Bug 1085369 - Move key wrapping/unwrapping tests to their own test file. r=rbarnes, a=test-only
authorTim Taubert <ttaubert@mozilla.com>
Mon, 20 Oct 2014 18:08:51 +0200
changeset 243011 afab84ec4e34
parent 243008 126d92ac00e9
child 243012 d0660bbc79a1
push id4363
push userryanvm@gmail.com
push date2015-01-23 21:41 +0000
treeherdermozilla-beta@957b4a673416 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersrbarnes, test-only
bugs1085369
milestone36.0
Bug 1085369 - Move key wrapping/unwrapping tests to their own test file. r=rbarnes, a=test-only
dom/crypto/test/mochitest.ini
dom/crypto/test/test_WebCrypto.html
dom/crypto/test/test_WebCrypto_Wrap_Unwrap.html
--- a/dom/crypto/test/mochitest.ini
+++ b/dom/crypto/test/mochitest.ini
@@ -8,8 +8,9 @@ support-files =
   util.js
 
 [test_WebCrypto.html]
 [test_WebCrypto_DH.html]
 [test_WebCrypto_ECDH.html]
 [test_WebCrypto_JWK.html]
 [test_WebCrypto_PBKDF2.html]
 [test_WebCrypto_RSA_OAEP.html]
+[test_WebCrypto_Wrap_Unwrap.html]
--- a/dom/crypto/test/test_WebCrypto.html
+++ b/dom/crypto/test/test_WebCrypto.html
@@ -939,302 +939,16 @@ TestArray.addTest(
         complete(that, function(x) { return !x; }),
         error(that)
       );
   }
 );
 
 // -----------------------------------------------------------------------------
 TestArray.addTest(
-  "Key wrap known answer, using AES-GCM",
-  function () {
-    var that = this;
-    var alg = {
-      name: "AES-GCM",
-      iv: tv.key_wrap_known_answer.wrapping_iv,
-      tagLength: 128
-    };
-    var key, wrappingKey;
-
-    function doImport(k) {
-      wrappingKey = k;
-      return crypto.subtle.importKey("raw", tv.key_wrap_known_answer.key,
-                                     alg, true, ['encrypt', 'decrypt']);
-    }
-    function doWrap(k) {
-      key = k;
-      return crypto.subtle.wrapKey("raw", key, wrappingKey, alg);
-    }
-
-    crypto.subtle.importKey("raw", tv.key_wrap_known_answer.wrapping_key,
-                            alg, false, ['wrapKey'])
-      .then(doImport, error(that))
-      .then(doWrap, error(that))
-      .then(
-        memcmp_complete(that, tv.key_wrap_known_answer.wrapped_key),
-        error(that)
-      );
-  }
-);
-
-// -----------------------------------------------------------------------------
-TestArray.addTest(
-  "Key wrap failing on non-extractable key",
-  function () {
-    var that = this;
-    var alg = {
-      name: "AES-GCM",
-      iv: tv.key_wrap_known_answer.wrapping_iv,
-      tagLength: 128
-    };
-    var key, wrappingKey;
-
-    function doImport(k) {
-      wrappingKey = k;
-      return crypto.subtle.importKey("raw", tv.key_wrap_known_answer.key,
-                                     alg, false, ['encrypt', 'decrypt']);
-    }
-    function doWrap(k) {
-      key = k;
-      return crypto.subtle.wrapKey("raw", key, wrappingKey, alg);
-    }
-
-    crypto.subtle.importKey("raw", tv.key_wrap_known_answer.wrapping_key,
-                            alg, false, ['wrapKey'])
-      .then(doImport, error(that))
-      .then(doWrap, error(that))
-      .then(
-        error(that),
-        complete(that)
-      );
-  }
-);
-
-// -----------------------------------------------------------------------------
-TestArray.addTest(
-  "Key unwrap known answer, using AES-GCM",
-  function () {
-    var that = this;
-    var alg = {
-      name: "AES-GCM",
-      iv: tv.key_wrap_known_answer.wrapping_iv,
-      tagLength: 128
-    };
-    var key, wrappingKey;
