4 <script src="../resources/js-test.js"></script>
5 <script src="resources/common.js"></script>
8 <p id="description"></p>
9 <div id="console"></div>
12 description("Tests wrapping and unwrapping of AES-CBC keys using AES-KW and raw format");
16 var kWrappingTestCases = [
17 // AES-KW test vectors from http://www.ietf.org/rfc/rfc3394.txt
18 // 4.1 Wrap 128 bits of Key Data with a 128-bit KEK
20 "wrappingKey": "000102030405060708090A0B0C0D0E0F",
21 "key": "00112233445566778899AABBCCDDEEFF",
22 "ciphertext": "1FA68B0A8112B447AEF34BD8FB5A7B829D3E862371D2CFE5"
24 // 4.2 Wrap 128 bits of Key Data with a 192-bit KEK
26 "wrappingKey": "000102030405060708090A0B0C0D0E0F1011121314151617",
27 "key": "00112233445566778899AABBCCDDEEFF",
28 "ciphertext": "96778B25AE6CA435F92B5B97C050AED2468AB8A17AD84E5D"
30 // 4.3 Wrap 128 bits of Key Data with a 256-bit KEK
32 "wrappingKey": "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
33 "key": "00112233445566778899AABBCCDDEEFF",
34 "ciphertext": "64E8C3F9CE0F5BA263E9777905818A2A93C8191E7D6E8AE7"
36 // 4.4 Wrap 192 bits of Key Data with a 192-bit KEK
38 "wrappingKey": "000102030405060708090A0B0C0D0E0F1011121314151617",
39 "key": "00112233445566778899AABBCCDDEEFF0001020304050607",
40 "ciphertext": "031D33264E15D33268F24EC260743EDCE1C6C7DDEE725A936BA814915C6762D2"
42 // 4.5 Wrap 192 bits of Key Data with a 256-bit KEK
44 "wrappingKey": "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
45 "key": "00112233445566778899AABBCCDDEEFF0001020304050607",
46 "ciphertext": "A8F9BC1612C68B3FF6E6F4FBE30E71E4769C8B80A32CB8958CD5D17D6B254DA1"
48 // 4.6 Wrap 256 bits of Key Data with a 256-bit KEK
50 "wrappingKey": "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
51 "key": "00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F",
52 "ciphertext": "28C9F404C4B810F4CBCCB35CFB87F8263F5786E2D80ED326CBC7F0E71A99F43BFB988B9B7A02DD21"
56 function runTestCase(testCase)
58 var wrappingKey = null;
61 return Promise.resolve(null).then(function(result) {
62 // Import the wrapping key
63 var importAlgorithm = {name: 'aes-kw'};
64 var keyData = hexStringToUint8Array(testCase.wrappingKey);
65 var usages = ['wrapKey', 'unwrapKey'];
66 var extractable = false;
68 return crypto.subtle.importKey('raw', keyData, importAlgorithm, extractable, usages);
69 }).then(function(result) {
72 // Import the key to be wrapped.
73 var importAlgorithm = {name: 'aes-cbc'};
74 var keyData = hexStringToUint8Array(testCase.key);
75 var usages = ['encrypt', 'decrypt'];
76 var extractable = true;
78 return crypto.subtle.importKey('raw', keyData, importAlgorithm, extractable, usages);
79 }).then(function(result) {
83 var wrapAlgorithm = {name: 'aes-kw'};
84 return crypto.subtle.wrapKey('raw', key, wrappingKey, wrapAlgorithm);
85 }).then(function(result) {
86 bytesShouldMatchHexString("Wrapped key data", testCase.ciphertext, result);
89 var wrappedKeyData = hexStringToUint8Array(testCase.ciphertext);
90 var unwrapAlgorithm = {name: 'aes-kw'};
91 var unwrappedKeyAlgorithm = {name: 'aes-cbc'};
92 var extractable = true;
93 var usages = ['decrypt'];
94 return crypto.subtle.unwrapKey('raw', wrappedKeyData, wrappingKey, unwrapAlgorithm, unwrappedKeyAlgorithm, extractable, usages);
95 }).then(function(result) {
96 unwrappedKey = result;
98 shouldEvaluateAs("unwrappedKey.algorithm.name", "AES-CBC");
99 shouldEvaluateAs("unwrappedKey.algorithm.length", testCase.key.length * 4);
100 shouldEvaluateAs("unwrappedKey.extractable", true);
101 shouldEvaluateAs("unwrappedKey.usages.join(',')", "decrypt");
103 return crypto.subtle.exportKey('raw', unwrappedKey);
104 }).then(function(result) {
105 bytesShouldMatchHexString("Unwrapped key data", testCase.key, result);
109 var lastPromise = Promise.resolve(null);
111 kWrappingTestCases.forEach(function(test) {
112 lastPromise = lastPromise.then(runTestCase.bind(null, test));
115 lastPromise.then(finishJSTest, failAndFinishJSTest);