OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/renderer/webcrypto/shared_crypto.h" | 5 #include "content/renderer/webcrypto/shared_crypto.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
11 #include "base/basictypes.h" | 11 #include "base/basictypes.h" |
12 #include "base/file_util.h" | 12 #include "base/file_util.h" |
13 #include "base/json/json_reader.h" | 13 #include "base/json/json_reader.h" |
14 #include "base/json/json_writer.h" | 14 #include "base/json/json_writer.h" |
15 #include "base/logging.h" | 15 #include "base/logging.h" |
16 #include "base/memory/ref_counted.h" | 16 #include "base/memory/ref_counted.h" |
17 #include "base/path_service.h" | 17 #include "base/path_service.h" |
18 #include "base/strings/string_number_conversions.h" | 18 #include "base/strings/string_number_conversions.h" |
19 #include "base/values.h" | 19 #include "base/values.h" |
20 #include "content/public/common/content_paths.h" | 20 #include "content/public/common/content_paths.h" |
21 #include "content/public/renderer/content_renderer_client.h" | 21 #include "content/public/renderer/content_renderer_client.h" |
22 #include "content/renderer/renderer_webkitplatformsupport_impl.h" | 22 #include "content/renderer/renderer_webkitplatformsupport_impl.h" |
23 #include "content/renderer/webcrypto/crypto_data.h" | 23 #include "content/renderer/webcrypto/crypto_data.h" |
24 #include "content/renderer/webcrypto/webcrypto_util.h" | 24 #include "content/renderer/webcrypto/webcrypto_util.h" |
25 #include "testing/gtest/include/gtest/gtest.h" | 25 #include "testing/gtest/include/gtest/gtest.h" |
26 #include "third_party/WebKit/public/platform/WebArrayBuffer.h" | 26 #include "third_party/WebKit/public/platform/WebArrayBuffer.h" |
27 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" | 27 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" |
| 28 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM |
| 29 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h" |
| 30 #endif |
28 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" | 31 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" |
29 #include "third_party/WebKit/public/platform/WebCryptoKey.h" | 32 #include "third_party/WebKit/public/platform/WebCryptoKey.h" |
30 #include "third_party/re2/re2/re2.h" | 33 #include "third_party/re2/re2/re2.h" |
31 | 34 |
32 // The OpenSSL implementation of WebCrypto is less complete, so don't run all of | 35 // The OpenSSL implementation of WebCrypto is less complete, so don't run all of |
33 // the tests: http://crbug.com/267888 | 36 // the tests: http://crbug.com/267888 |
34 #if defined(USE_OPENSSL) | 37 #if defined(USE_OPENSSL) |
35 #define MAYBE(test_name) DISABLED_##test_name | 38 #define MAYBE(test_name) DISABLED_##test_name |
36 #else | 39 #else |
37 #define MAYBE(test_name) test_name | 40 #define MAYBE(test_name) test_name |
38 #endif | 41 #endif |
39 | 42 |
40 // Helper macros to verify the value of a Status. | 43 // Helper macros to verify the value of a Status. |
41 #define EXPECT_STATUS_ERROR(code) EXPECT_FALSE((code).IsSuccess()) | 44 #define EXPECT_STATUS_ERROR(code) EXPECT_FALSE((code).IsSuccess()) |
42 #define EXPECT_STATUS(expected, code) \ | 45 #define EXPECT_STATUS(expected, code) \ |
43 EXPECT_EQ(expected.ToString(), (code).ToString()) | 46 EXPECT_EQ(expected.ToString(), (code).ToString()) |
44 #define ASSERT_STATUS(expected, code) \ | 47 #define ASSERT_STATUS(expected, code) \ |
45 ASSERT_EQ(expected.ToString(), (code).ToString()) | 48 ASSERT_EQ(expected.ToString(), (code).ToString()) |
46 #define EXPECT_STATUS_SUCCESS(code) EXPECT_STATUS(Status::Success(), code) | 49 #define EXPECT_STATUS_SUCCESS(code) EXPECT_STATUS(Status::Success(), code) |
47 #define ASSERT_STATUS_SUCCESS(code) ASSERT_STATUS(Status::Success(), code) | 50 #define ASSERT_STATUS_SUCCESS(code) ASSERT_STATUS(Status::Success(), code) |
48 | 51 |
49 namespace content { | 52 namespace content { |
50 | 53 |
51 namespace webcrypto { | 54 namespace webcrypto { |
52 | 55 |
53 namespace { | 56 namespace { |
54 | 57 |
| 58 blink::WebCryptoAlgorithm CreateRsaKeyGenAlgorithm( |
| 59 blink::WebCryptoAlgorithmId algorithm_id, |
| 60 unsigned int modulus_length, |
| 61 const std::vector<uint8>& public_exponent) { |
| 62 DCHECK_EQ(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, algorithm_id); |
| 63 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( |
| 64 algorithm_id, |
| 65 new blink::WebCryptoRsaKeyGenParams( |
| 66 modulus_length, |
| 67 webcrypto::Uint8VectorStart(public_exponent), |
| 68 public_exponent.size())); |
| 69 } |
| 70 |
| 71 blink::WebCryptoAlgorithm CreateRsaHashedKeyGenAlgorithm( |
| 72 blink::WebCryptoAlgorithmId algorithm_id, |
| 73 const blink::WebCryptoAlgorithmId hash_id, |
| 74 unsigned int modulus_length, |
| 75 const std::vector<uint8>& public_exponent) { |
| 76 DCHECK(algorithm_id == blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 || |
| 77 algorithm_id == blink::WebCryptoAlgorithmIdRsaOaep); |
| 78 DCHECK(IsHashAlgorithm(hash_id)); |
| 79 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( |
| 80 algorithm_id, |
| 81 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM |
| 82 new blink::WebCryptoRsaHashedKeyGenParams( |
| 83 CreateAlgorithm(hash_id), |
| 84 #else |
| 85 new blink::WebCryptoRsaKeyGenParams( |
| 86 #endif |
| 87 modulus_length, |
| 88 webcrypto::Uint8VectorStart(public_exponent), |
| 89 public_exponent.size())); |
| 90 } |
| 91 |
| 92 // Creates an AES-CBC algorithm. |
| 93 blink::WebCryptoAlgorithm CreateAesCbcAlgorithm(const std::vector<uint8>& iv) { |
| 94 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( |
| 95 blink::WebCryptoAlgorithmIdAesCbc, |
| 96 new blink::WebCryptoAesCbcParams(Uint8VectorStart(iv), iv.size())); |
| 97 } |
| 98 |
| 99 // Creates and AES-GCM algorithm. |
| 100 blink::WebCryptoAlgorithm CreateAesGcmAlgorithm( |
| 101 const std::vector<uint8>& iv, |
| 102 const std::vector<uint8>& additional_data, |
| 103 unsigned int tag_length_bits) { |
| 104 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( |
| 105 blink::WebCryptoAlgorithmIdAesGcm, |
| 106 new blink::WebCryptoAesGcmParams(Uint8VectorStart(iv), |
| 107 iv.size(), |
| 108 true, |
| 109 Uint8VectorStart(additional_data), |
| 110 additional_data.size(), |
| 111 true, |
| 112 tag_length_bits)); |
| 113 } |
| 114 |
| 115 // Creates an HMAC algorithm whose parameters struct is compatible with key |
| 116 // generation. It is an error to call this with a hash_id that is not a SHA*. |
| 117 // The key_length_bytes parameter is optional, with zero meaning unspecified. |
| 118 blink::WebCryptoAlgorithm CreateHmacKeyGenAlgorithm( |
| 119 blink::WebCryptoAlgorithmId hash_id, |
| 120 unsigned int key_length_bytes) { |
| 121 DCHECK(IsHashAlgorithm(hash_id)); |
| 122 // key_length_bytes == 0 means unspecified |
| 123 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( |
| 124 blink::WebCryptoAlgorithmIdHmac, |
| 125 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM |
| 126 new blink::WebCryptoHmacKeyGenParams( |
| 127 #else |
| 128 new blink::WebCryptoHmacKeyParams( |
| 129 #endif |
| 130 CreateAlgorithm(hash_id), (key_length_bytes != 0), key_length_bytes)); |
| 131 } |
| 132 |
55 // Returns a slightly modified version of the input vector. | 133 // Returns a slightly modified version of the input vector. |
56 // | 134 // |