-
-    function doUnwrap(k) {
-      wrappingKey = k;
-      return crypto.subtle.unwrapKey(
-                "raw", tv.key_wrap_known_answer.wrapped_key,
-                wrappingKey, alg,
-                "AES-GCM", true, ['encrypt', 'decrypt']
-             );
-    }
-    function doExport(k) {
-      return crypto.subtle.exportKey("raw", k);
-    }
-
-    crypto.subtle.importKey("raw", tv.key_wrap_known_answer.wrapping_key,
-                            alg, false, ['unwrapKey'])
-      .then(doUnwrap, error(that))
-      .then(doExport, error(that))
-      .then(
-        memcmp_complete(that, tv.key_wrap_known_answer.key),
-        error(that)
-      );
-  }
-);
-
-// -----------------------------------------------------------------------------
-TestArray.addTest(
-  "Key wrap/unwrap round-trip, using RSA-OAEP",
-  function () {
-    var that = this;
-    var oaep = {
-      name: "RSA-OAEP",
-      hash: "SHA-256"
-    };
-    var gcm = {
-      name: "AES-GCM",
-      iv: tv.aes_gcm_enc.iv,
-      additionalData: tv.aes_gcm_enc.adata,
-      tagLength: 128
-    };
-    var unwrapKey;
-
-    function doWrap(keys) {
-      var originalKey = keys[0];
-      var wrapKey = keys[1];
-      unwrapKey = keys[2];
-      return crypto.subtle.wrapKey("raw", originalKey, wrapKey, oaep);
-    }
-    function doUnwrap(wrappedKey) {
-      return crypto.subtle.unwrapKey("raw", wrappedKey, unwrapKey, oaep,
-                                     gcm, false, ['encrypt']);
-    }
-    function doEncrypt(aesKey) {
-      return crypto.subtle.encrypt(gcm, aesKey, tv.aes_gcm_enc.data);
-    }
-
-    // 1.Import:
-    //  -> HMAC key
-    //  -> OAEP wrap key (public)
-    //  -> OAEP unwrap key (private)
-    // 2. Wrap the HMAC key
-    // 3. Unwrap it
-    // 4. Compute HMAC
-    // 5. Check HMAC value
-    Promise.all([
-      crypto.subtle.importKey("raw", tv.aes_gcm_enc.key, gcm, true, ['encrypt']),
-      crypto.subtle.importKey("spki", tv.rsaoaep.spki, oaep, true, ['wrapKey']),
-      crypto.subtle.importKey("pkcs8", tv.rsaoaep.pkcs8, oaep, false, ['unwrapKey'])
-    ])
-      .then(doWrap, error(that))
-      .then(doUnwrap, error(that))
-      .then(doEncrypt, error(that))
-      .then(
-        memcmp_complete(that, tv.aes_gcm_enc.result),
-        error(that)
-      );
-  }
-);
-
-// -----------------------------------------------------------------------------
-TestArray.addTest(
-  "JWK wrap/unwrap round-trip, with AES-GCM",
-  function () {
-    var that = this;
-    var genAlg = { name: "HMAC", hash: "SHA-384", length: 512 };
-    var wrapAlg = { name: "AES-GCM", iv: tv.aes_gcm_enc.iv };
-    var wrapKey, originalKey, originalKeyJwk;
-
-    function doExport(k) {
-      return crypto.subtle.exportKey("jwk", k);
-    }
-    function doWrap() {
-      return crypto.subtle.wrapKey("jwk", originalKey, wrapKey, wrapAlg);
-    }
-    function doUnwrap(wrappedKey) {
-      return crypto.subtle.unwrapKey("jwk", wrappedKey, wrapKey, wrapAlg,
-                                     { name: "HMAC", hash: "SHA-384"},
-                                     true, ['sign', 'verify']);
-    }
-
-    Promise.all([
-      crypto.subtle.importKey("jwk", tv.aes_gcm_enc.key_jwk,
-                              "AES-GCM", false, ['wrapKey','unwrapKey'])
-        .then(function(x) { wrapKey = x; }),
-      crypto.subtle.generateKey(genAlg, true, ['sign', 'verify'])
-        .then(function(x) { originalKey = x; return x; })
