OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/renderer/webcrypto/webcrypto_impl.h" | 5 #include "content/renderer/webcrypto/webcrypto_impl.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
11 #include "base/basictypes.h" | 11 #include "base/basictypes.h" |
(...skipping 11 matching lines...) Expand all Loading... |
23 #include "third_party/WebKit/public/platform/WebCryptoKey.h" | 23 #include "third_party/WebKit/public/platform/WebCryptoKey.h" |
24 | 24 |
25 // The OpenSSL implementation of WebCrypto is less complete, so don't run all of | 25 // The OpenSSL implementation of WebCrypto is less complete, so don't run all of |
26 // the tests: http://crbug.com/267888 | 26 // the tests: http://crbug.com/267888 |
27 #if defined(USE_OPENSSL) | 27 #if defined(USE_OPENSSL) |
28 #define MAYBE(test_name) DISABLED_##test_name | 28 #define MAYBE(test_name) DISABLED_##test_name |
29 #else | 29 #else |
30 #define MAYBE(test_name) test_name | 30 #define MAYBE(test_name) test_name |
31 #endif | 31 #endif |
32 | 32 |
| 33 // Helper macros to verify the value of a Status. |
| 34 #define EXPECT_STATUS_ERROR(code) EXPECT_FALSE((code).IsSuccess()) |
| 35 #define EXPECT_STATUS(expected, code) \ |
| 36 EXPECT_EQ(expected.ToString(), (code).ToString()) |
| 37 #define ASSERT_STATUS(expected, code) \ |
| 38 ASSERT_EQ(expected.ToString(), (code).ToString()) |
| 39 #define EXPECT_STATUS_SUCCESS(code) EXPECT_STATUS(Status::Success(), code) |
| 40 #define ASSERT_STATUS_SUCCESS(code) ASSERT_STATUS(Status::Success(), code) |
| 41 |
33 namespace content { | 42 namespace content { |
34 | 43 |
| 44 using webcrypto::Status; |
| 45 |
35 namespace { | 46 namespace { |
36 | 47 |
37 // Returns a slightly modified version of the input vector. | 48 // Returns a slightly modified version of the input vector. |
38 // | 49 // |
39 // - For non-empty inputs a single bit is inverted. | 50 // - For non-empty inputs a single bit is inverted. |
40 // - For empty inputs, a byte is added. | 51 // - For empty inputs, a byte is added. |
41 std::vector<uint8> Corrupted(const std::vector<uint8>& input) { | 52 std::vector<uint8> Corrupted(const std::vector<uint8>& input) { |
42 std::vector<uint8> corrupted_data(input); | 53 std::vector<uint8> corrupted_data(input); |
43 if (corrupted_data.empty()) | 54 if (corrupted_data.empty()) |
44 corrupted_data.push_back(0); | 55 corrupted_data.push_back(0); |
(...skipping 168 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
213 class WebCryptoImplTest : public testing::Test { | 224 class WebCryptoImplTest : public testing::Test { |
214 protected: | 225 protected: |
215 blink::WebCryptoKey ImportSecretKeyFromRawHexString( | 226 blink::WebCryptoKey ImportSecretKeyFromRawHexString( |
216 const std::string& key_hex, | 227 const std::string& key_hex, |
217 const blink::WebCryptoAlgorithm& algorithm, | 228 const blink::WebCryptoAlgorithm& algorithm, |
218 blink::WebCryptoKeyUsageMask usage) { | 229 blink::WebCryptoKeyUsageMask usage) { |
219 std::vector<uint8> key_raw = HexStringToBytes(key_hex); | 230 std::vector<uint8> key_raw = HexStringToBytes(key_hex); |
220 | 231 |
221 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 232 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
222 bool extractable = true; | 233 bool extractable = true; |
223 EXPECT_TRUE(crypto_.ImportKeyInternal(blink::WebCryptoKeyFormatRaw, | 234 EXPECT_STATUS_SUCCESS( |
224 webcrypto::Uint8VectorStart(key_raw), | 235 crypto_.ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
225 key_raw.size(), | 236 webcrypto::Uint8VectorStart(key_raw), |
226 algorithm, | 237 key_raw.size(), |
227 extractable, | 238 algorithm, |
228 usage, | 239 extractable, |
229 &key)); | 240 usage, |
| 241 &key)); |
230 | 242 |
231 EXPECT_FALSE(key.isNull()); | 243 EXPECT_FALSE(key.isNull()); |
232 EXPECT_TRUE(key.handle()); | 244 EXPECT_TRUE(key.handle()); |
233 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 245 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
234 EXPECT_EQ(algorithm.id(), key.algorithm().id()); | 246 EXPECT_EQ(algorithm.id(), key.algorithm().id()); |
235 EXPECT_EQ(extractable, key.extractable()); | 247 EXPECT_EQ(extractable, key.extractable()); |
236 EXPECT_EQ(usage, key.usages()); | 248 EXPECT_EQ(usage, key.usages()); |
237 return key; | 249 return key; |
238 } | 250 } |
239 | 251 |
240 void ImportRsaKeyPair( | 252 void ImportRsaKeyPair( |
241 const std::string& spki_der_hex, | 253 const std::string& spki_der_hex, |
242 const std::string& pkcs8_der_hex, | 254 const std::string& pkcs8_der_hex, |
243 const blink::WebCryptoAlgorithm& algorithm, | 255 const blink::WebCryptoAlgorithm& algorithm, |
244 bool extractable, | 256 bool extractable, |
245 blink::WebCryptoKeyUsageMask usage_mask, | 257 blink::WebCryptoKeyUsageMask usage_mask, |
246 blink::WebCryptoKey* public_key, | 258 blink::WebCryptoKey* public_key, |
247 blink::WebCryptoKey* private_key) { | 259 blink::WebCryptoKey* private_key) { |
248 EXPECT_TRUE(ImportKeyInternal( | 260 EXPECT_STATUS_SUCCESS(ImportKeyInternal( |
249 blink::WebCryptoKeyFormatSpki, | 261 blink::WebCryptoKeyFormatSpki, |
250 HexStringToBytes(spki_der_hex), | 262 HexStringToBytes(spki_der_hex), |
251 algorithm, | 263 algorithm, |
252 true, | 264 true, |
253 usage_mask, | 265 usage_mask, |
254 public_key)); | 266 public_key)); |
255 EXPECT_FALSE(public_key->isNull()); | 267 EXPECT_FALSE(public_key->isNull()); |
256 EXPECT_TRUE(public_key->handle()); | 268 EXPECT_TRUE(public_key->handle()); |
257 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key->type()); | 269 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key->type()); |
258 EXPECT_EQ(algorithm.id(), public_key->algorithm().id()); | 270 EXPECT_EQ(algorithm.id(), public_key->algorithm().id()); |
259 EXPECT_EQ(extractable, extractable); | 271 EXPECT_EQ(extractable, extractable); |
260 EXPECT_EQ(usage_mask, public_key->usages()); | 272 EXPECT_EQ(usage_mask, public_key->usages()); |
261 | 273 |
262 EXPECT_TRUE(ImportKeyInternal( | 274 EXPECT_STATUS_SUCCESS(ImportKeyInternal( |
263 blink::WebCryptoKeyFormatPkcs8, | 275 blink::WebCryptoKeyFormatPkcs8, |
264 HexStringToBytes(pkcs8_der_hex), | 276 HexStringToBytes(pkcs8_der_hex), |
265 algorithm, | 277 algorithm, |
266 extractable, | 278 extractable, |
267 usage_mask, | 279 usage_mask, |
268 private_key)); | 280 private_key)); |
269 EXPECT_FALSE(private_key->isNull()); | 281 EXPECT_FALSE(private_key->isNull()); |
270 EXPECT_TRUE(private_key->handle()); | 282 EXPECT_TRUE(private_key->handle()); |
271 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key->type()); | 283 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key->type()); |
272 EXPECT_EQ(algorithm.id(), private_key->algorithm().id()); | 284 EXPECT_EQ(algorithm.id(), private_key->algorithm().id()); |
273 EXPECT_EQ(extractable, extractable); | 285 EXPECT_EQ(extractable, extractable); |
274 EXPECT_EQ(usage_mask, private_key->usages()); | 286 EXPECT_EQ(usage_mask, private_key->usages()); |
275 } | 287 } |
276 | 288 |
277 // TODO(eroman): For Linux builds using system NSS, AES-GCM support is a | 289 // TODO(eroman): For Linux builds using system NSS, AES-GCM support is a |
278 // runtime dependency. Test it by trying to import a key. | 290 // runtime dependency. Test it by trying to import a key. |
279 bool SupportsAesGcm() { | 291 bool SupportsAesGcm() { |
280 std::vector<uint8> key_raw(16, 0); | 292 std::vector<uint8> key_raw(16, 0); |
281 | 293 |
282 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 294 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
283 return crypto_.ImportKeyInternal( | 295 Status status = crypto_.ImportKeyInternal( |
284 blink::WebCryptoKeyFormatRaw, | 296 blink::WebCryptoKeyFormatRaw, |
285 webcrypto::Uint8VectorStart(key_raw), | 297 webcrypto::Uint8VectorStart(key_raw), |
286 key_raw.size(), | 298 key_raw.size(), |
287 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm), | 299 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm), |
288 true, | 300 true, |
289 blink::WebCryptoKeyUsageEncrypt, | 301 blink::WebCryptoKeyUsageEncrypt, |
290 &key); | 302 &key); |
| 303 |
| 304 if (status.IsError()) { |
| 305 EXPECT_EQ(Status::ErrorUnsupported().ToString(), status.ToString()); |
| 306 } |
| 307 return status.IsSuccess(); |
| 308 |
291 } | 309 } |
292 | 310 |
293 bool AesGcmEncrypt(const blink::WebCryptoKey& key, | 311 Status AesGcmEncrypt(const blink::WebCryptoKey& key, |
294 const std::vector<uint8>& iv, | 312 const std::vector<uint8>& iv, |
295 const std::vector<uint8>& additional_data, | 313 const std::vector<uint8>& additional_data, |
296 unsigned tag_length_bits, | 314 unsigned tag_length_bits, |
297 const std::vector<uint8>& plain_text, | 315 const std::vector<uint8>& plain_text, |
298 std::vector<uint8>* cipher_text, | 316 std::vector<uint8>* cipher_text, |
299 std::vector<uint8>* authentication_tag) { | 317 std::vector<uint8>* authentication_tag) { |
300 blink::WebCryptoAlgorithm algorithm = CreateAesGcmAlgorithm( | 318 blink::WebCryptoAlgorithm algorithm = CreateAesGcmAlgorithm( |
301 iv, additional_data, tag_length_bits); | 319 iv, additional_data, tag_length_bits); |
302 | 320 |
303 blink::WebArrayBuffer output; | 321 blink::WebArrayBuffer output; |
304 if (!EncryptInternal(algorithm, key, plain_text, &output)) | 322 Status status = EncryptInternal(algorithm, key, plain_text, &output); |
305 return false; | 323 if (status.IsError()) { |
| 324 return status; |
| 325 } |
306 | 326 |
307 if (output.byteLength() * 8 < tag_length_bits) { | 327 if (output.byteLength() * 8 < tag_length_bits) { |
308 EXPECT_TRUE(false); | 328 EXPECT_TRUE(false); |
309 return false; | 329 return Status::Error(); |
310 } | 330 } |
311 | 331 |
312 // The encryption result is cipher text with authentication tag appended. | 332 // The encryption result is cipher text with authentication tag appended. |
313 cipher_text->assign( | 333 cipher_text->assign( |
314 static_cast<uint8*>(output.data()), | 334 static_cast<uint8*>(output.data()), |
315 static_cast<uint8*>(output.data()) + | 335 static_cast<uint8*>(output.data()) + |
316 (output.byteLength() - tag_length_bits / 8)); | 336 (output.byteLength() - tag_length_bits / 8)); |
317 authentication_tag->assign( | 337 authentication_tag->assign( |
318 static_cast<uint8*>(output.data()) + cipher_text->size(), | 338 static_cast<uint8*>(output.data()) + cipher_text->size(), |
319 static_cast<uint8*>(output.data()) + output.byteLength()); | 339 static_cast<uint8*>(output.data()) + output.byteLength()); |
320 | 340 |
321 return true; | 341 return Status::Success(); |
322 } | 342 } |
323 | 343 |
324 bool AesGcmDecrypt(const blink::WebCryptoKey& key, | 344 Status AesGcmDecrypt(const blink::WebCryptoKey& key, |
325 const std::vector<uint8>& iv, | 345 const std::vector<uint8>& iv, |
326 const std::vector<uint8>& additional_data, | 346 const std::vector<uint8>& additional_data, |
327 unsigned tag_length_bits, | 347 unsigned tag_length_bits, |
328 const std::vector<uint8>& cipher_text, | 348 const std::vector<uint8>& cipher_text, |
329 const std::vector<uint8>& authentication_tag, | 349 const std::vector<uint8>& authentication_tag, |
330 blink::WebArrayBuffer* plain_text) { | 350 blink::WebArrayBuffer* plain_text) { |
331 blink::WebCryptoAlgorithm algorithm = CreateAesGcmAlgorithm( | 351 blink::WebCryptoAlgorithm algorithm = CreateAesGcmAlgorithm( |
332 iv, additional_data, tag_length_bits); | 352 iv, additional_data, tag_length_bits); |
333 | 353 |
334 // Join cipher text and authentication tag. | 354 // Join cipher text and authentication tag. |
335 std::vector<uint8> cipher_text_with_tag; | 355 std::vector<uint8> cipher_text_with_tag; |
336 cipher_text_with_tag.reserve( | 356 cipher_text_with_tag.reserve( |
337 cipher_text.size() + authentication_tag.size()); | 357 cipher_text.size() + authentication_tag.size()); |
338 cipher_text_with_tag.insert( | 358 cipher_text_with_tag.insert( |
339 cipher_text_with_tag.end(), cipher_text.begin(), cipher_text.end()); | 359 cipher_text_with_tag.end(), cipher_text.begin(), cipher_text.end()); |
340 cipher_text_with_tag.insert( | 360 cipher_text_with_tag.insert( |
341 cipher_text_with_tag.end(), authentication_tag.begin(), | 361 cipher_text_with_tag.end(), authentication_tag.begin(), |
342 authentication_tag.end()); | 362 authentication_tag.end()); |
343 | 363 |
344 return DecryptInternal(algorithm, key, cipher_text_with_tag, plain_text); | 364 return DecryptInternal(algorithm, key, cipher_text_with_tag, plain_text); |
345 } | 365 } |
346 | 366 |
347 // Forwarding methods to gain access to protected methods of | 367 // Forwarding methods to gain access to protected methods of |
348 // WebCryptoImpl. | 368 // WebCryptoImpl. |
349 | 369 |
350 bool DigestInternal( | 370 Status DigestInternal( |
351 const blink::WebCryptoAlgorithm& algorithm, | 371 const blink::WebCryptoAlgorithm& algorithm, |
352 const std::vector<uint8>& data, | 372 const std::vector<uint8>& data, |
353 blink::WebArrayBuffer* buffer) { | 373 blink::WebArrayBuffer* buffer) { |
354 return crypto_.DigestInternal( | 374 return crypto_.DigestInternal( |
355 algorithm, webcrypto::Uint8VectorStart(data), data.size(), buffer); | 375 algorithm, webcrypto::Uint8VectorStart(data), data.size(), buffer); |
356 } | 376 } |
357 | 377 |
358 bool GenerateKeyInternal( | 378 Status GenerateKeyInternal( |
359 const blink::WebCryptoAlgorithm& algorithm, | 379 const blink::WebCryptoAlgorithm& algorithm, |
360 blink::WebCryptoKey* key) { | 380 blink::WebCryptoKey* key) { |
361 bool extractable = true; | 381 bool extractable = true; |
362 blink::WebCryptoKeyUsageMask usage_mask = 0; | 382 blink::WebCryptoKeyUsageMask usage_mask = 0; |
363 return crypto_.GenerateKeyInternal(algorithm, extractable, usage_mask, key); | 383 return crypto_.GenerateKeyInternal( |
| 384 algorithm, extractable, usage_mask, key); |
364 } | 385 } |
365 | 386 |
366 bool GenerateKeyPairInternal( | 387 Status GenerateKeyPairInternal( |
367 const blink::WebCryptoAlgorithm& algorithm, | 388 const blink::WebCryptoAlgorithm& algorithm, |
368 bool extractable, | 389 bool extractable, |
369 blink::WebCryptoKeyUsageMask usage_mask, | 390 blink::WebCryptoKeyUsageMask usage_mask, |
370 blink::WebCryptoKey* public_key, | 391 blink::WebCryptoKey* public_key, |
371 blink::WebCryptoKey* private_key) { | 392 blink::WebCryptoKey* private_key) { |
372 return crypto_.GenerateKeyPairInternal( | 393 return crypto_.GenerateKeyPairInternal( |
373 algorithm, extractable, usage_mask, public_key, private_key); | 394 algorithm, extractable, usage_mask, public_key, private_key); |
374 } | 395 } |
375 | 396 |
376 bool ImportKeyInternal( | 397 Status ImportKeyInternal( |
377 blink::WebCryptoKeyFormat format, | 398 blink::WebCryptoKeyFormat format, |
378 const std::vector<uint8>& key_data, | 399 const std::vector<uint8>& key_data, |
379 const blink::WebCryptoAlgorithm& algorithm, | 400 const blink::WebCryptoAlgorithm& algorithm, |
380 bool extractable, | 401 bool extractable, |
381 blink::WebCryptoKeyUsageMask usage_mask, | 402 blink::WebCryptoKeyUsageMask usage_mask, |
382 blink::WebCryptoKey* key) { | 403 blink::WebCryptoKey* key) { |
383 return crypto_.ImportKeyInternal(format, | 404 return crypto_.ImportKeyInternal(format, |
384 webcrypto::Uint8VectorStart(key_data), | 405 webcrypto::Uint8VectorStart(key_data), |
385 key_data.size(), | 406 key_data.size(), |
386 algorithm, | 407 algorithm, |
387 extractable, | 408 extractable, |
388 usage_mask, | 409 usage_mask, |
389 key); | 410 key); |
390 } | 411 } |
391 | 412 |
392 bool ExportKeyInternal( | 413 Status ExportKeyInternal( |
393 blink::WebCryptoKeyFormat format, | 414 blink::WebCryptoKeyFormat format, |
394 const blink::WebCryptoKey& key, | 415 const blink::WebCryptoKey& key, |
395 blink::WebArrayBuffer* buffer) { | 416 blink::WebArrayBuffer* buffer) { |
396 return crypto_.ExportKeyInternal(format, key, buffer); | 417 return crypto_.ExportKeyInternal(format, key, buffer); |
397 } | 418 } |
398 | 419 |
399 bool SignInternal( | 420 Status SignInternal( |
400 const blink::WebCryptoAlgorithm& algorithm, | 421 const blink::WebCryptoAlgorithm& algorithm, |
401 const blink::WebCryptoKey& key, | 422 const blink::WebCryptoKey& key, |
402 const std::vector<uint8>& data, | 423 const std::vector<uint8>& data, |
403 blink::WebArrayBuffer* buffer) { | 424 blink::WebArrayBuffer* buffer) { |
404 return crypto_.SignInternal( | 425 return crypto_.SignInternal( |
405 algorithm, key, webcrypto::Uint8VectorStart(data), data.size(), buffer); | 426 algorithm, key, webcrypto::Uint8VectorStart(data), data.size(), buffer); |
406 } | 427 } |
407 | 428 |
408 bool VerifySignatureInternal( | 429 Status VerifySignatureInternal( |
409 const blink::WebCryptoAlgorithm& algorithm, | 430 const blink::WebCryptoAlgorithm& algorithm, |
