diff options
Diffstat (limited to 'dom/crypto/test/test_WebCrypto_ECDH.html')
| -rw-r--r-- | dom/crypto/test/test_WebCrypto_ECDH.html | 612 |
1 files changed, 612 insertions, 0 deletions
diff --git a/dom/crypto/test/test_WebCrypto_ECDH.html b/dom/crypto/test/test_WebCrypto_ECDH.html new file mode 100644 index 0000000000..2d8f9bba28 --- /dev/null +++ b/dom/crypto/test/test_WebCrypto_ECDH.html @@ -0,0 +1,612 @@ +<!DOCTYPE html> +<html> + +<head> +<title>WebCrypto Test Suite</title> +<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> +<link rel="stylesheet" href="./test_WebCrypto.css"/> +<script src="/tests/SimpleTest/SimpleTest.js"></script> + +<!-- Utilities for manipulating ABVs --> +<script src="util.js"></script> + +<!-- A simple wrapper around IndexedDB --> +<script src="simpledb.js"></script> + +<!-- Test vectors drawn from the literature --> +<script src="./test-vectors.js"></script> + +<!-- General testing framework --> +<script src="./test-array.js"></script> + +<script>/* <![CDATA[*/ +"use strict"; + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "Generate an ECDH key for named curve P-256", + function() { + var that = this; + var alg = { name: "ECDH", namedCurve: "P-256" }; + crypto.subtle.generateKey(alg, false, ["deriveKey", "deriveBits"]).then( + complete(that, function(x) { + return exists(x.publicKey) && + (x.publicKey.algorithm.name == alg.name) && + (x.publicKey.algorithm.namedCurve == alg.namedCurve) && + (x.publicKey.type == "public") && + x.publicKey.extractable && + (!x.publicKey.usages.length) && + exists(x.privateKey) && + (x.privateKey.algorithm.name == alg.name) && + (x.privateKey.algorithm.namedCurve == alg.namedCurve) && + (x.privateKey.type == "private") && + !x.privateKey.extractable && + (x.privateKey.usages.length == 2) && + (x.privateKey.usages[0] == "deriveKey") && + (x.privateKey.usages[1] == "deriveBits"); + }), + error(that) + ); + } +); + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "Generate an ECDH key and derive some bits", + function() { + var that = this; + var alg = { name: "ECDH", namedCurve: "P-256" }; + + var pair; + function setKeyPair(x) { pair = x; } + + function doDerive(n) { + return function(x) { + return crypto.subtle.deriveBits({ name: "ECDH", public: pair.publicKey }, pair.privateKey, n * 8); + }; + } + + crypto.subtle.generateKey(alg, false, ["deriveBits"]) + .then(setKeyPair, error(that)) + .then(doDerive(2), error(that)) + .then(function(x) { + // Deriving less bytes works. + if (x.byteLength != 2) { + throw new Error("should have derived two bytes"); + } + }) + // Deriving more than the curve yields doesn't. + .then(doDerive(33), error(that)) + .then(error(that), complete(that)); + } +); + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "Test that ECDH deriveBits() fails when the public key is not an ECDH key", + function() { + var that = this; + var pubKey, privKey; + function setPub(x) { pubKey = x.publicKey; } + function setPriv(x) { privKey = x.privateKey; } + + function doGenerateP256() { + var alg = { name: "ECDH", namedCurve: "P-256" }; + return crypto.subtle.generateKey(alg, false, ["deriveBits"]); + } + + function doGenerateRSA() { + var alg = { + name: "RSA-OAEP", + hash: "SHA-256", + modulusLength: 2048, + publicExponent: new Uint8Array([0x01, 0x00, 0x01]), + }; + return crypto.subtle.generateKey(alg, false, ["encrypt", "decrypt"]); + } + + function doDerive() { + var alg = { name: "ECDH", public: pubKey }; + return crypto.subtle.deriveBits(alg, privKey, 16); + } + + doGenerateP256() + .then(setPriv, error(that)) + .then(doGenerateRSA, error(that)) + .then(setPub, error(that)) + .then(doDerive, error(that)) + .then(error(that), complete(that)); + } +); + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "Test that ECDH deriveBits() fails when the given keys' curves don't match", + function() { + var that = this; + var pubKey, privKey; + function setPub(x) { pubKey = x.publicKey; } + function setPriv(x) { privKey = x.privateKey; } + + function doGenerateP256() { + var alg = { name: "ECDH", namedCurve: "P-256" }; + return crypto.subtle.generateKey(alg, false, ["deriveBits"]); + } + + function doGenerateP384() { + var alg = { name: "ECDH", namedCurve: "P-384" }; + return crypto.subtle.generateKey(alg, false, ["deriveBits"]); + } + + function