OLD | NEW |
| (Empty) |
1 <!DOCTYPE html> | |
2 <html> | |
3 <head> | |
4 <script src="../resources/js-test.js"></script> | |
5 <script src="resources/common.js"></script> | |
6 <script src="resources/keys.js"></script> | |
7 </head> | |
8 <body> | |
9 <p id="description"></p> | |
10 <div id="console"></div> | |
11 | |
12 <script> | |
13 description("Tests cypto.subtle.sign and crypto.subtle.verify"); | |
14 | |
15 jsTestIsAsync = true; | |
16 | |
17 // A list of Promises for every test to run. | |
18 var allTests = []; | |
19 | |
20 // ------------------------------------------------- | |
21 // Successful sign/verify for HMAC | |
22 // ------------------------------------------------- | |
23 | |
24 // The "key", "message", and "mac" are written as hex encoded strings. | |
25 // | |
26 // Unless indicated otherwise, the data comes from: | |
27 // http://csrc.nist.gov/groups/STM/cavp/index.html#07 | |
28 // Which can be downloaded from: | |
29 // http://csrc.nist.gov/groups/STM/cavp/documents/mac/hmactestvectors.zip | |
30 var kHmacTestVectors = [ | |
31 // Empty sets. Result generated via OpenSSL commandline tool. These | |
32 // particular results are also posted on the Wikipedia page examples: | |
33 // http://en.wikipedia.org/wiki/Hash-based_message_authentication_code | |
34 { | |
35 algorithm: "SHA-1", | |
36 key: "", | |
37 message: "", | |
38 // openssl dgst -sha1 -hmac "" < /dev/null | |
39 mac: "fbdb1d1b18aa6c08324b7d64b71fb76370690e1d", | |
40 }, | |
41 { | |
42 algorithm: "SHA-256", | |
43 key: "", | |
44 message: "", | |
45 // openssl dgst -sha256 -hmac "" < /dev/null | |
46 mac: "b613679a0814d9ec772f95d778c35fc5ff1697c493715653c6c712144292c5ad", | |
47 }, | |
48 // L=20 set 45 | |
49 { | |
50 algorithm: "SHA-1", | |
51 key: "59785928d72516e31272", | |
52 message: "a3ce8899df1022e8d2d539b47bf0e309c66f84095e21438ec355bf119ce5fdcb4e
73a619cdf36f25b369d8c38ff419997f0c59830108223606e31223483fd39edeaa4d3f0d21198862
d239c9fd26074130ff6c86493f5227ab895c8f244bd42c7afce5d147a20a590798c68e708e964902
d124dadecdbda9dbd0051ed710e9bf", | |
53 mac: "3c8162589aafaee024fc9a5ca50dd2336fe3eb28", | |
54 }, | |
55 // L=20 set 299 | |
56 { | |
57 algorithm: "SHA-1", | |
58 key: "ceb9aedf8d6efcf0ae52bea0fa99a9e26ae81bacea0cff4d5eecf201e3bca3c3577480
621b818fd717ba99d6ff958ea3d59b2527b019c343bb199e648090225867d994607962f5866aa629
30d75b58f6", | |
59 message: "99958aa459604657c7bf6e4cdfcc8785f0abf06ffe636b5b64ecd931bd8a456305
592421fc28dbcccb8a82acea2be8e54161d7a78e0399a6067ebaca3f2510274dc9f92f2c8ae4265e
ec13d7d42e9f8612d7bc258f913ecb5a3a5c610339b49fb90e9037b02d684fc60da835657cb24eab
352750c8b463b1a8494660d36c3ab2", | |
60 mac: "4ac41ab89f625c60125ed65ffa958c6b490ea670", | |
61 }, | |
62 // L=32, set 30 | |
63 { | |
64 algorithm: "SHA-256", | |
65 key: "9779d9120642797f1747025d5b22b7ac607cab08e1758f2f3a46c8be1e25c53b8c6a8f
58ffefa176", | |
66 message: "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288b
af4a92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92d1b0ae
933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f22a003b8ab8de54f
6ded0e3ab9245fa79568451dfa258e", | |
67 mac: "769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b", | |
68 }, | |
69 // L=32, set 224 | |
70 { | |
71 algorithm: "SHA-256", | |
72 key: "4b7ab133efe99e02fc89a28409ee187d579e774f4cba6fc223e13504e3511bef8d4f63
8b9aca55d4a43b8fbd64cf9d74dcc8c9e8d52034898c70264ea911a3fd70813fa73b083371289b", | |
73 message: "138efc832c64513d11b9873c6fd4d8a65dbf367092a826ddd587d141b401580b79