410 const blink::WebCryptoKey& key, | 431 const blink::WebCryptoKey& key, |
411 const unsigned char* signature, | 432 const unsigned char* signature, |
412 unsigned signature_size, | 433 unsigned signature_size, |
413 const std::vector<uint8>& data, | 434 const std::vector<uint8>& data, |
414 bool* signature_match) { | 435 bool* signature_match) { |
415 return crypto_.VerifySignatureInternal(algorithm, | 436 return crypto_.VerifySignatureInternal(algorithm, |
416 key, | 437 key, |
417 signature, | 438 signature, |
418 signature_size, | 439 signature_size, |
419 webcrypto::Uint8VectorStart(data), | 440 webcrypto::Uint8VectorStart(data), |
420 data.size(), | 441 data.size(), |
421 signature_match); | 442 signature_match); |
422 } | 443 } |
423 | 444 |
424 bool VerifySignatureInternal( | 445 Status VerifySignatureInternal( |
425 const blink::WebCryptoAlgorithm& algorithm, | 446 const blink::WebCryptoAlgorithm& algorithm, |
426 const blink::WebCryptoKey& key, | 447 const blink::WebCryptoKey& key, |
427 const std::vector<uint8>& signature, | 448 const std::vector<uint8>& signature, |
428 const std::vector<uint8>& data, | 449 const std::vector<uint8>& data, |
429 bool* signature_match) { | 450 bool* signature_match) { |
430 return crypto_.VerifySignatureInternal( | 451 return crypto_.VerifySignatureInternal( |
431 algorithm, | 452 algorithm, |
432 key, | 453 key, |
433 webcrypto::Uint8VectorStart(signature), | 454 webcrypto::Uint8VectorStart(signature), |
434 signature.size(), | 455 signature.size(), |
435 webcrypto::Uint8VectorStart(data), | 456 webcrypto::Uint8VectorStart(data), |
436 data.size(), | 457 data.size(), |
437 signature_match); | 458 signature_match); |
438 } | 459 } |
439 | 460 |
440 bool EncryptInternal( | 461 Status EncryptInternal( |
441 const blink::WebCryptoAlgorithm& algorithm, | 462 const blink::WebCryptoAlgorithm& algorithm, |
442 const blink::WebCryptoKey& key, | 463 const blink::WebCryptoKey& key, |
443 const unsigned char* data, | 464 const unsigned char* data, |
444 unsigned data_size, | 465 unsigned data_size, |
445 blink::WebArrayBuffer* buffer) { | 466 blink::WebArrayBuffer* buffer) { |
446 return crypto_.EncryptInternal(algorithm, key, data, data_size, buffer); | 467 return crypto_.EncryptInternal(algorithm, key, data, data_size, buffer); |
447 } | 468 } |
448 | 469 |
449 bool EncryptInternal( | 470 Status EncryptInternal( |
450 const blink::WebCryptoAlgorithm& algorithm, | 471 const blink::WebCryptoAlgorithm& algorithm, |
451 const blink::WebCryptoKey& key, | 472 const blink::WebCryptoKey& key, |
452 const std::vector<uint8>& data, | 473 const std::vector<uint8>& data, |
453 blink::WebArrayBuffer* buffer) { | 474 blink::WebArrayBuffer* buffer) { |
454 return crypto_.EncryptInternal( | 475 return crypto_.EncryptInternal( |
455 algorithm, key, webcrypto::Uint8VectorStart(data), data.size(), buffer); | 476 algorithm, key, webcrypto::Uint8VectorStart(data), data.size(), buffer); |
456 } | 477 } |
457 | 478 |
458 bool DecryptInternal( | 479 Status DecryptInternal( |
459 const blink::WebCryptoAlgorithm& algorithm, | 480 const blink::WebCryptoAlgorithm& algorithm, |
460 const blink::WebCryptoKey& key, | 481 const blink::WebCryptoKey& key, |
461 const unsigned char* data, | 482 const unsigned char* data, |
462 unsigned data_size, | 483 unsigned data_size, |
463 blink::WebArrayBuffer* buffer) { | 484 blink::WebArrayBuffer* buffer) { |
464 return crypto_.DecryptInternal(algorithm, key, data, data_size, buffer); | 485 return crypto_.DecryptInternal(algorithm, key, data, data_size, buffer); |
465 } | 486 } |
466 | 487 |
467 bool DecryptInternal( | 488 Status DecryptInternal( |
468 const blink::WebCryptoAlgorithm& algorithm, | 489 const blink::WebCryptoAlgorithm& algorithm, |
469 const blink::WebCryptoKey& key, | 490 const blink::WebCryptoKey& key, |
470 const std::vector<uint8>& data, | 491 const std::vector<uint8>& data, |
471 blink::WebArrayBuffer* buffer) { | 492 blink::WebArrayBuffer* buffer) { |
472 return crypto_.DecryptInternal( | 493 return crypto_.DecryptInternal( |
473 algorithm, key, webcrypto::Uint8VectorStart(data), data.size(), buffer); | 494 algorithm, key, webcrypto::Uint8VectorStart(data), data.size(), buffer); |
474 } | 495 } |
475 | 496 |
476 bool ImportKeyJwk( | 497 Status ImportKeyJwk( |
477 const std::vector<uint8>& key_data, | 498 const std::vector<uint8>& key_data, |
478 const blink::WebCryptoAlgorithm& algorithm, | 499 const blink::WebCryptoAlgorithm& algorithm, |
479 bool extractable, | 500 bool extractable, |
480 blink::WebCryptoKeyUsageMask usage_mask, | 501 blink::WebCryptoKeyUsageMask usage_mask, |
481 blink::WebCryptoKey* key) { | 502 blink::WebCryptoKey* key) { |
482 return crypto_.ImportKeyJwk(webcrypto::Uint8VectorStart(key_data), | 503 return crypto_.ImportKeyJwk(webcrypto::Uint8VectorStart(key_data), |
483 key_data.size(), | 504 key_data.size(), |
484 algorithm, | 505 algorithm, |
485 extractable, | 506 extractable, |
486 usage_mask, | 507 usage_mask, |
487 key); | 508 key); |
488 } | 509 } |
489 | 510 |
490 private: | 511 private: |
491 WebCryptoImpl crypto_; | 512 WebCryptoImpl crypto_; |
492 }; | 513 }; |
493 | 514 |
| 515 TEST_F(WebCryptoImplTest, StatusToString) { |
| 516 EXPECT_EQ("Success", Status::Success().ToString()); |
| 517 EXPECT_EQ("", Status::Error().ToString()); |
| 518 EXPECT_EQ("The requested operation is unsupported", |
| 519 Status::ErrorUnsupported().ToString()); |
| 520 } |
| 521 |
494 TEST_F(WebCryptoImplTest, DigestSampleSets) { | 522 TEST_F(WebCryptoImplTest, DigestSampleSets) { |
495 // The results are stored here in hex format for readability. | 523 // The results are stored here in hex format for readability. |
496 // | 524 // |
497 // TODO(bryaneyler): Eventually, all these sample test sets should be replaced | 525 // TODO(bryaneyler): Eventually, all these sample test sets should be replaced |
498 // with the sets here: http://csrc.nist.gov/groups/STM/cavp/index.html#03 | 526 // with the sets here: http://csrc.nist.gov/groups/STM/cavp/index.html#03 |
499 // | 527 // |
500 // Results were generated using the command sha{1,224,256,384,512}sum. | 528 // Results were generated using the command sha{1,224,256,384,512}sum. |
501 struct TestCase { | 529 struct TestCase { |
502 blink::WebCryptoAlgorithmId algorithm; | 530 blink::WebCryptoAlgorithmId algorithm; |
503 const std::string hex_input; | 531 const std::string hex_input; |
(...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
561 for (size_t test_index = 0; test_index < ARRAYSIZE_UNSAFE(kTests); | 589 for (size_t test_index = 0; test_index < ARRAYSIZE_UNSAFE(kTests); |
562 ++test_index) { | 590 ++test_index) { |
563 SCOPED_TRACE(test_index); | 591 SCOPED_TRACE(test_index); |
564 const TestCase& test = kTests[test_index]; | 592 const TestCase& test = kTests[test_index]; |
565 | 593 |
566 blink::WebCryptoAlgorithm algorithm = | 594 blink::WebCryptoAlgorithm algorithm = |
567 webcrypto::CreateAlgorithm(test.algorithm); | 595 webcrypto::CreateAlgorithm(test.algorithm); |
568 std::vector<uint8> input = HexStringToBytes(test.hex_input); | 596 std::vector<uint8> input = HexStringToBytes(test.hex_input); |
569 | 597 |
570 blink::WebArrayBuffer output; | 598 blink::WebArrayBuffer output; |
571 ASSERT_TRUE(DigestInternal(algorithm, input, &output)); | 599 ASSERT_STATUS_SUCCESS(DigestInternal(algorithm, input, &output)); |
572 ExpectArrayBufferMatchesHex(test.hex_result, output); | 600 ExpectArrayBufferMatchesHex(test.hex_result, output); |
573 } | 601 } |
574 } | 602 } |
575 | 603 |
576 TEST_F(WebCryptoImplTest, HMACSampleSets) { | 604 TEST_F(WebCryptoImplTest, HMACSampleSets) { |
577 struct TestCase { | 605 struct TestCase { |
578 blink::WebCryptoAlgorithmId algorithm; | 606 blink::WebCryptoAlgorithmId algorithm; |
579 const char* key; | 607 const char* key; |
580 const char* message; | 608 const char* message; |
581 const char* mac; | 609 const char* mac; |
(...skipping 130 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
712 const TestCase& test = kTests[test_index]; | 740 const TestCase& test = kTests[test_index]; |
713 | 741 |
714 blink::WebCryptoAlgorithm algorithm = | 742 blink::WebCryptoAlgorithm algorithm = |
715 webcrypto::CreateHmacAlgorithmByHashId(test.algorithm); | 743 webcrypto::CreateHmacAlgorithmByHashId(test.algorithm); |
716 | 744 |
717 blink::WebCryptoKey key = ImportSecretKeyFromRawHexString( | 745 blink::WebCryptoKey key = ImportSecretKeyFromRawHexString( |
718 test.key, algorithm, blink::WebCryptoKeyUsageSign); | 746 test.key, algorithm, blink::WebCryptoKeyUsageSign); |
719 | 747 |
720 // Verify exported raw key is identical to the imported data | 748 // Verify exported raw key is identical to the imported data |
721 blink::WebArrayBuffer raw_key; | 749 blink::WebArrayBuffer raw_key; |
722 EXPECT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 750 EXPECT_STATUS_SUCCESS( |
| 751 ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
723 ExpectArrayBufferMatchesHex(test.key, raw_key); | 752 ExpectArrayBufferMatchesHex(test.key, raw_key); |
724 | 753 |
725 std::vector<uint8> message_raw = HexStringToBytes(test.message); | 754 std::vector<uint8> message_raw = HexStringToBytes(test.message); |
726 | 755 |
727 blink::WebArrayBuffer output; | 756 blink::WebArrayBuffer output; |
728 | 757 |
729 ASSERT_TRUE(SignInternal(algorithm, key, message_raw, &output)); | 758 ASSERT_STATUS_SUCCESS(SignInternal(algorithm, key, message_raw, &output)); |
730 | 759 |
731 ExpectArrayBufferMatchesHex(test.mac, output); | 760 ExpectArrayBufferMatchesHex(test.mac, output); |
732 | 761 |
733 bool signature_match = false; | 762 bool signature_match = false; |
734 EXPECT_TRUE(VerifySignatureInternal( | 763 EXPECT_STATUS_SUCCESS(VerifySignatureInternal( |
735 algorithm, | 764 algorithm, |
736 key, | 765 key, |
737 static_cast<const unsigned char*>(output.data()), | 766 static_cast<const unsigned char*>(output.data()), |
738 output.byteLength(), | 767 output.byteLength(), |
739 message_raw, | 768 message_raw, |
740 &signature_match)); | 769 &signature_match)); |
741 EXPECT_TRUE(signature_match); | 770 EXPECT_TRUE(signature_match); |
742 | 771 |
743 // Ensure truncated signature does not verify by passing one less byte. | 772 // Ensure truncated signature does not verify by passing one less byte. |
744 EXPECT_TRUE(VerifySignatureInternal( | 773 EXPECT_STATUS_SUCCESS(VerifySignatureInternal( |
745 algorithm, | 774 algorithm, |
746 key, | 775 key, |
747 static_cast<const unsigned char*>(output.data()), | 776 static_cast<const unsigned char*>(output.data()), |
748 output.byteLength() - 1, | 777 output.byteLength() - 1, |
749 message_raw, | 778 message_raw, |
750 &signature_match)); | 779 &signature_match)); |
751 EXPECT_FALSE(signature_match); | 780 EXPECT_FALSE(signature_match); |
752 | 781 |
| 782 // Ensure truncated signature does not verify by passing no bytes. |
| 783 EXPECT_STATUS_SUCCESS(VerifySignatureInternal( |
| 784 algorithm, |
| 785 key, |
| 786 NULL, |
| 787 0, |
| 788 message_raw, |
| 789 &signature_match)); |
| 790 EXPECT_FALSE(signature_match); |
| 791 |
753 // Ensure extra long signature does not cause issues and fails. | 792 // Ensure extra long signature does not cause issues and fails. |
754 const unsigned char kLongSignature[1024] = { 0 }; | 793 const unsigned char kLongSignature[1024] = { 0 }; |
755 EXPECT_TRUE(VerifySignatureInternal( | 794 EXPECT_STATUS_SUCCESS(VerifySignatureInternal( |
756 algorithm, | 795 algorithm, |
757 key, | 796 key, |
758 kLongSignature, | 797 kLongSignature, |
759 sizeof(kLongSignature), | 798 sizeof(kLongSignature), |
760 message_raw, | 799 message_raw, |
761 &signature_match)); | 800 &signature_match)); |
762 EXPECT_FALSE(signature_match); | 801 EXPECT_FALSE(signature_match); |
763 } | 802 } |
764 } | 803 } |
765 | 804 |
766 TEST_F(WebCryptoImplTest, AesCbcFailures) { | 805 TEST_F(WebCryptoImplTest, AesCbcFailures) { |
767 const std::string key_hex = "2b7e151628aed2a6abf7158809cf4f3c"; | 806 const std::string key_hex = "2b7e151628aed2a6abf7158809cf4f3c"; |
768 blink::WebCryptoKey key = ImportSecretKeyFromRawHexString( | 807 blink::WebCryptoKey key = ImportSecretKeyFromRawHexString( |
769 key_hex, | 808 key_hex, |
770 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 809 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
771 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); | 810 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); |
772 | 811 |
773 // Verify exported raw key is identical to the imported data | 812 // Verify exported raw key is identical to the imported data |
774 blink::WebArrayBuffer raw_key; | 813 blink::WebArrayBuffer raw_key; |
775 EXPECT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 814 EXPECT_STATUS_SUCCESS( |
| 815 ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
776 ExpectArrayBufferMatchesHex(key_hex, raw_key); | 816 ExpectArrayBufferMatchesHex(key_hex, raw_key); |
777 | 817 |
778 blink::WebArrayBuffer output; | 818 blink::WebArrayBuffer output; |
779 | 819 |
780 // Use an invalid |iv| (fewer than 16 bytes) | 820 // Use an invalid |iv| (fewer than 16 bytes) |
781 { | 821 { |
782 std::vector<uint8> input(32); | 822 std::vector<uint8> input(32); |
783 std::vector<uint8> iv; | 823 std::vector<uint8> iv; |
784 EXPECT_FALSE(EncryptInternal( | 824 EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), EncryptInternal( |
785 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); | 825 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); |
786 EXPECT_FALSE(DecryptInternal( | 826 EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), DecryptInternal( |
787 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); | 827 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); |
788 } | 828 } |
789 | 829 |
790 // Use an invalid |iv| (more than 16 bytes) | 830 // Use an invalid |iv| (more than 16 bytes) |
791 { | 831 { |
792 std::vector<uint8> input(32); | 832 std::vector<uint8> input(32); |
793 std::vector<uint8> iv(17); | 833 std::vector<uint8> iv(17); |
794 EXPECT_FALSE(EncryptInternal( | 834 EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), EncryptInternal( |
795 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); | 835 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); |
796 EXPECT_FALSE(DecryptInternal( | 836 EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), DecryptInternal( |
797 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); | 837 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); |
798 } | 838 } |
799 | 839 |
800 // Give an input that is too large (would cause integer overflow when | 840 // Give an input that is too large (would cause integer overflow when |
801 // narrowing to an int). | 841 // narrowing to an int). |
802 { | 842 { |
803 std::vector<uint8> iv(16); | 843 std::vector<uint8> iv(16); |
804 | 844 |
805 // Pretend the input is large. Don't pass data pointer as NULL in case that | 845 // Pretend the input is large. Don't pass data pointer as NULL in case that |
806 // is special cased; the implementation shouldn't actually dereference the | 846 // is special cased; the implementation shouldn't actually dereference the |
807 // data. | 847 // data. |
808 const unsigned char* input = &iv[0]; | 848 const unsigned char* input = &iv[0]; |
809 unsigned input_len = INT_MAX - 3; | 849 unsigned input_len = INT_MAX - 3; |
810 | 850 |
811 EXPECT_FALSE(EncryptInternal( | 851 EXPECT_STATUS(Status::ErrorDataTooLarge(), EncryptInternal( |
812 webcrypto::CreateAesCbcAlgorithm(iv), key, input, input_len, &output)); | 852 webcrypto::CreateAesCbcAlgorithm(iv), key, input, input_len, &output)); |
813 EXPECT_FALSE(DecryptInternal( | 853 EXPECT_STATUS(Status::ErrorDataTooLarge(), DecryptInternal( |
814 webcrypto::CreateAesCbcAlgorithm(iv), key, input, input_len, &output)); | 854 webcrypto::CreateAesCbcAlgorithm(iv), key, input, input_len, &output)); |
815 } | 855 } |
816 | 856 |
817 // Fail importing the key (too few bytes specified) | 857 // Fail importing the key (too few bytes specified) |
818 { | 858 { |
819 std::vector<uint8> key_raw(1); | 859 std::vector<uint8> key_raw(1); |
820 std::vector<uint8> iv(16); | 860 std::vector<uint8> iv(16); |
821 | 861 |
822 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 862 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
823 EXPECT_FALSE(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, | 863 EXPECT_STATUS( |
824 key_raw, | 864 Status::Error(), |
825 webcrypto::CreateAesCbcAlgorithm(iv), | 865 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
826 true, | 866 key_raw, |
827 blink::WebCryptoKeyUsageEncrypt, | 867 webcrypto::CreateAesCbcAlgorithm(iv), |
828 &key)); | 868 true, |
