OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/renderer/webcrypto/webcrypto_impl.h" | 5 #include "content/renderer/webcrypto/webcrypto_impl.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
(...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
95 dict->SetString("kty", "oct"); | 95 dict->SetString("kty", "oct"); |
96 dict->SetString("alg", "A128CBC"); | 96 dict->SetString("alg", "A128CBC"); |
97 dict->SetString("use", "enc"); | 97 dict->SetString("use", "enc"); |
98 dict->SetBoolean("extractable", false); | 98 dict->SetBoolean("extractable", false); |
99 dict->SetString("k", "GADWrMRHwQfoNaXU5fZvTg=="); | 99 dict->SetString("k", "GADWrMRHwQfoNaXU5fZvTg=="); |
100 } | 100 } |
101 | 101 |
102 blink::WebCryptoAlgorithm CreateAesGcmAlgorithm( | 102 blink::WebCryptoAlgorithm CreateAesGcmAlgorithm( |
103 const std::vector<uint8>& iv, | 103 const std::vector<uint8>& iv, |
104 const std::vector<uint8>& additional_data, | 104 const std::vector<uint8>& additional_data, |
105 unsigned tag_length_bits) { | 105 unsigned int tag_length_bits) { |
106 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( | 106 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( |
107 blink::WebCryptoAlgorithmIdAesGcm, | 107 blink::WebCryptoAlgorithmIdAesGcm, |
108 new blink::WebCryptoAesGcmParams( | 108 new blink::WebCryptoAesGcmParams( |
109 webcrypto::Uint8VectorStart(iv), iv.size(), | 109 webcrypto::Uint8VectorStart(iv), iv.size(), |
110 true, | 110 true, |
111 webcrypto::Uint8VectorStart(additional_data), | 111 webcrypto::Uint8VectorStart(additional_data), |
112 additional_data.size(), | 112 additional_data.size(), |
113 true, tag_length_bits)); | 113 true, tag_length_bits)); |
114 } | 114 } |
115 | 115 |
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
180 blink::WebCryptoAlgorithm CreateAesKwKeyGenAlgorithm( | 180 blink::WebCryptoAlgorithm CreateAesKwKeyGenAlgorithm( |
181 unsigned short key_length_bits) { | 181 unsigned short key_length_bits) { |
182 return CreateAesKeyGenAlgorithm(blink::WebCryptoAlgorithmIdAesKw, | 182 return CreateAesKeyGenAlgorithm(blink::WebCryptoAlgorithmIdAesKw, |
183 key_length_bits); | 183 key_length_bits); |
184 } | 184 } |
185 | 185 |
186 // The following key pair is comprised of the SPKI (public key) and PKCS#8 | 186 // The following key pair is comprised of the SPKI (public key) and PKCS#8 |
187 // (private key) representations of the key pair provided in Example 1 of the | 187 // (private key) representations of the key pair provided in Example 1 of the |
188 // NIST test vectors at | 188 // NIST test vectors at |
189 // ftp://ftp.rsa.com/pub/rsalabs/tmp/pkcs1v15sign-vectors.txt | 189 // ftp://ftp.rsa.com/pub/rsalabs/tmp/pkcs1v15sign-vectors.txt |
190 const unsigned kModulusLength = 1024; | 190 const unsigned int kModulusLength = 1024; |
191 const char* const kPublicKeySpkiDerHex = | 191 const char* const kPublicKeySpkiDerHex = |
192 "30819f300d06092a864886f70d010101050003818d0030818902818100a5" | 192 "30819f300d06092a864886f70d010101050003818d0030818902818100a5" |
193 "6e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad9" | 193 "6e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad9" |
194 "91d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfc" | 194 "91d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfc" |
195 "e0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e" | 195 "e0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e" |
196 "6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cf" | 196 "6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cf" |
