OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/renderer/webcrypto/shared_crypto.h" | 5 #include "content/renderer/webcrypto/shared_crypto.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
(...skipping 22 matching lines...) Expand all Loading... |
33 // the tests: http://crbug.com/267888 | 33 // the tests: http://crbug.com/267888 |
34 #if defined(USE_OPENSSL) | 34 #if defined(USE_OPENSSL) |
35 #define MAYBE(test_name) DISABLED_##test_name | 35 #define MAYBE(test_name) DISABLED_##test_name |
36 #else | 36 #else |
37 #define MAYBE(test_name) test_name | 37 #define MAYBE(test_name) test_name |
38 #endif | 38 #endif |
39 | 39 |
40 // Helper macros to verify the value of a Status. | 40 // Helper macros to verify the value of a Status. |
41 #define EXPECT_STATUS_ERROR(code) EXPECT_FALSE((code).IsSuccess()) | 41 #define EXPECT_STATUS_ERROR(code) EXPECT_FALSE((code).IsSuccess()) |
42 #define EXPECT_STATUS(expected, code) \ | 42 #define EXPECT_STATUS(expected, code) \ |
43 EXPECT_EQ(expected.ToString(), (code).ToString()) | 43 EXPECT_EQ(expected.ToString(), (code).ToString()) |
44 #define ASSERT_STATUS(expected, code) \ | 44 #define ASSERT_STATUS(expected, code) \ |
45 ASSERT_EQ(expected.ToString(), (code).ToString()) | 45 ASSERT_EQ(expected.ToString(), (code).ToString()) |
46 #define EXPECT_STATUS_SUCCESS(code) EXPECT_STATUS(Status::Success(), code) | 46 #define EXPECT_STATUS_SUCCESS(code) EXPECT_STATUS(Status::Success(), code) |
47 #define ASSERT_STATUS_SUCCESS(code) ASSERT_STATUS(Status::Success(), code) | 47 #define ASSERT_STATUS_SUCCESS(code) ASSERT_STATUS(Status::Success(), code) |
48 | 48 |
49 namespace content { | 49 namespace content { |
50 | 50 |
51 namespace webcrypto { | 51 namespace webcrypto { |
52 | 52 |
53 namespace { | 53 namespace { |
54 | 54 |
55 // Returns a slightly modified version of the input vector. | 55 // Returns a slightly modified version of the input vector. |
(...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
100 base::JSONWriter::Write(&dict, &json); | 100 base::JSONWriter::Write(&dict, &json); |
101 return MakeJsonVector(json); | 101 return MakeJsonVector(json); |
102 } | 102 } |
103 | 103 |
104 // ---------------------------------------------------------------- | 104 // ---------------------------------------------------------------- |
105 // Helpers for working with JSON data files for test expectations. | 105 // Helpers for working with JSON data files for test expectations. |
106 // ---------------------------------------------------------------- | 106 // ---------------------------------------------------------------- |
107 | 107 |
108 // Reads a file in "src/content/test/data/webcrypto" to a base::Value. | 108 // Reads a file in "src/content/test/data/webcrypto" to a base::Value. |
109 // The file must be JSON, however it can also include C++ style comments. | 109 // The file must be JSON, however it can also include C++ style comments. |
110 ::testing::AssertionResult ReadJsonTestFile( | 110 ::testing::AssertionResult ReadJsonTestFile(const char* test_file_name, |
111 const char* test_file_name, | 111 scoped_ptr<base::Value>* value) { |
112 scoped_ptr<base::Value>* value) { | |
113 base::FilePath test_data_dir; | 112 base::FilePath test_data_dir; |
114 if (!PathService::Get(DIR_TEST_DATA, &test_data_dir)) | 113 if (!PathService::Get(DIR_TEST_DATA, &test_data_dir)) |
115 return ::testing::AssertionFailure() << "Couldn't retrieve test dir"; | 114 return ::testing::AssertionFailure() << "Couldn't retrieve test dir"; |
116 | 115 |
117 base::FilePath file_path = | 116 base::FilePath file_path = |
118 test_data_dir.AppendASCII("webcrypto").AppendASCII(test_file_name); | 117 test_data_dir.AppendASCII("webcrypto").AppendASCII(test_file_name); |
119 | 118 |
120 std::string file_contents; | 119 std::string file_contents; |
121 if (!base::ReadFileToString(file_path, &file_contents)) { | 120 if (!base::ReadFileToString(file_path, &file_contents)) { |
122 return ::testing::AssertionFailure() << "Couldn't read test file: " | 121 return ::testing::AssertionFailure() |
123 << file_path.value(); | 122 << "Couldn't read test file: " << file_path.value(); |
124 } | 123 } |
125 | 124 |
126 // Strip C++ style comments out of the "json" file, otherwise it cannot be | 125 // Strip C++ style comments out of the "json" file, otherwise it cannot be |
127 // parsed. | 126 // parsed. |
128 re2::RE2::GlobalReplace(&file_contents, re2::RE2("\\s*//.*"), ""); | 127 re2::RE2::GlobalReplace(&file_contents, re2::RE2("\\s*//.*"), ""); |
129 | 128 |
130 // Parse the JSON to a dictionary. | 129 // Parse the JSON to a dictionary. |
131 value->reset(base::JSONReader::Read(file_contents)); | 130 value->reset(base::JSONReader::Read(file_contents)); |
132 if (!value->get()) { | 131 if (!value->get()) { |
133 return ::testing::AssertionFailure() << "Couldn't parse test file JSON: " | 132 return ::testing::AssertionFailure() |
134 << file_path.value(); | 133 << "Couldn't parse test file JSON: " << file_path.value(); |
135 } | 134 } |
136 | 135 |
137 return ::testing::AssertionSuccess(); | 136 return ::testing::AssertionSuccess(); |
138 } | 137 } |
139 | 138 |
140 // Same as ReadJsonTestFile(), but return the value as a List. | 139 // Same as ReadJsonTestFile(), but return the value as a List. |
141 ::testing::AssertionResult ReadJsonTestFileToList( | 140 ::testing::AssertionResult ReadJsonTestFileToList( |
142 const char* test_file_name, | 141 const char* test_file_name, |
143 scoped_ptr<base::ListValue>* list) { | 142 scoped_ptr<base::ListValue>* list) { |
144 // Read the JSON. | 143 // Read the JSON. |
(...skipping 11 matching lines...) Expand all Loading... |
156 ignore_result(json.release()); | 155 ignore_result(json.release()); |
157 | 156 |
158 return ::testing::AssertionSuccess(); | 157 return ::testing::AssertionSuccess(); |
159 } | 158 } |
160 | 159 |
161 // Read a string property from the dictionary with path |property_name| | 160 // Read a string property from the dictionary with path |property_name| |
162 // (which can include periods for nested dictionaries). Interprets the | 161 // (which can include periods for nested dictionaries). Interprets the |
163 // string as a hex encoded string and converts it to a bytes list. | 162 // string as a hex encoded string and converts it to a bytes list. |
164 // | 163 // |
165 // Returns empty vector on failure. | 164 // Returns empty vector on failure. |
166 std::vector<uint8> GetBytesFromHexString( | 165 std::vector<uint8> GetBytesFromHexString(base::DictionaryValue* dict, |
167 base::DictionaryValue* dict, | 166 const char* property_name) { |
168 const char* property_name) { | |
169 std::string hex_string; | 167 std::string hex_string; |
170 if (!dict->GetString(property_name, &hex_string)) { | 168 if (!dict->GetString(property_name, &hex_string)) { |
171 EXPECT_TRUE(false) << "Couldn't get string property: " << property_name; | 169 EXPECT_TRUE(false) << "Couldn't get string property: " << property_name; |
172 return std::vector<uint8>(); | 170 return std::vector<uint8>(); |
173 } | 171 } |
174 | 172 |
175 return HexStringToBytes(hex_string); | 173 return HexStringToBytes(hex_string); |
176 } | 174 } |
177 | 175 |
178 // Reads a string property with path "property_name" and converts it to a | 176 // Reads a string property with path "property_name" and converts it to a |
179 // WebCryptoAlgorith. Returns null algorithm on failure. | 177 // WebCryptoAlgorith. Returns null algorithm on failure. |
180 blink::WebCryptoAlgorithm GetDigestAlgorithm( | 178 blink::WebCryptoAlgorithm GetDigestAlgorithm(base::DictionaryValue* dict, |
181 base::DictionaryValue* dict, | 179 const char* property_name) { |
182 const char* property_name) { | |
183 std::string algorithm_name; | 180 std::string algorithm_name; |
184 if (!dict->GetString(property_name, &algorithm_name)) { | 181 if (!dict->GetString(property_name, &algorithm_name)) { |
185 EXPECT_TRUE(false) << "Couldn't get string property: " << property_name; | 182 EXPECT_TRUE(false) << "Couldn't get string property: " << property_name; |
186 return blink::WebCryptoAlgorithm::createNull(); | 183 return blink::WebCryptoAlgorithm::createNull(); |
187 } | 184 } |
188 | 185 |
189 struct { | 186 struct { |
190 const char* name; | 187 const char* name; |
191 blink::WebCryptoAlgorithmId id; | 188 blink::WebCryptoAlgorithmId id; |
192 } kDigestNameToId[] = { | 189 } kDigestNameToId[] = {{"sha-1", blink::WebCryptoAlgorithmIdSha1}, |
193 {"sha-1", blink::WebCryptoAlgorithmIdSha1}, | 190 {"sha-224", blink::WebCryptoAlgorithmIdSha224}, |
194 {"sha-224", blink::WebCryptoAlgorithmIdSha224}, | 191 {"sha-256", blink::WebCryptoAlgorithmIdSha256}, |
195 {"sha-256", blink::WebCryptoAlgorithmIdSha256}, | 192 {"sha-384", blink::WebCryptoAlgorithmIdSha384}, |
196 {"sha-384", blink::WebCryptoAlgorithmIdSha384}, | 193 {"sha-512", blink::WebCryptoAlgorithmIdSha512}, }; |
197 {"sha-512", blink::WebCryptoAlgorithmIdSha512}, | |
198 }; | |
199 | 194 |
200 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kDigestNameToId); ++i) { | 195 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kDigestNameToId); ++i) { |
201 if (kDigestNameToId[i].name == algorithm_name) | 196 if (kDigestNameToId[i].name == algorithm_name) |
202 return CreateAlgorithm(kDigestNameToId[i].id); | 197 return CreateAlgorithm(kDigestNameToId[i].id); |
203 } | 198 } |
204 | 199 |
205 return blink::WebCryptoAlgorithm::createNull(); | 200 return blink::WebCryptoAlgorithm::createNull(); |
206 } | 201 } |
207 | 202 |
208 // Helper for ImportJwkFailures and ImportJwkOctFailures. Restores the JWK JSON | 203 // Helper for ImportJwkFailures and ImportJwkOctFailures. Restores the JWK JSON |
209 // dictionary to a good state | 204 // dictionary to a good state |
210 void RestoreJwkOctDictionary(base::DictionaryValue* dict) { | 205 void RestoreJwkOctDictionary(base::DictionaryValue* dict) { |
211 dict->Clear(); | 206 dict->Clear(); |
212 dict->SetString("kty", "oct"); | 207 dict->SetString("kty", "oct"); |
213 dict->SetString("alg", "A128CBC"); | 208 dict->SetString("alg", "A128CBC"); |
214 dict->SetString("use", "enc"); | 209 dict->SetString("use", "enc"); |
215 dict->SetBoolean("extractable", false); | 210 dict->SetBoolean("extractable", false); |
216 dict->SetString("k", "GADWrMRHwQfoNaXU5fZvTg=="); | 211 dict->SetString("k", "GADWrMRHwQfoNaXU5fZvTg=="); |
217 } | 212 } |
218 | 213 |
219 blink::WebCryptoAlgorithm CreateAesGcmAlgorithm( | 214 blink::WebCryptoAlgorithm CreateAesGcmAlgorithm( |
220 const std::vector<uint8>& iv, | 215 const std::vector<uint8>& iv, |
221 const std::vector<uint8>& additional_data, | 216 const std::vector<uint8>& additional_data, |
222 unsigned int tag_length_bits) { | 217 unsigned int tag_length_bits) { |
223 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( | 218 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( |
224 blink::WebCryptoAlgorithmIdAesGcm, | 219 blink::WebCryptoAlgorithmIdAesGcm, |
225 new blink::WebCryptoAesGcmParams( | 220 new blink::WebCryptoAesGcmParams(Uint8VectorStart(iv), |
226 Uint8VectorStart(iv), iv.size(), | 221 iv.size(), |
227 true, | 222 true, |
228 Uint8VectorStart(additional_data), | 223 Uint8VectorStart(additional_data), |
229 additional_data.size(), | 224 additional_data.size(), |
230 true, tag_length_bits)); | 225 true, |
| 226 tag_length_bits)); |
231 } | 227 } |
232 | 228 |
233 // Helper for ImportJwkRsaFailures. Restores the JWK JSON | 229 // Helper for ImportJwkRsaFailures. Restores the JWK JSON |
234 // dictionary to a good state | 230 // dictionary to a good state |
235 void RestoreJwkRsaDictionary(base::DictionaryValue* dict) { | 231 void RestoreJwkRsaDictionary(base::DictionaryValue* dict) { |
236 dict->Clear(); | 232 dict->Clear(); |
237 dict->SetString("kty", "RSA"); | 233 dict->SetString("kty", "RSA"); |
238 dict->SetString("alg", "RSA1_5"); | 234 dict->SetString("alg", "RSA1_5"); |
239 dict->SetString("use", "enc"); | 235 dict->SetString("use", "enc"); |
240 dict->SetBoolean("extractable", false); | 236 dict->SetBoolean("extractable", false); |
241 dict->SetString("n", | 237 dict->SetString( |
| 238 "n", |
242 "qLOyhK-OtQs4cDSoYPFGxJGfMYdjzWxVmMiuSBGh4KvEx-CwgtaTpef87Wdc9GaFEncsDLxk" | 239 "qLOyhK-OtQs4cDSoYPFGxJGfMYdjzWxVmMiuSBGh4KvEx-CwgtaTpef87Wdc9GaFEncsDLxk" |
243 "p0LGxjD1M8jMcvYq6DPEC_JYQumEu3i9v5fAEH1VvbZi9cTg-rmEXLUUjvc5LdOq_5OuHmtm" | 240 "p0LGxjD1M8jMcvYq6DPEC_JYQumEu3i9v5fAEH1VvbZi9cTg-rmEXLUUjvc5LdOq_5OuHmtm" |
244 "e7PUJHYW1PW6ENTP0ibeiNOfFvs"); | 241 "e7PUJHYW1PW6ENTP0ibeiNOfFvs"); |
245 dict->SetString("e", "AQAB"); | 242 dict->SetString("e", "AQAB"); |
246 } | 243 } |
247 | 244 |
248 blink::WebCryptoAlgorithm CreateRsaAlgorithmWithInnerHash( | 245 blink::WebCryptoAlgorithm CreateRsaAlgorithmWithInnerHash( |
249 blink::WebCryptoAlgorithmId algorithm_id, | 246 blink::WebCryptoAlgorithmId algorithm_id, |
250 blink::WebCryptoAlgorithmId hash_id) { | 247 blink::WebCryptoAlgorithmId hash_id) { |
251 DCHECK(algorithm_id == blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 || | 248 DCHECK(algorithm_id == blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 || |
252 algorithm_id == blink::WebCryptoAlgorithmIdRsaOaep); | 249 algorithm_id == blink::WebCryptoAlgorithmIdRsaOaep); |
253 DCHECK(IsHashAlgorithm(hash_id)); | 250 DCHECK(IsHashAlgorithm(hash_id)); |
254 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( | 251 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( |
255 algorithm_id, | 252 algorithm_id, new blink::WebCryptoRsaSsaParams(CreateAlgorithm(hash_id))); |
256 new blink::WebCryptoRsaSsaParams(CreateAlgorithm(hash_id))); | |
257 } | 253 } |
258 | 254 |
259 // Determines if two ArrayBuffers have identical content. | 255 // Determines if two ArrayBuffers have identical content. |
260 bool ArrayBuffersEqual( | 256 bool ArrayBuffersEqual(const blink::WebArrayBuffer& a, |
261 const blink::WebArrayBuffer& a, | 257 const blink::WebArrayBuffer& b) { |
262 const blink::WebArrayBuffer& b) { | |
263 return a.byteLength() == b.byteLength() && | 258 return a.byteLength() == b.byteLength() && |
264 memcmp(a.data(), b.data(), a.byteLength()) == 0; | 259 memcmp(a.data(), b.data(), a.byteLength()) == 0; |
265 } | 260 } |
266 | 261 |
267 // Given a vector of WebArrayBuffers, determines if there are any copies. | 262 // Given a vector of WebArrayBuffers, determines if there are any copies. |
268 bool CopiesExist(std::vector<blink::WebArrayBuffer> bufs) { | 263 bool CopiesExist(std::vector<blink::WebArrayBuffer> bufs) { |
269 for (size_t i = 0; i < bufs.size(); ++i) { | 264 for (size_t i = 0; i < bufs.size(); ++i) { |
270 for (size_t j = i + 1; j < bufs.size(); ++j) { | 265 for (size_t j = i + 1; j < bufs.size(); ++j) { |
271 if (ArrayBuffersEqual(bufs[i], bufs[j])) | 266 if (ArrayBuffersEqual(bufs[i], bufs[j])) |
272 return true; | 267 return true; |
(...skipping 58 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
331 "5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8d" | 326 "5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8d" |
332 "d3ede2448328f385d81b30e8e43b2fffa02786197902401a8b38f398fa71" | 327 "d3ede2448328f385d81b30e8e43b2fffa02786197902401a8b38f398fa71" |
333 "2049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd" | 328 "2049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd" |
334 "48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729024027" | 329 "48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729024027" |
335 "156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319" | 330 "156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319" |
336 "584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24" | 331 "584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24" |
337 "a79f4d"; | 332 "a79f4d"; |
338 | 333 |
339 class SharedCryptoTest : public testing::Test { | 334 class SharedCryptoTest : public testing::Test { |
340 protected: | 335 protected: |
341 virtual void SetUp() OVERRIDE { | 336 virtual void SetUp() OVERRIDE { Init(); } |
342 Init(); | |
343 } | |
344 }; | 337 }; |
345 | 338 |
346 // Wrappers to pass vector<> in place of CryptoData. | 339 // Wrappers to pass vector<> in place of CryptoData. |
347 | 340 |
348 Status ImportKeyInternal(blink::WebCryptoKeyFormat format, | 341 Status ImportKeyInternal(blink::WebCryptoKeyFormat format, |
349 const std::vector<uint8>& key_data, | 342 const std::vector<uint8>& key_data, |
350 const blink::WebCryptoAlgorithm& algorithm, | 343 const blink::WebCryptoAlgorithm& algorithm, |
351 bool extractable, | 344 bool extractable, |
352 blink::WebCryptoKeyUsageMask usage_mask, | 345 blink::WebCryptoKeyUsageMask usage_mask, |
353 blink::WebCryptoKey* key) { | 346 blink::WebCryptoKey* key) { |
354 return ImportKey(format, CryptoData(key_data), algorithm, extractable, | 347 return ImportKey( |
355 usage_mask, key); | 348 format, CryptoData(key_data), algorithm, extractable, usage_mask, key); |
356 } | 349 } |
357 | 350 |
358 Status EncryptInternal(const blink::WebCryptoAlgorithm& algorithm, | 351 Status EncryptInternal(const blink::WebCryptoAlgorithm& algorithm, |
359 const blink::WebCryptoKey& key, | 352 const blink::WebCryptoKey& key, |
360 const std::vector<uint8>& data, | 353 const std::vector<uint8>& data, |
361 blink::WebArrayBuffer* buffer) { | 354 blink::WebArrayBuffer* buffer) { |
362 return Encrypt(algorithm, key, CryptoData(data), buffer); | 355 return Encrypt(algorithm, key, CryptoData(data), buffer); |
363 } | 356 } |
364 | 357 |
365 Status DecryptInternal(const blink::WebCryptoAlgorithm& algorithm, | 358 Status DecryptInternal(const blink::WebCryptoAlgorithm& algorithm, |
366 const blink::WebCryptoKey& key, | 359 const blink::WebCryptoKey& key, |
367 const std::vector<uint8>& data, | 360 const std::vector<uint8>& data, |
368 blink::WebArrayBuffer* buffer) { | 361 blink::WebArrayBuffer* buffer) { |
369 return Decrypt(algorithm, key, CryptoData(data), buffer); | 362 return Decrypt(algorithm, key, CryptoData(data), buffer); |
370 } | 363 } |
371 | 364 |