| 869 blink::WebCryptoKeyUsageEncrypt, |
| 870 &key)); |
829 } | 871 } |
830 | 872 |
| 873 // TODO(eroman): Enable for OpenSSL once implemented. |
| 874 #if !defined(USE_OPENSSL) |
831 // Fail exporting the key in SPKI and PKCS#8 formats (not allowed for secret | 875 // Fail exporting the key in SPKI and PKCS#8 formats (not allowed for secret |
832 // keys). | 876 // keys). |
833 EXPECT_FALSE(ExportKeyInternal(blink::WebCryptoKeyFormatSpki, key, &output)); | 877 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), |
834 EXPECT_FALSE(ExportKeyInternal(blink::WebCryptoKeyFormatPkcs8, key, &output)); | 878 ExportKeyInternal(blink::WebCryptoKeyFormatSpki, key, &output)); |
| 879 EXPECT_STATUS(Status::ErrorUnsupported(), |
| 880 ExportKeyInternal(blink::WebCryptoKeyFormatPkcs8, key, &output)); |
| 881 #endif |
835 } | 882 } |
836 | 883 |
837 TEST_F(WebCryptoImplTest, MAYBE(AesCbcSampleSets)) { | 884 TEST_F(WebCryptoImplTest, MAYBE(AesCbcSampleSets)) { |
838 struct TestCase { | 885 struct TestCase { |
839 const char* key; | 886 const char* key; |
840 const char* iv; | 887 const char* iv; |
841 const char* plain_text; | 888 const char* plain_text; |
842 const char* cipher_text; | 889 const char* cipher_text; |
843 }; | 890 }; |
844 | 891 |
(...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
916 SCOPED_TRACE(index); | 963 SCOPED_TRACE(index); |
917 const TestCase& test = kTests[index]; | 964 const TestCase& test = kTests[index]; |
918 | 965 |
919 blink::WebCryptoKey key = ImportSecretKeyFromRawHexString( | 966 blink::WebCryptoKey key = ImportSecretKeyFromRawHexString( |
920 test.key, | 967 test.key, |
921 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 968 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
922 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); | 969 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); |
923 | 970 |
924 // Verify exported raw key is identical to the imported data | 971 // Verify exported raw key is identical to the imported data |
925 blink::WebArrayBuffer raw_key; | 972 blink::WebArrayBuffer raw_key; |
926 EXPECT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 973 EXPECT_STATUS_SUCCESS(ExportKeyInternal( |
| 974 blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
927 ExpectArrayBufferMatchesHex(test.key, raw_key); | 975 ExpectArrayBufferMatchesHex(test.key, raw_key); |
928 | 976 |
929 std::vector<uint8> plain_text = HexStringToBytes(test.plain_text); | 977 std::vector<uint8> plain_text = HexStringToBytes(test.plain_text); |
930 std::vector<uint8> iv = HexStringToBytes(test.iv); | 978 std::vector<uint8> iv = HexStringToBytes(test.iv); |
931 | 979 |
932 blink::WebArrayBuffer output; | 980 blink::WebArrayBuffer output; |
933 | 981 |
934 // Test encryption. | 982 // Test encryption. |
935 EXPECT_TRUE(EncryptInternal(webcrypto::CreateAesCbcAlgorithm(iv), | 983 EXPECT_STATUS( |
936 key, | 984 Status::Success(), |
937 plain_text, | 985 EncryptInternal(webcrypto::CreateAesCbcAlgorithm(iv), |
938 &output)); | 986 key, |
| 987 plain_text, |
| 988 &output)); |
939 ExpectArrayBufferMatchesHex(test.cipher_text, output); | 989 ExpectArrayBufferMatchesHex(test.cipher_text, output); |
940 | 990 |
941 // Test decryption. | 991 // Test decryption. |
942 std::vector<uint8> cipher_text = HexStringToBytes(test.cipher_text); | 992 std::vector<uint8> cipher_text = HexStringToBytes(test.cipher_text); |
943 EXPECT_TRUE(DecryptInternal(webcrypto::CreateAesCbcAlgorithm(iv), | 993 EXPECT_STATUS( |
944 key, | 994 Status::Success(), |
945 cipher_text, | 995 DecryptInternal(webcrypto::CreateAesCbcAlgorithm(iv), |
946 &output)); | 996 key, |
| 997 cipher_text, |
| 998 &output)); |
947 ExpectArrayBufferMatchesHex(test.plain_text, output); | 999 ExpectArrayBufferMatchesHex(test.plain_text, output); |
948 | 1000 |
949 const unsigned kAesCbcBlockSize = 16; | 1001 const unsigned kAesCbcBlockSize = 16; |
950 | 1002 |
951 // Decrypt with a padding error by stripping the last block. This also ends | 1003 // Decrypt with a padding error by stripping the last block. This also ends |
952 // up testing decryption over empty cipher text. | 1004 // up testing decryption over empty cipher text. |
953 if (cipher_text.size() >= kAesCbcBlockSize) { | 1005 if (cipher_text.size() >= kAesCbcBlockSize) { |
954 EXPECT_FALSE(DecryptInternal(webcrypto::CreateAesCbcAlgorithm(iv), | 1006 EXPECT_STATUS( |
955 key, | 1007 Status::Error(), |
956 &cipher_text[0], | 1008 DecryptInternal(webcrypto::CreateAesCbcAlgorithm(iv), |
957 cipher_text.size() - kAesCbcBlockSize, | 1009 key, |
958 &output)); | 1010 &cipher_text[0], |
| 1011 cipher_text.size() - kAesCbcBlockSize, |
| 1012 &output)); |
959 } | 1013 } |
960 | 1014 |
961 // Decrypt cipher text which is not a multiple of block size by stripping | 1015 // Decrypt cipher text which is not a multiple of block size by stripping |
962 // a few bytes off the cipher text. | 1016 // a few bytes off the cipher text. |
963 if (cipher_text.size() > 3) { | 1017 if (cipher_text.size() > 3) { |
964 EXPECT_FALSE(DecryptInternal(webcrypto::CreateAesCbcAlgorithm(iv), | 1018 EXPECT_STATUS( |
965 key, | 1019 Status::Error(), |
966 &cipher_text[0], | 1020 DecryptInternal(webcrypto::CreateAesCbcAlgorithm(iv), |
967 cipher_text.size() - 3, | 1021 key, |
968 &output)); | 1022 &cipher_text[0], |
| 1023 cipher_text.size() - 3, |
| 1024 &output)); |
969 } | 1025 } |
970 } | 1026 } |
971 } | 1027 } |
972 | 1028 |
973 TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyAes)) { | 1029 TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyAes)) { |
974 // Check key generation for each of AES-CBC, AES-GCM, and AES-KW, and for each | 1030 // Check key generation for each of AES-CBC, AES-GCM, and AES-KW, and for each |
975 // allowed key length. | 1031 // allowed key length. |
976 std::vector<blink::WebCryptoAlgorithm> algorithm; | 1032 std::vector<blink::WebCryptoAlgorithm> algorithm; |
977 const unsigned short kKeyLength[] = {128, 192, 256}; | 1033 const unsigned short kKeyLength[] = {128, 192, 256}; |
978 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLength); ++i) { | 1034 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLength); ++i) { |
979 algorithm.push_back(CreateAesCbcKeyGenAlgorithm(kKeyLength[i])); | 1035 algorithm.push_back(CreateAesCbcKeyGenAlgorithm(kKeyLength[i])); |
980 algorithm.push_back(CreateAesGcmKeyGenAlgorithm(kKeyLength[i])); | 1036 algorithm.push_back(CreateAesGcmKeyGenAlgorithm(kKeyLength[i])); |
981 algorithm.push_back(CreateAesKwKeyGenAlgorithm(kKeyLength[i])); | 1037 algorithm.push_back(CreateAesKwKeyGenAlgorithm(kKeyLength[i])); |
982 } | 1038 } |
983 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1039 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
984 std::vector<blink::WebArrayBuffer> keys; | 1040 std::vector<blink::WebArrayBuffer> keys; |
985 blink::WebArrayBuffer key_bytes; | 1041 blink::WebArrayBuffer key_bytes; |
986 for (size_t i = 0; i < algorithm.size(); ++i) { | 1042 for (size_t i = 0; i < algorithm.size(); ++i) { |
987 SCOPED_TRACE(i); | 1043 SCOPED_TRACE(i); |
988 // Generate a small sample of keys. | 1044 // Generate a small sample of keys. |
989 keys.clear(); | 1045 keys.clear(); |
990 for (int j = 0; j < 16; ++j) { | 1046 for (int j = 0; j < 16; ++j) { |
991 ASSERT_TRUE(GenerateKeyInternal(algorithm[i], &key)); | 1047 ASSERT_STATUS_SUCCESS(GenerateKeyInternal(algorithm[i], &key)); |
992 EXPECT_TRUE(key.handle()); | 1048 EXPECT_TRUE(key.handle()); |
993 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 1049 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
994 ASSERT_TRUE( | 1050 ASSERT_STATUS_SUCCESS( |
995 ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &key_bytes)); | 1051 ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &key_bytes)); |
996 keys.push_back(key_bytes); | 1052 keys.push_back(key_bytes); |
997 } | 1053 } |
998 // Ensure all entries in the key sample set are unique. This is a simplistic | 1054 // Ensure all entries in the key sample set are unique. This is a simplistic |
999 // estimate of whether the generated keys appear random. | 1055 // estimate of whether the generated keys appear random. |
1000 EXPECT_FALSE(CopiesExist(keys)); | 1056 EXPECT_FALSE(CopiesExist(keys)); |
1001 } | 1057 } |
1002 } | 1058 } |
1003 | 1059 |
1004 TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyAesBadLength)) { | 1060 TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyAesBadLength)) { |
1005 const unsigned short kKeyLen[] = {0, 127, 257}; | 1061 const unsigned short kKeyLen[] = {0, 127, 257}; |
1006 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1062 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1007 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLen); ++i) { | 1063 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLen); ++i) { |
1008 SCOPED_TRACE(i); | 1064 SCOPED_TRACE(i); |
1009 EXPECT_FALSE(GenerateKeyInternal( | 1065 EXPECT_STATUS(Status::ErrorGenerateKeyLength(), GenerateKeyInternal( |
1010 CreateAesCbcKeyGenAlgorithm(kKeyLen[i]), &key)); | 1066 CreateAesCbcKeyGenAlgorithm(kKeyLen[i]), &key)); |
1011 EXPECT_FALSE(GenerateKeyInternal( | 1067 EXPECT_STATUS(Status::ErrorGenerateKeyLength(), GenerateKeyInternal( |
1012 CreateAesGcmKeyGenAlgorithm(kKeyLen[i]), &key)); | 1068 CreateAesGcmKeyGenAlgorithm(kKeyLen[i]), &key)); |
1013 EXPECT_FALSE(GenerateKeyInternal( | 1069 EXPECT_STATUS(Status::ErrorGenerateKeyLength(), GenerateKeyInternal( |
1014 CreateAesKwKeyGenAlgorithm(kKeyLen[i]), &key)); | 1070 CreateAesKwKeyGenAlgorithm(kKeyLen[i]), &key)); |
1015 } | 1071 } |
1016 } | 1072 } |
1017 | 1073 |
1018 TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyHmac)) { | 1074 TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyHmac)) { |
1019 // Generate a small sample of HMAC keys. | 1075 // Generate a small sample of HMAC keys. |
1020 std::vector<blink::WebArrayBuffer> keys; | 1076 std::vector<blink::WebArrayBuffer> keys; |
1021 for (int i = 0; i < 16; ++i) { | 1077 for (int i = 0; i < 16; ++i) { |
1022 blink::WebArrayBuffer key_bytes; | 1078 blink::WebArrayBuffer key_bytes; |
1023 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1079 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1024 blink::WebCryptoAlgorithm algorithm = webcrypto::CreateHmacKeyGenAlgorithm( | 1080 blink::WebCryptoAlgorithm algorithm = webcrypto::CreateHmacKeyGenAlgorithm( |
1025 blink::WebCryptoAlgorithmIdSha1, 64); | 1081 blink::WebCryptoAlgorithmIdSha1, 64); |
1026 ASSERT_TRUE(GenerateKeyInternal(algorithm, &key)); | 1082 ASSERT_STATUS_SUCCESS(GenerateKeyInternal(algorithm, &key)); |
1027 EXPECT_FALSE(key.isNull()); | 1083 EXPECT_FALSE(key.isNull()); |
1028 EXPECT_TRUE(key.handle()); | 1084 EXPECT_TRUE(key.handle()); |
1029 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 1085 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
1030 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); | 1086 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); |
1031 | 1087 |
1032 blink::WebArrayBuffer raw_key; | 1088 blink::WebArrayBuffer raw_key; |
1033 ASSERT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 1089 ASSERT_STATUS_SUCCESS( |
| 1090 ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
1034 EXPECT_EQ(64U, raw_key.byteLength()); | 1091 EXPECT_EQ(64U, raw_key.byteLength()); |
1035 keys.push_back(raw_key); | 1092 keys.push_back(raw_key); |
1036 } | 1093 } |
1037 // Ensure all entries in the key sample set are unique. This is a simplistic | 1094 // Ensure all entries in the key sample set are unique. This is a simplistic |
1038 // estimate of whether the generated keys appear random. | 1095 // estimate of whether the generated keys appear random. |
1039 EXPECT_FALSE(CopiesExist(keys)); | 1096 EXPECT_FALSE(CopiesExist(keys)); |
1040 } | 1097 } |
1041 | 1098 |
1042 // If the key length is not provided, then the block size is used. | 1099 // If the key length is not provided, then the block size is used. |
1043 TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyHmacNoLength)) { | 1100 TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyHmacNoLength)) { |
1044 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1101 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1045 blink::WebCryptoAlgorithm algorithm = | 1102 blink::WebCryptoAlgorithm algorithm = |
1046 webcrypto::CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 0); | 1103 webcrypto::CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 0); |
1047 ASSERT_TRUE(GenerateKeyInternal(algorithm, &key)); | 1104 ASSERT_STATUS_SUCCESS(GenerateKeyInternal(algorithm, &key)); |
1048 EXPECT_TRUE(key.handle()); | 1105 EXPECT_TRUE(key.handle()); |
1049 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 1106 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
1050 blink::WebArrayBuffer raw_key; | 1107 blink::WebArrayBuffer raw_key; |
1051 ASSERT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 1108 ASSERT_STATUS_SUCCESS( |
| 1109 ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
1052 EXPECT_EQ(64U, raw_key.byteLength()); | 1110 EXPECT_EQ(64U, raw_key.byteLength()); |
1053 | 1111 |
1054 // The block size for HMAC SHA-512 is larger. | 1112 // The block size for HMAC SHA-512 is larger. |
1055 algorithm = webcrypto::CreateHmacKeyGenAlgorithm( | 1113 algorithm = webcrypto::CreateHmacKeyGenAlgorithm( |
1056 blink::WebCryptoAlgorithmIdSha512, 0); | 1114 blink::WebCryptoAlgorithmIdSha512, 0); |
1057 ASSERT_TRUE(GenerateKeyInternal(algorithm, &key)); | 1115 ASSERT_STATUS_SUCCESS(GenerateKeyInternal(algorithm, &key)); |
1058 ASSERT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 1116 ASSERT_STATUS_SUCCESS( |
| 1117 ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
1059 EXPECT_EQ(128U, raw_key.byteLength()); | 1118 EXPECT_EQ(128U, raw_key.byteLength()); |
1060 } | 1119 } |
1061 | 1120 |
1062 TEST_F(WebCryptoImplTest, MAYBE(ImportSecretKeyNoAlgorithm)) { | 1121 TEST_F(WebCryptoImplTest, MAYBE(ImportSecretKeyNoAlgorithm)) { |
1063 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1122 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1064 | 1123 |
1065 // This fails because the algorithm is null. | 1124 // This fails because the algorithm is null. |
1066 EXPECT_FALSE(ImportKeyInternal( | 1125 EXPECT_STATUS(Status::ErrorMissingAlgorithmImportRawKey(), ImportKeyInternal( |
1067 blink::WebCryptoKeyFormatRaw, | 1126 blink::WebCryptoKeyFormatRaw, |
1068 HexStringToBytes("00000000000000000000"), | 1127 HexStringToBytes("00000000000000000000"), |
1069 blink::WebCryptoAlgorithm::createNull(), | 1128 blink::WebCryptoAlgorithm::createNull(), |
1070 true, | 1129 true, |
1071 blink::WebCryptoKeyUsageEncrypt, | 1130 blink::WebCryptoKeyUsageEncrypt, |
1072 &key)); | 1131 &key)); |
1073 } | 1132 } |
1074 | 1133 |
1075 | 1134 |
1076 TEST_F(WebCryptoImplTest, ImportJwkFailures) { | 1135 TEST_F(WebCryptoImplTest, ImportJwkFailures) { |
1077 | 1136 |
1078 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1137 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1079 blink::WebCryptoAlgorithm algorithm = | 1138 blink::WebCryptoAlgorithm algorithm = |
1080 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); | 1139 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); |
1081 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; | 1140 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; |
1082 | 1141 |
1083 // Baseline pass: each test below breaks a single item, so we start with a | 1142 // Baseline pass: each test below breaks a single item, so we start with a |
1084 // passing case to make sure each failure is caused by the isolated break. | 1143 // passing case to make sure each failure is caused by the isolated break. |
1085 // Each breaking subtest below resets the dictionary to this passing case when | 1144 // Each breaking subtest below resets the dictionary to this passing case when |
1086 // complete. | 1145 // complete. |
1087 base::DictionaryValue dict; | 1146 base::DictionaryValue dict; |
1088 RestoreJwkOctDictionary(&dict); | 1147 RestoreJwkOctDictionary(&dict); |
1089 EXPECT_TRUE(ImportKeyJwk( | 1148 EXPECT_STATUS_SUCCESS(ImportKeyJwk( |
1090 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1149 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1091 | 1150 |
1092 // Fail on empty JSON. | 1151 // Fail on empty JSON. |
1093 EXPECT_FALSE(ImportKeyJwk( | 1152 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), ImportKeyJwk( |
1094 MakeJsonVector(""), algorithm, false, usage_mask, &key)); | 1153 MakeJsonVector(""), algorithm, false, usage_mask, &key)); |
1095 | 1154 |
1096 // Fail on invalid JSON. | 1155 // Fail on invalid JSON. |
1097 const std::vector<uint8> bad_json_vec = MakeJsonVector( | 1156 const std::vector<uint8> bad_json_vec = MakeJsonVector( |
