Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(770)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/renderer/webcrypto/shared_crypto_unittest.cc

Issue 171503006: [style] Run webcrypto files through clang-format. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: rebase Created 6 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « content/renderer/webcrypto/shared_crypto.cc ('k') | content/renderer/webcrypto/webcrypto_impl.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/renderer/webcrypto/shared_crypto.h" 5 #include "content/renderer/webcrypto/shared_crypto.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <string> 8 #include <string>
9 #include <vector> 9 #include <vector>
10 10
(...skipping 22 matching lines...) Expand all
33 // the tests: http://crbug.com/267888 33 // the tests: http://crbug.com/267888
34 #if defined(USE_OPENSSL) 34 #if defined(USE_OPENSSL)
35 #define MAYBE(test_name) DISABLED_##test_name 35 #define MAYBE(test_name) DISABLED_##test_name
36 #else 36 #else
37 #define MAYBE(test_name) test_name 37 #define MAYBE(test_name) test_name
38 #endif 38 #endif
39 39
40 // Helper macros to verify the value of a Status. 40 // Helper macros to verify the value of a Status.
41 #define EXPECT_STATUS_ERROR(code) EXPECT_FALSE((code).IsSuccess()) 41 #define EXPECT_STATUS_ERROR(code) EXPECT_FALSE((code).IsSuccess())
42 #define EXPECT_STATUS(expected, code) \ 42 #define EXPECT_STATUS(expected, code) \
43 EXPECT_EQ(expected.ToString(), (code).ToString()) 43 EXPECT_EQ(expected.ToString(), (code).ToString())
44 #define ASSERT_STATUS(expected, code) \ 44 #define ASSERT_STATUS(expected, code) \
45 ASSERT_EQ(expected.ToString(), (code).ToString()) 45 ASSERT_EQ(expected.ToString(), (code).ToString())
46 #define EXPECT_STATUS_SUCCESS(code) EXPECT_STATUS(Status::Success(), code) 46 #define EXPECT_STATUS_SUCCESS(code) EXPECT_STATUS(Status::Success(), code)
47 #define ASSERT_STATUS_SUCCESS(code) ASSERT_STATUS(Status::Success(), code) 47 #define ASSERT_STATUS_SUCCESS(code) ASSERT_STATUS(Status::Success(), code)
48 48
49 namespace content { 49 namespace content {
50 50
51 namespace webcrypto { 51 namespace webcrypto {
52 52
53 namespace { 53 namespace {
54 54
55 // Returns a slightly modified version of the input vector. 55 // Returns a slightly modified version of the input vector.
(...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after
100 base::JSONWriter::Write(&dict, &json); 100 base::JSONWriter::Write(&dict, &json);
101 return MakeJsonVector(json); 101 return MakeJsonVector(json);
102 } 102 }
103 103
104 // ---------------------------------------------------------------- 104 // ----------------------------------------------------------------
105 // Helpers for working with JSON data files for test expectations. 105 // Helpers for working with JSON data files for test expectations.
106 // ---------------------------------------------------------------- 106 // ----------------------------------------------------------------
107 107
108 // Reads a file in "src/content/test/data/webcrypto" to a base::Value. 108 // Reads a file in "src/content/test/data/webcrypto" to a base::Value.
109 // The file must be JSON, however it can also include C++ style comments. 109 // The file must be JSON, however it can also include C++ style comments.
110 ::testing::AssertionResult ReadJsonTestFile( 110 ::testing::AssertionResult ReadJsonTestFile(const char* test_file_name,
111 const char* test_file_name, 111 scoped_ptr<base::Value>* value) {
112 scoped_ptr<base::Value>* value) {
113 base::FilePath test_data_dir; 112 base::FilePath test_data_dir;
114 if (!PathService::Get(DIR_TEST_DATA, &test_data_dir)) 113 if (!PathService::Get(DIR_TEST_DATA, &test_data_dir))
115 return ::testing::AssertionFailure() << "Couldn't retrieve test dir"; 114 return ::testing::AssertionFailure() << "Couldn't retrieve test dir";
116 115
117 base::FilePath file_path = 116 base::FilePath file_path =
118 test_data_dir.AppendASCII("webcrypto").AppendASCII(test_file_name); 117 test_data_dir.AppendASCII("webcrypto").AppendASCII(test_file_name);
119 118
120 std::string file_contents; 119 std::string file_contents;
121 if (!base::ReadFileToString(file_path, &file_contents)) { 120 if (!base::ReadFileToString(file_path, &file_contents)) {
122 return ::testing::AssertionFailure() << "Couldn't read test file: " 121 return ::testing::AssertionFailure()
123 << file_path.value(); 122 << "Couldn't read test file: " << file_path.value();
124 } 123 }
125 124
126 // Strip C++ style comments out of the "json" file, otherwise it cannot be 125 // Strip C++ style comments out of the "json" file, otherwise it cannot be
127 // parsed. 126 // parsed.
128 re2::RE2::GlobalReplace(&file_contents, re2::RE2("\\s*//.*"), ""); 127 re2::RE2::GlobalReplace(&file_contents, re2::RE2("\\s*//.*"), "");
129 128
130 // Parse the JSON to a dictionary. 129 // Parse the JSON to a dictionary.
131 value->reset(base::JSONReader::Read(file_contents)); 130 value->reset(base::JSONReader::Read(file_contents));
132 if (!value->get()) { 131 if (!value->get()) {
133 return ::testing::AssertionFailure() << "Couldn't parse test file JSON: " 132 return ::testing::AssertionFailure()
134 << file_path.value(); 133 << "Couldn't parse test file JSON: " << file_path.value();
135 } 134 }
136 135
137 return ::testing::AssertionSuccess(); 136 return ::testing::AssertionSuccess();
138 } 137 }
139 138
140 // Same as ReadJsonTestFile(), but return the value as a List. 139 // Same as ReadJsonTestFile(), but return the value as a List.
141 ::testing::AssertionResult ReadJsonTestFileToList( 140 ::testing::AssertionResult ReadJsonTestFileToList(
142 const char* test_file_name, 141 const char* test_file_name,
143 scoped_ptr<base::ListValue>* list) { 142 scoped_ptr<base::ListValue>* list) {
144 // Read the JSON. 143 // Read the JSON.
(...skipping 11 matching lines...) Expand all
156 ignore_result(json.release()); 155 ignore_result(json.release());
157 156
158 return ::testing::AssertionSuccess(); 157 return ::testing::AssertionSuccess();
159 } 158 }
160 159
161 // Read a string property from the dictionary with path |property_name| 160 // Read a string property from the dictionary with path |property_name|
162 // (which can include periods for nested dictionaries). Interprets the 161 // (which can include periods for nested dictionaries). Interprets the
163 // string as a hex encoded string and converts it to a bytes list. 162 // string as a hex encoded string and converts it to a bytes list.
164 // 163 //
165 // Returns empty vector on failure. 164 // Returns empty vector on failure.
166 std::vector<uint8> GetBytesFromHexString( 165 std::vector<uint8> GetBytesFromHexString(base::DictionaryValue* dict,
167 base::DictionaryValue* dict, 166 const char* property_name) {
168 const char* property_name) {
169 std::string hex_string; 167 std::string hex_string;
170 if (!dict->GetString(property_name, &hex_string)) { 168 if (!dict->GetString(property_name, &hex_string)) {
171 EXPECT_TRUE(false) << "Couldn't get string property: " << property_name; 169 EXPECT_TRUE(false) << "Couldn't get string property: " << property_name;
172 return std::vector<uint8>(); 170 return std::vector<uint8>();
173 } 171 }
174 172
175 return HexStringToBytes(hex_string); 173 return HexStringToBytes(hex_string);
176 } 174 }
177 175
178 // Reads a string property with path "property_name" and converts it to a 176 // Reads a string property with path "property_name" and converts it to a
179 // WebCryptoAlgorith. Returns null algorithm on failure. 177 // WebCryptoAlgorith. Returns null algorithm on failure.
180 blink::WebCryptoAlgorithm GetDigestAlgorithm( 178 blink::WebCryptoAlgorithm GetDigestAlgorithm(base::DictionaryValue* dict,
181 base::DictionaryValue* dict, 179 const char* property_name) {
182 const char* property_name) {
183 std::string algorithm_name; 180 std::string algorithm_name;
184 if (!dict->GetString(property_name, &algorithm_name)) { 181 if (!dict->GetString(property_name, &algorithm_name)) {
185 EXPECT_TRUE(false) << "Couldn't get string property: " << property_name; 182 EXPECT_TRUE(false) << "Couldn't get string property: " << property_name;
186 return blink::WebCryptoAlgorithm::createNull(); 183 return blink::WebCryptoAlgorithm::createNull();
187 } 184 }
188 185
189 struct { 186 struct {
190 const char* name; 187 const char* name;
191 blink::WebCryptoAlgorithmId id; 188 blink::WebCryptoAlgorithmId id;
192 } kDigestNameToId[] = { 189 } kDigestNameToId[] = {{"sha-1", blink::WebCryptoAlgorithmIdSha1},
193 {"sha-1", blink::WebCryptoAlgorithmIdSha1}, 190 {"sha-224", blink::WebCryptoAlgorithmIdSha224},
194 {"sha-224", blink::WebCryptoAlgorithmIdSha224}, 191 {"sha-256", blink::WebCryptoAlgorithmIdSha256},
195 {"sha-256", blink::WebCryptoAlgorithmIdSha256}, 192 {"sha-384", blink::WebCryptoAlgorithmIdSha384},
196 {"sha-384", blink::WebCryptoAlgorithmIdSha384}, 193 {"sha-512", blink::WebCryptoAlgorithmIdSha512}, };
197 {"sha-512", blink::WebCryptoAlgorithmIdSha512},
198 };
199 194
200 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kDigestNameToId); ++i) { 195 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kDigestNameToId); ++i) {
201 if (kDigestNameToId[i].name == algorithm_name) 196 if (kDigestNameToId[i].name == algorithm_name)
202 return CreateAlgorithm(kDigestNameToId[i].id); 197 return CreateAlgorithm(kDigestNameToId[i].id);
203 } 198 }
204 199
205 return blink::WebCryptoAlgorithm::createNull(); 200 return blink::WebCryptoAlgorithm::createNull();
206 } 201 }
207 202
208 // Helper for ImportJwkFailures and ImportJwkOctFailures. Restores the JWK JSON 203 // Helper for ImportJwkFailures and ImportJwkOctFailures. Restores the JWK JSON
209 // dictionary to a good state 204 // dictionary to a good state
210 void RestoreJwkOctDictionary(base::DictionaryValue* dict) { 205 void RestoreJwkOctDictionary(base::DictionaryValue* dict) {
211 dict->Clear(); 206 dict->Clear();
212 dict->SetString("kty", "oct"); 207 dict->SetString("kty", "oct");
213 dict->SetString("alg", "A128CBC"); 208 dict->SetString("alg", "A128CBC");
214 dict->SetString("use", "enc"); 209 dict->SetString("use", "enc");
215 dict->SetBoolean("extractable", false); 210 dict->SetBoolean("extractable", false);
216 dict->SetString("k", "GADWrMRHwQfoNaXU5fZvTg=="); 211 dict->SetString("k", "GADWrMRHwQfoNaXU5fZvTg==");
217 } 212 }
218 213
219 blink::WebCryptoAlgorithm CreateAesGcmAlgorithm( 214 blink::WebCryptoAlgorithm CreateAesGcmAlgorithm(
220 const std::vector<uint8>& iv, 215 const std::vector<uint8>& iv,
221 const std::vector<uint8>& additional_data, 216 const std::vector<uint8>& additional_data,
222 unsigned int tag_length_bits) { 217 unsigned int tag_length_bits) {
223 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( 218 return blink::WebCryptoAlgorithm::adoptParamsAndCreate(
224 blink::WebCryptoAlgorithmIdAesGcm, 219 blink::WebCryptoAlgorithmIdAesGcm,
225 new blink::WebCryptoAesGcmParams( 220 new blink::WebCryptoAesGcmParams(Uint8VectorStart(iv),
226 Uint8VectorStart(iv), iv.size(), 221 iv.size(),
227 true, 222 true,
228 Uint8VectorStart(additional_data), 223 Uint8VectorStart(additional_data),
229 additional_data.size(), 224 additional_data.size(),
230 true, tag_length_bits)); 225 true,
226 tag_length_bits));
231 } 227 }
232 228
233 // Helper for ImportJwkRsaFailures. Restores the JWK JSON 229 // Helper for ImportJwkRsaFailures. Restores the JWK JSON
234 // dictionary to a good state 230 // dictionary to a good state
235 void RestoreJwkRsaDictionary(base::DictionaryValue* dict) { 231 void RestoreJwkRsaDictionary(base::DictionaryValue* dict) {
236 dict->Clear(); 232 dict->Clear();
237 dict->SetString("kty", "RSA"); 233 dict->SetString("kty", "RSA");
238 dict->SetString("alg", "RSA1_5"); 234 dict->SetString("alg", "RSA1_5");
239 dict->SetString("use", "enc"); 235 dict->SetString("use", "enc");
240 dict->SetBoolean("extractable", false); 236 dict->SetBoolean("extractable", false);
241 dict->SetString("n", 237 dict->SetString(
238 "n",
242 "qLOyhK-OtQs4cDSoYPFGxJGfMYdjzWxVmMiuSBGh4KvEx-CwgtaTpef87Wdc9GaFEncsDLxk" 239 "qLOyhK-OtQs4cDSoYPFGxJGfMYdjzWxVmMiuSBGh4KvEx-CwgtaTpef87Wdc9GaFEncsDLxk"
243 "p0LGxjD1M8jMcvYq6DPEC_JYQumEu3i9v5fAEH1VvbZi9cTg-rmEXLUUjvc5LdOq_5OuHmtm" 240 "p0LGxjD1M8jMcvYq6DPEC_JYQumEu3i9v5fAEH1VvbZi9cTg-rmEXLUUjvc5LdOq_5OuHmtm"
244 "e7PUJHYW1PW6ENTP0ibeiNOfFvs"); 241 "e7PUJHYW1PW6ENTP0ibeiNOfFvs");
245 dict->SetString("e", "AQAB"); 242 dict->SetString("e", "AQAB");
246 } 243 }
247 244
248 blink::WebCryptoAlgorithm CreateRsaAlgorithmWithInnerHash( 245 blink::WebCryptoAlgorithm CreateRsaAlgorithmWithInnerHash(
249 blink::WebCryptoAlgorithmId algorithm_id, 246 blink::WebCryptoAlgorithmId algorithm_id,
250 blink::WebCryptoAlgorithmId hash_id) { 247 blink::WebCryptoAlgorithmId hash_id) {
251 DCHECK(algorithm_id == blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 || 248 DCHECK(algorithm_id == blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 ||
252 algorithm_id == blink::WebCryptoAlgorithmIdRsaOaep); 249 algorithm_id == blink::WebCryptoAlgorithmIdRsaOaep);
253 DCHECK(IsHashAlgorithm(hash_id)); 250 DCHECK(IsHashAlgorithm(hash_id));
254 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( 251 return blink::WebCryptoAlgorithm::adoptParamsAndCreate(
255 algorithm_id, 252 algorithm_id, new blink::WebCryptoRsaSsaParams(CreateAlgorithm(hash_id)));
256 new blink::WebCryptoRsaSsaParams(CreateAlgorithm(hash_id)));
257 } 253 }
258 254
259 // Determines if two ArrayBuffers have identical content. 255 // Determines if two ArrayBuffers have identical content.
260 bool ArrayBuffersEqual( 256 bool ArrayBuffersEqual(const blink::WebArrayBuffer& a,
261 const blink::WebArrayBuffer& a, 257 const blink::WebArrayBuffer& b) {
262 const blink::WebArrayBuffer& b) {
263 return a.byteLength() == b.byteLength() && 258 return a.byteLength() == b.byteLength() &&
264 memcmp(a.data(), b.data(), a.byteLength()) == 0; 259 memcmp(a.data(), b.data(), a.byteLength()) == 0;
265 } 260 }
266 261
267 // Given a vector of WebArrayBuffers, determines if there are any copies. 262 // Given a vector of WebArrayBuffers, determines if there are any copies.
268 bool CopiesExist(std::vector<blink::WebArrayBuffer> bufs) { 263 bool CopiesExist(std::vector<blink::WebArrayBuffer> bufs) {
269 for (size_t i = 0; i < bufs.size(); ++i) { 264 for (size_t i = 0; i < bufs.size(); ++i) {
270 for (size_t j = i + 1; j < bufs.size(); ++j) { 265 for (size_t j = i + 1; j < bufs.size(); ++j) {
271 if (ArrayBuffersEqual(bufs[i], bufs[j])) 266 if (ArrayBuffersEqual(bufs[i], bufs[j]))
272 return true; 267 return true;
(...skipping 58 matching lines...) Expand 10 before | Expand all | Expand 10 after
331 "5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8d" 326 "5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8d"
332 "d3ede2448328f385d81b30e8e43b2fffa02786197902401a8b38f398fa71" 327 "d3ede2448328f385d81b30e8e43b2fffa02786197902401a8b38f398fa71"
333 "2049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd" 328 "2049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd"
334 "48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729024027" 329 "48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729024027"
335 "156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319" 330 "156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319"
336 "584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24" 331 "584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24"
337 "a79f4d"; 332 "a79f4d";
338 333
339 class SharedCryptoTest : public testing::Test { 334 class SharedCryptoTest : public testing::Test {
340 protected: 335 protected:
341 virtual void SetUp() OVERRIDE { 336 virtual void SetUp() OVERRIDE { Init(); }
342 Init();
343 }
344 }; 337 };
345 338
346 // Wrappers to pass vector<> in place of CryptoData. 339 // Wrappers to pass vector<> in place of CryptoData.