| 365 blink::WebCryptoKey ImportSecretKeyFromRaw( |
| 366 const std::vector<uint8>& key_raw, |
| 367 const blink::WebCryptoAlgorithm& algorithm, |
| 368 blink::WebCryptoKeyUsageMask usage) { |
| 369 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
| 370 bool extractable = true; |
| 371 EXPECT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
| 372 key_raw, |
| 373 algorithm, |
| 374 extractable, |
| 375 usage, |
| 376 &key)); |
372 | 377 |
373 // TODO: de-indent. | 378 EXPECT_FALSE(key.isNull()); |
374 blink::WebCryptoKey ImportSecretKeyFromRaw( | 379 EXPECT_TRUE(key.handle()); |
375 const std::vector<uint8>& key_raw, | 380 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
376 const blink::WebCryptoAlgorithm& algorithm, | 381 EXPECT_EQ(algorithm.id(), key.algorithm().id()); |
377 blink::WebCryptoKeyUsageMask usage) { | 382 EXPECT_EQ(extractable, key.extractable()); |
378 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 383 EXPECT_EQ(usage, key.usages()); |
379 bool extractable = true; | 384 return key; |
380 EXPECT_STATUS_SUCCESS( | 385 } |
381 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, | |
382 key_raw, | |
383 algorithm, | |
384 extractable, | |
385 usage, | |
386 &key)); | |
387 | 386 |
388 EXPECT_FALSE(key.isNull()); | 387 void ImportRsaKeyPair(const std::vector<uint8>& spki_der, |
389 EXPECT_TRUE(key.handle()); | 388 const std::vector<uint8>& pkcs8_der, |
390 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 389 const blink::WebCryptoAlgorithm& algorithm, |
391 EXPECT_EQ(algorithm.id(), key.algorithm().id()); | 390 bool extractable, |
392 EXPECT_EQ(extractable, key.extractable()); | 391 blink::WebCryptoKeyUsageMask usage_mask, |
393 EXPECT_EQ(usage, key.usages()); | 392 blink::WebCryptoKey* public_key, |
394 return key; | 393 blink::WebCryptoKey* private_key) { |
| 394 EXPECT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatSpki, |
| 395 spki_der, |
| 396 algorithm, |
| 397 true, |
| 398 usage_mask, |
| 399 public_key)); |
| 400 EXPECT_FALSE(public_key->isNull()); |
| 401 EXPECT_TRUE(public_key->handle()); |
| 402 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key->type()); |
| 403 EXPECT_EQ(algorithm.id(), public_key->algorithm().id()); |
| 404 EXPECT_EQ(extractable, extractable); |
| 405 EXPECT_EQ(usage_mask, public_key->usages()); |
| 406 |
| 407 EXPECT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatPkcs8, |
| 408 pkcs8_der, |
| 409 algorithm, |
| 410 extractable, |
| 411 usage_mask, |
| 412 private_key)); |
| 413 EXPECT_FALSE(private_key->isNull()); |
| 414 EXPECT_TRUE(private_key->handle()); |
| 415 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key->type()); |
| 416 EXPECT_EQ(algorithm.id(), private_key->algorithm().id()); |
| 417 EXPECT_EQ(extractable, extractable); |
| 418 EXPECT_EQ(usage_mask, private_key->usages()); |
| 419 } |
| 420 |
| 421 // TODO(eroman): For Linux builds using system NSS, AES-GCM support is a |
| 422 // runtime dependency. Test it by trying to import a key. |
| 423 bool SupportsAesGcm() { |
| 424 std::vector<uint8> key_raw(16, 0); |
| 425 |
| 426 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
| 427 Status status = |
| 428 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
| 429 key_raw, |
| 430 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm), |
| 431 true, |
| 432 blink::WebCryptoKeyUsageEncrypt, |
| 433 &key); |
| 434 |
| 435 if (status.IsError()) |
| 436 EXPECT_EQ(Status::ErrorUnsupported().ToString(), status.ToString()); |
| 437 return status.IsSuccess(); |
| 438 } |
| 439 |
| 440 Status AesGcmEncrypt(const blink::WebCryptoKey& key, |
| 441 const std::vector<uint8>& iv, |
| 442 const std::vector<uint8>& additional_data, |
| 443 unsigned int tag_length_bits, |
| 444 const std::vector<uint8>& plain_text, |
| 445 std::vector<uint8>* cipher_text, |
| 446 std::vector<uint8>* authentication_tag) { |
| 447 blink::WebCryptoAlgorithm algorithm = |
| 448 CreateAesGcmAlgorithm(iv, additional_data, tag_length_bits); |
| 449 |
| 450 blink::WebArrayBuffer output; |
| 451 Status status = EncryptInternal(algorithm, key, plain_text, &output); |
| 452 if (status.IsError()) |
| 453 return status; |
| 454 |
| 455 if (output.byteLength() * 8 < tag_length_bits) { |
| 456 EXPECT_TRUE(false); |
| 457 return Status::Error(); |
395 } | 458 } |
396 | 459 |
397 void ImportRsaKeyPair( | 460 // The encryption result is cipher text with authentication tag appended. |
398 const std::vector<uint8>& spki_der, | 461 cipher_text->assign(static_cast<uint8*>(output.data()), |
399 const std::vector<uint8>& pkcs8_der, | 462 static_cast<uint8*>(output.data()) + |
400 const blink::WebCryptoAlgorithm& algorithm, | 463 (output.byteLength() - tag_length_bits / 8)); |
401 bool extractable, | 464 authentication_tag->assign( |
402 blink::WebCryptoKeyUsageMask usage_mask, | 465 static_cast<uint8*>(output.data()) + cipher_text->size(), |
403 blink::WebCryptoKey* public_key, | 466 static_cast<uint8*>(output.data()) + output.byteLength()); |
404 blink::WebCryptoKey* private_key) { | |
405 EXPECT_STATUS_SUCCESS(ImportKeyInternal( | |
406 blink::WebCryptoKeyFormatSpki, | |
407 spki_der, | |
408 algorithm, | |
409 true, | |
410 usage_mask, | |
411 public_key)); | |
412 EXPECT_FALSE(public_key->isNull()); | |
413 EXPECT_TRUE(public_key->handle()); | |
414 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key->type()); | |
415 EXPECT_EQ(algorithm.id(), public_key->algorithm().id()); | |
416 EXPECT_EQ(extractable, extractable); | |
417 EXPECT_EQ(usage_mask, public_key->usages()); | |
418 | 467 |
419 EXPECT_STATUS_SUCCESS(ImportKeyInternal( | 468 return Status::Success(); |
420 blink::WebCryptoKeyFormatPkcs8, | 469 } |
421 pkcs8_der, | |
422 algorithm, | |
423 extractable, | |
424 usage_mask, | |
425 private_key)); | |
426 EXPECT_FALSE(private_key->isNull()); | |
427 EXPECT_TRUE(private_key->handle()); | |
428 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key->type()); | |
429 EXPECT_EQ(algorithm.id(), private_key->algorithm().id()); | |
430 EXPECT_EQ(extractable, extractable); | |
431 EXPECT_EQ(usage_mask, private_key->usages()); | |
432 } | |
433 | 470 |
434 // TODO(eroman): For Linux builds using system NSS, AES-GCM support is a | 471 Status AesGcmDecrypt(const blink::WebCryptoKey& key, |
435 // runtime dependency. Test it by trying to import a key. | 472 const std::vector<uint8>& iv, |
436 bool SupportsAesGcm() { | 473 const std::vector<uint8>& additional_data, |
437 std::vector<uint8> key_raw(16, 0); | 474 unsigned int tag_length_bits, |
| 475 const std::vector<uint8>& cipher_text, |
| 476 const std::vector<uint8>& authentication_tag, |
| 477 blink::WebArrayBuffer* plain_text) { |
| 478 blink::WebCryptoAlgorithm algorithm = |
| 479 CreateAesGcmAlgorithm(iv, additional_data, tag_length_bits); |
438 | 480 |
439 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 481 // Join cipher text and authentication tag. |
440 Status status = ImportKeyInternal( | 482 std::vector<uint8> cipher_text_with_tag; |
441 blink::WebCryptoKeyFormatRaw, | 483 cipher_text_with_tag.reserve(cipher_text.size() + authentication_tag.size()); |
442 key_raw, | 484 cipher_text_with_tag.insert( |
443 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm), | 485 cipher_text_with_tag.end(), cipher_text.begin(), cipher_text.end()); |
444 true, | 486 cipher_text_with_tag.insert(cipher_text_with_tag.end(), |
445 blink::WebCryptoKeyUsageEncrypt, | 487 authentication_tag.begin(), |
446 &key); | 488 authentication_tag.end()); |
447 | 489 |
448 if (status.IsError()) | 490 return DecryptInternal(algorithm, key, cipher_text_with_tag, plain_text); |
449 EXPECT_EQ(Status::ErrorUnsupported().ToString(), status.ToString()); | 491 } |
450 return status.IsSuccess(); | |
451 } | |
452 | 492 |
453 Status AesGcmEncrypt(const blink::WebCryptoKey& key, | 493 // Helpers to pass vector<> in place of CryptoData. |
454 const std::vector<uint8>& iv, | 494 Status DigestInternal(const blink::WebCryptoAlgorithm& algorithm, |
455 const std::vector<uint8>& additional_data, | 495 const std::vector<uint8>& data, |
456 unsigned int tag_length_bits, | 496 blink::WebArrayBuffer* buffer) { |
457 const std::vector<uint8>& plain_text, | 497 return Digest(algorithm, CryptoData(data), buffer); |
458 std::vector<uint8>* cipher_text, | 498 } |
459 std::vector<uint8>* authentication_tag) { | |
460 blink::WebCryptoAlgorithm algorithm = CreateAesGcmAlgorithm( | |
461 iv, additional_data, tag_length_bits); | |
462 | 499 |
463 blink::WebArrayBuffer output; | 500 Status SignInternal(const blink::WebCryptoAlgorithm& algorithm, |
464 Status status = EncryptInternal(algorithm, key, plain_text, &output); | 501 const blink::WebCryptoKey& key, |
465 if (status.IsError()) | 502 const std::vector<uint8>& data, |
466 return status; | 503 blink::WebArrayBuffer* buffer) { |
| 504 return Sign(algorithm, key, CryptoData(data), buffer); |
| 505 } |
467 | 506 |
468 if (output.byteLength() * 8 < tag_length_bits) { | 507 Status VerifySignatureInternal(const blink::WebCryptoAlgorithm& algorithm, |
469 EXPECT_TRUE(false); | 508 const blink::WebCryptoKey& key, |
470 return Status::Error(); | 509 const CryptoData& signature, |
471 } | 510 const std::vector<uint8>& data, |
| 511 bool* signature_match) { |
| 512 return VerifySignature( |
| 513 algorithm, key, signature, CryptoData(data), signature_match); |
| 514 } |
472 | 515 |
473 // The encryption result is cipher text with authentication tag appended. | 516 Status VerifySignatureInternal(const blink::WebCryptoAlgorithm& algorithm, |
474 cipher_text->assign( | 517 const blink::WebCryptoKey& key, |
475 static_cast<uint8*>(output.data()), | 518 const std::vector<uint8>& signature, |
476 static_cast<uint8*>(output.data()) + | 519 const std::vector<uint8>& data, |
477 (output.byteLength() - tag_length_bits / 8)); | 520 bool* signature_match) { |
478 authentication_tag->assign( | 521 return VerifySignature( |
479 static_cast<uint8*>(output.data()) + cipher_text->size(), | 522 algorithm, key, CryptoData(signature), CryptoData(data), signature_match); |
480 static_cast<uint8*>(output.data()) + output.byteLength()); | 523 } |
481 | 524 |
482 return Status::Success(); | 525 Status ImportKeyJwk(const std::vector<uint8>& key_data, |
483 } | 526 const blink::WebCryptoAlgorithm& algorithm, |
484 | 527 bool extractable, |
485 Status AesGcmDecrypt(const blink::WebCryptoKey& key, | 528 blink::WebCryptoKeyUsageMask usage_mask, |
486 const std::vector<uint8>& iv, | 529 blink::WebCryptoKey* key) { |
487 const std::vector<uint8>& additional_data, | 530 return ImportKeyJwk( |
488 unsigned int tag_length_bits, | 531 CryptoData(key_data), algorithm, extractable, usage_mask, key); |
489 const std::vector<uint8>& cipher_text, | 532 } |
490 const std::vector<uint8>& authentication_tag, | |
491 blink::WebArrayBuffer* plain_text) { | |
492 blink::WebCryptoAlgorithm algorithm = CreateAesGcmAlgorithm( | |
493 iv, additional_data, tag_length_bits); | |
494 | |
495 // Join cipher text and authentication tag. | |
496 std::vector<uint8> cipher_text_with_tag; | |
497 cipher_text_with_tag.reserve( | |
498 cipher_text.size() + authentication_tag.size()); | |
499 cipher_text_with_tag.insert( | |
500 cipher_text_with_tag.end(), cipher_text.begin(), cipher_text.end()); | |
501 cipher_text_with_tag.insert( | |
502 cipher_text_with_tag.end(), authentication_tag.begin(), | |
503 authentication_tag.end()); | |
504 | |
505 return DecryptInternal(algorithm, key, cipher_text_with_tag, plain_text); | |
506 } | |
507 | |
508 // Helpers to pass vector<> in place of CryptoData. | |
509 Status DigestInternal( | |
510 const blink::WebCryptoAlgorithm& algorithm, | |
511 const std::vector<uint8>& data, | |
512 blink::WebArrayBuffer* buffer) { | |
513 return Digest(algorithm, CryptoData(data), buffer); | |
514 } | |
515 | |
516 Status SignInternal( | |
517 const blink::WebCryptoAlgorithm& algorithm, | |
518 const blink::WebCryptoKey& key, | |
519 const std::vector<uint8>& data, | |
520 blink::WebArrayBuffer* buffer) { | |
521 return Sign(algorithm, key, CryptoData(data), buffer); | |
522 } | |
523 | |
524 Status VerifySignatureInternal( | |
525 const blink::WebCryptoAlgorithm& algorithm, | |
526 const blink::WebCryptoKey& key, | |
527 const CryptoData& signature, | |
528 const std::vector<uint8>& data, | |
529 bool* signature_match) { | |
530 return VerifySignature(algorithm, | |
531 key, | |
532 signature, | |
533 CryptoData(data), | |
534 signature_match); | |
535 } | |
536 | |
537 | |
538 Status VerifySignatureInternal( | |
539 const blink::WebCryptoAlgorithm& algorithm, | |
540 const blink::WebCryptoKey& key, | |
541 const std::vector<uint8>& signature, | |
542 const std::vector<uint8>& data, | |
543 bool* signature_match) { | |
544 return VerifySignature( | |
545 algorithm, | |
546 key, | |
547 CryptoData(signature), | |
548 CryptoData(data), | |
549 signature_match); | |
550 } | |
551 | |
552 Status ImportKeyJwk( | |
553 const std::vector<uint8>& key_data, | |
554 const blink::WebCryptoAlgorithm& algorithm, | |
555 bool extractable, | |
556 blink::WebCryptoKeyUsageMask usage_mask, | |
557 blink::WebCryptoKey* key) { | |
558 return ImportKeyJwk(CryptoData(key_data), | |
559 algorithm, | |
560 extractable, | |
561 usage_mask, | |
562 key); | |
563 } | |
564 | 533 |
565 } // namespace | 534 } // namespace |
566 | 535 |
567 TEST_F(SharedCryptoTest, StatusToString) { | 536 TEST_F(SharedCryptoTest, StatusToString) { |
568 EXPECT_EQ("Success", Status::Success().ToString()); | 537 EXPECT_EQ("Success", Status::Success().ToString()); |
569 EXPECT_EQ("", Status::Error().ToString()); | 538 EXPECT_EQ("", Status::Error().ToString()); |
570 EXPECT_EQ("The requested operation is unsupported", | 539 EXPECT_EQ("The requested operation is unsupported", |
571 Status::ErrorUnsupported().ToString()); | 540 Status::ErrorUnsupported().ToString()); |
572 EXPECT_EQ("The required JWK property \"kty\" was missing", | 541 EXPECT_EQ("The required JWK property \"kty\" was missing", |
573 Status::ErrorJwkPropertyMissing("kty").ToString()); | 542 Status::ErrorJwkPropertyMissing("kty").ToString()); |
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
626 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 595 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
627 ExpectArrayBufferMatches(test_key, raw_key); | 596 ExpectArrayBufferMatches(test_key, raw_key); |
628 | 597 |
629 blink::WebArrayBuffer output; | 598 blink::WebArrayBuffer output; |
630 | 599 |
631 ASSERT_STATUS_SUCCESS(SignInternal(algorithm, key, test_message, &output)); | 600 ASSERT_STATUS_SUCCESS(SignInternal(algorithm, key, test_message, &output)); |
632 | 601 |
633 ExpectArrayBufferMatches(test_mac, output); | 602 ExpectArrayBufferMatches(test_mac, output); |
634 | 603 |
635 bool signature_match = false; | 604 bool signature_match = false; |
636 EXPECT_STATUS_SUCCESS(VerifySignature( | 605 EXPECT_STATUS_SUCCESS(VerifySignature(algorithm, |
637 algorithm, | 606 key, |
638 key, | 607 CryptoData(output), |
639 CryptoData(output), | 608 CryptoData(test_message), |
640 CryptoData(test_message), | 609 &signature_match)); |
641 &signature_match)); | |
642 EXPECT_TRUE(signature_match); | 610 EXPECT_TRUE(signature_match); |
643 | 611 |
644 // Ensure truncated signature does not verify by passing one less byte. | 612 // Ensure truncated signature does not verify by passing one less byte. |
645 EXPECT_STATUS_SUCCESS(VerifySignature( | 613 EXPECT_STATUS_SUCCESS(VerifySignature( |
646 algorithm, | 614 algorithm, |
647 key, | 615 key, |
648 CryptoData(static_cast<const unsigned char*>(output.data()), | 616 CryptoData(static_cast<const unsigned char*>(output.data()), |
649 output.byteLength() - 1), | 617 output.byteLength() - 1), |
650 CryptoData(test_message), | 618 CryptoData(test_message), |
651 &signature_match)); | 619 &signature_match)); |
652 EXPECT_FALSE(signature_match); | 620 EXPECT_FALSE(signature_match); |
653 | 621 |
654 // Ensure truncated signature does not verify by passing no bytes. | 622 // Ensure truncated signature does not verify by passing no bytes. |
655 EXPECT_STATUS_SUCCESS(VerifySignature( | 623 EXPECT_STATUS_SUCCESS(VerifySignature(algorithm, |
656 algorithm, | 624 key, |
657 key, | 625 CryptoData(), |
658 CryptoData(), | 626 CryptoData(test_message), |
659 CryptoData(test_message), | 627 &signature_match)); |
660 &signature_match)); | |
661 EXPECT_FALSE(signature_match); | 628 EXPECT_FALSE(signature_match); |
662 | 629 |
663 // Ensure extra long signature does not cause issues and fails. | 630 // Ensure extra long signature does not cause issues and fails. |
664 const unsigned char kLongSignature[1024] = { 0 }; | 631 const unsigned char kLongSignature[1024] = {0}; |
665 EXPECT_STATUS_SUCCESS(VerifySignature( | 632 EXPECT_STATUS_SUCCESS( |
666 algorithm, | 633 VerifySignature(algorithm, |
667 key, | 634 key, |
668 CryptoData(kLongSignature, sizeof(kLongSignature)), | 635 CryptoData(kLongSignature, sizeof(kLongSignature)), |
669 CryptoData(test_message), | 636 CryptoData(test_message), |
670 &signature_match)); | 637 &signature_match)); |
671 EXPECT_FALSE(signature_match); | 638 EXPECT_FALSE(signature_match); |
672 } | 639 } |
673 } | 640 } |
674 | 641 |
675 TEST_F(SharedCryptoTest, AesCbcFailures) { | 642 TEST_F(SharedCryptoTest, AesCbcFailures) { |
676 const std::string key_hex = "2b7e151628aed2a6abf7158809cf4f3c"; | 643 const std::string key_hex = "2b7e151628aed2a6abf7158809cf4f3c"; |
677 blink::WebCryptoKey key = ImportSecretKeyFromRaw( | 644 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
678 HexStringToBytes(key_hex), | 645 HexStringToBytes(key_hex), |
679 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 646 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
680 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); | 647 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); |
681 | 648 |
682 // Verify exported raw key is identical to the imported data | 649 // Verify exported raw key is identical to the imported data |
683 blink::WebArrayBuffer raw_key; | 650 blink::WebArrayBuffer raw_key; |
