From 9637d44ccb362eca130cd6d43487926d1370ca5c Mon Sep 17 00:00:00 2001 From: Oleg Bespalov Date: Fri, 25 Oct 2024 09:38:22 +0200 Subject: [PATCH] wpt: clean up static tests --- webcrypto/tests/derive_bits_keys/ecdh_bits.js | 300 ---------- webcrypto/tests/digest.js | 231 -------- webcrypto/tests/encrypt_decrypt/aes.js | 298 ---------- .../tests/encrypt_decrypt/aes_cbc_vectors.js | 266 --------- .../tests/encrypt_decrypt/aes_ctr_vectors.js | 128 ----- .../encrypt_decrypt/aes_gcm_96_iv_fixtures.js | 209 ------- .../tests/encrypt_decrypt/aes_gcm_vectors.js | 86 --- webcrypto/tests/generateKey/failures.js | 229 -------- webcrypto/tests/generateKey/successes.js | 97 ---- webcrypto/tests/import_export/ec_importKey.js | 315 ----------- webcrypto/tests/import_export/symmetric.js | 252 --------- webcrypto/tests/sign_verify/ecdsa.js | 518 ------------------ webcrypto/tests/sign_verify/ecdsa_vectors.js | 164 ------ webcrypto/tests/sign_verify/hmac.js | 369 ------------- webcrypto/tests/sign_verify/hmac_vectors.js | 44 -- 15 files changed, 3506 deletions(-) delete mode 100644 webcrypto/tests/derive_bits_keys/ecdh_bits.js delete mode 100644 webcrypto/tests/digest.js delete mode 100644 webcrypto/tests/encrypt_decrypt/aes.js delete mode 100644 webcrypto/tests/encrypt_decrypt/aes_cbc_vectors.js delete mode 100644 webcrypto/tests/encrypt_decrypt/aes_ctr_vectors.js delete mode 100644 webcrypto/tests/encrypt_decrypt/aes_gcm_96_iv_fixtures.js delete mode 100644 webcrypto/tests/encrypt_decrypt/aes_gcm_vectors.js delete mode 100644 webcrypto/tests/generateKey/failures.js delete mode 100644 webcrypto/tests/generateKey/successes.js delete mode 100644 webcrypto/tests/import_export/ec_importKey.js delete mode 100644 webcrypto/tests/import_export/symmetric.js delete mode 100644 webcrypto/tests/sign_verify/ecdsa.js delete mode 100644 webcrypto/tests/sign_verify/ecdsa_vectors.js delete mode 100644 webcrypto/tests/sign_verify/hmac.js delete mode 100644 webcrypto/tests/sign_verify/hmac_vectors.js diff --git a/webcrypto/tests/derive_bits_keys/ecdh_bits.js b/webcrypto/tests/derive_bits_keys/ecdh_bits.js deleted file mode 100644 index eb1b17b..0000000 --- a/webcrypto/tests/derive_bits_keys/ecdh_bits.js +++ /dev/null @@ -1,300 +0,0 @@ -// This file contains an adaptation of the derive_bits_keys/ecdh_bits.js -// implementation from the W3C WebCrypto API test suite. -// -// Some of the function have been modified to support the k6 javascript runtime, -// and to limit its dependency to the rest of the W3C WebCrypto API test suite internal -// codebase. -// -// The original implementation is available at: -// https://github.com/web-platform-tests/wpt/blob/8cf108d380ee91ef2667a05dd2389ad5cd6d6529/WebCryptoAPI/derive_bits_keys/ecdh_bits.js - -// Test importKey and exportKey for EC algorithms. Only "happy paths" are -// currently tested - those where the operation should succeed. - -function define_tests() { - // May want to test prefixed implementations. - var subtle = crypto.subtle; - - var pkcs8 = { - "P-521": new Uint8Array([48, 129, 238, 2, 1, 0, 48, 16, 6, 7, 42, 134, 72, 206, 61, 2, 1, 6, 5, 43, 129, 4, 0, 35, 4, 129, 214, 48, 129, 211, 2, 1, 1, 4, 66, 1, 166, 126, 211, 33, 145, 90, 100, 170, 53, 155, 125, 100, 141, 220, 38, 24, 250, 142, 141, 24, 103, 232, 247, 24, 48, 177, 13, 37, 237, 40, 145, 250, 241, 47, 60, 126, 117, 66, 26, 46, 162, 100, 249, 169, 21, 50, 13, 39, 79, 225, 71, 7, 66, 185, 132, 233, 107, 152, 145, 32, 129, 250, 205, 71, 141, 161, 129, 137, 3, 129, 134, 0, 4, 0, 32, 157, 72, 63, 40, 102, 104, 129, 198, 100, 31, 58, 18, 111, 64, 15, 81, 228, 101, 17, 112, 254, 103, 140, 117, 232, 87, 18, 226, 134, 138, 220, 133, 8, 36, 153, 123, 235, 240, 188, 130, 180, 48, 40, 166, 210, 236, 23, 119, 202, 69, 39, 159, 114, 6, 163, 234, 139, 92, 210, 7, 63, 73, 62, 69, 0, 12, 181, 76, 58, 90, 202, 162, 104, 197, 103, 16, 66, 136, 120, 217, 139, 138, 251, 246, 138, 97, 33, 83, 99, 40, 70, 216, 7, 233, 38, 114, 105, 143, 27, 156, 97, 29, 231, 211, 142, 52, 205, 108, 115, 136, 144, 146, 197, 110, 82, 214, 128, 241, 223, 208, 146, 184, 122, 200, 239, 159, 243, 200, 251, 72]), - "P-256": new Uint8Array([48, 129, 135, 2, 1, 0, 48, 19, 6, 7, 42, 134, 72, 206, 61, 2, 1, 6, 8, 42, 134, 72, 206, 61, 3, 1, 7, 4, 109, 48, 107, 2, 1, 1, 4, 32, 15, 247, 79, 232, 241, 202, 175, 97, 92, 206, 241, 29, 217, 53, 114, 87, 98, 217, 216, 65, 236, 186, 185, 94, 170, 38, 68, 123, 52, 100, 245, 113, 161, 68, 3, 66, 0, 4, 140, 96, 11, 44, 102, 25, 45, 97, 158, 39, 210, 37, 107, 59, 151, 118, 178, 141, 30, 5, 246, 13, 234, 189, 98, 174, 123, 154, 211, 157, 224, 217, 59, 4, 102, 109, 199, 119, 14, 126, 207, 13, 211, 203, 203, 211, 110, 221, 107, 94, 220, 153, 81, 7, 55, 161, 237, 104, 46, 205, 112, 244, 10, 47]), - "P-384": new