| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "base/logging.h" | |
| 6 #include "base/stl_util.h" | |
| 7 #include "content/child/webcrypto/algorithm_dispatch.h" | |
| 8 #include "content/child/webcrypto/crypto_data.h" | |
| 9 #include "content/child/webcrypto/status.h" | |
| 10 #include "content/child/webcrypto/test/test_helpers.h" | |
| 11 #include "content/child/webcrypto/webcrypto_util.h" | |
| 12 #include "testing/gtest/include/gtest/gtest.h" | |
| 13 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" | |
| 14 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h" | |
| 15 | |
| 16 namespace content { | |
| 17 | |
| 18 namespace webcrypto { | |
| 19 | |
| 20 namespace { | |
| 21 | |
| 22 // Creates an HMAC algorithm whose parameters struct is compatible with key | |
| 23 // generation. It is an error to call this with a hash_id that is not a SHA*. | |
| 24 // The key_length_bits parameter is optional, with zero meaning unspecified. | |
| 25 blink::WebCryptoAlgorithm CreateHmacKeyGenAlgorithm( | |
| 26 blink::WebCryptoAlgorithmId hash_id, | |
| 27 unsigned int key_length_bits) { | |
| 28 DCHECK(blink::WebCryptoAlgorithm::isHash(hash_id)); | |
| 29 // key_length_bytes == 0 means unspecified | |
| 30 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( | |
| 31 blink::WebCryptoAlgorithmIdHmac, | |
| 32 new blink::WebCryptoHmacKeyGenParams( | |
| 33 CreateAlgorithm(hash_id), (key_length_bits != 0), key_length_bits)); | |
| 34 } | |
| 35 | |
| 36 blink::WebCryptoAlgorithm CreateHmacImportAlgorithmWithLength( | |
| 37 blink::WebCryptoAlgorithmId hash_id, | |
| 38 unsigned int length_bits) { | |
| 39 DCHECK(blink::WebCryptoAlgorithm::isHash(hash_id)); | |
| 40 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( | |
| 41 blink::WebCryptoAlgorithmIdHmac, | |
| 42 new blink::WebCryptoHmacImportParams(CreateAlgorithm(hash_id), true, | |
| 43 length_bits)); | |
| 44 } | |
| 45 | |
| 46 TEST(WebCryptoHmacTest, HMACSampleSets) { | |
| 47 scoped_ptr<base::ListValue> tests; | |
| 48 ASSERT_TRUE(ReadJsonTestFileToList("hmac.json", &tests)); | |
| 49 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { | |
| 50 SCOPED_TRACE(test_index); | |
| 51 base::DictionaryValue* test; | |
| 52 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); | |
| 53 | |
| 54 blink::WebCryptoAlgorithm test_hash = GetDigestAlgorithm(test, "hash"); | |
| 55 const std::vector<uint8_t> test_key = GetBytesFromHexString(test, "key"); | |
| 56 const std::vector<uint8_t> test_message = | |
| 57 GetBytesFromHexString(test, "message"); | |
| 58 const std::vector<uint8_t> test_mac = GetBytesFromHexString(test, "mac"); | |
| 59 | |
| 60 blink::WebCryptoAlgorithm algorithm = | |
| 61 CreateAlgorithm(blink::WebCryptoAlgorithmIdHmac); | |
| 62 | |
| 63 blink::WebCryptoAlgorithm import_algorithm = | |
| 64 CreateHmacImportAlgorithmNoLength(test_hash.id()); | |
| 65 | |
| 66 blink::WebCryptoKey key = ImportSecretKeyFromRaw( | |
| 67 test_key, import_algorithm, | |
| 68 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify); | |
| 69 | |
| 70 EXPECT_EQ(test_hash.id(), key.algorithm().hmacParams()->hash().id()); | |
| 71 EXPECT_EQ(test_key.size() * 8, key.algorithm().hmacParams()->lengthBits()); | |
| 72 | |
| 73 // Verify exported raw key is identical to the imported data | |
| 74 std::vector<uint8_t> raw_key; | |
| 75 EXPECT_EQ(Status::Success(), | |
| 76 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | |
