Index: content/renderer/webcrypto/webcrypto_impl_unittest.cc |
diff --git a/content/renderer/webcrypto/webcrypto_impl_unittest.cc b/content/renderer/webcrypto/webcrypto_impl_unittest.cc |
index 1c8cb9881b5f8e9f4e3089cd4225f5bf131febe0..bdf13a3d47f3bd709814e3b0c96ccfee5e64371b 100644 |
--- a/content/renderer/webcrypto/webcrypto_impl_unittest.cc |
+++ b/content/renderer/webcrypto/webcrypto_impl_unittest.cc |
@@ -1,4 +1,4 @@ |
-// Copyright 2013 The Chromium Authors. All rights reserved. |
+// Copyright 2014 The Chromium Authors. All rights reserved. |
// Use of this source code is governed by a BSD-style license that can be |
// found in the LICENSE file. |
@@ -30,8 +30,19 @@ |
#define MAYBE(test_name) test_name |
#endif |
+// Helper macros to verify the value of a Status. |
+#define EXPECT_STATUS_ERROR(code) EXPECT_FALSE((code).IsSuccess()) |
+#define EXPECT_STATUS(expected, code) \ |
+ EXPECT_EQ(expected.ToString(), (code).ToString()) |
+#define ASSERT_STATUS(expected, code) \ |
+ ASSERT_EQ(expected.ToString(), (code).ToString()) |
+#define EXPECT_STATUS_SUCCESS(code) EXPECT_STATUS(Status::Success(), code) |
+#define ASSERT_STATUS_SUCCESS(code) ASSERT_STATUS(Status::Success(), code) |
+ |
namespace content { |
+using webcrypto::Status; |
+ |
namespace { |
// Returns a slightly modified version of the input vector. |
@@ -220,13 +231,14 @@ class WebCryptoImplTest : public testing::Test { |
blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
bool extractable = true; |
- EXPECT_TRUE(crypto_.ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
- webcrypto::Uint8VectorStart(key_raw), |
- key_raw.size(), |
- algorithm, |
- extractable, |
- usage, |
- &key)); |
+ EXPECT_STATUS_SUCCESS( |
+ crypto_.ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
+ webcrypto::Uint8VectorStart(key_raw), |
+ key_raw.size(), |
+ algorithm, |
+ extractable, |
+ usage, |
+ &key)); |
EXPECT_FALSE(key.isNull()); |
EXPECT_TRUE(key.handle()); |
@@ -245,7 +257,7 @@ class WebCryptoImplTest : public testing::Test { |
blink::WebCryptoKeyUsageMask usage_mask, |
blink::WebCryptoKey* public_key, |
blink::WebCryptoKey* private_key) { |
- EXPECT_TRUE(ImportKeyInternal( |
+ EXPECT_STATUS_SUCCESS(ImportKeyInternal( |
blink::WebCryptoKeyFormatSpki, |
HexStringToBytes(spki_der_hex), |
algorithm, |
@@ -259,7 +271,7 @@ class WebCryptoImplTest : public testing::Test { |
EXPECT_EQ(extractable, extractable); |
EXPECT_EQ(usage_mask, public_key->usages()); |
- EXPECT_TRUE(ImportKeyInternal( |
+ EXPECT_STATUS_SUCCESS(ImportKeyInternal( |
blink::WebCryptoKeyFormatPkcs8, |
HexStringToBytes(pkcs8_der_hex), |
algorithm, |
@@ -280,7 +292,7 @@ class WebCryptoImplTest : public testing::Test { |
std::vector<uint8> key_raw(16, 0); |
blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
- return crypto_.ImportKeyInternal( |
+ Status status = crypto_.ImportKeyInternal( |
blink::WebCryptoKeyFormatRaw, |
webcrypto::Uint8VectorStart(key_raw), |
key_raw.size(), |
@@ -288,25 +300,33 @@ class WebCryptoImplTest : public testing::Test { |
true, |
blink::WebCryptoKeyUsageEncrypt, |
&key); |
+ |
+ if (status.IsError()) { |
+ EXPECT_EQ(Status::ErrorUnsupported().ToString(), status.ToString()); |
+ } |
+ return status.IsSuccess(); |
+ |
} |
- bool AesGcmEncrypt(const blink::WebCryptoKey& key, |
- const std::vector<uint8>& iv, |
- const std::vector<uint8>& additional_data, |
- unsigned tag_length_bits, |
- const std::vector<uint8>& plain_text, |
- std::vector<uint8>* cipher_text, |
- std::vector<uint8>* authentication_tag) { |
+ Status AesGcmEncrypt(const blink::WebCryptoKey& key, |
+ const std::vector<uint8>& iv, |
+ const std::vector<uint8>& additional_data, |
+ unsigned tag_length_bits, |
+ const std::vector<uint8>& plain_text, |
+ std::vector<uint8>* cipher_text, |
+ std::vector<uint8>* authentication_tag) { |
blink::WebCryptoAlgorithm algorithm = CreateAesGcmAlgorithm( |
iv, additional_data, tag_length_bits); |
blink::WebArrayBuffer output; |
- if (!EncryptInternal(algorithm, key, plain_text, &output)) |
- return false; |
+ Status status = EncryptInternal(algorithm, key, plain_text, &output); |
+ if (status.IsError()) { |
+ return status; |
+ } |
if (output.byteLength() * 8 < tag_length_bits) { |
EXPECT_TRUE(false); |
- return false; |
+ return Status::Error(); |
} |
// The encryption result is cipher text with authentication tag appended. |
@@ -318,16 +338,16 @@ class WebCryptoImplTest : public testing::Test { |
static_cast<uint8*>(output.data()) + cipher_text->size(), |
static_cast<uint8*>(output.data()) + output.byteLength()); |
- return true; |
+ return Status::Success(); |
} |
- bool AesGcmDecrypt(const blink::WebCryptoKey& key, |
- const std::vector<uint8>& iv, |
- const std::vector<uint8>& additional_data, |
- unsigned tag_length_bits, |
- const std::vector<uint8>& cipher_text, |
- const std::vector<uint8>& authentication_tag, |
- blink::WebArrayBuffer* plain_text) { |
+ Status AesGcmDecrypt(const blink::WebCryptoKey& key, |
+ const std::vector<uint8>& iv, |
+ const std::vector<uint8>& additional_data, |
+ unsigned tag_length_bits, |
+ const std::vector<uint8>& cipher_text, |
+ const std::vector<uint8>& authentication_tag, |
+ blink::WebArrayBuffer* plain_text) { |
blink::WebCryptoAlgorithm algorithm = CreateAesGcmAlgorithm( |
iv, additional_data, tag_length_bits); |
@@ -347,7 +367,7 @@ class WebCryptoImplTest : public testing::Test { |
// Forwarding methods to gain access to protected methods of |
// WebCryptoImpl. |
- bool DigestInternal( |
+ Status DigestInternal( |
const blink::WebCryptoAlgorithm& algorithm, |
const std::vector<uint8>& data, |
blink::WebArrayBuffer* buffer) { |
@@ -355,15 +375,16 @@ class WebCryptoImplTest : public testing::Test { |
algorithm, webcrypto::Uint8VectorStart(data), data.size(), buffer); |
} |
- bool GenerateKeyInternal( |
+ Status GenerateKeyInternal( |
const blink::WebCryptoAlgorithm& algorithm, |
blink::WebCryptoKey* key) { |
bool extractable = true; |
blink::WebCryptoKeyUsageMask usage_mask = 0; |
- return crypto_.GenerateKeyInternal(algorithm, extractable, usage_mask, key); |
+ return crypto_.GenerateKeyInternal( |
+ algorithm, extractable, usage_mask, key); |
} |
- bool GenerateKeyPairInternal( |
+ Status GenerateKeyPairInternal( |
const blink::WebCryptoAlgorithm& algorithm, |
bool extractable, |
blink::WebCryptoKeyUsageMask usage_mask, |
@@ -373,7 +394,7 @@ class WebCryptoImplTest : public testing::Test { |
algorithm, extractable, usage_mask, public_key, private_key); |
} |
- bool ImportKeyInternal( |
+ Status ImportKeyInternal( |
blink::WebCryptoKeyFormat format, |
const std::vector<uint8>& key_data, |
const blink::WebCryptoAlgorithm& algorithm, |
@@ -389,14 +410,14 @@ class WebCryptoImplTest : public testing::Test { |
key); |
} |
- bool ExportKeyInternal( |
+ Status ExportKeyInternal( |
blink::WebCryptoKeyFormat format, |
const blink::WebCryptoKey& key, |
blink::WebArrayBuffer* buffer) { |
return crypto_.ExportKeyInternal(format, key, buffer); |
} |
- bool SignInternal( |
+ Status SignInternal( |
const blink::WebCryptoAlgorithm& algorithm, |
const blink::WebCryptoKey& key, |
const std::vector<uint8>& data, |
@@ -405,7 +426,7 @@ class WebCryptoImplTest : public testing::Test { |
algorithm, key, webcrypto::Uint8VectorStart(data), data.size(), buffer); |
} |
