OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/renderer/webcrypto/shared_crypto.h" | 5 #include "content/renderer/webcrypto/shared_crypto.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
(...skipping 120 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
131 corrupted_data[corrupted_data.size() / 2] ^= 0x01; | 131 corrupted_data[corrupted_data.size() / 2] ^= 0x01; |
132 return corrupted_data; | 132 return corrupted_data; |
133 } | 133 } |
134 | 134 |
135 std::vector<uint8> HexStringToBytes(const std::string& hex) { | 135 std::vector<uint8> HexStringToBytes(const std::string& hex) { |
136 std::vector<uint8> bytes; | 136 std::vector<uint8> bytes; |
137 base::HexStringToBytes(hex, &bytes); | 137 base::HexStringToBytes(hex, &bytes); |
138 return bytes; | 138 return bytes; |
139 } | 139 } |
140 | 140 |
141 void ExpectArrayBufferMatches(const std::vector<uint8>& expected, | 141 ::testing::AssertionResult ArrayBufferMatches( |
142 const blink::WebArrayBuffer& actual) { | 142 const std::vector<uint8>& expected, |
143 EXPECT_EQ( | 143 const blink::WebArrayBuffer& actual) { |
144 base::HexEncode(webcrypto::Uint8VectorStart(expected), expected.size()), | 144 if (base::HexEncode(webcrypto::Uint8VectorStart(expected), expected.size()) == |
145 base::HexEncode(actual.data(), actual.byteLength())); | 145 base::HexEncode(actual.data(), actual.byteLength())) |
| 146 return ::testing::AssertionSuccess(); |
| 147 return ::testing::AssertionFailure(); |
146 } | 148 } |
147 | 149 |
148 void ExpectCryptoDataMatchesHex(const std::string& expected_hex, | 150 void ExpectCryptoDataMatchesHex(const std::string& expected_hex, |
149 const CryptoData& actual) { | 151 const CryptoData& actual) { |
150 EXPECT_STRCASEEQ( | 152 EXPECT_STRCASEEQ( |
151 expected_hex.c_str(), | 153 expected_hex.c_str(), |
152 base::HexEncode(actual.bytes(), actual.byte_length()).c_str()); | 154 base::HexEncode(actual.bytes(), actual.byte_length()).c_str()); |
153 } | 155 } |
154 | 156 |
155 void ExpectArrayBufferMatchesHex(const std::string& expected_hex, | 157 void ExpectArrayBufferMatchesHex(const std::string& expected_hex, |
(...skipping 403 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
559 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); | 561 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); |
560 | 562 |
561 blink::WebCryptoAlgorithm test_algorithm = | 563 blink::WebCryptoAlgorithm test_algorithm = |
562 GetDigestAlgorithm(test, "algorithm"); | 564 GetDigestAlgorithm(test, "algorithm"); |
563 std::vector<uint8> test_input = GetBytesFromHexString(test, "input"); | 565 std::vector<uint8> test_input = GetBytesFromHexString(test, "input"); |
564 std::vector<uint8> test_output = GetBytesFromHexString(test, "output"); | 566 std::vector<uint8> test_output = GetBytesFromHexString(test, "output"); |
565 | 567 |
566 blink::WebArrayBuffer output; | 568 blink::WebArrayBuffer output; |
567 ASSERT_STATUS_SUCCESS( | 569 ASSERT_STATUS_SUCCESS( |
568 Digest(test_algorithm, CryptoData(test_input), &output)); | 570 Digest(test_algorithm, CryptoData(test_input), &output)); |
569 ExpectArrayBufferMatches(test_output, output); | 571 EXPECT_TRUE(ArrayBufferMatches(test_output, output)); |
570 } | 572 } |
571 } | 573 } |
572 | 574 |
573 TEST_F(SharedCryptoTest, HMACSampleSets) { | 575 TEST_F(SharedCryptoTest, HMACSampleSets) { |
574 scoped_ptr<base::ListValue> tests; | 576 scoped_ptr<base::ListValue> tests; |
575 ASSERT_TRUE(ReadJsonTestFileToList("hmac.json", &tests)); | 577 ASSERT_TRUE(ReadJsonTestFileToList("hmac.json", &tests)); |
576 | 578 |
577 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { | 579 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { |
