OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/child/webcrypto/shared_crypto.h" | 5 #include "content/child/webcrypto/shared_crypto.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
11 #include "base/basictypes.h" | 11 #include "base/basictypes.h" |
12 #include "base/file_util.h" | 12 #include "base/file_util.h" |
13 #include "base/json/json_reader.h" | 13 #include "base/json/json_reader.h" |
14 #include "base/json/json_writer.h" | 14 #include "base/json/json_writer.h" |
15 #include "base/logging.h" | 15 #include "base/logging.h" |
16 #include "base/memory/ref_counted.h" | 16 #include "base/memory/ref_counted.h" |
17 #include "base/path_service.h" | 17 #include "base/path_service.h" |
18 #include "base/strings/string_number_conversions.h" | 18 #include "base/strings/string_number_conversions.h" |
19 #include "base/strings/string_util.h" | 19 #include "base/strings/string_util.h" |
20 #include "base/strings/stringprintf.h" | |
20 #include "content/child/webcrypto/crypto_data.h" | 21 #include "content/child/webcrypto/crypto_data.h" |
21 #include "content/child/webcrypto/status.h" | 22 #include "content/child/webcrypto/status.h" |
22 #include "content/child/webcrypto/webcrypto_util.h" | 23 #include "content/child/webcrypto/webcrypto_util.h" |
23 #include "content/public/common/content_paths.h" | 24 #include "content/public/common/content_paths.h" |
24 #include "testing/gtest/include/gtest/gtest.h" | 25 #include "testing/gtest/include/gtest/gtest.h" |
25 #include "third_party/WebKit/public/platform/WebArrayBuffer.h" | 26 #include "third_party/WebKit/public/platform/WebArrayBuffer.h" |
26 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" | 27 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" |
27 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" | 28 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" |
28 #include "third_party/WebKit/public/platform/WebCryptoKey.h" | 29 #include "third_party/WebKit/public/platform/WebCryptoKey.h" |
29 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h" | 30 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h" |
30 #include "third_party/re2/re2/re2.h" | 31 #include "third_party/re2/re2/re2.h" |
31 | 32 |
32 // The OpenSSL implementation of WebCrypto is less complete, so don't run all of | 33 // The OpenSSL implementation of WebCrypto is less complete, so don't run all of |
33 // the tests: http://crbug.com/267888 | 34 // the tests: http://crbug.com/267888 |
34 #if defined(USE_OPENSSL) | 35 #if defined(USE_OPENSSL) |
35 #define MAYBE(test_name) DISABLED_##test_name | 36 #define MAYBE(test_name) DISABLED_##test_name |
36 #else | 37 #else |
37 #define MAYBE(test_name) test_name | 38 #define MAYBE(test_name) test_name |
38 #endif | 39 #endif |
39 | 40 |
40 // Helper macros to verify the value of a Status. | |
41 #define EXPECT_STATUS_ERROR(code) EXPECT_FALSE((code).IsSuccess()) | |
42 #define EXPECT_STATUS(expected, code) \ | |
43 EXPECT_EQ(expected.ToString(), (code).ToString()) | |
44 #define ASSERT_STATUS(expected, code) \ | |
45 ASSERT_EQ(expected.ToString(), (code).ToString()) | |
46 #define EXPECT_STATUS_SUCCESS(code) EXPECT_STATUS(Status::Success(), code) | |
47 #define ASSERT_STATUS_SUCCESS(code) ASSERT_STATUS(Status::Success(), code) | |
48 | |
49 namespace content { | 41 namespace content { |
50 | 42 |
51 namespace webcrypto { | 43 namespace webcrypto { |
52 | 44 |
45 void PrintTo(const Status& status, ::std::ostream* os) { | |
46 if (status.IsSuccess()) | |
47 *os << "Success"; | |
48 else | |
49 *os << "Error type: " << status.error_type() | |
50 << " Error details: " << status.error_details(); | |
51 } | |
52 | |
53 bool operator==(const content::webcrypto::Status& a, | |
54 const content::webcrypto::Status& b) { | |
55 if (a.IsSuccess() != b.IsSuccess()) | |
56 return false; | |
57 if (a.IsSuccess()) | |
58 return true; | |
59 return a.error_type() == b.error_type() && | |
60 a.error_details() == b.error_details(); | |
61 } | |
62 | |
63 bool operator!=(const content::webcrypto::Status& a, | |
64 const content::webcrypto::Status& b) { | |
65 return !(a == b); | |
66 } | |
67 | |
53 namespace { | 68 namespace { |
54 | 69 |
55 // TODO(eroman): For Linux builds using system NSS, AES-GCM support is a | 70 // TODO(eroman): For Linux builds using system NSS, AES-GCM support is a |
56 // runtime dependency. Test it by trying to import a key. | 71 // runtime dependency. Test it by trying to import a key. |
57 // TODO(padolph): Consider caching the result of the import key test. | 72 // TODO(padolph): Consider caching the result of the import key test. |
58 bool SupportsAesGcm() { | 73 bool SupportsAesGcm() { |
59 std::vector<uint8> key_raw(16, 0); | 74 std::vector<uint8> key_raw(16, 0); |
60 | 75 |
61 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 76 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
62 Status status = ImportKey(blink::WebCryptoKeyFormatRaw, | 77 Status status = ImportKey(blink::WebCryptoKeyFormatRaw, |
63 CryptoData(key_raw), | 78 CryptoData(key_raw), |
64 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm), | 79 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm), |
65 true, | 80 true, |
66 blink::WebCryptoKeyUsageEncrypt, | 81 blink::WebCryptoKeyUsageEncrypt, |
67 &key); | 82 &key); |
68 | 83 |
69 if (status.IsError()) | 84 if (status.IsError()) |
70 EXPECT_STATUS(Status::ErrorUnsupported(), status); | 85 EXPECT_EQ(Status::ErrorUnsupported(), status); |
71 return status.IsSuccess(); | 86 return status.IsSuccess(); |
72 } | 87 } |
73 | 88 |
74 blink::WebCryptoAlgorithm CreateRsaKeyGenAlgorithm( | 89 blink::WebCryptoAlgorithm CreateRsaKeyGenAlgorithm( |
75 blink::WebCryptoAlgorithmId algorithm_id, | 90 blink::WebCryptoAlgorithmId algorithm_id, |
76 unsigned int modulus_length, | 91 unsigned int modulus_length, |
77 const std::vector<uint8>& public_exponent) { | 92 const std::vector<uint8>& public_exponent) { |
78 DCHECK_EQ(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, algorithm_id); | 93 DCHECK_EQ(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, algorithm_id); |
79 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( | 94 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( |
80 algorithm_id, | 95 algorithm_id, |
(...skipping 192 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
273 const char* property_name) { | 288 const char* property_name) { |
274 std::string algorithm_name; | 289 std::string algorithm_name; |
275 if (!dict->GetString(property_name, &algorithm_name)) { | 290 if (!dict->GetString(property_name, &algorithm_name)) { |
276 EXPECT_TRUE(false) << "Couldn't get string property: " << property_name; | 291 EXPECT_TRUE(false) << "Couldn't get string property: " << property_name; |
277 return blink::WebCryptoAlgorithm::createNull(); | 292 return blink::WebCryptoAlgorithm::createNull(); |
278 } | 293 } |
279 | 294 |
280 struct { | 295 struct { |
281 const char* name; | 296 const char* name; |
282 blink::WebCryptoAlgorithmId id; | 297 blink::WebCryptoAlgorithmId id; |
283 } kDigestNameToId[] = {{"sha-1", blink::WebCryptoAlgorithmIdSha1}, | 298 } kDigestNameToId[] = { |
284 {"sha-256", blink::WebCryptoAlgorithmIdSha256}, | 299 {"sha-1", blink::WebCryptoAlgorithmIdSha1}, |
285 {"sha-384", blink::WebCryptoAlgorithmIdSha384}, | 300 {"sha-256", blink::WebCryptoAlgorithmIdSha256}, |
286 {"sha-512", blink::WebCryptoAlgorithmIdSha512}, }; | 301 {"sha-384", blink::WebCryptoAlgorithmIdSha384}, |
302 {"sha-512", blink::WebCryptoAlgorithmIdSha512}, | |
303 }; | |
Ryan Sleevi
2014/04/25 23:08:52
I for one welcome my new clang-formatting overlord
eroman
2014/04/25 23:40:31
This was the result of having run clang-format on
| |
287 | 304 |
288 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kDigestNameToId); ++i) { | 305 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kDigestNameToId); ++i) { |
289 if (kDigestNameToId[i].name == algorithm_name) | 306 if (kDigestNameToId[i].name == algorithm_name) |
290 return CreateAlgorithm(kDigestNameToId[i].id); | 307 return CreateAlgorithm(kDigestNameToId[i].id); |
291 } | 308 } |
292 | 309 |
293 return blink::WebCryptoAlgorithm::createNull(); | 310 return blink::WebCryptoAlgorithm::createNull(); |
294 } | 311 } |
295 | 312 |
296 // Helper for ImportJwkFailures and ImportJwkOctFailures. Restores the JWK JSON | 313 // Helper for ImportJwkFailures and ImportJwkOctFailures. Restores the JWK JSON |
(...skipping 107 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
404 protected: | 421 protected: |
405 virtual void SetUp() OVERRIDE { Init(); } | 422 virtual void SetUp() OVERRIDE { Init(); } |
406 }; | 423 }; |
407 | 424 |
408 blink::WebCryptoKey ImportSecretKeyFromRaw( | 425 blink::WebCryptoKey ImportSecretKeyFromRaw( |
409 const std::vector<uint8>& key_raw, | 426 const std::vector<uint8>& key_raw, |
410 const blink::WebCryptoAlgorithm& algorithm, | 427 const blink::WebCryptoAlgorithm& algorithm, |
411 blink::WebCryptoKeyUsageMask usage) { | 428 blink::WebCryptoKeyUsageMask usage) { |
412 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 429 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
413 bool extractable = true; | 430 bool extractable = true; |
414 EXPECT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatRaw, | 431 EXPECT_EQ(Status::Success(), |
415 CryptoData(key_raw), | 432 ImportKey(blink::WebCryptoKeyFormatRaw, |
416 algorithm, | 433 CryptoData(key_raw), |
417 extractable, | 434 algorithm, |
418 usage, | 435 extractable, |
419 &key)); | 436 usage, |
437 &key)); | |
420 | 438 |
421 EXPECT_FALSE(key.isNull()); | 439 EXPECT_FALSE(key.isNull()); |
422 EXPECT_TRUE(key.handle()); | 440 EXPECT_TRUE(key.handle()); |
423 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 441 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
424 EXPECT_EQ(algorithm.id(), key.algorithm().id()); | 442 EXPECT_EQ(algorithm.id(), key.algorithm().id()); |
425 EXPECT_EQ(extractable, key.extractable()); | 443 EXPECT_EQ(extractable, key.extractable()); |
426 EXPECT_EQ(usage, key.usages()); | 444 EXPECT_EQ(usage, key.usages()); |
427 return key; | 445 return key; |
428 } | 446 } |
429 | 447 |
430 void ImportRsaKeyPair(const std::vector<uint8>& spki_der, | 448 void ImportRsaKeyPair(const std::vector<uint8>& spki_der, |
431 const std::vector<uint8>& pkcs8_der, | 449 const std::vector<uint8>& pkcs8_der, |
432 const blink::WebCryptoAlgorithm& algorithm, | 450 const blink::WebCryptoAlgorithm& algorithm, |
433 bool extractable, | 451 bool extractable, |
434 blink::WebCryptoKeyUsageMask usage_mask, | 452 blink::WebCryptoKeyUsageMask usage_mask, |
435 blink::WebCryptoKey* public_key, | 453 blink::WebCryptoKey* public_key, |
436 blink::WebCryptoKey* private_key) { | 454 blink::WebCryptoKey* private_key) { |
437 EXPECT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatSpki, | 455 EXPECT_EQ(Status::Success(), |
438 CryptoData(spki_der), | 456 ImportKey(blink::WebCryptoKeyFormatSpki, |
439 algorithm, | 457 CryptoData(spki_der), |
440 true, | 458 algorithm, |
441 usage_mask, | 459 true, |
442 public_key)); | 460 usage_mask, |
461 public_key)); | |
443 EXPECT_FALSE(public_key->isNull()); | 462 EXPECT_FALSE(public_key->isNull()); |
444 EXPECT_TRUE(public_key->handle()); | 463 EXPECT_TRUE(public_key->handle()); |
445 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key->type()); | 464 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key->type()); |
446 EXPECT_EQ(algorithm.id(), public_key->algorithm().id()); | 465 EXPECT_EQ(algorithm.id(), public_key->algorithm().id()); |
447 EXPECT_EQ(extractable, extractable); | 466 EXPECT_EQ(extractable, extractable); |
448 EXPECT_EQ(usage_mask, public_key->usages()); | 467 EXPECT_EQ(usage_mask, public_key->usages()); |
449 | 468 |
450 EXPECT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatPkcs8, | 469 EXPECT_EQ(Status::Success(), |
451 CryptoData(pkcs8_der), | 470 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
452 algorithm, | 471 CryptoData(pkcs8_der), |
453 extractable, | 472 algorithm, |
454 usage_mask, | 473 extractable, |
455 private_key)); | 474 usage_mask, |
475 private_key)); | |
456 EXPECT_FALSE(private_key->isNull()); | 476 EXPECT_FALSE(private_key->isNull()); |
457 EXPECT_TRUE(private_key->handle()); | 477 EXPECT_TRUE(private_key->handle()); |
458 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key->type()); | 478 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key->type()); |
459 EXPECT_EQ(algorithm.id(), private_key->algorithm().id()); | 479 EXPECT_EQ(algorithm.id(), private_key->algorithm().id()); |
460 EXPECT_EQ(extractable, extractable); | 480 EXPECT_EQ(extractable, extractable); |
461 EXPECT_EQ(usage_mask, private_key->usages()); | 481 EXPECT_EQ(usage_mask, private_key->usages()); |
462 } | 482 } |
463 | 483 |
464 Status AesGcmEncrypt(const blink::WebCryptoKey& key, | 484 Status AesGcmEncrypt(const blink::WebCryptoKey& key, |
465 const std::vector<uint8>& iv, | 485 const std::vector<uint8>& iv, |
466 const std::vector<uint8>& additional_data, | 486 const std::vector<uint8>& additional_data, |
467 unsigned int tag_length_bits, | 487 unsigned int tag_length_bits, |
468 const std::vector<uint8>& plain_text, | 488 const std::vector<uint8>& plain_text, |
469 std::vector<uint8>* cipher_text, | 489 std::vector<uint8>* cipher_text, |
470 std::vector<uint8>* authentication_tag) { | 490 std::vector<uint8>* authentication_tag) { |
471 EXPECT_TRUE(SupportsAesGcm()); | 491 EXPECT_TRUE(SupportsAesGcm()); |
472 blink::WebCryptoAlgorithm algorithm = | 492 blink::WebCryptoAlgorithm algorithm = |
473 CreateAesGcmAlgorithm(iv, additional_data, tag_length_bits); | 493 CreateAesGcmAlgorithm(iv, additional_data, tag_length_bits); |
474 | 494 |
475 blink::WebArrayBuffer output; | 495 blink::WebArrayBuffer output; |
476 Status status = Encrypt(algorithm, key, CryptoData(plain_text), &output); | 496 Status status = Encrypt(algorithm, key, CryptoData(plain_text), &output); |
477 if (status.IsError()) | 497 if (status.IsError()) |
478 return status; | 498 return status; |
479 | 499 |
480 if (output.byteLength() * 8 < tag_length_bits) { | 500 if (output.byteLength() * 8 < tag_length_bits) { |
481 EXPECT_TRUE(false); | 501 EXPECT_TRUE(false); |
482 return Status::Error(); | 502 return Status::OperationError(); |
483 } | 503 } |
484 | 504 |
485 // The encryption result is cipher text with authentication tag appended. | 505 // The encryption result is cipher text with authentication tag appended. |
486 cipher_text->assign(static_cast<uint8*>(output.data()), | 506 cipher_text->assign(static_cast<uint8*>(output.data()), |
487 static_cast<uint8*>(output.data()) + | 507 static_cast<uint8*>(output.data()) + |
488 (output.byteLength() - tag_length_bits / 8)); | 508 (output.byteLength() - tag_length_bits / 8)); |
489 authentication_tag->assign( | 509 authentication_tag->assign( |
490 static_cast<uint8*>(output.data()) + cipher_text->size(), | 510 static_cast<uint8*>(output.data()) + cipher_text->size(), |
491 static_cast<uint8*>(output.data()) + output.byteLength()); | 511 static_cast<uint8*>(output.data()) + output.byteLength()); |
492 | 512 |
(...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
553 return scoped_ptr<base::DictionaryValue>(dict_value); | 573 return scoped_ptr<base::DictionaryValue>(dict_value); |
554 } | 574 } |
555 | 575 |
556 // Verifies the input dictionary contains the expected values. Exact matches are | 576 // Verifies the input dictionary contains the expected values. Exact matches are |
557 // required on the fields examined. | 577 // required on the fields examined. |
558 ::testing::AssertionResult VerifyJwk( | 578 ::testing::AssertionResult VerifyJwk( |
559 const scoped_ptr<base::DictionaryValue>& dict, | 579 const scoped_ptr<base::DictionaryValue>& dict, |
560 const std::string& kty_expected, | 580 const std::string& kty_expected, |
561 const std::string& alg_expected, | 581 const std::string& alg_expected, |
562 blink::WebCryptoKeyUsageMask use_mask_expected) { | 582 blink::WebCryptoKeyUsageMask use_mask_expected) { |
563 | |
564 // ---- kty | 583 // ---- kty |
565 std::string value_string; | 584 std::string value_string; |
566 if (!dict->GetString("kty", &value_string)) | 585 if (!dict->GetString("kty", &value_string)) |
567 return ::testing::AssertionFailure() << "Missing 'kty'"; | 586 return ::testing::AssertionFailure() << "Missing 'kty'"; |
568 if (value_string != kty_expected) | 587 if (value_string != kty_expected) |
569 return ::testing::AssertionFailure() << "Expected 'kty' to be " | 588 return ::testing::AssertionFailure() << "Expected 'kty' to be " |
570 << kty_expected << "but found " | 589 << kty_expected << "but found " |
571 << value_string; | 590 << value_string; |
572 | 591 |
573 // ---- alg | 592 // ---- alg |
(...skipping 101 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
675 } // namespace | 694 } // namespace |
676 | 695 |
677 TEST_F(SharedCryptoTest, CheckAesGcm) { | 696 TEST_F(SharedCryptoTest, CheckAesGcm) { |
678 if (!SupportsAesGcm()) { | 697 if (!SupportsAesGcm()) { |
679 LOG(WARNING) << "AES GCM not supported on this platform, so some tests " | 698 LOG(WARNING) << "AES GCM not supported on this platform, so some tests " |
680 "will be skipped. Consider upgrading local NSS libraries"; | 699 "will be skipped. Consider upgrading local NSS libraries"; |
681 return; | 700 return; |
682 } | 701 } |
683 } | 702 } |
684 | 703 |
685 TEST_F(SharedCryptoTest, StatusToString) { | 704 // Tests a couple error objects against their expected hard coded values, as |
Ryan Sleevi
2014/04/25 23:08:52
nit: grammar
// Tests several error objects
(a c
eroman
2014/04/25 23:40:31
Done.
