<!DOCTYPE html>
<html>
<head>
<script src="../../../resources/js-test.js"></script>
<script src="../resources/common.js"></script>
<script src="../resources/keys.js"></script>
</head>
<body>
<p id="description"></p>
<div id="console"></div>
<script>
description("Decrypting truncated AES-CBC ciphertext should fail");
jsTestIsAsync = true;
// 128-bit key with plaintext that is an exact multiple of block size.
// Derived from [1] F.2.1 (CBC-AES128.Encrypt), by adding padding block.
var iv = hexStringToUint8Array("000102030405060708090a0b0c0d0e0f");
var keyData = hexStringToUint8Array("2b7e151628aed2a6abf7158809cf4f3c");
var cipherText = hexStringToUint8Array("7649abac8119b246cee98e9b12e9197d5086cb9b507219ee95db113a917678b273bed6b8e3c1743b7116e69e222295163ff1caa1681fac09120eca307586e1a78cb82807230e1321d3fae00d18cc2012");
var key = null;
var usages = ['encrypt', 'decrypt'];
var extractable = false;
var algorithm = {name: 'aes-cbc', iv: iv};
function verifyDecryptionFails(newCipherTextLength)
{
var newCipherText = cipherText.subarray(0, newCipherTextLength);
var description = "ciphertext length: " + newCipherText.byteLength;
return crypto.subtle.decrypt(algorithm, key, newCipherText).then(function(result) {
debug("FAIL: decrypting succeeded. " + description);
}, function(result) {
logError(result);
debug("PASS: decrypting failed. " + description);
});
}
crypto.subtle.importKey('raw', keyData, algorithm, extractable, usages).then(function(result) {
key = result;
// Verify that decryption works with the original ciphertext.
return crypto.subtle.decrypt(algorithm, key, cipherText);
}).then(function(result) {
debug("PASS: Decryption succeeded");
// Try a number of bad ciphertexts.
var badLengths = [
0,
cipherText.byteLength - 1,
// Stripped a whole block. This new final block will result in a
// padding error.
cipherText.byteLength - 16,
1,
15,
16,
17
];
var lastPromise = Promise.resolve(null);
badLengths.forEach(function(badLength) {
lastPromise = lastPromise.then(verifyDecryptionFails.bind(null, badLength));
});
return lastPromise;
}).then(finishJSTest, failAndFinishJSTest);
</script>
</body>
</html>