Skip to content

Commit

Permalink
test,crypto: update WebCryptoAPI WPT
Browse files Browse the repository at this point in the history
PR-URL: nodejs#55427
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
  • Loading branch information
panva authored and tpoisseau committed Nov 21, 2024
1 parent 95b2733 commit 5b7818b
Show file tree
Hide file tree
Showing 12 changed files with 707 additions and 471 deletions.
2 changes: 1 addition & 1 deletion test/fixtures/wpt/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ Last update:
- user-timing: https://github.com/web-platform-tests/wpt/tree/5ae85bf826/user-timing
- wasm/jsapi: https://github.com/web-platform-tests/wpt/tree/cde25e7e3c/wasm/jsapi
- wasm/webapi: https://github.com/web-platform-tests/wpt/tree/fd1b23eeaa/wasm/webapi
- WebCryptoAPI: https://github.com/web-platform-tests/wpt/tree/203d2ac459/WebCryptoAPI
- WebCryptoAPI: https://github.com/web-platform-tests/wpt/tree/bef6fa3566/WebCryptoAPI
- webidl/ecmascript-binding/es-exceptions: https://github.com/web-platform-tests/wpt/tree/a370aad338/webidl/ecmascript-binding/es-exceptions
- webmessaging/broadcastchannel: https://github.com/web-platform-tests/wpt/tree/e97fac4791/webmessaging/broadcastchannel
- webstorage: https://github.com/web-platform-tests/wpt/tree/9dafa89214/webstorage
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
// META: title=WebCryptoAPI: importKey() for Failures
// META: timeout=long
// META: script=../util/helpers.js
// META: script=ec_importKey_failures_fixtures.js
// META: script=importKey_failures.js

// Setup: define the correct behaviors that should be sought, and create
// helper functions that generate all possible test parameters for
// different situations.
run_test(["ECDH"]);
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
// META: title=WebCryptoAPI: importKey() for Failures
// META: timeout=long
// META: script=../util/helpers.js
// META: script=ec_importKey_failures_fixtures.js
// META: script=importKey_failures.js

// Setup: define the correct behaviors that should be sought, and create
// helper functions that generate all possible test parameters for
// different situations.
run_test(["ECDSA"]);

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,10 @@ function run_test(algorithmNames) {
var allTestVectors = [ // Parameters that should work for importKey / exportKey
{name: "Ed25519", privateUsages: ["sign"], publicUsages: ["verify"]},
{name: "Ed448", privateUsages: ["sign"], publicUsages: ["verify"]},
{name: "ECDSA", privateUsages: ["sign"], publicUsages: ["verify"]},
{name: "X25519", privateUsages: ["deriveKey", "deriveBits"], publicUsages: []},
{name: "X448", privateUsages: ["deriveKey", "deriveBits"], publicUsages: []},
{name: "ECDH", privateUsages: ["deriveKey", "deriveBits"], publicUsages: []}
];

var testVectors = [];
Expand Down Expand Up @@ -109,6 +111,10 @@ function run_test(algorithmNames) {
return [];
}

function isPrivateKey(data) {
return data.d !== undefined;
}

// Now test for properly handling errors
// - Unsupported algorithm
// - Bad usages for algorithm
Expand All @@ -121,8 +127,8 @@ function run_test(algorithmNames) {
// due to SyntaxError
testVectors.forEach(function(vector) {
var name = vector.name;
validKeyData.forEach(function(test) {
allAlgorithmSpecifiersFor(name).forEach(function(algorithm) {
allAlgorithmSpecifiersFor(name).forEach(function(algorithm) {
getValidKeyData(algorithm).forEach(function(test) {
invalidUsages(validUsages(vector, test.format, test.data)).forEach(function(usages) {
[true, false].forEach(function(extractable) {
testError(test.format, algorithm, test.data, name, usages, extractable, "SyntaxError", "Bad usages");
Expand All @@ -136,20 +142,20 @@ function run_test(algorithmNames) {
// Should fail due to SyntaxError
testVectors.forEach(function(vector) {
var name = vector.name;
validKeyData.filter((test) => test.format === 'pkcs8' || (test.format === 'jwk' && test.data.d)).forEach(function(test) {
allAlgorithmSpecifiersFor(name).forEach(function(algorithm) {
allAlgorithmSpecifiersFor(name).forEach(function(algorithm) {
getValidKeyData(algorithm).filter((test) => test.format === 'pkcs8' || (test.format === 'jwk' && isPrivateKey(test.data))).forEach(function(test) {
[true, false].forEach(function(extractable) {
testError(test.format, algorithm, test.data, name, [/* Empty usages */], extractable, "SyntaxError", "Empty usages");
});
});
});
});

