Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(122)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: LayoutTests/crypto/aes-gcm-encrypt-decrypt.html

Issue 206483010: [webcrypto] Refactor some layout tests. (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « LayoutTests/crypto/aes-ctr-parseAlgorithm-failures-expected.txt ('k') | LayoutTests/crypto/aes-gcm-encrypt-decrypt-expected.txt » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 <!DOCTYPE html> 1 <!DOCTYPE html>
2 <html> 2 <html>
3 <head> 3 <head>
4 <script src="../resources/js-test.js"></script> 4 <script src="../resources/js-test.js"></script>
5 <script src="resources/common.js"></script> 5 <script src="resources/common.js"></script>
6 </head> 6 </head>
7 <body> 7 <body>
8 <p id="description"></p> 8 <p id="description"></p>
9 <div id="console"></div> 9 <div id="console"></div>
10 10
11 <script> 11 <script>
12 description("Tests cypto.subtle.encrypt and crypto.subtle.decrypt"); 12 description("Tests encrypt/decrypt for AES-GCM");
13 13
14 jsTestIsAsync = true; 14 jsTestIsAsync = true;
15 15
16 // A list of Promises for every test to run.
17 var allTests = [];
18
19 // -------------------------------------------------
20 // Successful encryption/decryption
21 // -------------------------------------------------
22
23 // Test vectors marked with [1] were copied from:
24 // http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
25 //
26 // The NIST tests do not have a padding block. To match the WebCrypto
27 // expectations, a PKCS#5 padding block has been added.
28
29 var kAesCbcSuccessVectors = [
30 // 128-bit key with plaintext that is an exact multiple of block size.
31 // Derived from [1] F.2.1 (CBC-AES128.Encrypt), by adding padding block.
32 {
33 key: "2b7e151628aed2a6abf7158809cf4f3c",
34 iv: "000102030405060708090a0b0c0d0e0f",
35 plainText: "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e51 30c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710",
36 cipherText: "7649abac8119b246cee98e9b12e9197d5086cb9b507219ee95db113a917678b 273bed6b8e3c1743b7116e69e222295163ff1caa1681fac09120eca307586e1a7" +
37 // Padding block.
38 "8cb82807230e1321d3fae00d18cc2012"
39 },
40
41 // 192-bit key, where final block of plaintext has to pad by 15.
42 // Derived from [1] F.2.3 (CBC-AES192.Encrypt), by stripping 15 bytes off
43 // plaintext and adding padding block.
44 {
45 key: "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b",
46 iv: "000102030405060708090a0b0c0d0e0f",
47 plainText: "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e51 30c81c46a35ce411e5fbc1191a0a52eff6",
48 cipherText: "4f021db243bc633d7178183a9fa071e8b4d9ada9ad7dedf4e5e738763f69145 a571b242012fb7ae07fa9baac3df102e0" +
49 // Padding block.
50 "288c6f9ec554652e50ab55e121f099ae"
51 },
52
53 // 256-bit key, where final block of plaintext has to pad by 3.
54 // Derived from [1] F.2.6 CBC-AES256.Decrypt, by stripping 3 bytes off
55 // plaintext and adding padding block.
56 {
57 key: "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4",
58 iv: "000102030405060708090a0b0c0d0e0f",
59 plainText: "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e51 30c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be6",
60 cipherText: "f58c4c04d6e5f1ba779eabfb5f7bfbd69cfc4e967edb808d679f777bc6702c7 d39f23369a9d9bacfa530e26304231461c9aaf02a6a54e9e242ccbf48c59daca6"
61 },
62
63 // 128-bit key, with empty plaintext.
64 // Derived from Chromium's EncryptorTest.EmptyEncrypt() (encryptor_unittest.cc )
65 {
66 key: "3132383d5369787465656e4279746573",
67 iv: "5377656574205369787465656e204956",
68 plainText: "",
69 cipherText: "8518b8878d34e7185e300d0fcc426396"
70 },
71 ];
72
73 // These tests come from the NIST GCM test vectors: 16 // These tests come from the NIST GCM test vectors:
74 // http://csrc.nist.gov/groups/STM/cavp/documents/mac/gcmtestvectors.zip 17 // http://csrc.nist.gov/groups/STM/cavp/documents/mac/gcmtestvectors.zip
75 // 18 //
76 // Both encryption and decryption are expected to work. 19 // Both encryption and decryption are expected to work.