684 EXPECT_STATUS_SUCCESS( | 651 EXPECT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
685 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | |
686 ExpectArrayBufferMatchesHex(key_hex, raw_key); | 652 ExpectArrayBufferMatchesHex(key_hex, raw_key); |
687 | 653 |
688 blink::WebArrayBuffer output; | 654 blink::WebArrayBuffer output; |
689 | 655 |
690 // Use an invalid |iv| (fewer than 16 bytes) | 656 // Use an invalid |iv| (fewer than 16 bytes) |
691 { | 657 { |
692 std::vector<uint8> input(32); | 658 std::vector<uint8> input(32); |
693 std::vector<uint8> iv; | 659 std::vector<uint8> iv; |
694 EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), EncryptInternal( | 660 EXPECT_STATUS( |
695 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); | 661 Status::ErrorIncorrectSizeAesCbcIv(), |
696 EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), DecryptInternal( | 662 EncryptInternal( |
697 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); | 663 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); |
| 664 EXPECT_STATUS( |
| 665 Status::ErrorIncorrectSizeAesCbcIv(), |
| 666 DecryptInternal( |
| 667 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); |
698 } | 668 } |
699 | 669 |
700 // Use an invalid |iv| (more than 16 bytes) | 670 // Use an invalid |iv| (more than 16 bytes) |
701 { | 671 { |
702 std::vector<uint8> input(32); | 672 std::vector<uint8> input(32); |
703 std::vector<uint8> iv(17); | 673 std::vector<uint8> iv(17); |
704 EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), EncryptInternal( | 674 EXPECT_STATUS( |
705 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); | 675 Status::ErrorIncorrectSizeAesCbcIv(), |
706 EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), DecryptInternal( | 676 EncryptInternal( |
707 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); | 677 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); |
| 678 EXPECT_STATUS( |
| 679 Status::ErrorIncorrectSizeAesCbcIv(), |
| 680 DecryptInternal( |
| 681 webcrypto::CreateAesCbcAlgorithm(iv), key, input, &output)); |
708 } | 682 } |
709 | 683 |
710 // Give an input that is too large (would cause integer overflow when | 684 // Give an input that is too large (would cause integer overflow when |
711 // narrowing to an int). | 685 // narrowing to an int). |
712 { | 686 { |
713 std::vector<uint8> iv(16); | 687 std::vector<uint8> iv(16); |
714 | 688 |
715 // Pretend the input is large. Don't pass data pointer as NULL in case that | 689 // Pretend the input is large. Don't pass data pointer as NULL in case that |
716 // is special cased; the implementation shouldn't actually dereference the | 690 // is special cased; the implementation shouldn't actually dereference the |
717 // data. | 691 // data. |
718 CryptoData input(&iv[0], INT_MAX - 3); | 692 CryptoData input(&iv[0], INT_MAX - 3); |
719 | 693 |
720 EXPECT_STATUS(Status::ErrorDataTooLarge(), Encrypt( | 694 EXPECT_STATUS(Status::ErrorDataTooLarge(), |
721 CreateAesCbcAlgorithm(iv), key, input, &output)); | 695 Encrypt(CreateAesCbcAlgorithm(iv), key, input, &output)); |
722 EXPECT_STATUS(Status::ErrorDataTooLarge(), Decrypt( | 696 EXPECT_STATUS(Status::ErrorDataTooLarge(), |
723 CreateAesCbcAlgorithm(iv), key, input, &output)); | 697 Decrypt(CreateAesCbcAlgorithm(iv), key, input, &output)); |
724 } | 698 } |
725 | 699 |
726 // Fail importing the key (too few bytes specified) | 700 // Fail importing the key (too few bytes specified) |
727 { | 701 { |
728 std::vector<uint8> key_raw(1); | 702 std::vector<uint8> key_raw(1); |
729 std::vector<uint8> iv(16); | 703 std::vector<uint8> iv(16); |
730 | 704 |
731 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 705 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
732 EXPECT_STATUS( | 706 EXPECT_STATUS(Status::Error(), |
733 Status::Error(), | 707 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
734 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, | 708 key_raw, |
735 key_raw, | 709 CreateAesCbcAlgorithm(iv), |
736 CreateAesCbcAlgorithm(iv), | 710 true, |
737 true, | 711 blink::WebCryptoKeyUsageEncrypt, |
738 blink::WebCryptoKeyUsageEncrypt, | 712 &key)); |
739 &key)); | |
740 } | 713 } |
741 | 714 |
742 // Fail exporting the key in SPKI and PKCS#8 formats (not allowed for secret | 715 // Fail exporting the key in SPKI and PKCS#8 formats (not allowed for secret |
743 // keys). | 716 // keys). |
744 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 717 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), |
745 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); | 718 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); |
746 EXPECT_STATUS(Status::ErrorUnsupported(), | 719 EXPECT_STATUS(Status::ErrorUnsupported(), |
747 ExportKey(blink::WebCryptoKeyFormatPkcs8, key, &output)); | 720 ExportKey(blink::WebCryptoKeyFormatPkcs8, key, &output)); |
748 } | 721 } |
749 | 722 |
750 TEST_F(SharedCryptoTest, MAYBE(AesCbcSampleSets)) { | 723 TEST_F(SharedCryptoTest, MAYBE(AesCbcSampleSets)) { |
751 scoped_ptr<base::ListValue> tests; | 724 scoped_ptr<base::ListValue> tests; |
752 ASSERT_TRUE(ReadJsonTestFileToList("aes_cbc.json", &tests)); | 725 ASSERT_TRUE(ReadJsonTestFileToList("aes_cbc.json", &tests)); |
753 | 726 |
754 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { | 727 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { |
755 SCOPED_TRACE(test_index); | 728 SCOPED_TRACE(test_index); |
756 base::DictionaryValue* test; | 729 base::DictionaryValue* test; |
757 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); | 730 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); |
758 | 731 |
759 std::vector<uint8> test_key = GetBytesFromHexString(test, "key"); | 732 std::vector<uint8> test_key = GetBytesFromHexString(test, "key"); |
760 std::vector<uint8> test_iv = GetBytesFromHexString(test, "iv"); | 733 std::vector<uint8> test_iv = GetBytesFromHexString(test, "iv"); |
761 std::vector<uint8> test_plain_text = | 734 std::vector<uint8> test_plain_text = |
762 GetBytesFromHexString(test, "plain_text"); | 735 GetBytesFromHexString(test, "plain_text"); |
763 std::vector<uint8> test_cipher_text = | 736 std::vector<uint8> test_cipher_text = |
764 GetBytesFromHexString(test, "cipher_text"); | 737 GetBytesFromHexString(test, "cipher_text"); |
765 | 738 |
766 blink::WebCryptoKey key = ImportSecretKeyFromRaw( | 739 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
767 test_key, | 740 test_key, |
768 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 741 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
769 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); | 742 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); |
770 | 743 |
771 // Verify exported raw key is identical to the imported data | 744 // Verify exported raw key is identical to the imported data |
772 blink::WebArrayBuffer raw_key; | 745 blink::WebArrayBuffer raw_key; |
773 EXPECT_STATUS_SUCCESS(ExportKey( | 746 EXPECT_STATUS_SUCCESS( |
774 blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 747 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
775 ExpectArrayBufferMatches(test_key, raw_key); | 748 ExpectArrayBufferMatches(test_key, raw_key); |
776 | 749 |
777 blink::WebArrayBuffer output; | 750 blink::WebArrayBuffer output; |
778 | 751 |
779 // Test encryption. | 752 // Test encryption. |
780 EXPECT_STATUS( | 753 EXPECT_STATUS(Status::Success(), |
781 Status::Success(), | 754 EncryptInternal(webcrypto::CreateAesCbcAlgorithm(test_iv), |
782 EncryptInternal(webcrypto::CreateAesCbcAlgorithm(test_iv), | 755 key, |
783 key, | 756 test_plain_text, |
784 test_plain_text, | 757 &output)); |
785 &output)); | |
786 ExpectArrayBufferMatches(test_cipher_text, output); | 758 ExpectArrayBufferMatches(test_cipher_text, output); |
787 | 759 |
788 // Test decryption. | 760 // Test decryption. |
789 EXPECT_STATUS( | 761 EXPECT_STATUS(Status::Success(), |
790 Status::Success(), | 762 DecryptInternal(webcrypto::CreateAesCbcAlgorithm(test_iv), |
791 DecryptInternal(webcrypto::CreateAesCbcAlgorithm(test_iv), | 763 key, |
792 key, | 764 test_cipher_text, |
793 test_cipher_text, | 765 &output)); |
794 &output)); | |
795 ExpectArrayBufferMatches(test_plain_text, output); | 766 ExpectArrayBufferMatches(test_plain_text, output); |
796 | 767 |
797 const unsigned int kAesCbcBlockSize = 16; | 768 const unsigned int kAesCbcBlockSize = 16; |
798 | 769 |
799 // Decrypt with a padding error by stripping the last block. This also ends | 770 // Decrypt with a padding error by stripping the last block. This also ends |
800 // up testing decryption over empty cipher text. | 771 // up testing decryption over empty cipher text. |
801 if (test_cipher_text.size() >= kAesCbcBlockSize) { | 772 if (test_cipher_text.size() >= kAesCbcBlockSize) { |
802 EXPECT_STATUS( | 773 EXPECT_STATUS( |
803 Status::Error(), | 774 Status::Error(), |
804 Decrypt(CreateAesCbcAlgorithm(test_iv), | 775 Decrypt(CreateAesCbcAlgorithm(test_iv), |
805 key, | 776 key, |
806 CryptoData(&test_cipher_text[0], | 777 CryptoData(&test_cipher_text[0], |
807 test_cipher_text.size() - kAesCbcBlockSize), | 778 test_cipher_text.size() - kAesCbcBlockSize), |
808 &output)); | 779 &output)); |
809 } | 780 } |
810 | 781 |
811 // Decrypt cipher text which is not a multiple of block size by stripping | 782 // Decrypt cipher text which is not a multiple of block size by stripping |
812 // a few bytes off the cipher text. | 783 // a few bytes off the cipher text. |
813 if (test_cipher_text.size() > 3) { | 784 if (test_cipher_text.size() > 3) { |
814 EXPECT_STATUS( | 785 EXPECT_STATUS( |
815 Status::Error(), | 786 Status::Error(), |
816 Decrypt(CreateAesCbcAlgorithm(test_iv), | 787 Decrypt(CreateAesCbcAlgorithm(test_iv), |
817 key, | 788 key, |
818 CryptoData(&test_cipher_text[0], | 789 CryptoData(&test_cipher_text[0], test_cipher_text.size() - 3), |
819 test_cipher_text.size() - 3), | |
820 &output)); | 790 &output)); |
821 } | 791 } |
822 } | 792 } |
823 } | 793 } |
824 | 794 |
825 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyAes)) { | 795 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyAes)) { |
826 // Check key generation for each of AES-CBC, AES-GCM, and AES-KW, and for each | 796 // Check key generation for each of AES-CBC, AES-GCM, and AES-KW, and for each |
827 // allowed key length. | 797 // allowed key length. |
828 std::vector<blink::WebCryptoAlgorithm> algorithm; | 798 std::vector<blink::WebCryptoAlgorithm> algorithm; |
829 const unsigned short kKeyLength[] = {128, 192, 256}; | 799 const unsigned short kKeyLength[] = {128, 192, 256}; |
830 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLength); ++i) { | 800 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLength); ++i) { |
831 algorithm.push_back(CreateAesCbcKeyGenAlgorithm(kKeyLength[i])); | 801 algorithm.push_back(CreateAesCbcKeyGenAlgorithm(kKeyLength[i])); |
832 algorithm.push_back(CreateAesGcmKeyGenAlgorithm(kKeyLength[i])); | 802 algorithm.push_back(CreateAesGcmKeyGenAlgorithm(kKeyLength[i])); |
833 algorithm.push_back(CreateAesKwKeyGenAlgorithm(kKeyLength[i])); | 803 algorithm.push_back(CreateAesKwKeyGenAlgorithm(kKeyLength[i])); |
834 } | 804 } |
835 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 805 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
836 std::vector<blink::WebArrayBuffer> keys; | 806 std::vector<blink::WebArrayBuffer> keys; |
837 blink::WebArrayBuffer key_bytes; | 807 blink::WebArrayBuffer key_bytes; |
838 for (size_t i = 0; i < algorithm.size(); ++i) { | 808 for (size_t i = 0; i < algorithm.size(); ++i) { |
839 SCOPED_TRACE(i); | 809 SCOPED_TRACE(i); |
840 // Generate a small sample of keys. | 810 // Generate a small sample of keys. |
841 keys.clear(); | 811 keys.clear(); |
842 for (int j = 0; j < 16; ++j) { | 812 for (int j = 0; j < 16; ++j) { |
843 ASSERT_STATUS_SUCCESS(GenerateSecretKey( | 813 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm[i], true, 0, &key)); |
844 algorithm[i], true, 0, &key)); | |
845 EXPECT_TRUE(key.handle()); | 814 EXPECT_TRUE(key.handle()); |
846 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 815 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
847 ASSERT_STATUS_SUCCESS( | 816 ASSERT_STATUS_SUCCESS( |
848 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_bytes)); | 817 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_bytes)); |
849 keys.push_back(key_bytes); | 818 keys.push_back(key_bytes); |
850 } | 819 } |
851 // Ensure all entries in the key sample set are unique. This is a simplistic | 820 // Ensure all entries in the key sample set are unique. This is a simplistic |
852 // estimate of whether the generated keys appear random. | 821 // estimate of whether the generated keys appear random. |
853 EXPECT_FALSE(CopiesExist(keys)); | 822 EXPECT_FALSE(CopiesExist(keys)); |
854 } | 823 } |
855 } | 824 } |
856 | 825 |
857 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyAesBadLength)) { | 826 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyAesBadLength)) { |
858 const unsigned short kKeyLen[] = {0, 127, 257}; | 827 const unsigned short kKeyLen[] = {0, 127, 257}; |
859 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 828 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
860 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLen); ++i) { | 829 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLen); ++i) { |
861 SCOPED_TRACE(i); | 830 SCOPED_TRACE(i); |
862 EXPECT_STATUS(Status::ErrorGenerateKeyLength(), GenerateSecretKey( | 831 EXPECT_STATUS(Status::ErrorGenerateKeyLength(), |
863 CreateAesCbcKeyGenAlgorithm(kKeyLen[i]), true, 0, &key)); | 832 GenerateSecretKey( |
864 EXPECT_STATUS(Status::ErrorGenerateKeyLength(), GenerateSecretKey( | 833 CreateAesCbcKeyGenAlgorithm(kKeyLen[i]), true, 0, &key)); |
865 CreateAesGcmKeyGenAlgorithm(kKeyLen[i]), true, 0, &key)); | 834 EXPECT_STATUS(Status::ErrorGenerateKeyLength(), |
866 EXPECT_STATUS(Status::ErrorGenerateKeyLength(), GenerateSecretKey( | 835 GenerateSecretKey( |
867 CreateAesKwKeyGenAlgorithm(kKeyLen[i]), true, 0, &key)); | 836 CreateAesGcmKeyGenAlgorithm(kKeyLen[i]), true, 0, &key)); |
| 837 EXPECT_STATUS(Status::ErrorGenerateKeyLength(), |
| 838 GenerateSecretKey( |
| 839 CreateAesKwKeyGenAlgorithm(kKeyLen[i]), true, 0, &key)); |
868 } | 840 } |
869 } | 841 } |
870 | 842 |
871 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyHmac)) { | 843 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyHmac)) { |
872 // Generate a small sample of HMAC keys. | 844 // Generate a small sample of HMAC keys. |
873 std::vector<blink::WebArrayBuffer> keys; | 845 std::vector<blink::WebArrayBuffer> keys; |
874 for (int i = 0; i < 16; ++i) { | 846 for (int i = 0; i < 16; ++i) { |
875 blink::WebArrayBuffer key_bytes; | 847 blink::WebArrayBuffer key_bytes; |
876 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 848 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
877 blink::WebCryptoAlgorithm algorithm = CreateHmacKeyGenAlgorithm( | 849 blink::WebCryptoAlgorithm algorithm = |
878 blink::WebCryptoAlgorithmIdSha1, 64); | 850 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 64); |
879 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); | 851 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); |
880 EXPECT_FALSE(key.isNull()); | 852 EXPECT_FALSE(key.isNull()); |
881 EXPECT_TRUE(key.handle()); | 853 EXPECT_TRUE(key.handle()); |
882 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 854 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
883 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); | 855 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); |
884 | 856 |
885 blink::WebArrayBuffer raw_key; | 857 blink::WebArrayBuffer raw_key; |
886 ASSERT_STATUS_SUCCESS( | 858 ASSERT_STATUS_SUCCESS( |
887 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 859 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
888 EXPECT_EQ(64U, raw_key.byteLength()); | 860 EXPECT_EQ(64U, raw_key.byteLength()); |
889 keys.push_back(raw_key); | 861 keys.push_back(raw_key); |
890 } | 862 } |
891 // Ensure all entries in the key sample set are unique. This is a simplistic | 863 // Ensure all entries in the key sample set are unique. This is a simplistic |
892 // estimate of whether the generated keys appear random. | 864 // estimate of whether the generated keys appear random. |
893 EXPECT_FALSE(CopiesExist(keys)); | 865 EXPECT_FALSE(CopiesExist(keys)); |
894 } | 866 } |
895 | 867 |
896 // If the key length is not provided, then the block size is used. | 868 // If the key length is not provided, then the block size is used. |
897 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyHmacNoLength)) { | 869 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyHmacNoLength)) { |
898 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 870 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
899 blink::WebCryptoAlgorithm algorithm = | 871 blink::WebCryptoAlgorithm algorithm = |
900 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 0); | 872 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 0); |
901 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); | 873 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); |
902 EXPECT_TRUE(key.handle()); | 874 EXPECT_TRUE(key.handle()); |
903 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 875 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
904 blink::WebArrayBuffer raw_key; | 876 blink::WebArrayBuffer raw_key; |
905 ASSERT_STATUS_SUCCESS( | 877 ASSERT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
906 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | |
907 EXPECT_EQ(64U, raw_key.byteLength()); | 878 EXPECT_EQ(64U, raw_key.byteLength()); |
908 | 879 |
909 // The block size for HMAC SHA-512 is larger. | 880 // The block size for HMAC SHA-512 is larger. |
910 algorithm = CreateHmacKeyGenAlgorithm( | 881 algorithm = CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha512, 0); |
911 blink::WebCryptoAlgorithmIdSha512, 0); | |