578 SCOPED_TRACE(test_index); | 580 SCOPED_TRACE(test_index); |
579 base::DictionaryValue* test; | 581 base::DictionaryValue* test; |
(...skipping 15 matching lines...) Expand all Loading... |
595 test_key, | 597 test_key, |
596 importAlgorithm, | 598 importAlgorithm, |
597 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify); | 599 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify); |
598 | 600 |
599 EXPECT_EQ(test_hash.id(), key.algorithm().hmacParams()->hash().id()); | 601 EXPECT_EQ(test_hash.id(), key.algorithm().hmacParams()->hash().id()); |
600 | 602 |
601 // Verify exported raw key is identical to the imported data | 603 // Verify exported raw key is identical to the imported data |
602 blink::WebArrayBuffer raw_key; | 604 blink::WebArrayBuffer raw_key; |
603 EXPECT_STATUS_SUCCESS( | 605 EXPECT_STATUS_SUCCESS( |
604 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 606 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
605 ExpectArrayBufferMatches(test_key, raw_key); | 607 EXPECT_TRUE(ArrayBufferMatches(test_key, raw_key)); |
606 | 608 |
607 blink::WebArrayBuffer output; | 609 blink::WebArrayBuffer output; |
608 | 610 |
609 ASSERT_STATUS_SUCCESS( | 611 ASSERT_STATUS_SUCCESS( |
610 Sign(algorithm, key, CryptoData(test_message), &output)); | 612 Sign(algorithm, key, CryptoData(test_message), &output)); |
611 | 613 |
612 ExpectArrayBufferMatches(test_mac, output); | 614 EXPECT_TRUE(ArrayBufferMatches(test_mac, output)); |
613 | 615 |
614 bool signature_match = false; | 616 bool signature_match = false; |
615 EXPECT_STATUS_SUCCESS(VerifySignature(algorithm, | 617 EXPECT_STATUS_SUCCESS(VerifySignature(algorithm, |
616 key, | 618 key, |
617 CryptoData(output), | 619 CryptoData(output), |
618 CryptoData(test_message), | 620 CryptoData(test_message), |
619 &signature_match)); | 621 &signature_match)); |
620 EXPECT_TRUE(signature_match); | 622 EXPECT_TRUE(signature_match); |
621 | 623 |
622 // Ensure truncated signature does not verify by passing one less byte. | 624 // Ensure truncated signature does not verify by passing one less byte. |
(...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
754 test_key, | 756 test_key, |
755 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 757 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
756 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); | 758 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); |
757 | 759 |
758 EXPECT_EQ(test_key.size() * 8, key.algorithm().aesParams()->lengthBits()); | 760 EXPECT_EQ(test_key.size() * 8, key.algorithm().aesParams()->lengthBits()); |
759 | 761 |
760 // Verify exported raw key is identical to the imported data | 762 // Verify exported raw key is identical to the imported data |
761 blink::WebArrayBuffer raw_key; | 763 blink::WebArrayBuffer raw_key; |
762 EXPECT_STATUS_SUCCESS( | 764 EXPECT_STATUS_SUCCESS( |
763 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 765 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
764 ExpectArrayBufferMatches(test_key, raw_key); | 766 EXPECT_TRUE(ArrayBufferMatches(test_key, raw_key)); |
765 | 767 |
766 blink::WebArrayBuffer output; | 768 blink::WebArrayBuffer output; |
767 | 769 |
768 // Test encryption. | 770 // Test encryption. |
769 EXPECT_STATUS(Status::Success(), | 771 EXPECT_STATUS(Status::Success(), |
770 Encrypt(webcrypto::CreateAesCbcAlgorithm(test_iv), | 772 Encrypt(webcrypto::CreateAesCbcAlgorithm(test_iv), |
771 key, | 773 key, |
772 CryptoData(test_plain_text), | 774 CryptoData(test_plain_text), |
773 &output)); | 775 &output)); |
774 ExpectArrayBufferMatches(test_cipher_text, output); | 776 EXPECT_TRUE(ArrayBufferMatches(test_cipher_text, output)); |
775 | 777 |
