [])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, false, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CBC}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, false, [encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, true, [encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, false, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, true, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, false, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, true, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, false, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, false, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, true, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, false, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, true, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, false, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, false, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, true, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, false, [decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, true, [decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, false, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, true, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, false, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, false, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, true, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, false, [])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, true, [])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, false, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CBC}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, false, [encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, true, [encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, false, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, true, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, false, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, true, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, false, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, false, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, true, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, false, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, true, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, false, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, false, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, true, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, false, [decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, true, [decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, false, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, true, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, false, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, false, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, true, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, false, [])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, true, [])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, false, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CBC}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, false, [encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, true, [encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, false, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, true, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, false, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, true, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, false, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, false, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, true, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, false, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, true, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, false, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, false, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, true, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, false, [decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, true, [decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, false, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, true, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, false, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, false, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, true, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, false, [])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, true, [])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, false, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CBC}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, false, [encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, true, [encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, false, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, true, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, false, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, true, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, false, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, false, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, true, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, false, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, true, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, false, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, false, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, true, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, false, [decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, true, [decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, false, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, true, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, false, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, false, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, true, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, false, [])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, true, [])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, false, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CBC}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Empty usages: generateKey({length: 128, name: AES-CBC}, false, [])",
+        "Empty usages: generateKey({length: 128, name: AES-CBC}, true, [])",
+        "Empty usages: generateKey({length: 192, name: AES-CBC}, false, [])",
+        "Empty usages: generateKey({length: 192, name: AES-CBC}, true, [])",
+        "Empty usages: generateKey({length: 256, name: AES-CBC}, false, [])",
+        "Empty usages: generateKey({length: 256, name: AES-CBC}, true, [])"
+      ],
+      "failures_AES-CTR.https.any.html": [
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [wrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, wrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [decrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [wrapKey, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, wrapKey, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [wrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, wrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [decrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [wrapKey, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, wrapKey, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [wrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, wrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [wrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, wrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [unwrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-CTR}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [wrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, wrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [decrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [wrapKey, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, wrapKey, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [wrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, wrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [decrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [wrapKey, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, wrapKey, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [wrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, wrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [wrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, wrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [unwrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-CTR}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [wrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, wrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [decrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [wrapKey, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, wrapKey, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [wrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, wrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [decrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [wrapKey, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, wrapKey, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [wrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, wrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [wrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, wrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [unwrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-CTR}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveBits])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, false, [encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, true, [encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, false, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, true, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, false, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, true, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, false, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, false, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, true, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, false, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, true, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, false, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, false, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, true, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, false, [decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, true, [decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, false, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, true, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, false, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, false, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, true, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, false, [])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, true, [])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, false, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-CTR}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, false, [encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, true, [encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, false, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, true, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, false, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, true, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, false, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, false, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, true, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, false, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, true, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, false, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, false, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, true, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, false, [decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, true, [decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, false, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, true, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, false, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, false, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, true, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, false, [])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, true, [])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, false, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-CTR}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, false, [encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, true, [encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, false, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, true, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, false, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, true, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, false, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, false, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, true, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, false, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, true, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, false, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, false, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, true, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, false, [decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, true, [decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, false, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, true, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, false, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, false, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, true, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, false, [])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, true, [])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, false, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-CTR}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, false, [encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, true, [encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, false, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, true, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, false, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, true, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, false, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, false, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, true, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, false, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, true, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, false, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, false, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, true, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, false, [decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, true, [decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, false, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, true, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, false, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, false, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, true, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, false, [])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, true, [])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, false, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-CTR}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, false, [encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, true, [encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, false, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, true, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, false, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, true, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, false, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, false, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, true, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, false, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, true, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, false, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, false, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, true, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, false, [decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, true, [decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, false, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, true, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, false, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, false, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, true, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, false, [])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, true, [])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, false, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-CTR}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, false, [encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, true, [encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, false, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, true, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, false, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, true, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, false, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, false, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, true, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, false, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, true, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, false, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, false, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, true, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, false, [decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, true, [decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, false, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, true, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, false, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, false, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, true, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, false, [])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, true, [])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, false, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-CTR}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Empty usages: generateKey({length: 128, name: AES-CTR}, false, [])",
