aes-cbc-decrypt-failure.html

<html>
<head>
    <script type="text/javascript" src="DJS/encoding.js"></script>
    <script type="text/javascript" src="DJS/hashing.js"></script>
    <script type="text/javascript" src="DJS/aes.js"></script>
    <script type="text/javascript" src="DJS/rsa.js"></script>
    <script type="text/javascript" src="asn1JS.js"></script>
    <script type="text/javascript" src="functions.js"></script>
    <script type="text/javascript" src="algorithms.js"></script>
    <script type="text/javascript" src="Key.js"></script>
    <script type="text/javascript" src="generateKey.js"></script>
    <script type="text/javascript" src="sign.js"></script>
    <script type="text/javascript" src="decrypt.js"></script>
    <script type="text/javascript" src="encrypt.js"></script>
    <script type="text/javascript" src="exportKey.js"></script>
    <script type="text/javascript" src="importKey.js"></script>
    <script type="text/javascript" src="verify.js"></script>
    <script type="text/javascript" src="digest.js"></script>
    <script type="text/javascript" src="deriveKey.js"></script>
    <script type="text/javascript" src="wrapKey.js"></script>
    <script type="text/javascript" src="unwrapKey.js"></script>
    <script type="text/javascript" src="resources/common.js"></script>
    <script type="text/javascript" src="resources/js-test.js"></script>
    <script type="text/javascript" src="subtleinriacrypto.js"></script>
    
    <script type="text/javascript">
    function init(){
        var a,b,c,d;
        

        var start = new Date().getTime();
        window.crypto = inriacrypto;
        // 128-bit key with plaintext that is an exact multiple of block size.
        // Derived from [1] F.2.1 (CBC-AES128.Encrypt), by adding padding block.
        var iv = hexStringToUint8Array("000102030405060708090a0b0c0d0e0f");
        var keyData = hexStringToUint8Array("2b7e151628aed2a6abf7158809cf4f3c");
        var cipherText = hexStringToUint8Array("7649abac8119b246cee98e9b12e9197d5086cb9b507219ee95db113a917678b273bed6b8e3c1743b7116e69e222295163ff1caa1681fac09120eca307586e1a78cb82807230e1321d3fae00d18cc2012");

        var key = null;
        var usages = ['encrypt', 'decrypt'];
        var extractable = false;
        var algorithm = {name: 'AES-CBC', iv: iv};

        function verifyDecryptionFails(newCipherTextLength)
        {
            var newCipherText = cipherText.subarray(0, newCipherTextLength);

            var description = "ciphertext length: " + newCipherText.byteLength;
            return inriacrypto.subtle.decrypt(algorithm, key, newCipherText).then(function(result) {
                debug("FAIL: decrypting succeeded. " + description);
            }, function(result) {
                logError(result);
                debug("PASS: decrypting failed. " + description);
            });
        }

        a=keyData;
        b=algorithm;
        c=extractable;
        d=usages;
        inriacrypto.subtle.importKey('raw', keyData, algorithm, extractable, usages).then(function(result) {
            key = result;

            // Verify that decryption works with the original ciphertext.
            return inriacrypto.subtle.decrypt(algorithm, key, cipherText);
        }).then(function(result) {
            console.log(result);
            debug("PASS: Decryption succeeded");

            // Try a number of bad ciphertexts.
            var badLengths = [
                0,
                cipherText.byteLength - 1,

                // Stripped a whole block. This new final block will result in a
                // padding error.
                cipherText.byteLength - 16,
                1,
                15,
                16,
                17
            ];

            var lastPromise = Promise.resolve(null);
            badLengths.forEach(function(badLength) {
                lastPromise = lastPromise.then(verifyDecryptionFails.bind(null, badLength));
            });
            return lastPromise;
        }).then(finishJSTest, failAndFinishJSTest);

        function cryptOp(keyData, algorithm, extractable, usages){
            var o ={
                oncomplete: function(){
                    console.log("Uninitialized");
                    return "Uninitialized";
                },
            };
            inriacrypto.subtle.importKey('raw', keyData, algorithm, extractable, usages).then(function(result) {
                //console.log(result);
                o.oncomplete(result);
            });

            return o;
        }

        var p = cryptOp(a,b,c,d);
        p.oncomplete = function(result){
            
            //console.log(result);
            }
        }

    </script>
</head>
<body onload="init()">
    
</body>
</html>