| 77 EXPECT_BYTES_EQ(test_key, raw_key); | |
| 78 | |
| 79 std::vector<uint8_t> output; | |
| 80 | |
| 81 ASSERT_EQ(Status::Success(), | |
| 82 Sign(algorithm, key, CryptoData(test_message), &output)); | |
| 83 | |
| 84 EXPECT_BYTES_EQ(test_mac, output); | |
| 85 | |
| 86 bool signature_match = false; | |
| 87 EXPECT_EQ(Status::Success(), | |
| 88 Verify(algorithm, key, CryptoData(output), | |
| 89 CryptoData(test_message), &signature_match)); | |
| 90 EXPECT_TRUE(signature_match); | |
| 91 | |
| 92 // Ensure truncated signature does not verify by passing one less byte. | |
| 93 EXPECT_EQ(Status::Success(), | |
| 94 Verify(algorithm, key, | |
| 95 CryptoData(vector_as_array(&output), output.size() - 1), | |
| 96 CryptoData(test_message), &signature_match)); | |
| 97 EXPECT_FALSE(signature_match); | |
| 98 | |
| 99 // Ensure truncated signature does not verify by passing no bytes. | |
| 100 EXPECT_EQ(Status::Success(), | |
| 101 Verify(algorithm, key, CryptoData(), CryptoData(test_message), | |
| 102 &signature_match)); | |
| 103 EXPECT_FALSE(signature_match); | |
| 104 | |
| 105 // Ensure extra long signature does not cause issues and fails. | |
| 106 const unsigned char kLongSignature[1024] = {0}; | |
| 107 EXPECT_EQ(Status::Success(), | |
| 108 Verify(algorithm, key, | |
| 109 CryptoData(kLongSignature, sizeof(kLongSignature)), | |
| 110 CryptoData(test_message), &signature_match)); | |
| 111 EXPECT_FALSE(signature_match); | |
| 112 } | |
| 113 } | |
| 114 | |
| 115 TEST(WebCryptoHmacTest, GenerateKeyIsRandom) { | |
| 116 // Generate a small sample of HMAC keys. | |
| 117 std::vector<std::vector<uint8_t>> keys; | |
| 118 for (int i = 0; i < 16; ++i) { | |
| 119 std::vector<uint8_t> key_bytes; | |
| 120 blink::WebCryptoKey key; | |
| 121 blink::WebCryptoAlgorithm algorithm = | |
| 122 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 512); | |
| 123 ASSERT_EQ( | |
| 124 Status::Success(), | |
| 125 GenerateSecretKey(algorithm, true, blink::WebCryptoKeyUsageSign, &key)); | |
| 126 EXPECT_FALSE(key.isNull()); | |
| 127 EXPECT_TRUE(key.handle()); | |
| 128 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | |
| 129 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); | |
| 130 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, | |
| 131 key.algorithm().hmacParams()->hash().id()); | |
| 132 EXPECT_EQ(512u, key.algorithm().hmacParams()->lengthBits()); | |
| 133 | |
| 134 std::vector<uint8_t> raw_key; | |
| 135 ASSERT_EQ(Status::Success(), | |
| 136 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | |
| 137 EXPECT_EQ(64U, raw_key.size()); | |
| 138 keys.push_back(raw_key); | |
| 139 } | |
| 140 // Ensure all entries in the key sample set are unique. This is a simplistic | |
| 141 // estimate of whether the generated keys appear random. | |
| 142 EXPECT_FALSE(CopiesExist(keys)); | |
| 143 } | |
| 144 | |
| 145 // If the key length is not provided, then the block size is used. | |
| 146 TEST(WebCryptoHmacTest, GenerateKeyNoLengthSha1) { | |
| 147 blink::WebCryptoKey key; | |
| 148 blink::WebCryptoAlgorithm algorithm = | |
| 149 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 0); | |
| 150 ASSERT_EQ( | |
| 151 Status::Success(), | |
| 152 GenerateSecretKey(algorithm, true, blink::WebCryptoKeyUsageSign, &key)); | |
| 153 EXPECT_TRUE(key.handle()); | |
| 154 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | |
| 155 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); | |
| 156 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, | |
| 157 key.algorithm().hmacParams()->hash().id()); | |
| 158 EXPECT_EQ(512u, key.algorithm().hmacParams()->lengthBits()); | |
| 159 std::vector<uint8_t> raw_key; | |
| 160 ASSERT_EQ(Status::Success(), | |
| 161 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | |
| 162 EXPECT_EQ(64U, raw_key.size()); | |
| 163 } | |
| 164 | |
| 165 // If the key length is not provided, then the block size is used. | |
| 166 TEST(WebCryptoHmacTest, GenerateKeyNoLengthSha512) { | |
| 167 blink::WebCryptoKey key; | |
| 168 blink::WebCryptoAlgorithm algorithm = | |
| 169 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha512, 0); | |
| 170 ASSERT_EQ( | |
| 171 Status::Success(), | |
| 172 GenerateSecretKey(algorithm, true, blink::WebCryptoKeyUsageSign, &key)); | |
| 173 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); | |
| 174 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha512, | |
| 175 key.algorithm().hmacParams()->hash().id()); | |
| 176 EXPECT_EQ(1024u, key.algorithm().hmacParams()->lengthBits()); | |
| 177 std::vector<uint8_t> raw_key; | |
| 178 ASSERT_EQ(Status::Success(), | |
| 179 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | |
| 180 EXPECT_EQ(128U, raw_key.size()); | |
| 181 } | |
| 182 | |
| 183 TEST(WebCryptoHmacTest, GenerateKeyEmptyUsage) { | |
| 184 blink::WebCryptoKey key; | |
| 185 blink::WebCryptoAlgorithm algorithm = | |
| 186 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha512, 0); | |
| 187 ASSERT_EQ(Status::ErrorCreateKeyEmptyUsages(), | |
| 188 GenerateSecretKey(algorithm, true, 0, &key)); | |
| 189 } | |
| 190 | |
| 191 // Generate a 1 bit key. The exported key is 1 byte long, and 7 of the bits are | |
| 192 // guaranteed to be zero. | |
| 193 TEST(WebCryptoHmacTest, Generate1BitKey) { | |
| 194 blink::WebCryptoKey key; | |
| 195 blink::WebCryptoAlgorithm algorithm = | |
| 196 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 1); | |
| 197 | |
| 198 ASSERT_EQ( | |
| 199 Status::Success(), | |
| 200 GenerateSecretKey(algorithm, true, blink::WebCryptoKeyUsageSign, &key)); | |
| 201 EXPECT_EQ(1u, key.algorithm().hmacParams()->lengthBits()); | |
| 202 | |
| 203 std::vector<uint8_t> raw_key; | |
| 204 ASSERT_EQ(Status::Success(), | |
| 205 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | |
| 206 ASSERT_EQ(1U, raw_key.size()); | |
| 207 | |
| 208 EXPECT_FALSE(raw_key[0] & 0x7F); | |
| 209 } | |
| 210 | |
| 211 TEST(WebCryptoHmacTest, ImportKeyEmptyUsage) { | |
| 212 blink::WebCryptoKey key; | |
| 213 std::string key_raw_hex_in = "025a8cf3f08b4f6c5f33bbc76a471939"; | |
| 214 EXPECT_EQ( | |
| 215 Status::ErrorCreateKeyEmptyUsages(), | |
| 216 ImportKey(blink::WebCryptoKeyFormatRaw, | |
| 217 CryptoData(HexStringToBytes(key_raw_hex_in)), | |
| 218 CreateHmacImportAlgorithmNoLength( | |
| 219 blink::WebCryptoAlgorithmIdSha1), | |
| 220 true, 0, &key)); | |
| 221 } | |
| 222 | |
| 223 TEST(WebCryptoHmacTest, ImportKeyJwkKeyOpsSignVerify) { | |
| 224 blink::WebCryptoKey key; | |
| 225 base::DictionaryValue dict; | |
| 226 dict.SetString("kty", "oct"); | |
| 227 dict.SetString("k", "GADWrMRHwQfoNaXU5fZvTg"); | |
| 228 base::ListValue* key_ops = new base::ListValue; | |
| 229 dict.Set("key_ops", key_ops); // Takes ownership. | |
| 230 | |
| 231 key_ops->AppendString("sign"); | |
| 232 | |