+        "Empty usages: generateKey({length: 128, name: AES-CTR}, true, [])",
+        "Empty usages: generateKey({length: 192, name: AES-CTR}, false, [])",
+        "Empty usages: generateKey({length: 192, name: AES-CTR}, true, [])",
+        "Empty usages: generateKey({length: 256, name: AES-CTR}, false, [])",
+        "Empty usages: generateKey({length: 256, name: AES-CTR}, true, [])"
+      ],
+      "failures_AES-GCM.https.any.html": [
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [sign])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [wrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, wrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [decrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [wrapKey, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, wrapKey, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [verify])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [wrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, wrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [decrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [wrapKey, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, wrapKey, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [wrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, wrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [wrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, wrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [unwrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-GCM}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [sign])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [wrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, wrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [decrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [wrapKey, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, wrapKey, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [verify])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [wrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, wrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [decrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [wrapKey, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, wrapKey, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [wrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, wrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [wrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, wrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [unwrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-GCM}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [sign])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [wrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, wrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, encrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [decrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, decrypt, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [wrapKey, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, wrapKey, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [verify])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [wrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, wrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, encrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [decrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, decrypt, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [wrapKey, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, wrapKey, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [wrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, wrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [wrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, wrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [unwrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-GCM}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveBits])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, false, [encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, true, [encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, false, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, true, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, false, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, true, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, false, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, false, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, true, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, false, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, true, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, false, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, false, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, true, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, false, [decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, true, [decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, false, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, true, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, false, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, false, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, true, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, false, [])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, true, [])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, false, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-GCM}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, false, [encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, true, [encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, false, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, true, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, false, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, true, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, false, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, false, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, true, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, false, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, true, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, false, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, false, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, true, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, false, [decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, true, [decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, false, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, true, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, false, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, false, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, true, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, false, [])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, true, [])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, false, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-GCM}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, false, [encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, true, [encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, false, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, true, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, false, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, true, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, false, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, false, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, true, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, false, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, true, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, false, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, false, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, true, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, false, [decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, true, [decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, false, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, true, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, false, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, false, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, true, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, false, [])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, true, [])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, false, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-GCM}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, false, [encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, true, [encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, false, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, true, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, false, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, true, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, false, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, false, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, true, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, false, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, true, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, false, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, false, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, true, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, false, [decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, true, [decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, false, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, true, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, false, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, false, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, true, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, false, [])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, true, [])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, false, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-GCM}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, false, [encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, true, [encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, false, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, true, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, false, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, true, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, false, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, false, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, true, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, false, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, true, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, false, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, false, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, true, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, false, [decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, true, [decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, false, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, true, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, false, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, false, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, true, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, false, [])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, true, [])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, false, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-GCM}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, false, [encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, true, [encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, false, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, true, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, false, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, true, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, false, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, false, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, true, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, false, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, true, [wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, false, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, false, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, true, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, false, [decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, true, [decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, false, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, true, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, false, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, false, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, true, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, false, [])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, true, [])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, false, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-GCM}, true, [encrypt, decrypt, wrapKey, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Empty usages: generateKey({length: 128, name: AES-GCM}, false, [])",
+        "Empty usages: generateKey({length: 128, name: AES-GCM}, true, [])",
+        "Empty usages: generateKey({length: 192, name: AES-GCM}, false, [])",
+        "Empty usages: generateKey({length: 192, name: AES-GCM}, true, [])",
+        "Empty usages: generateKey({length: 256, name: AES-GCM}, false, [])",
+        "Empty usages: generateKey({length: 256, name: AES-GCM}, true, [])"
+      ],
+      "failures_AES-KW.https.any.html": [
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [encrypt])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, encrypt])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, encrypt])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, encrypt])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [decrypt])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, decrypt])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, decrypt])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, decrypt])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [sign])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, wrapKey, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, sign])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [verify])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, wrapKey, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, verify])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [unwrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 128, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [encrypt])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, encrypt])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, encrypt])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, encrypt])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [decrypt])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, decrypt])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, decrypt])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, decrypt])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [sign])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, wrapKey, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, sign])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [verify])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, wrapKey, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, verify])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [unwrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 192, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [encrypt])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, encrypt])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, encrypt])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, encrypt])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [decrypt])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, decrypt])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, decrypt])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, decrypt])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [sign])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, wrapKey, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, sign])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [verify])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, wrapKey, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, verify])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, wrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, deriveKey])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, wrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [unwrapKey, deriveBits])",