912 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); | 882 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); |
913 ASSERT_STATUS_SUCCESS( | 883 ASSERT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
914 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | |
915 EXPECT_EQ(128U, raw_key.byteLength()); | 884 EXPECT_EQ(128U, raw_key.byteLength()); |
916 } | 885 } |
917 | 886 |
918 TEST_F(SharedCryptoTest, MAYBE(ImportSecretKeyNoAlgorithm)) { | 887 TEST_F(SharedCryptoTest, MAYBE(ImportSecretKeyNoAlgorithm)) { |
919 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 888 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
920 | 889 |
921 // This fails because the algorithm is null. | 890 // This fails because the algorithm is null. |
922 EXPECT_STATUS(Status::ErrorMissingAlgorithmImportRawKey(), ImportKeyInternal( | 891 EXPECT_STATUS(Status::ErrorMissingAlgorithmImportRawKey(), |
923 blink::WebCryptoKeyFormatRaw, | 892 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
924 HexStringToBytes("00000000000000000000"), | 893 HexStringToBytes("00000000000000000000"), |
925 blink::WebCryptoAlgorithm::createNull(), | 894 blink::WebCryptoAlgorithm::createNull(), |
926 true, | 895 true, |
927 blink::WebCryptoKeyUsageEncrypt, | 896 blink::WebCryptoKeyUsageEncrypt, |
928 &key)); | 897 &key)); |
929 } | 898 } |
930 | 899 |
931 TEST_F(SharedCryptoTest, ImportJwkFailures) { | 900 TEST_F(SharedCryptoTest, ImportJwkFailures) { |
932 | 901 |
933 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 902 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
934 blink::WebCryptoAlgorithm algorithm = | 903 blink::WebCryptoAlgorithm algorithm = |
935 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); | 904 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); |
936 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; | 905 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; |
937 | 906 |
938 // Baseline pass: each test below breaks a single item, so we start with a | 907 // Baseline pass: each test below breaks a single item, so we start with a |
939 // passing case to make sure each failure is caused by the isolated break. | 908 // passing case to make sure each failure is caused by the isolated break. |
940 // Each breaking subtest below resets the dictionary to this passing case when | 909 // Each breaking subtest below resets the dictionary to this passing case when |
941 // complete. | 910 // complete. |
942 base::DictionaryValue dict; | 911 base::DictionaryValue dict; |
943 RestoreJwkOctDictionary(&dict); | 912 RestoreJwkOctDictionary(&dict); |
944 EXPECT_STATUS_SUCCESS(ImportKeyJwk( | 913 EXPECT_STATUS_SUCCESS( |
945 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 914 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
946 | 915 |
947 // Fail on empty JSON. | 916 // Fail on empty JSON. |
948 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), ImportKeyJwk( | 917 EXPECT_STATUS( |
949 MakeJsonVector(""), algorithm, false, usage_mask, &key)); | 918 Status::ErrorImportEmptyKeyData(), |
| 919 ImportKeyJwk(MakeJsonVector(""), algorithm, false, usage_mask, &key)); |
950 | 920 |
951 // Fail on invalid JSON. | 921 // Fail on invalid JSON. |
952 const std::vector<uint8> bad_json_vec = MakeJsonVector( | 922 const std::vector<uint8> bad_json_vec = MakeJsonVector( |
953 "{" | 923 "{" |
954 "\"kty\" : \"oct\"," | 924 "\"kty\" : \"oct\"," |
955 "\"alg\" : \"HS256\"," | 925 "\"alg\" : \"HS256\"," |
956 "\"use\" : " | 926 "\"use\" : "); |
957 ); | |
958 EXPECT_STATUS(Status::ErrorJwkNotDictionary(), | 927 EXPECT_STATUS(Status::ErrorJwkNotDictionary(), |
959 ImportKeyJwk(bad_json_vec, algorithm, false, usage_mask, &key)); | 928 ImportKeyJwk(bad_json_vec, algorithm, false, usage_mask, &key)); |
960 | 929 |
961 // Fail on JWK alg present but unrecognized. | 930 // Fail on JWK alg present but unrecognized. |
962 dict.SetString("alg", "A127CBC"); | 931 dict.SetString("alg", "A127CBC"); |
963 EXPECT_STATUS(Status::ErrorJwkUnrecognizedAlgorithm(), ImportKeyJwk( | 932 EXPECT_STATUS( |
964 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 933 Status::ErrorJwkUnrecognizedAlgorithm(), |
| 934 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
965 RestoreJwkOctDictionary(&dict); | 935 RestoreJwkOctDictionary(&dict); |
966 | 936 |
967 // Fail on both JWK and input algorithm missing. | 937 // Fail on both JWK and input algorithm missing. |
968 dict.Remove("alg", NULL); | 938 dict.Remove("alg", NULL); |
969 EXPECT_STATUS( | 939 EXPECT_STATUS(Status::ErrorJwkAlgorithmMissing(), |
970 Status::ErrorJwkAlgorithmMissing(), | 940 ImportKeyJwk(MakeJsonVector(dict), |
971 ImportKeyJwk(MakeJsonVector(dict), | 941 blink::WebCryptoAlgorithm::createNull(), |
972 blink::WebCryptoAlgorithm::createNull(), | 942 false, |
973 false, | 943 usage_mask, |
974 usage_mask, | 944 &key)); |
975 &key)); | |
976 RestoreJwkOctDictionary(&dict); | 945 RestoreJwkOctDictionary(&dict); |
977 | 946 |
978 // Fail on invalid kty. | 947 // Fail on invalid kty. |
979 dict.SetString("kty", "foo"); | 948 dict.SetString("kty", "foo"); |
980 EXPECT_STATUS(Status::ErrorJwkUnrecognizedKty(), ImportKeyJwk( | 949 EXPECT_STATUS( |
981 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 950 Status::ErrorJwkUnrecognizedKty(), |
| 951 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
982 RestoreJwkOctDictionary(&dict); | 952 RestoreJwkOctDictionary(&dict); |
983 | 953 |
984 // Fail on missing kty. | 954 // Fail on missing kty. |
985 dict.Remove("kty", NULL); | 955 dict.Remove("kty", NULL); |
986 EXPECT_STATUS( | 956 EXPECT_STATUS( |
987 Status::ErrorJwkPropertyMissing("kty"), | 957 Status::ErrorJwkPropertyMissing("kty"), |
988 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 958 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
989 RestoreJwkOctDictionary(&dict); | 959 RestoreJwkOctDictionary(&dict); |
990 | 960 |
991 // Fail on kty wrong type. | 961 // Fail on kty wrong type. |
992 dict.SetDouble("kty", 0.1); | 962 dict.SetDouble("kty", 0.1); |
993 EXPECT_STATUS( | 963 EXPECT_STATUS( |
994 Status::ErrorJwkPropertyWrongType("kty", "string"), | 964 Status::ErrorJwkPropertyWrongType("kty", "string"), |
995 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 965 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
996 RestoreJwkOctDictionary(&dict); | 966 RestoreJwkOctDictionary(&dict); |
997 | 967 |
998 // Fail on invalid use. | 968 // Fail on invalid use. |
999 dict.SetString("use", "foo"); | 969 dict.SetString("use", "foo"); |
1000 EXPECT_STATUS(Status::ErrorJwkUnrecognizedUsage(), ImportKeyJwk( | 970 EXPECT_STATUS( |
1001 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 971 Status::ErrorJwkUnrecognizedUsage(), |
| 972 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1002 RestoreJwkOctDictionary(&dict); | 973 RestoreJwkOctDictionary(&dict); |
1003 | 974 |
1004 // Fail on invalid use (wrong type). | 975 // Fail on invalid use (wrong type). |
1005 dict.SetBoolean("use", true); | 976 dict.SetBoolean("use", true); |
1006 EXPECT_STATUS( | 977 EXPECT_STATUS( |
1007 Status::ErrorJwkPropertyWrongType("use", "string"), | 978 Status::ErrorJwkPropertyWrongType("use", "string"), |
1008 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 979 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1009 RestoreJwkOctDictionary(&dict); | 980 RestoreJwkOctDictionary(&dict); |
1010 | 981 |
1011 // Fail on invalid extractable (wrong type). | 982 // Fail on invalid extractable (wrong type). |
1012 dict.SetInteger("extractable", 0); | 983 dict.SetInteger("extractable", 0); |
1013 EXPECT_STATUS( | 984 EXPECT_STATUS( |
1014 Status::ErrorJwkPropertyWrongType("extractable", "boolean"), | 985 Status::ErrorJwkPropertyWrongType("extractable", "boolean"), |
1015 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 986 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1016 RestoreJwkOctDictionary(&dict); | 987 RestoreJwkOctDictionary(&dict); |
1017 } | 988 } |
1018 | 989 |
1019 TEST_F(SharedCryptoTest, ImportJwkOctFailures) { | 990 TEST_F(SharedCryptoTest, ImportJwkOctFailures) { |
1020 | 991 |
1021 base::DictionaryValue dict; | 992 base::DictionaryValue dict; |
1022 RestoreJwkOctDictionary(&dict); | 993 RestoreJwkOctDictionary(&dict); |
1023 blink::WebCryptoAlgorithm algorithm = | 994 blink::WebCryptoAlgorithm algorithm = |
1024 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); | 995 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); |
1025 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; | 996 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; |
1026 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 997 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1027 | 998 |
1028 // Baseline pass. | 999 // Baseline pass. |
1029 EXPECT_STATUS_SUCCESS(ImportKeyJwk( | 1000 EXPECT_STATUS_SUCCESS( |
1030 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1001 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1031 EXPECT_EQ(algorithm.id(), key.algorithm().id()); | 1002 EXPECT_EQ(algorithm.id(), key.algorithm().id()); |
1032 EXPECT_FALSE(key.extractable()); | 1003 EXPECT_FALSE(key.extractable()); |
1033 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); | 1004 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); |
1034 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 1005 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
1035 | 1006 |
1036 // The following are specific failure cases for when kty = "oct". | 1007 // The following are specific failure cases for when kty = "oct". |
1037 | 1008 |
1038 // Fail on missing k. | 1009 // Fail on missing k. |
1039 dict.Remove("k", NULL); | 1010 dict.Remove("k", NULL); |
1040 EXPECT_STATUS( | 1011 EXPECT_STATUS( |
1041 Status::ErrorJwkPropertyMissing("k"), | 1012 Status::ErrorJwkPropertyMissing("k"), |
1042 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1013 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1043 RestoreJwkOctDictionary(&dict); | 1014 RestoreJwkOctDictionary(&dict); |
1044 | 1015 |
1045 // Fail on bad b64 encoding for k. | 1016 // Fail on bad b64 encoding for k. |
1046 dict.SetString("k", "Qk3f0DsytU8lfza2au #$% Htaw2xpop9GYyTuH0p5GghxTI="); | 1017 dict.SetString("k", "Qk3f0DsytU8lfza2au #$% Htaw2xpop9GYyTuH0p5GghxTI="); |
1047 EXPECT_STATUS( | 1018 EXPECT_STATUS( |
1048 Status::ErrorJwkBase64Decode("k"), | 1019 Status::ErrorJwkBase64Decode("k"), |
1049 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1020 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1050 RestoreJwkOctDictionary(&dict); | 1021 RestoreJwkOctDictionary(&dict); |
1051 | 1022 |
1052 // Fail on empty k. | 1023 // Fail on empty k. |
1053 dict.SetString("k", ""); | 1024 dict.SetString("k", ""); |
1054 EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), ImportKeyJwk( | 1025 EXPECT_STATUS( |
1055 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1026 Status::ErrorJwkIncorrectKeyLength(), |
| 1027 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1056 RestoreJwkOctDictionary(&dict); | 1028 RestoreJwkOctDictionary(&dict); |
1057 | 1029 |
1058 // Fail on k actual length (120 bits) inconsistent with the embedded JWK alg | 1030 // Fail on k actual length (120 bits) inconsistent with the embedded JWK alg |
1059 // value (128) for an AES key. | 1031 // value (128) for an AES key. |
1060 dict.SetString("k", "AVj42h0Y5aqGtE3yluKL"); | 1032 dict.SetString("k", "AVj42h0Y5aqGtE3yluKL"); |
1061 EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), ImportKeyJwk( | 1033 EXPECT_STATUS( |
1062 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1034 Status::ErrorJwkIncorrectKeyLength(), |
| 1035 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1063 RestoreJwkOctDictionary(&dict); | 1036 RestoreJwkOctDictionary(&dict); |
1064 | 1037 |
1065 // Fail on k actual length (192 bits) inconsistent with the embedded JWK alg | 1038 // Fail on k actual length (192 bits) inconsistent with the embedded JWK alg |
1066 // value (128) for an AES key. | 1039 // value (128) for an AES key. |
1067 dict.SetString("k", "dGhpcyAgaXMgIDI0ICBieXRlcyBsb25n"); | 1040 dict.SetString("k", "dGhpcyAgaXMgIDI0ICBieXRlcyBsb25n"); |
1068 EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), ImportKeyJwk( | 1041 EXPECT_STATUS( |
1069 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1042 Status::ErrorJwkIncorrectKeyLength(), |
| 1043 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1070 RestoreJwkOctDictionary(&dict); | 1044 RestoreJwkOctDictionary(&dict); |
1071 } | 1045 } |
1072 | 1046 |
1073 TEST_F(SharedCryptoTest, MAYBE(ImportJwkRsaFailures)) { | 1047 TEST_F(SharedCryptoTest, MAYBE(ImportJwkRsaFailures)) { |
1074 | 1048 |
1075 base::DictionaryValue dict; | 1049 base::DictionaryValue dict; |
1076 RestoreJwkRsaDictionary(&dict); | 1050 RestoreJwkRsaDictionary(&dict); |
1077 blink::WebCryptoAlgorithm algorithm = | 1051 blink::WebCryptoAlgorithm algorithm = |
1078 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 1052 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
1079 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; | 1053 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; |
1080 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1054 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1081 | 1055 |
1082 // An RSA public key JWK _must_ have an "n" (modulus) and an "e" (exponent) | 1056 // An RSA public key JWK _must_ have an "n" (modulus) and an "e" (exponent) |
1083 // entry, while an RSA private key must have those plus at least a "d" | 1057 // entry, while an RSA private key must have those plus at least a "d" |
1084 // (private exponent) entry. | 1058 // (private exponent) entry. |
1085 // See http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-18, | 1059 // See http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-18, |
1086 // section 6.3. | 1060 // section 6.3. |
1087 | 1061 |
1088 // Baseline pass. | 1062 // Baseline pass. |
1089 EXPECT_STATUS_SUCCESS(ImportKeyJwk( | 1063 EXPECT_STATUS_SUCCESS( |
1090 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1064 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1091 EXPECT_EQ(algorithm.id(), key.algorithm().id()); | 1065 EXPECT_EQ(algorithm.id(), key.algorithm().id()); |
1092 EXPECT_FALSE(key.extractable()); | 1066 EXPECT_FALSE(key.extractable()); |
1093 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); | 1067 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); |
1094 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); | 1068 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); |
1095 | 1069 |
1096 // The following are specific failure cases for when kty = "RSA". | 1070 // The following are specific failure cases for when kty = "RSA". |
1097 | 1071 |
1098 // Fail if either "n" or "e" is not present or malformed. | 1072 // Fail if either "n" or "e" is not present or malformed. |
1099 const std::string kKtyParmName[] = {"n", "e"}; | 1073 const std::string kKtyParmName[] = {"n", "e"}; |
1100 for (size_t idx = 0; idx < ARRAYSIZE_UNSAFE(kKtyParmName); ++idx) { | 1074 for (size_t idx = 0; idx < ARRAYSIZE_UNSAFE(kKtyParmName); ++idx) { |
1101 | 1075 |
1102 // Fail on missing parameter. | 1076 // Fail on missing parameter. |
1103 dict.Remove(kKtyParmName[idx], NULL); | 1077 dict.Remove(kKtyParmName[idx], NULL); |
1104 EXPECT_STATUS_ERROR(ImportKeyJwk( | 1078 EXPECT_STATUS_ERROR( |
1105 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1079 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1106 RestoreJwkRsaDictionary(&dict); | 1080 RestoreJwkRsaDictionary(&dict); |
1107 | 1081 |
1108 // Fail on bad b64 parameter encoding. | 1082 // Fail on bad b64 parameter encoding. |
1109 dict.SetString(kKtyParmName[idx], "Qk3f0DsytU8lfza2au #$% Htaw2xpop9yTuH0"); | 1083 dict.SetString(kKtyParmName[idx], "Qk3f0DsytU8lfza2au #$% Htaw2xpop9yTuH0"); |
1110 EXPECT_STATUS_ERROR(ImportKeyJwk( | 1084 EXPECT_STATUS_ERROR( |
1111 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1085 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1112 RestoreJwkRsaDictionary(&dict); | 1086 RestoreJwkRsaDictionary(&dict); |
1113 | 1087 |
1114 // Fail on empty parameter. | 1088 // Fail on empty parameter. |
1115 dict.SetString(kKtyParmName[idx], ""); | 1089 dict.SetString(kKtyParmName[idx], ""); |
1116 EXPECT_STATUS_ERROR(ImportKeyJwk( | 1090 EXPECT_STATUS_ERROR( |
1117 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1091 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1118 RestoreJwkRsaDictionary(&dict); | 1092 RestoreJwkRsaDictionary(&dict); |
1119 } | 1093 } |
1120 | 1094 |
1121 // Fail if "d" parameter is present, implying the JWK is a private key, which | 1095 // Fail if "d" parameter is present, implying the JWK is a private key, which |
1122 // is not supported. | 1096 // is not supported. |
1123 dict.SetString("d", "Qk3f0Dsyt"); | 1097 dict.SetString("d", "Qk3f0Dsyt"); |
1124 EXPECT_STATUS(Status::ErrorJwkRsaPrivateKeyUnsupported(), ImportKeyJwk( | 1098 EXPECT_STATUS( |
1125 MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1099 Status::ErrorJwkRsaPrivateKeyUnsupported(), |
| 1100 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1126 RestoreJwkRsaDictionary(&dict); | 1101 RestoreJwkRsaDictionary(&dict); |
1127 } | 1102 } |
1128 | 1103 |
1129 TEST_F(SharedCryptoTest, MAYBE(ImportJwkInputConsistency)) { | 1104 TEST_F(SharedCryptoTest, MAYBE(ImportJwkInputConsistency)) { |
1130 // The Web Crypto spec says that if a JWK value is present, but is | 1105 // The Web Crypto spec says that if a JWK value is present, but is |
1131 // inconsistent with the input value, the operation must fail. | 1106 // inconsistent with the input value, the operation must fail. |
1132 | 1107 |
1133 // Consistency rules when JWK value is not present: Inputs should be used. | 1108 // Consistency rules when JWK value is not present: Inputs should be used. |
1134 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1109 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1135 bool extractable = false; | 1110 bool extractable = false; |
