4 <script src="../resources/js-test.js"></script>
5 <script src="resources/common.js"></script>
8 <p id="description"></p>
9 <div id="console"></div>
12 description("Tests wrapping and unwrapping of AES-CBC keys using AES-KW and raw format");
16 var kWrappingTestCases = [
17 // AES-KW test vectors from http://www.ietf.org/rfc/rfc3394.txt
18 // 4.1 Wrap 128 bits of Key Data with a 128-bit KEK
20 "wrappingKey": "000102030405060708090A0B0C0D0E0F",
21 "key": "00112233445566778899AABBCCDDEEFF",
22 "ciphertext": "1FA68B0A8112B447AEF34BD8FB5A7B829D3E862371D2CFE5"
24 // 4.3 Wrap 128 bits of Key Data with a 256-bit KEK
26 "wrappingKey": "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
27 "key": "00112233445566778899AABBCCDDEEFF",
28 "ciphertext": "64E8C3F9CE0F5BA263E9777905818A2A93C8191E7D6E8AE7"
30 // 4.5 Wrap 192 bits of Key Data with a 256-bit KEK
32 "wrappingKey": "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
33 "key": "00112233445566778899AABBCCDDEEFF0001020304050607",
34 "ciphertext": "A8F9BC1612C68B3FF6E6F4FBE30E71E4769C8B80A32CB8958CD5D17D6B254DA1"
36 // 4.6 Wrap 256 bits of Key Data with a 256-bit KEK
38 "wrappingKey": "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
39 "key": "00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F",
40 "ciphertext": "28C9F404C4B810F4CBCCB35CFB87F8263F5786E2D80ED326CBC7F0E71A99F43BFB988B9B7A02DD21"
44 function runTestCase(testCase)
46 var wrappingKey = null;
49 return Promise.resolve(null).then(function(result) {
50 // Import the wrapping key
51 var importAlgorithm = {name: 'aes-kw'};
52 var keyData = hexStringToUint8Array(testCase.wrappingKey);
53 var usages = ['wrapKey', 'unwrapKey'];
54 var extractable = false;
56 return crypto.subtle.importKey('raw', keyData, importAlgorithm, extractable, usages);
57 }).then(function(result) {
60 // Import the key to be wrapped.
61 var importAlgorithm = {name: 'HMAC', hash: {name: 'sha-1'}};
62 var keyData = hexStringToUint8Array(testCase.key);
63 var usages = ['sign', 'verify'];
64 var extractable = true;
66 return crypto.subtle.importKey('raw', keyData, importAlgorithm, extractable, usages);
67 }).then(function(result) {
71 var wrapAlgorithm = {name: 'aes-kw'};
72 return crypto.subtle.wrapKey('raw', key, wrappingKey, wrapAlgorithm);
73 }).then(function(result) {
74 bytesShouldMatchHexString("Wrapped key data", testCase.ciphertext, result);
77 var wrappedKeyData = hexStringToUint8Array(testCase.ciphertext);
78 var unwrapAlgorithm = {name: 'aes-kw'};
79 var unwrappedKeyAlgorithm = {name: 'HMAC', hash: {name: 'sha-1'}};
80 var extractable = true;
81 var usages = ['sign'];
82 return crypto.subtle.unwrapKey('raw', wrappedKeyData, wrappingKey, unwrapAlgorithm, unwrappedKeyAlgorithm, extractable, usages);
83 }).then(function(result) {
84 unwrappedKey = result;
86 shouldEvaluateAs("unwrappedKey.algorithm.name", "HMAC");
87 shouldEvaluateAs("unwrappedKey.algorithm.hash.name", "SHA-1");
88 shouldEvaluateAs("unwrappedKey.algorithm.length", testCase.key.length * 4);
89 shouldEvaluateAs("unwrappedKey.extractable", true);
90 shouldEvaluateAs("unwrappedKey.usages.join(',')", "sign");
92 return crypto.subtle.exportKey('raw', unwrappedKey);
93 }).then(function(result) {
94 bytesShouldMatchHexString("Unwrapped key data", testCase.key, result);
98 var lastPromise = Promise.resolve(null);
100 kWrappingTestCases.forEach(function(test) {
101 lastPromise = lastPromise.then(runTestCase.bind(null, test));
104 lastPromise.then(finishJSTest, failAndFinishJSTest);