third_party/WebKit/LayoutTests/crypto/subtle/ecdh/deriveKey-aes.html - chromium/src - Git at Google

 <!DOCTYPE html>
 <html>
 <head>
 <script src="../../../resources/js-test.js"></script>
 <script src="../resources/common.js"></script>
 </head>
 <body>
 <p id="description"></p>
 <div id="console"></div>

 <script>
 description("Tests deriveKey() using ECDH to make AES keys");

 jsTestIsAsync = true;

 // The test data uses a public key and private key (from different key pairs) for the P-521 curve.
 var privateKeyJwk = {
      "kty":"EC",
      "crv":"P-521",
      "d":"AI_Zu5xisuK-IIz85dTSoqaQSTxN1I88l05myJJ0ZYFMdQ2VmjFOIUTonKGG97yOGmikyid-6F48d7iI1zF6VRk7",
      "x":"ACw6DX7wqwHVO-JzyOet0B-r10YVLv5R5q_IfiWCzclg0u_x57NCtOcFCFpM2ZnS22tyYjZb0gBHGcgUE_I-h-6s",
      "y":"Actm2tCHBPOKLZMpJV3DaVOluln9zBsE2I0g6iV73I4M-liqA1rLSJN8q-vcSQtZF0JvzwuvGkGuTbvT_DaRQ2pf"
  };

 var publicKeyJwk = {
    "kty":"EC",
    "crv":"P-521",
    "x":"ADRllQ0B7icrnJ7ib2r-CXvymGFiC_3f6_o0SzLMBIggM8ndQm9l768SToMy1hUo64JsofGSQ37P4CRqT_QeivBD",
    "y":"ALKEzew1Xe4Sv86lZVqb2xxZ0l7WrE3DPJ93fUtSPih5iH8jg0GPDKMVoA5ffFmqPwbdgS2BK18PBFIT7QDGb2Zx"
 };

 // This is the full 528 bits of key data derived by ECDH using the above keys
 // (only part of it will be used for these tests). In practice it wouldn't be a
 // good idea to make a key directly from ECDH
 // output without first going through a KDF, but this is just testing the API.
 var fullDerivedBytesHex = "0117D54D84379D0FD385BE068455A77A5366AB534FF172AB0A121F37D180DCCD19607ABB0C41CB9F6F12B01303AC4A69DC2D1D05180181FD496D9769B46BFFEC3425"

 function importEcKeys() {
     var keys = {};

     debug("Importing the private key...\n");

     return crypto.subtle.importKey("jwk", privateKeyJwk, {name: 'ECDH', namedCurve: "P-521"}, false, ["deriveKey"]).then(function(result) {
         keys.private = result;

         debug("Importing the public key...\n");
         return crypto.subtle.importKey("jwk", publicKeyJwk, {name: 'ECDH', namedCurve: "P-521"}, false, []);
     }).then(function(result) {
         keys.public = result;
         return keys;
     });
 }

 var ecKeys = null;

 importEcKeys().then(function(result) {
     ecKeys = result;

     // Derive an AES-CBC 128 bit key having the 'encrypt' usage.
     debug("Deriving an AES 128 bit key...\n");
     var algorithm = {name: 'ecdh', public: ecKeys.public};
     var derivedAlgorithm = {name: 'aes-cbc', length: 128};
     var extractable = true;
     var usages = ['encrypt'];

     return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
 }).then(function(result) {
     key = result;

     // Verify the key's properties.
     shouldEvaluateAs("key.type", "secret");
     shouldEvaluateAs("key.extractable", true);
     shouldEvaluateAs("key.algorithm.name", "AES-CBC");
     shouldEvaluateAs("key.algorithm.length", 128);
     shouldEvaluateAs("key.usages.join(',')", "encrypt");

     // Export the key and check its bytes.
     return crypto.subtle.exportKey("raw", key);
 }).then(function(result) {
     bytesShouldMatchHexString("Derived Bytes", fullDerivedBytesHex.substr(0, 32), result);

     // Derive an AES-CBC 256 bit key having the 'encrypt, decrypt' usage.
     debug("Deriving an AES 256 bit key...\n");
     var algorithm = {name: 'ecdh', public: ecKeys.public};
     var derivedAlgorithm = {name: 'aes-cbc', length: 256};
     var extractable = true;
     var usages = ['encrypt', 'decrypt'];

     return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
 }).then(function(result) {
     key = result;

     // Verify the key's properties.
     shouldEvaluateAs("key.type", "secret");
     shouldEvaluateAs("key.extractable", true);
     shouldEvaluateAs("key.algorithm.name", "AES-CBC");
     shouldEvaluateAs("key.algorithm.length", 256);
     shouldEvaluateAs("key.usages.join(',')", "encrypt,decrypt");

     // Export the key and check its bytes.
     return crypto.subtle.exportKey("raw", key);
 }).then(function(result) {
     bytesShouldMatchHexString("Derived Bytes", fullDerivedBytesHex.substr(0, 64), result);

     // Derive an AES-CBC 256 bit key having the 'decrypt' usage and non-extractable
     debug("Deriving an AES 256 bit key...\n");
     var algorithm = {name: 'ecdh', public: ecKeys.public};
     var derivedAlgorithm = {name: 'aes-cbc', length: 256};
     var extractable = false;
     var usages = ['decrypt'];

     return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
 }).then(function(result) {
     key = result;

     // Verify the key's properties.
     shouldEvaluateAs("key.type", "secret");
     shouldEvaluateAs("key.extractable", false);
     shouldEvaluateAs("key.algorithm.name", "AES-CBC");
     shouldEvaluateAs("key.algorithm.length", 256);
     shouldEvaluateAs("key.usages.join(',')", "decrypt");
 }).then(finishJSTest, failAndFinishJSTest);

