WebCryptoAPI/encrypt_decrypt/rsa.js

function run_test() {
    var subtle = self.crypto.subtle; // Change to test prefixed implementations

    // When are all these tests really done? When all the promises they use have resolved.
    var all_promises = [];

    // Source file rsa_vectors.js provides the getTestVectors method
    // for the RSA-OAEP algorithm that drives these tests.
    var vectors = getTestVectors();
    var passingVectors = vectors.passing;
    var failingVectors = vectors.failing;

    // Test decryption, first, because encryption tests rely on that working
    passingVectors.forEach(function(vector) {
        var promise = importVectorKeys(vector, ["encrypt"], ["decrypt"])
        .then(function(vectors) {
            // Get a one byte longer plaintext to encrypt
            if (!("ciphertext" in vector)) {
                return;
            }

            promise_test(function(test) {
                return subtle.decrypt(vector.algorithm, vector.privateKey, vector.ciphertext)
                .then(function(plaintext) {
                    assert_true(equalBuffers(plaintext, vector.plaintext, "Decryption works"));
                }, function(err) {
                    assert_unreached("Decryption should not throw error " + vector.name + ": " + err.message + "'");
                });
            }, vector.name + " decryption");

        }, function(err) {
            // We need a failed test if the importVectorKey operation fails, so
            // we know we never tested encryption
            promise_test(function(test) {
                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
            }, "importVectorKeys step: " + vector.name + " decryption");
        });

        all_promises.push(promise);
    });

    // Test decryption with an altered buffer
    passingVectors.forEach(function(vector) {
        var promise = importVectorKeys(vector, ["encrypt"], ["decrypt"])
        .then(function(vectors) {
            // Get a one byte longer plaintext to encrypt
            if (!("ciphertext" in vector)) {
                return;
            }

            promise_test(function(test) {
                var ciphertext = copyBuffer(vector.ciphertext);
                var operation = subtle.decrypt(vector.algorithm, vector.privateKey, ciphertext)
                .then(function(plaintext) {
                    assert_true(equalBuffers(plaintext, vector.plaintext, "Decryption works"));
                }, function(err) {
                    assert_unreached("Decryption should not throw error " + vector.name + ": " + err.message + "'");
                });
                ciphertext[0] = 255 - ciphertext[0];
                return operation;
            }, vector.name + " decryption with altered ciphertext");

        }, function(err) {
            // We need a failed test if the importVectorKey operation fails, so
            // we know we never tested encryption
            promise_test(function(test) {
                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
            }, "importVectorKeys step: " + vector.name + " decryption with altered ciphertext");
        });

        all_promises.push(promise);
    });

    // Check for failures due to using publicKey to decrypt.
    passingVectors.forEach(function(vector) {
        var promise = importVectorKeys(vector, ["encrypt"], ["decrypt"])
        .then(function(vectors) {
            promise_test(function(test) {
                return subtle.decrypt(vector.algorithm, vector.publicKey, vector.ciphertext)
                .then(function(plaintext) {
                    assert_unreached("Should have thrown error for using publicKey to decrypt in " + vector.name + ": " + err.message + "'");
                }, function(err) {
                    assert_equals(err.name, "InvalidAccessError", "Should throw InvalidAccessError instead of " + err.message);
                });
            }, vector.name + " using publicKey to decrypt");

        }, function(err) {
            // We need a failed test if the importVectorKey operation fails, so
            // we know we never tested encryption
            promise_test(function(test) {
                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
            }, "importVectorKeys step: " + vector.name + " using publicKey to decrypt");
        });

        all_promises.push(promise);
    });


    // Check for failures due to no "decrypt" usage.
    passingVectors.forEach(function(originalVector) {
        var vector = Object.assign({}, originalVector);

        var promise = importVectorKeys(vector, ["encrypt"], ["unwrapKey"])
        .then(function(vectors) {
            // Get a one byte longer plaintext to encrypt
            promise_test(function(test) {
                return subtle.decrypt(vector.algorithm, vector.publicKey, vector.ciphertext)
                .then(function(plaintext) {
                    assert_unreached("Should have thrown error for no decrypt usage in " + vector.name + ": " + err.message + "'");
                }, function(err) {
                    assert_equals(err.name, "InvalidAccessError", "Should throw InvalidAccessError instead of " + err.message);
                });
            }, vector.name + " no decrypt usage");

        }, function(err) {
            // We need a failed test if the importVectorKey operation fails, so
            // we know we never tested encryption
            promise_test(function(test) {
                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
            }, "importVectorKeys step: " + vector.name + " no decrypt usage");
        });

        all_promises.push(promise);
    });


