OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/child/webcrypto/shared_crypto.h" | 5 #include "content/child/webcrypto/shared_crypto.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
(...skipping 344 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
355 blink::WebCryptoAlgorithm CreateAesKwKeyGenAlgorithm( | 355 blink::WebCryptoAlgorithm CreateAesKwKeyGenAlgorithm( |
356 unsigned short key_length_bits) { | 356 unsigned short key_length_bits) { |
357 return CreateAesKeyGenAlgorithm(blink::WebCryptoAlgorithmIdAesKw, | 357 return CreateAesKeyGenAlgorithm(blink::WebCryptoAlgorithmIdAesKw, |
358 key_length_bits); | 358 key_length_bits); |
359 } | 359 } |
360 | 360 |
361 // The following key pair is comprised of the SPKI (public key) and PKCS#8 | 361 // The following key pair is comprised of the SPKI (public key) and PKCS#8 |
362 // (private key) representations of the key pair provided in Example 1 of the | 362 // (private key) representations of the key pair provided in Example 1 of the |
363 // NIST test vectors at | 363 // NIST test vectors at |
364 // ftp://ftp.rsa.com/pub/rsalabs/tmp/pkcs1v15sign-vectors.txt | 364 // ftp://ftp.rsa.com/pub/rsalabs/tmp/pkcs1v15sign-vectors.txt |
365 const unsigned int kModulusLength = 1024; | 365 const unsigned int kModulusLengthBits = 1024; |
366 const char* const kPublicKeySpkiDerHex = | 366 const char* const kPublicKeySpkiDerHex = |
367 "30819f300d06092a864886f70d010101050003818d0030818902818100a5" | 367 "30819f300d06092a864886f70d010101050003818d0030818902818100a5" |
368 "6e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad9" | 368 "6e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad9" |
369 "91d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfc" | 369 "91d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfc" |
370 "e0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e" | 370 "e0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e" |
371 "6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cf" | 371 "6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cf" |
372 "fb2249bd9a21370203010001"; | 372 "fb2249bd9a21370203010001"; |
373 const char* const kPrivateKeyPkcs8DerHex = | 373 const char* const kPrivateKeyPkcs8DerHex = |
374 "30820275020100300d06092a864886f70d01010105000482025f3082025b" | 374 "30820275020100300d06092a864886f70d01010105000482025f3082025b" |
375 "02010002818100a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52" | 375 "02010002818100a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52" |
(...skipping 916 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1292 ImportKey(blink::WebCryptoKeyFormatSpki, | 1292 ImportKey(blink::WebCryptoKeyFormatSpki, |
1293 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), | 1293 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), |
1294 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 1294 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1295 true, | 1295 true, |
1296 blink::WebCryptoKeyUsageEncrypt, | 1296 blink::WebCryptoKeyUsageEncrypt, |
1297 &key)); | 1297 &key)); |
1298 EXPECT_TRUE(key.handle()); | 1298 EXPECT_TRUE(key.handle()); |
1299 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); | 1299 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); |
1300 EXPECT_TRUE(key.extractable()); | 1300 EXPECT_TRUE(key.extractable()); |
1301 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); | 1301 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); |