// Algorithms normalize okay, usages ok. The length of the key must thouw a DataError exception.
// Algorithms normalize okay, usages ok. The length of the key must throw a DataError exception.
testVectors.forEach(function(vector) {
var name = vector.name;
badKeyLengthData.forEach(function(test) {
allAlgorithmSpecifiersFor(name).forEach(function(algorithm) {
allAlgorithmSpecifiersFor(name).forEach(function(algorithm) {
getBadKeyLengthData(algorithm).forEach(function(test) {
allValidUsages(validUsages(vector, test.format, test.data)).forEach(function(usages) {
[true, false].forEach(function(extractable) {
testError(test.format, algorithm, test.data, name, usages, extractable, "DataError", "Bad key length");
Expand All @@ -159,11 +165,11 @@ function run_test(algorithmNames) {
});
});

// Algorithms normalize okay, usages ok and valid key. The lack of the mandatory JWK parameter must throw a syntax error.
// Algorithms normalize okay, usages ok and valid key. The lack of the mandatory JWK parameter must throw a DataError exception.
testVectors.forEach(function(vector) {
var name = vector.name;
missingJWKFieldKeyData.forEach(function(test) {
allAlgorithmSpecifiersFor(name).forEach(function(algorithm) {
allAlgorithmSpecifiersFor(name).forEach(function(algorithm) {
getMissingJWKFieldKeyData(algorithm).forEach(function(test) {
allValidUsages(validUsages(vector, 'jwk', test.data)).forEach(function(usages) {
[true, false].forEach(function(extractable) {
testError('jwk', algorithm, test.data, name, usages, extractable, "DataError", "Missing JWK '" + test.param + "' parameter");
Expand All @@ -176,8 +182,8 @@ function run_test(algorithmNames) {
// Algorithms normalize okay, usages ok and valid key. The public key is not compatible with the private key.
testVectors.forEach(function(vector) {
var name = vector.name;
invalidJWKKeyData.forEach(function(data) {
allAlgorithmSpecifiersFor(name).forEach(function(algorithm) {
allAlgorithmSpecifiersFor(name).forEach(function(algorithm) {
getMismatchedJWKKeyData(algorithm).forEach(function(data) {
allValidUsages(vector.privateUsages).forEach(function(usages) {
[true].forEach(function(extractable) {
testError('jwk', algorithm, data, name, usages, extractable, "DataError", "Invalid key pair");
Expand Down
80 changes: 42 additions & 38 deletions test/fixtures/wpt/WebCryptoAPI/import_export/okp_importKey.js
Original file line number Diff line number Diff line change
Expand Up @@ -40,51 +40,55 @@ function runTests(algorithmName) {
// Test importKey with a given key format and other parameters. If
// extrable is true, export the key and verify that it matches the input.
function testFormat(format, algorithm, keyData, keySize, usages, extractable) {
promise_test(function(test) {
return subtle.importKey(format, keyData[format], algorithm, extractable, usages).
then(function(key) {
assert_equals(key.constructor, CryptoKey, "Imported a CryptoKey object");
assert_goodCryptoKey(key, algorithm, extractable, usages, (format === 'pkcs8' || (format === 'jwk' && keyData[format].d)) ? 'private' : 'public');
if (!extractable) {
return;
}
[algorithm, algorithm.name].forEach((alg) => {
promise_test(function(test) {
return subtle.importKey(format, keyData[format], alg, extractable, usages).
then(function(key) {
assert_equals(key.constructor, CryptoKey, "Imported a CryptoKey object");
assert_goodCryptoKey(key, algorithm, extractable, usages, (format === 'pkcs8' || (format === 'jwk' && keyData[format].d)) ? 'private' : 'public');
if (!extractable) {
return;
}

