Check that usage isn't empty when generateKey() is called

content/child/webcrypto/test/ecdsa_unittest.cc

Index: content/child/webcrypto/test/ecdsa_unittest.cc
diff --git a/content/child/webcrypto/test/ecdsa_unittest.cc b/content/child/webcrypto/test/ecdsa_unittest.cc
index 0ffbb8823a65c27d1415af1d2c83f198f71bc118..dc90cfcb98663ab7f4f09cd5e59b8cbc7ef842db 100644
--- a/content/child/webcrypto/test/ecdsa_unittest.cc
+++ b/content/child/webcrypto/test/ecdsa_unittest.cc
@@ -85,8 +85,9 @@ TEST(WebCryptoEcdsaTest, GenerateKeyIsRandom) {
     blink::WebCryptoKey private_key;
 
     ASSERT_EQ(Status::Success(),
-              GenerateKeyPair(CreateEcdsaKeyGenAlgorithm(named_curve), true, 0,
-                              &public_key, &private_key));
+              GenerateKeyPair(CreateEcdsaKeyGenAlgorithm(named_curve), true,
+                              blink::WebCryptoKeyUsageSign, &public_key,
+                              &private_key));
 
     // Basic sanity checks on the generated key pair.
     EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type());
@@ -110,6 +111,18 @@ TEST(WebCryptoEcdsaTest, GenerateKeyIsRandom) {
   EXPECT_FALSE(CopiesExist(serialized_keys));
 }
 
+TEST(WebCryptoEcdsaTest, GenerateKeyEmptyUsage) {
+  if (!SupportsEcdsa())
+    return;
+
+  blink::WebCryptoNamedCurve named_curve = blink::WebCryptoNamedCurveP256;
+  blink::WebCryptoKey public_key;
+  blink::WebCryptoKey private_key;
+  ASSERT_EQ(Status::ErrorCreateKeyEmptyUsages(),
+            GenerateKeyPair(CreateEcdsaKeyGenAlgorithm(named_curve), true, 0,
+                            &public_key, &private_key));
+}
+
 // Verify that ECDSA signatures are probabilistic. Signing the same message two
 // times should yield different signatures. However both signatures should
 // verify correctly.