Uint8Array([48, 129, 182, 2, 1, 0, 48, 16, 6, 7, 42, 134, 72, 206, 61, 2, 1, 6, 5, 43, 129, 4, 0, 34, 4, 129, 158, 48, 129, 155, 2, 1, 1, 4, 48, 248, 113, 165, 102, 101, 137, 193, 74, 87, 71, 38, 62, 248, 91, 49, 156, 192, 35, 219, 110, 53, 103, 108, 61, 120, 30, 239, 139, 5, 95, 207, 190, 134, 250, 13, 6, 208, 86, 181, 25, 95, 177, 50, 58, 248, 222, 37, 179, 161, 100, 3, 98, 0, 4, 241, 25, 101, 223, 125, 212, 89, 77, 4, 25, 197, 8, 100, 130, 163, 184, 38, 185, 121, 127, 155, 224, 189, 13, 16, 156, 158, 30, 153, 137, 193, 185, 169, 43, 143, 38, 159, 152, 225, 122, 209, 132, 186, 115, 193, 247, 151, 98, 175, 69, 175, 129, 65, 96, 38, 66, 218, 39, 26, 107, 176, 255, 235, 12, 180, 71, 143, 207, 112, 126, 102, 26, 166, 214, 205, 245, 21, 73, 200, 140, 63, 19, 11, 233, 232, 32, 31, 111, 106, 9, 244, 24, 90, 175, 149, 196]) - }; - - var spki = { - "P-521": new Uint8Array([48, 129, 155, 48, 16, 6, 7, 42, 134, 72, 206, 61, 2, 1, 6, 5, 43, 129, 4, 0, 35, 3, 129, 134, 0, 4, 0, 238, 105, 249, 71, 21, 215, 1, 233, 226, 1, 19, 51, 212, 244, 249, 108, 186, 125, 145, 248, 139, 17, 43, 175, 117, 207, 9, 204, 31, 138, 202, 151, 97, 141, 169, 56, 152, 34, 210, 155, 111, 233, 153, 106, 97, 32, 62, 247, 82, 183, 113, 232, 149, 143, 196, 103, 123, 179, 119, 133, 101, 171, 96, 214, 237, 0, 222, 171, 103, 97, 137, 91, 147, 94, 58, 211, 37, 251, 133, 73, 229, 111, 19, 120, 106, 167, 63, 136, 162, 236, 254, 64, 147, 52, 115, 216, 174, 242, 64, 196, 223, 215, 213, 6, 242, 44, 221, 14, 85, 85, 143, 63, 191, 5, 235, 247, 239, 239, 122, 114, 215, 143, 70, 70, 155, 132, 72, 242, 110, 39, 18]), - "P-256": new Uint8Array([48, 89, 48, 19, 6, 7, 42, 134, 72, 206, 61, 2, 1, 6, 8, 42, 134, 72, 206, 61, 3, 1, 7, 3, 66, 0, 4, 154, 116, 32, 120, 126, 95, 77, 105, 211, 232, 34, 114, 115, 1, 109, 56, 224, 71, 129, 133, 223, 127, 238, 156, 142, 103, 60, 202, 211, 79, 126, 128, 254, 49, 141, 182, 221, 107, 119, 218, 99, 32, 165, 246, 151, 89, 9, 68, 23, 177, 52, 239, 138, 139, 116, 193, 101, 4, 57, 198, 115, 0, 90, 61]), - "P-384": new Uint8Array([48, 118, 48, 16, 6, 7, 42, 134, 72, 206, 61, 2, 1, 6, 5, 43, 129, 4, 0, 34, 3, 98, 0, 4, 145, 130, 45, 194, 175, 89, 193, 143, 91, 103, 248, 13, 246, 26, 38, 3, 194, 168, 240, 179, 192, 175, 130, 45, 99, 194, 121, 112, 26, 130, 69, 96, 64, 68, 1, 221, 233, 165, 110, 229, 39, 87, 234, 139, 199, 72, 212, 200, 43, 83, 55, 180, 141, 123, 101, 88, 58, 61, 87, 36, 56, 136, 0, 54, 186, 198, 115, 15, 66, 202, 82, 120, 150, 107, 213, 242, 30, 134, 226, 29, 48, 197, 166, 208, 70, 62, 197, 19, 221, 80, 159, 252, 220, 175, 31, 245]) - }; - - var sizes = { - "P-521": 66, - "P-256": 32, - "P-384": 48 - }; - - var derivations = { - "P-521": new Uint8Array([0, 156, 43, 206, 87, 190, 128, 173, 171, 59, 7, 56, 91, 142, 89, 144, 235, 125, 111, 222, 189, 176, 27, 243, 83, 113, 164, 246, 7, 94, 157, 40, 138, 193, 42, 109, 254, 3, 170, 87, 67, 188, 129, 112, 157, 73, 168, 34, 148, 2, 25, 182, 75, 118, 138, 205, 82, 15, 161, 54, 142, 160, 175, 141, 71, 93]), - "P-256": new Uint8Array([14, 143, 60, 77, 177, 178, 162, 131, 115, 90, 0, 220, 87, 31, 26, 232, 151, 28, 227, 35, 250, 17, 131, 137, 203, 95, 65, 196, 59, 61, 181, 161]), - "P-384": new Uint8Array([224, 189, 107, 206, 10, 239, 140, 164, 136, 56, 166, 226, 252, 197, 126, 103, 185, 197, 232, 134, 12, 95, 11, 233, 218, 190, 197, 62, 69, 78, 24, 160, 161, 116, 196, 136, 136, 162, 100, 136, 17, 91, 45, 201, 241, 223, 165, 45]) - }; - - return importKeys(pkcs8, spki, sizes) - .then(function(results) { - publicKeys = results.publicKeys; - privateKeys = results.privateKeys; - ecdsaKeyPairs = results.ecdsaKeyPairs; - noDeriveBitsKeys = results.noDeriveBitsKeys; - - Object.keys(sizes).forEach(function(namedCurve) { - // Basic success case - promise_test(function(test) { - return subtle.deriveBits({name: "ECDH", public: publicKeys[namedCurve]}, privateKeys[namedCurve], 8 * sizes[namedCurve]) - .then(function(derivation) { - assert_true(equalBuffers(derivation, derivations[namedCurve]), "Derived correct bits"); - }, function(err) { - assert_unreached("deriveBits failed with error " + err.name + ": " + err.message); - }); - }, namedCurve + " good parameters"); - - // Case insensitivity check - promise_test(function(test) { - return subtle.deriveBits({name: "EcDh", public: publicKeys[namedCurve]}, privateKeys[namedCurve], 8 * sizes[namedCurve]) - .then(function(derivation) { - assert_true(equalBuffers(derivation, derivations[namedCurve]), "Derived correct bits"); - }, function(err) { - assert_unreached("deriveBits failed with error " + err.name + ": " + err.message); - }); - }, namedCurve + " mixed case parameters"); - - // Null length - promise_test(function(test) { - return subtle.deriveBits({name: "ECDH", public: publicKeys[namedCurve]}, privateKeys[namedCurve], null) - .then(function(derivation) { - assert_true(equalBuffers(derivation, derivations[namedCurve]), "Derived correct bits" + derivation); - }, function(err) { - assert_unreached("deriveBits failed with error " + err.name + ": " + err.message); - }); - }, namedCurve + " with null length"); - - // Shorter than entire derivation per algorithm - promise_test(function(test) { - return subtle.deriveBits({name: "ECDH", public: publicKeys[namedCurve]}, privateKeys[namedCurve], 8 * sizes[namedCurve] - 32) - .then(function(derivation) { - assert_true(equalBuffers(derivation, derivations[namedCurve], 8 * sizes[namedCurve] - 32), "Derived correct bits"); - }, function(err) { - assert_unreached("deriveBits failed with error " + err.name + ": " + err.message); - }); - }, namedCurve + " short result"); - - // TODO: once we have support of lengths that are not a multiple of 8 bits, uncomment this test - // https://github.com/grafana/xk6-webcrypto/issues/80 - // // Non-multiple of 8 - // promise_test(function(test) { - // return subtle.deriveBits({name: "ECDH", public: publicKeys[namedCurve]}, privateKeys[namedCurve], 8 * sizes[namedCurve] - 11) - // .then(function(derivation) { - // assert_true(equalBuffers(derivation, derivations[namedCurve], 8 * sizes[namedCurve] - 11), "Derived correct bits " + namedCurve + " size: " + 8 * sizes[namedCurve] + " derivation: " + JSON.stringify(derivation) + " expected: " + JSON.stringify(derivations[namedCurve]) ); - // }, function(err) { - // assert_unreached("deriveBits failed with error " + err.name + ": " + err.message); - // }); - // }, namedCurve + " non-multiple of 8 bits"); - - // Errors to test: - - // - missing public property TypeError - promise_test(function(test) { - return subtle.deriveBits({name: "ECDH"}, privateKeys[namedCurve], 8 * sizes[namedCurve]) - .then(function(derivation) { - assert_unreached("deriveBits succeeded but should have failed with TypeError"); - }, function(err) { - assert_equals(err.name, "TypeError", "Should throw correct error, not " + err.name + ": " + err.message); - }); - }, namedCurve + " missing public curve"); - - // - Non CryptoKey public property TypeError - promise_test(function(test) { - return subtle.deriveBits({name: "ECDH", public: {message: "Not a CryptoKey"}}, privateKeys[namedCurve], 8 * sizes[namedCurve]) - .then(function(derivation) { - assert_unreached("deriveBits succeeded but should have failed with TypeError"); - }, function(err) { - assert_equals(err.name, "TypeError", "Should throw correct error, not " + err.name + ": " + err.message); - }); - }, namedCurve + " public property of algorithm is not a CryptoKey"); - - // - wrong named curve - promise_test(function(test) { - publicKey = publicKeys["P-256"]; - if (namedCurve === "P-256") { - publicKey = publicKeys["P-384"]; - } - return subtle.deriveBits({name: "ECDH", public: publicKey}, privateKeys[namedCurve], 8 * sizes[namedCurve]) - .then(function(derivation) { - assert_unreached("deriveBits succeeded but should have failed with InvalidAccessError"); - }, function(err) { - assert_equals(err.name, "InvalidAccessError", "Should throw correct error, not " + err.name + ": " + err.message); - }); - }, namedCurve + " mismatched curves"); - - // - not ECDH public property InvalidAccessError - promise_test(function(test) { - return subtle.deriveBits({name: "ECDH", public: ecdsaKeyPairs[namedCurve].publicKey}, privateKeys[namedCurve], 8 * sizes[namedCurve]) - .then(function(derivation) { - assert_unreached("deriveBits succeeded but should have failed with InvalidAccessError"); - }, function(err) { - assert_equals(err.name, "InvalidAccessError", "Should throw correct error, not " + err.name + ": " + err.message); - }); - }, namedCurve + " public property of algorithm is not an ECDSA public key"); - - // - No deriveBits usage in baseKey InvalidAccessError - promise_test(function(test) { - return subtle.deriveBits({name: "ECDH", public: publicKeys[namedCurve]}, noDeriveBitsKeys[namedCurve], 8 * sizes[namedCurve]) - .then(function(derivation) { - assert_unreached("deriveBits succeeded but should have failed with InvalidAccessError"); - }, function(err) { - assert_equals(err.name, "InvalidAccessError", "Should throw correct error, not " + err.name + ": " + err.message); - }); - }, namedCurve + " no deriveBits usage for base key"); - - // - Use public key for baseKey InvalidAccessError - promise_test(function(test) { - return subtle.deriveBits({name: "ECDH", public: publicKeys[namedCurve]}, publicKeys[namedCurve], 8 * sizes[namedCurve]) - .then(function(derivation) { - assert_unreached("deriveBits succeeded but should have failed with InvalidAccessError"); - }, function(err) { - assert_equals(err.name, "InvalidAccessError", "Should throw correct