| <!DOCTYPE html> |
| <html> |
| <head> |
| <script src="../../../resources/js-test.js"></script> |
| <script src="../resources/common.js"></script> |
| </head> |
| <body> |
| <p id="description"></p> |
| <div id="console"></div> |
| |
| <script> |
| description("Tests structured de-cloning of empty HMAC keys"); |
| |
| jsTestIsAsync = true; |
| |
| // It used to be possible to import empty HMAC keys, so it is possible that |
| // such keys were persisted to storage. This test verifies that such keys can |
| // still be successfully de-serialized and used. |
| // |
| // The version number of the serialized format used is 7. |
| |
| function deserializeTestKeys() |
| { |
| function createKeyFromSerialized(serializedBytesHex) |
| { |
| return internals.deserializeBuffer(hexStringToUint8Array(serializedBytesHex).buffer); |
| } |
| |
| debug("\nDeserializing empty HMAC SHA-1 key..."); |
| var sha1Key = createKeyFromSerialized("ff073f004b0200051900"); |
| |
| key = sha1Key; |
| shouldEvaluateAs("key.type", "secret"); |
| shouldEvaluateAs("key.extractable", true); |
| shouldEvaluateAs("key.algorithm.name", "HMAC"); |
| shouldEvaluateAs("key.algorithm.length", 0); |
| shouldEvaluateAs("key.algorithm.hash.name", "SHA-1"); |
| shouldBe("key.usages", '["sign", "verify"]'); |
| |
| debug("\nDeserializing empty HMAC SHA-256 key..."); |
| var sha256Key = createKeyFromSerialized("ff073f004b0200061900"); |
| |
| key = sha256Key; |
| shouldEvaluateAs("key.type", "secret"); |
| shouldEvaluateAs("key.extractable", true); |
| shouldEvaluateAs("key.algorithm.name", "HMAC"); |
| shouldEvaluateAs("key.algorithm.length", 0); |
| shouldEvaluateAs("key.algorithm.hash.name", "SHA-256"); |
| shouldBe("key.usages", '["sign", "verify"]'); |
| |
| return { |
| sha1: sha1Key, |
| sha256: sha256Key |
| }; |
| } |
| |
| |
| Promise.resolve(deserializeTestKeys()).then(function(result) { |
| keys = result; |
| |
| debug("\ncalling verify() with a valid signature (SHA-1) ..."); |
| return crypto.subtle.verify("HMAC", keys.sha1, hexStringToUint8Array("fbdb1d1b18aa6c08324b7d64b71fb76370690e1d"), hexStringToUint8Array("")); |
| }).then(function(result) { |
| verifyResult = result; |
| shouldEvaluateAs("verifyResult", true); |
| |
| debug("\ncalling verify() with an invalid signature (SHA-1) ..."); |
| return crypto.subtle.verify("HMAC", keys.sha1, hexStringToUint8Array("fbdb1d1b18aa6c08324b7d64b71fb76370690e1e"), hexStringToUint8Array("")); |
| }).then(function(result) { |
| verifyResult = result; |
| shouldEvaluateAs("verifyResult", false); |
| |
| debug("\ncalling sign() (SHA-1) over empty input..."); |
| return crypto.subtle.sign("HMAC", keys.sha1, hexStringToUint8Array("")); |
| }).then(function(result) { |
| bytesShouldMatchHexString("signature", "fbdb1d1b18aa6c08324b7d64b71fb76370690e1d", result); |
| |
| debug("\ncalling verify() with a valid signature (SHA-256) ..."); |
| return crypto.subtle.verify("HMAC", keys.sha256, hexStringToUint8Array("b613679a0814d9ec772f95d778c35fc5ff1697c493715653c6c712144292c5ad"), hexStringToUint8Array("")); |
| }).then(function(result) { |
| verifyResult = result; |
| shouldEvaluateAs("verifyResult", true); |
| |
| debug("\ncalling verify() with an invalid signature (SHA-256) ..."); |
| return crypto.subtle.verify("HMAC", keys.sha256, hexStringToUint8Array("0000"), hexStringToUint8Array("")); |
| }).then(function(result) { |
| verifyResult = result; |
| shouldEvaluateAs("verifyResult", false); |
| |
| debug("\ncalling sign() (SHA-256) over empty input..."); |
| return crypto.subtle.sign("HMAC", keys.sha256, hexStringToUint8Array("")); |
| }).then(function(result) { |
| bytesShouldMatchHexString("signature", "b613679a0814d9ec772f95d778c35fc5ff1697c493715653c6c712144292c5ad", result); |
| }).then(finishJSTest, failAndFinishJSTest); |
| |
| </script> |
| |
| </body> |
| </html> |