OLD | NEW |
1 <!DOCTYPE html> | 1 <!DOCTYPE html> |
2 <html> | 2 <html> |
3 <head> | 3 <head> |
4 <script src="../fast/js/resources/js-test-pre.js"></script> | 4 <script src="../fast/js/resources/js-test-pre.js"></script> |
5 <script src="resources/common.js"></script> | 5 <script src="resources/common.js"></script> |
6 </head> | 6 </head> |
7 <body> | 7 <body> |
8 <p id="description"></p> | 8 <p id="description"></p> |
9 <div id="console"></div> | 9 <div id="console"></div> |
10 | 10 |
11 <script> | 11 <script> |
12 description("Tests algorithm normalization."); | 12 description("Tests algorithm normalization."); |
13 | 13 |
14 jsTestIsAsync = true; | 14 jsTestIsAsync = true; |
15 | 15 |
16 // FIXME: Rename this to crypto-operation.html, since it tests the basic | 16 // FIXME: Rename this to crypto-operation.html, since it tests the basic |
17 // construction of CryptoOperations. | 17 // construction of CryptoOperations. |
18 | 18 |
19 // ------------------------------- | 19 // ------------------------------- |
20 // Helpers to return a normalized algorithm identifier. | 20 // Helpers to return a normalized algorithm identifier. |
21 // ------------------------------- | 21 // ------------------------------- |
22 | 22 |
23 aesCbcKey = null; | 23 aesCbcKey = null; |
24 hmacSha1Key = null; | 24 hmacSha1Key = null; |
| 25 rsaSsaKey = null; |
25 | 26 |
26 function normalizeDigest(algorithmIdentifier) | 27 function normalizeDigest(algorithmIdentifier) |
27 { | 28 { |
28 return crypto.subtle.digest(algorithmIdentifier).algorithm; | 29 return crypto.subtle.digest(algorithmIdentifier).algorithm; |
29 } | 30 } |
30 | 31 |
31 function normalizeEncrypt(algorithmIdentifier) | 32 function normalizeEncrypt(algorithmIdentifier, key) |
32 { | 33 { |
33 return crypto.subtle.encrypt(algorithmIdentifier, aesCbcKey).algorithm; | 34 return crypto.subtle.encrypt(algorithmIdentifier, key).algorithm; |
34 } | 35 } |
35 | 36 |
36 function normalizeSign(algorithmIdentifier) | 37 function normalizeSign(algorithmIdentifier, key) |
37 { | 38 { |
38 return crypto.subtle.sign(algorithmIdentifier, hmacSha1Key).algorithm; | 39 return crypto.subtle.sign(algorithmIdentifier, key).algorithm; |
39 } | 40 } |
40 | 41 |
41 function runTests() | 42 function runTests() |
42 { | 43 { |
43 // ------------------------------- | 44 // ------------------------------- |
44 // Case insensitivity of "name" | 45 // Case insensitivity of "name" |
45 // ------------------------------- | 46 // ------------------------------- |
46 algorithm = normalizeDigest({name: "SHA-1"}); | 47 algorithm = normalizeDigest({name: "SHA-1"}); |
47 shouldBe("algorithm.name", "'SHA-1'"); | 48 shouldBe("algorithm.name", "'SHA-1'"); |
48 algorithm = normalizeDigest({name: "sHa-256"}); | 49 algorithm = normalizeDigest({name: "sHa-256"}); |
(...skipping 20 matching lines...) Expand all Loading... |
69 // ------------------------------- | 70 // ------------------------------- |
70 // Skip unrecognized parameters. | 71 // Skip unrecognized parameters. |
71 // ------------------------------- | 72 // ------------------------------- |
72 algorithm = normalizeDigest({name: "sHa-1", noSuchParam: 3}); | 73 algorithm = normalizeDigest({name: "sHa-1", noSuchParam: 3}); |
73 shouldBeUndefined("algorithm.noSuchParam"); | 74 shouldBeUndefined("algorithm.noSuchParam"); |
74 | 75 |