-        .then(doExport)
-        .then(function(x) { originalKeyJwk = x; })
-    ])
-      .then(doWrap)
-      .then(doUnwrap)
-      .then(doExport)
-      .then(
-        complete(that, function(x) {
-          return exists(x.k) && x.k == originalKeyJwk.k;
-        }),
-        error(that)
-      );
-  }
-);
-
-// -----------------------------------------------------------------------------
-TestArray.addTest(
-  "AES-KW known answer",
-  function () {
-    var that = this;
-
-    function doWrap(keys) {
-      var wrapKey = keys[0];
-      var originalKey = keys[1];
-      return crypto.subtle.wrapKey("raw", originalKey, wrapKey, "AES-KW");
-    }
-
-    Promise.all([
-      crypto.subtle.importKey("jwk", tv.aes_kw.wrapping_key,
-                              "AES-KW", false, ['wrapKey']),
-      crypto.subtle.importKey("jwk", tv.aes_kw.key,
-                              "AES-GCM", true, ['encrypt'])
-    ])
-      .then(doWrap)
-      .then(
-        memcmp_complete(that, tv.aes_kw.wrapped_key),
-        error(that)
-      );
-
-  }
-);
-
-// -----------------------------------------------------------------------------
-TestArray.addTest(
-  "AES-KW unwrap failure on tampered key data",
-  function () {
-    var that = this;
-    var tamperedWrappedKey = new Uint8Array(tv.aes_kw.wrapped_key);
-    tamperedWrappedKey[5] ^= 0xFF;
-
-    function doUnwrap(wrapKey) {
-      return crypto.subtle.unwrapKey("raw", tamperedWrappedKey, wrapKey,
-                                     "AES-KW", "AES-GCM",
-                                     true, ['encrypt', 'decrypt']);
-    }
-
-    crypto.subtle.importKey("jwk", tv.aes_kw.wrapping_key,
-                              "AES-KW", false, ['unwrapKey'])
-      .then(doUnwrap)
-      .then(error(that), complete(that));
-  }
-);
-
-// -----------------------------------------------------------------------------
-TestArray.addTest(
-  "AES-KW wrap/unwrap round-trip",
-  function () {
-    var that = this;
-    var genAlg = { name: "HMAC", hash: "SHA-384", length: 512 };
-    var wrapKey, originalKey, originalKeyJwk;
-
-    function doExport(k) {
-      return crypto.subtle.exportKey("jwk", k);
-    }
-    function doWrap() {
-      return crypto.subtle.wrapKey("raw", originalKey, wrapKey, "AES-KW");
-    }
-    function doUnwrap(wrappedKey) {
-      return crypto.subtle.unwrapKey("raw", wrappedKey, wrapKey,
-                                     "AES-KW", { name: "HMAC", hash: "SHA-384"},
-                                     true, ['sign', 'verify']);
-    }
-
-    Promise.all([
-      crypto.subtle.importKey("jwk", tv.aes_kw.wrapping_key,
-                              "AES-KW", false, ['wrapKey','unwrapKey'])
-        .then(function(x) { wrapKey = x; }),
-      crypto.subtle.generateKey(genAlg, true, ['sign'])
-        .then(function(x) { originalKey = x; return x; })
-        .then(doExport)
-        .then(function(x) { originalKeyJwk = x; })
-    ])
-      .then(doWrap)
-      .then(doUnwrap)
-      .then(doExport)
-      .then(
-        complete(that, function(x) {
-          return exists(x.k) && x.k == originalKeyJwk.k;
-        }),
-        error(that)
-      );
-  }
-);
-
-// -----------------------------------------------------------------------------
-TestArray.addTest(
   "Test that we return ArrayBuffers not ArrayBufferViews",
   function() {
     var that = this;
 
     crypto.subtle.digest("SHA-256", tv.sha256.data)
       .then(complete(that, function (x) {