197 "fb2249bd9a21370203010001"; | 197 "fb2249bd9a21370203010001"; |
198 const char* const kPrivateKeyPkcs8DerHex = | 198 const char* const kPrivateKeyPkcs8DerHex = |
199 "30820275020100300d06092a864886f70d01010105000482025f3082025b" | 199 "30820275020100300d06092a864886f70d01010105000482025f3082025b" |
200 "02010002818100a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52" | 200 "02010002818100a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52" |
(...skipping 102 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
303 | 303 |
304 if (status.IsError()) | 304 if (status.IsError()) |
305 EXPECT_EQ(Status::ErrorUnsupported().ToString(), status.ToString()); | 305 EXPECT_EQ(Status::ErrorUnsupported().ToString(), status.ToString()); |
306 return status.IsSuccess(); | 306 return status.IsSuccess(); |
307 | 307 |
308 } | 308 } |
309 | 309 |
310 Status AesGcmEncrypt(const blink::WebCryptoKey& key, | 310 Status AesGcmEncrypt(const blink::WebCryptoKey& key, |
311 const std::vector<uint8>& iv, | 311 const std::vector<uint8>& iv, |
312 const std::vector<uint8>& additional_data, | 312 const std::vector<uint8>& additional_data, |
313 unsigned tag_length_bits, | 313 unsigned int tag_length_bits, |
314 const std::vector<uint8>& plain_text, | 314 const std::vector<uint8>& plain_text, |
315 std::vector<uint8>* cipher_text, | 315 std::vector<uint8>* cipher_text, |
316 std::vector<uint8>* authentication_tag) { | 316 std::vector<uint8>* authentication_tag) { |
317 blink::WebCryptoAlgorithm algorithm = CreateAesGcmAlgorithm( | 317 blink::WebCryptoAlgorithm algorithm = CreateAesGcmAlgorithm( |
318 iv, additional_data, tag_length_bits); | 318 iv, additional_data, tag_length_bits); |
319 | 319 |
320 blink::WebArrayBuffer output; | 320 blink::WebArrayBuffer output; |
321 Status status = EncryptInternal(algorithm, key, plain_text, &output); | 321 Status status = EncryptInternal(algorithm, key, plain_text, &output); |
322 if (status.IsError()) | 322 if (status.IsError()) |
323 return status; | 323 return status; |
(...skipping 11 matching lines...) Expand all Loading... |
335 authentication_tag->assign( | 335 authentication_tag->assign( |
336 static_cast<uint8*>(output.data()) + cipher_text->size(), | 336 static_cast<uint8*>(output.data()) + cipher_text->size(), |
337 static_cast<uint8*>(output.data()) + output.byteLength()); | 337 static_cast<uint8*>(output.data()) + output.byteLength()); |
338 | 338 |
339 return Status::Success(); | 339 return Status::Success(); |
340 } | 340 } |
341 | 341 |
342 Status AesGcmDecrypt(const blink::WebCryptoKey& key, | 342 Status AesGcmDecrypt(const blink::WebCryptoKey& key, |
343 const std::vector<uint8>& iv, | 343 const std::vector<uint8>& iv, |
344 const std::vector<uint8>& additional_data, | 344 const std::vector<uint8>& additional_data, |
345 unsigned tag_length_bits, | 345 unsigned int tag_length_bits, |
346 const std::vector<uint8>& cipher_text, | 346 const std::vector<uint8>& cipher_text, |
347 const std::vector<uint8>& authentication_tag, | 347 const std::vector<uint8>& authentication_tag, |
348 blink::WebArrayBuffer* plain_text) { | 348 blink::WebArrayBuffer* plain_text) { |
349 blink::WebCryptoAlgorithm algorithm = CreateAesGcmAlgorithm( | 349 blink::WebCryptoAlgorithm algorithm = CreateAesGcmAlgorithm( |
350 iv, additional_data, tag_length_bits); | 350 iv, additional_data, tag_length_bits); |
351 | 351 |
352 // Join cipher text and authentication tag. | 352 // Join cipher text and authentication tag. |
353 std::vector<uint8> cipher_text_with_tag; | 353 std::vector<uint8> cipher_text_with_tag; |