776 // Test decryption. | 778 // Test decryption. |
777 EXPECT_STATUS(Status::Success(), | 779 EXPECT_STATUS(Status::Success(), |
778 Decrypt(webcrypto::CreateAesCbcAlgorithm(test_iv), | 780 Decrypt(webcrypto::CreateAesCbcAlgorithm(test_iv), |
779 key, | 781 key, |
780 CryptoData(test_cipher_text), | 782 CryptoData(test_cipher_text), |
781 &output)); | 783 &output)); |
782 ExpectArrayBufferMatches(test_plain_text, output); | 784 EXPECT_TRUE(ArrayBufferMatches(test_plain_text, output)); |
783 | 785 |
784 const unsigned int kAesCbcBlockSize = 16; | 786 const unsigned int kAesCbcBlockSize = 16; |
785 | 787 |
786 // Decrypt with a padding error by stripping the last block. This also ends | 788 // Decrypt with a padding error by stripping the last block. This also ends |
787 // up testing decryption over empty cipher text. | 789 // up testing decryption over empty cipher text. |
788 if (test_cipher_text.size() >= kAesCbcBlockSize) { | 790 if (test_cipher_text.size() >= kAesCbcBlockSize) { |
789 EXPECT_STATUS( | 791 EXPECT_STATUS( |
790 Status::Error(), | 792 Status::Error(), |
791 Decrypt(CreateAesCbcAlgorithm(test_iv), | 793 Decrypt(CreateAesCbcAlgorithm(test_iv), |
792 key, | 794 key, |
(...skipping 860 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1653 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, | 1655 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, |
1654 &public_key, | 1656 &public_key, |
1655 &private_key); | 1657 &private_key); |
1656 | 1658 |
1657 // Decrypt the known-good ciphertext with the private key. As a check we must | 1659 // Decrypt the known-good ciphertext with the private key. As a check we must |
1658 // get the known original cleartext. | 1660 // get the known original cleartext. |
1659 blink::WebArrayBuffer decrypted_data; | 1661 blink::WebArrayBuffer decrypted_data; |
1660 ASSERT_STATUS_SUCCESS( | 1662 ASSERT_STATUS_SUCCESS( |
1661 Decrypt(algorithm, private_key, CryptoData(ciphertext), &decrypted_data)); | 1663 Decrypt(algorithm, private_key, CryptoData(ciphertext), &decrypted_data)); |
1662 EXPECT_FALSE(decrypted_data.isNull()); | 1664 EXPECT_FALSE(decrypted_data.isNull()); |
1663 ExpectArrayBufferMatches(cleartext, decrypted_data); | 1665 EXPECT_TRUE(ArrayBufferMatches(cleartext, decrypted_data)); |
1664 | 1666 |
1665 // Encrypt this decrypted data with the public key. | 1667 // Encrypt this decrypted data with the public key. |
1666 blink::WebArrayBuffer encrypted_data; | 1668 blink::WebArrayBuffer encrypted_data; |
1667 ASSERT_STATUS_SUCCESS(Encrypt( | 1669 ASSERT_STATUS_SUCCESS(Encrypt( |
1668 algorithm, public_key, CryptoData(decrypted_data), &encrypted_data)); | 1670 algorithm, public_key, CryptoData(decrypted_data), &encrypted_data)); |
1669 EXPECT_EQ(128u, encrypted_data.byteLength()); | 1671 EXPECT_EQ(128u, encrypted_data.byteLength()); |
1670 | 1672 |
1671 // Finally, decrypt the newly encrypted result with the private key, and | 1673 // Finally, decrypt the newly encrypted result with the private key, and |
1672 // compare to the known original cleartext. | 1674 // compare to the known original cleartext. |
1673 decrypted_data.reset(); | 1675 decrypted_data.reset(); |
1674 ASSERT_STATUS_SUCCESS(Decrypt( | 1676 ASSERT_STATUS_SUCCESS(Decrypt( |
1675 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data)); | 1677 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data)); |
1676 EXPECT_FALSE(decrypted_data.isNull()); | 1678 EXPECT_FALSE(decrypted_data.isNull()); |
1677 ExpectArrayBufferMatches(cleartext, decrypted_data); | 1679 EXPECT_TRUE(ArrayBufferMatches(cleartext, decrypted_data)); |
1678 } | 1680 } |
1679 | 1681 |
1680 TEST_F(SharedCryptoTest, MAYBE(RsaEsFailures)) { | 1682 TEST_F(SharedCryptoTest, MAYBE(RsaEsFailures)) { |