| |
686 EXPECT_EQ("Success", Status::Success().ToString()); | 705 // well as ensuring that comparison of Status objects works as intended |
687 EXPECT_EQ("", Status::Error().ToString()); | 706 // (comparison should take into account both the error message, as well as the |
688 EXPECT_EQ("The requested operation is unsupported", | 707 // error type). |
Ryan Sleevi
2014/04/25 23:08:52
s/error message/error details/, since that's what
eroman
2014/04/25 23:40:31
Done.
| |
689 Status::ErrorUnsupported().ToString()); | 708 TEST_F(SharedCryptoTest, Status) { |
709 // Even though the error message is the same, these should not be considered | |
710 // the same by the tests because the error type is different. | |
711 EXPECT_NE(Status::DataError(), Status::OperationError()); | |
712 EXPECT_NE(Status::Success(), Status::OperationError()); | |
713 | |
714 EXPECT_EQ(Status::Success(), Status::Success()); | |
715 EXPECT_EQ(Status::ErrorJwkPropertyWrongType("kty", "string"), | |
716 Status::ErrorJwkPropertyWrongType("kty", "string")); | |
717 | |
718 Status status = Status::Success(); | |
719 | |
720 EXPECT_EQ(false, status.IsError()); | |
721 EXPECT_EQ("", status.error_details()); | |
722 | |
723 status = Status::OperationError(); | |
724 EXPECT_EQ(true, status.IsError()); | |
725 EXPECT_EQ("", status.error_details()); | |
726 EXPECT_EQ(blink::WebCryptoErrorTypeOperation, status.error_type()); | |
727 | |
728 status = Status::DataError(); | |
729 EXPECT_EQ(true, status.IsError()); | |
730 EXPECT_EQ("", status.error_details()); | |
731 EXPECT_EQ(blink::WebCryptoErrorTypeData, status.error_type()); | |
732 | |
733 status = Status::ErrorUnsupported(); | |
734 EXPECT_EQ(true, status.IsError()); | |
735 EXPECT_EQ("The requested operation is unsupported", status.error_details()); | |
736 EXPECT_EQ(blink::WebCryptoErrorTypeNotSupported, status.error_type()); | |
737 | |
738 status = Status::ErrorJwkPropertyMissing("kty"); | |
739 EXPECT_EQ(true, status.IsError()); | |
690 EXPECT_EQ("The required JWK property \"kty\" was missing", | 740 EXPECT_EQ("The required JWK property \"kty\" was missing", |
691 Status::ErrorJwkPropertyMissing("kty").ToString()); | 741 status.error_details()); |
742 EXPECT_EQ(blink::WebCryptoErrorTypeData, status.error_type()); | |
743 | |
744 status = Status::ErrorJwkPropertyWrongType("kty", "string"); | |
745 EXPECT_EQ(true, status.IsError()); | |
692 EXPECT_EQ("The JWK property \"kty\" must be a string", | 746 EXPECT_EQ("The JWK property \"kty\" must be a string", |
693 Status::ErrorJwkPropertyWrongType("kty", "string").ToString()); | 747 status.error_details()); |
748 EXPECT_EQ(blink::WebCryptoErrorTypeData, status.error_type()); | |
749 | |
750 status = Status::ErrorJwkBase64Decode("n"); | |
751 EXPECT_EQ(true, status.IsError()); | |
694 EXPECT_EQ("The JWK property \"n\" could not be base64 decoded", | 752 EXPECT_EQ("The JWK property \"n\" could not be base64 decoded", |
695 Status::ErrorJwkBase64Decode("n").ToString()); | 753 status.error_details()); |
754 EXPECT_EQ(blink::WebCryptoErrorTypeData, status.error_type()); | |
696 } | 755 } |
697 | 756 |
698 TEST_F(SharedCryptoTest, DigestSampleSets) { | 757 TEST_F(SharedCryptoTest, DigestSampleSets) { |
699 scoped_ptr<base::ListValue> tests; | 758 scoped_ptr<base::ListValue> tests; |
700 ASSERT_TRUE(ReadJsonTestFileToList("digest.json", &tests)); | 759 ASSERT_TRUE(ReadJsonTestFileToList("digest.json", &tests)); |
701 | 760 |
702 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { | 761 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { |
703 SCOPED_TRACE(test_index); | 762 SCOPED_TRACE(test_index); |
704 base::DictionaryValue* test; | 763 base::DictionaryValue* test; |
705 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); | 764 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); |
706 | 765 |
707 blink::WebCryptoAlgorithm test_algorithm = | 766 blink::WebCryptoAlgorithm test_algorithm = |
708 GetDigestAlgorithm(test, "algorithm"); | 767 GetDigestAlgorithm(test, "algorithm"); |
709 std::vector<uint8> test_input = GetBytesFromHexString(test, "input"); | 768 std::vector<uint8> test_input = GetBytesFromHexString(test, "input"); |
710 std::vector<uint8> test_output = GetBytesFromHexString(test, "output"); | 769 std::vector<uint8> test_output = GetBytesFromHexString(test, "output"); |
711 | 770 |
712 blink::WebArrayBuffer output; | 771 blink::WebArrayBuffer output; |
713 ASSERT_STATUS_SUCCESS( | 772 ASSERT_EQ(Status::Success(), |
714 Digest(test_algorithm, CryptoData(test_input), &output)); | 773 Digest(test_algorithm, CryptoData(test_input), &output)); |
715 EXPECT_TRUE(ArrayBufferMatches(test_output, output)); | 774 EXPECT_TRUE(ArrayBufferMatches(test_output, output)); |
716 } | 775 } |
717 } | 776 } |
718 | 777 |
719 TEST_F(SharedCryptoTest, DigestSampleSetsInChunks) { | 778 TEST_F(SharedCryptoTest, DigestSampleSetsInChunks) { |
720 scoped_ptr<base::ListValue> tests; | 779 scoped_ptr<base::ListValue> tests; |
721 ASSERT_TRUE(ReadJsonTestFileToList("digest.json", &tests)); | 780 ASSERT_TRUE(ReadJsonTestFileToList("digest.json", &tests)); |
722 | 781 |
723 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { | 782 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { |
724 SCOPED_TRACE(test_index); | 783 SCOPED_TRACE(test_index); |
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
778 blink::WebCryptoKey key = ImportSecretKeyFromRaw( | 837 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
779 test_key, | 838 test_key, |
780 importAlgorithm, | 839 importAlgorithm, |
781 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify); | 840 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify); |
782 | 841 |
783 EXPECT_EQ(test_hash.id(), key.algorithm().hmacParams()->hash().id()); | 842 EXPECT_EQ(test_hash.id(), key.algorithm().hmacParams()->hash().id()); |
784 EXPECT_EQ(test_key.size() * 8, key.algorithm().hmacParams()->lengthBits()); | 843 EXPECT_EQ(test_key.size() * 8, key.algorithm().hmacParams()->lengthBits()); |
785 | 844 |
786 // Verify exported raw key is identical to the imported data | 845 // Verify exported raw key is identical to the imported data |
787 blink::WebArrayBuffer raw_key; | 846 blink::WebArrayBuffer raw_key; |
788 EXPECT_STATUS_SUCCESS( | 847 EXPECT_EQ(Status::Success(), |
789 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 848 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
790 EXPECT_TRUE(ArrayBufferMatches(test_key, raw_key)); | 849 EXPECT_TRUE(ArrayBufferMatches(test_key, raw_key)); |
791 | 850 |
792 blink::WebArrayBuffer output; | 851 blink::WebArrayBuffer output; |
793 | 852 |
794 ASSERT_STATUS_SUCCESS( | 853 ASSERT_EQ(Status::Success(), |
795 Sign(algorithm, key, CryptoData(test_message), &output)); | 854 Sign(algorithm, key, CryptoData(test_message), &output)); |
796 | 855 |
797 EXPECT_TRUE(ArrayBufferMatches(test_mac, output)); | 856 EXPECT_TRUE(ArrayBufferMatches(test_mac, output)); |
798 | 857 |
799 bool signature_match = false; | 858 bool signature_match = false; |
800 EXPECT_STATUS_SUCCESS(VerifySignature(algorithm, | 859 EXPECT_EQ(Status::Success(), |
801 key, | 860 VerifySignature(algorithm, |
802 CryptoData(output), | 861 key, |
803 CryptoData(test_message), | 862 CryptoData(output), |
804 &signature_match)); | 863 CryptoData(test_message), |
864 &signature_match)); | |
805 EXPECT_TRUE(signature_match); | 865 EXPECT_TRUE(signature_match); |
806 | 866 |
807 // Ensure truncated signature does not verify by passing one less byte. | 867 // Ensure truncated signature does not verify by passing one less byte. |
808 EXPECT_STATUS_SUCCESS(VerifySignature( | 868 EXPECT_EQ(Status::Success(), |
809 algorithm, | 869 VerifySignature( |
810 key, | 870 algorithm, |
811 CryptoData(static_cast<const unsigned char*>(output.data()), | 871 key, |
812 output.byteLength() - 1), | 872 CryptoData(static_cast<const unsigned char*>(output.data()), |
813 CryptoData(test_message), | 873 output.byteLength() - 1), |
814 &signature_match)); | 874 CryptoData(test_message), |
875 &signature_match)); | |
815 EXPECT_FALSE(signature_match); | 876 EXPECT_FALSE(signature_match); |
816 | 877 |
817 // Ensure truncated signature does not verify by passing no bytes. | 878 // Ensure truncated signature does not verify by passing no bytes. |
818 EXPECT_STATUS_SUCCESS(VerifySignature(algorithm, | 879 EXPECT_EQ(Status::Success(), |
819 key, | 880 VerifySignature(algorithm, |
820 CryptoData(), | 881 key, |
821 CryptoData(test_message), | 882 CryptoData(), |
822 &signature_match)); | 883 CryptoData(test_message), |
884 &signature_match)); | |
823 EXPECT_FALSE(signature_match); | 885 EXPECT_FALSE(signature_match); |
824 | 886 |
825 // Ensure extra long signature does not cause issues and fails. | 887 // Ensure extra long signature does not cause issues and fails. |
826 const unsigned char kLongSignature[1024] = {0}; | 888 const unsigned char kLongSignature[1024] = {0}; |
827 EXPECT_STATUS_SUCCESS( | 889 EXPECT_EQ( |
890 Status::Success(), | |
828 VerifySignature(algorithm, | 891 VerifySignature(algorithm, |
829 key, | 892 key, |
830 CryptoData(kLongSignature, sizeof(kLongSignature)), | 893 CryptoData(kLongSignature, sizeof(kLongSignature)), |
831 CryptoData(test_message), | 894 CryptoData(test_message), |
832 &signature_match)); | 895 &signature_match)); |
833 EXPECT_FALSE(signature_match); | 896 EXPECT_FALSE(signature_match); |
834 } | 897 } |
835 } | 898 } |
836 | 899 |
837 TEST_F(SharedCryptoTest, AesCbcFailures) { | 900 TEST_F(SharedCryptoTest, AesCbcFailures) { |
838 const std::string key_hex = "2b7e151628aed2a6abf7158809cf4f3c"; | 901 const std::string key_hex = "2b7e151628aed2a6abf7158809cf4f3c"; |
839 blink::WebCryptoKey key = ImportSecretKeyFromRaw( | 902 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
840 HexStringToBytes(key_hex), | 903 HexStringToBytes(key_hex), |
841 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 904 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
842 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); | 905 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); |
843 | 906 |
844 // Verify exported raw key is identical to the imported data | 907 // Verify exported raw key is identical to the imported data |
845 blink::WebArrayBuffer raw_key; | 908 blink::WebArrayBuffer raw_key; |
846 EXPECT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 909 EXPECT_EQ(Status::Success(), |
910 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | |
847 ExpectArrayBufferMatchesHex(key_hex, raw_key); | 911 ExpectArrayBufferMatchesHex(key_hex, raw_key); |
848 | 912 |
849 blink::WebArrayBuffer output; | 913 blink::WebArrayBuffer output; |
850 | 914 |
851 // Use an invalid |iv| (fewer than 16 bytes) | 915 // Use an invalid |iv| (fewer than 16 bytes) |
852 { | 916 { |
853 std::vector<uint8> input(32); | 917 std::vector<uint8> input(32); |
854 std::vector<uint8> iv; | 918 std::vector<uint8> iv; |
855 EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), | 919 EXPECT_EQ(Status::ErrorIncorrectSizeAesCbcIv(), |
856 Encrypt(webcrypto::CreateAesCbcAlgorithm(iv), | 920 Encrypt(webcrypto::CreateAesCbcAlgorithm(iv), |
857 key, | 921 key, |
858 CryptoData(input), | 922 CryptoData(input), |
859 &output)); | 923 &output)); |
860 EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), | 924 EXPECT_EQ(Status::ErrorIncorrectSizeAesCbcIv(), |
861 Decrypt(webcrypto::CreateAesCbcAlgorithm(iv), | 925 Decrypt(webcrypto::CreateAesCbcAlgorithm(iv), |
862 key, | 926 key, |
863 CryptoData(input), | 927 CryptoData(input), |
864 &output)); | 928 &output)); |
865 } | 929 } |
866 | 930 |
867 // Use an invalid |iv| (more than 16 bytes) | 931 // Use an invalid |iv| (more than 16 bytes) |
868 { | 932 { |
869 std::vector<uint8> input(32); | 933 std::vector<uint8> input(32); |
870 std::vector<uint8> iv(17); | 934 std::vector<uint8> iv(17); |
871 EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), | 935 EXPECT_EQ(Status::ErrorIncorrectSizeAesCbcIv(), |
872 Encrypt(webcrypto::CreateAesCbcAlgorithm(iv), | 936 Encrypt(webcrypto::CreateAesCbcAlgorithm(iv), |
873 key, | 937 key, |
874 CryptoData(input), | 938 CryptoData(input), |
875 &output)); | 939 &output)); |
876 EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), | 940 EXPECT_EQ(Status::ErrorIncorrectSizeAesCbcIv(), |
877 Decrypt(webcrypto::CreateAesCbcAlgorithm(iv), | 941 Decrypt(webcrypto::CreateAesCbcAlgorithm(iv), |
878 key, | 942 key, |
879 CryptoData(input), | 943 CryptoData(input), |
880 &output)); | 944 &output)); |
881 } | 945 } |
882 | 946 |
883 // Give an input that is too large (would cause integer overflow when | 947 // Give an input that is too large (would cause integer overflow when |
884 // narrowing to an int). | 948 // narrowing to an int). |
885 { | 949 { |
886 std::vector<uint8> iv(16); | 950 std::vector<uint8> iv(16); |
887 | 951 |
888 // Pretend the input is large. Don't pass data pointer as NULL in case that | 952 // Pretend the input is large. Don't pass data pointer as NULL in case that |
889 // is special cased; the implementation shouldn't actually dereference the | 953 // is special cased; the implementation shouldn't actually dereference the |
890 // data. | 954 // data. |
891 CryptoData input(&iv[0], INT_MAX - 3); | 955 CryptoData input(&iv[0], INT_MAX - 3); |
892 | 956 |
893 EXPECT_STATUS(Status::ErrorDataTooLarge(), | 957 EXPECT_EQ(Status::ErrorDataTooLarge(), |
894 Encrypt(CreateAesCbcAlgorithm(iv), key, input, &output)); | 958 Encrypt(CreateAesCbcAlgorithm(iv), key, input, &output)); |
895 EXPECT_STATUS(Status::ErrorDataTooLarge(), | 959 EXPECT_EQ(Status::ErrorDataTooLarge(), |