57 // - For non-empty inputs a single bit is inverted. | 135 // - For non-empty inputs a single bit is inverted. |
58 // - For empty inputs, a byte is added. | 136 // - For empty inputs, a byte is added. |
59 std::vector<uint8> Corrupted(const std::vector<uint8>& input) { | 137 std::vector<uint8> Corrupted(const std::vector<uint8>& input) { |
60 std::vector<uint8> corrupted_data(input); | 138 std::vector<uint8> corrupted_data(input); |
61 if (corrupted_data.empty()) | 139 if (corrupted_data.empty()) |
62 corrupted_data.push_back(0); | 140 corrupted_data.push_back(0); |
63 corrupted_data[corrupted_data.size() / 2] ^= 0x01; | 141 corrupted_data[corrupted_data.size() / 2] ^= 0x01; |
64 return corrupted_data; | 142 return corrupted_data; |
65 } | 143 } |
66 | 144 |
67 std::vector<uint8> HexStringToBytes(const std::string& hex) { | 145 std::vector<uint8> HexStringToBytes(const std::string& hex) { |
68 std::vector<uint8> bytes; | 146 std::vector<uint8> bytes; |
69 base::HexStringToBytes(hex, &bytes); | 147 base::HexStringToBytes(hex, &bytes); |
70 return bytes; | 148 return bytes; |
71 } | 149 } |
72 | 150 |
73 void ExpectArrayBufferMatches(const std::vector<uint8>& expected, | 151 void ExpectArrayBufferMatches(const std::vector<uint8>& expected, |
74 const blink::WebArrayBuffer& actual) { | 152 const blink::WebArrayBuffer& actual) { |
75 EXPECT_EQ( | 153 EXPECT_EQ( |
76 base::HexEncode(webcrypto::Uint8VectorStart(expected), expected.size()), | 154 base::HexEncode(webcrypto::Uint8VectorStart(expected), expected.size()), |
77 base::HexEncode(actual.data(), actual.byteLength())); | 155 base::HexEncode(actual.data(), actual.byteLength())); |
78 } | 156 } |
79 | 157 |
| 158 void ExpectCryptoDataMatchesHex(const std::string& expected_hex, |
| 159 const CryptoData& actual) { |
| 160 EXPECT_STRCASEEQ( |
| 161 expected_hex.c_str(), |
| 162 base::HexEncode(actual.bytes(), actual.byte_length()).c_str()); |
| 163 } |
| 164 |
80 void ExpectArrayBufferMatchesHex(const std::string& expected_hex, | 165 void ExpectArrayBufferMatchesHex(const std::string& expected_hex, |
81 const blink::WebArrayBuffer& array_buffer) { | 166 const blink::WebArrayBuffer& array_buffer) { |
82 EXPECT_STRCASEEQ( | 167 return ExpectCryptoDataMatchesHex(expected_hex, CryptoData(array_buffer)); |
83 expected_hex.c_str(), | |
84 base::HexEncode(array_buffer.data(), array_buffer.byteLength()).c_str()); | |
85 } | 168 } |
86 | 169 |
87 void ExpectVectorMatches(const std::vector<uint8>& expected, | 170 void ExpectVectorMatches(const std::vector<uint8>& expected, |
88 const std::vector<uint8>& actual) { | 171 const std::vector<uint8>& actual) { |
89 EXPECT_EQ( | 172 EXPECT_EQ( |
90 base::HexEncode(webcrypto::Uint8VectorStart(expected), expected.size()), | 173 base::HexEncode(webcrypto::Uint8VectorStart(expected), expected.size()), |
91 base::HexEncode(webcrypto::Uint8VectorStart(actual), actual.size())); | 174 base::HexEncode(webcrypto::Uint8VectorStart(actual), actual.size())); |
92 } | 175 } |
93 | 176 |
94 std::vector<uint8> MakeJsonVector(const std::string& json_string) { | 177 std::vector<uint8> MakeJsonVector(const std::string& json_string) { |
(...skipping 109 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
204 // dictionary to a good state | 287 // dictionary to a good state |
205 void RestoreJwkOctDictionary(base::DictionaryValue* dict) { | 288 void RestoreJwkOctDictionary(base::DictionaryValue* dict) { |
206 dict->Clear(); | 289 dict->Clear(); |
207 dict->SetString("kty", "oct"); | 290 dict->SetString("kty", "oct"); |
208 dict->SetString("alg", "A128CBC"); | 291 dict->SetString("alg", "A128CBC"); |
209 dict->SetString("use", "enc"); | 292 dict->SetString("use", "enc"); |
210 dict->SetBoolean("extractable", false); | 293 dict->SetBoolean("extractable", false); |
211 dict->SetString("k", "GADWrMRHwQfoNaXU5fZvTg=="); | 294 dict->SetString("k", "GADWrMRHwQfoNaXU5fZvTg=="); |
212 } | 295 } |
213 | 296 |
214 blink::WebCryptoAlgorithm CreateAesGcmAlgorithm( | |
215 const std::vector<uint8>& iv, | |
216 const std::vector<uint8>& additional_data, | |
217 unsigned int tag_length_bits) { | |
218 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( | |
219 blink::WebCryptoAlgorithmIdAesGcm, | |
220 new blink::WebCryptoAesGcmParams(Uint8VectorStart(iv), | |
221 iv.size(), | |
222 true, | |
223 Uint8VectorStart(additional_data), | |
224 additional_data.size(), | |
225 true, | |
226 tag_length_bits)); | |
227 } | |
228 | |
229 // Helper for ImportJwkRsaFailures. Restores the JWK JSON | 297 // Helper for ImportJwkRsaFailures. Restores the JWK JSON |
230 // dictionary to a good state | 298 // dictionary to a good state |
231 void RestoreJwkRsaDictionary(base::DictionaryValue* dict) { | 299 void RestoreJwkRsaDictionary(base::DictionaryValue* dict) { |
232 dict->Clear(); | 300 dict->Clear(); |
233 dict->SetString("kty", "RSA"); | 301 dict->SetString("kty", "RSA"); |
234 dict->SetString("alg", "RSA1_5"); | 302 dict->SetString("alg", "RSA1_5"); |
235 dict->SetString("use", "enc"); | 303 dict->SetString("use", "enc"); |
236 dict->SetBoolean("extractable", false); | 304 dict->SetBoolean("extractable", false); |
237 dict->SetString( | 305 dict->SetString( |
238 "n", | 306 "n", |
239 "qLOyhK-OtQs4cDSoYPFGxJGfMYdjzWxVmMiuSBGh4KvEx-CwgtaTpef87Wdc9GaFEncsDLxk" | 307 "qLOyhK-OtQs4cDSoYPFGxJGfMYdjzWxVmMiuSBGh4KvEx-CwgtaTpef87Wdc9GaFEncsDLxk" |
240 "p0LGxjD1M8jMcvYq6DPEC_JYQumEu3i9v5fAEH1VvbZi9cTg-rmEXLUUjvc5LdOq_5OuHmtm" | 308 "p0LGxjD1M8jMcvYq6DPEC_JYQumEu3i9v5fAEH1VvbZi9cTg-rmEXLUUjvc5LdOq_5OuHmtm" |
241 "e7PUJHYW1PW6ENTP0ibeiNOfFvs"); | 309 "e7PUJHYW1PW6ENTP0ibeiNOfFvs"); |
242 dict->SetString("e", "AQAB"); | 310 dict->SetString("e", "AQAB"); |
243 } | 311 } |
244 | 312 |
245 blink::WebCryptoAlgorithm CreateRsaAlgorithmWithInnerHash( | 313 blink::WebCryptoAlgorithm CreateRsaHashedImportAlgorithm( |
246 blink::WebCryptoAlgorithmId algorithm_id, | 314 blink::WebCryptoAlgorithmId algorithm_id, |
247 blink::WebCryptoAlgorithmId hash_id) { | 315 blink::WebCryptoAlgorithmId hash_id) { |
248 DCHECK(algorithm_id == blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 || | 316 DCHECK(algorithm_id == blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 || |
249 algorithm_id == blink::WebCryptoAlgorithmIdRsaOaep); | 317 algorithm_id == blink::WebCryptoAlgorithmIdRsaOaep); |
250 DCHECK(IsHashAlgorithm(hash_id)); | 318 DCHECK(IsHashAlgorithm(hash_id)); |
251 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( | 319 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( |
252 algorithm_id, new blink::WebCryptoRsaSsaParams(CreateAlgorithm(hash_id))); | 320 algorithm_id, |
| 321 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM |
| 322 new blink::WebCryptoRsaHashedImportParams(CreateAlgorithm(hash_id))); |
| 323 #else |
| 324 // Good enough for the tests. |
| 325 new blink::WebCryptoRsaSsaParams(CreateAlgorithm(hash_id))); |
| 326 #endif |
253 } | 327 } |
254 | 328 |
255 // Determines if two ArrayBuffers have identical content. | 329 // Determines if two ArrayBuffers have identical content. |
256 bool ArrayBuffersEqual(const blink::WebArrayBuffer& a, | 330 bool ArrayBuffersEqual(const blink::WebArrayBuffer& a, |
257 const blink::WebArrayBuffer& b) { | 331 const blink::WebArrayBuffer& b) { |
258 return a.byteLength() == b.byteLength() && | 332 return a.byteLength() == b.byteLength() && |
259 memcmp(a.data(), b.data(), a.byteLength()) == 0; | 333 memcmp(a.data(), b.data(), a.byteLength()) == 0; |
