| <!DOCTYPE html> |
| <html> |
| <head> |
| <script src="../../../resources/js-test.js"></script> |
| <script src="../resources/common.js"></script> |
| </head> |
| <body> |
| <p id="description"></p> |
| <div id="console"></div> |
| |
| <script> |
| description("Tests encrypt/decrypt for AES-CBC"); |
| |
| jsTestIsAsync = true; |
| |
| // ------------------------------------------------- |
| // Successful password import and key derivation |
| // ------------------------------------------------- |
| |
| // Test vectors were copied from: |
| // https://tools.ietf.org/html/rfc6070 |
| // |
| |
| var kPbkdf2SuccessVectors = [ |
| { |
| password: "password", |
| salt: "salt", |
| c: 1, |
| dkLen: 20, |
| hash: "SHA-1", |
| derived_key_full_length: "0c60c80f961f0e71f3a9b524af6012062fe037a6" |
| }, |
| |
| { |
| password: "password", |
| salt: "salt", |
| c: 2, |
| dkLen: 20, |
| hash: "SHA-1", |
| derived_key_full_length: "ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957" |
| }, |
| |
| { |
| password: "password", |
| salt: "salt", |
| c: 4096, |
| dkLen: 20, |
| hash: "SHA-1", |
| derived_key_full_length: "4b007901b765489abead49d926f721d065a429c1" |
| }, |
| |
| { |
| password: "passwordPASSWORDpassword", |
| salt: "saltSALTsaltSALTsaltSALTsaltSALTsalt", |
| c: 4096, |
| dkLen: 25, |
| hash: "SHA-1", |
| derived_key_full_length: "3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038" |
| }, |
| |
| { |
| password: "pass\0word", |
| salt: "sa\0lt", |
| c: 4096, |
| dkLen: 16, |
| hash: "SHA-1", |
| derived_key_full_length: "56fa6aa75548099dcc37d7f03425e0c3" |
| }, |
| ]; |
| |
| var key = null; |
| var dkey = null; |
| |
| function runPbkdf2SuccessTestCase(testCase) |
| { |
| var algorithm = {name: 'PBKDF2'}; |
| |
| var password = asciiToUint8Array(testCase.password); |
| var usages = ['deriveBits', 'deriveKey']; |
| var extractable = false; |
| |
| var params = { |
| name: 'PBKDF2', |
| salt: asciiToUint8Array(testCase.salt), |
| iterations: testCase.c, |
| hash: {name: testCase.hash} |
| }; |
| // (1) Import the password |
| return crypto.subtle.importKey('raw', password, algorithm, extractable, usages).then(function(result) { |
| key = result; |
| // shouldBe() can only resolve variables in global context. |
| tmpKey = key; |
| shouldEvaluateAs("tmpKey.type", "secret"); |
| shouldEvaluateAs("tmpKey.extractable", false); |
| shouldEvaluateAs("tmpKey.algorithm.name", "PBKDF2"); |
| shouldEvaluateAs("tmpKey.usages.join(',')", "deriveKey,deriveBits"); |
| |
| var derivedAlgorithm = {name: 'aes-cbc', length: 128}; |
| // (2) Derive key for aes-cbc |
| return crypto.subtle.deriveKey(params, key, derivedAlgorithm, true, ['encrypt']); |
| }).then(function(result) { |
| dkey = result; |
| |
| // Verify the key's properties. |
| shouldEvaluateAs("dkey.type", "secret"); |
| shouldEvaluateAs("dkey.extractable", true); |
| shouldEvaluateAs("dkey.algorithm.name", "AES-CBC"); |
| shouldEvaluateAs("dkey.algorithm.length", 128); |
| shouldEvaluateAs("dkey.usages.join(',')", "encrypt"); |
| |
| // Export the key and check its bytes. |
| return crypto.subtle.exportKey("raw",dkey); |
| }).then(function(result) { |
| bytesShouldMatchHexString("Derivedkey", testCase.derived_key_full_length.substring(0, 32), result); |
| }); |
| } |
| |
| var lastPromise = Promise.resolve(null); |
| |
| kPbkdf2SuccessVectors.forEach(function(test) { |
| lastPromise = lastPromise.then(runPbkdf2SuccessTestCase.bind(null, test)); |
| }); |
| |
| lastPromise.then(finishJSTest, failAndFinishJSTest); |
| |
| </script> |
| |
| </body> |
| </html> |