Roll src/third_party/WebKit e0eac24:489c548 (svn 193311:193320)

[chromium-blink-merge.git] / content / test / data / webcrypto / ecdh.json

// TODO(eroman): Use known test vectors. The samples I used here I generated myself.
[
  // Test key derivation using ECDH (P-256), using a public and private key from
  // different key pairs.
  {
    "public_key": {
      "crv": "P-256",
      "kty":"EC",
      "x":"u6dWhaRHrvFF0CiFVuUUFafU6ixveQf9trHDXJ8hgV8",
      "y":"thSm4LIY35vDD-5LE454eB7TShn919DVVGZ_7tWdjTE"
    },

    "private_key": {
      "kty":"EC",
      "crv":"P-256",
      "d":"uN2YSQvxuxhQQ9Y1XXjYi1vr2ZTdzuoDX18PYu4LU-0",
      "x":"S2S3tjygMB0DkM-N9jYUgGLt_9_H6km5P9V6V_KS4_4",
      "y":"03j8Tyqgrc4R4FAUV2C7-im96yMmfmO_5Om6Kr8YP3o"
    },

    // This is the maximum length for P-256.
    "length_bits": 256,
    "derived_bytes": "163FAA3FC4815D47345C8E959F707B2F1D3537E7B2EA1DAEC23CA8D0A242CFF3"
  },

  // Same as the test above, but in reverse (choosing public/private from the
  // opposite keypair).
  {
    "private_key": {
      "kty":"EC",
      "crv":"P-256",
      "x":"u6dWhaRHrvFF0CiFVuUUFafU6ixveQf9trHDXJ8hgV8",
      "y":"thSm4LIY35vDD-5LE454eB7TShn919DVVGZ_7tWdjTE",
      "d":"CQ8uF_-zB1NftLO6ytwKM3Cnuol64PQw5qOuCzQJeFU"
    },
    "public_key": {
      "kty":"EC",
      "crv":"P-256",
      "x":"S2S3tjygMB0DkM-N9jYUgGLt_9_H6km5P9V6V_KS4_4",
      "y":"03j8Tyqgrc4R4FAUV2C7-im96yMmfmO_5Om6Kr8YP3o"
    },

    // This is the maximum length for P-256.
    "length_bits": 256,
    "derived_bytes": "163FAA3FC4815D47345C8E959F707B2F1D3537E7B2EA1DAEC23CA8D0A242CFF3"
  },

  // This is the same test as above, however the length is 2 bytes shorter.
  {
    "private_key": {
      "kty":"EC",
      "crv":"P-256",
      "x":"u6dWhaRHrvFF0CiFVuUUFafU6ixveQf9trHDXJ8hgV8",
      "y":"thSm4LIY35vDD-5LE454eB7TShn919DVVGZ_7tWdjTE",
      "d":"CQ8uF_-zB1NftLO6ytwKM3Cnuol64PQw5qOuCzQJeFU"
    },
    "public_key": {
      "kty":"EC",
      "crv":"P-256",
      "x":"S2S3tjygMB0DkM-N9jYUgGLt_9_H6km5P9V6V_KS4_4",
      "y":"03j8Tyqgrc4R4FAUV2C7-im96yMmfmO_5Om6Kr8YP3o"
    },

    // This is the maximum length for P-256.
    "length_bits": 240,
    "derived_bytes": "163FAA3FC4815D47345C8E959F707B2F1D3537E7B2EA1DAEC23CA8D0A242"
  },

  // Try deriving zero bits.
  {
    "private_key": {
      "kty":"EC",
      "crv":"P-256",
      "x":"u6dWhaRHrvFF0CiFVuUUFafU6ixveQf9trHDXJ8hgV8",
      "y":"thSm4LIY35vDD-5LE454eB7TShn919DVVGZ_7tWdjTE",
      "d":"CQ8uF_-zB1NftLO6ytwKM3Cnuol64PQw5qOuCzQJeFU"
    },
    "public_key": {
      "kty":"EC",
      "crv":"P-256",
      "x":"S2S3tjygMB0DkM-N9jYUgGLt_9_H6km5P9V6V_KS4_4",
      "y":"03j8Tyqgrc4R4FAUV2C7-im96yMmfmO_5Om6Kr8YP3o"
    },