1136 blink::WebCryptoAlgorithm algorithm = | 1111 blink::WebCryptoAlgorithm algorithm = |
1137 CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256); | 1112 CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256); |
1138 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageVerify; | 1113 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageVerify; |
1139 base::DictionaryValue dict; | 1114 base::DictionaryValue dict; |
1140 dict.SetString("kty", "oct"); | 1115 dict.SetString("kty", "oct"); |
1141 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); | 1116 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); |
1142 std::vector<uint8> json_vec = MakeJsonVector(dict); | 1117 std::vector<uint8> json_vec = MakeJsonVector(dict); |
1143 EXPECT_STATUS_SUCCESS(ImportKeyJwk( | 1118 EXPECT_STATUS_SUCCESS( |
1144 json_vec, algorithm, extractable, usage_mask, &key)); | 1119 ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key)); |
1145 EXPECT_TRUE(key.handle()); | 1120 EXPECT_TRUE(key.handle()); |
1146 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 1121 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
1147 EXPECT_EQ(extractable, key.extractable()); | 1122 EXPECT_EQ(extractable, key.extractable()); |
1148 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); | 1123 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); |
1149 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, | 1124 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, |
1150 key.algorithm().hmacParams()->hash().id()); | 1125 key.algorithm().hmacParams()->hash().id()); |
1151 EXPECT_EQ(blink::WebCryptoKeyUsageVerify, key.usages()); | 1126 EXPECT_EQ(blink::WebCryptoKeyUsageVerify, key.usages()); |
1152 key = blink::WebCryptoKey::createNull(); | 1127 key = blink::WebCryptoKey::createNull(); |
1153 | 1128 |
1154 // Consistency rules when JWK value exists: Fail if inconsistency is found. | 1129 // Consistency rules when JWK value exists: Fail if inconsistency is found. |
1155 | 1130 |
1156 // Pass: All input values are consistent with the JWK values. | 1131 // Pass: All input values are consistent with the JWK values. |
1157 dict.Clear(); | 1132 dict.Clear(); |
1158 dict.SetString("kty", "oct"); | 1133 dict.SetString("kty", "oct"); |
1159 dict.SetString("alg", "HS256"); | 1134 dict.SetString("alg", "HS256"); |
1160 dict.SetString("use", "sig"); | 1135 dict.SetString("use", "sig"); |
1161 dict.SetBoolean("extractable", false); | 1136 dict.SetBoolean("extractable", false); |
1162 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); | 1137 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); |
1163 json_vec = MakeJsonVector(dict); | 1138 json_vec = MakeJsonVector(dict); |
1164 EXPECT_STATUS_SUCCESS( | 1139 EXPECT_STATUS_SUCCESS( |
1165 ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key)); | 1140 ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key)); |
1166 | 1141 |
1167 // Extractable cases: | 1142 // Extractable cases: |
1168 // 1. input=T, JWK=F ==> fail (inconsistent) | 1143 // 1. input=T, JWK=F ==> fail (inconsistent) |
1169 // 4. input=F, JWK=F ==> pass, result extractable is F | 1144 // 4. input=F, JWK=F ==> pass, result extractable is F |
1170 // 2. input=T, JWK=T ==> pass, result extractable is T | 1145 // 2. input=T, JWK=T ==> pass, result extractable is T |
1171 // 3. input=F, JWK=T ==> pass, result extractable is F | 1146 // 3. input=F, JWK=T ==> pass, result extractable is F |
1172 EXPECT_STATUS(Status::ErrorJwkExtractableInconsistent(), | 1147 EXPECT_STATUS(Status::ErrorJwkExtractableInconsistent(), |
1173 ImportKeyJwk(json_vec, algorithm, true, usage_mask, &key)); | 1148 ImportKeyJwk(json_vec, algorithm, true, usage_mask, &key)); |
1174 EXPECT_STATUS_SUCCESS( | 1149 EXPECT_STATUS_SUCCESS( |
1175 ImportKeyJwk(json_vec, algorithm, false, usage_mask, &key)); | 1150 ImportKeyJwk(json_vec, algorithm, false, usage_mask, &key)); |
1176 EXPECT_FALSE(key.extractable()); | 1151 EXPECT_FALSE(key.extractable()); |
1177 dict.SetBoolean("extractable", true); | 1152 dict.SetBoolean("extractable", true); |
1178 EXPECT_STATUS_SUCCESS( | 1153 EXPECT_STATUS_SUCCESS( |
1179 ImportKeyJwk(MakeJsonVector(dict), algorithm, true, usage_mask, &key)); | 1154 ImportKeyJwk(MakeJsonVector(dict), algorithm, true, usage_mask, &key)); |
1180 EXPECT_TRUE(key.extractable()); | 1155 EXPECT_TRUE(key.extractable()); |
1181 EXPECT_STATUS_SUCCESS( | 1156 EXPECT_STATUS_SUCCESS( |
1182 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); | 1157 ImportKeyJwk(MakeJsonVector(dict), algorithm, false, usage_mask, &key)); |
1183 EXPECT_FALSE(key.extractable()); | 1158 EXPECT_FALSE(key.extractable()); |
1184 dict.SetBoolean("extractable", true); // restore previous value | 1159 dict.SetBoolean("extractable", true); // restore previous value |
1185 | 1160 |
1186 // Fail: Input algorithm (AES-CBC) is inconsistent with JWK value | 1161 // Fail: Input algorithm (AES-CBC) is inconsistent with JWK value |
1187 // (HMAC SHA256). | 1162 // (HMAC SHA256). |
1188 EXPECT_STATUS(Status::ErrorJwkAlgorithmInconsistent(), ImportKeyJwk( | 1163 EXPECT_STATUS(Status::ErrorJwkAlgorithmInconsistent(), |
1189 json_vec, | 1164 ImportKeyJwk(json_vec, |
1190 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 1165 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
1191 extractable, | 1166 extractable, |
1192 usage_mask, | 1167 usage_mask, |
1193 &key)); | 1168 &key)); |
1194 | 1169 |
1195 // Fail: Input algorithm (HMAC SHA1) is inconsistent with JWK value | 1170 // Fail: Input algorithm (HMAC SHA1) is inconsistent with JWK value |
1196 // (HMAC SHA256). | 1171 // (HMAC SHA256). |
1197 EXPECT_STATUS(Status::ErrorJwkAlgorithmInconsistent(), ImportKeyJwk( | 1172 EXPECT_STATUS( |
1198 json_vec, | 1173 Status::ErrorJwkAlgorithmInconsistent(), |
1199 CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha1), | 1174 ImportKeyJwk(json_vec, |
1200 extractable, | 1175 CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha1), |
1201 usage_mask, | 1176 extractable, |
1202 &key)); | 1177 usage_mask, |
| 1178 &key)); |
1203 | 1179 |
1204 // Pass: JWK alg valid but input algorithm isNull: use JWK algorithm value. | 1180 // Pass: JWK alg valid but input algorithm isNull: use JWK algorithm value. |
1205 EXPECT_STATUS_SUCCESS(ImportKeyJwk(json_vec, | 1181 EXPECT_STATUS_SUCCESS(ImportKeyJwk(json_vec, |
1206 blink::WebCryptoAlgorithm::createNull(), | 1182 blink::WebCryptoAlgorithm::createNull(), |
1207 extractable, | 1183 extractable, |
1208 usage_mask, | 1184 usage_mask, |
1209 &key)); | 1185 &key)); |
1210 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); | 1186 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); |
1211 | 1187 |
1212 // Pass: JWK alg missing but input algorithm specified: use input value | 1188 // Pass: JWK alg missing but input algorithm specified: use input value |
1213 dict.Remove("alg", NULL); | 1189 dict.Remove("alg", NULL); |
1214 EXPECT_STATUS_SUCCESS(ImportKeyJwk( | 1190 EXPECT_STATUS_SUCCESS(ImportKeyJwk( |
1215 MakeJsonVector(dict), | 1191 MakeJsonVector(dict), |
1216 CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256), | 1192 CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256), |
1217 extractable, | 1193 extractable, |
1218 usage_mask, | 1194 usage_mask, |
1219 &key)); | 1195 &key)); |
1220 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); | 1196 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); |
1221 dict.SetString("alg", "HS256"); | 1197 dict.SetString("alg", "HS256"); |
1222 | 1198 |
1223 // Fail: Input usage_mask (encrypt) is not a subset of the JWK value | 1199 // Fail: Input usage_mask (encrypt) is not a subset of the JWK value |
1224 // (sign|verify) | 1200 // (sign|verify) |
1225 EXPECT_STATUS(Status::ErrorJwkUsageInconsistent(), ImportKeyJwk( | 1201 EXPECT_STATUS(Status::ErrorJwkUsageInconsistent(), |
1226 json_vec, algorithm, extractable, blink::WebCryptoKeyUsageEncrypt, &key)); | 1202 ImportKeyJwk(json_vec, |
| 1203 algorithm, |
| 1204 extractable, |
| 1205 blink::WebCryptoKeyUsageEncrypt, |
| 1206 &key)); |
1227 | 1207 |
1228 // Fail: Input usage_mask (encrypt|sign|verify) is not a subset of the JWK | 1208 // Fail: Input usage_mask (encrypt|sign|verify) is not a subset of the JWK |
1229 // value (sign|verify) | 1209 // value (sign|verify) |
1230 usage_mask = blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageSign | | 1210 usage_mask = blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageSign | |
1231 blink::WebCryptoKeyUsageVerify; | 1211 blink::WebCryptoKeyUsageVerify; |
1232 EXPECT_STATUS( | 1212 EXPECT_STATUS( |
1233 Status::ErrorJwkUsageInconsistent(), | 1213 Status::ErrorJwkUsageInconsistent(), |
1234 ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key)); | 1214 ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key)); |
1235 | 1215 |
1236 // TODO(padolph): kty vs alg consistency tests: Depending on the kty value, | 1216 // TODO(padolph): kty vs alg consistency tests: Depending on the kty value, |
(...skipping 17 matching lines...) Expand all Loading... |
1254 // Uses the first SHA256 test vector from the HMAC sample set above. | 1234 // Uses the first SHA256 test vector from the HMAC sample set above. |
1255 | 1235 |
1256 base::DictionaryValue dict; | 1236 base::DictionaryValue dict; |
1257 dict.SetString("kty", "oct"); | 1237 dict.SetString("kty", "oct"); |
1258 dict.SetString("alg", "HS256"); | 1238 dict.SetString("alg", "HS256"); |
1259 dict.SetString("use", "sig"); | 1239 dict.SetString("use", "sig"); |
1260 dict.SetBoolean("extractable", false); | 1240 dict.SetBoolean("extractable", false); |
1261 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); | 1241 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); |
1262 std::vector<uint8> json_vec = MakeJsonVector(dict); | 1242 std::vector<uint8> json_vec = MakeJsonVector(dict); |
1263 | 1243 |
1264 ASSERT_STATUS_SUCCESS(ImportKeyJwk( | 1244 ASSERT_STATUS_SUCCESS( |
1265 json_vec, algorithm, extractable, usage_mask, &key)); | 1245 ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key)); |
1266 | 1246 |
1267 const std::vector<uint8> message_raw = HexStringToBytes( | 1247 const std::vector<uint8> message_raw = HexStringToBytes( |
1268 "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a" | 1248 "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a" |
1269 "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92" | 1249 "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92" |
1270 "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f" | 1250 "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f" |
1271 "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e"); | 1251 "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e"); |
1272 | 1252 |
1273 blink::WebArrayBuffer output; | 1253 blink::WebArrayBuffer output; |
1274 | 1254 |
1275 ASSERT_STATUS_SUCCESS(SignInternal(algorithm, key, message_raw, &output)); | 1255 ASSERT_STATUS_SUCCESS(SignInternal(algorithm, key, message_raw, &output)); |
(...skipping 15 matching lines...) Expand all Loading... |
1291 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 1271 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1292 true, | 1272 true, |
1293 blink::WebCryptoKeyUsageEncrypt, | 1273 blink::WebCryptoKeyUsageEncrypt, |
1294 &key)); | 1274 &key)); |
1295 EXPECT_TRUE(key.handle()); | 1275 EXPECT_TRUE(key.handle()); |
1296 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); | 1276 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); |
1297 EXPECT_TRUE(key.extractable()); | 1277 EXPECT_TRUE(key.extractable()); |
1298 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); | 1278 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); |
1299 | 1279 |
1300 // Failing case: Empty SPKI data | 1280 // Failing case: Empty SPKI data |
1301 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), ImportKeyInternal( | 1281 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), |
1302 blink::WebCryptoKeyFormatSpki, | 1282 ImportKeyInternal(blink::WebCryptoKeyFormatSpki, |
1303 std::vector<uint8>(), | 1283 std::vector<uint8>(), |
1304 blink::WebCryptoAlgorithm::createNull(), | 1284 blink::WebCryptoAlgorithm::createNull(), |
1305 true, | 1285 true, |
1306 blink::WebCryptoKeyUsageEncrypt, | 1286 blink::WebCryptoKeyUsageEncrypt, |
1307 &key)); | 1287 &key)); |
1308 | 1288 |
1309 // Failing case: Import RSA key with NULL input algorithm. This is not | 1289 // Failing case: Import RSA key with NULL input algorithm. This is not |
1310 // allowed because the SPKI ASN.1 format for RSA keys is not specific enough | 1290 // allowed because the SPKI ASN.1 format for RSA keys is not specific enough |
1311 // to map to a Web Crypto algorithm. | 1291 // to map to a Web Crypto algorithm. |
1312 EXPECT_STATUS(Status::Error(), ImportKeyInternal( | 1292 EXPECT_STATUS(Status::Error(), |
1313 blink::WebCryptoKeyFormatSpki, | 1293 ImportKeyInternal(blink::WebCryptoKeyFormatSpki, |
1314 HexStringToBytes(kPublicKeySpkiDerHex), | 1294 HexStringToBytes(kPublicKeySpkiDerHex), |
1315 blink::WebCryptoAlgorithm::createNull(), | 1295 blink::WebCryptoAlgorithm::createNull(), |
1316 true, | 1296 true, |
1317 blink::WebCryptoKeyUsageEncrypt, | 1297 blink::WebCryptoKeyUsageEncrypt, |
1318 &key)); | 1298 &key)); |
1319 | 1299 |
1320 // Failing case: Bad DER encoding. | 1300 // Failing case: Bad DER encoding. |
1321 EXPECT_STATUS(Status::Error(), ImportKeyInternal( | 1301 EXPECT_STATUS(Status::Error(), |
1322 blink::WebCryptoKeyFormatSpki, | 1302 ImportKeyInternal( |
1323 HexStringToBytes("618333c4cb"), | 1303 blink::WebCryptoKeyFormatSpki, |
1324 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 1304 HexStringToBytes("618333c4cb"), |
1325 true, | 1305 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1326 blink::WebCryptoKeyUsageEncrypt, | 1306 true, |
1327 &key)); | 1307 blink::WebCryptoKeyUsageEncrypt, |
| 1308 &key)); |
1328 | 1309 |
1329 // Failing case: Import RSA key but provide an inconsistent input algorithm. | 1310 // Failing case: Import RSA key but provide an inconsistent input algorithm. |
1330 EXPECT_STATUS(Status::Error(), ImportKeyInternal( | 1311 EXPECT_STATUS( |
1331 blink::WebCryptoKeyFormatSpki, | 1312 Status::Error(), |
1332 HexStringToBytes(kPublicKeySpkiDerHex), | 1313 ImportKeyInternal(blink::WebCryptoKeyFormatSpki, |
1333 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 1314 HexStringToBytes(kPublicKeySpkiDerHex), |
1334 true, | 1315 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
1335 blink::WebCryptoKeyUsageEncrypt, | 1316 true, |
1336 &key)); | 1317 blink::WebCryptoKeyUsageEncrypt, |
| 1318 &key)); |
1337 | 1319 |
1338 // Passing case: Export a previously imported RSA public key in SPKI format | 1320 // Passing case: Export a previously imported RSA public key in SPKI format |
1339 // and compare to original data. | 1321 // and compare to original data. |
1340 blink::WebArrayBuffer output; | 1322 blink::WebArrayBuffer output; |
1341 ASSERT_STATUS_SUCCESS( | 1323 ASSERT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); |
1342 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); | |
1343 ExpectArrayBufferMatchesHex(kPublicKeySpkiDerHex, output); | 1324 ExpectArrayBufferMatchesHex(kPublicKeySpkiDerHex, output); |
1344 | 1325 |
1345 // Failing case: Try to export a previously imported RSA public key in raw | 1326 // Failing case: Try to export a previously imported RSA public key in raw |
1346 // format (not allowed for a public key). | 1327 // format (not allowed for a public key). |
1347 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 1328 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), |
1348 ExportKey(blink::WebCryptoKeyFormatRaw, key, &output)); | 1329 ExportKey(blink::WebCryptoKeyFormatRaw, key, &output)); |
1349 | 1330 |
1350 // Failing case: Try to export a non-extractable key | 1331 // Failing case: Try to export a non-extractable key |
1351 ASSERT_STATUS_SUCCESS(ImportKeyInternal( | 1332 ASSERT_STATUS_SUCCESS(ImportKeyInternal( |
1352 blink::WebCryptoKeyFormatSpki, | 1333 blink::WebCryptoKeyFormatSpki, |
1353 HexStringToBytes(kPublicKeySpkiDerHex), | 1334 HexStringToBytes(kPublicKeySpkiDerHex), |
1354 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 1335 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1355 false, | 1336 false, |
1356 blink::WebCryptoKeyUsageEncrypt, | 1337 blink::WebCryptoKeyUsageEncrypt, |
1357 &key)); | 1338 &key)); |
1358 EXPECT_TRUE(key.handle()); | 1339 EXPECT_TRUE(key.handle()); |
1359 EXPECT_FALSE(key.extractable()); | 1340 EXPECT_FALSE(key.extractable()); |
1360 EXPECT_STATUS(Status::ErrorKeyNotExtractable(), | 1341 EXPECT_STATUS(Status::ErrorKeyNotExtractable(), |
1361 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); | 1342 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); |
1362 } | 1343 } |
1363 | 1344 |
1364 TEST_F(SharedCryptoTest, MAYBE(ImportPkcs8)) { | 1345 TEST_F(SharedCryptoTest, MAYBE(ImportPkcs8)) { |
1365 // Passing case: Import a valid RSA key in PKCS#8 format. | 1346 // Passing case: Import a valid RSA key in PKCS#8 format. |
1366 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1347 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1367 ASSERT_STATUS_SUCCESS(ImportKeyInternal( | 1348 ASSERT_STATUS_SUCCESS(ImportKeyInternal( |
1368 blink::WebCryptoKeyFormatPkcs8, | 1349 blink::WebCryptoKeyFormatPkcs8, |
1369 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 1350 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
1370 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), | 1351 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), |
1371 true, | 1352 true, |
1372 blink::WebCryptoKeyUsageSign, | 1353 blink::WebCryptoKeyUsageSign, |
1373 &key)); | 1354 &key)); |
1374 EXPECT_TRUE(key.handle()); | 1355 EXPECT_TRUE(key.handle()); |
1375 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, key.type()); | 1356 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, key.type()); |
1376 EXPECT_TRUE(key.extractable()); | 1357 EXPECT_TRUE(key.extractable()); |