260 } | 334 } |
261 | 335 |
262 // Given a vector of WebArrayBuffers, determines if there are any copies. | 336 // Given a vector of WebArrayBuffers, determines if there are any copies. |
(...skipping 257 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
520 base::DictionaryValue* test; | 594 base::DictionaryValue* test; |
521 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); | 595 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); |
522 | 596 |
523 blink::WebCryptoAlgorithm test_hash = GetDigestAlgorithm(test, "hash"); | 597 blink::WebCryptoAlgorithm test_hash = GetDigestAlgorithm(test, "hash"); |
524 const std::vector<uint8> test_key = GetBytesFromHexString(test, "key"); | 598 const std::vector<uint8> test_key = GetBytesFromHexString(test, "key"); |
525 const std::vector<uint8> test_message = | 599 const std::vector<uint8> test_message = |
526 GetBytesFromHexString(test, "message"); | 600 GetBytesFromHexString(test, "message"); |
527 const std::vector<uint8> test_mac = GetBytesFromHexString(test, "mac"); | 601 const std::vector<uint8> test_mac = GetBytesFromHexString(test, "mac"); |
528 | 602 |
529 blink::WebCryptoAlgorithm algorithm = | 603 blink::WebCryptoAlgorithm algorithm = |
530 CreateHmacAlgorithmByHashId(test_hash.id()); | 604 CreateAlgorithm(blink::WebCryptoAlgorithmIdHmac); |
| 605 |
| 606 blink::WebCryptoAlgorithm importAlgorithm = |
| 607 CreateHmacImportAlgorithm(test_hash.id()); |
531 | 608 |
532 blink::WebCryptoKey key = ImportSecretKeyFromRaw( | 609 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
533 test_key, | 610 test_key, |
534 algorithm, | 611 importAlgorithm, |
535 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify); | 612 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify); |
536 | 613 |
| 614 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM |
| 615 EXPECT_EQ(test_hash.id(), key.algorithm().hmacParams()->hash().id()); |
| 616 #endif |
| 617 |
537 // Verify exported raw key is identical to the imported data | 618 // Verify exported raw key is identical to the imported data |
538 blink::WebArrayBuffer raw_key; | 619 blink::WebArrayBuffer raw_key; |
539 EXPECT_STATUS_SUCCESS( | 620 EXPECT_STATUS_SUCCESS( |
540 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 621 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
541 ExpectArrayBufferMatches(test_key, raw_key); | 622 ExpectArrayBufferMatches(test_key, raw_key); |
542 | 623 |
543 blink::WebArrayBuffer output; | 624 blink::WebArrayBuffer output; |
544 | 625 |
545 ASSERT_STATUS_SUCCESS( | 626 ASSERT_STATUS_SUCCESS( |
546 Sign(algorithm, key, CryptoData(test_message), &output)); | 627 Sign(algorithm, key, CryptoData(test_message), &output)); |
(...skipping 137 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
684 std::vector<uint8> test_plain_text = | 765 std::vector<uint8> test_plain_text = |
685 GetBytesFromHexString(test, "plain_text"); | 766 GetBytesFromHexString(test, "plain_text"); |
686 std::vector<uint8> test_cipher_text = | 767 std::vector<uint8> test_cipher_text = |
687 GetBytesFromHexString(test, "cipher_text"); | 768 GetBytesFromHexString(test, "cipher_text"); |
688 | 769 |
689 blink::WebCryptoKey key = ImportSecretKeyFromRaw( | 770 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
690 test_key, | 771 test_key, |
691 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 772 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
692 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); | 773 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); |
693 | 774 |
| 775 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM |
| 776 EXPECT_EQ(test_key.size() * 8, key.algorithm().aesParams()->lengthBits()); |
| 777 #endif |
| 778 |
694 // Verify exported raw key is identical to the imported data | 779 // Verify exported raw key is identical to the imported data |
695 blink::WebArrayBuffer raw_key; | 780 blink::WebArrayBuffer raw_key; |
696 EXPECT_STATUS_SUCCESS( | 781 EXPECT_STATUS_SUCCESS( |
697 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 782 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
698 ExpectArrayBufferMatches(test_key, raw_key); | 783 ExpectArrayBufferMatches(test_key, raw_key); |
699 | 784 |
700 blink::WebArrayBuffer output; | 785 blink::WebArrayBuffer output; |
701 | 786 |
702 // Test encryption. | 787 // Test encryption. |
703 EXPECT_STATUS(Status::Success(), | 788 EXPECT_STATUS(Status::Success(), |
(...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
758 for (size_t i = 0; i < algorithm.size(); ++i) { | 843 for (size_t i = 0; i < algorithm.size(); ++i) { |
759 SCOPED_TRACE(i); | 844 SCOPED_TRACE(i); |
760 // Generate a small sample of keys. | 845 // Generate a small sample of keys. |
761 keys.clear(); | 846 keys.clear(); |
762 for (int j = 0; j < 16; ++j) { | 847 for (int j = 0; j < 16; ++j) { |
763 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm[i], true, 0, &key)); | 848 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm[i], true, 0, &key)); |
764 EXPECT_TRUE(key.handle()); | 849 EXPECT_TRUE(key.handle()); |
765 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 850 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
766 ASSERT_STATUS_SUCCESS( | 851 ASSERT_STATUS_SUCCESS( |
767 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_bytes)); | 852 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_bytes)); |
| 853 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM |
| 854 EXPECT_EQ(key_bytes.byteLength() * 8, |
| 855 key.algorithm().aesParams()->lengthBits()); |
| 856 #endif |
768 keys.push_back(key_bytes); | 857 keys.push_back(key_bytes); |
769 } | 858 } |
770 // Ensure all entries in the key sample set are unique. This is a simplistic | 859 // Ensure all entries in the key sample set are unique. This is a simplistic |
771 // estimate of whether the generated keys appear random. | 860 // estimate of whether the generated keys appear random. |
772 EXPECT_FALSE(CopiesExist(keys)); | 861 EXPECT_FALSE(CopiesExist(keys)); |
773 } | 862 } |
774 } | 863 } |
775 | 864 |
776 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyAesBadLength)) { | 865 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyAesBadLength)) { |
777 const unsigned short kKeyLen[] = {0, 127, 257}; | 866 const unsigned short kKeyLen[] = {0, 127, 257}; |
(...skipping 18 matching lines...) Expand all Loading... |
796 for (int i = 0; i < 16; ++i) { | 885 for (int i = 0; i < 16; ++i) { |
797 blink::WebArrayBuffer key_bytes; | 886 blink::WebArrayBuffer key_bytes; |
798 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 887 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
799 blink::WebCryptoAlgorithm algorithm = | 888 blink::WebCryptoAlgorithm algorithm = |
800 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 64); | 889 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 64); |
801 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); | 890 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); |
802 EXPECT_FALSE(key.isNull()); | 891 EXPECT_FALSE(key.isNull()); |
803 EXPECT_TRUE(key.handle()); | 892 EXPECT_TRUE(key.handle()); |
804 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 893 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
805 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); | 894 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); |
