-
Notifications
You must be signed in to change notification settings - Fork 30.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
test,crypto: update WebCryptoAPI WPT
PR-URL: #45569 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
- Loading branch information
Showing
13 changed files
with
847 additions
and
30 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
176 changes: 176 additions & 0 deletions
176
test/fixtures/wpt/WebCryptoAPI/import_export/okp_importKey_failures.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,176 @@ | ||
function run_test(algorithmNames) { | ||
var subtle = crypto.subtle; // Change to test prefixed implementations | ||
|
||
setup({explicit_timeout: true}); | ||
|
||
// These tests check that importKey and exportKey throw an error, and that | ||
// the error is of the right type, for a wide set of incorrect parameters. | ||
|
||
// Error testing occurs by setting the parameter that should trigger the | ||
// error to an invalid value, then combining that with all valid | ||
// parameters that should be checked earlier by importKey, and all | ||
// valid and invalid parameters that should be checked later by | ||
// importKey. | ||
// | ||
// There are a lot of combinations of possible parameters for both | ||
// success and failure modes, resulting in a very large number of tests | ||
// performed. | ||
|
||
|
||
var allTestVectors = [ // Parameters that should work for importKey / exportKey | ||
{name: "Ed25519", privateUsages: ["sign"], publicUsages: ["verify"]}, | ||
{name: "Ed448", privateUsages: ["sign"], publicUsages: ["verify"]}, | ||
{name: "X25519", privateUsages: ["deriveKey", "deriveBits"], publicUsages: []}, | ||
{name: "X448", privateUsages: ["deriveKey", "deriveBits"], publicUsages: []}, | ||
]; | ||
|
||
var testVectors = []; | ||
if (algorithmNames && !Array.isArray(algorithmNames)) { | ||
algorithmNames = [algorithmNames]; | ||
}; | ||
allTestVectors.forEach(function(vector) { | ||
if (!algorithmNames || algorithmNames.includes(vector.name)) { | ||
testVectors.push(vector); | ||
} | ||
}); | ||
|
||
function parameterString(format, algorithm, extractable, usages, data) { | ||
if (typeof algorithm !== "object" && typeof algorithm !== "string") { | ||
alert(algorithm); | ||
} | ||
|
||
var jwk_label = ""; | ||
if (format === "jwk") | ||
jwk_label = data.d === undefined ? " (public) " : "(private)"; | ||
|
||
var result = "(" + | ||
objectToString(format) + jwk_label + ", " + | ||
objectToString(algorithm) + ", " + | ||
objectToString(extractable) + ", " + | ||
objectToString(usages) + | ||
")"; | ||
|
||
return result; | ||
} | ||
|
||
// Test that a given combination of parameters results in an error, | ||
// AND that it is the correct kind of error. | ||
// | ||
// Expected error is either a number, tested against the error code, | ||
// or a string, tested against the error name. | ||
function testError(format, algorithm, keyData, keySize, usages, extractable, expectedError, testTag) { | ||