| 233 EXPECT_EQ(Status::Success(), | |
| 234 ImportKeyJwkFromDict(dict, CreateHmacImportAlgorithmNoLength( | |
| 235 blink::WebCryptoAlgorithmIdSha256), | |
| 236 false, blink::WebCryptoKeyUsageSign, &key)); | |
| 237 | |
| 238 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages()); | |
| 239 | |
| 240 key_ops->AppendString("verify"); | |
| 241 | |
| 242 EXPECT_EQ(Status::Success(), | |
| 243 ImportKeyJwkFromDict(dict, CreateHmacImportAlgorithmNoLength( | |
| 244 blink::WebCryptoAlgorithmIdSha256), | |
| 245 false, blink::WebCryptoKeyUsageVerify, &key)); | |
| 246 | |
| 247 EXPECT_EQ(blink::WebCryptoKeyUsageVerify, key.usages()); | |
| 248 } | |
| 249 | |
| 250 // Test 'use' inconsistent with 'key_ops'. | |
| 251 TEST(WebCryptoHmacTest, ImportKeyJwkUseInconsisteWithKeyOps) { | |
| 252 blink::WebCryptoKey key; | |
| 253 base::DictionaryValue dict; | |
| 254 dict.SetString("kty", "oct"); | |
| 255 dict.SetString("k", "GADWrMRHwQfoNaXU5fZvTg"); | |
| 256 base::ListValue* key_ops = new base::ListValue; | |
| 257 dict.Set("key_ops", key_ops); // Takes ownership. | |
| 258 | |
| 259 dict.SetString("alg", "HS256"); | |
| 260 dict.SetString("use", "sig"); | |
| 261 key_ops->AppendString("sign"); | |
| 262 key_ops->AppendString("verify"); | |
| 263 key_ops->AppendString("encrypt"); | |
| 264 EXPECT_EQ( | |
| 265 Status::ErrorJwkUseAndKeyopsInconsistent(), | |
| 266 ImportKeyJwkFromDict( | |
| 267 dict, | |
| 268 CreateHmacImportAlgorithmNoLength(blink::WebCryptoAlgorithmIdSha256), | |
| 269 false, blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, | |
| 270 &key)); | |
| 271 } | |
| 272 | |
| 273 // Test JWK composite 'sig' use | |
| 274 TEST(WebCryptoHmacTest, ImportKeyJwkUseSig) { | |
| 275 blink::WebCryptoKey key; | |
| 276 base::DictionaryValue dict; | |
| 277 dict.SetString("kty", "oct"); | |
| 278 dict.SetString("k", "GADWrMRHwQfoNaXU5fZvTg"); | |
| 279 | |
| 280 dict.SetString("use", "sig"); | |
| 281 EXPECT_EQ( | |
| 282 Status::Success(), | |
| 283 ImportKeyJwkFromDict( | |
| 284 dict, | |
| 285 CreateHmacImportAlgorithmNoLength(blink::WebCryptoAlgorithmIdSha256), | |
| 286 false, blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, | |
| 287 &key)); | |
| 288 | |
| 289 EXPECT_EQ(blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, | |
| 290 key.usages()); | |
| 291 } | |
| 292 | |
| 293 TEST(WebCryptoHmacTest, ImportJwkInputConsistency) { | |
| 294 // The Web Crypto spec says that if a JWK value is present, but is | |
| 295 // inconsistent with the input value, the operation must fail. | |
| 296 | |
| 297 // Consistency rules when JWK value is not present: Inputs should be used. | |
| 298 blink::WebCryptoKey key; | |
| 299 bool extractable = false; | |
| 300 blink::WebCryptoAlgorithm algorithm = | |
| 301 CreateHmacImportAlgorithmNoLength(blink::WebCryptoAlgorithmIdSha256); | |
| 302 blink::WebCryptoKeyUsageMask usages = blink::WebCryptoKeyUsageVerify; | |
| 303 base::DictionaryValue dict; | |
| 304 dict.SetString("kty", "oct"); | |
| 305 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); | |
| 306 std::vector<uint8_t> json_vec = MakeJsonVector(dict); | |
| 307 EXPECT_EQ(Status::Success(), | |
| 308 ImportKey(blink::WebCryptoKeyFormatJwk, CryptoData(json_vec), | |
| 309 algorithm, extractable, usages, &key)); | |
| 310 EXPECT_TRUE(key.handle()); | |
| 311 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | |
| 312 EXPECT_EQ(extractable, key.extractable()); | |