77 var kAesGcmSuccessVectors = 20 var kAesGcmSuccessVectors =
78 [ 21 [
79 // [Keylen = 128] 22 // [Keylen = 128]
80 // [IVlen = 96] 23 // [IVlen = 96]
81 // [PTlen = 0] 24 // [PTlen = 0]
82 // [AADlen = 0] 25 // [AADlen = 0]
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after
126 { 69 {
127 "key": "ae7972c025d7f2ca3dd37dcc3d41c506671765087c6b61b8", 70 "key": "ae7972c025d7f2ca3dd37dcc3d41c506671765087c6b61b8",
128 "iv": "984c1379e6ba961c828d792d", 71 "iv": "984c1379e6ba961c828d792d",
129 "plainText": "d30b02c343487105219d6fa080acc743", 72 "plainText": "d30b02c343487105219d6fa080acc743",
130 "cipherText": "c4489fa64a6edf80e7e6a3b8855bc37c", 73 "cipherText": "c4489fa64a6edf80e7e6a3b8855bc37c",
131 "additionalData": "edd8f630f9bbc31b0acf122998f15589d6e6e3e1a3ec89e0c6a6ece75 1610ebbf57fdfb9d82028ff1d9faebe37a268c1", 74 "additionalData": "edd8f630f9bbc31b0acf122998f15589d6e6e3e1a3ec89e0c6a6ece75 1610ebbf57fdfb9d82028ff1d9faebe37a268c1",
132 "authenticationTag": "772ee7de0f91a981c36c93a35c88" 75 "authenticationTag": "772ee7de0f91a981c36c93a35c88"
133 } 76 }
134 ]; 77 ];
135 78
136 function runAesCbcSuccessTestCase(testCase)
137 {
138 var algorithm = {name: 'aes-cbc', iv: hexStringToUint8Array(testCase.iv)};
139
140 var key = null;
141 var keyData = hexStringToUint8Array(testCase.key);
142 var usages = ['encrypt', 'decrypt'];
143 var extractable = false;
144
145 // (1) Import the key
146 return crypto.subtle.importKey('raw', keyData, algorithm, extractable, usage s).then(function(result) {
147 key = result;
148
149 // shouldBe() can only resolve variables in global context.
150 tmpKey = key;
151 shouldBe("tmpKey.type", "'secret'");
152 shouldBe("tmpKey.extractable", "false");
153 shouldBe("tmpKey.algorithm.name", "'AES-CBC'");
154 shouldBe("tmpKey.algorithm.length", (keyData.byteLength * 8).toString()) ;
155 shouldBe("tmpKey.usages.join(',')", "'encrypt,decrypt'");
156
157 // (2) Encrypt.
158 return crypto.subtle.encrypt(algorithm, key, hexStringToUint8Array(testC ase.plainText));
159 }).then(function(result) {
160 bytesShouldMatchHexString("Encryption", testCase.cipherText, result);
161
162 // (3) Decrypt
163 return crypto.subtle.decrypt(algorithm, key, hexStringToUint8Array(testC ase.cipherText));
164 }).then(function(result) {
165 bytesShouldMatchHexString("Decryption", testCase.plainText, result);
166 });
167 }
168
169 function runAesGcmSuccessTestCase(testCase) 79 function runAesGcmSuccessTestCase(testCase)
170 { 80 {
171 var key = null; 81 var key = null;
172 var keyData = hexStringToUint8Array(testCase.key); 82 var keyData = hexStringToUint8Array(testCase.key);
173 var iv = hexStringToUint8Array(testCase.iv); 83 var iv = hexStringToUint8Array(testCase.iv);
174 var additionalData = hexStringToUint8Array(testCase.additionalData); 84 var additionalData = hexStringToUint8Array(testCase.additionalData);
175 var tag = hexStringToUint8Array(testCase.authenticationTag); 85 var tag = hexStringToUint8Array(testCase.authenticationTag);
176 var usages = ['encrypt', 'decrypt']; 86 var usages = ['encrypt', 'decrypt'];
177 var extractable = false; 87 var extractable = false;
178 88
179 var tagLengthBits = tag.byteLength * 8; 89 var tagLengthBits = tag.byteLength * 8;
180 90
181 var algorithm = {name: 'aes-gcm', iv: iv, additionalData: additionalData, ta gLength: tagLengthBits}; 91 var algorithm = {name: 'aes-gcm', iv: iv, additionalData: additionalData, ta gLength: tagLengthBits};
182 92
183 // (1) Import the key 93 // (1) Import the key
184 return crypto.subtle.importKey('raw', keyData, algorithm, extractable, usage s).then(function(result) { 94 return crypto.subtle.importKey('raw', keyData, algorithm, extractable, usage s).then(function(result) {
185 key = result; 95 key = result;
186 96
187 // shouldBe() can only resolve variables in global context. 97 // shouldBe() can only resolve variables in global context.
