chromium/src/third_party/blink/web_tests/crypto/subtle/ecdh/deriveKey-failures.html - manifest_repos/chromium_src - Git at Google

 <!DOCTYPE html>
 <html>
 <head>
 <script src="../../../resources/js-test.js"></script>
 <script src="../resources/common.js"></script>
 </head>
 <body>
 <p id="description"></p>
 <div id="console"></div>

 <script>
 description("Tests deriveKey() with various bad parameters for ECDH");

 jsTestIsAsync = true;

 // The test data uses a public key and private key (from different key pairs) for the P-521 curve.
 var privateKeyJwk = {
      "kty":"EC",
      "crv":"P-521",
      "d":"AI_Zu5xisuK-IIz85dTSoqaQSTxN1I88l05myJJ0ZYFMdQ2VmjFOIUTonKGG97yOGmikyid-6F48d7iI1zF6VRk7",
      "x":"ACw6DX7wqwHVO-JzyOet0B-r10YVLv5R5q_IfiWCzclg0u_x57NCtOcFCFpM2ZnS22tyYjZb0gBHGcgUE_I-h-6s",
      "y":"Actm2tCHBPOKLZMpJV3DaVOluln9zBsE2I0g6iV73I4M-liqA1rLSJN8q-vcSQtZF0JvzwuvGkGuTbvT_DaRQ2pf"
  };

 var publicKeyJwk = {
    "kty":"EC",
    "crv":"P-521",
    "x":"ADRllQ0B7icrnJ7ib2r-CXvymGFiC_3f6_o0SzLMBIggM8ndQm9l768SToMy1hUo64JsofGSQ37P4CRqT_QeivBD",
    "y":"ALKEzew1Xe4Sv86lZVqb2xxZ0l7WrE3DPJ93fUtSPih5iH8jg0GPDKMVoA5ffFmqPwbdgS2BK18PBFIT7QDGb2Zx"
 };

 var privateKey384Jwk = {
     "kty": "EC",
     "crv": "P-384",
     "d": "pJLOj6kAhMIn4aMveXTTnp_2en6HBew0GbNftgdYK-vUYeCxUgrHbsLdTptj665x",
     "x": "5V_ubEnY1SP1znv5wEJc5P9lBwi33lz7CVkBUjl5p_BCYC2zCFRzU2mBO1w_Xvho",
     "y": "KPWcxdxQmJKpiNOKjiUZ3j0MT9D72wmT448YUGwXYGxeJCSSRvHOlJg6U2HFvpg-"
 };

 function importEcKeys() {
     var keys = {};

     debug("Importing the private key...");

     return crypto.subtle.importKey("jwk", privateKeyJwk, {name: 'ECDH', namedCurve: "P-521"}, false, ["deriveKey"]).then(function(result) {
         keys.private = result;

         debug("Importing the public key...");
         return crypto.subtle.importKey("jwk", publicKeyJwk, {name: 'ECDH', namedCurve: "P-521"}, false, []);
     }).then(function(result) {
         keys.public = result;

         // Same as keys.private but with deriveBits instead of deriveKey.
         return crypto.subtle.importKey("jwk", privateKeyJwk, {name: 'ECDH', namedCurve: "P-521"}, false, ["deriveBits"]);
     }).then(function(result) {
         keys.privateNoDeriveKey = result;

         // Import a P-384 private key.
         return crypto.subtle.importKey("jwk", privateKey384Jwk, {name: 'ECDH', namedCurve: "P-384"}, false, ["deriveKey"]);
     }).then(function(result) {
         keys.private384 = result;

         // Import the private key as ECDSA.
         return crypto.subtle.importKey("jwk", publicKeyJwk, {name: 'ECDSA', namedCurve: "P-521"}, false, ["verify"]);
     }).then(function(result) {
         keys.publicEcdsa = result;