75 // ------------------------------- | 76 // ------------------------------- |
76 // Normalized algorithm COPIES all data | 77 // Normalized algorithm COPIES all data |
77 // ------------------------------- | 78 // ------------------------------- |
78 originalIv = new Uint8Array([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 1
4, 15]); | 79 originalIv = new Uint8Array([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 1
4, 15]); |
79 algorithm = normalizeEncrypt({ name: "aes-cbc", iv: originalIv }); | 80 algorithm = normalizeEncrypt({ name: "aes-cbc", iv: originalIv }, aesCbcKey)
; |
80 | 81 |
81 // Make sure it constructed the normalized result. | 82 // Make sure it constructed the normalized result. |
82 shouldBe("algorithm.name", "'AES-CBC'"); | 83 shouldBe("algorithm.name", "'AES-CBC'"); |
83 shouldBe("algorithm.iv.length", "16"); | 84 shouldBe("algorithm.iv.length", "16"); |
84 shouldBe("algorithm.iv[3]", "3"); | 85 shouldBe("algorithm.iv[3]", "3"); |
85 | 86 |
86 // Mutate the original (un-normalized) algorithm. Verify that this doesn't a
ffect the normalized output. | 87 // Mutate the original (un-normalized) algorithm. Verify that this doesn't a
ffect the normalized output. |
87 originalIv[3] = 0; | 88 originalIv[3] = 0; |
88 shouldBe("algorithm.iv[3]", "3"); | 89 shouldBe("algorithm.iv[3]", "3"); |
89 | 90 |
90 // ------------------------------- | 91 // ------------------------------- |
91 // AES-CBC normalization failures | 92 // AES-CBC normalization failures |
92 // ------------------------------- | 93 // ------------------------------- |
93 | 94 |
94 // The "iv" MUST be 16 bytes long. | 95 // The "iv" MUST be 16 bytes long. |
95 rawAlgorithm = { | 96 rawAlgorithm = { |
96 name: "AES-CBC", | 97 name: "AES-CBC", |
97 iv: new Uint8Array([1, 2, 3]) | 98 iv: new Uint8Array([1, 2, 3]) |
98 }; | 99 }; |
99 shouldThrow("normalizeEncrypt(rawAlgorithm)"); | 100 shouldThrow("normalizeEncrypt(rawAlgorithm, aesCbcKey)"); |
100 | 101 |
101 // ------------------------------- | 102 // ------------------------------- |
102 // Normalize a normalized algorithm (SHA-384) | 103 // Normalize a normalized algorithm (SHA-384) |
103 // ------------------------------- | 104 // ------------------------------- |
104 algorithm = normalizeDigest({name: "sHa-384"}); | 105 algorithm = normalizeDigest({name: "sHa-384"}); |
105 shouldBe("algorithm.name", "'SHA-384'"); | 106 shouldBe("algorithm.name", "'SHA-384'"); |
106 algorithm = normalizeDigest(algorithm); | 107 algorithm = normalizeDigest(algorithm); |
107 shouldBe("algorithm.name", "'SHA-384'"); | 108 shouldBe("algorithm.name", "'SHA-384'"); |
108 | 109 |
109 // ------------------------------- | 110 // ------------------------------- |
110 // Normalize a normalized algorithm (AES-CBC, encrypt) | 111 // Normalize a normalized algorithm (AES-CBC, encrypt) |
111 // ------------------------------- | 112 // ------------------------------- |
112 algorithm = normalizeEncrypt({ name: "aEs-cbc", iv: originalIv }); | 113 algorithm = normalizeEncrypt({ name: "aEs-cbc", iv: originalIv }, aesCbcKey)
; |
113 // Make sure it constructed the normalized result. | 114 // Make sure it constructed the normalized result. |
114 shouldBe("algorithm.name", "'AES-CBC'"); | 115 shouldBe("algorithm.name", "'AES-CBC'"); |
115 shouldBe("algorithm.iv.length", "16"); | 116 shouldBe("algorithm.iv.length", "16"); |
