blob: e7fded06a26944448233e5de043090ce2fee0641 [file] [log] [blame]
<!DOCTYPE html>
<html>
<head>
<script src="../resources/js-test.js"></script>
<script src="resources/common.js"></script>
</head>
<body>
<p id="description"></p>
<div id="console"></div>
<script>
description("Tests cypto.subtle.sign and crypto.subtle.verify");
jsTestIsAsync = true;
// A list of Promises for every test to run.
var allTests = [];
// -------------------------------------------------
// Successful sign/verify for HMAC
// -------------------------------------------------
// The "key", "message", and "mac" are written as hex encoded strings.
//
// Unless indicated otherwise, the data comes from:
// http://csrc.nist.gov/groups/STM/cavp/index.html#07
// Which can be downloaded from:
// http://csrc.nist.gov/groups/STM/cavp/documents/mac/hmactestvectors.zip
var kHmacTestVectors = [
// Empty sets. Result generated via OpenSSL commandline tool. These
// particular results are also posted on the Wikipedia page examples:
// http://en.wikipedia.org/wiki/Hash-based_message_authentication_code
{
algorithm: "SHA-1",
key: "",
message: "",
// openssl dgst -sha1 -hmac "" < /dev/null
mac: "fbdb1d1b18aa6c08324b7d64b71fb76370690e1d",
},
{
algorithm: "SHA-256",
key: "",
message: "",
// openssl dgst -sha256 -hmac "" < /dev/null
mac: "b613679a0814d9ec772f95d778c35fc5ff1697c493715653c6c712144292c5ad",
},
// L=20 set 45
{
algorithm: "SHA-1",
key: "59785928d72516e31272",
message: "a3ce8899df1022e8d2d539b47bf0e309c66f84095e21438ec355bf119ce5fdcb4e73a619cdf36f25b369d8c38ff419997f0c59830108223606e31223483fd39edeaa4d3f0d21198862d239c9fd26074130ff6c86493f5227ab895c8f244bd42c7afce5d147a20a590798c68e708e964902d124dadecdbda9dbd0051ed710e9bf",
mac: "3c8162589aafaee024fc9a5ca50dd2336fe3eb28",
},
// L=20 set 299
{
algorithm: "SHA-1",
key: "ceb9aedf8d6efcf0ae52bea0fa99a9e26ae81bacea0cff4d5eecf201e3bca3c3577480621b818fd717ba99d6ff958ea3d59b2527b019c343bb199e648090225867d994607962f5866aa62930d75b58f6",
message: "99958aa459604657c7bf6e4cdfcc8785f0abf06ffe636b5b64ecd931bd8a456305592421fc28dbcccb8a82acea2be8e54161d7a78e0399a6067ebaca3f2510274dc9f92f2c8ae4265eec13d7d42e9f8612d7bc258f913ecb5a3a5c610339b49fb90e9037b02d684fc60da835657cb24eab352750c8b463b1a8494660d36c3ab2",
mac: "4ac41ab89f625c60125ed65ffa958c6b490ea670",
},
// L=32, set 30
{
algorithm: "SHA-256",
key: "9779d9120642797f1747025d5b22b7ac607cab08e1758f2f3a46c8be1e25c53b8c6a8f58ffefa176",
message: "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e",
mac: "769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b",
},
// L=32, set 224
{
algorithm: "SHA-256",
key: "4b7ab133efe99e02fc89a28409ee187d579e774f4cba6fc223e13504e3511bef8d4f638b9aca55d4a43b8fbd64cf9d74dcc8c9e8d52034898c70264ea911a3fd70813fa73b083371289b",
message: "138efc832c64513d11b9873c6fd4d8a65dbf367092a826ddd587d141b401580b798c69025ad510cff05fcfbceb6cf0bb03201aaa32e423d5200925bddfadd418d8e30e18050eb4f0618eb9959d9f78c1157d4b3e02cd5961f138afd57459939917d9144c95d8e6a94c8f6d4eef3418c17b1ef0b46c2a7188305d9811dccb3d99",
mac: "4f1ee7cb36c58803a8721d4ac8c4cf8cae5d8832392eed2a96dc59694252801b",
}
];
function runSuccessTestCase(testCase)
{
var algorithm = {name: 'HMAC', hash: {name: testCase.algorithm}};
var key = null;
var keyData = hexStringToUint8Array(testCase.key);
var usages = ['sign', 'verify'];
var extractable = false;
// (1) Import the key
return crypto.subtle.importKey('raw', keyData, algorithm, extractable, usages).then(function(result) {
key = result;
// shouldBe() can only resolve variables in global context.