347 340
348 Status ImportKeyInternal(blink::WebCryptoKeyFormat format, 341 Status ImportKeyInternal(blink::WebCryptoKeyFormat format,
349 const std::vector<uint8>& key_data, 342 const std::vector<uint8>& key_data,
350 const blink::WebCryptoAlgorithm& algorithm, 343 const blink::WebCryptoAlgorithm& algorithm,
351 bool extractable, 344 bool extractable,
352 blink::WebCryptoKeyUsageMask usage_mask, 345 blink::WebCryptoKeyUsageMask usage_mask,
353 blink::WebCryptoKey* key) { 346 blink::WebCryptoKey* key) {
354 return ImportKey(format, CryptoData(key_data), algorithm, extractable, 347 return ImportKey(
355 usage_mask, key); 348 format, CryptoData(key_data), algorithm, extractable, usage_mask, key);
356 } 349 }
357 350
358 Status EncryptInternal(const blink::WebCryptoAlgorithm& algorithm, 351 Status EncryptInternal(const blink::WebCryptoAlgorithm& algorithm,
359 const blink::WebCryptoKey& key, 352 const blink::WebCryptoKey& key,
360 const std::vector<uint8>& data, 353 const std::vector<uint8>& data,
361 blink::WebArrayBuffer* buffer) { 354 blink::WebArrayBuffer* buffer) {
362 return Encrypt(algorithm, key, CryptoData(data), buffer); 355 return Encrypt(algorithm, key, CryptoData(data), buffer);
363 } 356 }
364 357
365 Status DecryptInternal(const blink::WebCryptoAlgorithm& algorithm, 358 Status DecryptInternal(const blink::WebCryptoAlgorithm& algorithm,
366 const blink::WebCryptoKey& key, 359 const blink::WebCryptoKey& key,
367 const std::vector<uint8>& data, 360 const std::vector<uint8>& data,
368 blink::WebArrayBuffer* buffer) { 361 blink::WebArrayBuffer* buffer) {
369 return Decrypt(algorithm, key, CryptoData(data), buffer); 362 return Decrypt(algorithm, key, CryptoData(data), buffer);
370 } 363 }
371 364
365 blink::WebCryptoKey ImportSecretKeyFromRaw(
366 const std::vector<uint8>& key_raw,
367 const blink::WebCryptoAlgorithm& algorithm,
368 blink::WebCryptoKeyUsageMask usage) {
369 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
370 bool extractable = true;
371 EXPECT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
372 key_raw,
373 algorithm,
374 extractable,
375 usage,
376 &key));
372 377
373 // TODO: de-indent. 378 EXPECT_FALSE(key.isNull());
374 blink::WebCryptoKey ImportSecretKeyFromRaw( 379 EXPECT_TRUE(key.handle());
375 const std::vector<uint8>& key_raw, 380 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type());
376 const blink::WebCryptoAlgorithm& algorithm, 381 EXPECT_EQ(algorithm.id(), key.algorithm().id());
377 blink::WebCryptoKeyUsageMask usage) { 382 EXPECT_EQ(extractable, key.extractable());
378 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); 383 EXPECT_EQ(usage, key.usages());
379 bool extractable = true; 384 return key;
380 EXPECT_STATUS_SUCCESS( 385 }
381 ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
382 key_raw,
383 algorithm,
384 extractable,
385 usage,
386 &key));
387 386
388 EXPECT_FALSE(key.isNull()); 387 void ImportRsaKeyPair(const std::vector<uint8>& spki_der,
389 EXPECT_TRUE(key.handle()); 388 const std::vector<uint8>& pkcs8_der,
390 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); 389 const blink::WebCryptoAlgorithm& algorithm,
391 EXPECT_EQ(algorithm.id(), key.algorithm().id()); 390 bool extractable,
392 EXPECT_EQ(extractable, key.extractable()); 391 blink::WebCryptoKeyUsageMask usage_mask,
393 EXPECT_EQ(usage, key.usages()); 392 blink::WebCryptoKey* public_key,
394 return key; 393 blink::WebCryptoKey* private_key) {
394 EXPECT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatSpki,
395 spki_der,
396 algorithm,
397 true,
398 usage_mask,
399 public_key));
400 EXPECT_FALSE(public_key->isNull());
401 EXPECT_TRUE(public_key->handle());
402 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key->type());
403 EXPECT_EQ(algorithm.id(), public_key->algorithm().id());
404 EXPECT_EQ(extractable, extractable);
405 EXPECT_EQ(usage_mask, public_key->usages());
406
407 EXPECT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatPkcs8,
408 pkcs8_der,
409 algorithm,
410 extractable,
411 usage_mask,
412 private_key));
413 EXPECT_FALSE(private_key->isNull());
414 EXPECT_TRUE(private_key->handle());
415 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key->type());
416 EXPECT_EQ(algorithm.id(), private_key->algorithm().id());
417 EXPECT_EQ(extractable, extractable);
418 EXPECT_EQ(usage_mask, private_key->usages());
419 }
420
421 // TODO(eroman): For Linux builds using system NSS, AES-GCM support is a
422 // runtime dependency. Test it by trying to import a key.
423 bool SupportsAesGcm() {
424 std::vector<uint8> key_raw(16, 0);
425
426 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
427 Status status =
428 ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
429 key_raw,
430 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm),
431 true,
432 blink::WebCryptoKeyUsageEncrypt,
433 &key);
434
435 if (status.IsError())
436 EXPECT_EQ(Status::ErrorUnsupported().ToString(), status.ToString());
437 return status.IsSuccess();
438 }
439
440 Status AesGcmEncrypt(const blink::WebCryptoKey& key,
441 const std::vector<uint8>& iv,
442 const std::vector<uint8>& additional_data,
443 unsigned int tag_length_bits,
444 const std::vector<uint8>& plain_text,
445 std::vector<uint8>* cipher_text,
446 std::vector<uint8>* authentication_tag) {
447 blink::WebCryptoAlgorithm algorithm =
448 CreateAesGcmAlgorithm(iv, additional_data, tag_length_bits);
449
450 blink::WebArrayBuffer output;
451 Status status = EncryptInternal(algorithm, key, plain_text, &output);
452 if (status.IsError())
453 return status;
454
455 if (output.byteLength() * 8 < tag_length_bits) {
456 EXPECT_TRUE(false);
457 return Status::Error();
395 } 458 }
396 459
397 void ImportRsaKeyPair( 460 // The encryption result is cipher text with authentication tag appended.
398 const std::vector<uint8>& spki_der, 461 cipher_text->assign(static_cast<uint8*>(output.data()),
399 const std::vector<uint8>& pkcs8_der, 462 static_cast<uint8*>(output.data()) +
400 const blink::WebCryptoAlgorithm& algorithm, 463 (output.byteLength() - tag_length_bits / 8));
401 bool extractable, 464 authentication_tag->assign(
402 blink::WebCryptoKeyUsageMask usage_mask, 465 static_cast<uint8*>(output.data()) + cipher_text->size(),
403 blink::WebCryptoKey* public_key, 466 static_cast<uint8*>(output.data()) + output.byteLength());
404 blink::WebCryptoKey* private_key) {
405 EXPECT_STATUS_SUCCESS(ImportKeyInternal(
406 blink::WebCryptoKeyFormatSpki,
407 spki_der,
408 algorithm,
409 true,
410 usage_mask,
411 public_key));
412 EXPECT_FALSE(public_key->isNull());
413 EXPECT_TRUE(public_key->handle());
414 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key->type());
415 EXPECT_EQ(algorithm.id(), public_key->algorithm().id());
416 EXPECT_EQ(extractable, extractable);
417 EXPECT_EQ(usage_mask, public_key->usages());
418 467
419 EXPECT_STATUS_SUCCESS(ImportKeyInternal( 468 return Status::Success();
420 blink::WebCryptoKeyFormatPkcs8, 469 }
421 pkcs8_der,
422 algorithm,
423 extractable,
424 usage_mask,
425 private_key));
426 EXPECT_FALSE(private_key->isNull());
427 EXPECT_TRUE(private_key->handle());
428 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key->type());
429 EXPECT_EQ(algorithm.id(), private_key->algorithm().id());
430 EXPECT_EQ(extractable, extractable);
431 EXPECT_EQ(usage_mask, private_key->usages());
432 }
433 470
434 // TODO(eroman): For Linux builds using system NSS, AES-GCM support is a 471 Status AesGcmDecrypt(const blink::WebCryptoKey& key,
435 // runtime dependency. Test it by trying to import a key. 472 const std::vector<uint8>& iv,
436 bool SupportsAesGcm() { 473 const std::vector<uint8>& additional_data,
437 std::vector<uint8> key_raw(16, 0); 474 unsigned int tag_length_bits,
475 const std::vector<uint8>& cipher_text,
476 const std::vector<uint8>& authentication_tag,
477 blink::WebArrayBuffer* plain_text) {
478 blink::WebCryptoAlgorithm algorithm =
479 CreateAesGcmAlgorithm(iv, additional_data, tag_length_bits);
438 480
439 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); 481 // Join cipher text and authentication tag.
440 Status status = ImportKeyInternal( 482 std::vector<uint8> cipher_text_with_tag;
441 blink::WebCryptoKeyFormatRaw, 483 cipher_text_with_tag.reserve(cipher_text.size() + authentication_tag.size());
442 key_raw, 484 cipher_text_with_tag.insert(
443 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm), 485 cipher_text_with_tag.end(), cipher_text.begin(), cipher_text.end());
444 true, 486 cipher_text_with_tag.insert(cipher_text_with_tag.end(),
445 blink::WebCryptoKeyUsageEncrypt, 487 authentication_tag.begin(),
446 &key); 488 authentication_tag.end());
447 489
448 if (status.IsError()) 490 return DecryptInternal(algorithm, key, cipher_text_with_tag, plain_text);
449 EXPECT_EQ(Status::ErrorUnsupported().ToString(), status.ToString()); 491 }
450 return status.IsSuccess();
451 }
452 492
453 Status AesGcmEncrypt(const blink::WebCryptoKey& key, 493 // Helpers to pass vector<> in place of CryptoData.
454 const std::vector<uint8>& iv, 494 Status DigestInternal(const blink::WebCryptoAlgorithm& algorithm,
455 const std::vector<uint8>& additional_data, 495 const std::vector<uint8>& data,
456 unsigned int tag_length_bits, 496 blink::WebArrayBuffer* buffer) {
457 const std::vector<uint8>& plain_text, 497 return Digest(algorithm, CryptoData(data), buffer);
458 std::vector<uint8>* cipher_text, 498 }
459 std::vector<uint8>* authentication_tag) {
460 blink::WebCryptoAlgorithm algorithm = CreateAesGcmAlgorithm(
461 iv, additional_data, tag_length_bits);
462 499
463 blink::WebArrayBuffer output; 500 Status SignInternal(const blink::WebCryptoAlgorithm& algorithm,
464 Status status = EncryptInternal(algorithm, key, plain_text, &output); 501 const blink::WebCryptoKey& key,
465 if (status.IsError()) 502 const std::vector<uint8>& data,
466 return status; 503 blink::WebArrayBuffer* buffer) {
504 return Sign(algorithm, key, CryptoData(data), buffer);
505 }
467 506
468 if (output.byteLength() * 8 < tag_length_bits) { 507 Status VerifySignatureInternal(const blink::WebCryptoAlgorithm& algorithm,
469 EXPECT_TRUE(false); 508 const blink::WebCryptoKey& key,
470 return Status::Error(); 509 const CryptoData& signature,
471 } 510 const std::vector<uint8>& data,
511 bool* signature_match) {
512 return VerifySignature(
513 algorithm, key, signature, CryptoData(data), signature_match);
514 }
472 515
473 // The encryption result is cipher text with authentication tag appended. 516 Status VerifySignatureInternal(const blink::WebCryptoAlgorithm& algorithm,
474 cipher_text->assign( 517 const blink::WebCryptoKey& key,
475 static_cast<uint8*>(output.data()), 518 const std::vector<uint8>& signature,
476 static_cast<uint8*>(output.data()) + 519 const std::vector<uint8>& data,
477 (output.byteLength() - tag_length_bits / 8)); 520 bool* signature_match) {
478 authentication_tag->assign( 521 return VerifySignature(
479 static_cast<uint8*>(output.data()) + cipher_text->size(), 522 algorithm, key, CryptoData(signature), CryptoData(data), signature_match);
480 static_cast<uint8*>(output.data()) + output.byteLength()); 523 }
481 524
482 return Status::Success(); 525 Status ImportKeyJwk(const std::vector<uint8>& key_data,
483 } 526 const blink::WebCryptoAlgorithm& algorithm,
484 527 bool extractable,
485 Status AesGcmDecrypt(const blink::WebCryptoKey& key, 528 blink::WebCryptoKeyUsageMask usage_mask,
486 const std::vector<uint8>& iv, 529 blink::WebCryptoKey* key) {
487 const std::vector<uint8>& additional_data, 530 return ImportKeyJwk(
488 unsigned int tag_length_bits, 531 CryptoData(key_data), algorithm, extractable, usage_mask, key);
489 const std::vector<uint8>& cipher_text, 532 }
490 const std::vector<uint8>& authentication_tag,
491 blink::WebArrayBuffer* plain_text) {
492 blink::WebCryptoAlgorithm algorithm = CreateAesGcmAlgorithm(
493 iv, additional_data, tag_length_bits);
494
495 // Join cipher text and authentication tag.
496 std::vector<uint8> cipher_text_with_tag;
497 cipher_text_with_tag.reserve(
498 cipher_text.size() + authentication_tag.size());
499 cipher_text_with_tag.insert(
500 cipher_text_with_tag.end(), cipher_text.begin(), cipher_text.end());
501 cipher_text_with_tag.insert(
502 cipher_text_with_tag.end(), authentication_tag.begin(),
503 authentication_tag.end());
504
505 return DecryptInternal(algorithm, key, cipher_text_with_tag, plain_text);
506 }
507
508 // Helpers to pass vector<> in place of CryptoData.
509 Status DigestInternal(
510 const blink::WebCryptoAlgorithm& algorithm,
511 const std::vector<uint8>& data,
512 blink::WebArrayBuffer* buffer) {
513 return Digest(algorithm, CryptoData(data), buffer);
514 }
515
516 Status SignInternal(
517 const blink::WebCryptoAlgorithm& algorithm,
518 const blink::WebCryptoKey& key,
519 const std::vector<uint8>& data,
520 blink::WebArrayBuffer* buffer) {
521 return Sign(algorithm, key, CryptoData(data), buffer);
522 }
523
524 Status VerifySignatureInternal(
525 const blink::WebCryptoAlgorithm& algorithm,
526 const blink::WebCryptoKey& key,
527 const CryptoData& signature,
528 const std::vector<uint8>& data,
529 bool* signature_match) {
530 return VerifySignature(algorithm,
531 key,
532 signature,
533 CryptoData(data),
534 signature_match);
535 }
536
537
538 Status VerifySignatureInternal(
539 const blink::WebCryptoAlgorithm& algorithm,
540 const blink::WebCryptoKey& key,
541 const std::vector<uint8>& signature,
542 const std::vector<uint8>& data,
543 bool* signature_match) {
544 return VerifySignature(
545 algorithm,
546 key,
547 CryptoData(signature),
548 CryptoData(data),
549 signature_match);
550 }
551
552 Status ImportKeyJwk(
553 const std::vector<uint8>& key_data,
554 const blink::WebCryptoAlgorithm& algorithm,
555 bool extractable,
556 blink::WebCryptoKeyUsageMask usage_mask,
557 blink::WebCryptoKey* key) {
558 return ImportKeyJwk(CryptoData(key_data),
559 algorithm,
560 extractable,
561 usage_mask,
562 key);
563 }
564 533
565 } // namespace 534 } // namespace
566 535
567 TEST_F(SharedCryptoTest, StatusToString) { 536 TEST_F(SharedCryptoTest, StatusToString) {
568 EXPECT_EQ("Success", Status::Success().ToString()); 537 EXPECT_EQ("Success", Status::Success().ToString());
569 EXPECT_EQ("", Status::Error().ToString()); 538 EXPECT_EQ("", Status::Error().ToString());
570 EXPECT_EQ("The requested operation is unsupported", 539 EXPECT_EQ("The requested operation is unsupported",
571 Status::ErrorUnsupported().ToString()); 540 Status::ErrorUnsupported().ToString());
572 EXPECT_EQ("The required JWK property \"kty\" was missing", 541 EXPECT_EQ("The required JWK property \"kty\" was missing",
573 Status::ErrorJwkPropertyMissing("kty").ToString()); 542 Status::ErrorJwkPropertyMissing("kty").ToString());
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after
626 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); 595 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key));
627 ExpectArrayBufferMatches(test_key, raw_key); 596 ExpectArrayBufferMatches(test_key, raw_key);
628 597
629 blink::WebArrayBuffer output; 598 blink::WebArrayBuffer output;
630 599
631 ASSERT_STATUS_SUCCESS(SignInternal(algorithm, key, test_message, &output)); 600 ASSERT_STATUS_SUCCESS(SignInternal(algorithm, key, test_message, &output));
632 601
633 ExpectArrayBufferMatches(test_mac, output); 602 ExpectArrayBufferMatches(test_mac, output);
634 603
635 bool signature_match = false; 604 bool signature_match = false;
636 EXPECT_STATUS_SUCCESS(VerifySignature( 605 EXPECT_STATUS_SUCCESS(VerifySignature(algorithm,
637 algorithm, 606 key,
638 key, 607 CryptoData(output),
639 CryptoData(output), 608 CryptoData(test_message),
640 CryptoData(test_message), 609 &signature_match));
641 &signature_match));
642 EXPECT_TRUE(signature_match); 610 EXPECT_TRUE(signature_match);
643 611
644 // Ensure truncated signature does not verify by passing one less byte. 612 // Ensure truncated signature does not verify by passing one less byte.
645 EXPECT_STATUS_SUCCESS(VerifySignature( 613 EXPECT_STATUS_SUCCESS(VerifySignature(
646 algorithm, 614 algorithm,
647 key, 615 key,
648 CryptoData(static_cast<const unsigned char*>(output.data()), 616 CryptoData(static_cast<const unsigned char*>(output.data()),
649 output.byteLength() - 1), 617 output.byteLength() - 1),
650 CryptoData(test_message), 618 CryptoData(test_message),
651 &signature_match)); 619 &signature_match));
652 EXPECT_FALSE(signature_match); 620 EXPECT_FALSE(signature_match);
653 621
654 // Ensure truncated signature does not verify by passing no bytes. 622 // Ensure truncated signature does not verify by passing no bytes.
655 EXPECT_STATUS_SUCCESS(VerifySignature( 623 EXPECT_STATUS_SUCCESS(VerifySignature(algorithm,
656 algorithm, 624 key,
657 key, 625 CryptoData(),
658 CryptoData(), 626 CryptoData(test_message),
659 CryptoData(test_message), 627 &signature_match));
660 &signature_match));
661 EXPECT_FALSE(signature_match); 628 EXPECT_FALSE(signature_match);
662 629
663 // Ensure extra long signature does not cause issues and fails. 630 // Ensure extra long signature does not cause issues and fails.