         // Import an AES key
         return crypto.subtle.importKey("raw", new Uint8Array(16), "aes-cbc", true, ["encrypt"]);
     }).then(function(result) {
         keys.aes = result;

         return keys;
     });
 }

 var ecKeys = null;

 importEcKeys().then(function(result) {
     ecKeys = result;

     debug("\nDeriving an AES key with no length...");
     var algorithm = {name: 'ecdh', public: ecKeys.public};
     var derivedAlgorithm = {name: 'aes-cbc'};
     var extractable = true;
     var usages = ['encrypt'];

     return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
 }).then(failAndFinishJSTest, function(result) {
     logError(result);

     debug("\nDeriving an AES key with bad length...");
     var algorithm = {name: 'ecdh', public: ecKeys.public};
     var derivedAlgorithm = {name: 'aes-cbc', length: 120};
     var extractable = true;
     var usages = ['encrypt'];

     return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
 }).then(failAndFinishJSTest, function(result) {
     logError(result);

     debug("\nDeriving an AES key with unsupported length...");
     var algorithm = {name: 'ecdh', public: ecKeys.public};
     var derivedAlgorithm = {name: 'aes-cbc', length: 192};
     var extractable = true;
     var usages = ['encrypt'];

     return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
 }).then(failAndFinishJSTest, function(result) {
     logError(result);

     debug("\nDeriving an AES-CBC key with unsupported usage (sign)...");
     var algorithm = {name: 'ecdh', public: ecKeys.public};
     var derivedAlgorithm = {name: 'aes-cbc', length: 128};
     var extractable = true;
     var usages = ['sign'];  // Not valid for AES-CBC.

     return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
 }).then(failAndFinishJSTest, function(result) {
     logError(result);

     debug("\nDeriving using an ECDH key that has deriveBits but NOT deriveKey... usage");
     var algorithm = {name: 'ecdh', public: ecKeys.public};
     var derivedAlgorithm = {name: 'aes-cbc', length: 128};
     var extractable = true;
     var usages = ['encrypt'];

     return crypto.subtle.deriveKey(algorithm, ecKeys.privateNoDeriveKey, derivedAlgorithm, extractable, usages);
 }).then(failAndFinishJSTest, function(result) {
     logError(result);

     debug("\nDeriving using public instead of private key...");
     var algorithm = {name: 'ecdh', public: ecKeys.public};
     var derivedAlgorithm = {name: 'aes-cbc', length: 128};
     var extractable = true;
     var usages = ['encrypt'];

     return crypto.subtle.deriveKey(algorithm, ecKeys.public, derivedAlgorithm, extractable, usages);
 }).then(failAndFinishJSTest, function(result) {
     logError(result);

     debug("\nDeriving using private instead of public key...");
     var algorithm = {name: 'ecdh', public: ecKeys.private};
     var derivedAlgorithm = {name: 'aes-cbc', length: 128};
     var extractable = true;
     var usages = ['encrypt'];

     return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
 }).then(failAndFinishJSTest, function(result) {
     logError(result);

     debug("\nDeriving a key larger than the field size of P-521...");
     var algorithm = {name: 'ecdh', public: ecKeys.public};
     var derivedAlgorithm = {name: 'HMAC', hash: "sha-1", length: 1024};
     var extractable = true;
     var usages = ['sign'];

     return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
 }).then(failAndFinishJSTest, function(result) {
     logError(result);

     debug("\nDeriving a zero-length HMAC key...");
     var algorithm = {name: 'ecdh', public: ecKeys.public};
     var derivedAlgorithm = {name: 'HMAC', hash: "sha-1", length: 0};
     var extractable = true;
     var usages = ['sign'];

     return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
 }).then(failAndFinishJSTest, function(result) {
     logError(result);

     debug("\nDeriving a key larger than field size of P-521, by requesting an HMAC SHA-512 key with no length...");
     var algorithm = {name: 'ecdh', public: ecKeys.public};
     var derivedAlgorithm = {name: 'HMAC', hash: "sha-512"};
     var extractable = true;
     var usages = ['sign'];

     return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
 }).then(failAndFinishJSTest, function(result) {
     logError(result);

     debug("\nDeriving a key using mismatched curves on public/private keys...");
     var algorithm = {name: 'ecdh', public: ecKeys.public};
     var derivedAlgorithm = {name: 'HMAC', hash: "sha-1"};
     var extractable = true;
     var usages = ['sign'];

     return crypto.subtle.deriveKey(algorithm, ecKeys.private384, derivedAlgorithm, extractable, usages);
 }).then(failAndFinishJSTest, function(result) {
     logError(result);