tmpKey = key;
shouldBe("tmpKey.type", "'secret'")
shouldBe("tmpKey.extractable", "false")
shouldBe("tmpKey.algorithm.name", "'HMAC'")
shouldBe("tmpKey.usages.join(',')", "'sign,verify'")
// (2) Sign.
return crypto.subtle.sign(algorithm, key, hexStringToUint8Array(testCase.message));
}).then(function(result) {
bytesShouldMatchHexString("Mac", testCase.mac, result);
// (3) Verify
return crypto.subtle.verify(algorithm, key, hexStringToUint8Array(testCase.mac), hexStringToUint8Array(testCase.message));
}).then(function(result) {
verifyResult = result;
shouldBe("verifyResult", "true")
// (4) Verify truncated mac (by stripping 1 byte off of it).
var expectedMac = hexStringToUint8Array(testCase.mac);
return crypto.subtle.verify(algorithm, key, expectedMac.subarray(0, expectedMac.byteLength - 1), hexStringToUint8Array(testCase.message));
}).then(function(result) {
verifyResult = result;
shouldBe("verifyResult", "false")
});
}
// Add all of the tests defined above.
for (var i = 0; i < kHmacTestVectors.length; ++i) {
allTests.push(runSuccessTestCase(kHmacTestVectors[i]));
}
hmacSha1 = {name: 'hmac', hash: {name: 'sha-1'}};
data = asciiToUint8Array("hello");
allTests.push(importTestKeys().then(function(importedKeys) {
keys = importedKeys;
// Pass invalid signature parameters to verify()
shouldThrow("crypto.subtle.verify(hmacSha1, keys.hmacSha1, null, data)");
shouldThrow("crypto.subtle.verify(hmacSha1, keys.hmacSha1, 'a', data)");
shouldThrow("crypto.subtle.verify(hmacSha1, keys.hmacSha1, [], data)");
// Operation does not support signing.
shouldThrow("crypto.subtle.sign({name: 'sha-1'}, keys.hmacSha1, data)");
// Operation doesn't support signing (also given an invalid key, but the
// first failure takes priority)
shouldThrow("crypto.subtle.sign({name: 'RSAES-PKCS1-v1_5'}, keys.hmacSha1, data)");
// Key's algorithm must match.
shouldRejectPromiseWithNull("crypto.subtle.sign({name: 'hmac', hash: {name: 'sha-256'}}, keys.hmacSha1, data)");
// ---------------------------------------------------
// HMAC normalization failures (HmacParams)
// ---------------------------------------------------
shouldRejectPromiseWithNull("crypto.subtle.sign({name: 'hmac'}, keys.hmacSha1, data)");
shouldRejectPromiseWithNull("crypto.subtle.sign({name: 'hmac', hash: 3}, keys.hmacSha1, data)");
shouldRejectPromiseWithNull("crypto.subtle.sign({name: 'hmac', hash: null}, keys.hmacSha1, data)");
shouldRejectPromiseWithNull("crypto.subtle.sign({name: 'hmac', hash: {}}, keys.hmacSha1, data)");
shouldRejectPromiseWithNull("crypto.subtle.sign({name: 'hmac', hash: {name: 'foo'}}, keys.hmacSha1, data)");
shouldRejectPromiseWithNull("crypto.subtle.sign({name: 'hmac', hash: {name: 'AES-CBC'}}, keys.hmacSha1, data)");
}));
// -------------------------------------------------
// Wait until all the tests have been run.
// -------------------------------------------------
Promise.all(allTests).then(finishJSTest, failAndFinishJSTest);
</script>
</body>