doDerive() { + var alg = { name: "ECDH", public: pubKey }; + return crypto.subtle.deriveBits(alg, privKey, 16); + } + + doGenerateP256() + .then(setPriv, error(that)) + .then(doGenerateP384, error(that)) + .then(setPub, error(that)) + .then(doDerive, error(that)) + .then(error(that), complete(that)); + } +); + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "JWK import an ECDH public and private key and derive bits (P-256)", + function() { + var that = this; + var alg = { name: "ECDH" }; + + var pubKey, privKey; + function setPub(x) { pubKey = x; } + function setPriv(x) { privKey = x; } + + function doDerive() { + return crypto.subtle.deriveBits({ name: "ECDH", public: pubKey }, privKey, tv.ecdh_p256.secret.byteLength * 8); + } + + Promise.all([ + crypto.subtle.importKey("jwk", tv.ecdh_p256.jwk_priv, alg, false, ["deriveBits"]) + .then(setPriv, error(that)), + crypto.subtle.importKey("jwk", tv.ecdh_p256.jwk_pub, alg, false, ["deriveBits"]) + .then(setPub, error(that)), + ]).then(doDerive, error(that)) + .then(memcmp_complete(that, tv.ecdh_p256.secret), error(that)); + } +); + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "JWK import an ECDH public and private key and derive bits (P-384)", + function() { + var that = this; + var alg = { name: "ECDH" }; + + var pubKey, privKey; + function setPub(x) { pubKey = x; } + function setPriv(x) { privKey = x; } + + function doDerive() { + return crypto.subtle.deriveBits({ name: "ECDH", public: pubKey }, privKey, tv.ecdh_p384.secret.byteLength * 8); + } + + Promise.all([ + crypto.subtle.importKey("jwk", tv.ecdh_p384.jwk_priv, alg, false, ["deriveBits"]) + .then(setPriv, error(that)), + crypto.subtle.importKey("jwk", tv.ecdh_p384.jwk_pub, alg, false, ["deriveBits"]) + .then(setPub, error(that)), + ]).then(doDerive, error(that)) + .then(memcmp_complete(that, tv.ecdh_p384.secret), error(that)); + } +); + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "JWK import an ECDH public and private key and derive bits (P-521)", + function() { + var that = this; + var alg = { name: "ECDH" }; + + var pubKey, privKey; + function setPub(x) { pubKey = x; } + function setPriv(x) { privKey = x; } + + function doDerive() { + return crypto.subtle.deriveBits({ name: "ECDH", public: pubKey }, privKey, tv.ecdh_p521.secret.byteLength * 8); + } + + Promise.all([ + crypto.subtle.importKey("jwk", tv.ecdh_p521.jwk_priv, alg, false, ["deriveBits"]) + .then(setPriv, error(that)), + crypto.subtle.importKey("jwk", tv.ecdh_p521.jwk_pub, alg, false, ["deriveBits"]) + .then(setPub, error(that)), + ]).then(doDerive, error(that)) + .then(memcmp_complete(that, tv.ecdh_p521.secret), error(that)); + } +); + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "JWK import/export roundtrip with ECDH (P-256)", + function() { + var that = this; + var alg = { name: "ECDH" }; + + var pubKey, privKey; + function setPub(x) { pubKey = x; } + function setPriv(x) { privKey = x; } + + function doExportPub() { + return crypto.subtle.exportKey("jwk", pubKey); + } + function doExportPriv() { + return crypto.subtle.exportKey("jwk", privKey); + } + + Promise.all([ + crypto.subtle.importKey("jwk", tv.ecdh_p256.jwk_priv, alg, true, ["deriveBits"]) + .then(setPriv, error(that)), + crypto.subtle.importKey("jwk", tv.ecdh_p256.jwk_pub, alg, true, ["deriveBits"]) + .then(setPub, error(that)), + ]).then(doExportPub, error(that)) + .then(function(x) { + var tp = tv.ecdh_p256.jwk_pub; + if ((tp.kty != x.kty) && + (tp.crv != x.crv) && + (tp.x != x.x) && + (tp.y != x.y)) { + throw new Error("exported public key doesn't match"); + } + }, error(that)) + .then(doExportPriv, error(that)) + .then(complete(that, function(x) { + var tp = tv.ecdh_p256.jwk_priv; + return (tp.kty == x.kty) && + (tp.crv == x.crv) && + (tp.d == x.d) && + (tp.x == x.x) && + (tp.y == x.y); + }), error(that)); + } +); + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "PKCS8 import/export roundtrip with ECDH (P-256)", + function() { + var that = this; + var alg = { name: "ECDH", namedCurve: "P-256" }; + + function doExportPriv(x) { + return crypto.subtle.exportKey("pkcs8", x); + } + + crypto.subtle.importKey("pkcs8", tv.ecdh_p256.pkcs8, alg, true, ["deriveBits"]) + .then(doExportPriv, error(that)) + .then(complete(that, function(x) { + return