OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/renderer/webcrypto/shared_crypto.h" | 5 #include "content/renderer/webcrypto/shared_crypto.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
(...skipping 2047 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2058 "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a"; | 2058 "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a"; |
2059 EXPECT_STATUS(Status::Error(), | 2059 EXPECT_STATUS(Status::Error(), |
2060 ImportKey(blink::WebCryptoKeyFormatRaw, | 2060 ImportKey(blink::WebCryptoKeyFormatRaw, |
2061 CryptoData(HexStringToBytes(key_raw_hex_in)), | 2061 CryptoData(HexStringToBytes(key_raw_hex_in)), |
2062 algorithm, | 2062 algorithm, |
2063 true, | 2063 true, |
2064 blink::WebCryptoKeyUsageWrapKey, | 2064 blink::WebCryptoKeyUsageWrapKey, |
2065 &key)); | 2065 &key)); |
2066 } | 2066 } |
2067 | 2067 |
| 2068 TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyWrapUnwrapKnownAnswer)) { |
| 2069 scoped_ptr<base::ListValue> tests; |
| 2070 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests)); |
| 2071 |
| 2072 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { |
| 2073 SCOPED_TRACE(test_index); |
| 2074 base::DictionaryValue* test; |
| 2075 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); |
| 2076 const std::vector<uint8> test_kek = GetBytesFromHexString(test, "kek"); |
| 2077 const std::vector<uint8> test_key = GetBytesFromHexString(test, "key"); |
| 2078 const std::vector<uint8> test_ciphertext = |
| 2079 GetBytesFromHexString(test, "ciphertext"); |
| 2080 const blink::WebCryptoAlgorithm wrapping_algorithm = |
| 2081 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); |
| 2082 |
| 2083 // Import the wrapping key. |
| 2084 blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw( |
| 2085 test_kek, |
| 2086 wrapping_algorithm, |
| 2087 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey); |
| 2088 |
| 2089 // Import the key to be wrapped. |
| 2090 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
| 2091 test_key, |
| 2092 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
| 2093 blink::WebCryptoKeyUsageEncrypt); |
| 2094 |
| 2095 // Wrap the key and verify the ciphertext result against the known answer. |
| 2096 blink::WebArrayBuffer wrapped_key; |
| 2097 ASSERT_STATUS_SUCCESS(WrapKey(blink::WebCryptoKeyFormatRaw, |
| 2098 wrapping_key, |
| 2099 key, |
| 2100 wrapping_algorithm, |
| 2101 &wrapped_key)); |
| 2102 ExpectArrayBufferMatches(test_ciphertext, wrapped_key); |
| 2103 |
| 2104 // Unwrap the known ciphertext to get a new test_key. |
| 2105 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
| 2106 ASSERT_STATUS_SUCCESS( |
| 2107 Unwrapkey(blink::WebCryptoKeyFormatRaw, |
| 2108 CryptoData(test_ciphertext), |
| 2109 wrapping_key, |
| 2110 wrapping_algorithm, |
| 2111 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
| 2112 true, |
| 2113 blink::WebCryptoKeyUsageEncrypt, |
| 2114 &unwrapped_key)); |
| 2115 EXPECT_FALSE(key.isNull()); |
| 2116 EXPECT_TRUE(key.handle()); |
| 2117 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
| 2118 EXPECT_EQ( |
| 2119 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc).id(), |
| 2120 key.algorithm().id()); |
| 2121 EXPECT_EQ(true, key.extractable()); |
| 2122 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); |
| 2123 |
| 2124 // Export the new key and compare its raw bytes with the original known key. |
| 2125 blink::WebArrayBuffer raw_key; |
| 2126 EXPECT_STATUS_SUCCESS( |
| 2127 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); |
| 2128 ExpectArrayBufferMatches(test_key, raw_key); |
| 2129 } |
| 2130 } |
| 2131 |
| 2132 TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyWrapUnwrapErrors)) { |
| 2133 scoped_ptr<base::ListValue> tests; |
| 2134 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests)); |
| 2135 base::DictionaryValue* test; |