     debug("\nDeriving a key using a public EC key for different algorithm (ECDSA)...");
     var algorithm = {name: 'ecdh', public: ecKeys.publicEcdsa};
     var derivedAlgorithm = {name: 'HMAC', hash: "sha-1"};
     var extractable = true;
     var usages = ['sign'];

     return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
 }).then(failAndFinishJSTest, function(result) {
     logError(result);

     debug("\nDeriving a key using an AES key for public key...");
     var algorithm = {name: 'ecdh', public: ecKeys.aes};
     var derivedAlgorithm = {name: 'HMAC', hash: "sha-1"};
     var extractable = true;
     var usages = ['sign'];

     return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
 }).then(failAndFinishJSTest, function(result) {
     logError(result);

     debug("\nDeriving a key without specifying the \"public\" parameter...");
     var algorithm = {name: 'ecdh'};
     var derivedAlgorithm = {name: 'HMAC', hash: "sha-1"};
     var extractable = true;
     var usages = ['sign'];

     return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
 }).then(failAndFinishJSTest, function(result) {
     logError(result);

     debug("\nDeriving a key having specified a bogus \"public\" parameter...");
     var algorithm = {name: 'ecdh', public: -1};
     var derivedAlgorithm = {name: 'HMAC', hash: "sha-1"};
     var extractable = true;
     var usages = ['sign'];

     return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
 }).then(failAndFinishJSTest, function(result) {
     logError(result);

     debug("\nDeriving an ECDH key using ECDH...");
     var algorithm = {name: 'ecdh', public: ecKeys.public};
     var derivedAlgorithm = {name: 'ECDH', namedCurve: "P-256"};
     var extractable = true;
     var usages = ['deriveBits'];

     return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
 }).then(failAndFinishJSTest, function(result) {
     logError(result);

     debug("\nDeriving an RSA-OAEP key using ECDH...");
     var algorithm = {name: 'ecdh', public: ecKeys.public};
     var derivedAlgorithm = {name: 'RSA-OAEP', hash: "sha-1"};
     var extractable = true;
     var usages = ['encrypt'];

     return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
 }).then(failAndFinishJSTest, function(result) {
     logError(result);

     debug("");
 }).then(finishJSTest, failAndFinishJSTest);

 </script>

 </body>
 </html>
	<!DOCTYPE html>
	<html>
	<head>
	<script src="../../../resources/js-test.js"></script>
	<script src="../resources/common.js"></script>
	</head>
	<body>
	<p id="description"></p>
	<div id="console"></div>

	<script>
	description("Tests deriveKey() with various bad parameters for ECDH");

	jsTestIsAsync = true;

	// The test data uses a public key and private key (from different key pairs) for the P-521 curve.
	var privateKeyJwk = {
	"kty":"EC",
	"crv":"P-521",
	"d":"AI_Zu5xisuK-IIz85dTSoqaQSTxN1I88l05myJJ0ZYFMdQ2VmjFOIUTonKGG97yOGmikyid-6F48d7iI1zF6VRk7",
	"x":"ACw6DX7wqwHVO-JzyOet0B-r10YVLv5R5q_IfiWCzclg0u_x57NCtOcFCFpM2ZnS22tyYjZb0gBHGcgUE_I-h-6s",
	"y":"Actm2tCHBPOKLZMpJV3DaVOluln9zBsE2I0g6iV73I4M-liqA1rLSJN8q-vcSQtZF0JvzwuvGkGuTbvT_DaRQ2pf"
	};

	var publicKeyJwk = {
	"kty":"EC",
	"crv":"P-521",
	"x":"ADRllQ0B7icrnJ7ib2r-CXvymGFiC_3f6_o0SzLMBIggM8ndQm9l768SToMy1hUo64JsofGSQ37P4CRqT_QeivBD",
	"y":"ALKEzew1Xe4Sv86lZVqb2xxZ0l7WrE3DPJ93fUtSPih5iH8jg0GPDKMVoA5ffFmqPwbdgS2BK18PBFIT7QDGb2Zx"
	};