354 cipher_text_with_tag.reserve( | 354 cipher_text_with_tag.reserve( |
355 cipher_text.size() + authentication_tag.size()); | 355 cipher_text.size() + authentication_tag.size()); |
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
421 const std::vector<uint8>& data, | 421 const std::vector<uint8>& data, |
422 blink::WebArrayBuffer* buffer) { | 422 blink::WebArrayBuffer* buffer) { |
423 return crypto_.SignInternal( | 423 return crypto_.SignInternal( |
424 algorithm, key, webcrypto::Uint8VectorStart(data), data.size(), buffer); | 424 algorithm, key, webcrypto::Uint8VectorStart(data), data.size(), buffer); |
425 } | 425 } |
426 | 426 |
427 Status VerifySignatureInternal( | 427 Status VerifySignatureInternal( |
428 const blink::WebCryptoAlgorithm& algorithm, | 428 const blink::WebCryptoAlgorithm& algorithm, |
429 const blink::WebCryptoKey& key, | 429 const blink::WebCryptoKey& key, |
430 const unsigned char* signature, | 430 const unsigned char* signature, |
431 unsigned signature_size, | 431 unsigned int signature_size, |
432 const std::vector<uint8>& data, | 432 const std::vector<uint8>& data, |
433 bool* signature_match) { | 433 bool* signature_match) { |
434 return crypto_.VerifySignatureInternal(algorithm, | 434 return crypto_.VerifySignatureInternal(algorithm, |
435 key, | 435 key, |
436 signature, | 436 signature, |
437 signature_size, | 437 signature_size, |
438 webcrypto::Uint8VectorStart(data), | 438 webcrypto::Uint8VectorStart(data), |
439 data.size(), | 439 data.size(), |
440 signature_match); | 440 signature_match); |
441 } | 441 } |
(...skipping 11 matching lines...) Expand all Loading... |
453 signature.size(), | 453 signature.size(), |
454 webcrypto::Uint8VectorStart(data), | 454 webcrypto::Uint8VectorStart(data), |
455 data.size(), | 455 data.size(), |
456 signature_match); | 456 signature_match); |
457 } | 457 } |
458 | 458 |
459 Status EncryptInternal( | 459 Status EncryptInternal( |
460 const blink::WebCryptoAlgorithm& algorithm, | 460 const blink::WebCryptoAlgorithm& algorithm, |
461 const blink::WebCryptoKey& key, | 461 const blink::WebCryptoKey& key, |
462 const unsigned char* data, | 462 const unsigned char* data, |
463 unsigned data_size, | 463 unsigned int data_size, |
464 blink::WebArrayBuffer* buffer) { | 464 blink::WebArrayBuffer* buffer) { |
465 return crypto_.EncryptInternal(algorithm, key, data, data_size, buffer); | 465 return crypto_.EncryptInternal(algorithm, key, data, data_size, buffer); |
466 } | 466 } |
467 | 467 |
468 Status EncryptInternal( | 468 Status EncryptInternal( |
469 const blink::WebCryptoAlgorithm& algorithm, | 469 const blink::WebCryptoAlgorithm& algorithm, |
470 const blink::WebCryptoKey& key, | 470 const blink::WebCryptoKey& key, |
471 const std::vector<uint8>& data, | 471 const std::vector<uint8>& data, |
472 blink::WebArrayBuffer* buffer) { | 472 blink::WebArrayBuffer* buffer) { |
473 return crypto_.EncryptInternal( | 473 return crypto_.EncryptInternal( |
474 algorithm, key, webcrypto::Uint8VectorStart(data), data.size(), buffer); | 474 algorithm, key, webcrypto::Uint8VectorStart(data), data.size(), buffer); |
475 } | 475 } |
476 | 476 |
477 Status DecryptInternal( | 477 Status DecryptInternal( |
478 const blink::WebCryptoAlgorithm& algorithm, | 478 const blink::WebCryptoAlgorithm& algorithm, |
479 const blink::WebCryptoKey& key, | 479 const blink::WebCryptoKey& key, |
480 const unsigned char* data, | 480 const unsigned char* data, |
481 unsigned data_size, | 481 unsigned int data_size, |
482 blink::WebArrayBuffer* buffer) { | 482 blink::WebArrayBuffer* buffer) { |
