summaryrefslogtreecommitdiff
path: root/cli/tests/unit/webcrypto_test.ts
diff options
context:
space:
mode:
Diffstat (limited to 'cli/tests/unit/webcrypto_test.ts')
-rw-r--r--cli/tests/unit/webcrypto_test.ts31
1 files changed, 22 insertions, 9 deletions
diff --git a/cli/tests/unit/webcrypto_test.ts b/cli/tests/unit/webcrypto_test.ts
index ab7b46574..56a23bfb5 100644
--- a/cli/tests/unit/webcrypto_test.ts
+++ b/cli/tests/unit/webcrypto_test.ts
@@ -379,19 +379,32 @@ unitTest(async function generateImportHmacJwk() {
// 2048-bits publicExponent=65537
const pkcs8TestVectors = [
// rsaEncryption
- "cli/tests/testdata/webcrypto/id_rsaEncryption.pem",
- // id-RSASSA-PSS
- "cli/tests/testdata/webcrypto/id_rsassaPss.pem",
+ { pem: "cli/tests/testdata/webcrypto/id_rsaEncryption.pem", hash: "SHA-256" },
+ // id-RSASSA-PSS (sha256)
+ // `openssl genpkey -algorithm rsa-pss -pkeyopt rsa_pss_keygen_md:sha256 -out id_rsassaPss.pem`
+ { pem: "cli/tests/testdata/webcrypto/id_rsassaPss.pem", hash: "SHA-256" },
+ // id-RSASSA-PSS (default parameters)
+ // `openssl genpkey -algorithm rsa-pss -out id_rsassaPss.pem`
+ {
+ pem: "cli/tests/testdata/webcrypto/id_rsassaPss_default.pem",
+ hash: "SHA-1",
+ },
+ // id-RSASSA-PSS (default hash)
+ // `openssl genpkey -algorithm rsa-pss -pkeyopt rsa_pss_keygen_saltlen:30 -out rsaPss_saltLen_30.pem`
+ {
+ pem: "cli/tests/testdata/webcrypto/id_rsassaPss_saltLen_30.pem",
+ hash: "SHA-1",
+ },
];
unitTest({ permissions: { read: true } }, async function importRsaPkcs8() {
const pemHeader = "-----BEGIN PRIVATE KEY-----";
const pemFooter = "-----END PRIVATE KEY-----";
- for (const keyFile of pkcs8TestVectors) {
- const pem = await Deno.readTextFile(keyFile);
- const pemContents = pem.substring(
+ for (const { pem, hash } of pkcs8TestVectors) {
+ const keyFile = await Deno.readTextFile(pem);
+ const pemContents = keyFile.substring(
pemHeader.length,
- pem.length - pemFooter.length,
+ keyFile.length - pemFooter.length,
);
const binaryDerString = atob(pemContents);
const binaryDer = new Uint8Array(binaryDerString.length);
@@ -402,7 +415,7 @@ unitTest({ permissions: { read: true } }, async function importRsaPkcs8() {
const key = await crypto.subtle.importKey(
"pkcs8",
binaryDer,
- { name: "RSA-PSS", hash: "SHA-256" },
+ { name: "RSA-PSS", hash },
true,
["sign"],
);
@@ -413,7 +426,7 @@ unitTest({ permissions: { read: true } }, async function importRsaPkcs8() {
assertEquals(key.usages, ["sign"]);
const algorithm = key.algorithm as RsaHashedKeyAlgorithm;
assertEquals(algorithm.name, "RSA-PSS");
- assertEquals(algorithm.hash.name, "SHA-256");
+ assertEquals(algorithm.hash.name, hash);
assertEquals(algorithm.modulusLength, 2048);
assertEquals(algorithm.publicExponent, new Uint8Array([1, 0, 1]));
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-05 17:31:26 +0000