188 tmpKey = key; 98 tmpKey = key;
189 shouldBe("tmpKey.type", "'secret'"); 99 shouldEvaluateAs("tmpKey.type", "secret");
190 shouldBe("tmpKey.extractable", "false"); 100 shouldEvaluateAs("tmpKey.extractable", false);
191 shouldBe("tmpKey.algorithm.name", "'AES-GCM'"); 101 shouldEvaluateAs("tmpKey.algorithm.name", "AES-GCM");
192 shouldBe("tmpKey.usages.join(',')", "'encrypt,decrypt'"); 102 shouldEvaluateAs("tmpKey.usages.join(',')", "encrypt,decrypt");
193 103
194 // (2) Encrypt. 104 // (2) Encrypt.
195 return crypto.subtle.encrypt(algorithm, key, hexStringToUint8Array(testC ase.plainText)); 105 return crypto.subtle.encrypt(algorithm, key, hexStringToUint8Array(testC ase.plainText));
196 }).then(function(result) { 106 }).then(function(result) {
197 bytesShouldMatchHexString("Encryption", testCase.cipherText + testCase.a uthenticationTag, result); 107 bytesShouldMatchHexString("Encryption", testCase.cipherText + testCase.a uthenticationTag, result);
198 108
199 // (3) Decrypt 109 // (3) Decrypt
200 return crypto.subtle.decrypt(algorithm, key, hexStringToUint8Array(testC ase.cipherText + testCase.authenticationTag)); 110 return crypto.subtle.decrypt(algorithm, key, hexStringToUint8Array(testC ase.cipherText + testCase.authenticationTag));
201 }).then(function(result) { 111 }).then(function(result) {
202 bytesShouldMatchHexString("Decryption", testCase.plainText, result); 112 bytesShouldMatchHexString("Decryption", testCase.plainText, result);
203 }); 113 });
204 } 114 }
205 115
206 // Add all of the tests defined above. 116 var lastPromise = Promise.resolve(null);
207 for (var i = 0; i < kAesCbcSuccessVectors.length; ++i) {
208 addTask(runAesCbcSuccessTestCase(kAesCbcSuccessVectors[i]));
209 }
210 117
211 // Add all of the tests defined above. 118 kAesGcmSuccessVectors.forEach(function(test) {
212 for (var i = 0; i < kAesGcmSuccessVectors.length; ++i) { 119 lastPromise = lastPromise.then(runAesGcmSuccessTestCase.bind(null, test));
213 addTask(runAesGcmSuccessTestCase(kAesGcmSuccessVectors[i])); 120 });
214 }
215 121
216 // ------------------------------------------------- 122 lastPromise.then(finishJSTest, failAndFinishJSTest);
217 // Failed key import.
218 // -------------------------------------------------
219
220 // Supported key lengths are 16 (128-bit), 32 (256-bit), 24 (192-bit),
221 // Try key lengths that are off by 1 from the supported ones.
