[njs] QuickJS: added WebCrypto import tests forgotten in 75ca26f.
noreply at nginx.com
noreply at nginx.com
Wed Feb 19 00:31:02 UTC 2025
details: https://github.com/nginx/njs/commit/54f18a1049e86a1f2d7ace387c99b38d7f3f6875
branches: master
commit: 54f18a1049e86a1f2d7ace387c99b38d7f3f6875
user: Dmitry Volyntsev <xeioex at nginx.com>
date: Wed, 12 Feb 2025 18:07:26 -0800
description:
QuickJS: added WebCrypto import tests forgotten in 75ca26f.
Import related tests are consolidated from other WebCrypto tests.
---
external/qjs_webcrypto_module.c | 17 +-
test/webcrypto/aes.t.mjs | 3 -
test/webcrypto/import.t.mjs | 646 ++++++++++++++++++++++++++++++++++++++
test/webcrypto/rsa.pkcs8.broken2 | 16 +
test/webcrypto/rsa.t.mjs | 2 -
test/webcrypto/rsa_decoding.t.mjs | 2 -
test/webcrypto/sign.t.mjs | 135 --------
7 files changed, 664 insertions(+), 157 deletions(-)
diff --git a/external/qjs_webcrypto_module.c b/external/qjs_webcrypto_module.c
index 3cb3d2b2..4816031c 100644
--- a/external/qjs_webcrypto_module.c
+++ b/external/qjs_webcrypto_module.c
@@ -4167,20 +4167,7 @@ qjs_webcrypto_key_algorithm(JSContext *cx, JSValueConst this_val)
return JS_EXCEPTION;
}
- ret = JS_NewObject(cx);
- if (JS_IsException(ret)) {
- JS_FreeValue(cx, obj);
- return JS_EXCEPTION;
- }
-
- if (JS_DefinePropertyValueStr(cx, ret, "name", hash, JS_PROP_C_W_E)
- < 0)
- {
- JS_FreeValue(cx, obj);
- return JS_EXCEPTION;
- }
-
- if (JS_DefinePropertyValueStr(cx, obj, "hash", ret, JS_PROP_C_W_E)
+ if (JS_DefinePropertyValueStr(cx, obj, "hash", hash, JS_PROP_C_W_E)
< 0)
{
JS_FreeValue(cx, obj);
@@ -4377,7 +4364,7 @@ qjs_jwk_kty(JSContext *cx, JSValueConst value)
}
}
- JS_ThrowTypeError(cx, "invalid JWK key type: %s", kty.start);
+ JS_ThrowTypeError(cx, "invalid JWK key type: \"%s\"", kty.start);
JS_FreeCString(cx, (char *) kty.start);
return QJS_KEY_JWK_KTY_UNKNOWN;
diff --git a/test/webcrypto/aes.t.mjs b/test/webcrypto/aes.t.mjs
index 80cddabb..7c482583 100644
--- a/test/webcrypto/aes.t.mjs
+++ b/test/webcrypto/aes.t.mjs
@@ -65,7 +65,6 @@ let aes_tsuite = {
{ name: "AES-GCM", data: "aabbcc", tagLength: 96 },
{ name: "AES-GCM", data: "aabbcc", tagLength: 112 },
{ name: "AES-GCM", data: "aabbcc", tagLength: 113, exception: "TypeError: AES-GCM Invalid tagLength" },
- { name: "AES-GCM", data: "aabbcc", key: "aabbcc", exception: "TypeError: Invalid key length" },
{ name: "AES-GCM", data: "aabbcc", key: "001122330011223300112233001122330011223300112233" },
{ name: "AES-GCM", data: "aabbccdd".repeat(4096) },
@@ -88,14 +87,12 @@ let aes_tsuite = {
{ name: "AES-CTR", data: "aabbcc", key: "001122330011223300112233001122330011223300112233" },
{ name: "AES-CTR", data: "aabbccdd", length: 129,
exception: "TypeError: AES-CTR algorithm.length must be between 1 and 128" },
- { name: "AES-CTR", data: "aabbcc", key: "aabbcc", exception: "TypeError: Invalid key length" },
{ name: "AES-CBC", data: "aa" },
{ name: "AES-CBC", data: "aabbccdd".repeat(4) },
{ name: "AES-CBC", data: "aabbccdd".repeat(4096) },
{ name: "AES-CBC", data: "aabbccdd".repeat(5), iv: "ffffffffffffffffffffffffffffffff" },
{ name: "AES-CBC", data: "aabbcc", key: "001122330011223300112233001122330011223300112233" },
- { name: "AES-CBC", data: "aabbcc", key: "aabbcc", exception: "TypeError: Invalid key length" },
]};
run([aes_tsuite])
diff --git a/test/webcrypto/import.t.mjs b/test/webcrypto/import.t.mjs
new file mode 100644
index 00000000..1b804006
--- /dev/null
+++ b/test/webcrypto/import.t.mjs
@@ -0,0 +1,646 @@
+/*---
+includes: [compatNjs.js, compatFs.js, compatWebcrypto.js, runTsuite.js, webCryptoUtils.js, compareArray.js]
+flags: [async]
+---*/
+
+async function test(params) {
+ let key = await crypto.subtle.importKey(params.key.fmt,
+ params.key.key,
+ params.key.alg,
+ params.key.extractable,
+ params.key.usage);
+
+ if (params.expected && !validate_key(key, params)) {
+ throw Error(`failed validate`);
+ }
+
+ return 'SUCCESS';
+}
+
+function p(args, default_opts) {
+ let key, pem;
+ let params = merge({}, default_opts);
+ params = merge(params, args);
+
+ switch (params.key.fmt) {
+ case "spki":
+ pem = fs.readFileSync(`test/webcrypto/${params.key.key}`);
+ key = pem_to_der(pem, "PUBLIC");
+ break;
+ case "pkcs8":
+ pem = fs.readFileSync(`test/webcrypto/${params.key.key}`);
+ key = pem_to_der(pem, "PRIVATE");
+ break;
+ case "jwk":
+ key = load_jwk(params.key.key);
+ break;
+ case "raw":
+ key = Buffer.from(params.key.key, "base64url");
+ break;
+ default:
+ throw Error("Unknown encoding key format");
+ }
+
+ params.key.key = key;
+
+ return params;
+}
+
+function validate_key(key, params) {
+ let expected = params.expected;
+ if (expected.algorithm) {
+ if (!key.algorithm) {
+ throw Error(`missing import key algorithm`);
+ }
+
+ if (expected.algorithm.name !== key.algorithm.name) {
+ throw Error(`unexpected import key algorithm name: ${key.algorithm.name} != ${expected.algorithm.name}`);
+ }
+
+ if (has_njs()
+ && expected.algorithm.name == "HMAC"