| 313 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); | |
| 314 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, | |
| 315 key.algorithm().hmacParams()->hash().id()); | |
| 316 EXPECT_EQ(320u, key.algorithm().hmacParams()->lengthBits()); | |
| 317 EXPECT_EQ(blink::WebCryptoKeyUsageVerify, key.usages()); | |
| 318 key = blink::WebCryptoKey::createNull(); | |
| 319 | |
| 320 // Consistency rules when JWK value exists: Fail if inconsistency is found. | |
| 321 | |
| 322 // Pass: All input values are consistent with the JWK values. | |
| 323 dict.Clear(); | |
| 324 dict.SetString("kty", "oct"); | |
| 325 dict.SetString("alg", "HS256"); | |
| 326 dict.SetString("use", "sig"); | |
| 327 dict.SetBoolean("ext", false); | |
| 328 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); | |
| 329 json_vec = MakeJsonVector(dict); | |
| 330 EXPECT_EQ(Status::Success(), | |
| 331 ImportKey(blink::WebCryptoKeyFormatJwk, CryptoData(json_vec), | |
| 332 algorithm, extractable, usages, &key)); | |
| 333 | |
| 334 // Extractable cases: | |
| 335 // 1. input=T, JWK=F ==> fail (inconsistent) | |
| 336 // 4. input=F, JWK=F ==> pass, result extractable is F | |
| 337 // 2. input=T, JWK=T ==> pass, result extractable is T | |
| 338 // 3. input=F, JWK=T ==> pass, result extractable is F | |
| 339 EXPECT_EQ(Status::ErrorJwkExtInconsistent(), | |
| 340 ImportKey(blink::WebCryptoKeyFormatJwk, CryptoData(json_vec), | |
| 341 algorithm, true, usages, &key)); | |
| 342 EXPECT_EQ(Status::Success(), | |
| 343 ImportKey(blink::WebCryptoKeyFormatJwk, CryptoData(json_vec), | |
| 344 algorithm, false, usages, &key)); | |
| 345 EXPECT_FALSE(key.extractable()); | |
| 346 dict.SetBoolean("ext", true); | |
| 347 EXPECT_EQ(Status::Success(), | |
| 348 ImportKeyJwkFromDict(dict, algorithm, true, usages, &key)); | |
| 349 EXPECT_TRUE(key.extractable()); | |
| 350 EXPECT_EQ(Status::Success(), | |
| 351 ImportKeyJwkFromDict(dict, algorithm, false, usages, &key)); | |
| 352 EXPECT_FALSE(key.extractable()); | |
| 353 dict.SetBoolean("ext", true); // restore previous value | |
| 354 | |
| 355 // Fail: Input algorithm (AES-CBC) is inconsistent with JWK value | |
| 356 // (HMAC SHA256). | |
| 357 dict.Clear(); | |
| 358 dict.SetString("kty", "oct"); | |
| 359 dict.SetString("alg", "HS256"); | |
| 360 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); | |
| 361 EXPECT_EQ(Status::ErrorJwkAlgorithmInconsistent(), | |
| 362 ImportKeyJwkFromDict( | |
| 363 dict, CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | |
| 364 extractable, blink::WebCryptoKeyUsageEncrypt, &key)); | |
| 365 // Fail: Input usage (encrypt) is inconsistent with JWK value (use=sig). | |
| 366 EXPECT_EQ(Status::ErrorJwkUseInconsistent(), | |
| 367 ImportKey(blink::WebCryptoKeyFormatJwk, CryptoData(json_vec), | |
| 368 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | |
| 369 extractable, blink::WebCryptoKeyUsageEncrypt, &key)); | |
| 370 | |
| 371 // Fail: Input algorithm (HMAC SHA1) is inconsistent with JWK value | |
| 372 // (HMAC SHA256). | |
| 373 EXPECT_EQ(Status::ErrorJwkAlgorithmInconsistent(), | |
| 374 ImportKey(blink::WebCryptoKeyFormatJwk, CryptoData(json_vec), | |
| 375 CreateHmacImportAlgorithmNoLength( | |
| 376 blink::WebCryptoAlgorithmIdSha1), | |
| 377 extractable, usages, &key)); | |
| 378 | |
| 379 // Pass: JWK alg missing but input algorithm specified: use input value | |