1098 "{" | 1157 "{" |
1099 "\"kty\" : \"oct\"," | 1158 "\"kty\" : \"oct\"," |
1100 "\"alg\" : \"HS256\"," | 1159 "\"alg\" : \"HS256\"," |
1101 "\"use\" : " | 1160 "\"use\" : " |
1102 ); | 1161 ); |
1103 EXPECT_FALSE(ImportKeyJwk(bad_json_vec, algorithm, false, usage_mask, &key)); | 1162 EXPECT_STATUS(Status::ErrorJwkNotDictionary(), |
| 1163 ImportKeyJwk(bad_json_vec, algorithm, false, usage_mask, &key)); |
1104 | 1164 |
1105 // Fail on JWK alg present but unrecognized. | 1165 // Fail on JWK alg present but unrecognized. |
1106 dict.SetString("alg", "A127CBC"); | 1166 dict.SetString("alg", "A127CBC"); |
1107 EXPECT_FALSE(ImportKeyJwk( | 1167 EXPECT_STATUS(Status::ErrorJwkUnrecognizedAlgorithm(), ImportKeyJwk( |
1108 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1168 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1109 RestoreJwkOctDictionary(&dict); | 1169 RestoreJwkOctDictionary(&dict); |
1110 | 1170 |
1111 // Fail on both JWK and input algorithm missing. | 1171 // Fail on both JWK and input algorithm missing. |
1112 dict.Remove("alg", NULL); | 1172 dict.Remove("alg", NULL); |
1113 EXPECT_FALSE(ImportKeyJwk(MakeJsonVector(dict), | 1173 EXPECT_STATUS( |
1114 blink::WebCryptoAlgorithm::createNull(), | 1174 Status::ErrorJwkAlgorithmMissing(), |
1115 false, | 1175 ImportKeyJwk(MakeJsonVector(dict), |
1116 usage_mask, | 1176 blink::WebCryptoAlgorithm::createNull(), |
1117 &key)); | 1177 false, |
| 1178 usage_mask, |
| 1179 &key)); |
1118 RestoreJwkOctDictionary(&dict); | 1180 RestoreJwkOctDictionary(&dict); |
1119 | 1181 |
1120 // Fail on invalid kty. | 1182 // Fail on invalid kty. |
1121 dict.SetString("kty", "foo"); | 1183 dict.SetString("kty", "foo"); |
1122 EXPECT_FALSE(ImportKeyJwk( | 1184 EXPECT_STATUS(Status::ErrorJwkUnrecognizedKty(), ImportKeyJwk( |
1123 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1185 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1124 RestoreJwkOctDictionary(&dict); | 1186 RestoreJwkOctDictionary(&dict); |
1125 | 1187 |
1126 // Fail on missing kty. | 1188 // Fail on missing kty. |
1127 dict.Remove("kty", NULL); | 1189 dict.Remove("kty", NULL); |
1128 EXPECT_FALSE(ImportKeyJwk( | 1190 EXPECT_STATUS(Status::ErrorJwkMissingKty(), ImportKeyJwk( |
1129 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1191 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1130 RestoreJwkOctDictionary(&dict); | 1192 RestoreJwkOctDictionary(&dict); |
1131 | 1193 |
1132 // Fail on invalid use. | 1194 // Fail on invalid use. |
1133 dict.SetString("use", "foo"); | 1195 dict.SetString("use", "foo"); |
1134 EXPECT_FALSE(ImportKeyJwk( | 1196 EXPECT_STATUS(Status::ErrorJwkUnrecognizedUsage(), ImportKeyJwk( |
1135 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1197 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1136 RestoreJwkOctDictionary(&dict); | 1198 RestoreJwkOctDictionary(&dict); |
1137 } | 1199 } |
1138 | 1200 |
1139 TEST_F(WebCryptoImplTest, ImportJwkOctFailures) { | 1201 TEST_F(WebCryptoImplTest, ImportJwkOctFailures) { |
1140 | 1202 |
1141 base::DictionaryValue dict; | 1203 base::DictionaryValue dict; |
1142 RestoreJwkOctDictionary(&dict); | 1204 RestoreJwkOctDictionary(&dict); |
1143 blink::WebCryptoAlgorithm algorithm = | 1205 blink::WebCryptoAlgorithm algorithm = |
1144 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); | 1206 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); |
1145 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; | 1207 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; |
1146 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1208 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1147 | 1209 |
1148 // Baseline pass. | 1210 // Baseline pass. |
1149 EXPECT_TRUE(ImportKeyJwk( | 1211 EXPECT_STATUS_SUCCESS(ImportKeyJwk( |
1150 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1212 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1151 EXPECT_EQ(algorithm.id(), key.algorithm().id()); | 1213 EXPECT_EQ(algorithm.id(), key.algorithm().id()); |
1152 EXPECT_FALSE(key.extractable()); | 1214 EXPECT_FALSE(key.extractable()); |
1153 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); | 1215 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); |
1154 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 1216 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
1155 | 1217 |
1156 // The following are specific failure cases for when kty = "oct". | 1218 // The following are specific failure cases for when kty = "oct". |
1157 | 1219 |
1158 // Fail on missing k. | 1220 // Fail on missing k. |
1159 dict.Remove("k", NULL); | 1221 dict.Remove("k", NULL); |
1160 EXPECT_FALSE(ImportKeyJwk( | 1222 EXPECT_STATUS(Status::ErrorJwkDecodeK(), ImportKeyJwk( |
1161 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1223 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1162 RestoreJwkOctDictionary(&dict); | 1224 RestoreJwkOctDictionary(&dict); |
1163 | 1225 |
1164 // Fail on bad b64 encoding for k. | 1226 // Fail on bad b64 encoding for k. |
1165 dict.SetString("k", "Qk3f0DsytU8lfza2au #$% Htaw2xpop9GYyTuH0p5GghxTI="); | 1227 dict.SetString("k", "Qk3f0DsytU8lfza2au #$% Htaw2xpop9GYyTuH0p5GghxTI="); |
1166 EXPECT_FALSE(ImportKeyJwk( | 1228 EXPECT_STATUS(Status::ErrorJwkDecodeK(), ImportKeyJwk( |
1167 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1229 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1168 RestoreJwkOctDictionary(&dict); | 1230 RestoreJwkOctDictionary(&dict); |
1169 | 1231 |
1170 // Fail on empty k. | 1232 // Fail on empty k. |
1171 dict.SetString("k", ""); | 1233 dict.SetString("k", ""); |
1172 EXPECT_FALSE(ImportKeyJwk( | 1234 EXPECT_STATUS(Status::ErrorJwkDecodeK(), ImportKeyJwk( |
1173 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1235 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1174 RestoreJwkOctDictionary(&dict); | 1236 RestoreJwkOctDictionary(&dict); |
1175 | 1237 |
1176 // Fail on k actual length (120 bits) inconsistent with the embedded JWK alg | 1238 // Fail on k actual length (120 bits) inconsistent with the embedded JWK alg |
1177 // value (128) for an AES key. | 1239 // value (128) for an AES key. |
1178 dict.SetString("k", "AVj42h0Y5aqGtE3yluKL"); | 1240 dict.SetString("k", "AVj42h0Y5aqGtE3yluKL"); |
1179 EXPECT_FALSE(ImportKeyJwk( | 1241 // TODO(eroman): This is failing for a different reason than the test |
| 1242 // expects. |
| 1243 EXPECT_STATUS(Status::Error(), ImportKeyJwk( |
1180 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1244 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1181 RestoreJwkOctDictionary(&dict); | 1245 RestoreJwkOctDictionary(&dict); |
1182 } | 1246 } |
1183 | 1247 |
1184 TEST_F(WebCryptoImplTest, MAYBE(ImportJwkRsaFailures)) { | 1248 TEST_F(WebCryptoImplTest, MAYBE(ImportJwkRsaFailures)) { |
1185 | 1249 |
1186 base::DictionaryValue dict; | 1250 base::DictionaryValue dict; |
1187 RestoreJwkRsaDictionary(&dict); | 1251 RestoreJwkRsaDictionary(&dict); |
1188 blink::WebCryptoAlgorithm algorithm = | 1252 blink::WebCryptoAlgorithm algorithm = |
1189 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 1253 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
1190 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; | 1254 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; |
1191 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1255 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1192 | 1256 |
1193 // An RSA public key JWK _must_ have an "n" (modulus) and an "e" (exponent) | 1257 // An RSA public key JWK _must_ have an "n" (modulus) and an "e" (exponent) |
1194 // entry, while an RSA private key must have those plus at least a "d" | 1258 // entry, while an RSA private key must have those plus at least a "d" |
1195 // (private exponent) entry. | 1259 // (private exponent) entry. |
1196 // See http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-18, | 1260 // See http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-18, |
1197 // section 6.3. | 1261 // section 6.3. |
1198 | 1262 |
1199 // Baseline pass. | 1263 // Baseline pass. |
1200 EXPECT_TRUE(ImportKeyJwk( | 1264 EXPECT_STATUS_SUCCESS(ImportKeyJwk( |
1201 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1265 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1202 EXPECT_EQ(algorithm.id(), key.algorithm().id()); | 1266 EXPECT_EQ(algorithm.id(), key.algorithm().id()); |
1203 EXPECT_FALSE(key.extractable()); | 1267 EXPECT_FALSE(key.extractable()); |
1204 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); | 1268 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); |
1205 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); | 1269 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); |
1206 | 1270 |
1207 // The following are specific failure cases for when kty = "RSA". | 1271 // The following are specific failure cases for when kty = "RSA". |
1208 | 1272 |
1209 // Fail if either "n" or "e" is not present or malformed. | 1273 // Fail if either "n" or "e" is not present or malformed. |
1210 const std::string kKtyParmName[] = {"n", "e"}; | 1274 const std::string kKtyParmName[] = {"n", "e"}; |
1211 for (size_t idx = 0; idx < ARRAYSIZE_UNSAFE(kKtyParmName); ++idx) { | 1275 for (size_t idx = 0; idx < ARRAYSIZE_UNSAFE(kKtyParmName); ++idx) { |
1212 | 1276 |
1213 // Fail on missing parameter. | 1277 // Fail on missing parameter. |
1214 dict.Remove(kKtyParmName[idx], NULL); | 1278 dict.Remove(kKtyParmName[idx], NULL); |
1215 EXPECT_FALSE(ImportKeyJwk( | 1279 EXPECT_STATUS_ERROR(ImportKeyJwk( |
1216 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1280 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1217 RestoreJwkRsaDictionary(&dict); | 1281 RestoreJwkRsaDictionary(&dict); |
1218 | 1282 |
1219 // Fail on bad b64 parameter encoding. | 1283 // Fail on bad b64 parameter encoding. |
1220 dict.SetString(kKtyParmName[idx], "Qk3f0DsytU8lfza2au #$% Htaw2xpop9yTuH0"); | 1284 dict.SetString(kKtyParmName[idx], "Qk3f0DsytU8lfza2au #$% Htaw2xpop9yTuH0"); |
1221 EXPECT_FALSE(ImportKeyJwk( | 1285 EXPECT_STATUS_ERROR(ImportKeyJwk( |
1222 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1286 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1223 RestoreJwkRsaDictionary(&dict); | 1287 RestoreJwkRsaDictionary(&dict); |
1224 | 1288 |
1225 // Fail on empty parameter. | 1289 // Fail on empty parameter. |
1226 dict.SetString(kKtyParmName[idx], ""); | 1290 dict.SetString(kKtyParmName[idx], ""); |
1227 EXPECT_FALSE(ImportKeyJwk( | 1291 EXPECT_STATUS_ERROR(ImportKeyJwk( |
1228 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1292 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1229 RestoreJwkRsaDictionary(&dict); | 1293 RestoreJwkRsaDictionary(&dict); |
1230 } | 1294 } |
1231 | 1295 |
1232 // Fail if "d" parameter is present, implying the JWK is a private key, which | 1296 // Fail if "d" parameter is present, implying the JWK is a private key, which |
1233 // is not supported. | 1297 // is not supported. |
1234 dict.SetString("d", "Qk3f0Dsyt"); | 1298 dict.SetString("d", "Qk3f0Dsyt"); |
1235 EXPECT_FALSE(ImportKeyJwk( | 1299 EXPECT_STATUS(Status::ErrorJwkRsaPrivateKeyUnsupported(), ImportKeyJwk( |
1236 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1300 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1237 RestoreJwkRsaDictionary(&dict); | 1301 RestoreJwkRsaDictionary(&dict); |
1238 } | 1302 } |
1239 | 1303 |
1240 TEST_F(WebCryptoImplTest, MAYBE(ImportJwkInputConsistency)) { | 1304 TEST_F(WebCryptoImplTest, MAYBE(ImportJwkInputConsistency)) { |
1241 // The Web Crypto spec says that if a JWK value is present, but is | 1305 // The Web Crypto spec says that if a JWK value is present, but is |
1242 // inconsistent with the input value, the operation must fail. | 1306 // inconsistent with the input value, the operation must fail. |
1243 | 1307 |
1244 // Consistency rules when JWK value is not present: Inputs should be used. | 1308 // Consistency rules when JWK value is not present: Inputs should be used. |
1245 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1309 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1246 bool extractable = false; | 1310 bool extractable = false; |
1247 blink::WebCryptoAlgorithm algorithm = | 1311 blink::WebCryptoAlgorithm algorithm = |
1248 webcrypto::CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256); | 1312 webcrypto::CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256); |
1249 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageVerify; | 1313 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageVerify; |
1250 base::DictionaryValue dict; | 1314 base::DictionaryValue dict; |
1251 dict.SetString("kty", "oct"); | 1315 dict.SetString("kty", "oct"); |
1252 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); | 1316 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); |
1253 std::vector<uint8> json_vec = MakeJsonVector(dict); | 1317 std::vector<uint8> json_vec = MakeJsonVector(dict); |
1254 EXPECT_TRUE(ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key)); | 1318 EXPECT_STATUS_SUCCESS(ImportKeyJwk( |
| 1319 json_vec, algorithm, extractable, usage_mask, &key)); |
1255 EXPECT_TRUE(key.handle()); | 1320 EXPECT_TRUE(key.handle()); |
1256 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 1321 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
1257 EXPECT_EQ(extractable, key.extractable()); | 1322 EXPECT_EQ(extractable, key.extractable()); |
1258 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); | 1323 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); |
1259 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, | 1324 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, |
1260 key.algorithm().hmacParams()->hash().id()); | 1325 key.algorithm().hmacParams()->hash().id()); |
1261 EXPECT_EQ(blink::WebCryptoKeyUsageVerify, key.usages()); | 1326 EXPECT_EQ(blink::WebCryptoKeyUsageVerify, key.usages()); |
1262 key = blink::WebCryptoKey::createNull(); | 1327 key = blink::WebCryptoKey::createNull(); |
1263 | 1328 |
1264 // Consistency rules when JWK value exists: Fail if inconsistency is found. | 1329 // Consistency rules when JWK value exists: Fail if inconsistency is found. |
1265 | 1330 |
1266 // Pass: All input values are consistent with the JWK values. | 1331 // Pass: All input values are consistent with the JWK values. |
1267 dict.Clear(); | 1332 dict.Clear(); |
1268 dict.SetString("kty", "oct"); | 1333 dict.SetString("kty", "oct"); |
1269 dict.SetString("alg", "HS256"); | 1334 dict.SetString("alg", "HS256"); |
1270 dict.SetString("use", "sig"); | 1335 dict.SetString("use", "sig"); |
1271 dict.SetBoolean("extractable", false); | 1336 dict.SetBoolean("extractable", false); |
1272 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); | 1337 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); |
1273 json_vec = MakeJsonVector(dict); | 1338 json_vec = MakeJsonVector(dict); |
1274 EXPECT_TRUE(ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key)); | 1339 EXPECT_STATUS_SUCCESS( |
| 1340 ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key)); |
1275 | 1341 |
1276 // Extractable cases: | 1342 // Extractable cases: |
1277 // 1. input=T, JWK=F ==> fail (inconsistent) | 1343 // 1. input=T, JWK=F ==> fail (inconsistent) |
1278 // 4. input=F, JWK=F ==> pass, result extractable is F | 1344 // 4. input=F, JWK=F ==> pass, result extractable is F |
1279 // 2. input=T, JWK=T ==> pass, result extractable is T | 1345 // 2. input=T, JWK=T ==> pass, result extractable is T |
1280 // 3. input=F, JWK=T ==> pass, result extractable is F | 1346 // 3. input=F, JWK=T ==> pass, result extractable is F |
1281 EXPECT_FALSE(ImportKeyJwk(json_vec, algorithm, true, usage_mask, &key)); | 1347 EXPECT_STATUS(Status::ErrorJwkExtractableInconsistent(), |
1282 EXPECT_TRUE(ImportKeyJwk(json_vec, algorithm, false, usage_mask, &key)); | 1348 ImportKeyJwk(json_vec, algorithm, true, usage_mask, &key)); |
| 1349 EXPECT_STATUS_SUCCESS( |
| 1350 ImportKeyJwk(json_vec, algorithm, false, usage_mask, &key)); |
1283 EXPECT_FALSE(key.extractable()); | 1351 EXPECT_FALSE(key.extractable()); |
1284 dict.SetBoolean("extractable", true); | 1352 dict.SetBoolean("extractable", true); |
1285 EXPECT_TRUE( | 1353 EXPECT_STATUS_SUCCESS( |
1286 ImportKeyJwk(MakeJsonVector(dict), algorithm, true, usage_mask, &key)); | 1354 ImportKeyJwk(MakeJsonVector(dict), algorithm, true, usage_mask, &key)); |
1287 EXPECT_TRUE(key.extractable()); | 1355 EXPECT_TRUE(key.extractable()); |
1288 EXPECT_TRUE( | 1356 EXPECT_STATUS_SUCCESS( |
1289 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1357 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1290 EXPECT_FALSE(key.extractable()); | 1358 EXPECT_FALSE(key.extractable()); |