1302 EXPECT_EQ(kModulusLength, key.algorithm().rsaParams()->modulusLengthBits()); | 1302 EXPECT_EQ(kModulusLengthBits, |
| 1303 key.algorithm().rsaParams()->modulusLengthBits()); |
1303 ExpectCryptoDataMatchesHex( | 1304 ExpectCryptoDataMatchesHex( |
1304 "010001", CryptoData(key.algorithm().rsaParams()->publicExponent())); | 1305 "010001", CryptoData(key.algorithm().rsaParams()->publicExponent())); |
1305 | 1306 |
1306 // Failing case: Empty SPKI data | 1307 // Failing case: Empty SPKI data |
1307 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), | 1308 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), |
1308 ImportKey(blink::WebCryptoKeyFormatSpki, | 1309 ImportKey(blink::WebCryptoKeyFormatSpki, |
1309 CryptoData(std::vector<uint8>()), | 1310 CryptoData(std::vector<uint8>()), |
1310 blink::WebCryptoAlgorithm::createNull(), | 1311 blink::WebCryptoAlgorithm::createNull(), |
1311 true, | 1312 true, |
1312 blink::WebCryptoKeyUsageEncrypt, | 1313 blink::WebCryptoKeyUsageEncrypt, |
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1377 blink::WebCryptoAlgorithmIdSha1), | 1378 blink::WebCryptoAlgorithmIdSha1), |
1378 true, | 1379 true, |
1379 blink::WebCryptoKeyUsageSign, | 1380 blink::WebCryptoKeyUsageSign, |
1380 &key)); | 1381 &key)); |
1381 EXPECT_TRUE(key.handle()); | 1382 EXPECT_TRUE(key.handle()); |
1382 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, key.type()); | 1383 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, key.type()); |
1383 EXPECT_TRUE(key.extractable()); | 1384 EXPECT_TRUE(key.extractable()); |
1384 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages()); | 1385 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages()); |
1385 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, | 1386 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, |
1386 key.algorithm().rsaHashedParams()->hash().id()); | 1387 key.algorithm().rsaHashedParams()->hash().id()); |
1387 EXPECT_EQ(kModulusLength, | 1388 EXPECT_EQ(kModulusLengthBits, |
1388 key.algorithm().rsaHashedParams()->modulusLengthBits()); | 1389 key.algorithm().rsaHashedParams()->modulusLengthBits()); |
1389 ExpectCryptoDataMatchesHex( | 1390 ExpectCryptoDataMatchesHex( |
1390 "010001", | 1391 "010001", |
1391 CryptoData(key.algorithm().rsaHashedParams()->publicExponent())); | 1392 CryptoData(key.algorithm().rsaHashedParams()->publicExponent())); |
1392 | 1393 |
1393 // Failing case: Empty PKCS#8 data | 1394 // Failing case: Empty PKCS#8 data |
1394 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), | 1395 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), |
1395 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 1396 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
1396 CryptoData(std::vector<uint8>()), | 1397 CryptoData(std::vector<uint8>()), |
1397 blink::WebCryptoAlgorithm::createNull(), | 1398 blink::WebCryptoAlgorithm::createNull(), |
(...skipping 191 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1589 HexStringToBytes(kPublicKeySpkiDerHex), | 1590 HexStringToBytes(kPublicKeySpkiDerHex), |
1590 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 1591 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
1591 algorithm, | 1592 algorithm, |
1592 false, | 1593 false, |
1593 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, | 1594 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, |
1594 &public_key, | 1595 &public_key, |
1595 &private_key); | 1596 &private_key); |
1596 | 1597 |
