nephele
/
haikuwebkit
1
0
Fork 0
Code Issues Releases Activity
haikuwebkit/LayoutTests/crypto/subtle/hkdf-derive-bits-length-lim...

101 lines
4.0 KiB
HTML
Raw Permalink Normal View History

[GCrypt] HKDF bit derivation support https://bugs.webkit.org/show_bug.cgi?id=171074 Reviewed by Michael Catanzaro. Source/WebCore: Implement bit derivation support for the HKDF algorithm for configurations that use libgcrypt. libgcrypt doesn't provide HKDF support out of the box, so we have to implement the two steps manually. In the first one, we retrieve the pseudo-random key by using the specified MAC algorithm with the salt data as the key and the key data as the input keying material. In the expand step, we do the required amount of iterations to derive a sufficient amount of data, using the same MAC algorithm with the pseudo-random key from the previous step on the data we compose from the previous block data, the info data, and the current iteration value. The resulting blocks are appended together until they can be clipped to the desired output length. * crypto/gcrypt/CryptoAlgorithmHKDFGCrypt.cpp: (WebCore::macAlgorithmForHashFunction): (WebCore::gcryptDeriveBits): (WebCore::CryptoAlgorithmHKDF::platformDeriveBits): LayoutTests: The crypto/subtle/hkdf-derive-bits-length-limits.html test is added, testing the corner-case length values for which the bit derivation operation must succeed or fail for any specified SHA hash algorithm. With HashLen as the algorithm's output length, the operation should reject for lengths of 0 or above 255 * HashLen * 8. The operation should resolve for lengths between the two limits, with testing performed on lengths of 8 (the minimum output length), HashLen * 8 (matching the output length of the hash algorithm), and 255 * HashLen * 8 (the maximum derivation output length). * crypto/subtle/hkdf-derive-bits-length-limits-expected.txt: Added. * crypto/subtle/hkdf-derive-bits-length-limits.html: Added. * platform/gtk/TestExpectations: Enable the HKDF tests under crypto/subtle/. Canonical link: https://commits.webkit.org/188448@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@216061 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2017-05-02 06:37:07 +00:00
<!DOCTYPE html>
<html>
<head>
<script src="../../resources/js-test-pre.js"></script>
<script src="../resources/common.js"></script>
</head>
<body>
<p id="description"></p>
<div id="console"></div>
<script type="text/javascript">
description("Test HKDF deriveBits operation for corner-case length values");
jsTestIsAsync = true;
var nonExtractable = false;
var rawKey = asciiToUint8Array("jnOw99oOZFLIEPMr");
var info = asciiToUint8Array("jnOw99oO");
var salt = asciiToUint8Array("jnOw99oO");
crypto.subtle.importKey("raw", rawKey, "HKDF", nonExtractable, ["deriveBits"]).then(function(result) {
baseKey = result;
deriveBits = function(hash, length) {
return crypto.subtle.deriveBits({name: "HKDF", info: info, salt: salt, hash: hash}, baseKey, length);
};
// For each SHA algorithm and the corresponding HashLen length, we check that:
// - deriving with zero length rejects,
// - deriving with 8, HashLen * 8 and 255 * HashLen * 8 resolves,
// - deriving with 256 * HashLen * 8 rejects.
return Promise.resolve().then(function(result) {
// SHA-1, hash output length is 20 bytes
return shouldReject('deriveBits("sha-1", 0)').then(function(result) {
return Promise.all([
deriveBits("sha-1", 8),
deriveBits("sha-1", 20 * 8),
deriveBits("sha-1", 255 * 20 * 8)
]).then(function(result) {
testPassed("Bit derivations for SHA-1 with minimum, maximum and HashLen lengths all passed");
return shouldReject('deriveBits("sha-1", 256 * 20 * 8)');
});
});
}).then(function(result) {
// SHA-224, hash output length is 28 bytes
return shouldReject('deriveBits("sha-224", 0)').then(function(result) {
return Promise.all([
deriveBits("sha-224", 8),
deriveBits("sha-224", 28 * 8),
deriveBits("sha-224", 255 * 28 * 8)
]).then(function(result) {
testPassed("Bit derivations for SHA-224 with minimum, maximum and HashLen lengths all passed");
return shouldReject('deriveBits("sha-224", 256 * 28 * 8)');
});
});
}).then(function(result) {
// SHA-256, hash output length is 32 bytes
return shouldReject('deriveBits("sha-256", 0)').then(function(result) {
return Promise.all([
deriveBits("sha-256", 8),
deriveBits("sha-256", 32 * 8),
deriveBits("sha-256", 255 * 32 * 8)
]).then(function(result) {
testPassed("Bit derivations for SHA-256 with minimum, maximum and HashLen lengths all passed");
return shouldReject('deriveBits("sha-256", 256 * 32 * 8)');
});
});
}).then(function(result) {
// SHA-384, hash output length is 48 bytes
return shouldReject('deriveBits("sha-384", 0)').then(function(result) {
return Promise.all([
deriveBits("sha-384", 8),
deriveBits("sha-384", 48 * 8),
deriveBits("sha-384", 255 * 48 * 8)
]).then(function(result) {
testPassed("Bit derivations for SHA-384 with minimum, maximum and HashLen lengths all passed");
return shouldReject('deriveBits("sha-384", 256 * 48 * 8)');
});
});
}).then(function(result) {
// SHA-512, hash output length is 64 bytes
return shouldReject('deriveBits("sha-512", 0)').then(function(result) {
return Promise.all([
deriveBits("sha-512", 8),
deriveBits("sha-512", 64 * 8),
deriveBits("sha-512", 255 * 64 * 8)
]).then(function(result) {
testPassed("Bit derivations for SHA-512 with minimum, maximum and HashLen lengths all passed");
return shouldReject('deriveBits("sha-512", 256 * 64 * 8)');
});
});
});
}).then(finishJSTest, finishJSTest);
</script>
<script src="../../resources/js-test-post.js"></script>
</body>
</html>