483 return crypto_.DecryptInternal(algorithm, key, data, data_size, buffer); | 483 return crypto_.DecryptInternal(algorithm, key, data, data_size, buffer); |
484 } | 484 } |
485 | 485 |
486 Status DecryptInternal( | 486 Status DecryptInternal( |
487 const blink::WebCryptoAlgorithm& algorithm, | 487 const blink::WebCryptoAlgorithm& algorithm, |
488 const blink::WebCryptoKey& key, | 488 const blink::WebCryptoKey& key, |
489 const std::vector<uint8>& data, | 489 const std::vector<uint8>& data, |
490 blink::WebArrayBuffer* buffer) { | 490 blink::WebArrayBuffer* buffer) { |
491 return crypto_.DecryptInternal( | 491 return crypto_.DecryptInternal( |
(...skipping 345 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
837 | 837 |
838 // Give an input that is too large (would cause integer overflow when | 838 // Give an input that is too large (would cause integer overflow when |
839 // narrowing to an int). | 839 // narrowing to an int). |
840 { | 840 { |
841 std::vector<uint8> iv(16); | 841 std::vector<uint8> iv(16); |
842 | 842 |
843 // Pretend the input is large. Don't pass data pointer as NULL in case that | 843 // Pretend the input is large. Don't pass data pointer as NULL in case that |
844 // is special cased; the implementation shouldn't actually dereference the | 844 // is special cased; the implementation shouldn't actually dereference the |
845 // data. | 845 // data. |
846 const unsigned char* input = &iv[0]; | 846 const unsigned char* input = &iv[0]; |
847 unsigned input_len = INT_MAX - 3; | 847 unsigned int input_len = INT_MAX - 3; |
848 | 848 |
849 EXPECT_STATUS(Status::ErrorDataTooLarge(), EncryptInternal( | 849 EXPECT_STATUS(Status::ErrorDataTooLarge(), EncryptInternal( |
850 webcrypto::CreateAesCbcAlgorithm(iv), key, input, input_len, &output)); | 850 webcrypto::CreateAesCbcAlgorithm(iv), key, input, input_len, &output)); |
851 EXPECT_STATUS(Status::ErrorDataTooLarge(), DecryptInternal( | 851 EXPECT_STATUS(Status::ErrorDataTooLarge(), DecryptInternal( |
852 webcrypto::CreateAesCbcAlgorithm(iv), key, input, input_len, &output)); | 852 webcrypto::CreateAesCbcAlgorithm(iv), key, input, input_len, &output)); |
853 } | 853 } |
854 | 854 |
855 // Fail importing the key (too few bytes specified) | 855 // Fail importing the key (too few bytes specified) |
856 { | 856 { |
857 std::vector<uint8> key_raw(1); | 857 std::vector<uint8> key_raw(1); |
(...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
989 // Test decryption. | 989 // Test decryption. |
990 std::vector<uint8> cipher_text = HexStringToBytes(test.cipher_text); | 990 std::vector<uint8> cipher_text = HexStringToBytes(test.cipher_text); |
991 EXPECT_STATUS( | 991 EXPECT_STATUS( |
992 Status::Success(), | 992 Status::Success(), |
993 DecryptInternal(webcrypto::CreateAesCbcAlgorithm(iv), | 993 DecryptInternal(webcrypto::CreateAesCbcAlgorithm(iv), |
994 key, | 994 key, |
995 cipher_text, | 995 cipher_text, |
996 &output)); | 996 &output)); |
997 ExpectArrayBufferMatchesHex(test.plain_text, output); | 997 ExpectArrayBufferMatchesHex(test.plain_text, output); |
998 | 998 |
999 const unsigned kAesCbcBlockSize = 16; | 999 const unsigned int kAesCbcBlockSize = 16; |
1000 | 1000 |
1001 // Decrypt with a padding error by stripping the last block. This also ends | 1001 // Decrypt with a padding error by stripping the last block. This also ends |
1002 // up testing decryption over empty cipher text. | 1002 // up testing decryption over empty cipher text. |
1003 if (cipher_text.size() >= kAesCbcBlockSize) { | 1003 if (cipher_text.size() >= kAesCbcBlockSize) { |
1004 EXPECT_STATUS( | 1004 EXPECT_STATUS( |
1005 Status::Error(), | 1005 Status::Error(), |