896 Decrypt(CreateAesCbcAlgorithm(iv), key, input, &output)); | 960 Decrypt(CreateAesCbcAlgorithm(iv), key, input, &output)); |
897 } | 961 } |
898 | 962 |
899 // Fail importing the key (too few bytes specified) | 963 // Fail importing the key (too few bytes specified) |
900 { | 964 { |
901 std::vector<uint8> key_raw(1); | 965 std::vector<uint8> key_raw(1); |
902 std::vector<uint8> iv(16); | 966 std::vector<uint8> iv(16); |
903 | 967 |
904 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 968 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
905 EXPECT_STATUS(Status::Error(), | 969 EXPECT_EQ(Status::ErrorImportAesKeyLength(), |
906 ImportKey(blink::WebCryptoKeyFormatRaw, | 970 ImportKey(blink::WebCryptoKeyFormatRaw, |
907 CryptoData(key_raw), | 971 CryptoData(key_raw), |
908 CreateAesCbcAlgorithm(iv), | 972 CreateAesCbcAlgorithm(iv), |
909 true, | 973 true, |
910 blink::WebCryptoKeyUsageEncrypt, | 974 blink::WebCryptoKeyUsageEncrypt, |
911 &key)); | 975 &key)); |
912 } | 976 } |
913 | 977 |
914 // Fail exporting the key in SPKI and PKCS#8 formats (not allowed for secret | 978 // Fail exporting the key in SPKI and PKCS#8 formats (not allowed for secret |
915 // keys). | 979 // keys). |
916 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 980 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), |
917 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); | 981 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); |
918 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 982 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), |
919 ExportKey(blink::WebCryptoKeyFormatPkcs8, key, &output)); | 983 ExportKey(blink::WebCryptoKeyFormatPkcs8, key, &output)); |
920 } | 984 } |
921 | 985 |
922 TEST_F(SharedCryptoTest, MAYBE(AesCbcSampleSets)) { | 986 TEST_F(SharedCryptoTest, MAYBE(AesCbcSampleSets)) { |
923 scoped_ptr<base::ListValue> tests; | 987 scoped_ptr<base::ListValue> tests; |
924 ASSERT_TRUE(ReadJsonTestFileToList("aes_cbc.json", &tests)); | 988 ASSERT_TRUE(ReadJsonTestFileToList("aes_cbc.json", &tests)); |
925 | 989 |
926 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { | 990 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { |
927 SCOPED_TRACE(test_index); | 991 SCOPED_TRACE(test_index); |
928 base::DictionaryValue* test; | 992 base::DictionaryValue* test; |
929 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); | 993 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); |
930 | 994 |
931 std::vector<uint8> test_key = GetBytesFromHexString(test, "key"); | 995 std::vector<uint8> test_key = GetBytesFromHexString(test, "key"); |
932 std::vector<uint8> test_iv = GetBytesFromHexString(test, "iv"); | 996 std::vector<uint8> test_iv = GetBytesFromHexString(test, "iv"); |
933 std::vector<uint8> test_plain_text = | 997 std::vector<uint8> test_plain_text = |
934 GetBytesFromHexString(test, "plain_text"); | 998 GetBytesFromHexString(test, "plain_text"); |
935 std::vector<uint8> test_cipher_text = | 999 std::vector<uint8> test_cipher_text = |
936 GetBytesFromHexString(test, "cipher_text"); | 1000 GetBytesFromHexString(test, "cipher_text"); |
937 | 1001 |
938 blink::WebCryptoKey key = ImportSecretKeyFromRaw( | 1002 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
939 test_key, | 1003 test_key, |
940 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 1004 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
941 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); | 1005 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); |
942 | 1006 |
943 EXPECT_EQ(test_key.size() * 8, key.algorithm().aesParams()->lengthBits()); | 1007 EXPECT_EQ(test_key.size() * 8, key.algorithm().aesParams()->lengthBits()); |
944 | 1008 |
945 // Verify exported raw key is identical to the imported data | 1009 // Verify exported raw key is identical to the imported data |
946 blink::WebArrayBuffer raw_key; | 1010 blink::WebArrayBuffer raw_key; |
947 EXPECT_STATUS_SUCCESS( | 1011 EXPECT_EQ(Status::Success(), |
948 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 1012 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
949 EXPECT_TRUE(ArrayBufferMatches(test_key, raw_key)); | 1013 EXPECT_TRUE(ArrayBufferMatches(test_key, raw_key)); |
950 | 1014 |
951 blink::WebArrayBuffer output; | 1015 blink::WebArrayBuffer output; |
952 | 1016 |
953 // Test encryption. | 1017 // Test encryption. |
954 EXPECT_STATUS(Status::Success(), | 1018 EXPECT_EQ(Status::Success(), |
955 Encrypt(webcrypto::CreateAesCbcAlgorithm(test_iv), | 1019 Encrypt(webcrypto::CreateAesCbcAlgorithm(test_iv), |
956 key, | 1020 key, |
957 CryptoData(test_plain_text), | 1021 CryptoData(test_plain_text), |
958 &output)); | 1022 &output)); |
959 EXPECT_TRUE(ArrayBufferMatches(test_cipher_text, output)); | 1023 EXPECT_TRUE(ArrayBufferMatches(test_cipher_text, output)); |
960 | 1024 |
961 // Test decryption. | 1025 // Test decryption. |
962 EXPECT_STATUS(Status::Success(), | 1026 EXPECT_EQ(Status::Success(), |
963 Decrypt(webcrypto::CreateAesCbcAlgorithm(test_iv), | 1027 Decrypt(webcrypto::CreateAesCbcAlgorithm(test_iv), |
964 key, | 1028 key, |
965 CryptoData(test_cipher_text), | 1029 CryptoData(test_cipher_text), |
966 &output)); | 1030 &output)); |
967 EXPECT_TRUE(ArrayBufferMatches(test_plain_text, output)); | 1031 EXPECT_TRUE(ArrayBufferMatches(test_plain_text, output)); |
968 | 1032 |
969 const unsigned int kAesCbcBlockSize = 16; | 1033 const unsigned int kAesCbcBlockSize = 16; |
970 | 1034 |
971 // Decrypt with a padding error by stripping the last block. This also ends | 1035 // Decrypt with a padding error by stripping the last block. This also ends |
972 // up testing decryption over empty cipher text. | 1036 // up testing decryption over empty cipher text. |
973 if (test_cipher_text.size() >= kAesCbcBlockSize) { | 1037 if (test_cipher_text.size() >= kAesCbcBlockSize) { |
974 EXPECT_STATUS( | 1038 EXPECT_EQ(Status::OperationError(), |
975 Status::Error(), | 1039 Decrypt(CreateAesCbcAlgorithm(test_iv), |
976 Decrypt(CreateAesCbcAlgorithm(test_iv), | 1040 key, |
977 key, | 1041 CryptoData(&test_cipher_text[0], |
978 CryptoData(&test_cipher_text[0], | 1042 test_cipher_text.size() - kAesCbcBlockSize), |
979 test_cipher_text.size() - kAesCbcBlockSize), | 1043 &output)); |
980 &output)); | |
981 } | 1044 } |
982 | 1045 |
983 // Decrypt cipher text which is not a multiple of block size by stripping | 1046 // Decrypt cipher text which is not a multiple of block size by stripping |
984 // a few bytes off the cipher text. | 1047 // a few bytes off the cipher text. |
985 if (test_cipher_text.size() > 3) { | 1048 if (test_cipher_text.size() > 3) { |
986 EXPECT_STATUS( | 1049 EXPECT_EQ( |
987 Status::Error(), | 1050 Status::OperationError(), |
988 Decrypt(CreateAesCbcAlgorithm(test_iv), | 1051 Decrypt(CreateAesCbcAlgorithm(test_iv), |
989 key, | 1052 key, |
990 CryptoData(&test_cipher_text[0], test_cipher_text.size() - 3), | 1053 CryptoData(&test_cipher_text[0], test_cipher_text.size() - 3), |
991 &output)); | 1054 &output)); |
992 } | 1055 } |
993 } | 1056 } |
994 } | 1057 } |
995 | 1058 |
996 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyAes)) { | 1059 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyAes)) { |
997 // Check key generation for each of AES-CBC, AES-GCM, and AES-KW, and for each | 1060 // Check key generation for each of AES-CBC, AES-GCM, and AES-KW, and for each |
998 // allowed key length. | 1061 // allowed key length. |
999 std::vector<blink::WebCryptoAlgorithm> algorithm; | 1062 std::vector<blink::WebCryptoAlgorithm> algorithm; |
1000 const unsigned short kKeyLength[] = {128, 192, 256}; | 1063 const unsigned short kKeyLength[] = {128, 192, 256}; |
1001 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLength); ++i) { | 1064 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLength); ++i) { |
1002 algorithm.push_back(CreateAesCbcKeyGenAlgorithm(kKeyLength[i])); | 1065 algorithm.push_back(CreateAesCbcKeyGenAlgorithm(kKeyLength[i])); |
1003 algorithm.push_back(CreateAesKwKeyGenAlgorithm(kKeyLength[i])); | 1066 algorithm.push_back(CreateAesKwKeyGenAlgorithm(kKeyLength[i])); |
1004 if (SupportsAesGcm()) | 1067 if (SupportsAesGcm()) |
1005 algorithm.push_back(CreateAesGcmKeyGenAlgorithm(kKeyLength[i])); | 1068 algorithm.push_back(CreateAesGcmKeyGenAlgorithm(kKeyLength[i])); |
1006 } | 1069 } |
1007 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1070 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1008 std::vector<blink::WebArrayBuffer> keys; | 1071 std::vector<blink::WebArrayBuffer> keys; |
1009 blink::WebArrayBuffer key_bytes; | 1072 blink::WebArrayBuffer key_bytes; |
1010 for (size_t i = 0; i < algorithm.size(); ++i) { | 1073 for (size_t i = 0; i < algorithm.size(); ++i) { |
1011 SCOPED_TRACE(i); | 1074 SCOPED_TRACE(i); |
1012 // Generate a small sample of keys. | 1075 // Generate a small sample of keys. |
1013 keys.clear(); | 1076 keys.clear(); |
1014 for (int j = 0; j < 16; ++j) { | 1077 for (int j = 0; j < 16; ++j) { |
1015 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm[i], true, 0, &key)); | 1078 ASSERT_EQ(Status::Success(), |
1079 GenerateSecretKey(algorithm[i], true, 0, &key)); | |
1016 EXPECT_TRUE(key.handle()); | 1080 EXPECT_TRUE(key.handle()); |
1017 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 1081 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
1018 ASSERT_STATUS_SUCCESS( | 1082 ASSERT_EQ(Status::Success(), |
1019 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_bytes)); | 1083 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_bytes)); |
1020 EXPECT_EQ(key_bytes.byteLength() * 8, | 1084 EXPECT_EQ(key_bytes.byteLength() * 8, |
1021 key.algorithm().aesParams()->lengthBits()); | 1085 key.algorithm().aesParams()->lengthBits()); |
1022 keys.push_back(key_bytes); | 1086 keys.push_back(key_bytes); |
1023 } | 1087 } |
1024 // Ensure all entries in the key sample set are unique. This is a simplistic | 1088 // Ensure all entries in the key sample set are unique. This is a simplistic |
1025 // estimate of whether the generated keys appear random. | 1089 // estimate of whether the generated keys appear random. |
1026 EXPECT_FALSE(CopiesExist(keys)); | 1090 EXPECT_FALSE(CopiesExist(keys)); |
1027 } | 1091 } |
1028 } | 1092 } |
1029 | 1093 |
1030 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyAesBadLength)) { | 1094 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyAesBadLength)) { |
1031 const unsigned short kKeyLen[] = {0, 127, 257}; | 1095 const unsigned short kKeyLen[] = {0, 127, 257}; |
1032 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1096 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1033 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLen); ++i) { | 1097 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLen); ++i) { |
1034 SCOPED_TRACE(i); | 1098 SCOPED_TRACE(i); |
1035 EXPECT_STATUS(Status::ErrorGenerateKeyLength(), | 1099 EXPECT_EQ(Status::ErrorGenerateKeyLength(), |
1036 GenerateSecretKey( | 1100 GenerateSecretKey( |
1037 CreateAesCbcKeyGenAlgorithm(kKeyLen[i]), true, 0, &key)); | 1101 CreateAesCbcKeyGenAlgorithm(kKeyLen[i]), true, 0, &key)); |
1038 EXPECT_STATUS(Status::ErrorGenerateKeyLength(), | 1102 EXPECT_EQ(Status::ErrorGenerateKeyLength(), |
1039 GenerateSecretKey( | 1103 GenerateSecretKey( |
1040 CreateAesKwKeyGenAlgorithm(kKeyLen[i]), true, 0, &key)); | 1104 CreateAesKwKeyGenAlgorithm(kKeyLen[i]), true, 0, &key)); |
1041 if (SupportsAesGcm()) { | 1105 if (SupportsAesGcm()) { |
1042 EXPECT_STATUS( | 1106 EXPECT_EQ(Status::ErrorGenerateKeyLength(), |
1043 Status::ErrorGenerateKeyLength(), | 1107 GenerateSecretKey( |
1044 GenerateSecretKey( | 1108 CreateAesGcmKeyGenAlgorithm(kKeyLen[i]), true, 0, &key)); |
1045 CreateAesGcmKeyGenAlgorithm(kKeyLen[i]), true, 0, &key)); | |
1046 } | 1109 } |
1047 } | 1110 } |
1048 } | 1111 } |
1049 | 1112 |
1050 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyHmac)) { | 1113 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyHmac)) { |
1051 // Generate a small sample of HMAC keys. | 1114 // Generate a small sample of HMAC keys. |
1052 std::vector<blink::WebArrayBuffer> keys; | 1115 std::vector<blink::WebArrayBuffer> keys; |
1053 for (int i = 0; i < 16; ++i) { | 1116 for (int i = 0; i < 16; ++i) { |
1054 blink::WebArrayBuffer key_bytes; | 1117 blink::WebArrayBuffer key_bytes; |
1055 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1118 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1056 blink::WebCryptoAlgorithm algorithm = | 1119 blink::WebCryptoAlgorithm algorithm = |
1057 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 512); | 1120 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 512); |
1058 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); | 1121 ASSERT_EQ(Status::Success(), GenerateSecretKey(algorithm, true, 0, &key)); |
1059 EXPECT_FALSE(key.isNull()); | 1122 EXPECT_FALSE(key.isNull()); |
1060 EXPECT_TRUE(key.handle()); | 1123 EXPECT_TRUE(key.handle()); |
1061 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 1124 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
1062 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); | 1125 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); |
1063 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, | 1126 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, |
1064 key.algorithm().hmacParams()->hash().id()); | 1127 key.algorithm().hmacParams()->hash().id()); |
1065 EXPECT_EQ(512u, key.algorithm().hmacParams()->lengthBits()); | 1128 EXPECT_EQ(512u, key.algorithm().hmacParams()->lengthBits()); |
1066 | 1129 |