- bool VerifySignatureInternal( |
+ Status VerifySignatureInternal( |
const blink::WebCryptoAlgorithm& algorithm, |
const blink::WebCryptoKey& key, |
const unsigned char* signature, |
@@ -421,7 +442,7 @@ class WebCryptoImplTest : public testing::Test { |
signature_match); |
} |
- bool VerifySignatureInternal( |
+ Status VerifySignatureInternal( |
const blink::WebCryptoAlgorithm& algorithm, |
const blink::WebCryptoKey& key, |
const std::vector<uint8>& signature, |
@@ -437,7 +458,7 @@ class WebCryptoImplTest : public testing::Test { |
signature_match); |
} |
- bool EncryptInternal( |
+ Status EncryptInternal( |
const blink::WebCryptoAlgorithm& algorithm, |
const blink::WebCryptoKey& key, |
const unsigned char* data, |
@@ -446,7 +467,7 @@ class WebCryptoImplTest : public testing::Test { |
return crypto_.EncryptInternal(algorithm, key, data, data_size, buffer); |
} |
- bool EncryptInternal( |
+ Status EncryptInternal( |
const blink::WebCryptoAlgorithm& algorithm, |
const blink::WebCryptoKey& key, |
const std::vector<uint8>& data, |
@@ -455,7 +476,7 @@ class WebCryptoImplTest : public testing::Test { |
algorithm, key, webcrypto::Uint8VectorStart(data), data.size(), buffer); |
} |
- bool DecryptInternal( |
+ Status DecryptInternal( |
const blink::WebCryptoAlgorithm& algorithm, |
const blink::WebCryptoKey& key, |
const unsigned char* data, |
@@ -464,7 +485,7 @@ class WebCryptoImplTest : public testing::Test { |
return crypto_.DecryptInternal(algorithm, key, data, data_size, buffer); |
} |
- bool DecryptInternal( |
+ Status DecryptInternal( |
const blink::WebCryptoAlgorithm& algorithm, |
const blink::WebCryptoKey& key, |
const std::vector<uint8>& data, |
@@ -473,7 +494,7 @@ class WebCryptoImplTest : public testing::Test { |
algorithm, key, webcrypto::Uint8VectorStart(data), data.size(), buffer); |
} |
- bool ImportKeyJwk( |
+ Status ImportKeyJwk( |
const std::vector<uint8>& key_data, |
const blink::WebCryptoAlgorithm& algorithm, |
bool extractable, |
@@ -491,6 +512,13 @@ class WebCryptoImplTest : public testing::Test { |
WebCryptoImpl crypto_; |
}; |
+TEST_F(WebCryptoImplTest, StatusToString) { |
+ EXPECT_EQ("Success", Status::Success().ToString()); |
+ EXPECT_EQ("", Status::Error().ToString()); |
+ EXPECT_EQ("The requested operation is unsupported", |
+ Status::ErrorUnsupported().ToString()); |
+} |
+ |
TEST_F(WebCryptoImplTest, DigestSampleSets) { |
// The results are stored here in hex format for readability. |
// |
@@ -568,7 +596,7 @@ TEST_F(WebCryptoImplTest, DigestSampleSets) { |
std::vector<uint8> input = HexStringToBytes(test.hex_input); |
blink::WebArrayBuffer output; |
- ASSERT_TRUE(DigestInternal(algorithm, input, &output)); |
+ ASSERT_STATUS_SUCCESS(DigestInternal(algorithm, input, &output)); |
ExpectArrayBufferMatchesHex(test.hex_result, output); |
} |
} |
@@ -719,19 +747,20 @@ TEST_F(WebCryptoImplTest, HMACSampleSets) { |
// Verify exported raw key is identical to the imported data |
blink::WebArrayBuffer raw_key; |
- EXPECT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
+ EXPECT_STATUS_SUCCESS( |
+ ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
ExpectArrayBufferMatchesHex(test.key, raw_key); |
std::vector<uint8> message_raw = HexStringToBytes(test.message); |
blink::WebArrayBuffer output; |
- ASSERT_TRUE(SignInternal(algorithm, key, message_raw, &output)); |
+ ASSERT_STATUS_SUCCESS(SignInternal(algorithm, key, message_raw, &output)); |
ExpectArrayBufferMatchesHex(test.mac, output); |
bool signature_match = false; |
- EXPECT_TRUE(VerifySignatureInternal( |
+ EXPECT_STATUS_SUCCESS(VerifySignatureInternal( |
algorithm, |
key, |
static_cast<const unsigned char*>(output.data()), |
@@ -741,7 +770,7 @@ TEST_F(WebCryptoImplTest, HMACSampleSets) { |
EXPECT_TRUE(signature_match); |
// Ensure truncated signature does not verify by passing one less byte. |
- EXPECT_TRUE(VerifySignatureInternal( |
+ EXPECT_STATUS_SUCCESS(VerifySignatureInternal( |
algorithm, |
key, |
static_cast<const unsigned char*>(output.data()), |
@@ -750,9 +779,19 @@ TEST_F(WebCryptoImplTest, HMACSampleSets) { |
&signature_match)); |
EXPECT_FALSE(signature_match); |
+ // Ensure truncated signature does not verify by passing no bytes. |
+ EXPECT_STATUS_SUCCESS(VerifySignatureInternal( |
+ algorithm, |
+ key, |
+ NULL, |
+ 0, |
+ message_raw, |
+ &signature_match)); |
+ EXPECT_FALSE(signature_match); |
+ |
// Ensure extra long signature does not cause issues and fails. |
const unsigned char kLongSignature[1024] = { 0 }; |
- EXPECT_TRUE(VerifySignatureInternal( |
+ EXPECT_STATUS_SUCCESS(VerifySignatureInternal( |
algorithm, |
key, |
kLongSignature, |
@@ -772,7 +811,8 @@ TEST_F(WebCryptoImplTest, AesCbcFailures) { |
// Verify exported raw key is identical to the imported data |
blink::WebArrayBuffer raw_key; |
- EXPECT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
+ EXPECT_STATUS_SUCCESS( |
+ ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
ExpectArrayBufferMatchesHex(key_hex, raw_key); |
blink::WebArrayBuffer output; |
@@ -781,9 +821,9 @@ TEST_F(WebCryptoImplTest, AesCbcFailures) { |
{ |
std::vector<uint8> input(32); |
std::vector<uint8> iv; |
- EXPECT_FALSE(EncryptInternal( |
+ EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), EncryptInternal( |
webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); |
- EXPECT_FALSE(DecryptInternal( |
+ EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), DecryptInternal( |
webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); |
} |
@@ -791,9 +831,9 @@ TEST_F(WebCryptoImplTest, AesCbcFailures) { |
{ |
std::vector<uint8> input(32); |
std::vector<uint8> iv(17); |
- EXPECT_FALSE(EncryptInternal( |
+ EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), EncryptInternal( |
webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); |
- EXPECT_FALSE(DecryptInternal( |
+ EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), DecryptInternal( |
webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); |
} |
@@ -808,9 +848,9 @@ TEST_F(WebCryptoImplTest, AesCbcFailures) { |
const unsigned char* input = &iv[0]; |
unsigned input_len = INT_MAX - 3; |
- EXPECT_FALSE(EncryptInternal( |
+ EXPECT_STATUS(Status::ErrorDataTooLarge(), EncryptInternal( |
webcrypto::CreateAesCbcAlgorithm(iv), key, input, input_len, &output)); |
- EXPECT_FALSE(DecryptInternal( |
+ EXPECT_STATUS(Status::ErrorDataTooLarge(), DecryptInternal( |
webcrypto::CreateAesCbcAlgorithm(iv), key, input, input_len, &output)); |
} |
@@ -820,18 +860,25 @@ TEST_F(WebCryptoImplTest, AesCbcFailures) { |
std::vector<uint8> iv(16); |
blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
- EXPECT_FALSE(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
- key_raw, |
- webcrypto::CreateAesCbcAlgorithm(iv), |
- true, |
- blink::WebCryptoKeyUsageEncrypt, |
- &key)); |
+ EXPECT_STATUS( |
+ Status::Error(), |
+ ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
+ key_raw, |
+ webcrypto::CreateAesCbcAlgorithm(iv), |
+ true, |
+ blink::WebCryptoKeyUsageEncrypt, |
+ &key)); |
} |
+ // TODO(eroman): Enable for OpenSSL once implemented. |
+#if !defined(USE_OPENSSL) |
// Fail exporting the key in SPKI and PKCS#8 formats (not allowed for secret |
// keys). |
- EXPECT_FALSE(ExportKeyInternal(blink::WebCryptoKeyFormatSpki, key, &output)); |