error, not " + err.name + ": " + err.message); - }); - }, namedCurve + " base key is not a private key"); - - // - Use private key for public property InvalidAccessError - promise_test(function(test) { - return subtle.deriveBits({name: "ECDH", public: privateKeys[namedCurve]}, privateKeys[namedCurve], 8 * sizes[namedCurve]) - .then(function(derivation) { - assert_unreached("deriveBits succeeded but should have failed with InvalidAccessError"); - }, function(err) { - assert_equals(err.name, "InvalidAccessError", "Should throw correct error, not " + err.name + ": " + err.message); - }); - }, namedCurve + " public property value is a private key"); - - // - Use secret key for public property InvalidAccessError - promise_test(function(test) { - return subtle.generateKey({name: "AES-CBC", length: 128}, true, ["encrypt", "decrypt"]) - .then(function(secretKey) { - return subtle.deriveBits({name: "ECDH", public: secretKey}, privateKeys[namedCurve], 8 * sizes[namedCurve]) - .then(function(derivation) { - assert_unreached("deriveBits succeeded but should have failed with InvalidAccessError"); - }, function(err) { - assert_equals(err.name, "InvalidAccessError", "Should throw correct error, not " + err.name + ": " + err.message); - }); - }); - }, namedCurve + " public property value is a secret key"); - - // - Length greater than 256, 384, 521 for particular curves OperationError - promise_test(function(test) { - return subtle.deriveBits({name: "ECDH", public: publicKeys[namedCurve]}, privateKeys[namedCurve], 8 * sizes[namedCurve] + 8) - .then(function(derivation) { - assert_unreached("deriveBits succeeded but should have failed with OperationError"); - }, function(err) { - assert_equals(err.name, "OperationError", "Should throw correct error, not " + err.name + ": " + err.message); - }); - }, namedCurve + " asking for too many bits"); - }); - }); - - function importKeys(pkcs8, spki, sizes) { - var privateKeys = {}; - var publicKeys = {}; - var ecdsaKeyPairs = {}; - var noDeriveBitsKeys = {}; - - var promises = []; - Object.keys(pkcs8).forEach(function(namedCurve) { - var operation = subtle.importKey("pkcs8", pkcs8[namedCurve], - {name: "ECDH", namedCurve: namedCurve}, - false, ["deriveBits", "deriveKey"]) - .then(function(key) { - privateKeys[namedCurve] = key; - }, function (err) { - privateKeys[namedCurve] = null; - }); - promises.push(operation); - }); - Object.keys(pkcs8).forEach(function(namedCurve) { - var operation = subtle.importKey("pkcs8", pkcs8[namedCurve], - {name: "ECDH", namedCurve: namedCurve}, - false, ["deriveKey"]) - .then(function(key) { - noDeriveBitsKeys[namedCurve] = key; - }, function (err) { - noDeriveBitsKeys[namedCurve] = null; - }); - promises.push(operation); - }); - Object.keys(spki).forEach(function(namedCurve) { - var operation = subtle.importKey("spki", spki[namedCurve], - {name: "ECDH", namedCurve: namedCurve}, - false, []) - .then(function(key) { - publicKeys[namedCurve] = key; - }, function (err) { - publicKeys[namedCurve] = null; - }); - promises.push(operation); - }); - Object.keys(sizes).forEach(function(namedCurve) { - var operation = subtle.generateKey({name: "ECDSA", namedCurve: namedCurve}, false, ["sign", "verify"]) - .then(function(keyPair) { - ecdsaKeyPairs[namedCurve] = keyPair; - }, function (err) { - ecdsaKeyPairs[namedCurve] = null; - }); - promises.push(operation); - }); - - return Promise.all(promises) - .then(function(results) {return {privateKeys: privateKeys, publicKeys: publicKeys, ecdsaKeyPairs: ecdsaKeyPairs, noDeriveBitsKeys: noDeriveBitsKeys}}); - } - - // Compares two ArrayBuffer or ArrayBufferView objects. If bitCount is - // omitted, the two values must be the same length and have the same contents - // in every byte. If bitCount is included, only that leading number of bits - // have to match. - function equalBuffers(a, b, bitCount) { - var remainder; - - if (typeof bitCount === "undefined" && a.byteLength !== b.byteLength) { - return false; - } - - var aBytes = new Uint8Array(a); - var bBytes = new Uint8Array(b); - - var length = a.byteLength; - if (typeof bitCount !