+ && (expected.algorithm.hash !== key.algorithm.hash))
+ {
+ throw Error(`unexpected import key algorithm hash: ${JSON.stringify(key.algorithm.hash)} != ${expected.algorithm.hash}`);
+ }
+ }
+
+ if (expected.type !== key.type) {
+ throw Error(`unexpected import key type: ${key.type} != ${expected.type}`);
+ }
+
+ if (expected.extractable !== key.extractable) {
+ throw Error(`unexpected import key extractable: ${key.extractable} != ${expected.extractable}`);
+ }
+
+ if (expected.usages && !compareArray(expected.usages, key.usages)) {
+ throw Error(`unexpected import key usages: ${key.usages} != ${expected.usages}`);
+ }
+
+ return true;
+}
+
+let aes_tsuite = {
+ name: "AES importing",
+ skip: () => (!has_webcrypto()),
+ T: test,
+ prepare_args: p,
+ opts: {},
+
+ tests: [
+ { key: { fmt: "jwk",
+ key: { alg: 'A128CBC', ext: true, k: 'AAAAAAAAAAAAAAAAAAAAAA', key_ops: [ 'decrypt', 'encrypt' ], kty: 'oct' },
+ alg: { name: "AES-CBC" },
+ extractable: true,
+ usage: [ "decrypt", "encrypt" ] },
+ expected: { algorithm: { name: "AES-CBC" },
+ extractable: true,
+ type: "secret",
+ usages: [ "decrypt", "encrypt" ] } },
+ { key: { fmt: "jwk",
+ key: { alg: 'A128CBC', ext: true, k: 'AAAAAAAAAAAAAAAAAAAAAA', key_ops: [ 'encrypt' ], kty: 'oct' },
+ alg: { name: "AES-CBC" },
+ extractable: true,
+ usage: [ "encrypt" ] },
+ expected: { algorithm: { name: "AES-CBC" },
+ extractable: true,
+ type: "secret",
+ usages: [ "encrypt" ] } },
+ { key: { fmt: "jwk",
+ key: { alg: 'A128CBC', ext: true, k: 'AAAAAAAAAAAAAAAAAAAAAA', kty: 'oct' },
+ alg: { name: "AES-CBC" },
+ extractable: true,
+ usage: [ "encrypt" ] },
+ expected: { algorithm: { name: "AES-CBC" },
+ extractable: true,
+ type: "secret",
+ usages: [ "encrypt" ] } },
+ { key: { fmt: "jwk",
+ key: { alg: 'A128CBC', k: 'AAAAAAAAAAAAAAAAAAAAAA', kty: 'oct' },
+ alg: { name: "AES-CBC" },
+ extractable: true,
+ usage: [ "encrypt" ] },
+ expected: { algorithm: { name: "AES-CBC" },
+ extractable: true,
+ type: "secret",
+ usages: [ "encrypt" ] } },
+ { key: { fmt: "raw",
+ key: 'AAAAAAAAAAAAAAAAAAAAAA',
+ alg: { name: "AES-CBC" },
+ extractable: true,
+ usage: [ "decrypt", "encrypt" ] },
+ expected: { algorithm: { name: "AES-CBC" },
+ extractable: true,
+ type: "secret",
+ usages: [ "decrypt", "encrypt" ] } },
+ { key: { fmt: "raw",
+ key: 'AAAAAAAAAAAAAAAAAAAAAA',
+ alg: { name: "AES-CTR" },
+ extractable: false,
+ usage: [ "decrypt" ] },
+ expected: { algorithm: { name: "AES-CTR" },
+ extractable: false,
+ type: "secret",
+ usages: [ "decrypt" ] } },
+ { key: { fmt: "raw",
+ key: 'AAAAAAAAAAAAAAAAAAAAAA',
+ alg: { name: "AES-GCM" },
+ extractable: true,
+ usage: [ "decrypt", "encrypt" ] },
+ expected: { algorithm: { name: "AES-GCM" },
+ extractable: true,
+ type: "secret",
+ usages: [ "decrypt", "encrypt" ] } },
+
+ { key: { fmt: "raw",
+ key: 'AA',
+ alg: { name: "AES-CBC" },
+ extractable: true,
+ usage: [ "decrypt", "encrypt" ] },
+ exception: "TypeError: AES Invalid key length" },
+ { key: { fmt: "jwk",
+ key: { alg: 'A128CBC', ext: true, k: 'AA', key_ops: [ 'encrypt', 'decrypt' ], kty: 'oct' },
+ alg: { name: "AES-CBC" },
+ usage: [ "encrypt", "decrypt" ] },
+ exception: "TypeError: key size and \"alg\" value \"A128CBC\" mismatch" },
+ { key: { fmt: "jwk",
+ key: { alg: 'A129CBC', ext: true, k: 'AA', key_ops: [ 'encrypt', 'decrypt' ], kty: 'oct' },
+ alg: { name: "AES-CBC" },
+ usage: [ "encrypt", "decrypt" ] },
+ exception: "TypeError: unexpected \"alg\" value \"A129CBC\" for JWK key" },
+ { key: { fmt: "jwk",
+ key: { alg: 'A128CBC', ext: false, k: 'AAAAAAAAAAAAAAAAAAAAAA', kty: 'oct' },
+ alg: { name: "AES-CBC" },
+ extractable: true,
+ usage: [ "encrypt" ] },
+ exception: "TypeError: JWK oct is not extractable" },
+ { key: { fmt: "jwk",
+ key: { alg: 1, ext: true, k: 'AA', key_ops: ['encrypt', 'decrypt'], kty: 'oct' },
+ alg: { name: "AES-CBC" },
+ usage: [ "encrypt", "decrypt" ] },
+ exception: "TypeError: Invalid JWK oct alg" },
+]};
+
+let ec_tsuite = {
+ name: "EC importing",
+ skip: () => (!has_webcrypto()),
+ T: test,
+ prepare_args: p,
+ opts: {},
+
+ tests: [
+ { key: { fmt: "jwk",
+ key: "ec.jwk",
+ alg: { name: "ECDSA", namedCurve: "P-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ expected: { algorithm: { name: "ECDSA", namedCurve: "SHA-256" },
+ extractable: true,
+ type: "private",
+ usages: [ "sign" ] } },
+ { key: { fmt: "spki",
+ key: "ec.spki",
+ alg: { name: "ECDSA", namedCurve: "P-256" },
+ extractable: true,
+ usage: [ "verify" ] },
+ expected: { algorithm: { name: "ECDSA", namedCurve: "SHA-256" },
+ extractable: true,
+ type: "public",
+ usages: [ "verify" ] } },
+ { key: { fmt: "pkcs8",
+ key: "ec.pkcs8",
+ alg: { name: "ECDSA", namedCurve: "P-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ expected: { algorithm: { name: "ECDSA", namedCurve: "SHA-256" },
+ extractable: true,
+ type: "private",
+ usages: [ "sign" ] } },
+ { key: { fmt: "raw",
+ key: "BHFFLGURrlWEXhok0JfTKke4q-nWSIMPvKTPhdKYSVnc4Nzn_7uNz0AA3U4fhpfVxSD4U5QciGyEoM4r3jC7bjI",