- EXPECT_FALSE(ExportKeyInternal(blink::WebCryptoKeyFormatPkcs8, key, &output)); |
+ EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), |
+ ExportKeyInternal(blink::WebCryptoKeyFormatSpki, key, &output)); |
+ EXPECT_STATUS(Status::ErrorUnsupported(), |
+ ExportKeyInternal(blink::WebCryptoKeyFormatPkcs8, key, &output)); |
+#endif |
} |
TEST_F(WebCryptoImplTest, MAYBE(AesCbcSampleSets)) { |
@@ -923,7 +970,8 @@ TEST_F(WebCryptoImplTest, MAYBE(AesCbcSampleSets)) { |
// Verify exported raw key is identical to the imported data |
blink::WebArrayBuffer raw_key; |
- EXPECT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
+ EXPECT_STATUS_SUCCESS(ExportKeyInternal( |
+ blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
ExpectArrayBufferMatchesHex(test.key, raw_key); |
std::vector<uint8> plain_text = HexStringToBytes(test.plain_text); |
@@ -932,18 +980,22 @@ TEST_F(WebCryptoImplTest, MAYBE(AesCbcSampleSets)) { |
blink::WebArrayBuffer output; |
// Test encryption. |
- EXPECT_TRUE(EncryptInternal(webcrypto::CreateAesCbcAlgorithm(iv), |
- key, |
- plain_text, |
- &output)); |
+ EXPECT_STATUS( |
+ Status::Success(), |
+ EncryptInternal(webcrypto::CreateAesCbcAlgorithm(iv), |
+ key, |
+ plain_text, |
+ &output)); |
ExpectArrayBufferMatchesHex(test.cipher_text, output); |
// Test decryption. |
std::vector<uint8> cipher_text = HexStringToBytes(test.cipher_text); |
- EXPECT_TRUE(DecryptInternal(webcrypto::CreateAesCbcAlgorithm(iv), |
- key, |
- cipher_text, |
- &output)); |
+ EXPECT_STATUS( |
+ Status::Success(), |
+ DecryptInternal(webcrypto::CreateAesCbcAlgorithm(iv), |
+ key, |
+ cipher_text, |
+ &output)); |
ExpectArrayBufferMatchesHex(test.plain_text, output); |
const unsigned kAesCbcBlockSize = 16; |
@@ -951,21 +1003,25 @@ TEST_F(WebCryptoImplTest, MAYBE(AesCbcSampleSets)) { |
// Decrypt with a padding error by stripping the last block. This also ends |
// up testing decryption over empty cipher text. |
if (cipher_text.size() >= kAesCbcBlockSize) { |
- EXPECT_FALSE(DecryptInternal(webcrypto::CreateAesCbcAlgorithm(iv), |
- key, |
- &cipher_text[0], |
- cipher_text.size() - kAesCbcBlockSize, |
- &output)); |
+ EXPECT_STATUS( |
+ Status::Error(), |
+ DecryptInternal(webcrypto::CreateAesCbcAlgorithm(iv), |
+ key, |
+ &cipher_text[0], |
+ cipher_text.size() - kAesCbcBlockSize, |
+ &output)); |
} |
// Decrypt cipher text which is not a multiple of block size by stripping |
// a few bytes off the cipher text. |
if (cipher_text.size() > 3) { |
- EXPECT_FALSE(DecryptInternal(webcrypto::CreateAesCbcAlgorithm(iv), |
- key, |
- &cipher_text[0], |
- cipher_text.size() - 3, |
- &output)); |
+ EXPECT_STATUS( |
+ Status::Error(), |
+ DecryptInternal(webcrypto::CreateAesCbcAlgorithm(iv), |
+ key, |
+ &cipher_text[0], |
+ cipher_text.size() - 3, |
+ &output)); |
} |
} |
} |
@@ -988,10 +1044,10 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyAes)) { |
// Generate a small sample of keys. |
keys.clear(); |
for (int j = 0; j < 16; ++j) { |
- ASSERT_TRUE(GenerateKeyInternal(algorithm[i], &key)); |
+ ASSERT_STATUS_SUCCESS(GenerateKeyInternal(algorithm[i], &key)); |
EXPECT_TRUE(key.handle()); |
EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
- ASSERT_TRUE( |
+ ASSERT_STATUS_SUCCESS( |
ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &key_bytes)); |
keys.push_back(key_bytes); |
} |
@@ -1006,11 +1062,11 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyAesBadLength)) { |
blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLen); ++i) { |
SCOPED_TRACE(i); |
- EXPECT_FALSE(GenerateKeyInternal( |
+ EXPECT_STATUS(Status::ErrorGenerateKeyLength(), GenerateKeyInternal( |
CreateAesCbcKeyGenAlgorithm(kKeyLen[i]), &key)); |
- EXPECT_FALSE(GenerateKeyInternal( |
+ EXPECT_STATUS(Status::ErrorGenerateKeyLength(), GenerateKeyInternal( |
CreateAesGcmKeyGenAlgorithm(kKeyLen[i]), &key)); |
- EXPECT_FALSE(GenerateKeyInternal( |
+ EXPECT_STATUS(Status::ErrorGenerateKeyLength(), GenerateKeyInternal( |
CreateAesKwKeyGenAlgorithm(kKeyLen[i]), &key)); |
} |
} |
@@ -1023,14 +1079,15 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyHmac)) { |
blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
blink::WebCryptoAlgorithm algorithm = webcrypto::CreateHmacKeyGenAlgorithm( |
blink::WebCryptoAlgorithmIdSha1, 64); |
- ASSERT_TRUE(GenerateKeyInternal(algorithm, &key)); |
+ ASSERT_STATUS_SUCCESS(GenerateKeyInternal(algorithm, &key)); |
EXPECT_FALSE(key.isNull()); |
EXPECT_TRUE(key.handle()); |
EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); |
blink::WebArrayBuffer raw_key; |
- ASSERT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
+ ASSERT_STATUS_SUCCESS( |
+ ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
EXPECT_EQ(64U, raw_key.byteLength()); |
keys.push_back(raw_key); |
} |
@@ -1044,18 +1101,20 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyHmacNoLength)) { |
blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
blink::WebCryptoAlgorithm algorithm = |
webcrypto::CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 0); |
- ASSERT_TRUE(GenerateKeyInternal(algorithm, &key)); |
+ ASSERT_STATUS_SUCCESS(GenerateKeyInternal(algorithm, &key)); |
EXPECT_TRUE(key.handle()); |
EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
blink::WebArrayBuffer raw_key; |
- ASSERT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
+ ASSERT_STATUS_SUCCESS( |
+ ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
EXPECT_EQ(64U, raw_key.byteLength()); |
// The block size for HMAC SHA-512 is larger. |
algorithm = webcrypto::CreateHmacKeyGenAlgorithm( |
blink::WebCryptoAlgorithmIdSha512, 0); |
- ASSERT_TRUE(GenerateKeyInternal(algorithm, &key)); |
- ASSERT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
+ ASSERT_STATUS_SUCCESS(GenerateKeyInternal(algorithm, &key)); |
+ ASSERT_STATUS_SUCCESS( |
+ ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
EXPECT_EQ(128U, raw_key.byteLength()); |
} |
@@ -1063,7 +1122,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportSecretKeyNoAlgorithm)) { |
blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
// This fails because the algorithm is null. |
- EXPECT_FALSE(ImportKeyInternal( |
+ EXPECT_STATUS(Status::ErrorMissingAlgorithmImportRawKey(), ImportKeyInternal( |
blink::WebCryptoKeyFormatRaw, |
HexStringToBytes("00000000000000000000"), |
blink::WebCryptoAlgorithm::createNull(), |
@@ -1086,11 +1145,11 @@ TEST_F(WebCryptoImplTest, ImportJwkFailures) { |
// complete. |
base::DictionaryValue dict; |
RestoreJwkOctDictionary(&dict); |
- EXPECT_TRUE(ImportKeyJwk( |
+ EXPECT_STATUS_SUCCESS(ImportKeyJwk( |
MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
// Fail on empty JSON. |
- EXPECT_FALSE(ImportKeyJwk( |
+ EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), ImportKeyJwk( |
MakeJsonVector(""), algorithm, false, usage_mask, &key)); |
// Fail on invalid JSON. |
@@ -1100,38 +1159,41 @@ TEST_F(WebCryptoImplTest, ImportJwkFailures) { |
"\"alg\" : \"HS256\"," |
"\"use\" : " |
); |
- EXPECT_FALSE(ImportKeyJwk(bad_json_vec, algorithm, false, usage_mask, &key)); |
+ EXPECT_STATUS(Status::ErrorJwkNotDictionary(), |
+ ImportKeyJwk(bad_json_vec, algorithm, false, usage_mask, &key)); |
// Fail on JWK alg present but unrecognized. |
dict.SetString("alg", "A127CBC"); |
- EXPECT_FALSE(ImportKeyJwk( |
+ EXPECT_STATUS(Status::ErrorJwkUnrecognizedAlgorithm(), ImportKeyJwk( |
MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
RestoreJwkOctDictionary(&dict); |
// Fail on both JWK and input algorithm missing. |
dict.Remove("alg", NULL); |
- EXPECT_FALSE(ImportKeyJwk(MakeJsonVector(dict), |
- blink::WebCryptoAlgorithm::createNull(), |
- false, |
- usage_mask, |
- &key)); |
+ EXPECT_STATUS( |
+ Status::ErrorJwkAlgorithmMissing(), |
+ ImportKeyJwk(MakeJsonVector(dict), |
+ blink::WebCryptoAlgorithm::createNull(), |
+ false, |
+ usage_mask, |
+ &key)); |
RestoreJwkOctDictionary(&dict); |
// Fail on invalid kty. |
dict.SetString("kty", "foo"); |
- EXPECT_FALSE(ImportKeyJwk( |
+ EXPECT_STATUS(Status::ErrorJwkUnrecognizedKty(), ImportKeyJwk( |
MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
RestoreJwkOctDictionary(&dict); |
// Fail on missing kty. |
dict.Remove("kty", NULL); |
- EXPECT_FALSE(ImportKeyJwk( |
+ EXPECT_STATUS(Status::ErrorJwkMissingKty(), ImportKeyJwk( |
MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
RestoreJwkOctDictionary(&dict); |
// Fail on invalid use. |
dict.SetString("use", "foo"); |
- EXPECT_FALSE(ImportKeyJwk( |
+ EXPECT_STATUS(Status::ErrorJwkUnrecognizedUsage(), ImportKeyJwk( |
MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
RestoreJwkOctDictionary(&dict); |
} |
@@ -1146,7 +1208,7 @@ TEST_F(WebCryptoImplTest, ImportJwkOctFailures) { |
blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
// Baseline pass. |
- EXPECT_TRUE(ImportKeyJwk( |
+ EXPECT_STATUS_SUCCESS(ImportKeyJwk( |
MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
EXPECT_EQ(algorithm.id(), key.algorithm().id()); |
EXPECT_FALSE(key.extractable()); |
@@ -1157,26 +1219,28 @@ TEST_F(WebCryptoImplTest, ImportJwkOctFailures) { |
// Fail on missing k. |
dict.Remove("k", NULL); |
- EXPECT_FALSE(ImportKeyJwk( |
+ EXPECT_STATUS(Status::ErrorJwkDecodeK(), ImportKeyJwk( |
MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
RestoreJwkOctDictionary(&dict); |
// Fail on bad b64 encoding for k. |
dict.SetString("k", "Qk3f0DsytU8lfza2au #$% Htaw2xpop9GYyTuH0p5GghxTI="); |
- EXPECT_FALSE(ImportKeyJwk( |
+ EXPECT_STATUS(Status::ErrorJwkDecodeK(), ImportKeyJwk( |
MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
RestoreJwkOctDictionary(&dict); |
// Fail on empty k. |
dict.SetString("k", ""); |
- EXPECT_FALSE(ImportKeyJwk( |
+ EXPECT_STATUS(Status::ErrorJwkDecodeK(), ImportKeyJwk( |
MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
RestoreJwkOctDictionary(&dict); |
// Fail on k actual length (120 bits) inconsistent with the embedded JWK alg |
// value (128) for an AES key. |
dict.SetString("k", "AVj42h0Y5aqGtE3yluKL"); |
- EXPECT_FALSE(ImportKeyJwk( |
+ // TODO(eroman): This is failing for a different reason than the test |
+ // expects. |
+ EXPECT_STATUS(Status::Error(), ImportKeyJwk( |
MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
RestoreJwkOctDictionary(&dict); |
} |
@@ -1197,7 +1261,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkRsaFailures)) { |
// section 6.3. |
// Baseline pass. |
- EXPECT_TRUE(ImportKeyJwk( |
+ EXPECT_STATUS_SUCCESS(ImportKeyJwk( |
MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
EXPECT_EQ(algorithm.id(), key.algorithm().id()); |
EXPECT_FALSE(key.extractable()); |
@@ -1212,19 +1276,19 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkRsaFailures)) { |
// Fail on missing parameter. |
dict.Remove(kKtyParmName[idx], NULL); |
- EXPECT_FALSE(ImportKeyJwk( |
+ EXPECT_STATUS_ERROR(ImportKeyJwk( |
MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
RestoreJwkRsaDictionary(&dict); |
// Fail on bad b64 parameter encoding. |
dict.SetString(kKtyParmName[idx], "Qk3f0DsytU8lfza2au #$% Htaw2xpop9yTuH0"); |
- EXPECT_FALSE(ImportKeyJwk( |
+ EXPECT_STATUS_ERROR(ImportKeyJwk( |
MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
RestoreJwkRsaDictionary(&dict); |
// Fail on empty parameter. |
dict.SetString(kKtyParmName[idx], ""); |
- EXPECT_FALSE(ImportKeyJwk( |
+ EXPECT_STATUS_ERROR(ImportKeyJwk( |
MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
RestoreJwkRsaDictionary(&dict); |
} |
@@ -1232,7 +1296,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkRsaFailures)) { |
// Fail if "d" parameter is present, implying the JWK is a private key, which |
// is not supported. |
dict.SetString("d", "Qk3f0Dsyt"); |
- EXPECT_FALSE(ImportKeyJwk( |
+ EXPECT_STATUS(Status::ErrorJwkRsaPrivateKeyUnsupported(), ImportKeyJwk( |
MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
RestoreJwkRsaDictionary(&dict); |
} |
@@ -1251,7 +1315,8 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkInputConsistency)) { |
dict.SetString("kty", "oct"); |
dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); |
std::vector<uint8> json_vec = MakeJsonVector(dict); |
- EXPECT_TRUE(ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key)); |
+ EXPECT_STATUS_SUCCESS(ImportKeyJwk( |
+ json_vec, algorithm, extractable, usage_mask, &key)); |
EXPECT_TRUE(key.handle()); |
EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
EXPECT_EQ(extractable, key.extractable()); |
@@ -1271,28 +1336,31 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkInputConsistency)) { |
dict.SetBoolean("extractable", false); |
dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); |
json_vec = MakeJsonVector(dict); |
- EXPECT_TRUE(ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key)); |
+ EXPECT_STATUS_SUCCESS( |
+ ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key)); |
// Extractable cases: |
// 1. input=T, JWK=F ==> fail (inconsistent) |
// 4. input=F, JWK=F ==> pass, result extractable is F |
// 2. input=T, JWK=T ==> pass, result extractable is T |
// 3. input=F, JWK=T ==> pass, result extractable is F |
- EXPECT_FALSE(ImportKeyJwk(json_vec, algorithm, true, usage_mask, &key)); |
- EXPECT_TRUE(ImportKeyJwk(json_vec, algorithm, false, usage_mask, &key)); |
+ EXPECT_STATUS(Status::ErrorJwkExtractableInconsistent(), |
+ ImportKeyJwk(json_vec, algorithm, true, usage_mask, &key)); |
+ EXPECT_STATUS_SUCCESS( |
+ ImportKeyJwk(json_vec, algorithm, false, usage_mask, &key)); |
EXPECT_FALSE(key.extractable()); |
dict.SetBoolean("extractable", true); |
- EXPECT_TRUE( |
+ EXPECT_STATUS_SUCCESS( |
ImportKeyJwk(MakeJsonVector(dict), algorithm, true, usage_mask, &key)); |
EXPECT_TRUE(key.extractable()); |
- EXPECT_TRUE( |
+ EXPECT_STATUS_SUCCESS( |
ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
EXPECT_FALSE(key.extractable()); |
dict.SetBoolean("extractable", true); // restore previous value |
// Fail: Input algorithm (AES-CBC) is inconsistent with JWK value |
// (HMAC SHA256). |
- EXPECT_FALSE(ImportKeyJwk( |
+ EXPECT_STATUS(Status::ErrorJwkAlgorithmInconsistent(), ImportKeyJwk( |
json_vec, |
webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
extractable, |
@@ -1301,7 +1369,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkInputConsistency)) { |
// Fail: Input algorithm (HMAC SHA1) is inconsistent with JWK value |
// (HMAC SHA256). |
- EXPECT_FALSE(ImportKeyJwk( |
+ EXPECT_STATUS(Status::ErrorJwkAlgorithmInconsistent(), ImportKeyJwk( |
json_vec, |
webcrypto::CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha1), |
extractable, |
@@ -1309,16 +1377,16 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkInputConsistency)) { |
&key)); |
// Pass: JWK alg valid but input algorithm isNull: use JWK algorithm value. |
