| <!DOCTYPE html> |
| <html> |
| <head> |
| <script src="../../../resources/js-test.js"></script> |
| <script src="../resources/common.js"></script> |
| </head> |
| <body> |
| <p id="description"></p> |
| <div id="console"></div> |
| |
| <script> |
| description("Test bad inputs to HKDF deriveBits()"); |
| |
| jsTestIsAsync = true; |
| |
| kHkdfKey = "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"; |
| |
| var extractable = false; |
| Promise.resolve(null).then(function(result) { |
| // Set up the test by creating an HKDF key... |
| return crypto.subtle.importKey("raw", hexStringToUint8Array(kHkdfKey), {name: "HKDF"}, extractable, ['deriveKey', 'deriveBits']); |
| }).then(function(result) { |
| hkdfKey = result; |
| |
| // ... and an ECDH key. |
| return crypto.subtle.generateKey({name: "ECDH", namedCurve: "P-256"}, true, ['deriveBits']); |
| }).then(function(result) { |
| ecdhKey = result; |
| |
| // Should throw a NotSupportedError if hash does not describe a recognized |
| // algorithm that supports the digest operation. |
| debug("\nderiveBits() with an unsupported hash..."); |
| return crypto.subtle.deriveBits({name: "HKDF", hash: "HMAC", salt: new Uint8Array(), info: new Uint8Array()}, hkdfKey, 8); |
| }).then(failAndFinishJSTest, function(result) { |
| logError(result); |
| |
| // Should throw an InvalidAccessError if key doesn't match the algorithm |
| debug("\nderiveBits() with an ECDH key..."); |
| return crypto.subtle.deriveBits({name: "HKDF", hash: "SHA-256", salt: new Uint8Array(), info: new Uint8Array()}, ecdhKey.privateKey, 8); |
| }).then(failAndFinishJSTest, function(result) { |
| logError(result); |
| |
| // Should throw an OperationError if the key derivation operation |
| // fails. The key derivation operation will fail here because the length |
| // is too long. |
| // |
| // The maximum length (in bytes) of output material for HKDF is 255 times |
| // the digest length. In this case, the digest length (in bytes) of |
| // SHA-256 is 32; 32*255 = 8160. deriveBits expects the length to be in |
| // bits, so 8160*8=65280 and add 8 to exceed the maximum length. |
| debug("\nderiveBits() with length of 65281..."); |
| return crypto.subtle.deriveBits({name: "HKDF", hash: "SHA-256", salt: new Uint8Array(), info: new Uint8Array()}, hkdfKey, 65288); |
| }).then(failAndFinishJSTest, function(result) { |
| logError(result); |
| |
| // Use a bit length that is not a multiple of 8. |
| debug("\nderiveBits() with length of 15..."); |
| return crypto.subtle.deriveBits({name: "HKDF", hash: "SHA-256", salt: new Uint8Array(), info: new Uint8Array()}, hkdfKey, 15); |
| }).then(failAndFinishJSTest, function(result) { |
| logError(result); |
| }).then(finishJSTest, failAndFinishJSTest); |
| |
| </script> |
| |
| </body> |
| </html> |