1291 dict.SetBoolean("extractable", true); // restore previous value | 1359 dict.SetBoolean("extractable", true); // restore previous value |
1292 | 1360 |
1293 // Fail: Input algorithm (AES-CBC) is inconsistent with JWK value | 1361 // Fail: Input algorithm (AES-CBC) is inconsistent with JWK value |
1294 // (HMAC SHA256). | 1362 // (HMAC SHA256). |
1295 EXPECT_FALSE(ImportKeyJwk( | 1363 EXPECT_STATUS(Status::ErrorJwkAlgorithmInconsistent(), ImportKeyJwk( |
1296 json_vec, | 1364 json_vec, |
1297 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 1365 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
1298 extractable, | 1366 extractable, |
1299 usage_mask, | 1367 usage_mask, |
1300 &key)); | 1368 &key)); |
1301 | 1369 |
1302 // Fail: Input algorithm (HMAC SHA1) is inconsistent with JWK value | 1370 // Fail: Input algorithm (HMAC SHA1) is inconsistent with JWK value |
1303 // (HMAC SHA256). | 1371 // (HMAC SHA256). |
1304 EXPECT_FALSE(ImportKeyJwk( | 1372 EXPECT_STATUS(Status::ErrorJwkAlgorithmInconsistent(), ImportKeyJwk( |
1305 json_vec, | 1373 json_vec, |
1306 webcrypto::CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha1), | 1374 webcrypto::CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha1), |
1307 extractable, | 1375 extractable, |
1308 usage_mask, | 1376 usage_mask, |
1309 &key)); | 1377 &key)); |
1310 | 1378 |
1311 // Pass: JWK alg valid but input algorithm isNull: use JWK algorithm value. | 1379 // Pass: JWK alg valid but input algorithm isNull: use JWK algorithm value. |
1312 EXPECT_TRUE(ImportKeyJwk(json_vec, | 1380 EXPECT_STATUS_SUCCESS(ImportKeyJwk(json_vec, |
1313 blink::WebCryptoAlgorithm::createNull(), | 1381 blink::WebCryptoAlgorithm::createNull(), |
1314 extractable, | 1382 extractable, |
1315 usage_mask, | 1383 usage_mask, |
1316 &key)); | 1384 &key)); |
1317 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); | 1385 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); |
1318 | 1386 |
1319 // Pass: JWK alg missing but input algorithm specified: use input value | 1387 // Pass: JWK alg missing but input algorithm specified: use input value |
1320 dict.Remove("alg", NULL); | 1388 dict.Remove("alg", NULL); |
1321 EXPECT_TRUE(ImportKeyJwk( | 1389 EXPECT_STATUS_SUCCESS(ImportKeyJwk( |
1322 MakeJsonVector(dict), | 1390 MakeJsonVector(dict), |
1323 webcrypto::CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256), | 1391 webcrypto::CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256), |
1324 extractable, | 1392 extractable, |
1325 usage_mask, | 1393 usage_mask, |
1326 &key)); | 1394 &key)); |
1327 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); | 1395 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); |
1328 dict.SetString("alg", "HS256"); | 1396 dict.SetString("alg", "HS256"); |
1329 | 1397 |
1330 // Fail: Input usage_mask (encrypt) is not a subset of the JWK value | 1398 // Fail: Input usage_mask (encrypt) is not a subset of the JWK value |
1331 // (sign|verify) | 1399 // (sign|verify) |
1332 EXPECT_FALSE(ImportKeyJwk( | 1400 EXPECT_STATUS(Status::ErrorJwkUsageInconsistent(), ImportKeyJwk( |
1333 json_vec, algorithm, extractable, blink::WebCryptoKeyUsageEncrypt, &key)); | 1401 json_vec, algorithm, extractable, blink::WebCryptoKeyUsageEncrypt, &key)); |
1334 | 1402 |
1335 // Fail: Input usage_mask (encrypt|sign|verify) is not a subset of the JWK | 1403 // Fail: Input usage_mask (encrypt|sign|verify) is not a subset of the JWK |
1336 // value (sign|verify) | 1404 // value (sign|verify) |
1337 usage_mask = blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageSign | | 1405 usage_mask = blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageSign | |
1338 blink::WebCryptoKeyUsageVerify; | 1406 blink::WebCryptoKeyUsageVerify; |
1339 EXPECT_FALSE( | 1407 EXPECT_STATUS( |
| 1408 Status::ErrorJwkUsageInconsistent(), |
1340 ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key)); | 1409 ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key)); |
1341 usage_mask = blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify; | |
1342 | 1410 |
1343 // TODO(padolph): kty vs alg consistency tests: Depending on the kty value, | 1411 // TODO(padolph): kty vs alg consistency tests: Depending on the kty value, |
1344 // only certain alg values are permitted. For example, when kty = "RSA" alg | 1412 // only certain alg values are permitted. For example, when kty = "RSA" alg |
1345 // must be of the RSA family, or when kty = "oct" alg must be symmetric | 1413 // must be of the RSA family, or when kty = "oct" alg must be symmetric |
1346 // algorithm. | 1414 // algorithm. |
1347 } | 1415 } |
1348 | 1416 |
1349 TEST_F(WebCryptoImplTest, MAYBE(ImportJwkHappy)) { | 1417 TEST_F(WebCryptoImplTest, MAYBE(ImportJwkHappy)) { |
1350 | 1418 |
1351 // This test verifies the happy path of JWK import, including the application | 1419 // This test verifies the happy path of JWK import, including the application |
1352 // of the imported key material. | 1420 // of the imported key material. |
1353 | 1421 |
1354 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1422 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1355 bool extractable = false; | 1423 bool extractable = false; |
1356 blink::WebCryptoAlgorithm algorithm = | 1424 blink::WebCryptoAlgorithm algorithm = |
1357 webcrypto::CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256); | 1425 webcrypto::CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256); |
1358 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageSign; | 1426 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageSign; |
1359 | 1427 |
1360 // Import a symmetric key JWK and HMAC-SHA256 sign() | 1428 // Import a symmetric key JWK and HMAC-SHA256 sign() |
1361 // Uses the first SHA256 test vector from the HMAC sample set above. | 1429 // Uses the first SHA256 test vector from the HMAC sample set above. |
1362 | 1430 |
1363 base::DictionaryValue dict; | 1431 base::DictionaryValue dict; |
1364 dict.SetString("kty", "oct"); | 1432 dict.SetString("kty", "oct"); |
1365 dict.SetString("alg", "HS256"); | 1433 dict.SetString("alg", "HS256"); |
1366 dict.SetString("use", "sig"); | 1434 dict.SetString("use", "sig"); |
1367 dict.SetBoolean("extractable", false); | 1435 dict.SetBoolean("extractable", false); |
1368 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); | 1436 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); |
1369 std::vector<uint8> json_vec = MakeJsonVector(dict); | 1437 std::vector<uint8> json_vec = MakeJsonVector(dict); |
1370 | 1438 |
1371 ASSERT_TRUE(ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key)); | 1439 ASSERT_STATUS_SUCCESS(ImportKeyJwk( |
| 1440 json_vec, algorithm, extractable, usage_mask, &key)); |
1372 | 1441 |
1373 const std::vector<uint8> message_raw = HexStringToBytes( | 1442 const std::vector<uint8> message_raw = HexStringToBytes( |
1374 "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a" | 1443 "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a" |
1375 "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92" | 1444 "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92" |
1376 "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f" | 1445 "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f" |
1377 "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e"); | 1446 "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e"); |
1378 | 1447 |
1379 blink::WebArrayBuffer output; | 1448 blink::WebArrayBuffer output; |
1380 | 1449 |
1381 ASSERT_TRUE(SignInternal(algorithm, key, message_raw, &output)); | 1450 ASSERT_STATUS_SUCCESS(SignInternal(algorithm, key, message_raw, &output)); |
1382 | 1451 |
1383 const std::string mac_raw = | 1452 const std::string mac_raw = |
1384 "769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b"; | 1453 "769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b"; |
1385 | 1454 |
1386 ExpectArrayBufferMatchesHex(mac_raw, output); | 1455 ExpectArrayBufferMatchesHex(mac_raw, output); |
1387 | 1456 |
1388 // TODO(padolph): Import an RSA public key JWK and use it | 1457 // TODO(padolph): Import an RSA public key JWK and use it |
1389 } | 1458 } |
1390 | 1459 |
1391 TEST_F(WebCryptoImplTest, MAYBE(ImportExportSpki)) { | 1460 TEST_F(WebCryptoImplTest, MAYBE(ImportExportSpki)) { |
1392 // Passing case: Import a valid RSA key in SPKI format. | 1461 // Passing case: Import a valid RSA key in SPKI format. |
1393 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1462 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1394 ASSERT_TRUE(ImportKeyInternal( | 1463 ASSERT_STATUS_SUCCESS(ImportKeyInternal( |
1395 blink::WebCryptoKeyFormatSpki, | 1464 blink::WebCryptoKeyFormatSpki, |
1396 HexStringToBytes(kPublicKeySpkiDerHex), | 1465 HexStringToBytes(kPublicKeySpkiDerHex), |
1397 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 1466 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1398 true, | 1467 true, |
1399 blink::WebCryptoKeyUsageEncrypt, | 1468 blink::WebCryptoKeyUsageEncrypt, |
1400 &key)); | 1469 &key)); |
1401 EXPECT_TRUE(key.handle()); | 1470 EXPECT_TRUE(key.handle()); |
1402 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); | 1471 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); |
1403 EXPECT_TRUE(key.extractable()); | 1472 EXPECT_TRUE(key.extractable()); |
1404 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); | 1473 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); |
1405 | 1474 |
1406 // Failing case: Empty SPKI data | 1475 // Failing case: Empty SPKI data |
1407 EXPECT_FALSE(ImportKeyInternal( | 1476 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), ImportKeyInternal( |
1408 blink::WebCryptoKeyFormatSpki, | 1477 blink::WebCryptoKeyFormatSpki, |
1409 std::vector<uint8>(), | 1478 std::vector<uint8>(), |
1410 blink::WebCryptoAlgorithm::createNull(), | 1479 blink::WebCryptoAlgorithm::createNull(), |
1411 true, | 1480 true, |
1412 blink::WebCryptoKeyUsageEncrypt, | 1481 blink::WebCryptoKeyUsageEncrypt, |
1413 &key)); | 1482 &key)); |
1414 | 1483 |
1415 // Failing case: Import RSA key with NULL input algorithm. This is not | 1484 // Failing case: Import RSA key with NULL input algorithm. This is not |
1416 // allowed because the SPKI ASN.1 format for RSA keys is not specific enough | 1485 // allowed because the SPKI ASN.1 format for RSA keys is not specific enough |
1417 // to map to a Web Crypto algorithm. | 1486 // to map to a Web Crypto algorithm. |
1418 EXPECT_FALSE(ImportKeyInternal( | 1487 EXPECT_STATUS(Status::Error(), ImportKeyInternal( |
1419 blink::WebCryptoKeyFormatSpki, | 1488 blink::WebCryptoKeyFormatSpki, |
1420 HexStringToBytes(kPublicKeySpkiDerHex), | 1489 HexStringToBytes(kPublicKeySpkiDerHex), |
1421 blink::WebCryptoAlgorithm::createNull(), | 1490 blink::WebCryptoAlgorithm::createNull(), |
1422 true, | 1491 true, |
1423 blink::WebCryptoKeyUsageEncrypt, | 1492 blink::WebCryptoKeyUsageEncrypt, |
1424 &key)); | 1493 &key)); |
1425 | 1494 |
1426 // Failing case: Bad DER encoding. | 1495 // Failing case: Bad DER encoding. |
1427 EXPECT_FALSE(ImportKeyInternal( | 1496 EXPECT_STATUS(Status::Error(), ImportKeyInternal( |
1428 blink::WebCryptoKeyFormatSpki, | 1497 blink::WebCryptoKeyFormatSpki, |
1429 HexStringToBytes("618333c4cb"), | 1498 HexStringToBytes("618333c4cb"), |
1430 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 1499 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1431 true, | 1500 true, |
1432 blink::WebCryptoKeyUsageEncrypt, | 1501 blink::WebCryptoKeyUsageEncrypt, |
1433 &key)); | 1502 &key)); |
1434 | 1503 |
1435 // Failing case: Import RSA key but provide an inconsistent input algorithm. | 1504 // Failing case: Import RSA key but provide an inconsistent input algorithm. |
1436 EXPECT_FALSE(ImportKeyInternal( | 1505 EXPECT_STATUS(Status::Error(), ImportKeyInternal( |
1437 blink::WebCryptoKeyFormatSpki, | 1506 blink::WebCryptoKeyFormatSpki, |
1438 HexStringToBytes(kPublicKeySpkiDerHex), | 1507 HexStringToBytes(kPublicKeySpkiDerHex), |
1439 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 1508 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
1440 true, | 1509 true, |
1441 blink::WebCryptoKeyUsageEncrypt, | 1510 blink::WebCryptoKeyUsageEncrypt, |
1442 &key)); | 1511 &key)); |
1443 | 1512 |
1444 // Passing case: Export a previously imported RSA public key in SPKI format | 1513 // Passing case: Export a previously imported RSA public key in SPKI format |
1445 // and compare to original data. | 1514 // and compare to original data. |
1446 blink::WebArrayBuffer output; | 1515 blink::WebArrayBuffer output; |
1447 ASSERT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatSpki, key, &output)); | 1516 ASSERT_STATUS_SUCCESS( |
| 1517 ExportKeyInternal(blink::WebCryptoKeyFormatSpki, key, &output)); |
1448 ExpectArrayBufferMatchesHex(kPublicKeySpkiDerHex, output); | 1518 ExpectArrayBufferMatchesHex(kPublicKeySpkiDerHex, output); |
1449 | 1519 |
1450 // Failing case: Try to export a previously imported RSA public key in raw | 1520 // Failing case: Try to export a previously imported RSA public key in raw |
1451 // format (not allowed for a public key). | 1521 // format (not allowed for a public key). |
1452 EXPECT_FALSE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &output)); | 1522 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), |
| 1523 ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &output)); |
1453 | 1524 |
1454 // Failing case: Try to export a non-extractable key | 1525 // Failing case: Try to export a non-extractable key |
1455 ASSERT_TRUE(ImportKeyInternal( | 1526 ASSERT_STATUS_SUCCESS(ImportKeyInternal( |
1456 blink::WebCryptoKeyFormatSpki, | 1527 blink::WebCryptoKeyFormatSpki, |
1457 HexStringToBytes(kPublicKeySpkiDerHex), | 1528 HexStringToBytes(kPublicKeySpkiDerHex), |
1458 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 1529 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1459 false, | 1530 false, |
1460 blink::WebCryptoKeyUsageEncrypt, | 1531 blink::WebCryptoKeyUsageEncrypt, |
1461 &key)); | 1532 &key)); |
1462 EXPECT_TRUE(key.handle()); | 1533 EXPECT_TRUE(key.handle()); |
1463 EXPECT_FALSE(key.extractable()); | 1534 EXPECT_FALSE(key.extractable()); |
1464 EXPECT_FALSE(ExportKeyInternal(blink::WebCryptoKeyFormatSpki, key, &output)); | 1535 EXPECT_STATUS(Status::ErrorKeyNotExtractable(), |
| 1536 ExportKeyInternal(blink::WebCryptoKeyFormatSpki, key, &output)); |
1465 } | 1537 } |
1466 | 1538 |
1467 TEST_F(WebCryptoImplTest, MAYBE(ImportPkcs8)) { | 1539 TEST_F(WebCryptoImplTest, MAYBE(ImportPkcs8)) { |
1468 // Passing case: Import a valid RSA key in PKCS#8 format. | 1540 // Passing case: Import a valid RSA key in PKCS#8 format. |
1469 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1541 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1470 ASSERT_TRUE(ImportKeyInternal( | 1542 ASSERT_STATUS_SUCCESS(ImportKeyInternal( |
1471 blink::WebCryptoKeyFormatPkcs8, | 1543 blink::WebCryptoKeyFormatPkcs8, |
1472 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 1544 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
1473 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), | 1545 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), |
1474 true, | 1546 true, |
1475 blink::WebCryptoKeyUsageSign, | 1547 blink::WebCryptoKeyUsageSign, |
1476 &key)); | 1548 &key)); |
1477 EXPECT_TRUE(key.handle()); | 1549 EXPECT_TRUE(key.handle()); |
1478 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, key.type()); | 1550 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, key.type()); |
1479 EXPECT_TRUE(key.extractable()); | 1551 EXPECT_TRUE(key.extractable()); |
1480 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages()); | 1552 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages()); |
1481 | 1553 |
1482 // Failing case: Empty PKCS#8 data | 1554 // Failing case: Empty PKCS#8 data |
1483 EXPECT_FALSE(ImportKeyInternal( | 1555 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), ImportKeyInternal( |
1484 blink::WebCryptoKeyFormatPkcs8, | 1556 blink::WebCryptoKeyFormatPkcs8, |
1485 std::vector<uint8>(), | 1557 std::vector<uint8>(), |
1486 blink::WebCryptoAlgorithm::createNull(), | 1558 blink::WebCryptoAlgorithm::createNull(), |
1487 true, | 1559 true, |
1488 blink::WebCryptoKeyUsageSign, | 1560 blink::WebCryptoKeyUsageSign, |
1489 &key)); | 1561 &key)); |
1490 | 1562 |
1491 // Failing case: Import RSA key with NULL input algorithm. This is not | 1563 // Failing case: Import RSA key with NULL input algorithm. This is not |
1492 // allowed because the PKCS#8 ASN.1 format for RSA keys is not specific enough | 1564 // allowed because the PKCS#8 ASN.1 format for RSA keys is not specific enough |
1493 // to map to a Web Crypto algorithm. | 1565 // to map to a Web Crypto algorithm. |
1494 EXPECT_FALSE(ImportKeyInternal( | 1566 EXPECT_STATUS(Status::Error(), ImportKeyInternal( |
