OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/renderer/webcrypto/webcrypto_impl.h" | 5 #include "content/renderer/webcrypto/webcrypto_impl.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
(...skipping 1068 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1079 RestoreJwkOctDictionary(&dict); | 1079 RestoreJwkOctDictionary(&dict); |
1080 | 1080 |
1081 // Fail on bad b64 encoding for k. | 1081 // Fail on bad b64 encoding for k. |
1082 dict.SetString("k", "Qk3f0DsytU8lfza2au #$% Htaw2xpop9GYyTuH0p5GghxTI="); | 1082 dict.SetString("k", "Qk3f0DsytU8lfza2au #$% Htaw2xpop9GYyTuH0p5GghxTI="); |
1083 EXPECT_STATUS(Status::ErrorJwkDecodeK(), ImportKeyJwk( | 1083 EXPECT_STATUS(Status::ErrorJwkDecodeK(), ImportKeyJwk( |
1084 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1084 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1085 RestoreJwkOctDictionary(&dict); | 1085 RestoreJwkOctDictionary(&dict); |
1086 | 1086 |
1087 // Fail on empty k. | 1087 // Fail on empty k. |
1088 dict.SetString("k", ""); | 1088 dict.SetString("k", ""); |
1089 EXPECT_STATUS(Status::ErrorJwkDecodeK(), ImportKeyJwk( | 1089 EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), ImportKeyJwk( |
1090 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1090 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1091 RestoreJwkOctDictionary(&dict); | 1091 RestoreJwkOctDictionary(&dict); |
1092 | 1092 |
1093 // Fail on k actual length (120 bits) inconsistent with the embedded JWK alg | 1093 // Fail on k actual length (120 bits) inconsistent with the embedded JWK alg |
1094 // value (128) for an AES key. | 1094 // value (128) for an AES key. |
1095 dict.SetString("k", "AVj42h0Y5aqGtE3yluKL"); | 1095 dict.SetString("k", "AVj42h0Y5aqGtE3yluKL"); |
1096 // TODO(eroman): This is failing for a different reason than the test | 1096 EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), ImportKeyJwk( |
1097 // expects. | 1097 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1098 EXPECT_STATUS(Status::Error(), ImportKeyJwk( | 1098 RestoreJwkOctDictionary(&dict); |
| 1099 |
| 1100 // Fail on k actual length (192 bits) inconsistent with the embedded JWK alg |
| 1101 // value (128) for an AES key. |
| 1102 dict.SetString("k", "dGhpcyAgaXMgIDI0ICBieXRlcyBsb25n"); |
| 1103 EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), ImportKeyJwk( |
1099 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1104 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1100 RestoreJwkOctDictionary(&dict); | 1105 RestoreJwkOctDictionary(&dict); |
1101 } | 1106 } |
1102 | 1107 |
1103 TEST_F(WebCryptoImplTest, MAYBE(ImportJwkRsaFailures)) { | 1108 TEST_F(WebCryptoImplTest, MAYBE(ImportJwkRsaFailures)) { |
1104 | 1109 |
1105 base::DictionaryValue dict; | 1110 base::DictionaryValue dict; |
1106 RestoreJwkRsaDictionary(&dict); | 1111 RestoreJwkRsaDictionary(&dict); |
1107 blink::WebCryptoAlgorithm algorithm = | 1112 blink::WebCryptoAlgorithm algorithm = |
1108 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 1113 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
(...skipping 430 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1539 EXPECT_EQ(extractable, private_key.extractable()); | 1544 EXPECT_EQ(extractable, private_key.extractable()); |
1540 EXPECT_EQ(usage_mask, public_key.usages()); | 1545 EXPECT_EQ(usage_mask, public_key.usages()); |
1541 EXPECT_EQ(usage_mask, private_key.usages()); | 1546 EXPECT_EQ(usage_mask, private_key.usages()); |
1542 | 1547 |
1543 // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation. | 1548 // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation. |
1544 algorithm = webcrypto::CreateRsaKeyGenAlgorithm( | 1549 algorithm = webcrypto::CreateRsaKeyGenAlgorithm( |
1545 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1550 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
1546 modulus_length, | 1551 modulus_length, |