222 var kUnsupportedKeyLengths = [
223 0, 1, 15, 17, 31, 33, 23, 25, 64
224 ];
225
226 function testInvalidKeyImport(keyLengthBytes)
227 {
228 var algorithm = {name: 'aes-cbc'};
229 var keyData = new Uint8Array(keyLengthBytes);
230
231 var usages = ['encrypt', 'decrypt'];
232 var extractable = false;
233
234 return crypto.subtle.importKey('raw', keyData, algorithm, extractable, usage s).then(function(result) {
235 debug("FAIL: Successfully import key of length " + keyData.byteLength + " bytes");
236 }, function(result) {
237 debug("PASS: Failed to import key of length " + keyData.byteLength + " b ytes");
238 });
239 }
240
241 for (var i = 0; i < kUnsupportedKeyLengths.length; ++i) {
242 addTask(testInvalidKeyImport(kUnsupportedKeyLengths[i]));
243 }
244
245 // -------------------------------------------------
246 // Invalid cipher texts
247 // -------------------------------------------------
248
249 function testInvalidAesCbcDecryptions()
250 {
251 // 128-bit key with plaintext that is an exact multiple of block size.
252 // Derived from [1] F.2.1 (CBC-AES128.Encrypt), by adding padding block.
253 var iv = hexStringToUint8Array("000102030405060708090a0b0c0d0e0f");
254 var keyData = hexStringToUint8Array("2b7e151628aed2a6abf7158809cf4f3c");
255 var cipherText = hexStringToUint8Array("7649abac8119b246cee98e9b12e9197d5086 cb9b507219ee95db113a917678b273bed6b8e3c1743b7116e69e222295163ff1caa1681fac09120e ca307586e1a78cb82807230e1321d3fae00d18cc2012");
256
257 var key = null;
258 var usages = ['encrypt', 'decrypt'];
259 var extractable = false;
260 var algorithm = {name: 'aes-cbc', iv: iv};
261
262 function verifyDecryptionFails(newCipherTextLength)
263 {
264 var newCipherText = cipherText.subarray(0, newCipherTextLength);
265
266 var description = "ciphertext length: " + newCipherText.byteLength;
267 return crypto.subtle.decrypt(algorithm, key, newCipherText).then(functio n(result) {
268 debug("FAIL: decrypting succeeded. " + description);
269 }, function(result) {
270 debug("PASS: decrypting failed. " + description);
271 });
272 }
273
274 return crypto.subtle.importKey('raw', keyData, algorithm, extractable, usage s).then(function(result) {
275 key = result;
276
277 // Verify that decryption works with the original ciphertext.
278 return crypto.subtle.decrypt(algorithm, key, cipherText);
279 }).then(function(result) {
280 debug("PASS: Decryption succeeded");
281
282 // Try a number of bad ciphertexts.
283 return Promise.all([
284 verifyDecryptionFails(0),
285 verifyDecryptionFails(cipherText.byteLength - 1),
286
287 // Stripped a whole block. This new final block will result in a
288 // padding error.
289 verifyDecryptionFails(cipherText.byteLength - 16),
290 verifyDecryptionFails(1),
291 verifyDecryptionFails(15),
292 verifyDecryptionFails(16),
293 verifyDecryptionFails(17),
294 ]);
295 });
296 }
297
298 addTask(testInvalidAesCbcDecryptions());
299
300 function testNormalizationFailures(importedKeys)
301 {
302 keys = importedKeys;
303
304 data = asciiToUint8Array("hello");
305
306 // ---------------------------------------------------
307 // AES-CBC normalization failures (AesCbcParams)
308 // ---------------------------------------------------
309
310 shouldRejectPromiseWithNull("crypto.subtle.encrypt({name: 'AES-CBC', iv: nul l}, keys.aesCbc, data)");
311 shouldRejectPromiseWithNull("crypto.subtle.encrypt({name: 'AES-CBC'}, keys.a esCbc, data)");
312 shouldRejectPromiseWithNull("crypto.subtle.encrypt({name: 'AES-CBC', iv: 3}, keys.aesCbc, data)");