== "undefined") { - length = Math.floor(bitCount / 8); - } - - for (var i=0; i> (8 - remainder) === bBytes[length] >> (8 - remainder); - } - - return true; - } - - function promise_test(fn, name) { - try { - fn(); - } catch (e) { - throw Error(`Error in test "${name}": ${e}`); - } - } -} - -define_tests(); - diff --git a/webcrypto/tests/digest.js b/webcrypto/tests/digest.js deleted file mode 100644 index c52a801..0000000 --- a/webcrypto/tests/digest.js +++ /dev/null @@ -1,231 +0,0 @@ -var subtle = crypto.subtle; - -var sourceData = { - empty: new Uint8Array(0), - short: new Uint8Array([ - 21, 110, 234, 124, 193, 76, 86, 203, 148, 219, 3, 10, 74, 157, 149, 255, - ]), - medium: new Uint8Array([ - 182, 200, 249, 223, 100, 140, 208, 136, 183, 15, 56, 231, 65, 151, 177, 140, - 184, 30, 30, 67, 80, 213, 11, 204, 184, 251, 90, 115, 121, 200, 123, 178, - 227, 214, 237, 84, 97, 237, 30, 159, 54, 243, 64, 163, 150, 42, 68, 107, - 129, 91, 121, 75, 75, 212, 58, 68, 3, 80, 32, 119, 178, 37, 108, 200, 7, - 131, 127, 58, 172, 209, 24, 235, 75, 156, 43, 174, 184, 151, 6, 134, 37, - 171, 172, 161, 147, - ]), -}; - -sourceData.long = new Uint8Array(1024 * sourceData.medium.byteLength); -for (var i = 0; i < 1024; i++) { - sourceData.long.set(sourceData.medium, i * sourceData.medium.byteLength); -} - -var digestedData = { - "sha-1": { - empty: new Uint8Array([ - 218, 57, 163, 238, 94, 107, 75, 13, 50, 85, 191, 239, 149, 96, 24, 144, - 175, 216, 7, 9, - ]), - short: new Uint8Array([ - 201, 19, 24, 205, 242, 57, 106, 1, 94, 63, 78, 106, 134, 160, 186, 101, - 184, 99, 89, 68, - ]), - medium: new Uint8Array([ - 229, 65, 6, 8, 112, 235, 22, 191, 51, 182, 142, 81, 245, 19, 82, 104, 147, - 152, 103, 41, - ]), - long: new Uint8Array([ - 48, 152, 181, 0, 55, 236, 208, 46, 189, 101, 118, 83, 178, 191, 160, 30, - 238, 39, 162, 234, - ]), - }, - "sha-256": { - empty: new Uint8Array([ - 227, 176, 196, 66, 152, 252, 28, 20, 154, 251, 244, 200, 153, 111, 185, - 36, 39, 174, 65, 228, 100, 155, 147, 76, 164, 149, 153, 27, 120, 82, 184, - 85, - ]), - short: new Uint8Array([ - 162, 131, 17, 134, 152, 71, 146, 199, 211, 45, 89, 200, 151, 64, 104, 127, - 25, 173, 220, 27, 149, 158, 113, 161, 204, 83, 138, 59, 126, 216, 67, 242, - ]), - medium: new Uint8Array([ - 83, 83, 103, 135, 126, 240, 20, 215, 252, 113, 126, 92, 183, 132, 62, 89, - 182, 26, 238, 98, 199, 2, 156, 236, 126, 198, 193, 47, 217, 36, 224, 228, - ]), - long: new Uint8Array([ - 20, 205, 234, 157, 199, 95, 90, 98, 116, 217, 252, 30, 100, 0, 153, 18, - 241, 220, 211, 6, 180, 143, 232, 233, 207, 18, 45, 230, 113, 87, 23, 129, - ]), - }, - "sha-384": { - empty: new Uint8Array([ - 56, 176, 96, 167, 81, 172, 150, 56, 76, 217, 50, 126, 177, 177, 227, 106, - 33, 253, 183, 17, 20, 190, 7, 67, 76, 12, 199, 191, 99, 246, 225, 218, 39, - 78, 222, 191, 231, 111, 101, 251, 213, 26, 210, 241, 72, 152, 185, 91, - ]), - short: new Uint8Array([ - 107, 245, 234, 101, 36, 209, 205, 220, 67, 247, 207, 59, 86, 238, 5, 146, - 39, 64, 74, 47, 83, 143, 2, 42, 61, 183, 68, 122, 120, 44, 6, 193, 237, 5, - 232, 171, 79, 94, 220, 23, 243, 113, 20, 64, 223, 233, 119, 49, - ]), - medium: new Uint8Array([ - 203, 194, 197, 136, 254, 91, 37, 249, 22, 218, 40, 180, 228, 122, 72, 74, - 230, 252, 31, 228, 144, 45, 213, 201, 147, 154, 107, 253, 3, 74, 179, 180, - 139, 57, 8, 116, 54, 1, 31, 106, 153, 135, 157, 39, 149, 64, 233, 119, - ]), - long: new Uint8Array([ - 73, 244, 253, 179, 152, 25, 104, 249, 125, 87, 55, 15, 133, 52, 80, 103, - 205, 82, 150, 169, 125, 209, 161, 142, 6, 145, 30, 117, 110, 150, 8, 73, - 37, 41, 135, 14, 26, 209, 48, 153, 141, 87, 203, 251, 183, 193, 208, 158, - ]), - }, - "sha-512": { - empty: new Uint8Array([ - 207, 131, 225, 53, 126, 239, 184, 189, 241, 84, 40, 80, 214, 109, 128, 7, - 214, 32, 228, 5, 11, 87, 21, 220, 131, 244, 169, 33, 211, 108, 233, 206, - 71, 208, 209, 60, 93, 133, 242, 176, 255, 131, 24, 210, 135, 126, 236, 47, - 99, 185, 49, 189, 71, 65, 122, 129, 165, 56, 50, 122, 249, 39, 218, 62, - ]), - short: new Uint8Array([ - 55, 82, 72, 190, 95, 243, 75, 231, 76, 171, 79, 241, 195, 188, 141, 198, - 139, 213, 248, 223, 244, 2, 62, 152, 248, 123, 134, 92, 255, 44, 114, 66, - 146, 223, 24, 148, 67, 166, 79, 244, 19, 74, 101, 205, 70, 53, 185, 212, - 245, 220, 13, 63, 182, 117, 40, 0, 42, 99, 172, 242, 108, 157, 165, 117, - ]), - medium: new Uint8Array([ - 185, 16, 159, 131, 158, 142, 164, 60, 137, 15, 41, 60, 225, 29, 198, 226, - 121, 141, 30, 36, 49, 241, 228, 185, 25, 227, 178, 12, 79, 54, 48, 59, - 163, 156, 145, 109, 179, 6, 196, 90, 59, 101, 118, 31, 245, 190, 133, 50, - 142, 234, 244, 44, 56, 48, 241, 217, 94, 122, 65, 22, 91, 125, 45, 54, - ]), - long: new Uint8Array([ - 75, 2, 202, 246, 80, 39, 96, 48, 234, 86, 23, 229, 151, 197, 213, 63, 217, - 218, 166, 139, 120, 191, 230, 11, 34, 170, 184, 211, 106, 76, 42, 58, 255, - 219, 113, 35, 79, 73, 39, 103, 55, 197, 117, 221, 247, 77, 20, 5, 76, 189, - 111, 219, 152, 253, 13, 220, 188, 180, 111, 145, 173, 118, 182, 238, - ]), - }, -}; - -// Assert the behavior of digest in cases expected to be successful. -Object.keys(sourceData).forEach((size) => { - Object.keys(digestedData).forEach((algorithm) => { - const upCase = algorithm.toUpperCase(); - const downCase = algorithm.toLowerCase(); - const mixedCase = upCase.substr(0, 1) + downCase.substr(1); - - // Passing a string as the algorithm works - subtle.digest({ name: algorithm }, sourceData[size]).then( - (result) => { - if (!equalBuffers(result, digestedData[algorithm][size])) { - throw "digest() mismatch"; - } - }, - (err) => { - throw ( - "digest() threw an error for " + algorithm + ": " + size + " - " + err - ); - } - ); - - // Passing an object as the algorithm works - subtle.digest({ name: algorithm }, sourceData[size]).then( - (result) => { - if (!equalBuffers(result, digestedData[algorithm][size])) { - throw "digest() mismatch"; - } - }, - (err) => { - throw ( - "digest() threw an error for " + algorithm + ":" + size + " - " + err - ); - } - ); - - // Passing an object with an uppercase name as the algorithm works - subtle.digest({ name: upCase }, sourceData[size]).then( - (result) => { - if (!equalBuffers(result, digestedData[algorithm][size])) { - throw new Error("digest() mismatch"); - } - }, - (err) => { - throw ( - "digest() threw an error for " + algorithm + ":" + size + " - " + err - ); - } - ); - - // Passing an object with a lowercase name as the algorithm works - subtle.digest({ name: downCase }, sourceData[size]).then( - (result) => { - if (!equalBuffers(result, digestedData[algorithm][size])) { - throw "digest() mismatch"; - } - }, - (err) => { - throw ( - "digest() threw an error for " + algorithm + ":" + size + " - " + err - ); - } - ); - - // Passing an object with a mixed case name as the algorithm works - subtle.digest({ name: mixedCase }, sourceData[size]).then( - (result) => { - if (!equalBuffers(result, digestedData[algorithm][size])) { - throw "digest() mismatch"; - } - }, - (err) => { - throw ( - "digest() threw an error for " + algorithm + ":" + size + " - " + err - ); - } - ); - }); -}); - -// Assert the behavior of digest in cases expected to fail. -var badNames = ["AES-GCM", "RSA-OAEP", "PBKDF2", "AES-KW"]; -Object.keys(sourceData).forEach((size) => { - badNames.forEach((badName) => { - subtle.digest({ name: badName }, sourceData[size]).then( - (result) => { - throw ( - "digest() should have thrown an error for " + badName + ":" + size - ); - }, - (err) => { - if (!err.name.startsWith("NotSupportedError")) { - throw ( - "digest() should have thrown a NotSupportedError for " + - badName + - ":" + - size + - " - " + - err - ); - } - } - ); - }); -}); - -function equalBuffers(a, b) { - if (a.byteLength !== b.byteLength) { - return false; - } - - var aBytes = new Uint8Array(a); - var bBytes = new Uint8Array(b); - - for (var i = 0; i < a.byteLength; i++) { - if (aBytes[i] !== bBytes[i]) { - return false; - } - } - - return true; -} diff --git a/webcrypto/tests/encrypt_decrypt/aes.js b/webcrypto/tests/encrypt_decrypt/aes.js deleted file mode 100644 index c0c89f4..0000000 --- a/webcrypto/tests/encrypt_decrypt/aes.js +++ /dev/null @@ -1,298 +0,0 @@ -// This file contains an adaptation of the encrypt_decrypt/aes.js -// implementation from the W3C WebCrypto API test suite. -// -// Some of the function have been modified to support the k6 javascript runtime, -// and to limit its dependency to the rest of the W3C WebCrypto API test suite internal -// codebase. -// -// The original implementation is available at: -// https://github.com/web-platform-tests/wpt/blob/1ec10682955d63944bc8fa06f1b3a26377952533/WebCryptoAPI/encrypt_decrypt/aes.js - -function run_test() { - var subtle = crypto.subtle; // Change to test prefixed implementations - - // When are all these tests really done? When all the promises they use have resolved. - var all_promises = []; - - // Source file aes_XXX_vectors.js provides the getTestVectors method - // for the AES-XXX algorithm that drives these tests. - var vectors = getTestVectors(); - var passingVectors = vectors.passing; - var failingVectors = vectors.failing; - var decryptionFailingVectors = vectors.decryptionFailing; - - // Check for successful encryption. - passingVectors.forEach(function(vector) { - var promise = importVectorKey(vector, ["encrypt", "decrypt"]) - .then(function(vector) { - return subtle.encrypt(vector.algorithm, vector.key, vector.plaintext) - .then(function(result) { - assert_true(equalBuffers(result, vector.result), "Should return expected result"); - }, function(err) { - assert_unreached("encrypt error for test " + vector.name + ": " + err.message); - }); - }, function(err) { - // We need a failed test if the importVectorKey operation fails, so - // we know we never tested encryption - assert_unreached("importKey failed for " + vector.name); - }); - - all_promises.push(promise); - }); - - // Check for successful encryption even if the buffer is changed after calling encrypt. - passingVectors.forEach(function(vector) { - var plaintext = copyBuffer(vector.plaintext); - var promise = importVectorKey(vector, ["encrypt", "decrypt"]) - .then(function(vector) { - var operation = subtle.encrypt(vector.algorithm, vector.key, vector.plaintext) - .then(function(result) { - assert_true(equalBuffers(result, vector.result), "Should return expected result"); - }, function(err) { - assert_unreached("encrypt error for test " + vector.name + ": " + err.message); - }); - plaintext[0] = 255 - plaintext[0]; - return operation; - }, function(err) { - // We need a failed test if the importVectorKey operation fails, so - // we know we never tested encryption - assert_unreached("importKey failed for " + vector.name); - }); - - all_promises.push(promise); - }); - - // Check for successful decryption. - passingVectors.forEach(function(vector) { - var promise = importVectorKey(vector, ["encrypt", "decrypt"]) - .then(function(vector) { - return subtle.decrypt(vector.algorithm, vector.key, vector.result) - .then(function(result) { - assert_true(equalBuffers(result, vector.plaintext), "Should return expected result"); - }, function(err) { - assert_unreached("decrypt error for test " + vector.name + ": " + err.message); - }); - }, function(err) { - // We need a failed test if the importVectorKey operation fails, so - // we know we never tested encryption - assert_unreached("importKey failed for " + vector.name); - }); - - all_promises.push(promise); - }); - - // FIXME @oleiade: Although not necessary, this test is currently failing - // as it is unclear if Go's implementation of AES-CBC provides the same - // guarantees as the W3C WebCrypto API test suite expects. (changing a byte - // in the ciphertext should result in a decryption success) - - // Check for successful decryption even if ciphertext is altered. - // passingVectors.forEach(function(vector) { - // var ciphertext = copyBuffer(vector.result); - // var promise = importVectorKey(vector, ["encrypt", "decrypt"]) - // .then(function(vector) { - // var operation = subtle.decrypt(vector.algorithm, vector.key, ciphertext) - // .then(function(result) { - // assert_true(equalBuffers(result, vector.plaintext), "Should return expected result"); - // }, function(err) { - // assert_unreached("decrypt error for test " + vector.name + ": " + err.message); - // }); - // ciphertext[0] = 255 - ciphertext[0]; - // return operation; - // }, function(err) { - // // We need a failed test if the importVectorKey operation fails, so - // // we know we never tested encryption - // assert_unreached("importKey failed for " + vector.name); - // }); - - // all_promises.push(promise); - // }); - - // Everything that succeeded should fail if no "encrypt" usage. - passingVectors.forEach(function(vector) { - // Don't want to overwrite key being used for success tests! - var badVector = Object.assign({}, vector); - badVector.key = null; - - var promise = importVectorKey(badVector, ["decrypt"]) - .then(function(vector) { - return subtle.encrypt(vector.algorithm, vector.key, vector.plaintext) - .then(function(result) { - assert_unreached("should have thrown exception for test " + vector.name); - }, function(err) { - assert_equals(err.name, "InvalidAccessError", "Should throw an InvalidAccessError instead of " + err.message) - }); - }, function(err) { - // We need a failed test if the importVectorKey operation fails, so - // we know we never tested encryption - assert_unreached("importKey failed for " + vector.name); - }); - - all_promises.push(promise); - }); - - // Encryption should fail if algorithm of key doesn't match algorithm of function call. - passingVectors.forEach(function(vector) { - var algorithm = Object.assign({}, vector.algorithm); - if (algorithm.name === "AES-CBC") { - algorithm.name = "AES-CTR"; - algorithm.counter = new Uint8Array(16); - algorithm.length = 64; - } else { - algorithm.name = "AES-CBC"; - algorithm.iv = new Uint8Array(16); // Need syntactically valid parameter to get to error being checked. - } - - var promise = importVectorKey(vector, ["encrypt", "decrypt"]) - .then(function(vector) { - return subtle.encrypt(algorithm, vector.key, vector.plaintext) - .then(function(result) { - assert_unreached("encrypt succeeded despite mismatch " + vector.name); - }, function(err) { - assert_equals(err.name, "InvalidAccessError", "Mismatch should cause InvalidAccessError instead of " + err.message); - }); - }, function(err) { - // We need a failed test if the importVectorKey operation fails, so - // we know we never tested encryption - assert_unreached("importKey failed for " + vector.name); - }); - - all_promises.push(promise); - }); - - // Everything that succeeded decrypting should fail if no "decrypt" usage. - passingVectors.forEach(function(vector) { - // Don't want to overwrite key being used for success tests! - var badVector = Object.assign({}, vector); - badVector.key = null; - - var promise = importVectorKey(badVector, ["encrypt"]) - .then(function(vector) { - return