return subtle.exportKey(format, key).
then(function(result) {
if (format !== "jwk") {
assert_true(equalBuffers(keyData[format], result), "Round trip works");
} else {
assert_true(equalJwk(keyData[format], result), "Round trip works");
}
}, function(err) {
assert_unreached("Threw an unexpected error: " + err.toString());
});
}, function(err) {
assert_unreached("Threw an unexpected error: " + err.toString());
});
}, "Good parameters: " + keySize.toString() + " bits " + parameterString(format, keyData[format], algorithm, extractable, usages));
return subtle.exportKey(format, key).
then(function(result) {
if (format !== "jwk") {
assert_true(equalBuffers(keyData[format], result), "Round trip works");
} else {
assert_true(equalJwk(keyData[format], result), "Round trip works");
}
}, function(err) {
assert_unreached("Threw an unexpected error: " + err.toString());
});
}, function(err) {
assert_unreached("Threw an unexpected error: " + err.toString());
});
}, "Good parameters: " + keySize.toString() + " bits " + parameterString(format, keyData[format], alg, extractable, usages));
});
}

// Test importKey/exportKey "alg" behaviours, alg is ignored upon import and alg is missing for Ed25519 and Ed448 JWK export
// https://github.com/WICG/webcrypto-secure-curves/pull/24
function testJwkAlgBehaviours(algorithm, keyData, crv, usages) {
promise_test(function(test) {
return subtle.importKey('jwk', { ...keyData, alg: 'this is ignored' }, algorithm, true, usages).
then(function(key) {
assert_equals(key.constructor, CryptoKey, "Imported a CryptoKey object");

return subtle.exportKey('jwk', key).
then(function(result) {
assert_equals(Object.keys(result).length, keyData.d ? 6 : 5, "Correct number of JWK members");
assert_equals(result.alg, undefined, 'No JWK "alg" member is present');
assert_true(equalJwk(keyData, result), "Round trip works");
}, function(err) {
[algorithm, algorithm.name].forEach((alg) => {
promise_test(function(test) {
return subtle.importKey('jwk', { ...keyData, alg: 'this is ignored' }, alg, true, usages).
then(function(key) {
assert_equals(key.constructor, CryptoKey, "Imported a CryptoKey object");

return subtle.exportKey('jwk', key).
then(function(result) {
assert_equals(Object.keys(result).length, keyData.d ? 6 : 5, "Correct number of JWK members");
assert_equals(result.alg, undefined, 'No JWK "alg" member is present');
assert_true(equalJwk(keyData, result), "Round trip works");
}, function(err) {
assert_unreached("Threw an unexpected error: " + err.toString());
});
}, function(err) {
assert_unreached("Threw an unexpected error: " + err.toString());
});
}, "Good parameters with ignored JWK alg: " + crv.toString() + " " + parameterString('jwk', keyData, algorithm, true, usages));
});
}, function(err) {
assert_unreached("Threw an unexpected error: " + err.toString());
});
}, "Good parameters with ignored JWK alg: " + crv.toString() + " " + parameterString('jwk', keyData, alg, true, usages));
});
}


Expand Down
Original file line number Diff line number Diff line change
@@ -1,110 +1,7 @@
// META: title=WebCryptoAPI: importKey() for Failures
// META: timeout=long
// META: script=../util/helpers.js
// META: script=okp_importKey_failures.js