1681 // Import a key pair. | 1683 // Import a key pair. |
1682 blink::WebCryptoAlgorithm algorithm = | 1684 blink::WebCryptoAlgorithm algorithm = |
1683 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 1685 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
1684 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1686 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
1685 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 1687 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
1686 ImportRsaKeyPair( | 1688 ImportRsaKeyPair( |
1687 HexStringToBytes(kPublicKeySpkiDerHex), | 1689 HexStringToBytes(kPublicKeySpkiDerHex), |
(...skipping 229 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1917 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); | 1919 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); |
1918 | 1920 |
1919 std::vector<uint8> test_message = | 1921 std::vector<uint8> test_message = |
1920 GetBytesFromHexString(test, "message_hex"); | 1922 GetBytesFromHexString(test, "message_hex"); |
1921 std::vector<uint8> test_signature = | 1923 std::vector<uint8> test_signature = |
1922 GetBytesFromHexString(test, "signature_hex"); | 1924 GetBytesFromHexString(test, "signature_hex"); |
1923 | 1925 |
1924 signature.reset(); | 1926 signature.reset(); |
1925 ASSERT_STATUS_SUCCESS( | 1927 ASSERT_STATUS_SUCCESS( |
1926 Sign(algorithm, private_key, CryptoData(test_message), &signature)); | 1928 Sign(algorithm, private_key, CryptoData(test_message), &signature)); |
1927 ExpectArrayBufferMatches(test_signature, signature); | 1929 EXPECT_TRUE(ArrayBufferMatches(test_signature, signature)); |
1928 | 1930 |
1929 bool is_match = false; | 1931 bool is_match = false; |
1930 ASSERT_STATUS_SUCCESS(VerifySignature(algorithm, | 1932 ASSERT_STATUS_SUCCESS(VerifySignature(algorithm, |
1931 public_key, | 1933 public_key, |
1932 CryptoData(test_signature), | 1934 CryptoData(test_signature), |
1933 CryptoData(test_message), | 1935 CryptoData(test_message), |
1934 &is_match)); | 1936 &is_match)); |
1935 EXPECT_TRUE(is_match); | 1937 EXPECT_TRUE(is_match); |
1936 } | 1938 } |
1937 } | 1939 } |
(...skipping 75 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2013 "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a"; | 2015 "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a"; |
2014 EXPECT_STATUS(Status::Error(), | 2016 EXPECT_STATUS(Status::Error(), |
2015 ImportKey(blink::WebCryptoKeyFormatRaw, | 2017 ImportKey(blink::WebCryptoKeyFormatRaw, |
2016 CryptoData(HexStringToBytes(key_raw_hex_in)), | 2018 CryptoData(HexStringToBytes(key_raw_hex_in)), |
2017 algorithm, | 2019 algorithm, |
2018 true, | 2020 true, |
2019 blink::WebCryptoKeyUsageWrapKey, | 2021 blink::WebCryptoKeyUsageWrapKey, |
2020 &key)); | 2022 &key)); |
2021 } | 2023 } |
2022 | 2024 |
| 2025 TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyWrapUnwrapKnownAnswer)) { |
| 2026 scoped_ptr<base::ListValue> tests; |
| 2027 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests)); |
| 2028 |
| 2029 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { |
| 2030 SCOPED_TRACE(test_index); |
| 2031 base::DictionaryValue* test; |
| 2032 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); |
| 2033 const std::vector<uint8> test_kek = GetBytesFromHexString(test, "kek"); |
| 2034 const std::vector<uint8> test_key = GetBytesFromHexString(test, "key"); |
| 2035 const std::vector<uint8> test_ciphertext = |
| 2036 GetBytesFromHexString(test, "ciphertext"); |
| 2037 const blink::WebCryptoAlgorithm wrapping_algorithm = |
| 2038 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); |
| 2039 |
| 2040 // Import the wrapping key. |
