Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(262)

Side by Side Diff: content/renderer/webcrypto/webcrypto_impl_unittest.cc

Issue 118623002: [webcrypto] Add raw symmetric key AES-KW wrap/unwrap for NSS. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: rebase and add large data test Created 6 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/renderer/webcrypto/webcrypto_impl.h" 5 #include "content/renderer/webcrypto/webcrypto_impl.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <string> 8 #include <string>
9 #include <vector> 9 #include <vector>
10 10
(...skipping 1893 matching lines...) Expand 10 before | Expand all | Expand 10 after
1904 key_raw_hex_in = 1904 key_raw_hex_in =
1905 "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a"; 1905 "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a";
1906 EXPECT_FALSE(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, 1906 EXPECT_FALSE(ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
1907 HexStringToBytes(key_raw_hex_in), 1907 HexStringToBytes(key_raw_hex_in),
1908 algorithm, 1908 algorithm,
1909 true, 1909 true,
1910 blink::WebCryptoKeyUsageWrapKey, 1910 blink::WebCryptoKeyUsageWrapKey,
1911 &key)); 1911 &key));
1912 } 1912 }
1913 1913
1914 TEST_F(WebCryptoImplTest, MAYBE(AesKwEncryptDecryptKnownAnswer)) {
1915
1916 // The following tests use test vectors from
1917 // http://www.ietf.org/rfc/rfc3394.txt
1918
1919 struct TestCase {
1920 const char* kek_hex;
1921 const char* data_hex;
1922 const char* ciphertext_hex;
1923 };
1924
1925 const TestCase kTests[] = {
1926 // 4.1 Wrap 128 bits of Key Data with a 128-bit KEK
1927 {
1928 "000102030405060708090A0B0C0D0E0F",
1929 "00112233445566778899AABBCCDDEEFF",
1930 "1FA68B0A8112B447AEF34BD8FB5A7B829D3E862371D2CFE5"
1931 },
1932 // 4.2 Wrap 128 bits of Key Data with a 192-bit KEK
1933 {
1934 "000102030405060708090A0B0C0D0E0F1011121314151617",
1935 "00112233445566778899AABBCCDDEEFF",
1936 "96778B25AE6CA435F92B5B97C050AED2468AB8A17AD84E5D"
1937 },
1938 // 4.3 Wrap 128 bits of Key Data with a 256-bit KEK
1939 {
1940 "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
1941 "00112233445566778899AABBCCDDEEFF",
1942 "64E8C3F9CE0F5BA263E9777905818A2A93C8191E7D6E8AE7"
1943 },
1944 // 4.4 Wrap 192 bits of Key Data with a 192-bit KEK
1945 {
1946 "000102030405060708090A0B0C0D0E0F1011121314151617",
1947 "00112233445566778899AABBCCDDEEFF0001020304050607",
1948 "031D33264E15D33268F24EC260743EDCE1C6C7DDEE725A936BA814915C6762D2"
1949 },
1950 // 4.5 Wrap 192 bits of Key Data with a 256-bit KEK
1951 {
1952 "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
1953 "00112233445566778899AABBCCDDEEFF0001020304050607",
1954 "A8F9BC1612C68B3FF6E6F4FBE30E71E4769C8B80A32CB8958CD5D17D6B254DA1"
1955
1956 },
1957 // 4.6 Wrap 256 bits of Key Data with a 256-bit KEK
1958 {
1959 "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
1960 "00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F",
1961 "28C9F404C4B810F4CBCCB35CFB87F8263F5786E2D80ED326CBC7F0E71A99F43BFB988B9B"
1962 "7A02DD21"
1963 },
1964 };
1965
1966 for (size_t index = 0; index < ARRAYSIZE_UNSAFE(kTests); index++) {
1967
1968 SCOPED_TRACE(index);
1969 const TestCase& test = kTests[index];
1970 const blink::WebCryptoAlgorithm algorithm =
1971 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw);
1972
1973 // Import the key.
1974 blink::WebCryptoKey key = ImportSecretKeyFromRawHexString(
1975 test.kek_hex,
1976 algorithm,
1977 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey);
1978
1979 // Verify the exported raw key is identical to the imported data.
1980 blink::WebArrayBuffer raw_key;
1981 EXPECT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key));
1982 ExpectArrayBufferMatchesHex(test.kek_hex, raw_key);
1983
1984 // Encrypt the data and verify the result against the known answer.
1985 blink::WebArrayBuffer output;
1986 EXPECT_TRUE(EncryptInternal(algorithm,
1987 key,
1988 HexStringToBytes(test.data_hex),
1989 &output));
1990 ExpectArrayBufferMatchesHex(test.ciphertext_hex, output);
1991
1992 // Decrypt the ciphertext and verify the result against the known input.