+        "Bad usages: generateKey({length: 256, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey, deriveBits])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-KW}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-KW}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-KW}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-KW}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-KW}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-KW}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-KW}, false, [])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-KW}, true, [])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-KW}, false, [wrapKey, unwrapKey, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 64, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-KW}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-KW}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-KW}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-KW}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-KW}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-KW}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-KW}, false, [])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-KW}, true, [])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-KW}, false, [wrapKey, unwrapKey, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 127, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-KW}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-KW}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-KW}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-KW}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-KW}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-KW}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-KW}, false, [])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-KW}, true, [])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-KW}, false, [wrapKey, unwrapKey, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 129, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-KW}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-KW}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-KW}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-KW}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-KW}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-KW}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-KW}, false, [])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-KW}, true, [])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-KW}, false, [wrapKey, unwrapKey, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 255, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-KW}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-KW}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-KW}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-KW}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-KW}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-KW}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-KW}, false, [])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-KW}, true, [])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-KW}, false, [wrapKey, unwrapKey, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 257, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-KW}, false, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-KW}, true, [wrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-KW}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-KW}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-KW}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-KW}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-KW}, false, [])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-KW}, true, [])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-KW}, false, [wrapKey, unwrapKey, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({length: 512, name: AES-KW}, true, [wrapKey, unwrapKey, wrapKey, unwrapKey])",
+        "Empty usages: generateKey({length: 128, name: AES-KW}, false, [])",
+        "Empty usages: generateKey({length: 128, name: AES-KW}, true, [])",
+        "Empty usages: generateKey({length: 192, name: AES-KW}, false, [])",
+        "Empty usages: generateKey({length: 192, name: AES-KW}, true, [])",
+        "Empty usages: generateKey({length: 256, name: AES-KW}, false, [])",
+        "Empty usages: generateKey({length: 256, name: AES-KW}, true, [])"
+      ],
+      "failures_ECDH.https.any.html": [
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [encrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, encrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey, encrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, encrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, encrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [decrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, decrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey, decrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, decrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, decrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [sign])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, sign])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey, sign])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, sign])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, sign])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [verify])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, verify])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey, verify])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, verify])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, verify])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [wrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, wrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey, wrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, wrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, wrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [unwrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, unwrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey, unwrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveBits, unwrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-256}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, unwrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [encrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, encrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey, encrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, encrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, encrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [decrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, decrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey, decrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, decrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, decrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [sign])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, sign])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey, sign])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, sign])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, sign])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [verify])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, verify])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey, verify])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, verify])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, verify])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [wrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, wrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey, wrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, wrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, wrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [unwrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, unwrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey, unwrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveBits, unwrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-384}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, unwrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [encrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, encrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey, encrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, encrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, encrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [decrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, decrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey, decrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, decrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, decrypt])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [sign])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, sign])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey, sign])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, sign])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, sign])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [verify])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, verify])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey, verify])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, verify])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, verify])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [wrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, wrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey, wrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, wrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, wrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [unwrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, unwrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey, unwrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, unwrapKey])",