    "length_bits": 0,
    "derived_bytes": ""
  },

  // Try deriving a single bit.
  // Note that the full byte would be 0x16, however the remaining bits in the
  // byte will be zero-ed.
  {
    "private_key": {
      "kty":"EC",
      "crv":"P-256",
      "x":"u6dWhaRHrvFF0CiFVuUUFafU6ixveQf9trHDXJ8hgV8",
      "y":"thSm4LIY35vDD-5LE454eB7TShn919DVVGZ_7tWdjTE",
      "d":"CQ8uF_-zB1NftLO6ytwKM3Cnuol64PQw5qOuCzQJeFU"
    },
    "public_key": {
      "kty":"EC",
      "crv":"P-256",
      "x":"S2S3tjygMB0DkM-N9jYUgGLt_9_H6km5P9V6V_KS4_4",
      "y":"03j8Tyqgrc4R4FAUV2C7-im96yMmfmO_5Om6Kr8YP3o"
    },

    "length_bits": 1,
    "derived_bytes": "00"
  },

  // This is the same as an earlier test, however 253 bits instead of 256.
  // Notice how the last byte went from 0xF3 --> 0xF0, because the unused bits
  // have been zeroed.
  {
    "private_key": {
      "kty":"EC",
      "crv":"P-256",
      "x":"u6dWhaRHrvFF0CiFVuUUFafU6ixveQf9trHDXJ8hgV8",
      "y":"thSm4LIY35vDD-5LE454eB7TShn919DVVGZ_7tWdjTE",
      "d":"CQ8uF_-zB1NftLO6ytwKM3Cnuol64PQw5qOuCzQJeFU"
    },
    "public_key": {
      "kty":"EC",
      "crv":"P-256",
      "x":"S2S3tjygMB0DkM-N9jYUgGLt_9_H6km5P9V6V_KS4_4",
      "y":"03j8Tyqgrc4R4FAUV2C7-im96yMmfmO_5Om6Kr8YP3o"
    },

    "length_bits": 253,
    "derived_bytes": "163FAA3FC4815D47345C8E959F707B2F1D3537E7B2EA1DAEC23CA8D0A242CFF0"
  },


  // A test using P-521.
  {
    "private_key": {
      "crv":"P-521",
      "d":"AI_Zu5xisuK-IIz85dTSoqaQSTxN1I88l05myJJ0ZYFMdQ2VmjFOIUTonKGG97yOGmikyid-6F48d7iI1zF6VRk7",
      "kty":"EC",
      "x":"ACw6DX7wqwHVO-JzyOet0B-r10YVLv5R5q_IfiWCzclg0u_x57NCtOcFCFpM2ZnS22tyYjZb0gBHGcgUE_I-h-6s",
      "y":"Actm2tCHBPOKLZMpJV3DaVOluln9zBsE2I0g6iV73I4M-liqA1rLSJN8q-vcSQtZF0JvzwuvGkGuTbvT_DaRQ2pf"
    },

    "public_key": {
      "crv":"P-521",
      "kty":"EC",
      "x":"ADRllQ0B7icrnJ7ib2r-CXvymGFiC_3f6_o0SzLMBIggM8ndQm9l768SToMy1hUo64JsofGSQ37P4CRqT_QeivBD",
      "y":"ALKEzew1Xe4Sv86lZVqb2xxZ0l7WrE3DPJ93fUtSPih5iH8jg0GPDKMVoA5ffFmqPwbdgS2BK18PBFIT7QDGb2Zx"
    },