1495 blink::WebCryptoKeyFormatPkcs8, | 1567 blink::WebCryptoKeyFormatPkcs8, |
1496 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 1568 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
1497 blink::WebCryptoAlgorithm::createNull(), | 1569 blink::WebCryptoAlgorithm::createNull(), |
1498 true, | 1570 true, |
1499 blink::WebCryptoKeyUsageSign, | 1571 blink::WebCryptoKeyUsageSign, |
1500 &key)); | 1572 &key)); |
1501 | 1573 |
1502 // Failing case: Bad DER encoding. | 1574 // Failing case: Bad DER encoding. |
1503 EXPECT_FALSE(ImportKeyInternal( | 1575 EXPECT_STATUS(Status::Error(), ImportKeyInternal( |
1504 blink::WebCryptoKeyFormatPkcs8, | 1576 blink::WebCryptoKeyFormatPkcs8, |
1505 HexStringToBytes("618333c4cb"), | 1577 HexStringToBytes("618333c4cb"), |
1506 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), | 1578 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), |
1507 true, | 1579 true, |
1508 blink::WebCryptoKeyUsageSign, | 1580 blink::WebCryptoKeyUsageSign, |
1509 &key)); | 1581 &key)); |
1510 | 1582 |
1511 // Failing case: Import RSA key but provide an inconsistent input algorithm. | 1583 // Failing case: Import RSA key but provide an inconsistent input algorithm. |
1512 EXPECT_FALSE(ImportKeyInternal( | 1584 EXPECT_STATUS(Status::Error(), ImportKeyInternal( |
1513 blink::WebCryptoKeyFormatPkcs8, | 1585 blink::WebCryptoKeyFormatPkcs8, |
1514 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 1586 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
1515 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 1587 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
1516 true, | 1588 true, |
1517 blink::WebCryptoKeyUsageSign, | 1589 blink::WebCryptoKeyUsageSign, |
1518 &key)); | 1590 &key)); |
1519 } | 1591 } |
1520 | 1592 |
1521 TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) { | 1593 TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) { |
1522 // Note: using unrealistic short key lengths here to avoid bogging down tests. | 1594 // Note: using unrealistic short key lengths here to avoid bogging down tests. |
1523 | 1595 |
1524 // Successful WebCryptoAlgorithmIdRsaEsPkcs1v1_5 key generation. | 1596 // Successful WebCryptoAlgorithmIdRsaEsPkcs1v1_5 key generation. |
1525 const unsigned modulus_length = 256; | 1597 const unsigned modulus_length = 256; |
1526 const std::vector<uint8> public_exponent = HexStringToBytes("010001"); | 1598 const std::vector<uint8> public_exponent = HexStringToBytes("010001"); |
1527 blink::WebCryptoAlgorithm algorithm = webcrypto::CreateRsaKeyGenAlgorithm( | 1599 blink::WebCryptoAlgorithm algorithm = webcrypto::CreateRsaKeyGenAlgorithm( |
1528 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | 1600 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
1529 modulus_length, | 1601 modulus_length, |
1530 public_exponent); | 1602 public_exponent); |
1531 bool extractable = false; | 1603 bool extractable = false; |
1532 const blink::WebCryptoKeyUsageMask usage_mask = 0; | 1604 const blink::WebCryptoKeyUsageMask usage_mask = 0; |
1533 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1605 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
1534 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 1606 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
1535 EXPECT_TRUE(GenerateKeyPairInternal( | 1607 EXPECT_STATUS_SUCCESS(GenerateKeyPairInternal( |
1536 algorithm, extractable, usage_mask, &public_key, &private_key)); | 1608 algorithm, extractable, usage_mask, &public_key, &private_key)); |
1537 EXPECT_FALSE(public_key.isNull()); | 1609 EXPECT_FALSE(public_key.isNull()); |
1538 EXPECT_FALSE(private_key.isNull()); | 1610 EXPECT_FALSE(private_key.isNull()); |
1539 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 1611 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
1540 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 1612 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
1541 EXPECT_EQ(true, public_key.extractable()); | 1613 EXPECT_EQ(true, public_key.extractable()); |
1542 EXPECT_EQ(extractable, private_key.extractable()); | 1614 EXPECT_EQ(extractable, private_key.extractable()); |
1543 EXPECT_EQ(usage_mask, public_key.usages()); | 1615 EXPECT_EQ(usage_mask, public_key.usages()); |
1544 EXPECT_EQ(usage_mask, private_key.usages()); | 1616 EXPECT_EQ(usage_mask, private_key.usages()); |
1545 | 1617 |
1546 // Fail with bad modulus. | 1618 // Fail with bad modulus. |
1547 algorithm = webcrypto::CreateRsaKeyGenAlgorithm( | 1619 algorithm = webcrypto::CreateRsaKeyGenAlgorithm( |
1548 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, 0, public_exponent); | 1620 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, 0, public_exponent); |
1549 EXPECT_FALSE(GenerateKeyPairInternal( | 1621 EXPECT_STATUS(Status::ErrorGenerateRsaZeroModulus(), GenerateKeyPairInternal( |
1550 algorithm, extractable, usage_mask, &public_key, &private_key)); | 1622 algorithm, extractable, usage_mask, &public_key, &private_key)); |
1551 | 1623 |
1552 // Fail with bad exponent: larger than unsigned long. | 1624 // Fail with bad exponent: larger than unsigned long. |
1553 unsigned exponent_length = sizeof(unsigned long) + 1; // NOLINT | 1625 unsigned exponent_length = sizeof(unsigned long) + 1; // NOLINT |
1554 const std::vector<uint8> long_exponent(exponent_length, 0x01); | 1626 const std::vector<uint8> long_exponent(exponent_length, 0x01); |
1555 algorithm = webcrypto::CreateRsaKeyGenAlgorithm( | 1627 algorithm = webcrypto::CreateRsaKeyGenAlgorithm( |
1556 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | 1628 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
1557 modulus_length, | 1629 modulus_length, |
1558 long_exponent); | 1630 long_exponent); |
1559 EXPECT_FALSE(GenerateKeyPairInternal( | 1631 EXPECT_STATUS(Status::ErrorGenerateKeyPublicExponent(), |
1560 algorithm, extractable, usage_mask, &public_key, &private_key)); | 1632 GenerateKeyPairInternal(algorithm, extractable, usage_mask, &public_key, |
| 1633 &private_key)); |
1561 | 1634 |
1562 // Fail with bad exponent: empty. | 1635 // Fail with bad exponent: empty. |
1563 const std::vector<uint8> empty_exponent; | 1636 const std::vector<uint8> empty_exponent; |
1564 algorithm = webcrypto::CreateRsaKeyGenAlgorithm( | 1637 algorithm = webcrypto::CreateRsaKeyGenAlgorithm( |
1565 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | 1638 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
1566 modulus_length, | 1639 modulus_length, |
1567 empty_exponent); | 1640 empty_exponent); |
1568 EXPECT_FALSE(GenerateKeyPairInternal( | 1641 EXPECT_STATUS(Status::ErrorGenerateKeyPublicExponent(), |
1569 algorithm, extractable, usage_mask, &public_key, &private_key)); | 1642 GenerateKeyPairInternal(algorithm, extractable, usage_mask, &public_key, |
| 1643 &private_key)); |
1570 | 1644 |
1571 // Fail with bad exponent: all zeros. | 1645 // Fail with bad exponent: all zeros. |
1572 std::vector<uint8> exponent_with_leading_zeros(15, 0x00); | 1646 std::vector<uint8> exponent_with_leading_zeros(15, 0x00); |
1573 algorithm = webcrypto::CreateRsaKeyGenAlgorithm( | 1647 algorithm = webcrypto::CreateRsaKeyGenAlgorithm( |
1574 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | 1648 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
1575 modulus_length, | 1649 modulus_length, |
1576 exponent_with_leading_zeros); | 1650 exponent_with_leading_zeros); |
1577 EXPECT_FALSE(GenerateKeyPairInternal( | 1651 EXPECT_STATUS(Status::ErrorGenerateKeyPublicExponent(), |
1578 algorithm, extractable, usage_mask, &public_key, &private_key)); | 1652 GenerateKeyPairInternal(algorithm, extractable, usage_mask, &public_key, |
| 1653 &private_key)); |
1579 | 1654 |
1580 // Key generation success using exponent with leading zeros. | 1655 // Key generation success using exponent with leading zeros. |
1581 exponent_with_leading_zeros.insert(exponent_with_leading_zeros.end(), | 1656 exponent_with_leading_zeros.insert(exponent_with_leading_zeros.end(), |
1582 public_exponent.begin(), | 1657 public_exponent.begin(), |
1583 public_exponent.end()); | 1658 public_exponent.end()); |
1584 algorithm = webcrypto::CreateRsaKeyGenAlgorithm( | 1659 algorithm = webcrypto::CreateRsaKeyGenAlgorithm( |
1585 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | 1660 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
1586 modulus_length, | 1661 modulus_length, |
1587 exponent_with_leading_zeros); | 1662 exponent_with_leading_zeros); |
1588 EXPECT_TRUE(GenerateKeyPairInternal( | 1663 EXPECT_STATUS_SUCCESS(GenerateKeyPairInternal( |
1589 algorithm, extractable, usage_mask, &public_key, &private_key)); | 1664 algorithm, extractable, usage_mask, &public_key, &private_key)); |
1590 EXPECT_FALSE(public_key.isNull()); | 1665 EXPECT_FALSE(public_key.isNull()); |
1591 EXPECT_FALSE(private_key.isNull()); | 1666 EXPECT_FALSE(private_key.isNull()); |
1592 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 1667 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
1593 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 1668 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
1594 EXPECT_EQ(true, public_key.extractable()); | 1669 EXPECT_EQ(true, public_key.extractable()); |
1595 EXPECT_EQ(extractable, private_key.extractable()); | 1670 EXPECT_EQ(extractable, private_key.extractable()); |
1596 EXPECT_EQ(usage_mask, public_key.usages()); | 1671 EXPECT_EQ(usage_mask, public_key.usages()); |
1597 EXPECT_EQ(usage_mask, private_key.usages()); | 1672 EXPECT_EQ(usage_mask, private_key.usages()); |
1598 | 1673 |
1599 // Successful WebCryptoAlgorithmIdRsaOaep key generation. | 1674 // Successful WebCryptoAlgorithmIdRsaOaep key generation. |
1600 algorithm = webcrypto::CreateRsaKeyGenAlgorithm( | 1675 algorithm = webcrypto::CreateRsaKeyGenAlgorithm( |
1601 blink::WebCryptoAlgorithmIdRsaOaep, modulus_length, public_exponent); | 1676 blink::WebCryptoAlgorithmIdRsaOaep, modulus_length, public_exponent); |
1602 EXPECT_TRUE(GenerateKeyPairInternal( | 1677 EXPECT_STATUS_SUCCESS(GenerateKeyPairInternal( |
1603 algorithm, extractable, usage_mask, &public_key, &private_key)); | 1678 algorithm, extractable, usage_mask, &public_key, &private_key)); |
1604 EXPECT_FALSE(public_key.isNull()); | 1679 EXPECT_FALSE(public_key.isNull()); |
1605 EXPECT_FALSE(private_key.isNull()); | 1680 EXPECT_FALSE(private_key.isNull()); |
1606 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 1681 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
1607 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 1682 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
1608 EXPECT_EQ(true, public_key.extractable()); | 1683 EXPECT_EQ(true, public_key.extractable()); |
1609 EXPECT_EQ(extractable, private_key.extractable()); | 1684 EXPECT_EQ(extractable, private_key.extractable()); |
1610 EXPECT_EQ(usage_mask, public_key.usages()); | 1685 EXPECT_EQ(usage_mask, public_key.usages()); |
1611 EXPECT_EQ(usage_mask, private_key.usages()); | 1686 EXPECT_EQ(usage_mask, private_key.usages()); |
1612 | 1687 |
1613 // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation. | 1688 // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation. |
1614 algorithm = webcrypto::CreateRsaKeyGenAlgorithm( | 1689 algorithm = webcrypto::CreateRsaKeyGenAlgorithm( |
1615 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1690 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
1616 modulus_length, | 1691 modulus_length, |
1617 public_exponent); | 1692 public_exponent); |
1618 EXPECT_TRUE(GenerateKeyPairInternal( | 1693 EXPECT_STATUS_SUCCESS(GenerateKeyPairInternal( |
1619 algorithm, extractable, usage_mask, &public_key, &private_key)); | 1694 algorithm, extractable, usage_mask, &public_key, &private_key)); |
1620 EXPECT_FALSE(public_key.isNull()); | 1695 EXPECT_FALSE(public_key.isNull()); |
1621 EXPECT_FALSE(private_key.isNull()); | 1696 EXPECT_FALSE(private_key.isNull()); |
1622 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 1697 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
1623 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 1698 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
1624 EXPECT_EQ(true, public_key.extractable()); | 1699 EXPECT_EQ(true, public_key.extractable()); |
1625 EXPECT_EQ(extractable, private_key.extractable()); | 1700 EXPECT_EQ(extractable, private_key.extractable()); |
1626 EXPECT_EQ(usage_mask, public_key.usages()); | 1701 EXPECT_EQ(usage_mask, public_key.usages()); |
1627 EXPECT_EQ(usage_mask, private_key.usages()); | 1702 EXPECT_EQ(usage_mask, private_key.usages()); |
1628 | 1703 |
1629 // Fail SPKI export of private key. This is an ExportKey test, but do it here | 1704 // Fail SPKI export of private key. This is an ExportKey test, but do it here |
1630 // since it is expensive to generate an RSA key pair and we already have a | 1705 // since it is expensive to generate an RSA key pair and we already have a |
1631 // private key here. | 1706 // private key here. |
1632 blink::WebArrayBuffer output; | 1707 blink::WebArrayBuffer output; |
1633 EXPECT_FALSE( | 1708 // TODO(eroman): This test is failing for a different reason than expected by |
1634 ExportKeyInternal(blink::WebCryptoKeyFormatSpki, private_key, &output)); | 1709 // the test. |
| 1710 EXPECT_STATUS(Status::ErrorKeyNotExtractable(), ExportKeyInternal( |
| 1711 blink::WebCryptoKeyFormatSpki, private_key, &output)); |
1635 } | 1712 } |
1636 | 1713 |
1637 TEST_F(WebCryptoImplTest, MAYBE(RsaEsRoundTrip)) { | 1714 TEST_F(WebCryptoImplTest, MAYBE(RsaEsRoundTrip)) { |
1638 // Import a key pair. | 1715 // Import a key pair. |
1639 blink::WebCryptoAlgorithm algorithm = | 1716 blink::WebCryptoAlgorithm algorithm = |
1640 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 1717 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
1641 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1718 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
1642 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 1719 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
1643 ImportRsaKeyPair( | 1720 ImportRsaKeyPair( |
1644 kPublicKeySpkiDerHex, | 1721 kPublicKeySpkiDerHex, |
(...skipping 19 matching lines...) Expand all Loading... |
1664 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 1741 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
1665 const char* const kTestDataHex[] = { | 1742 const char* const kTestDataHex[] = { |
1666 "ff", | 1743 "ff", |
1667 "0102030405060708090a0b0c0d0e0f", | 1744 "0102030405060708090a0b0c0d0e0f", |
1668 max_data_hex | 1745 max_data_hex |
1669 }; | 1746 }; |
1670 blink::WebArrayBuffer encrypted_data; | 1747 blink::WebArrayBuffer encrypted_data; |
1671 blink::WebArrayBuffer decrypted_data; | 1748 blink::WebArrayBuffer decrypted_data; |
1672 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTestDataHex); ++i) { | 1749 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTestDataHex); ++i) { |
1673 SCOPED_TRACE(i); | 1750 SCOPED_TRACE(i); |
1674 ASSERT_TRUE(EncryptInternal( | 1751 EXPECT_STATUS_SUCCESS(EncryptInternal( |
1675 algorithm, | 1752 algorithm, |
1676 public_key, | 1753 public_key, |
1677 HexStringToBytes(kTestDataHex[i]), | 1754 HexStringToBytes(kTestDataHex[i]), |
1678 &encrypted_data)); | 1755 &encrypted_data)); |
1679 EXPECT_EQ(kModulusLength/8, encrypted_data.byteLength()); | 1756 EXPECT_EQ(kModulusLength / 8, encrypted_data.byteLength()); |
1680 ASSERT_TRUE(DecryptInternal( | 1757 ASSERT_STATUS_SUCCESS(DecryptInternal( |
1681 algorithm, | 1758 algorithm, |
1682 private_key, | 1759 private_key, |
1683 reinterpret_cast<const unsigned char*>(encrypted_data.data()), | 1760 reinterpret_cast<const unsigned char*>(encrypted_data.data()), |
1684 encrypted_data.byteLength(), | 1761 encrypted_data.byteLength(), |
1685 &decrypted_data)); | 1762 &decrypted_data)); |
1686 ExpectArrayBufferMatchesHex(kTestDataHex[i], decrypted_data); | 1763 ExpectArrayBufferMatchesHex(kTestDataHex[i], decrypted_data); |
1687 } | 1764 } |
1688 } | 1765 } |
1689 | 1766 |
1690 TEST_F(WebCryptoImplTest, MAYBE(RsaEsKnownAnswer)) { | 1767 TEST_F(WebCryptoImplTest, MAYBE(RsaEsKnownAnswer)) { |
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1763 rsa_pkcs8_der_hex, | 1840 rsa_pkcs8_der_hex, |
1764 algorithm, | 1841 algorithm, |
1765 false, | 1842 false, |
1766 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, | 1843 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, |
1767 &public_key, | 1844 &public_key, |
1768 &private_key); | 1845 &private_key); |
1769 | 1846 |
1770 // Decrypt the known-good ciphertext with the private key. As a check we must | 1847 // Decrypt the known-good ciphertext with the private key. As a check we must |
1771 // get the known original cleartext. | 1848 // get the known original cleartext. |