         return x instanceof ArrayBuffer;
       }), error(that));
new file mode 100644
--- /dev/null
+++ b/dom/crypto/test/test_WebCrypto_Wrap_Unwrap.html
@@ -0,0 +1,344 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+<title>WebCrypto Test Suite</title>
+<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
+<link rel="stylesheet" href="./test_WebCrypto.css"/>
+<script src="/tests/SimpleTest/SimpleTest.js"></script>
+
+<!-- Utilities for manipulating ABVs -->
+<script src="util.js"></script>
+
+<!-- A simple wrapper around IndexedDB -->
+<script src="simpledb.js"></script>
+
+<!-- Test vectors drawn from the literature -->
+<script src="./test-vectors.js"></script>
+
+<!-- General testing framework -->
+<script src="./test-array.js"></script>
+
+<script>/*<![CDATA[*/
+"use strict";
+
+// -----------------------------------------------------------------------------
+TestArray.addTest(
+  "Key wrap known answer, using AES-GCM",
+  function () {
+    var that = this;
+    var alg = {
+      name: "AES-GCM",
+      iv: tv.key_wrap_known_answer.wrapping_iv,
+      tagLength: 128
+    };
+    var key, wrappingKey;
+
+    function doImport(k) {
+      wrappingKey = k;
+      return crypto.subtle.importKey("raw", tv.key_wrap_known_answer.key,
+                                     alg, true, ['encrypt', 'decrypt']);
+    }
+    function doWrap(k) {
+      key = k;
+      return crypto.subtle.wrapKey("raw", key, wrappingKey, alg);
+    }
+
+    crypto.subtle.importKey("raw", tv.key_wrap_known_answer.wrapping_key,
+                            alg, false, ['wrapKey'])
+      .then(doImport, error(that))
+      .then(doWrap, error(that))
+      .then(
+        memcmp_complete(that, tv.key_wrap_known_answer.wrapped_key),
+        error(that)
+      );
+  }
+);
+
+// -----------------------------------------------------------------------------
+TestArray.addTest(
+  "Key wrap failing on non-extractable key",
+  function () {
+    var that = this;
+    var alg = {
+      name: "AES-GCM",
+      iv: tv.key_wrap_known_answer.wrapping_iv,
+      tagLength: 128
+    };
+    var key, wrappingKey;
+
+    function doImport(k) {
+      wrappingKey = k;
+      return crypto.subtle.importKey("raw", tv.key_wrap_known_answer.key,
+                                     alg, false, ['encrypt', 'decrypt']);
+    }
+    function doWrap(k) {
+      key = k;
+      return crypto.subtle.wrapKey("raw", key, wrappingKey, alg);
+    }
+
+    crypto.subtle.importKey("raw", tv.key_wrap_known_answer.wrapping_key,
+                            alg, false, ['wrapKey'])
+      .then(doImport, error(that))
+      .then(doWrap, error(that))
+      .then(
+        error(that),
+        complete(that)
+      );
+  }
+);
+
+// -----------------------------------------------------------------------------
+TestArray.addTest(
+  "Key unwrap known answer, using AES-GCM",
+  function () {
+    var that = this;
+    var alg = {
+      name: "AES-GCM",
+      iv: tv.key_wrap_known_answer.wrapping_iv,
+      tagLength: 128
+    };
+    var key, wrappingKey;
+
+    function doUnwrap(k) {
+      wrappingKey = k;
+      return crypto.subtle.unwrapKey(
+                "raw", tv.key_wrap_known_answer.wrapped_key,
+                wrappingKey, alg,
+                "AES-GCM", true, ['encrypt', 'decrypt']
+             );
+    }
+    function doExport(k) {
+      return crypto.subtle.exportKey("raw", k);
+    }
+