1067 blink::WebArrayBuffer raw_key; | 1130 blink::WebArrayBuffer raw_key; |
1068 ASSERT_STATUS_SUCCESS( | 1131 ASSERT_EQ(Status::Success(), |
1069 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 1132 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
1070 EXPECT_EQ(64U, raw_key.byteLength()); | 1133 EXPECT_EQ(64U, raw_key.byteLength()); |
1071 keys.push_back(raw_key); | 1134 keys.push_back(raw_key); |
1072 } | 1135 } |
1073 // Ensure all entries in the key sample set are unique. This is a simplistic | 1136 // Ensure all entries in the key sample set are unique. This is a simplistic |
1074 // estimate of whether the generated keys appear random. | 1137 // estimate of whether the generated keys appear random. |
1075 EXPECT_FALSE(CopiesExist(keys)); | 1138 EXPECT_FALSE(CopiesExist(keys)); |
1076 } | 1139 } |
1077 | 1140 |
1078 // If the key length is not provided, then the block size is used. | 1141 // If the key length is not provided, then the block size is used. |
1079 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyHmacNoLength)) { | 1142 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyHmacNoLength)) { |
1080 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1143 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1081 blink::WebCryptoAlgorithm algorithm = | 1144 blink::WebCryptoAlgorithm algorithm = |
1082 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 0); | 1145 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 0); |
1083 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); | 1146 ASSERT_EQ(Status::Success(), GenerateSecretKey(algorithm, true, 0, &key)); |
1084 EXPECT_TRUE(key.handle()); | 1147 EXPECT_TRUE(key.handle()); |
1085 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 1148 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
1086 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); | 1149 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); |
1087 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, | 1150 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, |
1088 key.algorithm().hmacParams()->hash().id()); | 1151 key.algorithm().hmacParams()->hash().id()); |
1089 EXPECT_EQ(512u, key.algorithm().hmacParams()->lengthBits()); | 1152 EXPECT_EQ(512u, key.algorithm().hmacParams()->lengthBits()); |
1090 blink::WebArrayBuffer raw_key; | 1153 blink::WebArrayBuffer raw_key; |
1091 ASSERT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 1154 ASSERT_EQ(Status::Success(), |
1155 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | |
1092 EXPECT_EQ(64U, raw_key.byteLength()); | 1156 EXPECT_EQ(64U, raw_key.byteLength()); |
1093 | 1157 |
1094 // The block size for HMAC SHA-512 is larger. | 1158 // The block size for HMAC SHA-512 is larger. |
1095 algorithm = CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha512, 0); | 1159 algorithm = CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha512, 0); |
1096 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); | 1160 ASSERT_EQ(Status::Success(), GenerateSecretKey(algorithm, true, 0, &key)); |
1097 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); | 1161 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); |
1098 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha512, | 1162 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha512, |
1099 key.algorithm().hmacParams()->hash().id()); | 1163 key.algorithm().hmacParams()->hash().id()); |
1100 EXPECT_EQ(1024u, key.algorithm().hmacParams()->lengthBits()); | 1164 EXPECT_EQ(1024u, key.algorithm().hmacParams()->lengthBits()); |
1101 ASSERT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 1165 ASSERT_EQ(Status::Success(), |
1166 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | |
1102 EXPECT_EQ(128U, raw_key.byteLength()); | 1167 EXPECT_EQ(128U, raw_key.byteLength()); |
1103 } | 1168 } |
1104 | 1169 |
1105 TEST_F(SharedCryptoTest, ImportJwkKeyUsage) { | 1170 TEST_F(SharedCryptoTest, ImportJwkKeyUsage) { |
1106 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1171 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1107 base::DictionaryValue dict; | 1172 base::DictionaryValue dict; |
1108 dict.SetString("kty", "oct"); | 1173 dict.SetString("kty", "oct"); |
1109 dict.SetBoolean("ext", false); | 1174 dict.SetBoolean("ext", false); |
1110 dict.SetString("k", "GADWrMRHwQfoNaXU5fZvTg=="); | 1175 dict.SetString("k", "GADWrMRHwQfoNaXU5fZvTg=="); |
1111 const blink::WebCryptoAlgorithm aes_cbc_algorithm = | 1176 const blink::WebCryptoAlgorithm aes_cbc_algorithm = |
1112 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); | 1177 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); |
1113 const blink::WebCryptoAlgorithm hmac_algorithm = | 1178 const blink::WebCryptoAlgorithm hmac_algorithm = |
1114 webcrypto::CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256); | 1179 webcrypto::CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256); |
1115 const blink::WebCryptoAlgorithm aes_kw_algorithm = | 1180 const blink::WebCryptoAlgorithm aes_kw_algorithm = |
1116 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); | 1181 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); |
1117 | 1182 |
1118 // Test null usage. | 1183 // Test null usage. |
1119 base::ListValue* key_ops = new base::ListValue; | 1184 base::ListValue* key_ops = new base::ListValue; |
1120 // Note: the following call makes dict assume ownership of key_ops. | 1185 // Note: the following call makes dict assume ownership of key_ops. |
1121 dict.Set("key_ops", key_ops); | 1186 dict.Set("key_ops", key_ops); |
1122 EXPECT_STATUS_SUCCESS( | 1187 EXPECT_EQ(Status::Success(), |
1123 ImportKeyJwkFromDict(dict, aes_cbc_algorithm, false, 0, &key)); | 1188 ImportKeyJwkFromDict(dict, aes_cbc_algorithm, false, 0, &key)); |
1124 EXPECT_EQ(0, key.usages()); | 1189 EXPECT_EQ(0, key.usages()); |
1125 | 1190 |
1126 // Test each key_ops value translates to the correct Web Crypto value. | 1191 // Test each key_ops value translates to the correct Web Crypto value. |
1127 struct TestCase { | 1192 struct TestCase { |
1128 const char* jwk_key_op; | 1193 const char* jwk_key_op; |
1129 const char* jwk_alg; | 1194 const char* jwk_alg; |
1130 const blink::WebCryptoAlgorithm algorithm; | 1195 const blink::WebCryptoAlgorithm algorithm; |
1131 const blink::WebCryptoKeyUsage usage; | 1196 const blink::WebCryptoKeyUsage usage; |
1132 }; | 1197 }; |
1133 // TODO(padolph): Add 'deriveBits' key_ops value once it is supported. | 1198 // TODO(padolph): Add 'deriveBits' key_ops value once it is supported. |
1134 const TestCase test_case[] = { | 1199 const TestCase test_case[] = { |
1135 {"encrypt", "A128CBC", aes_cbc_algorithm, | 1200 {"encrypt", "A128CBC", aes_cbc_algorithm, |
1136 blink::WebCryptoKeyUsageEncrypt}, | 1201 blink::WebCryptoKeyUsageEncrypt}, |
1137 {"decrypt", "A128CBC", aes_cbc_algorithm, | 1202 {"decrypt", "A128CBC", aes_cbc_algorithm, |
1138 blink::WebCryptoKeyUsageDecrypt}, | 1203 blink::WebCryptoKeyUsageDecrypt}, |
1139 {"sign", "HS256", hmac_algorithm, blink::WebCryptoKeyUsageSign}, | 1204 {"sign", "HS256", hmac_algorithm, blink::WebCryptoKeyUsageSign}, |
1140 {"verify", "HS256", hmac_algorithm, blink::WebCryptoKeyUsageVerify}, | 1205 {"verify", "HS256", hmac_algorithm, blink::WebCryptoKeyUsageVerify}, |
1141 {"wrapKey", "A128KW", aes_kw_algorithm, blink::WebCryptoKeyUsageWrapKey}, | 1206 {"wrapKey", "A128KW", aes_kw_algorithm, blink::WebCryptoKeyUsageWrapKey}, |
1142 {"unwrapKey", "A128KW", aes_kw_algorithm, | 1207 {"unwrapKey", "A128KW", aes_kw_algorithm, |
1143 blink::WebCryptoKeyUsageUnwrapKey}, | 1208 blink::WebCryptoKeyUsageUnwrapKey}, |
1144 {"deriveKey", "HS256", hmac_algorithm, | 1209 {"deriveKey", "HS256", hmac_algorithm, |
1145 blink::WebCryptoKeyUsageDeriveKey}}; | 1210 blink::WebCryptoKeyUsageDeriveKey}}; |
1146 for (size_t test_index = 0; test_index < ARRAYSIZE_UNSAFE(test_case); | 1211 for (size_t test_index = 0; test_index < ARRAYSIZE_UNSAFE(test_case); |
1147 ++test_index) { | 1212 ++test_index) { |
1148 SCOPED_TRACE(test_index); | 1213 SCOPED_TRACE(test_index); |
1149 dict.SetString("alg", test_case[test_index].jwk_alg); | 1214 dict.SetString("alg", test_case[test_index].jwk_alg); |
1150 key_ops->Clear(); | 1215 key_ops->Clear(); |
1151 key_ops->AppendString(test_case[test_index].jwk_key_op); | 1216 key_ops->AppendString(test_case[test_index].jwk_key_op); |
1152 EXPECT_STATUS_SUCCESS(ImportKeyJwkFromDict(dict, | 1217 EXPECT_EQ(Status::Success(), |
1153 test_case[test_index].algorithm, | 1218 ImportKeyJwkFromDict(dict, |
1154 false, | 1219 test_case[test_index].algorithm, |
1155 test_case[test_index].usage, | 1220 false, |
1156 &key)); | 1221 test_case[test_index].usage, |
1222 &key)); | |
1157 EXPECT_EQ(test_case[test_index].usage, key.usages()); | 1223 EXPECT_EQ(test_case[test_index].usage, key.usages()); |
1158 } | 1224 } |
1159 | 1225 |
1160 // Test discrete multiple usages. | 1226 // Test discrete multiple usages. |
1161 dict.SetString("alg", "A128CBC"); | 1227 dict.SetString("alg", "A128CBC"); |
1162 key_ops->Clear(); | 1228 key_ops->Clear(); |
1163 key_ops->AppendString("encrypt"); | 1229 key_ops->AppendString("encrypt"); |
1164 key_ops->AppendString("decrypt"); | 1230 key_ops->AppendString("decrypt"); |
1165 EXPECT_STATUS_SUCCESS(ImportKeyJwkFromDict( | 1231 EXPECT_EQ(Status::Success(), |
1166 dict, | 1232 ImportKeyJwkFromDict(dict, |
1167 aes_cbc_algorithm, | 1233 aes_cbc_algorithm, |
1168 false, | 1234 false, |
1169 blink::WebCryptoKeyUsageDecrypt | blink::WebCryptoKeyUsageEncrypt, | 1235 blink::WebCryptoKeyUsageDecrypt | |
1170 &key)); | 1236 blink::WebCryptoKeyUsageEncrypt, |
1237 &key)); | |
1171 EXPECT_EQ(blink::WebCryptoKeyUsageDecrypt | blink::WebCryptoKeyUsageEncrypt, | 1238 EXPECT_EQ(blink::WebCryptoKeyUsageDecrypt | blink::WebCryptoKeyUsageEncrypt, |
1172 key.usages()); | 1239 key.usages()); |
1173 | 1240 |
1174 // Test constrained key usage (input usage is a subset of JWK usage). | 1241 // Test constrained key usage (input usage is a subset of JWK usage). |
1175 key_ops->Clear(); | 1242 key_ops->Clear(); |
1176 key_ops->AppendString("encrypt"); | 1243 key_ops->AppendString("encrypt"); |
1177 key_ops->AppendString("decrypt"); | 1244 key_ops->AppendString("decrypt"); |
1178 EXPECT_STATUS_SUCCESS(ImportKeyJwkFromDict( | 1245 EXPECT_EQ(Status::Success(), |
1179 dict, aes_cbc_algorithm, false, blink::WebCryptoKeyUsageDecrypt, &key)); | 1246 ImportKeyJwkFromDict(dict, |
1247 aes_cbc_algorithm, | |
1248 false, | |
1249 blink::WebCryptoKeyUsageDecrypt, | |
1250 &key)); | |
1180 EXPECT_EQ(blink::WebCryptoKeyUsageDecrypt, key.usages()); | 1251 EXPECT_EQ(blink::WebCryptoKeyUsageDecrypt, key.usages()); |
1181 | 1252 |
1182 // Test failure if input usage is NOT a strict subset of the JWK usage. | 1253 // Test failure if input usage is NOT a strict subset of the JWK usage. |
1183 key_ops->Clear(); | 1254 key_ops->Clear(); |
1184 key_ops->AppendString("encrypt"); | 1255 key_ops->AppendString("encrypt"); |
1185 EXPECT_STATUS(Status::ErrorJwkKeyopsInconsistent(), | 1256 EXPECT_EQ(Status::ErrorJwkKeyopsInconsistent(), |
1186 ImportKeyJwkFromDict(dict, | 1257 ImportKeyJwkFromDict(dict, |
1187 aes_cbc_algorithm, | 1258 aes_cbc_algorithm, |
1188 false, | 1259 false, |
1189 blink::WebCryptoKeyUsageEncrypt | | 1260 blink::WebCryptoKeyUsageEncrypt | |
1190 blink::WebCryptoKeyUsageDecrypt, | 1261 blink::WebCryptoKeyUsageDecrypt, |
1191 &key)); | 1262 &key)); |
1192 | 1263 |
1193 // Test 'use' inconsistent with 'key_ops'. | 1264 // Test 'use' inconsistent with 'key_ops'. |
1194 dict.SetString("alg", "HS256"); | 1265 dict.SetString("alg", "HS256"); |
1195 dict.SetString("use", "sig"); | 1266 dict.SetString("use", "sig"); |
1196 key_ops->AppendString("sign"); | 1267 key_ops->AppendString("sign"); |
1197 key_ops->AppendString("verify"); | 1268 key_ops->AppendString("verify"); |
1198 key_ops->AppendString("encrypt"); | 1269 key_ops->AppendString("encrypt"); |
1199 EXPECT_STATUS(Status::ErrorJwkUseAndKeyopsInconsistent(), | 1270 EXPECT_EQ(Status::ErrorJwkUseAndKeyopsInconsistent(), |
1200 ImportKeyJwkFromDict(dict, | 1271 ImportKeyJwkFromDict( |
1201 hmac_algorithm, | 1272 dict, |
1202 false, | 1273 hmac_algorithm, |
1203 blink::WebCryptoKeyUsageSign | | 1274 false, |
1204 blink::WebCryptoKeyUsageVerify, | 1275 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, |
1205 &key)); | 1276 &key)); |
1206 | 1277 |
1207 // Test JWK composite 'sig' use | 1278 // Test JWK composite 'sig' use |
1208 dict.Remove("key_ops", NULL); | 1279 dict.Remove("key_ops", NULL); |
1209 dict.SetString("use", "sig"); | 1280 dict.SetString("use", "sig"); |
1210 EXPECT_STATUS_SUCCESS(ImportKeyJwkFromDict( | 1281 EXPECT_EQ(Status::Success(), |
1211 dict, | 1282 ImportKeyJwkFromDict( |
1212 hmac_algorithm, | 1283 dict, |
1213 false, | 1284 hmac_algorithm, |
1214 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, | 1285 false, |
1215 &key)); | 1286 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, |
1287 &key)); | |
1216 EXPECT_EQ(blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, | 1288 EXPECT_EQ(blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, |
1217 key.usages()); | 1289 key.usages()); |
1218 | 1290 |
1219 // Test JWK composite use 'enc' usage | 1291 // Test JWK composite use 'enc' usage |
1220 dict.SetString("alg", "A128CBC"); | 1292 dict.SetString("alg", "A128CBC"); |
1221 dict.SetString("use", "enc"); | 1293 dict.SetString("use", "enc"); |
1222 EXPECT_STATUS_SUCCESS(ImportKeyJwkFromDict( | 1294 EXPECT_EQ(Status::Success(), |
1223 dict, | 1295 ImportKeyJwkFromDict(dict, |
1224 aes_cbc_algorithm, | 1296 aes_cbc_algorithm, |