116 shouldBe("algorithm.iv[1]", "1"); | 117 shouldBe("algorithm.iv[1]", "1"); |
117 algorithm = normalizeEncrypt(algorithm); | 118 algorithm = normalizeEncrypt(algorithm, aesCbcKey); |
118 shouldBe("algorithm.name", "'AES-CBC'"); | 119 shouldBe("algorithm.name", "'AES-CBC'"); |
119 shouldBe("algorithm.iv.length", "16"); | 120 shouldBe("algorithm.iv.length", "16"); |
120 shouldBe("algorithm.iv[1]", "1"); | 121 shouldBe("algorithm.iv[1]", "1"); |
121 | 122 |
122 // ------------------------------- | 123 // ------------------------------- |
123 // Unsupported operation on algorithm | 124 // Unsupported operation on algorithm |
124 // ------------------------------- | 125 // ------------------------------- |
125 shouldThrow("normalizeEncrypt({ name: 'SHA-1' })"); | 126 shouldThrow("normalizeEncrypt({ name: 'SHA-1' }, aesCbcKey)"); |
126 shouldThrow("normalizeDigest({ name: 'AES-CBC', iv: originalIv })"); | 127 shouldThrow("normalizeDigest({ name: 'AES-CBC', iv: originalIv })"); |
127 | 128 |
128 // ------------------------------- | 129 // ------------------------------- |
129 // Normalize HMAC | 130 // Normalize HMAC |
130 // ------------------------------- | 131 // ------------------------------- |
131 shouldThrow("normalizeSign({name: 'hmac'})"); // Missing "hash" | 132 shouldThrow("normalizeSign({name: 'hmac'}, hmacSha1Key)"); // Missing "hash" |
132 shouldThrow("normalizeSign({name: 'hmac', hash: 'foo'})"); // Not a valid "h
ash" | 133 shouldThrow("normalizeSign({name: 'hmac', hash: 'foo'}, hmacSha1Key)"); // N
ot a valid "hash" |
133 shouldThrow("normalizeSign({name: 'hmac', hash: { name: 'AES-CBC', iv: origi
nalIv }})"); // Not a valid "hash" | 134 shouldThrow("normalizeSign({name: 'hmac', hash: { name: 'AES-CBC', iv: origi
nalIv }}, hmacSha1Key)"); // Not a valid "hash" |
134 | 135 |
135 validHmacSha1 = {name: 'hmac', hash: {name: 'Sha-1'}}; | 136 validHmacSha1 = {name: 'hmac', hash: {name: 'Sha-1'}}; |
136 algorithm = normalizeSign(validHmacSha1); | 137 algorithm = normalizeSign(validHmacSha1, hmacSha1Key); |
137 shouldBe("algorithm.name", "'HMAC'"); | 138 shouldBe("algorithm.name", "'HMAC'"); |
138 shouldBe("algorithm.hash.name", "'SHA-1'"); | 139 shouldBe("algorithm.hash.name", "'SHA-1'"); |
139 | 140 |
140 shouldThrow("normalizeEncrypt(validHmacSha1)"); // Not defined for encrypt() | 141 shouldThrow("normalizeEncrypt(validHmacSha1, hmacSha1Key)"); // Not defined
for encrypt() |
| 142 |
| 143 // ------------------------------- |
| 144 // Normalize RSASSA-PKCS1-v1_5 |
| 145 // ------------------------------- |
| 146 shouldThrow("normalizeSign({name: 'RSASSA-PKCS1-v1_5'}, rsaSsaKey)"); // Mis
sing "hash" |
| 147 shouldThrow("normalizeSign({name: 'RSASSA-PKCS1-v1_5', hash: 'foo'}, rsaSsaK
ey)"); // Not a valid "hash" |
| 148 shouldThrow("normalizeSign({name: 'RSASSA-PKCS1-v1_5', hash: { name: 'AES-CB
C', iv: originalIv }}, rsaSsaKey)"); // Not a valid "hash" |
| 149 |
| 150 validRsaSsa = {name: 'RsaSsa-PKCS1-v1_5', hash: {name: 'Sha-256'}}; |
| 151 algorithm = normalizeSign(validRsaSsa, rsaSsaKey); |
| 152 shouldBe("algorithm.name", "'RSASSA-PKCS1-v1_5'"); |
| 153 shouldBe("algorithm.hash.name", "'SHA-256'"); |
| 154 |
| 155 shouldThrow("normalizeEncrypt(validRsaSsa, rsaSsaKey)"); // Not defined for
encrypt() |
| 156 |
| 157 // FIXME: Test the normalization of RsaSsaKeyGen parameters. |
141 | 158 |