| 895 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM |
| 896 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, |
| 897 key.algorithm().hmacParams()->hash().id()); |
| 898 #endif |
806 | 899 |
807 blink::WebArrayBuffer raw_key; | 900 blink::WebArrayBuffer raw_key; |
808 ASSERT_STATUS_SUCCESS( | 901 ASSERT_STATUS_SUCCESS( |
809 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 902 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
810 EXPECT_EQ(64U, raw_key.byteLength()); | 903 EXPECT_EQ(64U, raw_key.byteLength()); |
811 keys.push_back(raw_key); | 904 keys.push_back(raw_key); |
812 } | 905 } |
813 // Ensure all entries in the key sample set are unique. This is a simplistic | 906 // Ensure all entries in the key sample set are unique. This is a simplistic |
814 // estimate of whether the generated keys appear random. | 907 // estimate of whether the generated keys appear random. |
815 EXPECT_FALSE(CopiesExist(keys)); | 908 EXPECT_FALSE(CopiesExist(keys)); |
816 } | 909 } |
817 | 910 |
818 // If the key length is not provided, then the block size is used. | 911 // If the key length is not provided, then the block size is used. |
819 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyHmacNoLength)) { | 912 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyHmacNoLength)) { |
820 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 913 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
821 blink::WebCryptoAlgorithm algorithm = | 914 blink::WebCryptoAlgorithm algorithm = |
822 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 0); | 915 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 0); |
823 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); | 916 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); |
824 EXPECT_TRUE(key.handle()); | 917 EXPECT_TRUE(key.handle()); |
825 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 918 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
826 blink::WebArrayBuffer raw_key; | 919 blink::WebArrayBuffer raw_key; |
827 ASSERT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 920 ASSERT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
828 EXPECT_EQ(64U, raw_key.byteLength()); | 921 EXPECT_EQ(64U, raw_key.byteLength()); |
829 | 922 |
830 // The block size for HMAC SHA-512 is larger. | 923 // The block size for HMAC SHA-512 is larger. |
831 algorithm = CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha512, 0); | 924 algorithm = CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha512, 0); |
832 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); | 925 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); |
| 926 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM |
| 927 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha512, |
| 928 key.algorithm().hmacParams()->hash().id()); |
| 929 #endif |
833 ASSERT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 930 ASSERT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
834 EXPECT_EQ(128U, raw_key.byteLength()); | 931 EXPECT_EQ(128U, raw_key.byteLength()); |
835 } | 932 } |
836 | 933 |
837 TEST_F(SharedCryptoTest, MAYBE(ImportSecretKeyNoAlgorithm)) { | 934 TEST_F(SharedCryptoTest, MAYBE(ImportSecretKeyNoAlgorithm)) { |
838 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 935 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
839 | 936 |
840 // This fails because the algorithm is null. | 937 // This fails because the algorithm is null. |
841 EXPECT_STATUS(Status::ErrorMissingAlgorithmImportRawKey(), | 938 EXPECT_STATUS(Status::ErrorMissingAlgorithmImportRawKey(), |
842 ImportKey(blink::WebCryptoKeyFormatRaw, | 939 ImportKey(blink::WebCryptoKeyFormatRaw, |
(...skipping 199 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1042 } | 1139 } |
1043 | 1140 |
1044 TEST_F(SharedCryptoTest, MAYBE(ImportJwkInputConsistency)) { | 1141 TEST_F(SharedCryptoTest, MAYBE(ImportJwkInputConsistency)) { |
1045 // The Web Crypto spec says that if a JWK value is present, but is | 1142 // The Web Crypto spec says that if a JWK value is present, but is |
1046 // inconsistent with the input value, the operation must fail. | 1143 // inconsistent with the input value, the operation must fail. |
1047 | 1144 |
1048 // Consistency rules when JWK value is not present: Inputs should be used. | 1145 // Consistency rules when JWK value is not present: Inputs should be used. |
1049 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1146 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1050 bool extractable = false; | 1147 bool extractable = false; |
1051 blink::WebCryptoAlgorithm algorithm = | 1148 blink::WebCryptoAlgorithm algorithm = |
1052 CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256); | 1149 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256); |
1053 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageVerify; | 1150 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageVerify; |
1054 base::DictionaryValue dict; | 1151 base::DictionaryValue dict; |
1055 dict.SetString("kty", "oct"); | 1152 dict.SetString("kty", "oct"); |
1056 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); | 1153 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); |
1057 std::vector<uint8> json_vec = MakeJsonVector(dict); | 1154 std::vector<uint8> json_vec = MakeJsonVector(dict); |
1058 EXPECT_STATUS_SUCCESS(ImportKeyJwk( | 1155 EXPECT_STATUS_SUCCESS(ImportKeyJwk( |
1059 CryptoData(json_vec), algorithm, extractable, usage_mask, &key)); | 1156 CryptoData(json_vec), algorithm, extractable, usage_mask, &key)); |
1060 EXPECT_TRUE(key.handle()); | 1157 EXPECT_TRUE(key.handle()); |
1061 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 1158 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
1062 EXPECT_EQ(extractable, key.extractable()); | 1159 EXPECT_EQ(extractable, key.extractable()); |
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1106 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 1203 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
1107 extractable, | 1204 extractable, |
1108 usage_mask, | 1205 usage_mask, |
1109 &key)); | 1206 &key)); |
1110 | 1207 |
1111 // Fail: Input algorithm (HMAC SHA1) is inconsistent with JWK value | 1208 // Fail: Input algorithm (HMAC SHA1) is inconsistent with JWK value |
1112 // (HMAC SHA256). | 1209 // (HMAC SHA256). |
1113 EXPECT_STATUS( | 1210 EXPECT_STATUS( |
1114 Status::ErrorJwkAlgorithmInconsistent(), | 1211 Status::ErrorJwkAlgorithmInconsistent(), |
1115 ImportKeyJwk(CryptoData(json_vec), | 1212 ImportKeyJwk(CryptoData(json_vec), |
1116 CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha1), | 1213 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha1), |
1117 extractable, | 1214 extractable, |
1118 usage_mask, | 1215 usage_mask, |
1119 &key)); | 1216 &key)); |
1120 | 1217 |
1121 // Pass: JWK alg valid but input algorithm isNull: use JWK algorithm value. | 1218 // Pass: JWK alg valid but input algorithm isNull: use JWK algorithm value. |
1122 EXPECT_STATUS_SUCCESS(ImportKeyJwk(CryptoData(json_vec), | 1219 EXPECT_STATUS_SUCCESS(ImportKeyJwk(CryptoData(json_vec), |
1123 blink::WebCryptoAlgorithm::createNull(), | 1220 blink::WebCryptoAlgorithm::createNull(), |
1124 extractable, | 1221 extractable, |
1125 usage_mask, | 1222 usage_mask, |
1126 &key)); | 1223 &key)); |
1127 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); | 1224 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); |
