[webcrypto] Add PKCS#8 export for RSA private keys for NSS.

content/child/webcrypto/shared_crypto_unittest.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/child/webcrypto/shared_crypto.h"
 
 #include <algorithm>
 #include <string>
 #include <vector>
 
@@ skipping 790 matching lines @@
                             CreateAesCbcAlgorithm(iv),
                             true,
                             blink::WebCryptoKeyUsageEncrypt,
                             &key));
   }
 
   // Fail exporting the key in SPKI and PKCS#8 formats (not allowed for secret
   // keys).
   EXPECT_STATUS(Status::ErrorUnexpectedKeyType(),
                 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output));
-  EXPECT_STATUS(Status::ErrorUnsupported(),
+  EXPECT_STATUS(Status::ErrorUnexpectedKeyType(),
                 ExportKey(blink::WebCryptoKeyFormatPkcs8, key, &output));
 }
 
 TEST_F(SharedCryptoTest, MAYBE(AesCbcSampleSets)) {
   scoped_ptr<base::ListValue> tests;
   ASSERT_TRUE(ReadJsonTestFileToList("aes_cbc.json", &tests));
 
   for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) {
     SCOPED_TRACE(test_index);
     base::DictionaryValue* test;
@@ skipping 883 matching lines @@
                 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5),
                 false,
                 blink::WebCryptoKeyUsageEncrypt,
                 &key));
   EXPECT_TRUE(key.handle());
   EXPECT_FALSE(key.extractable());
   EXPECT_STATUS(Status::ErrorKeyNotExtractable(),
                 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output));
 }
 
-TEST_F(SharedCryptoTest, MAYBE(ImportPkcs8)) {
+TEST_F(SharedCryptoTest, MAYBE(ImportExportPkcs8)) {
   // Passing case: Import a valid RSA key in PKCS#8 format.
   blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
   ASSERT_STATUS_SUCCESS(ImportKey(
       blink::WebCryptoKeyFormatPkcs8,
       CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)),
       CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5,
                                      blink::WebCryptoAlgorithmIdSha1),
       true,
       blink::WebCryptoKeyUsageSign,
       &key));
   EXPECT_TRUE(key.handle());
   EXPECT_EQ(blink::WebCryptoKeyTypePrivate, key.type());
   EXPECT_TRUE(key.extractable());
   EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages());
   EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1,
             key.algorithm().rsaHashedParams()->hash().id());
   EXPECT_EQ(kModulusLengthBits,
             key.algorithm().rsaHashedParams()->modulusLengthBits());
   ExpectCryptoDataMatchesHex(
       "010001",
       CryptoData(key.algorithm().rsaHashedParams()->publicExponent()));
 
+  blink::WebArrayBuffer exported_key;
+  ASSERT_STATUS_SUCCESS(
+      ExportKey(blink::WebCryptoKeyFormatPkcs8, key, &exported_key));
+  ExpectArrayBufferMatchesHex(kPrivateKeyPkcs8DerHex, exported_key);
+
   // Failing case: Empty PKCS#8 data
   EXPECT_STATUS(Status::ErrorImportEmptyKeyData(),
                 ImportKey(blink::WebCryptoKeyFormatPkcs8,
                           CryptoData(std::vector<uint8>()),
                           blink::WebCryptoAlgorithm::createNull(),
                           true,
                           blink::WebCryptoKeyUsageSign,
                           &key));
 
   // Failing case: Import RSA key with NULL input algorithm. This is not
@@ skipping 1226 matching lines @@
                           wrapping_algorithm,
                           key_algorithm,
                           true,
                           blink::WebCryptoKeyUsageSign,
                           &unwrapped_key));
 }
 
 }  // namespace webcrypto
 
 }  // namespace content