| Index: content/renderer/webcrypto/webcrypto_impl_unittest.cc
|
| diff --git a/content/renderer/webcrypto/webcrypto_impl_unittest.cc b/content/renderer/webcrypto/webcrypto_impl_unittest.cc
|
| index c2ee701048b01d6e486149255601edab4ea4dd10..17e39aad574e9339158c8350869adf69a43bee4c 100644
|
| --- a/content/renderer/webcrypto/webcrypto_impl_unittest.cc
|
| +++ b/content/renderer/webcrypto/webcrypto_impl_unittest.cc
|
| @@ -1086,16 +1086,21 @@ TEST_F(WebCryptoImplTest, ImportJwkOctFailures) {
|
|
|
| // Fail on empty k.
|
| dict.SetString("k", "");
|
| - EXPECT_STATUS(Status::ErrorJwkDecodeK(), ImportKeyJwk(
|
| + EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), ImportKeyJwk(
|
| MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| RestoreJwkOctDictionary(&dict);
|
|
|
| // Fail on k actual length (120 bits) inconsistent with the embedded JWK alg
|
| // value (128) for an AES key.
|
| dict.SetString("k", "AVj42h0Y5aqGtE3yluKL");
|
| - // TODO(eroman): This is failing for a different reason than the test
|
| - // expects.
|
| - EXPECT_STATUS(Status::Error(), ImportKeyJwk(
|
| + EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), ImportKeyJwk(
|
| + MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| + RestoreJwkOctDictionary(&dict);
|
| +
|
| + // Fail on k actual length (192 bits) inconsistent with the embedded JWK alg
|
| + // value (128) for an AES key.
|
| + dict.SetString("k", "dGhpcyAgaXMgIDI0ICBieXRlcyBsb25n");
|
| + EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), ImportKeyJwk(
|
| MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| RestoreJwkOctDictionary(&dict);
|
| }
|
| @@ -1465,7 +1470,7 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) {
|
| EXPECT_FALSE(private_key.isNull());
|
| EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type());
|
| EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type());
|
| - EXPECT_EQ(true, public_key.extractable());
|
| + EXPECT_TRUE(public_key.extractable());
|
| EXPECT_EQ(extractable, private_key.extractable());
|
| EXPECT_EQ(usage_mask, public_key.usages());
|
| EXPECT_EQ(usage_mask, private_key.usages());
|
| @@ -1521,7 +1526,7 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) {
|
| EXPECT_FALSE(private_key.isNull());
|
| EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type());
|
| EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type());
|
| - EXPECT_EQ(true, public_key.extractable());
|
| + EXPECT_TRUE(public_key.extractable());
|
| EXPECT_EQ(extractable, private_key.extractable());
|
| EXPECT_EQ(usage_mask, public_key.usages());
|
| EXPECT_EQ(usage_mask, private_key.usages());
|
| @@ -1535,7 +1540,7 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) {
|
| EXPECT_FALSE(private_key.isNull());
|
| EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type());
|
| EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type());
|
| - EXPECT_EQ(true, public_key.extractable());
|
| + EXPECT_TRUE(public_key.extractable());
|
| EXPECT_EQ(extractable, private_key.extractable());
|
| EXPECT_EQ(usage_mask, public_key.usages());
|
| EXPECT_EQ(usage_mask, private_key.usages());
|
| @@ -1546,24 +1551,30 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) {
|
| modulus_length,
|
| public_exponent);
|
| EXPECT_STATUS_SUCCESS(GenerateKeyPairInternal(
|
| - algorithm, extractable, usage_mask, &public_key, &private_key));
|
| + algorithm, false, usage_mask, &public_key, &private_key));
|
| EXPECT_FALSE(public_key.isNull());
|
| EXPECT_FALSE(private_key.isNull());
|
| EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type());
|
| EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type());
|
| - EXPECT_EQ(true, public_key.extractable());
|
| - EXPECT_EQ(extractable, private_key.extractable());
|
| + // Even though "extractable" was set to false, the public key remains
|
| + // extractable.
|
| + EXPECT_TRUE(public_key.extractable());
|
| + EXPECT_FALSE(private_key.extractable());
|
| EXPECT_EQ(usage_mask, public_key.usages());
|
| EXPECT_EQ(usage_mask, private_key.usages());
|
|
|
| - // Fail SPKI export of private key. This is an ExportKey test, but do it here
|
| - // since it is expensive to generate an RSA key pair and we already have a
|
| - // private key here.
|
| + // Exporting a private key as SPKI format doesn't make sense. However this
|
| + // will first fail because the key is not extractable.
|
| blink::WebArrayBuffer output;
|
| - // TODO(eroman): This test is failing for a different reason than expected by
|
| - // the test.
|
| EXPECT_STATUS(Status::ErrorKeyNotExtractable(), ExportKeyInternal(
|
| blink::WebCryptoKeyFormatSpki, private_key, &output));
|
| +
|
| + // Re-generate an extractable private_key and try to export it as SPKI format.
|
| + // This should fail since spki is for public keys.
|
| + EXPECT_STATUS_SUCCESS(GenerateKeyPairInternal(
|
| + algorithm, true, usage_mask, &public_key, &private_key));
|
| + EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), ExportKeyInternal(
|
| + blink::WebCryptoKeyFormatSpki, private_key, &output));
|
| }
|
|
|
| TEST_F(WebCryptoImplTest, MAYBE(RsaEsRoundTrip)) {
|
|
|
Chromium Code Reviews
Issue 141853006:
[webcrypto] Validate JWK import of AES keys: key length must match algorithm. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src