1128 | 1225 |
1129 // Pass: JWK alg missing but input algorithm specified: use input value | 1226 // Pass: JWK alg missing but input algorithm specified: use input value |
1130 dict.Remove("alg", NULL); | 1227 dict.Remove("alg", NULL); |
1131 EXPECT_STATUS_SUCCESS(ImportKeyJwkFromDict( | 1228 EXPECT_STATUS_SUCCESS(ImportKeyJwkFromDict( |
1132 dict, | 1229 dict, |
1133 CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256), | 1230 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256), |
1134 extractable, | 1231 extractable, |
1135 usage_mask, | 1232 usage_mask, |
1136 &key)); | 1233 &key)); |
1137 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); | 1234 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); |
1138 dict.SetString("alg", "HS256"); | 1235 dict.SetString("alg", "HS256"); |
1139 | 1236 |
1140 // Fail: Input usage_mask (encrypt) is not a subset of the JWK value | 1237 // Fail: Input usage_mask (encrypt) is not a subset of the JWK value |
1141 // (sign|verify) | 1238 // (sign|verify) |
1142 EXPECT_STATUS(Status::ErrorJwkUsageInconsistent(), | 1239 EXPECT_STATUS(Status::ErrorJwkUsageInconsistent(), |
1143 ImportKeyJwk(CryptoData(json_vec), | 1240 ImportKeyJwk(CryptoData(json_vec), |
(...skipping 18 matching lines...) Expand all Loading... |
1162 } | 1259 } |
1163 | 1260 |
1164 TEST_F(SharedCryptoTest, MAYBE(ImportJwkHappy)) { | 1261 TEST_F(SharedCryptoTest, MAYBE(ImportJwkHappy)) { |
1165 | 1262 |
1166 // This test verifies the happy path of JWK import, including the application | 1263 // This test verifies the happy path of JWK import, including the application |
1167 // of the imported key material. | 1264 // of the imported key material. |
1168 | 1265 |
1169 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1266 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1170 bool extractable = false; | 1267 bool extractable = false; |
1171 blink::WebCryptoAlgorithm algorithm = | 1268 blink::WebCryptoAlgorithm algorithm = |
1172 CreateHmacAlgorithmByHashId(blink::WebCryptoAlgorithmIdSha256); | 1269 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256); |
1173 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageSign; | 1270 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageSign; |
1174 | 1271 |
1175 // Import a symmetric key JWK and HMAC-SHA256 sign() | 1272 // Import a symmetric key JWK and HMAC-SHA256 sign() |
1176 // Uses the first SHA256 test vector from the HMAC sample set above. | 1273 // Uses the first SHA256 test vector from the HMAC sample set above. |
1177 | 1274 |
1178 base::DictionaryValue dict; | 1275 base::DictionaryValue dict; |
1179 dict.SetString("kty", "oct"); | 1276 dict.SetString("kty", "oct"); |
1180 dict.SetString("alg", "HS256"); | 1277 dict.SetString("alg", "HS256"); |
1181 dict.SetString("use", "sig"); | 1278 dict.SetString("use", "sig"); |
1182 dict.SetBoolean("extractable", false); | 1279 dict.SetBoolean("extractable", false); |
1183 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); | 1280 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); |
1184 | 1281 |
1185 ASSERT_STATUS_SUCCESS( | 1282 ASSERT_STATUS_SUCCESS( |
1186 ImportKeyJwkFromDict(dict, algorithm, extractable, usage_mask, &key)); | 1283 ImportKeyJwkFromDict(dict, algorithm, extractable, usage_mask, &key)); |
1187 | 1284 |
| 1285 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM |
| 1286 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, |
| 1287 key.algorithm().hmacParams()->hash().id()); |
| 1288 #endif |
| 1289 |
1188 const std::vector<uint8> message_raw = HexStringToBytes( | 1290 const std::vector<uint8> message_raw = HexStringToBytes( |
1189 "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a" | 1291 "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a" |
1190 "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92" | 1292 "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92" |
1191 "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f" | 1293 "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f" |
1192 "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e"); | 1294 "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e"); |
1193 | 1295 |
1194 blink::WebArrayBuffer output; | 1296 blink::WebArrayBuffer output; |
1195 | 1297 |
1196 ASSERT_STATUS_SUCCESS(Sign(algorithm, key, CryptoData(message_raw), &output)); | 1298 ASSERT_STATUS_SUCCESS(Sign(CreateAlgorithm(blink::WebCryptoAlgorithmIdHmac), |
| 1299 key, |
| 1300 CryptoData(message_raw), |
| 1301 &output)); |
1197 | 1302 |
1198 const std::string mac_raw = | 1303 const std::string mac_raw = |
1199 "769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b"; | 1304 "769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b"; |
1200 | 1305 |
1201 ExpectArrayBufferMatchesHex(mac_raw, output); | 1306 ExpectArrayBufferMatchesHex(mac_raw, output); |
1202 | 1307 |
1203 // TODO(padolph): Import an RSA public key JWK and use it | 1308 // TODO(padolph): Import an RSA public key JWK and use it |
1204 } | 1309 } |
1205 | 1310 |
1206 TEST_F(SharedCryptoTest, MAYBE(ImportExportSpki)) { | 1311 TEST_F(SharedCryptoTest, MAYBE(ImportExportSpki)) { |
1207 // Passing case: Import a valid RSA key in SPKI format. | 1312 // Passing case: Import a valid RSA key in SPKI format. |
1208 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1313 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1209 ASSERT_STATUS_SUCCESS( | 1314 ASSERT_STATUS_SUCCESS( |
1210 ImportKey(blink::WebCryptoKeyFormatSpki, | 1315 ImportKey(blink::WebCryptoKeyFormatSpki, |
1211 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), | 1316 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), |
1212 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 1317 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1213 true, | 1318 true, |
1214 blink::WebCryptoKeyUsageEncrypt, | 1319 blink::WebCryptoKeyUsageEncrypt, |
1215 &key)); | 1320 &key)); |
1216 EXPECT_TRUE(key.handle()); | 1321 EXPECT_TRUE(key.handle()); |
1217 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); | 1322 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); |
1218 EXPECT_TRUE(key.extractable()); | 1323 EXPECT_TRUE(key.extractable()); |
1219 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); | 1324 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); |
| 1325 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM |
| 1326 EXPECT_EQ(kModulusLength, key.algorithm().rsaParams()->modulusLengthBits()); |
| 1327 ExpectCryptoDataMatchesHex( |
| 1328 "010001", CryptoData(key.algorithm().rsaParams()->publicExponent())); |
| 1329 #endif |
1220 | 1330 |
1221 // Failing case: Empty SPKI data | 1331 // Failing case: Empty SPKI data |
1222 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), | 1332 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), |
1223 ImportKey(blink::WebCryptoKeyFormatSpki, | 1333 ImportKey(blink::WebCryptoKeyFormatSpki, |
1224 CryptoData(std::vector<uint8>()), | 1334 CryptoData(std::vector<uint8>()), |
1225 blink::WebCryptoAlgorithm::createNull(), | 1335 blink::WebCryptoAlgorithm::createNull(), |
1226 true, | 1336 true, |
1227 blink::WebCryptoKeyUsageEncrypt, | 1337 blink::WebCryptoKeyUsageEncrypt, |
1228 &key)); | 1338 &key)); |
1229 | 1339 |
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1278 &key)); | 1388 &key)); |
1279 EXPECT_TRUE(key.handle()); | 1389 EXPECT_TRUE(key.handle()); |