+ alg: { name: "ECDSA", namedCurve: "P-256" },
+ extractable: true,
+ usage: [ "verify" ] },
+ expected: { algorithm: { name: "ECDSA", namedCurve: "SHA-256" },
+ extractable: true,
+ type: "public",
+ usages: [ "verify" ] } },
+
+ { key: { fmt: "jwk",
+ key: "ec.jwk",
+ alg: { name: "ECDSA", namedCurve: "P-384" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "TypeError: Invalid JWK EC key" },
+ { key: { fmt: "jwk",
+ key: 1,
+ alg: { name: "ECDSA", namedCurve: "P-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "TypeError: invalid JWK key data" },
+ { key: { fmt: "jwk",
+ key: { kty: "EC" },
+ alg: { name: "ECDSA", namedCurve: "P-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "TypeError: Invalid JWK EC key" },
+ { key: { fmt: "jwk",
+ key: { kty: "EC",
+ x: "cUUsZRGuVYReGiTQl9MqR7ir6dZIgw-8pM-F0phJWdw" },
+ alg: { name: "ECDSA", namedCurve: "P-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "TypeError: Invalid JWK EC key" },
+ { key: { fmt: "jwk",
+ key: { kty: "EC",
+ x: "cUUsZRGuVYReGiTQl9MqR7ir6dZIgw-8pM-F0phJWdw",
+ y: "4Nzn_7uNz0AA3U4fhpfVxSD4U5QciGyEoM4r3jC7bjI" },
+ alg: { name: "ECDSA", namedCurve: "P-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "TypeError: Invalid JWK EC key" },
+ { key: { fmt: "jwk",
+ key: { kty: "EC",
+ x: "cUUsZRGuVYReGiTQl9MqR7ir6dZIgw-8pM-F0phJWdw",
+ y: "4Nzn_7uNz0AA3U4fhpfVxSD4U5QciGyEoM4r3jC7bjI",
+ d: "E2sW0_4a3QXaSTJ0JKbSUbieKTD1UFtr7i_2CuetP6A" },
+ alg: { name: "ECDSA", namedCurve: "P-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "JWK EC curve mismatch" },
+ { key: { fmt: "jwk",
+ key: { kty: "EC",
+ x: "cUUsZRGuVYReGiTQl9MqR7ir6dZIgw-8pM-F0phJWdw",
+ y: "4Nzn_7uNz0AA3U4fhpfVxSD4U5QciGyEoM4r3jC7bjI",
+ d: "E2sW0_4a3QXaSTJ0JKbSUbieKTD1UFtr7i_2CuetP6A",
+ crv: "P-384" },
+ alg: { name: "ECDSA", namedCurve: "P-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "JWK EC curve mismatch" },
+ { key: { fmt: "jwk",
+ key: { kty: "EC",
+ x: "_BROKEN_",
+ y: "4Nzn_7uNz0AA3U4fhpfVxSD4U5QciGyEoM4r3jC7bjI",
+ d: "E2sW0_4a3QXaSTJ0JKbSUbieKTD1UFtr7i_2CuetP6A",
+ crv: "P-256" },
+ alg: { name: "ECDSA", namedCurve: "P-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "TypeError: EC_KEY_set_public_key_affine_coordinates()" },
+ { key: { fmt: "jwk",
+ key: { kty: "EC",
+ x: "cUUsZRGuVYReGiTQl9MqR7ir6dZIgw-8pM-F0phJWdw",
+ y: "4Nzn_7uNz0AA3U4fhpfVxSD4U5QciGyEoM4r3jC7bjI",
+ d: "E2sW0_4a3QXaSTJ0JKbSUbieKTD1UFtr7i_2CuetP6A",
+ crv: "P-256",
+ key_ops: [ "verify" ] },
+ alg: { name: "ECDSA", namedCurve: "P-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "TypeError: Key operations and usage mismatch" },
+ { key: { fmt: "jwk",
+ key: { kty: "EC",
+ x: "cUUsZRGuVYReGiTQl9MqR7ir6dZIgw-8pM-F0phJWdw",
+ y: "4Nzn_7uNz0AA3U4fhpfVxSD4U5QciGyEoM4r3jC7bjI",
+ d: "E2sW0_4a3QXaSTJ0JKbSUbieKTD1UFtr7i_2CuetP6A",
+ ext: false },
+ alg: { name: "ECDSA", namedCurve: "P-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "JWK EC is not extractable" },
+ { key: { fmt: "jwk",
+ key: { kty: "EC",
+ x: "cUUsZRGuVYReGiTQl9MqR7ir6dZIgw-8pM-F0phJWdw",
+ y: "4Nzn_7uNz0AA3U4fhpfVxSD4U5QciGyEoM4r3jC7bjI",
+ d: "E2sW0_4a3QXaSTJ0JKbSUbieKTD1UFtr7i_2CuetP6A",
+ crv: "P-256" },
+ alg: { name: "ECDSA", namedCurve: "P-256" },
+ extractable: true,
+ usage: [ "sign", "verify" ] },
+ exception: "TypeError: key usage mismatch for \"ECDSA\" key" },
+ { key: { fmt: "pkcs8",
+ key: "ec.pkcs8",
+ alg: { name: "ECDSA", namedCurve: "unknown_named_curve" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "TypeError: unknown namedCurve: \"unknown_named_curve\"" },
+ { key: { fmt: "spki",
+ key: "rsa.spki",
+ alg: { name: "ECDSA", namedCurve: "P-256" },
+ extractable: true,
+ usage: [ "verify" ] },
+ exception: "TypeError: EC key is not found" },
+ { key: { fmt: "spki",
+ key: "ec.spki",
+ alg: { name: "ECDSA", namedCurve: "P-384" },
+ extractable: true,
+ usage: [ "verify" ] },
+ exception: "TypeError: name curve mismatch" },
+ { key: { fmt: "raw",
+ key: "CHFFLGURrlWEXhok0JfTKke4q-nWSIMPvKTPhdKYSVnc4Nzn_7uNz0AA3U4fhpfVxSD4U5QciGyEoM4r3jC7bjI",
+ alg: { name: "ECDSA", namedCurve: "P-256" },
+ extractable: true,
+ usage: [ "verify" ] },
+ exception: "TypeError: EC_POINT_oct2point()" },
+]};
+
+let hmac_tsuite = {
+ name: "HMAC importing",
+ skip: () => (!has_webcrypto()),
+ T: test,
+ prepare_args: p,
+ opts: {},
+
+ tests: [
+ { key: { fmt: "raw",
+ key: "AA",
+ alg: { name: "HMAC", hash: "SHA-256" },
+ extractable: true,
+ usage: [ "sign", "verify" ] },
+ expected: { algorithm: { name: "HMAC", hash: "SHA-256" },
+ extractable: true,
+ type: "secret",
+ usages: [ "sign", "verify" ] } },
+ { key: { fmt: "raw",
+ key: "AA",
+ alg: { name: "HMAC", hash: "SHA-384" },
+ extractable: true,
+ usage: [ "sign", "verify" ] },
+ expected: { algorithm: { name: "HMAC", hash: "SHA-384" },
+ extractable: true,
+ type: "secret",
+ usages: [ "sign", "verify" ] } },
+ { key: { fmt: "raw",
+ key: "AA",
+ alg: { name: "HMAC", hash: "SHA-384" },