    // Check for successful encryption even if plaintext is altered after call.
    passingVectors.forEach(function(vector) {
        var promise = importVectorKeys(vector, ["encrypt"], ["decrypt"])
        .then(function(vectors) {
            promise_test(function(test) {
                var plaintext = copyBuffer(vector.plaintext);
                var operation = subtle.encrypt(vector.algorithm, vector.publicKey, plaintext)
                .then(function(ciphertext) {
                    assert_equals(ciphertext.byteLength * 8, vector.privateKey.algorithm.modulusLength, "Ciphertext length matches modulus length");
                    // Can we get the original plaintext back via decrypt?
                    return subtle.decrypt(vector.algorithm, vector.privateKey, ciphertext)
                    .then(function(result) {
                        assert_true(equalBuffers(result, vector.plaintext), "Round trip returns original plaintext");
                        return ciphertext;
                    }, function(err) {
                        assert_unreached("decrypt error for test " + vector.name + ": " + err.message + "'");
                    });
                })
                .then(function(priorCiphertext) {
                    // Will a second encrypt give us different ciphertext, as it should?
                    return subtle.encrypt(vector.algorithm, vector.publicKey, vector.plaintext)
                    .then(function(ciphertext) {
                        assert_false(equalBuffers(priorCiphertext, ciphertext), "Two encrypts give different results")
                    }, function(err) {
                        assert_unreached("second time encrypt error for test " + vector.name + ": '" + err.message + "'");
                    });
                }, function(err) {
                    assert_unreached("decrypt error for test " + vector.name + ": '" + err.message + "'");
                });

                plaintext[0] = 255 - plaintext[0];
                return operation;
            }, vector.name + " with altered plaintext");

        }, function(err) {
            // We need a failed test if the importVectorKey operation fails, so
            // we know we never tested encryption
            promise_test(function(test) {
                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
            }, "importVectorKeys step: " + vector.name + " with altered plaintext");
        });

        all_promises.push(promise);
    });

    // Check for successful encryption.
    passingVectors.forEach(function(vector) {
        var promise = importVectorKeys(vector, ["encrypt"], ["decrypt"])
        .then(function(vectors) {
            promise_test(function(test) {
                return subtle.encrypt(vector.algorithm, vector.publicKey, vector.plaintext)
                .then(function(ciphertext) {
                    assert_equals(ciphertext.byteLength * 8, vector.privateKey.algorithm.modulusLength, "Ciphertext length matches modulus length");

                    // Can we get the original plaintext back via decrypt?
                    return subtle.decrypt(vector.algorithm, vector.privateKey, ciphertext)
                    .then(function(result) {
                        assert_true(equalBuffers(result, vector.plaintext), "Round trip returns original plaintext");
                        return ciphertext;
                    }, function(err) {
                        assert_unreached("decrypt error for test " + vector.name + ": " + err.message + "'");
                    });
                })
                .then(function(priorCiphertext) {
                    // Will a second encrypt give us different ciphertext, as it should?
                    return subtle.encrypt(vector.algorithm, vector.publicKey, vector.plaintext)
                    .then(function(ciphertext) {
                        assert_false(equalBuffers(priorCiphertext, ciphertext), "Two encrypts give different results")
                    }, function(err) {
                        assert_unreached("second time encrypt error for test " + vector.name + ": '" + err.message + "'");
                    });
                }, function(err) {
                    assert_unreached("decrypt error for test " + vector.name + ": '" + err.message + "'");
                });
            }, vector.name);

        }, function(err) {
            // We need a failed test if the importVectorKey operation fails, so
            // we know we never tested encryption
            promise_test(function(test) {
                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
            }, "importVectorKeys step: " + vector.name);
        });

        all_promises.push(promise);
    });

    // Check for failures due to too long plaintext.
    passingVectors.forEach(function(vector) {
        var promise = importVectorKeys(vector, ["encrypt"], ["decrypt"])
        .then(function(vectors) {
            // Get a one byte longer plaintext to encrypt
            var plaintext = new Uint8Array(vector.plaintext.byteLength + 1);
            plaintext.set(plaintext, 0);
            plaintext.set(new Uint8Array([32]), vector.plaintext.byteLength);
            promise_test(function(test) {
                return subtle.encrypt(vector.algorithm, vector.publicKey, plaintext)
                .then(function(ciphertext) {
                    assert_unreached("Should have thrown error for too long plaintext in " + vector.name + ": " + err.message + "'");
                }, function(err) {
                    assert_equals(err.name, "OperationError", "Should throw OperationError instead of " + err.message);
                });
            }, vector.name + " too long plaintext");