1772 blink::WebArrayBuffer decrypted_data; | 1849 blink::WebArrayBuffer decrypted_data; |
1773 ASSERT_TRUE(DecryptInternal( | 1850 ASSERT_STATUS_SUCCESS(DecryptInternal( |
1774 algorithm, | 1851 algorithm, |
1775 private_key, | 1852 private_key, |
1776 HexStringToBytes(ciphertext_hex), | 1853 HexStringToBytes(ciphertext_hex), |
1777 &decrypted_data)); | 1854 &decrypted_data)); |
1778 EXPECT_FALSE(decrypted_data.isNull()); | 1855 EXPECT_FALSE(decrypted_data.isNull()); |
1779 ExpectArrayBufferMatchesHex(cleartext_hex, decrypted_data); | 1856 ExpectArrayBufferMatchesHex(cleartext_hex, decrypted_data); |
1780 | 1857 |
1781 // Encrypt this decrypted data with the public key. | 1858 // Encrypt this decrypted data with the public key. |
1782 blink::WebArrayBuffer encrypted_data; | 1859 blink::WebArrayBuffer encrypted_data; |
1783 ASSERT_TRUE(EncryptInternal( | 1860 ASSERT_STATUS_SUCCESS(EncryptInternal( |
1784 algorithm, | 1861 algorithm, |
1785 public_key, | 1862 public_key, |
1786 reinterpret_cast<const unsigned char*>(decrypted_data.data()), | 1863 reinterpret_cast<const unsigned char*>(decrypted_data.data()), |
1787 decrypted_data.byteLength(), | 1864 decrypted_data.byteLength(), |
1788 &encrypted_data)); | 1865 &encrypted_data)); |
1789 EXPECT_EQ(128u, encrypted_data.byteLength()); | 1866 EXPECT_EQ(128u, encrypted_data.byteLength()); |
1790 | 1867 |
1791 // Finally, decrypt the newly encrypted result with the private key, and | 1868 // Finally, decrypt the newly encrypted result with the private key, and |
1792 // compare to the known original cleartext. | 1869 // compare to the known original cleartext. |
1793 decrypted_data.reset(); | 1870 decrypted_data.reset(); |
1794 ASSERT_TRUE(DecryptInternal( | 1871 ASSERT_STATUS_SUCCESS(DecryptInternal( |
1795 algorithm, | 1872 algorithm, |
1796 private_key, | 1873 private_key, |
1797 reinterpret_cast<const unsigned char*>(encrypted_data.data()), | 1874 reinterpret_cast<const unsigned char*>(encrypted_data.data()), |
1798 encrypted_data.byteLength(), | 1875 encrypted_data.byteLength(), |
1799 &decrypted_data)); | 1876 &decrypted_data)); |
1800 EXPECT_FALSE(decrypted_data.isNull()); | 1877 EXPECT_FALSE(decrypted_data.isNull()); |
1801 ExpectArrayBufferMatchesHex(cleartext_hex, decrypted_data); | 1878 ExpectArrayBufferMatchesHex(cleartext_hex, decrypted_data); |
1802 } | 1879 } |
1803 | 1880 |
1804 TEST_F(WebCryptoImplTest, MAYBE(RsaEsFailures)) { | 1881 TEST_F(WebCryptoImplTest, MAYBE(RsaEsFailures)) { |
1805 // Import a key pair. | 1882 // Import a key pair. |
1806 blink::WebCryptoAlgorithm algorithm = | 1883 blink::WebCryptoAlgorithm algorithm = |
1807 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 1884 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
1808 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1885 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
1809 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 1886 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
1810 ImportRsaKeyPair( | 1887 ImportRsaKeyPair( |
1811 kPublicKeySpkiDerHex, | 1888 kPublicKeySpkiDerHex, |
1812 kPrivateKeyPkcs8DerHex, | 1889 kPrivateKeyPkcs8DerHex, |
1813 algorithm, | 1890 algorithm, |
1814 false, | 1891 false, |
1815 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, | 1892 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, |
1816 &public_key, | 1893 &public_key, |
1817 &private_key); | 1894 &private_key); |
1818 | 1895 |
1819 // Fail encrypt with a private key. | 1896 // Fail encrypt with a private key. |
1820 blink::WebArrayBuffer encrypted_data; | 1897 blink::WebArrayBuffer encrypted_data; |
1821 const std::string message_hex_str("0102030405060708090a0b0c0d0e0f"); | 1898 const std::string message_hex_str("0102030405060708090a0b0c0d0e0f"); |
1822 const std::vector<uint8> message_hex(HexStringToBytes(message_hex_str)); | 1899 const std::vector<uint8> message_hex(HexStringToBytes(message_hex_str)); |
1823 EXPECT_FALSE( | 1900 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), |
1824 EncryptInternal(algorithm, private_key, message_hex, &encrypted_data)); | 1901 EncryptInternal(algorithm, private_key, message_hex, &encrypted_data)); |
1825 | 1902 |
1826 // Fail encrypt with empty message. | 1903 // Fail encrypt with empty message. |
1827 EXPECT_FALSE(EncryptInternal( | 1904 EXPECT_STATUS(Status::Error(), EncryptInternal( |
1828 algorithm, public_key, std::vector<uint8>(), &encrypted_data)); | 1905 algorithm, public_key, std::vector<uint8>(), &encrypted_data)); |
1829 | 1906 |
1830 // Fail encrypt with message too large. RSAES can operate on messages up to | 1907 // Fail encrypt with message too large. RSAES can operate on messages up to |
1831 // length of k - 11 bytes, where k is the octet length of the RSA modulus. | 1908 // length of k - 11 bytes, where k is the octet length of the RSA modulus. |
1832 const unsigned kMaxMsgSizeBytes = kModulusLength / 8 - 11; | 1909 const unsigned kMaxMsgSizeBytes = kModulusLength / 8 - 11; |
1833 EXPECT_FALSE(EncryptInternal(algorithm, | 1910 EXPECT_STATUS( |
1834 public_key, | 1911 Status::ErrorDataTooLarge(), |
1835 std::vector<uint8>(kMaxMsgSizeBytes + 1, '0'), | 1912 EncryptInternal(algorithm, |
1836 &encrypted_data)); | 1913 public_key, |
| 1914 std::vector<uint8>(kMaxMsgSizeBytes + 1, '0'), |
| 1915 &encrypted_data)); |
1837 | 1916 |
1838 // Generate encrypted data. | 1917 // Generate encrypted data. |
1839 EXPECT_TRUE( | 1918 EXPECT_STATUS(Status::Success(), |
1840 EncryptInternal(algorithm, public_key, message_hex, &encrypted_data)); | 1919 EncryptInternal(algorithm, public_key, message_hex, &encrypted_data)); |
1841 | 1920 |
1842 // Fail decrypt with a public key. | 1921 // Fail decrypt with a public key. |
1843 blink::WebArrayBuffer decrypted_data; | 1922 blink::WebArrayBuffer decrypted_data; |
1844 EXPECT_FALSE(DecryptInternal( | 1923 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), DecryptInternal( |
1845 algorithm, | 1924 algorithm, |
1846 public_key, | 1925 public_key, |
1847 reinterpret_cast<const unsigned char*>(encrypted_data.data()), | 1926 reinterpret_cast<const unsigned char*>(encrypted_data.data()), |
1848 encrypted_data.byteLength(), | 1927 encrypted_data.byteLength(), |
1849 &decrypted_data)); | 1928 &decrypted_data)); |
1850 | 1929 |
1851 // Corrupt encrypted data; ensure decrypt fails because padding was disrupted. | 1930 // Corrupt encrypted data; ensure decrypt fails because padding was disrupted. |
1852 std::vector<uint8> corrupted_data( | 1931 std::vector<uint8> corrupted_data( |
1853 static_cast<uint8*>(encrypted_data.data()), | 1932 static_cast<uint8*>(encrypted_data.data()), |
1854 static_cast<uint8*>(encrypted_data.data()) + encrypted_data.byteLength()); | 1933 static_cast<uint8*>(encrypted_data.data()) + encrypted_data.byteLength()); |
1855 corrupted_data[corrupted_data.size() / 2] ^= 0x01; | 1934 corrupted_data[corrupted_data.size() / 2] ^= 0x01; |
1856 EXPECT_FALSE( | 1935 EXPECT_STATUS(Status::Error(), |
1857 DecryptInternal(algorithm, private_key, corrupted_data, &decrypted_data)); | 1936 DecryptInternal(algorithm, private_key, corrupted_data, &decrypted_data)); |
1858 | 1937 |
1859 // TODO(padolph): Are there other specific data corruption scenarios to | 1938 // TODO(padolph): Are there other specific data corruption scenarios to |
1860 // consider? | 1939 // consider? |
1861 | 1940 |
1862 // Do a successful decrypt with good data just for confirmation. | 1941 // Do a successful decrypt with good data just for confirmation. |
1863 EXPECT_TRUE(DecryptInternal( | 1942 EXPECT_STATUS_SUCCESS(DecryptInternal( |
1864 algorithm, | 1943 algorithm, |
1865 private_key, | 1944 private_key, |
1866 reinterpret_cast<const unsigned char*>(encrypted_data.data()), | 1945 reinterpret_cast<const unsigned char*>(encrypted_data.data()), |
1867 encrypted_data.byteLength(), | 1946 encrypted_data.byteLength(), |
1868 &decrypted_data)); | 1947 &decrypted_data)); |
1869 ExpectArrayBufferMatchesHex(message_hex_str, decrypted_data); | 1948 ExpectArrayBufferMatchesHex(message_hex_str, decrypted_data); |
1870 } | 1949 } |
1871 | 1950 |
1872 TEST_F(WebCryptoImplTest, MAYBE(RsaSsaSignVerifyFailures)) { | 1951 TEST_F(WebCryptoImplTest, MAYBE(RsaSsaSignVerifyFailures)) { |
1873 // Import a key pair. | 1952 // Import a key pair. |
1874 blink::WebCryptoAlgorithm algorithm = CreateRsaAlgorithmWithInnerHash( | 1953 blink::WebCryptoAlgorithm algorithm = CreateRsaAlgorithmWithInnerHash( |
1875 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1954 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
1876 blink::WebCryptoAlgorithmIdSha1); | 1955 blink::WebCryptoAlgorithmIdSha1); |
1877 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1956 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
1878 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 1957 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
1879 ImportRsaKeyPair( | 1958 ImportRsaKeyPair( |
1880 kPublicKeySpkiDerHex, | 1959 kPublicKeySpkiDerHex, |
1881 kPrivateKeyPkcs8DerHex, | 1960 kPrivateKeyPkcs8DerHex, |
1882 algorithm, | 1961 algorithm, |
1883 false, | 1962 false, |
1884 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, | 1963 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, |
1885 &public_key, | 1964 &public_key, |
1886 &private_key); | 1965 &private_key); |
1887 | 1966 |
1888 blink::WebArrayBuffer signature; | 1967 blink::WebArrayBuffer signature; |
1889 bool signature_match; | 1968 bool signature_match; |
1890 | 1969 |
1891 // Compute a signature. | 1970 // Compute a signature. |
1892 const std::vector<uint8> data = HexStringToBytes("010203040506070809"); | 1971 const std::vector<uint8> data = HexStringToBytes("010203040506070809"); |
1893 ASSERT_TRUE(SignInternal(algorithm, private_key, data, &signature)); | 1972 ASSERT_STATUS_SUCCESS(SignInternal(algorithm, private_key, data, &signature)); |
1894 | 1973 |
1895 // Ensure truncated signature does not verify by passing one less byte. | 1974 // Ensure truncated signature does not verify by passing one less byte. |
1896 EXPECT_TRUE(VerifySignatureInternal( | 1975 EXPECT_STATUS_SUCCESS(VerifySignatureInternal( |
1897 algorithm, | 1976 algorithm, |
1898 public_key, | 1977 public_key, |
1899 static_cast<const unsigned char*>(signature.data()), | 1978 static_cast<const unsigned char*>(signature.data()), |
1900 signature.byteLength() - 1, | 1979 signature.byteLength() - 1, |
1901 data, | 1980 data, |
1902 &signature_match)); | 1981 &signature_match)); |
1903 EXPECT_FALSE(signature_match); | 1982 EXPECT_FALSE(signature_match); |
1904 | 1983 |
| 1984 // Ensure truncated signature does not verify by passing no bytes. |
| 1985 EXPECT_STATUS_SUCCESS(VerifySignatureInternal( |
| 1986 algorithm, |
| 1987 public_key, |
| 1988 NULL, |
| 1989 0, |
| 1990 data, |
| 1991 &signature_match)); |
| 1992 EXPECT_FALSE(signature_match); |
| 1993 |
1905 // Ensure corrupted signature does not verify. | 1994 // Ensure corrupted signature does not verify. |
1906 std::vector<uint8> corrupt_sig( | 1995 std::vector<uint8> corrupt_sig( |
1907 static_cast<uint8*>(signature.data()), | 1996 static_cast<uint8*>(signature.data()), |
1908 static_cast<uint8*>(signature.data()) + signature.byteLength()); | 1997 static_cast<uint8*>(signature.data()) + signature.byteLength()); |
1909 corrupt_sig[corrupt_sig.size() / 2] ^= 0x1; | 1998 corrupt_sig[corrupt_sig.size() / 2] ^= 0x1; |
1910 EXPECT_TRUE(VerifySignatureInternal( | 1999 EXPECT_STATUS_SUCCESS(VerifySignatureInternal( |
1911 algorithm, | 2000 algorithm, |
1912 public_key, | 2001 public_key, |
1913 webcrypto::Uint8VectorStart(corrupt_sig), | 2002 webcrypto::Uint8VectorStart(corrupt_sig), |
1914 corrupt_sig.size(), | 2003 corrupt_sig.size(), |
1915 data, | 2004 data, |
1916 &signature_match)); | 2005 &signature_match)); |
1917 EXPECT_FALSE(signature_match); | 2006 EXPECT_FALSE(signature_match); |
1918 | 2007 |
1919 // Ensure signatures that are greater than the modulus size fail. | 2008 // Ensure signatures that are greater than the modulus size fail. |
1920 const unsigned long_message_size_bytes = 1024; | 2009 const unsigned long_message_size_bytes = 1024; |
1921 DCHECK_GT(long_message_size_bytes, kModulusLength/8); | 2010 DCHECK_GT(long_message_size_bytes, kModulusLength/8); |
1922 const unsigned char kLongSignature[long_message_size_bytes] = { 0 }; | 2011 const unsigned char kLongSignature[long_message_size_bytes] = { 0 }; |
1923 EXPECT_TRUE(VerifySignatureInternal( | 2012 EXPECT_STATUS_SUCCESS(VerifySignatureInternal( |
1924 algorithm, | 2013 algorithm, |
1925 public_key, | 2014 public_key, |
1926 kLongSignature, | 2015 kLongSignature, |
1927 sizeof(kLongSignature), | 2016 sizeof(kLongSignature), |
1928 data, | 2017 data, |
1929 &signature_match)); | 2018 &signature_match)); |
1930 EXPECT_FALSE(signature_match); | 2019 EXPECT_FALSE(signature_match); |
1931 | 2020 |
1932 // Ensure that verifying using a private key, rather than a public key, fails. | 2021 // Ensure that verifying using a private key, rather than a public key, fails. |
1933 EXPECT_FALSE(VerifySignatureInternal( | 2022 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), VerifySignatureInternal( |
1934 algorithm, | 2023 algorithm, |
1935 private_key, | 2024 private_key, |
1936 static_cast<const unsigned char*>(signature.data()), | 2025 static_cast<const unsigned char*>(signature.data()), |
1937 signature.byteLength(), | 2026 signature.byteLength(), |
1938 data, | 2027 data, |
1939 &signature_match)); | 2028 &signature_match)); |
1940 | 2029 |
1941 // Ensure that signing using a public key, rather than a private key, fails. | 2030 // Ensure that signing using a public key, rather than a private key, fails. |
1942 EXPECT_FALSE(SignInternal(algorithm, public_key, data, &signature)); | 2031 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), |
| 2032 SignInternal(algorithm, public_key, data, &signature)); |
1943 | 2033 |
1944 // Ensure that signing and verifying with an incompatible algorithm fails. | 2034 // Ensure that signing and verifying with an incompatible algorithm fails. |
1945 algorithm = | 2035 algorithm = |
1946 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 2036 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
1947 EXPECT_FALSE(SignInternal(algorithm, private_key, data, &signature)); | 2037 EXPECT_STATUS(Status::ErrorUnsupported(), |
1948 EXPECT_FALSE(VerifySignatureInternal( | 2038 SignInternal(algorithm, private_key, data, &signature)); |
| 2039 EXPECT_STATUS(Status::ErrorUnsupported(), VerifySignatureInternal( |
1949 algorithm, | 2040 algorithm, |
1950 public_key, | 2041 public_key, |
1951 static_cast<const unsigned char*>(signature.data()), | 2042 static_cast<const unsigned char*>(signature.data()), |
1952 signature.byteLength(), | 2043 signature.byteLength(), |
1953 data, | 2044 data, |
1954 &signature_match)); | 2045 &signature_match)); |
1955 | 2046 |
1956 // Some crypto libraries (NSS) can automatically select the RSA SSA inner hash | 2047 // Some crypto libraries (NSS) can automatically select the RSA SSA inner hash |
1957 // based solely on the contents of the input signature data. In the Web Crypto | 2048 // based solely on the contents of the input signature data. In the Web Crypto |
1958 // implementation, the inner hash should be specified uniquely by the input | 2049 // implementation, the inner hash should be specified uniquely by the input |
1959 // algorithm parameter. To validate this behavior, call Verify with a computed | 2050 // algorithm parameter. To validate this behavior, call Verify with a computed |
1960 // signature that used one hash type (SHA-1), but pass in an algorithm with a | 2051 // signature that used one hash type (SHA-1), but pass in an algorithm with a |
1961 // different inner hash type (SHA-256). If the hash type is determined by the | 2052 // different inner hash type (SHA-256). If the hash type is determined by the |
1962 // signature itself (undesired), the verify will pass, while if the hash type | 2053 // signature itself (undesired), the verify will pass, while if the hash type |
1963 // is specified by the input algorithm (desired), the verify will fail. | 2054 // is specified by the input algorithm (desired), the verify will fail. |
1964 | 2055 |
1965 // Compute a signature using SHA-1 as the inner hash. | 2056 // Compute a signature using SHA-1 as the inner hash. |
1966 EXPECT_TRUE(SignInternal(CreateRsaAlgorithmWithInnerHash( | 2057 EXPECT_STATUS_SUCCESS(SignInternal(CreateRsaAlgorithmWithInnerHash( |
1967 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2058 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
1968 blink::WebCryptoAlgorithmIdSha1), | 2059 blink::WebCryptoAlgorithmIdSha1), |