+ extractable: false,
+ usage: [ "sign", "verify" ] },
+ expected: { algorithm: { name: "HMAC", hash: "SHA-384" },
+ extractable: false,
+ type: "secret",
+ usages: [ "sign", "verify" ] } },
+
+ { key: { fmt: "raw",
+ key: "AA",
+ alg: { name: "HMAC", hash: "SHA-385" },
+ extractable: true,
+ usage: [ "sign", "verify" ] },
+ exception: "TypeError: unknown hash name: \"SHA-385\"" },
+ { key: { fmt: "spki",
+ key: "ec.spki",
+ alg: { name: "HMAC" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "TypeError: unsupported key fmt \"spki\" for \"HMAC\" key" },
+ { key: { fmt: "raw",
+ key: "AA",
+ alg: { name: "HMAC", hash: "SHA-384" },
+ extractable: true,
+ usage: [ "encrypt" ] },
+ exception: "TypeError: unsupported key usage for \"HMAC\" key" },
+ { key: { fmt: "raw",
+ key: "AA",
+ alg: { name: "HMAC", hash: "SHA-384" },
+ extractable: true,
+ usage: [ "invalid_usage" ] },
+ exception: "TypeError: unknown key usage: \"invalid_usage\"" },
+
+ { key: { fmt: "jwk",
+ key: { alg: 'HS384', ext: true, k: 'AA', key_ops: [ 'sign', 'verify' ], kty: 'oct' },
+ alg: { name: "HMAC", hash: "SHA-384" },
+ extractable: true,
+ usage: [ "sign", "verify" ] },
+ expected: { algorithm: { name: "HMAC", hash: "SHA-384" },
+ extractable: true,
+ type: "secret",
+ usages: [ "sign", "verify" ] } },
+ { key: { fmt: "jwk",
+ key: { alg: 'HS256', ext: true, k: 'AA', key_ops: [ 'sign' ], kty: 'oct' },
+ alg: { name: "HMAC", hash: "SHA-256" },
+ extractable: true,
+ usage: [ "sign" ]},
+ expected: { algorithm: { name: "HMAC", hash: "SHA-256" },
+ extractable: true,
+ type: "secret",
+ usages: [ "sign" ] } },
+ { key: { fmt: "jwk",
+ key: { alg: 'HS256', k: 'AA', kty: 'oct' },
+ alg: { name: "HMAC", hash: "SHA-256" },
+ extractable: true,
+ usage: [ "sign" ]},
+ expected: { algorithm: { name: "HMAC", hash: "SHA-256" },
+ extractable: true,
+ type: "secret",
+ usages: [ "sign" ] } },
+
+ { key: { fmt: "jwk",
+ key: { alg: 'HS385', ext: true, k: 'AA', key_ops: [ 'sign', 'verify' ], kty: 'oct' },
+ alg: { name: "HMAC", hash: "SHA-385" },
+ extractable: true,
+ usage: [ "sign", "verify" ] },
+ exception: "TypeError: unexpected \"alg\" value \"HS385\" for JWK key" },
+ { key: { fmt: "jwk",
+ key: { alg: 'HS384', ext: true, k: 'AA', key_ops: [ 'sign', 'verify' ], kty: 'invalid_kty' },
+ alg: { name: "HMAC", hash: "SHA-384" },
+ extractable: true,
+ usage: [ "sign", "verify" ] },
+ exception: "TypeError: invalid JWK key type: \"invalid_kty\"" },
+ { key: { fmt: "jwk",
+ key: { alg: 'HS256', ext: true, key_ops: [ 'sign' ], kty: 'oct' },
+ alg: { name: "HMAC", hash: "SHA-256" },
+ extractable: true,
+ usage: [ "sign" ]},
+ exception: "TypeError: Invalid JWK oct key" },
+ { key: { fmt: "jwk",
+ key: { alg: 'HS256', k: 'AA', key_ops: [ 'sign' ], kty: 'oct' },
+ alg: { name: "HMAC", hash: "SHA-256" },
+ extractable: true,
+ usage: [ "verify" ]},
+ exception: "TypeError: Key operations and usage mismatch" },
+]};
+
+let rsa_tsuite = {
+ name: "RSA importing",
+ skip: () => (!has_webcrypto()),
+ T: test,
+ prepare_args: p,
+ opts: {},
+
+ tests: [
+ { key: { fmt: "jwk",
+ key: "rsa.jwk",
+ alg: { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ expected: { algorithm: { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" },
+ extractable: true,
+ type: "private",
+ usages: [ "sign" ] } },
+ { key: { fmt: "pkcs8",
+ key: "rsa.pkcs8",
+ alg: { name: "RSA-OAEP", hash: "SHA-1" },
+ extractable: true,
+ usage: [ "decrypt" ] },
+ expected: { algorithm: { name: "RSA-OAEP", hash: "SHA-1" },
+ extractable: true,
+ type: "private",
+ usages: [ "decrypt" ] } },
+ { key: { fmt: "spki",
+ key: "rsa.spki",
+ alg: { name: "RSA-OAEP", hash: "SHA-256" },
+ extractable: true,
+ usage: [ "encrypt" ] },
+ expected: { algorithm: { name: "RSA-OAEP", hash: "SHA-256" },
+ extractable: true,
+ type: "public",
+ usages: [ "encrypt" ] } },
+
+ { key: { fmt: "jwk",
+ key: 1,
+ alg: { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "TypeError: invalid JWK key data" },
+ { key: { fmt: "jwk",
+ key: "rsa.jwk",
+ alg: { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" },
+ extractable: true,
+ usage: [ "verify" ] },
+ exception: "TypeError: Key operations and usage mismatch" },
+ { key: { fmt: "jwk",
+ key: "rsa.jwk",
+ alg: { name: "RSASSA-PKCS1-v1_5", hash: "SHA-384" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "TypeError: RSA JWK hash mismatch" },
+ { key: { fmt: "jwk",
+ key: { kty: "RSA",
+ n: "yUmxoJC8VAM5hyYZa-XUBZg1N1ywFMPUpWsF1kaSGed98P3XUgPzgX80wpyzd5qdGuALqnf2lMc7O8PrGBtO5YrvQlI96NX0jUo5bc5wz220ob3AUCeQnTfx-UFqM4pCwjoDSo2PlphJdWgFYymGBaBCJgnENQL9H1N_8_yNiN8" },
+ alg: { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "TypeError: Invalid JWK RSA key" },
+ { key: { fmt: "jwk",
+ key: { kty: "RSA",
+ n: "yUmxoJC8VAM5hyYZa-XUBZg1N1ywFMPUpWsF1kaSGed98P3XUgPzgX80wpyzd5qdGuALqnf2lMc7O8PrGBtO5YrvQlI96NX0jUo5bc5wz220ob3AUCeQnTfx-UFqM4pCwjoDSo2PlphJdWgFYymGBaBCJgnENQL9H1N_8_yNiN8",
+ e: "AQAB" },