1597 // Make a maximum-length data message. RSAES can operate on messages up to | 1598 // Make a maximum-length data message. RSAES can operate on messages up to |
1598 // length of k - 11 bytes, where k is the octet length of the RSA modulus. | 1599 // length of k - 11 bytes, where k is the octet length of the RSA modulus. |
1599 const unsigned int kMaxMsgSizeBytes = kModulusLength / 8 - 11; | 1600 const unsigned int kMaxMsgSizeBytes = kModulusLengthBits / 8 - 11; |
1600 // There are two hex chars for each byte. | 1601 // There are two hex chars for each byte. |
1601 const unsigned int kMsgHexSize = kMaxMsgSizeBytes * 2; | 1602 const unsigned int kMsgHexSize = kMaxMsgSizeBytes * 2; |
1602 char max_data_hex[kMsgHexSize + 1]; | 1603 char max_data_hex[kMsgHexSize + 1]; |
1603 std::fill(&max_data_hex[0], &max_data_hex[0] + kMsgHexSize, 'a'); | 1604 std::fill(&max_data_hex[0], &max_data_hex[0] + kMsgHexSize, 'a'); |
1604 max_data_hex[kMsgHexSize] = '\0'; | 1605 max_data_hex[kMsgHexSize] = '\0'; |
1605 | 1606 |
1606 // Verify encrypt / decrypt round trip on a few messages. Note that RSA | 1607 // Verify encrypt / decrypt round trip on a few messages. Note that RSA |
1607 // encryption does not support empty input. | 1608 // encryption does not support empty input. |
1608 algorithm = CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 1609 algorithm = CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
1609 const char* const kTestDataHex[] = {"ff", "0102030405060708090a0b0c0d0e0f", | 1610 const char* const kTestDataHex[] = {"ff", "0102030405060708090a0b0c0d0e0f", |
1610 max_data_hex}; | 1611 max_data_hex}; |
1611 blink::WebArrayBuffer encrypted_data; | 1612 blink::WebArrayBuffer encrypted_data; |
1612 blink::WebArrayBuffer decrypted_data; | 1613 blink::WebArrayBuffer decrypted_data; |
1613 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTestDataHex); ++i) { | 1614 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTestDataHex); ++i) { |
1614 SCOPED_TRACE(i); | 1615 SCOPED_TRACE(i); |
1615 EXPECT_STATUS_SUCCESS(Encrypt(algorithm, | 1616 EXPECT_STATUS_SUCCESS(Encrypt(algorithm, |
1616 public_key, | 1617 public_key, |
1617 CryptoData(HexStringToBytes(kTestDataHex[i])), | 1618 CryptoData(HexStringToBytes(kTestDataHex[i])), |
1618 &encrypted_data)); | 1619 &encrypted_data)); |
1619 EXPECT_EQ(kModulusLength / 8, encrypted_data.byteLength()); | 1620 EXPECT_EQ(kModulusLengthBits / 8, encrypted_data.byteLength()); |
1620 ASSERT_STATUS_SUCCESS(Decrypt( | 1621 ASSERT_STATUS_SUCCESS(Decrypt( |
1621 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data)); | 1622 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data)); |
1622 ExpectArrayBufferMatchesHex(kTestDataHex[i], decrypted_data); | 1623 ExpectArrayBufferMatchesHex(kTestDataHex[i], decrypted_data); |
1623 } | 1624 } |
1624 } | 1625 } |
1625 | 1626 |
1626 TEST_F(SharedCryptoTest, MAYBE(RsaEsKnownAnswer)) { | 1627 TEST_F(SharedCryptoTest, MAYBE(RsaEsKnownAnswer)) { |
1627 scoped_ptr<base::Value> json; | 1628 scoped_ptr<base::Value> json; |
1628 ASSERT_TRUE(ReadJsonTestFile("rsa_es.json", &json)); | 1629 ASSERT_TRUE(ReadJsonTestFile("rsa_es.json", &json)); |
1629 base::DictionaryValue* test = NULL; | 1630 base::DictionaryValue* test = NULL; |
(...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1707 | 1708 |
1708 // Fail encrypt with empty message. | 1709 // Fail encrypt with empty message. |
1709 EXPECT_STATUS(Status::Error(), | 1710 EXPECT_STATUS(Status::Error(), |
1710 Encrypt(algorithm, | 1711 Encrypt(algorithm, |
1711 public_key, | 1712 public_key, |