    "length_bits": 521,
    "derived_bytes": "0117D54D84379D0FD385BE068455A77A5366AB534FF172AB0A121F37D180DCCD19607ABB0C41CB9F6F12B01303AC4A69DC2D1D05180181FD496D9769B46BFFEC3400",
    "valid_p521_keys": true // Special variable use by ecdh_unittest.cc::LoadTestKeys
  },

  // Same as above but with the public/private switched.
  {
    "public_key": {
      "crv":"P-521",
      "kty":"EC",
      "x":"ACw6DX7wqwHVO-JzyOet0B-r10YVLv5R5q_IfiWCzclg0u_x57NCtOcFCFpM2ZnS22tyYjZb0gBHGcgUE_I-h-6s",
      "y":"Actm2tCHBPOKLZMpJV3DaVOluln9zBsE2I0g6iV73I4M-liqA1rLSJN8q-vcSQtZF0JvzwuvGkGuTbvT_DaRQ2pf"
    },

    "private_key": {
      "crv":"P-521",
      "kty":"EC",
      "d":"AU3LVJK4dtlbOEFb018ry-D-kYF7J7oQxXLpXcnQXbTh42FORGGGtySTA83gT_GiHJ0tnvgVrDdUMK1muJBGPrRf",
      "x":"ADRllQ0B7icrnJ7ib2r-CXvymGFiC_3f6_o0SzLMBIggM8ndQm9l768SToMy1hUo64JsofGSQ37P4CRqT_QeivBD",
      "y":"ALKEzew1Xe4Sv86lZVqb2xxZ0l7WrE3DPJ93fUtSPih5iH8jg0GPDKMVoA5ffFmqPwbdgS2BK18PBFIT7QDGb2Zx"
    },

    "length_bits": 521,
    "derived_bytes": "0117D54D84379D0FD385BE068455A77A5366AB534FF172AB0A121F37D180DCCD19607ABB0C41CB9F6F12B01303AC4A69DC2D1D05180181FD496D9769B46BFFEC3400"
  },

  {
    "public_key": {
      "crv":"P-521",
      "kty":"EC",
      "x":"ACw6DX7wqwHVO-JzyOet0B-r10YVLv5R5q_IfiWCzclg0u_x57NCtOcFCFpM2ZnS22tyYjZb0gBHGcgUE_I-h-6s",
      "y":"Actm2tCHBPOKLZMpJV3DaVOluln9zBsE2I0g6iV73I4M-liqA1rLSJN8q-vcSQtZF0JvzwuvGkGuTbvT_DaRQ2pf"
    },

    "private_key": {
      "crv":"P-521",
      "kty":"EC",
      "d":"AU3LVJK4dtlbOEFb018ry-D-kYF7J7oQxXLpXcnQXbTh42FORGGGtySTA83gT_GiHJ0tnvgVrDdUMK1muJBGPrRf",
      "x":"ADRllQ0B7icrnJ7ib2r-CXvymGFiC_3f6_o0SzLMBIggM8ndQm9l768SToMy1hUo64JsofGSQ37P4CRqT_QeivBD",
      "y":"ALKEzew1Xe4Sv86lZVqb2xxZ0l7WrE3DPJ93fUtSPih5iH8jg0GPDKMVoA5ffFmqPwbdgS2BK18PBFIT7QDGb2Zx"
    },

    "length_bits": 522,
    "derived_bytes": "0117D54D84379D0FD385BE068455A77A5366AB534FF172AB0A121F37D180DCCD19607ABB0C41CB9F6F12B01303AC4A69DC2D1D05180181FD496D9769B46BFFEC3400"
  },

  // Ask for 528 bits using P-521, which is the rounded up byte length of the
  // field size.
  {
    "public_key": {
      "crv":"P-521",
      "kty":"EC",
      "x":"ACw6DX7wqwHVO-JzyOet0B-r10YVLv5R5q_IfiWCzclg0u_x57NCtOcFCFpM2ZnS22tyYjZb0gBHGcgUE_I-h-6s",
      "y":"Actm2tCHBPOKLZMpJV3DaVOluln9zBsE2I0g6iV73I4M-liqA1rLSJN8q-vcSQtZF0JvzwuvGkGuTbvT_DaRQ2pf"
    },