+ alg: { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "TypeError: key usage mismatch for \"RSASSA-PKCS1-v1_5\" key" },
+ { key: { fmt: "jwk",
+ key: { kty: "RSA",
+ n: "yUmxoJC8VAM5hyYZa-XUBZg1N1ywFMPUpWsF1kaSGed98P3XUgPzgX80wpyzd5qdGuALqnf2lMc7O8PrGBtO5YrvQlI96NX0jUo5bc5wz220ob3AUCeQnTfx-UFqM4pCwjoDSo2PlphJdWgFYymGBaBCJgnENQL9H1N_8_yNiN8",
+ e: "AQAB",
+ d: "j06DQyCopFujYoASi0oWmGEUSjUYO8BsrdSzVCnsLLsuZBwlZ4Peouyw4Hl2IIoYniCyzYwZJzVtC5Dh2MjgcrJTG5nX3FfheuabGl4in0583C51ZYWlVpDvBWw8kJTfXjiKH4z6ZA9dWdT5Y3aH_kOf-znUc7eTvuzISs61x_k" },
+ alg: { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "TypeError: Invalid JWK RSA key" },
+ { key: { fmt: "jwk",
+ key: { kty: "RSA",
+ n: "yUmxoJC8VAM5hyYZa-XUBZg1N1ywFMPUpWsF1kaSGed98P3XUgPzgX80wpyzd5qdGuALqnf2lMc7O8PrGBtO5YrvQlI96NX0jUo5bc5wz220ob3AUCeQnTfx-UFqM4pCwjoDSo2PlphJdWgFYymGBaBCJgnENQL9H1N_8_yNiN8",
+ e: "AQAB",
+ d: "j06DQyCopFujYoASi0oWmGEUSjUYO8BsrdSzVCnsLLsuZBwlZ4Peouyw4Hl2IIoYniCyzYwZJzVtC5Dh2MjgcrJTG5nX3FfheuabGl4in0583C51ZYWlVpDvBWw8kJTfXjiKH4z6ZA9dWdT5Y3aH_kOf-znUc7eTvuzISs61x_k",
+ p: "9ASb2yw5b8d7unrFuOyy4EDcPbnzEpbuVGASeHPqkORwHsqeGbfwGlhDYSYrY0HCwUsSBSFcO3SDeu0Z0zSvFQ" },
+ alg: { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "TypeError: Invalid JWK RSA key" },
+ { key: { fmt: "jwk",
+ key: { kty: "RSA",
+ n: "yUmxoJC8VAM5hyYZa-XUBZg1N1ywFMPUpWsF1kaSGed98P3XUgPzgX80wpyzd5qdGuALqnf2lMc7O8PrGBtO5YrvQlI96NX0jUo5bc5wz220ob3AUCeQnTfx-UFqM4pCwjoDSo2PlphJdWgFYymGBaBCJgnENQL9H1N_8_yNiN8",
+ e: "AQAB",
+ d: "j06DQyCopFujYoASi0oWmGEUSjUYO8BsrdSzVCnsLLsuZBwlZ4Peouyw4Hl2IIoYniCyzYwZJzVtC5Dh2MjgcrJTG5nX3FfheuabGl4in0583C51ZYWlVpDvBWw8kJTfXjiKH4z6ZA9dWdT5Y3aH_kOf-znUc7eTvuzISs61x_k",
+ p: "9ASb2yw5b8d7unrFuOyy4EDcPbnzEpbuVGASeHPqkORwHsqeGbfwGlhDYSYrY0HCwUsSBSFcO3SDeu0Z0zSvFQ",
+ q: "0yvzzgHo_PGYSlVj-M3965AwQF2wTXz82MZHv6EfcCHKuBfCSecr-igqLHhzfynAQjjf39VrXuPuRL23REF1Iw" },
+ alg: { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "TypeError: Invalid JWK RSA key" },
+ { key: { fmt: "jwk",
+ key: { kty: "RSA",
+ n: "yUmxoJC8VAM5hyYZa-XUBZg1N1ywFMPUpWsF1kaSGed98P3XUgPzgX80wpyzd5qdGuALqnf2lMc7O8PrGBtO5YrvQlI96NX0jUo5bc5wz220ob3AUCeQnTfx-UFqM4pCwjoDSo2PlphJdWgFYymGBaBCJgnENQL9H1N_8_yNiN8",
+ e: "AQAB",
+ d: "j06DQyCopFujYoASi0oWmGEUSjUYO8BsrdSzVCnsLLsuZBwlZ4Peouyw4Hl2IIoYniCyzYwZJzVtC5Dh2MjgcrJTG5nX3FfheuabGl4in0583C51ZYWlVpDvBWw8kJTfXjiKH4z6ZA9dWdT5Y3aH_kOf-znUc7eTvuzISs61x_k",
+ p: "9ASb2yw5b8d7unrFuOyy4EDcPbnzEpbuVGASeHPqkORwHsqeGbfwGlhDYSYrY0HCwUsSBSFcO3SDeu0Z0zSvFQ",
+ q: "0yvzzgHo_PGYSlVj-M3965AwQF2wTXz82MZHv6EfcCHKuBfCSecr-igqLHhzfynAQjjf39VrXuPuRL23REF1Iw",
+ dp: "pUXJ2jSl4lOWNcOZz5phvQmxIg2j2N9pJLS9TeAU63YNio1pb7npYa6OVGpp0JxlsE2MMvVZZtuPgd69MxPn0Q" },
+ alg: { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "TypeError: Invalid JWK RSA key" },
+ { key: { fmt: "jwk",
+ key: { kty: "RSA",
+ n: "yUmxoJC8VAM5hyYZa-XUBZg1N1ywFMPUpWsF1kaSGed98P3XUgPzgX80wpyzd5qdGuALqnf2lMc7O8PrGBtO5YrvQlI96NX0jUo5bc5wz220ob3AUCeQnTfx-UFqM4pCwjoDSo2PlphJdWgFYymGBaBCJgnENQL9H1N_8_yNiN8",
+ e: "AQAB",
+ d: "j06DQyCopFujYoASi0oWmGEUSjUYO8BsrdSzVCnsLLsuZBwlZ4Peouyw4Hl2IIoYniCyzYwZJzVtC5Dh2MjgcrJTG5nX3FfheuabGl4in0583C51ZYWlVpDvBWw8kJTfXjiKH4z6ZA9dWdT5Y3aH_kOf-znUc7eTvuzISs61x_k",
+ p: "9ASb2yw5b8d7unrFuOyy4EDcPbnzEpbuVGASeHPqkORwHsqeGbfwGlhDYSYrY0HCwUsSBSFcO3SDeu0Z0zSvFQ",
+ q: "0yvzzgHo_PGYSlVj-M3965AwQF2wTXz82MZHv6EfcCHKuBfCSecr-igqLHhzfynAQjjf39VrXuPuRL23REF1Iw",
+ dp: "pUXJ2jSl4lOWNcOZz5phvQmxIg2j2N9pJLS9TeAU63YNio1pb7npYa6OVGpp0JxlsE2MMvVZZtuPgd69MxPn0Q",
+ dq: "RZoqDM-iXKTA3ldQ0TQMKnVnAgAfWRsGN-j6wxW3R_1LVOw31KYGX7iXVfsJjnNTdEBMwfkVH7yezzd8zVmJ4w" },
+ alg: { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "TypeError: Invalid JWK RSA key" },
+ { key: { fmt: "jwk",
+ key: { kty: "RSA",
+ n: "yUmxoJC8VAM5hyYZa-XUBZg1N1ywFMPUpWsF1kaSGed98P3XUgPzgX80wpyzd5qdGuALqnf2lMc7O8PrGBtO5YrvQlI96NX0jUo5bc5wz220ob3AUCeQnTfx-UFqM4pCwjoDSo2PlphJdWgFYymGBaBCJgnENQL9H1N_8_yNiN8",
+ e: "AQAB",
+ d: "j06DQyCopFujYoASi0oWmGEUSjUYO8BsrdSzVCnsLLsuZBwlZ4Peouyw4Hl2IIoYniCyzYwZJzVtC5Dh2MjgcrJTG5nX3FfheuabGl4in0583C51ZYWlVpDvBWw8kJTfXjiKH4z6ZA9dWdT5Y3aH_kOf-znUc7eTvuzISs61x_k",
+ p: "9ASb2yw5b8d7unrFuOyy4EDcPbnzEpbuVGASeHPqkORwHsqeGbfwGlhDYSYrY0HCwUsSBSFcO3SDeu0Z0zSvFQ",
+ q: "0yvzzgHo_PGYSlVj-M3965AwQF2wTXz82MZHv6EfcCHKuBfCSecr-igqLHhzfynAQjjf39VrXuPuRL23REF1Iw",
+ dp: "pUXJ2jSl4lOWNcOZz5phvQmxIg2j2N9pJLS9TeAU63YNio1pb7npYa6OVGpp0JxlsE2MMvVZZtuPgd69MxPn0Q",
+ dq: "RZoqDM-iXKTA3ldQ0TQMKnVnAgAfWRsGN-j6wxW3R_1LVOw31KYGX7iXVfsJjnNTdEBMwfkVH7yezzd8zVmJ4w",
+ qi: "2REPnRQIaLsya5wlwFw0whwPaAbTZp2jfguhtg5gou_Yru7Cxz_b83YFPgoI6xuGE1OXsWkRTToS8FuIWCrNBQ",
+ ext: false },
+ alg: { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "JWK RSA is not extractable" },
+ { key: { fmt: "jwk",
+ key: { kty: "RSA" },
+ alg: { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" },
+ extractable: true,
+ usage: [ "sign" ] },
+ exception: "TypeError: Invalid JWK RSA key" },
+ { key: { fmt: "pkcs8",
+ key: "ec.pkcs8",
+ alg: { name: "RSA-OAEP", hash: "SHA-1" },
+ extractable: true,
+ usage: [ "decrypt" ] },