| 2041 blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw( |
| 2042 test_kek, |
| 2043 wrapping_algorithm, |
| 2044 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey); |
| 2045 |
| 2046 // Import the key to be wrapped. |
| 2047 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
| 2048 test_key, |
| 2049 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
| 2050 blink::WebCryptoKeyUsageEncrypt); |
| 2051 |
| 2052 // Wrap the key and verify the ciphertext result against the known answer. |
| 2053 blink::WebArrayBuffer wrapped_key; |
| 2054 ASSERT_STATUS_SUCCESS(WrapKey(blink::WebCryptoKeyFormatRaw, |
| 2055 wrapping_key, |
| 2056 key, |
| 2057 wrapping_algorithm, |
| 2058 &wrapped_key)); |
| 2059 EXPECT_TRUE(ArrayBufferMatches(test_ciphertext, wrapped_key)); |
| 2060 |
| 2061 // Unwrap the known ciphertext to get a new test_key. |
| 2062 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
| 2063 ASSERT_STATUS_SUCCESS( |
| 2064 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
| 2065 CryptoData(test_ciphertext), |
| 2066 wrapping_key, |
| 2067 wrapping_algorithm, |
| 2068 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
| 2069 true, |
| 2070 blink::WebCryptoKeyUsageEncrypt, |
| 2071 &unwrapped_key)); |
| 2072 EXPECT_FALSE(key.isNull()); |
| 2073 EXPECT_TRUE(key.handle()); |
| 2074 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
| 2075 EXPECT_EQ( |
| 2076 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc).id(), |
| 2077 key.algorithm().id()); |
| 2078 EXPECT_EQ(true, key.extractable()); |
| 2079 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); |
| 2080 |
| 2081 // Export the new key and compare its raw bytes with the original known key. |
| 2082 blink::WebArrayBuffer raw_key; |
| 2083 EXPECT_STATUS_SUCCESS( |
| 2084 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); |
| 2085 EXPECT_TRUE(ArrayBufferMatches(test_key, raw_key)); |
| 2086 } |
| 2087 } |
| 2088 |
| 2089 TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyWrapUnwrapErrors)) { |
| 2090 scoped_ptr<base::ListValue> tests; |
| 2091 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests)); |
| 2092 base::DictionaryValue* test; |
| 2093 // Use 256 bits of data with a 256-bit KEK |
| 2094 ASSERT_TRUE(tests->GetDictionary(5, &test)); |
| 2095 const std::vector<uint8> test_kek = GetBytesFromHexString(test, "kek"); |
| 2096 const std::vector<uint8> test_key = GetBytesFromHexString(test, "key"); |
| 2097 const std::vector<uint8> test_ciphertext = |
| 2098 GetBytesFromHexString(test, "ciphertext"); |
| 2099 const blink::WebCryptoAlgorithm wrapping_algorithm = |
| 2100 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); |
| 2101 const blink::WebCryptoAlgorithm key_algorithm = |
| 2102 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); |
| 2103 // Import the wrapping key. |
| 2104 blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw( |
| 2105 test_kek, |
| 2106 wrapping_algorithm, |
| 2107 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey); |
| 2108 // Import the key to be wrapped. |
| 2109 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
| 2110 test_key, |
| 2111 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
| 2112 blink::WebCryptoKeyUsageEncrypt); |
| 2113 |
| 2114 // Unwrap with null algorithm must fail. |
| 2115 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
| 2116 EXPECT_STATUS(Status::ErrorMissingAlgorithmUnwrapRawKey(), |
| 2117 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
| 2118 CryptoData(test_ciphertext), |
| 2119 wrapping_key, |
| 2120 wrapping_algorithm, |
| 2121 blink::WebCryptoAlgorithm::createNull(), |
| 2122 true, |
| 2123 blink::WebCryptoKeyUsageEncrypt, |
| 2124 &unwrapped_key)); |
