[webcrypto] Implement PBKDF2 (blink-side)

LayoutTests/crypto/subtle/clone-pbkdf2Key.html

Index: LayoutTests/crypto/subtle/clone-pbkdf2Key.html
diff --git a/LayoutTests/crypto/subtle/clone-hmacKey.html b/LayoutTests/crypto/subtle/clone-pbkdf2Key.html
similarity index 60%
copy from LayoutTests/crypto/subtle/clone-hmacKey.html
copy to LayoutTests/crypto/subtle/clone-pbkdf2Key.html
index d2ae6512d727a095aba5abd0a851f3fb17fb7ad8..4b2e22a74878942fe8d0c473128db5b9b12380f3 100644
--- a/LayoutTests/crypto/subtle/clone-hmacKey.html
+++ b/LayoutTests/crypto/subtle/clone-pbkdf2Key.html
@@ -9,12 +9,12 @@
 <div id="console"></div>
 
 <script>
-description("Tests structured cloning of HMAC keys");
+description("Tests structured cloning of PBKDF2 keys");
 
 jsTestIsAsync = true;
 
-// Tests the 48 permutations of keys generated by:
-//   kPossibleHashAlgorithms x kPossibleExtractable x kPossibleKeyUsages x kPossibleKeyData
+// Tests the 18 permutations of keys generated by:
+//   kPossibleHashAlgorithms x kPossibleKeyUsages x kPossibleKeyData
 //
 // For practical reasons these tests are not exhaustive.
 
@@ -22,17 +22,17 @@ var k128BitData = "30112233445566778899aabbccddeeff"
 var k256BitData = "00112233445546778899aabbccddeeff000102030405060708090a0b0c0d0e0f";

[eroman, 2015/01/14 21:12:22]

Could you change the data lengths to some more interesting values?

  * 0 bytes
  * 1 byte
  * 11 bytes (or something other than 16 and 32)

I suggest this because the PBKDF2 key can be arbitrary length so a bit more
variety in the key lengths makes for a good test.

[xun.sun, 2015/01/15 17:13:29]

Done. Now testing with passwords of 1 byte, 8 bytes, and 11 bytes. I'm a bit
hesitant with 0 bytes because I think empty passwords don't make sense but the
spec does not request to reject them?

[eroman, 2015/01/15 22:28:57]

It should be easy to add an empty password case, can you add it to this CL? If
you are having problems then it is OK to do so in a follow-up CL.

Independent of whether empty length is allowed or rejected by the spec, it is
important to have a test for it, since empty input is the sort of boundary case
that has a good chance of causing problems in the implementation.

Since these inputs are user-controlled, we need to be very careful that they
cannot lead to problems. Historically crypto library haven't been hardened
against invalid inputs, so testing these cases is important.

 
 var kPossibleHashAlgorithms = ['SHA-1', 'SHA-256', 'SHA-512'];
-var kPossibleExtractable = [true, false];
-var kPossibleKeyUsages = [['sign'], ['verify'], ['sign', 'verify']];
+var kPossibleKeyUsages = [['deriveBits'], ['deriveKey'], ['deriveKey', 'deriveBits']];
 var kPossibleKeyData = [
     k128BitData,
     k256BitData
 ];
 
-function runTest(hashName, extractable, keyUsages, keyData)
+function runTest(hashName, keyUsages, keyData)
 {
     var importData = hexStringToUint8Array(keyData);
-    var importAlgorithm = { name: 'HMAC', hash: {name: hashName } };
+    var importAlgorithm = { name: 'PBKDF2', hash: {name: hashName } };
+    var extractable = false;
 
     var results = {};
 
@@ -40,21 +40,15 @@ function runTest(hashName, extractable, keyUsages, keyData)
         results.importedKey = importedKey;
         importedKey.extraProperty = 'hi';
         return cloneKey(importedKey);
-    }).then(function(clonedKey) {
-        results.clonedKey = clonedKey;
-        if (extractable)
-            return crypto.subtle.exportKey('raw', clonedKey);
-        return null;
-    }).then(function(clonedKeyData) {
+    }).then(function(result) {
+        results.clonedKey = result;
         importedKey = results.importedKey;
         clonedKey = results.clonedKey;
 
         shouldEvaluateAs("importedKey.extraProperty", "hi");
         shouldEvaluateAs("importedKey.type", "secret");
         shouldEvaluateAs("importedKey.extractable", extractable);
-        shouldEvaluateAs("importedKey.algorithm.name", "HMAC");
-        shouldEvaluateAs("importedKey.algorithm.length", importData.length * 8);
-        shouldEvaluateAs("importedKey.algorithm.hash.name", hashName);
+        shouldEvaluateAs("importedKey.algorithm.name", "PBKDF2");
         shouldEvaluateAs("importedKey.usages.join(',')", keyUsages.join(","));
 
         shouldNotBe("importedKey", "clonedKey");
@@ -62,16 +56,11 @@ function runTest(hashName, extractable, keyUsages, keyData)
         shouldBeUndefined("clonedKey.extraProperty");
         shouldEvaluateAs("clonedKey.type", "secret");
         shouldEvaluateAs("clonedKey.extractable", extractable);
-        shouldEvaluateAs("clonedKey.algorithm.name", "HMAC");
-        shouldEvaluateAs("clonedKey.algorithm.length", importData.length * 8);
-        shouldEvaluateAs("clonedKey.algorithm.hash.name", hashName);
+        shouldEvaluateAs("clonedKey.algorithm.name", "PBKDF2");
         shouldEvaluateAs("clonedKey.usages.join(',')", keyUsages.join(","));
 
         logSerializedKey(importedKey);
 
-        if (extractable)
-            bytesShouldMatchHexString("Cloned key exported data", keyData, clonedKeyData);
-
         debug("");
     });
 }
@@ -79,13 +68,11 @@ function runTest(hashName, extractable, keyUsages, keyData)
 var lastPromise = Promise.resolve(null);
 
 kPossibleHashAlgorithms.forEach(function(hashName) {
-    kPossibleExtractable.forEach(function(extractable) {
         kPossibleKeyUsages.forEach(function(keyUsages) {
             kPossibleKeyData.forEach(function(keyData) {
-                lastPromise = lastPromise.then(runTest.bind(null, hashName, extractable, keyUsages, keyData));
+                lastPromise = lastPromise.then(runTest.bind(null, hashName, keyUsages, keyData));
             });
         });
-    });
 });
 
 lastPromise.then(finishJSTest, failAndFinishJSTest);