1280 EXPECT_FALSE(key.extractable()); | 1390 EXPECT_FALSE(key.extractable()); |
1281 EXPECT_STATUS(Status::ErrorKeyNotExtractable(), | 1391 EXPECT_STATUS(Status::ErrorKeyNotExtractable(), |
1282 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); | 1392 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); |
1283 } | 1393 } |
1284 | 1394 |
1285 TEST_F(SharedCryptoTest, MAYBE(ImportPkcs8)) { | 1395 TEST_F(SharedCryptoTest, MAYBE(ImportPkcs8)) { |
1286 // Passing case: Import a valid RSA key in PKCS#8 format. | 1396 // Passing case: Import a valid RSA key in PKCS#8 format. |
1287 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1397 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1288 ASSERT_STATUS_SUCCESS( | 1398 ASSERT_STATUS_SUCCESS(ImportKey( |
1289 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 1399 blink::WebCryptoKeyFormatPkcs8, |
1290 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), | 1400 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), |
1291 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), | 1401 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
1292 true, | 1402 blink::WebCryptoAlgorithmIdSha1), |
1293 blink::WebCryptoKeyUsageSign, | 1403 true, |
1294 &key)); | 1404 blink::WebCryptoKeyUsageSign, |
| 1405 &key)); |
1295 EXPECT_TRUE(key.handle()); | 1406 EXPECT_TRUE(key.handle()); |
1296 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, key.type()); | 1407 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, key.type()); |
1297 EXPECT_TRUE(key.extractable()); | 1408 EXPECT_TRUE(key.extractable()); |
1298 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages()); | 1409 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages()); |
| 1410 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM |
| 1411 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, |
| 1412 key.algorithm().rsaHashedParams()->hash().id()); |
| 1413 EXPECT_EQ(kModulusLength, |
| 1414 key.algorithm().rsaHashedParams()->modulusLengthBits()); |
| 1415 ExpectCryptoDataMatchesHex( |
| 1416 "010001", |
| 1417 CryptoData(key.algorithm().rsaHashedParams()->publicExponent())); |
| 1418 #endif |
1299 | 1419 |
1300 // Failing case: Empty PKCS#8 data | 1420 // Failing case: Empty PKCS#8 data |
1301 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), | 1421 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), |
1302 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 1422 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
1303 CryptoData(std::vector<uint8>()), | 1423 CryptoData(std::vector<uint8>()), |
1304 blink::WebCryptoAlgorithm::createNull(), | 1424 blink::WebCryptoAlgorithm::createNull(), |
1305 true, | 1425 true, |
1306 blink::WebCryptoKeyUsageSign, | 1426 blink::WebCryptoKeyUsageSign, |
1307 &key)); | 1427 &key)); |
1308 | 1428 |
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1344 const unsigned int modulus_length = 256; | 1464 const unsigned int modulus_length = 256; |
1345 const std::vector<uint8> public_exponent = HexStringToBytes("010001"); | 1465 const std::vector<uint8> public_exponent = HexStringToBytes("010001"); |
1346 blink::WebCryptoAlgorithm algorithm = | 1466 blink::WebCryptoAlgorithm algorithm = |
1347 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | 1467 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
1348 modulus_length, | 1468 modulus_length, |
1349 public_exponent); | 1469 public_exponent); |
1350 bool extractable = false; | 1470 bool extractable = false; |
1351 const blink::WebCryptoKeyUsageMask usage_mask = 0; | 1471 const blink::WebCryptoKeyUsageMask usage_mask = 0; |
1352 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1472 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
1353 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 1473 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
1354 EXPECT_STATUS_SUCCESS(GenerateKeyPair( | 1474 ASSERT_STATUS_SUCCESS(GenerateKeyPair( |
1355 algorithm, extractable, usage_mask, &public_key, &private_key)); | 1475 algorithm, extractable, usage_mask, &public_key, &private_key)); |
1356 EXPECT_FALSE(public_key.isNull()); | 1476 EXPECT_FALSE(public_key.isNull()); |
1357 EXPECT_FALSE(private_key.isNull()); | 1477 EXPECT_FALSE(private_key.isNull()); |
1358 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 1478 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
1359 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 1479 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
1360 EXPECT_TRUE(public_key.extractable()); | 1480 EXPECT_TRUE(public_key.extractable()); |
1361 EXPECT_EQ(extractable, private_key.extractable()); | 1481 EXPECT_EQ(extractable, private_key.extractable()); |
1362 EXPECT_EQ(usage_mask, public_key.usages()); | 1482 EXPECT_EQ(usage_mask, public_key.usages()); |
1363 EXPECT_EQ(usage_mask, private_key.usages()); | 1483 EXPECT_EQ(usage_mask, private_key.usages()); |
1364 | 1484 |
(...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1415 EXPECT_FALSE(public_key.isNull()); | 1535 EXPECT_FALSE(public_key.isNull()); |
1416 EXPECT_FALSE(private_key.isNull()); | 1536 EXPECT_FALSE(private_key.isNull()); |
1417 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 1537 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
1418 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 1538 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
1419 EXPECT_TRUE(public_key.extractable()); | 1539 EXPECT_TRUE(public_key.extractable()); |
1420 EXPECT_EQ(extractable, private_key.extractable()); | 1540 EXPECT_EQ(extractable, private_key.extractable()); |
1421 EXPECT_EQ(usage_mask, public_key.usages()); | 1541 EXPECT_EQ(usage_mask, public_key.usages()); |
1422 EXPECT_EQ(usage_mask, private_key.usages()); | 1542 EXPECT_EQ(usage_mask, private_key.usages()); |
1423 | 1543 |
1424 // Successful WebCryptoAlgorithmIdRsaOaep key generation. | 1544 // Successful WebCryptoAlgorithmIdRsaOaep key generation. |
1425 algorithm = CreateRsaKeyGenAlgorithm( | 1545 algorithm = CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaOaep, |
1426 blink::WebCryptoAlgorithmIdRsaOaep, modulus_length, public_exponent); | 1546 blink::WebCryptoAlgorithmIdSha256, |
| 1547 modulus_length, |
| 1548 public_exponent); |
1427 EXPECT_STATUS_SUCCESS(GenerateKeyPair( | 1549 EXPECT_STATUS_SUCCESS(GenerateKeyPair( |
1428 algorithm, extractable, usage_mask, &public_key, &private_key)); | 1550 algorithm, extractable, usage_mask, &public_key, &private_key)); |
1429 EXPECT_FALSE(public_key.isNull()); | 1551 EXPECT_FALSE(public_key.isNull()); |
1430 EXPECT_FALSE(private_key.isNull()); | 1552 EXPECT_FALSE(private_key.isNull()); |
1431 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 1553 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
1432 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 1554 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
| 1555 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM |
| 1556 EXPECT_EQ(modulus_length, |
| 1557 public_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
| 1558 EXPECT_EQ(modulus_length, |
| 1559 private_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
| 1560 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, |
| 1561 public_key.algorithm().rsaHashedParams()->hash().id()); |
| 1562 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, |
