OLD | NEW |
| (Empty) |
1 <!DOCTYPE html> | |
2 <html> | |
3 <head> | |
4 <script src="../resources/js-test.js"></script> | |
5 <script src="resources/common.js"></script> | |
6 <script src="resources/keys.js"></script> | |
7 </head> | |
8 <body> | |
9 <p id="description"></p> | |
10 <div id="console"></div> | |
11 | |
12 <script> | |
13 description("Decrypting truncated AES-CBC ciphertext should fail"); | |
14 | |
15 jsTestIsAsync = true; | |
16 | |
17 // 128-bit key with plaintext that is an exact multiple of block size. | |
18 // Derived from [1] F.2.1 (CBC-AES128.Encrypt), by adding padding block. | |
19 var iv = hexStringToUint8Array("000102030405060708090a0b0c0d0e0f"); | |
20 var keyData = hexStringToUint8Array("2b7e151628aed2a6abf7158809cf4f3c"); | |
21 var cipherText = hexStringToUint8Array("7649abac8119b246cee98e9b12e9197d5086cb9b
507219ee95db113a917678b273bed6b8e3c1743b7116e69e222295163ff1caa1681fac09120eca30
7586e1a78cb82807230e1321d3fae00d18cc2012"); | |
22 | |
23 var key = null; | |
24 var usages = ['encrypt', 'decrypt']; | |
25 var extractable = false; | |
26 var algorithm = {name: 'aes-cbc', iv: iv}; | |
27 | |
28 function verifyDecryptionFails(newCipherTextLength) | |
29 { | |
30 var newCipherText = cipherText.subarray(0, newCipherTextLength); | |
31 | |
32 var description = "ciphertext length: " + newCipherText.byteLength; | |
33 return crypto.subtle.decrypt(algorithm, key, newCipherText).then(function(re
sult) { | |
34 debug("FAIL: decrypting succeeded. " + description); | |
35 }, function(result) { | |
36 logError(result); | |
37 debug("PASS: decrypting failed. " + description); | |
38 }); | |
39 } | |
40 | |
41 crypto.subtle.importKey('raw', keyData, algorithm, extractable, usages).then(fun
ction(result) { | |
42 key = result; | |
43 | |
44 // Verify that decryption works with the original ciphertext. | |
45 return crypto.subtle.decrypt(algorithm, key, cipherText); | |
46 }).then(function(result) { | |
47 debug("PASS: Decryption succeeded"); | |
48 | |
49 // Try a number of bad ciphertexts. | |
50 var badLengths = [ | |
51 0, | |
52 cipherText.byteLength - 1, | |
53 | |
54 // Stripped a whole block. This new final block will result in a | |
55 // padding error. | |
56 cipherText.byteLength - 16, | |
57 1, | |
58 15, | |
59 16, | |
60 17 | |
61 ]; | |
62 | |
63 var lastPromise = Promise.resolve(null); | |
64 badLengths.forEach(function(badLength) { | |
65 lastPromise = lastPromise.then(verifyDecryptionFails.bind(null, badLengt
h)); | |
66 }); | |
67 return lastPromise; | |
68 }).then(finishJSTest, failAndFinishJSTest); | |
69 | |
70 </script> | |
71 | |
72 </body> | |
73 </html> | |
OLD | NEW |