1006 DecryptInternal(webcrypto::CreateAesCbcAlgorithm(iv), | 1006 DecryptInternal(webcrypto::CreateAesCbcAlgorithm(iv), |
1007 key, | 1007 key, |
1008 &cipher_text[0], | 1008 &cipher_text[0], |
1009 cipher_text.size() - kAesCbcBlockSize, | 1009 cipher_text.size() - kAesCbcBlockSize, |
(...skipping 575 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1585 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 1585 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
1586 true, | 1586 true, |
1587 blink::WebCryptoKeyUsageSign, | 1587 blink::WebCryptoKeyUsageSign, |
1588 &key)); | 1588 &key)); |
1589 } | 1589 } |
1590 | 1590 |
1591 TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) { | 1591 TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) { |
1592 // Note: using unrealistic short key lengths here to avoid bogging down tests. | 1592 // Note: using unrealistic short key lengths here to avoid bogging down tests. |
1593 | 1593 |
1594 // Successful WebCryptoAlgorithmIdRsaEsPkcs1v1_5 key generation. | 1594 // Successful WebCryptoAlgorithmIdRsaEsPkcs1v1_5 key generation. |
1595 const unsigned modulus_length = 256; | 1595 const unsigned int modulus_length = 256; |
1596 const std::vector<uint8> public_exponent = HexStringToBytes("010001"); | 1596 const std::vector<uint8> public_exponent = HexStringToBytes("010001"); |
1597 blink::WebCryptoAlgorithm algorithm = webcrypto::CreateRsaKeyGenAlgorithm( | 1597 blink::WebCryptoAlgorithm algorithm = webcrypto::CreateRsaKeyGenAlgorithm( |
1598 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | 1598 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
1599 modulus_length, | 1599 modulus_length, |
1600 public_exponent); | 1600 public_exponent); |
1601 bool extractable = false; | 1601 bool extractable = false; |
1602 const blink::WebCryptoKeyUsageMask usage_mask = 0; | 1602 const blink::WebCryptoKeyUsageMask usage_mask = 0; |
1603 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1603 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
1604 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 1604 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
1605 EXPECT_STATUS_SUCCESS(GenerateKeyPairInternal( | 1605 EXPECT_STATUS_SUCCESS(GenerateKeyPairInternal( |
1606 algorithm, extractable, usage_mask, &public_key, &private_key)); | 1606 algorithm, extractable, usage_mask, &public_key, &private_key)); |
1607 EXPECT_FALSE(public_key.isNull()); | 1607 EXPECT_FALSE(public_key.isNull()); |
1608 EXPECT_FALSE(private_key.isNull()); | 1608 EXPECT_FALSE(private_key.isNull()); |
1609 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 1609 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
1610 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 1610 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
1611 EXPECT_EQ(true, public_key.extractable()); | 1611 EXPECT_EQ(true, public_key.extractable()); |
1612 EXPECT_EQ(extractable, private_key.extractable()); | 1612 EXPECT_EQ(extractable, private_key.extractable()); |
1613 EXPECT_EQ(usage_mask, public_key.usages()); | 1613 EXPECT_EQ(usage_mask, public_key.usages()); |
1614 EXPECT_EQ(usage_mask, private_key.usages()); | 1614 EXPECT_EQ(usage_mask, private_key.usages()); |
1615 | 1615 |
1616 // Fail with bad modulus. | 1616 // Fail with bad modulus. |
1617 algorithm = webcrypto::CreateRsaKeyGenAlgorithm( | 1617 algorithm = webcrypto::CreateRsaKeyGenAlgorithm( |
1618 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, 0, public_exponent); | 1618 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, 0, public_exponent); |