promise_test(async() => { | ||
let key; | ||
try { | ||
key = await subtle.importKey(format, keyData, algorithm, extractable, usages); | ||
} catch(err) { | ||
let actualError = typeof expectedError === "number" ? err.code : err.name; | ||
assert_equals(actualError, expectedError, testTag + " not supported."); | ||
} | ||
assert_equals(key, undefined, "Operation succeeded, but should not have."); | ||
}, testTag + ": importKey" + parameterString(format, algorithm, extractable, usages, keyData)); | ||
} | ||
|
||
// Don't create an exhaustive list of all invalid usages, | ||
// because there would usually be nearly 2**8 of them, | ||
// way too many to test. Instead, create every singleton | ||
// of an illegal usage, and "poison" every valid usage | ||
// with an illegal one. | ||
function invalidUsages(validUsages, mandatoryUsages) { | ||
var results = []; | ||
|
||
var illegalUsages = []; | ||
["encrypt", "decrypt", "sign", "verify", "wrapKey", "unwrapKey", "deriveKey", "deriveBits"].forEach(function(usage) { | ||
if (!validUsages.includes(usage)) { | ||
illegalUsages.push(usage); | ||
} | ||
}); | ||
|
||
var goodUsageCombinations = validUsages.length === 0 ? [] : allValidUsages(validUsages, false, mandatoryUsages); | ||
|
||
illegalUsages.forEach(function(illegalUsage) { | ||
results.push([illegalUsage]); | ||
goodUsageCombinations.forEach(function(usageCombination) { | ||
results.push(usageCombination.concat([illegalUsage])); | ||
}); | ||
}); | ||
|
||
return results; | ||
} | ||
|
||
function validUsages(usages, format, data) { | ||
if (format === 'spki') return usages.publicUsages | ||
if (format === 'pkcs8') return usages.privateUsages | ||
if (format === 'jwk') { | ||
if (data === undefined) | ||
return []; | ||
return data.d === undefined ? usages.publicUsages : usages.privateUsages; | ||
} | ||
return []; | ||
} | ||
|
||
// Now test for properly handling errors | ||
// - Unsupported algorithm | ||
// - Bad usages for algorithm | ||
// - Bad key lengths | ||
// - Lack of a mandatory format field | ||
// - Incompatible keys pair | ||
|
||
// Algorithms normalize okay, but usages bad (though not empty). | ||
// It shouldn't matter what other extractable is. Should fail | ||
// due to SyntaxError | ||
testVectors.forEach(function(vector) { | ||
var name = vector.name; | ||
validKeyData.forEach(function(test) { | ||
allAlgorithmSpecifiersFor(name).forEach(function(algorithm) { | ||
invalidUsages(validUsages(vector, test.format, test.data)).forEach(function(usages) { | ||
[true, false].forEach(function(extractable) { | ||
testError(test.format, algorithm, test.data, name, usages, extractable, "SyntaxError", "Bad usages"); | ||
}); | ||
}); | ||
}); | ||
}); | ||
}); | ||
|
||
// Algorithms normalize okay, usages ok. The length of the key must thouw a DataError exception. | ||
testVectors.forEach(function(vector) { | ||
var name = vector.name; | ||
badKeyLengthData.forEach(function(test) { | ||
