| <!DOCTYPE html> |
| <html> |
| <head> |
| <script src="../../../resources/js-test.js"></script> |
| <script src="../resources/common.js"></script> |
| </head> |
| <body> |
| <p id="description"></p> |
| <div id="console"></div> |
| |
| <script> |
| description("Tests deriveKey() using ECDH to make HMAC keys"); |
| |
| jsTestIsAsync = true; |
| |
| // The test data uses a public key and private key (from different key pairs) for the P-521 curve. |
| var privateKeyJwk = { |
| "kty":"EC", |
| "crv":"P-521", |
| "d":"AI_Zu5xisuK-IIz85dTSoqaQSTxN1I88l05myJJ0ZYFMdQ2VmjFOIUTonKGG97yOGmikyid-6F48d7iI1zF6VRk7", |
| "x":"ACw6DX7wqwHVO-JzyOet0B-r10YVLv5R5q_IfiWCzclg0u_x57NCtOcFCFpM2ZnS22tyYjZb0gBHGcgUE_I-h-6s", |
| "y":"Actm2tCHBPOKLZMpJV3DaVOluln9zBsE2I0g6iV73I4M-liqA1rLSJN8q-vcSQtZF0JvzwuvGkGuTbvT_DaRQ2pf" |
| }; |
| |
| var publicKeyJwk = { |
| "kty":"EC", |
| "crv":"P-521", |
| "x":"ADRllQ0B7icrnJ7ib2r-CXvymGFiC_3f6_o0SzLMBIggM8ndQm9l768SToMy1hUo64JsofGSQ37P4CRqT_QeivBD", |
| "y":"ALKEzew1Xe4Sv86lZVqb2xxZ0l7WrE3DPJ93fUtSPih5iH8jg0GPDKMVoA5ffFmqPwbdgS2BK18PBFIT7QDGb2Zx" |
| }; |
| |
| // This is the full 528 bits of key data derived by ECDH using the above keys |
| // (only part of it will be used for these tests). In practice it wouldn't be a |
| // good idea to make a key directly from ECDH |
| // output without first going through a KDF, but this is just testing the API. |
| var fullDerivedBytesHex = "0117D54D84379D0FD385BE068455A77A5366AB534FF172AB0A121F37D180DCCD19607ABB0C41CB9F6F12B01303AC4A69DC2D1D05180181FD496D9769B46BFFEC3425" |
| |
| function importEcKeys() { |
| var keys = {}; |
| |
| debug("Importing the private key...\n"); |
| |
| return crypto.subtle.importKey("jwk", privateKeyJwk, {name: 'ECDH', namedCurve: "P-521"}, false, ["deriveKey"]).then(function(result) { |
| keys.private = result; |
| |
| debug("Importing the public key...\n"); |
| return crypto.subtle.importKey("jwk", publicKeyJwk, {name: 'ECDH', namedCurve: "P-521"}, false, []); |
| }).then(function(result) { |
| keys.public = result; |
| return keys; |
| }); |
| } |
| |
| var ecKeys = null; |
| |
| importEcKeys().then(function(result) { |
| ecKeys = result; |
| |
| // Derive an HMAC SHA-1 128-bit key having the 'sign' usage. |
| debug("Deriving an HMAC 136 bit key...\n"); |
| var algorithm = {name: 'ecdh', public: ecKeys.public}; |
| var derivedAlgorithm = {name: 'hmac', hash: "sha-1", length: 136}; |
| var extractable = true; |
| var usages = ['sign']; |
| |
| return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages); |
| }).then(function(result) { |
| key = result; |
| |
| // Verify the key's properties. |
| shouldEvaluateAs("key.type", "secret"); |
| shouldEvaluateAs("key.extractable", true); |
| shouldEvaluateAs("key.algorithm.name", "HMAC"); |
| shouldEvaluateAs("key.algorithm.hash.name", "SHA-1"); |
| shouldEvaluateAs("key.algorithm.length", 136); |
| shouldEvaluateAs("key.usages.join(',')", "sign"); |
| |
| // Export the key and check its bytes. |
| return crypto.subtle.exportKey("raw", key); |
| }).then(function(result) { |
| bytesShouldMatchHexString("Derived Bytes", fullDerivedBytesHex.substr(0, 34), result); |
| |
| // Derive an HMAC SHA-256 key having the 'sign, verify' usage. Use default length. |
| debug("Deriving an HMAC 256 bit key...\n"); |
| var algorithm = {name: 'ecdh', public: ecKeys.public}; |
| var derivedAlgorithm = {name: 'hmac', hash: "sha-256"} |
| var extractable = true; |
| var usages = ['sign', 'verify']; |
| |
| return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages); |
| }).then(function(result) { |
| key = result; |
| |
| // Verify the key's properties. |
| shouldEvaluateAs("key.type", "secret"); |
| shouldEvaluateAs("key.extractable", true); |
| shouldEvaluateAs("key.algorithm.name", "HMAC"); |
| shouldEvaluateAs("key.algorithm.hash.name", "SHA-256"); |
| shouldEvaluateAs("key.algorithm.length", 512); |
| shouldEvaluateAs("key.usages.join(',')", "sign,verify"); |
| |
| // Export the key and check its bytes. |
| return crypto.subtle.exportKey("raw", key); |
| }).then(function(result) { |
| bytesShouldMatchHexString("Derived Bytes", fullDerivedBytesHex.substr(0, 128), result); |
| |
| // Derive an HMAC 256 bit key having the 'verify' usage and non-extractable |
| debug("Deriving an HMAC 256 bit key...\n"); |
| var algorithm = {name: 'ecdh', public: ecKeys.public}; |
| var derivedAlgorithm = {name: 'HMAC', hash: 'sha-256', length: 256} |
| var extractable = false; |
| var usages = ['verify']; |
| |
| return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages); |
| }).then(function(result) { |
| key = result; |
| |
| // Verify the key's properties. |
| shouldEvaluateAs("key.type", "secret"); |
| shouldEvaluateAs("key.extractable", false); |
| shouldEvaluateAs("key.algorithm.name", "HMAC"); |
| shouldEvaluateAs("key.algorithm.hash.name", "SHA-256"); |
| shouldEvaluateAs("key.algorithm.length", 256); |
| shouldEvaluateAs("key.usages.join(',')", "verify"); |
| }).then(finishJSTest, failAndFinishJSTest); |
| |
| </script> |
| |
| </body> |
| </html> |