664 const unsigned char kLongSignature[1024] = { 0 }; 631 const unsigned char kLongSignature[1024] = {0};
665 EXPECT_STATUS_SUCCESS(VerifySignature( 632 EXPECT_STATUS_SUCCESS(
666 algorithm, 633 VerifySignature(algorithm,
667 key, 634 key,
668 CryptoData(kLongSignature, sizeof(kLongSignature)), 635 CryptoData(kLongSignature, sizeof(kLongSignature)),
669 CryptoData(test_message), 636 CryptoData(test_message),
670 &signature_match)); 637 &signature_match));
671 EXPECT_FALSE(signature_match); 638 EXPECT_FALSE(signature_match);
672 } 639 }
673 } 640 }
674 641
675 TEST_F(SharedCryptoTest, AesCbcFailures) { 642 TEST_F(SharedCryptoTest, AesCbcFailures) {
676 const std::string key_hex = "2b7e151628aed2a6abf7158809cf4f3c"; 643 const std::string key_hex = "2b7e151628aed2a6abf7158809cf4f3c";
677 blink::WebCryptoKey key = ImportSecretKeyFromRaw( 644 blink::WebCryptoKey key = ImportSecretKeyFromRaw(
678 HexStringToBytes(key_hex), 645 HexStringToBytes(key_hex),
679 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), 646 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
680 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); 647 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt);
681 648
682 // Verify exported raw key is identical to the imported data 649 // Verify exported raw key is identical to the imported data
683 blink::WebArrayBuffer raw_key; 650 blink::WebArrayBuffer raw_key;
684 EXPECT_STATUS_SUCCESS( 651 EXPECT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key));
685 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key));
686 ExpectArrayBufferMatchesHex(key_hex, raw_key); 652 ExpectArrayBufferMatchesHex(key_hex, raw_key);
687 653
688 blink::WebArrayBuffer output; 654 blink::WebArrayBuffer output;
689 655
690 // Use an invalid |iv| (fewer than 16 bytes) 656 // Use an invalid |iv| (fewer than 16 bytes)
691 { 657 {
692 std::vector<uint8> input(32); 658 std::vector<uint8> input(32);
693 std::vector<uint8> iv; 659 std::vector<uint8> iv;
694 EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), EncryptInternal( 660 EXPECT_STATUS(
695 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); 661 Status::ErrorIncorrectSizeAesCbcIv(),
696 EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), DecryptInternal( 662 EncryptInternal(
697 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); 663 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output));
664 EXPECT_STATUS(
665 Status::ErrorIncorrectSizeAesCbcIv(),
666 DecryptInternal(
667 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output));
698 } 668 }
699 669
700 // Use an invalid |iv| (more than 16 bytes) 670 // Use an invalid |iv| (more than 16 bytes)
701 { 671 {
702 std::vector<uint8> input(32); 672 std::vector<uint8> input(32);
703 std::vector<uint8> iv(17); 673 std::vector<uint8> iv(17);
704 EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), EncryptInternal( 674 EXPECT_STATUS(
705 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); 675 Status::ErrorIncorrectSizeAesCbcIv(),
706 EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), DecryptInternal( 676 EncryptInternal(
707 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); 677 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output));
678 EXPECT_STATUS(
679 Status::ErrorIncorrectSizeAesCbcIv(),
680 DecryptInternal(
681 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output));
708 } 682 }
709 683
710 // Give an input that is too large (would cause integer overflow when 684 // Give an input that is too large (would cause integer overflow when
711 // narrowing to an int). 685 // narrowing to an int).
712 { 686 {
713 std::vector<uint8> iv(16); 687 std::vector<uint8> iv(16);
714 688
715 // Pretend the input is large. Don't pass data pointer as NULL in case that 689 // Pretend the input is large. Don't pass data pointer as NULL in case that
716 // is special cased; the implementation shouldn't actually dereference the 690 // is special cased; the implementation shouldn't actually dereference the
717 // data. 691 // data.
718 CryptoData input(&iv[0], INT_MAX - 3); 692 CryptoData input(&iv[0], INT_MAX - 3);
719 693
720 EXPECT_STATUS(Status::ErrorDataTooLarge(), Encrypt( 694 EXPECT_STATUS(Status::ErrorDataTooLarge(),
721 CreateAesCbcAlgorithm(iv), key, input, &output)); 695 Encrypt(CreateAesCbcAlgorithm(iv), key, input, &output));
722 EXPECT_STATUS(Status::ErrorDataTooLarge(), Decrypt( 696 EXPECT_STATUS(Status::ErrorDataTooLarge(),
723 CreateAesCbcAlgorithm(iv), key, input, &output)); 697 Decrypt(CreateAesCbcAlgorithm(iv), key, input, &output));
724 } 698 }
725 699
726 // Fail importing the key (too few bytes specified) 700 // Fail importing the key (too few bytes specified)
727 { 701 {
728 std::vector<uint8> key_raw(1); 702 std::vector<uint8> key_raw(1);
729 std::vector<uint8> iv(16); 703 std::vector<uint8> iv(16);
730 704
731 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); 705 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
732 EXPECT_STATUS( 706 EXPECT_STATUS(Status::Error(),
733 Status::Error(), 707 ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
734 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, 708 key_raw,
735 key_raw, 709 CreateAesCbcAlgorithm(iv),
736 CreateAesCbcAlgorithm(iv), 710 true,
737 true, 711 blink::WebCryptoKeyUsageEncrypt,
738 blink::WebCryptoKeyUsageEncrypt, 712 &key));
739 &key));
740 } 713 }
741 714
742 // Fail exporting the key in SPKI and PKCS#8 formats (not allowed for secret 715 // Fail exporting the key in SPKI and PKCS#8 formats (not allowed for secret
743 // keys). 716 // keys).
744 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), 717 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(),
745 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); 718 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output));
746 EXPECT_STATUS(Status::ErrorUnsupported(), 719 EXPECT_STATUS(Status::ErrorUnsupported(),
747 ExportKey(blink::WebCryptoKeyFormatPkcs8, key, &output)); 720 ExportKey(blink::WebCryptoKeyFormatPkcs8, key, &output));
748 } 721 }
749 722
750 TEST_F(SharedCryptoTest, MAYBE(AesCbcSampleSets)) { 723 TEST_F(SharedCryptoTest, MAYBE(AesCbcSampleSets)) {
751 scoped_ptr<base::ListValue> tests; 724 scoped_ptr<base::ListValue> tests;
752 ASSERT_TRUE(ReadJsonTestFileToList("aes_cbc.json", &tests)); 725 ASSERT_TRUE(ReadJsonTestFileToList("aes_cbc.json", &tests));
753 726
754 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { 727 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) {
755 SCOPED_TRACE(test_index); 728 SCOPED_TRACE(test_index);
756 base::DictionaryValue* test; 729 base::DictionaryValue* test;
757 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); 730 ASSERT_TRUE(tests->GetDictionary(test_index, &test));
758 731
759 std::vector<uint8> test_key = GetBytesFromHexString(test, "key"); 732 std::vector<uint8> test_key = GetBytesFromHexString(test, "key");
760 std::vector<uint8> test_iv = GetBytesFromHexString(test, "iv"); 733 std::vector<uint8> test_iv = GetBytesFromHexString(test, "iv");
761 std::vector<uint8> test_plain_text = 734 std::vector<uint8> test_plain_text =
762 GetBytesFromHexString(test, "plain_text"); 735 GetBytesFromHexString(test, "plain_text");
763 std::vector<uint8> test_cipher_text = 736 std::vector<uint8> test_cipher_text =
764 GetBytesFromHexString(test, "cipher_text"); 737 GetBytesFromHexString(test, "cipher_text");
765 738
766 blink::WebCryptoKey key = ImportSecretKeyFromRaw( 739 blink::WebCryptoKey key = ImportSecretKeyFromRaw(
767 test_key, 740 test_key,
768 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), 741 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
769 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); 742 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt);
770 743
771 // Verify exported raw key is identical to the imported data 744 // Verify exported raw key is identical to the imported data
772 blink::WebArrayBuffer raw_key; 745 blink::WebArrayBuffer raw_key;
773 EXPECT_STATUS_SUCCESS(ExportKey( 746 EXPECT_STATUS_SUCCESS(
774 blink::WebCryptoKeyFormatRaw, key, &raw_key)); 747 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key));
775 ExpectArrayBufferMatches(test_key, raw_key); 748 ExpectArrayBufferMatches(test_key, raw_key);
776 749
777 blink::WebArrayBuffer output; 750 blink::WebArrayBuffer output;
778 751
779 // Test encryption. 752 // Test encryption.
780 EXPECT_STATUS( 753 EXPECT_STATUS(Status::Success(),
781 Status::Success(), 754 EncryptInternal(webcrypto::CreateAesCbcAlgorithm(test_iv),
782 EncryptInternal(webcrypto::CreateAesCbcAlgorithm(test_iv), 755 key,
783 key, 756 test_plain_text,
784 test_plain_text, 757 &output));
785 &output));
786 ExpectArrayBufferMatches(test_cipher_text, output); 758 ExpectArrayBufferMatches(test_cipher_text, output);
787 759
788 // Test decryption. 760 // Test decryption.
789 EXPECT_STATUS( 761 EXPECT_STATUS(Status::Success(),
790 Status::Success(), 762 DecryptInternal(webcrypto::CreateAesCbcAlgorithm(test_iv),
791 DecryptInternal(webcrypto::CreateAesCbcAlgorithm(test_iv), 763 key,
792 key, 764 test_cipher_text,
793 test_cipher_text, 765 &output));
794 &output));
795 ExpectArrayBufferMatches(test_plain_text, output); 766 ExpectArrayBufferMatches(test_plain_text, output);
796 767
797 const unsigned int kAesCbcBlockSize = 16; 768 const unsigned int kAesCbcBlockSize = 16;
798 769
799 // Decrypt with a padding error by stripping the last block. This also ends 770 // Decrypt with a padding error by stripping the last block. This also ends
800 // up testing decryption over empty cipher text. 771 // up testing decryption over empty cipher text.
801 if (test_cipher_text.size() >= kAesCbcBlockSize) { 772 if (test_cipher_text.size() >= kAesCbcBlockSize) {
802 EXPECT_STATUS( 773 EXPECT_STATUS(
803 Status::Error(), 774 Status::Error(),
804 Decrypt(CreateAesCbcAlgorithm(test_iv), 775 Decrypt(CreateAesCbcAlgorithm(test_iv),
805 key, 776 key,
806 CryptoData(&test_cipher_text[0], 777 CryptoData(&test_cipher_text[0],
807 test_cipher_text.size() - kAesCbcBlockSize), 778 test_cipher_text.size() - kAesCbcBlockSize),
808 &output)); 779 &output));
809 } 780 }
810 781
811 // Decrypt cipher text which is not a multiple of block size by stripping 782 // Decrypt cipher text which is not a multiple of block size by stripping
812 // a few bytes off the cipher text. 783 // a few bytes off the cipher text.
813 if (test_cipher_text.size() > 3) { 784 if (test_cipher_text.size() > 3) {
814 EXPECT_STATUS( 785 EXPECT_STATUS(
815 Status::Error(), 786 Status::Error(),
816 Decrypt(CreateAesCbcAlgorithm(test_iv), 787 Decrypt(CreateAesCbcAlgorithm(test_iv),
817 key, 788 key,
818 CryptoData(&test_cipher_text[0], 789 CryptoData(&test_cipher_text[0], test_cipher_text.size() - 3),
819 test_cipher_text.size() - 3),
820 &output)); 790 &output));
821 } 791 }
822 } 792 }
823 } 793 }
824 794
825 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyAes)) { 795 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyAes)) {
826 // Check key generation for each of AES-CBC, AES-GCM, and AES-KW, and for each 796 // Check key generation for each of AES-CBC, AES-GCM, and AES-KW, and for each
827 // allowed key length. 797 // allowed key length.
828 std::vector<blink::WebCryptoAlgorithm> algorithm; 798 std::vector<blink::WebCryptoAlgorithm> algorithm;
829 const unsigned short kKeyLength[] = {128, 192, 256}; 799 const unsigned short kKeyLength[] = {128, 192, 256};
830 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLength); ++i) { 800 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLength); ++i) {
831 algorithm.push_back(CreateAesCbcKeyGenAlgorithm(kKeyLength[i])); 801 algorithm.push_back(CreateAesCbcKeyGenAlgorithm(kKeyLength[i]));
832 algorithm.push_back(CreateAesGcmKeyGenAlgorithm(kKeyLength[i])); 802 algorithm.push_back(CreateAesGcmKeyGenAlgorithm(kKeyLength[i]));
833 algorithm.push_back(CreateAesKwKeyGenAlgorithm(kKeyLength[i])); 803 algorithm.push_back(CreateAesKwKeyGenAlgorithm(kKeyLength[i]));
834 } 804 }
835 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); 805 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
836 std::vector<blink::WebArrayBuffer> keys; 806 std::vector<blink::WebArrayBuffer> keys;
837 blink::WebArrayBuffer key_bytes; 807 blink::WebArrayBuffer key_bytes;
838 for (size_t i = 0; i < algorithm.size(); ++i) { 808 for (size_t i = 0; i < algorithm.size(); ++i) {
839 SCOPED_TRACE(i); 809 SCOPED_TRACE(i);
840 // Generate a small sample of keys. 810 // Generate a small sample of keys.
841 keys.clear(); 811 keys.clear();
842 for (int j = 0; j < 16; ++j) { 812 for (int j = 0; j < 16; ++j) {
843 ASSERT_STATUS_SUCCESS(GenerateSecretKey( 813 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm[i], true, 0, &key));
844 algorithm[i], true, 0, &key));
845 EXPECT_TRUE(key.handle()); 814 EXPECT_TRUE(key.handle());
846 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); 815 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type());
847 ASSERT_STATUS_SUCCESS( 816 ASSERT_STATUS_SUCCESS(
848 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_bytes)); 817 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_bytes));
849 keys.push_back(key_bytes); 818 keys.push_back(key_bytes);
850 } 819 }
851 // Ensure all entries in the key sample set are unique. This is a simplistic 820 // Ensure all entries in the key sample set are unique. This is a simplistic
852 // estimate of whether the generated keys appear random. 821 // estimate of whether the generated keys appear random.
853 EXPECT_FALSE(CopiesExist(keys)); 822 EXPECT_FALSE(CopiesExist(keys));
854 } 823 }
855 } 824 }
856 825
857 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyAesBadLength)) { 826 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyAesBadLength)) {
858 const unsigned short kKeyLen[] = {0, 127, 257}; 827 const unsigned short kKeyLen[] = {0, 127, 257};
859 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); 828 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
860 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLen); ++i) { 829 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLen); ++i) {
861 SCOPED_TRACE(i); 830 SCOPED_TRACE(i);
862 EXPECT_STATUS(Status::ErrorGenerateKeyLength(), GenerateSecretKey( 831 EXPECT_STATUS(Status::ErrorGenerateKeyLength(),
863 CreateAesCbcKeyGenAlgorithm(kKeyLen[i]), true, 0, &key)); 832 GenerateSecretKey(
864 EXPECT_STATUS(Status::ErrorGenerateKeyLength(), GenerateSecretKey( 833 CreateAesCbcKeyGenAlgorithm(kKeyLen[i]), true, 0, &key));
865 CreateAesGcmKeyGenAlgorithm(kKeyLen[i]), true, 0, &key)); 834 EXPECT_STATUS(Status::ErrorGenerateKeyLength(),
866 EXPECT_STATUS(Status::ErrorGenerateKeyLength(), GenerateSecretKey( 835 GenerateSecretKey(
867 CreateAesKwKeyGenAlgorithm(kKeyLen[i]), true, 0, &key)); 836 CreateAesGcmKeyGenAlgorithm(kKeyLen[i]), true, 0, &key));
837 EXPECT_STATUS(Status::ErrorGenerateKeyLength(),
838 GenerateSecretKey(
839 CreateAesKwKeyGenAlgorithm(kKeyLen[i]), true, 0, &key));
868 } 840 }
869 } 841 }
870 842
871 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyHmac)) { 843 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyHmac)) {
872 // Generate a small sample of HMAC keys. 844 // Generate a small sample of HMAC keys.
873 std::vector<blink::WebArrayBuffer> keys; 845 std::vector<blink::WebArrayBuffer> keys;
874 for (int i = 0; i < 16; ++i) { 846 for (int i = 0; i < 16; ++i) {
875 blink::WebArrayBuffer key_bytes; 847 blink::WebArrayBuffer key_bytes;
876 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); 848 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
877 blink::WebCryptoAlgorithm algorithm = CreateHmacKeyGenAlgorithm( 849 blink::WebCryptoAlgorithm algorithm =
878 blink::WebCryptoAlgorithmIdSha1, 64); 850 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 64);
879 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); 851 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key));
880 EXPECT_FALSE(key.isNull()); 852 EXPECT_FALSE(key.isNull());
881 EXPECT_TRUE(key.handle()); 853 EXPECT_TRUE(key.handle());
882 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); 854 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type());
883 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); 855 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id());
884 856
885 blink::WebArrayBuffer raw_key; 857 blink::WebArrayBuffer raw_key;
886 ASSERT_STATUS_SUCCESS( 858 ASSERT_STATUS_SUCCESS(
887 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); 859 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key));
888 EXPECT_EQ(64U, raw_key.byteLength()); 860 EXPECT_EQ(64U, raw_key.byteLength());
889 keys.push_back(raw_key); 861 keys.push_back(raw_key);
890 } 862 }
891 // Ensure all entries in the key sample set are unique. This is a simplistic 863 // Ensure all entries in the key sample set are unique. This is a simplistic
892 // estimate of whether the generated keys appear random. 864 // estimate of whether the generated keys appear random.
893 EXPECT_FALSE(CopiesExist(keys)); 865 EXPECT_FALSE(CopiesExist(keys));
894 } 866 }
895 867
896 // If the key length is not provided, then the block size is used. 868 // If the key length is not provided, then the block size is used.
897 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyHmacNoLength)) { 869 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyHmacNoLength)) {
898 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); 870 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
899 blink::WebCryptoAlgorithm algorithm = 871 blink::WebCryptoAlgorithm algorithm =
900 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 0); 872 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 0);
901 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); 873 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key));
902 EXPECT_TRUE(key.handle()); 874 EXPECT_TRUE(key.handle());
903 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); 875 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type());
904 blink::WebArrayBuffer raw_key; 876 blink::WebArrayBuffer raw_key;
905 ASSERT_STATUS_SUCCESS( 877 ASSERT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key));
906 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key));
907 EXPECT_EQ(64U, raw_key.byteLength()); 878 EXPECT_EQ(64U, raw_key.byteLength());
908 879
909 // The block size for HMAC SHA-512 is larger. 880 // The block size for HMAC SHA-512 is larger.