allAlgorithmSpecifiersFor(name).forEach(function(algorithm) { | ||
allValidUsages(validUsages(vector, test.format, test.data)).forEach(function(usages) { | ||
[true, false].forEach(function(extractable) { | ||
testError(test.format, algorithm, test.data, name, usages, extractable, "DataError", "Bad key length"); | ||
}); | ||
}); | ||
}); | ||
}); | ||
}); | ||
|
||
// Algorithms normalize okay, usages ok and valid key. The lack of the mandatory JWK parameter must throw a syntax error. | ||
testVectors.forEach(function(vector) { | ||
var name = vector.name; | ||
missingJWKFieldKeyData.forEach(function(test) { | ||
allAlgorithmSpecifiersFor(name).forEach(function(algorithm) { | ||
allValidUsages(validUsages(vector, 'jwk', test.data)).forEach(function(usages) { | ||
[true, false].forEach(function(extractable) { | ||
testError('jwk', algorithm, test.data, name, usages, extractable, "DataError", "Missing JWK '" + test.param + "' parameter"); | ||
}); | ||
}); | ||
}); | ||
}); | ||
}); | ||
|
||
// Algorithms normalize okay, usages ok and valid key. The public key is not compatible with the private key. | ||
testVectors.forEach(function(vector) { | ||
var name = vector.name; | ||
invalidJWKKeyData.forEach(function(data) { | ||
allAlgorithmSpecifiersFor(name).forEach(function(algorithm) { | ||
allValidUsages(vector.privateUsages).forEach(function(usages) { | ||
[true].forEach(function(extractable) { | ||
testError('jwk', algorithm, data, name, usages, extractable, "DataError", "Invalid key pair"); | ||
}); | ||
}); | ||
}); | ||
}); | ||
}); | ||
} |
102 changes: 102 additions & 0 deletions
102
test/fixtures/wpt/WebCryptoAPI/import_export/okp_importKey_failures_Ed25519.https.any.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,102 @@ | ||
// META: title=WebCryptoAPI: importKey() for Failures | ||
// META: timeout=long | ||
// META: script=../util/helpers.js | ||
// META: script=okp_importKey_failures.js | ||
|
||
// Setup: define the correct behaviors that should be sought, and create | ||
// helper functions that generate all possible test parameters for | ||
// different situations. | ||
var validKeyData = [ | ||
{ | ||
format: "spki", | ||
data: new Uint8Array([48, 42, 48, 5, 6, 3, 43, 101, 112, 3, 33, 0, 216, 225, 137, 99, 216, 9, 212, 135, 217, 84, 154, 204, 174, 198, 116, 46, 126, 235, 162, 77, 138, 13, 59, 20, 183, 227, 202, 234, 6, 137, 61, 204]) | ||
}, | ||
{ | ||
format: "pkcs8", | ||
data: new Uint8Array([48, 46, 2, 1, 0, 48, 5, 6, 3, 43, 101, 112, 4, 34, 4, 32, 243, 200, 244, 196, 141, 248, 120, 20, 110, 140, 211, 191, 109, 244, 229, 14, 56, 155, 167, 7, 78, 21, 194, 53, 45, 205, 93, 48, 141, 76, 168, 31]) | ||
}, | ||
{ | ||
format: "jwk", | ||
data: { | ||
crv: "Ed25519", | ||
d: "88j0xI34eBRujNO_bfTlDjibpwdOFcI1Lc1dMI1MqB8", | ||
x: "2OGJY9gJ1IfZVJrMrsZ0Ln7rok2KDTsUt-PK6gaJPcw", | ||
kty: "OKP" | ||
}, | ||
}, | ||
{ | ||
format: "jwk", | ||
data: { | ||
crv: "Ed25519", | ||
x: "2OGJY9gJ1IfZVJrMrsZ0Ln7rok2KDTsUt-PK6gaJPcw", | ||
