- From: Eric Roman <ericroman@google.com>
- Date: Thu, 18 Dec 2014 11:22:25 -0800
- To: Boris Zbarsky <bzbarsky@mit.edu>
- Cc: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
- Message-ID: <CAFswn4n9+WJ=DHf-OcRM9W7hVU+OO_2W2KKOGo4LFjhPdDgP5A@mail.gmail.com>
On Thu, Dec 18, 2014 at 9:20 AM, Boris Zbarsky <bzbarsky@mit.edu> wrote: > > On 12/18/14, 4:10 AM, Harry Halpin wrote: > >> What in your opinion is a *good* test suite? >> > > One which has the property that an implementation passing it is very > likely to be compliant with the specification. An important consideration for the test structure will be how unsupported operations are handled For instance how would an implementation respond to the tests when: * It doesn't support a particular algorithm (Ex: Chromium's algorithm support on Linux depends on the system's NSS library version) * Doesn't support a certain key size (Ex: Chromium doesn't support 192 bit AES keys) * Doesn't support a particular key format (Ex: WebKit doesn't support "spki" and "pkcs8" key formats) > There's all sorts of levels of complexity one can do with testing, and I >> think how much testing we do depends on how much the WG can do and if >> W3C can be successful in more resources. >> > > The right way to do testing is probably to set up a way for people to > contribute tests and then get them to do that. That's what the web > platform tests effort is about, right? > > In particular, getting implementors to contribute their existing test > suites seems like a good start. Agreed. I think good next steps are: (1) Set up a repository for the test collaboration that is easy for others to contribute to (github) (2) Copy over the W3C testing framework (3) Write 2-3 sample tests (needn't be perfect, but give some guidelines on the format) (4) Implementors and volunteers start converting their test suite by mimicking the sample tests As far as which tests to include in the test suite, I suggest prioritizing as: (1) Correct usages of the API when called using supported algorithms (with common parameters) Examples: - Does SHA-1 digest yield the expected result for known inputs - Does RSASSA-PKCS1-v1_5 verify correct signatures, and fail verifying incorrect signatures - Can you successfully generate an RSA key with a public exponent of 3 - AES-CBC decryption throws an OperationError when the padding is incorrect. (2) Incorrect usages of the API which pose a security risk Examples: - Cannot export an un-extractable key - Cannot wrap an un-extractable key - When unwrapping a key from JWK, the "alg", "use", "key_ops", "ext" are respected - Cannot use the same CryptoKey between algorithms - Cannot use a CryptoKey that lacks the required KeyUsages (3) Correct usages of the API with more exotic parameters: Examples: - Different cased algorithm names - Using string-based AlgorithmIdentifiers instead of an object - Different combinations for optional parameters - Different combinations of BufferSource's type used in verify() - Including unrecognized "key_ops" in a JWK is disregarded (4) The myriad of other error cases Examples: - Import an empty HMAC key - Import an HMAC key with a shorter optional length than provided key data - Import an RSA key in JWK format using base64 encoding rather than base64url encoding - Passed null in place of an "unsigned long" for a required dictionary field - Specified an invalid key usage during creation - Generated an asymmetric key pair without specifying any private key usages - Generated an asymmetric key pair containing key usages that were not applicable to the algorithm - Case sensitivity for JWK's "key_ops" and "alg" members - AES-GCM called with a tagLength of 13 - AES-CTR called with an IV of length 3 - Duplicate key_ops values in a JWK fails import (including unrecognized ones) - When importing an EC key from JWK, throws an error if "x", "y", or "d" are not zero-padded to the right length. - When importing an RSA from JWK, throws an error if any of the parameters DO contain a leading zero (yay consistency?) ... and many more such things
Received on Thursday, 18 December 2014 19:22:52 UTC