third_party/WebKit/LayoutTests/crypto/subtle/aes-cbc/decrypt-failures.html

   1 <!DOCTYPE html>
   2 <html>
   3 <head>
   4 <script src="../../../resources/js-test.js"></script>
   5 <script src="../resources/common.js"></script>
   6 <script src="../resources/keys.js"></script>
   7 </head>
   8 <body>
   9 <p id="description"></p>
  10 <div id="console"></div>
  11
  12 <script>
  13 description("Decrypting truncated AES-CBC ciphertext should fail");
  14
  15 jsTestIsAsync = true;
  16
  17 // 128-bit key with plaintext that is an exact multiple of block size.
  18 // Derived from [1] F.2.1 (CBC-AES128.Encrypt), by adding padding block.
  19 var iv = hexStringToUint8Array("000102030405060708090a0b0c0d0e0f");
  20 var keyData = hexStringToUint8Array("2b7e151628aed2a6abf7158809cf4f3c");
  21 var cipherText = hexStringToUint8Array("7649abac8119b246cee98e9b12e9197d5086cb9b507219ee95db113a917678b273bed6b8e3c1743b7116e69e222295163ff1caa1681fac09120eca307586e1a78cb82807230e1321d3fae00d18cc2012");
  22
  23 var key = null;
  24 var usages = ['encrypt', 'decrypt'];
  25 var extractable = false;
  26 var algorithm = {name: 'aes-cbc', iv: iv};
  27
  28 function verifyDecryptionFails(newCipherTextLength)
  29 {
  30     var newCipherText = cipherText.subarray(0, newCipherTextLength);
  31
  32     var description = "ciphertext length: " + newCipherText.byteLength;
  33     return crypto.subtle.decrypt(algorithm, key, newCipherText).then(function(result) {
  34         debug("FAIL: decrypting succeeded. " + description);
  35     }, function(result) {
  36         logError(result);
  37         debug("PASS: decrypting failed. " + description);
  38     });
  39 }
  40
  41 crypto.subtle.importKey('raw', keyData, algorithm, extractable, usages).then(function(result) {
  42     key = result;
  43
  44     // Verify that decryption works with the original ciphertext.
  45     return crypto.subtle.decrypt(algorithm, key, cipherText);
  46 }).then(function(result) {
  47     debug("PASS: Decryption succeeded");
  48
  49     // Try a number of bad ciphertexts.
  50     var badLengths = [
  51         0,
  52         cipherText.byteLength - 1,
  53
  54         // Stripped a whole block. This new final block will result in a
  55         // padding error.
  56         cipherText.byteLength - 16,
  57         1,
  58         15,
  59         16,
  60         17
  61     ];
  62
  63     var lastPromise = Promise.resolve(null);
  64     badLengths.forEach(function(badLength) {
  65         lastPromise = lastPromise.then(verifyDecryptionFails.bind(null, badLength));
  66     });
  67     return lastPromise;
  68 }).then(finishJSTest, failAndFinishJSTest);
  69
  70 </script>
  71
  72 </body>
  73 </html>