<!DOCTYPE html>
<html>
<head>
<script src="../../resources/js-test.js"></script>
<script src="resources/common.js"></script>
</head>
<body>
<p id="description"></p>
<div id="console"></div>
<script>
description("Test importing keys with various uses from JWK.");
jsTestIsAsync = true;
var extractable = true;
var aesKeyAsJSON = {
"alg": "A128CBC",
"ext": true,
"kty": "oct",
"k": "jnOw99oOZFLIEPMrgJB55Q"
};
var hmacKeyAsJSON = {
"alg": "HS256",
"ext": true,
"kty": "oct",
"k": "ahjkn-_387fgnsibf23qsvahjkn-_387fgnsibf23qs"
};
function testWithAESCBC(expectedUsages, jwkUsages, importUsages)
{
if (jwkUsages.key_ops) {
aesKeyAsJSON.key_ops = jwkUsages.key_ops;
delete aesKeyAsJSON.use;
} else {
delete aesKeyAsJSON.key_ops;
aesKeyAsJSON.use = jwkUsages.use;
}
return crypto.subtle.importKey("jwk", aesKeyAsJSON, {name: "AES-CBC"}, extractable, importUsages).then(function(result) {
key = result;
debug(JSON.stringify(jwkUsages) + ":");
shouldBe("key.usages", JSON.stringify(expectedUsages));
debug("");
}, function(result) {
debug(JSON.stringify(jwkUsages) + ":");
debug("Failed importing with " + importUsages + ": " + result);
});
}
function testWithHMAC(expectedUsages, jwkUsages, importUsages)
{
if (jwkUsages.key_ops) {
hmacKeyAsJSON.key_ops = jwkUsages.key_ops;
delete hmacKeyAsJSON.use;
} else {
delete hmacKeyAsJSON.key_ops;
hmacKeyAsJSON.use = jwkUsages.use;
}
return crypto.subtle.importKey("jwk", hmacKeyAsJSON, {name: 'hmac', hash: {name: 'sha-256'}}, extractable, importUsages).then(function(result) {
key = result;
debug(JSON.stringify(jwkUsages) + ":");
shouldBe("key.usages", JSON.stringify(expectedUsages));
debug("");
}, function(result) {
debug(JSON.stringify(jwkUsages) + ":");
debug("Failed importing with " + importUsages + ": " + result);
});
}
debug("");
Promise.all([
// Duplicates are not allowed.
testWithAESCBC(null, {key_ops: ["encrypt", "encrypt"]}, ["encrypt"]),
testWithAESCBC(["encrypt"], {key_ops: ["encrypt"]}, ["encrypt"]),
testWithAESCBC(null, {key_ops: ["encrypt"]}, ["decrypt"]),
testWithAESCBC(["decrypt"], {key_ops: ["decrypt"]}, ["decrypt"]),
testWithAESCBC(null, {key_ops: ["decrypt"]}, ["encrypt"]),
testWithAESCBC(["encrypt", "decrypt"], {key_ops: ["encrypt", "decrypt"]}, ["encrypt", "decrypt"]),
testWithAESCBC(["encrypt"], {key_ops: ["encrypt", "decrypt"]}, ["encrypt"]),
testWithAESCBC(null, {key_ops: ["encrypt", "decrypt"]}, ["unwrapKey"]),
testWithAESCBC(["wrapKey"], {key_ops: ["wrapKey"]}, ["wrapKey"]),
testWithAESCBC(null, {key_ops: ["wrapKey"]}, ["unwrapKey"]),
testWithAESCBC(["unwrapKey"], {key_ops: ["unwrapKey"]}, ["unwrapKey"]),
testWithAESCBC(["wrapKey", "unwrapKey"], {key_ops: ["wrapKey", "unwrapKey"]}, ["unwrapKey", "wrapKey"]),
testWithAESCBC(["encrypt", "decrypt", "wrapKey"], {key_ops: ["encrypt", "decrypt", "wrapKey"]}, ["decrypt", "encrypt", "wrapKey"]),
testWithAESCBC(["encrypt", "decrypt", "wrapKey", "unwrapKey"], {use: "enc"}, ["decrypt", "encrypt", "unwrapKey", "wrapKey"]),
testWithAESCBC(["encrypt", "decrypt", "unwrapKey"], {use: "enc"}, ["decrypt", "encrypt", "unwrapKey"]),
testWithAESCBC(["encrypt", "decrypt", "unwrapKey"], {use: "enc"}, ["decrypt", "encrypt", "unwrapKey"]),
testWithHMAC(["sign"], {key_ops: ["sign"]}, ["sign"]),
testWithHMAC(null, {key_ops: ["sign"]}, ["verify"]),
testWithHMAC(["verify"], {key_ops: ["verify"]}, ["verify"]),
testWithHMAC(null, {key_ops: ["verify"]}, ["sign"]),
testWithHMAC(["sign", "verify"], {use: "sig"}, ["sign", "verify"]),
testWithHMAC(["sign"], {use: "sig"}, ["sign"]),
// Unknown key_ops strings are ignored.
testWithAESCBC(["decrypt"], {key_ops: ["'encrypt'", "decrypt"]}, ["decrypt"]),
testWithAESCBC(["decrypt"], {key_ops: ["encrypt ", "foo", "decrypt"]}, ["decrypt"]),
testWithAESCBC(["decrypt"], {key_ops: ["Encrypt", "decrypt"]}, ["decrypt"]),
testWithAESCBC(null, {key_ops: ["'encrypt'", "decrypt"]}, ["encrypt"]),
testWithAESCBC(null, {key_ops: ["encrypt "]}, ["encrypt"]),
testWithAESCBC(null, {key_ops: ["Encrypt"]}, ["encrypt"]),
]).then(finishJSTest, failAndFinishJSTest);
</script>
</body>
</html>