util.memcmp(x, tv.ecdh_p256.pkcs8); + }), error(that)); + } +); + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "Test that importing bad JWKs fails", + function() { + var that = this; + var alg = { name: "ECDH" }; + var tvs = tv.ecdh_p256_negative; + + function doTryImport(jwk) { + return function() { + return crypto.subtle.importKey("jwk", jwk, alg, false, ["deriveBits"]); + }; + } + + doTryImport(tvs.jwk_bad_crv)() + .then(error(that), doTryImport(tvs.jwk_missing_crv)) + .then(error(that), doTryImport(tvs.jwk_missing_x)) + .then(error(that), doTryImport(tvs.jwk_missing_y)) + .then(error(that), complete(that)); + } +); + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "JWK export of a newly generated ECDH private key", + function() { + var that = this; + var alg = { name: "ECDH", namedCurve: "P-256" }; + var reBase64URL = /^[a-zA-Z0-9_-]+$/; + + function doExportToJWK(x) { + return crypto.subtle.exportKey("jwk", x.privateKey); + } + + crypto.subtle.generateKey(alg, true, ["deriveKey", "deriveBits"]) + .then(doExportToJWK) + .then( + complete(that, function(x) { + return x.ext && + x.kty == "EC" && + x.crv == "P-256" && + reBase64URL.test(x.x) && + reBase64URL.test(x.y) && + reBase64URL.test(x.d) && + x.x.length == 43 && // 32 octets, base64-encoded + x.y.length == 43 && // 32 octets, base64-encoded + shallowArrayEquals(x.key_ops, ["deriveKey", "deriveBits"]); + }), + error(that) + ); + } +); + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "Derive an HMAC key from two ECDH keys and test sign/verify", + function() { + var that = this; + var alg = { name: "ECDH" }; + var algDerived = { name: "HMAC", hash: {name: "SHA-1"} }; + + var pubKey, privKey; + function setPub(x) { pubKey = x; } + function setPriv(x) { privKey = x; } + + function doDerive() { + return crypto.subtle.deriveKey({ name: "ECDH", public: pubKey }, privKey, algDerived, false, ["sign", "verify"]) + .then(function(x) { + if (!hasKeyFields(x)) { + throw new Error("Invalid key; missing field(s)"); + } + + // 512 bit is the default for HMAC-SHA1. + if (x.algorithm.length != 512) { + throw new Error("Invalid key; incorrect length"); + } + + return x; + }); + } + + function doSignAndVerify(x) { + var data = crypto.getRandomValues(new Uint8Array(1024)); + return crypto.subtle.sign("HMAC", x, data) + .then(function(sig) { + return crypto.subtle.verify("HMAC", x, sig, data); + }); + } + + Promise.all([ + crypto.subtle.importKey("jwk", tv.ecdh_p521.jwk_priv, alg, false, ["deriveKey"]) + .then(setPriv), + crypto.subtle.importKey("jwk", tv.ecdh_p521.jwk_pub, alg, false, ["deriveKey"]) + .then(setPub), + ]).then(doDerive) + .then(doSignAndVerify) + .then(complete(that, x => x), error(that)); + } +); + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "Derive an HKDF key from two ECDH keys and derive an HMAC key from that", + function() { + var that = this; + + async function doTest() { + let privKey = await crypto.subtle.importKey("jwk", tv.ecdh_p256.jwk_priv, "ECDH", false, ["deriveKey"]); + let pubKey = await crypto.subtle.importKey("jwk", tv.ecdh_p256.jwk_pub, "ECDH", false, []); + let ecdhAlg = { name: "ECDH", public: pubKey }; + let hkdfAlg = { name: "HKDF", hash: "SHA-256", salt: new Uint8Array(), info: new Uint8Array() }; + let hkdfKey = await crypto.subtle.deriveKey(ecdhAlg, privKey, hkdfAlg, false, ["deriveKey"]); + let hmacAlg = { name: "HMAC", hash: "SHA-256" }; + let hmacKey = await crypto.subtle.deriveKey(hkdfAlg, hkdfKey, hmacAlg, false, ["sign"]); + return crypto.subtle.sign("HMAC", hmacKey, new Uint8Array()); + } + const expected = util.hex2abv("acf62832fa93469824cd997593bc963b28a68e6f73f4516bbe51b35942fe9811"); + doTest().then(memcmp_complete(that, expected), error(that)); + } +); + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "SPKI import/export of public ECDH keys (P-256)", + function() { + var that = this; + var alg = { name: "ECDH" }; + var keys = ["spki", "spki_id_ecpk"]; + + function doImport(key) { + return crypto.subtle.importKey("spki", tv.ecdh_p256[key], alg, true, ["deriveBits"]); + } + + function doExport(x) { + return crypto.subtle.exportKey("spki", x); + } + + function nextKey() { + var key = keys.shift(); + var imported = doImport(key); + var derived = imported.then(doExport); + + return derived.then(function(x) { + if (!util.memcmp(x, tv.ecdh_p256.spki_id_ecpk)) { + throw