kty: "OKP" | ||
}, | ||
}, | ||
]; | ||
|
||
// Removed just the last byte. | ||
var badKeyLengthData = [ | ||
{ | ||
format: "spki", | ||
data: new Uint8Array([48, 42, 48, 5, 6, 3, 43, 101, 112, 3, 33, 0, 216, 225, 137, 99, 216, 9, 212, 135, 217, 84, 154, 204, 174, 198, 116, 46, 126, 235, 162, 77, 138, 13, 59, 20, 183, 227, 202, 234, 6, 137, 61]) | ||
}, | ||
{ | ||
format: "pkcs8", | ||
data: new Uint8Array([48, 46, 2, 1, 0, 48, 5, 6, 3, 43, 101, 112, 4, 34, 4, 32, 243, 200, 244, 196, 141, 248, 120, 20, 110, 140, 211, 191, 109, 244, 229, 14, 56, 155, 167, 7, 78, 21, 194, 53, 45, 205, 93, 48, 141, 76, 168]) | ||
}, | ||
{ | ||
format: "jwk", | ||
data: { | ||
crv: "Ed25519", | ||
d: "88j0xI34eBRujNO_bfTlDjibpwdOFcI1Lc1dMI1MqB", | ||
x: "2OGJY9gJ1IfZVJrMrsZ0Ln7rok2KDTsUt-PK6gaJPcw", | ||
kty: "OKP" | ||
} | ||
}, | ||
{ | ||
format: "jwk", | ||
data: { | ||
crv: "Ed25519", | ||
x: "2OGJY9gJ1IfZVJrMrsZ0Ln7rok2KDTsUt-PK6gaJPc", | ||
kty: "OKP" | ||
} | ||
}, | ||
]; | ||
|
||
var missingJWKFieldKeyData = [ | ||
{ | ||
param: "x", | ||
data: { | ||
crv: "Ed25519", | ||
d: "88j0xI34eBRujNO_bfTlDjibpwdOFcI1Lc1dMI1MqB8", | ||
kty: "OKP" | ||
}, | ||
}, | ||
{ | ||
param: "kty", | ||
data: { | ||
crv: "Ed25519", | ||
x: "11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo", | ||
d: "88j0xI34eBRujNO_bfTlDjibpwdOFcI1Lc1dMI1MqB8", | ||
}, | ||
}, | ||
{ | ||
param: "crv", | ||
data: { | ||
x: "11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo", | ||
kty: "OKP" | ||
}, | ||
} | ||
]; | ||
|
||
// The public key doesn't match the private key. | ||
var invalidJWKKeyData = [ | ||
{ | ||
crv: "Ed25519", | ||
d: "88j0xI34eBRujNO_bfTlDjibpwdOFcI1Lc1dMI1MqB8", | ||
x: "11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo", | ||
kty: "OKP" | ||
}, | ||
]; | ||
|
||
run_test(["Ed25519"]); |
103 changes: 103 additions & 0 deletions
103
test/fixtures/wpt/WebCryptoAPI/import_export/okp_importKey_failures_Ed448.https.any.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,103 @@ | ||
// META: title=WebCryptoAPI: importKey() for Failures | ||
// META: timeout=long | ||
// META: script=../util/helpers.js | ||
// META: script=okp_importKey_failures.js | ||
|
||
// Setup: define the correct behaviors that should be sought, and create | ||
// helper functions that generate all possible test parameters for | ||
// different situations. | ||
var validKeyData = [ | ||
{ | ||
format: "spki", | ||
data: new Uint8Array([48, 67, 48, 5, 6, 3, 43, 101, 113, 3, 58, 0, 171, 75, 184, 133, 253, 125, 44, 90, 242, 78, 131, 113, 12, 255, 160, 199, 74, 87, 226, 116, 128, 29, 178, 5, 123, 11, 220, 94, 160, 50, 182, 254, 107, 199, 139, 128, 69, 54, 90, 235, 38, 232, 110, 31, 20, 253, 52, 157, 7, 196, 132, 149, 245, 164, 106, 90, 128]), | ||
}, | ||
{ | ||
format: "pkcs8", | ||
data: new Uint8Array([48, 71, 2, 1, 0, 48, 5, 6, 3, 43, 101, 113, 4, 59, 4, 57, 14, 255, 3, 69, 140, 40, 224, 23, 156, 82, 29, 227, 18, 201, 105, 183, 131, 67, 72, 236, 171, 153, 26, 96, 227, 178, 233, 167, 158, 76, 217, 228, 128, 239, 41, 23, 18, 210, 200, 61, 4, 114, 114, 213, 201, 244, 40, 102, 79, 105, 109, 38, 112, 69, 143, 29, 46]), | ||
