| Index: content/renderer/webcrypto/platform_crypto_unittest.cc
|
| diff --git a/content/renderer/webcrypto/webcrypto_impl_unittest.cc b/content/renderer/webcrypto/platform_crypto_unittest.cc
|
| similarity index 73%
|
| rename from content/renderer/webcrypto/webcrypto_impl_unittest.cc
|
| rename to content/renderer/webcrypto/platform_crypto_unittest.cc
|
| index ba2e80a9dc10b9d6f3bd6ed3d3e08d54354f9b8c..c6ae4820d2a227b21e52ee85c31e7da10d9be22c 100644
|
| --- a/content/renderer/webcrypto/webcrypto_impl_unittest.cc
|
| +++ b/content/renderer/webcrypto/platform_crypto_unittest.cc
|
| @@ -2,7 +2,7 @@
|
| // Use of this source code is governed by a BSD-style license that can be
|
| // found in the LICENSE file.
|
|
|
| -#include "content/renderer/webcrypto/webcrypto_impl.h"
|
| +#include "content/renderer/webcrypto/platform_crypto.h"
|
|
|
| #include <algorithm>
|
| #include <string>
|
| @@ -20,6 +20,7 @@
|
| #include "content/public/common/content_paths.h"
|
| #include "content/public/renderer/content_renderer_client.h"
|
| #include "content/renderer/renderer_webkitplatformsupport_impl.h"
|
| +#include "content/renderer/webcrypto/crypto_data.h"
|
| #include "content/renderer/webcrypto/webcrypto_util.h"
|
| #include "testing/gtest/include/gtest/gtest.h"
|
| #include "third_party/WebKit/public/platform/WebArrayBuffer.h"
|
| @@ -47,7 +48,7 @@
|
|
|
| namespace content {
|
|
|
| -using webcrypto::Status;
|
| +namespace webcrypto {
|
|
|
| namespace {
|
|
|
| @@ -69,25 +70,17 @@ std::vector<uint8> HexStringToBytes(const std::string& hex) {
|
| return bytes;
|
| }
|
|
|
| -void ExpectArrayBufferMatches(const std::vector<uint8>& expected,
|
| - const blink::WebArrayBuffer& actual) {
|
| - EXPECT_EQ(
|
| - base::HexEncode(webcrypto::Uint8VectorStart(expected), expected.size()),
|
| - base::HexEncode(actual.data(), actual.byteLength()));
|
| +void ExpectCryptoDataMatches(const CryptoData& expected,
|
| + const CryptoData& actual) {
|
| + EXPECT_EQ(base::HexEncode(expected.bytes(), expected.byte_length()),
|
| + base::HexEncode(actual.bytes(), actual.byte_length()));
|
| }
|
|
|
| -void ExpectArrayBufferMatchesHex(const std::string& expected_hex,
|
| - const blink::WebArrayBuffer& array_buffer) {
|
| +void ExpectCryptoDataMatchesHex(const std::string& expected_hex,
|
| + const CryptoData& actual) {
|
| EXPECT_STRCASEEQ(
|
| expected_hex.c_str(),
|
| - base::HexEncode(array_buffer.data(), array_buffer.byteLength()).c_str());
|
| -}
|
| -
|
| -void ExpectVectorMatches(const std::vector<uint8>& expected,
|
| - const std::vector<uint8>& actual) {
|
| - EXPECT_EQ(
|
| - base::HexEncode(webcrypto::Uint8VectorStart(expected), expected.size()),
|
| - base::HexEncode(webcrypto::Uint8VectorStart(actual), actual.size()));
|
| + base::HexEncode(actual.bytes(), actual.byte_length()).c_str());
|
| }
|
|
|
| std::vector<uint8> MakeJsonVector(const std::string& json_string) {
|
| @@ -198,7 +191,7 @@ blink::WebCryptoAlgorithm GetDigestAlgorithm(
|
|
|
| for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kDigestNameToId); ++i) {
|
| if (kDigestNameToId[i].name == algorithm_name)
|
| - return webcrypto::CreateAlgorithm(kDigestNameToId[i].id);
|
| + return CreateAlgorithm(kDigestNameToId[i].id);
|
| }
|
|
|
| return blink::WebCryptoAlgorithm::createNull();
|
| @@ -249,10 +242,10 @@ blink::WebCryptoAlgorithm CreateRsaAlgorithmWithInnerHash(
|
| blink::WebCryptoAlgorithmId hash_id) {
|
| DCHECK(algorithm_id == blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 ||
|
| algorithm_id == blink::WebCryptoAlgorithmIdRsaOaep);
|
| - DCHECK(webcrypto::IsHashAlgorithm(hash_id));
|
| + DCHECK(IsHashAlgorithm(hash_id));
|
| return blink::WebCryptoAlgorithm::adoptParamsAndCreate(
|
| algorithm_id,
|
| - new blink::WebCryptoRsaSsaParams(webcrypto::CreateAlgorithm(hash_id)));
|
| + new blink::WebCryptoRsaSsaParams(CreateAlgorithm(hash_id)));
|
| }
|
|
|
| // Determines if two ArrayBuffers have identical content.
|
| @@ -337,7 +330,7 @@ const char* const kPrivateKeyPkcs8DerHex =
|
|
|
| } // namespace
|
|
|
| -class WebCryptoImplTest : public testing::Test {
|
| +class PlatformCryptoTest : public testing::Test {
|
| protected:
|
| blink::WebCryptoKey ImportSecretKeyFromRaw(
|
| const std::vector<uint8>& key_raw,
|
| @@ -346,13 +339,12 @@ class WebCryptoImplTest : public testing::Test {
|
| blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
|
| bool extractable = true;
|
| EXPECT_STATUS_SUCCESS(
|
| - crypto_.ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
|
| - webcrypto::Uint8VectorStart(key_raw),
|
| - key_raw.size(),
|
| - algorithm,
|
| - extractable,
|
| - usage,
|
| - &key));
|
| + crypto_.ImportKey(blink::WebCryptoKeyFormatRaw,
|
| + key_raw,
|
| + algorithm,
|
| + extractable,
|
| + usage,
|
| + &key));
|
|
|
| EXPECT_FALSE(key.isNull());
|
| EXPECT_TRUE(key.handle());
|
| @@ -371,7 +363,7 @@ class WebCryptoImplTest : public testing::Test {
|
| blink::WebCryptoKeyUsageMask usage_mask,
|
| blink::WebCryptoKey* public_key,
|
| blink::WebCryptoKey* private_key) {
|
| - EXPECT_STATUS_SUCCESS(ImportKeyInternal(
|
| + EXPECT_STATUS_SUCCESS(crypto_.ImportKey(
|
| blink::WebCryptoKeyFormatSpki,
|
| spki_der,
|
| algorithm,
|
| @@ -385,7 +377,7 @@ class WebCryptoImplTest : public testing::Test {
|
| EXPECT_EQ(extractable, extractable);
|
| EXPECT_EQ(usage_mask, public_key->usages());
|
|
|
| - EXPECT_STATUS_SUCCESS(ImportKeyInternal(
|
| + EXPECT_STATUS_SUCCESS(crypto_.ImportKey(
|
| blink::WebCryptoKeyFormatPkcs8,
|
| pkcs8_der,
|
| algorithm,
|
| @@ -406,11 +398,10 @@ class WebCryptoImplTest : public testing::Test {
|
| std::vector<uint8> key_raw(16, 0);
|
|
|
| blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
|
| - Status status = crypto_.ImportKeyInternal(
|
| + Status status = crypto_.ImportKey(
|
| blink::WebCryptoKeyFormatRaw,
|
| - webcrypto::Uint8VectorStart(key_raw),
|
| - key_raw.size(),
|
| - webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm),
|
| + key_raw,
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm),
|
| true,
|
| blink::WebCryptoKeyUsageEncrypt,
|
| &key);
|
| @@ -418,7 +409,6 @@ class WebCryptoImplTest : public testing::Test {
|
| if (status.IsError())
|
| EXPECT_EQ(Status::ErrorUnsupported().ToString(), status.ToString());
|
| return status.IsSuccess();
|
| -
|
| }
|
|
|
| Status AesGcmEncrypt(const blink::WebCryptoKey& key,
|
| @@ -432,7 +422,7 @@ class WebCryptoImplTest : public testing::Test {
|
| iv, additional_data, tag_length_bits);
|
|
|
| blink::WebArrayBuffer output;
|
| - Status status = EncryptInternal(algorithm, key, plain_text, &output);
|
| + Status status = crypto_.Encrypt(algorithm, key, plain_text, &output);
|
| if (status.IsError())
|
| return status;
|
|
|
| @@ -473,158 +463,14 @@ class WebCryptoImplTest : public testing::Test {
|
| cipher_text_with_tag.end(), authentication_tag.begin(),
|
| authentication_tag.end());
|
|
|
| - return DecryptInternal(algorithm, key, cipher_text_with_tag, plain_text);
|
| - }
|
| -
|
| - // Forwarding methods to gain access to protected methods of
|
| - // WebCryptoImpl.