subtle.decrypt(vector.algorithm, vector.key, vector.result) - .then(function(result) { - assert_unreached("should have thrown exception for test " + vector.name); - }, function(err) { - assert_equals(err.name, "InvalidAccessError", "Should throw an InvalidAccessError instead of " + err.message) - }); - }, function(err) { - // We need a failed test if the importVectorKey operation fails, so - // we know we never tested encryption - assert_unreached("importKey failed for " + vector.name); - }); - - all_promises.push(promise); - }); - - // Check for OperationError due to data lengths. - failingVectors.forEach(function(vector) { - var promise = importVectorKey(vector, ["encrypt", "decrypt"]) - .then(function(vector) { - return subtle.encrypt(vector.algorithm, vector.key, vector.plaintext) - .then(function(result) { - assert_unreached("should have thrown exception for test " + vector.name); - }, function(err) { - assert_equals(err.name, "OperationError", "Should throw an OperationError instead of " + err.message) - }); - }, function(err) { - // We need a failed test if the importVectorKey operation fails, so - // we know we never tested encryption - assert_unreached("importKey failed for " + vector.name); - }); - - all_promises.push(promise); - }); - - // Check for OperationError due to data lengths for decryption, too. - failingVectors.forEach(function(vector) { - var promise = importVectorKey(vector, ["encrypt", "decrypt"]) - .then(function(vector) { - return subtle.decrypt(vector.algorithm, vector.key, vector.result) - .then(function(result) { - assert_unreached("should have thrown exception for test " + vector.name); - }, function(err) { - assert_equals(err.name, "OperationError", "Should throw an OperationError instead of " + err.message) - }); - }, function(err) { - // We need a failed test if the importVectorKey operation fails, so - // we know we never tested encryption - assert_unreached("importKey failed for " + vector.name); - }); - - all_promises.push(promise); - }); - - // Check for decryption failing for algorithm-specific reasons (such as bad - // padding for AES-CBC). - decryptionFailingVectors.forEach(function(vector) { - var promise = importVectorKey(vector, ["encrypt", "decrypt"]) - .then(function(vector) { - return subtle.decrypt(vector.algorithm, vector.key, vector.result) - .then(function(result) { - assert_unreached("should have thrown exception for test " + vector.name); - }, function(err) { - assert_equals(err.name, "OperationError", "Should throw an OperationError instead of " + err.message) - }); - }, function(err) { - // We need a failed test if the importVectorKey operation fails, so - // we know we never tested encryption - assert_unreached("importKey failed for " + vector.name); - }); - - all_promises.push(promise); - }); - - // Note @oleiade: I'm pretty sure this is specific to the Webplatform tests - // return Promise.all(all_promises) - // .then(function() {done();}) - // .catch(function() {done();}) - - // A test vector has all needed fields for encryption, EXCEPT that the - // key field may be null. This function replaces that null with the Correct - // CryptoKey object. - // - // Returns a Promise that yields an updated vector on success. - function importVectorKey(vector, usages) { - if (vector.key !== null) { - return new Promise(function(resolve, reject) { - resolve(vector); - }); - } else { - return subtle.importKey("raw", vector.keyBuffer, {name: vector.algorithm.name}, false, usages) - .then(function(key) { - vector.key = key; - return vector; - }); - } - } - - // Returns a copy of the sourceBuffer it is sent. - function copyBuffer(sourceBuffer) { - var source = new Uint8Array(sourceBuffer); - var copy = new Uint8Array(sourceBuffer.byteLength) - - for (var i=0; i 0) { - allNonemptySubsetsOf(remainingElements).forEach(function(combination) { - combination.push(firstElement); - results.push(combination); - }); - } - } - - return results; -} - -// Return a list of all valid usage combinations, given the possible ones -// and the ones that are required for a particular operation. -function allValidUsages(possibleUsages, requiredUsages) { - var allUsages = []; - - allNonemptySubsetsOf(possibleUsages).forEach(function(usage) { - for (var i=0; i 0) { - allNonemptySubsetsOf(remainingElements).forEach(function(combination) { - combination.push(firstElement); - results.push(combination); - }); - } - } - - return results; -} - -// Return a list of all valid usage combinations, given the possible ones -// and the ones that are required for a particular operation. -function allValidUsages(possibleUsages, requiredUsages) { - var allUsages = []; - - allNonemptySubsetsOf(possibleUsages).forEach(function(usage) { - for (var i=0; i