910 algorithm = CreateHmacKeyGenAlgorithm( 881 algorithm = CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha512, 0);
911 blink::WebCryptoAlgorithmIdSha512, 0);
912 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); 882 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key));
913 ASSERT_STATUS_SUCCESS( 883 ASSERT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key));
914 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key));
915 EXPECT_EQ(128U, raw_key.byteLength()); 884 EXPECT_EQ(128U, raw_key.byteLength());
916 } 885 }
917 886
918 TEST_F(SharedCryptoTest, MAYBE(ImportSecretKeyNoAlgorithm)) { 887 TEST_F(SharedCryptoTest, MAYBE(ImportSecretKeyNoAlgorithm)) {
919 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); 888 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
920 889
921 // This fails because the algorithm is null. 890 // This fails because the algorithm is null.
922 EXPECT_STATUS(Status::ErrorMissingAlgorithmImportRawKey(), ImportKeyInternal( 891 EXPECT_STATUS(Status::ErrorMissingAlgorithmImportRawKey(),
923 blink::WebCryptoKeyFormatRaw, 892 ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
924 HexStringToBytes("00000000000000000000"), 893 HexStringToBytes("00000000000000000000"),
925 blink::WebCryptoAlgorithm::createNull(), 894 blink::WebCryptoAlgorithm::createNull(),
926 true, 895 true,
927 blink::WebCryptoKeyUsageEncrypt, 896 blink::WebCryptoKeyUsageEncrypt,
928 &key)); 897 &key));
929 } 898 }
930 899
931 TEST_F(SharedCryptoTest, ImportJwkFailures) { 900 TEST_F(SharedCryptoTest, ImportJwkFailures) {
932 901
933 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); 902 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
934 blink::WebCryptoAlgorithm algorithm = 903 blink::WebCryptoAlgorithm algorithm =
935 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); 904 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc);
936 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; 905 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt;
937 906
938 // Baseline pass: each test below breaks a single item, so we start with a 907 // Baseline pass: each test below breaks a single item, so we start with a
939 // passing case to make sure each failure is caused by the isolated break. 908 // passing case to make sure each failure is caused by the isolated break.
940 // Each breaking subtest below resets the dictionary to this passing case when 909 // Each breaking subtest below resets the dictionary to this passing case when
941 // complete. 910 // complete.
942 base::DictionaryValue dict; 911 base::DictionaryValue dict;
943 RestoreJwkOctDictionary(&dict); 912 RestoreJwkOctDictionary(&dict);
944 EXPECT_STATUS_SUCCESS(ImportKeyJwk( 913 EXPECT_STATUS_SUCCESS(
945 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); 914 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
946 915
947 // Fail on empty JSON. 916 // Fail on empty JSON.
948 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), ImportKeyJwk( 917 EXPECT_STATUS(
949 MakeJsonVector(""), algorithm, false, usage_mask, &key)); 918 Status::ErrorImportEmptyKeyData(),
919 ImportKeyJwk(MakeJsonVector(""), algorithm, false, usage_mask, &key));
950 920
951 // Fail on invalid JSON. 921 // Fail on invalid JSON.
952 const std::vector<uint8> bad_json_vec = MakeJsonVector( 922 const std::vector<uint8> bad_json_vec = MakeJsonVector(
953 "{" 923 "{"
954 "\"kty\" : \"oct\"," 924 "\"kty\" : \"oct\","
955 "\"alg\" : \"HS256\"," 925 "\"alg\" : \"HS256\","
956 "\"use\" : " 926 "\"use\" : ");
957 );
958 EXPECT_STATUS(Status::ErrorJwkNotDictionary(), 927 EXPECT_STATUS(Status::ErrorJwkNotDictionary(),
959 ImportKeyJwk(bad_json_vec, algorithm, false, usage_mask, &key)); 928 ImportKeyJwk(bad_json_vec, algorithm, false, usage_mask, &key));
960 929
961 // Fail on JWK alg present but unrecognized. 930 // Fail on JWK alg present but unrecognized.
962 dict.SetString("alg", "A127CBC"); 931 dict.SetString("alg", "A127CBC");
963 EXPECT_STATUS(Status::ErrorJwkUnrecognizedAlgorithm(), ImportKeyJwk( 932 EXPECT_STATUS(
964 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); 933 Status::ErrorJwkUnrecognizedAlgorithm(),
934 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
965 RestoreJwkOctDictionary(&dict); 935 RestoreJwkOctDictionary(&dict);
966 936
967 // Fail on both JWK and input algorithm missing. 937 // Fail on both JWK and input algorithm missing.
968 dict.Remove("alg", NULL); 938 dict.Remove("alg", NULL);
969 EXPECT_STATUS( 939 EXPECT_STATUS(Status::ErrorJwkAlgorithmMissing(),
970 Status::ErrorJwkAlgorithmMissing(), 940 ImportKeyJwk(MakeJsonVector(dict),
971 ImportKeyJwk(MakeJsonVector(dict), 941 blink::WebCryptoAlgorithm::createNull(),
972 blink::WebCryptoAlgorithm::createNull(), 942 false,
973 false, 943 usage_mask,
974 usage_mask, 944 &key));
975 &key));
976 RestoreJwkOctDictionary(&dict); 945 RestoreJwkOctDictionary(&dict);
977 946
978 // Fail on invalid kty. 947 // Fail on invalid kty.
979 dict.SetString("kty", "foo"); 948 dict.SetString("kty", "foo");
980 EXPECT_STATUS(Status::ErrorJwkUnrecognizedKty(), ImportKeyJwk( 949 EXPECT_STATUS(
981 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); 950 Status::ErrorJwkUnrecognizedKty(),
951 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
982 RestoreJwkOctDictionary(&dict); 952 RestoreJwkOctDictionary(&dict);
983 953
984 // Fail on missing kty. 954 // Fail on missing kty.
985 dict.Remove("kty", NULL); 955 dict.Remove("kty", NULL);
986 EXPECT_STATUS( 956 EXPECT_STATUS(
987 Status::ErrorJwkPropertyMissing("kty"), 957 Status::ErrorJwkPropertyMissing("kty"),
988 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); 958 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
989 RestoreJwkOctDictionary(&dict); 959 RestoreJwkOctDictionary(&dict);
990 960
991 // Fail on kty wrong type. 961 // Fail on kty wrong type.
992 dict.SetDouble("kty", 0.1); 962 dict.SetDouble("kty", 0.1);
993 EXPECT_STATUS( 963 EXPECT_STATUS(
994 Status::ErrorJwkPropertyWrongType("kty", "string"), 964 Status::ErrorJwkPropertyWrongType("kty", "string"),
995 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); 965 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
996 RestoreJwkOctDictionary(&dict); 966 RestoreJwkOctDictionary(&dict);
997 967
998 // Fail on invalid use. 968 // Fail on invalid use.
999 dict.SetString("use", "foo"); 969 dict.SetString("use", "foo");
1000 EXPECT_STATUS(Status::ErrorJwkUnrecognizedUsage(), ImportKeyJwk( 970 EXPECT_STATUS(
1001 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); 971 Status::ErrorJwkUnrecognizedUsage(),
972 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
1002 RestoreJwkOctDictionary(&dict); 973 RestoreJwkOctDictionary(&dict);
1003 974
1004 // Fail on invalid use (wrong type). 975 // Fail on invalid use (wrong type).
1005 dict.SetBoolean("use", true); 976 dict.SetBoolean("use", true);
1006 EXPECT_STATUS( 977 EXPECT_STATUS(
1007 Status::ErrorJwkPropertyWrongType("use", "string"), 978 Status::ErrorJwkPropertyWrongType("use", "string"),
1008 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); 979 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
1009 RestoreJwkOctDictionary(&dict); 980 RestoreJwkOctDictionary(&dict);
1010 981
1011 // Fail on invalid extractable (wrong type). 982 // Fail on invalid extractable (wrong type).
1012 dict.SetInteger("extractable", 0); 983 dict.SetInteger("extractable", 0);
1013 EXPECT_STATUS( 984 EXPECT_STATUS(
1014 Status::ErrorJwkPropertyWrongType("extractable", "boolean"), 985 Status::ErrorJwkPropertyWrongType("extractable", "boolean"),
1015 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); 986 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
1016 RestoreJwkOctDictionary(&dict); 987 RestoreJwkOctDictionary(&dict);
1017 } 988 }
1018 989
1019 TEST_F(SharedCryptoTest, ImportJwkOctFailures) { 990 TEST_F(SharedCryptoTest, ImportJwkOctFailures) {
1020 991
1021 base::DictionaryValue dict; 992 base::DictionaryValue dict;
1022 RestoreJwkOctDictionary(&dict); 993 RestoreJwkOctDictionary(&dict);
1023 blink::WebCryptoAlgorithm algorithm = 994 blink::WebCryptoAlgorithm algorithm =
1024 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); 995 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc);
1025 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; 996 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt;
1026 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); 997 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
1027 998
1028 // Baseline pass. 999 // Baseline pass.
1029 EXPECT_STATUS_SUCCESS(ImportKeyJwk( 1000 EXPECT_STATUS_SUCCESS(
1030 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); 1001 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
1031 EXPECT_EQ(algorithm.id(), key.algorithm().id()); 1002 EXPECT_EQ(algorithm.id(), key.algorithm().id());
1032 EXPECT_FALSE(key.extractable()); 1003 EXPECT_FALSE(key.extractable());
1033 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); 1004 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages());
1034 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); 1005 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type());
1035 1006
1036 // The following are specific failure cases for when kty = "oct". 1007 // The following are specific failure cases for when kty = "oct".
1037 1008
1038 // Fail on missing k. 1009 // Fail on missing k.
1039 dict.Remove("k", NULL); 1010 dict.Remove("k", NULL);
1040 EXPECT_STATUS( 1011 EXPECT_STATUS(
1041 Status::ErrorJwkPropertyMissing("k"), 1012 Status::ErrorJwkPropertyMissing("k"),
1042 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); 1013 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
1043 RestoreJwkOctDictionary(&dict); 1014 RestoreJwkOctDictionary(&dict);
1044 1015
1045 // Fail on bad b64 encoding for k. 1016 // Fail on bad b64 encoding for k.
1046 dict.SetString("k", "Qk3f0DsytU8lfza2au #$% Htaw2xpop9GYyTuH0p5GghxTI="); 1017 dict.SetString("k", "Qk3f0DsytU8lfza2au #$% Htaw2xpop9GYyTuH0p5GghxTI=");
1047 EXPECT_STATUS( 1018 EXPECT_STATUS(
1048 Status::ErrorJwkBase64Decode("k"), 1019 Status::ErrorJwkBase64Decode("k"),
1049 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); 1020 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
1050 RestoreJwkOctDictionary(&dict); 1021 RestoreJwkOctDictionary(&dict);
1051 1022
1052 // Fail on empty k. 1023 // Fail on empty k.
1053 dict.SetString("k", ""); 1024 dict.SetString("k", "");
1054 EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), ImportKeyJwk( 1025 EXPECT_STATUS(
1055 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); 1026 Status::ErrorJwkIncorrectKeyLength(),
1027 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
1056 RestoreJwkOctDictionary(&dict); 1028 RestoreJwkOctDictionary(&dict);
1057 1029
1058 // Fail on k actual length (120 bits) inconsistent with the embedded JWK alg 1030 // Fail on k actual length (120 bits) inconsistent with the embedded JWK alg
1059 // value (128) for an AES key. 1031 // value (128) for an AES key.
1060 dict.SetString("k", "AVj42h0Y5aqGtE3yluKL"); 1032 dict.SetString("k", "AVj42h0Y5aqGtE3yluKL");
1061 EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), ImportKeyJwk( 1033 EXPECT_STATUS(
1062 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); 1034 Status::ErrorJwkIncorrectKeyLength(),
1035 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
1063 RestoreJwkOctDictionary(&dict); 1036 RestoreJwkOctDictionary(&dict);
1064 1037
1065 // Fail on k actual length (192 bits) inconsistent with the embedded JWK alg 1038 // Fail on k actual length (192 bits) inconsistent with the embedded JWK alg
1066 // value (128) for an AES key. 1039 // value (128) for an AES key.
1067 dict.SetString("k", "dGhpcyAgaXMgIDI0ICBieXRlcyBsb25n"); 1040 dict.SetString("k", "dGhpcyAgaXMgIDI0ICBieXRlcyBsb25n");
1068 EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), ImportKeyJwk( 1041 EXPECT_STATUS(
1069 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); 1042 Status::ErrorJwkIncorrectKeyLength(),
1043 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
1070 RestoreJwkOctDictionary(&dict); 1044 RestoreJwkOctDictionary(&dict);
1071 } 1045 }
1072 1046
1073 TEST_F(SharedCryptoTest, MAYBE(ImportJwkRsaFailures)) { 1047 TEST_F(SharedCryptoTest, MAYBE(ImportJwkRsaFailures)) {
1074 1048
1075 base::DictionaryValue dict; 1049 base::DictionaryValue dict;
1076 RestoreJwkRsaDictionary(&dict); 1050 RestoreJwkRsaDictionary(&dict);
1077 blink::WebCryptoAlgorithm algorithm = 1051 blink::WebCryptoAlgorithm algorithm =
1078 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); 1052 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5);
1079 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; 1053 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt;
1080 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); 1054 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
1081 1055
1082 // An RSA public key JWK _must_ have an "n" (modulus) and an "e" (exponent) 1056 // An RSA public key JWK _must_ have an "n" (modulus) and an "e" (exponent)
1083 // entry, while an RSA private key must have those plus at least a "d" 1057 // entry, while an RSA private key must have those plus at least a "d"
1084 // (private exponent) entry. 1058 // (private exponent) entry.
1085 // See http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-18, 1059 // See http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-18,
1086 // section 6.3. 1060 // section 6.3.
1087 1061
1088 // Baseline pass. 1062 // Baseline pass.
1089 EXPECT_STATUS_SUCCESS(ImportKeyJwk( 1063 EXPECT_STATUS_SUCCESS(
1090 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); 1064 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
1091 EXPECT_EQ(algorithm.id(), key.algorithm().id()); 1065 EXPECT_EQ(algorithm.id(), key.algorithm().id());
1092 EXPECT_FALSE(key.extractable()); 1066 EXPECT_FALSE(key.extractable());
1093 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); 1067 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages());
1094 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); 1068 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type());
1095 1069
1096 // The following are specific failure cases for when kty = "RSA". 1070 // The following are specific failure cases for when kty = "RSA".
1097 1071
1098 // Fail if either "n" or "e" is not present or malformed. 1072 // Fail if either "n" or "e" is not present or malformed.
1099 const std::string kKtyParmName[] = {"n", "e"}; 1073 const std::string kKtyParmName[] = {"n", "e"};
1100 for (size_t idx = 0; idx < ARRAYSIZE_UNSAFE(kKtyParmName); ++idx) { 1074 for (size_t idx = 0; idx < ARRAYSIZE_UNSAFE(kKtyParmName); ++idx) {
1101 1075
1102 // Fail on missing parameter. 1076 // Fail on missing parameter.
1103 dict.Remove(kKtyParmName[idx], NULL); 1077 dict.Remove(kKtyParmName[idx], NULL);
1104 EXPECT_STATUS_ERROR(ImportKeyJwk( 1078 EXPECT_STATUS_ERROR(
1105 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); 1079 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
1106 RestoreJwkRsaDictionary(&dict); 1080 RestoreJwkRsaDictionary(&dict);
1107 1081
1108 // Fail on bad b64 parameter encoding. 1082 // Fail on bad b64 parameter encoding.
1109 dict.SetString(kKtyParmName[idx], "Qk3f0DsytU8lfza2au #$% Htaw2xpop9yTuH0"); 1083 dict.SetString(kKtyParmName[idx], "Qk3f0DsytU8lfza2au #$% Htaw2xpop9yTuH0");
1110 EXPECT_STATUS_ERROR(ImportKeyJwk( 1084 EXPECT_STATUS_ERROR(
1111 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); 1085 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
1112 RestoreJwkRsaDictionary(&dict); 1086 RestoreJwkRsaDictionary(&dict);
1113 1087
1114 // Fail on empty parameter. 1088 // Fail on empty parameter.
1115 dict.SetString(kKtyParmName[idx], ""); 1089 dict.SetString(kKtyParmName[idx], "");
1116 EXPECT_STATUS_ERROR(ImportKeyJwk( 1090 EXPECT_STATUS_ERROR(
1117 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); 1091 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
1118 RestoreJwkRsaDictionary(&dict); 1092 RestoreJwkRsaDictionary(&dict);
1119 } 1093 }
1120 1094
1121 // Fail if "d" parameter is present, implying the JWK is a private key, which 1095 // Fail if "d" parameter is present, implying the JWK is a private key, which
1122 // is not supported. 1096 // is not supported.
1123 dict.SetString("d", "Qk3f0Dsyt"); 1097 dict.SetString("d", "Qk3f0Dsyt");
1124 EXPECT_STATUS(Status::ErrorJwkRsaPrivateKeyUnsupported(), ImportKeyJwk( 1098 EXPECT_STATUS(
1125 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); 1099 Status::ErrorJwkRsaPrivateKeyUnsupported(),
1100 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
1126 RestoreJwkRsaDictionary(&dict); 1101 RestoreJwkRsaDictionary(&dict);
1127 } 1102 }
1128 1103
1129 TEST_F(SharedCryptoTest, MAYBE(ImportJwkInputConsistency)) { 1104 TEST_F(SharedCryptoTest, MAYBE(ImportJwkInputConsistency)) {
1130 // The Web Crypto spec says that if a JWK value is present, but is 1105 // The Web Crypto spec says that if a JWK value is present, but is
1131 // inconsistent with the input value, the operation must fail. 1106 // inconsistent with the input value, the operation must fail.
1132 1107
1133 // Consistency rules when JWK value is not present: Inputs should be used. 1108 // Consistency rules when JWK value is not present: Inputs should be used.