|
| -
|
| - Status DigestInternal(
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const std::vector<uint8>& data,
|
| - blink::WebArrayBuffer* buffer) {
|
| - return crypto_.DigestInternal(
|
| - algorithm, webcrypto::Uint8VectorStart(data), data.size(), buffer);
|
| - }
|
| -
|
| - Status GenerateKeyInternal(
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - blink::WebCryptoKey* key) {
|
| - bool extractable = true;
|
| - blink::WebCryptoKeyUsageMask usage_mask = 0;
|
| - return crypto_.GenerateSecretKeyInternal(
|
| - algorithm, extractable, usage_mask, key);
|
| - }
|
| -
|
| - Status GenerateKeyPairInternal(
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - bool extractable,
|
| - blink::WebCryptoKeyUsageMask usage_mask,
|
| - blink::WebCryptoKey* public_key,
|
| - blink::WebCryptoKey* private_key) {
|
| - return crypto_.GenerateKeyPairInternal(
|
| - algorithm, extractable, usage_mask, public_key, private_key);
|
| - }
|
| -
|
| - Status ImportKeyInternal(
|
| - blink::WebCryptoKeyFormat format,
|
| - const std::vector<uint8>& key_data,
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - bool extractable,
|
| - blink::WebCryptoKeyUsageMask usage_mask,
|
| - blink::WebCryptoKey* key) {
|
| - return crypto_.ImportKeyInternal(format,
|
| - webcrypto::Uint8VectorStart(key_data),
|
| - key_data.size(),
|
| - algorithm,
|
| - extractable,
|
| - usage_mask,
|
| - key);
|
| - }
|
| -
|
| - Status ExportKeyInternal(
|
| - blink::WebCryptoKeyFormat format,
|
| - const blink::WebCryptoKey& key,
|
| - blink::WebArrayBuffer* buffer) {
|
| - return crypto_.ExportKeyInternal(format, key, buffer);
|
| - }
|
| -
|
| - Status SignInternal(
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const std::vector<uint8>& data,
|
| - blink::WebArrayBuffer* buffer) {
|
| - return crypto_.SignInternal(
|
| - algorithm, key, webcrypto::Uint8VectorStart(data), data.size(), buffer);
|
| - }
|
| -
|
| - Status VerifySignatureInternal(
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const unsigned char* signature,
|
| - unsigned int signature_size,
|
| - const std::vector<uint8>& data,
|
| - bool* signature_match) {
|
| - return crypto_.VerifySignatureInternal(algorithm,
|
| - key,
|
| - signature,
|
| - signature_size,
|
| - webcrypto::Uint8VectorStart(data),
|
| - data.size(),
|
| - signature_match);
|
| - }
|
| -
|
| - Status VerifySignatureInternal(
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const std::vector<uint8>& signature,
|
| - const std::vector<uint8>& data,
|
| - bool* signature_match) {
|
| - return crypto_.VerifySignatureInternal(
|
| - algorithm,
|
| - key,
|
| - webcrypto::Uint8VectorStart(signature),
|
| - signature.size(),
|
| - webcrypto::Uint8VectorStart(data),
|
| - data.size(),
|
| - signature_match);
|
| + return crypto_.Decrypt(algorithm, key, cipher_text_with_tag, plain_text);
|
| }
|
|
|
| - Status EncryptInternal(
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const unsigned char* data,
|
| - unsigned int data_size,
|
| - blink::WebArrayBuffer* buffer) {
|
| - return crypto_.EncryptInternal(algorithm, key, data, data_size, buffer);
|
| - }
|
| -
|
| - Status EncryptInternal(
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const std::vector<uint8>& data,
|
| - blink::WebArrayBuffer* buffer) {
|
| - return crypto_.EncryptInternal(
|
| - algorithm, key, webcrypto::Uint8VectorStart(data), data.size(), buffer);
|
| - }
|
| -
|
| - Status DecryptInternal(
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const unsigned char* data,
|
| - unsigned int data_size,
|
| - blink::WebArrayBuffer* buffer) {
|
| - return crypto_.DecryptInternal(algorithm, key, data, data_size, buffer);
|
| - }
|
| -
|
| - Status DecryptInternal(
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const std::vector<uint8>& data,
|
| - blink::WebArrayBuffer* buffer) {
|
| - return crypto_.DecryptInternal(
|
| - algorithm, key, webcrypto::Uint8VectorStart(data), data.size(), buffer);
|
| - }
|
| -
|
| - Status ImportKeyJwk(
|
| - const std::vector<uint8>& key_data,
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - bool extractable,
|
| - blink::WebCryptoKeyUsageMask usage_mask,
|
| - blink::WebCryptoKey* key) {
|
| - return crypto_.ImportKeyJwk(webcrypto::Uint8VectorStart(key_data),
|
| - key_data.size(),
|
| - algorithm,
|
| - extractable,
|
| - usage_mask,
|
| - key);
|
| - }
|
| -
|
| - private:
|
| - WebCryptoImpl crypto_;
|
| + protected:
|
| + PlatformCrypto crypto_;
|
| };
|
|
|
| -TEST_F(WebCryptoImplTest, StatusToString) {
|
| +TEST_F(PlatformCryptoTest, StatusToString) {
|
| EXPECT_EQ("Success", Status::Success().ToString());
|
| EXPECT_EQ("", Status::Error().ToString());
|
| EXPECT_EQ("The requested operation is unsupported",
|
| @@ -637,7 +483,7 @@ TEST_F(WebCryptoImplTest, StatusToString) {
|
| Status::ErrorJwkBase64Decode("n").ToString());
|
| }
|
|
|
| -TEST_F(WebCryptoImplTest, DigestSampleSets) {
|
| +TEST_F(PlatformCryptoTest, DigestSampleSets) {
|
| scoped_ptr<base::ListValue> tests;
|
| ASSERT_TRUE(ReadJsonTestFileToList("digest.json", &tests));
|
|
|
| @@ -652,12 +498,12 @@ TEST_F(WebCryptoImplTest, DigestSampleSets) {
|
| std::vector<uint8> test_output = GetBytesFromHexString(test, "output");
|
|
|
| blink::WebArrayBuffer output;
|
| - ASSERT_STATUS_SUCCESS(DigestInternal(test_algorithm, test_input, &output));
|
| - ExpectArrayBufferMatches(test_output, output);
|
| + ASSERT_STATUS_SUCCESS(crypto_.Digest(test_algorithm, test_input, &output));
|
| + ExpectCryptoDataMatches(test_output, output);
|
| }
|
| }
|
|
|
| -TEST_F(WebCryptoImplTest, HMACSampleSets) {
|
| +TEST_F(PlatformCryptoTest, HMACSampleSets) {
|
| scoped_ptr<base::ListValue> tests;
|
| ASSERT_TRUE(ReadJsonTestFileToList("hmac.json", &tests));
|
|
|
| @@ -673,78 +519,77 @@ TEST_F(WebCryptoImplTest, HMACSampleSets) {
|
| const std::vector<uint8> test_mac = GetBytesFromHexString(test, "mac");
|
|
|
| blink::WebCryptoAlgorithm algorithm =
|
| - webcrypto::CreateHmacAlgorithmByHashId(test_hash.id());
|
| + CreateHmacAlgorithmByHashId(test_hash.id());
|
|
|
| blink::WebCryptoKey key = ImportSecretKeyFromRaw(
|
| - test_key, algorithm, blink::WebCryptoKeyUsageSign);
|
| + test_key,
|
| + algorithm,
|
| + blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify);
|
|
|
| // Verify exported raw key is identical to the imported data
|
| blink::WebArrayBuffer raw_key;
|
| EXPECT_STATUS_SUCCESS(
|
| - ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key));
|
| - ExpectArrayBufferMatches(test_key, raw_key);
|
| + crypto_.ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key));
|
| + ExpectCryptoDataMatches(test_key, raw_key);
|
|
|
| blink::WebArrayBuffer output;
|
|
|
| - ASSERT_STATUS_SUCCESS(SignInternal(algorithm, key, test_message, &output));
|
| + ASSERT_STATUS_SUCCESS(crypto_.Sign(algorithm, key, test_message, &output));
|
|
|
| - ExpectArrayBufferMatches(test_mac, output);
|
| + ExpectCryptoDataMatches(test_mac, output);
|
|
|
| bool signature_match = false;
|
| - EXPECT_STATUS_SUCCESS(VerifySignatureInternal(
|
| + EXPECT_STATUS_SUCCESS(crypto_.VerifySignature(
|
| algorithm,
|
| key,
|
| - static_cast<const unsigned char*>(output.data()),
|
| - output.byteLength(),
|
| + output,
|
| test_message,
|
| &signature_match));
|
| EXPECT_TRUE(signature_match);
|
|
|
| // Ensure truncated signature does not verify by passing one less byte.
|
| - EXPECT_STATUS_SUCCESS(VerifySignatureInternal(
|
| + EXPECT_STATUS_SUCCESS(crypto_.VerifySignature(
|
| algorithm,
|
| key,
|
| - static_cast<const unsigned char*>(output.data()),
|
| - output.byteLength() - 1,
|
| + CryptoData(static_cast<const unsigned char*>(output.data()),
|
| + output.byteLength() - 1),
|
| test_message,
|
| &signature_match));
|
| EXPECT_FALSE(signature_match);
|
|
|
| // Ensure truncated signature does not verify by passing no bytes.
|
| - EXPECT_STATUS_SUCCESS(VerifySignatureInternal(
|
| + EXPECT_STATUS_SUCCESS(crypto_.VerifySignature(
|
| algorithm,
|
| key,
|
| - NULL,
|
| - 0,
|
| + CryptoData(),
|
| test_message,
|
| &signature_match));
|
| EXPECT_FALSE(signature_match);
|
|
|
| // Ensure extra long signature does not cause issues and fails.
|
| const unsigned char kLongSignature[1024] = { 0 };
|
| - EXPECT_STATUS_SUCCESS(VerifySignatureInternal(
|
| + EXPECT_STATUS_SUCCESS(crypto_.VerifySignature(
|
| algorithm,
|
| key,
|
| - kLongSignature,
|
| - sizeof(kLongSignature),
|
| + CryptoData(kLongSignature, sizeof(kLongSignature)),
|
| test_message,
|
| &signature_match));
|
| EXPECT_FALSE(signature_match);
|
| }
|
| }
|
|
|
| -TEST_F(WebCryptoImplTest, AesCbcFailures) {
|
| +TEST_F(PlatformCryptoTest, AesCbcFailures) {
|
| const std::string key_hex = "2b7e151628aed2a6abf7158809cf4f3c";
|
| blink::WebCryptoKey key = ImportSecretKeyFromRaw(
|
| HexStringToBytes(key_hex),
|
| - webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
|
| blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt);
|
|
|
| // Verify exported raw key is identical to the imported data
|
| blink::WebArrayBuffer raw_key;
|
| EXPECT_STATUS_SUCCESS(
|
| - ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key));
|
| - ExpectArrayBufferMatchesHex(key_hex, raw_key);
|
| + crypto_.ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key));
|
| + ExpectCryptoDataMatchesHex(key_hex, raw_key);
|
|
|
| blink::WebArrayBuffer output;
|
|
|
| @@ -752,20 +597,20 @@ TEST_F(WebCryptoImplTest, AesCbcFailures) {
|
| {
|
| std::vector<uint8> input(32);
|
| std::vector<uint8> iv;
|
| - EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), EncryptInternal(
|
| - webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output));
|
| - EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), DecryptInternal(
|
| - webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output));
|
| + EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), crypto_.Encrypt(
|
| + CreateAesCbcAlgorithm(iv), key, input, &output));
|
| + EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), crypto_.Decrypt(
|
| + CreateAesCbcAlgorithm(iv), key, input, &output));
|
| }
|
|
|
| // Use an invalid |iv| (more than 16 bytes)
|
| {
|
| std::vector<uint8> input(32);
|
| std::vector<uint8> iv(17);
|
| - EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), EncryptInternal(
|
| - webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output));
|
| - EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), DecryptInternal(
|
| - webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output));
|
| + EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), crypto_.Encrypt(
|
| + CreateAesCbcAlgorithm(iv), key, input, &output));
|
| + EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), crypto_.Decrypt(
|
| + CreateAesCbcAlgorithm(iv), key, input, &output));
|
| }
|
|
|
| // Give an input that is too large (would cause integer overflow when
|
| @@ -776,13 +621,12 @@ TEST_F(WebCryptoImplTest, AesCbcFailures) {
|
| // Pretend the input is large. Don't pass data pointer as NULL in case that
|
| // is special cased; the implementation shouldn't actually dereference the
|
| // data.
|
| - const unsigned char* input = &iv[0];
|
| - unsigned int input_len = INT_MAX - 3;
|
| + CryptoData input(&iv[0], INT_MAX - 3);
|
|
|
| - EXPECT_STATUS(Status::ErrorDataTooLarge(), EncryptInternal(
|
| - webcrypto::CreateAesCbcAlgorithm(iv), key, input, input_len, &output));
|
| - EXPECT_STATUS(Status::ErrorDataTooLarge(), DecryptInternal(
|
| - webcrypto::CreateAesCbcAlgorithm(iv), key, input, input_len, &output));
|
| + EXPECT_STATUS(Status::ErrorDataTooLarge(), crypto_.Encrypt(
|
| + CreateAesCbcAlgorithm(iv), key, input, &output));
|
| + EXPECT_STATUS(Status::ErrorDataTooLarge(), crypto_.Decrypt(
|
| + CreateAesCbcAlgorithm(iv), key, input, &output));
|
| }
|
|
|
| // Fail importing the key (too few bytes specified)
|
| @@ -793,26 +637,23 @@ TEST_F(WebCryptoImplTest, AesCbcFailures) {
|
| blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
|
| EXPECT_STATUS(
|
| Status::Error(),
|
| - ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
|
| + crypto_.ImportKey(blink::WebCryptoKeyFormatRaw,
|
| key_raw,
|
| - webcrypto::CreateAesCbcAlgorithm(iv),
|
| + CreateAesCbcAlgorithm(iv),
|
| true,
|
| blink::WebCryptoKeyUsageEncrypt,
|
| &key));
|
| }
|
|
|
| - // TODO(eroman): Enable for OpenSSL once implemented.