// Setup: define the correct behaviors that should be sought, and create
// helper functions that generate all possible test parameters for
// different situations.
var validKeyData = [
{
format: "spki",
data: new Uint8Array([48, 42, 48, 5, 6, 3, 43, 101, 112, 3, 33, 0, 216, 225, 137, 99, 216, 9, 212, 135, 217, 84, 154, 204, 174, 198, 116, 46, 126, 235, 162, 77, 138, 13, 59, 20, 183, 227, 202, 234, 6, 137, 61, 204])
},
{
format: "pkcs8",
data: new Uint8Array([48, 46, 2, 1, 0, 48, 5, 6, 3, 43, 101, 112, 4, 34, 4, 32, 243, 200, 244, 196, 141, 248, 120, 20, 110, 140, 211, 191, 109, 244, 229, 14, 56, 155, 167, 7, 78, 21, 194, 53, 45, 205, 93, 48, 141, 76, 168, 31])
},
{
format: "raw",
data: new Uint8Array([216, 225, 137, 99, 216, 9, 212, 135, 217, 84, 154, 204, 174, 198, 116, 46, 126, 235, 162, 77, 138, 13, 59, 20, 183, 227, 202, 234, 6, 137, 61, 204])
},
{
format: "jwk",
data: {
crv: "Ed25519",
d: "88j0xI34eBRujNO_bfTlDjibpwdOFcI1Lc1dMI1MqB8",
x: "2OGJY9gJ1IfZVJrMrsZ0Ln7rok2KDTsUt-PK6gaJPcw",
kty: "OKP"
},
},
{
format: "jwk",
data: {
crv: "Ed25519",
x: "2OGJY9gJ1IfZVJrMrsZ0Ln7rok2KDTsUt-PK6gaJPcw",
kty: "OKP"
},
},
];

// Removed just the last byte.
var badKeyLengthData = [
{
format: "spki",
data: new Uint8Array([48, 42, 48, 5, 6, 3, 43, 101, 112, 3, 33, 0, 216, 225, 137, 99, 216, 9, 212, 135, 217, 84, 154, 204, 174, 198, 116, 46, 126, 235, 162, 77, 138, 13, 59, 20, 183, 227, 202, 234, 6, 137, 61])
},
{
format: "pkcs8",
data: new Uint8Array([48, 46, 2, 1, 0, 48, 5, 6, 3, 43, 101, 112, 4, 34, 4, 32, 243, 200, 244, 196, 141, 248, 120, 20, 110, 140, 211, 191, 109, 244, 229, 14, 56, 155, 167, 7, 78, 21, 194, 53, 45, 205, 93, 48, 141, 76, 168])
},
{
format: "raw",
data: new Uint8Array([216, 225, 137, 99, 216, 9, 212, 135, 217, 84, 154, 204, 174, 198, 116, 46, 126, 235, 162, 77, 138, 13, 59, 20, 183, 227, 202, 234, 6, 137, 61])
},
{
format: "jwk",
data: {
crv: "Ed25519",
d: "88j0xI34eBRujNO_bfTlDjibpwdOFcI1Lc1dMI1MqB",
x: "2OGJY9gJ1IfZVJrMrsZ0Ln7rok2KDTsUt-PK6gaJPcw",
kty: "OKP"
}
},
{
format: "jwk",
data: {
crv: "Ed25519",
x: "2OGJY9gJ1IfZVJrMrsZ0Ln7rok2KDTsUt-PK6gaJPc",
kty: "OKP"
}
},
];

var missingJWKFieldKeyData = [
{
param: "x",
data: {
crv: "Ed25519",
d: "88j0xI34eBRujNO_bfTlDjibpwdOFcI1Lc1dMI1MqB8",
kty: "OKP"
},
},
{
param: "kty",
data: {
crv: "Ed25519",
x: "11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo",
d: "88j0xI34eBRujNO_bfTlDjibpwdOFcI1Lc1dMI1MqB8",
},
},
{
param: "crv",
data: {
x: "11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo",
kty: "OKP"
},
}
];

// The public key doesn't match the private key.
var invalidJWKKeyData = [
{
crv: "Ed25519",
d: "88j0xI34eBRujNO_bfTlDjibpwdOFcI1Lc1dMI1MqB8",
x: "11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo",
kty: "OKP"
},
];
// META: script=okp_importKey_failures_fixtures.js
// META: script=importKey_failures.js

run_test(["Ed25519"]);
Loading

0 comments on commit 5b7818b

Please sign in to comment.