1377 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages()); | 1358 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages()); |
1378 | 1359 |
1379 // Failing case: Empty PKCS#8 data | 1360 // Failing case: Empty PKCS#8 data |
1380 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), ImportKeyInternal( | 1361 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), |
1381 blink::WebCryptoKeyFormatPkcs8, | 1362 ImportKeyInternal(blink::WebCryptoKeyFormatPkcs8, |
1382 std::vector<uint8>(), | 1363 std::vector<uint8>(), |
1383 blink::WebCryptoAlgorithm::createNull(), | 1364 blink::WebCryptoAlgorithm::createNull(), |
1384 true, | 1365 true, |
1385 blink::WebCryptoKeyUsageSign, | 1366 blink::WebCryptoKeyUsageSign, |
1386 &key)); | 1367 &key)); |
1387 | 1368 |
1388 // Failing case: Import RSA key with NULL input algorithm. This is not | 1369 // Failing case: Import RSA key with NULL input algorithm. This is not |
1389 // allowed because the PKCS#8 ASN.1 format for RSA keys is not specific enough | 1370 // allowed because the PKCS#8 ASN.1 format for RSA keys is not specific enough |
1390 // to map to a Web Crypto algorithm. | 1371 // to map to a Web Crypto algorithm. |
1391 EXPECT_STATUS(Status::Error(), ImportKeyInternal( | 1372 EXPECT_STATUS(Status::Error(), |
1392 blink::WebCryptoKeyFormatPkcs8, | 1373 ImportKeyInternal(blink::WebCryptoKeyFormatPkcs8, |
1393 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 1374 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
1394 blink::WebCryptoAlgorithm::createNull(), | 1375 blink::WebCryptoAlgorithm::createNull(), |
1395 true, | 1376 true, |
1396 blink::WebCryptoKeyUsageSign, | 1377 blink::WebCryptoKeyUsageSign, |
1397 &key)); | 1378 &key)); |
1398 | 1379 |
1399 // Failing case: Bad DER encoding. | 1380 // Failing case: Bad DER encoding. |
1400 EXPECT_STATUS(Status::Error(), ImportKeyInternal( | 1381 EXPECT_STATUS(Status::Error(), |
1401 blink::WebCryptoKeyFormatPkcs8, | 1382 ImportKeyInternal( |
1402 HexStringToBytes("618333c4cb"), | 1383 blink::WebCryptoKeyFormatPkcs8, |
1403 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), | 1384 HexStringToBytes("618333c4cb"), |
1404 true, | 1385 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), |
1405 blink::WebCryptoKeyUsageSign, | 1386 true, |
1406 &key)); | 1387 blink::WebCryptoKeyUsageSign, |
| 1388 &key)); |
1407 | 1389 |
1408 // Failing case: Import RSA key but provide an inconsistent input algorithm. | 1390 // Failing case: Import RSA key but provide an inconsistent input algorithm. |
1409 EXPECT_STATUS(Status::Error(), ImportKeyInternal( | 1391 EXPECT_STATUS( |
1410 blink::WebCryptoKeyFormatPkcs8, | 1392 Status::Error(), |
1411 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 1393 ImportKeyInternal(blink::WebCryptoKeyFormatPkcs8, |
1412 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 1394 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
1413 true, | 1395 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
1414 blink::WebCryptoKeyUsageSign, | 1396 true, |
1415 &key)); | 1397 blink::WebCryptoKeyUsageSign, |
| 1398 &key)); |
1416 } | 1399 } |
1417 | 1400 |
1418 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyPairRsa)) { | 1401 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyPairRsa)) { |
1419 // Note: using unrealistic short key lengths here to avoid bogging down tests. | 1402 // Note: using unrealistic short key lengths here to avoid bogging down tests. |
1420 | 1403 |
1421 // Successful WebCryptoAlgorithmIdRsaEsPkcs1v1_5 key generation. | 1404 // Successful WebCryptoAlgorithmIdRsaEsPkcs1v1_5 key generation. |
1422 const unsigned int modulus_length = 256; | 1405 const unsigned int modulus_length = 256; |
1423 const std::vector<uint8> public_exponent = HexStringToBytes("010001"); | 1406 const std::vector<uint8> public_exponent = HexStringToBytes("010001"); |
1424 blink::WebCryptoAlgorithm algorithm = CreateRsaKeyGenAlgorithm( | 1407 blink::WebCryptoAlgorithm algorithm = |
1425 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | 1408 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
1426 modulus_length, | 1409 modulus_length, |
1427 public_exponent); | 1410 public_exponent); |
1428 bool extractable = false; | 1411 bool extractable = false; |
1429 const blink::WebCryptoKeyUsageMask usage_mask = 0; | 1412 const blink::WebCryptoKeyUsageMask usage_mask = 0; |
1430 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1413 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
1431 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 1414 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
1432 EXPECT_STATUS_SUCCESS(GenerateKeyPair( | 1415 EXPECT_STATUS_SUCCESS(GenerateKeyPair( |
1433 algorithm, extractable, usage_mask, &public_key, &private_key)); | 1416 algorithm, extractable, usage_mask, &public_key, &private_key)); |
1434 EXPECT_FALSE(public_key.isNull()); | 1417 EXPECT_FALSE(public_key.isNull()); |
1435 EXPECT_FALSE(private_key.isNull()); | 1418 EXPECT_FALSE(private_key.isNull()); |
1436 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 1419 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
1437 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 1420 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
1438 EXPECT_TRUE(public_key.extractable()); | 1421 EXPECT_TRUE(public_key.extractable()); |
1439 EXPECT_EQ(extractable, private_key.extractable()); | 1422 EXPECT_EQ(extractable, private_key.extractable()); |
1440 EXPECT_EQ(usage_mask, public_key.usages()); | 1423 EXPECT_EQ(usage_mask, public_key.usages()); |
1441 EXPECT_EQ(usage_mask, private_key.usages()); | 1424 EXPECT_EQ(usage_mask, private_key.usages()); |
1442 | 1425 |
1443 // Fail with bad modulus. | 1426 // Fail with bad modulus. |
1444 algorithm = CreateRsaKeyGenAlgorithm( | 1427 algorithm = CreateRsaKeyGenAlgorithm( |
1445 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, 0, public_exponent); | 1428 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, 0, public_exponent); |
1446 EXPECT_STATUS(Status::ErrorGenerateRsaZeroModulus(), GenerateKeyPair( | 1429 EXPECT_STATUS( |
1447 algorithm, extractable, usage_mask, &public_key, &private_key)); | 1430 Status::ErrorGenerateRsaZeroModulus(), |
| 1431 GenerateKeyPair( |
| 1432 algorithm, extractable, usage_mask, &public_key, &private_key)); |
1448 | 1433 |
1449 // Fail with bad exponent: larger than unsigned long. | 1434 // Fail with bad exponent: larger than unsigned long. |
1450 unsigned int exponent_length = sizeof(unsigned long) + 1; // NOLINT | 1435 unsigned int exponent_length = sizeof(unsigned long) + 1; // NOLINT |
1451 const std::vector<uint8> long_exponent(exponent_length, 0x01); | 1436 const std::vector<uint8> long_exponent(exponent_length, 0x01); |
1452 algorithm = CreateRsaKeyGenAlgorithm( | 1437 algorithm = CreateRsaKeyGenAlgorithm( |
1453 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | 1438 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, modulus_length, long_exponent); |
1454 modulus_length, | 1439 EXPECT_STATUS( |
1455 long_exponent); | 1440 Status::ErrorGenerateKeyPublicExponent(), |
1456 EXPECT_STATUS(Status::ErrorGenerateKeyPublicExponent(), | 1441 GenerateKeyPair( |
1457 GenerateKeyPair(algorithm, extractable, usage_mask, &public_key, | 1442 algorithm, extractable, usage_mask, &public_key, &private_key)); |
1458 &private_key)); | |
1459 | 1443 |
1460 // Fail with bad exponent: empty. | 1444 // Fail with bad exponent: empty. |
1461 const std::vector<uint8> empty_exponent; | 1445 const std::vector<uint8> empty_exponent; |
1462 algorithm = CreateRsaKeyGenAlgorithm( | 1446 algorithm = |
1463 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | 1447 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
1464 modulus_length, | 1448 modulus_length, |
1465 empty_exponent); | 1449 empty_exponent); |
1466 EXPECT_STATUS(Status::ErrorGenerateKeyPublicExponent(), | 1450 EXPECT_STATUS( |
1467 GenerateKeyPair(algorithm, extractable, usage_mask, &public_key, | 1451 Status::ErrorGenerateKeyPublicExponent(), |
1468 &private_key)); | 1452 GenerateKeyPair( |
| 1453 algorithm, extractable, usage_mask, &public_key, &private_key)); |
1469 | 1454 |
1470 // Fail with bad exponent: all zeros. | 1455 // Fail with bad exponent: all zeros. |
1471 std::vector<uint8> exponent_with_leading_zeros(15, 0x00); | 1456 std::vector<uint8> exponent_with_leading_zeros(15, 0x00); |
1472 algorithm = CreateRsaKeyGenAlgorithm( | 1457 algorithm = |
1473 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | 1458 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
1474 modulus_length, | 1459 modulus_length, |
1475 exponent_with_leading_zeros); | 1460 exponent_with_leading_zeros); |
1476 EXPECT_STATUS(Status::ErrorGenerateKeyPublicExponent(), | 1461 EXPECT_STATUS( |
1477 GenerateKeyPair(algorithm, extractable, usage_mask, &public_key, | 1462 Status::ErrorGenerateKeyPublicExponent(), |
1478 &private_key)); | 1463 GenerateKeyPair( |
| 1464 algorithm, extractable, usage_mask, &public_key, &private_key)); |
1479 | 1465 |
1480 // Key generation success using exponent with leading zeros. | 1466 // Key generation success using exponent with leading zeros. |
1481 exponent_with_leading_zeros.insert(exponent_with_leading_zeros.end(), | 1467 exponent_with_leading_zeros.insert(exponent_with_leading_zeros.end(), |
1482 public_exponent.begin(), | 1468 public_exponent.begin(), |
1483 public_exponent.end()); | 1469 public_exponent.end()); |
1484 algorithm = CreateRsaKeyGenAlgorithm( | 1470 algorithm = |
1485 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | 1471 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
1486 modulus_length, | 1472 modulus_length, |
1487 exponent_with_leading_zeros); | 1473 exponent_with_leading_zeros); |
1488 EXPECT_STATUS_SUCCESS(GenerateKeyPair( | 1474 EXPECT_STATUS_SUCCESS(GenerateKeyPair( |
1489 algorithm, extractable, usage_mask, &public_key, &private_key)); | 1475 algorithm, extractable, usage_mask, &public_key, &private_key)); |
1490 EXPECT_FALSE(public_key.isNull()); | 1476 EXPECT_FALSE(public_key.isNull()); |
1491 EXPECT_FALSE(private_key.isNull()); | 1477 EXPECT_FALSE(private_key.isNull()); |
1492 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 1478 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
1493 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 1479 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
1494 EXPECT_TRUE(public_key.extractable()); | 1480 EXPECT_TRUE(public_key.extractable()); |
1495 EXPECT_EQ(extractable, private_key.extractable()); | 1481 EXPECT_EQ(extractable, private_key.extractable()); |
1496 EXPECT_EQ(usage_mask, public_key.usages()); | 1482 EXPECT_EQ(usage_mask, public_key.usages()); |
1497 EXPECT_EQ(usage_mask, private_key.usages()); | 1483 EXPECT_EQ(usage_mask, private_key.usages()); |
1498 | 1484 |
1499 // Successful WebCryptoAlgorithmIdRsaOaep key generation. | 1485 // Successful WebCryptoAlgorithmIdRsaOaep key generation. |
1500 algorithm = CreateRsaKeyGenAlgorithm( | 1486 algorithm = CreateRsaKeyGenAlgorithm( |
1501 blink::WebCryptoAlgorithmIdRsaOaep, modulus_length, public_exponent); | 1487 blink::WebCryptoAlgorithmIdRsaOaep, modulus_length, public_exponent); |
1502 EXPECT_STATUS_SUCCESS(GenerateKeyPair( | 1488 EXPECT_STATUS_SUCCESS(GenerateKeyPair( |
1503 algorithm, extractable, usage_mask, &public_key, &private_key)); | 1489 algorithm, extractable, usage_mask, &public_key, &private_key)); |
1504 EXPECT_FALSE(public_key.isNull()); | 1490 EXPECT_FALSE(public_key.isNull()); |
1505 EXPECT_FALSE(private_key.isNull()); | 1491 EXPECT_FALSE(private_key.isNull()); |
1506 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 1492 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
1507 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 1493 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
1508 EXPECT_TRUE(public_key.extractable()); | 1494 EXPECT_TRUE(public_key.extractable()); |
1509 EXPECT_EQ(extractable, private_key.extractable()); | 1495 EXPECT_EQ(extractable, private_key.extractable()); |
1510 EXPECT_EQ(usage_mask, public_key.usages()); | 1496 EXPECT_EQ(usage_mask, public_key.usages()); |
1511 EXPECT_EQ(usage_mask, private_key.usages()); | 1497 EXPECT_EQ(usage_mask, private_key.usages()); |
1512 | 1498 |
1513 // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation. | 1499 // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation. |
1514 algorithm = CreateRsaKeyGenAlgorithm( | 1500 algorithm = |
1515 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1501 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
1516 modulus_length, | 1502 modulus_length, |
1517 public_exponent); | 1503 public_exponent); |
1518 EXPECT_STATUS_SUCCESS(GenerateKeyPair( | 1504 EXPECT_STATUS_SUCCESS( |
1519 algorithm, false, usage_mask, &public_key, &private_key)); | 1505 GenerateKeyPair(algorithm, false, usage_mask, &public_key, &private_key)); |
1520 EXPECT_FALSE(public_key.isNull()); | 1506 EXPECT_FALSE(public_key.isNull()); |
1521 EXPECT_FALSE(private_key.isNull()); | 1507 EXPECT_FALSE(private_key.isNull()); |
1522 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 1508 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
1523 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 1509 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
1524 // Even though "extractable" was set to false, the public key remains | 1510 // Even though "extractable" was set to false, the public key remains |
1525 // extractable. | 1511 // extractable. |
1526 EXPECT_TRUE(public_key.extractable()); | 1512 EXPECT_TRUE(public_key.extractable()); |
1527 EXPECT_FALSE(private_key.extractable()); | 1513 EXPECT_FALSE(private_key.extractable()); |
1528 EXPECT_EQ(usage_mask, public_key.usages()); | 1514 EXPECT_EQ(usage_mask, public_key.usages()); |
1529 EXPECT_EQ(usage_mask, private_key.usages()); | 1515 EXPECT_EQ(usage_mask, private_key.usages()); |
1530 | 1516 |
1531 // Exporting a private key as SPKI format doesn't make sense. However this | 1517 // Exporting a private key as SPKI format doesn't make sense. However this |
1532 // will first fail because the key is not extractable. | 1518 // will first fail because the key is not extractable. |
1533 blink::WebArrayBuffer output; | 1519 blink::WebArrayBuffer output; |
1534 EXPECT_STATUS(Status::ErrorKeyNotExtractable(), ExportKey( | 1520 EXPECT_STATUS(Status::ErrorKeyNotExtractable(), |
1535 blink::WebCryptoKeyFormatSpki, private_key, &output)); | 1521 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output)); |
1536 | 1522 |
1537 // Re-generate an extractable private_key and try to export it as SPKI format. | 1523 // Re-generate an extractable private_key and try to export it as SPKI format. |
1538 // This should fail since spki is for public keys. | 1524 // This should fail since spki is for public keys. |
1539 EXPECT_STATUS_SUCCESS(GenerateKeyPair( | 1525 EXPECT_STATUS_SUCCESS( |
1540 algorithm, true, usage_mask, &public_key, &private_key)); | 1526 GenerateKeyPair(algorithm, true, usage_mask, &public_key, &private_key)); |
1541 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), ExportKey( | 1527 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), |
1542 blink::WebCryptoKeyFormatSpki, private_key, &output)); | 1528 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output)); |
1543 } | 1529 } |
1544 | 1530 |
1545 TEST_F(SharedCryptoTest, MAYBE(RsaEsRoundTrip)) { | 1531 TEST_F(SharedCryptoTest, MAYBE(RsaEsRoundTrip)) { |
1546 // Import a key pair. | 1532 // Import a key pair. |
1547 blink::WebCryptoAlgorithm algorithm = | 1533 blink::WebCryptoAlgorithm algorithm = |
1548 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 1534 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
1549 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1535 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
1550 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 1536 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
1551 ImportRsaKeyPair( | 1537 ImportRsaKeyPair( |
1552 HexStringToBytes(kPublicKeySpkiDerHex), | 1538 HexStringToBytes(kPublicKeySpkiDerHex), |
1553 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 1539 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
1554 algorithm, | 1540 algorithm, |
1555 false, | 1541 false, |
1556 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, | 1542 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, |
1557 &public_key, | 1543 &public_key, |
1558 &private_key); | 1544 &private_key); |
1559 | 1545 |
1560 // Make a maximum-length data message. RSAES can operate on messages up to | 1546 // Make a maximum-length data message. RSAES can operate on messages up to |
1561 // length of k - 11 bytes, where k is the octet length of the RSA modulus. | 1547 // length of k - 11 bytes, where k is the octet length of the RSA modulus. |
1562 const unsigned int kMaxMsgSizeBytes = kModulusLength / 8 - 11; | 1548 const unsigned int kMaxMsgSizeBytes = kModulusLength / 8 - 11; |
1563 // There are two hex chars for each byte. | 1549 // There are two hex chars for each byte. |
1564 const unsigned int kMsgHexSize = kMaxMsgSizeBytes * 2; | 1550 const unsigned int kMsgHexSize = kMaxMsgSizeBytes * 2; |
1565 char max_data_hex[kMsgHexSize+1]; | 1551 char max_data_hex[kMsgHexSize + 1]; |
1566 std::fill(&max_data_hex[0], &max_data_hex[0] + kMsgHexSize, 'a'); | 1552 std::fill(&max_data_hex[0], &max_data_hex[0] + kMsgHexSize, 'a'); |
1567 max_data_hex[kMsgHexSize] = '\0'; | 1553 max_data_hex[kMsgHexSize] = '\0'; |
1568 | 1554 |
1569 // Verify encrypt / decrypt round trip on a few messages. Note that RSA | 1555 // Verify encrypt / decrypt round trip on a few messages. Note that RSA |
1570 // encryption does not support empty input. | 1556 // encryption does not support empty input. |
1571 algorithm = | 1557 algorithm = CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
1572 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 1558 const char* const kTestDataHex[] = {"ff", "0102030405060708090a0b0c0d0e0f", |
1573 const char* const kTestDataHex[] = { | 1559 max_data_hex}; |
