| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/logging.h" | 5 #include "base/logging.h" |
| 6 #include "base/stl_util.h" | 6 #include "base/stl_util.h" |
| 7 #include "components/webcrypto/algorithm_dispatch.h" | 7 #include "components/webcrypto/algorithm_dispatch.h" |
| 8 #include "components/webcrypto/algorithms/test_helpers.h" | 8 #include "components/webcrypto/algorithms/test_helpers.h" |
| 9 #include "components/webcrypto/crypto_data.h" | 9 #include "components/webcrypto/crypto_data.h" |
| 10 #include "components/webcrypto/jwk.h" | 10 #include "components/webcrypto/jwk.h" |
| 11 #include "components/webcrypto/status.h" | 11 #include "components/webcrypto/status.h" |
| 12 #include "components/webcrypto/webcrypto_util.h" | 12 #include "components/webcrypto/webcrypto_util.h" |
| 13 #include "testing/gtest/include/gtest/gtest.h" | 13 #include "testing/gtest/include/gtest/gtest.h" |
| 14 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" | 14 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" |
| 15 #include "third_party/WebKit/public/platform/WebCryptoKey.h" | 15 #include "third_party/WebKit/public/platform/WebCryptoKey.h" |
| 16 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h" | 16 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h" |
| 17 | 17 |
| 18 namespace webcrypto { | 18 namespace webcrypto { |
| 19 | 19 |
| 20 namespace { | 20 namespace { |
| 21 | 21 |
| 22 bool SupportsRsaPss() { | |
| 23 #if defined(USE_OPENSSL) | |
| 24 return true; | |
| 25 #else | |
| 26 return false; | |
| 27 #endif | |
| 28 } | |
| 29 | |
| 30 blink::WebCryptoAlgorithm CreateRsaPssAlgorithm( | 22 blink::WebCryptoAlgorithm CreateRsaPssAlgorithm( |
| 31 unsigned int salt_length_bytes) { | 23 unsigned int salt_length_bytes) { |
| 32 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( | 24 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( |
| 33 blink::WebCryptoAlgorithmIdRsaPss, | 25 blink::WebCryptoAlgorithmIdRsaPss, |
| 34 new blink::WebCryptoRsaPssParams(salt_length_bytes)); | 26 new blink::WebCryptoRsaPssParams(salt_length_bytes)); |
| 35 } | 27 } |
| 36 | 28 |
| 37 class WebCryptoRsaPssTest : public WebCryptoTestBase {}; | 29 class WebCryptoRsaPssTest : public WebCryptoTestBase {}; |
| 38 | 30 |
| 39 // Test that no two RSA-PSS signatures are identical, when using a non-zero | 31 // Test that no two RSA-PSS signatures are identical, when using a non-zero |
| 40 // lengthed salt. | 32 // lengthed salt. |
| 41 TEST_F(WebCryptoRsaPssTest, SignIsRandom) { | 33 TEST_F(WebCryptoRsaPssTest, SignIsRandom) { |
| 42 if (!SupportsRsaPss()) { | |
| 43 LOG(WARNING) << "Skipping test because RSA-PSS is not supported"; | |
| 44 return; | |
| 45 } | |
| 46 | |
| 47 // Import public/private key pair. | 34 // Import public/private key pair. |
| 48 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 35 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
| 49 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 36 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
| 50 | 37 |
| 51 ImportRsaKeyPair( | 38 ImportRsaKeyPair( |
| 52 HexStringToBytes(kPublicKeySpkiDerHex), | 39 HexStringToBytes(kPublicKeySpkiDerHex), |
| 53 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 40 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
| 54 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaPss, | 41 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaPss, |
| 55 blink::WebCryptoAlgorithmIdSha1), | 42 blink::WebCryptoAlgorithmIdSha1), |
| 56 true, blink::WebCryptoKeyUsageVerify, blink::WebCryptoKeyUsageSign, | 43 true, blink::WebCryptoKeyUsageVerify, blink::WebCryptoKeyUsageSign, |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 90 // Corrupt the signature and verification must fail. | 77 // Corrupt the signature and verification must fail. |
| 91 ASSERT_EQ(Status::Success(), | 78 ASSERT_EQ(Status::Success(), |
| 92 Verify(params, public_key, CryptoData(Corrupted(signature2)), | 79 Verify(params, public_key, CryptoData(Corrupted(signature2)), |
| 93 CryptoData(message), &is_match)); | 80 CryptoData(message), &is_match)); |
| 94 EXPECT_FALSE(is_match); | 81 EXPECT_FALSE(is_match); |
| 95 } | 82 } |
| 96 | 83 |
| 97 // Try signing and verifying when the salt length is 0. The signature in this | 84 // Try signing and verifying when the salt length is 0. The signature in this |
| 98 // case is not random. | 85 // case is not random. |
| 99 TEST_F(WebCryptoRsaPssTest, SignVerifyNoSalt) { | 86 TEST_F(WebCryptoRsaPssTest, SignVerifyNoSalt) { |
| 100 if (!SupportsRsaPss()) { | |
| 101 LOG(WARNING) << "Skipping test because RSA-PSS is not supported"; | |
| 102 return; | |
| 103 } | |
| 104 | |
| 105 // Import public/private key pair. | 87 // Import public/private key pair. |
| 106 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 88 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
| 107 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 89 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
| 108 | 90 |
| 109 ImportRsaKeyPair( | 91 ImportRsaKeyPair( |