|
| -#if !defined(USE_OPENSSL)
|
| // Fail exporting the key in SPKI and PKCS#8 formats (not allowed for secret
|
| // keys).
|
| EXPECT_STATUS(Status::ErrorUnexpectedKeyType(),
|
| - ExportKeyInternal(blink::WebCryptoKeyFormatSpki, key, &output));
|
| + crypto_.ExportKey(blink::WebCryptoKeyFormatSpki, key, &output));
|
| EXPECT_STATUS(Status::ErrorUnsupported(),
|
| - ExportKeyInternal(blink::WebCryptoKeyFormatPkcs8, key, &output));
|
| -#endif
|
| + crypto_.ExportKey(blink::WebCryptoKeyFormatPkcs8, key, &output));
|
| }
|
|
|
| -TEST_F(WebCryptoImplTest, MAYBE(AesCbcSampleSets)) {
|
| +TEST_F(PlatformCryptoTest, MAYBE(AesCbcSampleSets)) {
|
| scoped_ptr<base::ListValue> tests;
|
| ASSERT_TRUE(ReadJsonTestFileToList("aes_cbc.json", &tests));
|
|
|
| @@ -830,34 +671,34 @@ TEST_F(WebCryptoImplTest, MAYBE(AesCbcSampleSets)) {
|
|
|
| blink::WebCryptoKey key = ImportSecretKeyFromRaw(
|
| test_key,
|
| - webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
|
| blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt);
|
|
|
| // Verify exported raw key is identical to the imported data
|
| blink::WebArrayBuffer raw_key;
|
| - EXPECT_STATUS_SUCCESS(ExportKeyInternal(
|
| + EXPECT_STATUS_SUCCESS(crypto_.ExportKey(
|
| blink::WebCryptoKeyFormatRaw, key, &raw_key));
|
| - ExpectArrayBufferMatches(test_key, raw_key);
|
| + ExpectCryptoDataMatches(test_key, raw_key);
|
|
|
| blink::WebArrayBuffer output;
|
|
|
| // Test encryption.
|
| EXPECT_STATUS(
|
| Status::Success(),
|
| - EncryptInternal(webcrypto::CreateAesCbcAlgorithm(test_iv),
|
| + crypto_.Encrypt(CreateAesCbcAlgorithm(test_iv),
|
| key,
|
| test_plain_text,
|
| &output));
|
| - ExpectArrayBufferMatches(test_cipher_text, output);
|
| + ExpectCryptoDataMatches(test_cipher_text, output);
|
|
|
| // Test decryption.
|
| EXPECT_STATUS(
|
| Status::Success(),
|
| - DecryptInternal(webcrypto::CreateAesCbcAlgorithm(test_iv),
|
| + crypto_.Decrypt(CreateAesCbcAlgorithm(test_iv),
|
| key,
|
| test_cipher_text,
|
| &output));
|
| - ExpectArrayBufferMatches(test_plain_text, output);
|
| + ExpectCryptoDataMatches(test_plain_text, output);
|
|
|
| const unsigned int kAesCbcBlockSize = 16;
|
|
|
| @@ -866,11 +707,12 @@ TEST_F(WebCryptoImplTest, MAYBE(AesCbcSampleSets)) {
|
| if (test_cipher_text.size() >= kAesCbcBlockSize) {
|
| EXPECT_STATUS(
|
| Status::Error(),
|
| - DecryptInternal(webcrypto::CreateAesCbcAlgorithm(test_iv),
|
| + crypto_.Decrypt(CreateAesCbcAlgorithm(test_iv),
|
| key,
|
| - &test_cipher_text[0],
|
| - test_cipher_text.size() - kAesCbcBlockSize,
|
| - &output));
|
| + CryptoData(
|
| + &test_cipher_text[0],
|
| + test_cipher_text.size() - kAesCbcBlockSize),
|
| + &output));
|
| }
|
|
|
| // Decrypt cipher text which is not a multiple of block size by stripping
|
| @@ -878,16 +720,16 @@ TEST_F(WebCryptoImplTest, MAYBE(AesCbcSampleSets)) {
|
| if (test_cipher_text.size() > 3) {
|
| EXPECT_STATUS(
|
| Status::Error(),
|
| - DecryptInternal(webcrypto::CreateAesCbcAlgorithm(test_iv),
|
| + crypto_.Decrypt(CreateAesCbcAlgorithm(test_iv),
|
| key,
|
| - &test_cipher_text[0],
|
| - test_cipher_text.size() - 3,
|
| + CryptoData(&test_cipher_text[0],
|
| + test_cipher_text.size() - 3),
|
| &output));
|
| }
|
| }
|
| }
|
|
|
| -TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyAes)) {
|
| +TEST_F(PlatformCryptoTest, MAYBE(GenerateKeyAes)) {
|
| // Check key generation for each of AES-CBC, AES-GCM, and AES-KW, and for each
|
| // allowed key length.
|
| std::vector<blink::WebCryptoAlgorithm> algorithm;
|
| @@ -905,11 +747,12 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyAes)) {
|
| // Generate a small sample of keys.
|
| keys.clear();
|
| for (int j = 0; j < 16; ++j) {
|
| - ASSERT_STATUS_SUCCESS(GenerateKeyInternal(algorithm[i], &key));
|
| + ASSERT_STATUS_SUCCESS(crypto_.GenerateSecretKey(
|
| + algorithm[i], true, 0, &key));
|
| EXPECT_TRUE(key.handle());
|
| EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type());
|
| ASSERT_STATUS_SUCCESS(
|
| - ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &key_bytes));
|
| + crypto_.ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_bytes));
|
| keys.push_back(key_bytes);
|
| }
|
| // Ensure all entries in the key sample set are unique. This is a simplistic
|
| @@ -918,29 +761,29 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyAes)) {
|
| }
|
| }
|
|
|
| -TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyAesBadLength)) {
|
| +TEST_F(PlatformCryptoTest, MAYBE(GenerateKeyAesBadLength)) {
|
| const unsigned short kKeyLen[] = {0, 127, 257};
|
| blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
|
| for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLen); ++i) {
|
| SCOPED_TRACE(i);
|
| - EXPECT_STATUS(Status::ErrorGenerateKeyLength(), GenerateKeyInternal(
|
| - CreateAesCbcKeyGenAlgorithm(kKeyLen[i]), &key));
|
| - EXPECT_STATUS(Status::ErrorGenerateKeyLength(), GenerateKeyInternal(
|
| - CreateAesGcmKeyGenAlgorithm(kKeyLen[i]), &key));
|
| - EXPECT_STATUS(Status::ErrorGenerateKeyLength(), GenerateKeyInternal(
|
| - CreateAesKwKeyGenAlgorithm(kKeyLen[i]), &key));
|
| + EXPECT_STATUS(Status::ErrorGenerateKeyLength(), crypto_.GenerateSecretKey(
|
| + CreateAesCbcKeyGenAlgorithm(kKeyLen[i]), true, 0, &key));
|
| + EXPECT_STATUS(Status::ErrorGenerateKeyLength(), crypto_.GenerateSecretKey(
|
| + CreateAesGcmKeyGenAlgorithm(kKeyLen[i]), true, 0, &key));
|
| + EXPECT_STATUS(Status::ErrorGenerateKeyLength(), crypto_.GenerateSecretKey(
|
| + CreateAesKwKeyGenAlgorithm(kKeyLen[i]), true, 0, &key));
|
| }
|
| }
|
|
|
| -TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyHmac)) {
|
| +TEST_F(PlatformCryptoTest, MAYBE(GenerateKeyHmac)) {
|
| // Generate a small sample of HMAC keys.
|
| std::vector<blink::WebArrayBuffer> keys;
|
| for (int i = 0; i < 16; ++i) {
|
| blink::WebArrayBuffer key_bytes;
|
| blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
|
| - blink::WebCryptoAlgorithm algorithm = webcrypto::CreateHmacKeyGenAlgorithm(
|
| + blink::WebCryptoAlgorithm algorithm = CreateHmacKeyGenAlgorithm(
|
| blink::WebCryptoAlgorithmIdSha1, 64);
|
| - ASSERT_STATUS_SUCCESS(GenerateKeyInternal(algorithm, &key));
|
| + ASSERT_STATUS_SUCCESS(crypto_.GenerateSecretKey(algorithm, true, 0, &key));
|
| EXPECT_FALSE(key.isNull());
|
| EXPECT_TRUE(key.handle());
|
| EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type());
|
| @@ -948,7 +791,7 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyHmac)) {
|
|
|
| blink::WebArrayBuffer raw_key;
|
| ASSERT_STATUS_SUCCESS(
|
| - ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key));
|
| + crypto_.ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key));
|
| EXPECT_EQ(64U, raw_key.byteLength());
|
| keys.push_back(raw_key);
|
| }
|
| @@ -958,32 +801,32 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyHmac)) {
|
| }
|
|
|
| // If the key length is not provided, then the block size is used.
|
| -TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyHmacNoLength)) {
|
| +TEST_F(PlatformCryptoTest, MAYBE(GenerateKeyHmacNoLength)) {
|
| blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
|
| blink::WebCryptoAlgorithm algorithm =
|
| - webcrypto::CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 0);
|
| - ASSERT_STATUS_SUCCESS(GenerateKeyInternal(algorithm, &key));
|
| + CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 0);
|
| + ASSERT_STATUS_SUCCESS(crypto_.GenerateSecretKey(algorithm, true, 0, &key));
|
| EXPECT_TRUE(key.handle());
|
| EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type());
|
| blink::WebArrayBuffer raw_key;
|
| ASSERT_STATUS_SUCCESS(
|
| - ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key));
|
| + crypto_.ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key));
|
| EXPECT_EQ(64U, raw_key.byteLength());
|
|
|
| // The block size for HMAC SHA-512 is larger.
|
| - algorithm = webcrypto::CreateHmacKeyGenAlgorithm(
|
| + algorithm = CreateHmacKeyGenAlgorithm(
|
| blink::WebCryptoAlgorithmIdSha512, 0);
|
| - ASSERT_STATUS_SUCCESS(GenerateKeyInternal(algorithm, &key));
|
| + ASSERT_STATUS_SUCCESS(crypto_.GenerateSecretKey(algorithm, true, 0, &key));
|
| ASSERT_STATUS_SUCCESS(
|
| - ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &raw_key));
|
| + crypto_.ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key));
|
| EXPECT_EQ(128U, raw_key.byteLength());
|
| }
|
|
|
| -TEST_F(WebCryptoImplTest, MAYBE(ImportSecretKeyNoAlgorithm)) {
|
| +TEST_F(PlatformCryptoTest, MAYBE(ImportSecretKeyNoAlgorithm)) {
|
| blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
|
|
|
| // This fails because the algorithm is null.
|
| - EXPECT_STATUS(Status::ErrorMissingAlgorithmImportRawKey(), ImportKeyInternal(
|
| + EXPECT_STATUS(Status::ErrorMissingAlgorithmImportRawKey(), crypto_.ImportKey(
|
| blink::WebCryptoKeyFormatRaw,
|
| HexStringToBytes("00000000000000000000"),
|
| blink::WebCryptoAlgorithm::createNull(),
|
| @@ -992,12 +835,11 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportSecretKeyNoAlgorithm)) {
|
| &key));
|
| }
|
|
|
| -
|
| -TEST_F(WebCryptoImplTest, ImportJwkFailures) {
|
| +TEST_F(PlatformCryptoTest, ImportJwkFailures) {
|
|
|
| blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
|
| blink::WebCryptoAlgorithm algorithm =
|
| - webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc);
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc);
|
| blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt;
|
|
|
| // Baseline pass: each test below breaks a single item, so we start with a
|
| @@ -1006,11 +848,11 @@ TEST_F(WebCryptoImplTest, ImportJwkFailures) {
|
| // complete.