	var privateKey384Jwk = {
	"kty": "EC",
	"crv": "P-384",
	"d": "pJLOj6kAhMIn4aMveXTTnp_2en6HBew0GbNftgdYK-vUYeCxUgrHbsLdTptj665x",
	"x": "5V_ubEnY1SP1znv5wEJc5P9lBwi33lz7CVkBUjl5p_BCYC2zCFRzU2mBO1w_Xvho",
	"y": "KPWcxdxQmJKpiNOKjiUZ3j0MT9D72wmT448YUGwXYGxeJCSSRvHOlJg6U2HFvpg-"
	};

	function importEcKeys() {
	var keys = {};

	debug("Importing the private key...");

	return crypto.subtle.importKey("jwk", privateKeyJwk, {name: 'ECDH', namedCurve: "P-521"}, false, ["deriveKey"]).then(function(result) {
	keys.private = result;

	debug("Importing the public key...");
	return crypto.subtle.importKey("jwk", publicKeyJwk, {name: 'ECDH', namedCurve: "P-521"}, false, []);
	}).then(function(result) {
	keys.public = result;

	// Same as keys.private but with deriveBits instead of deriveKey.
	return crypto.subtle.importKey("jwk", privateKeyJwk, {name: 'ECDH', namedCurve: "P-521"}, false, ["deriveBits"]);
	}).then(function(result) {
	keys.privateNoDeriveKey = result;

	// Import a P-384 private key.
	return crypto.subtle.importKey("jwk", privateKey384Jwk, {name: 'ECDH', namedCurve: "P-384"}, false, ["deriveKey"]);
	}).then(function(result) {
	keys.private384 = result;

	// Import the private key as ECDSA.
	return crypto.subtle.importKey("jwk", publicKeyJwk, {name: 'ECDSA', namedCurve: "P-521"}, false, ["verify"]);
	}).then(function(result) {
	keys.publicEcdsa = result;

	// Import an AES key
	return crypto.subtle.importKey("raw", new Uint8Array(16), "aes-cbc", true, ["encrypt"]);
	}).then(function(result) {
	keys.aes = result;

	return keys;
	});
	}

	var ecKeys = null;

	importEcKeys().then(function(result) {
	ecKeys = result;

	debug("\nDeriving an AES key with no length...");
	var algorithm = {name: 'ecdh', public: ecKeys.public};
	var derivedAlgorithm = {name: 'aes-cbc'};
	var extractable = true;
	var usages = ['encrypt'];

	return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
	}).then(failAndFinishJSTest, function(result) {
	logError(result);

	debug("\nDeriving an AES key with bad length...");
	var algorithm = {name: 'ecdh', public: ecKeys.public};
	var derivedAlgorithm = {name: 'aes-cbc', length: 120};
	var extractable = true;
	var usages = ['encrypt'];

	return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
	}).then(failAndFinishJSTest, function(result) {
	logError(result);

	debug("\nDeriving an AES key with unsupported length...");
	var algorithm = {name: 'ecdh', public: ecKeys.public};
	var derivedAlgorithm = {name: 'aes-cbc', length: 192};
	var extractable = true;
	var usages = ['encrypt'];

	return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
	}).then(failAndFinishJSTest, function(result) {
	logError(result);

	debug("\nDeriving an AES-CBC key with unsupported usage (sign)...");
	var algorithm = {name: 'ecdh', public: ecKeys.public};
	var derivedAlgorithm = {name: 'aes-cbc', length: 128};
	var extractable = true;
	var usages = ['sign']; // Not valid for AES-CBC.

	return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
	}).then(failAndFinishJSTest, function(result) {
	logError(result);

	debug("\nDeriving using an ECDH key that has deriveBits but NOT deriveKey... usage");
	var algorithm = {name: 'ecdh', public: ecKeys.public};
	var derivedAlgorithm = {name: 'aes-cbc', length: 128};
	var extractable = true;
	var usages = ['encrypt'];

	return crypto.subtle.deriveKey(algorithm, ecKeys.privateNoDeriveKey, derivedAlgorithm, extractable, usages);
	}).then(failAndFinishJSTest, function(result) {
	logError(result);

	debug("\nDeriving using public instead of private key...");
	var algorithm = {name: 'ecdh', public: ecKeys.public};
	var derivedAlgorithm = {name: 'aes-cbc', length: 128};
	var extractable = true;
	var usages = ['encrypt'];

	return crypto.subtle.deriveKey(algorithm, ecKeys.public, derivedAlgorithm, extractable, usages);
	}).then(failAndFinishJSTest, function(result) {
	logError(result);