1619 EXPECT_STATUS(Status::ErrorGenerateRsaZeroModulus(), GenerateKeyPairInternal( | 1619 EXPECT_STATUS(Status::ErrorGenerateRsaZeroModulus(), GenerateKeyPairInternal( |
1620 algorithm, extractable, usage_mask, &public_key, &private_key)); | 1620 algorithm, extractable, usage_mask, &public_key, &private_key)); |
1621 | 1621 |
1622 // Fail with bad exponent: larger than unsigned long. | 1622 // Fail with bad exponent: larger than unsigned long. |
1623 unsigned exponent_length = sizeof(unsigned long) + 1; // NOLINT | 1623 unsigned int exponent_length = sizeof(unsigned long) + 1; // NOLINT |
1624 const std::vector<uint8> long_exponent(exponent_length, 0x01); | 1624 const std::vector<uint8> long_exponent(exponent_length, 0x01); |
1625 algorithm = webcrypto::CreateRsaKeyGenAlgorithm( | 1625 algorithm = webcrypto::CreateRsaKeyGenAlgorithm( |
1626 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | 1626 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
1627 modulus_length, | 1627 modulus_length, |
1628 long_exponent); | 1628 long_exponent); |
1629 EXPECT_STATUS(Status::ErrorGenerateKeyPublicExponent(), | 1629 EXPECT_STATUS(Status::ErrorGenerateKeyPublicExponent(), |
1630 GenerateKeyPairInternal(algorithm, extractable, usage_mask, &public_key, | 1630 GenerateKeyPairInternal(algorithm, extractable, usage_mask, &public_key, |
1631 &private_key)); | 1631 &private_key)); |
1632 | 1632 |
1633 // Fail with bad exponent: empty. | 1633 // Fail with bad exponent: empty. |
(...skipping 85 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1719 kPublicKeySpkiDerHex, | 1719 kPublicKeySpkiDerHex, |
1720 kPrivateKeyPkcs8DerHex, | 1720 kPrivateKeyPkcs8DerHex, |
1721 algorithm, | 1721 algorithm, |
1722 false, | 1722 false, |
1723 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, | 1723 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, |
1724 &public_key, | 1724 &public_key, |
1725 &private_key); | 1725 &private_key); |
1726 | 1726 |
1727 // Make a maximum-length data message. RSAES can operate on messages up to | 1727 // Make a maximum-length data message. RSAES can operate on messages up to |
1728 // length of k - 11 bytes, where k is the octet length of the RSA modulus. | 1728 // length of k - 11 bytes, where k is the octet length of the RSA modulus. |
1729 const unsigned kMaxMsgSizeBytes = kModulusLength / 8 - 11; | 1729 const unsigned int kMaxMsgSizeBytes = kModulusLength / 8 - 11; |
1730 // There are two hex chars for each byte. | 1730 // There are two hex chars for each byte. |
1731 const unsigned kMsgHexSize = kMaxMsgSizeBytes * 2; | 1731 const unsigned int kMsgHexSize = kMaxMsgSizeBytes * 2; |
1732 char max_data_hex[kMsgHexSize+1]; | 1732 char max_data_hex[kMsgHexSize+1]; |
1733 std::fill(&max_data_hex[0], &max_data_hex[0] + kMsgHexSize, 'a'); | 1733 std::fill(&max_data_hex[0], &max_data_hex[0] + kMsgHexSize, 'a'); |
1734 max_data_hex[kMsgHexSize] = '\0'; | 1734 max_data_hex[kMsgHexSize] = '\0'; |
1735 | 1735 |
1736 // Verify encrypt / decrypt round trip on a few messages. Note that RSA | 1736 // Verify encrypt / decrypt round trip on a few messages. Note that RSA |
1737 // encryption does not support empty input. | 1737 // encryption does not support empty input. |
1738 algorithm = | 1738 algorithm = |
1739 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 1739 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
1740 const char* const kTestDataHex[] = { | 1740 const char* const kTestDataHex[] = { |
1741 "ff", | 1741 "ff", |