1712 CryptoData(std::vector<uint8>()), | 1713 CryptoData(std::vector<uint8>()), |
1713 &encrypted_data)); | 1714 &encrypted_data)); |
1714 | 1715 |
1715 // Fail encrypt with message too large. RSAES can operate on messages up to | 1716 // Fail encrypt with message too large. RSAES can operate on messages up to |
1716 // length of k - 11 bytes, where k is the octet length of the RSA modulus. | 1717 // length of k - 11 bytes, where k is the octet length of the RSA modulus. |
1717 const unsigned int kMaxMsgSizeBytes = kModulusLength / 8 - 11; | 1718 const unsigned int kMaxMsgSizeBytes = kModulusLengthBits / 8 - 11; |
1718 EXPECT_STATUS( | 1719 EXPECT_STATUS( |
1719 Status::ErrorDataTooLarge(), | 1720 Status::ErrorDataTooLarge(), |
1720 Encrypt(algorithm, | 1721 Encrypt(algorithm, |
1721 public_key, | 1722 public_key, |
1722 CryptoData(std::vector<uint8>(kMaxMsgSizeBytes + 1, '0')), | 1723 CryptoData(std::vector<uint8>(kMaxMsgSizeBytes + 1, '0')), |
1723 &encrypted_data)); | 1724 &encrypted_data)); |
1724 | 1725 |
1725 // Generate encrypted data. | 1726 // Generate encrypted data. |
1726 EXPECT_STATUS( | 1727 EXPECT_STATUS( |
1727 Status::Success(), | 1728 Status::Success(), |
(...skipping 75 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1803 corrupt_sig[corrupt_sig.size() / 2] ^= 0x1; | 1804 corrupt_sig[corrupt_sig.size() / 2] ^= 0x1; |
1804 EXPECT_STATUS_SUCCESS(VerifySignature(algorithm, | 1805 EXPECT_STATUS_SUCCESS(VerifySignature(algorithm, |
1805 public_key, | 1806 public_key, |
1806 CryptoData(corrupt_sig), | 1807 CryptoData(corrupt_sig), |
1807 CryptoData(data), | 1808 CryptoData(data), |
1808 &signature_match)); | 1809 &signature_match)); |
1809 EXPECT_FALSE(signature_match); | 1810 EXPECT_FALSE(signature_match); |
1810 | 1811 |
1811 // Ensure signatures that are greater than the modulus size fail. | 1812 // Ensure signatures that are greater than the modulus size fail. |
1812 const unsigned int long_message_size_bytes = 1024; | 1813 const unsigned int long_message_size_bytes = 1024; |
1813 DCHECK_GT(long_message_size_bytes, kModulusLength / 8); | 1814 DCHECK_GT(long_message_size_bytes, kModulusLengthBits / 8); |
1814 const unsigned char kLongSignature[long_message_size_bytes] = {0}; | 1815 const unsigned char kLongSignature[long_message_size_bytes] = {0}; |
1815 EXPECT_STATUS_SUCCESS( | 1816 EXPECT_STATUS_SUCCESS( |
1816 VerifySignature(algorithm, | 1817 VerifySignature(algorithm, |
1817 public_key, | 1818 public_key, |
1818 CryptoData(kLongSignature, sizeof(kLongSignature)), | 1819 CryptoData(kLongSignature, sizeof(kLongSignature)), |
1819 CryptoData(data), | 1820 CryptoData(data), |
1820 &signature_match)); | 1821 &signature_match)); |
1821 EXPECT_FALSE(signature_match); | 1822 EXPECT_FALSE(signature_match); |
1822 | 1823 |
1823 // Ensure that verifying using a private key, rather than a public key, fails. | 1824 // Ensure that verifying using a private key, rather than a public key, fails. |
(...skipping 475 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2299 test_iv, | 2300 test_iv, |
2300 test_additional_data, | 2301 test_additional_data, |
2301 wrong_tag_size_bits, | 2302 wrong_tag_size_bits, |
2302 test_cipher_text, | 2303 test_cipher_text, |
2303 test_authentication_tag, | 2304 test_authentication_tag, |
2304 &plain_text)); | 2305 &plain_text)); |
2305 } | 2306 } |
2306 } | 2307 } |
2307 } | 2308 } |
2308 | 2309 |
| 2310 TEST_F(SharedCryptoTest, MAYBE(RsaEsRawSymkeyWrapUnwrapKnownAnswer)) { |