	debug("\nDeriving using private instead of public key...");
	var algorithm = {name: 'ecdh', public: ecKeys.private};
	var derivedAlgorithm = {name: 'aes-cbc', length: 128};
	var extractable = true;
	var usages = ['encrypt'];

	return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
	}).then(failAndFinishJSTest, function(result) {
	logError(result);

	debug("\nDeriving a key larger than the field size of P-521...");
	var algorithm = {name: 'ecdh', public: ecKeys.public};
	var derivedAlgorithm = {name: 'HMAC', hash: "sha-1", length: 1024};
	var extractable = true;
	var usages = ['sign'];

	return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
	}).then(failAndFinishJSTest, function(result) {
	logError(result);

	debug("\nDeriving a zero-length HMAC key...");
	var algorithm = {name: 'ecdh', public: ecKeys.public};
	var derivedAlgorithm = {name: 'HMAC', hash: "sha-1", length: 0};
	var extractable = true;
	var usages = ['sign'];

	return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
	}).then(failAndFinishJSTest, function(result) {
	logError(result);

	debug("\nDeriving a key larger than field size of P-521, by requesting an HMAC SHA-512 key with no length...");
	var algorithm = {name: 'ecdh', public: ecKeys.public};
	var derivedAlgorithm = {name: 'HMAC', hash: "sha-512"};
	var extractable = true;
	var usages = ['sign'];

	return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
	}).then(failAndFinishJSTest, function(result) {
	logError(result);

	debug("\nDeriving a key using mismatched curves on public/private keys...");
	var algorithm = {name: 'ecdh', public: ecKeys.public};
	var derivedAlgorithm = {name: 'HMAC', hash: "sha-1"};
	var extractable = true;
	var usages = ['sign'];

	return crypto.subtle.deriveKey(algorithm, ecKeys.private384, derivedAlgorithm, extractable, usages);
	}).then(failAndFinishJSTest, function(result) {
	logError(result);

	debug("\nDeriving a key using a public EC key for different algorithm (ECDSA)...");
	var algorithm = {name: 'ecdh', public: ecKeys.publicEcdsa};
	var derivedAlgorithm = {name: 'HMAC', hash: "sha-1"};
	var extractable = true;
	var usages = ['sign'];

	return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
	}).then(failAndFinishJSTest, function(result) {
	logError(result);

	debug("\nDeriving a key using an AES key for public key...");
	var algorithm = {name: 'ecdh', public: ecKeys.aes};
	var derivedAlgorithm = {name: 'HMAC', hash: "sha-1"};
	var extractable = true;
	var usages = ['sign'];

	return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
	}).then(failAndFinishJSTest, function(result) {
	logError(result);

	debug("\nDeriving a key without specifying the \"public\" parameter...");
	var algorithm = {name: 'ecdh'};
	var derivedAlgorithm = {name: 'HMAC', hash: "sha-1"};
	var extractable = true;
	var usages = ['sign'];

	return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
	}).then(failAndFinishJSTest, function(result) {
	logError(result);

	debug("\nDeriving a key having specified a bogus \"public\" parameter...");
	var algorithm = {name: 'ecdh', public: -1};
	var derivedAlgorithm = {name: 'HMAC', hash: "sha-1"};
	var extractable = true;
	var usages = ['sign'];

	return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
	}).then(failAndFinishJSTest, function(result) {
	logError(result);

	debug("\nDeriving an ECDH key using ECDH...");
	var algorithm = {name: 'ecdh', public: ecKeys.public};
	var derivedAlgorithm = {name: 'ECDH', namedCurve: "P-256"};
	var extractable = true;
	var usages = ['deriveBits'];

	return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
	}).then(failAndFinishJSTest, function(result) {
	logError(result);

	debug("\nDeriving an RSA-OAEP key using ECDH...");
	var algorithm = {name: 'ecdh', public: ecKeys.public};
	var derivedAlgorithm = {name: 'RSA-OAEP', hash: "sha-1"};
	var extractable = true;
	var usages = ['encrypt'];

	return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
	}).then(failAndFinishJSTest, function(result) {
	logError(result);

	debug("");
	}).then(finishJSTest, failAndFinishJSTest);

	</script>

	</body>
	</html>