1969 private_key, | 2060 private_key, |
1970 data, | 2061 data, |
1971 &signature)); | 2062 &signature)); |
1972 | 2063 |
1973 // Now verify using an algorithm whose inner hash is SHA-256, not SHA-1. The | 2064 // Now verify using an algorithm whose inner hash is SHA-256, not SHA-1. The |
1974 // signature should not verify. | 2065 // signature should not verify. |
1975 // NOTE: public_key was produced by generateKey, and so its associated | 2066 // NOTE: public_key was produced by generateKey, and so its associated |
1976 // algorithm has WebCryptoRsaKeyGenParams and not WebCryptoRsaSsaParams. Thus | 2067 // algorithm has WebCryptoRsaKeyGenParams and not WebCryptoRsaSsaParams. Thus |
1977 // it has no inner hash to conflict with the input algorithm. | 2068 // it has no inner hash to conflict with the input algorithm. |
1978 bool is_match; | 2069 bool is_match; |
1979 EXPECT_TRUE(VerifySignatureInternal( | 2070 EXPECT_STATUS_SUCCESS(VerifySignatureInternal( |
1980 CreateRsaAlgorithmWithInnerHash( | 2071 CreateRsaAlgorithmWithInnerHash( |
1981 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2072 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
1982 blink::WebCryptoAlgorithmIdSha256), | 2073 blink::WebCryptoAlgorithmIdSha256), |
1983 public_key, | 2074 public_key, |
1984 static_cast<const unsigned char*>(signature.data()), | 2075 static_cast<const unsigned char*>(signature.data()), |
1985 signature.byteLength(), | 2076 signature.byteLength(), |
1986 data, | 2077 data, |
1987 &is_match)); | 2078 &is_match)); |
1988 EXPECT_FALSE(is_match); | 2079 EXPECT_FALSE(is_match); |
1989 } | 2080 } |
(...skipping 212 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2202 &private_key); | 2293 &private_key); |
2203 | 2294 |
2204 // Validate the signatures are computed and verified as expected. | 2295 // Validate the signatures are computed and verified as expected. |
2205 blink::WebArrayBuffer signature; | 2296 blink::WebArrayBuffer signature; |
2206 for (size_t idx = 0; idx < ARRAYSIZE_UNSAFE(kTests); ++idx) { | 2297 for (size_t idx = 0; idx < ARRAYSIZE_UNSAFE(kTests); ++idx) { |
2207 SCOPED_TRACE(idx); | 2298 SCOPED_TRACE(idx); |
2208 const TestCase& test = kTests[idx]; | 2299 const TestCase& test = kTests[idx]; |
2209 const std::vector<uint8> message = HexStringToBytes(test.message_hex); | 2300 const std::vector<uint8> message = HexStringToBytes(test.message_hex); |
2210 | 2301 |
2211 signature.reset(); | 2302 signature.reset(); |
2212 ASSERT_TRUE(SignInternal(algorithm, private_key, message, &signature)); | 2303 ASSERT_STATUS_SUCCESS( |
| 2304 SignInternal(algorithm, private_key, message, &signature)); |
2213 ExpectArrayBufferMatchesHex(test.signature_hex, signature); | 2305 ExpectArrayBufferMatchesHex(test.signature_hex, signature); |
2214 | 2306 |
2215 bool is_match = false; | 2307 bool is_match = false; |
2216 ASSERT_TRUE(VerifySignatureInternal( | 2308 ASSERT_STATUS_SUCCESS(VerifySignatureInternal( |
2217 algorithm, | 2309 algorithm, |
2218 public_key, | 2310 public_key, |
2219 HexStringToBytes(test.signature_hex), | 2311 HexStringToBytes(test.signature_hex), |
2220 message, | 2312 message, |
2221 &is_match)); | 2313 &is_match)); |
2222 EXPECT_TRUE(is_match); | 2314 EXPECT_TRUE(is_match); |
2223 } | 2315 } |
2224 } | 2316 } |
2225 | 2317 |
2226 TEST_F(WebCryptoImplTest, MAYBE(AesKwKeyImport)) { | 2318 TEST_F(WebCryptoImplTest, MAYBE(AesKwKeyImport)) { |
2227 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 2319 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
2228 blink::WebCryptoAlgorithm algorithm = | 2320 blink::WebCryptoAlgorithm algorithm = |
2229 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); | 2321 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); |
2230 | 2322 |
2231 // Import a 128-bit Key Encryption Key (KEK) | 2323 // Import a 128-bit Key Encryption Key (KEK) |
2232 std::string key_raw_hex_in = "025a8cf3f08b4f6c5f33bbc76a471939"; | 2324 std::string key_raw_hex_in = "025a8cf3f08b4f6c5f33bbc76a471939"; |
2233 ASSERT_TRUE(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, | 2325 ASSERT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
2234 HexStringToBytes(key_raw_hex_in), | 2326 HexStringToBytes(key_raw_hex_in), |
2235 algorithm, | 2327 algorithm, |
2236 true, | 2328 true, |
2237 blink::WebCryptoKeyUsageWrapKey, | 2329 blink::WebCryptoKeyUsageWrapKey, |
2238 &key)); | 2330 &key)); |
2239 blink::WebArrayBuffer key_raw_out; | 2331 blink::WebArrayBuffer key_raw_out; |
2240 EXPECT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, | 2332 EXPECT_STATUS_SUCCESS(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, |
2241 key, | 2333 key, |
2242 &key_raw_out)); | 2334 &key_raw_out)); |
2243 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); | 2335 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); |
2244 | 2336 |
2245 // Import a 192-bit KEK | 2337 // Import a 192-bit KEK |
2246 key_raw_hex_in = "c0192c6466b2370decbb62b2cfef4384544ffeb4d2fbc103"; | 2338 key_raw_hex_in = "c0192c6466b2370decbb62b2cfef4384544ffeb4d2fbc103"; |
2247 ASSERT_TRUE(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, | 2339 ASSERT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
2248 HexStringToBytes(key_raw_hex_in), | 2340 HexStringToBytes(key_raw_hex_in), |
2249 algorithm, | 2341 algorithm, |
2250 true, | 2342 true, |
2251 blink::WebCryptoKeyUsageWrapKey, | 2343 blink::WebCryptoKeyUsageWrapKey, |
2252 &key)); | 2344 &key)); |
2253 EXPECT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, | 2345 EXPECT_STATUS_SUCCESS(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, |
2254 key, | 2346 key, |
2255 &key_raw_out)); | 2347 &key_raw_out)); |
2256 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); | 2348 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); |
2257 | 2349 |
2258 // Import a 256-bit Key Encryption Key (KEK) | 2350 // Import a 256-bit Key Encryption Key (KEK) |
2259 key_raw_hex_in = | 2351 key_raw_hex_in = |
2260 "e11fe66380d90fa9ebefb74e0478e78f95664d0c67ca20ce4a0b5842863ac46f"; | 2352 "e11fe66380d90fa9ebefb74e0478e78f95664d0c67ca20ce4a0b5842863ac46f"; |
2261 ASSERT_TRUE(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, | 2353 ASSERT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
2262 HexStringToBytes(key_raw_hex_in), | 2354 HexStringToBytes(key_raw_hex_in), |
2263 algorithm, | 2355 algorithm, |
2264 true, | 2356 true, |
2265 blink::WebCryptoKeyUsageWrapKey, | 2357 blink::WebCryptoKeyUsageWrapKey, |
2266 &key)); | 2358 &key)); |
2267 EXPECT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, | 2359 EXPECT_STATUS_SUCCESS(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, |
2268 key, | 2360 key, |
2269 &key_raw_out)); | 2361 &key_raw_out)); |
2270 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); | 2362 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); |
2271 | 2363 |
2272 // Fail import of 0 length key | 2364 // Fail import of 0 length key |
2273 EXPECT_FALSE(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, | 2365 EXPECT_STATUS(Status::Error(), |
2274 HexStringToBytes(""), | 2366 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
2275 algorithm, | 2367 HexStringToBytes(""), |
2276 true, | 2368 algorithm, |
2277 blink::WebCryptoKeyUsageWrapKey, | 2369 true, |
2278 &key)); | 2370 blink::WebCryptoKeyUsageWrapKey, |
| 2371 &key)); |
2279 | 2372 |
2280 // Fail import of 124-bit KEK | 2373 // Fail import of 124-bit KEK |
2281 key_raw_hex_in = "3e4566a2bdaa10cb68134fa66c15ddb"; | 2374 key_raw_hex_in = "3e4566a2bdaa10cb68134fa66c15ddb"; |
2282 EXPECT_FALSE(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, | 2375 EXPECT_STATUS(Status::Error(), |
2283 HexStringToBytes(key_raw_hex_in), | 2376 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
2284 algorithm, | 2377 HexStringToBytes(key_raw_hex_in), |
2285 true, | 2378 algorithm, |
2286 blink::WebCryptoKeyUsageWrapKey, | 2379 true, |
2287 &key)); | 2380 blink::WebCryptoKeyUsageWrapKey, |
| 2381 &key)); |
2288 | 2382 |
2289 // Fail import of 200-bit KEK | 2383 // Fail import of 200-bit KEK |
2290 key_raw_hex_in = "0a1d88608a5ad9fec64f1ada269ebab4baa2feeb8d95638c0e"; | 2384 key_raw_hex_in = "0a1d88608a5ad9fec64f1ada269ebab4baa2feeb8d95638c0e"; |
2291 EXPECT_FALSE(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, | 2385 EXPECT_STATUS(Status::Error(), |
2292 HexStringToBytes(key_raw_hex_in), | 2386 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
2293 algorithm, | 2387 HexStringToBytes(key_raw_hex_in), |
2294 true, | 2388 algorithm, |
2295 blink::WebCryptoKeyUsageWrapKey, | 2389 true, |
2296 &key)); | 2390 blink::WebCryptoKeyUsageWrapKey, |
| 2391 &key)); |
2297 | 2392 |
2298 // Fail import of 260-bit KEK | 2393 // Fail import of 260-bit KEK |
2299 key_raw_hex_in = | 2394 key_raw_hex_in = |
2300 "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a"; | 2395 "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a"; |
2301 EXPECT_FALSE(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, | 2396 EXPECT_STATUS(Status::Error(), |
2302 HexStringToBytes(key_raw_hex_in), | 2397 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
2303 algorithm, | 2398 HexStringToBytes(key_raw_hex_in), |
2304 true, | 2399 algorithm, |
2305 blink::WebCryptoKeyUsageWrapKey, | 2400 true, |
2306 &key)); | 2401 blink::WebCryptoKeyUsageWrapKey, |
| 2402 &key)); |
2307 } | 2403 } |
2308 | 2404 |
2309 // TODO(eroman): | 2405 // TODO(eroman): |
2310 // * Test decryption when the tag length exceeds input size | 2406 // * Test decryption when the tag length exceeds input size |
2311 // * Test decryption with empty input | 2407 // * Test decryption with empty input |
2312 // * Test decryption with tag length of 0. | 2408 // * Test decryption with tag length of 0. |
2313 TEST_F(WebCryptoImplTest, MAYBE(AesGcmSampleSets)) { | 2409 TEST_F(WebCryptoImplTest, MAYBE(AesGcmSampleSets)) { |
2314 // Some Linux test runners may not have a new enough version of NSS. | 2410 // Some Linux test runners may not have a new enough version of NSS. |
2315 if (!SupportsAesGcm()) { | 2411 if (!SupportsAesGcm()) { |
2316 LOG(WARNING) << "AES GCM not supported, skipping tests"; | 2412 LOG(WARNING) << "AES GCM not supported, skipping tests"; |
(...skipping 101 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2418 SCOPED_TRACE(index); | 2514 SCOPED_TRACE(index); |
2419 const TestCase& test = kTests[index]; | 2515 const TestCase& test = kTests[index]; |
2420 | 2516 |
2421 blink::WebCryptoKey key = ImportSecretKeyFromRawHexString( | 2517 blink::WebCryptoKey key = ImportSecretKeyFromRawHexString( |
2422 test.key, | 2518 test.key, |
2423 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm), | 2519 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm), |
2424 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); | 2520 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); |
2425 | 2521 |
2426 // Verify exported raw key is identical to the imported data | 2522 // Verify exported raw key is identical to the imported data |
2427 blink::WebArrayBuffer raw_key; | 2523 blink::WebArrayBuffer raw_key; |
2428 EXPECT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 2524 EXPECT_STATUS_SUCCESS(ExportKeyInternal( |
| 2525 blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
2429 ExpectArrayBufferMatchesHex(test.key, raw_key); | 2526 ExpectArrayBufferMatchesHex(test.key, raw_key); |
2430 | 2527 |
2431 const std::vector<uint8> test_iv = HexStringToBytes(test.iv); | 2528 const std::vector<uint8> test_iv = HexStringToBytes(test.iv); |
2432 const std::vector<uint8> test_additional_data = | 2529 const std::vector<uint8> test_additional_data = |
2433 HexStringToBytes(test.additional_data); | 2530 HexStringToBytes(test.additional_data); |
2434 const std::vector<uint8> test_plain_text = | 2531 const std::vector<uint8> test_plain_text = |
2435 HexStringToBytes(test.plain_text); | 2532 HexStringToBytes(test.plain_text); |
2436 const std::vector<uint8> test_authentication_tag = | 2533 const std::vector<uint8> test_authentication_tag = |
2437 HexStringToBytes(test.authentication_tag); | 2534 HexStringToBytes(test.authentication_tag); |
2438 const unsigned test_tag_size_bits = test_authentication_tag.size() * 8; | 2535 const unsigned test_tag_size_bits = test_authentication_tag.size() * 8; |
2439 const std::vector<uint8> test_cipher_text = | 2536 const std::vector<uint8> test_cipher_text = |
2440 HexStringToBytes(test.cipher_text); | 2537 HexStringToBytes(test.cipher_text); |
2441 | 2538 |
2442 // Test encryption. | 2539 // Test encryption. |
2443 std::vector<uint8> cipher_text; | 2540 std::vector<uint8> cipher_text; |
2444 std::vector<uint8> authentication_tag; | 2541 std::vector<uint8> authentication_tag; |
2445 EXPECT_TRUE(AesGcmEncrypt(key, test_iv, test_additional_data, | 2542 EXPECT_STATUS_SUCCESS(AesGcmEncrypt(key, test_iv, test_additional_data, |
2446 test_tag_size_bits, test_plain_text, | 2543 test_tag_size_bits, test_plain_text, |
2447 &cipher_text, &authentication_tag)); | 2544 &cipher_text, &authentication_tag)); |
2448 | 2545 |
2449 ExpectVectorMatchesHex(test.cipher_text, cipher_text); | 2546 ExpectVectorMatchesHex(test.cipher_text, cipher_text); |
2450 ExpectVectorMatchesHex(test.authentication_tag, authentication_tag); | 2547 ExpectVectorMatchesHex(test.authentication_tag, authentication_tag); |
2451 | 2548 |
2452 // Test decryption. | 2549 // Test decryption. |
2453 blink::WebArrayBuffer plain_text; | 2550 blink::WebArrayBuffer plain_text; |
2454 EXPECT_TRUE(AesGcmDecrypt(key, test_iv, test_additional_data, | 2551 EXPECT_STATUS_SUCCESS(AesGcmDecrypt(key, test_iv, test_additional_data, |
2455 test_tag_size_bits, test_cipher_text, | 2552 test_tag_size_bits, test_cipher_text, |
2456 test_authentication_tag, &plain_text)); | 2553 test_authentication_tag, &plain_text)); |
2457 ExpectArrayBufferMatchesHex(test.plain_text, plain_text); | 2554 ExpectArrayBufferMatchesHex(test.plain_text, plain_text); |
2458 | 2555 |
2459 // Decryption should fail if any of the inputs are tampered with. | 2556 // Decryption should fail if any of the inputs are tampered with. |
2460 EXPECT_FALSE(AesGcmDecrypt(key, Corrupted(test_iv), test_additional_data, | 2557 EXPECT_STATUS(Status::Error(), |
2461 test_tag_size_bits, test_cipher_text, | 2558 AesGcmDecrypt(key, Corrupted(test_iv), test_additional_data, |
2462 test_authentication_tag, &plain_text)); | 2559 test_tag_size_bits, test_cipher_text, |
2463 EXPECT_FALSE(AesGcmDecrypt(key, test_iv, Corrupted(test_additional_data), | 2560 test_authentication_tag, &plain_text)); |
2464 test_tag_size_bits, test_cipher_text, | 2561 EXPECT_STATUS(Status::Error(), |
2465 test_authentication_tag, &plain_text)); | 2562 AesGcmDecrypt(key, test_iv, Corrupted(test_additional_data), |
2466 EXPECT_FALSE(AesGcmDecrypt(key, test_iv, test_additional_data, | 2563 test_tag_size_bits, test_cipher_text, |
2467 test_tag_size_bits, Corrupted(test_cipher_text), | 2564 test_authentication_tag, &plain_text)); |
2468 test_authentication_tag, &plain_text)); | 2565 EXPECT_STATUS(Status::Error(), |
2469 EXPECT_FALSE(AesGcmDecrypt(key, test_iv, test_additional_data, | 2566 AesGcmDecrypt(key, test_iv, test_additional_data, |
2470 test_tag_size_bits, test_cipher_text, | 2567 test_tag_size_bits, Corrupted(test_cipher_text), |
2471 Corrupted(test_authentication_tag), | 2568 test_authentication_tag, &plain_text)); |
2472 &plain_text)); | 2569 EXPECT_STATUS(Status::Error(), |
| 2570 AesGcmDecrypt(key, test_iv, test_additional_data, |
| 2571 test_tag_size_bits, test_cipher_text, |
| 2572 Corrupted(test_authentication_tag), |
| 2573 &plain_text)); |
2473 | 2574 |
2474 // Try different incorrect tag lengths | 2575 // Try different incorrect tag lengths |
2475 uint8 kAlternateTagLengths[] = {8, 96, 120, 128, 160, 255}; | 2576 uint8 kAlternateTagLengths[] = {8, 96, 120, 128, 160, 255}; |
2476 for (size_t tag_i = 0; tag_i < arraysize(kAlternateTagLengths); ++tag_i) { | 2577 for (size_t tag_i = 0; tag_i < arraysize(kAlternateTagLengths); ++tag_i) { |
2477 unsigned wrong_tag_size_bits = kAlternateTagLengths[tag_i]; | 2578 unsigned wrong_tag_size_bits = kAlternateTagLengths[tag_i]; |
2478 if (test_tag_size_bits == wrong_tag_size_bits) | 2579 if (test_tag_size_bits == wrong_tag_size_bits) |
2479 continue; | 2580 continue; |
2480 EXPECT_FALSE(AesGcmDecrypt(key, test_iv, test_additional_data, | 2581 EXPECT_STATUS_ERROR(AesGcmDecrypt(key, test_iv, test_additional_data, |
2481 wrong_tag_size_bits, test_cipher_text, | 2582 wrong_tag_size_bits, test_cipher_text, |
2482 test_authentication_tag, &plain_text)); | 2583 test_authentication_tag, &plain_text)); |
2483 } | 2584 } |
2484 } | 2585 } |
2485 } | 2586 } |
2486 | 2587 |
2487 } // namespace content | 2588 } // namespace content |
OLD | NEW |