1134 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); 1109 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
1135 bool extractable = false; 1110 bool extractable = false;
1136 blink::WebCryptoAlgorithm algorithm = 1111 blink::WebCryptoAlgorithm algorithm =
1137 CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256); 1112 CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256);
1138 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageVerify; 1113 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageVerify;
1139 base::DictionaryValue dict; 1114 base::DictionaryValue dict;
1140 dict.SetString("kty", "oct"); 1115 dict.SetString("kty", "oct");
1141 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); 1116 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg");
1142 std::vector<uint8> json_vec = MakeJsonVector(dict); 1117 std::vector<uint8> json_vec = MakeJsonVector(dict);
1143 EXPECT_STATUS_SUCCESS(ImportKeyJwk( 1118 EXPECT_STATUS_SUCCESS(
1144 json_vec, algorithm, extractable, usage_mask, &key)); 1119 ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key));
1145 EXPECT_TRUE(key.handle()); 1120 EXPECT_TRUE(key.handle());
1146 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); 1121 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type());
1147 EXPECT_EQ(extractable, key.extractable()); 1122 EXPECT_EQ(extractable, key.extractable());
1148 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); 1123 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id());
1149 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, 1124 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256,
1150 key.algorithm().hmacParams()->hash().id()); 1125 key.algorithm().hmacParams()->hash().id());
1151 EXPECT_EQ(blink::WebCryptoKeyUsageVerify, key.usages()); 1126 EXPECT_EQ(blink::WebCryptoKeyUsageVerify, key.usages());
1152 key = blink::WebCryptoKey::createNull(); 1127 key = blink::WebCryptoKey::createNull();
1153 1128
1154 // Consistency rules when JWK value exists: Fail if inconsistency is found. 1129 // Consistency rules when JWK value exists: Fail if inconsistency is found.
1155 1130
1156 // Pass: All input values are consistent with the JWK values. 1131 // Pass: All input values are consistent with the JWK values.
1157 dict.Clear(); 1132 dict.Clear();
1158 dict.SetString("kty", "oct"); 1133 dict.SetString("kty", "oct");
1159 dict.SetString("alg", "HS256"); 1134 dict.SetString("alg", "HS256");
1160 dict.SetString("use", "sig"); 1135 dict.SetString("use", "sig");
1161 dict.SetBoolean("extractable", false); 1136 dict.SetBoolean("extractable", false);
1162 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); 1137 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg");
1163 json_vec = MakeJsonVector(dict); 1138 json_vec = MakeJsonVector(dict);
1164 EXPECT_STATUS_SUCCESS( 1139 EXPECT_STATUS_SUCCESS(
1165 ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key)); 1140 ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key));
1166 1141
1167 // Extractable cases: 1142 // Extractable cases:
1168 // 1. input=T, JWK=F ==> fail (inconsistent) 1143 // 1. input=T, JWK=F ==> fail (inconsistent)
1169 // 4. input=F, JWK=F ==> pass, result extractable is F 1144 // 4. input=F, JWK=F ==> pass, result extractable is F
1170 // 2. input=T, JWK=T ==> pass, result extractable is T 1145 // 2. input=T, JWK=T ==> pass, result extractable is T
1171 // 3. input=F, JWK=T ==> pass, result extractable is F 1146 // 3. input=F, JWK=T ==> pass, result extractable is F
1172 EXPECT_STATUS(Status::ErrorJwkExtractableInconsistent(), 1147 EXPECT_STATUS(Status::ErrorJwkExtractableInconsistent(),
1173 ImportKeyJwk(json_vec, algorithm, true, usage_mask, &key)); 1148 ImportKeyJwk(json_vec, algorithm, true, usage_mask, &key));
1174 EXPECT_STATUS_SUCCESS( 1149 EXPECT_STATUS_SUCCESS(
1175 ImportKeyJwk(json_vec, algorithm, false, usage_mask, &key)); 1150 ImportKeyJwk(json_vec, algorithm, false, usage_mask, &key));
1176 EXPECT_FALSE(key.extractable()); 1151 EXPECT_FALSE(key.extractable());
1177 dict.SetBoolean("extractable", true); 1152 dict.SetBoolean("extractable", true);
1178 EXPECT_STATUS_SUCCESS( 1153 EXPECT_STATUS_SUCCESS(
1179 ImportKeyJwk(MakeJsonVector(dict), algorithm, true, usage_mask, &key)); 1154 ImportKeyJwk(MakeJsonVector(dict), algorithm, true, usage_mask, &key));
1180 EXPECT_TRUE(key.extractable()); 1155 EXPECT_TRUE(key.extractable());
1181 EXPECT_STATUS_SUCCESS( 1156 EXPECT_STATUS_SUCCESS(
1182 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); 1157 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key));
1183 EXPECT_FALSE(key.extractable()); 1158 EXPECT_FALSE(key.extractable());
1184 dict.SetBoolean("extractable", true); // restore previous value 1159 dict.SetBoolean("extractable", true); // restore previous value
1185 1160
1186 // Fail: Input algorithm (AES-CBC) is inconsistent with JWK value 1161 // Fail: Input algorithm (AES-CBC) is inconsistent with JWK value
1187 // (HMAC SHA256). 1162 // (HMAC SHA256).
1188 EXPECT_STATUS(Status::ErrorJwkAlgorithmInconsistent(), ImportKeyJwk( 1163 EXPECT_STATUS(Status::ErrorJwkAlgorithmInconsistent(),
1189 json_vec, 1164 ImportKeyJwk(json_vec,
1190 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), 1165 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
1191 extractable, 1166 extractable,
1192 usage_mask, 1167 usage_mask,
1193 &key)); 1168 &key));
1194 1169
1195 // Fail: Input algorithm (HMAC SHA1) is inconsistent with JWK value 1170 // Fail: Input algorithm (HMAC SHA1) is inconsistent with JWK value
1196 // (HMAC SHA256). 1171 // (HMAC SHA256).
1197 EXPECT_STATUS(Status::ErrorJwkAlgorithmInconsistent(), ImportKeyJwk( 1172 EXPECT_STATUS(
1198 json_vec, 1173 Status::ErrorJwkAlgorithmInconsistent(),
1199 CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha1), 1174 ImportKeyJwk(json_vec,
1200 extractable, 1175 CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha1),
1201 usage_mask, 1176 extractable,
1202 &key)); 1177 usage_mask,
1178 &key));
1203 1179
1204 // Pass: JWK alg valid but input algorithm isNull: use JWK algorithm value. 1180 // Pass: JWK alg valid but input algorithm isNull: use JWK algorithm value.
1205 EXPECT_STATUS_SUCCESS(ImportKeyJwk(json_vec, 1181 EXPECT_STATUS_SUCCESS(ImportKeyJwk(json_vec,
1206 blink::WebCryptoAlgorithm::createNull(), 1182 blink::WebCryptoAlgorithm::createNull(),
1207 extractable, 1183 extractable,
1208 usage_mask, 1184 usage_mask,
1209 &key)); 1185 &key));
1210 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); 1186 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id());
1211 1187
1212 // Pass: JWK alg missing but input algorithm specified: use input value 1188 // Pass: JWK alg missing but input algorithm specified: use input value
1213 dict.Remove("alg", NULL); 1189 dict.Remove("alg", NULL);
1214 EXPECT_STATUS_SUCCESS(ImportKeyJwk( 1190 EXPECT_STATUS_SUCCESS(ImportKeyJwk(
1215 MakeJsonVector(dict), 1191 MakeJsonVector(dict),
1216 CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256), 1192 CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256),
1217 extractable, 1193 extractable,
1218 usage_mask, 1194 usage_mask,
1219 &key)); 1195 &key));
1220 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); 1196 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id());
1221 dict.SetString("alg", "HS256"); 1197 dict.SetString("alg", "HS256");
1222 1198
1223 // Fail: Input usage_mask (encrypt) is not a subset of the JWK value 1199 // Fail: Input usage_mask (encrypt) is not a subset of the JWK value
1224 // (sign|verify) 1200 // (sign|verify)
1225 EXPECT_STATUS(Status::ErrorJwkUsageInconsistent(), ImportKeyJwk( 1201 EXPECT_STATUS(Status::ErrorJwkUsageInconsistent(),
1226 json_vec, algorithm, extractable, blink::WebCryptoKeyUsageEncrypt, &key)); 1202 ImportKeyJwk(json_vec,
1203 algorithm,
1204 extractable,
1205 blink::WebCryptoKeyUsageEncrypt,
1206 &key));
1227 1207
1228 // Fail: Input usage_mask (encrypt|sign|verify) is not a subset of the JWK 1208 // Fail: Input usage_mask (encrypt|sign|verify) is not a subset of the JWK
1229 // value (sign|verify) 1209 // value (sign|verify)
1230 usage_mask = blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageSign | 1210 usage_mask = blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageSign |
1231 blink::WebCryptoKeyUsageVerify; 1211 blink::WebCryptoKeyUsageVerify;
1232 EXPECT_STATUS( 1212 EXPECT_STATUS(
1233 Status::ErrorJwkUsageInconsistent(), 1213 Status::ErrorJwkUsageInconsistent(),
1234 ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key)); 1214 ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key));
1235 1215
1236 // TODO(padolph): kty vs alg consistency tests: Depending on the kty value, 1216 // TODO(padolph): kty vs alg consistency tests: Depending on the kty value,
(...skipping 17 matching lines...) Expand all
1254 // Uses the first SHA256 test vector from the HMAC sample set above. 1234 // Uses the first SHA256 test vector from the HMAC sample set above.
1255 1235
1256 base::DictionaryValue dict; 1236 base::DictionaryValue dict;
1257 dict.SetString("kty", "oct"); 1237 dict.SetString("kty", "oct");
1258 dict.SetString("alg", "HS256"); 1238 dict.SetString("alg", "HS256");
1259 dict.SetString("use", "sig"); 1239 dict.SetString("use", "sig");
1260 dict.SetBoolean("extractable", false); 1240 dict.SetBoolean("extractable", false);
1261 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); 1241 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg");
1262 std::vector<uint8> json_vec = MakeJsonVector(dict); 1242 std::vector<uint8> json_vec = MakeJsonVector(dict);
1263 1243
1264 ASSERT_STATUS_SUCCESS(ImportKeyJwk( 1244 ASSERT_STATUS_SUCCESS(
1265 json_vec, algorithm, extractable, usage_mask, &key)); 1245 ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key));
1266 1246
1267 const std::vector<uint8> message_raw = HexStringToBytes( 1247 const std::vector<uint8> message_raw = HexStringToBytes(
1268 "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a" 1248 "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a"
1269 "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92" 1249 "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92"
1270 "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f" 1250 "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f"
1271 "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e"); 1251 "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e");
1272 1252
1273 blink::WebArrayBuffer output; 1253 blink::WebArrayBuffer output;
1274 1254
1275 ASSERT_STATUS_SUCCESS(SignInternal(algorithm, key, message_raw, &output)); 1255 ASSERT_STATUS_SUCCESS(SignInternal(algorithm, key, message_raw, &output));
(...skipping 15 matching lines...) Expand all
1291 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), 1271 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5),
1292 true, 1272 true,
1293 blink::WebCryptoKeyUsageEncrypt, 1273 blink::WebCryptoKeyUsageEncrypt,
1294 &key)); 1274 &key));
1295 EXPECT_TRUE(key.handle()); 1275 EXPECT_TRUE(key.handle());
1296 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); 1276 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type());
1297 EXPECT_TRUE(key.extractable()); 1277 EXPECT_TRUE(key.extractable());
1298 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); 1278 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages());
1299 1279
1300 // Failing case: Empty SPKI data 1280 // Failing case: Empty SPKI data
1301 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), ImportKeyInternal( 1281 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(),
1302 blink::WebCryptoKeyFormatSpki, 1282 ImportKeyInternal(blink::WebCryptoKeyFormatSpki,
1303 std::vector<uint8>(), 1283 std::vector<uint8>(),
1304 blink::WebCryptoAlgorithm::createNull(), 1284 blink::WebCryptoAlgorithm::createNull(),
1305 true, 1285 true,
1306 blink::WebCryptoKeyUsageEncrypt, 1286 blink::WebCryptoKeyUsageEncrypt,
1307 &key)); 1287 &key));
1308 1288
1309 // Failing case: Import RSA key with NULL input algorithm. This is not 1289 // Failing case: Import RSA key with NULL input algorithm. This is not
1310 // allowed because the SPKI ASN.1 format for RSA keys is not specific enough 1290 // allowed because the SPKI ASN.1 format for RSA keys is not specific enough
1311 // to map to a Web Crypto algorithm. 1291 // to map to a Web Crypto algorithm.
1312 EXPECT_STATUS(Status::Error(), ImportKeyInternal( 1292 EXPECT_STATUS(Status::Error(),
1313 blink::WebCryptoKeyFormatSpki, 1293 ImportKeyInternal(blink::WebCryptoKeyFormatSpki,
1314 HexStringToBytes(kPublicKeySpkiDerHex), 1294 HexStringToBytes(kPublicKeySpkiDerHex),
1315 blink::WebCryptoAlgorithm::createNull(), 1295 blink::WebCryptoAlgorithm::createNull(),
1316 true, 1296 true,
1317 blink::WebCryptoKeyUsageEncrypt, 1297 blink::WebCryptoKeyUsageEncrypt,
1318 &key)); 1298 &key));
1319 1299
1320 // Failing case: Bad DER encoding. 1300 // Failing case: Bad DER encoding.
1321 EXPECT_STATUS(Status::Error(), ImportKeyInternal( 1301 EXPECT_STATUS(Status::Error(),
1322 blink::WebCryptoKeyFormatSpki, 1302 ImportKeyInternal(
1323 HexStringToBytes("618333c4cb"), 1303 blink::WebCryptoKeyFormatSpki,
1324 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), 1304 HexStringToBytes("618333c4cb"),
1325 true, 1305 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5),
1326 blink::WebCryptoKeyUsageEncrypt, 1306 true,
1327 &key)); 1307 blink::WebCryptoKeyUsageEncrypt,
1308 &key));
1328 1309
1329 // Failing case: Import RSA key but provide an inconsistent input algorithm. 1310 // Failing case: Import RSA key but provide an inconsistent input algorithm.
1330 EXPECT_STATUS(Status::Error(), ImportKeyInternal( 1311 EXPECT_STATUS(
1331 blink::WebCryptoKeyFormatSpki, 1312 Status::Error(),
1332 HexStringToBytes(kPublicKeySpkiDerHex), 1313 ImportKeyInternal(blink::WebCryptoKeyFormatSpki,
1333 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), 1314 HexStringToBytes(kPublicKeySpkiDerHex),
1334 true, 1315 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
1335 blink::WebCryptoKeyUsageEncrypt, 1316 true,
1336 &key)); 1317 blink::WebCryptoKeyUsageEncrypt,
1318 &key));
1337 1319
1338 // Passing case: Export a previously imported RSA public key in SPKI format 1320 // Passing case: Export a previously imported RSA public key in SPKI format
1339 // and compare to original data. 1321 // and compare to original data.
1340 blink::WebArrayBuffer output; 1322 blink::WebArrayBuffer output;
1341 ASSERT_STATUS_SUCCESS( 1323 ASSERT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatSpki, key, &output));
1342 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output));
1343 ExpectArrayBufferMatchesHex(kPublicKeySpkiDerHex, output); 1324 ExpectArrayBufferMatchesHex(kPublicKeySpkiDerHex, output);
1344 1325
1345 // Failing case: Try to export a previously imported RSA public key in raw 1326 // Failing case: Try to export a previously imported RSA public key in raw
1346 // format (not allowed for a public key). 1327 // format (not allowed for a public key).
1347 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), 1328 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(),
1348 ExportKey(blink::WebCryptoKeyFormatRaw, key, &output)); 1329 ExportKey(blink::WebCryptoKeyFormatRaw, key, &output));
1349 1330
1350 // Failing case: Try to export a non-extractable key 1331 // Failing case: Try to export a non-extractable key
1351 ASSERT_STATUS_SUCCESS(ImportKeyInternal( 1332 ASSERT_STATUS_SUCCESS(ImportKeyInternal(
1352 blink::WebCryptoKeyFormatSpki, 1333 blink::WebCryptoKeyFormatSpki,
1353 HexStringToBytes(kPublicKeySpkiDerHex), 1334 HexStringToBytes(kPublicKeySpkiDerHex),
1354 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), 1335 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5),
1355 false, 1336 false,
1356 blink::WebCryptoKeyUsageEncrypt, 1337 blink::WebCryptoKeyUsageEncrypt,
1357 &key)); 1338 &key));
1358 EXPECT_TRUE(key.handle()); 1339 EXPECT_TRUE(key.handle());
1359 EXPECT_FALSE(key.extractable()); 1340 EXPECT_FALSE(key.extractable());
1360 EXPECT_STATUS(Status::ErrorKeyNotExtractable(), 1341 EXPECT_STATUS(Status::ErrorKeyNotExtractable(),
1361 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); 1342 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output));
1362 } 1343 }
1363 1344
1364 TEST_F(SharedCryptoTest, MAYBE(ImportPkcs8)) { 1345 TEST_F(SharedCryptoTest, MAYBE(ImportPkcs8)) {
1365 // Passing case: Import a valid RSA key in PKCS#8 format. 1346 // Passing case: Import a valid RSA key in PKCS#8 format.
1366 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); 1347 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
1367 ASSERT_STATUS_SUCCESS(ImportKeyInternal( 1348 ASSERT_STATUS_SUCCESS(ImportKeyInternal(
1368 blink::WebCryptoKeyFormatPkcs8, 1349 blink::WebCryptoKeyFormatPkcs8,
1369 HexStringToBytes(kPrivateKeyPkcs8DerHex), 1350 HexStringToBytes(kPrivateKeyPkcs8DerHex),
1370 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), 1351 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5),
1371 true, 1352 true,
1372 blink::WebCryptoKeyUsageSign, 1353 blink::WebCryptoKeyUsageSign,
1373 &key)); 1354 &key));
1374 EXPECT_TRUE(key.handle()); 1355 EXPECT_TRUE(key.handle());
1375 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, key.type()); 1356 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, key.type());
1376 EXPECT_TRUE(key.extractable()); 1357 EXPECT_TRUE(key.extractable());
1377 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages()); 1358 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages());
1378 1359
1379 // Failing case: Empty PKCS#8 data 1360 // Failing case: Empty PKCS#8 data
1380 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), ImportKeyInternal( 1361 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(),
1381 blink::WebCryptoKeyFormatPkcs8, 1362 ImportKeyInternal(blink::WebCryptoKeyFormatPkcs8,
1382 std::vector<uint8>(), 1363 std::vector<uint8>(),
1383 blink::WebCryptoAlgorithm::createNull(), 1364 blink::WebCryptoAlgorithm::createNull(),
1384 true, 1365 true,
1385 blink::WebCryptoKeyUsageSign, 1366 blink::WebCryptoKeyUsageSign,
1386 &key)); 1367 &key));
1387 1368
1388 // Failing case: Import RSA key with NULL input algorithm. This is not 1369 // Failing case: Import RSA key with NULL input algorithm. This is not
1389 // allowed because the PKCS#8 ASN.1 format for RSA keys is not specific enough 1370 // allowed because the PKCS#8 ASN.1 format for RSA keys is not specific enough
1390 // to map to a Web Crypto algorithm. 1371 // to map to a Web Crypto algorithm.