|
| base::DictionaryValue dict;
|
| RestoreJwkOctDictionary(&dict);
|
| - EXPECT_STATUS_SUCCESS(ImportKeyJwk(
|
| + EXPECT_STATUS_SUCCESS(crypto_.ImportKeyJwk(
|
| MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
|
|
| // Fail on empty JSON.
|
| - EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), ImportKeyJwk(
|
| + EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), crypto_.ImportKeyJwk(
|
| MakeJsonVector(""), algorithm, false, usage_mask, &key));
|
|
|
| // Fail on invalid JSON.
|
| @@ -1021,11 +863,11 @@ TEST_F(WebCryptoImplTest, ImportJwkFailures) {
|
| "\"use\" : "
|
| );
|
| EXPECT_STATUS(Status::ErrorJwkNotDictionary(),
|
| - ImportKeyJwk(bad_json_vec, algorithm, false, usage_mask, &key));
|
| + crypto_.ImportKeyJwk(bad_json_vec, algorithm, false, usage_mask, &key));
|
|
|
| // Fail on JWK alg present but unrecognized.
|
| dict.SetString("alg", "A127CBC");
|
| - EXPECT_STATUS(Status::ErrorJwkUnrecognizedAlgorithm(), ImportKeyJwk(
|
| + EXPECT_STATUS(Status::ErrorJwkUnrecognizedAlgorithm(), crypto_.ImportKeyJwk(
|
| MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| RestoreJwkOctDictionary(&dict);
|
|
|
| @@ -1033,16 +875,16 @@ TEST_F(WebCryptoImplTest, ImportJwkFailures) {
|
| dict.Remove("alg", NULL);
|
| EXPECT_STATUS(
|
| Status::ErrorJwkAlgorithmMissing(),
|
| - ImportKeyJwk(MakeJsonVector(dict),
|
| - blink::WebCryptoAlgorithm::createNull(),
|
| - false,
|
| - usage_mask,
|
| - &key));
|
| + crypto_.ImportKeyJwk(MakeJsonVector(dict),
|
| + blink::WebCryptoAlgorithm::createNull(),
|
| + false,
|
| + usage_mask,
|
| + &key));
|
| RestoreJwkOctDictionary(&dict);
|
|
|
| // Fail on invalid kty.
|
| dict.SetString("kty", "foo");
|
| - EXPECT_STATUS(Status::ErrorJwkUnrecognizedKty(), ImportKeyJwk(
|
| + EXPECT_STATUS(Status::ErrorJwkUnrecognizedKty(), crypto_.ImportKeyJwk(
|
| MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| RestoreJwkOctDictionary(&dict);
|
|
|
| @@ -1050,19 +892,21 @@ TEST_F(WebCryptoImplTest, ImportJwkFailures) {
|
| dict.Remove("kty", NULL);
|
| EXPECT_STATUS(
|
| Status::ErrorJwkPropertyMissing("kty"),
|
| - ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| + crypto_.ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask,
|
| + &key));
|
| RestoreJwkOctDictionary(&dict);
|
|
|
| // Fail on kty wrong type.
|
| dict.SetDouble("kty", 0.1);
|
| EXPECT_STATUS(
|
| Status::ErrorJwkPropertyWrongType("kty", "string"),
|
| - ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| + crypto_.ImportKeyJwk(
|
| + MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| RestoreJwkOctDictionary(&dict);
|
|
|
| // Fail on invalid use.
|
| dict.SetString("use", "foo");
|
| - EXPECT_STATUS(Status::ErrorJwkUnrecognizedUsage(), ImportKeyJwk(
|
| + EXPECT_STATUS(Status::ErrorJwkUnrecognizedUsage(), crypto_.ImportKeyJwk(
|
| MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| RestoreJwkOctDictionary(&dict);
|
|
|
| @@ -1070,28 +914,30 @@ TEST_F(WebCryptoImplTest, ImportJwkFailures) {
|
| dict.SetBoolean("use", true);
|
| EXPECT_STATUS(
|
| Status::ErrorJwkPropertyWrongType("use", "string"),
|
| - ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| + crypto_.ImportKeyJwk(
|
| + MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| RestoreJwkOctDictionary(&dict);
|
|
|
| // Fail on invalid extractable (wrong type).
|
| dict.SetInteger("extractable", 0);
|
| EXPECT_STATUS(
|
| Status::ErrorJwkPropertyWrongType("extractable", "boolean"),
|
| - ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| + crypto_.ImportKeyJwk(
|
| + MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| RestoreJwkOctDictionary(&dict);
|
| }
|
|
|
| -TEST_F(WebCryptoImplTest, ImportJwkOctFailures) {
|
| +TEST_F(PlatformCryptoTest, ImportJwkOctFailures) {
|
|
|
| base::DictionaryValue dict;
|
| RestoreJwkOctDictionary(&dict);
|
| blink::WebCryptoAlgorithm algorithm =
|
| - webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc);
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc);
|
| blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt;
|
| blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
|
|
|
| // Baseline pass.
|
| - EXPECT_STATUS_SUCCESS(ImportKeyJwk(
|
| + EXPECT_STATUS_SUCCESS(crypto_.ImportKeyJwk(
|
| MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| EXPECT_EQ(algorithm.id(), key.algorithm().id());
|
| EXPECT_FALSE(key.extractable());
|
| @@ -1104,43 +950,45 @@ TEST_F(WebCryptoImplTest, ImportJwkOctFailures) {
|
| dict.Remove("k", NULL);
|
| EXPECT_STATUS(
|
| Status::ErrorJwkPropertyMissing("k"),
|
| - ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| + crypto_.ImportKeyJwk(
|
| + MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| RestoreJwkOctDictionary(&dict);
|
|
|
| // Fail on bad b64 encoding for k.
|
| dict.SetString("k", "Qk3f0DsytU8lfza2au #$% Htaw2xpop9GYyTuH0p5GghxTI=");
|
| EXPECT_STATUS(
|
| Status::ErrorJwkBase64Decode("k"),
|
| - ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| + crypto_.ImportKeyJwk(
|
| + MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| RestoreJwkOctDictionary(&dict);
|
|
|
| // Fail on empty k.
|
| dict.SetString("k", "");
|
| - EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), ImportKeyJwk(
|
| + EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), crypto_.ImportKeyJwk(
|
| MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| RestoreJwkOctDictionary(&dict);
|
|
|
| // Fail on k actual length (120 bits) inconsistent with the embedded JWK alg
|
| // value (128) for an AES key.
|
| dict.SetString("k", "AVj42h0Y5aqGtE3yluKL");
|
| - EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), ImportKeyJwk(
|
| + EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), crypto_.ImportKeyJwk(
|
| MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| RestoreJwkOctDictionary(&dict);
|
|
|
| // Fail on k actual length (192 bits) inconsistent with the embedded JWK alg
|
| // value (128) for an AES key.
|
| dict.SetString("k", "dGhpcyAgaXMgIDI0ICBieXRlcyBsb25n");
|
| - EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), ImportKeyJwk(
|
| + EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), crypto_.ImportKeyJwk(
|
| MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| RestoreJwkOctDictionary(&dict);
|
| }
|
|
|
| -TEST_F(WebCryptoImplTest, MAYBE(ImportJwkRsaFailures)) {
|
| +TEST_F(PlatformCryptoTest, MAYBE(ImportJwkRsaFailures)) {
|
|
|
| base::DictionaryValue dict;
|
| RestoreJwkRsaDictionary(&dict);
|
| blink::WebCryptoAlgorithm algorithm =
|
| - webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5);
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5);
|
| blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt;
|
| blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
|
|
|
| @@ -1151,7 +999,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkRsaFailures)) {
|
| // section 6.3.
|
|
|
| // Baseline pass.
|
| - EXPECT_STATUS_SUCCESS(ImportKeyJwk(
|
| + EXPECT_STATUS_SUCCESS(crypto_.ImportKeyJwk(
|
| MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| EXPECT_EQ(algorithm.id(), key.algorithm().id());
|
| EXPECT_FALSE(key.extractable());
|
| @@ -1166,19 +1014,19 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkRsaFailures)) {
|
|
|
| // Fail on missing parameter.
|
| dict.Remove(kKtyParmName[idx], NULL);
|
| - EXPECT_STATUS_ERROR(ImportKeyJwk(
|
| + EXPECT_STATUS_ERROR(crypto_.ImportKeyJwk(
|
| MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| RestoreJwkRsaDictionary(&dict);
|
|
|
| // Fail on bad b64 parameter encoding.
|
| dict.SetString(kKtyParmName[idx], "Qk3f0DsytU8lfza2au #$% Htaw2xpop9yTuH0");
|
| - EXPECT_STATUS_ERROR(ImportKeyJwk(
|
| + EXPECT_STATUS_ERROR(crypto_.ImportKeyJwk(
|
| MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| RestoreJwkRsaDictionary(&dict);
|
|
|
| // Fail on empty parameter.
|
| dict.SetString(kKtyParmName[idx], "");
|
| - EXPECT_STATUS_ERROR(ImportKeyJwk(
|
| + EXPECT_STATUS_ERROR(crypto_.ImportKeyJwk(
|
| MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| RestoreJwkRsaDictionary(&dict);
|
| }
|
| @@ -1186,12 +1034,16 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkRsaFailures)) {
|
| // Fail if "d" parameter is present, implying the JWK is a private key, which
|
| // is not supported.
|
| dict.SetString("d", "Qk3f0Dsyt");
|
| - EXPECT_STATUS(Status::ErrorJwkRsaPrivateKeyUnsupported(), ImportKeyJwk(
|
| - MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| + EXPECT_STATUS(Status::ErrorJwkRsaPrivateKeyUnsupported(),
|
| + crypto_.ImportKeyJwk(MakeJsonVector(dict),
|
| + algorithm,
|
| + false,
|
| + usage_mask,
|
| + &key));
|
| RestoreJwkRsaDictionary(&dict);
|
| }
|
|
|
| -TEST_F(WebCryptoImplTest, MAYBE(ImportJwkInputConsistency)) {
|
| +TEST_F(PlatformCryptoTest, MAYBE(ImportJwkInputConsistency)) {
|
| // The Web Crypto spec says that if a JWK value is present, but is
|
| // inconsistent with the input value, the operation must fail.