1993 EXPECT_TRUE(DecryptInternal(algorithm,
1994 key,
1995 HexStringToBytes(test.ciphertext_hex),
1996 &output));
1997 ExpectArrayBufferMatchesHex(test.data_hex, output);
1998 }
1999 }
2000
2001 TEST_F(WebCryptoImplTest, MAYBE(AesKwEncryptDecryptFailures)) {
2002 const blink::WebCryptoAlgorithm algorithm =
2003 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw);
2004 blink::WebCryptoKey key = ImportSecretKeyFromRawHexString(
2005 "000102030405060708090A0B0C0D0E0F",
2006 algorithm,
2007 blink::WebCryptoKeyUsageWrapKey);
2008
2009 // For encrypt, the input data size must be at least 16 bytes. Expect failure
2010 // with a data size of 8 bytes, and success with 16.
2011 blink::WebArrayBuffer output;
2012 EXPECT_FALSE(EncryptInternal(
2013 algorithm,
2014 key,
2015 HexStringToBytes("11f9ec1b249b2629"),
2016 &output));
2017 EXPECT_TRUE(EncryptInternal(
2018 algorithm,
2019 key,
2020 HexStringToBytes("2139128461ed6d341dff4db94f60094f"),
2021 &output));
2022
2023 // For encrypt, the input data size must be a multiple of 8 bytes. Expect
2024 // failure with a data size of 17 bytes.
2025 EXPECT_FALSE(EncryptInternal(
2026 algorithm,
2027 key,
2028 HexStringToBytes("0248cb45ca808c8aacfad2b2c092c15745"),
2029 &output));
2030 }
2031
2032 TEST_F(WebCryptoImplTest, MAYBE(AesKwEncryptLargeData)) {
2033 const std::string large_data_hex =
2034 "308204be020100300d06092a864886f70d0101010500048204a8308204a4"
2035 "0201000282010100b3097277c6f9c16f7110441ccc00d8ec364d8b3eb1aa"
2036 "c3bca32a8877fe348a901a34c3b87917ba00e682caa7677e9e6b2fe2815c"
2037 "fb5ffd764b85a00ec6e2265693b2197fdcd832308b2b0ecd5069c8871161"
2038 "40f420c4050ba97157e93756ac1b8052b5ec6f2a846ab569afd6169465e1"
2039 "641bd1bc3542e4c56b4c925d89e8db6584f17fe10ac32d99d1858e08cf6e"
2040 "6c7ff000cff2147ce03941251a521f972da975d9a777ac4b8be34aad468c"
2041 "33422d7848fa0c24314d3f8872f1bbd86ea0d6a641351d8bbaeb075a080f"
2042 "6ee6749b39b02db5ee27d593bfe67c460435bb183ebb801ebd16d06f9f4a"
2043 "5043d44ba57e19dd993a50ef06a6783eba6cf58c55359449020301000102"
2044 "82010100931f9d481e6398f89a21b2c7334133011132b1cd68349abac61e"
2045 "aa9c687206b79a4167e08ce9d978e9f3ead29c32a9be0d5085dbc1da44af"
2046 "d429cfb8b4e89c76a2d24530146c38fa3932bdec2c3b7184c4dc7582e7f6"
2047 "0ceb636777c5772b2b2d424b35a2404be11acb4f3926a5d176d33befbc6f"
2048 "7c192763afe3f1971a4017213a165a13492f908ce62842fd3a0470dc4323"
2049 "b043466314e68d552843c18e7b17a3cd7bbabb511bb0df749690fd22a839"
2050 "32549abd601a2b003d5b0aa7da79f0903964a441d8104f1a4dda10fea67d"
2051 "0de925fe035345a2c6dd96af2ffd8ed7c5d31fac53d10ffc5d23126bcddf"
2052 "9c077e04a139329ff208f343365255241faf6c8102818100e3895040106b"
2053 "dd8d2e9db21051105690c92232db1d2b352558f1c7c7d2f13b6afe19c7b6"
2054 "05a111e03efac73f676ad86a03740de7dc5dff314cb600b7838b148343fb"
2055 "0f3a5dc682656b733fa8d747fe830932695ab390c65c21d57d5efd962215"
2056 "5713ffd4c1902ecc99475d4d3a7fe90744fdd226d8028752710677273362"
2057 "0f1102818100c96ef928fe52099d4e4fc2bb645cd8790830d19ef1171956"
2058 "48ab636b9b5c42549af7b737b099fc9604c3b3397abbd884f58e5f8a3e12"
2059 "8806ae29c81c64702de848995772bc96699c45d8ecf0ad4169c27d1bda51"
2060 "fbe70ce03f1a6c5bb731ab807b4f07d30ce98f1da73f7804c3ab48e007a1"
2061 "308024fa1db0d3bd30d207efa1b902818100a9749237a4033134fc0aa59a"