1225 false, | 1297 false, |
1226 blink::WebCryptoKeyUsageDecrypt | blink::WebCryptoKeyUsageEncrypt | | 1298 blink::WebCryptoKeyUsageDecrypt | |
1227 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey | | 1299 blink::WebCryptoKeyUsageEncrypt | |
1228 blink::WebCryptoKeyUsageDeriveKey, | 1300 blink::WebCryptoKeyUsageWrapKey | |
1229 &key)); | 1301 blink::WebCryptoKeyUsageUnwrapKey | |
1302 blink::WebCryptoKeyUsageDeriveKey, | |
1303 &key)); | |
1230 EXPECT_EQ(blink::WebCryptoKeyUsageDecrypt | blink::WebCryptoKeyUsageEncrypt | | 1304 EXPECT_EQ(blink::WebCryptoKeyUsageDecrypt | blink::WebCryptoKeyUsageEncrypt | |
1231 blink::WebCryptoKeyUsageWrapKey | | 1305 blink::WebCryptoKeyUsageWrapKey | |
1232 blink::WebCryptoKeyUsageUnwrapKey | | 1306 blink::WebCryptoKeyUsageUnwrapKey | |
1233 blink::WebCryptoKeyUsageDeriveKey, | 1307 blink::WebCryptoKeyUsageDeriveKey, |
1234 key.usages()); | 1308 key.usages()); |
1235 } | 1309 } |
1236 | 1310 |
1237 TEST_F(SharedCryptoTest, ImportJwkFailures) { | 1311 TEST_F(SharedCryptoTest, ImportJwkFailures) { |
1238 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1312 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1239 blink::WebCryptoAlgorithm algorithm = | 1313 blink::WebCryptoAlgorithm algorithm = |
1240 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); | 1314 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); |
1241 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; | 1315 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; |
1242 | 1316 |
1243 // Baseline pass: each test below breaks a single item, so we start with a | 1317 // Baseline pass: each test below breaks a single item, so we start with a |
1244 // passing case to make sure each failure is caused by the isolated break. | 1318 // passing case to make sure each failure is caused by the isolated break. |
1245 // Each breaking subtest below resets the dictionary to this passing case when | 1319 // Each breaking subtest below resets the dictionary to this passing case when |
1246 // complete. | 1320 // complete. |
1247 base::DictionaryValue dict; | 1321 base::DictionaryValue dict; |
1248 RestoreJwkOctDictionary(&dict); | 1322 RestoreJwkOctDictionary(&dict); |
1249 EXPECT_STATUS_SUCCESS( | 1323 EXPECT_EQ(Status::Success(), |
1250 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1324 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1251 | 1325 |
1252 // Fail on empty JSON. | 1326 // Fail on empty JSON. |
1253 EXPECT_STATUS( | 1327 EXPECT_EQ( |
1254 Status::ErrorImportEmptyKeyData(), | 1328 Status::ErrorImportEmptyKeyData(), |
1255 ImportKeyJwk( | 1329 ImportKeyJwk( |
1256 CryptoData(MakeJsonVector("")), algorithm, false, usage_mask, &key)); | 1330 CryptoData(MakeJsonVector("")), algorithm, false, usage_mask, &key)); |
1257 | 1331 |
1258 // Fail on invalid JSON. | 1332 // Fail on invalid JSON. |
1259 const std::vector<uint8> bad_json_vec = MakeJsonVector( | 1333 const std::vector<uint8> bad_json_vec = MakeJsonVector( |
1260 "{" | 1334 "{" |
1261 "\"kty\" : \"oct\"," | 1335 "\"kty\" : \"oct\"," |
1262 "\"alg\" : \"HS256\"," | 1336 "\"alg\" : \"HS256\"," |
1263 "\"use\" : "); | 1337 "\"use\" : "); |
1264 EXPECT_STATUS( | 1338 EXPECT_EQ(Status::ErrorJwkNotDictionary(), |
1265 Status::ErrorJwkNotDictionary(), | 1339 ImportKeyJwk( |
1266 ImportKeyJwk( | 1340 CryptoData(bad_json_vec), algorithm, false, usage_mask, &key)); |
1267 CryptoData(bad_json_vec), algorithm, false, usage_mask, &key)); | |
1268 | 1341 |
1269 // Fail on JWK alg present but unrecognized. | 1342 // Fail on JWK alg present but unrecognized. |
1270 dict.SetString("alg", "A127CBC"); | 1343 dict.SetString("alg", "A127CBC"); |
1271 EXPECT_STATUS(Status::ErrorJwkUnrecognizedAlgorithm(), | 1344 EXPECT_EQ(Status::ErrorJwkUnrecognizedAlgorithm(), |
1272 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1345 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1273 RestoreJwkOctDictionary(&dict); | 1346 RestoreJwkOctDictionary(&dict); |
1274 | 1347 |
1275 // Fail on invalid kty. | 1348 // Fail on invalid kty. |
1276 dict.SetString("kty", "foo"); | 1349 dict.SetString("kty", "foo"); |
1277 EXPECT_STATUS(Status::ErrorJwkUnrecognizedKty(), | 1350 EXPECT_EQ(Status::ErrorJwkUnrecognizedKty(), |
1278 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1351 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1279 RestoreJwkOctDictionary(&dict); | 1352 RestoreJwkOctDictionary(&dict); |
1280 | 1353 |
1281 // Fail on missing kty. | 1354 // Fail on missing kty. |
1282 dict.Remove("kty", NULL); | 1355 dict.Remove("kty", NULL); |
1283 EXPECT_STATUS(Status::ErrorJwkPropertyMissing("kty"), | 1356 EXPECT_EQ(Status::ErrorJwkPropertyMissing("kty"), |
1284 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1357 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1285 RestoreJwkOctDictionary(&dict); | 1358 RestoreJwkOctDictionary(&dict); |
1286 | 1359 |
1287 // Fail on kty wrong type. | 1360 // Fail on kty wrong type. |
1288 dict.SetDouble("kty", 0.1); | 1361 dict.SetDouble("kty", 0.1); |
1289 EXPECT_STATUS(Status::ErrorJwkPropertyWrongType("kty", "string"), | 1362 EXPECT_EQ(Status::ErrorJwkPropertyWrongType("kty", "string"), |
1290 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1363 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1291 RestoreJwkOctDictionary(&dict); | 1364 RestoreJwkOctDictionary(&dict); |
1292 | 1365 |
1293 // Fail on invalid use. | 1366 // Fail on invalid use. |
1294 dict.SetString("use", "foo"); | 1367 dict.SetString("use", "foo"); |
1295 EXPECT_STATUS(Status::ErrorJwkUnrecognizedUse(), | 1368 EXPECT_EQ(Status::ErrorJwkUnrecognizedUse(), |
1296 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1369 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1297 RestoreJwkOctDictionary(&dict); | 1370 RestoreJwkOctDictionary(&dict); |
1298 | 1371 |
1299 // Fail on invalid use (wrong type). | 1372 // Fail on invalid use (wrong type). |
1300 dict.SetBoolean("use", true); | 1373 dict.SetBoolean("use", true); |
1301 EXPECT_STATUS(Status::ErrorJwkPropertyWrongType("use", "string"), | 1374 EXPECT_EQ(Status::ErrorJwkPropertyWrongType("use", "string"), |
1302 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1375 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1303 RestoreJwkOctDictionary(&dict); | 1376 RestoreJwkOctDictionary(&dict); |
1304 | 1377 |
1305 // Fail on invalid extractable (wrong type). | 1378 // Fail on invalid extractable (wrong type). |
1306 dict.SetInteger("ext", 0); | 1379 dict.SetInteger("ext", 0); |
1307 EXPECT_STATUS(Status::ErrorJwkPropertyWrongType("ext", "boolean"), | 1380 EXPECT_EQ(Status::ErrorJwkPropertyWrongType("ext", "boolean"), |
1308 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1381 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1309 RestoreJwkOctDictionary(&dict); | 1382 RestoreJwkOctDictionary(&dict); |
1310 | 1383 |
1311 // Fail on invalid key_ops (wrong type). | 1384 // Fail on invalid key_ops (wrong type). |
1312 dict.SetBoolean("key_ops", true); | 1385 dict.SetBoolean("key_ops", true); |
1313 EXPECT_STATUS(Status::ErrorJwkPropertyWrongType("key_ops", "list"), | 1386 EXPECT_EQ(Status::ErrorJwkPropertyWrongType("key_ops", "list"), |
1314 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1387 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1315 RestoreJwkOctDictionary(&dict); | 1388 RestoreJwkOctDictionary(&dict); |
1316 | 1389 |
1317 // Fail on invalid key_ops (wrong element value). | 1390 // Fail on invalid key_ops (wrong element value). |
1318 base::ListValue* key_ops = new base::ListValue; | 1391 base::ListValue* key_ops = new base::ListValue; |
1319 // Note: the following call makes dict assume ownership of key_ops. | 1392 // Note: the following call makes dict assume ownership of key_ops. |
1320 dict.Set("key_ops", key_ops); | 1393 dict.Set("key_ops", key_ops); |
1321 key_ops->AppendString("foo"); | 1394 key_ops->AppendString("foo"); |
1322 EXPECT_STATUS(Status::ErrorJwkUnrecognizedKeyop(), | 1395 EXPECT_EQ(Status::ErrorJwkUnrecognizedKeyop(), |
1323 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1396 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1324 RestoreJwkOctDictionary(&dict); | 1397 RestoreJwkOctDictionary(&dict); |
1325 } | 1398 } |
1326 | 1399 |
1327 TEST_F(SharedCryptoTest, ImportJwkOctFailures) { | 1400 TEST_F(SharedCryptoTest, ImportJwkOctFailures) { |
1328 base::DictionaryValue dict; | 1401 base::DictionaryValue dict; |
1329 RestoreJwkOctDictionary(&dict); | 1402 RestoreJwkOctDictionary(&dict); |
1330 blink::WebCryptoAlgorithm algorithm = | 1403 blink::WebCryptoAlgorithm algorithm = |
1331 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); | 1404 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); |
1332 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; | 1405 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; |
1333 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1406 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1334 | 1407 |
1335 // Baseline pass. | 1408 // Baseline pass. |
1336 EXPECT_STATUS_SUCCESS( | 1409 EXPECT_EQ(Status::Success(), |
1337 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1410 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1338 EXPECT_EQ(algorithm.id(), key.algorithm().id()); | 1411 EXPECT_EQ(algorithm.id(), key.algorithm().id()); |
1339 EXPECT_FALSE(key.extractable()); | 1412 EXPECT_FALSE(key.extractable()); |
1340 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); | 1413 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); |
1341 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 1414 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
1342 | 1415 |
1343 // The following are specific failure cases for when kty = "oct". | 1416 // The following are specific failure cases for when kty = "oct". |
1344 | 1417 |
1345 // Fail on missing k. | 1418 // Fail on missing k. |
1346 dict.Remove("k", NULL); | 1419 dict.Remove("k", NULL); |
1347 EXPECT_STATUS(Status::ErrorJwkPropertyMissing("k"), | 1420 EXPECT_EQ(Status::ErrorJwkPropertyMissing("k"), |
1348 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1421 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1349 RestoreJwkOctDictionary(&dict); | 1422 RestoreJwkOctDictionary(&dict); |
1350 | 1423 |
1351 // Fail on bad b64 encoding for k. | 1424 // Fail on bad b64 encoding for k. |
1352 dict.SetString("k", "Qk3f0DsytU8lfza2au #$% Htaw2xpop9GYyTuH0p5GghxTI="); | 1425 dict.SetString("k", "Qk3f0DsytU8lfza2au #$% Htaw2xpop9GYyTuH0p5GghxTI="); |
1353 EXPECT_STATUS(Status::ErrorJwkBase64Decode("k"), | 1426 EXPECT_EQ(Status::ErrorJwkBase64Decode("k"), |
1354 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1427 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1355 RestoreJwkOctDictionary(&dict); | 1428 RestoreJwkOctDictionary(&dict); |
1356 | 1429 |
1357 // Fail on empty k. | 1430 // Fail on empty k. |
1358 dict.SetString("k", ""); | 1431 dict.SetString("k", ""); |
1359 EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), | 1432 EXPECT_EQ(Status::ErrorJwkIncorrectKeyLength(), |
1360 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1433 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1361 RestoreJwkOctDictionary(&dict); | 1434 RestoreJwkOctDictionary(&dict); |
1362 | 1435 |
1363 // Fail on k actual length (120 bits) inconsistent with the embedded JWK alg | 1436 // Fail on k actual length (120 bits) inconsistent with the embedded JWK alg |
1364 // value (128) for an AES key. | 1437 // value (128) for an AES key. |
1365 dict.SetString("k", "AVj42h0Y5aqGtE3yluKL"); | 1438 dict.SetString("k", "AVj42h0Y5aqGtE3yluKL"); |
1366 EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), | 1439 EXPECT_EQ(Status::ErrorJwkIncorrectKeyLength(), |
1367 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1440 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1368 RestoreJwkOctDictionary(&dict); | 1441 RestoreJwkOctDictionary(&dict); |
1369 | 1442 |
1370 // Fail on k actual length (192 bits) inconsistent with the embedded JWK alg | 1443 // Fail on k actual length (192 bits) inconsistent with the embedded JWK alg |
1371 // value (128) for an AES key. | 1444 // value (128) for an AES key. |
1372 dict.SetString("k", "dGhpcyAgaXMgIDI0ICBieXRlcyBsb25n"); | 1445 dict.SetString("k", "dGhpcyAgaXMgIDI0ICBieXRlcyBsb25n"); |
1373 EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), | 1446 EXPECT_EQ(Status::ErrorJwkIncorrectKeyLength(), |
1374 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1447 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1375 RestoreJwkOctDictionary(&dict); | 1448 RestoreJwkOctDictionary(&dict); |
1376 } | 1449 } |
1377 | 1450 |
1378 TEST_F(SharedCryptoTest, MAYBE(ImportExportJwkRsaPublicKey)) { | 1451 TEST_F(SharedCryptoTest, MAYBE(ImportExportJwkRsaPublicKey)) { |
1379 // This test uses kPublicKeySpkiDerHex as the RSA key. The data below | 1452 // This test uses kPublicKeySpkiDerHex as the RSA key. The data below |
1380 // represents the modulus and public exponent extracted from this SPKI blob. | 1453 // represents the modulus and public exponent extracted from this SPKI blob. |
1381 // These values appear explicitly in the JWK rendering of the key. | 1454 // These values appear explicitly in the JWK rendering of the key. |
1382 const std::string n_hex = | 1455 const std::string n_hex = |
1383 "A56E4A0E701017589A5187DC7EA841D156F2EC0E36AD52A44DFEB1E61F7AD991D8C51056" | 1456 "A56E4A0E701017589A5187DC7EA841D156F2EC0E36AD52A44DFEB1E61F7AD991D8C51056" |