    "private_key": {
      "crv":"P-521",
      "kty":"EC",
      "d":"AU3LVJK4dtlbOEFb018ry-D-kYF7J7oQxXLpXcnQXbTh42FORGGGtySTA83gT_GiHJ0tnvgVrDdUMK1muJBGPrRf",
      "x":"ADRllQ0B7icrnJ7ib2r-CXvymGFiC_3f6_o0SzLMBIggM8ndQm9l768SToMy1hUo64JsofGSQ37P4CRqT_QeivBD",
      "y":"ALKEzew1Xe4Sv86lZVqb2xxZ0l7WrE3DPJ93fUtSPih5iH8jg0GPDKMVoA5ffFmqPwbdgS2BK18PBFIT7QDGb2Zx"
    },

    "length_bits": 528,
    "derived_bytes": "0117D54D84379D0FD385BE068455A77A5366AB534FF172AB0A121F37D180DCCD19607ABB0C41CB9F6F12B01303AC4A69DC2D1D05180181FD496D9769B46BFFEC3425"
  },

  // The first 7 bits for P-521 will always be zero.
  {
    "public_key": {
      "crv":"P-521",
      "kty":"EC",
      "x":"ACw6DX7wqwHVO-JzyOet0B-r10YVLv5R5q_IfiWCzclg0u_x57NCtOcFCFpM2ZnS22tyYjZb0gBHGcgUE_I-h-6s",
      "y":"Actm2tCHBPOKLZMpJV3DaVOluln9zBsE2I0g6iV73I4M-liqA1rLSJN8q-vcSQtZF0JvzwuvGkGuTbvT_DaRQ2pf"
    },

    "private_key": {
      "crv":"P-521",
      "kty":"EC",
      "d":"AU3LVJK4dtlbOEFb018ry-D-kYF7J7oQxXLpXcnQXbTh42FORGGGtySTA83gT_GiHJ0tnvgVrDdUMK1muJBGPrRf",
      "x":"ADRllQ0B7icrnJ7ib2r-CXvymGFiC_3f6_o0SzLMBIggM8ndQm9l768SToMy1hUo64JsofGSQ37P4CRqT_QeivBD",
      "y":"ALKEzew1Xe4Sv86lZVqb2xxZ0l7WrE3DPJ93fUtSPih5iH8jg0GPDKMVoA5ffFmqPwbdgS2BK18PBFIT7QDGb2Zx"
    },

    "length_bits": 7,
    "derived_bytes": "00"
  },

  // Using different key pairs, verify again that the first 7 bits are zero.
  {
    "public_key": {
      "crv":"P-521",
      "kty":"EC",
      "x":"ACw6DX7wqwHVO-JzyOet0B-r10YVLv5R5q_IfiWCzclg0u_x57NCtOcFCFpM2ZnS22tyYjZb0gBHGcgUE_I-h-6s",
      "y":"Actm2tCHBPOKLZMpJV3DaVOluln9zBsE2I0g6iV73I4M-liqA1rLSJN8q-vcSQtZF0JvzwuvGkGuTbvT_DaRQ2pf"
    },

    "private_key": {
      "kty": "EC",
      "crv": "P-521",
      "d": "Ab1WvRBhGO2iRhVb1DtCuOE_Cm4l3TuzdgJvq03JK2FXvG3-wtFd09DPKjmqaElAQq9IupYBEY2oLG8hCKOiA610",
      "x": "AS-8rv-mpR8-5NPStRxd7G18cmyjU_wBTqK_fPu5uRDTLL-moA_jm2zbiUbyJ3U5iy4jPAzxRNeMindCtceju10j",
      "y": "AJze-CPde_mnnozOrNLkUnwjHQrllnrwlY6THX3czygFo-YY3DA5_sn-u9MwUv5MD-6Y8DMQYGSYLYj04DVJ1KZN"
    },

