This repository has been archived on 2023-04-04. You can view files and clone it, but cannot push or open issues or pull requests.
webcrypto/packages/pkcs11/test/vectors.spec.ts

154 lines
6.8 KiB
TypeScript
Raw Normal View History

2022-05-23 21:09:26 +00:00
import * as types from "@peculiar/webcrypto-types";
import * as test from "@peculiar/webcrypto-test";
import * as config from "./config";
import { isNSS, isSoftHSM } from "./helper";
function fixEcImport(item: test.ITestImportAction) {
if (item.name?.startsWith("JWK private key")) {
const jwk = item.data as types.JsonWebKey;
delete jwk.x;
delete jwk.y;
}
if (item.name?.startsWith("PKCS8 P-256")) {
item.data = Buffer.from("3041020100301306072a8648ce3d020106082a8648ce3d030107042730250201010420895118e4e168dc9ee0d419d2c3f5845b2918fda96b84d9a91012f2ffb70d9ee1", "hex");
}
if (item.name?.startsWith("PKCS8 P-384")) {
item.data = Buffer.from("304e020100301006072a8648ce3d020106052b8104002204373035020101043098d7c6a318f0a02efe1a17552492884c11a079314d4cc9f92e1504905436072d61539fc7fd73371eeda4c80e3902c743", "hex");
}
if (item.name?.startsWith("PKCS8 P-521")) {
item.data = Buffer.from("3060020100301006072a8648ce3d020106052b81040023044930470201010442006c71a419f8a4e6ad25f99308ef475ba5319678acb5f9cde61bdf301e69e953e7766c0adc603397728aa0e4873fa679ad1efc6693e125df7bb75e880638d28f968b", "hex");
}
}
// Fix EC import tests.
// PKCS#11 doesn't return public key from private key
test.vectors.ECDSA.actions.import?.forEach(fixEcImport);
test.vectors.ECDH.actions.import?.forEach(fixEcImport);
test.vectors.ECDH.actions.deriveKey?.forEach((item) => {
if (item.name === "P-521 256") {
// module doesn't support AES-CTR
item.derivedKeyType.name = "AES-CBC";
}
});
// WebcryptoTest.check(config.crypto, [
// vectors.AES128CBC,
// ]);
test.WebcryptoTest.check(config.crypto, {
AES128KW: true,
AES192KW: true,
AES256KW: true,
RSAOAEP: true,
PBKDF2: true,
HKDF: true,
DESCBC: true,
DESEDE3CBC: true,
RSAESPKCS1: true,
AES128CMAC: true,
AES192CMAC: true,
AES256CMAC: true,
AES128CTR: true,
AES192CTR: true,
AES256CTR: true,
});
test.WebcryptoTest.add(config.crypto, {
name: "RSA-OAEP-SHA1",
actions: {
encrypt: [
{
skip: isNSS("RSA-OAEP-SHA1 throws CKR_DEVICE_ERROR"),
name: "without label",
algorithm: {
name: "RSA-OAEP",
} as types.Algorithm,
data: new Uint8Array([1, 2, 3, 4, 5, 6, 7, 8]),
encData: Buffer.from("MAKiRseL08AlR8Fmn1uVz/lDDdrDiRyI6KUW3mcE/0kxwW7/VizQJP+jiTSWyHexhQ+Sp0ugm6Doa/jahajuVf0aFkqJCcEKlSeMGvu4QdDc9tJzeNJVqSbPovFy60Criyjei4ganw2RQM2Umav//HfQEyqGTcyftMxXzkDDBQU=", "base64"),
key: {
publicKey: {
format: "jwk",
algorithm: { name: "RSA-OAEP", hash: "SHA-1" } as types.RsaHashedImportParams,
data: {
alg: "RSA-OAEP",
e: "AQAB",
ext: true,
key_ops: ["encrypt"],
kty: "RSA",
n: "vqpvdxuyZ6rKYnWTj_ZzDBFZAAAlpe5hpoiYHqa2j5kK7v8U5EaPY2bLib9m4B40j-n3FV9xUCGiplWdqMJJKT-4PjGO5E3S4N9kjFhu57noYT7z7302J0sJXeoFbXxlgE-4G55Oxlm52ID2_RJesP5nzcGTriQwoRbrJP5OEt0",
},
extractable: true,
keyUsages: ["encrypt"],
},
privateKey: {
format: "jwk",