|
|
|
| @@ -1199,13 +1051,13 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkInputConsistency)) {
|
| blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
|
| bool extractable = false;
|
| blink::WebCryptoAlgorithm algorithm =
|
| - webcrypto::CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256);
|
| + CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256);
|
| blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageVerify;
|
| base::DictionaryValue dict;
|
| dict.SetString("kty", "oct");
|
| dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg");
|
| std::vector<uint8> json_vec = MakeJsonVector(dict);
|
| - EXPECT_STATUS_SUCCESS(ImportKeyJwk(
|
| + EXPECT_STATUS_SUCCESS(crypto_.ImportKeyJwk(
|
| json_vec, algorithm, extractable, usage_mask, &key));
|
| EXPECT_TRUE(key.handle());
|
| EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type());
|
| @@ -1227,7 +1079,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkInputConsistency)) {
|
| dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg");
|
| json_vec = MakeJsonVector(dict);
|
| EXPECT_STATUS_SUCCESS(
|
| - ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key));
|
| + crypto_.ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key));
|
|
|
| // Extractable cases:
|
| // 1. input=T, JWK=F ==> fail (inconsistent)
|
| @@ -1235,39 +1087,40 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkInputConsistency)) {
|
| // 2. input=T, JWK=T ==> pass, result extractable is T
|
| // 3. input=F, JWK=T ==> pass, result extractable is F
|
| EXPECT_STATUS(Status::ErrorJwkExtractableInconsistent(),
|
| - ImportKeyJwk(json_vec, algorithm, true, usage_mask, &key));
|
| + crypto_.ImportKeyJwk(json_vec, algorithm, true, usage_mask, &key));
|
| EXPECT_STATUS_SUCCESS(
|
| - ImportKeyJwk(json_vec, algorithm, false, usage_mask, &key));
|
| + crypto_.ImportKeyJwk(json_vec, algorithm, false, usage_mask, &key));
|
| EXPECT_FALSE(key.extractable());
|
| dict.SetBoolean("extractable", true);
|
| - EXPECT_STATUS_SUCCESS(
|
| - ImportKeyJwk(MakeJsonVector(dict), algorithm, true, usage_mask, &key));
|
| + EXPECT_STATUS_SUCCESS(crypto_.ImportKeyJwk(
|
| + MakeJsonVector(dict), algorithm, true, usage_mask, &key));
|
| EXPECT_TRUE(key.extractable());
|
| - EXPECT_STATUS_SUCCESS(
|
| - ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| + EXPECT_STATUS_SUCCESS(crypto_.ImportKeyJwk(
|
| + MakeJsonVector(dict), algorithm, false, usage_mask, &key));
|
| EXPECT_FALSE(key.extractable());
|
| dict.SetBoolean("extractable", true); // restore previous value
|
|
|
| // Fail: Input algorithm (AES-CBC) is inconsistent with JWK value
|
| // (HMAC SHA256).
|
| - EXPECT_STATUS(Status::ErrorJwkAlgorithmInconsistent(), ImportKeyJwk(
|
| + EXPECT_STATUS(Status::ErrorJwkAlgorithmInconsistent(), crypto_.ImportKeyJwk(
|
| json_vec,
|
| - webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
|
| extractable,
|
| usage_mask,
|
| &key));
|
|
|
| // Fail: Input algorithm (HMAC SHA1) is inconsistent with JWK value
|
| // (HMAC SHA256).
|
| - EXPECT_STATUS(Status::ErrorJwkAlgorithmInconsistent(), ImportKeyJwk(
|
| + EXPECT_STATUS(Status::ErrorJwkAlgorithmInconsistent(), crypto_.ImportKeyJwk(
|
| json_vec,
|
| - webcrypto::CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha1),
|
| + CreateHmacAlgorithmByHashId(
|
| + blink::WebCryptoAlgorithmIdSha1),
|
| extractable,
|
| usage_mask,
|
| &key));
|
|
|
| // Pass: JWK alg valid but input algorithm isNull: use JWK algorithm value.
|
| - EXPECT_STATUS_SUCCESS(ImportKeyJwk(json_vec,
|
| + EXPECT_STATUS_SUCCESS(crypto_.ImportKeyJwk(json_vec,
|
| blink::WebCryptoAlgorithm::createNull(),
|
| extractable,
|
| usage_mask,
|
| @@ -1276,9 +1129,9 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkInputConsistency)) {
|
|
|
| // Pass: JWK alg missing but input algorithm specified: use input value
|
| dict.Remove("alg", NULL);
|
| - EXPECT_STATUS_SUCCESS(ImportKeyJwk(
|
| + EXPECT_STATUS_SUCCESS(crypto_.ImportKeyJwk(
|
| MakeJsonVector(dict),
|
| - webcrypto::CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256),
|
| + CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256),
|
| extractable,
|
| usage_mask,
|
| &key));
|
| @@ -1287,7 +1140,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkInputConsistency)) {
|
|
|
| // Fail: Input usage_mask (encrypt) is not a subset of the JWK value
|
| // (sign|verify)
|
| - EXPECT_STATUS(Status::ErrorJwkUsageInconsistent(), ImportKeyJwk(
|
| + EXPECT_STATUS(Status::ErrorJwkUsageInconsistent(), crypto_.ImportKeyJwk(
|
| json_vec, algorithm, extractable, blink::WebCryptoKeyUsageEncrypt, &key));
|
|
|
| // Fail: Input usage_mask (encrypt|sign|verify) is not a subset of the JWK
|
| @@ -1296,7 +1149,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkInputConsistency)) {
|
| blink::WebCryptoKeyUsageVerify;
|
| EXPECT_STATUS(
|
| Status::ErrorJwkUsageInconsistent(),
|
| - ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key));
|
| + crypto_.ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key));
|
|
|
| // TODO(padolph): kty vs alg consistency tests: Depending on the kty value,
|
| // only certain alg values are permitted. For example, when kty = "RSA" alg
|
| @@ -1304,7 +1157,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkInputConsistency)) {
|
| // algorithm.
|
| }
|
|
|
| -TEST_F(WebCryptoImplTest, MAYBE(ImportJwkHappy)) {
|
| +TEST_F(PlatformCryptoTest, MAYBE(ImportJwkHappy)) {
|
|
|
| // This test verifies the happy path of JWK import, including the application
|
| // of the imported key material.
|
| @@ -1312,7 +1165,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkHappy)) {
|
| blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
|
| bool extractable = false;
|
| blink::WebCryptoAlgorithm algorithm =
|
| - webcrypto::CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256);
|
| + CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256);
|
| blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageSign;
|
|
|
| // Import a symmetric key JWK and HMAC-SHA256 sign()
|
| @@ -1326,7 +1179,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkHappy)) {
|
| dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg");
|
| std::vector<uint8> json_vec = MakeJsonVector(dict);
|
|
|
| - ASSERT_STATUS_SUCCESS(ImportKeyJwk(
|
| + ASSERT_STATUS_SUCCESS(crypto_.ImportKeyJwk(
|
| json_vec, algorithm, extractable, usage_mask, &key));
|
|
|
| const std::vector<uint8> message_raw = HexStringToBytes(
|
| @@ -1337,23 +1190,23 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportJwkHappy)) {
|
|
|
| blink::WebArrayBuffer output;
|
|
|
| - ASSERT_STATUS_SUCCESS(SignInternal(algorithm, key, message_raw, &output));
|
| + ASSERT_STATUS_SUCCESS(crypto_.Sign(algorithm, key, message_raw, &output));
|
|
|
| const std::string mac_raw =
|
| "769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b";
|
|
|
| - ExpectArrayBufferMatchesHex(mac_raw, output);
|
| + ExpectCryptoDataMatchesHex(mac_raw, output);
|
|
|
| // TODO(padolph): Import an RSA public key JWK and use it
|
| }
|
|
|
| -TEST_F(WebCryptoImplTest, MAYBE(ImportExportSpki)) {
|
| +TEST_F(PlatformCryptoTest, MAYBE(ImportExportSpki)) {
|
| // Passing case: Import a valid RSA key in SPKI format.
|
| blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
|
| - ASSERT_STATUS_SUCCESS(ImportKeyInternal(
|
| + ASSERT_STATUS_SUCCESS(crypto_.ImportKey(
|
| blink::WebCryptoKeyFormatSpki,
|
| HexStringToBytes(kPublicKeySpkiDerHex),
|
| - webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5),
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5),
|
| true,
|
| blink::WebCryptoKeyUsageEncrypt,
|
| &key));
|
| @@ -1363,9 +1216,9 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportExportSpki)) {
|
| EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages());
|
|
|
| // Failing case: Empty SPKI data
|
| - EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), ImportKeyInternal(
|
| + EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), crypto_.ImportKey(
|
| blink::WebCryptoKeyFormatSpki,
|
| - std::vector<uint8>(),
|
| + CryptoData(),
|
| blink::WebCryptoAlgorithm::createNull(),
|
| true,
|
| blink::WebCryptoKeyUsageEncrypt,
|
| @@ -1374,7 +1227,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportExportSpki)) {
|
| // Failing case: Import RSA key with NULL input algorithm. This is not
|
| // allowed because the SPKI ASN.1 format for RSA keys is not specific enough
|
| // to map to a Web Crypto algorithm.
|
| - EXPECT_STATUS(Status::Error(), ImportKeyInternal(
|
| + EXPECT_STATUS(Status::Error(), crypto_.ImportKey(
|
| blink::WebCryptoKeyFormatSpki,
|
| HexStringToBytes(kPublicKeySpkiDerHex),
|
| blink::WebCryptoAlgorithm::createNull(),
|
| @@ -1383,19 +1236,19 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportExportSpki)) {
|
| &key));
|
|
|
| // Failing case: Bad DER encoding.
|
| - EXPECT_STATUS(Status::Error(), ImportKeyInternal(
|
| + EXPECT_STATUS(Status::Error(), crypto_.ImportKey(
|
| blink::WebCryptoKeyFormatSpki,
|
| HexStringToBytes("618333c4cb"),
|
| - webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5),
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5),
|
| true,
|
| blink::WebCryptoKeyUsageEncrypt,
|
| &key));
|
|
|
| // Failing case: Import RSA key but provide an inconsistent input algorithm.
|
| - EXPECT_STATUS(Status::Error(), ImportKeyInternal(
|
| + EXPECT_STATUS(Status::Error(), crypto_.ImportKey(
|
| blink::WebCryptoKeyFormatSpki,
|
| HexStringToBytes(kPublicKeySpkiDerHex),
|
| - webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
|
| true,
|
| blink::WebCryptoKeyUsageEncrypt,
|
| &key));
|
| @@ -1404,35 +1257,35 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportExportSpki)) {
|
| // and compare to original data.
|
| blink::WebArrayBuffer output;
|
| ASSERT_STATUS_SUCCESS(
|
| - ExportKeyInternal(blink::WebCryptoKeyFormatSpki, key, &output));
|
| - ExpectArrayBufferMatchesHex(kPublicKeySpkiDerHex, output);
|
| + crypto_.ExportKey(blink::WebCryptoKeyFormatSpki, key, &output));
|
| + ExpectCryptoDataMatchesHex(kPublicKeySpkiDerHex, output);
|
|
|
| // Failing case: Try to export a previously imported RSA public key in raw
|
| // format (not allowed for a public key).
|
| EXPECT_STATUS(Status::ErrorUnexpectedKeyType(),
|
| - ExportKeyInternal(blink::WebCryptoKeyFormatRaw, key, &output));
|
| + crypto_.ExportKey(blink::WebCryptoKeyFormatRaw, key, &output));
|
|
|
| // Failing case: Try to export a non-extractable key
|
| - ASSERT_STATUS_SUCCESS(ImportKeyInternal(
|
| + ASSERT_STATUS_SUCCESS(crypto_.ImportKey(
|
| blink::WebCryptoKeyFormatSpki,
|
| HexStringToBytes(kPublicKeySpkiDerHex),
|
| - webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5),
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5),
|
| false,
|
| blink::WebCryptoKeyUsageEncrypt,
|
| &key));
|
| EXPECT_TRUE(key.handle());
|
| EXPECT_FALSE(key.extractable());
|
| EXPECT_STATUS(Status::ErrorKeyNotExtractable(),
|
| - ExportKeyInternal(blink::WebCryptoKeyFormatSpki, key, &output));
|
| + crypto_.ExportKey(blink::WebCryptoKeyFormatSpki, key, &output));
|
| }
|
|
|
| -TEST_F(WebCryptoImplTest, MAYBE(ImportPkcs8)) {
|
| +TEST_F(PlatformCryptoTest, MAYBE(ImportPkcs8)) {
|
| // Passing case: Import a valid RSA key in PKCS#8 format.
