third_party/WebKit/LayoutTests/crypto/subtle/ecdh/deriveKey-hmac.html

   1 <!DOCTYPE html>
   2 <html>
   3 <head>
   4 <script src="../../../resources/js-test.js"></script>
   5 <script src="../resources/common.js"></script>
   6 </head>
   7 <body>
   8 <p id="description"></p>
   9 <div id="console"></div>
  10
  11 <script>
  12 description("Tests deriveKey() using ECDH to make HMAC keys");
  13
  14 jsTestIsAsync = true;
  15
  16 // The test data uses a public key and private key (from different key pairs) for the P-521 curve.
  17 var privateKeyJwk = {
  18      "kty":"EC",
  19      "crv":"P-521",
  20      "d":"AI_Zu5xisuK-IIz85dTSoqaQSTxN1I88l05myJJ0ZYFMdQ2VmjFOIUTonKGG97yOGmikyid-6F48d7iI1zF6VRk7",
  21      "x":"ACw6DX7wqwHVO-JzyOet0B-r10YVLv5R5q_IfiWCzclg0u_x57NCtOcFCFpM2ZnS22tyYjZb0gBHGcgUE_I-h-6s",
  22      "y":"Actm2tCHBPOKLZMpJV3DaVOluln9zBsE2I0g6iV73I4M-liqA1rLSJN8q-vcSQtZF0JvzwuvGkGuTbvT_DaRQ2pf"
  23  };
  24
  25 var publicKeyJwk = {
  26    "kty":"EC",
  27    "crv":"P-521",
  28    "x":"ADRllQ0B7icrnJ7ib2r-CXvymGFiC_3f6_o0SzLMBIggM8ndQm9l768SToMy1hUo64JsofGSQ37P4CRqT_QeivBD",
  29    "y":"ALKEzew1Xe4Sv86lZVqb2xxZ0l7WrE3DPJ93fUtSPih5iH8jg0GPDKMVoA5ffFmqPwbdgS2BK18PBFIT7QDGb2Zx"
  30 };
  31
  32 // This is the full 528 bits of key data derived by ECDH using the above keys
  33 // (only part of it will be used for these tests). In practice it wouldn't be a
  34 // good idea to make a key directly from ECDH
  35 // output without first going through a KDF, but this is just testing the API.
  36 var fullDerivedBytesHex = "0117D54D84379D0FD385BE068455A77A5366AB534FF172AB0A121F37D180DCCD19607ABB0C41CB9F6F12B01303AC4A69DC2D1D05180181FD496D9769B46BFFEC3425"
  37
  38 function importEcKeys() {
  39     var keys = {};
  40
  41     debug("Importing the private key...\n");
  42
  43     return crypto.subtle.importKey("jwk", privateKeyJwk, {name: 'ECDH', namedCurve: "P-521"}, false, ["deriveKey"]).then(function(result) {
  44         keys.private = result;
  45
  46         debug("Importing the public key...\n");
  47         return crypto.subtle.importKey("jwk", publicKeyJwk, {name: 'ECDH', namedCurve: "P-521"}, false, []);
  48     }).then(function(result) {
  49         keys.public = result;
  50         return keys;
  51     });
  52 }
  53
  54 var ecKeys = null;
  55
  56 importEcKeys().then(function(result) {
  57     ecKeys = result;
  58
  59     // Derive an HMAC SHA-1 128-bit key having the 'sign' usage.
  60     debug("Deriving an HMAC 136 bit key...\n");
  61     var algorithm = {name: 'ecdh', public: ecKeys.public};
  62     var derivedAlgorithm = {name: 'hmac', hash: "sha-1", length: 136};
  63     var extractable = true;
  64     var usages = ['sign'];
  65
  66     return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
  67 }).then(function(result) {
  68     key = result;
  69
  70     // Verify the key's properties.
  71     shouldEvaluateAs("key.type", "secret");
  72     shouldEvaluateAs("key.extractable", true);
  73     shouldEvaluateAs("key.algorithm.name", "HMAC");
  74     shouldEvaluateAs("key.algorithm.hash.name", "SHA-1");
  75     shouldEvaluateAs("key.algorithm.length", 136);
  76     shouldEvaluateAs("key.usages.join(',')", "sign");
  77
  78     // Export the key and check its bytes.
  79     return crypto.subtle.exportKey("raw", key);
  80 }).then(function(result) {
  81     bytesShouldMatchHexString("Derived Bytes", fullDerivedBytesHex.substr(0, 34), result);
  82
  83     // Derive an HMAC SHA-256 key having the 'sign, verify' usage. Use default length.
  84     debug("Deriving an HMAC 256 bit key...\n");
  85     var algorithm = {name: 'ecdh', public: ecKeys.public};
  86     var derivedAlgorithm = {name: 'hmac', hash: "sha-256"}
  87     var extractable = true;
  88     var usages = ['sign', 'verify'];
  89
  90     return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
  91 }).then(function(result) {
  92     key = result;
  93
  94     // Verify the key's properties.
  95     shouldEvaluateAs("key.type", "secret");
  96     shouldEvaluateAs("key.extractable", true);
  97     shouldEvaluateAs("key.algorithm.name", "HMAC");
  98     shouldEvaluateAs("key.algorithm.hash.name", "SHA-256");
  99     shouldEvaluateAs("key.algorithm.length", 512);
 100     shouldEvaluateAs("key.usages.join(',')", "sign,verify");
 101
 102     // Export the key and check its bytes.
 103     return crypto.subtle.exportKey("raw", key);
 104 }).then(function(result) {
 105     bytesShouldMatchHexString("Derived Bytes", fullDerivedBytesHex.substr(0, 128), result);
 106
 107     // Derive an HMAC 256 bit key having the 'verify' usage and non-extractable
 108     debug("Deriving an HMAC 256 bit key...\n");
 109     var algorithm = {name: 'ecdh', public: ecKeys.public};
 110     var derivedAlgorithm = {name: 'HMAC', hash: 'sha-256', length: 256}
 111     var extractable = false;
 112     var usages = ['verify'];
 113
 114     return crypto.subtle.deriveKey(algorithm, ecKeys.private, derivedAlgorithm, extractable, usages);
 115 }).then(function(result) {
 116     key = result;
 117
 118     // Verify the key's properties.
 119     shouldEvaluateAs("key.type", "secret");
 120     shouldEvaluateAs("key.extractable", false);
 121     shouldEvaluateAs("key.algorithm.name", "HMAC");
 122     shouldEvaluateAs("key.algorithm.hash.name", "SHA-256");
 123     shouldEvaluateAs("key.algorithm.length", 256);
 124     shouldEvaluateAs("key.usages.join(',')", "verify");
 125 }).then(finishJSTest, failAndFinishJSTest);
 126
 127 </script>
 128
 129 </body>
 130 </html>