1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
/* Any copyright is dedicated to the Public Domain.
http://creativecommons.org/publicdomain/zero/1.0/ */
"use strict";
ChromeUtils.defineESModuleGetters(this, {
jwcrypto: "resource://services-crypto/jwcrypto.sys.mjs",
});
Cu.importGlobalProperties(["crypto"]);
// Enable logging from jwcrypto.jsm.
Services.prefs.setCharPref("services.crypto.jwcrypto.log.level", "Debug");
add_task(async function test_jwe_roundtrip_ecdh_es_encryption() {
const plaintext = crypto.getRandomValues(new Uint8Array(123));
const remoteKey = await crypto.subtle.generateKey(
{
name: "ECDH",
namedCurve: "P-256",
},
true,
["deriveKey"]
);
const remoteJWK = await crypto.subtle.exportKey("jwk", remoteKey.publicKey);
delete remoteJWK.key_ops;
const jwe = await jwcrypto.generateJWE(remoteJWK, plaintext);
const decrypted = await jwcrypto.decryptJWE(jwe, remoteKey.privateKey);
Assert.deepEqual(plaintext, decrypted);
});
add_task(async function test_jwe_header_includes_key_id() {
const plaintext = crypto.getRandomValues(new Uint8Array(123));
const remoteKey = await crypto.subtle.generateKey(
{
name: "ECDH",
namedCurve: "P-256",
},
true,
["deriveKey"]
);
const remoteJWK = await crypto.subtle.exportKey("jwk", remoteKey.publicKey);
delete remoteJWK.key_ops;
remoteJWK.kid = "key identifier";
const jwe = await jwcrypto.generateJWE(remoteJWK, plaintext);
let [header /* other items deliberately ignored */] = jwe.split(".");
header = JSON.parse(
new TextDecoder().decode(
ChromeUtils.base64URLDecode(header, { padding: "reject" })
)
);
Assert.equal(header.kid, "key identifier");
});
|