|
| blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
|
| - ASSERT_STATUS_SUCCESS(ImportKeyInternal(
|
| + ASSERT_STATUS_SUCCESS(crypto_.ImportKey(
|
| blink::WebCryptoKeyFormatPkcs8,
|
| HexStringToBytes(kPrivateKeyPkcs8DerHex),
|
| - webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5),
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5),
|
| true,
|
| blink::WebCryptoKeyUsageSign,
|
| &key));
|
| @@ -1442,7 +1295,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportPkcs8)) {
|
| EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages());
|
|
|
| // Failing case: Empty PKCS#8 data
|
| - EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), ImportKeyInternal(
|
| + EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), crypto_.ImportKey(
|
| blink::WebCryptoKeyFormatPkcs8,
|
| std::vector<uint8>(),
|
| blink::WebCryptoAlgorithm::createNull(),
|
| @@ -1453,7 +1306,7 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportPkcs8)) {
|
| // Failing case: Import RSA key with NULL input algorithm. This is not
|
| // allowed because the PKCS#8 ASN.1 format for RSA keys is not specific enough
|
| // to map to a Web Crypto algorithm.
|
| - EXPECT_STATUS(Status::Error(), ImportKeyInternal(
|
| + EXPECT_STATUS(Status::Error(), crypto_.ImportKey(
|
| blink::WebCryptoKeyFormatPkcs8,
|
| HexStringToBytes(kPrivateKeyPkcs8DerHex),
|
| blink::WebCryptoAlgorithm::createNull(),
|
| @@ -1462,31 +1315,31 @@ TEST_F(WebCryptoImplTest, MAYBE(ImportPkcs8)) {
|
| &key));
|
|
|
| // Failing case: Bad DER encoding.
|
| - EXPECT_STATUS(Status::Error(), ImportKeyInternal(
|
| + EXPECT_STATUS(Status::Error(), crypto_.ImportKey(
|
| blink::WebCryptoKeyFormatPkcs8,
|
| HexStringToBytes("618333c4cb"),
|
| - webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5),
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5),
|
| true,
|
| blink::WebCryptoKeyUsageSign,
|
| &key));
|
|
|
| // Failing case: Import RSA key but provide an inconsistent input algorithm.
|
| - EXPECT_STATUS(Status::Error(), ImportKeyInternal(
|
| + EXPECT_STATUS(Status::Error(), crypto_.ImportKey(
|
| blink::WebCryptoKeyFormatPkcs8,
|
| HexStringToBytes(kPrivateKeyPkcs8DerHex),
|
| - webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
|
| true,
|
| blink::WebCryptoKeyUsageSign,
|
| &key));
|
| }
|
|
|
| -TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) {
|
| +TEST_F(PlatformCryptoTest, MAYBE(GenerateKeyPairRsa)) {
|
| // Note: using unrealistic short key lengths here to avoid bogging down tests.
|
|
|
| // Successful WebCryptoAlgorithmIdRsaEsPkcs1v1_5 key generation.
|
| const unsigned int modulus_length = 256;
|
| const std::vector<uint8> public_exponent = HexStringToBytes("010001");
|
| - blink::WebCryptoAlgorithm algorithm = webcrypto::CreateRsaKeyGenAlgorithm(
|
| + blink::WebCryptoAlgorithm algorithm = CreateRsaKeyGenAlgorithm(
|
| blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5,
|
| modulus_length,
|
| public_exponent);
|
| @@ -1494,7 +1347,7 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) {
|
| const blink::WebCryptoKeyUsageMask usage_mask = 0;
|
| blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull();
|
| blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull();
|
| - EXPECT_STATUS_SUCCESS(GenerateKeyPairInternal(
|
| + EXPECT_STATUS_SUCCESS(crypto_.GenerateKeyPair(
|
| algorithm, extractable, usage_mask, &public_key, &private_key));
|
| EXPECT_FALSE(public_key.isNull());
|
| EXPECT_FALSE(private_key.isNull());
|
| @@ -1506,51 +1359,51 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) {
|
| EXPECT_EQ(usage_mask, private_key.usages());
|
|
|
| // Fail with bad modulus.
|
| - algorithm = webcrypto::CreateRsaKeyGenAlgorithm(
|
| + algorithm = CreateRsaKeyGenAlgorithm(
|
| blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, 0, public_exponent);
|
| - EXPECT_STATUS(Status::ErrorGenerateRsaZeroModulus(), GenerateKeyPairInternal(
|
| + EXPECT_STATUS(Status::ErrorGenerateRsaZeroModulus(), crypto_.GenerateKeyPair(
|
| algorithm, extractable, usage_mask, &public_key, &private_key));
|
|
|
| // Fail with bad exponent: larger than unsigned long.
|
| unsigned int exponent_length = sizeof(unsigned long) + 1; // NOLINT
|
| const std::vector<uint8> long_exponent(exponent_length, 0x01);
|
| - algorithm = webcrypto::CreateRsaKeyGenAlgorithm(
|
| + algorithm = CreateRsaKeyGenAlgorithm(
|
| blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5,
|
| modulus_length,
|
| long_exponent);
|
| EXPECT_STATUS(Status::ErrorGenerateKeyPublicExponent(),
|
| - GenerateKeyPairInternal(algorithm, extractable, usage_mask, &public_key,
|
| + crypto_.GenerateKeyPair(algorithm, extractable, usage_mask, &public_key,
|
| &private_key));
|
|
|
| // Fail with bad exponent: empty.
|
| const std::vector<uint8> empty_exponent;
|
| - algorithm = webcrypto::CreateRsaKeyGenAlgorithm(
|
| + algorithm = CreateRsaKeyGenAlgorithm(
|
| blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5,
|
| modulus_length,
|
| empty_exponent);
|
| EXPECT_STATUS(Status::ErrorGenerateKeyPublicExponent(),
|
| - GenerateKeyPairInternal(algorithm, extractable, usage_mask, &public_key,
|
| + crypto_.GenerateKeyPair(algorithm, extractable, usage_mask, &public_key,
|
| &private_key));
|
|
|
| // Fail with bad exponent: all zeros.
|
| std::vector<uint8> exponent_with_leading_zeros(15, 0x00);
|
| - algorithm = webcrypto::CreateRsaKeyGenAlgorithm(
|
| + algorithm = CreateRsaKeyGenAlgorithm(
|
| blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5,
|
| modulus_length,
|
| exponent_with_leading_zeros);
|
| EXPECT_STATUS(Status::ErrorGenerateKeyPublicExponent(),
|
| - GenerateKeyPairInternal(algorithm, extractable, usage_mask, &public_key,
|
| + crypto_.GenerateKeyPair(algorithm, extractable, usage_mask, &public_key,
|
| &private_key));
|
|
|
| // Key generation success using exponent with leading zeros.
|
| exponent_with_leading_zeros.insert(exponent_with_leading_zeros.end(),
|
| public_exponent.begin(),
|
| public_exponent.end());
|
| - algorithm = webcrypto::CreateRsaKeyGenAlgorithm(
|
| + algorithm = CreateRsaKeyGenAlgorithm(
|
| blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5,
|
| modulus_length,
|
| exponent_with_leading_zeros);
|
| - EXPECT_STATUS_SUCCESS(GenerateKeyPairInternal(
|
| + EXPECT_STATUS_SUCCESS(crypto_.GenerateKeyPair(
|
| algorithm, extractable, usage_mask, &public_key, &private_key));
|
| EXPECT_FALSE(public_key.isNull());
|
| EXPECT_FALSE(private_key.isNull());
|
| @@ -1562,9 +1415,9 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) {
|
| EXPECT_EQ(usage_mask, private_key.usages());
|
|
|
| // Successful WebCryptoAlgorithmIdRsaOaep key generation.
|
| - algorithm = webcrypto::CreateRsaKeyGenAlgorithm(
|
| + algorithm = CreateRsaKeyGenAlgorithm(
|
| blink::WebCryptoAlgorithmIdRsaOaep, modulus_length, public_exponent);
|
| - EXPECT_STATUS_SUCCESS(GenerateKeyPairInternal(
|
| + EXPECT_STATUS_SUCCESS(crypto_.GenerateKeyPair(
|
| algorithm, extractable, usage_mask, &public_key, &private_key));
|
| EXPECT_FALSE(public_key.isNull());
|
| EXPECT_FALSE(private_key.isNull());
|
| @@ -1576,11 +1429,11 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) {
|
| EXPECT_EQ(usage_mask, private_key.usages());
|
|
|
| // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation.
|
| - algorithm = webcrypto::CreateRsaKeyGenAlgorithm(
|
| + algorithm = CreateRsaKeyGenAlgorithm(
|
| blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5,
|
| modulus_length,
|
| public_exponent);
|
| - EXPECT_STATUS_SUCCESS(GenerateKeyPairInternal(
|
| + EXPECT_STATUS_SUCCESS(crypto_.GenerateKeyPair(
|
| algorithm, false, usage_mask, &public_key, &private_key));
|
| EXPECT_FALSE(public_key.isNull());
|
| EXPECT_FALSE(private_key.isNull());
|
| @@ -1596,21 +1449,21 @@ TEST_F(WebCryptoImplTest, MAYBE(GenerateKeyPairRsa)) {
|
| // Exporting a private key as SPKI format doesn't make sense. However this
|
| // will first fail because the key is not extractable.
|
| blink::WebArrayBuffer output;
|
| - EXPECT_STATUS(Status::ErrorKeyNotExtractable(), ExportKeyInternal(
|
| + EXPECT_STATUS(Status::ErrorKeyNotExtractable(), crypto_.ExportKey(
|
| blink::WebCryptoKeyFormatSpki, private_key, &output));
|
|
|
| // Re-generate an extractable private_key and try to export it as SPKI format.
|
| // This should fail since spki is for public keys.
|
| - EXPECT_STATUS_SUCCESS(GenerateKeyPairInternal(
|
| + EXPECT_STATUS_SUCCESS(crypto_.GenerateKeyPair(
|
| algorithm, true, usage_mask, &public_key, &private_key));
|
| - EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), ExportKeyInternal(
|
| + EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), crypto_.ExportKey(
|
| blink::WebCryptoKeyFormatSpki, private_key, &output));
|
| }
|
|
|
| -TEST_F(WebCryptoImplTest, MAYBE(RsaEsRoundTrip)) {
|
| +TEST_F(PlatformCryptoTest, MAYBE(RsaEsRoundTrip)) {
|
| // Import a key pair.