 </script>

 </body>
 </html>
	<!DOCTYPE html>
	<html>
	<head>
	<script src="../../../resources/js-test.js"></script>
	<script src="../resources/common.js"></script>
	</head>
	<body>
	<p id="description"></p>
	<div id="console"></div>

	<script>
	description("Tests deriveKey() using ECDH to make AES keys");

	jsTestIsAsync = true;

	// The test data uses a public key and private key (from different key pairs) for the P-521 curve.
	var privateKeyJwk = {
	"kty":"EC",
	"crv":"P-521",
	"d":"AI_Zu5xisuK-IIz85dTSoqaQSTxN1I88l05myJJ0ZYFMdQ2VmjFOIUTonKGG97yOGmikyid-6F48d7iI1zF6VRk7",
	"x":"ACw6DX7wqwHVO-JzyOet0B-r10YVLv5R5q_IfiWCzclg0u_x57NCtOcFCFpM2ZnS22tyYjZb0gBHGcgUE_I-h-6s",
	"y":"Actm2tCHBPOKLZMpJV3DaVOluln9zBsE2I0g6iV73I4M-liqA1rLSJN8q-vcSQtZF0JvzwuvGkGuTbvT_DaRQ2pf"
	};

	var publicKeyJwk = {
	"kty":"EC",
	"crv":"P-521",
	"x":"ADRllQ0B7icrnJ7ib2r-CXvymGFiC_3f6_o0SzLMBIggM8ndQm9l768SToMy1hUo64JsofGSQ37P4CRqT_QeivBD",
	"y":"ALKEzew1Xe4Sv86lZVqb2xxZ0l7WrE3DPJ93fUtSPih5iH8jg0GPDKMVoA5ffFmqPwbdgS2BK18PBFIT7QDGb2Zx"
	};

	// This is the full 528 bits of key data derived by ECDH using the above keys
	// (only part of it will be used for these tests). In practice it wouldn't be a
	// good idea to make a key directly from ECDH
	// output without first going through a KDF, but this is just testing the API.
	var fullDerivedBytesHex = "0117D54D84379D0FD385BE068455A77A5366AB534FF172AB0A121F37D180DCCD19607ABB0C41CB9F6F12B01303AC4A69DC2D1D05180181FD496D9769B46BFFEC3425"

	function importEcKeys() {
	var keys = {};

	debug("Importing the private key...\n");

	return crypto.subtle.importKey("jwk", privateKeyJwk, {name: 'ECDH', namedCurve: "P-521"}, false, ["deriveKey"]).then(function(result) {
	keys.private = result;

	debug("Importing the public key...\n");
	return crypto.subtle.importKey("jwk", publicKeyJwk, {name: 'ECDH', namedCurve: "P-521"}, false, []);
	}).then(function(result) {
	keys.public = result;
	return keys;
	});
	}

	var ecKeys = null;

	importEcKeys().then(function(result) {
	ecKeys = result;

	// Derive an AES-CBC 128 bit key having the 'encrypt' usage.
	debug("Deriving an AES 128 bit key...\n");
	var algorithm = {name: 'ecdh', public: ecKeys.public};
	var derivedAlgorithm = {name: 'aes-cbc', length: 128};
	var extractable = true;
	var usages = ['encrypt'];

	return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
	}).then(function(result) {
	key = result;

	// Verify the key's properties.
	shouldEvaluateAs("key.type", "secret");
	shouldEvaluateAs("key.extractable", true);
	shouldEvaluateAs("key.algorithm.name", "AES-CBC");
	shouldEvaluateAs("key.algorithm.length", 128);
	shouldEvaluateAs("key.usages.join(',')", "encrypt");

	// Export the key and check its bytes.
	return crypto.subtle.exportKey("raw", key);
	}).then(function(result) {
	bytesShouldMatchHexString("Derived Bytes", fullDerivedBytesHex.substr(0, 32), result);

	// Derive an AES-CBC 256 bit key having the 'encrypt, decrypt' usage.
	debug("Deriving an AES 256 bit key...\n");
	var algorithm = {name: 'ecdh', public: ecKeys.public};
	var derivedAlgorithm = {name: 'aes-cbc', length: 256};
	var extractable = true;
	var usages = ['encrypt', 'decrypt'];

	return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
	}).then(function(result) {
	key = result;

	// Verify the key's properties.
	shouldEvaluateAs("key.type", "secret");
	shouldEvaluateAs("key.extractable", true);
	shouldEvaluateAs("key.algorithm.name", "AES-CBC");
	shouldEvaluateAs("key.algorithm.length", 256);
	shouldEvaluateAs("key.usages.join(',')", "encrypt,decrypt");

	// Export the key and check its bytes.
	return crypto.subtle.exportKey("raw", key);
	}).then(function(result) {
	bytesShouldMatchHexString("Derived Bytes", fullDerivedBytesHex.substr(0, 64), result);

	// Derive an AES-CBC 256 bit key having the 'decrypt' usage and non-extractable
	debug("Deriving an AES 256 bit key...\n");
	var algorithm = {name: 'ecdh', public: ecKeys.public};
	var derivedAlgorithm = {name: 'aes-cbc', length: 256};
	var extractable = false;
	var usages = ['decrypt'];

	return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
	}).then(function(result) {
	key = result;

	// Verify the key's properties.
	shouldEvaluateAs("key.type", "secret");
	shouldEvaluateAs("key.extractable", false);
	shouldEvaluateAs("key.algorithm.name", "AES-CBC");
	shouldEvaluateAs("key.algorithm.length", 256);
	shouldEvaluateAs("key.usages.join(',')", "decrypt");
	}).then(finishJSTest, failAndFinishJSTest);

	</script>

	</body>
	</html>