1574 "ff", | |
1575 "0102030405060708090a0b0c0d0e0f", | |
1576 max_data_hex | |
1577 }; | |
1578 blink::WebArrayBuffer encrypted_data; | 1560 blink::WebArrayBuffer encrypted_data; |
1579 blink::WebArrayBuffer decrypted_data; | 1561 blink::WebArrayBuffer decrypted_data; |
1580 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTestDataHex); ++i) { | 1562 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTestDataHex); ++i) { |
1581 SCOPED_TRACE(i); | 1563 SCOPED_TRACE(i); |
1582 EXPECT_STATUS_SUCCESS(EncryptInternal( | 1564 EXPECT_STATUS_SUCCESS(EncryptInternal(algorithm, |
1583 algorithm, | 1565 public_key, |
1584 public_key, | 1566 HexStringToBytes(kTestDataHex[i]), |
1585 HexStringToBytes(kTestDataHex[i]), | 1567 &encrypted_data)); |
1586 &encrypted_data)); | |
1587 EXPECT_EQ(kModulusLength / 8, encrypted_data.byteLength()); | 1568 EXPECT_EQ(kModulusLength / 8, encrypted_data.byteLength()); |
1588 ASSERT_STATUS_SUCCESS(Decrypt( | 1569 ASSERT_STATUS_SUCCESS(Decrypt( |
1589 algorithm, | 1570 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data)); |
1590 private_key, | |
1591 CryptoData(encrypted_data), | |
1592 &decrypted_data)); | |
1593 ExpectArrayBufferMatchesHex(kTestDataHex[i], decrypted_data); | 1571 ExpectArrayBufferMatchesHex(kTestDataHex[i], decrypted_data); |
1594 } | 1572 } |
1595 } | 1573 } |
1596 | 1574 |
1597 TEST_F(SharedCryptoTest, MAYBE(RsaEsKnownAnswer)) { | 1575 TEST_F(SharedCryptoTest, MAYBE(RsaEsKnownAnswer)) { |
1598 scoped_ptr<base::Value> json; | 1576 scoped_ptr<base::Value> json; |
1599 ASSERT_TRUE(ReadJsonTestFile("rsa_es.json", &json)); | 1577 ASSERT_TRUE(ReadJsonTestFile("rsa_es.json", &json)); |
1600 base::DictionaryValue* test = NULL; | 1578 base::DictionaryValue* test = NULL; |
1601 ASSERT_TRUE(json->GetAsDictionary(&test)); | 1579 ASSERT_TRUE(json->GetAsDictionary(&test)); |
1602 | 1580 |
1603 // Because the random data in PKCS1.5 padding makes the encryption output non- | 1581 // Because the random data in PKCS1.5 padding makes the encryption output non- |
1604 // deterministic, we cannot easily do a typical known-answer test for RSA | 1582 // deterministic, we cannot easily do a typical known-answer test for RSA |
1605 // encryption / decryption. Instead we will take a known-good encrypted | 1583 // encryption / decryption. Instead we will take a known-good encrypted |
1606 // message, decrypt it, re-encrypt it, then decrypt again, verifying that the | 1584 // message, decrypt it, re-encrypt it, then decrypt again, verifying that the |
1607 // original known cleartext is the result. | 1585 // original known cleartext is the result. |
1608 | 1586 |
1609 const std::vector<uint8> rsa_spki_der = | 1587 const std::vector<uint8> rsa_spki_der = |
1610 GetBytesFromHexString(test, "rsa_spki_der"); | 1588 GetBytesFromHexString(test, "rsa_spki_der"); |
1611 | 1589 |
1612 const std::vector<uint8> rsa_pkcs8_der = | 1590 const std::vector<uint8> rsa_pkcs8_der = |
1613 GetBytesFromHexString(test, "rsa_pkcs8_der"); | 1591 GetBytesFromHexString(test, "rsa_pkcs8_der"); |
1614 const std::vector<uint8> ciphertext = | 1592 const std::vector<uint8> ciphertext = |
1615 GetBytesFromHexString(test, "ciphertext"); | 1593 GetBytesFromHexString(test, "ciphertext"); |
1616 const std::vector<uint8> cleartext = | 1594 const std::vector<uint8> cleartext = GetBytesFromHexString(test, "cleartext"); |
1617 GetBytesFromHexString(test, "cleartext"); | |
1618 | 1595 |
1619 // Import the key pair. | 1596 // Import the key pair. |
1620 blink::WebCryptoAlgorithm algorithm = | 1597 blink::WebCryptoAlgorithm algorithm = |
1621 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 1598 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
1622 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1599 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
1623 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 1600 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
1624 ImportRsaKeyPair( | 1601 ImportRsaKeyPair( |
1625 rsa_spki_der, | 1602 rsa_spki_der, |
1626 rsa_pkcs8_der, | 1603 rsa_pkcs8_der, |
1627 algorithm, | 1604 algorithm, |
1628 false, | 1605 false, |
1629 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, | 1606 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, |
1630 &public_key, | 1607 &public_key, |
1631 &private_key); | 1608 &private_key); |
1632 | 1609 |
1633 // Decrypt the known-good ciphertext with the private key. As a check we must | 1610 // Decrypt the known-good ciphertext with the private key. As a check we must |
1634 // get the known original cleartext. | 1611 // get the known original cleartext. |
1635 blink::WebArrayBuffer decrypted_data; | 1612 blink::WebArrayBuffer decrypted_data; |
1636 ASSERT_STATUS_SUCCESS(DecryptInternal( | 1613 ASSERT_STATUS_SUCCESS( |
1637 algorithm, | 1614 DecryptInternal(algorithm, private_key, ciphertext, &decrypted_data)); |
1638 private_key, | |
1639 ciphertext, | |
1640 &decrypted_data)); | |
1641 EXPECT_FALSE(decrypted_data.isNull()); | 1615 EXPECT_FALSE(decrypted_data.isNull()); |
1642 ExpectArrayBufferMatches(cleartext, decrypted_data); | 1616 ExpectArrayBufferMatches(cleartext, decrypted_data); |
1643 | 1617 |
1644 // Encrypt this decrypted data with the public key. | 1618 // Encrypt this decrypted data with the public key. |
1645 blink::WebArrayBuffer encrypted_data; | 1619 blink::WebArrayBuffer encrypted_data; |
1646 ASSERT_STATUS_SUCCESS(Encrypt( | 1620 ASSERT_STATUS_SUCCESS(Encrypt( |
1647 algorithm, | 1621 algorithm, public_key, CryptoData(decrypted_data), &encrypted_data)); |
1648 public_key, | |
1649 CryptoData(decrypted_data), | |
1650 &encrypted_data)); | |
1651 EXPECT_EQ(128u, encrypted_data.byteLength()); | 1622 EXPECT_EQ(128u, encrypted_data.byteLength()); |
1652 | 1623 |
1653 // Finally, decrypt the newly encrypted result with the private key, and | 1624 // Finally, decrypt the newly encrypted result with the private key, and |
1654 // compare to the known original cleartext. | 1625 // compare to the known original cleartext. |
1655 decrypted_data.reset(); | 1626 decrypted_data.reset(); |
1656 ASSERT_STATUS_SUCCESS(Decrypt( | 1627 ASSERT_STATUS_SUCCESS(Decrypt( |
1657 algorithm, | 1628 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data)); |
1658 private_key, | |
1659 CryptoData(encrypted_data), | |
1660 &decrypted_data)); | |
1661 EXPECT_FALSE(decrypted_data.isNull()); | 1629 EXPECT_FALSE(decrypted_data.isNull()); |
1662 ExpectArrayBufferMatches(cleartext, decrypted_data); | 1630 ExpectArrayBufferMatches(cleartext, decrypted_data); |
1663 } | 1631 } |
1664 | 1632 |
1665 TEST_F(SharedCryptoTest, MAYBE(RsaEsFailures)) { | 1633 TEST_F(SharedCryptoTest, MAYBE(RsaEsFailures)) { |
1666 // Import a key pair. | 1634 // Import a key pair. |
1667 blink::WebCryptoAlgorithm algorithm = | 1635 blink::WebCryptoAlgorithm algorithm = |
1668 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 1636 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
1669 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1637 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
1670 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 1638 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
1671 ImportRsaKeyPair( | 1639 ImportRsaKeyPair( |
1672 HexStringToBytes(kPublicKeySpkiDerHex), | 1640 HexStringToBytes(kPublicKeySpkiDerHex), |
1673 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 1641 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
1674 algorithm, | 1642 algorithm, |
1675 false, | 1643 false, |
1676 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, | 1644 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, |
1677 &public_key, | 1645 &public_key, |
1678 &private_key); | 1646 &private_key); |
1679 | 1647 |
1680 // Fail encrypt with a private key. | 1648 // Fail encrypt with a private key. |
1681 blink::WebArrayBuffer encrypted_data; | 1649 blink::WebArrayBuffer encrypted_data; |
1682 const std::string message_hex_str("0102030405060708090a0b0c0d0e0f"); | 1650 const std::string message_hex_str("0102030405060708090a0b0c0d0e0f"); |
1683 const std::vector<uint8> message_hex(HexStringToBytes(message_hex_str)); | 1651 const std::vector<uint8> message_hex(HexStringToBytes(message_hex_str)); |
1684 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 1652 EXPECT_STATUS( |
| 1653 Status::ErrorUnexpectedKeyType(), |
1685 EncryptInternal(algorithm, private_key, message_hex, &encrypted_data)); | 1654 EncryptInternal(algorithm, private_key, message_hex, &encrypted_data)); |
1686 | 1655 |
1687 // Fail encrypt with empty message. | 1656 // Fail encrypt with empty message. |
1688 EXPECT_STATUS(Status::Error(), EncryptInternal( | 1657 EXPECT_STATUS( |
1689 algorithm, public_key, std::vector<uint8>(), &encrypted_data)); | 1658 Status::Error(), |
| 1659 EncryptInternal( |
| 1660 algorithm, public_key, std::vector<uint8>(), &encrypted_data)); |
1690 | 1661 |
1691 // Fail encrypt with message too large. RSAES can operate on messages up to | 1662 // Fail encrypt with message too large. RSAES can operate on messages up to |
1692 // length of k - 11 bytes, where k is the octet length of the RSA modulus. | 1663 // length of k - 11 bytes, where k is the octet length of the RSA modulus. |
1693 const unsigned int kMaxMsgSizeBytes = kModulusLength / 8 - 11; | 1664 const unsigned int kMaxMsgSizeBytes = kModulusLength / 8 - 11; |
1694 EXPECT_STATUS( | 1665 EXPECT_STATUS(Status::ErrorDataTooLarge(), |
1695 Status::ErrorDataTooLarge(), | 1666 EncryptInternal(algorithm, |
1696 EncryptInternal(algorithm, | 1667 public_key, |
1697 public_key, | 1668 std::vector<uint8>(kMaxMsgSizeBytes + 1, '0'), |
1698 std::vector<uint8>(kMaxMsgSizeBytes + 1, '0'), | 1669 &encrypted_data)); |
1699 &encrypted_data)); | |
1700 | 1670 |
1701 // Generate encrypted data. | 1671 // Generate encrypted data. |
1702 EXPECT_STATUS(Status::Success(), | 1672 EXPECT_STATUS( |
| 1673 Status::Success(), |
1703 EncryptInternal(algorithm, public_key, message_hex, &encrypted_data)); | 1674 EncryptInternal(algorithm, public_key, message_hex, &encrypted_data)); |
1704 | 1675 |
1705 // Fail decrypt with a public key. | 1676 // Fail decrypt with a public key. |
1706 blink::WebArrayBuffer decrypted_data; | 1677 blink::WebArrayBuffer decrypted_data; |
1707 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), Decrypt( | 1678 EXPECT_STATUS( |
1708 algorithm, | 1679 Status::ErrorUnexpectedKeyType(), |
1709 public_key, | 1680 Decrypt( |
1710 CryptoData(encrypted_data), | 1681 algorithm, public_key, CryptoData(encrypted_data), &decrypted_data)); |
1711 &decrypted_data)); | |
1712 | 1682 |
1713 // Corrupt encrypted data; ensure decrypt fails because padding was disrupted. | 1683 // Corrupt encrypted data; ensure decrypt fails because padding was disrupted. |
1714 std::vector<uint8> corrupted_data( | 1684 std::vector<uint8> corrupted_data( |
1715 static_cast<uint8*>(encrypted_data.data()), | 1685 static_cast<uint8*>(encrypted_data.data()), |
1716 static_cast<uint8*>(encrypted_data.data()) + encrypted_data.byteLength()); | 1686 static_cast<uint8*>(encrypted_data.data()) + encrypted_data.byteLength()); |
1717 corrupted_data[corrupted_data.size() / 2] ^= 0x01; | 1687 corrupted_data[corrupted_data.size() / 2] ^= 0x01; |
1718 EXPECT_STATUS(Status::Error(), | 1688 EXPECT_STATUS( |
| 1689 Status::Error(), |
1719 DecryptInternal(algorithm, private_key, corrupted_data, &decrypted_data)); | 1690 DecryptInternal(algorithm, private_key, corrupted_data, &decrypted_data)); |
1720 | 1691 |
1721 // TODO(padolph): Are there other specific data corruption scenarios to | 1692 // TODO(padolph): Are there other specific data corruption scenarios to |
1722 // consider? | 1693 // consider? |
1723 | 1694 |
1724 // Do a successful decrypt with good data just for confirmation. | 1695 // Do a successful decrypt with good data just for confirmation. |
1725 EXPECT_STATUS_SUCCESS(Decrypt( | 1696 EXPECT_STATUS_SUCCESS(Decrypt( |
1726 algorithm, | 1697 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data)); |
1727 private_key, | |
1728 CryptoData(encrypted_data), | |
1729 &decrypted_data)); | |
1730 ExpectArrayBufferMatchesHex(message_hex_str, decrypted_data); | 1698 ExpectArrayBufferMatchesHex(message_hex_str, decrypted_data); |
1731 } | 1699 } |
1732 | 1700 |
1733 TEST_F(SharedCryptoTest, MAYBE(RsaSsaSignVerifyFailures)) { | 1701 TEST_F(SharedCryptoTest, MAYBE(RsaSsaSignVerifyFailures)) { |
1734 // Import a key pair. | 1702 // Import a key pair. |
1735 blink::WebCryptoAlgorithm algorithm = CreateRsaAlgorithmWithInnerHash( | 1703 blink::WebCryptoAlgorithm algorithm = CreateRsaAlgorithmWithInnerHash( |
1736 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1704 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
1737 blink::WebCryptoAlgorithmIdSha1); | 1705 blink::WebCryptoAlgorithmIdSha1); |
1738 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1706 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
1739 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 1707 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
(...skipping 18 matching lines...) Expand all Loading... |
1758 algorithm, | 1726 algorithm, |
1759 public_key, | 1727 public_key, |
1760 CryptoData(reinterpret_cast<const unsigned char*>(signature.data()), | 1728 CryptoData(reinterpret_cast<const unsigned char*>(signature.data()), |
1761 signature.byteLength() - 1), | 1729 signature.byteLength() - 1), |
1762 CryptoData(data), | 1730 CryptoData(data), |
1763 &signature_match)); | 1731 &signature_match)); |
1764 EXPECT_FALSE(signature_match); | 1732 EXPECT_FALSE(signature_match); |
1765 | 1733 |
1766 // Ensure truncated signature does not verify by passing no bytes. | 1734 // Ensure truncated signature does not verify by passing no bytes. |
1767 EXPECT_STATUS_SUCCESS(VerifySignature( | 1735 EXPECT_STATUS_SUCCESS(VerifySignature( |
1768 algorithm, | 1736 algorithm, public_key, CryptoData(), CryptoData(data), &signature_match)); |
1769 public_key, | |
1770 CryptoData(), | |
1771 CryptoData(data), | |
1772 &signature_match)); | |
1773 EXPECT_FALSE(signature_match); | 1737 EXPECT_FALSE(signature_match); |
1774 | 1738 |
1775 // Ensure corrupted signature does not verify. | 1739 // Ensure corrupted signature does not verify. |
1776 std::vector<uint8> corrupt_sig( | 1740 std::vector<uint8> corrupt_sig( |
1777 static_cast<uint8*>(signature.data()), | 1741 static_cast<uint8*>(signature.data()), |
1778 static_cast<uint8*>(signature.data()) + signature.byteLength()); | 1742 static_cast<uint8*>(signature.data()) + signature.byteLength()); |
1779 corrupt_sig[corrupt_sig.size() / 2] ^= 0x1; | 1743 corrupt_sig[corrupt_sig.size() / 2] ^= 0x1; |
1780 EXPECT_STATUS_SUCCESS(VerifySignatureInternal( | 1744 EXPECT_STATUS_SUCCESS(VerifySignatureInternal( |
1781 algorithm, | 1745 algorithm, public_key, CryptoData(corrupt_sig), data, &signature_match)); |
1782 public_key, | |
1783 CryptoData(corrupt_sig), | |
1784 data, | |
1785 &signature_match)); | |
1786 EXPECT_FALSE(signature_match); | 1746 EXPECT_FALSE(signature_match); |
1787 | 1747 |
1788 // Ensure signatures that are greater than the modulus size fail. | 1748 // Ensure signatures that are greater than the modulus size fail. |
1789 const unsigned int long_message_size_bytes = 1024; | 1749 const unsigned int long_message_size_bytes = 1024; |
1790 DCHECK_GT(long_message_size_bytes, kModulusLength/8); | 1750 DCHECK_GT(long_message_size_bytes, kModulusLength / 8); |
1791 const unsigned char kLongSignature[long_message_size_bytes] = { 0 }; | 1751 const unsigned char kLongSignature[long_message_size_bytes] = {0}; |
1792 EXPECT_STATUS_SUCCESS(VerifySignature( | 1752 EXPECT_STATUS_SUCCESS( |
1793 algorithm, | 1753 VerifySignature(algorithm, |
1794 public_key, | 1754 public_key, |
1795 CryptoData(kLongSignature, sizeof(kLongSignature)), | 1755 CryptoData(kLongSignature, sizeof(kLongSignature)), |
1796 CryptoData(data), | 1756 CryptoData(data), |
1797 &signature_match)); | 1757 &signature_match)); |
1798 EXPECT_FALSE(signature_match); | 1758 EXPECT_FALSE(signature_match); |
1799 | 1759 |
1800 // Ensure that verifying using a private key, rather than a public key, fails. | 1760 // Ensure that verifying using a private key, rather than a public key, fails. |
1801 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), VerifySignature( | 1761 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), |
1802 algorithm, | 1762 VerifySignature(algorithm, |
1803 private_key, | 1763 private_key, |
1804 CryptoData(signature), | 1764 CryptoData(signature), |
1805 CryptoData(data), | 1765 CryptoData(data), |
1806 &signature_match)); | 1766 &signature_match)); |
1807 | 1767 |
1808 // Ensure that signing using a public key, rather than a private key, fails. | 1768 // Ensure that signing using a public key, rather than a private key, fails. |
1809 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 1769 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), |
1810 SignInternal(algorithm, public_key, data, &signature)); | 1770 SignInternal(algorithm, public_key, data, &signature)); |
1811 | 1771 |
1812 // Ensure that signing and verifying with an incompatible algorithm fails. | 1772 // Ensure that signing and verifying with an incompatible algorithm fails. |
1813 algorithm = | 1773 algorithm = CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
1814 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | |
1815 EXPECT_STATUS(Status::ErrorUnexpected(), | 1774 EXPECT_STATUS(Status::ErrorUnexpected(), |
1816 SignInternal(algorithm, private_key, data, &signature)); | 1775 SignInternal(algorithm, private_key, data, &signature)); |
1817 EXPECT_STATUS(Status::ErrorUnexpected(), VerifySignature( | 1776 EXPECT_STATUS(Status::ErrorUnexpected(), |
1818 algorithm, public_key, CryptoData(signature), CryptoData(data), | 1777 VerifySignature(algorithm, |
1819 &signature_match)); | 1778 public_key, |
| 1779 CryptoData(signature), |
| 1780 CryptoData(data), |
| 1781 &signature_match)); |
1820 | 1782 |