1547 public_exponent); | 1552 public_exponent); |
1548 EXPECT_STATUS_SUCCESS(GenerateKeyPairInternal( | 1553 EXPECT_STATUS_SUCCESS(GenerateKeyPairInternal( |
1549 algorithm, extractable, usage_mask, &public_key, &private_key)); | 1554 algorithm, false, usage_mask, &public_key, &private_key)); |
1550 EXPECT_FALSE(public_key.isNull()); | 1555 EXPECT_FALSE(public_key.isNull()); |
1551 EXPECT_FALSE(private_key.isNull()); | 1556 EXPECT_FALSE(private_key.isNull()); |
1552 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 1557 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
1553 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 1558 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
| 1559 // Even though "extractable" was set to false, the public key remains |
| 1560 // extractable. |
1554 EXPECT_EQ(true, public_key.extractable()); | 1561 EXPECT_EQ(true, public_key.extractable()); |
1555 EXPECT_EQ(extractable, private_key.extractable()); | 1562 EXPECT_EQ(false, private_key.extractable()); |
1556 EXPECT_EQ(usage_mask, public_key.usages()); | 1563 EXPECT_EQ(usage_mask, public_key.usages()); |
1557 EXPECT_EQ(usage_mask, private_key.usages()); | 1564 EXPECT_EQ(usage_mask, private_key.usages()); |
1558 | 1565 |
1559 // Fail SPKI export of private key. This is an ExportKey test, but do it here | 1566 // Exporting a private key as SPKI format doesn't make sense. However this |
1560 // since it is expensive to generate an RSA key pair and we already have a | 1567 // will first fail because the key is not extractable. |
1561 // private key here. | |
1562 blink::WebArrayBuffer output; | 1568 blink::WebArrayBuffer output; |
1563 // TODO(eroman): This test is failing for a different reason than expected by | |
1564 // the test. | |
1565 EXPECT_STATUS(Status::ErrorKeyNotExtractable(), ExportKeyInternal( | 1569 EXPECT_STATUS(Status::ErrorKeyNotExtractable(), ExportKeyInternal( |
1566 blink::WebCryptoKeyFormatSpki, private_key, &output)); | 1570 blink::WebCryptoKeyFormatSpki, private_key, &output)); |
| 1571 |
| 1572 // Re-generate an extractable private_key and try to export it as SPKI format. |
| 1573 // This should fail since spki is for public keys. |
| 1574 EXPECT_STATUS_SUCCESS(GenerateKeyPairInternal( |
| 1575 algorithm, true, usage_mask, &public_key, &private_key)); |
| 1576 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), ExportKeyInternal( |
| 1577 blink::WebCryptoKeyFormatSpki, private_key, &output)); |
1567 } | 1578 } |
1568 | 1579 |
1569 TEST_F(WebCryptoImplTest, MAYBE(RsaEsRoundTrip)) { | 1580 TEST_F(WebCryptoImplTest, MAYBE(RsaEsRoundTrip)) { |
1570 // Import a key pair. | 1581 // Import a key pair. |
1571 blink::WebCryptoAlgorithm algorithm = | 1582 blink::WebCryptoAlgorithm algorithm = |
1572 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 1583 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
1573 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1584 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
1574 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 1585 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
1575 ImportRsaKeyPair( | 1586 ImportRsaKeyPair( |
1576 HexStringToBytes(kPublicKeySpkiDerHex), | 1587 HexStringToBytes(kPublicKeySpkiDerHex), |
(...skipping 535 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2112 if (test_tag_size_bits == wrong_tag_size_bits) | 2123 if (test_tag_size_bits == wrong_tag_size_bits) |
2113 continue; | 2124 continue; |
2114 EXPECT_STATUS_ERROR(AesGcmDecrypt(key, test_iv, test_additional_data, | 2125 EXPECT_STATUS_ERROR(AesGcmDecrypt(key, test_iv, test_additional_data, |
2115 wrong_tag_size_bits, test_cipher_text, | 2126 wrong_tag_size_bits, test_cipher_text, |
2116 test_authentication_tag, &plain_text)); | 2127 test_authentication_tag, &plain_text)); |
2117 } | 2128 } |
2118 } | 2129 } |
2119 } | 2130 } |
2120 | 2131 |
2121 } // namespace content | 2132 } // namespace content |
OLD | NEW |