| 380 dict.Remove("alg", NULL); | |
| 381 EXPECT_EQ(Status::Success(), | |
| 382 ImportKeyJwkFromDict(dict, CreateHmacImportAlgorithmNoLength( | |
| 383 blink::WebCryptoAlgorithmIdSha256), | |
| 384 extractable, usages, &key)); | |
| 385 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); | |
| 386 dict.SetString("alg", "HS256"); | |
| 387 | |
| 388 // Fail: Input usages (encrypt) is not a subset of the JWK value | |
| 389 // (sign|verify). Moreover "encrypt" is not a valid usage for HMAC. | |
| 390 EXPECT_EQ( | |
| 391 Status::ErrorCreateKeyBadUsages(), | |
| 392 ImportKey(blink::WebCryptoKeyFormatJwk, CryptoData(json_vec), algorithm, | |
| 393 extractable, blink::WebCryptoKeyUsageEncrypt, &key)); | |
| 394 | |
| 395 // Fail: Input usages (encrypt|sign|verify) is not a subset of the JWK | |
| 396 // value (sign|verify). Moreover "encrypt" is not a valid usage for HMAC. | |
| 397 usages = blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageSign | | |
| 398 blink::WebCryptoKeyUsageVerify; | |
| 399 EXPECT_EQ(Status::ErrorCreateKeyBadUsages(), | |
| 400 ImportKey(blink::WebCryptoKeyFormatJwk, CryptoData(json_vec), | |
| 401 algorithm, extractable, usages, &key)); | |
| 402 | |
| 403 // TODO(padolph): kty vs alg consistency tests: Depending on the kty value, | |
| 404 // only certain alg values are permitted. For example, when kty = "RSA" alg | |
| 405 // must be of the RSA family, or when kty = "oct" alg must be symmetric | |
| 406 // algorithm. | |
| 407 | |
| 408 // TODO(padolph): key_ops consistency tests | |
| 409 } | |
| 410 | |
| 411 TEST(WebCryptoHmacTest, ImportJwkHappy) { | |
| 412 // This test verifies the happy path of JWK import, including the application | |
| 413 // of the imported key material. | |
| 414 | |
| 415 blink::WebCryptoKey key; | |
| 416 bool extractable = false; | |
| 417 blink::WebCryptoAlgorithm algorithm = | |
| 418 CreateHmacImportAlgorithmNoLength(blink::WebCryptoAlgorithmIdSha256); | |
| 419 blink::WebCryptoKeyUsageMask usages = blink::WebCryptoKeyUsageSign; | |
| 420 | |
| 421 // Import a symmetric key JWK and HMAC-SHA256 sign() | |
| 422 // Uses the first SHA256 test vector from the HMAC sample set above. | |
| 423 | |
| 424 base::DictionaryValue dict; | |
| 425 dict.SetString("kty", "oct"); | |
| 426 dict.SetString("alg", "HS256"); | |
| 427 dict.SetString("use", "sig"); | |
| 428 dict.SetBoolean("ext", false); | |
| 429 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); | |
| 430 | |
| 431 ASSERT_EQ(Status::Success(), | |
| 432 ImportKeyJwkFromDict(dict, algorithm, extractable, usages, &key)); | |
| 433 | |
| 434 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, | |
| 435 key.algorithm().hmacParams()->hash().id()); | |
| 436 | |
| 437 const std::vector<uint8_t> message_raw = HexStringToBytes( | |
| 438 "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a" | |
| 439 "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92" | |
| 440 "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f" | |
| 441 "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e"); | |
| 442 | |
| 443 std::vector<uint8_t> output; | |
| 444 | |
| 445 ASSERT_EQ(Status::Success(), | |
| 446 Sign(CreateAlgorithm(blink::WebCryptoAlgorithmIdHmac), key, | |
| 447 CryptoData(message_raw), &output)); | |
| 448 | |
| 449 const std::string mac_raw = | |
| 450 "769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b"; | |
| 451 | |