1391 EXPECT_STATUS(Status::Error(), ImportKeyInternal( 1372 EXPECT_STATUS(Status::Error(),
1392 blink::WebCryptoKeyFormatPkcs8, 1373 ImportKeyInternal(blink::WebCryptoKeyFormatPkcs8,
1393 HexStringToBytes(kPrivateKeyPkcs8DerHex), 1374 HexStringToBytes(kPrivateKeyPkcs8DerHex),
1394 blink::WebCryptoAlgorithm::createNull(), 1375 blink::WebCryptoAlgorithm::createNull(),
1395 true, 1376 true,
1396 blink::WebCryptoKeyUsageSign, 1377 blink::WebCryptoKeyUsageSign,
1397 &key)); 1378 &key));
1398 1379
1399 // Failing case: Bad DER encoding. 1380 // Failing case: Bad DER encoding.
1400 EXPECT_STATUS(Status::Error(), ImportKeyInternal( 1381 EXPECT_STATUS(Status::Error(),
1401 blink::WebCryptoKeyFormatPkcs8, 1382 ImportKeyInternal(
1402 HexStringToBytes("618333c4cb"), 1383 blink::WebCryptoKeyFormatPkcs8,
1403 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), 1384 HexStringToBytes("618333c4cb"),
1404 true, 1385 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5),
1405 blink::WebCryptoKeyUsageSign, 1386 true,
1406 &key)); 1387 blink::WebCryptoKeyUsageSign,
1388 &key));
1407 1389
1408 // Failing case: Import RSA key but provide an inconsistent input algorithm. 1390 // Failing case: Import RSA key but provide an inconsistent input algorithm.
1409 EXPECT_STATUS(Status::Error(), ImportKeyInternal( 1391 EXPECT_STATUS(
1410 blink::WebCryptoKeyFormatPkcs8, 1392 Status::Error(),
1411 HexStringToBytes(kPrivateKeyPkcs8DerHex), 1393 ImportKeyInternal(blink::WebCryptoKeyFormatPkcs8,
1412 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), 1394 HexStringToBytes(kPrivateKeyPkcs8DerHex),
1413 true, 1395 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
1414 blink::WebCryptoKeyUsageSign, 1396 true,
1415 &key)); 1397 blink::WebCryptoKeyUsageSign,
1398 &key));
1416 } 1399 }
1417 1400
1418 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyPairRsa)) { 1401 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyPairRsa)) {
1419 // Note: using unrealistic short key lengths here to avoid bogging down tests. 1402 // Note: using unrealistic short key lengths here to avoid bogging down tests.
1420 1403
1421 // Successful WebCryptoAlgorithmIdRsaEsPkcs1v1_5 key generation. 1404 // Successful WebCryptoAlgorithmIdRsaEsPkcs1v1_5 key generation.
1422 const unsigned int modulus_length = 256; 1405 const unsigned int modulus_length = 256;
1423 const std::vector<uint8> public_exponent = HexStringToBytes("010001"); 1406 const std::vector<uint8> public_exponent = HexStringToBytes("010001");
1424 blink::WebCryptoAlgorithm algorithm = CreateRsaKeyGenAlgorithm( 1407 blink::WebCryptoAlgorithm algorithm =
1425 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, 1408 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5,
1426 modulus_length, 1409 modulus_length,
1427 public_exponent); 1410 public_exponent);
1428 bool extractable = false; 1411 bool extractable = false;
1429 const blink::WebCryptoKeyUsageMask usage_mask = 0; 1412 const blink::WebCryptoKeyUsageMask usage_mask = 0;
1430 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); 1413 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull();
1431 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); 1414 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull();
1432 EXPECT_STATUS_SUCCESS(GenerateKeyPair( 1415 EXPECT_STATUS_SUCCESS(GenerateKeyPair(
1433 algorithm, extractable, usage_mask, &public_key, &private_key)); 1416 algorithm, extractable, usage_mask, &public_key, &private_key));
1434 EXPECT_FALSE(public_key.isNull()); 1417 EXPECT_FALSE(public_key.isNull());
1435 EXPECT_FALSE(private_key.isNull()); 1418 EXPECT_FALSE(private_key.isNull());
1436 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); 1419 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type());
1437 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); 1420 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type());
1438 EXPECT_TRUE(public_key.extractable()); 1421 EXPECT_TRUE(public_key.extractable());
1439 EXPECT_EQ(extractable, private_key.extractable()); 1422 EXPECT_EQ(extractable, private_key.extractable());
1440 EXPECT_EQ(usage_mask, public_key.usages()); 1423 EXPECT_EQ(usage_mask, public_key.usages());
1441 EXPECT_EQ(usage_mask, private_key.usages()); 1424 EXPECT_EQ(usage_mask, private_key.usages());
1442 1425
1443 // Fail with bad modulus. 1426 // Fail with bad modulus.
1444 algorithm = CreateRsaKeyGenAlgorithm( 1427 algorithm = CreateRsaKeyGenAlgorithm(
1445 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, 0, public_exponent); 1428 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, 0, public_exponent);
1446 EXPECT_STATUS(Status::ErrorGenerateRsaZeroModulus(), GenerateKeyPair( 1429 EXPECT_STATUS(
1447 algorithm, extractable, usage_mask, &public_key, &private_key)); 1430 Status::ErrorGenerateRsaZeroModulus(),
1431 GenerateKeyPair(
1432 algorithm, extractable, usage_mask, &public_key, &private_key));
1448 1433
1449 // Fail with bad exponent: larger than unsigned long. 1434 // Fail with bad exponent: larger than unsigned long.
1450 unsigned int exponent_length = sizeof(unsigned long) + 1; // NOLINT 1435 unsigned int exponent_length = sizeof(unsigned long) + 1; // NOLINT
1451 const std::vector<uint8> long_exponent(exponent_length, 0x01); 1436 const std::vector<uint8> long_exponent(exponent_length, 0x01);
1452 algorithm = CreateRsaKeyGenAlgorithm( 1437 algorithm = CreateRsaKeyGenAlgorithm(
1453 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, 1438 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, modulus_length, long_exponent);
1454 modulus_length, 1439 EXPECT_STATUS(
1455 long_exponent); 1440 Status::ErrorGenerateKeyPublicExponent(),
1456 EXPECT_STATUS(Status::ErrorGenerateKeyPublicExponent(), 1441 GenerateKeyPair(
1457 GenerateKeyPair(algorithm, extractable, usage_mask, &public_key, 1442 algorithm, extractable, usage_mask, &public_key, &private_key));
1458 &private_key));
1459 1443
1460 // Fail with bad exponent: empty. 1444 // Fail with bad exponent: empty.
1461 const std::vector<uint8> empty_exponent; 1445 const std::vector<uint8> empty_exponent;
1462 algorithm = CreateRsaKeyGenAlgorithm( 1446 algorithm =
1463 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, 1447 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5,
1464 modulus_length, 1448 modulus_length,
1465 empty_exponent); 1449 empty_exponent);
1466 EXPECT_STATUS(Status::ErrorGenerateKeyPublicExponent(), 1450 EXPECT_STATUS(
1467 GenerateKeyPair(algorithm, extractable, usage_mask, &public_key, 1451 Status::ErrorGenerateKeyPublicExponent(),
1468 &private_key)); 1452 GenerateKeyPair(
1453 algorithm, extractable, usage_mask, &public_key, &private_key));
1469 1454
1470 // Fail with bad exponent: all zeros. 1455 // Fail with bad exponent: all zeros.
1471 std::vector<uint8> exponent_with_leading_zeros(15, 0x00); 1456 std::vector<uint8> exponent_with_leading_zeros(15, 0x00);
1472 algorithm = CreateRsaKeyGenAlgorithm( 1457 algorithm =
1473 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, 1458 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5,
1474 modulus_length, 1459 modulus_length,
1475 exponent_with_leading_zeros); 1460 exponent_with_leading_zeros);
1476 EXPECT_STATUS(Status::ErrorGenerateKeyPublicExponent(), 1461 EXPECT_STATUS(
1477 GenerateKeyPair(algorithm, extractable, usage_mask, &public_key, 1462 Status::ErrorGenerateKeyPublicExponent(),
1478 &private_key)); 1463 GenerateKeyPair(
1464 algorithm, extractable, usage_mask, &public_key, &private_key));
1479 1465
1480 // Key generation success using exponent with leading zeros. 1466 // Key generation success using exponent with leading zeros.
1481 exponent_with_leading_zeros.insert(exponent_with_leading_zeros.end(), 1467 exponent_with_leading_zeros.insert(exponent_with_leading_zeros.end(),
1482 public_exponent.begin(), 1468 public_exponent.begin(),
1483 public_exponent.end()); 1469 public_exponent.end());
1484 algorithm = CreateRsaKeyGenAlgorithm( 1470 algorithm =
1485 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, 1471 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5,
1486 modulus_length, 1472 modulus_length,
1487 exponent_with_leading_zeros); 1473 exponent_with_leading_zeros);
1488 EXPECT_STATUS_SUCCESS(GenerateKeyPair( 1474 EXPECT_STATUS_SUCCESS(GenerateKeyPair(
1489 algorithm, extractable, usage_mask, &public_key, &private_key)); 1475 algorithm, extractable, usage_mask, &public_key, &private_key));
1490 EXPECT_FALSE(public_key.isNull()); 1476 EXPECT_FALSE(public_key.isNull());
1491 EXPECT_FALSE(private_key.isNull()); 1477 EXPECT_FALSE(private_key.isNull());
1492 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); 1478 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type());
1493 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); 1479 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type());
1494 EXPECT_TRUE(public_key.extractable()); 1480 EXPECT_TRUE(public_key.extractable());
1495 EXPECT_EQ(extractable, private_key.extractable()); 1481 EXPECT_EQ(extractable, private_key.extractable());
1496 EXPECT_EQ(usage_mask, public_key.usages()); 1482 EXPECT_EQ(usage_mask, public_key.usages());
1497 EXPECT_EQ(usage_mask, private_key.usages()); 1483 EXPECT_EQ(usage_mask, private_key.usages());
1498 1484
1499 // Successful WebCryptoAlgorithmIdRsaOaep key generation. 1485 // Successful WebCryptoAlgorithmIdRsaOaep key generation.
1500 algorithm = CreateRsaKeyGenAlgorithm( 1486 algorithm = CreateRsaKeyGenAlgorithm(
1501 blink::WebCryptoAlgorithmIdRsaOaep, modulus_length, public_exponent); 1487 blink::WebCryptoAlgorithmIdRsaOaep, modulus_length, public_exponent);
1502 EXPECT_STATUS_SUCCESS(GenerateKeyPair( 1488 EXPECT_STATUS_SUCCESS(GenerateKeyPair(
1503 algorithm, extractable, usage_mask, &public_key, &private_key)); 1489 algorithm, extractable, usage_mask, &public_key, &private_key));
1504 EXPECT_FALSE(public_key.isNull()); 1490 EXPECT_FALSE(public_key.isNull());
1505 EXPECT_FALSE(private_key.isNull()); 1491 EXPECT_FALSE(private_key.isNull());
1506 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); 1492 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type());
1507 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); 1493 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type());
1508 EXPECT_TRUE(public_key.extractable()); 1494 EXPECT_TRUE(public_key.extractable());
1509 EXPECT_EQ(extractable, private_key.extractable()); 1495 EXPECT_EQ(extractable, private_key.extractable());
1510 EXPECT_EQ(usage_mask, public_key.usages()); 1496 EXPECT_EQ(usage_mask, public_key.usages());
1511 EXPECT_EQ(usage_mask, private_key.usages()); 1497 EXPECT_EQ(usage_mask, private_key.usages());
1512 1498
1513 // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation. 1499 // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation.
1514 algorithm = CreateRsaKeyGenAlgorithm( 1500 algorithm =
1515 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, 1501 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5,
1516 modulus_length, 1502 modulus_length,
1517 public_exponent); 1503 public_exponent);
1518 EXPECT_STATUS_SUCCESS(GenerateKeyPair( 1504 EXPECT_STATUS_SUCCESS(
1519 algorithm, false, usage_mask, &public_key, &private_key)); 1505 GenerateKeyPair(algorithm, false, usage_mask, &public_key, &private_key));
1520 EXPECT_FALSE(public_key.isNull()); 1506 EXPECT_FALSE(public_key.isNull());
1521 EXPECT_FALSE(private_key.isNull()); 1507 EXPECT_FALSE(private_key.isNull());
1522 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); 1508 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type());
1523 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); 1509 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type());
1524 // Even though "extractable" was set to false, the public key remains 1510 // Even though "extractable" was set to false, the public key remains
1525 // extractable. 1511 // extractable.
1526 EXPECT_TRUE(public_key.extractable()); 1512 EXPECT_TRUE(public_key.extractable());
1527 EXPECT_FALSE(private_key.extractable()); 1513 EXPECT_FALSE(private_key.extractable());
1528 EXPECT_EQ(usage_mask, public_key.usages()); 1514 EXPECT_EQ(usage_mask, public_key.usages());
1529 EXPECT_EQ(usage_mask, private_key.usages()); 1515 EXPECT_EQ(usage_mask, private_key.usages());
1530 1516
1531 // Exporting a private key as SPKI format doesn't make sense. However this 1517 // Exporting a private key as SPKI format doesn't make sense. However this
1532 // will first fail because the key is not extractable. 1518 // will first fail because the key is not extractable.
1533 blink::WebArrayBuffer output; 1519 blink::WebArrayBuffer output;
1534 EXPECT_STATUS(Status::ErrorKeyNotExtractable(), ExportKey( 1520 EXPECT_STATUS(Status::ErrorKeyNotExtractable(),
1535 blink::WebCryptoKeyFormatSpki, private_key, &output)); 1521 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output));
1536 1522
1537 // Re-generate an extractable private_key and try to export it as SPKI format. 1523 // Re-generate an extractable private_key and try to export it as SPKI format.
1538 // This should fail since spki is for public keys. 1524 // This should fail since spki is for public keys.
1539 EXPECT_STATUS_SUCCESS(GenerateKeyPair( 1525 EXPECT_STATUS_SUCCESS(
1540 algorithm, true, usage_mask, &public_key, &private_key)); 1526 GenerateKeyPair(algorithm, true, usage_mask, &public_key, &private_key));
1541 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), ExportKey( 1527 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(),
1542 blink::WebCryptoKeyFormatSpki, private_key, &output)); 1528 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output));
1543 } 1529 }
1544 1530
1545 TEST_F(SharedCryptoTest, MAYBE(RsaEsRoundTrip)) { 1531 TEST_F(SharedCryptoTest, MAYBE(RsaEsRoundTrip)) {
1546 // Import a key pair. 1532 // Import a key pair.
1547 blink::WebCryptoAlgorithm algorithm = 1533 blink::WebCryptoAlgorithm algorithm =
1548 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); 1534 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5);
1549 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); 1535 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull();
1550 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); 1536 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull();
1551 ImportRsaKeyPair( 1537 ImportRsaKeyPair(
1552 HexStringToBytes(kPublicKeySpkiDerHex), 1538 HexStringToBytes(kPublicKeySpkiDerHex),
1553 HexStringToBytes(kPrivateKeyPkcs8DerHex), 1539 HexStringToBytes(kPrivateKeyPkcs8DerHex),
1554 algorithm, 1540 algorithm,
1555 false, 1541 false,
1556 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, 1542 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt,
1557 &public_key, 1543 &public_key,
1558 &private_key); 1544 &private_key);
1559 1545
1560 // Make a maximum-length data message. RSAES can operate on messages up to 1546 // Make a maximum-length data message. RSAES can operate on messages up to
1561 // length of k - 11 bytes, where k is the octet length of the RSA modulus. 1547 // length of k - 11 bytes, where k is the octet length of the RSA modulus.
1562 const unsigned int kMaxMsgSizeBytes = kModulusLength / 8 - 11; 1548 const unsigned int kMaxMsgSizeBytes = kModulusLength / 8 - 11;
1563 // There are two hex chars for each byte. 1549 // There are two hex chars for each byte.
1564 const unsigned int kMsgHexSize = kMaxMsgSizeBytes * 2; 1550 const unsigned int kMsgHexSize = kMaxMsgSizeBytes * 2;
1565 char max_data_hex[kMsgHexSize+1]; 1551 char max_data_hex[kMsgHexSize + 1];
1566 std::fill(&max_data_hex[0], &max_data_hex[0] + kMsgHexSize, 'a'); 1552 std::fill(&max_data_hex[0], &max_data_hex[0] + kMsgHexSize, 'a');
1567 max_data_hex[kMsgHexSize] = '\0'; 1553 max_data_hex[kMsgHexSize] = '\0';
1568 1554
1569 // Verify encrypt / decrypt round trip on a few messages. Note that RSA 1555 // Verify encrypt / decrypt round trip on a few messages. Note that RSA
1570 // encryption does not support empty input. 1556 // encryption does not support empty input.