+ exception: "TypeError: RSA key is not found" },
+ { key: { fmt: "pkcs8",
+ key: "rsa.pkcs8.broken",
+ alg: { name: "RSA-OAEP", hash: "SHA-1" },
+ extractable: true,
+ usage: [ "decrypt" ] },
+ exception: "TypeError: d2i_PKCS8_PRIV_KEY_INFO_bio() failed" },
+ { key: { fmt: "pkcs8",
+ key: "rsa.pkcs8.broken2",
+ alg: { name: "RSA-OAEP", hash: "SHA-1" },
+ extractable: true,
+ usage: [ "decrypt" ] },
+ exception: "TypeError: EVP_PKCS82PKEY() failed" },
+ { key: { fmt: "pkcs8",
+ key: "rsa.pkcs8",
+ alg: { name: "RSA-OAEP", hash: "XXX" },
+ extractable: true,
+ usage: [ "decrypt" ] },
+ exception: "TypeError: unknown hash name: \"XXX\"" },
+ { key: { fmt: "spki",
+ key: "rsa.spki.broken",
+ alg: { name: "RSA-OAEP", hash: "SHA-256" },
+ extractable: true,
+ usage: [ "encrypt" ] },
+ exception: "TypeError: d2i_PUBKEY() failed" },
+]};
+
+run([
+ aes_tsuite,
+ ec_tsuite,
+ hmac_tsuite,
+ rsa_tsuite,
+])
+.then($DONE, $DONE);
diff --git a/test/webcrypto/rsa.pkcs8.broken2 b/test/webcrypto/rsa.pkcs8.broken2
new file mode 100644
index 00000000..1fdec72a
--- /dev/null
+++ b/test/webcrypto/rsa.pkcs8.broken2
@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGAAMlJsaCQvFQDOYcm
+GWvl1AWYNTdcsBTD1KVrBdZGkhnnffD911ID84F/NMKcs3eanRrgC6p39pTHOzvD
+6xgbTuWK70JSPejV9I1KOW3OcM9ttKG9wFAnkJ038flBajOKQsI6A0qNj5aYSXVo
+BWMphgWgQiYJxDUC/R9Tf/P8jYjfAgMBAAECgYEAj06DQyCopFujYoASi0oWmGEU
+SjUYO8BsrdSzVCnsLLsuZBwlZ4Peouyw4Hl2IIoYniCyzYwZJzVtC5Dh2MjgcrJT
+G5nX3FfheuabGl4in0583C51ZYWlVpDvBWw8kJTfXjiKH4z6ZA9dWdT5Y3aH/kOf
++znUc7eTvuzISs61x/kCQQD0BJvbLDlvx3u6esW47LLgQNw9ufMSlu5UYBJ4c+qQ
+5HAeyp4Zt/AaWENhJitjQcLBSxIFIVw7dIN67RnTNK8VAkEA0yvzzgHo/PGYSlVj
++M3965AwQF2wTXz82MZHv6EfcCHKuBfCSecr+igqLHhzfynAQjjf39VrXuPuRL23
+REF1IwJBAKVFydo0peJTljXDmc+aYb0JsSINo9jfaSS0vU3gFOt2DYqNaW+56WGu
+jlRqadCcZbBNjDL1WWbbj4HevTMT59ECQEWaKgzPolykwN5XUNE0DCp1ZwIAH1kb
+Bjfo+sMVt0f9S1TsN9SmBl+4l1X7CY5zU3RATMH5FR+8ns83fM1ZieMCQQDZEQ+d
+FAhouzJrnCXAXDTCHA9oBtNmnaN+C6G2DmCi79iu7sLHP9vzdgU+CgjrG4YTU5ex
+aRFNOhLwW4hYKs0F
+-----END PRIVATE KEY-----
diff --git a/test/webcrypto/rsa.t.mjs b/test/webcrypto/rsa.t.mjs
index 977537e0..372535b1 100644
--- a/test/webcrypto/rsa.t.mjs
+++ b/test/webcrypto/rsa.t.mjs
@@ -127,8 +127,6 @@ let rsa_tsuite = {
{ data: "aabbccdd".repeat(7), enc: { hash: "SHA-384" }, dec: { hash: "SHA-384" } },
{ data: "aabbcc", enc: { hash: "SHA-256" }, dec: { hash: "SHA-384" }, exception: "Error: EVP_PKEY_decrypt() failed" },
- { data: "aabbcc", enc: { hash: "XXX" }, exception: "TypeError: unknown hash name: \"XXX\"" },
- { data: "aabbcc", dec: { key: "rsa.spki.broken" }, exception: "Error: d2i_PUBKEY() failed" },
{ data: "aabbcc", dec: { key: "rsa2.spki" }, exception: "Error: EVP_PKEY_decrypt() failed" },
{ data: "aabbcc", enc: { fmt: "jwk", key: "rsa.enc.pub.jwk" }, dec: { fmt: "jwk", key: "rsa.dec.jwk" } },
diff --git a/test/webcrypto/rsa_decoding.t.mjs b/test/webcrypto/rsa_decoding.t.mjs
index 24733279..08874491 100644
--- a/test/webcrypto/rsa_decoding.t.mjs
+++ b/test/webcrypto/rsa_decoding.t.mjs
@@ -33,8 +33,6 @@ let rsa_tsuite = {
tests: [
{ pem: "rsa.pkcs8", src: "text.base64.rsa-oaep.enc", expected: "WAKAWAKA" },
- { pem: "ec.pkcs8", src: "text.base64.rsa-oaep.enc", exception: "Error: RSA key is not found" },
- { pem: "rsa.pkcs8.broken", src: "text.base64.rsa-oaep.enc", exception: "Error: d2i_PKCS8_PRIV_KEY_INFO_bio() failed" },
]};
run([rsa_tsuite])
diff --git a/test/webcrypto/sign.t.mjs b/test/webcrypto/sign.t.mjs
index c2d52a6f..2999569f 100644
--- a/test/webcrypto/sign.t.mjs
+++ b/test/webcrypto/sign.t.mjs
@@ -194,12 +194,6 @@ let hmac_tsuite = {
k: "c2VjcmV0S0VZ" } },
verify: true,
expected: true },
- { sign_key: { fmt: "jwk",
- key: { kty: "oct",
- alg: "HS256",
- key_ops: [ "verify" ],
- k: "c2VjcmV0S0VZ" } },
- exception: "TypeError: Key operations and usage mismatch" },
{ verify: true, expected: true },
{ verify: true, import_alg: { hash: "SHA-384" }, expected: true },
@@ -250,59 +244,6 @@ let rsassa_pkcs1_v1_5_tsuite = {
extractable: true,
usage: [ "sign", "verify" ] },
expected: true },
-
- { sign_key: { key: 1, fmt: "jwk" }, exception: "TypeError: invalid JWK key data" },
- { sign_key: { key: { kty: "RSA" }, fmt: "jwk" },
- exception: "TypeError: Invalid JWK RSA key" },
- { sign_key: { key: { kty: "RSA",
- n: "yUmxoJC8VAM5hyYZa-XUBZg1N1ywFMPUpWsF1kaSGed98P3XUgPzgX80wpyzd5qdGuALqnf2lMc7O8PrGBtO5YrvQlI96NX0jUo5bc5wz220ob3AUCeQnTfx-UFqM4pCwjoDSo2PlphJdWgFYymGBaBCJgnENQL9H1N_8_yNiN8" },
- fmt: "jwk" },
- exception: "TypeError: Invalid JWK RSA key" },
- { sign_key: { key: { kty: "RSA",
- n: "yUmxoJC8VAM5hyYZa-XUBZg1N1ywFMPUpWsF1kaSGed98P3XUgPzgX80wpyzd5qdGuALqnf2lMc7O8PrGBtO5YrvQlI96NX0jUo5bc5wz220ob3AUCeQnTfx-UFqM4pCwjoDSo2PlphJdWgFYymGBaBCJgnENQL9H1N_8_yNiN8",
- e: "AQAB" },
- fmt: "jwk" },
- exception: "TypeError: key usage mismatch for a RSASSA-PKCS1-v1_5" },
- { sign_key: { key: { kty: "RSA",
- n: "yUmxoJC8VAM5hyYZa-XUBZg1N1ywFMPUpWsF1kaSGed98P3XUgPzgX80wpyzd5qdGuALqnf2lMc7O8PrGBtO5YrvQlI96NX0jUo5bc5wz220ob3AUCeQnTfx-UFqM4pCwjoDSo2PlphJdWgFYymGBaBCJgnENQL9H1N_8_yNiN8",