- EXPECT_TRUE(ImportKeyJwk(json_vec, |
- blink::WebCryptoAlgorithm::createNull(), |
- extractable, |
- usage_mask, |
- &key)); |
+ EXPECT_STATUS_SUCCESS(ImportKeyJwk(json_vec, |
+ blink::WebCryptoAlgorithm::createNull(), |
+ extractable, |
+ usage_mask, |
+ &key)); |
EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); |
// Pass: JWK alg missing but input algorithm specified: use input value |
dict.Remove("alg", NULL); |
- EXPECT_TRUE(ImportKeyJwk( |
+ EXPECT_STATUS_SUCCESS(ImportKeyJwk( |
MakeJsonVector(dict), |
webcrypto::CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256), |
extractable, |
@@ -1329,16 +1397,16 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkInputConsistency)) { |
// Fail: Input usage_mask (encrypt) is not a subset of the JWK value |
// (sign|verify) |
- EXPECT_FALSE(ImportKeyJwk( |
+ EXPECT_STATUS(Status::ErrorJwkUsageInconsistent(), ImportKeyJwk( |
json_vec, algorithm, extractable, blink::WebCryptoKeyUsageEncrypt, &key)); |
// Fail: Input usage_mask (encrypt|sign|verify) is not a subset of the JWK |
// value (sign|verify) |
usage_mask = blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageSign | |
blink::WebCryptoKeyUsageVerify; |
- EXPECT_FALSE( |
+ EXPECT_STATUS( |
+ Status::ErrorJwkUsageInconsistent(), |
ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key)); |
- usage_mask = blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify; |
// TODO(padolph): kty vs alg consistency tests: Depending on the kty value, |
// only certain alg values are permitted. For example, when kty = "RSA" alg |
@@ -1368,7 +1436,8 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkHappy)) { |
dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); |
std::vector<uint8> json_vec = MakeJsonVector(dict); |
- ASSERT_TRUE(ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key)); |
+ ASSERT_STATUS_SUCCESS(ImportKeyJwk( |
+ json_vec, algorithm, extractable, usage_mask, &key)); |
const std::vector<uint8> message_raw = HexStringToBytes( |
"b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a" |
@@ -1378,7 +1447,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkHappy)) { |
blink::WebArrayBuffer output; |
- ASSERT_TRUE(SignInternal(algorithm, key, message_raw, &output)); |
+ ASSERT_STATUS_SUCCESS(SignInternal(algorithm, key, message_raw, &output)); |
const std::string mac_raw = |
"769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b"; |
@@ -1391,7 +1460,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkHappy)) { |
TEST_F(WebCryptoImplTest, MAYBE(ImportExportSpki)) { |
// Passing case: Import a valid RSA key in SPKI format. |
blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
- ASSERT_TRUE(ImportKeyInternal( |
+ ASSERT_STATUS_SUCCESS(ImportKeyInternal( |
blink::WebCryptoKeyFormatSpki, |
HexStringToBytes(kPublicKeySpkiDerHex), |
webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
@@ -1404,7 +1473,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportExportSpki)) { |
EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); |
// Failing case: Empty SPKI data |
- EXPECT_FALSE(ImportKeyInternal( |
+ EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), ImportKeyInternal( |
blink::WebCryptoKeyFormatSpki, |
std::vector<uint8>(), |
blink::WebCryptoAlgorithm::createNull(), |
@@ -1415,7 +1484,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportExportSpki)) { |
// Failing case: Import RSA key with NULL input algorithm. This is not |
// allowed because the SPKI ASN.1 format for RSA keys is not specific enough |
// to map to a Web Crypto algorithm. |
- EXPECT_FALSE(ImportKeyInternal( |
+ EXPECT_STATUS(Status::Error(), ImportKeyInternal( |
blink::WebCryptoKeyFormatSpki, |
HexStringToBytes(kPublicKeySpkiDerHex), |
blink::WebCryptoAlgorithm::createNull(), |
@@ -1424,7 +1493,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportExportSpki)) { |
&key)); |
// Failing case: Bad DER encoding. |
- EXPECT_FALSE(ImportKeyInternal( |
+ EXPECT_STATUS(Status::Error(), ImportKeyInternal( |
blink::WebCryptoKeyFormatSpki, |
HexStringToBytes("618333c4cb"), |
webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
@@ -1433,7 +1502,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportExportSpki)) { |
&key)); |
// Failing case: Import RSA key but provide an inconsistent input algorithm. |
- EXPECT_FALSE(ImportKeyInternal( |
+ EXPECT_STATUS(Status::Error(), ImportKeyInternal( |
blink::WebCryptoKeyFormatSpki, |
HexStringToBytes(kPublicKeySpkiDerHex), |
webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
@@ -1444,15 +1513,17 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportExportSpki)) { |
// Passing case: Export a previously imported RSA public key in SPKI format |
// and compare to original data. |
blink::WebArrayBuffer output; |
- ASSERT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatSpki, key, &output)); |
+ ASSERT_STATUS_SUCCESS( |
+ ExportKeyInternal(blink::WebCryptoKeyFormatSpki, key, &output)); |
ExpectArrayBufferMatchesHex(kPublicKeySpkiDerHex, output); |
// Failing case: Try to export a previously imported RSA public key in raw |
// format (not allowed for a public key). |
- EXPECT_FALSE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &output)); |
+ EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), |
+ ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &output)); |
// Failing case: Try to export a non-extractable key |
- ASSERT_TRUE(ImportKeyInternal( |
+ ASSERT_STATUS_SUCCESS(ImportKeyInternal( |
blink::WebCryptoKeyFormatSpki, |
HexStringToBytes(kPublicKeySpkiDerHex), |
webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
@@ -1461,13 +1532,14 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportExportSpki)) { |
&key)); |
EXPECT_TRUE(key.handle()); |
EXPECT_FALSE(key.extractable()); |
- EXPECT_FALSE(ExportKeyInternal(blink::WebCryptoKeyFormatSpki, key, &output)); |
+ EXPECT_STATUS(Status::ErrorKeyNotExtractable(), |
+ ExportKeyInternal(blink::WebCryptoKeyFormatSpki, key, &output)); |
} |
TEST_F(WebCryptoImplTest, MAYBE(ImportPkcs8)) { |
// Passing case: Import a valid RSA key in PKCS#8 format. |
blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
- ASSERT_TRUE(ImportKeyInternal( |
+ ASSERT_STATUS_SUCCESS(ImportKeyInternal( |
blink::WebCryptoKeyFormatPkcs8, |
HexStringToBytes(kPrivateKeyPkcs8DerHex), |
webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), |
@@ -1480,7 +1552,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportPkcs8)) { |
EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages()); |
// Failing case: Empty PKCS#8 data |
- EXPECT_FALSE(ImportKeyInternal( |
+ EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), ImportKeyInternal( |
blink::WebCryptoKeyFormatPkcs8, |
std::vector<uint8>(), |
blink::WebCryptoAlgorithm::createNull(), |
@@ -1491,7 +1563,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportPkcs8)) { |
// Failing case: Import RSA key with NULL input algorithm. This is not |
// allowed because the PKCS#8 ASN.1 format for RSA keys is not specific enough |
// to map to a Web Crypto algorithm. |
- EXPECT_FALSE(ImportKeyInternal( |
+ EXPECT_STATUS(Status::Error(), ImportKeyInternal( |
blink::WebCryptoKeyFormatPkcs8, |
HexStringToBytes(kPrivateKeyPkcs8DerHex), |
blink::WebCryptoAlgorithm::createNull(), |