|
| blink::WebCryptoAlgorithm algorithm =
|
| - webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5);
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5);
|
| blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull();
|
| blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull();
|
| ImportRsaKeyPair(
|
| @@ -1644,23 +1497,22 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaEsRoundTrip)) {
|
| blink::WebArrayBuffer decrypted_data;
|
| for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTestDataHex); ++i) {
|
| SCOPED_TRACE(i);
|
| - EXPECT_STATUS_SUCCESS(EncryptInternal(
|
| + EXPECT_STATUS_SUCCESS(crypto_.Encrypt(
|
| algorithm,
|
| public_key,
|
| HexStringToBytes(kTestDataHex[i]),
|
| &encrypted_data));
|
| EXPECT_EQ(kModulusLength / 8, encrypted_data.byteLength());
|
| - ASSERT_STATUS_SUCCESS(DecryptInternal(
|
| + ASSERT_STATUS_SUCCESS(crypto_.Decrypt(
|
| algorithm,
|
| private_key,
|
| - reinterpret_cast<const unsigned char*>(encrypted_data.data()),
|
| - encrypted_data.byteLength(),
|
| + encrypted_data,
|
| &decrypted_data));
|
| - ExpectArrayBufferMatchesHex(kTestDataHex[i], decrypted_data);
|
| + ExpectCryptoDataMatchesHex(kTestDataHex[i], decrypted_data);
|
| }
|
| }
|
|
|
| -TEST_F(WebCryptoImplTest, MAYBE(RsaEsKnownAnswer)) {
|
| +TEST_F(PlatformCryptoTest, MAYBE(RsaEsKnownAnswer)) {
|
| scoped_ptr<base::Value> json;
|
| ASSERT_TRUE(ReadJsonTestFile("rsa_es.json", &json));
|
| base::DictionaryValue* test = NULL;
|
| @@ -1684,7 +1536,7 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaEsKnownAnswer)) {
|
|
|
| // Import the key pair.
|
| blink::WebCryptoAlgorithm algorithm =
|
| - webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5);
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5);
|
| blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull();
|
| blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull();
|
| ImportRsaKeyPair(
|
| @@ -1699,41 +1551,39 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaEsKnownAnswer)) {
|
| // Decrypt the known-good ciphertext with the private key. As a check we must
|
| // get the known original cleartext.
|
| blink::WebArrayBuffer decrypted_data;
|
| - ASSERT_STATUS_SUCCESS(DecryptInternal(
|
| + ASSERT_STATUS_SUCCESS(crypto_.Decrypt(
|
| algorithm,
|
| private_key,
|
| ciphertext,
|
| &decrypted_data));
|
| EXPECT_FALSE(decrypted_data.isNull());
|
| - ExpectArrayBufferMatches(cleartext, decrypted_data);
|
| + ExpectCryptoDataMatches(cleartext, decrypted_data);
|
|
|
| // Encrypt this decrypted data with the public key.
|
| blink::WebArrayBuffer encrypted_data;
|
| - ASSERT_STATUS_SUCCESS(EncryptInternal(
|
| + ASSERT_STATUS_SUCCESS(crypto_.Encrypt(
|
| algorithm,
|
| public_key,
|
| - reinterpret_cast<const unsigned char*>(decrypted_data.data()),
|
| - decrypted_data.byteLength(),
|
| + decrypted_data,
|
| &encrypted_data));
|
| EXPECT_EQ(128u, encrypted_data.byteLength());
|
|
|
| // Finally, decrypt the newly encrypted result with the private key, and
|
| // compare to the known original cleartext.
|
| decrypted_data.reset();
|
| - ASSERT_STATUS_SUCCESS(DecryptInternal(
|
| + ASSERT_STATUS_SUCCESS(crypto_.Decrypt(
|
| algorithm,
|
| private_key,
|
| - reinterpret_cast<const unsigned char*>(encrypted_data.data()),
|
| - encrypted_data.byteLength(),
|
| + encrypted_data,
|
| &decrypted_data));
|
| EXPECT_FALSE(decrypted_data.isNull());
|
| - ExpectArrayBufferMatches(cleartext, decrypted_data);
|
| + ExpectCryptoDataMatches(cleartext, decrypted_data);
|
| }
|
|
|
| -TEST_F(WebCryptoImplTest, MAYBE(RsaEsFailures)) {
|
| +TEST_F(PlatformCryptoTest, MAYBE(RsaEsFailures)) {
|
| // Import a key pair.
|
| blink::WebCryptoAlgorithm algorithm =
|
| - webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5);
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5);
|
| blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull();
|
| blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull();
|
| ImportRsaKeyPair(
|
| @@ -1750,10 +1600,10 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaEsFailures)) {
|
| const std::string message_hex_str("0102030405060708090a0b0c0d0e0f");
|
| const std::vector<uint8> message_hex(HexStringToBytes(message_hex_str));
|
| EXPECT_STATUS(Status::ErrorUnexpectedKeyType(),
|
| - EncryptInternal(algorithm, private_key, message_hex, &encrypted_data));
|
| + crypto_.Encrypt(algorithm, private_key, message_hex, &encrypted_data));
|
|
|
| // Fail encrypt with empty message.
|
| - EXPECT_STATUS(Status::Error(), EncryptInternal(
|
| + EXPECT_STATUS(Status::Error(), crypto_.Encrypt(
|
| algorithm, public_key, std::vector<uint8>(), &encrypted_data));
|
|
|
| // Fail encrypt with message too large. RSAES can operate on messages up to
|
| @@ -1761,22 +1611,21 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaEsFailures)) {
|
| const unsigned int kMaxMsgSizeBytes = kModulusLength / 8 - 11;
|
| EXPECT_STATUS(
|
| Status::ErrorDataTooLarge(),
|
| - EncryptInternal(algorithm,
|
| + crypto_.Encrypt(algorithm,
|
| public_key,
|
| std::vector<uint8>(kMaxMsgSizeBytes + 1, '0'),
|
| &encrypted_data));
|
|
|
| // Generate encrypted data.
|
| EXPECT_STATUS(Status::Success(),
|
| - EncryptInternal(algorithm, public_key, message_hex, &encrypted_data));
|
| + crypto_.Encrypt(algorithm, public_key, message_hex, &encrypted_data));
|
|
|
| // Fail decrypt with a public key.
|
| blink::WebArrayBuffer decrypted_data;
|
| - EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), DecryptInternal(
|
| + EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), crypto_.Decrypt(
|
| algorithm,
|
| public_key,
|
| - reinterpret_cast<const unsigned char*>(encrypted_data.data()),
|
| - encrypted_data.byteLength(),
|
| + encrypted_data,
|
| &decrypted_data));
|
|
|
| // Corrupt encrypted data; ensure decrypt fails because padding was disrupted.
|
| @@ -1785,22 +1634,21 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaEsFailures)) {
|
| static_cast<uint8*>(encrypted_data.data()) + encrypted_data.byteLength());
|
| corrupted_data[corrupted_data.size() / 2] ^= 0x01;
|
| EXPECT_STATUS(Status::Error(),
|
| - DecryptInternal(algorithm, private_key, corrupted_data, &decrypted_data));
|
| + crypto_.Decrypt(algorithm, private_key, corrupted_data, &decrypted_data));
|
|
|
| // TODO(padolph): Are there other specific data corruption scenarios to
|
| // consider?
|
|
|
| // Do a successful decrypt with good data just for confirmation.
|
| - EXPECT_STATUS_SUCCESS(DecryptInternal(
|
| + EXPECT_STATUS_SUCCESS(crypto_.Decrypt(
|
| algorithm,
|
| private_key,
|
| - reinterpret_cast<const unsigned char*>(encrypted_data.data()),
|
| - encrypted_data.byteLength(),
|
| + encrypted_data,
|
| &decrypted_data));
|
| - ExpectArrayBufferMatchesHex(message_hex_str, decrypted_data);
|
| + ExpectCryptoDataMatchesHex(message_hex_str, decrypted_data);
|
| }
|
|
|
| -TEST_F(WebCryptoImplTest, MAYBE(RsaSsaSignVerifyFailures)) {
|
| +TEST_F(PlatformCryptoTest, MAYBE(RsaSsaSignVerifyFailures)) {
|
| // Import a key pair.
|
| blink::WebCryptoAlgorithm algorithm = CreateRsaAlgorithmWithInnerHash(
|
| blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5,
|
| @@ -1821,24 +1669,23 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaSsaSignVerifyFailures)) {
|
|
|
| // Compute a signature.
|
| const std::vector<uint8> data = HexStringToBytes("010203040506070809");
|
| - ASSERT_STATUS_SUCCESS(SignInternal(algorithm, private_key, data, &signature));
|
| + ASSERT_STATUS_SUCCESS(crypto_.Sign(algorithm, private_key, data, &signature));
|
|
|
| // Ensure truncated signature does not verify by passing one less byte.
|
| - EXPECT_STATUS_SUCCESS(VerifySignatureInternal(
|
| + EXPECT_STATUS_SUCCESS(crypto_.VerifySignature(
|
| algorithm,
|
| public_key,
|
| - static_cast<const unsigned char*>(signature.data()),
|
| - signature.byteLength() - 1,
|
| + CryptoData(reinterpret_cast<const unsigned char*>(signature.data()),
|
| + signature.byteLength() - 1),
|
| data,
|
| &signature_match));
|
| EXPECT_FALSE(signature_match);
|
|
|
| // Ensure truncated signature does not verify by passing no bytes.
|
| - EXPECT_STATUS_SUCCESS(VerifySignatureInternal(
|
| + EXPECT_STATUS_SUCCESS(crypto_.VerifySignature(
|
| algorithm,
|
| public_key,
|
| - NULL,
|
| - 0,
|
| + CryptoData(),
|
| data,
|
| &signature_match));
|
| EXPECT_FALSE(signature_match);
|
| @@ -1848,11 +1695,10 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaSsaSignVerifyFailures)) {
|
| static_cast<uint8*>(signature.data()),
|
| static_cast<uint8*>(signature.data()) + signature.byteLength());
|
| corrupt_sig[corrupt_sig.size() / 2] ^= 0x1;
|
| - EXPECT_STATUS_SUCCESS(VerifySignatureInternal(
|
| + EXPECT_STATUS_SUCCESS(crypto_.VerifySignature(
|
| algorithm,
|
| public_key,
|
| - webcrypto::Uint8VectorStart(corrupt_sig),
|
| - corrupt_sig.size(),
|
| + corrupt_sig,
|
| data,
|
| &signature_match));
|
| EXPECT_FALSE(signature_match);
|
| @@ -1861,40 +1707,32 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaSsaSignVerifyFailures)) {
|
| const unsigned int long_message_size_bytes = 1024;
|
| DCHECK_GT(long_message_size_bytes, kModulusLength/8);
|
| const unsigned char kLongSignature[long_message_size_bytes] = { 0 };
|
| - EXPECT_STATUS_SUCCESS(VerifySignatureInternal(
|
| + EXPECT_STATUS_SUCCESS(crypto_.VerifySignature(
|
| algorithm,
|
| public_key,
|
| - kLongSignature,
|
| - sizeof(kLongSignature),
|
| + CryptoData(kLongSignature, sizeof(kLongSignature)),
|
| data,
|
| &signature_match));
|
| EXPECT_FALSE(signature_match);
|
|
|
| // Ensure that verifying using a private key, rather than a public key, fails.
|
| - EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), VerifySignatureInternal(
|
| + EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), crypto_.VerifySignature(
|
| algorithm,
|
| private_key,
|
| - static_cast<const unsigned char*>(signature.data()),
|
| - signature.byteLength(),
|
| - data,
|
| + signature, data,
|
| &signature_match));
|
|
|
| // Ensure that signing using a public key, rather than a private key, fails.
|
| EXPECT_STATUS(Status::ErrorUnexpectedKeyType(),
|
| - SignInternal(algorithm, public_key, data, &signature));
|
| + crypto_.Sign(algorithm, public_key, data, &signature));
|
|
|
| // Ensure that signing and verifying with an incompatible algorithm fails.