1821 // Some crypto libraries (NSS) can automatically select the RSA SSA inner hash | 1783 // Some crypto libraries (NSS) can automatically select the RSA SSA inner hash |
1822 // based solely on the contents of the input signature data. In the Web Crypto | 1784 // based solely on the contents of the input signature data. In the Web Crypto |
1823 // implementation, the inner hash should be specified uniquely by the input | 1785 // implementation, the inner hash should be specified uniquely by the input |
1824 // algorithm parameter. To validate this behavior, call Verify with a computed | 1786 // algorithm parameter. To validate this behavior, call Verify with a computed |
1825 // signature that used one hash type (SHA-1), but pass in an algorithm with a | 1787 // signature that used one hash type (SHA-1), but pass in an algorithm with a |
1826 // different inner hash type (SHA-256). If the hash type is determined by the | 1788 // different inner hash type (SHA-256). If the hash type is determined by the |
1827 // signature itself (undesired), the verify will pass, while if the hash type | 1789 // signature itself (undesired), the verify will pass, while if the hash type |
1828 // is specified by the input algorithm (desired), the verify will fail. | 1790 // is specified by the input algorithm (desired), the verify will fail. |
1829 | 1791 |
1830 // Compute a signature using SHA-1 as the inner hash. | 1792 // Compute a signature using SHA-1 as the inner hash. |
1831 EXPECT_STATUS_SUCCESS(SignInternal(CreateRsaAlgorithmWithInnerHash( | 1793 EXPECT_STATUS_SUCCESS( |
1832 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1794 SignInternal(CreateRsaAlgorithmWithInnerHash( |
1833 blink::WebCryptoAlgorithmIdSha1), | 1795 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
1834 private_key, | 1796 blink::WebCryptoAlgorithmIdSha1), |
1835 data, | 1797 private_key, |
1836 &signature)); | 1798 data, |
| 1799 &signature)); |
1837 | 1800 |
1838 // Now verify using an algorithm whose inner hash is SHA-256, not SHA-1. The | 1801 // Now verify using an algorithm whose inner hash is SHA-256, not SHA-1. The |
1839 // signature should not verify. | 1802 // signature should not verify. |
1840 // NOTE: public_key was produced by generateKey, and so its associated | 1803 // NOTE: public_key was produced by generateKey, and so its associated |
1841 // algorithm has WebCryptoRsaKeyGenParams and not WebCryptoRsaSsaParams. Thus | 1804 // algorithm has WebCryptoRsaKeyGenParams and not WebCryptoRsaSsaParams. Thus |
1842 // it has no inner hash to conflict with the input algorithm. | 1805 // it has no inner hash to conflict with the input algorithm. |
1843 bool is_match; | 1806 bool is_match; |
1844 EXPECT_STATUS_SUCCESS(VerifySignature( | 1807 EXPECT_STATUS_SUCCESS( |
1845 CreateRsaAlgorithmWithInnerHash( | 1808 VerifySignature(CreateRsaAlgorithmWithInnerHash( |
1846 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1809 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
1847 blink::WebCryptoAlgorithmIdSha256), | 1810 blink::WebCryptoAlgorithmIdSha256), |
1848 public_key, | 1811 public_key, |
1849 CryptoData(signature), | 1812 CryptoData(signature), |
1850 CryptoData(data), | 1813 CryptoData(data), |
1851 &is_match)); | 1814 &is_match)); |
1852 EXPECT_FALSE(is_match); | 1815 EXPECT_FALSE(is_match); |
1853 } | 1816 } |
1854 | 1817 |
1855 TEST_F(SharedCryptoTest, MAYBE(RsaSignVerifyKnownAnswer)) { | 1818 TEST_F(SharedCryptoTest, MAYBE(RsaSignVerifyKnownAnswer)) { |
1856 scoped_ptr<base::ListValue> tests; | 1819 scoped_ptr<base::ListValue> tests; |
1857 ASSERT_TRUE(ReadJsonTestFileToList("pkcs1v15_sign.json", &tests)); | 1820 ASSERT_TRUE(ReadJsonTestFileToList("pkcs1v15_sign.json", &tests)); |
1858 | 1821 |
1859 // Import the key pair. | 1822 // Import the key pair. |
1860 blink::WebCryptoAlgorithm algorithm = CreateRsaAlgorithmWithInnerHash( | 1823 blink::WebCryptoAlgorithm algorithm = CreateRsaAlgorithmWithInnerHash( |
1861 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1824 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
(...skipping 22 matching lines...) Expand all Loading... |
1884 std::vector<uint8> test_signature = | 1847 std::vector<uint8> test_signature = |
1885 GetBytesFromHexString(test, "signature_hex"); | 1848 GetBytesFromHexString(test, "signature_hex"); |
1886 | 1849 |
1887 signature.reset(); | 1850 signature.reset(); |
1888 ASSERT_STATUS_SUCCESS( | 1851 ASSERT_STATUS_SUCCESS( |
1889 SignInternal(algorithm, private_key, test_message, &signature)); | 1852 SignInternal(algorithm, private_key, test_message, &signature)); |
1890 ExpectArrayBufferMatches(test_signature, signature); | 1853 ExpectArrayBufferMatches(test_signature, signature); |
1891 | 1854 |
1892 bool is_match = false; | 1855 bool is_match = false; |
1893 ASSERT_STATUS_SUCCESS(VerifySignatureInternal( | 1856 ASSERT_STATUS_SUCCESS(VerifySignatureInternal( |
1894 algorithm, | 1857 algorithm, public_key, test_signature, test_message, &is_match)); |
1895 public_key, | |
1896 test_signature, | |
1897 test_message, | |
1898 &is_match)); | |
1899 EXPECT_TRUE(is_match); | 1858 EXPECT_TRUE(is_match); |
1900 } | 1859 } |
1901 } | 1860 } |
1902 | 1861 |
1903 TEST_F(SharedCryptoTest, MAYBE(AesKwKeyImport)) { | 1862 TEST_F(SharedCryptoTest, MAYBE(AesKwKeyImport)) { |
1904 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1863 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1905 blink::WebCryptoAlgorithm algorithm = | 1864 blink::WebCryptoAlgorithm algorithm = |
1906 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); | 1865 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); |
1907 | 1866 |
1908 // Import a 128-bit Key Encryption Key (KEK) | 1867 // Import a 128-bit Key Encryption Key (KEK) |
1909 std::string key_raw_hex_in = "025a8cf3f08b4f6c5f33bbc76a471939"; | 1868 std::string key_raw_hex_in = "025a8cf3f08b4f6c5f33bbc76a471939"; |
1910 ASSERT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, | 1869 ASSERT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
1911 HexStringToBytes(key_raw_hex_in), | 1870 HexStringToBytes(key_raw_hex_in), |
1912 algorithm, | 1871 algorithm, |
1913 true, | 1872 true, |
1914 blink::WebCryptoKeyUsageWrapKey, | 1873 blink::WebCryptoKeyUsageWrapKey, |
1915 &key)); | 1874 &key)); |
1916 blink::WebArrayBuffer key_raw_out; | 1875 blink::WebArrayBuffer key_raw_out; |
1917 EXPECT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, | 1876 EXPECT_STATUS_SUCCESS( |
1918 key, | 1877 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out)); |
1919 &key_raw_out)); | |
1920 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); | 1878 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); |
1921 | 1879 |
1922 // Import a 192-bit KEK | 1880 // Import a 192-bit KEK |
1923 key_raw_hex_in = "c0192c6466b2370decbb62b2cfef4384544ffeb4d2fbc103"; | 1881 key_raw_hex_in = "c0192c6466b2370decbb62b2cfef4384544ffeb4d2fbc103"; |
1924 ASSERT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, | 1882 ASSERT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
1925 HexStringToBytes(key_raw_hex_in), | 1883 HexStringToBytes(key_raw_hex_in), |
1926 algorithm, | 1884 algorithm, |
1927 true, | 1885 true, |
1928 blink::WebCryptoKeyUsageWrapKey, | 1886 blink::WebCryptoKeyUsageWrapKey, |
1929 &key)); | 1887 &key)); |
1930 EXPECT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, | 1888 EXPECT_STATUS_SUCCESS( |
1931 key, | 1889 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out)); |
1932 &key_raw_out)); | |
1933 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); | 1890 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); |
1934 | 1891 |
1935 // Import a 256-bit Key Encryption Key (KEK) | 1892 // Import a 256-bit Key Encryption Key (KEK) |
1936 key_raw_hex_in = | 1893 key_raw_hex_in = |
1937 "e11fe66380d90fa9ebefb74e0478e78f95664d0c67ca20ce4a0b5842863ac46f"; | 1894 "e11fe66380d90fa9ebefb74e0478e78f95664d0c67ca20ce4a0b5842863ac46f"; |
1938 ASSERT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, | 1895 ASSERT_STATUS_SUCCESS(ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
1939 HexStringToBytes(key_raw_hex_in), | 1896 HexStringToBytes(key_raw_hex_in), |
1940 algorithm, | 1897 algorithm, |
1941 true, | 1898 true, |
1942 blink::WebCryptoKeyUsageWrapKey, | 1899 blink::WebCryptoKeyUsageWrapKey, |
1943 &key)); | 1900 &key)); |
1944 EXPECT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, | 1901 EXPECT_STATUS_SUCCESS( |
1945 key, | 1902 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out)); |
1946 &key_raw_out)); | |
1947 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); | 1903 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); |
1948 | 1904 |
1949 // Fail import of 0 length key | 1905 // Fail import of 0 length key |
1950 EXPECT_STATUS(Status::Error(), | 1906 EXPECT_STATUS(Status::Error(), |
1951 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, | 1907 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
1952 HexStringToBytes(""), | 1908 HexStringToBytes(""), |
1953 algorithm, | 1909 algorithm, |
1954 true, | 1910 true, |
1955 blink::WebCryptoKeyUsageWrapKey, | 1911 blink::WebCryptoKeyUsageWrapKey, |
1956 &key)); | 1912 &key)); |
1957 | 1913 |
1958 // Fail import of 124-bit KEK | 1914 // Fail import of 124-bit KEK |
1959 key_raw_hex_in = "3e4566a2bdaa10cb68134fa66c15ddb"; | 1915 key_raw_hex_in = "3e4566a2bdaa10cb68134fa66c15ddb"; |
1960 EXPECT_STATUS(Status::Error(), | 1916 EXPECT_STATUS(Status::Error(), |
1961 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, | 1917 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
1962 HexStringToBytes(key_raw_hex_in), | 1918 HexStringToBytes(key_raw_hex_in), |
1963 algorithm, | 1919 algorithm, |
1964 true, | 1920 true, |
1965 blink::WebCryptoKeyUsageWrapKey, | 1921 blink::WebCryptoKeyUsageWrapKey, |
1966 &key)); | 1922 &key)); |
1967 | 1923 |
1968 // Fail import of 200-bit KEK | 1924 // Fail import of 200-bit KEK |
1969 key_raw_hex_in = "0a1d88608a5ad9fec64f1ada269ebab4baa2feeb8d95638c0e"; | 1925 key_raw_hex_in = "0a1d88608a5ad9fec64f1ada269ebab4baa2feeb8d95638c0e"; |
1970 EXPECT_STATUS(Status::Error(), | 1926 EXPECT_STATUS(Status::Error(), |
1971 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, | 1927 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
1972 HexStringToBytes(key_raw_hex_in), | 1928 HexStringToBytes(key_raw_hex_in), |
1973 algorithm, | 1929 algorithm, |
1974 true, | 1930 true, |
1975 blink::WebCryptoKeyUsageWrapKey, | 1931 blink::WebCryptoKeyUsageWrapKey, |
1976 &key)); | 1932 &key)); |
1977 | 1933 |
1978 // Fail import of 260-bit KEK | 1934 // Fail import of 260-bit KEK |
1979 key_raw_hex_in = | 1935 key_raw_hex_in = |
1980 "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a"; | 1936 "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a"; |
1981 EXPECT_STATUS(Status::Error(), | 1937 EXPECT_STATUS(Status::Error(), |
1982 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, | 1938 ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
1983 HexStringToBytes(key_raw_hex_in), | 1939 HexStringToBytes(key_raw_hex_in), |
1984 algorithm, | 1940 algorithm, |
1985 true, | 1941 true, |
1986 blink::WebCryptoKeyUsageWrapKey, | 1942 blink::WebCryptoKeyUsageWrapKey, |
1987 &key)); | 1943 &key)); |
1988 } | 1944 } |
1989 | 1945 |
1990 // TODO(eroman): | 1946 // TODO(eroman): |
1991 // * Test decryption when the tag length exceeds input size | 1947 // * Test decryption when the tag length exceeds input size |
1992 // * Test decryption with empty input | 1948 // * Test decryption with empty input |
1993 // * Test decryption with tag length of 0. | 1949 // * Test decryption with tag length of 0. |
1994 TEST_F(SharedCryptoTest, MAYBE(AesGcmSampleSets)) { | 1950 TEST_F(SharedCryptoTest, MAYBE(AesGcmSampleSets)) { |
1995 // Some Linux test runners may not have a new enough version of NSS. | 1951 // Some Linux test runners may not have a new enough version of NSS. |
1996 if (!SupportsAesGcm()) { | 1952 if (!SupportsAesGcm()) { |
1997 LOG(WARNING) << "AES GCM not supported, skipping tests"; | 1953 LOG(WARNING) << "AES GCM not supported, skipping tests"; |
(...skipping 21 matching lines...) Expand all Loading... |
2019 const std::vector<uint8> test_cipher_text = | 1975 const std::vector<uint8> test_cipher_text = |
2020 GetBytesFromHexString(test, "cipher_text"); | 1976 GetBytesFromHexString(test, "cipher_text"); |
2021 | 1977 |
2022 blink::WebCryptoKey key = ImportSecretKeyFromRaw( | 1978 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
2023 test_key, | 1979 test_key, |
2024 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm), | 1980 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm), |
2025 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); | 1981 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); |
2026 | 1982 |
2027 // Verify exported raw key is identical to the imported data | 1983 // Verify exported raw key is identical to the imported data |
2028 blink::WebArrayBuffer raw_key; | 1984 blink::WebArrayBuffer raw_key; |
2029 EXPECT_STATUS_SUCCESS(ExportKey( | 1985 EXPECT_STATUS_SUCCESS( |
2030 blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 1986 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
2031 | 1987 |
2032 ExpectArrayBufferMatches(test_key, raw_key); | 1988 ExpectArrayBufferMatches(test_key, raw_key); |
2033 | 1989 |
2034 // Test encryption. | 1990 // Test encryption. |
2035 std::vector<uint8> cipher_text; | 1991 std::vector<uint8> cipher_text; |
2036 std::vector<uint8> authentication_tag; | 1992 std::vector<uint8> authentication_tag; |
2037 EXPECT_STATUS_SUCCESS(AesGcmEncrypt(key, test_iv, test_additional_data, | 1993 EXPECT_STATUS_SUCCESS(AesGcmEncrypt(key, |
2038 test_tag_size_bits, test_plain_text, | 1994 test_iv, |
2039 &cipher_text, &authentication_tag)); | 1995 test_additional_data, |
| 1996 test_tag_size_bits, |
| 1997 test_plain_text, |
| 1998 &cipher_text, |
| 1999 &authentication_tag)); |
2040 | 2000 |
2041 ExpectVectorMatches(test_cipher_text, cipher_text); | 2001 ExpectVectorMatches(test_cipher_text, cipher_text); |
2042 ExpectVectorMatches(test_authentication_tag, authentication_tag); | 2002 ExpectVectorMatches(test_authentication_tag, authentication_tag); |
2043 | 2003 |
2044 // Test decryption. | 2004 // Test decryption. |
2045 blink::WebArrayBuffer plain_text; | 2005 blink::WebArrayBuffer plain_text; |
2046 EXPECT_STATUS_SUCCESS(AesGcmDecrypt(key, test_iv, test_additional_data, | 2006 EXPECT_STATUS_SUCCESS(AesGcmDecrypt(key, |
2047 test_tag_size_bits, test_cipher_text, | 2007 test_iv, |
2048 test_authentication_tag, &plain_text)); | 2008 test_additional_data, |
| 2009 test_tag_size_bits, |
| 2010 test_cipher_text, |
| 2011 test_authentication_tag, |
| 2012 &plain_text)); |
2049 ExpectArrayBufferMatches(test_plain_text, plain_text); | 2013 ExpectArrayBufferMatches(test_plain_text, plain_text); |
2050 | 2014 |
2051 // Decryption should fail if any of the inputs are tampered with. | 2015 // Decryption should fail if any of the inputs are tampered with. |
2052 EXPECT_STATUS(Status::Error(), | 2016 EXPECT_STATUS(Status::Error(), |
2053 AesGcmDecrypt(key, Corrupted(test_iv), test_additional_data, | 2017 AesGcmDecrypt(key, |
2054 test_tag_size_bits, test_cipher_text, | 2018 Corrupted(test_iv), |
2055 test_authentication_tag, &plain_text)); | 2019 test_additional_data, |
| 2020 test_tag_size_bits, |
| 2021 test_cipher_text, |
| 2022 test_authentication_tag, |
| 2023 &plain_text)); |
2056 EXPECT_STATUS(Status::Error(), | 2024 EXPECT_STATUS(Status::Error(), |
2057 AesGcmDecrypt(key, test_iv, Corrupted(test_additional_data), | 2025 AesGcmDecrypt(key, |
2058 test_tag_size_bits, test_cipher_text, | 2026 test_iv, |
2059 test_authentication_tag, &plain_text)); | 2027 Corrupted(test_additional_data), |
| 2028 test_tag_size_bits, |
| 2029 test_cipher_text, |
| 2030 test_authentication_tag, |
| 2031 &plain_text)); |
2060 EXPECT_STATUS(Status::Error(), | 2032 EXPECT_STATUS(Status::Error(), |
2061 AesGcmDecrypt(key, test_iv, test_additional_data, | 2033 AesGcmDecrypt(key, |
2062 test_tag_size_bits, Corrupted(test_cipher_text), | 2034 test_iv, |
2063 test_authentication_tag, &plain_text)); | 2035 test_additional_data, |
| 2036 test_tag_size_bits, |
| 2037 Corrupted(test_cipher_text), |
| 2038 test_authentication_tag, |
| 2039 &plain_text)); |
2064 EXPECT_STATUS(Status::Error(), | 2040 EXPECT_STATUS(Status::Error(), |
2065 AesGcmDecrypt(key, test_iv, test_additional_data, | 2041 AesGcmDecrypt(key, |
2066 test_tag_size_bits, test_cipher_text, | 2042 test_iv, |
2067 Corrupted(test_authentication_tag), | 2043 test_additional_data, |
2068 &plain_text)); | 2044 test_tag_size_bits, |
| 2045 test_cipher_text, |
| 2046 Corrupted(test_authentication_tag), |
| 2047 &plain_text)); |
2069 | 2048 |
2070 // Try different incorrect tag lengths | 2049 // Try different incorrect tag lengths |
2071 uint8 kAlternateTagLengths[] = {8, 96, 120, 128, 160, 255}; | 2050 uint8 kAlternateTagLengths[] = {8, 96, 120, 128, 160, 255}; |
2072 for (size_t tag_i = 0; tag_i < arraysize(kAlternateTagLengths); ++tag_i) { | 2051 for (size_t tag_i = 0; tag_i < arraysize(kAlternateTagLengths); ++tag_i) { |
2073 unsigned int wrong_tag_size_bits = kAlternateTagLengths[tag_i]; | 2052 unsigned int wrong_tag_size_bits = kAlternateTagLengths[tag_i]; |
2074 if (test_tag_size_bits == wrong_tag_size_bits) | 2053 if (test_tag_size_bits == wrong_tag_size_bits) |
2075 continue; | 2054 continue; |
2076 EXPECT_STATUS_ERROR(AesGcmDecrypt(key, test_iv, test_additional_data, | 2055 EXPECT_STATUS_ERROR(AesGcmDecrypt(key, |
2077 wrong_tag_size_bits, test_cipher_text, | 2056 test_iv, |
2078 test_authentication_tag, &plain_text)); | 2057 test_additional_data, |
| 2058 wrong_tag_size_bits, |
| 2059 test_cipher_text, |
| 2060 test_authentication_tag, |
| 2061 &plain_text)); |
2079 } | 2062 } |
2080 } | 2063 } |
2081 } | 2064 } |
2082 | 2065 |
2083 } // namespace webcrypto | 2066 } // namespace webcrypto |
2084 | 2067 |
2085 } // namespace content | 2068 } // namespace content |
OLD | NEW |