summaryrefslogtreecommitdiffstats
path: root/services/crypto/tests/unit/test_jwcrypto.js
blob: e0a90218c308016f50593e63c1470d9d9f0b32c3 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
/* Any copyright is dedicated to the Public Domain.
   http://creativecommons.org/publicdomain/zero/1.0/ */

"use strict";

ChromeUtils.defineESModuleGetters(this, {
  jwcrypto: "resource://services-crypto/jwcrypto.sys.mjs",
});

Cu.importGlobalProperties(["crypto"]);

// Enable logging from jwcrypto.jsm.
Services.prefs.setCharPref("services.crypto.jwcrypto.log.level", "Debug");

add_task(async function test_jwe_roundtrip_ecdh_es_encryption() {
  const plaintext = crypto.getRandomValues(new Uint8Array(123));
  const remoteKey = await crypto.subtle.generateKey(
    {
      name: "ECDH",
      namedCurve: "P-256",
    },
    true,
    ["deriveKey"]
  );
  const remoteJWK = await crypto.subtle.exportKey("jwk", remoteKey.publicKey);
  delete remoteJWK.key_ops;
  const jwe = await jwcrypto.generateJWE(remoteJWK, plaintext);
  const decrypted = await jwcrypto.decryptJWE(jwe, remoteKey.privateKey);
  Assert.deepEqual(plaintext, decrypted);
});

add_task(async function test_jwe_header_includes_key_id() {
  const plaintext = crypto.getRandomValues(new Uint8Array(123));
  const remoteKey = await crypto.subtle.generateKey(
    {
      name: "ECDH",
      namedCurve: "P-256",
    },
    true,
    ["deriveKey"]
  );
  const remoteJWK = await crypto.subtle.exportKey("jwk", remoteKey.publicKey);
  delete remoteJWK.key_ops;
  remoteJWK.kid = "key identifier";
  const jwe = await jwcrypto.generateJWE(remoteJWK, plaintext);
  let [header /* other items deliberately ignored */] = jwe.split(".");
  header = JSON.parse(
    new TextDecoder().decode(
      ChromeUtils.base64URLDecode(header, { padding: "reject" })
    )
  );
  Assert.equal(header.kid, "key identifier");
});