(...skipping 155 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1897 const std::vector<uint8> message_hex(HexStringToBytes(message_hex_str)); | 1897 const std::vector<uint8> message_hex(HexStringToBytes(message_hex_str)); |
1898 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 1898 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), |
1899 EncryptInternal(algorithm, private_key, message_hex, &encrypted_data)); | 1899 EncryptInternal(algorithm, private_key, message_hex, &encrypted_data)); |
1900 | 1900 |
1901 // Fail encrypt with empty message. | 1901 // Fail encrypt with empty message. |
1902 EXPECT_STATUS(Status::Error(), EncryptInternal( | 1902 EXPECT_STATUS(Status::Error(), EncryptInternal( |
1903 algorithm, public_key, std::vector<uint8>(), &encrypted_data)); | 1903 algorithm, public_key, std::vector<uint8>(), &encrypted_data)); |
1904 | 1904 |
1905 // Fail encrypt with message too large. RSAES can operate on messages up to | 1905 // Fail encrypt with message too large. RSAES can operate on messages up to |
1906 // length of k - 11 bytes, where k is the octet length of the RSA modulus. | 1906 // length of k - 11 bytes, where k is the octet length of the RSA modulus. |
1907 const unsigned kMaxMsgSizeBytes = kModulusLength / 8 - 11; | 1907 const unsigned int kMaxMsgSizeBytes = kModulusLength / 8 - 11; |
1908 EXPECT_STATUS( | 1908 EXPECT_STATUS( |
1909 Status::ErrorDataTooLarge(), | 1909 Status::ErrorDataTooLarge(), |
1910 EncryptInternal(algorithm, | 1910 EncryptInternal(algorithm, |
1911 public_key, | 1911 public_key, |
1912 std::vector<uint8>(kMaxMsgSizeBytes + 1, '0'), | 1912 std::vector<uint8>(kMaxMsgSizeBytes + 1, '0'), |
1913 &encrypted_data)); | 1913 &encrypted_data)); |
1914 | 1914 |
1915 // Generate encrypted data. | 1915 // Generate encrypted data. |
1916 EXPECT_STATUS(Status::Success(), | 1916 EXPECT_STATUS(Status::Success(), |
1917 EncryptInternal(algorithm, public_key, message_hex, &encrypted_data)); | 1917 EncryptInternal(algorithm, public_key, message_hex, &encrypted_data)); |
(...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1997 EXPECT_STATUS_SUCCESS(VerifySignatureInternal( | 1997 EXPECT_STATUS_SUCCESS(VerifySignatureInternal( |
1998 algorithm, | 1998 algorithm, |
1999 public_key, | 1999 public_key, |
2000 webcrypto::Uint8VectorStart(corrupt_sig), | 2000 webcrypto::Uint8VectorStart(corrupt_sig), |
2001 corrupt_sig.size(), | 2001 corrupt_sig.size(), |
2002 data, | 2002 data, |
2003 &signature_match)); | 2003 &signature_match)); |
2004 EXPECT_FALSE(signature_match); | 2004 EXPECT_FALSE(signature_match); |
2005 | 2005 |
2006 // Ensure signatures that are greater than the modulus size fail. | 2006 // Ensure signatures that are greater than the modulus size fail. |
2007 const unsigned long_message_size_bytes = 1024; | 2007 const unsigned int long_message_size_bytes = 1024; |
2008 DCHECK_GT(long_message_size_bytes, kModulusLength/8); | 2008 DCHECK_GT(long_message_size_bytes, kModulusLength/8); |
2009 const unsigned char kLongSignature[long_message_size_bytes] = { 0 }; | 2009 const unsigned char kLongSignature[long_message_size_bytes] = { 0 }; |
2010 EXPECT_STATUS_SUCCESS(VerifySignatureInternal( | 2010 EXPECT_STATUS_SUCCESS(VerifySignatureInternal( |
2011 algorithm, | 2011 algorithm, |
2012 public_key, | 2012 public_key, |
2013 kLongSignature, | 2013 kLongSignature, |
2014 sizeof(kLongSignature), | 2014 sizeof(kLongSignature), |
2015 data, | 2015 data, |
2016 &signature_match)); | 2016 &signature_match)); |
2017 EXPECT_FALSE(signature_match); | 2017 EXPECT_FALSE(signature_match); |
(...skipping 505 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2523 blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 2523 blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