+        "Bad usages: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits, unwrapKey])",
+        "Empty usages: generateKey({name: ECDH, namedCurve: P-256}, false, [])",
+        "Empty usages: generateKey({name: ECDH, namedCurve: P-256}, true, [])",
+        "Empty usages: generateKey({name: ECDH, namedCurve: P-384}, false, [])",
+        "Empty usages: generateKey({name: ECDH, namedCurve: P-384}, true, [])",
+        "Empty usages: generateKey({name: ECDH, namedCurve: P-521}, false, [])",
+        "Empty usages: generateKey({name: ECDH, namedCurve: P-521}, true, [])"
+      ],
+      "failures_ECDSA.https.any.html": [
+        "Bad algorithm property: generateKey({name: ECDSA, namedCurve: P-512}, false, [sign])",
+        "Bad algorithm property: generateKey({name: ECDSA, namedCurve: P-512}, false, [verify, sign])",
+        "Bad algorithm property: generateKey({name: ECDSA, namedCurve: P-512}, false, [])",
+        "Bad algorithm property: generateKey({name: ECDSA, namedCurve: P-512}, false, [sign, verify, sign, sign, verify])",
+        "Bad algorithm property: generateKey({name: ECDSA, namedCurve: Curve25519}, false, [sign])",
+        "Bad algorithm property: generateKey({name: ECDSA, namedCurve: Curve25519}, false, [verify, sign])",
+        "Bad algorithm property: generateKey({name: ECDSA, namedCurve: Curve25519}, false, [])",
+        "Bad algorithm property: generateKey({name: ECDSA, namedCurve: Curve25519}, false, [sign, verify, sign, sign, verify])",
+        "Empty usages: generateKey({name: ECDSA, namedCurve: P-256}, false, [])",
+        "Empty usages: generateKey({name: ECDSA, namedCurve: P-384}, false, [])",
+        "Empty usages: generateKey({name: ECDSA, namedCurve: P-521}, false, [])",
+        "Empty usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [])"
+      ],
+      "failures_HMAC.https.any.html": [
+        "Empty usages: generateKey({hash: SHA-1, length: 160, name: HMAC}, false, [])",
+        "Empty usages: generateKey({hash: SHA-256, length: 256, name: HMAC}, false, [])",
+        "Empty usages: generateKey({hash: SHA-384, length: 384, name: HMAC}, false, [])",
+        "Empty usages: generateKey({hash: SHA-512, length: 512, name: HMAC}, false, [])"
+      ],
+      "failures_RSA-OAEP.https.any.html": [
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, encrypt, sign])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, encrypt, sign])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, encrypt, sign])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, sign])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, sign])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, sign])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, sign])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, sign])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, encrypt, verify])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, encrypt, verify])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, encrypt, verify])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, verify])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, verify])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, verify])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, verify])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, verify])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [deriveKey])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [deriveBits])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [sign])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, encrypt, sign])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, encrypt, sign])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, encrypt, sign])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, encrypt, sign])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, sign])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, sign])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, sign])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, sign])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, sign])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, sign])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [verify])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, encrypt, verify])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, encrypt, verify])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, encrypt, verify])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, encrypt, verify])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, verify])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, verify])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, verify])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, verify])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, verify])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, verify])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [deriveKey])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, encrypt, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, encrypt, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveKey])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [deriveBits])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, encrypt, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, encrypt, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [decrypt, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, decrypt, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, wrapKey, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [unwrapKey, deriveBits])",
+        "Bad usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey, deriveBits])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [decrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [decrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, false, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1}}, true, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [decrypt, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [unwrapKey, wrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [unwrapKey, decrypt, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [unwrapKey, wrapKey, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [unwrapKey, encrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [decrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [decrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [unwrapKey, wrapKey, decrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [unwrapKey, decrypt])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [unwrapKey, wrapKey])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [unwrapKey])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [unwrapKey])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 0}}, true, [encrypt, decrypt, wrapKey, unwrapKey, decrypt, unwrapKey, encrypt, decrypt, wrapKey, unwrapKey])",
+        "Empty usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [])",
+        "Empty usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [])",
+        "Empty usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [])",
+        "Empty usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-OAEP, publicExponent: {0: 1, 1: 0, 2: 1}}, true, [])"
+      ],
+      "failures_RSA-PSS.https.any.html": [
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-PSS, publicExponent: {0: 1}}, false, [sign])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-PSS, publicExponent: {0: 1}}, false, [verify, sign])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-PSS, publicExponent: {0: 1}}, false, [])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-PSS, publicExponent: {0: 1}}, false, [sign, verify, sign, sign, verify])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [sign])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [verify, sign])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [sign, verify, sign, sign, verify])",
+        "Empty usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [])",
+        "Empty usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [])"
+      ],
+      "failures_RSASSA-PKCS1-v1_5.https.any.html": [
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1}}, false, [sign])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1}}, false, [verify, sign])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1}}, false, [])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1}}, false, [sign, verify, sign, sign, verify])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [sign])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [verify, sign])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [])",