| 2125 |
| 2126 // Unwrap with wrapped data too small must fail. |
| 2127 const std::vector<uint8> small_data(test_ciphertext.begin(), |
| 2128 test_ciphertext.begin() + 23); |
| 2129 EXPECT_STATUS(Status::ErrorDataTooSmall(), |
| 2130 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
| 2131 CryptoData(small_data), |
| 2132 wrapping_key, |
| 2133 wrapping_algorithm, |
| 2134 key_algorithm, |
| 2135 true, |
| 2136 blink::WebCryptoKeyUsageEncrypt, |
| 2137 &unwrapped_key)); |
| 2138 |
| 2139 // Unwrap with wrapped data size not a multiple of 8 bytes must fail. |
| 2140 const std::vector<uint8> unaligned_data(test_ciphertext.begin(), |
| 2141 test_ciphertext.end() - 2); |
| 2142 EXPECT_STATUS(Status::ErrorInvalidAesKwDataLength(), |
| 2143 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
| 2144 CryptoData(unaligned_data), |
| 2145 wrapping_key, |
| 2146 wrapping_algorithm, |
| 2147 key_algorithm, |
| 2148 true, |
| 2149 blink::WebCryptoKeyUsageEncrypt, |
| 2150 &unwrapped_key)); |
| 2151 } |
| 2152 |
| 2153 TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyUnwrapCorruptData)) { |
| 2154 scoped_ptr<base::ListValue> tests; |
| 2155 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests)); |
| 2156 base::DictionaryValue* test; |
| 2157 // Use 256 bits of data with a 256-bit KEK |
| 2158 ASSERT_TRUE(tests->GetDictionary(5, &test)); |
| 2159 const std::vector<uint8> test_kek = GetBytesFromHexString(test, "kek"); |
| 2160 const std::vector<uint8> test_key = GetBytesFromHexString(test, "key"); |
| 2161 const std::vector<uint8> test_ciphertext = |
| 2162 GetBytesFromHexString(test, "ciphertext"); |
| 2163 const blink::WebCryptoAlgorithm wrapping_algorithm = |
| 2164 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); |
| 2165 |
| 2166 // Import the wrapping key. |
| 2167 blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw( |
| 2168 test_kek, |
| 2169 wrapping_algorithm, |
| 2170 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey); |
| 2171 |
| 2172 // Unwrap a corrupted version of the known ciphertext. Unwrap should pass but |
| 2173 // will produce a key that is different than the known original. |
| 2174 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
| 2175 ASSERT_STATUS_SUCCESS( |
| 2176 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
| 2177 CryptoData(Corrupted(test_ciphertext)), |
| 2178 wrapping_key, |
| 2179 wrapping_algorithm, |
| 2180 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
| 2181 true, |
| 2182 blink::WebCryptoKeyUsageEncrypt, |
| 2183 &unwrapped_key)); |
| 2184 |
| 2185 // Export the new key and compare its raw bytes with the original known key. |
| 2186 // The comparison should fail. |
| 2187 blink::WebArrayBuffer raw_key; |
| 2188 EXPECT_STATUS_SUCCESS( |
| 2189 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); |
| 2190 EXPECT_FALSE(ArrayBufferMatches(test_key, raw_key)); |
| 2191 } |
| 2192 |
2023 // TODO(eroman): | 2193 // TODO(eroman): |
2024 // * Test decryption when the tag length exceeds input size | 2194 // * Test decryption when the tag length exceeds input size |
2025 // * Test decryption with empty input | 2195 // * Test decryption with empty input |
2026 // * Test decryption with tag length of 0. | 2196 // * Test decryption with tag length of 0. |
2027 TEST_F(SharedCryptoTest, MAYBE(AesGcmSampleSets)) { | 2197 TEST_F(SharedCryptoTest, MAYBE(AesGcmSampleSets)) { |
2028 // Some Linux test runners may not have a new enough version of NSS. | 2198 // Some Linux test runners may not have a new enough version of NSS. |
2029 if (!SupportsAesGcm()) { | 2199 if (!SupportsAesGcm()) { |
2030 LOG(WARNING) << "AES GCM not supported, skipping tests"; | 2200 LOG(WARNING) << "AES GCM not supported, skipping tests"; |