|
| algorithm =
|
| - webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5);
|
| - EXPECT_STATUS(Status::ErrorUnsupported(),
|
| - SignInternal(algorithm, private_key, data, &signature));
|
| - EXPECT_STATUS(Status::ErrorUnsupported(), VerifySignatureInternal(
|
| - algorithm,
|
| - public_key,
|
| - static_cast<const unsigned char*>(signature.data()),
|
| - signature.byteLength(),
|
| - data,
|
| - &signature_match));
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5);
|
| + EXPECT_STATUS(Status::ErrorKeyAlgorithmMismatch(),
|
| + crypto_.Sign(algorithm, private_key, data, &signature));
|
| + EXPECT_STATUS(Status::ErrorKeyAlgorithmMismatch(), crypto_.VerifySignature(
|
| + algorithm, public_key, signature, data, &signature_match));
|
|
|
| // Some crypto libraries (NSS) can automatically select the RSA SSA inner hash
|
| // based solely on the contents of the input signature data. In the Web Crypto
|
| @@ -1906,7 +1744,7 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaSsaSignVerifyFailures)) {
|
| // is specified by the input algorithm (desired), the verify will fail.
|
|
|
| // Compute a signature using SHA-1 as the inner hash.
|
| - EXPECT_STATUS_SUCCESS(SignInternal(CreateRsaAlgorithmWithInnerHash(
|
| + EXPECT_STATUS_SUCCESS(crypto_.Sign(CreateRsaAlgorithmWithInnerHash(
|
| blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5,
|
| blink::WebCryptoAlgorithmIdSha1),
|
| private_key,
|
| @@ -1919,19 +1757,18 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaSsaSignVerifyFailures)) {
|
| // algorithm has WebCryptoRsaKeyGenParams and not WebCryptoRsaSsaParams. Thus
|
| // it has no inner hash to conflict with the input algorithm.
|
| bool is_match;
|
| - EXPECT_STATUS_SUCCESS(VerifySignatureInternal(
|
| + EXPECT_STATUS_SUCCESS(crypto_.VerifySignature(
|
| CreateRsaAlgorithmWithInnerHash(
|
| blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5,
|
| blink::WebCryptoAlgorithmIdSha256),
|
| public_key,
|
| - static_cast<const unsigned char*>(signature.data()),
|
| - signature.byteLength(),
|
| + signature,
|
| data,
|
| &is_match));
|
| EXPECT_FALSE(is_match);
|
| }
|
|
|
| -TEST_F(WebCryptoImplTest, MAYBE(RsaSignVerifyKnownAnswer)) {
|
| +TEST_F(PlatformCryptoTest, MAYBE(RsaSignVerifyKnownAnswer)) {
|
| scoped_ptr<base::ListValue> tests;
|
| ASSERT_TRUE(ReadJsonTestFileToList("pkcs1v15_sign.json", &tests));
|
|
|
| @@ -1965,11 +1802,11 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaSignVerifyKnownAnswer)) {
|
|
|
| signature.reset();
|
| ASSERT_STATUS_SUCCESS(
|
| - SignInternal(algorithm, private_key, test_message, &signature));
|
| - ExpectArrayBufferMatches(test_signature, signature);
|
| + crypto_.Sign(algorithm, private_key, test_message, &signature));
|
| + ExpectCryptoDataMatches(test_signature, signature);
|
|
|
| bool is_match = false;
|
| - ASSERT_STATUS_SUCCESS(VerifySignatureInternal(
|
| + ASSERT_STATUS_SUCCESS(crypto_.VerifySignature(
|
| algorithm,
|
| public_key,
|
| test_signature,
|
| @@ -1979,55 +1816,55 @@ TEST_F(WebCryptoImplTest, MAYBE(RsaSignVerifyKnownAnswer)) {
|
| }
|
| }
|
|
|
| -TEST_F(WebCryptoImplTest, MAYBE(AesKwKeyImport)) {
|
| +TEST_F(PlatformCryptoTest, MAYBE(AesKwKeyImport)) {
|
| blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
|
| blink::WebCryptoAlgorithm algorithm =
|
| - webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw);
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw);
|
|
|
| // Import a 128-bit Key Encryption Key (KEK)
|
| std::string key_raw_hex_in = "025a8cf3f08b4f6c5f33bbc76a471939";
|
| - ASSERT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
|
| + ASSERT_STATUS_SUCCESS(crypto_.ImportKey(blink::WebCryptoKeyFormatRaw,
|
| HexStringToBytes(key_raw_hex_in),
|
| algorithm,
|
| true,
|
| blink::WebCryptoKeyUsageWrapKey,
|
| &key));
|
| blink::WebArrayBuffer key_raw_out;
|
| - EXPECT_STATUS_SUCCESS(ExportKeyInternal(blink::WebCryptoKeyFormatRaw,
|
| + EXPECT_STATUS_SUCCESS(crypto_.ExportKey(blink::WebCryptoKeyFormatRaw,
|
| key,
|
| &key_raw_out));
|
| - ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out);
|
| + ExpectCryptoDataMatchesHex(key_raw_hex_in, key_raw_out);
|
|
|
| // Import a 192-bit KEK
|
| key_raw_hex_in = "c0192c6466b2370decbb62b2cfef4384544ffeb4d2fbc103";
|
| - ASSERT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
|
| + ASSERT_STATUS_SUCCESS(crypto_.ImportKey(blink::WebCryptoKeyFormatRaw,
|
| HexStringToBytes(key_raw_hex_in),
|
| algorithm,
|
| true,
|
| blink::WebCryptoKeyUsageWrapKey,
|
| &key));
|
| - EXPECT_STATUS_SUCCESS(ExportKeyInternal(blink::WebCryptoKeyFormatRaw,
|
| + EXPECT_STATUS_SUCCESS(crypto_.ExportKey(blink::WebCryptoKeyFormatRaw,
|
| key,
|
| &key_raw_out));
|
| - ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out);
|
| + ExpectCryptoDataMatchesHex(key_raw_hex_in, key_raw_out);
|
|
|
| // Import a 256-bit Key Encryption Key (KEK)
|
| key_raw_hex_in =
|
| "e11fe66380d90fa9ebefb74e0478e78f95664d0c67ca20ce4a0b5842863ac46f";
|
| - ASSERT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
|
| + ASSERT_STATUS_SUCCESS(crypto_.ImportKey(blink::WebCryptoKeyFormatRaw,
|
| HexStringToBytes(key_raw_hex_in),
|
| algorithm,
|
| true,
|
| blink::WebCryptoKeyUsageWrapKey,
|
| &key));
|
| - EXPECT_STATUS_SUCCESS(ExportKeyInternal(blink::WebCryptoKeyFormatRaw,
|
| + EXPECT_STATUS_SUCCESS(crypto_.ExportKey(blink::WebCryptoKeyFormatRaw,
|
| key,
|
| &key_raw_out));
|
| - ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out);
|
| + ExpectCryptoDataMatchesHex(key_raw_hex_in, key_raw_out);
|
|
|
| // Fail import of 0 length key
|
| EXPECT_STATUS(Status::Error(),
|
| - ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
|
| + crypto_.ImportKey(blink::WebCryptoKeyFormatRaw,
|
| HexStringToBytes(""),
|
| algorithm,
|
| true,
|
| @@ -2037,7 +1874,7 @@ TEST_F(WebCryptoImplTest, MAYBE(AesKwKeyImport)) {
|
| // Fail import of 124-bit KEK
|
| key_raw_hex_in = "3e4566a2bdaa10cb68134fa66c15ddb";
|
| EXPECT_STATUS(Status::Error(),
|
| - ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
|
| + crypto_.ImportKey(blink::WebCryptoKeyFormatRaw,
|
| HexStringToBytes(key_raw_hex_in),
|
| algorithm,
|
| true,
|
| @@ -2047,7 +1884,7 @@ TEST_F(WebCryptoImplTest, MAYBE(AesKwKeyImport)) {
|
| // Fail import of 200-bit KEK
|
| key_raw_hex_in = "0a1d88608a5ad9fec64f1ada269ebab4baa2feeb8d95638c0e";
|
| EXPECT_STATUS(Status::Error(),
|
| - ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
|
| + crypto_.ImportKey(blink::WebCryptoKeyFormatRaw,
|
| HexStringToBytes(key_raw_hex_in),
|
| algorithm,
|
| true,
|
| @@ -2058,7 +1895,7 @@ TEST_F(WebCryptoImplTest, MAYBE(AesKwKeyImport)) {
|
| key_raw_hex_in =
|
| "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a";
|
| EXPECT_STATUS(Status::Error(),
|
| - ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
|
| + crypto_.ImportKey(blink::WebCryptoKeyFormatRaw,
|
| HexStringToBytes(key_raw_hex_in),
|
| algorithm,
|
| true,
|
| @@ -2070,7 +1907,7 @@ TEST_F(WebCryptoImplTest, MAYBE(AesKwKeyImport)) {
|
| // * Test decryption when the tag length exceeds input size
|
| // * Test decryption with empty input
|
| // * Test decryption with tag length of 0.
|
| -TEST_F(WebCryptoImplTest, MAYBE(AesGcmSampleSets)) {
|
| +TEST_F(PlatformCryptoTest, MAYBE(AesGcmSampleSets)) {
|
| // Some Linux test runners may not have a new enough version of NSS.
|
| if (!SupportsAesGcm()) {
|
| LOG(WARNING) << "AES GCM not supported, skipping tests";
|
| @@ -2100,15 +1937,15 @@ TEST_F(WebCryptoImplTest, MAYBE(AesGcmSampleSets)) {
|
|
|
| blink::WebCryptoKey key = ImportSecretKeyFromRaw(
|
| test_key,
|
| - webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm),
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm),
|
| blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt);
|
|
|
| // Verify exported raw key is identical to the imported data
|
| blink::WebArrayBuffer raw_key;
|
| - EXPECT_STATUS_SUCCESS(ExportKeyInternal(
|
| + EXPECT_STATUS_SUCCESS(crypto_.ExportKey(
|
| blink::WebCryptoKeyFormatRaw, key, &raw_key));
|
|
|
| - ExpectArrayBufferMatches(test_key, raw_key);
|
| + ExpectCryptoDataMatches(test_key, raw_key);
|
|
|
| // Test encryption.
|
| std::vector<uint8> cipher_text;
|
| @@ -2117,15 +1954,15 @@ TEST_F(WebCryptoImplTest, MAYBE(AesGcmSampleSets)) {
|
| test_tag_size_bits, test_plain_text,
|
| &cipher_text, &authentication_tag));
|
|
|
| - ExpectVectorMatches(test_cipher_text, cipher_text);
|
| - ExpectVectorMatches(test_authentication_tag, authentication_tag);
|
| + ExpectCryptoDataMatches(test_cipher_text, cipher_text);
|
| + ExpectCryptoDataMatches(test_authentication_tag, authentication_tag);
|
|
|
| // Test decryption.
|
| blink::WebArrayBuffer plain_text;
|
| EXPECT_STATUS_SUCCESS(AesGcmDecrypt(key, test_iv, test_additional_data,
|
| test_tag_size_bits, test_cipher_text,
|
| test_authentication_tag, &plain_text));
|
| - ExpectArrayBufferMatches(test_plain_text, plain_text);
|
| + ExpectCryptoDataMatches(test_plain_text, plain_text);
|
|
|
| // Decryption should fail if any of the inputs are tampered with.
|
| EXPECT_STATUS(Status::Error(),
|
| @@ -2159,4 +1996,5 @@ TEST_F(WebCryptoImplTest, MAYBE(AesGcmSampleSets)) {
|
| }
|
| }
|
|
|
| +} // namespace webcrypto
|
| } // namespace content
|
|
|
Chromium Code Reviews
Issue 155623005:
Refactor to share more code between OpenSSL and NSS implementations. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src