1384 "FFEDB162B4C0F283A12A88A394DFF526AB7291CBB307CEABFCE0B1DFD5CD9508096D5B2B" | 1457 "FFEDB162B4C0F283A12A88A394DFF526AB7291CBB307CEABFCE0B1DFD5CD9508096D5B2B" |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1416 blink::WebCryptoAlgorithmIdSha512), | 1489 blink::WebCryptoAlgorithmIdSha512), |
1417 blink::WebCryptoKeyUsageSign, "RS512"}}; | 1490 blink::WebCryptoKeyUsageSign, "RS512"}}; |
1418 | 1491 |
1419 for (size_t test_index = 0; test_index < ARRAYSIZE_UNSAFE(kTests); | 1492 for (size_t test_index = 0; test_index < ARRAYSIZE_UNSAFE(kTests); |
1420 ++test_index) { | 1493 ++test_index) { |
1421 SCOPED_TRACE(test_index); | 1494 SCOPED_TRACE(test_index); |
1422 const TestCase& test = kTests[test_index]; | 1495 const TestCase& test = kTests[test_index]; |
1423 | 1496 |
1424 // Import the spki to create a public key | 1497 // Import the spki to create a public key |
1425 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1498 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
1426 ASSERT_STATUS_SUCCESS( | 1499 ASSERT_EQ(Status::Success(), |
1427 ImportKey(blink::WebCryptoKeyFormatSpki, | 1500 ImportKey(blink::WebCryptoKeyFormatSpki, |
1428 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), | 1501 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), |
1429 test.algorithm, | 1502 test.algorithm, |
1430 true, | 1503 true, |
1431 test.usage, | 1504 test.usage, |
1432 &public_key)); | 1505 &public_key)); |
1433 | 1506 |
1434 // Export the public key as JWK and verify its contents | 1507 // Export the public key as JWK and verify its contents |
1435 blink::WebArrayBuffer jwk; | 1508 blink::WebArrayBuffer jwk; |
1436 ASSERT_STATUS_SUCCESS( | 1509 ASSERT_EQ(Status::Success(), |
1437 ExportKey(blink::WebCryptoKeyFormatJwk, public_key, &jwk)); | 1510 ExportKey(blink::WebCryptoKeyFormatJwk, public_key, &jwk)); |
1438 EXPECT_TRUE(VerifyPublicJwk(jwk, test.jwk_alg, n_hex, e_hex, test.usage)); | 1511 EXPECT_TRUE(VerifyPublicJwk(jwk, test.jwk_alg, n_hex, e_hex, test.usage)); |
1439 | 1512 |
1440 // Import the JWK back in to create a new key | 1513 // Import the JWK back in to create a new key |
1441 blink::WebCryptoKey public_key2 = blink::WebCryptoKey::createNull(); | 1514 blink::WebCryptoKey public_key2 = blink::WebCryptoKey::createNull(); |
1442 EXPECT_STATUS_SUCCESS(ImportKeyJwk( | 1515 EXPECT_EQ( |
1443 CryptoData(jwk), test.algorithm, true, test.usage, &public_key2)); | 1516 Status::Success(), |
1517 ImportKeyJwk( | |
1518 CryptoData(jwk), test.algorithm, true, test.usage, &public_key2)); | |
1444 EXPECT_TRUE(public_key2.handle()); | 1519 EXPECT_TRUE(public_key2.handle()); |
1445 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key2.type()); | 1520 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key2.type()); |
1446 EXPECT_EQ(true, public_key2.extractable()); | 1521 EXPECT_EQ(true, public_key2.extractable()); |
1447 EXPECT_EQ(test.algorithm.id(), public_key2.algorithm().id()); | 1522 EXPECT_EQ(test.algorithm.id(), public_key2.algorithm().id()); |
1448 | 1523 |
1449 // Export the new key as spki and compare to the original. | 1524 // Export the new key as spki and compare to the original. |
1450 blink::WebArrayBuffer spki; | 1525 blink::WebArrayBuffer spki; |
1451 ASSERT_STATUS_SUCCESS( | 1526 ASSERT_EQ(Status::Success(), |
1452 ExportKey(blink::WebCryptoKeyFormatSpki, public_key2, &spki)); | 1527 ExportKey(blink::WebCryptoKeyFormatSpki, public_key2, &spki)); |
1453 ExpectCryptoDataMatchesHex(kPublicKeySpkiDerHex, CryptoData(spki)); | 1528 ExpectCryptoDataMatchesHex(kPublicKeySpkiDerHex, CryptoData(spki)); |
1454 } | 1529 } |
1455 } | 1530 } |
1456 | 1531 |
1457 TEST_F(SharedCryptoTest, MAYBE(ImportJwkRsaFailures)) { | 1532 TEST_F(SharedCryptoTest, MAYBE(ImportJwkRsaFailures)) { |
1458 base::DictionaryValue dict; | 1533 base::DictionaryValue dict; |
1459 RestoreJwkRsaDictionary(&dict); | 1534 RestoreJwkRsaDictionary(&dict); |
1460 blink::WebCryptoAlgorithm algorithm = | 1535 blink::WebCryptoAlgorithm algorithm = |
1461 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 1536 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
1462 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; | 1537 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; |
1463 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1538 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1464 | 1539 |
1465 // An RSA public key JWK _must_ have an "n" (modulus) and an "e" (exponent) | 1540 // An RSA public key JWK _must_ have an "n" (modulus) and an "e" (exponent) |
1466 // entry, while an RSA private key must have those plus at least a "d" | 1541 // entry, while an RSA private key must have those plus at least a "d" |
1467 // (private exponent) entry. | 1542 // (private exponent) entry. |
1468 // See http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-18, | 1543 // See http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-18, |
1469 // section 6.3. | 1544 // section 6.3. |
1470 | 1545 |
1471 // Baseline pass. | 1546 // Baseline pass. |
1472 EXPECT_STATUS_SUCCESS( | 1547 EXPECT_EQ(Status::Success(), |
1473 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1548 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1474 EXPECT_EQ(algorithm.id(), key.algorithm().id()); | 1549 EXPECT_EQ(algorithm.id(), key.algorithm().id()); |
1475 EXPECT_FALSE(key.extractable()); | 1550 EXPECT_FALSE(key.extractable()); |
1476 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); | 1551 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); |
1477 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); | 1552 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); |
1478 | 1553 |
1479 // The following are specific failure cases for when kty = "RSA". | 1554 // The following are specific failure cases for when kty = "RSA". |
1480 | 1555 |
1481 // Fail if either "n" or "e" is not present or malformed. | 1556 // Fail if either "n" or "e" is not present or malformed. |
1482 const std::string kKtyParmName[] = {"n", "e"}; | 1557 const std::string kKtyParmName[] = {"n", "e"}; |
1483 for (size_t idx = 0; idx < ARRAYSIZE_UNSAFE(kKtyParmName); ++idx) { | 1558 for (size_t idx = 0; idx < ARRAYSIZE_UNSAFE(kKtyParmName); ++idx) { |
1484 // Fail on missing parameter. | 1559 // Fail on missing parameter. |
1485 dict.Remove(kKtyParmName[idx], NULL); | 1560 dict.Remove(kKtyParmName[idx], NULL); |
1486 EXPECT_STATUS_ERROR( | 1561 EXPECT_NE(Status::Success(), |
1487 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1562 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1488 RestoreJwkRsaDictionary(&dict); | 1563 RestoreJwkRsaDictionary(&dict); |
1489 | 1564 |
1490 // Fail on bad b64 parameter encoding. | 1565 // Fail on bad b64 parameter encoding. |
1491 dict.SetString(kKtyParmName[idx], "Qk3f0DsytU8lfza2au #$% Htaw2xpop9yTuH0"); | 1566 dict.SetString(kKtyParmName[idx], "Qk3f0DsytU8lfza2au #$% Htaw2xpop9yTuH0"); |
1492 EXPECT_STATUS_ERROR( | 1567 EXPECT_NE(Status::Success(), |
1493 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1568 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1494 RestoreJwkRsaDictionary(&dict); | 1569 RestoreJwkRsaDictionary(&dict); |
1495 | 1570 |
1496 // Fail on empty parameter. | 1571 // Fail on empty parameter. |
1497 dict.SetString(kKtyParmName[idx], ""); | 1572 dict.SetString(kKtyParmName[idx], ""); |
1498 EXPECT_STATUS_ERROR( | 1573 EXPECT_NE(Status::Success(), |
1499 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1574 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1500 RestoreJwkRsaDictionary(&dict); | 1575 RestoreJwkRsaDictionary(&dict); |
1501 } | 1576 } |
1502 | 1577 |
1503 // Fail if "d" parameter is present, implying the JWK is a private key, which | 1578 // Fail if "d" parameter is present, implying the JWK is a private key, which |
1504 // is not supported. | 1579 // is not supported. |
1505 dict.SetString("d", "Qk3f0Dsyt"); | 1580 dict.SetString("d", "Qk3f0Dsyt"); |
1506 EXPECT_STATUS(Status::ErrorJwkRsaPrivateKeyUnsupported(), | 1581 EXPECT_EQ(Status::ErrorJwkRsaPrivateKeyUnsupported(), |
1507 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1582 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1508 RestoreJwkRsaDictionary(&dict); | 1583 RestoreJwkRsaDictionary(&dict); |
1509 } | 1584 } |
1510 | 1585 |
1511 TEST_F(SharedCryptoTest, MAYBE(ImportJwkInputConsistency)) { | 1586 TEST_F(SharedCryptoTest, MAYBE(ImportJwkInputConsistency)) { |
1512 // The Web Crypto spec says that if a JWK value is present, but is | 1587 // The Web Crypto spec says that if a JWK value is present, but is |
1513 // inconsistent with the input value, the operation must fail. | 1588 // inconsistent with the input value, the operation must fail. |
1514 | 1589 |
1515 // Consistency rules when JWK value is not present: Inputs should be used. | 1590 // Consistency rules when JWK value is not present: Inputs should be used. |
1516 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1591 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1517 bool extractable = false; | 1592 bool extractable = false; |
1518 blink::WebCryptoAlgorithm algorithm = | 1593 blink::WebCryptoAlgorithm algorithm = |
1519 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256); | 1594 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256); |
1520 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageVerify; | 1595 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageVerify; |
1521 base::DictionaryValue dict; | 1596 base::DictionaryValue dict; |
1522 dict.SetString("kty", "oct"); | 1597 dict.SetString("kty", "oct"); |
1523 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); | 1598 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); |
1524 std::vector<uint8> json_vec = MakeJsonVector(dict); | 1599 std::vector<uint8> json_vec = MakeJsonVector(dict); |
1525 EXPECT_STATUS_SUCCESS(ImportKeyJwk( | 1600 EXPECT_EQ( |
1526 CryptoData(json_vec), algorithm, extractable, usage_mask, &key)); | 1601 Status::Success(), |
1602 ImportKeyJwk( | |
1603 CryptoData(json_vec), algorithm, extractable, usage_mask, &key)); | |
1527 EXPECT_TRUE(key.handle()); | 1604 EXPECT_TRUE(key.handle()); |
1528 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 1605 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
1529 EXPECT_EQ(extractable, key.extractable()); | 1606 EXPECT_EQ(extractable, key.extractable()); |
1530 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); | 1607 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); |
1531 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, | 1608 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, |
1532 key.algorithm().hmacParams()->hash().id()); | 1609 key.algorithm().hmacParams()->hash().id()); |
1533 EXPECT_EQ(320u, key.algorithm().hmacParams()->lengthBits()); | 1610 EXPECT_EQ(320u, key.algorithm().hmacParams()->lengthBits()); |
1534 EXPECT_EQ(blink::WebCryptoKeyUsageVerify, key.usages()); | 1611 EXPECT_EQ(blink::WebCryptoKeyUsageVerify, key.usages()); |
1535 key = blink::WebCryptoKey::createNull(); | 1612 key = blink::WebCryptoKey::createNull(); |
1536 | 1613 |
1537 // Consistency rules when JWK value exists: Fail if inconsistency is found. | 1614 // Consistency rules when JWK value exists: Fail if inconsistency is found. |
1538 | 1615 |
1539 // Pass: All input values are consistent with the JWK values. | 1616 // Pass: All input values are consistent with the JWK values. |
1540 dict.Clear(); | 1617 dict.Clear(); |
1541 dict.SetString("kty", "oct"); | 1618 dict.SetString("kty", "oct"); |
1542 dict.SetString("alg", "HS256"); | 1619 dict.SetString("alg", "HS256"); |
1543 dict.SetString("use", "sig"); | 1620 dict.SetString("use", "sig"); |
1544 dict.SetBoolean("ext", false); | 1621 dict.SetBoolean("ext", false); |
1545 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); | 1622 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); |
1546 json_vec = MakeJsonVector(dict); | 1623 json_vec = MakeJsonVector(dict); |
1547 EXPECT_STATUS_SUCCESS(ImportKeyJwk( | 1624 EXPECT_EQ( |
1548 CryptoData(json_vec), algorithm, extractable, usage_mask, &key)); | 1625 Status::Success(), |
1626 ImportKeyJwk( | |
1627 CryptoData(json_vec), algorithm, extractable, usage_mask, &key)); | |
1549 | 1628 |
1550 // Extractable cases: | 1629 // Extractable cases: |
1551 // 1. input=T, JWK=F ==> fail (inconsistent) | 1630 // 1. input=T, JWK=F ==> fail (inconsistent) |
1552 // 4. input=F, JWK=F ==> pass, result extractable is F | 1631 // 4. input=F, JWK=F ==> pass, result extractable is F |
1553 // 2. input=T, JWK=T ==> pass, result extractable is T | 1632 // 2. input=T, JWK=T ==> pass, result extractable is T |
1554 // 3. input=F, JWK=T ==> pass, result extractable is F | 1633 // 3. input=F, JWK=T ==> pass, result extractable is F |
1555 EXPECT_STATUS( | 1634 EXPECT_EQ( |
1556 Status::ErrorJwkExtInconsistent(), | 1635 Status::ErrorJwkExtInconsistent(), |
1557 ImportKeyJwk(CryptoData(json_vec), algorithm, true, usage_mask, &key)); | 1636 ImportKeyJwk(CryptoData(json_vec), algorithm, true, usage_mask, &key)); |
1558 EXPECT_STATUS_SUCCESS( | 1637 EXPECT_EQ( |
1638 Status::Success(), | |
1559 ImportKeyJwk(CryptoData(json_vec), algorithm, false, usage_mask, &key)); | 1639 ImportKeyJwk(CryptoData(json_vec), algorithm, false, usage_mask, &key)); |
1560 EXPECT_FALSE(key.extractable()); | 1640 EXPECT_FALSE(key.extractable()); |
1561 dict.SetBoolean("ext", true); | 1641 dict.SetBoolean("ext", true); |
1562 EXPECT_STATUS_SUCCESS( | 1642 EXPECT_EQ(Status::Success(), |
1563 ImportKeyJwkFromDict(dict, algorithm, true, usage_mask, &key)); | 1643 ImportKeyJwkFromDict(dict, algorithm, true, usage_mask, &key)); |