1571 algorithm = 1557 algorithm = CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5);
1572 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); 1558 const char* const kTestDataHex[] = {"ff", "0102030405060708090a0b0c0d0e0f",
1573 const char* const kTestDataHex[] = { 1559 max_data_hex};
1574 "ff",
1575 "0102030405060708090a0b0c0d0e0f",
1576 max_data_hex
1577 };
1578 blink::WebArrayBuffer encrypted_data; 1560 blink::WebArrayBuffer encrypted_data;
1579 blink::WebArrayBuffer decrypted_data; 1561 blink::WebArrayBuffer decrypted_data;
1580 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTestDataHex); ++i) { 1562 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTestDataHex); ++i) {
1581 SCOPED_TRACE(i); 1563 SCOPED_TRACE(i);
1582 EXPECT_STATUS_SUCCESS(EncryptInternal( 1564 EXPECT_STATUS_SUCCESS(EncryptInternal(algorithm,
1583 algorithm, 1565 public_key,
1584 public_key, 1566 HexStringToBytes(kTestDataHex[i]),
1585 HexStringToBytes(kTestDataHex[i]), 1567 &encrypted_data));
1586 &encrypted_data));
1587 EXPECT_EQ(kModulusLength / 8, encrypted_data.byteLength()); 1568 EXPECT_EQ(kModulusLength / 8, encrypted_data.byteLength());
1588 ASSERT_STATUS_SUCCESS(Decrypt( 1569 ASSERT_STATUS_SUCCESS(Decrypt(
1589 algorithm, 1570 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data));
1590 private_key,
1591 CryptoData(encrypted_data),
1592 &decrypted_data));
1593 ExpectArrayBufferMatchesHex(kTestDataHex[i], decrypted_data); 1571 ExpectArrayBufferMatchesHex(kTestDataHex[i], decrypted_data);
1594 } 1572 }
1595 } 1573 }
1596 1574
1597 TEST_F(SharedCryptoTest, MAYBE(RsaEsKnownAnswer)) { 1575 TEST_F(SharedCryptoTest, MAYBE(RsaEsKnownAnswer)) {
1598 scoped_ptr<base::Value> json; 1576 scoped_ptr<base::Value> json;
1599 ASSERT_TRUE(ReadJsonTestFile("rsa_es.json", &json)); 1577 ASSERT_TRUE(ReadJsonTestFile("rsa_es.json", &json));
1600 base::DictionaryValue* test = NULL; 1578 base::DictionaryValue* test = NULL;
1601 ASSERT_TRUE(json->GetAsDictionary(&test)); 1579 ASSERT_TRUE(json->GetAsDictionary(&test));
1602 1580
1603 // Because the random data in PKCS1.5 padding makes the encryption output non- 1581 // Because the random data in PKCS1.5 padding makes the encryption output non-
1604 // deterministic, we cannot easily do a typical known-answer test for RSA 1582 // deterministic, we cannot easily do a typical known-answer test for RSA
1605 // encryption / decryption. Instead we will take a known-good encrypted 1583 // encryption / decryption. Instead we will take a known-good encrypted
1606 // message, decrypt it, re-encrypt it, then decrypt again, verifying that the 1584 // message, decrypt it, re-encrypt it, then decrypt again, verifying that the
1607 // original known cleartext is the result. 1585 // original known cleartext is the result.
1608 1586
1609 const std::vector<uint8> rsa_spki_der = 1587 const std::vector<uint8> rsa_spki_der =
1610 GetBytesFromHexString(test, "rsa_spki_der"); 1588 GetBytesFromHexString(test, "rsa_spki_der");
1611 1589
1612 const std::vector<uint8> rsa_pkcs8_der = 1590 const std::vector<uint8> rsa_pkcs8_der =
1613 GetBytesFromHexString(test, "rsa_pkcs8_der"); 1591 GetBytesFromHexString(test, "rsa_pkcs8_der");
1614 const std::vector<uint8> ciphertext = 1592 const std::vector<uint8> ciphertext =
1615 GetBytesFromHexString(test, "ciphertext"); 1593 GetBytesFromHexString(test, "ciphertext");
1616 const std::vector<uint8> cleartext = 1594 const std::vector<uint8> cleartext = GetBytesFromHexString(test, "cleartext");
1617 GetBytesFromHexString(test, "cleartext");
1618 1595
1619 // Import the key pair. 1596 // Import the key pair.
1620 blink::WebCryptoAlgorithm algorithm = 1597 blink::WebCryptoAlgorithm algorithm =
1621 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); 1598 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5);
1622 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); 1599 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull();
1623 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); 1600 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull();
1624 ImportRsaKeyPair( 1601 ImportRsaKeyPair(
1625 rsa_spki_der, 1602 rsa_spki_der,
1626 rsa_pkcs8_der, 1603 rsa_pkcs8_der,
1627 algorithm, 1604 algorithm,
1628 false, 1605 false,
1629 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, 1606 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt,
1630 &public_key, 1607 &public_key,
1631 &private_key); 1608 &private_key);
1632 1609
1633 // Decrypt the known-good ciphertext with the private key. As a check we must 1610 // Decrypt the known-good ciphertext with the private key. As a check we must
1634 // get the known original cleartext. 1611 // get the known original cleartext.
1635 blink::WebArrayBuffer decrypted_data; 1612 blink::WebArrayBuffer decrypted_data;
1636 ASSERT_STATUS_SUCCESS(DecryptInternal( 1613 ASSERT_STATUS_SUCCESS(
1637 algorithm, 1614 DecryptInternal(algorithm, private_key, ciphertext, &decrypted_data));
1638 private_key,
1639 ciphertext,
1640 &decrypted_data));
1641 EXPECT_FALSE(decrypted_data.isNull()); 1615 EXPECT_FALSE(decrypted_data.isNull());
1642 ExpectArrayBufferMatches(cleartext, decrypted_data); 1616 ExpectArrayBufferMatches(cleartext, decrypted_data);
1643 1617
1644 // Encrypt this decrypted data with the public key. 1618 // Encrypt this decrypted data with the public key.
1645 blink::WebArrayBuffer encrypted_data; 1619 blink::WebArrayBuffer encrypted_data;
1646 ASSERT_STATUS_SUCCESS(Encrypt( 1620 ASSERT_STATUS_SUCCESS(Encrypt(
1647 algorithm, 1621 algorithm, public_key, CryptoData(decrypted_data), &encrypted_data));
1648 public_key,
1649 CryptoData(decrypted_data),
1650 &encrypted_data));
1651 EXPECT_EQ(128u, encrypted_data.byteLength()); 1622 EXPECT_EQ(128u, encrypted_data.byteLength());
1652 1623
1653 // Finally, decrypt the newly encrypted result with the private key, and 1624 // Finally, decrypt the newly encrypted result with the private key, and
1654 // compare to the known original cleartext. 1625 // compare to the known original cleartext.
1655 decrypted_data.reset(); 1626 decrypted_data.reset();
1656 ASSERT_STATUS_SUCCESS(Decrypt( 1627 ASSERT_STATUS_SUCCESS(Decrypt(
1657 algorithm, 1628 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data));
1658 private_key,
1659 CryptoData(encrypted_data),
1660 &decrypted_data));
1661 EXPECT_FALSE(decrypted_data.isNull()); 1629 EXPECT_FALSE(decrypted_data.isNull());
1662 ExpectArrayBufferMatches(cleartext, decrypted_data); 1630 ExpectArrayBufferMatches(cleartext, decrypted_data);
1663 } 1631 }
1664 1632
1665 TEST_F(SharedCryptoTest, MAYBE(RsaEsFailures)) { 1633 TEST_F(SharedCryptoTest, MAYBE(RsaEsFailures)) {
1666 // Import a key pair. 1634 // Import a key pair.
1667 blink::WebCryptoAlgorithm algorithm = 1635 blink::WebCryptoAlgorithm algorithm =
1668 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); 1636 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5);
1669 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); 1637 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull();
1670 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); 1638 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull();
1671 ImportRsaKeyPair( 1639 ImportRsaKeyPair(
1672 HexStringToBytes(kPublicKeySpkiDerHex), 1640 HexStringToBytes(kPublicKeySpkiDerHex),
1673 HexStringToBytes(kPrivateKeyPkcs8DerHex), 1641 HexStringToBytes(kPrivateKeyPkcs8DerHex),
1674 algorithm, 1642 algorithm,
1675 false, 1643 false,
1676 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, 1644 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt,
1677 &public_key, 1645 &public_key,
1678 &private_key); 1646 &private_key);
1679 1647
1680 // Fail encrypt with a private key. 1648 // Fail encrypt with a private key.
1681 blink::WebArrayBuffer encrypted_data; 1649 blink::WebArrayBuffer encrypted_data;
1682 const std::string message_hex_str("0102030405060708090a0b0c0d0e0f"); 1650 const std::string message_hex_str("0102030405060708090a0b0c0d0e0f");
1683 const std::vector<uint8> message_hex(HexStringToBytes(message_hex_str)); 1651 const std::vector<uint8> message_hex(HexStringToBytes(message_hex_str));
1684 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), 1652 EXPECT_STATUS(
1653 Status::ErrorUnexpectedKeyType(),
1685 EncryptInternal(algorithm, private_key, message_hex, &encrypted_data)); 1654 EncryptInternal(algorithm, private_key, message_hex, &encrypted_data));
1686 1655
1687 // Fail encrypt with empty message. 1656 // Fail encrypt with empty message.
1688 EXPECT_STATUS(Status::Error(), EncryptInternal( 1657 EXPECT_STATUS(
1689 algorithm, public_key, std::vector<uint8>(), &encrypted_data)); 1658 Status::Error(),
1659 EncryptInternal(
1660 algorithm, public_key, std::vector<uint8>(), &encrypted_data));
1690 1661
1691 // Fail encrypt with message too large. RSAES can operate on messages up to 1662 // Fail encrypt with message too large. RSAES can operate on messages up to
1692 // length of k - 11 bytes, where k is the octet length of the RSA modulus. 1663 // length of k - 11 bytes, where k is the octet length of the RSA modulus.
1693 const unsigned int kMaxMsgSizeBytes = kModulusLength / 8 - 11; 1664 const unsigned int kMaxMsgSizeBytes = kModulusLength / 8 - 11;
1694 EXPECT_STATUS( 1665 EXPECT_STATUS(Status::ErrorDataTooLarge(),
1695 Status::ErrorDataTooLarge(), 1666 EncryptInternal(algorithm,
1696 EncryptInternal(algorithm, 1667 public_key,
1697 public_key, 1668 std::vector<uint8>(kMaxMsgSizeBytes + 1, '0'),
1698 std::vector<uint8>(kMaxMsgSizeBytes + 1, '0'), 1669 &encrypted_data));
1699 &encrypted_data));
1700 1670
1701 // Generate encrypted data. 1671 // Generate encrypted data.
1702 EXPECT_STATUS(Status::Success(), 1672 EXPECT_STATUS(
1673 Status::Success(),
1703 EncryptInternal(algorithm, public_key, message_hex, &encrypted_data)); 1674 EncryptInternal(algorithm, public_key, message_hex, &encrypted_data));
1704 1675
1705 // Fail decrypt with a public key. 1676 // Fail decrypt with a public key.
1706 blink::WebArrayBuffer decrypted_data; 1677 blink::WebArrayBuffer decrypted_data;
1707 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), Decrypt( 1678 EXPECT_STATUS(
1708 algorithm, 1679 Status::ErrorUnexpectedKeyType(),
1709 public_key, 1680 Decrypt(
1710 CryptoData(encrypted_data), 1681 algorithm, public_key, CryptoData(encrypted_data), &decrypted_data));
1711 &decrypted_data));
1712 1682
1713 // Corrupt encrypted data; ensure decrypt fails because padding was disrupted. 1683 // Corrupt encrypted data; ensure decrypt fails because padding was disrupted.
1714 std::vector<uint8> corrupted_data( 1684 std::vector<uint8> corrupted_data(
1715 static_cast<uint8*>(encrypted_data.data()), 1685 static_cast<uint8*>(encrypted_data.data()),
1716 static_cast<uint8*>(encrypted_data.data()) + encrypted_data.byteLength()); 1686 static_cast<uint8*>(encrypted_data.data()) + encrypted_data.byteLength());
1717 corrupted_data[corrupted_data.size() / 2] ^= 0x01; 1687 corrupted_data[corrupted_data.size() / 2] ^= 0x01;
1718 EXPECT_STATUS(Status::Error(), 1688 EXPECT_STATUS(
1689 Status::Error(),
1719 DecryptInternal(algorithm, private_key, corrupted_data, &decrypted_data)); 1690 DecryptInternal(algorithm, private_key, corrupted_data, &decrypted_data));
1720 1691
1721 // TODO(padolph): Are there other specific data corruption scenarios to 1692 // TODO(padolph): Are there other specific data corruption scenarios to
1722 // consider? 1693 // consider?
1723 1694
1724 // Do a successful decrypt with good data just for confirmation. 1695 // Do a successful decrypt with good data just for confirmation.
1725 EXPECT_STATUS_SUCCESS(Decrypt( 1696 EXPECT_STATUS_SUCCESS(Decrypt(
1726 algorithm, 1697 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data));
1727 private_key,
1728 CryptoData(encrypted_data),
1729 &decrypted_data));
1730 ExpectArrayBufferMatchesHex(message_hex_str, decrypted_data); 1698 ExpectArrayBufferMatchesHex(message_hex_str, decrypted_data);
1731 } 1699 }
1732 1700
1733 TEST_F(SharedCryptoTest, MAYBE(RsaSsaSignVerifyFailures)) { 1701 TEST_F(SharedCryptoTest, MAYBE(RsaSsaSignVerifyFailures)) {
1734 // Import a key pair. 1702 // Import a key pair.
1735 blink::WebCryptoAlgorithm algorithm = CreateRsaAlgorithmWithInnerHash( 1703 blink::WebCryptoAlgorithm algorithm = CreateRsaAlgorithmWithInnerHash(
1736 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, 1704 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5,
1737 blink::WebCryptoAlgorithmIdSha1); 1705 blink::WebCryptoAlgorithmIdSha1);
1738 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); 1706 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull();
1739 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); 1707 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull();
(...skipping 18 matching lines...) Expand all
1758 algorithm, 1726 algorithm,
1759 public_key, 1727 public_key,
1760 CryptoData(reinterpret_cast<const unsigned char*>(signature.data()), 1728 CryptoData(reinterpret_cast<const unsigned char*>(signature.data()),
1761 signature.byteLength() - 1), 1729 signature.byteLength() - 1),
1762 CryptoData(data), 1730 CryptoData(data),
1763 &signature_match)); 1731 &signature_match));
1764 EXPECT_FALSE(signature_match); 1732 EXPECT_FALSE(signature_match);
1765 1733
1766 // Ensure truncated signature does not verify by passing no bytes. 1734 // Ensure truncated signature does not verify by passing no bytes.
1767 EXPECT_STATUS_SUCCESS(VerifySignature( 1735 EXPECT_STATUS_SUCCESS(VerifySignature(
1768 algorithm, 1736 algorithm, public_key, CryptoData(), CryptoData(data), &signature_match));
1769 public_key,
1770 CryptoData(),
1771 CryptoData(data),
1772 &signature_match));
1773 EXPECT_FALSE(signature_match); 1737 EXPECT_FALSE(signature_match);
1774 1738
1775 // Ensure corrupted signature does not verify. 1739 // Ensure corrupted signature does not verify.
1776 std::vector<uint8> corrupt_sig( 1740 std::vector<uint8> corrupt_sig(
1777 static_cast<uint8*>(signature.data()), 1741 static_cast<uint8*>(signature.data()),
1778 static_cast<uint8*>(signature.data()) + signature.byteLength()); 1742 static_cast<uint8*>(signature.data()) + signature.byteLength());
1779 corrupt_sig[corrupt_sig.size() / 2] ^= 0x1; 1743 corrupt_sig[corrupt_sig.size() / 2] ^= 0x1;
1780 EXPECT_STATUS_SUCCESS(VerifySignatureInternal( 1744 EXPECT_STATUS_SUCCESS(VerifySignatureInternal(
1781 algorithm, 1745 algorithm, public_key, CryptoData(corrupt_sig), data, &signature_match));
1782 public_key,
1783 CryptoData(corrupt_sig),
1784 data,
1785 &signature_match));
1786 EXPECT_FALSE(signature_match); 1746 EXPECT_FALSE(signature_match);
1787 1747
1788 // Ensure signatures that are greater than the modulus size fail. 1748 // Ensure signatures that are greater than the modulus size fail.
1789 const unsigned int long_message_size_bytes = 1024; 1749 const unsigned int long_message_size_bytes = 1024;
1790 DCHECK_GT(long_message_size_bytes, kModulusLength/8); 1750 DCHECK_GT(long_message_size_bytes, kModulusLength / 8);
1791 const unsigned char kLongSignature[long_message_size_bytes] = { 0 }; 1751 const unsigned char kLongSignature[long_message_size_bytes] = {0};
1792 EXPECT_STATUS_SUCCESS(VerifySignature( 1752 EXPECT_STATUS_SUCCESS(
1793 algorithm, 1753 VerifySignature(algorithm,
1794 public_key, 1754 public_key,
1795 CryptoData(kLongSignature, sizeof(kLongSignature)), 1755 CryptoData(kLongSignature, sizeof(kLongSignature)),
1796 CryptoData(data), 1756 CryptoData(data),
1797 &signature_match)); 1757 &signature_match));
1798 EXPECT_FALSE(signature_match); 1758 EXPECT_FALSE(signature_match);
1799 1759
1800 // Ensure that verifying using a private key, rather than a public key, fails. 1760 // Ensure that verifying using a private key, rather than a public key, fails.
1801 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), VerifySignature( 1761 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(),
1802 algorithm, 1762 VerifySignature(algorithm,
1803 private_key, 1763 private_key,
1804 CryptoData(signature), 1764 CryptoData(signature),
1805 CryptoData(data), 1765 CryptoData(data),
1806 &signature_match)); 1766 &signature_match));
1807 1767
1808 // Ensure that signing using a public key, rather than a private key, fails. 1768 // Ensure that signing using a public key, rather than a private key, fails.
1809 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), 1769 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(),
1810 SignInternal(algorithm, public_key, data, &signature)); 1770 SignInternal(algorithm, public_key, data, &signature));
1811 1771
1812 // Ensure that signing and verifying with an incompatible algorithm fails. 1772 // Ensure that signing and verifying with an incompatible algorithm fails.
1813 algorithm = 1773 algorithm = CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5);
1814 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5);
1815 EXPECT_STATUS(Status::ErrorUnexpected(), 1774 EXPECT_STATUS(Status::ErrorUnexpected(),
1816 SignInternal(algorithm, private_key, data, &signature)); 1775 SignInternal(algorithm, private_key, data, &signature));
1817 EXPECT_STATUS(Status::ErrorUnexpected(), VerifySignature( 1776 EXPECT_STATUS(Status::ErrorUnexpected(),
1818 algorithm, public_key, CryptoData(signature), CryptoData(data), 1777 VerifySignature(algorithm,
1819 &signature_match)); 1778 public_key,
1779 CryptoData(signature),
1780 CryptoData(data),
1781 &signature_match));
1820 1782
1821 // Some crypto libraries (NSS) can automatically select the RSA SSA inner hash 1783 // Some crypto libraries (NSS) can automatically select the RSA SSA inner hash
1822 // based solely on the contents of the input signature data. In the Web Crypto 1784 // based solely on the contents of the input signature data. In the Web Crypto
1823 // implementation, the inner hash should be specified uniquely by the input 1785 // implementation, the inner hash should be specified uniquely by the input
1824 // algorithm parameter. To validate this behavior, call Verify with a computed 1786 // algorithm parameter. To validate this behavior, call Verify with a computed
1825 // signature that used one hash type (SHA-1), but pass in an algorithm with a 1787 // signature that used one hash type (SHA-1), but pass in an algorithm with a
1826 // different inner hash type (SHA-256). If the hash type is determined by the 1788 // different inner hash type (SHA-256). If the hash type is determined by the
1827 // signature itself (undesired), the verify will pass, while if the hash type 1789 // signature itself (undesired), the verify will pass, while if the hash type
1828 // is specified by the input algorithm (desired), the verify will fail. 1790 // is specified by the input algorithm (desired), the verify will fail.