| 2311 scoped_ptr<base::Value> json; |
| 2312 ASSERT_TRUE(ReadJsonTestFile("rsa_es.json", &json)); |
| 2313 base::DictionaryValue* test = NULL; |
| 2314 ASSERT_TRUE(json->GetAsDictionary(&test)); |
| 2315 const std::vector<uint8> rsa_spki_der = |
| 2316 GetBytesFromHexString(test, "rsa_spki_der"); |
| 2317 const std::vector<uint8> rsa_pkcs8_der = |
| 2318 GetBytesFromHexString(test, "rsa_pkcs8_der"); |
| 2319 const std::vector<uint8> ciphertext = |
| 2320 GetBytesFromHexString(test, "ciphertext"); |
| 2321 const std::vector<uint8> cleartext = GetBytesFromHexString(test, "cleartext"); |
| 2322 blink::WebCryptoAlgorithm key_algorithm = |
| 2323 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256); |
| 2324 |
| 2325 // Import the RSA key pair. |
| 2326 blink::WebCryptoAlgorithm algorithm = |
| 2327 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
| 2328 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
| 2329 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
| 2330 ImportRsaKeyPair( |
| 2331 rsa_spki_der, |
| 2332 rsa_pkcs8_der, |
| 2333 algorithm, |
| 2334 false, |
| 2335 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey, |
| 2336 &public_key, |
| 2337 &private_key); |
| 2338 |
| 2339 // Import the symmetric key. |
| 2340 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
| 2341 ASSERT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatRaw, |
| 2342 CryptoData(cleartext), |
| 2343 key_algorithm, |
| 2344 true, |
| 2345 blink::WebCryptoKeyUsageSign, |
| 2346 &key)); |
| 2347 |
| 2348 // Wrap the symmetric key with raw format. |
| 2349 blink::WebArrayBuffer wrapped_key; |
| 2350 ASSERT_STATUS_SUCCESS(WrapKey( |
| 2351 blink::WebCryptoKeyFormatRaw, public_key, key, algorithm, &wrapped_key)); |
| 2352 |
| 2353 // Unwrap the wrapped key. |
| 2354 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
| 2355 ASSERT_STATUS_SUCCESS(UnwrapKey(blink::WebCryptoKeyFormatRaw, |
| 2356 CryptoData(wrapped_key), |
| 2357 private_key, |
| 2358 algorithm, |
| 2359 key_algorithm, |
| 2360 true, |
| 2361 blink::WebCryptoKeyUsageSign, |
| 2362 &unwrapped_key)); |
| 2363 EXPECT_FALSE(key.isNull()); |
| 2364 EXPECT_TRUE(key.handle()); |
| 2365 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
| 2366 EXPECT_EQ(key_algorithm.id(), key.algorithm().id()); |
| 2367 EXPECT_EQ(true, key.extractable()); |
| 2368 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages()); |
| 2369 |
| 2370 // Export the new key and compare its raw bytes with the original known data. |
| 2371 blink::WebArrayBuffer raw_key; |
| 2372 EXPECT_STATUS_SUCCESS( |
| 2373 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); |
| 2374 EXPECT_TRUE(ArrayBufferMatches(cleartext, raw_key)); |
| 2375 |
| 2376 // Unwrap the known wrapped key and compare to the known cleartext. |
| 2377 ASSERT_STATUS_SUCCESS(UnwrapKey(blink::WebCryptoKeyFormatRaw, |
| 2378 CryptoData(ciphertext), |
| 2379 private_key, |
| 2380 algorithm, |
| 2381 key_algorithm, |
| 2382 true, |
| 2383 blink::WebCryptoKeyUsageSign, |
| 2384 &unwrapped_key)); |
| 2385 EXPECT_STATUS_SUCCESS( |
| 2386 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); |
| 2387 EXPECT_TRUE(ArrayBufferMatches(cleartext, raw_key)); |
| 2388 } |
| 2389 |
| 2390 TEST_F(SharedCryptoTest, MAYBE(RsaEsRawSymkeyWrapUnwrapErrors)) { |
| 2391 const std::vector<uint8> data(64, 0); |
| 2392 blink::WebCryptoAlgorithm key_algorithm = |
| 2393 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256); |
| 2394 |
| 2395 // Import the RSA key pair. |