+    crypto.subtle.importKey("raw", tv.key_wrap_known_answer.wrapping_key,
+                            alg, false, ['unwrapKey'])
+      .then(doUnwrap, error(that))
+      .then(doExport, error(that))
+      .then(
+        memcmp_complete(that, tv.key_wrap_known_answer.key),
+        error(that)
+      );
+  }
+);
+
+// -----------------------------------------------------------------------------
+TestArray.addTest(
+  "Key wrap/unwrap round-trip, using RSA-OAEP",
+  function () {
+    var that = this;
+    var oaep = {
+      name: "RSA-OAEP",
+      hash: "SHA-256"
+    };
+    var gcm = {
+      name: "AES-GCM",
+      iv: tv.aes_gcm_enc.iv,
+      additionalData: tv.aes_gcm_enc.adata,
+      tagLength: 128
+    };
+    var unwrapKey;
+
+    function doWrap(keys) {
+      var originalKey = keys[0];
+      var wrapKey = keys[1];
+      unwrapKey = keys[2];
+      return crypto.subtle.wrapKey("raw", originalKey, wrapKey, oaep);
+    }
+    function doUnwrap(wrappedKey) {
+      return crypto.subtle.unwrapKey("raw", wrappedKey, unwrapKey, oaep,
+                                     gcm, false, ['encrypt']);
+    }
+    function doEncrypt(aesKey) {
+      return crypto.subtle.encrypt(gcm, aesKey, tv.aes_gcm_enc.data);
+    }
+
+    // 1.Import:
+    //  -> HMAC key
+    //  -> OAEP wrap key (public)
+    //  -> OAEP unwrap key (private)
+    // 2. Wrap the HMAC key
+    // 3. Unwrap it
+    // 4. Compute HMAC
+    // 5. Check HMAC value
+    Promise.all([
+      crypto.subtle.importKey("raw", tv.aes_gcm_enc.key, gcm, true, ['encrypt']),
+      crypto.subtle.importKey("spki", tv.rsaoaep.spki, oaep, true, ['wrapKey']),
+      crypto.subtle.importKey("pkcs8", tv.rsaoaep.pkcs8, oaep, false, ['unwrapKey'])
+    ])
+      .then(doWrap, error(that))
+      .then(doUnwrap, error(that))
+      .then(doEncrypt, error(that))
+      .then(
+        memcmp_complete(that, tv.aes_gcm_enc.result),
+        error(that)
+      );
+  }
+);
+
+// -----------------------------------------------------------------------------
+TestArray.addTest(
+  "JWK wrap/unwrap round-trip, with AES-GCM",
+  function () {
+    var that = this;
+    var genAlg = { name: "HMAC", hash: "SHA-384", length: 512 };
+    var wrapAlg = { name: "AES-GCM", iv: tv.aes_gcm_enc.iv };
+    var wrapKey, originalKey, originalKeyJwk;
+
+    function doExport(k) {
+      return crypto.subtle.exportKey("jwk", k);
+    }
+    function doWrap() {
+      return crypto.subtle.wrapKey("jwk", originalKey, wrapKey, wrapAlg);
+    }
+    function doUnwrap(wrappedKey) {
+      return crypto.subtle.unwrapKey("jwk", wrappedKey, wrapKey, wrapAlg,
+                                     { name: "HMAC", hash: "SHA-384"},
+                                     true, ['sign', 'verify']);
+    }
+
+    Promise.all([
+      crypto.subtle.importKey("jwk", tv.aes_gcm_enc.key_jwk,
+                              "AES-GCM", false, ['wrapKey','unwrapKey'])
+        .then(function(x) { wrapKey = x; }),
+      crypto.subtle.generateKey(genAlg, true, ['sign', 'verify'])
+        .then(function(x) { originalKey = x; return x; })
+        .then(doExport)
+        .then(function(x) { originalKeyJwk = x; })
+    ])
+      .then(doWrap)
+      .then(doUnwrap)
+      .then(doExport)
+      .then(
+        complete(that, function(x) {
+          return exists(x.k) && x.k == originalKeyJwk.k;
+        }),
+        error(that)
+      );
+  }
+);
+
+// -----------------------------------------------------------------------------