| 452 EXPECT_BYTES_EQ_HEX(mac_raw, output); | |
| 453 | |
| 454 // TODO(padolph): Import an RSA public key JWK and use it | |
| 455 } | |
| 456 | |
| 457 TEST(WebCryptoHmacTest, ImportExportJwk) { | |
| 458 // HMAC SHA-1 | |
| 459 ImportExportJwkSymmetricKey( | |
| 460 256, CreateHmacImportAlgorithmNoLength(blink::WebCryptoAlgorithmIdSha1), | |
| 461 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, "HS1"); | |
| 462 | |
| 463 // HMAC SHA-384 | |
| 464 ImportExportJwkSymmetricKey( | |
| 465 384, CreateHmacImportAlgorithmNoLength(blink::WebCryptoAlgorithmIdSha384), | |
| 466 blink::WebCryptoKeyUsageSign, "HS384"); | |
| 467 | |
| 468 // HMAC SHA-512 | |
| 469 ImportExportJwkSymmetricKey( | |
| 470 512, CreateHmacImportAlgorithmNoLength(blink::WebCryptoAlgorithmIdSha512), | |
| 471 blink::WebCryptoKeyUsageVerify, "HS512"); | |
| 472 } | |
| 473 | |
| 474 TEST(WebCryptoHmacTest, ExportJwkEmptyKey) { | |
| 475 blink::WebCryptoKeyUsageMask usages = blink::WebCryptoKeyUsageSign; | |
| 476 | |
| 477 // Importing empty HMAC key is no longer allowed. However such a key can be | |
| 478 // created via de-serialization. | |
| 479 blink::WebCryptoKey key; | |
| 480 ASSERT_TRUE(DeserializeKeyForClone(blink::WebCryptoKeyAlgorithm::createHmac( | |
| 481 blink::WebCryptoAlgorithmIdSha1, 0), | |
| 482 blink::WebCryptoKeyTypeSecret, true, | |
| 483 usages, CryptoData(), &key)); | |
| 484 | |
| 485 // Export the key in JWK format and validate. | |
| 486 std::vector<uint8_t> json; | |
| 487 ASSERT_EQ(Status::Success(), | |
| 488 ExportKey(blink::WebCryptoKeyFormatJwk, key, &json)); | |
| 489 EXPECT_TRUE(VerifySecretJwk(json, "HS1", "", usages)); | |
| 490 | |
| 491 // Now try re-importing the JWK key. | |
| 492 key = blink::WebCryptoKey::createNull(); | |
| 493 EXPECT_EQ(Status::ErrorHmacImportEmptyKey(), | |
| 494 ImportKey(blink::WebCryptoKeyFormatJwk, CryptoData(json), | |
| 495 CreateHmacImportAlgorithmNoLength( | |
| 496 blink::WebCryptoAlgorithmIdSha1), | |
| 497 true, usages, &key)); | |
| 498 } | |
| 499 | |
| 500 // Imports an HMAC key contaning no byte data. | |
| 501 TEST(WebCryptoHmacTest, ImportRawEmptyKey) { | |
| 502 const blink::WebCryptoAlgorithm import_algorithm = | |
| 503 CreateHmacImportAlgorithmNoLength(blink::WebCryptoAlgorithmIdSha1); | |
| 504 | |
| 505 blink::WebCryptoKeyUsageMask usages = blink::WebCryptoKeyUsageSign; | |
| 506 blink::WebCryptoKey key; | |
| 507 | |
| 508 ASSERT_EQ(Status::ErrorHmacImportEmptyKey(), | |
| 509 ImportKey(blink::WebCryptoKeyFormatRaw, CryptoData(), | |
| 510 import_algorithm, true, usages, &key)); | |
| 511 } | |
| 512 | |
| 513 // Imports an HMAC key contaning 1 byte data, however the length was set to 0. | |
| 514 TEST(WebCryptoHmacTest, ImportRawKeyWithZeroLength) { | |
| 515 const blink::WebCryptoAlgorithm import_algorithm = | |
| 516 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha1, 0); | |
| 517 | |
| 518 blink::WebCryptoKeyUsageMask usages = blink::WebCryptoKeyUsageSign; | |
| 519 blink::WebCryptoKey key; | |
| 520 | |
| 521 std::vector<uint8_t> key_data(1); | |
| 522 ASSERT_EQ(Status::ErrorHmacImportBadLength(), | |
| 523 ImportKey(blink::WebCryptoKeyFormatRaw, CryptoData(key_data), | |
| 524 import_algorithm, true, usages, &key)); | |
| 525 } | |
| 526 | |
| 527 // Import a huge hmac key (UINT_MAX bytes). This will fail before actually | |
| 528 // reading the bytes, as the key is too large. | |