        }, function(err) {
            // We need a failed test if the importVectorKey operation fails, so
            // we know we never tested encryption
            promise_test(function(test) {
                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
            }, "importVectorKeys step: " + vector.name + " too long plaintext");
        });

        all_promises.push(promise);
    });


    // Check for failures due to using privateKey to encrypt.
    passingVectors.forEach(function(vector) {
        var promise = importVectorKeys(vector, ["encrypt"], ["decrypt"])
        .then(function(vectors) {
            promise_test(function(test) {
                return subtle.encrypt(vector.algorithm, vector.privateKey, vector.plaintext)
                .then(function(ciphertext) {
                    assert_unreached("Should have thrown error for using privateKey to encrypt in " + vector.name + ": " + err.message + "'");
                }, function(err) {
                    assert_equals(err.name, "InvalidAccessError", "Should throw InvalidAccessError instead of " + err.message);
                });
            }, vector.name + " using privateKey to encrypt");

        }, function(err) {
            // We need a failed test if the importVectorKey operation fails, so
            // we know we never tested encryption
            promise_test(function(test) {
                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
            }, "importVectorKeys step: " + vector.name + " using privateKey to encrypt");
        });

        all_promises.push(promise);
    });


    // Check for failures due to no "encrypt usage".
    passingVectors.forEach(function(originalVector) {
        var vector = Object.assign({}, originalVector);

        var promise = importVectorKeys(vector, [], ["decrypt"])
        .then(function(vectors) {
            // Get a one byte longer plaintext to encrypt
            promise_test(function(test) {
                return subtle.encrypt(vector.algorithm, vector.publicKey, vector.plaintext)
                .then(function(ciphertext) {
                    assert_unreached("Should have thrown error for no encrypt usage in " + vector.name + ": " + err.message + "'");
                }, function(err) {
                    assert_equals(err.name, "InvalidAccessError", "Should throw InvalidAccessError instead of " + err.message);
                });
            }, vector.name + " no encrypt usage");

        }, function(err) {
            // We need a failed test if the importVectorKey operation fails, so
            // we know we never tested encryption
            promise_test(function(test) {
                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
            }, "importVectorKeys step: " + vector.name + " no encrypt usage");
        });

        all_promises.push(promise);
    });

    promise_test(function() {
        return Promise.all(all_promises)
            .then(function() {done();})
            .catch(function() {done();})
    }, "setup");

    // A test vector has all needed fields for encryption, EXCEPT that the
    // key field may be null. This function replaces that null with the Correct
    // CryptoKey object.
    //
    // Returns a Promise that yields an updated vector on success.
    function importVectorKeys(vector, publicKeyUsages, privateKeyUsages) {
        var publicPromise, privatePromise;

        if (vector.publicKey !== null) {
            publicPromise = new Promise(function(resolve, reject) {
                resolve(vector);
            });
        } else {
            publicPromise = subtle.importKey(vector.publicKeyFormat, vector.publicKeyBuffer, {name: vector.algorithm.name, hash: vector.hash}, false, publicKeyUsages)
            .then(function(key) {
                vector.publicKey = key;
                return vector;
            });        // Returns a copy of the sourceBuffer it is sent.
        function copyBuffer(sourceBuffer) {
            var source = new Uint8Array(sourceBuffer);
            var copy = new Uint8Array(sourceBuffer.byteLength)

            for (var i=0; i<source.byteLength; i++) {
                copy[i] = source[i];
            }

            return copy;
        }

        }

        if (vector.privateKey !== null) {
            privatePromise = new Promise(function(resolve, reject) {
                resolve(vector);
            });
        } else {
            privatePromise = subtle.importKey(vector.privateKeyFormat, vector.privateKeyBuffer, {name: vector.algorithm.name, hash: vector.hash}, false, privateKeyUsages)
            .then(function(key) {
                vector.privateKey = key;
                return vector;
            });
        }

        return Promise.all([publicPromise, privatePromise]);
    }

    // Returns a copy of the sourceBuffer it is sent.
    function copyBuffer(sourceBuffer) {
        var source = new Uint8Array(sourceBuffer);
        var copy = new Uint8Array(sourceBuffer.byteLength)

        for (var i=0; i<source.byteLength; i++) {
            copy[i] = source[i];
        }

        return copy;
    }

    function equalBuffers(a, b) {
        if (a.byteLength !== b.byteLength) {
            return false;
        }

        var aBytes = new Uint8Array(a);
        var bBytes = new Uint8Array(b);

        for (var i=0; i<a.byteLength; i++) {
            if (aBytes[i] !== bBytes[i]) {
                return false;
            }
        }

        return true;
    }

    return;
}