| 1563 private_key.algorithm().rsaHashedParams()->hash().id()); |
| 1564 #endif |
1433 EXPECT_TRUE(public_key.extractable()); | 1565 EXPECT_TRUE(public_key.extractable()); |
1434 EXPECT_EQ(extractable, private_key.extractable()); | 1566 EXPECT_EQ(extractable, private_key.extractable()); |
1435 EXPECT_EQ(usage_mask, public_key.usages()); | 1567 EXPECT_EQ(usage_mask, public_key.usages()); |
1436 EXPECT_EQ(usage_mask, private_key.usages()); | 1568 EXPECT_EQ(usage_mask, private_key.usages()); |
1437 | 1569 |
1438 // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation. | 1570 // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation. |
1439 algorithm = | 1571 algorithm = |
1440 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1572 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
1441 modulus_length, | 1573 blink::WebCryptoAlgorithmIdSha1, |
1442 public_exponent); | 1574 modulus_length, |
| 1575 public_exponent); |
1443 EXPECT_STATUS_SUCCESS( | 1576 EXPECT_STATUS_SUCCESS( |
1444 GenerateKeyPair(algorithm, false, usage_mask, &public_key, &private_key)); | 1577 GenerateKeyPair(algorithm, false, usage_mask, &public_key, &private_key)); |
1445 EXPECT_FALSE(public_key.isNull()); | 1578 EXPECT_FALSE(public_key.isNull()); |
1446 EXPECT_FALSE(private_key.isNull()); | 1579 EXPECT_FALSE(private_key.isNull()); |
1447 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 1580 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
1448 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 1581 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
| 1582 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM |
| 1583 EXPECT_EQ(modulus_length, |
| 1584 public_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
| 1585 EXPECT_EQ(modulus_length, |
| 1586 private_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
| 1587 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, |
| 1588 public_key.algorithm().rsaHashedParams()->hash().id()); |
| 1589 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, |
| 1590 private_key.algorithm().rsaHashedParams()->hash().id()); |
| 1591 #endif |
1449 // Even though "extractable" was set to false, the public key remains | 1592 // Even though "extractable" was set to false, the public key remains |
1450 // extractable. | 1593 // extractable. |
1451 EXPECT_TRUE(public_key.extractable()); | 1594 EXPECT_TRUE(public_key.extractable()); |
1452 EXPECT_FALSE(private_key.extractable()); | 1595 EXPECT_FALSE(private_key.extractable()); |
1453 EXPECT_EQ(usage_mask, public_key.usages()); | 1596 EXPECT_EQ(usage_mask, public_key.usages()); |
1454 EXPECT_EQ(usage_mask, private_key.usages()); | 1597 EXPECT_EQ(usage_mask, private_key.usages()); |
1455 | 1598 |
1456 // Exporting a private key as SPKI format doesn't make sense. However this | 1599 // Exporting a private key as SPKI format doesn't make sense. However this |
1457 // will first fail because the key is not extractable. | 1600 // will first fail because the key is not extractable. |
1458 blink::WebArrayBuffer output; | 1601 blink::WebArrayBuffer output; |
(...skipping 177 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1636 // consider? | 1779 // consider? |
1637 | 1780 |
1638 // Do a successful decrypt with good data just for confirmation. | 1781 // Do a successful decrypt with good data just for confirmation. |
1639 EXPECT_STATUS_SUCCESS(Decrypt( | 1782 EXPECT_STATUS_SUCCESS(Decrypt( |
1640 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data)); | 1783 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data)); |
1641 ExpectArrayBufferMatchesHex(message_hex_str, decrypted_data); | 1784 ExpectArrayBufferMatchesHex(message_hex_str, decrypted_data); |
1642 } | 1785 } |
1643 | 1786 |
1644 TEST_F(SharedCryptoTest, MAYBE(RsaSsaSignVerifyFailures)) { | 1787 TEST_F(SharedCryptoTest, MAYBE(RsaSsaSignVerifyFailures)) { |
1645 // Import a key pair. | 1788 // Import a key pair. |
1646 blink::WebCryptoAlgorithm algorithm = CreateRsaAlgorithmWithInnerHash( | 1789 blink::WebCryptoKeyUsageMask usage_mask = |
1647 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1790 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify; |
1648 blink::WebCryptoAlgorithmIdSha1); | 1791 blink::WebCryptoAlgorithm importAlgorithm = |
| 1792 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 1793 blink::WebCryptoAlgorithmIdSha1); |
1649 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1794 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
1650 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 1795 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
1651 ImportRsaKeyPair( | 1796 ImportRsaKeyPair(HexStringToBytes(kPublicKeySpkiDerHex), |
1652 HexStringToBytes(kPublicKeySpkiDerHex), | 1797 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
1653 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 1798 importAlgorithm, |
1654 algorithm, | 1799 false, |
1655 false, | 1800 usage_mask, |
1656 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, | 1801 &public_key, |
1657 &public_key, | 1802 &private_key); |
1658 &private_key); | 1803 |
| 1804 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM |
| 1805 blink::WebCryptoAlgorithm algorithm = |
| 1806 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5); |
| 1807 #else |
| 1808 blink::WebCryptoAlgorithm algorithm = importAlgorithm; |
| 1809 #endif |
1659 | 1810 |
1660 blink::WebArrayBuffer signature; | 1811 blink::WebArrayBuffer signature; |
1661 bool signature_match; | 1812 bool signature_match; |
1662 | 1813 |
1663 // Compute a signature. | 1814 // Compute a signature. |
1664 const std::vector<uint8> data = HexStringToBytes("010203040506070809"); | 1815 const std::vector<uint8> data = HexStringToBytes("010203040506070809"); |
1665 ASSERT_STATUS_SUCCESS( | 1816 ASSERT_STATUS_SUCCESS( |
1666 Sign(algorithm, private_key, CryptoData(data), &signature)); | 1817 Sign(algorithm, private_key, CryptoData(data), &signature)); |
1667 | 1818 |
1668 // Ensure truncated signature does not verify by passing one less byte. | 1819 // Ensure truncated signature does not verify by passing one less byte. |
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1711 CryptoData(signature), | 1862 CryptoData(signature), |
1712 CryptoData(data), | 1863 CryptoData(data), |
1713 &signature_match)); | 1864 &signature_match)); |
1714 | 1865 |
1715 // Ensure that signing using a public key, rather than a private key, fails. | 1866 // Ensure that signing using a public key, rather than a private key, fails. |
1716 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 1867 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), |
1717 Sign(algorithm, public_key, CryptoData(data), &signature)); | 1868 Sign(algorithm, public_key, CryptoData(data), &signature)); |
1718 | 1869 |
1719 // Ensure that signing and verifying with an incompatible algorithm fails. | 1870 // Ensure that signing and verifying with an incompatible algorithm fails. |
1720 algorithm = CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 1871 algorithm = CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
| 1872 |
1721 EXPECT_STATUS(Status::ErrorUnexpected(), | 1873 EXPECT_STATUS(Status::ErrorUnexpected(), |
1722 Sign(algorithm, private_key, CryptoData(data), &signature)); | 1874 Sign(algorithm, private_key, CryptoData(data), &signature)); |
1723 EXPECT_STATUS(Status::ErrorUnexpected(), | 1875 EXPECT_STATUS(Status::ErrorUnexpected(), |
