OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/child/webcrypto/shared_crypto.h" | 5 #include "content/child/webcrypto/shared_crypto.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
(...skipping 2290 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2301 test_iv, | 2301 test_iv, |
2302 test_additional_data, | 2302 test_additional_data, |
2303 wrong_tag_size_bits, | 2303 wrong_tag_size_bits, |
2304 test_cipher_text, | 2304 test_cipher_text, |
2305 test_authentication_tag, | 2305 test_authentication_tag, |
2306 &plain_text)); | 2306 &plain_text)); |
2307 } | 2307 } |
2308 } | 2308 } |
2309 } | 2309 } |
2310 | 2310 |
2311 TEST_F(SharedCryptoTest, MAYBE(RsaEsRawSymkeyWrapUnwrapKnownAnswer)) { | |
2312 scoped_ptr<base::Value> json; | |
2313 ASSERT_TRUE(ReadJsonTestFile("rsa_es.json", &json)); | |
2314 base::DictionaryValue* test = NULL; | |
2315 ASSERT_TRUE(json->GetAsDictionary(&test)); | |
2316 const std::vector<uint8> rsa_spki_der = | |
2317 GetBytesFromHexString(test, "rsa_spki_der"); | |
2318 const std::vector<uint8> rsa_pkcs8_der = | |
2319 GetBytesFromHexString(test, "rsa_pkcs8_der"); | |
2320 const std::vector<uint8> ciphertext = | |
2321 GetBytesFromHexString(test, "ciphertext"); | |
2322 const std::vector<uint8> cleartext = GetBytesFromHexString(test, "cleartext"); | |
2323 blink::WebCryptoAlgorithm key_algorithm = | |
2324 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256); | |
2325 | |
2326 // Import the RSA key pair. | |
2327 blink::WebCryptoAlgorithm algorithm = | |
2328 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | |
2329 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | |
2330 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | |
2331 ImportRsaKeyPair( | |
2332 rsa_spki_der, | |
2333 rsa_pkcs8_der, | |
2334 algorithm, | |
2335 false, | |
2336 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey, | |
2337 &public_key, | |
2338 &private_key); | |
2339 | |
2340 // Import the symmetric key. | |
2341 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | |
2342 ASSERT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatRaw, | |
2343 CryptoData(cleartext), | |
2344 key_algorithm, | |
2345 true, | |
2346 blink::WebCryptoKeyUsageSign, | |
2347 &key)); | |
2348 | |
2349 // Wrap the symmetric key with raw format. | |
2350 blink::WebArrayBuffer wrapped_key; | |
2351 ASSERT_STATUS_SUCCESS(WrapKey( | |
2352 blink::WebCryptoKeyFormatRaw, public_key, key, algorithm, &wrapped_key)); | |
2353 | |
2354 // Unwrap the wrapped key. | |
2355 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | |
2356 ASSERT_STATUS_SUCCESS(UnwrapKey(blink::WebCryptoKeyFormatRaw, | |
2357 CryptoData(wrapped_key), | |
2358 private_key, | |
2359 algorithm, | |
2360 key_algorithm, | |
2361 true, | |
2362 blink::WebCryptoKeyUsageSign, | |
2363 &unwrapped_key)); | |
2364 EXPECT_FALSE(key.isNull()); | |
2365 EXPECT_TRUE(key.handle()); | |
2366 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | |
2367 EXPECT_EQ(key_algorithm.id(), key.algorithm().id()); | |
2368 EXPECT_EQ(true, key.extractable()); | |
2369 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages()); | |
2370 | |
2371 // Export the new key and compare its raw bytes with the original known data. | |
2372 blink::WebArrayBuffer raw_key; | |
2373 EXPECT_STATUS_SUCCESS( | |
2374 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); | |
2375 EXPECT_TRUE(ArrayBufferMatches(cleartext, raw_key)); | |
2376 | |
2377 // Unwrap the known wrapped key and compare to the known cleartext. | |
2378 ASSERT_STATUS_SUCCESS(UnwrapKey(blink::WebCryptoKeyFormatRaw, | |
2379 CryptoData(ciphertext), | |
2380 private_key, | |
2381 algorithm, | |
2382 key_algorithm, | |
2383 true, | |
2384 blink::WebCryptoKeyUsageSign, | |
2385 &unwrapped_key)); | |
2386 EXPECT_STATUS_SUCCESS( | |
2387 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); | |