new Error("exported key is invalid"); + } + + if (keys.length) { + return nextKey(); + } + return Promise.resolve(); + }); + } + + nextKey().then(complete(that), error(that)); + } +); + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "SPKI/JWK import ECDH keys (P-256) and derive a known secret", + function() { + var that = this; + var alg = { name: "ECDH" }; + + var pubKey, privKey; + function setPub(x) { pubKey = x; } + function setPriv(x) { privKey = x; } + + function doDerive() { + return crypto.subtle.deriveBits({ name: "ECDH", public: pubKey }, privKey, tv.ecdh_p256.secret.byteLength * 8); + } + + Promise.all([ + crypto.subtle.importKey("spki", tv.ecdh_p256.spki, alg, false, ["deriveBits"]) + .then(setPub), + crypto.subtle.importKey("jwk", tv.ecdh_p256.jwk_priv, alg, false, ["deriveBits"]) + .then(setPriv), + ]).then(doDerive) + .then(memcmp_complete(that, tv.ecdh_p256.secret), error(that)); + } +); + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "Raw import/export of a public ECDH key (P-256)", + function() { + var that = this; + var alg = { name: "ECDH", namedCurve: "P-256" }; + + function doExport(x) { + return crypto.subtle.exportKey("raw", x); + } + + crypto.subtle.importKey("raw", tv.ecdh_p256.raw, alg, true, ["deriveBits"]) + .then(doExport) + .then(memcmp_complete(that, tv.ecdh_p256.raw), error(that)); + } +); + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "Test that importing bad raw ECDH keys fails", + function() { + var that = this; + var alg = { name: "ECDH", namedCurve: "P-256" }; + + crypto.subtle.importKey("raw", tv, alg, false, ["deriveBits"]) + .then(error(that), complete(that)); + } +); + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "Test that importing ECDH keys with an unknown format fails", + function() { + var that = this; + var alg = { name: "ECDH", namedCurve: "P-256" }; + + crypto.subtle.importKey("unknown", tv, alg, false, ["deriveBits"]) + .then(error(that), complete(that)); + } +); + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "Test that importing too short raw ECDH keys fails", + function() { + var that = this; + var alg = { name: "ECDH", namedCurve: "P-256" }; + + crypto.subtle.importKey("raw", tv, alg, false, ["deriveBits"]) + .then(error(that), complete(that)); + } +); + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "Test that importing too long raw ECDH keys fails", + function() { + var that = this; + var alg = { name: "ECDH", namedCurve: "P-256" }; + + crypto.subtle.importKey("raw", tv, alg, false, ["deriveBits"]) + .then(error(that), complete(that)); + } +); + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "Test that importing compressed raw ECDH keys fails", + function() { + var that = this; + var alg = { name: "ECDH", namedCurve: "P-256" }; + + crypto.subtle.importKey("raw", tv, alg, false, ["deriveBits"]) + .then(error(that), complete(that)); + } +); + +// ----------------------------------------------------------------------------- +TestArray.addTest( + "RAW/JWK import ECDH keys (P-256) and derive a known secret", + function() { + var that = this; + var alg = { name: "ECDH", namedCurve: "P-256" }; + + var pubKey, privKey; + function setPub(x) { pubKey = x; } + function setPriv(x) { privKey = x; } + + function doDerive() { + return crypto.subtle.deriveBits({ name: "ECDH", public: pubKey }, privKey, tv.ecdh_p256.secret.byteLength * 8); + } + + Promise.all([ + crypto.subtle.importKey("raw", tv.ecdh_p256.raw, alg, false, ["deriveBits"]) + .then(setPub), + crypto.subtle.importKey("jwk", tv.ecdh_p256.jwk_priv, alg, false, ["deriveBits"]) + .then(setPriv), + ]).then(doDerive) + .then(memcmp_complete(that, tv.ecdh_p256.secret), error(that)); + } +); +/* ]]>*/</script> +</head> + +<body> + +<div id="content"> + <div id="head"> + <b>Web</b>Crypto<br> + </div> + + <div id="start" onclick="start();">RUN ALL</div> + + <div id="resultDiv" class="content"> + Summary: + <span class="pass"><span id="passN">0</span> passed, </span> + <span class="fail"><span id="failN">0</span> failed, </span> + <span class="pending"><span id="pendingN">0</span> pending.</span> + <br/> + <br/> + + <table id="results"> + <tr> + <th>Test</th> + <th>Result</th> + <th>Time</th> + </tr> + </table> + + </div> + + <div id="foot"></div> +</div> + +</body> +</html> |