1724 VerifySignature(algorithm, | 1876 VerifySignature(algorithm, |
1725 public_key, | 1877 public_key, |
1726 CryptoData(signature), | 1878 CryptoData(signature), |
1727 CryptoData(data), | 1879 CryptoData(data), |
1728 &signature_match)); | 1880 &signature_match)); |
1729 | 1881 |
| 1882 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM |
1730 // Some crypto libraries (NSS) can automatically select the RSA SSA inner hash | 1883 // Some crypto libraries (NSS) can automatically select the RSA SSA inner hash |
1731 // based solely on the contents of the input signature data. In the Web Crypto | 1884 // based solely on the contents of the input signature data. In the Web Crypto |
1732 // implementation, the inner hash should be specified uniquely by the input | 1885 // implementation, the inner hash should be specified uniquely by the key |
1733 // algorithm parameter. To validate this behavior, call Verify with a computed | 1886 // algorithm parameter. To validate this behavior, call Verify with a computed |
1734 // signature that used one hash type (SHA-1), but pass in an algorithm with a | 1887 // signature that used one hash type (SHA-1), but pass in a key with a |
1735 // different inner hash type (SHA-256). If the hash type is determined by the | 1888 // different inner hash type (SHA-256). If the hash type is determined by the |
1736 // signature itself (undesired), the verify will pass, while if the hash type | 1889 // signature itself (undesired), the verify will pass, while if the hash type |
1737 // is specified by the input algorithm (desired), the verify will fail. | 1890 // is specified by the key algorithm (desired), the verify will fail. |
1738 | 1891 |
1739 // Compute a signature using SHA-1 as the inner hash. | 1892 // Compute a signature using SHA-1 as the inner hash. |
1740 EXPECT_STATUS_SUCCESS(Sign(CreateRsaAlgorithmWithInnerHash( | 1893 EXPECT_STATUS_SUCCESS( |
1741 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1894 Sign(CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), |
1742 blink::WebCryptoAlgorithmIdSha1), | 1895 private_key, |
1743 private_key, | 1896 CryptoData(data), |
1744 CryptoData(data), | 1897 &signature)); |
1745 &signature)); | 1898 |
| 1899 blink::WebCryptoKey public_key_256 = blink::WebCryptoKey::createNull(); |
| 1900 EXPECT_STATUS_SUCCESS(ImportKey( |
| 1901 blink::WebCryptoKeyFormatSpki, |
| 1902 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), |
| 1903 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 1904 blink::WebCryptoAlgorithmIdSha256), |
| 1905 true, |
| 1906 usage_mask, |
| 1907 &public_key_256)); |
1746 | 1908 |
1747 // Now verify using an algorithm whose inner hash is SHA-256, not SHA-1. The | 1909 // Now verify using an algorithm whose inner hash is SHA-256, not SHA-1. The |
1748 // signature should not verify. | 1910 // signature should not verify. |
1749 // NOTE: public_key was produced by generateKey, and so its associated | 1911 // NOTE: public_key was produced by generateKey, and so its associated |
1750 // algorithm has WebCryptoRsaKeyGenParams and not WebCryptoRsaSsaParams. Thus | 1912 // algorithm has WebCryptoRsaKeyGenParams and not WebCryptoRsaSsaParams. Thus |
1751 // it has no inner hash to conflict with the input algorithm. | 1913 // it has no inner hash to conflict with the input algorithm. |
| 1914 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, |
| 1915 private_key.algorithm().rsaHashedParams()->hash().id()); |
| 1916 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, |
| 1917 public_key_256.algorithm().rsaHashedParams()->hash().id()); |
| 1918 |
1752 bool is_match; | 1919 bool is_match; |
1753 EXPECT_STATUS_SUCCESS( | 1920 EXPECT_STATUS_SUCCESS(VerifySignature( |
1754 VerifySignature(CreateRsaAlgorithmWithInnerHash( | 1921 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), |
1755 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1922 public_key_256, |
1756 blink::WebCryptoAlgorithmIdSha256), | 1923 CryptoData(signature), |
1757 public_key, | 1924 CryptoData(data), |
1758 CryptoData(signature), | 1925 &is_match)); |
1759 CryptoData(data), | |
1760 &is_match)); | |
1761 EXPECT_FALSE(is_match); | 1926 EXPECT_FALSE(is_match); |
| 1927 #endif |
1762 } | 1928 } |
1763 | 1929 |
1764 TEST_F(SharedCryptoTest, MAYBE(RsaSignVerifyKnownAnswer)) { | 1930 TEST_F(SharedCryptoTest, MAYBE(RsaSignVerifyKnownAnswer)) { |
1765 scoped_ptr<base::ListValue> tests; | 1931 scoped_ptr<base::ListValue> tests; |
1766 ASSERT_TRUE(ReadJsonTestFileToList("pkcs1v15_sign.json", &tests)); | 1932 ASSERT_TRUE(ReadJsonTestFileToList("pkcs1v15_sign.json", &tests)); |
1767 | 1933 |
1768 // Import the key pair. | 1934 // Import the key pair. |
1769 blink::WebCryptoAlgorithm algorithm = CreateRsaAlgorithmWithInnerHash( | 1935 blink::WebCryptoAlgorithm importAlgorithm = |
1770 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1936 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
1771 blink::WebCryptoAlgorithmIdSha1); | 1937 blink::WebCryptoAlgorithmIdSha1); |
1772 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1938 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
1773 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 1939 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
1774 ImportRsaKeyPair( | 1940 ImportRsaKeyPair( |
1775 HexStringToBytes(kPublicKeySpkiDerHex), | 1941 HexStringToBytes(kPublicKeySpkiDerHex), |
1776 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 1942 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
1777 algorithm, | 1943 importAlgorithm, |
1778 false, | 1944 false, |
1779 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, | 1945 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, |
1780 &public_key, | 1946 &public_key, |
1781 &private_key); | 1947 &private_key); |
1782 | 1948 |
| 1949 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM |
| 1950 blink::WebCryptoAlgorithm algorithm = |
| 1951 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5); |
| 1952 #else |
| 1953 const blink::WebCryptoAlgorithm& algorithm = importAlgorithm; |
| 1954 #endif |
| 1955 |
1783 // Validate the signatures are computed and verified as expected. | 1956 // Validate the signatures are computed and verified as expected. |
1784 blink::WebArrayBuffer signature; | 1957 blink::WebArrayBuffer signature; |
1785 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { | 1958 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { |
1786 SCOPED_TRACE(test_index); | 1959 SCOPED_TRACE(test_index); |
1787 | 1960 |
1788 base::DictionaryValue* test; | 1961 base::DictionaryValue* test; |
1789 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); | 1962 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); |
1790 | 1963 |
1791 std::vector<uint8> test_message = | 1964 std::vector<uint8> test_message = |
1792 GetBytesFromHexString(test, "message_hex"); | 1965 GetBytesFromHexString(test, "message_hex"); |
(...skipping 215 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2008 test_cipher_text, | 2181 test_cipher_text, |
2009 test_authentication_tag, | 2182 test_authentication_tag, |
2010 &plain_text)); | 2183 &plain_text)); |
2011 } | 2184 } |
2012 } | 2185 } |
2013 } | 2186 } |
2014 | 2187 |
2015 } // namespace webcrypto | 2188 } // namespace webcrypto |
2016 | 2189 |
2017 } // namespace content | 2190 } // namespace content |
OLD | NEW |