2524 ExpectArrayBufferMatchesHex(test.key, raw_key); | 2524 ExpectArrayBufferMatchesHex(test.key, raw_key); |
2525 | 2525 |
2526 const std::vector<uint8> test_iv = HexStringToBytes(test.iv); | 2526 const std::vector<uint8> test_iv = HexStringToBytes(test.iv); |
2527 const std::vector<uint8> test_additional_data = | 2527 const std::vector<uint8> test_additional_data = |
2528 HexStringToBytes(test.additional_data); | 2528 HexStringToBytes(test.additional_data); |
2529 const std::vector<uint8> test_plain_text = | 2529 const std::vector<uint8> test_plain_text = |
2530 HexStringToBytes(test.plain_text); | 2530 HexStringToBytes(test.plain_text); |
2531 const std::vector<uint8> test_authentication_tag = | 2531 const std::vector<uint8> test_authentication_tag = |
2532 HexStringToBytes(test.authentication_tag); | 2532 HexStringToBytes(test.authentication_tag); |
2533 const unsigned test_tag_size_bits = test_authentication_tag.size() * 8; | 2533 const unsigned int test_tag_size_bits = test_authentication_tag.size() * 8; |
2534 const std::vector<uint8> test_cipher_text = | 2534 const std::vector<uint8> test_cipher_text = |
2535 HexStringToBytes(test.cipher_text); | 2535 HexStringToBytes(test.cipher_text); |
2536 | 2536 |
2537 // Test encryption. | 2537 // Test encryption. |
2538 std::vector<uint8> cipher_text; | 2538 std::vector<uint8> cipher_text; |
2539 std::vector<uint8> authentication_tag; | 2539 std::vector<uint8> authentication_tag; |
2540 EXPECT_STATUS_SUCCESS(AesGcmEncrypt(key, test_iv, test_additional_data, | 2540 EXPECT_STATUS_SUCCESS(AesGcmEncrypt(key, test_iv, test_additional_data, |
2541 test_tag_size_bits, test_plain_text, | 2541 test_tag_size_bits, test_plain_text, |
2542 &cipher_text, &authentication_tag)); | 2542 &cipher_text, &authentication_tag)); |
2543 | 2543 |
(...skipping 22 matching lines...) Expand all Loading... |
2566 test_authentication_tag, &plain_text)); | 2566 test_authentication_tag, &plain_text)); |
2567 EXPECT_STATUS(Status::Error(), | 2567 EXPECT_STATUS(Status::Error(), |
2568 AesGcmDecrypt(key, test_iv, test_additional_data, | 2568 AesGcmDecrypt(key, test_iv, test_additional_data, |
2569 test_tag_size_bits, test_cipher_text, | 2569 test_tag_size_bits, test_cipher_text, |
2570 Corrupted(test_authentication_tag), | 2570 Corrupted(test_authentication_tag), |
2571 &plain_text)); | 2571 &plain_text)); |
2572 | 2572 |
2573 // Try different incorrect tag lengths | 2573 // Try different incorrect tag lengths |
2574 uint8 kAlternateTagLengths[] = {8, 96, 120, 128, 160, 255}; | 2574 uint8 kAlternateTagLengths[] = {8, 96, 120, 128, 160, 255}; |
2575 for (size_t tag_i = 0; tag_i < arraysize(kAlternateTagLengths); ++tag_i) { | 2575 for (size_t tag_i = 0; tag_i < arraysize(kAlternateTagLengths); ++tag_i) { |
2576 unsigned wrong_tag_size_bits = kAlternateTagLengths[tag_i]; | 2576 unsigned int wrong_tag_size_bits = kAlternateTagLengths[tag_i]; |
2577 if (test_tag_size_bits == wrong_tag_size_bits) | 2577 if (test_tag_size_bits == wrong_tag_size_bits) |
2578 continue; | 2578 continue; |
2579 EXPECT_STATUS_ERROR(AesGcmDecrypt(key, test_iv, test_additional_data, | 2579 EXPECT_STATUS_ERROR(AesGcmDecrypt(key, test_iv, test_additional_data, |
2580 wrong_tag_size_bits, test_cipher_text, | 2580 wrong_tag_size_bits, test_cipher_text, |
2581 test_authentication_tag, &plain_text)); | 2581 test_authentication_tag, &plain_text)); |
2582 } | 2582 } |
2583 } | 2583 } |
2584 } | 2584 } |
2585 | 2585 |
2586 } // namespace content | 2586 } // namespace content |
OLD | NEW |