| 529 TEST(WebCryptoHmacTest, ImportRawKeyTooLarge) { | |
| 530 CryptoData big_data(NULL, UINT_MAX); // Invalid data of big length. | |
| 531 | |
| 532 blink::WebCryptoKey key; | |
| 533 EXPECT_EQ(Status::ErrorDataTooLarge(), | |
| 534 ImportKey(blink::WebCryptoKeyFormatRaw, CryptoData(big_data), | |
| 535 CreateHmacImportAlgorithmNoLength( | |
| 536 blink::WebCryptoAlgorithmIdSha1), | |
| 537 true, blink::WebCryptoKeyUsageSign, &key)); | |
| 538 } | |
| 539 | |
| 540 // Import an HMAC key with 120 bits of data, however request 128 bits worth. | |
| 541 TEST(WebCryptoHmacTest, ImportRawKeyLengthTooLarge) { | |
| 542 blink::WebCryptoKey key; | |
| 543 EXPECT_EQ(Status::ErrorHmacImportBadLength(), | |
| 544 ImportKey(blink::WebCryptoKeyFormatRaw, | |
| 545 CryptoData(std::vector<uint8_t>(15)), | |
| 546 CreateHmacImportAlgorithmWithLength( | |
| 547 blink::WebCryptoAlgorithmIdSha1, 128), | |
| 548 true, blink::WebCryptoKeyUsageSign, &key)); | |
| 549 } | |
| 550 | |
| 551 // Import an HMAC key with 128 bits of data, however request 120 bits worth. | |
| 552 TEST(WebCryptoHmacTest, ImportRawKeyLengthTooSmall) { | |
| 553 blink::WebCryptoKey key; | |
| 554 EXPECT_EQ(Status::ErrorHmacImportBadLength(), | |
| 555 ImportKey(blink::WebCryptoKeyFormatRaw, | |
| 556 CryptoData(std::vector<uint8_t>(16)), | |
| 557 CreateHmacImportAlgorithmWithLength( | |
| 558 blink::WebCryptoAlgorithmIdSha1, 120), | |
| 559 true, blink::WebCryptoKeyUsageSign, &key)); | |
| 560 } | |
| 561 | |
| 562 // Import an HMAC key with 16 bits of data and request a 12 bit key, using the | |
| 563 // "raw" format. | |
| 564 TEST(WebCryptoHmacTest, ImportRawKeyTruncation) { | |
| 565 const std::vector<uint8_t> data = HexStringToBytes("b1ff"); | |
| 566 | |
| 567 blink::WebCryptoKey key; | |
| 568 EXPECT_EQ(Status::Success(), | |
| 569 ImportKey(blink::WebCryptoKeyFormatRaw, CryptoData(data), | |
| 570 CreateHmacImportAlgorithmWithLength( | |
| 571 blink::WebCryptoAlgorithmIdSha1, 12), | |
| 572 true, blink::WebCryptoKeyUsageSign, &key)); | |
| 573 | |
| 574 // On export the last 4 bits has been set to zero. | |
| 575 std::vector<uint8_t> raw_key; | |
| 576 EXPECT_EQ(Status::Success(), | |
| 577 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | |
| 578 EXPECT_BYTES_EQ(HexStringToBytes("b1f0"), raw_key); | |
| 579 } | |
| 580 | |
| 581 // The same test as above, but using the JWK format. | |
| 582 TEST(WebCryptoHmacTest, ImportJwkKeyTruncation) { | |
| 583 base::DictionaryValue dict; | |
| 584 dict.SetString("kty", "oct"); | |
| 585 dict.SetString("k", "sf8"); // 0xB1FF | |
| 586 | |
| 587 blink::WebCryptoKey key; | |
| 588 EXPECT_EQ(Status::Success(), | |
| 589 ImportKeyJwkFromDict(dict, CreateHmacImportAlgorithmWithLength( | |
| 590 blink::WebCryptoAlgorithmIdSha1, 12), | |
| 591 true, blink::WebCryptoKeyUsageSign, &key)); | |
| 592 | |
| 593 // On export the last 4 bits has been set to zero. | |
| 594 std::vector<uint8_t> raw_key; | |
| 595 EXPECT_EQ(Status::Success(), | |
| 596 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | |
| 597 EXPECT_BYTES_EQ(HexStringToBytes("b1f0"), raw_key); | |
| 598 } | |
| 599 | |
| 600 } // namespace | |
| 601 | |
| 602 } // namespace webcrypto | |
| 603 | |
| 604 } // namespace content | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1077273002:
html_viewer: Move webcrypto to a place where html_viewer can use it. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master