1564 EXPECT_TRUE(key.extractable()); | 1644 EXPECT_TRUE(key.extractable()); |
1565 EXPECT_STATUS_SUCCESS( | 1645 EXPECT_EQ(Status::Success(), |
1566 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1646 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1567 EXPECT_FALSE(key.extractable()); | 1647 EXPECT_FALSE(key.extractable()); |
1568 dict.SetBoolean("ext", true); // restore previous value | 1648 dict.SetBoolean("ext", true); // restore previous value |
1569 | 1649 |
1570 // Fail: Input algorithm (AES-CBC) is inconsistent with JWK value | 1650 // Fail: Input algorithm (AES-CBC) is inconsistent with JWK value |
1571 // (HMAC SHA256). | 1651 // (HMAC SHA256). |
1572 EXPECT_STATUS(Status::ErrorJwkAlgorithmInconsistent(), | 1652 EXPECT_EQ(Status::ErrorJwkAlgorithmInconsistent(), |
1573 ImportKeyJwk(CryptoData(json_vec), | 1653 ImportKeyJwk(CryptoData(json_vec), |
1574 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 1654 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
1575 extractable, | 1655 extractable, |
1576 usage_mask, | 1656 usage_mask, |
1577 &key)); | 1657 &key)); |
1578 | 1658 |
1579 // Fail: Input algorithm (HMAC SHA1) is inconsistent with JWK value | 1659 // Fail: Input algorithm (HMAC SHA1) is inconsistent with JWK value |
1580 // (HMAC SHA256). | 1660 // (HMAC SHA256). |
1581 EXPECT_STATUS( | 1661 EXPECT_EQ( |
1582 Status::ErrorJwkAlgorithmInconsistent(), | 1662 Status::ErrorJwkAlgorithmInconsistent(), |
1583 ImportKeyJwk(CryptoData(json_vec), | 1663 ImportKeyJwk(CryptoData(json_vec), |
1584 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha1), | 1664 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha1), |
1585 extractable, | 1665 extractable, |
1586 usage_mask, | 1666 usage_mask, |
1587 &key)); | 1667 &key)); |
1588 | 1668 |
1589 // Pass: JWK alg missing but input algorithm specified: use input value | 1669 // Pass: JWK alg missing but input algorithm specified: use input value |
1590 dict.Remove("alg", NULL); | 1670 dict.Remove("alg", NULL); |
1591 EXPECT_STATUS_SUCCESS(ImportKeyJwkFromDict( | 1671 EXPECT_EQ(Status::Success(), |
1592 dict, | 1672 ImportKeyJwkFromDict( |
1593 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256), | 1673 dict, |
1594 extractable, | 1674 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256), |
1595 usage_mask, | 1675 extractable, |
1596 &key)); | 1676 usage_mask, |
1677 &key)); | |
1597 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); | 1678 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); |
1598 dict.SetString("alg", "HS256"); | 1679 dict.SetString("alg", "HS256"); |
1599 | 1680 |
1600 // Fail: Input usage_mask (encrypt) is not a subset of the JWK value | 1681 // Fail: Input usage_mask (encrypt) is not a subset of the JWK value |
1601 // (sign|verify) | 1682 // (sign|verify) |
1602 EXPECT_STATUS(Status::ErrorJwkUseInconsistent(), | 1683 EXPECT_EQ(Status::ErrorJwkUseInconsistent(), |
1603 ImportKeyJwk(CryptoData(json_vec), | 1684 ImportKeyJwk(CryptoData(json_vec), |
1604 algorithm, | 1685 algorithm, |
1605 extractable, | 1686 extractable, |
1606 blink::WebCryptoKeyUsageEncrypt, | 1687 blink::WebCryptoKeyUsageEncrypt, |
1607 &key)); | 1688 &key)); |
1608 | 1689 |
1609 // Fail: Input usage_mask (encrypt|sign|verify) is not a subset of the JWK | 1690 // Fail: Input usage_mask (encrypt|sign|verify) is not a subset of the JWK |
1610 // value (sign|verify) | 1691 // value (sign|verify) |
1611 usage_mask = blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageSign | | 1692 usage_mask = blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageSign | |
1612 blink::WebCryptoKeyUsageVerify; | 1693 blink::WebCryptoKeyUsageVerify; |
1613 EXPECT_STATUS( | 1694 EXPECT_EQ( |
1614 Status::ErrorJwkUseInconsistent(), | 1695 Status::ErrorJwkUseInconsistent(), |
1615 ImportKeyJwk( | 1696 ImportKeyJwk( |
1616 CryptoData(json_vec), algorithm, extractable, usage_mask, &key)); | 1697 CryptoData(json_vec), algorithm, extractable, usage_mask, &key)); |
1617 | 1698 |
1618 // TODO(padolph): kty vs alg consistency tests: Depending on the kty value, | 1699 // TODO(padolph): kty vs alg consistency tests: Depending on the kty value, |
1619 // only certain alg values are permitted. For example, when kty = "RSA" alg | 1700 // only certain alg values are permitted. For example, when kty = "RSA" alg |
1620 // must be of the RSA family, or when kty = "oct" alg must be symmetric | 1701 // must be of the RSA family, or when kty = "oct" alg must be symmetric |
1621 // algorithm. | 1702 // algorithm. |
1622 | 1703 |
1623 // TODO(padolph): key_ops consistency tests | 1704 // TODO(padolph): key_ops consistency tests |
(...skipping 12 matching lines...) Expand all Loading... | |
1636 // Import a symmetric key JWK and HMAC-SHA256 sign() | 1717 // Import a symmetric key JWK and HMAC-SHA256 sign() |
1637 // Uses the first SHA256 test vector from the HMAC sample set above. | 1718 // Uses the first SHA256 test vector from the HMAC sample set above. |
1638 | 1719 |
1639 base::DictionaryValue dict; | 1720 base::DictionaryValue dict; |
1640 dict.SetString("kty", "oct"); | 1721 dict.SetString("kty", "oct"); |
1641 dict.SetString("alg", "HS256"); | 1722 dict.SetString("alg", "HS256"); |
1642 dict.SetString("use", "sig"); | 1723 dict.SetString("use", "sig"); |
1643 dict.SetBoolean("ext", false); | 1724 dict.SetBoolean("ext", false); |
1644 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); | 1725 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); |
1645 | 1726 |
1646 ASSERT_STATUS_SUCCESS( | 1727 ASSERT_EQ( |
1728 Status::Success(), | |
1647 ImportKeyJwkFromDict(dict, algorithm, extractable, usage_mask, &key)); | 1729 ImportKeyJwkFromDict(dict, algorithm, extractable, usage_mask, &key)); |
1648 | 1730 |
1649 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, | 1731 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, |
1650 key.algorithm().hmacParams()->hash().id()); | 1732 key.algorithm().hmacParams()->hash().id()); |
1651 | 1733 |
1652 const std::vector<uint8> message_raw = HexStringToBytes( | 1734 const std::vector<uint8> message_raw = HexStringToBytes( |
1653 "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a" | 1735 "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a" |
1654 "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92" | 1736 "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92" |
1655 "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f" | 1737 "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f" |
1656 "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e"); | 1738 "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e"); |
1657 | 1739 |
1658 blink::WebArrayBuffer output; | 1740 blink::WebArrayBuffer output; |
1659 | 1741 |
1660 ASSERT_STATUS_SUCCESS(Sign(CreateAlgorithm(blink::WebCryptoAlgorithmIdHmac), | 1742 ASSERT_EQ(Status::Success(), |
1661 key, | 1743 Sign(CreateAlgorithm(blink::WebCryptoAlgorithmIdHmac), |
1662 CryptoData(message_raw), | 1744 key, |
1663 &output)); | 1745 CryptoData(message_raw), |
1746 &output)); | |
1664 | 1747 |
1665 const std::string mac_raw = | 1748 const std::string mac_raw = |
1666 "769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b"; | 1749 "769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b"; |
1667 | 1750 |
1668 ExpectArrayBufferMatchesHex(mac_raw, output); | 1751 ExpectArrayBufferMatchesHex(mac_raw, output); |
1669 | 1752 |
1670 // TODO(padolph): Import an RSA public key JWK and use it | 1753 // TODO(padolph): Import an RSA public key JWK and use it |
1671 } | 1754 } |
1672 | 1755 |
1673 TEST_F(SharedCryptoTest, MAYBE(ImportExportJwkSymmetricKey)) { | 1756 TEST_F(SharedCryptoTest, MAYBE(ImportExportJwkSymmetricKey)) { |
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1742 // HMAC SHA-384 | 1825 // HMAC SHA-384 |
1743 {key_hex_384, hmac_sha_384_alg, blink::WebCryptoKeyUsageSign, "HS384"}, | 1826 {key_hex_384, hmac_sha_384_alg, blink::WebCryptoKeyUsageSign, "HS384"}, |
1744 // HMAC SHA-512 | 1827 // HMAC SHA-512 |
1745 {key_hex_512, hmac_sha_512_alg, blink::WebCryptoKeyUsageVerify, "HS512"}, | 1828 {key_hex_512, hmac_sha_512_alg, blink::WebCryptoKeyUsageVerify, "HS512"}, |
1746 // Large usage value | 1829 // Large usage value |
1747 {key_hex_256, aes_cbc_alg, | 1830 {key_hex_256, aes_cbc_alg, |
1748 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt | | 1831 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt | |
1749 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey, | 1832 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey, |
1750 "A256CBC"}, | 1833 "A256CBC"}, |
1751 // Zero usage value | 1834 // Zero usage value |
1752 {key_hex_512, hmac_sha_512_alg, 0, "HS512"}, }; | 1835 {key_hex_512, hmac_sha_512_alg, 0, "HS512"}, |
1836 }; | |
1753 | 1837 |
1754 // Round-trip import/export each key. | 1838 // Round-trip import/export each key. |
1755 | 1839 |
1756 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1840 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1757 blink::WebArrayBuffer json; | 1841 blink::WebArrayBuffer json; |
1758 for (size_t test_index = 0; test_index < ARRAYSIZE_UNSAFE(kTests); | 1842 for (size_t test_index = 0; test_index < ARRAYSIZE_UNSAFE(kTests); |
1759 ++test_index) { | 1843 ++test_index) { |
1760 SCOPED_TRACE(test_index); | 1844 SCOPED_TRACE(test_index); |
1761 const TestCase& test = kTests[test_index]; | 1845 const TestCase& test = kTests[test_index]; |
1762 | 1846 |
1763 // Skip AES-GCM tests where not supported. | 1847 // Skip AES-GCM tests where not supported. |
1764 if (test.algorithm.id() == blink::WebCryptoAlgorithmIdAesGcm && | 1848 if (test.algorithm.id() == blink::WebCryptoAlgorithmIdAesGcm && |
1765 !SupportsAesGcm()) { | 1849 !SupportsAesGcm()) { |
1766 continue; | 1850 continue; |
1767 } | 1851 } |
1768 | 1852 |
1769 // Import a raw key. | 1853 // Import a raw key. |
1770 key = ImportSecretKeyFromRaw( | 1854 key = ImportSecretKeyFromRaw( |
1771 HexStringToBytes(test.key_hex), test.algorithm, test.usage); | 1855 HexStringToBytes(test.key_hex), test.algorithm, test.usage); |
1772 | 1856 |
1773 // Export the key in JWK format and validate. | 1857 // Export the key in JWK format and validate. |
1774 ASSERT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatJwk, key, &json)); | 1858 ASSERT_EQ(Status::Success(), |
1859 ExportKey(blink::WebCryptoKeyFormatJwk, key, &json)); | |
1775 EXPECT_TRUE(VerifySecretJwk(json, test.jwk_alg, test.key_hex, test.usage)); | 1860 EXPECT_TRUE(VerifySecretJwk(json, test.jwk_alg, test.key_hex, test.usage)); |
1776 | 1861 |
1777 // Import the JWK-formatted key. | 1862 // Import the JWK-formatted key. |
1778 ASSERT_STATUS_SUCCESS( | 1863 ASSERT_EQ( |
1864 Status::Success(), | |
1779 ImportKeyJwk(CryptoData(json), test.algorithm, true, test.usage, &key)); | 1865 ImportKeyJwk(CryptoData(json), test.algorithm, true, test.usage, &key)); |
1780 EXPECT_TRUE(key.handle()); | 1866 EXPECT_TRUE(key.handle()); |
1781 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 1867 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
1782 EXPECT_EQ(test.algorithm.id(), key.algorithm().id()); | 1868 EXPECT_EQ(test.algorithm.id(), key.algorithm().id()); |
1783 EXPECT_EQ(true, key.extractable()); | 1869 EXPECT_EQ(true, key.extractable()); |
1784 EXPECT_EQ(test.usage, key.usages()); | 1870 EXPECT_EQ(test.usage, key.usages()); |
1785 | 1871 |
1786 // Export the key in raw format and compare to the original. | 1872 // Export the key in raw format and compare to the original. |
1787 blink::WebArrayBuffer key_raw_out; | 1873 blink::WebArrayBuffer key_raw_out; |
1788 ASSERT_STATUS_SUCCESS( | 1874 ASSERT_EQ(Status::Success(), |
1789 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out)); | 1875 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out)); |
1790 ExpectArrayBufferMatchesHex(test.key_hex, key_raw_out); | 1876 ExpectArrayBufferMatchesHex(test.key_hex, key_raw_out); |
1791 } | 1877 } |
1792 } | 1878 } |
1793 | 1879 |
1794 TEST_F(SharedCryptoTest, MAYBE(ImportExportSpki)) { | 1880 TEST_F(SharedCryptoTest, MAYBE(ImportExportSpki)) { |
1795 // Passing case: Import a valid RSA key in SPKI format. | 1881 // Passing case: Import a valid RSA key in SPKI format. |
1796 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1882 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1797 ASSERT_STATUS_SUCCESS( | 1883 ASSERT_EQ( |
1884 Status::Success(), | |
1798 ImportKey(blink::WebCryptoKeyFormatSpki, | 1885 ImportKey(blink::WebCryptoKeyFormatSpki, |
1799 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), | 1886 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), |
1800 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 1887 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1801 true, | 1888 true, |
1802 blink::WebCryptoKeyUsageEncrypt, | 1889 blink::WebCryptoKeyUsageEncrypt, |
1803 &key)); | 1890 &key)); |
1804 EXPECT_TRUE(key.handle()); | 1891 EXPECT_TRUE(key.handle()); |
1805 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); | 1892 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); |
1806 EXPECT_TRUE(key.extractable()); | 1893 EXPECT_TRUE(key.extractable()); |
1807 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); | 1894 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); |
1808 EXPECT_EQ(kModulusLengthBits, | 1895 EXPECT_EQ(kModulusLengthBits, |
1809 key.algorithm().rsaParams()->modulusLengthBits()); | 1896 key.algorithm().rsaParams()->modulusLengthBits()); |
1810 ExpectCryptoDataMatchesHex( | 1897 ExpectCryptoDataMatchesHex( |
1811 "010001", CryptoData(key.algorithm().rsaParams()->publicExponent())); | 1898 "010001", CryptoData(key.algorithm().rsaParams()->publicExponent())); |
