[webcrypto] Implement PBKDF2 (blink-side)

LayoutTests/crypto/subtle/pbkdf2-deriveKey-aes.html

Index: LayoutTests/crypto/subtle/pbkdf2-deriveKey-aes.html
diff --git a/LayoutTests/crypto/subtle/pbkdf2-deriveKey-aes.html b/LayoutTests/crypto/subtle/pbkdf2-deriveKey-aes.html
new file mode 100644
index 0000000000000000000000000000000000000000..d3f1939365ec9e4647aaa0fe59bd97cfc8969a36
--- /dev/null
+++ b/LayoutTests/crypto/subtle/pbkdf2-deriveKey-aes.html
@@ -0,0 +1,139 @@
+<!DOCTYPE html>
+<html>
+<head>
+<script src="../../resources/js-test.js"></script>
+<script src="resources/common.js"></script>
+</head>
+<body>
+<p id="description"></p>
+<div id="console"></div>
+
+<script>
+description("Tests encrypt/decrypt for AES-CBC");
+
+jsTestIsAsync = true;
+
+// -------------------------------------------------
+// Successful password import and key derivation
+// -------------------------------------------------
+
+// Test vectors were copied from:
+//   https://tools.ietf.org/html/rfc6070
+//
+
+var kPbkdf2SuccessVectors = [
+  {
+    password: "password",
+    salt: "salt",
+    c: 1,
+    dkLen: 20,
+    hash: "SHA-1",
+    derived_key_full_length: "0c60c80f961f0e71f3a9b524af6012062fe037a6"
+  },
+
+  {
+    password: "password",
+    salt: "salt",
+    c: 2,
+    dkLen: 20,
+    hash: "SHA-1",
+    derived_key_full_length: "ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957"
+  },
+
+  {
+    password: "password",
+    salt: "salt",
+    c: 4096,
+    dkLen: 20,
+    hash: "SHA-1",
+    derived_key_full_length: "4b007901b765489abead49d926f721d065a429c1"
+  },
+
+//  16777216 iterations would timeout

[eroman, 2015/01/14 21:12:22]

Delete this testcase

[xun.sun, 2015/01/15 17:13:29]

Done.

+//  {
+//   password: "password",
+//   salt: "salt",
+//   c: 16777216,
+//   dkLen: 20,
+//   hash: "SHA-1",
+//   derived_key_full_length: "eefe3d61cd4da4e4e9945b3d6ba2158c2634e984"
+//  },
+
+  {
+    password: "passwordPASSWORDpassword",
+    salt: "saltSALTsaltSALTsaltSALTsaltSALTsalt",
+    c: 4096,
+    dkLen: 25,
+    hash: "SHA-1",
+    derived_key_full_length: "3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038"
+  },
+
+  {
+    password: "pass\0word",
+    salt: "sa\0lt",
+    c: 4096,
+    dkLen: 16,
+    hash: "SHA-1",
+    derived_key_full_length: "56fa6aa75548099dcc37d7f03425e0c3"
+  },
+];
+
+var key = null;
+var dkey = null;
+
+function runPbkdf2SuccessTestCase(testCase)
+{
+    var algorithm = {name: 'PBKDF2'};
+
+    var password = asciiToUint8Array(testCase.password);
+    var usages = ['deriveBits', 'deriveKey'];
+    var extractable = false;
+
+    var params = {
+        name: 'PBKDF2',
+        salt: asciiToUint8Array(testCase.salt),
+        iterations: testCase.c,
+        hash: {name: testCase.hash}
+    };
+    // (1) Import the password
+    return crypto.subtle.importKey('raw', password, algorithm, extractable, usages).then(function(result) {
+        key = result;
+        // shouldBe() can only resolve variables in global context.
+        tmpKey = key;
+        shouldEvaluateAs("tmpKey.type", "secret");
+        shouldEvaluateAs("tmpKey.extractable", false);
+        shouldEvaluateAs("tmpKey.algorithm.name", "PBKDF2");
+        shouldEvaluateAs("tmpKey.usages.join(',')", "deriveKey,deriveBits");
+
+        var derivedAlgorithm = {name: 'aes-cbc', length: 128};
+        // (2) Derive key for aes-cbc
+        return crypto.subtle.deriveKey(params, key, derivedAlgorithm, true, ['encrypt']);
+    }).then(function(result) {
+        dkey = result;
+
+        // Verify the key's properties.
+        shouldEvaluateAs("dkey.type", "secret");
+        shouldEvaluateAs("dkey.extractable", true);
+        shouldEvaluateAs("dkey.algorithm.name", "AES-CBC");
+        shouldEvaluateAs("dkey.algorithm.length", 128);
+        shouldEvaluateAs("dkey.usages.join(',')", "encrypt");
+
+        // Export the key and check its bytes.
+        return crypto.subtle.exportKey("raw",dkey);
+    }).then(function(result) {
+        bytesShouldMatchHexString("Derivedkey", testCase.derived_key_full_length.substring(0, 32), result);
+    });
+}
+
+var lastPromise = Promise.resolve(null);
+
+kPbkdf2SuccessVectors.forEach(function(test) {
+    lastPromise = lastPromise.then(runPbkdf2SuccessTestCase.bind(null, test));
+});
+
+lastPromise.then(finishJSTest, failAndFinishJSTest);
+
+</script>
+
+</body>
+</html>