    "length_bits": 7,
    "derived_bytes": "00"
  },

  // Same as an earlier test, however the public key specifies the extraneous
  // {"use": "sig"}. This doesn't make sense for ECDH; however, it is allowed
  // by the implementation. This is not spec compliant, see:
  // https://www.w3.org/Bugs/Public/show_bug.cgi?id=27601
  {
    "private_key": {
      "kty":"EC",
      "crv":"P-256",
      "x":"u6dWhaRHrvFF0CiFVuUUFafU6ixveQf9trHDXJ8hgV8",
      "y":"thSm4LIY35vDD-5LE454eB7TShn919DVVGZ_7tWdjTE",
      "d":"CQ8uF_-zB1NftLO6ytwKM3Cnuol64PQw5qOuCzQJeFU"
    },
    "public_key": {
      "kty":"EC",
      "crv":"P-256",
      "x":"S2S3tjygMB0DkM-N9jYUgGLt_9_H6km5P9V6V_KS4_4",
      "y":"03j8Tyqgrc4R4FAUV2C7-im96yMmfmO_5Om6Kr8YP3o",
      "use": "sig"
    },

    "length_bits": 0,
    "derived_bytes": ""
  },

  // Same test as above, but instead of "use" it uses "key_ops" with bogus
  // values for ECDH
  {
    "private_key": {
      "kty":"EC",
      "crv":"P-256",
      "x":"u6dWhaRHrvFF0CiFVuUUFafU6ixveQf9trHDXJ8hgV8",
      "y":"thSm4LIY35vDD-5LE454eB7TShn919DVVGZ_7tWdjTE",
      "d":"CQ8uF_-zB1NftLO6ytwKM3Cnuol64PQw5qOuCzQJeFU"
    },
    "public_key": {
      "kty":"EC",
      "crv":"P-256",
      "x":"S2S3tjygMB0DkM-N9jYUgGLt_9_H6km5P9V6V_KS4_4",
      "y":"03j8Tyqgrc4R4FAUV2C7-im96yMmfmO_5Om6Kr8YP3o",
      "key_ops": ["encrypt", "decrypt"]
    },

    "length_bits": 0,
    "derived_bytes": ""
  },

  // -----------------------------------------
  // Errors
  // -----------------------------------------

  // The length is too long, by 1 bit
  {
    "private_key": {
      "kty":"EC",
      "crv":"P-256",
      "x":"u6dWhaRHrvFF0CiFVuUUFafU6ixveQf9trHDXJ8hgV8",
      "y":"thSm4LIY35vDD-5LE454eB7TShn919DVVGZ_7tWdjTE",
      "d":"CQ8uF_-zB1NftLO6ytwKM3Cnuol64PQw5qOuCzQJeFU"
    },
    "public_key": {
      "kty":"EC",
      "crv":"P-256",
      "x":"S2S3tjygMB0DkM-N9jYUgGLt_9_H6km5P9V6V_KS4_4",
      "y":"03j8Tyqgrc4R4FAUV2C7-im96yMmfmO_5Om6Kr8YP3o"
    },

    "length_bits": 257,
    "error": "OperationError: Length specified for ECDH key derivation is too large. Maximum allowed is 256 bits"
  },

  // The length is too long, by 1 byte
  {
    "private_key": {
      "kty":"EC",
      "crv":"P-256",
      "x":"u6dWhaRHrvFF0CiFVuUUFafU6ixveQf9trHDXJ8hgV8",
      "y":"thSm4LIY35vDD-5LE454eB7TShn919DVVGZ_7tWdjTE",
      "d":"CQ8uF_-zB1NftLO6ytwKM3Cnuol64PQw5qOuCzQJeFU"
    },
    "public_key": {
      "kty":"EC",
      "crv":"P-256",
      "x":"S2S3tjygMB0DkM-N9jYUgGLt_9_H6km5P9V6V_KS4_4",
      "y":"03j8Tyqgrc4R4FAUV2C7-im96yMmfmO_5Om6Kr8YP3o"
    },