2388 EXPECT_TRUE(ArrayBufferMatches(cleartext, raw_key)); | |
2389 } | |
2390 | |
2391 TEST_F(SharedCryptoTest, MAYBE(RsaEsRawSymkeyWrapUnwrapErrors)) { | |
2392 const std::vector<uint8> data(64, 0); | |
2393 blink::WebCryptoAlgorithm key_algorithm = | |
2394 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256); | |
2395 | |
2396 // Import the RSA key pair. | |
2397 blink::WebCryptoAlgorithm wrapping_algorithm = | |
2398 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | |
2399 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | |
2400 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | |
2401 ImportRsaKeyPair( | |
2402 HexStringToBytes(kPublicKeySpkiDerHex), | |
2403 HexStringToBytes(kPrivateKeyPkcs8DerHex), | |
2404 wrapping_algorithm, | |
2405 false, | |
2406 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey, | |
2407 &public_key, | |
2408 &private_key); | |
2409 | |
2410 // Import the symmetric key. | |
2411 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | |
2412 ASSERT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatRaw, | |
2413 CryptoData(data), | |
2414 key_algorithm, | |
2415 true, | |
2416 blink::WebCryptoKeyUsageSign, | |
2417 &key)); | |
2418 | |
2419 // Wrapping with a private key should fail. | |
2420 blink::WebArrayBuffer wrapped_key; | |
2421 EXPECT_STATUS_ERROR(WrapKey(blink::WebCryptoKeyFormatRaw, | |
eroman
2014/03/10 21:35:57
Can you change the assertion to be the specific er
padolph
2014/03/10 23:50:01
Done.
| |
2422 private_key, | |
2423 key, | |
2424 wrapping_algorithm, | |
2425 &wrapped_key)); | |
2426 | |
2427 // Wrapping a key whose raw keying material is too large for the wrapping key | |
2428 // should fail. | |
2429 // The max allowed data size for RSA wrapping is the modulus length - 11 | |
2430 // bytes. | |
2431 const std::vector<uint8> big_data(kModulusLength, 0); | |
eroman
2014/03/10 21:35:57
This is a bit confusing --> kModulusLength is a bi
padolph
2014/03/10 23:50:01
Oops, sorry. Fixed.
| |
2432 blink::WebCryptoKey big_key = blink::WebCryptoKey::createNull(); | |
2433 ASSERT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatRaw, | |
2434 CryptoData(big_data), | |
2435 key_algorithm, | |
2436 true, | |
2437 blink::WebCryptoKeyUsageSign, | |
2438 &big_key)); | |
2439 EXPECT_STATUS(Status::ErrorDataTooLarge(), | |
2440 WrapKey(blink::WebCryptoKeyFormatRaw, | |
2441 public_key, | |
2442 big_key, | |
2443 wrapping_algorithm, | |
2444 &wrapped_key)); | |
2445 | |
2446 // Unwrapping with a public key should fail. | |
2447 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | |
2448 EXPECT_STATUS_ERROR(UnwrapKey(blink::WebCryptoKeyFormatRaw, | |
eroman
2014/03/10 21:35:57
Same comment, can this test the exact error messag
padolph
2014/03/10 23:50:01
Done.
| |
2449 CryptoData(data), | |
2450 public_key, | |
2451 wrapping_algorithm, | |
2452 key_algorithm, | |
2453 true, | |
2454 blink::WebCryptoKeyUsageSign, | |
2455 &unwrapped_key)); | |
2456 | |
2457 // Unwrapping empty data should fail. | |
2458 const std::vector<uint8> emtpy_data; | |
2459 EXPECT_STATUS_ERROR(UnwrapKey(blink::WebCryptoKeyFormatRaw, | |
eroman
2014/03/10 21:35:57
Ditto.
padolph
2014/03/10 23:50:01
Done.
| |
2460 CryptoData(emtpy_data), | |
2461 private_key, | |
2462 wrapping_algorithm, | |
2463 key_algorithm, | |
2464 true, | |
2465 blink::WebCryptoKeyUsageSign, | |
2466 &unwrapped_key)); | |
2467 | |
2468 // Unwapping data too large for the wrapping key should fail. | |
2469 EXPECT_STATUS(Status::ErrorDataTooLarge(), | |
2470 UnwrapKey(blink::WebCryptoKeyFormatRaw, | |
2471 CryptoData(big_data), | |
2472 private_key, | |
2473 wrapping_algorithm, | |
2474 key_algorithm, | |
2475 true, | |
2476 blink::WebCryptoKeyUsageSign, | |
2477 &unwrapped_key)); | |
2478 } | |
2479 | |
2311 } // namespace webcrypto | 2480 } // namespace webcrypto |
2312 | 2481 |
2313 } // namespace content | 2482 } // namespace content |
OLD | NEW |