| 2396 blink::WebCryptoAlgorithm wrapping_algorithm = |
| 2397 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
| 2398 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
| 2399 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
| 2400 ImportRsaKeyPair( |
| 2401 HexStringToBytes(kPublicKeySpkiDerHex), |
| 2402 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
| 2403 wrapping_algorithm, |
| 2404 false, |
| 2405 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey, |
| 2406 &public_key, |
| 2407 &private_key); |
| 2408 |
| 2409 // Import the symmetric key. |
| 2410 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
| 2411 ASSERT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatRaw, |
| 2412 CryptoData(data), |
| 2413 key_algorithm, |
| 2414 true, |
| 2415 blink::WebCryptoKeyUsageSign, |
| 2416 &key)); |
| 2417 |
| 2418 // Wrapping with a private key should fail. |
| 2419 blink::WebArrayBuffer wrapped_key; |
| 2420 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), |
| 2421 WrapKey(blink::WebCryptoKeyFormatRaw, |
| 2422 private_key, |
| 2423 key, |
| 2424 wrapping_algorithm, |
| 2425 &wrapped_key)); |
| 2426 |
| 2427 // Wrapping a key whose raw keying material is too large for the wrapping key |
| 2428 // should fail. |
| 2429 // RSAES can encrypt data up to length of k - 11 bytes, where k is the octet |
| 2430 // length of the RSA modulus, and can decrypt data up to length k. Fabricate a |
| 2431 // big piece of data here that fails both of these criteria, so it can be used |
| 2432 // for both wrap and unwrap negative tests below. |
| 2433 const std::vector<uint8> big_data(kModulusLengthBits / 8 + 1, 0); |
| 2434 blink::WebCryptoKey big_key = blink::WebCryptoKey::createNull(); |
| 2435 ASSERT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatRaw, |
| 2436 CryptoData(big_data), |
| 2437 key_algorithm, |
| 2438 true, |
| 2439 blink::WebCryptoKeyUsageSign, |
| 2440 &big_key)); |
| 2441 EXPECT_STATUS(Status::ErrorDataTooLarge(), |
| 2442 WrapKey(blink::WebCryptoKeyFormatRaw, |
| 2443 public_key, |
| 2444 big_key, |
| 2445 wrapping_algorithm, |
| 2446 &wrapped_key)); |
| 2447 |
| 2448 // Unwrapping with a public key should fail. |
| 2449 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
| 2450 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), |
| 2451 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
| 2452 CryptoData(data), |
| 2453 public_key, |
| 2454 wrapping_algorithm, |
| 2455 key_algorithm, |
| 2456 true, |
| 2457 blink::WebCryptoKeyUsageSign, |
| 2458 &unwrapped_key)); |
| 2459 |
| 2460 // Unwrapping empty data should fail. |
| 2461 const std::vector<uint8> emtpy_data; |
| 2462 EXPECT_STATUS(Status::ErrorDataTooSmall(), |
| 2463 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
| 2464 CryptoData(emtpy_data), |
| 2465 private_key, |
| 2466 wrapping_algorithm, |
| 2467 key_algorithm, |
| 2468 true, |
| 2469 blink::WebCryptoKeyUsageSign, |
| 2470 &unwrapped_key)); |
| 2471 |
| 2472 // Unwapping data too large for the wrapping key should fail. |
| 2473 EXPECT_STATUS(Status::ErrorDataTooLarge(), |
| 2474 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
| 2475 CryptoData(big_data), |
| 2476 private_key, |
| 2477 wrapping_algorithm, |
| 2478 key_algorithm, |
| 2479 true, |
| 2480 blink::WebCryptoKeyUsageSign, |
| 2481 &unwrapped_key)); |
| 2482 } |
| 2483 |
2309 } // namespace webcrypto | 2484 } // namespace webcrypto |
2310 | 2485 |
2311 } // namespace content | 2486 } // namespace content |
OLD | NEW |