2062 "514501b342981d97e1d953f344928c5edd529b15cbb8176c10352cc2fd24"
2063 "774f590dd1aee2738407b1aeaf675fe20c169ff8ec85f612fbfc53ea8b22"
2064 "4d2bbfb556df5f44e78c8bb9e91161292c697abd4bce8c03a89e546176e6"
2065 "9273fd939080fb98574bfaadaddd0ff292256bd78cd5bd06c28102818053"
2066 "e328569f1b512fb6b656d5ada550ed8eb0ae0bb041bb66889affab87a6f3"
2067 "64c2a8d91f93277dde881b6c1f4af2c1e8154f76905eeb5ec4d1714b0a2f"
2068 "f5dbd879ab8a9498df571a22a8857c71dae50d7f06c374132114e6aac0f9"
2069 "5174c875b0eb296d8bc23bde432e2cab71e87f03b970d3fb1bd2ca6ae502"
2070 "392f04b9135dd902818045876edc196281cf5b1a33b677c0c521a3683fd2"
2071 "4ff7ef6a4f7934bdc9a91adf9b345b01a23e3c928b44a2f6549a77790d6a"
2072 "aaa6180530da566a4ade6c9625873bbb3261b203e1e5d2dd9e1fd17a4fa4"
2073 "01182dffc3b15d4af1661264a4380e1c48693377e668c4d18d1f3e9c5bd2"
2074 "513fa455369d54fd93d3f358ae8a5eae";
2075
2076 const blink::WebCryptoAlgorithm algorithm =
2077 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw);
2078
2079 // Import a wrapping key.
2080 blink::WebCryptoKey key = ImportSecretKeyFromRawHexString(
2081 "000102030405060708090A0B0C0D0E0F",
2082 algorithm,
2083 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey);
2084
2085 // Encrypt the large data.
2086 blink::WebArrayBuffer ciphertext;
2087 ASSERT_TRUE(EncryptInternal(algorithm,
2088 key,
2089 HexStringToBytes(large_data_hex),
2090 &ciphertext));
2091
2092 // Decrypt the resulting ciphertext and verify against the input.
2093 blink::WebArrayBuffer plaintext;
2094 EXPECT_TRUE(DecryptInternal(
2095 algorithm,
2096 key,
2097 reinterpret_cast<const unsigned char*>(ciphertext.data()),
2098 ciphertext.byteLength(),
2099 &plaintext));
2100 ExpectArrayBufferMatchesHex(large_data_hex, plaintext);
2101 }
2102
1914 // TODO(eroman): 2103 // TODO(eroman):
1915 // * Test decryption when the tag length exceeds input size 2104 // * Test decryption when the tag length exceeds input size
1916 // * Test decryption with empty input 2105 // * Test decryption with empty input
1917 // * Test decryption with tag length of 0. 2106 // * Test decryption with tag length of 0.
1918 TEST_F(WebCryptoImplTest, MAYBE(AesGcmSampleSets)) { 2107 TEST_F(WebCryptoImplTest, MAYBE(AesGcmSampleSets)) {
1919 // Some Linux test runners may not have a new enough version of NSS. 2108 // Some Linux test runners may not have a new enough version of NSS.
1920 if (!SupportsAesGcm()) { 2109 if (!SupportsAesGcm()) {
1921 LOG(WARNING) << "AES GCM not supported, skipping tests"; 2110 LOG(WARNING) << "AES GCM not supported, skipping tests";
1922 return; 2111 return;
1923 } 2112 }
(...skipping 159 matching lines...) Expand 10 before | Expand all | Expand 10 after
2083 if (test_tag_size_bits == wrong_tag_size_bits) 2272 if (test_tag_size_bits == wrong_tag_size_bits)
2084 continue; 2273 continue;
2085 EXPECT_FALSE(AesGcmDecrypt(key, test_iv, test_additional_data, 2274 EXPECT_FALSE(AesGcmDecrypt(key, test_iv, test_additional_data,
2086 wrong_tag_size_bits, test_cipher_text, 2275 wrong_tag_size_bits, test_cipher_text,
2087 test_authentication_tag, &plain_text)); 2276 test_authentication_tag, &plain_text));
2088 } 2277 }
2089 } 2278 }
2090 } 2279 }
2091 2280
2092 } // namespace content 2281 } // namespace content
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698