| 2136 // Use 256 bits of data with a 256-bit KEK |
| 2137 ASSERT_TRUE(tests->GetDictionary(5, &test)); |
| 2138 const std::vector<uint8> test_kek = GetBytesFromHexString(test, "kek"); |
| 2139 const std::vector<uint8> test_key = GetBytesFromHexString(test, "key"); |
| 2140 const std::vector<uint8> test_ciphertext = |
| 2141 GetBytesFromHexString(test, "ciphertext"); |
| 2142 const blink::WebCryptoAlgorithm wrapping_algorithm = |
| 2143 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); |
| 2144 const blink::WebCryptoAlgorithm key_algorithm = |
| 2145 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); |
| 2146 // Import the wrapping key. |
| 2147 blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw( |
| 2148 test_kek, |
| 2149 wrapping_algorithm, |
| 2150 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey); |
| 2151 // Import the key to be wrapped. |
| 2152 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
| 2153 test_key, |
| 2154 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
| 2155 blink::WebCryptoKeyUsageEncrypt); |
| 2156 |
| 2157 // Unwrap with null algorithm must fail. |
| 2158 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
| 2159 EXPECT_STATUS(Status::ErrorMissingAlgorithmUnwrapRawKey(), |
| 2160 Unwrapkey(blink::WebCryptoKeyFormatRaw, |
| 2161 CryptoData(test_ciphertext), |
| 2162 wrapping_key, |
| 2163 wrapping_algorithm, |
| 2164 blink::WebCryptoAlgorithm::createNull(), |
| 2165 true, |
| 2166 blink::WebCryptoKeyUsageEncrypt, |
| 2167 &unwrapped_key)); |
| 2168 |
| 2169 // Unwrap with wrapped data too small must fail. |
| 2170 const std::vector<uint8> small_data(test_ciphertext.begin(), |
| 2171 test_ciphertext.begin() + 23); |
| 2172 EXPECT_STATUS(Status::ErrorDataTooSmall(), |
| 2173 Unwrapkey(blink::WebCryptoKeyFormatRaw, |
| 2174 CryptoData(small_data), |
| 2175 wrapping_key, |
| 2176 wrapping_algorithm, |
| 2177 key_algorithm, |
| 2178 true, |
| 2179 blink::WebCryptoKeyUsageEncrypt, |
| 2180 &unwrapped_key)); |
| 2181 |
| 2182 // Unwrap with wrapped data size not a multiple of 8 bytes must fail. |
| 2183 const std::vector<uint8> unaligned_data(test_ciphertext.begin(), |
| 2184 test_ciphertext.end() - 2); |
| 2185 EXPECT_STATUS(Status::ErrorInvalidAesKwDataLength(), |
| 2186 Unwrapkey(blink::WebCryptoKeyFormatRaw, |
| 2187 CryptoData(unaligned_data), |
| 2188 wrapping_key, |
| 2189 wrapping_algorithm, |
| 2190 key_algorithm, |
| 2191 true, |
| 2192 blink::WebCryptoKeyUsageEncrypt, |
| 2193 &unwrapped_key)); |
| 2194 } |
| 2195 |
2068 // TODO(eroman): | 2196 // TODO(eroman): |
2069 // * Test decryption when the tag length exceeds input size | 2197 // * Test decryption when the tag length exceeds input size |
2070 // * Test decryption with empty input | 2198 // * Test decryption with empty input |
2071 // * Test decryption with tag length of 0. | 2199 // * Test decryption with tag length of 0. |
2072 TEST_F(SharedCryptoTest, MAYBE(AesGcmSampleSets)) { | 2200 TEST_F(SharedCryptoTest, MAYBE(AesGcmSampleSets)) { |
2073 // Some Linux test runners may not have a new enough version of NSS. | 2201 // Some Linux test runners may not have a new enough version of NSS. |
2074 if (!SupportsAesGcm()) { | 2202 if (!SupportsAesGcm()) { |
2075 LOG(WARNING) << "AES GCM not supported, skipping tests"; | 2203 LOG(WARNING) << "AES GCM not supported, skipping tests"; |
2076 return; | 2204 return; |
2077 } | 2205 } |
(...skipping 103 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2181 test_cipher_text, | 2309 test_cipher_text, |
2182 test_authentication_tag, | 2310 test_authentication_tag, |
2183 &plain_text)); | 2311 &plain_text)); |
2184 } | 2312 } |
2185 } | 2313 } |
2186 } | 2314 } |
2187 | 2315 |
2188 } // namespace webcrypto | 2316 } // namespace webcrypto |
2189 | 2317 |
2190 } // namespace content | 2318 } // namespace content |
OLD | NEW |