Webcrypto: add layout tests for HKDF algorithm

LayoutTests/crypto/subtle/hkdf-deriveBits-failures.html

Index: LayoutTests/crypto/subtle/hkdf-deriveBits-failures.html
diff --git a/LayoutTests/crypto/subtle/hkdf-deriveBits-failures.html b/LayoutTests/crypto/subtle/hkdf-deriveBits-failures.html
new file mode 100644
index 0000000000000000000000000000000000000000..455f94242520764e5536e38d4801900c7791a1b9
--- /dev/null
+++ b/LayoutTests/crypto/subtle/hkdf-deriveBits-failures.html
@@ -0,0 +1,60 @@
+<!DOCTYPE html>
+<html>
+<head>
+<script src="../../resources/js-test.js"></script>
+<script src="resources/common.js"></script>
+</head>
+<body>
+<p id="description"></p>
+<div id="console"></div>
+
+<script>
+description("Test bad inputs to HKDF deriveBits()");
+
+jsTestIsAsync = true;
+
+kHkdfKey = "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b";
+
+var extractable = true;
+Promise.resolve(null).then(function(result) {
+    // Set up the test by creating an HKDF key...
+    return crypto.subtle.importKey("raw", hexStringToUint8Array(kHkdfKey), {name: "HKDF"}, extractable, ['deriveKey', 'deriveBits']);
+}).then(function(result) {
+    hkdfKey = result;
+
+    // ... and an ECDH key.
+    return crypto.subtle.generateKey({name: "ECDH", namedCurve: "P-256"}, true, ['deriveBits']);
+}).then(function(result) {
+    ecdhKey = result;
+
+    // Should throw a NotSupportedError if hash does not describe a recognized
+    // algorithm that supports the digest operation.
+    debug("\nderiveBits() with an unsupported hash...");
+    return crypto.subtle.deriveBits({name: "HKDF", hash: "HMAC", salt: new Uint8Array(), info: new Uint8Array()}, hkdfKey, 8);
+}).then(failAndFinishJSTest, function(result) {
+    logError(result);
+
+    // Should throw an InvalidAccessError if key doesn't match the algorithm
+    debug("\nderiveBits() with an ECDH key...");
+    return crypto.subtle.deriveBits({name: "HKDF", hash: "SHA-256", salt: new Uint8Array(), info: new Uint8Array()}, ecdhKey.privateKey, 8);
+}).then(failAndFinishJSTest, function(result) {
+    logError(result);
+
+    // Should throw an OperationError if the key derivation operation
+    // fails.  The key derivation operation will fail here because the length
+    // is too long.
+    //
+    // The maximum length (in bytes) of output material for HKDF is 255 times
+    // the digest length. In this case, the digest length (in bytes) of
+    // SHA-256 is 32; 32*255 = 8160. deriveBits expects the length to be in
+    // bits, so 8160*8=65280 and add 1 to exceed the maximum length.

[eroman, 2015/01/13 00:45:34]

nit: I would have suggested adding 8 so it is 1 byte larger instead of 1 bit.
But either one is testing something valuable.

+    debug("\nderiveBits() with length of 65281...");
+    return crypto.subtle.deriveBits({name: "HKDF", hash: "SHA-256", salt: new Uint8Array(), info: new Uint8Array()}, hkdfKey, 65281);
+}).then(failAndFinishJSTest, function(result) {
+    logError(result);
+}).then(finishJSTest, failAndFinishJSTest);
+
+</script>
+
+</body>
+</html>