@@ -1500,7 +1572,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportPkcs8)) { |
&key)); |
// Failing case: Bad DER encoding. |
- EXPECT_FALSE(ImportKeyInternal( |
+ EXPECT_STATUS(Status::Error(), ImportKeyInternal( |
blink::WebCryptoKeyFormatPkcs8, |
HexStringToBytes("618333c4cb"), |
webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), |
@@ -1509,7 +1581,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportPkcs8)) { |
&key)); |
// Failing case: Import RSA key but provide an inconsistent input algorithm. |
- EXPECT_FALSE(ImportKeyInternal( |
+ EXPECT_STATUS(Status::Error(), ImportKeyInternal( |
blink::WebCryptoKeyFormatPkcs8, |
HexStringToBytes(kPrivateKeyPkcs8DerHex), |
webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
@@ -1532,7 +1604,7 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) { |
const blink::WebCryptoKeyUsageMask usage_mask = 0; |
blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
- EXPECT_TRUE(GenerateKeyPairInternal( |
+ EXPECT_STATUS_SUCCESS(GenerateKeyPairInternal( |
algorithm, extractable, usage_mask, &public_key, &private_key)); |
EXPECT_FALSE(public_key.isNull()); |
EXPECT_FALSE(private_key.isNull()); |
@@ -1546,7 +1618,7 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) { |
// Fail with bad modulus. |
algorithm = webcrypto::CreateRsaKeyGenAlgorithm( |
blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, 0, public_exponent); |
- EXPECT_FALSE(GenerateKeyPairInternal( |
+ EXPECT_STATUS(Status::ErrorGenerateRsaZeroModulus(), GenerateKeyPairInternal( |
algorithm, extractable, usage_mask, &public_key, &private_key)); |
// Fail with bad exponent: larger than unsigned long. |
@@ -1556,8 +1628,9 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) { |
blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
modulus_length, |
long_exponent); |
- EXPECT_FALSE(GenerateKeyPairInternal( |
- algorithm, extractable, usage_mask, &public_key, &private_key)); |
+ EXPECT_STATUS(Status::ErrorGenerateKeyPublicExponent(), |
+ GenerateKeyPairInternal(algorithm, extractable, usage_mask, &public_key, |
+ &private_key)); |
// Fail with bad exponent: empty. |
const std::vector<uint8> empty_exponent; |
@@ -1565,8 +1638,9 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) { |
blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
modulus_length, |
empty_exponent); |
- EXPECT_FALSE(GenerateKeyPairInternal( |
- algorithm, extractable, usage_mask, &public_key, &private_key)); |
+ EXPECT_STATUS(Status::ErrorGenerateKeyPublicExponent(), |
+ GenerateKeyPairInternal(algorithm, extractable, usage_mask, &public_key, |
+ &private_key)); |
// Fail with bad exponent: all zeros. |
std::vector<uint8> exponent_with_leading_zeros(15, 0x00); |
@@ -1574,8 +1648,9 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) { |
blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
modulus_length, |
exponent_with_leading_zeros); |
- EXPECT_FALSE(GenerateKeyPairInternal( |
- algorithm, extractable, usage_mask, &public_key, &private_key)); |
+ EXPECT_STATUS(Status::ErrorGenerateKeyPublicExponent(), |
+ GenerateKeyPairInternal(algorithm, extractable, usage_mask, &public_key, |
+ &private_key)); |
// Key generation success using exponent with leading zeros. |
exponent_with_leading_zeros.insert(exponent_with_leading_zeros.end(), |
@@ -1585,7 +1660,7 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) { |
blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
modulus_length, |
exponent_with_leading_zeros); |
- EXPECT_TRUE(GenerateKeyPairInternal( |
+ EXPECT_STATUS_SUCCESS(GenerateKeyPairInternal( |
algorithm, extractable, usage_mask, &public_key, &private_key)); |
EXPECT_FALSE(public_key.isNull()); |
EXPECT_FALSE(private_key.isNull()); |
@@ -1599,7 +1674,7 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) { |
// Successful WebCryptoAlgorithmIdRsaOaep key generation. |
algorithm = webcrypto::CreateRsaKeyGenAlgorithm( |
blink::WebCryptoAlgorithmIdRsaOaep, modulus_length, public_exponent); |
- EXPECT_TRUE(GenerateKeyPairInternal( |
+ EXPECT_STATUS_SUCCESS(GenerateKeyPairInternal( |
algorithm, extractable, usage_mask, &public_key, &private_key)); |
EXPECT_FALSE(public_key.isNull()); |
EXPECT_FALSE(private_key.isNull()); |
@@ -1615,7 +1690,7 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) { |
blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
modulus_length, |
public_exponent); |
- EXPECT_TRUE(GenerateKeyPairInternal( |
+ EXPECT_STATUS_SUCCESS(GenerateKeyPairInternal( |
algorithm, extractable, usage_mask, &public_key, &private_key)); |
EXPECT_FALSE(public_key.isNull()); |
EXPECT_FALSE(private_key.isNull()); |
@@ -1630,8 +1705,10 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) { |
// since it is expensive to generate an RSA key pair and we already have a |
// private key here. |
blink::WebArrayBuffer output; |
- EXPECT_FALSE( |
- ExportKeyInternal(blink::WebCryptoKeyFormatSpki, private_key, &output)); |
+ // TODO(eroman): This test is failing for a different reason than expected by |
+ // the test. |
+ EXPECT_STATUS(Status::ErrorKeyNotExtractable(), ExportKeyInternal( |
+ blink::WebCryptoKeyFormatSpki, private_key, &output)); |
} |
TEST_F(WebCryptoImplTest, MAYBE(RsaEsRoundTrip)) { |
@@ -1671,13 +1748,13 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaEsRoundTrip)) { |
blink::WebArrayBuffer decrypted_data; |
for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTestDataHex); ++i) { |
SCOPED_TRACE(i); |
- ASSERT_TRUE(EncryptInternal( |
+ EXPECT_STATUS_SUCCESS(EncryptInternal( |
algorithm, |
public_key, |
HexStringToBytes(kTestDataHex[i]), |
&encrypted_data)); |
- EXPECT_EQ(kModulusLength/8, encrypted_data.byteLength()); |
- ASSERT_TRUE(DecryptInternal( |
+ EXPECT_EQ(kModulusLength / 8, encrypted_data.byteLength()); |
+ ASSERT_STATUS_SUCCESS(DecryptInternal( |
algorithm, |
private_key, |
reinterpret_cast<const unsigned char*>(encrypted_data.data()), |
@@ -1770,7 +1847,7 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaEsKnownAnswer)) { |
// Decrypt the known-good ciphertext with the private key. As a check we must |
// get the known original cleartext. |
blink::WebArrayBuffer decrypted_data; |
- ASSERT_TRUE(DecryptInternal( |
+ ASSERT_STATUS_SUCCESS(DecryptInternal( |
algorithm, |
private_key, |
HexStringToBytes(ciphertext_hex), |
@@ -1780,7 +1857,7 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaEsKnownAnswer)) { |
// Encrypt this decrypted data with the public key. |
blink::WebArrayBuffer encrypted_data; |
- ASSERT_TRUE(EncryptInternal( |
+ ASSERT_STATUS_SUCCESS(EncryptInternal( |
algorithm, |
public_key, |
reinterpret_cast<const unsigned char*>(decrypted_data.data()), |
@@ -1791,7 +1868,7 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaEsKnownAnswer)) { |
// Finally, decrypt the newly encrypted result with the private key, and |
// compare to the known original cleartext. |
decrypted_data.reset(); |
- ASSERT_TRUE(DecryptInternal( |
+ ASSERT_STATUS_SUCCESS(DecryptInternal( |
algorithm, |
private_key, |
reinterpret_cast<const unsigned char*>(encrypted_data.data()), |
@@ -1820,28 +1897,30 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaEsFailures)) { |
blink::WebArrayBuffer encrypted_data; |
const std::string message_hex_str("0102030405060708090a0b0c0d0e0f"); |
const std::vector<uint8> message_hex(HexStringToBytes(message_hex_str)); |
