chromium/third_party/blink/web_tests/crypto/subtle/hmac/sign-verify.html

<!DOCTYPE html>
<html>
<head>
<script src="../../../resources/js-test.js"></script>
<script src="../resources/common.js"></script>
</head>
<body>
<p id="description"></p>
<div id="console"></div>

<script>
description("Tests sign() and verify() for HMAC");

jsTestIsAsync = true;

// -------------------------------------------------
// Successful sign/verify for HMAC
// -------------------------------------------------

// The "key", "message", and "mac" are written as hex encoded strings.
//
// Unless indicated otherwise, the data comes from:
//   http://csrc.nist.gov/groups/STM/cavp/index.html#07
// Which can be downloaded from:
//   http://csrc.nist.gov/groups/STM/cavp/documents/mac/hmactestvectors.zip
var kHmacTestVectors = [
  // Empty sets.  Result generated via OpenSSL commandline tool.  These
  // particular results are also posted on the Wikipedia page examples:
  // http://en.wikipedia.org/wiki/Hash-based_message_authentication_code
  {
    hash: "SHA-1",
    key: "00",
    message: "",
    // openssl dgst -sha1 -hmac "" < /dev/null
    mac: "fbdb1d1b18aa6c08324b7d64b71fb76370690e1d",
  },
  {
    hash: "SHA-256",
    key: "00",
    message: "",
    // openssl dgst -sha256 -hmac "" < /dev/null
    mac: "b613679a0814d9ec772f95d778c35fc5ff1697c493715653c6c712144292c5ad",
  },
  // L=20 set 45
  {
    hash: "SHA-1",
    key: "59785928d72516e31272",
    message: "a3ce8899df1022e8d2d539b47bf0e309c66f84095e21438ec355bf119ce5fdcb4e73a619cdf36f25b369d8c38ff419997f0c59830108223606e31223483fd39edeaa4d3f0d21198862d239c9fd26074130ff6c86493f5227ab895c8f244bd42c7afce5d147a20a590798c68e708e964902d124dadecdbda9dbd0051ed710e9bf",
    mac: "3c8162589aafaee024fc9a5ca50dd2336fe3eb28",
  },
  // L=20 set 299
  {
    hash: "SHA-1",
    key: "ceb9aedf8d6efcf0ae52bea0fa99a9e26ae81bacea0cff4d5eecf201e3bca3c3577480621b818fd717ba99d6ff958ea3d59b2527b019c343bb199e648090225867d994607962f5866aa62930d75b58f6",
    message: "99958aa459604657c7bf6e4cdfcc8785f0abf06ffe636b5b64ecd931bd8a456305592421fc28dbcccb8a82acea2be8e54161d7a78e0399a6067ebaca3f2510274dc9f92f2c8ae4265eec13d7d42e9f8612d7bc258f913ecb5a3a5c610339b49fb90e9037b02d684fc60da835657cb24eab352750c8b463b1a8494660d36c3ab2",
    mac: "4ac41ab89f625c60125ed65ffa958c6b490ea670",
  },
  // L=32, set 30
  {
    hash: "SHA-256",
    key: "9779d9120642797f1747025d5b22b7ac607cab08e1758f2f3a46c8be1e25c53b8c6a8f58ffefa176",
    message: "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e",
    mac: "769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b",
  },
  // L=32, set 224
  {
    hash: "SHA-256",
    key: "4b7ab133efe99e02fc89a28409ee187d579e774f4cba6fc223e13504e3511bef8d4f638b9aca55d4a43b8fbd64cf9d74dcc8c9e8d52034898c70264ea911a3fd70813fa73b083371289b",
    message: "138efc832c64513d11b9873c6fd4d8a65dbf367092a826ddd587d141b401580b798c69025ad510cff05fcfbceb6cf0bb03201aaa32e423d5200925bddfadd418d8e30e18050eb4f0618eb9959d9f78c1157d4b3e02cd5961f138afd57459939917d9144c95d8e6a94c8f6d4eef3418c17b1ef0b46c2a7188305d9811dccb3d99",
    mac: "4f1ee7cb36c58803a8721d4ac8c4cf8cae5d8832392eed2a96dc59694252801b",
  }
];

function hexStringToBufferSource(str, generateArrayBuffer) {
  var data = hexStringToUint8Array(str);
  if (generateArrayBuffer) {
    return data = data.buffer;
  }
  return data;
}

function runTest(testCase, useArrayBufferForSignature, useArrayBufferForData)
{
    var importAlgorithm = {name: 'HMAC', hash: {name: testCase.hash}};
    var algorithm = {name: 'HMAC'};

    var key = null;
    var keyData = hexStringToUint8Array(testCase.key);
    var usages = ['sign', 'verify'];
    var extractable = false;

    // (1) Import the key
    return crypto.subtle.importKey('raw', keyData, importAlgorithm, extractable, usages).then(function(result) {
        key = result;

        // shouldBe() can only resolve variables in global context.
        tmpKey = key;
        shouldEvaluateAs("tmpKey.type", "secret");
        shouldEvaluateAs("tmpKey.extractable", false);
        shouldEvaluateAs("tmpKey.algorithm.name", "HMAC");
        shouldEvaluateAs("tmpKey.algorithm.hash.name", testCase.hash);
        shouldEvaluateAs("tmpKey.algorithm.length", keyData.length * 8);
        shouldEvaluateAs("tmpKey.usages.join(',')", "sign,verify");

        // (2) Sign.
        return crypto.subtle.sign(algorithm, key, hexStringToUint8Array(testCase.message));
    }).then(function(result) {
        bytesShouldMatchHexString("Mac", testCase.mac, result);

        // (3) Verify
        return crypto.subtle.verify(algorithm, key, hexStringToBufferSource(testCase.mac, useArrayBufferForSignature), hexStringToBufferSource(testCase.message, useArrayBufferForData));
    }).then(function(result) {
        verifyResult = result;
        shouldBe("verifyResult", "true");

        // (4) Verify truncated mac (by stripping 1 byte off of it).
        var expectedMac = hexStringToUint8Array(testCase.mac);
        return crypto.subtle.verify(algorithm, key, expectedMac.subarray(0, expectedMac.byteLength - 1), hexStringToUint8Array(testCase.message));
    }).then(function(result) {
        verifyResult = result;
        shouldBe("verifyResult", "false");
    });
}

var lastPromise = Promise.resolve(null);

kHmacTestVectors.forEach(function(testCase) {
    [true, false].forEach(function(useArrayBufferForSignature) {
        [true, false].forEach(function(useArrayBufferForData) {
            lastPromise = lastPromise.then(runTest.bind(null, testCase, useArrayBufferForSignature, useArrayBufferForData));
        })
    })
});

lastPromise.then(finishJSTest, failAndFinishJSTest);

</script>

</body>
</html>