+TestArray.addTest(
+  "AES-KW known answer",
+  function () {
+    var that = this;
+
+    function doWrap(keys) {
+      var wrapKey = keys[0];
+      var originalKey = keys[1];
+      return crypto.subtle.wrapKey("raw", originalKey, wrapKey, "AES-KW");
+    }
+
+    Promise.all([
+      crypto.subtle.importKey("jwk", tv.aes_kw.wrapping_key,
+                              "AES-KW", false, ['wrapKey']),
+      crypto.subtle.importKey("jwk", tv.aes_kw.key,
+                              "AES-GCM", true, ['encrypt'])
+    ])
+      .then(doWrap)
+      .then(
+        memcmp_complete(that, tv.aes_kw.wrapped_key),
+        error(that)
+      );
+
+  }
+);
+
+// -----------------------------------------------------------------------------
+TestArray.addTest(
+  "AES-KW unwrap failure on tampered key data",
+  function () {
+    var that = this;
+    var tamperedWrappedKey = new Uint8Array(tv.aes_kw.wrapped_key);
+    tamperedWrappedKey[5] ^= 0xFF;
+
+    function doUnwrap(wrapKey) {
+      return crypto.subtle.unwrapKey("raw", tamperedWrappedKey, wrapKey,
+                                     "AES-KW", "AES-GCM",
+                                     true, ['encrypt', 'decrypt']);
+    }
+
+    crypto.subtle.importKey("jwk", tv.aes_kw.wrapping_key,
+                              "AES-KW", false, ['unwrapKey'])
+      .then(doUnwrap)
+      .then(error(that), complete(that));
+  }
+);
+
+// -----------------------------------------------------------------------------
+TestArray.addTest(
+  "AES-KW wrap/unwrap round-trip",
+  function () {
+    var that = this;
+    var genAlg = { name: "HMAC", hash: "SHA-384", length: 512 };
+    var wrapKey, originalKey, originalKeyJwk;
+
+    function doExport(k) {
+      return crypto.subtle.exportKey("jwk", k);
+    }
+    function doWrap() {
+      return crypto.subtle.wrapKey("raw", originalKey, wrapKey, "AES-KW");
+    }
+    function doUnwrap(wrappedKey) {
+      return crypto.subtle.unwrapKey("raw", wrappedKey, wrapKey,
+                                     "AES-KW", { name: "HMAC", hash: "SHA-384"},
+                                     true, ['sign', 'verify']);
+    }
+
+    Promise.all([
+      crypto.subtle.importKey("jwk", tv.aes_kw.wrapping_key,
+                              "AES-KW", false, ['wrapKey','unwrapKey'])
+        .then(function(x) { wrapKey = x; }),
+      crypto.subtle.generateKey(genAlg, true, ['sign'])
+        .then(function(x) { originalKey = x; return x; })
+        .then(doExport)
+        .then(function(x) { originalKeyJwk = x; })
+    ])
+      .then(doWrap)
+      .then(doUnwrap)
+      .then(doExport)
+      .then(
+        complete(that, function(x) {
+          return exists(x.k) && x.k == originalKeyJwk.k;
+        }),
+        error(that)
+      );
+  }
+);
+/*]]>*/</script>
+</head>
+
+<body>
+
+<div id="content">
+	<div id="head">
+		<b>Web</b>Crypto<br>
+	</div>
+
+    <div id="start" onclick="start();">RUN ALL</div>
+
+    <div id="resultDiv" class="content">
+    Summary:
+    <span class="pass"><span id="passN">0</span> passed, </span>
+    <span class="fail"><span id="failN">0</span> failed, </span>
+    <span class="pending"><span id="pendingN">0</span> pending.</span>
+    <br/>
+    <br/>
+
+    <table id="results">
+        <tr>
+            <th>Test</th>
+            <th>Result</th>
+            <th>Time</th>
+        </tr>
+    </table>
+
+    </div>
+
+    <div id="foot"></div>
+</div>
+
+</body>
+</html>