    "length_bits": 264,
    "error": "OperationError: Length specified for ECDH key derivation is too large. Maximum allowed is 256 bits"
  },

  // Curve mismatch (public key is for P-521 however private key was for P-256).
  {
    "private_key": {
      "kty":"EC",
      "crv":"P-256",
      "x":"u6dWhaRHrvFF0CiFVuUUFafU6ixveQf9trHDXJ8hgV8",
      "y":"thSm4LIY35vDD-5LE454eB7TShn919DVVGZ_7tWdjTE",
      "d":"CQ8uF_-zB1NftLO6ytwKM3Cnuol64PQw5qOuCzQJeFU"
    },

    "public_key": {
      "crv":"P-521",
      "kty":"EC",
      "x":"ACw6DX7wqwHVO-JzyOet0B-r10YVLv5R5q_IfiWCzclg0u_x57NCtOcFCFpM2ZnS22tyYjZb0gBHGcgUE_I-h-6s",
      "y":"Actm2tCHBPOKLZMpJV3DaVOluln9zBsE2I0g6iV73I4M-liqA1rLSJN8q-vcSQtZF0JvzwuvGkGuTbvT_DaRQ2pf"
    },

    "length_bits": 256,
    "error": "InvalidAccess: The public parameter for ECDH key derivation is for a different named curve"
  },

  // Ask for 529 bits using P-521, which is too much.
  {
    "public_key": {
      "crv":"P-521",
      "kty":"EC",
      "x":"ACw6DX7wqwHVO-JzyOet0B-r10YVLv5R5q_IfiWCzclg0u_x57NCtOcFCFpM2ZnS22tyYjZb0gBHGcgUE_I-h-6s",
      "y":"Actm2tCHBPOKLZMpJV3DaVOluln9zBsE2I0g6iV73I4M-liqA1rLSJN8q-vcSQtZF0JvzwuvGkGuTbvT_DaRQ2pf"
    },

    "private_key": {
      "crv":"P-521",
      "kty":"EC",
      "d":"AU3LVJK4dtlbOEFb018ry-D-kYF7J7oQxXLpXcnQXbTh42FORGGGtySTA83gT_GiHJ0tnvgVrDdUMK1muJBGPrRf",
      "x":"ADRllQ0B7icrnJ7ib2r-CXvymGFiC_3f6_o0SzLMBIggM8ndQm9l768SToMy1hUo64JsofGSQ37P4CRqT_QeivBD",
      "y":"ALKEzew1Xe4Sv86lZVqb2xxZ0l7WrE3DPJ93fUtSPih5iH8jg0GPDKMVoA5ffFmqPwbdgS2BK18PBFIT7QDGb2Zx"
    },

    "length_bits": 529,
    "error": "OperationError: Length specified for ECDH key derivation is too large. Maximum allowed is 528 bits"
  },

  // The JWK has wrong usages (enc)
  {
    "public_key": {
      "crv": "P-256",
      "kty":"EC",
      "x":"u6dWhaRHrvFF0CiFVuUUFafU6ixveQf9trHDXJ8hgV8",
      "y":"thSm4LIY35vDD-5LE454eB7TShn919DVVGZ_7tWdjTE"
    },

    "private_key": {
      "kty":"EC",
      "crv":"P-256",
      "d":"uN2YSQvxuxhQQ9Y1XXjYi1vr2ZTdzuoDX18PYu4LU-0",
      "x":"S2S3tjygMB0DkM-N9jYUgGLt_9_H6km5P9V6V_KS4_4",
      "y":"03j8Tyqgrc4R4FAUV2C7-im96yMmfmO_5Om6Kr8YP3o",
      "use": "enc"
    },

    "private_key_error": "DataError: The JWK \"use\" member was inconsistent with that specified by the Web Crypto call. The JWK usage must be a superset of those requested"
  }
]