}, | ||
{ | ||
format: "jwk", | ||
data: { | ||
crv: "Ed448", | ||
d: "Dv8DRYwo4BecUh3jEslpt4NDSOyrmRpg47Lpp55M2eSA7ykXEtLIPQRyctXJ9ChmT2ltJnBFjx0u", | ||
x: "q0u4hf19LFryToNxDP-gx0pX4nSAHbIFewvcXqAytv5rx4uARTZa6ybobh8U_TSdB8SElfWkalqA", | ||
kty: "OKP" | ||
}, | ||
}, | ||
{ | ||
format: "jwk", | ||
data: { | ||
crv: "Ed448", | ||
x: "q0u4hf19LFryToNxDP-gx0pX4nSAHbIFewvcXqAytv5rx4uARTZa6ybobh8U_TSdB8SElfWkalqA", | ||
kty: "OKP" | ||
}, | ||
}, | ||
]; | ||
|
||
// Removed just the last byte. | ||
var badKeyLengthData = [ | ||
{ | ||
format: "spki", | ||
data: new Uint8Array([48, 67, 48, 5, 6, 3, 43, 101, 113, 3, 58, 0, 171, 75, 184, 133, 253, 125, 44, 90, 242, 78, 131, 113, 12, 255, 160, 199, 74, 87, 226, 116, 128, 29, 178, 5, 123, 11, 220, 94, 160, 50, 182, 254, 107, 199, 139, 128, 69, 54, 90, 235, 38, 232, 110, 31, 20, 253, 52, 157, 7, 196, 132, 149, 245, 164, 106, 90]), | ||
}, | ||
{ | ||
format: "pkcs8", | ||
data: new Uint8Array([48, 71, 2, 1, 0, 48, 5, 6, 3, 43, 101, 113, 4, 59, 4, 57, 14, 255, 3, 69, 140, 40, 224, 23, 156, 82, 29, 227, 18, 201, 105, 183, 131, 67, 72, 236, 171, 153, 26, 96, 227, 178, 233, 167, 158, 76, 217, 228, 128, 239, 41, 23, 18, 210, 200, 61, 4, 114, 114, 213, 201, 244, 40, 102, 79, 105, 109, 38, 112, 69, 143, 29]), | ||
}, | ||
{ | ||
format: "jwk", | ||
data: { | ||
crv: "Ed448", | ||
d: "Dv8DRYwo4BecUh3jEslpt4NDSOyrmRpg47Lpp55M2eSA7ykXEtLIPQRyctXJ9ChmT2ltJnBFjx0", | ||
x: "q0u4hf19LFryToNxDP-gx0pX4nSAHbIFewvcXqAytv5rx4uARTZa6ybobh8U_TSdB8SElfWkalqA", | ||
kty: "OKP" | ||
}, | ||
}, | ||
{ | ||
format: "jwk", | ||
data: { | ||
crv: "Ed448", | ||
x: "q0u4hf19LFryToNxDP-gx0pX4nSAHbIFewvcXqAytv5rx4uARTZa6ybobh8U_TSdB8SElfWkalq", | ||
kty: "OKP" | ||
}, | ||
}, | ||
]; | ||
|
||
var missingJWKFieldKeyData = [ | ||
{ | ||
param: "x", | ||
data: { | ||
crv: "Ed448", | ||
d: "Dv8DRYwo4BecUh3jEslpt4NDSOyrmRpg47Lpp55M2eSA7ykXEtLIPQRyctXJ9ChmT2ltJnBFjx0u", | ||
kty: "OKP" | ||
} | ||
}, | ||
{ | ||
param: "kty", | ||
data: { | ||
crv: "Ed448", | ||
d: "Dv8DRYwo4BecUh3jEslpt4NDSOyrmRpg47Lpp55M2eSA7ykXEtLIPQRyctXJ9ChmT2ltJnBFjx0u", | ||
x: "q0u4hf19LFryToNxDP-gx0pX4nSAHbIFewvcXqAytv5rx4uARTZa6ybobh8U_TSdB8SElfWkalqA", | ||
} | ||
}, | ||
{ | ||
param: "crv", | ||
data: { | ||
d: "Dv8DRYwo4BecUh3jEslpt4NDSOyrmRpg47Lpp55M2eSA7ykXEtLIPQRyctXJ9ChmT2ltJnBFjx0u", | ||
x: "q0u4hf19LFryToNxDP-gx0pX4nSAHbIFewvcXqAytv5rx4uARTZa6ybobh8U_TSdB8SElfWkalqA", | ||
kty: "OKP" | ||
} | ||
} | ||
]; | ||
|
||
// The public key doesn't match the private key. | ||
var invalidJWKKeyData = [ | ||
{ | ||
crv: "Ed448", | ||
d: "Dv8DRYwo4BecUh3jEslpt4NDSOyrmRpg47Lpp55M2eSA7ykXEtLIPQRyctXJ9ChmT2ltJnBFjx0u", | ||
x: "X9dEm1m0Yf0s54fsYWrUah2hNCSFpw4fig6nXYDpZ3jt8SR2m0bHBhvWeD3x5Q9s0foavq_oJWGA", | ||
kty: "OKP" | ||
}, | ||
]; | ||
|
||
run_test(["Ed448"]); |
Oops, something went wrong.