8c69025ad510cff05fcfbceb6cf0bb03201aaa32e423d5200925bddfadd418d8e30e18050eb4f061
8eb9959d9f78c1157d4b3e02cd5961f138afd57459939917d9144c95d8e6a94c8f6d4eef3418c17b
1ef0b46c2a7188305d9811dccb3d99", | |
74 mac: "4f1ee7cb36c58803a8721d4ac8c4cf8cae5d8832392eed2a96dc59694252801b", | |
75 } | |
76 ]; | |
77 | |
78 function runSuccessTestCase(testCase) | |
79 { | |
80 var importAlgorithm = {name: 'HMAC', hash: {name: testCase.algorithm}}; | |
81 var algorithm = {name: 'HMAC'}; | |
82 | |
83 var key = null; | |
84 var keyData = hexStringToUint8Array(testCase.key); | |
85 var usages = ['sign', 'verify']; | |
86 var extractable = false; | |
87 | |
88 // (1) Import the key | |
89 return crypto.subtle.importKey('raw', keyData, importAlgorithm, extractable,
usages).then(function(result) { | |
90 key = result; | |
91 | |
92 // shouldBe() can only resolve variables in global context. | |
93 tmpKey = key; | |
94 shouldBe("tmpKey.type", "'secret'") | |
95 shouldBe("tmpKey.extractable", "false") | |
96 shouldBe("tmpKey.algorithm.name", "'HMAC'") | |
97 shouldBe("tmpKey.algorithm.hash.name", "'" + testCase.algorithm + "'") | |
98 shouldEvaluateTo("tmpKey.algorithm.length", keyData.length * 8); | |
99 shouldBe("tmpKey.usages.join(',')", "'sign,verify'") | |
100 | |
101 // (2) Sign. | |
102 return crypto.subtle.sign(algorithm, key, hexStringToUint8Array(testCase
.message)); | |
103 }).then(function(result) { | |
104 bytesShouldMatchHexString("Mac", testCase.mac, result); | |
105 | |
106 // (3) Verify | |
107 return crypto.subtle.verify(algorithm, key, hexStringToUint8Array(testCa
se.mac), hexStringToUint8Array(testCase.message)); | |
108 }).then(function(result) { | |
109 verifyResult = result; | |
110 shouldBe("verifyResult", "true") | |
111 | |
112 // (4) Verify truncated mac (by stripping 1 byte off of it). | |
113 var expectedMac = hexStringToUint8Array(testCase.mac); | |
114 return crypto.subtle.verify(algorithm, key, expectedMac.subarray(0, expe
ctedMac.byteLength - 1), hexStringToUint8Array(testCase.message)); | |
115 }).then(function(result) { | |
116 verifyResult = result; | |
117 shouldBe("verifyResult", "false") | |
118 }); | |
119 } | |
120 | |
121 // Add all of the tests defined above. | |
122 for (var i = 0; i < kHmacTestVectors.length; ++i) { | |
123 allTests.push(runSuccessTestCase(kHmacTestVectors[i])); | |
124 } | |
125 | |
126 hmac = {name: 'hmac'}; | |
127 data = asciiToUint8Array("hello"); | |
128 | |
129 allTests.push(importTestKeys().then(function(importedKeys) { | |
130 keys = importedKeys; | |
131 | |
132 // Pass invalid signature parameters to verify() | |
133 shouldThrow("crypto.subtle.verify(hmac, keys.hmacSha1, null, data)"); | |
134 shouldThrow("crypto.subtle.verify(hmac, keys.hmacSha1, 'a', data)"); | |
135 shouldThrow("crypto.subtle.verify(hmac, keys.hmacSha1, [], data)"); | |
136 | |
137 // Operation does not support signing. | |
138 shouldRejectPromiseWithNull("crypto.subtle.sign({name: 'sha-1'}, keys.hmacSh
a1, data)"); | |
139 | |
140 // Operation doesn't support signing (also given an invalid key, but the | |
141 // first failure takes priority) | |
142 shouldRejectPromiseWithNull("crypto.subtle.sign({name: 'RSAES-PKCS1-v1_5'},
keys.hmacSha1, data)"); | |
143 })); | |
144 | |
145 // ------------------------------------------------- | |
146 // Wait until all the tests have been run. | |
147 // ------------------------------------------------- | |
148 | |
149 Promise.all(allTests).then(finishJSTest, failAndFinishJSTest); | |
150 | |
151 </script> | |
152 | |
153 </body> | |
OLD | NEW |