- e: "AQAB",
- d: "j06DQyCopFujYoASi0oWmGEUSjUYO8BsrdSzVCnsLLsuZBwlZ4Peouyw4Hl2IIoYniCyzYwZJzVtC5Dh2MjgcrJTG5nX3FfheuabGl4in0583C51ZYWlVpDvBWw8kJTfXjiKH4z6ZA9dWdT5Y3aH_kOf-znUc7eTvuzISs61x_k" },
- fmt: "jwk" },
- exception: "TypeError: Invalid JWK RSA key" },
- { sign_key: { key: { kty: "RSA",
- n: "yUmxoJC8VAM5hyYZa-XUBZg1N1ywFMPUpWsF1kaSGed98P3XUgPzgX80wpyzd5qdGuALqnf2lMc7O8PrGBtO5YrvQlI96NX0jUo5bc5wz220ob3AUCeQnTfx-UFqM4pCwjoDSo2PlphJdWgFYymGBaBCJgnENQL9H1N_8_yNiN8",
- e: "AQAB",
- d: "j06DQyCopFujYoASi0oWmGEUSjUYO8BsrdSzVCnsLLsuZBwlZ4Peouyw4Hl2IIoYniCyzYwZJzVtC5Dh2MjgcrJTG5nX3FfheuabGl4in0583C51ZYWlVpDvBWw8kJTfXjiKH4z6ZA9dWdT5Y3aH_kOf-znUc7eTvuzISs61x_k",
- p: "9ASb2yw5b8d7unrFuOyy4EDcPbnzEpbuVGASeHPqkORwHsqeGbfwGlhDYSYrY0HCwUsSBSFcO3SDeu0Z0zSvFQ" },
- fmt: "jwk" },
- exception: "TypeError: Invalid JWK RSA key" },
- { sign_key: { key: { kty: "RSA",
- n: "yUmxoJC8VAM5hyYZa-XUBZg1N1ywFMPUpWsF1kaSGed98P3XUgPzgX80wpyzd5qdGuALqnf2lMc7O8PrGBtO5YrvQlI96NX0jUo5bc5wz220ob3AUCeQnTfx-UFqM4pCwjoDSo2PlphJdWgFYymGBaBCJgnENQL9H1N_8_yNiN8",
- e: "AQAB",
- d: "j06DQyCopFujYoASi0oWmGEUSjUYO8BsrdSzVCnsLLsuZBwlZ4Peouyw4Hl2IIoYniCyzYwZJzVtC5Dh2MjgcrJTG5nX3FfheuabGl4in0583C51ZYWlVpDvBWw8kJTfXjiKH4z6ZA9dWdT5Y3aH_kOf-znUc7eTvuzISs61x_k",
- p: "9ASb2yw5b8d7unrFuOyy4EDcPbnzEpbuVGASeHPqkORwHsqeGbfwGlhDYSYrY0HCwUsSBSFcO3SDeu0Z0zSvFQ",
- q: "0yvzzgHo_PGYSlVj-M3965AwQF2wTXz82MZHv6EfcCHKuBfCSecr-igqLHhzfynAQjjf39VrXuPuRL23REF1Iw" },
- fmt: "jwk" },
- exception: "TypeError: Invalid JWK RSA key" },
- { sign_key: { key: { kty: "RSA",
- n: "yUmxoJC8VAM5hyYZa-XUBZg1N1ywFMPUpWsF1kaSGed98P3XUgPzgX80wpyzd5qdGuALqnf2lMc7O8PrGBtO5YrvQlI96NX0jUo5bc5wz220ob3AUCeQnTfx-UFqM4pCwjoDSo2PlphJdWgFYymGBaBCJgnENQL9H1N_8_yNiN8",
- e: "AQAB",
- d: "j06DQyCopFujYoASi0oWmGEUSjUYO8BsrdSzVCnsLLsuZBwlZ4Peouyw4Hl2IIoYniCyzYwZJzVtC5Dh2MjgcrJTG5nX3FfheuabGl4in0583C51ZYWlVpDvBWw8kJTfXjiKH4z6ZA9dWdT5Y3aH_kOf-znUc7eTvuzISs61x_k",
- p: "9ASb2yw5b8d7unrFuOyy4EDcPbnzEpbuVGASeHPqkORwHsqeGbfwGlhDYSYrY0HCwUsSBSFcO3SDeu0Z0zSvFQ",
- q: "0yvzzgHo_PGYSlVj-M3965AwQF2wTXz82MZHv6EfcCHKuBfCSecr-igqLHhzfynAQjjf39VrXuPuRL23REF1Iw",
- dp: "pUXJ2jSl4lOWNcOZz5phvQmxIg2j2N9pJLS9TeAU63YNio1pb7npYa6OVGpp0JxlsE2MMvVZZtuPgd69MxPn0Q" },
- fmt: "jwk" },
- exception: "TypeError: Invalid JWK RSA key" },
- { sign_key: { key: { kty: "RSA",
- n: "yUmxoJC8VAM5hyYZa-XUBZg1N1ywFMPUpWsF1kaSGed98P3XUgPzgX80wpyzd5qdGuALqnf2lMc7O8PrGBtO5YrvQlI96NX0jUo5bc5wz220ob3AUCeQnTfx-UFqM4pCwjoDSo2PlphJdWgFYymGBaBCJgnENQL9H1N_8_yNiN8",
- e: "AQAB",
- d: "j06DQyCopFujYoASi0oWmGEUSjUYO8BsrdSzVCnsLLsuZBwlZ4Peouyw4Hl2IIoYniCyzYwZJzVtC5Dh2MjgcrJTG5nX3FfheuabGl4in0583C51ZYWlVpDvBWw8kJTfXjiKH4z6ZA9dWdT5Y3aH_kOf-znUc7eTvuzISs61x_k",
- p: "9ASb2yw5b8d7unrFuOyy4EDcPbnzEpbuVGASeHPqkORwHsqeGbfwGlhDYSYrY0HCwUsSBSFcO3SDeu0Z0zSvFQ",
- q: "0yvzzgHo_PGYSlVj-M3965AwQF2wTXz82MZHv6EfcCHKuBfCSecr-igqLHhzfynAQjjf39VrXuPuRL23REF1Iw",
- dp: "pUXJ2jSl4lOWNcOZz5phvQmxIg2j2N9pJLS9TeAU63YNio1pb7npYa6OVGpp0JxlsE2MMvVZZtuPgd69MxPn0Q",
- dq: "RZoqDM-iXKTA3ldQ0TQMKnVnAgAfWRsGN-j6wxW3R_1LVOw31KYGX7iXVfsJjnNTdEBMwfkVH7yezzd8zVmJ4w" },
- fmt: "jwk" },
- exception: "TypeError: Invalid JWK RSA key" },
{ verify: true,
sign_key: { key: { kty: "RSA",
n: "yUmxoJC8VAM5hyYZa-XUBZg1N1ywFMPUpWsF1kaSGed98P3XUgPzgX80wpyzd5qdGuALqnf2lMc7O8PrGBtO5YrvQlI96NX0jUo5bc5wz220ob3AUCeQnTfx-UFqM4pCwjoDSo2PlphJdWgFYymGBaBCJgnENQL9H1N_8_yNiN8",
@@ -315,43 +256,6 @@ let rsassa_pkcs1_v1_5_tsuite = {
qi: "2REPnRQIaLsya5wlwFw0whwPaAbTZp2jfguhtg5gou_Yru7Cxz_b83YFPgoI6xuGE1OXsWkRTToS8FuIWCrNBQ" },
fmt: "jwk" },
expected: true },
- { sign_key: { key: { kty: "RSA",
- n: "yUmxoJC8VAM5hyYZa-XUBZg1N1ywFMPUpWsF1kaSGed98P3XUgPzgX80wpyzd5qdGuALqnf2lMc7O8PrGBtO5YrvQlI96NX0jUo5bc5wz220ob3AUCeQnTfx-UFqM4pCwjoDSo2PlphJdWgFYymGBaBCJgnENQL9H1N_8_yNiN8",
- e: "AQAB",
- d: "j06DQyCopFujYoASi0oWmGEUSjUYO8BsrdSzVCnsLLsuZBwlZ4Peouyw4Hl2IIoYniCyzYwZJzVtC5Dh2MjgcrJTG5nX3FfheuabGl4in0583C51ZYWlVpDvBWw8kJTfXjiKH4z6ZA9dWdT5Y3aH_kOf-znUc7eTvuzISs61x_k",
- p: "9ASb2yw5b8d7unrFuOyy4EDcPbnzEpbuVGASeHPqkORwHsqeGbfwGlhDYSYrY0HCwUsSBSFcO3SDeu0Z0zSvFQ",
- q: "0yvzzgHo_PGYSlVj-M3965AwQF2wTXz82MZHv6EfcCHKuBfCSecr-igqLHhzfynAQjjf39VrXuPuRL23REF1Iw",
- dp: "pUXJ2jSl4lOWNcOZz5phvQmxIg2j2N9pJLS9TeAU63YNio1pb7npYa6OVGpp0JxlsE2MMvVZZtuPgd69MxPn0Q",
- dq: "RZoqDM-iXKTA3ldQ0TQMKnVnAgAfWRsGN-j6wxW3R_1LVOw31KYGX7iXVfsJjnNTdEBMwfkVH7yezzd8zVmJ4w",
- qi: "2REPnRQIaLsya5wlwFw0whwPaAbTZp2jfguhtg5gou_Yru7Cxz_b83YFPgoI6xuGE1OXsWkRTToS8FuIWCrNBQ",
- key_ops: [ "verify" ] },
- fmt: "jwk" },
- exception: "TypeError: Key operations and usage mismatch" },
- { sign_key: { key: { kty: "RSA",
- n: "yUmxoJC8VAM5hyYZa-XUBZg1N1ywFMPUpWsF1kaSGed98P3XUgPzgX80wpyzd5qdGuALqnf2lMc7O8PrGBtO5YrvQlI96NX0jUo5bc5wz220ob3AUCeQnTfx-UFqM4pCwjoDSo2PlphJdWgFYymGBaBCJgnENQL9H1N_8_yNiN8",
- e: "AQAB",
- d: "j06DQyCopFujYoASi0oWmGEUSjUYO8BsrdSzVCnsLLsuZBwlZ4Peouyw4Hl2IIoYniCyzYwZJzVtC5Dh2MjgcrJTG5nX3FfheuabGl4in0583C51ZYWlVpDvBWw8kJTfXjiKH4z6ZA9dWdT5Y3aH_kOf-znUc7eTvuzISs61x_k",