| 110 HexStringToBytes(kPublicKeySpkiDerHex), | 92 HexStringToBytes(kPublicKeySpkiDerHex), |
| 111 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 93 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
| 112 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaPss, | 94 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaPss, |
| 113 blink::WebCryptoAlgorithmIdSha1), | 95 blink::WebCryptoAlgorithmIdSha1), |
| 114 true, blink::WebCryptoKeyUsageVerify, blink::WebCryptoKeyUsageSign, | 96 true, blink::WebCryptoKeyUsageVerify, blink::WebCryptoKeyUsageSign, |
| (...skipping 25 matching lines...) Expand all Loading... |
| 140 EXPECT_TRUE(is_match); | 122 EXPECT_TRUE(is_match); |
| 141 | 123 |
| 142 // Corrupt the signature and verification must fail. | 124 // Corrupt the signature and verification must fail. |
| 143 ASSERT_EQ(Status::Success(), | 125 ASSERT_EQ(Status::Success(), |
| 144 Verify(params, public_key, CryptoData(Corrupted(signature2)), | 126 Verify(params, public_key, CryptoData(Corrupted(signature2)), |
| 145 CryptoData(message), &is_match)); | 127 CryptoData(message), &is_match)); |
| 146 EXPECT_FALSE(is_match); | 128 EXPECT_FALSE(is_match); |
| 147 } | 129 } |
| 148 | 130 |
| 149 TEST_F(WebCryptoRsaPssTest, SignEmptyMessage) { | 131 TEST_F(WebCryptoRsaPssTest, SignEmptyMessage) { |
| 150 if (!SupportsRsaPss()) { | |
| 151 LOG(WARNING) << "Skipping test because RSA-PSS is not supported"; | |
| 152 return; | |
| 153 } | |
| 154 | |
| 155 // Import public/private key pair. | 132 // Import public/private key pair. |
| 156 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 133 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
| 157 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 134 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
| 158 | 135 |
| 159 ImportRsaKeyPair( | 136 ImportRsaKeyPair( |
| 160 HexStringToBytes(kPublicKeySpkiDerHex), | 137 HexStringToBytes(kPublicKeySpkiDerHex), |
| 161 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 138 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
| 162 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaPss, | 139 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaPss, |
| 163 blink::WebCryptoAlgorithmIdSha1), | 140 blink::WebCryptoAlgorithmIdSha1), |
| 164 true, blink::WebCryptoKeyUsageVerify, blink::WebCryptoKeyUsageSign, | 141 true, blink::WebCryptoKeyUsageVerify, blink::WebCryptoKeyUsageSign, |
| (...skipping 17 matching lines...) Expand all Loading... |
| 182 Verify(params, public_key, CryptoData(Corrupted(signature)), | 159 Verify(params, public_key, CryptoData(Corrupted(signature)), |
| 183 CryptoData(message), &is_match)); | 160 CryptoData(message), &is_match)); |
| 184 EXPECT_FALSE(is_match); | 161 EXPECT_FALSE(is_match); |
| 185 } | 162 } |
| 186 | 163 |
| 187 // Iterate through known answers and test verification. | 164 // Iterate through known answers and test verification. |
| 188 // * Verify over original message should succeed | 165 // * Verify over original message should succeed |
| 189 // * Verify over corrupted message should fail | 166 // * Verify over corrupted message should fail |
| 190 // * Verification with corrupted signature should fail | 167 // * Verification with corrupted signature should fail |
| 191 TEST_F(WebCryptoRsaPssTest, VerifyKnownAnswer) { | 168 TEST_F(WebCryptoRsaPssTest, VerifyKnownAnswer) { |
| 192 if (!SupportsRsaPss()) { | |
| 193 LOG(WARNING) << "Skipping test because RSA-PSS is not supported"; | |
| 194 return; | |
| 195 } | |
| 196 | |
| 197 scoped_ptr<base::DictionaryValue> test_data; | 169 scoped_ptr<base::DictionaryValue> test_data; |
| 198 ASSERT_TRUE(ReadJsonTestFileToDictionary("rsa_pss.json", &test_data)); | 170 ASSERT_TRUE(ReadJsonTestFileToDictionary("rsa_pss.json", &test_data)); |
| 199 | 171 |
| 200 const base::DictionaryValue* keys_dict = NULL; | 172 const base::DictionaryValue* keys_dict = NULL; |
| 201 ASSERT_TRUE(test_data->GetDictionary("keys", &keys_dict)); | 173 ASSERT_TRUE(test_data->GetDictionary("keys", &keys_dict)); |
| 202 | 174 |
| 203 const base::ListValue* tests = NULL; | 175 const base::ListValue* tests = NULL; |
| 204 ASSERT_TRUE(test_data->GetList("tests", &tests)); | 176 ASSERT_TRUE(test_data->GetList("tests", &tests)); |
| 205 | 177 |
| 206 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { | 178 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 250 Verify(CreateRsaPssAlgorithm(saltLength), public_key, | 222 Verify(CreateRsaPssAlgorithm(saltLength), public_key, |
| 251 CryptoData(Corrupted(signature)), CryptoData(message), | 223 CryptoData(Corrupted(signature)), CryptoData(message), |
| 252 &is_match)); | 224 &is_match)); |
| 253 EXPECT_FALSE(is_match); | 225 EXPECT_FALSE(is_match); |
| 254 } | 226 } |
| 255 } | 227 } |
| 256 | 228 |
| 257 } // namespace | 229 } // namespace |
| 258 | 230 |
| 259 } // namespace webcrypto | 231 } // namespace webcrypto |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1355923002:
[refactor] Misc post-NSS WebCrypto cleanups. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@util_split