1829 1791
1830 // Compute a signature using SHA-1 as the inner hash. 1792 // Compute a signature using SHA-1 as the inner hash.
1831 EXPECT_STATUS_SUCCESS(SignInternal(CreateRsaAlgorithmWithInnerHash( 1793 EXPECT_STATUS_SUCCESS(
1832 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, 1794 SignInternal(CreateRsaAlgorithmWithInnerHash(
1833 blink::WebCryptoAlgorithmIdSha1), 1795 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5,
1834 private_key, 1796 blink::WebCryptoAlgorithmIdSha1),
1835 data, 1797 private_key,
1836 &signature)); 1798 data,
1799 &signature));
1837 1800
1838 // Now verify using an algorithm whose inner hash is SHA-256, not SHA-1. The 1801 // Now verify using an algorithm whose inner hash is SHA-256, not SHA-1. The
1839 // signature should not verify. 1802 // signature should not verify.
1840 // NOTE: public_key was produced by generateKey, and so its associated 1803 // NOTE: public_key was produced by generateKey, and so its associated
1841 // algorithm has WebCryptoRsaKeyGenParams and not WebCryptoRsaSsaParams. Thus 1804 // algorithm has WebCryptoRsaKeyGenParams and not WebCryptoRsaSsaParams. Thus
1842 // it has no inner hash to conflict with the input algorithm. 1805 // it has no inner hash to conflict with the input algorithm.
1843 bool is_match; 1806 bool is_match;
1844 EXPECT_STATUS_SUCCESS(VerifySignature( 1807 EXPECT_STATUS_SUCCESS(
1845 CreateRsaAlgorithmWithInnerHash( 1808 VerifySignature(CreateRsaAlgorithmWithInnerHash(
1846 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, 1809 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5,
1847 blink::WebCryptoAlgorithmIdSha256), 1810 blink::WebCryptoAlgorithmIdSha256),
1848 public_key, 1811 public_key,
1849 CryptoData(signature), 1812 CryptoData(signature),
1850 CryptoData(data), 1813 CryptoData(data),
1851 &is_match)); 1814 &is_match));
1852 EXPECT_FALSE(is_match); 1815 EXPECT_FALSE(is_match);
1853 } 1816 }
1854 1817
1855 TEST_F(SharedCryptoTest, MAYBE(RsaSignVerifyKnownAnswer)) { 1818 TEST_F(SharedCryptoTest, MAYBE(RsaSignVerifyKnownAnswer)) {
1856 scoped_ptr<base::ListValue> tests; 1819 scoped_ptr<base::ListValue> tests;
1857 ASSERT_TRUE(ReadJsonTestFileToList("pkcs1v15_sign.json", &tests)); 1820 ASSERT_TRUE(ReadJsonTestFileToList("pkcs1v15_sign.json", &tests));
1858 1821
1859 // Import the key pair. 1822 // Import the key pair.
1860 blink::WebCryptoAlgorithm algorithm = CreateRsaAlgorithmWithInnerHash( 1823 blink::WebCryptoAlgorithm algorithm = CreateRsaAlgorithmWithInnerHash(
1861 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, 1824 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5,
(...skipping 22 matching lines...) Expand all
1884 std::vector<uint8> test_signature = 1847 std::vector<uint8> test_signature =
1885 GetBytesFromHexString(test, "signature_hex"); 1848 GetBytesFromHexString(test, "signature_hex");
1886 1849
1887 signature.reset(); 1850 signature.reset();
1888 ASSERT_STATUS_SUCCESS( 1851 ASSERT_STATUS_SUCCESS(
1889 SignInternal(algorithm, private_key, test_message, &signature)); 1852 SignInternal(algorithm, private_key, test_message, &signature));
1890 ExpectArrayBufferMatches(test_signature, signature); 1853 ExpectArrayBufferMatches(test_signature, signature);
1891 1854
1892 bool is_match = false; 1855 bool is_match = false;
1893 ASSERT_STATUS_SUCCESS(VerifySignatureInternal( 1856 ASSERT_STATUS_SUCCESS(VerifySignatureInternal(
1894 algorithm, 1857 algorithm, public_key, test_signature, test_message, &is_match));
1895 public_key,
1896 test_signature,
1897 test_message,
1898 &is_match));
1899 EXPECT_TRUE(is_match); 1858 EXPECT_TRUE(is_match);
1900 } 1859 }
1901 } 1860 }
1902 1861
1903 TEST_F(SharedCryptoTest, MAYBE(AesKwKeyImport)) { 1862 TEST_F(SharedCryptoTest, MAYBE(AesKwKeyImport)) {
1904 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); 1863 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
1905 blink::WebCryptoAlgorithm algorithm = 1864 blink::WebCryptoAlgorithm algorithm =
1906 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); 1865 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw);
1907 1866
1908 // Import a 128-bit Key Encryption Key (KEK) 1867 // Import a 128-bit Key Encryption Key (KEK)
1909 std::string key_raw_hex_in = "025a8cf3f08b4f6c5f33bbc76a471939"; 1868 std::string key_raw_hex_in = "025a8cf3f08b4f6c5f33bbc76a471939";
1910 ASSERT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, 1869 ASSERT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
1911 HexStringToBytes(key_raw_hex_in), 1870 HexStringToBytes(key_raw_hex_in),
1912 algorithm, 1871 algorithm,
1913 true, 1872 true,
1914 blink::WebCryptoKeyUsageWrapKey, 1873 blink::WebCryptoKeyUsageWrapKey,
1915 &key)); 1874 &key));
1916 blink::WebArrayBuffer key_raw_out; 1875 blink::WebArrayBuffer key_raw_out;
1917 EXPECT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, 1876 EXPECT_STATUS_SUCCESS(
1918 key, 1877 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out));
1919 &key_raw_out));
1920 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); 1878 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out);
1921 1879
1922 // Import a 192-bit KEK 1880 // Import a 192-bit KEK
1923 key_raw_hex_in = "c0192c6466b2370decbb62b2cfef4384544ffeb4d2fbc103"; 1881 key_raw_hex_in = "c0192c6466b2370decbb62b2cfef4384544ffeb4d2fbc103";
1924 ASSERT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, 1882 ASSERT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
1925 HexStringToBytes(key_raw_hex_in), 1883 HexStringToBytes(key_raw_hex_in),
1926 algorithm, 1884 algorithm,
1927 true, 1885 true,
1928 blink::WebCryptoKeyUsageWrapKey, 1886 blink::WebCryptoKeyUsageWrapKey,
1929 &key)); 1887 &key));
1930 EXPECT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, 1888 EXPECT_STATUS_SUCCESS(
1931 key, 1889 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out));
1932 &key_raw_out));
1933 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); 1890 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out);
1934 1891
1935 // Import a 256-bit Key Encryption Key (KEK) 1892 // Import a 256-bit Key Encryption Key (KEK)
1936 key_raw_hex_in = 1893 key_raw_hex_in =
1937 "e11fe66380d90fa9ebefb74e0478e78f95664d0c67ca20ce4a0b5842863ac46f"; 1894 "e11fe66380d90fa9ebefb74e0478e78f95664d0c67ca20ce4a0b5842863ac46f";
1938 ASSERT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, 1895 ASSERT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
1939 HexStringToBytes(key_raw_hex_in), 1896 HexStringToBytes(key_raw_hex_in),
1940 algorithm, 1897 algorithm,
1941 true, 1898 true,
1942 blink::WebCryptoKeyUsageWrapKey, 1899 blink::WebCryptoKeyUsageWrapKey,
1943 &key)); 1900 &key));
1944 EXPECT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, 1901 EXPECT_STATUS_SUCCESS(
1945 key, 1902 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out));
1946 &key_raw_out));
1947 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); 1903 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out);
1948 1904
1949 // Fail import of 0 length key 1905 // Fail import of 0 length key
1950 EXPECT_STATUS(Status::Error(), 1906 EXPECT_STATUS(Status::Error(),
1951 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, 1907 ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
1952 HexStringToBytes(""), 1908 HexStringToBytes(""),
1953 algorithm, 1909 algorithm,
1954 true, 1910 true,
1955 blink::WebCryptoKeyUsageWrapKey, 1911 blink::WebCryptoKeyUsageWrapKey,
1956 &key)); 1912 &key));
1957 1913
1958 // Fail import of 124-bit KEK 1914 // Fail import of 124-bit KEK
1959 key_raw_hex_in = "3e4566a2bdaa10cb68134fa66c15ddb"; 1915 key_raw_hex_in = "3e4566a2bdaa10cb68134fa66c15ddb";
1960 EXPECT_STATUS(Status::Error(), 1916 EXPECT_STATUS(Status::Error(),
1961 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, 1917 ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
1962 HexStringToBytes(key_raw_hex_in), 1918 HexStringToBytes(key_raw_hex_in),
1963 algorithm, 1919 algorithm,
1964 true, 1920 true,
1965 blink::WebCryptoKeyUsageWrapKey, 1921 blink::WebCryptoKeyUsageWrapKey,
1966 &key)); 1922 &key));
1967 1923
1968 // Fail import of 200-bit KEK 1924 // Fail import of 200-bit KEK
1969 key_raw_hex_in = "0a1d88608a5ad9fec64f1ada269ebab4baa2feeb8d95638c0e"; 1925 key_raw_hex_in = "0a1d88608a5ad9fec64f1ada269ebab4baa2feeb8d95638c0e";
1970 EXPECT_STATUS(Status::Error(), 1926 EXPECT_STATUS(Status::Error(),
1971 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, 1927 ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
1972 HexStringToBytes(key_raw_hex_in), 1928 HexStringToBytes(key_raw_hex_in),
1973 algorithm, 1929 algorithm,
1974 true, 1930 true,
1975 blink::WebCryptoKeyUsageWrapKey, 1931 blink::WebCryptoKeyUsageWrapKey,
1976 &key)); 1932 &key));
1977 1933
1978 // Fail import of 260-bit KEK 1934 // Fail import of 260-bit KEK
1979 key_raw_hex_in = 1935 key_raw_hex_in =
1980 "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a"; 1936 "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a";
1981 EXPECT_STATUS(Status::Error(), 1937 EXPECT_STATUS(Status::Error(),
1982 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, 1938 ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
1983 HexStringToBytes(key_raw_hex_in), 1939 HexStringToBytes(key_raw_hex_in),
1984 algorithm, 1940 algorithm,
1985 true, 1941 true,
1986 blink::WebCryptoKeyUsageWrapKey, 1942 blink::WebCryptoKeyUsageWrapKey,
1987 &key)); 1943 &key));
1988 } 1944 }
1989 1945
1990 // TODO(eroman): 1946 // TODO(eroman):
1991 // * Test decryption when the tag length exceeds input size 1947 // * Test decryption when the tag length exceeds input size
1992 // * Test decryption with empty input 1948 // * Test decryption with empty input
1993 // * Test decryption with tag length of 0. 1949 // * Test decryption with tag length of 0.
1994 TEST_F(SharedCryptoTest, MAYBE(AesGcmSampleSets)) { 1950 TEST_F(SharedCryptoTest, MAYBE(AesGcmSampleSets)) {
1995 // Some Linux test runners may not have a new enough version of NSS. 1951 // Some Linux test runners may not have a new enough version of NSS.
1996 if (!SupportsAesGcm()) { 1952 if (!SupportsAesGcm()) {
1997 LOG(WARNING) << "AES GCM not supported, skipping tests"; 1953 LOG(WARNING) << "AES GCM not supported, skipping tests";
(...skipping 21 matching lines...) Expand all
2019 const std::vector<uint8> test_cipher_text = 1975 const std::vector<uint8> test_cipher_text =
2020 GetBytesFromHexString(test, "cipher_text"); 1976 GetBytesFromHexString(test, "cipher_text");
2021 1977
2022 blink::WebCryptoKey key = ImportSecretKeyFromRaw( 1978 blink::WebCryptoKey key = ImportSecretKeyFromRaw(
2023 test_key, 1979 test_key,
2024 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm), 1980 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm),
2025 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); 1981 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt);
2026 1982
2027 // Verify exported raw key is identical to the imported data 1983 // Verify exported raw key is identical to the imported data
2028 blink::WebArrayBuffer raw_key; 1984 blink::WebArrayBuffer raw_key;
2029 EXPECT_STATUS_SUCCESS(ExportKey( 1985 EXPECT_STATUS_SUCCESS(
2030 blink::WebCryptoKeyFormatRaw, key, &raw_key)); 1986 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key));
2031 1987
2032 ExpectArrayBufferMatches(test_key, raw_key); 1988 ExpectArrayBufferMatches(test_key, raw_key);
2033 1989
2034 // Test encryption. 1990 // Test encryption.
2035 std::vector<uint8> cipher_text; 1991 std::vector<uint8> cipher_text;
2036 std::vector<uint8> authentication_tag; 1992 std::vector<uint8> authentication_tag;
2037 EXPECT_STATUS_SUCCESS(AesGcmEncrypt(key, test_iv, test_additional_data, 1993 EXPECT_STATUS_SUCCESS(AesGcmEncrypt(key,
2038 test_tag_size_bits, test_plain_text, 1994 test_iv,
2039 &cipher_text, &authentication_tag)); 1995 test_additional_data,
1996 test_tag_size_bits,
1997 test_plain_text,
1998 &cipher_text,
1999 &authentication_tag));
2040 2000
2041 ExpectVectorMatches(test_cipher_text, cipher_text); 2001 ExpectVectorMatches(test_cipher_text, cipher_text);
2042 ExpectVectorMatches(test_authentication_tag, authentication_tag); 2002 ExpectVectorMatches(test_authentication_tag, authentication_tag);
2043 2003
2044 // Test decryption. 2004 // Test decryption.
2045 blink::WebArrayBuffer plain_text; 2005 blink::WebArrayBuffer plain_text;
2046 EXPECT_STATUS_SUCCESS(AesGcmDecrypt(key, test_iv, test_additional_data, 2006 EXPECT_STATUS_SUCCESS(AesGcmDecrypt(key,
2047 test_tag_size_bits, test_cipher_text, 2007 test_iv,
2048 test_authentication_tag, &plain_text)); 2008 test_additional_data,
2009 test_tag_size_bits,
2010 test_cipher_text,
2011 test_authentication_tag,
2012 &plain_text));
2049 ExpectArrayBufferMatches(test_plain_text, plain_text); 2013 ExpectArrayBufferMatches(test_plain_text, plain_text);
2050 2014
2051 // Decryption should fail if any of the inputs are tampered with. 2015 // Decryption should fail if any of the inputs are tampered with.
2052 EXPECT_STATUS(Status::Error(), 2016 EXPECT_STATUS(Status::Error(),
2053 AesGcmDecrypt(key, Corrupted(test_iv), test_additional_data, 2017 AesGcmDecrypt(key,
2054 test_tag_size_bits, test_cipher_text, 2018 Corrupted(test_iv),
2055 test_authentication_tag, &plain_text)); 2019 test_additional_data,
2020 test_tag_size_bits,
2021 test_cipher_text,
2022 test_authentication_tag,
2023 &plain_text));
2056 EXPECT_STATUS(Status::Error(), 2024 EXPECT_STATUS(Status::Error(),
2057 AesGcmDecrypt(key, test_iv, Corrupted(test_additional_data), 2025 AesGcmDecrypt(key,
2058 test_tag_size_bits, test_cipher_text, 2026 test_iv,
2059 test_authentication_tag, &plain_text)); 2027 Corrupted(test_additional_data),
2028 test_tag_size_bits,
2029 test_cipher_text,
2030 test_authentication_tag,
2031 &plain_text));
2060 EXPECT_STATUS(Status::Error(), 2032 EXPECT_STATUS(Status::Error(),
2061 AesGcmDecrypt(key, test_iv, test_additional_data, 2033 AesGcmDecrypt(key,
2062 test_tag_size_bits, Corrupted(test_cipher_text), 2034 test_iv,
2063 test_authentication_tag, &plain_text)); 2035 test_additional_data,
2036 test_tag_size_bits,
2037 Corrupted(test_cipher_text),
2038 test_authentication_tag,
2039 &plain_text));
2064 EXPECT_STATUS(Status::Error(), 2040 EXPECT_STATUS(Status::Error(),
2065 AesGcmDecrypt(key, test_iv, test_additional_data, 2041 AesGcmDecrypt(key,
2066 test_tag_size_bits, test_cipher_text, 2042 test_iv,
2067 Corrupted(test_authentication_tag), 2043 test_additional_data,
2068 &plain_text)); 2044 test_tag_size_bits,
2045 test_cipher_text,
2046 Corrupted(test_authentication_tag),
2047 &plain_text));
2069 2048
2070 // Try different incorrect tag lengths 2049 // Try different incorrect tag lengths
2071 uint8 kAlternateTagLengths[] = {8, 96, 120, 128, 160, 255}; 2050 uint8 kAlternateTagLengths[] = {8, 96, 120, 128, 160, 255};
2072 for (size_t tag_i = 0; tag_i < arraysize(kAlternateTagLengths); ++tag_i) { 2051 for (size_t tag_i = 0; tag_i < arraysize(kAlternateTagLengths); ++tag_i) {
2073 unsigned int wrong_tag_size_bits = kAlternateTagLengths[tag_i]; 2052 unsigned int wrong_tag_size_bits = kAlternateTagLengths[tag_i];
2074 if (test_tag_size_bits == wrong_tag_size_bits) 2053 if (test_tag_size_bits == wrong_tag_size_bits)
2075 continue; 2054 continue;
2076 EXPECT_STATUS_ERROR(AesGcmDecrypt(key, test_iv, test_additional_data, 2055 EXPECT_STATUS_ERROR(AesGcmDecrypt(key,
2077 wrong_tag_size_bits, test_cipher_text, 2056 test_iv,
2078 test_authentication_tag, &plain_text)); 2057 test_additional_data,
2058 wrong_tag_size_bits,
2059 test_cipher_text,
2060 test_authentication_tag,
2061 &plain_text));
2079 } 2062 }
2080 } 2063 }
2081 } 2064 }
2082 2065
2083 } // namespace webcrypto 2066 } // namespace webcrypto
2084 2067
2085 } // namespace content 2068 } // namespace content
OLDNEW
« no previous file with comments | « content/renderer/webcrypto/shared_crypto.cc ('k') | content/renderer/webcrypto/webcrypto_impl.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698