OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/renderer/webcrypto/webcrypto_impl.h" | 5 #include "content/renderer/webcrypto/webcrypto_impl.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
(...skipping 1789 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1800 key_raw_hex_in = | 1800 key_raw_hex_in = |
1801 "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a"; | 1801 "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a"; |
1802 EXPECT_FALSE(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, | 1802 EXPECT_FALSE(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
1803 HexStringToBytes(key_raw_hex_in), | 1803 HexStringToBytes(key_raw_hex_in), |
1804 algorithm, | 1804 algorithm, |
1805 true, | 1805 true, |
1806 blink::WebCryptoKeyUsageWrapKey, | 1806 blink::WebCryptoKeyUsageWrapKey, |
1807 &key)); | 1807 &key)); |
1808 } | 1808 } |
1809 | 1809 |
| 1810 TEST_F(WebCryptoImplTest, MAYBE(AesKwEncryptDecryptKnownAnswer)) { |
| 1811 |
| 1812 // The following tests use test vectors from |
| 1813 // http://www.ietf.org/rfc/rfc3394.txt |
| 1814 |
| 1815 struct TestCase { |
| 1816 const char* kek_hex; |
| 1817 const char* data_hex; |
| 1818 const char* ciphertext_hex; |
| 1819 }; |
| 1820 |
| 1821 const TestCase kTests[] = { |
| 1822 // 4.1 Wrap 128 bits of Key Data with a 128-bit KEK |
| 1823 { |
| 1824 "000102030405060708090A0B0C0D0E0F", |
| 1825 "00112233445566778899AABBCCDDEEFF", |
| 1826 "1FA68B0A8112B447AEF34BD8FB5A7B829D3E862371D2CFE5" |
| 1827 }, |
| 1828 // 4.2 Wrap 128 bits of Key Data with a 192-bit KEK |
| 1829 { |
| 1830 "000102030405060708090A0B0C0D0E0F1011121314151617", |
| 1831 "00112233445566778899AABBCCDDEEFF", |
| 1832 "96778B25AE6CA435F92B5B97C050AED2468AB8A17AD84E5D" |
| 1833 }, |
| 1834 // 4.3 Wrap 128 bits of Key Data with a 256-bit KEK |
| 1835 { |
| 1836 "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F", |
| 1837 "00112233445566778899AABBCCDDEEFF", |
| 1838 "64E8C3F9CE0F5BA263E9777905818A2A93C8191E7D6E8AE7" |
| 1839 }, |
| 1840 // 4.4 Wrap 192 bits of Key Data with a 192-bit KEK |
| 1841 { |
| 1842 "000102030405060708090A0B0C0D0E0F1011121314151617", |
| 1843 "00112233445566778899AABBCCDDEEFF0001020304050607", |
| 1844 "031D33264E15D33268F24EC260743EDCE1C6C7DDEE725A936BA814915C6762D2" |
| 1845 }, |
| 1846 // 4.5 Wrap 192 bits of Key Data with a 256-bit KEK |
| 1847 { |
| 1848 "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F", |
| 1849 "00112233445566778899AABBCCDDEEFF0001020304050607", |
| 1850 "A8F9BC1612C68B3FF6E6F4FBE30E71E4769C8B80A32CB8958CD5D17D6B254DA1" |
| 1851 |
| 1852 }, |
| 1853 // 4.6 Wrap 256 bits of Key Data with a 256-bit KEK |
| 1854 { |
| 1855 "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F", |
| 1856 "00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F", |
| 1857 "28C9F404C4B810F4CBCCB35CFB87F8263F5786E2D80ED326CBC7F0E71A99F43BFB988B9B" |
| 1858 "7A02DD21" |
| 1859 }, |
| 1860 }; |
| 1861 |
| 1862 for (size_t index = 0; index < ARRAYSIZE_UNSAFE(kTests); index++) { |
| 1863 |
| 1864 SCOPED_TRACE(index); |
| 1865 const TestCase& test = kTests[index]; |
| 1866 const blink::WebCryptoAlgorithm algorithm = |
| 1867 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); |
| 1868 |
| 1869 // Import the key. |
| 1870 blink::WebCryptoKey key = ImportSecretKeyFromRawHexString( |
| 1871 test.kek_hex, |
| 1872 algorithm, |
| 1873 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey); |
| 1874 |
| 1875 // Verify the exported raw key is identical to the imported data. |
| 1876 blink::WebArrayBuffer raw_key; |
| 1877 EXPECT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
| 1878 ExpectArrayBufferMatchesHex(test.kek_hex, raw_key); |
| 1879 |
| 1880 // Encrypt the data and verify the result against the known answer. |
| 1881 blink::WebArrayBuffer output; |
| 1882 EXPECT_TRUE(EncryptInternal(algorithm, |
| 1883 key, |
| 1884 HexStringToBytes(test.data_hex), |
| 1885 &output)); |
| 1886 ExpectArrayBufferMatchesHex(test.ciphertext_hex, output); |
| 1887 |
| 1888 // Decrypt the ciphertext and verify the result against the known input. |
| 1889 EXPECT_TRUE(DecryptInternal(algorithm, |
| 1890 key, |
| 1891 HexStringToBytes(test.ciphertext_hex), |
| 1892 &output)); |
| 1893 ExpectArrayBufferMatchesHex(test.data_hex, output); |
| 1894 } |
| 1895 } |
| 1896 |
| 1897 TEST_F(WebCryptoImplTest, MAYBE(AesKwEncryptDecryptFailures)) { |
| 1898 const blink::WebCryptoAlgorithm algorithm = |
| 1899 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); |
| 1900 blink::WebCryptoKey key = ImportSecretKeyFromRawHexString( |
| 1901 "000102030405060708090A0B0C0D0E0F", |
| 1902 algorithm, |
| 1903 blink::WebCryptoKeyUsageWrapKey); |
| 1904 |
| 1905 // For encrypt, the input data size must be at least 16 bytes. Expect failure |
| 1906 // with a data size of 8 bytes, and success with 16. |
| 1907 blink::WebArrayBuffer output; |
| 1908 EXPECT_FALSE(EncryptInternal( |
| 1909 algorithm, |
| 1910 key, |
| 1911 HexStringToBytes("11f9ec1b249b2629"), |
| 1912 &output)); |
| 1913 EXPECT_TRUE(EncryptInternal( |
| 1914 algorithm, |
| 1915 key, |
| 1916 HexStringToBytes("2139128461ed6d341dff4db94f60094f"), |
| 1917 &output)); |
| 1918 |
| 1919 // For encrypt, the input data size must be a multiple of 8 bytes. Expect |
| 1920 // failure with a data size of 17 bytes. |
| 1921 EXPECT_FALSE(EncryptInternal( |
| 1922 algorithm, |
| 1923 key, |
| 1924 HexStringToBytes("0248cb45ca808c8aacfad2b2c092c15745"), |
| 1925 &output)); |
| 1926 } |
| 1927 |
1810 } // namespace content | 1928 } // namespace content |
OLD | NEW |