- EXPECT_FALSE( |
+ EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), |
EncryptInternal(algorithm, private_key, message_hex, &encrypted_data)); |
// Fail encrypt with empty message. |
- EXPECT_FALSE(EncryptInternal( |
+ EXPECT_STATUS(Status::Error(), EncryptInternal( |
algorithm, public_key, std::vector<uint8>(), &encrypted_data)); |
// Fail encrypt with message too large. RSAES can operate on messages up to |
// length of k - 11 bytes, where k is the octet length of the RSA modulus. |
const unsigned kMaxMsgSizeBytes = kModulusLength / 8 - 11; |
- EXPECT_FALSE(EncryptInternal(algorithm, |
- public_key, |
- std::vector<uint8>(kMaxMsgSizeBytes + 1, '0'), |
- &encrypted_data)); |
+ EXPECT_STATUS( |
+ Status::ErrorDataTooLarge(), |
+ EncryptInternal(algorithm, |
+ public_key, |
+ std::vector<uint8>(kMaxMsgSizeBytes + 1, '0'), |
+ &encrypted_data)); |
// Generate encrypted data. |
- EXPECT_TRUE( |
+ EXPECT_STATUS(Status::Success(), |
EncryptInternal(algorithm, public_key, message_hex, &encrypted_data)); |
// Fail decrypt with a public key. |
blink::WebArrayBuffer decrypted_data; |
- EXPECT_FALSE(DecryptInternal( |
+ EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), DecryptInternal( |
algorithm, |
public_key, |
reinterpret_cast<const unsigned char*>(encrypted_data.data()), |
@@ -1853,14 +1932,14 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaEsFailures)) { |
static_cast<uint8*>(encrypted_data.data()), |
static_cast<uint8*>(encrypted_data.data()) + encrypted_data.byteLength()); |
corrupted_data[corrupted_data.size() / 2] ^= 0x01; |
- EXPECT_FALSE( |
+ EXPECT_STATUS(Status::Error(), |
DecryptInternal(algorithm, private_key, corrupted_data, &decrypted_data)); |
// TODO(padolph): Are there other specific data corruption scenarios to |
// consider? |
// Do a successful decrypt with good data just for confirmation. |
- EXPECT_TRUE(DecryptInternal( |
+ EXPECT_STATUS_SUCCESS(DecryptInternal( |
algorithm, |
private_key, |
reinterpret_cast<const unsigned char*>(encrypted_data.data()), |
@@ -1890,10 +1969,10 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaSsaSignVerifyFailures)) { |
// Compute a signature. |
const std::vector<uint8> data = HexStringToBytes("010203040506070809"); |
- ASSERT_TRUE(SignInternal(algorithm, private_key, data, &signature)); |
+ ASSERT_STATUS_SUCCESS(SignInternal(algorithm, private_key, data, &signature)); |
// Ensure truncated signature does not verify by passing one less byte. |
- EXPECT_TRUE(VerifySignatureInternal( |
+ EXPECT_STATUS_SUCCESS(VerifySignatureInternal( |
algorithm, |
public_key, |
static_cast<const unsigned char*>(signature.data()), |
@@ -1902,12 +1981,22 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaSsaSignVerifyFailures)) { |
&signature_match)); |
EXPECT_FALSE(signature_match); |
+ // Ensure truncated signature does not verify by passing no bytes. |
+ EXPECT_STATUS_SUCCESS(VerifySignatureInternal( |
+ algorithm, |
+ public_key, |
+ NULL, |
+ 0, |
+ data, |
+ &signature_match)); |
+ EXPECT_FALSE(signature_match); |
+ |
// Ensure corrupted signature does not verify. |
std::vector<uint8> corrupt_sig( |
static_cast<uint8*>(signature.data()), |
static_cast<uint8*>(signature.data()) + signature.byteLength()); |
corrupt_sig[corrupt_sig.size() / 2] ^= 0x1; |
- EXPECT_TRUE(VerifySignatureInternal( |
+ EXPECT_STATUS_SUCCESS(VerifySignatureInternal( |
algorithm, |
public_key, |
webcrypto::Uint8VectorStart(corrupt_sig), |
@@ -1920,7 +2009,7 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaSsaSignVerifyFailures)) { |
const unsigned long_message_size_bytes = 1024; |
DCHECK_GT(long_message_size_bytes, kModulusLength/8); |
const unsigned char kLongSignature[long_message_size_bytes] = { 0 }; |
- EXPECT_TRUE(VerifySignatureInternal( |
+ EXPECT_STATUS_SUCCESS(VerifySignatureInternal( |
algorithm, |
public_key, |
kLongSignature, |
@@ -1930,7 +2019,7 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaSsaSignVerifyFailures)) { |
EXPECT_FALSE(signature_match); |
// Ensure that verifying using a private key, rather than a public key, fails. |
- EXPECT_FALSE(VerifySignatureInternal( |
+ EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), VerifySignatureInternal( |
algorithm, |
private_key, |
static_cast<const unsigned char*>(signature.data()), |
@@ -1939,13 +2028,15 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaSsaSignVerifyFailures)) { |
&signature_match)); |
// Ensure that signing using a public key, rather than a private key, fails. |
- EXPECT_FALSE(SignInternal(algorithm, public_key, data, &signature)); |
+ EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), |
+ SignInternal(algorithm, public_key, data, &signature)); |
// Ensure that signing and verifying with an incompatible algorithm fails. |
algorithm = |
webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
- EXPECT_FALSE(SignInternal(algorithm, private_key, data, &signature)); |
- EXPECT_FALSE(VerifySignatureInternal( |
+ EXPECT_STATUS(Status::ErrorUnsupported(), |
+ SignInternal(algorithm, private_key, data, &signature)); |
+ EXPECT_STATUS(Status::ErrorUnsupported(), VerifySignatureInternal( |
algorithm, |
public_key, |
static_cast<const unsigned char*>(signature.data()), |
@@ -1963,7 +2054,7 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaSsaSignVerifyFailures)) { |
// is specified by the input algorithm (desired), the verify will fail. |
// Compute a signature using SHA-1 as the inner hash. |
- EXPECT_TRUE(SignInternal(CreateRsaAlgorithmWithInnerHash( |
+ EXPECT_STATUS_SUCCESS(SignInternal(CreateRsaAlgorithmWithInnerHash( |
blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
blink::WebCryptoAlgorithmIdSha1), |
private_key, |
@@ -1976,7 +2067,7 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaSsaSignVerifyFailures)) { |
// algorithm has WebCryptoRsaKeyGenParams and not WebCryptoRsaSsaParams. Thus |
// it has no inner hash to conflict with the input algorithm. |
bool is_match; |
- EXPECT_TRUE(VerifySignatureInternal( |
+ EXPECT_STATUS_SUCCESS(VerifySignatureInternal( |
CreateRsaAlgorithmWithInnerHash( |
blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
blink::WebCryptoAlgorithmIdSha256), |
@@ -2209,11 +2300,12 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaSignVerifyKnownAnswer)) { |
const std::vector<uint8> message = HexStringToBytes(test.message_hex); |
signature.reset(); |
- ASSERT_TRUE(SignInternal(algorithm, private_key, message, &signature)); |
+ ASSERT_STATUS_SUCCESS( |
+ SignInternal(algorithm, private_key, message, &signature)); |
ExpectArrayBufferMatchesHex(test.signature_hex, signature); |
bool is_match = false; |
- ASSERT_TRUE(VerifySignatureInternal( |
+ ASSERT_STATUS_SUCCESS(VerifySignatureInternal( |
algorithm, |
public_key, |
HexStringToBytes(test.signature_hex), |
@@ -2230,80 +2322,84 @@ TEST_F(WebCryptoImplTest, MAYBE(AesKwKeyImport)) { |
// Import a 128-bit Key Encryption Key (KEK) |
std::string key_raw_hex_in = "025a8cf3f08b4f6c5f33bbc76a471939"; |
- ASSERT_TRUE(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
- HexStringToBytes(key_raw_hex_in), |
- algorithm, |
- true, |
- blink::WebCryptoKeyUsageWrapKey, |
- &key)); |
+ ASSERT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
+ HexStringToBytes(key_raw_hex_in), |
+ algorithm, |
+ true, |
