| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "components/webcrypto/fuzzer_support.h" |
| 6 |
| 7 #include "base/command_line.h" |
| 8 #include "base/lazy_instance.h" |
| 9 #include "components/test_runner/test_common.h" |
| 10 #include "components/webcrypto/algorithm_dispatch.h" |
| 11 #include "components/webcrypto/crypto_data.h" |
| 12 #include "components/webcrypto/status.h" |
| 13 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" |
| 14 |
| 15 namespace webcrypto { |
| 16 |
| 17 namespace { |
| 18 |
| 19 // This mock is used to initialize blink. |
| 20 class InitOnce { |
| 21 public: |
| 22 InitOnce() { |
| 23 // EnsureBlinkInitialized() depends on the command line singleton being |
| 24 // initialized. |
| 25 base::CommandLine::Init(0, nullptr); |
| 26 test_runner::EnsureBlinkInitialized(); |
| 27 } |
| 28 }; |
| 29 |
| 30 base::LazyInstance<InitOnce>::Leaky g_once = LAZY_INSTANCE_INITIALIZER; |
| 31 |
| 32 void EnsureInitialized() { |
| 33 g_once.Get(); |
| 34 } |
| 35 |
| 36 blink::WebCryptoAlgorithm CreateRsaHashedImportAlgorithm( |
| 37 blink::WebCryptoAlgorithmId id, |
| 38 blink::WebCryptoAlgorithmId hash_id) { |
| 39 DCHECK(blink::WebCryptoAlgorithm::isHash(hash_id)); |
| 40 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( |
| 41 id, |
| 42 new blink::WebCryptoRsaHashedImportParams( |
| 43 blink::WebCryptoAlgorithm::adoptParamsAndCreate(hash_id, nullptr))); |
| 44 } |
| 45 |
| 46 blink::WebCryptoAlgorithm CreateEcImportAlgorithm( |
| 47 blink::WebCryptoAlgorithmId id, |
| 48 blink::WebCryptoNamedCurve named_curve) { |
| 49 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( |
| 50 id, new blink::WebCryptoEcKeyImportParams(named_curve)); |
| 51 } |
| 52 |
| 53 } // namespace |
| 54 |
| 55 blink::WebCryptoKeyUsageMask GetCompatibleKeyUsages( |
| 56 blink::WebCryptoKeyFormat format) { |
| 57 // SPKI format implies import of a public key, whereas PKCS8 implies import |
| 58 // of a private key. Pick usages that are compatible with a signature |
| 59 // algorithm. |
| 60 return format == blink::WebCryptoKeyFormatSpki |
| 61 ? blink::WebCryptoKeyUsageVerify |
| 62 : blink::WebCryptoKeyUsageSign; |
| 63 } |
| 64 |
| 65 void ImportEcKeyFromDerFuzzData(const uint8_t* data, |
| 66 size_t size, |
| 67 blink::WebCryptoKeyFormat format) { |
| 68 DCHECK(format == blink::WebCryptoKeyFormatSpki || |
| 69 format == blink::WebCryptoKeyFormatPkcs8); |
| 70 EnsureInitialized(); |
| 71 |
| 72 // There are 3 possible EC named curves. Fix this parameter. It shouldn't |
| 73 // matter based on the current implementation for PKCS8 or SPKI. But it |
| 74 // will have an impact when parsing JWK format. |
| 75 blink::WebCryptoNamedCurve curve = blink::WebCryptoNamedCurveP384; |
| 76 |
| 77 // Always use ECDSA as the algorithm. Shouldn't make much difference for |
| 78 // non-JWK formats. |
| 79 blink::WebCryptoAlgorithmId algorithm_id = blink::WebCryptoAlgorithmIdEcdsa; |
| 80 |
| 81 // Use key usages that are compatible with the chosen algorithm and key type. |
| 82 blink::WebCryptoKeyUsageMask usages = GetCompatibleKeyUsages(format); |
| 83 |
| 84 blink::WebCryptoKey key; |
| 85 webcrypto::Status status = webcrypto::ImportKey( |
| 86 format, webcrypto::CryptoData(data, size), |
| 87 CreateEcImportAlgorithm(algorithm_id, curve), true, usages, &key); |
| 88 |
| 89 // These errors imply a bad setup of parameters, and means ImportKey() may not |
| 90 // be testing the actual parsing. |
| 91 DCHECK_NE(status.error_details(), |
| 92 Status::ErrorUnsupportedImportKeyFormat().error_details()); |
| 93 DCHECK_NE(status.error_details(), |
| 94 Status::ErrorCreateKeyBadUsages().error_details()); |
| 95 } |
| 96 |
| 97 void ImportRsaKeyFromDerFuzzData(const uint8_t* data, |
| 98 size_t size, |
| 99 blink::WebCryptoKeyFormat format) { |
| 100 DCHECK(format == blink::WebCryptoKeyFormatSpki || |
| 101 format == blink::WebCryptoKeyFormatPkcs8); |
| 102 EnsureInitialized(); |
| 103 |
| 104 // There are several possible hash functions. Fix this parameter. It shouldn't |
| 105 // matter based on the current implementation for PKCS8 or SPKI. But it |
| 106 // will have an impact when parsing JWK format. |
| 107 blink::WebCryptoAlgorithmId hash_id = blink::WebCryptoAlgorithmIdSha256; |
| 108 |
| 109 // Always use RSA-SSA PKCS#1 as the algorithm. Shouldn't make much difference |
| 110 // for non-JWK formats. |
| 111 blink::WebCryptoAlgorithmId algorithm_id = |
| 112 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5; |
| 113 |
| 114 // Use key usages that are compatible with the chosen algorithm and key type. |
| 115 blink::WebCryptoKeyUsageMask usages = GetCompatibleKeyUsages(format); |
| 116 |
| 117 blink::WebCryptoKey key; |
| 118 webcrypto::Status status = webcrypto::ImportKey( |
| 119 format, webcrypto::CryptoData(data, size), |
| 120 CreateRsaHashedImportAlgorithm(algorithm_id, hash_id), true, usages, |
| 121 &key); |
| 122 |
| 123 // These errors imply a bad setup of parameters, and means ImportKey() may not |
| 124 // be testing the actual parsing. |
| 125 DCHECK_NE(status.error_details(), |
| 126 Status::ErrorUnsupportedImportKeyFormat().error_details()); |
| 127 DCHECK_NE(status.error_details(), |
| 128 Status::ErrorCreateKeyBadUsages().error_details()); |
| 129 } |
| 130 |
| 131 } // namespace webcrypto |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1743763003:
Add fuzzers for import of WebCrypto DER-encoded keys. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master