+        "Bad algorithm property: generateKey({hash: SHA-256, modulusLength: 1024, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 0}}, false, [sign, verify, sign, sign, verify])",
+        "Empty usages: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [])",
+        "Empty usages: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [])"
+      ],
       "successes_AES-CBC.https.any.html": false,
       "successes_AES-CTR.https.any.html": false,
       "successes_AES-GCM.https.any.html": false,
       "successes_AES-KW.https.any.html": false,
+      "successes_HMAC.https.any.html": [
+        "Success: generateKey({hash: SHA-1, length: 160, name: HMAC}, false, [sign])",
+        "Success: generateKey({hash: SHA-1, length: 160, name: HMAC}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-1, length: 160, name: HMAC}, false, [verify])",
+        "Success: generateKey({hash: SHA-1, length: 160, name: HMAC}, false, [sign, verify, sign, verify])",
+        "Success: generateKey({hash: SHA-256, length: 256, name: HMAC}, false, [sign])",
+        "Success: generateKey({hash: SHA-256, length: 256, name: HMAC}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-256, length: 256, name: HMAC}, false, [verify])",
+        "Success: generateKey({hash: SHA-256, length: 256, name: HMAC}, false, [sign, verify, sign, verify])",
+        "Success: generateKey({hash: SHA-384, length: 384, name: HMAC}, false, [sign])",
+        "Success: generateKey({hash: SHA-384, length: 384, name: HMAC}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-384, length: 384, name: HMAC}, false, [verify])",
+        "Success: generateKey({hash: SHA-384, length: 384, name: HMAC}, false, [sign, verify, sign, verify])",
+        "Success: generateKey({hash: SHA-512, length: 512, name: HMAC}, false, [sign])",
+        "Success: generateKey({hash: SHA-512, length: 512, name: HMAC}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-512, length: 512, name: HMAC}, false, [verify])",
+        "Success: generateKey({hash: SHA-512, length: 512, name: HMAC}, false, [sign, verify, sign, verify])",
+        "Success: generateKey({hash: SHA-1, length: 160, name: hmac}, false, [sign])",
+        "Success: generateKey({hash: SHA-1, length: 160, name: hmac}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-1, length: 160, name: hmac}, false, [verify])",
+        "Success: generateKey({hash: SHA-1, length: 160, name: hmac}, false, [sign, verify, sign, verify])",
+        "Success: generateKey({hash: SHA-256, length: 256, name: hmac}, false, [sign])",
+        "Success: generateKey({hash: SHA-256, length: 256, name: hmac}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-256, length: 256, name: hmac}, false, [verify])",
+        "Success: generateKey({hash: SHA-256, length: 256, name: hmac}, false, [sign, verify, sign, verify])",
+        "Success: generateKey({hash: SHA-384, length: 384, name: hmac}, false, [sign])",
+        "Success: generateKey({hash: SHA-384, length: 384, name: hmac}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-384, length: 384, name: hmac}, false, [verify])",
+        "Success: generateKey({hash: SHA-384, length: 384, name: hmac}, false, [sign, verify, sign, verify])",
+        "Success: generateKey({hash: SHA-512, length: 512, name: hmac}, false, [sign])",
+        "Success: generateKey({hash: SHA-512, length: 512, name: hmac}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-512, length: 512, name: hmac}, false, [verify])",
+        "Success: generateKey({hash: SHA-512, length: 512, name: hmac}, false, [sign, verify, sign, verify])",
+        "Success: generateKey({hash: SHA-1, length: 160, name: Hmac}, false, [sign])",
+        "Success: generateKey({hash: SHA-1, length: 160, name: Hmac}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-1, length: 160, name: Hmac}, false, [verify])",
+        "Success: generateKey({hash: SHA-1, length: 160, name: Hmac}, false, [sign, verify, sign, verify])",
+        "Success: generateKey({hash: SHA-256, length: 256, name: Hmac}, false, [sign])",
+        "Success: generateKey({hash: SHA-256, length: 256, name: Hmac}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-256, length: 256, name: Hmac}, false, [verify])",
+        "Success: generateKey({hash: SHA-256, length: 256, name: Hmac}, false, [sign, verify, sign, verify])",
+        "Success: generateKey({hash: SHA-384, length: 384, name: Hmac}, false, [sign])",
+        "Success: generateKey({hash: SHA-384, length: 384, name: Hmac}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-384, length: 384, name: Hmac}, false, [verify])",
+        "Success: generateKey({hash: SHA-384, length: 384, name: Hmac}, false, [sign, verify, sign, verify])",
+        "Success: generateKey({hash: SHA-512, length: 512, name: Hmac}, false, [sign])",
+        "Success: generateKey({hash: SHA-512, length: 512, name: Hmac}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-512, length: 512, name: Hmac}, false, [verify])",
+        "Success: generateKey({hash: SHA-512, length: 512, name: Hmac}, false, [sign, verify, sign, verify])"
+      ],
       "successes_ECDH.https.any.html": false,
-      "successes_ECDSA.https.any.html": false,
-      "successes_HMAC.https.any.html": false,
+      "successes_ECDSA.https.any.html": [
+        "Success: generateKey({name: ECDSA, namedCurve: P-256}, false, [sign])",
+        "Success: generateKey({name: ECDSA, namedCurve: P-256}, false, [verify, sign])",
+        "Success: generateKey({name: ECDSA, namedCurve: P-256}, false, [sign, verify, sign, sign, verify])",
+        "Success: generateKey({name: ECDSA, namedCurve: P-384}, false, [sign])",
+        "Success: generateKey({name: ECDSA, namedCurve: P-384}, false, [verify, sign])",
+        "Success: generateKey({name: ECDSA, namedCurve: P-384}, false, [sign, verify, sign, sign, verify])",
+        "Success: generateKey({name: ECDSA, namedCurve: P-521}, false, [sign])",
+        "Success: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign])",
+        "Success: generateKey({name: ECDSA, namedCurve: P-521}, false, [verify, sign])",
+        "Success: generateKey({name: ECDSA, namedCurve: P-521}, true, [verify, sign])",
+        "Success: generateKey({name: ECDSA, namedCurve: P-521}, false, [sign, verify, sign, sign, verify])",
+        "Success: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign, verify, sign, sign, verify])",
+        "Success: generateKey({name: ecdsa, namedCurve: P-256}, false, [sign])",
+        "Success: generateKey({name: ecdsa, namedCurve: P-256}, false, [verify, sign])",
+        "Success: generateKey({name: ecdsa, namedCurve: P-256}, false, [sign, verify, sign, sign, verify])",
+        "Success: generateKey({name: ecdsa, namedCurve: P-384}, false, [sign])",
+        "Success: generateKey({name: ecdsa, namedCurve: P-384}, false, [verify, sign])",
+        "Success: generateKey({name: ecdsa, namedCurve: P-384}, false, [sign, verify, sign, sign, verify])",
+        "Success: generateKey({name: ecdsa, namedCurve: P-521}, false, [sign])",
+        "Success: generateKey({name: ecdsa, namedCurve: P-521}, true, [sign])",
+        "Success: generateKey({name: ecdsa, namedCurve: P-521}, false, [verify, sign])",
+        "Success: generateKey({name: ecdsa, namedCurve: P-521}, true, [verify, sign])",
+        "Success: generateKey({name: ecdsa, namedCurve: P-521}, false, [sign, verify, sign, sign, verify])",
+        "Success: generateKey({name: ecdsa, namedCurve: P-521}, true, [sign, verify, sign, sign, verify])",
+        "Success: generateKey({name: Ecdsa, namedCurve: P-256}, false, [sign])",
+        "Success: generateKey({name: Ecdsa, namedCurve: P-256}, false, [verify, sign])",
+        "Success: generateKey({name: Ecdsa, namedCurve: P-256}, false, [sign, verify, sign, sign, verify])",
+        "Success: generateKey({name: Ecdsa, namedCurve: P-384}, false, [sign])",
+        "Success: generateKey({name: Ecdsa, namedCurve: P-384}, false, [verify, sign])",
+        "Success: generateKey({name: Ecdsa, namedCurve: P-384}, false, [sign, verify, sign, sign, verify])",
+        "Success: generateKey({name: Ecdsa, namedCurve: P-521}, false, [sign])",
+        "Success: generateKey({name: Ecdsa, namedCurve: P-521}, true, [sign])",
+        "Success: generateKey({name: Ecdsa, namedCurve: P-521}, false, [verify, sign])",
+        "Success: generateKey({name: Ecdsa, namedCurve: P-521}, true, [verify, sign])",
+        "Success: generateKey({name: Ecdsa, namedCurve: P-521}, false, [sign, verify, sign, sign, verify])",
+        "Success: generateKey({name: Ecdsa, namedCurve: P-521}, true, [sign, verify, sign, sign, verify])"
+      ],
+      "successes_RSA-OAEP.https.any.html": false,
       "successes_RSA-OAEP.https.any.html?1-10": false,
       "successes_RSA-OAEP.https.any.html?101-110": false,
       "successes_RSA-OAEP.https.any.html?11-20": false,
@@ -61,30 +1861,61 @@
       "successes_RSA-OAEP.https.any.html?71-80": false,