142 // ------------------------------- | 159 // ------------------------------- |
143 // Try using a key for an unsupported operation. | 160 // Try using a key for an unsupported operation. |
144 // ------------------------------- | 161 // ------------------------------- |
145 algorithmIdentifier = { name: "aes-cbc", iv: originalIv }; | 162 algorithmIdentifier = { name: "aes-cbc", iv: originalIv }; |
146 shouldThrow("crypto.subtle.encrypt(algorithmIdentifier, aesCbcKeyNoEncrypt)"
); | 163 shouldThrow("crypto.subtle.encrypt(algorithmIdentifier, aesCbcKeyNoEncrypt)"
); |
147 | 164 |
148 // ------------------------------- | 165 // ------------------------------- |
149 // Try using an HMAC-SHA1 key for encrypting AES-CBC | 166 // Try using an HMAC-SHA1 key for encrypting AES-CBC |
150 // ------------------------------- | 167 // ------------------------------- |
(...skipping 10 matching lines...) Expand all Loading... |
161 function importAesCbcKey(keyUsages) | 178 function importAesCbcKey(keyUsages) |
162 { | 179 { |
163 var keyFormat = "spki"; | 180 var keyFormat = "spki"; |
164 var data = new Uint8Array([]); | 181 var data = new Uint8Array([]); |
165 var algorithm = {name: "aes-cbc"}; | 182 var algorithm = {name: "aes-cbc"}; |
166 var extractable = false; | 183 var extractable = false; |
167 | 184 |
168 return crypto.subtle.importKey(keyFormat, data, algorithm, extractable, keyU
sages); | 185 return crypto.subtle.importKey(keyFormat, data, algorithm, extractable, keyU
sages); |
169 } | 186 } |
170 | 187 |
| 188 function importRsaSsaKey() |
| 189 { |
| 190 var keyFormat = "spki"; |
| 191 var data = new Uint8Array([]); |
| 192 var algorithm = {name: "RSASSA-PKCS1-v1_5"}; |
| 193 var extractable = false; |
| 194 var keyUsages = ["encrypt", "decrypt", "verify", "sign"]; |
| 195 |
| 196 return crypto.subtle.importKey(keyFormat, data, algorithm, extractable, keyU
sages); |
| 197 } |
| 198 |
171 function failedKeyImport(value) | 199 function failedKeyImport(value) |
172 { | 200 { |
173 debug("Failed importing key: " + value); | 201 debug("Failed importing key: " + value); |
174 finishJSTest(); | 202 finishJSTest(); |
175 } | 203 } |
176 | 204 |
177 // Import two keys before starting the tests: one for AES-CBC, and one for | 205 // Import two keys before starting the tests: one for AES-CBC, and one for |
178 // HMAC SHA1. | 206 // HMAC SHA1. |
179 Promise.every(importAesCbcKey(['encrypt', 'decrypt', 'sign', 'verify']), importA
esCbcKey(['decrypt', 'sign', 'verify']), importHmacSha1Key()).then(function(keys
) | 207 Promise.every(importAesCbcKey(['encrypt', 'decrypt', 'sign', 'verify']), importA
esCbcKey(['decrypt', 'sign', 'verify']), importHmacSha1Key(), importRsaSsaKey())
.then(function(keys) |
180 { | 208 { |
181 aesCbcKey = keys[0]; | 209 aesCbcKey = keys[0]; |
182 aesCbcKeyNoEncrypt = keys[1]; | 210 aesCbcKeyNoEncrypt = keys[1]; |
183 hmacSha1Key = keys[2]; | 211 hmacSha1Key = keys[2]; |
| 212 rsaSsaKey = keys[3]; |
184 | 213 |
185 runTests(); | 214 runTests(); |
186 finishJSTest(); | 215 finishJSTest(); |
187 | 216 |
188 }, failedKeyImport); | 217 }, failedKeyImport); |
189 | 218 |
190 </script> | 219 </script> |
191 | 220 |
192 <script src="../fast/js/resources/js-test-post.js"></script> | 221 <script src="../fast/js/resources/js-test-post.js"></script> |
193 </body> | 222 </body> |
194 </html> | 223 </html> |
OLD | NEW |