2031 return; | 2201 return; |
2032 } | 2202 } |
(...skipping 22 matching lines...) Expand all Loading... |
2055 blink::WebCryptoKey key = ImportSecretKeyFromRaw( | 2225 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
2056 test_key, | 2226 test_key, |
2057 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm), | 2227 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm), |
2058 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); | 2228 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); |
2059 | 2229 |
2060 // Verify exported raw key is identical to the imported data | 2230 // Verify exported raw key is identical to the imported data |
2061 blink::WebArrayBuffer raw_key; | 2231 blink::WebArrayBuffer raw_key; |
2062 EXPECT_STATUS_SUCCESS( | 2232 EXPECT_STATUS_SUCCESS( |
2063 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 2233 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
2064 | 2234 |
2065 ExpectArrayBufferMatches(test_key, raw_key); | 2235 EXPECT_TRUE(ArrayBufferMatches(test_key, raw_key)); |
2066 | 2236 |
2067 // Test encryption. | 2237 // Test encryption. |
2068 std::vector<uint8> cipher_text; | 2238 std::vector<uint8> cipher_text; |
2069 std::vector<uint8> authentication_tag; | 2239 std::vector<uint8> authentication_tag; |
2070 EXPECT_STATUS_SUCCESS(AesGcmEncrypt(key, | 2240 EXPECT_STATUS_SUCCESS(AesGcmEncrypt(key, |
2071 test_iv, | 2241 test_iv, |
2072 test_additional_data, | 2242 test_additional_data, |
2073 test_tag_size_bits, | 2243 test_tag_size_bits, |
2074 test_plain_text, | 2244 test_plain_text, |
2075 &cipher_text, | 2245 &cipher_text, |
2076 &authentication_tag)); | 2246 &authentication_tag)); |
2077 | 2247 |
2078 ExpectVectorMatches(test_cipher_text, cipher_text); | 2248 ExpectVectorMatches(test_cipher_text, cipher_text); |
2079 ExpectVectorMatches(test_authentication_tag, authentication_tag); | 2249 ExpectVectorMatches(test_authentication_tag, authentication_tag); |
2080 | 2250 |
2081 // Test decryption. | 2251 // Test decryption. |
2082 blink::WebArrayBuffer plain_text; | 2252 blink::WebArrayBuffer plain_text; |
2083 EXPECT_STATUS_SUCCESS(AesGcmDecrypt(key, | 2253 EXPECT_STATUS_SUCCESS(AesGcmDecrypt(key, |
2084 test_iv, | 2254 test_iv, |
2085 test_additional_data, | 2255 test_additional_data, |
2086 test_tag_size_bits, | 2256 test_tag_size_bits, |
2087 test_cipher_text, | 2257 test_cipher_text, |
2088 test_authentication_tag, | 2258 test_authentication_tag, |
2089 &plain_text)); | 2259 &plain_text)); |
2090 ExpectArrayBufferMatches(test_plain_text, plain_text); | 2260 EXPECT_TRUE(ArrayBufferMatches(test_plain_text, plain_text)); |
2091 | 2261 |
2092 // Decryption should fail if any of the inputs are tampered with. | 2262 // Decryption should fail if any of the inputs are tampered with. |
2093 EXPECT_STATUS(Status::Error(), | 2263 EXPECT_STATUS(Status::Error(), |
2094 AesGcmDecrypt(key, | 2264 AesGcmDecrypt(key, |
2095 Corrupted(test_iv), | 2265 Corrupted(test_iv), |
2096 test_additional_data, | 2266 test_additional_data, |
2097 test_tag_size_bits, | 2267 test_tag_size_bits, |
2098 test_cipher_text, | 2268 test_cipher_text, |
2099 test_authentication_tag, | 2269 test_authentication_tag, |
2100 &plain_text)); | 2270 &plain_text)); |
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2136 test_cipher_text, | 2306 test_cipher_text, |
2137 test_authentication_tag, | 2307 test_authentication_tag, |
2138 &plain_text)); | 2308 &plain_text)); |
2139 } | 2309 } |
2140 } | 2310 } |
2141 } | 2311 } |
2142 | 2312 |
2143 } // namespace webcrypto | 2313 } // namespace webcrypto |
2144 | 2314 |
2145 } // namespace content | 2315 } // namespace content |
OLD | NEW |