       "successes_RSA-OAEP.https.any.html?81-90": false,
       "successes_RSA-OAEP.https.any.html?91-100": false,
-      "successes_RSA-PSS.https.any.html?1-10": false,
-      "successes_RSA-PSS.https.any.html?11-20": false,
-      "successes_RSA-PSS.https.any.html?21-30": false,
-      "successes_RSA-PSS.https.any.html?31-last": false,
-      "successes_RSASSA-PKCS1-v1_5.https.any.html?1-10": false,
-      "successes_RSASSA-PKCS1-v1_5.https.any.html?11-20": false,
-      "successes_RSASSA-PKCS1-v1_5.https.any.html?21-30": false,
-      "successes_RSASSA-PKCS1-v1_5.https.any.html?31-last": false
+      "successes_RSA-PSS.https.any.html?1-10": [
+        "Success: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign])",
+        "Success: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-1, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign, verify, sign, sign, verify])",
+        "Success: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign])",
+        "Success: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [verify, sign])"
+      ],
+      "successes_RSA-PSS.https.any.html?11-20": [
+        "Success: generateKey({hash: SHA-256, modulusLength: 2048, name: RSA-PSS, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign, verify, sign, sign, verify])",
+        "Success: generateKey({hash: SHA-1, modulusLength: 2048, name: rsa-pss, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign])",
+        "Success: generateKey({hash: SHA-1, modulusLength: 2048, name: rsa-pss, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-1, modulusLength: 2048, name: rsa-pss, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign, verify, sign, sign, verify])",
+        "Success: generateKey({hash: SHA-256, modulusLength: 2048, name: rsa-pss, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign])"
+      ],
+      "successes_RSA-PSS.https.any.html?21-30": [
+        "Success: generateKey({hash: SHA-256, modulusLength: 2048, name: rsa-pss, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-256, modulusLength: 2048, name: rsa-pss, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign, verify, sign, sign, verify])",
+        "Success: generateKey({hash: SHA-1, modulusLength: 2048, name: Rsa-pss, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign])",
+        "Success: generateKey({hash: SHA-1, modulusLength: 2048, name: Rsa-pss, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-1, modulusLength: 2048, name: Rsa-pss, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign, verify, sign, sign, verify])"
+      ],
+      "successes_RSA-PSS.https.any.html?31-last": [
+        "Success: generateKey({hash: SHA-256, modulusLength: 2048, name: Rsa-pss, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign])",
+        "Success: generateKey({hash: SHA-256, modulusLength: 2048, name: Rsa-pss, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-256, modulusLength: 2048, name: Rsa-pss, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign, verify, sign, sign, verify])"
+      ],
+      "successes_RSASSA-PKCS1-v1_5.https.any.html?1-10": [
+        "Success: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-V1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign])",
+        "Success: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-V1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-1, modulusLength: 2048, name: RSASSA-PKCS1-V1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign, verify, sign, sign, verify])",
+        "Success: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-V1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign])",
+        "Success: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-V1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [verify, sign])"
+      ],
+      "successes_RSASSA-PKCS1-v1_5.https.any.html?11-20": [
+        "Success: generateKey({hash: SHA-256, modulusLength: 2048, name: RSASSA-PKCS1-V1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign, verify, sign, sign, verify])",
+        "Success: generateKey({hash: SHA-1, modulusLength: 2048, name: rsassa-pkcs1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign])",
+        "Success: generateKey({hash: SHA-1, modulusLength: 2048, name: rsassa-pkcs1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-1, modulusLength: 2048, name: rsassa-pkcs1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign, verify, sign, sign, verify])",
+        "Success: generateKey({hash: SHA-256, modulusLength: 2048, name: rsassa-pkcs1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign])"
+      ],
+      "successes_RSASSA-PKCS1-v1_5.https.any.html?21-30": [
+        "Success: generateKey({hash: SHA-256, modulusLength: 2048, name: rsassa-pkcs1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-256, modulusLength: 2048, name: rsassa-pkcs1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign, verify, sign, sign, verify])",
+        "Success: generateKey({hash: SHA-1, modulusLength: 2048, name: Rsassa-pkcs1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign])",
+        "Success: generateKey({hash: SHA-1, modulusLength: 2048, name: Rsassa-pkcs1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-1, modulusLength: 2048, name: Rsassa-pkcs1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign, verify, sign, sign, verify])"
+      ],
+      "successes_RSASSA-PKCS1-v1_5.https.any.html?31-last": [
+        "Success: generateKey({hash: SHA-256, modulusLength: 2048, name: Rsassa-pkcs1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign])",
+        "Success: generateKey({hash: SHA-256, modulusLength: 2048, name: Rsassa-pkcs1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [verify, sign])",
+        "Success: generateKey({hash: SHA-256, modulusLength: 2048, name: Rsassa-pkcs1-v1_5, publicExponent: {0: 1, 1: 0, 2: 1}}, false, [sign, verify, sign, sign, verify])"
+      ]
     },
-    "historical.any.html": [
-      "Non-secure context window does not have access to crypto.subtle",
-      "Non-secure context window does not have access to SubtleCrypto"
-    ],
+    "historical.any.html": false,
     "idlharness.https.any.html": [
-      "CryptoKey interface: existence and properties of interface object",
-      "CryptoKey interface object length",
-      "CryptoKey interface object name",
-      "CryptoKey interface: existence and properties of interface prototype object",
-      "CryptoKey interface: existence and properties of interface prototype object's \"constructor\" property",
-      "CryptoKey interface: existence and properties of interface prototype object's @@unscopables property",
-      "CryptoKey interface: attribute type",
-      "CryptoKey interface: attribute extractable",
-      "CryptoKey interface: attribute algorithm",
-      "CryptoKey interface: attribute usages",
       "SubtleCrypto interface: operation encrypt(AlgorithmIdentifier, CryptoKey, BufferSource)",
       "SubtleCrypto interface: operation decrypt(AlgorithmIdentifier, CryptoKey, BufferSource)",
       "SubtleCrypto interface: operation sign(AlgorithmIdentifier, CryptoKey, BufferSource)",
@@ -102,12 +1933,8 @@
       "SubtleCrypto interface: calling encrypt(AlgorithmIdentifier, CryptoKey, BufferSource) on crypto.subtle with too few arguments must throw TypeError",
       "SubtleCrypto interface: crypto.subtle must inherit property \"decrypt(AlgorithmIdentifier, CryptoKey, BufferSource)\" with the proper type",
       "SubtleCrypto interface: calling decrypt(AlgorithmIdentifier, CryptoKey, BufferSource) on crypto.subtle with too few arguments must throw TypeError",
-      "SubtleCrypto interface: crypto.subtle must inherit property \"sign(AlgorithmIdentifier, CryptoKey, BufferSource)\" with the proper type",
-      "SubtleCrypto interface: calling sign(AlgorithmIdentifier, CryptoKey, BufferSource) on crypto.subtle with too few arguments must throw TypeError",
       "SubtleCrypto interface: crypto.subtle must inherit property \"verify(AlgorithmIdentifier, CryptoKey, BufferSource, BufferSource)\" with the proper type",
       "SubtleCrypto interface: calling verify(AlgorithmIdentifier, CryptoKey, BufferSource, BufferSource) on crypto.subtle with too few arguments must throw TypeError",
-      "SubtleCrypto interface: crypto.subtle must inherit property \"generateKey(AlgorithmIdentifier, boolean, sequence<KeyUsage>)\" with the proper type",
-      "SubtleCrypto interface: calling generateKey(AlgorithmIdentifier, boolean, sequence<KeyUsage>) on crypto.subtle with too few arguments must throw TypeError",
       "SubtleCrypto interface: crypto.subtle must inherit property \"deriveKey(AlgorithmIdentifier, CryptoKey, AlgorithmIdentifier, boolean, sequence<KeyUsage>)\" with the proper type",
       "SubtleCrypto interface: calling deriveKey(AlgorithmIdentifier, CryptoKey, AlgorithmIdentifier, boolean, sequence<KeyUsage>) on crypto.subtle with too few arguments must throw TypeError",
       "SubtleCrypto interface: crypto.subtle must inherit property \"deriveBits(AlgorithmIdentifier, CryptoKey, unsigned long)\" with the proper type",