313 shouldRejectPromiseWithNull("crypto.subtle.encrypt({name: 'AES-CBC', iv: new Uint8Array(0)}, keys.aesCbc, data)");
314
315 // ---------------------------------------------------
316 // AES-CTR normalization failures (AesCtrParams)
317 // ---------------------------------------------------
318
319 shouldRejectPromiseWithNull("crypto.subtle.encrypt({name: 'AES-CTR', counter : null}, keys.aesCtr, data)");
320 shouldRejectPromiseWithNull("crypto.subtle.encrypt({name: 'AES-CTR'}, keys.a esCtr, data)");
321 shouldRejectPromiseWithNull("crypto.subtle.encrypt({name: 'AES-CTR', counter : new Uint8Array(0)}, keys.aesCtr, data)");
322 shouldRejectPromiseWithNull("crypto.subtle.encrypt({name: 'AES-CTR', counter : new Uint8Array(16), length: 0}, keys.aesCtr, data)");
323 shouldRejectPromiseWithNull("crypto.subtle.encrypt({name: 'AES-CTR', counter : new Uint8Array(16), length: 18}, keys.aesCtr, data)");
324 shouldRejectPromiseWithNull("crypto.subtle.encrypt({name: 'AES-CTR', counter : new Uint8Array(16), length: 256}, keys.aesCtr, data)");
325 shouldRejectPromiseWithNull("crypto.subtle.encrypt({name: 'AES-CTR', counter : new Uint8Array(16), length: -3}, keys.aesCtr, data)");
326 shouldRejectPromiseWithNull("crypto.subtle.encrypt({name: 'AES-CTR', counter : new Uint8Array(16), length: Infinity}, keys.aesCtr, data)");
327
328 // ---------------------------------------------------
329 // AES-CBC normalization failures (AesGcmParams)
330 // ---------------------------------------------------
331
332 shouldRejectPromiseWithNull("crypto.subtle.encrypt({name: 'AES-gcm'}, keys.a esGcm, data)");
333 shouldRejectPromiseWithNull("crypto.subtle.encrypt({name: 'AES-gcm', iv: 3}, keys.aesGcm, data)");
334 shouldRejectPromiseWithNull("crypto.subtle.encrypt({name: 'AES-gcm', iv: 'fo o'}, keys.aesGcm, data)");
335 shouldRejectPromiseWithNull("crypto.subtle.encrypt({name: 'AES-gcm', iv: new Uint8Array(16), additionalData: '5'}, keys.aesGcm, data)");
336 shouldRejectPromiseWithNull("crypto.subtle.encrypt({name: 'AES-gcm', iv: new Uint8Array(16), additionalData: new Uint8Array(1), tagLength: 'foo'}, keys.aesG cm, data)");
337 shouldRejectPromiseWithNull("crypto.subtle.encrypt({name: 'AES-gcm', iv: new Uint8Array(16), additionalData: new Uint8Array(1), tagLength: -1}, keys.aesGcm, data)");
338 shouldRejectPromiseWithNull("crypto.subtle.encrypt({name: 'AES-gcm', iv: new Uint8Array(16), additionalData: new Uint8Array(1), tagLength: 8000}, keys.aesGc m, data)");
339
340 // Try calling with the wrong key type.
341 aesCbc = {name: 'AES-CBC', iv: new Uint8Array([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15])};
342 shouldRejectPromiseWithNull("crypto.subtle.encrypt(aesCbc, keys.hmacSha1, da ta)");
343
344 // Key doesn't support encrypt.
345 shouldRejectPromiseWithNull("crypto.subtle.encrypt(aesCbc, keys.aesCbcJustDe crypt, data)");
346
347 // If no key was specified AND the algorithm was bogus, should complain
348 // about the missing key first.
349 shouldThrow("crypto.subtle.encrypt({name: 'bogus'}, null, data)");
350 }
351
352 addTask(importTestKeys().then(testNormalizationFailures));
353
354 completeTestWhenAllTasksDone();
355 123
356 </script> 124 </script>
357 125
358 </body> 126 </body>
127 </html>
OLDNEW
« no previous file with comments | « LayoutTests/crypto/aes-ctr-parseAlgorithm-failures-expected.txt ('k') | LayoutTests/crypto/aes-gcm-encrypt-decrypt-expected.txt » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698