+ blink::WebCryptoKeyUsageWrapKey, |
+ &key)); |
blink::WebArrayBuffer key_raw_out; |
- EXPECT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, |
- key, |
- &key_raw_out)); |
+ EXPECT_STATUS_SUCCESS(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, |
+ key, |
+ &key_raw_out)); |
ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); |
// Import a 192-bit KEK |
key_raw_hex_in = "c0192c6466b2370decbb62b2cfef4384544ffeb4d2fbc103"; |
- ASSERT_TRUE(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
- HexStringToBytes(key_raw_hex_in), |
- algorithm, |
- true, |
- blink::WebCryptoKeyUsageWrapKey, |
- &key)); |
- EXPECT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, |
- key, |
- &key_raw_out)); |
+ ASSERT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
+ HexStringToBytes(key_raw_hex_in), |
+ algorithm, |
+ true, |
+ blink::WebCryptoKeyUsageWrapKey, |
+ &key)); |
+ EXPECT_STATUS_SUCCESS(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, |
+ key, |
+ &key_raw_out)); |
ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); |
// Import a 256-bit Key Encryption Key (KEK) |
key_raw_hex_in = |
"e11fe66380d90fa9ebefb74e0478e78f95664d0c67ca20ce4a0b5842863ac46f"; |
- ASSERT_TRUE(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
- HexStringToBytes(key_raw_hex_in), |
- algorithm, |
- true, |
- blink::WebCryptoKeyUsageWrapKey, |
- &key)); |
- EXPECT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, |
- key, |
- &key_raw_out)); |
+ ASSERT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
+ HexStringToBytes(key_raw_hex_in), |
+ algorithm, |
+ true, |
+ blink::WebCryptoKeyUsageWrapKey, |
+ &key)); |
+ EXPECT_STATUS_SUCCESS(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, |
+ key, |
+ &key_raw_out)); |
ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); |
// Fail import of 0 length key |
- EXPECT_FALSE(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
- HexStringToBytes(""), |
- algorithm, |
- true, |
- blink::WebCryptoKeyUsageWrapKey, |
- &key)); |
+ EXPECT_STATUS(Status::Error(), |
+ ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
+ HexStringToBytes(""), |
+ algorithm, |
+ true, |
+ blink::WebCryptoKeyUsageWrapKey, |
+ &key)); |
// Fail import of 124-bit KEK |
key_raw_hex_in = "3e4566a2bdaa10cb68134fa66c15ddb"; |
- EXPECT_FALSE(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
- HexStringToBytes(key_raw_hex_in), |
- algorithm, |
- true, |
- blink::WebCryptoKeyUsageWrapKey, |
- &key)); |
+ EXPECT_STATUS(Status::Error(), |
+ ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
+ HexStringToBytes(key_raw_hex_in), |
+ algorithm, |
+ true, |
+ blink::WebCryptoKeyUsageWrapKey, |
+ &key)); |
// Fail import of 200-bit KEK |
key_raw_hex_in = "0a1d88608a5ad9fec64f1ada269ebab4baa2feeb8d95638c0e"; |
- EXPECT_FALSE(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
- HexStringToBytes(key_raw_hex_in), |
- algorithm, |
- true, |
- blink::WebCryptoKeyUsageWrapKey, |
- &key)); |
+ EXPECT_STATUS(Status::Error(), |
+ ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
+ HexStringToBytes(key_raw_hex_in), |
+ algorithm, |
+ true, |
+ blink::WebCryptoKeyUsageWrapKey, |
+ &key)); |
// Fail import of 260-bit KEK |
key_raw_hex_in = |
"72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a"; |
- EXPECT_FALSE(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
- HexStringToBytes(key_raw_hex_in), |
- algorithm, |
- true, |
- blink::WebCryptoKeyUsageWrapKey, |
- &key)); |
+ EXPECT_STATUS(Status::Error(), |
+ ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
+ HexStringToBytes(key_raw_hex_in), |
+ algorithm, |
+ true, |
+ blink::WebCryptoKeyUsageWrapKey, |
+ &key)); |
} |
// TODO(eroman): |
@@ -2425,7 +2521,8 @@ TEST_F(WebCryptoImplTest, MAYBE(AesGcmSampleSets)) { |
// Verify exported raw key is identical to the imported data |
blink::WebArrayBuffer raw_key; |
- EXPECT_TRUE(ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
+ EXPECT_STATUS_SUCCESS(ExportKeyInternal( |
+ blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
ExpectArrayBufferMatchesHex(test.key, raw_key); |
const std::vector<uint8> test_iv = HexStringToBytes(test.iv); |
@@ -2442,34 +2539,38 @@ TEST_F(WebCryptoImplTest, MAYBE(AesGcmSampleSets)) { |
// Test encryption. |
std::vector<uint8> cipher_text; |
std::vector<uint8> authentication_tag; |
- EXPECT_TRUE(AesGcmEncrypt(key, test_iv, test_additional_data, |
- test_tag_size_bits, test_plain_text, |
- &cipher_text, &authentication_tag)); |
+ EXPECT_STATUS_SUCCESS(AesGcmEncrypt(key, test_iv, test_additional_data, |
+ test_tag_size_bits, test_plain_text, |
+ &cipher_text, &authentication_tag)); |
ExpectVectorMatchesHex(test.cipher_text, cipher_text); |
ExpectVectorMatchesHex(test.authentication_tag, authentication_tag); |
// Test decryption. |
blink::WebArrayBuffer plain_text; |
- EXPECT_TRUE(AesGcmDecrypt(key, test_iv, test_additional_data, |
- test_tag_size_bits, test_cipher_text, |
- test_authentication_tag, &plain_text)); |
+ EXPECT_STATUS_SUCCESS(AesGcmDecrypt(key, test_iv, test_additional_data, |
+ test_tag_size_bits, test_cipher_text, |
+ test_authentication_tag, &plain_text)); |
ExpectArrayBufferMatchesHex(test.plain_text, plain_text); |
// Decryption should fail if any of the inputs are tampered with. |
- EXPECT_FALSE(AesGcmDecrypt(key, Corrupted(test_iv), test_additional_data, |
- test_tag_size_bits, test_cipher_text, |
- test_authentication_tag, &plain_text)); |
- EXPECT_FALSE(AesGcmDecrypt(key, test_iv, Corrupted(test_additional_data), |
- test_tag_size_bits, test_cipher_text, |
- test_authentication_tag, &plain_text)); |
- EXPECT_FALSE(AesGcmDecrypt(key, test_iv, test_additional_data, |
- test_tag_size_bits, Corrupted(test_cipher_text), |
- test_authentication_tag, &plain_text)); |
- EXPECT_FALSE(AesGcmDecrypt(key, test_iv, test_additional_data, |
- test_tag_size_bits, test_cipher_text, |
- Corrupted(test_authentication_tag), |
- &plain_text)); |
+ EXPECT_STATUS(Status::Error(), |
+ AesGcmDecrypt(key, Corrupted(test_iv), test_additional_data, |
+ test_tag_size_bits, test_cipher_text, |
+ test_authentication_tag, &plain_text)); |
+ EXPECT_STATUS(Status::Error(), |
+ AesGcmDecrypt(key, test_iv, Corrupted(test_additional_data), |
+ test_tag_size_bits, test_cipher_text, |
+ test_authentication_tag, &plain_text)); |
+ EXPECT_STATUS(Status::Error(), |
+ AesGcmDecrypt(key, test_iv, test_additional_data, |
+ test_tag_size_bits, Corrupted(test_cipher_text), |
+ test_authentication_tag, &plain_text)); |
+ EXPECT_STATUS(Status::Error(), |
+ AesGcmDecrypt(key, test_iv, test_additional_data, |
+ test_tag_size_bits, test_cipher_text, |
+ Corrupted(test_authentication_tag), |
+ &plain_text)); |
// Try different incorrect tag lengths |
uint8 kAlternateTagLengths[] = {8, 96, 120, 128, 160, 255}; |
@@ -2477,9 +2578,9 @@ TEST_F(WebCryptoImplTest, MAYBE(AesGcmSampleSets)) { |
unsigned wrong_tag_size_bits = kAlternateTagLengths[tag_i]; |
if (test_tag_size_bits == wrong_tag_size_bits) |
continue; |
- EXPECT_FALSE(AesGcmDecrypt(key, test_iv, test_additional_data, |
- wrong_tag_size_bits, test_cipher_text, |
- test_authentication_tag, &plain_text)); |
+ EXPECT_STATUS_ERROR(AesGcmDecrypt(key, test_iv, test_additional_data, |
+ wrong_tag_size_bits, test_cipher_text, |
+ test_authentication_tag, &plain_text)); |
} |
} |
} |