- p: "9ASb2yw5b8d7unrFuOyy4EDcPbnzEpbuVGASeHPqkORwHsqeGbfwGlhDYSYrY0HCwUsSBSFcO3SDeu0Z0zSvFQ",
- q: "0yvzzgHo_PGYSlVj-M3965AwQF2wTXz82MZHv6EfcCHKuBfCSecr-igqLHhzfynAQjjf39VrXuPuRL23REF1Iw",
- dp: "pUXJ2jSl4lOWNcOZz5phvQmxIg2j2N9pJLS9TeAU63YNio1pb7npYa6OVGpp0JxlsE2MMvVZZtuPgd69MxPn0Q",
- dq: "RZoqDM-iXKTA3ldQ0TQMKnVnAgAfWRsGN-j6wxW3R_1LVOw31KYGX7iXVfsJjnNTdEBMwfkVH7yezzd8zVmJ4w",
- qi: "2REPnRQIaLsya5wlwFw0whwPaAbTZp2jfguhtg5gou_Yru7Cxz_b83YFPgoI6xuGE1OXsWkRTToS8FuIWCrNBQ",
- ext: false },
- fmt: "jwk",
- extractable: true },
- exception: "TypeError: JWK RSA is not extractable" },
- { sign_key: { key: { kty: "RSA",
- alg: "RS384",
- n: "yUmxoJC8VAM5hyYZa-XUBZg1N1ywFMPUpWsF1kaSGed98P3XUgPzgX80wpyzd5qdGuALqnf2lMc7O8PrGBtO5YrvQlI96NX0jUo5bc5wz220ob3AUCeQnTfx-UFqM4pCwjoDSo2PlphJdWgFYymGBaBCJgnENQL9H1N_8_yNiN8",
- e: "AQAB",
- d: "j06DQyCopFujYoASi0oWmGEUSjUYO8BsrdSzVCnsLLsuZBwlZ4Peouyw4Hl2IIoYniCyzYwZJzVtC5Dh2MjgcrJTG5nX3FfheuabGl4in0583C51ZYWlVpDvBWw8kJTfXjiKH4z6ZA9dWdT5Y3aH_kOf-znUc7eTvuzISs61x_k",
- p: "9ASb2yw5b8d7unrFuOyy4EDcPbnzEpbuVGASeHPqkORwHsqeGbfwGlhDYSYrY0HCwUsSBSFcO3SDeu0Z0zSvFQ",
- q: "0yvzzgHo_PGYSlVj-M3965AwQF2wTXz82MZHv6EfcCHKuBfCSecr-igqLHhzfynAQjjf39VrXuPuRL23REF1Iw",
- dp: "pUXJ2jSl4lOWNcOZz5phvQmxIg2j2N9pJLS9TeAU63YNio1pb7npYa6OVGpp0JxlsE2MMvVZZtuPgd69MxPn0Q",
- dq: "RZoqDM-iXKTA3ldQ0TQMKnVnAgAfWRsGN-j6wxW3R_1LVOw31KYGX7iXVfsJjnNTdEBMwfkVH7yezzd8zVmJ4w",
- qi: "2REPnRQIaLsya5wlwFw0whwPaAbTZp2jfguhtg5gou_Yru7Cxz_b83YFPgoI6xuGE1OXsWkRTToS8FuIWCrNBQ" },
- fmt: "jwk" },
- exception: "TypeError: JWK hash mismatch" },
]};
let rsa_pss_tsuite = {
@@ -422,8 +326,6 @@ let ecdsa_tsuite = {
{ verify: true, import_alg: { hash: "SHA-512" }, expected: true },
{ verify: true, import_alg: { hash: "SHA-1" }, expected: true },
{ verify: true, verify_key: { key: "ec2.spki" }, expected: false },
- { verify: true, verify_key: { key: "rsa.spki" }, exception: "Error: EC key is not found" },
- { verify: true, import_alg: { namedCurve: "P-384" }, exception: "Error: name curve mismatch" },
{ verify: true,
verify_key: { key: "BHFFLGURrlWEXhok0JfTKke4q-nWSIMPvKTPhdKYSVnc4Nzn_7uNz0AA3U4fhpfVxSD4U5QciGyEoM4r3jC7bjI",
@@ -433,49 +335,12 @@ let ecdsa_tsuite = {
{ verify: true, sign_key: { key: "ec.jwk", fmt: "jwk" }, expected: true },
{ verify: true, sign_key: { key: "ec.jwk", fmt: "jwk" },
verify_key: { key: "ec.pub.jwk", fmt: "jwk" }, expected: true },
- { verify: true, sign_key: { key: "ec.jwk", fmt: "jwk" },
- import_alg: { namedCurve: "P-384" }, exception: "Error: JWK EC curve mismatch" },
- { sign_key: { key: 1, fmt: "jwk" }, exception: "TypeError: Invalid JWK EC key" },
- { sign_key: { key: { kty: "EC" }, fmt: "jwk" }, exception: "TypeError: Invalid JWK EC key" },
- { sign_key: { key: { kty: "EC", x: "cUUsZRGuVYReGiTQl9MqR7ir6dZIgw-8pM-F0phJWdw"}, fmt: "jwk" },
- exception: "TypeError: Invalid JWK EC key" },
- { sign_key: { key: { kty: "EC", x: "cUUsZRGuVYReGiTQl9MqR7ir6dZIgw-8pM-F0phJWdw",
- y: "4Nzn_7uNz0AA3U4fhpfVxSD4U5QciGyEoM4r3jC7bjI" },
- fmt: "jwk" },
- exception: "TypeError: Invalid JWK EC key" },
- { sign_key: { key: { kty: "EC", x: "cUUsZRGuVYReGiTQl9MqR7ir6dZIgw-8pM-F0phJWdw",
- y: "4Nzn_7uNz0AA3U4fhpfVxSD4U5QciGyEoM4r3jC7bjI",
- d: "E2sW0_4a3QXaSTJ0JKbSUbieKTD1UFtr7i_2CuetP6A" },
- fmt: "jwk" },
- exception: "TypeError: JWK EC curve mismatch" },
- { sign_key: { key: { kty: "EC", x: "cUUsZRGuVYReGiTQl9MqR7ir6dZIgw-8pM-F0phJWdw",
- y: "4Nzn_7uNz0AA3U4fhpfVxSD4U5QciGyEoM4r3jC7bjI",
- d: "E2sW0_4a3QXaSTJ0JKbSUbieKTD1UFtr7i_2CuetP6A", crv: "P-384" },
- fmt: "jwk" },
- exception: "TypeError: JWK EC curve mismatch" },
{ verify: true,
sign_key: { key: { kty: "EC", x: "cUUsZRGuVYReGiTQl9MqR7ir6dZIgw-8pM-F0phJWdw",
y: "4Nzn_7uNz0AA3U4fhpfVxSD4U5QciGyEoM4r3jC7bjI",
d: "E2sW0_4a3QXaSTJ0JKbSUbieKTD1UFtr7i_2CuetP6A", crv: "P-256" },
fmt: "jwk" },
expected: true },
- { sign_key: { key: { kty: "EC", x: "_BROKEN_",
- y: "4Nzn_7uNz0AA3U4fhpfVxSD4U5QciGyEoM4r3jC7bjI",
- d: "E2sW0_4a3QXaSTJ0JKbSUbieKTD1UFtr7i_2CuetP6A", crv: "P-256" },
- fmt: "jwk" },
- exception: "Error: EC_KEY_set_public_key_affine_coordinates() failed" },
- { sign_key: { key: { kty: "EC", x: "cUUsZRGuVYReGiTQl9MqR7ir6dZIgw-8pM-F0phJWdw",
- y: "4Nzn_7uNz0AA3U4fhpfVxSD4U5QciGyEoM4r3jC7bjI",
- d: "E2sW0_4a3QXaSTJ0JKbSUbieKTD1UFtr7i_2CuetP6A", crv: "P-256",
- key_ops: [ "verify" ]},
- fmt: "jwk" },
- exception: "TypeError: Key operations and usage mismatch" },
- { sign_key: { key: { kty: "EC", x: "cUUsZRGuVYReGiTQl9MqR7ir6dZIgw-8pM-F0phJWdw",
- y: "4Nzn_7uNz0AA3U4fhpfVxSD4U5QciGyEoM4r3jC7bjI", ext: false,
- d: "E2sW0_4a3QXaSTJ0JKbSUbieKTD1UFtr7i_2CuetP6A", crv: "P-256" },
- extractable: true,
- fmt: "jwk" },
- exception: "TypeError: JWK is not extractable" },
{ sign_key: { key: { kty: "EC", x: "cUUsZRGuVYReGiTQl9MqR7ir6dZIgw-8pM-F0phJWdw",
y: "4Nzn_7uNz0AA3U4fhpfVxSD4U5QciGyEoM4r3jC7bjI",
d: "E2sW0_4a3QXaSTJ0JKbSUbieKTD1UFtr7i_2CuetP6A", crv: "P-256" },
More information about the nginx-devel
mailing list