algorithm: { name: "RSA-OAEP", hash: "SHA-1" } as types.RsaHashedImportParams,
data: {
alg: "RSA-OAEP",
d: "AkeIWJywp9OfYsj0ECsKmhDVBw55ZL_yU-rbIrashQ_31P6gsc_0I-SVN1rd8Hz79OJ_rTY8ZRBZ4PIyFdPoyvuo5apHdAHH6riJKxDHWPxhE-ReNVEPSTiF1ry8DSe5zC7w9BLnH_QM8bkN4cOnvgqrg7EbrGWomAGJVvoRwOM",
dp: "pOolqL7HwnmWLn7GDX8zGkm0Q1IAj-ouBL7ZZbaTm3wETLtwu-dGsQheEdzP_mfL_CTiCAwGuQBcSItimD0DdQ",
dq: "FTSY59AnkgmB7TsErWNBE3xlVB_pMpE2xWyCBCz96gyDOUOFDz8vlSV-clhjawJeRd1n30nZOPSBtOHozhwZmQ",
e: "AQAB",
ext: true,
key_ops: ["decrypt"],
kty: "RSA",
n: "vqpvdxuyZ6rKYnWTj_ZzDBFZAAAlpe5hpoiYHqa2j5kK7v8U5EaPY2bLib9m4B40j-n3FV9xUCGiplWdqMJJKT-4PjGO5E3S4N9kjFhu57noYT7z7302J0sJXeoFbXxlgE-4G55Oxlm52ID2_RJesP5nzcGTriQwoRbrJP5OEt0",
p: "6jFtmBJJQFIlQUXXZYIgvH70Y9a03oWKjNuF2veb5Zf09EtLNE86NpnIm463OnoHJPW0m8wHFXZZfcYVTIPR_w",
q: "0GttDMl1kIzSV2rNzGXpOS8tUqr5Lz0EtVZwIb9GJPMmJ0P3gZ801zEgZZ4-esU7cLUf-BSZEAmfnKA80G2jIw",
qi: "FByTxX4G2eXkk1xe0IuiEv7I5NS-CnFyp8iB4XLG0rabnfcIZFKpf__X0sNyVOAVo5-jJMuUYjCRTdaXNAWhkg",
},
extractable: true,
keyUsages: ["decrypt"],
},
},
},
{
skip: isSoftHSM("RSA-OAEP-SHA1 supports encryption without label only")
|| isNSS("RSA-OAEP-SHA1 throws CKR_DEVICE_ERROR"),
name: "with label",
algorithm: {
name: "RSA-OAEP",
label: new Uint8Array([1, 2, 3, 4, 5, 6, 7, 8]),
} as types.RsaOaepParams,
data: new Uint8Array([1, 2, 3, 4, 5, 6, 7, 8]),
encData: Buffer.from("YLtmJDT8Y4Z2Y/VoGHUvhgs5kptNShFRUCcsKpUgI9A+YCYXL3K8fnEkbzO/Nkd4/0RsvfnmXkUJg3JdzPslwO1bOdlNsd2hRi0qi4cpxVmHDjuI3EHMb7FI3Pb9cF/kMFeEQzttpIDqh/UQJnoyh4d/RyZS1w37Vk0sNer7xw0=", "base64"),
key: {
publicKey: {
format: "jwk" as types.KeyFormat,
algorithm: { name: "RSA-OAEP", hash: "SHA-1" } as types.RsaHashedImportParams,
data: {
alg: "RSA-OAEP",
e: "AQAB",
ext: true,
key_ops: ["encrypt"],
kty: "RSA",
n: "vqpvdxuyZ6rKYnWTj_ZzDBFZAAAlpe5hpoiYHqa2j5kK7v8U5EaPY2bLib9m4B40j-n3FV9xUCGiplWdqMJJKT-4PjGO5E3S4N9kjFhu57noYT7z7302J0sJXeoFbXxlgE-4G55Oxlm52ID2_RJesP5nzcGTriQwoRbrJP5OEt0",
},
extractable: true,
keyUsages: ["encrypt"],
},
privateKey: {
format: "jwk",
algorithm: { name: "RSA-OAEP", hash: "SHA-1" } as types.RsaHashedImportParams,
data: {
alg: "RSA-OAEP",
d: "AkeIWJywp9OfYsj0ECsKmhDVBw55ZL_yU-rbIrashQ_31P6gsc_0I-SVN1rd8Hz79OJ_rTY8ZRBZ4PIyFdPoyvuo5apHdAHH6riJKxDHWPxhE-ReNVEPSTiF1ry8DSe5zC7w9BLnH_QM8bkN4cOnvgqrg7EbrGWomAGJVvoRwOM",
dp: "pOolqL7HwnmWLn7GDX8zGkm0Q1IAj-ouBL7ZZbaTm3wETLtwu-dGsQheEdzP_mfL_CTiCAwGuQBcSItimD0DdQ",
dq: "FTSY59AnkgmB7TsErWNBE3xlVB_pMpE2xWyCBCz96gyDOUOFDz8vlSV-clhjawJeRd1n30nZOPSBtOHozhwZmQ",
e: "AQAB",
ext: true,
key_ops: ["decrypt"],
kty: "RSA",
n: "vqpvdxuyZ6rKYnWTj_ZzDBFZAAAlpe5hpoiYHqa2j5kK7v8U5EaPY2bLib9m4B40j-n3FV9xUCGiplWdqMJJKT-4PjGO5E3S4N9kjFhu57noYT7z7302J0sJXeoFbXxlgE-4G55Oxlm52ID2_RJesP5nzcGTriQwoRbrJP5OEt0",
p: "6jFtmBJJQFIlQUXXZYIgvH70Y9a03oWKjNuF2veb5Zf09EtLNE86NpnIm463OnoHJPW0m8wHFXZZfcYVTIPR_w",
q: "0GttDMl1kIzSV2rNzGXpOS8tUqr5Lz0EtVZwIb9GJPMmJ0P3gZ801zEgZZ4-esU7cLUf-BSZEAmfnKA80G2jIw",
qi: "FByTxX4G2eXkk1xe0IuiEv7I5NS-CnFyp8iB4XLG0rabnfcIZFKpf__X0sNyVOAVo5-jJMuUYjCRTdaXNAWhkg",
},
extractable: true,
keyUsages: ["decrypt"],
},
},
},
],
},
});