1812 | 1899 |
1813 // Failing case: Empty SPKI data | 1900 // Failing case: Empty SPKI data |
1814 EXPECT_STATUS( | 1901 EXPECT_EQ( |
1815 Status::ErrorImportEmptyKeyData(), | 1902 Status::ErrorImportEmptyKeyData(), |
1816 ImportKey(blink::WebCryptoKeyFormatSpki, | 1903 ImportKey(blink::WebCryptoKeyFormatSpki, |
1817 CryptoData(std::vector<uint8>()), | 1904 CryptoData(std::vector<uint8>()), |
1818 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 1905 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1819 true, | 1906 true, |
1820 blink::WebCryptoKeyUsageEncrypt, | 1907 blink::WebCryptoKeyUsageEncrypt, |
1821 &key)); | 1908 &key)); |
1822 | 1909 |
1823 // Failing case: Bad DER encoding. | 1910 // Failing case: Bad DER encoding. |
1824 EXPECT_STATUS( | 1911 EXPECT_EQ( |
1825 Status::Error(), | 1912 Status::DataError(), |
1826 ImportKey(blink::WebCryptoKeyFormatSpki, | 1913 ImportKey(blink::WebCryptoKeyFormatSpki, |
1827 CryptoData(HexStringToBytes("618333c4cb")), | 1914 CryptoData(HexStringToBytes("618333c4cb")), |
1828 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 1915 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1829 true, | 1916 true, |
1830 blink::WebCryptoKeyUsageEncrypt, | 1917 blink::WebCryptoKeyUsageEncrypt, |
1831 &key)); | 1918 &key)); |
1832 | 1919 |
1833 // Failing case: Import RSA key but provide an inconsistent input algorithm. | 1920 // Failing case: Import RSA key but provide an inconsistent input algorithm. |
1834 EXPECT_STATUS(Status::Error(), | 1921 EXPECT_EQ(Status::DataError(), |
1835 ImportKey(blink::WebCryptoKeyFormatSpki, | 1922 ImportKey(blink::WebCryptoKeyFormatSpki, |
1836 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), | 1923 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), |
1837 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 1924 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
1838 true, | 1925 true, |
1839 blink::WebCryptoKeyUsageEncrypt, | 1926 blink::WebCryptoKeyUsageEncrypt, |
1840 &key)); | 1927 &key)); |
1841 | 1928 |
1842 // Passing case: Export a previously imported RSA public key in SPKI format | 1929 // Passing case: Export a previously imported RSA public key in SPKI format |
1843 // and compare to original data. | 1930 // and compare to original data. |
1844 blink::WebArrayBuffer output; | 1931 blink::WebArrayBuffer output; |
1845 ASSERT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); | 1932 ASSERT_EQ(Status::Success(), |
1933 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); | |
1846 ExpectArrayBufferMatchesHex(kPublicKeySpkiDerHex, output); | 1934 ExpectArrayBufferMatchesHex(kPublicKeySpkiDerHex, output); |
1847 | 1935 |
1848 // Failing case: Try to export a previously imported RSA public key in raw | 1936 // Failing case: Try to export a previously imported RSA public key in raw |
1849 // format (not allowed for a public key). | 1937 // format (not allowed for a public key). |
1850 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 1938 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), |
1851 ExportKey(blink::WebCryptoKeyFormatRaw, key, &output)); | 1939 ExportKey(blink::WebCryptoKeyFormatRaw, key, &output)); |
1852 | 1940 |
1853 // Failing case: Try to export a non-extractable key | 1941 // Failing case: Try to export a non-extractable key |
1854 ASSERT_STATUS_SUCCESS( | 1942 ASSERT_EQ( |
1943 Status::Success(), | |
1855 ImportKey(blink::WebCryptoKeyFormatSpki, | 1944 ImportKey(blink::WebCryptoKeyFormatSpki, |
1856 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), | 1945 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), |
1857 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 1946 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1858 false, | 1947 false, |
1859 blink::WebCryptoKeyUsageEncrypt, | 1948 blink::WebCryptoKeyUsageEncrypt, |
1860 &key)); | 1949 &key)); |
1861 EXPECT_TRUE(key.handle()); | 1950 EXPECT_TRUE(key.handle()); |
1862 EXPECT_FALSE(key.extractable()); | 1951 EXPECT_FALSE(key.extractable()); |
1863 EXPECT_STATUS(Status::ErrorKeyNotExtractable(), | 1952 EXPECT_EQ(Status::ErrorKeyNotExtractable(), |
1864 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); | 1953 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); |
1865 } | 1954 } |
1866 | 1955 |
1867 TEST_F(SharedCryptoTest, MAYBE(ImportExportPkcs8)) { | 1956 TEST_F(SharedCryptoTest, MAYBE(ImportExportPkcs8)) { |
1868 // Passing case: Import a valid RSA key in PKCS#8 format. | 1957 // Passing case: Import a valid RSA key in PKCS#8 format. |
1869 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1958 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1870 ASSERT_STATUS_SUCCESS(ImportKey( | 1959 ASSERT_EQ(Status::Success(), |
1871 blink::WebCryptoKeyFormatPkcs8, | 1960 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
1872 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), | 1961 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), |
1873 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1962 CreateRsaHashedImportAlgorithm( |
1874 blink::WebCryptoAlgorithmIdSha1), | 1963 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
1875 true, | 1964 blink::WebCryptoAlgorithmIdSha1), |
1876 blink::WebCryptoKeyUsageSign, | 1965 true, |
1877 &key)); | 1966 blink::WebCryptoKeyUsageSign, |
1967 &key)); | |
1878 EXPECT_TRUE(key.handle()); | 1968 EXPECT_TRUE(key.handle()); |
1879 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, key.type()); | 1969 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, key.type()); |
1880 EXPECT_TRUE(key.extractable()); | 1970 EXPECT_TRUE(key.extractable()); |
1881 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages()); | 1971 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages()); |
1882 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, | 1972 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, |
1883 key.algorithm().rsaHashedParams()->hash().id()); | 1973 key.algorithm().rsaHashedParams()->hash().id()); |
1884 EXPECT_EQ(kModulusLengthBits, | 1974 EXPECT_EQ(kModulusLengthBits, |
1885 key.algorithm().rsaHashedParams()->modulusLengthBits()); | 1975 key.algorithm().rsaHashedParams()->modulusLengthBits()); |
1886 ExpectCryptoDataMatchesHex( | 1976 ExpectCryptoDataMatchesHex( |
1887 "010001", | 1977 "010001", |
1888 CryptoData(key.algorithm().rsaHashedParams()->publicExponent())); | 1978 CryptoData(key.algorithm().rsaHashedParams()->publicExponent())); |
1889 | 1979 |
1890 blink::WebArrayBuffer exported_key; | 1980 blink::WebArrayBuffer exported_key; |
1891 ASSERT_STATUS_SUCCESS( | 1981 ASSERT_EQ(Status::Success(), |
1892 ExportKey(blink::WebCryptoKeyFormatPkcs8, key, &exported_key)); | 1982 ExportKey(blink::WebCryptoKeyFormatPkcs8, key, &exported_key)); |
1893 ExpectArrayBufferMatchesHex(kPrivateKeyPkcs8DerHex, exported_key); | 1983 ExpectArrayBufferMatchesHex(kPrivateKeyPkcs8DerHex, exported_key); |
1894 | 1984 |
1895 // Failing case: Empty PKCS#8 data | 1985 // Failing case: Empty PKCS#8 data |
1896 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), | 1986 EXPECT_EQ(Status::ErrorImportEmptyKeyData(), |
1897 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 1987 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
1898 CryptoData(std::vector<uint8>()), | 1988 CryptoData(std::vector<uint8>()), |
1899 CreateRsaHashedImportAlgorithm( | 1989 CreateRsaHashedImportAlgorithm( |
1900 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1990 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
1901 blink::WebCryptoAlgorithmIdSha1), | 1991 blink::WebCryptoAlgorithmIdSha1), |
1902 true, | 1992 true, |
1903 blink::WebCryptoKeyUsageSign, | 1993 blink::WebCryptoKeyUsageSign, |
1904 &key)); | 1994 &key)); |
1905 | 1995 |
1906 // Failing case: Bad DER encoding. | 1996 // Failing case: Bad DER encoding. |
1907 EXPECT_STATUS( | 1997 EXPECT_EQ( |
1908 Status::Error(), | 1998 Status::DataError(), |
1909 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 1999 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
1910 CryptoData(HexStringToBytes("618333c4cb")), | 2000 CryptoData(HexStringToBytes("618333c4cb")), |
1911 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), | 2001 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), |
1912 true, | 2002 true, |
1913 blink::WebCryptoKeyUsageSign, | 2003 blink::WebCryptoKeyUsageSign, |
1914 &key)); | 2004 &key)); |
1915 | 2005 |
1916 // Failing case: Import RSA key but provide an inconsistent input algorithm. | 2006 // Failing case: Import RSA key but provide an inconsistent input algorithm. |
1917 EXPECT_STATUS(Status::Error(), | 2007 EXPECT_EQ(Status::DataError(), |
1918 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 2008 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
1919 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), | 2009 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), |
1920 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 2010 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
1921 true, | 2011 true, |
1922 blink::WebCryptoKeyUsageSign, | 2012 blink::WebCryptoKeyUsageSign, |
1923 &key)); | 2013 &key)); |
1924 } | 2014 } |
1925 | 2015 |
1926 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyPairRsa)) { | 2016 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyPairRsa)) { |
1927 // Note: using unrealistic short key lengths here to avoid bogging down tests. | 2017 // Note: using unrealistic short key lengths here to avoid bogging down tests. |
1928 | 2018 |
1929 // Successful WebCryptoAlgorithmIdRsaEsPkcs1v1_5 key generation. | 2019 // Successful WebCryptoAlgorithmIdRsaEsPkcs1v1_5 key generation. |
1930 const unsigned int modulus_length = 256; | 2020 const unsigned int modulus_length = 256; |
1931 const std::vector<uint8> public_exponent = HexStringToBytes("010001"); | 2021 const std::vector<uint8> public_exponent = HexStringToBytes("010001"); |
1932 blink::WebCryptoAlgorithm algorithm = | 2022 blink::WebCryptoAlgorithm algorithm = |
1933 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | 2023 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
1934 modulus_length, | 2024 modulus_length, |
1935 public_exponent); | 2025 public_exponent); |
1936 bool extractable = true; | 2026 bool extractable = true; |
1937 const blink::WebCryptoKeyUsageMask usage_mask = 0; | 2027 const blink::WebCryptoKeyUsageMask usage_mask = 0; |
1938 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 2028 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
1939 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 2029 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
1940 ASSERT_STATUS_SUCCESS(GenerateKeyPair( | 2030 ASSERT_EQ(Status::Success(), |
1941 algorithm, extractable, usage_mask, &public_key, &private_key)); | 2031 GenerateKeyPair( |
2032 algorithm, extractable, usage_mask, &public_key, &private_key)); | |
1942 EXPECT_FALSE(public_key.isNull()); | 2033 EXPECT_FALSE(public_key.isNull()); |
1943 EXPECT_FALSE(private_key.isNull()); | 2034 EXPECT_FALSE(private_key.isNull()); |
1944 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 2035 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
1945 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 2036 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
1946 EXPECT_TRUE(public_key.extractable()); | 2037 EXPECT_TRUE(public_key.extractable()); |
1947 EXPECT_EQ(extractable, private_key.extractable()); | 2038 EXPECT_EQ(extractable, private_key.extractable()); |
1948 EXPECT_EQ(usage_mask, public_key.usages()); | 2039 EXPECT_EQ(usage_mask, public_key.usages()); |
1949 EXPECT_EQ(usage_mask, private_key.usages()); | 2040 EXPECT_EQ(usage_mask, private_key.usages()); |
1950 | 2041 |
1951 // Try exporting the generated key pair, and then re-importing to verify that | 2042 // Try exporting the generated key pair, and then re-importing to verify that |
1952 // the exported data was valid. | 2043 // the exported data was valid. |
1953 blink::WebArrayBuffer public_key_spki; | 2044 blink::WebArrayBuffer public_key_spki; |
1954 EXPECT_STATUS_SUCCESS( | 2045 EXPECT_EQ( |
2046 Status::Success(), | |
1955 ExportKey(blink::WebCryptoKeyFormatSpki, public_key, &public_key_spki)); | 2047 ExportKey(blink::WebCryptoKeyFormatSpki, public_key, &public_key_spki)); |
1956 public_key = blink::WebCryptoKey::createNull(); | 2048 public_key = blink::WebCryptoKey::createNull(); |
1957 EXPECT_STATUS_SUCCESS( | 2049 EXPECT_EQ( |
2050 Status::Success(), | |
1958 ImportKey(blink::WebCryptoKeyFormatSpki, | 2051 ImportKey(blink::WebCryptoKeyFormatSpki, |
1959 CryptoData(public_key_spki), | 2052 CryptoData(public_key_spki), |
1960 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 2053 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1961 true, | 2054 true, |
1962 usage_mask, | 2055 usage_mask, |
1963 &public_key)); | 2056 &public_key)); |
1964 EXPECT_EQ(modulus_length, | 2057 EXPECT_EQ(modulus_length, |
1965 public_key.algorithm().rsaParams()->modulusLengthBits()); | 2058 public_key.algorithm().rsaParams()->modulusLengthBits()); |
1966 | 2059 |
1967 blink::WebArrayBuffer private_key_pkcs8; | 2060 blink::WebArrayBuffer private_key_pkcs8; |
1968 EXPECT_STATUS_SUCCESS(ExportKey( | 2061 EXPECT_EQ( |
1969 blink::WebCryptoKeyFormatPkcs8, private_key, &private_key_pkcs8)); | 2062 Status::Success(), |
2063 ExportKey( | |
2064 blink::WebCryptoKeyFormatPkcs8, private_key, &private_key_pkcs8)); | |
1970 private_key = blink::WebCryptoKey::createNull(); | 2065 private_key = blink::WebCryptoKey::createNull(); |
1971 EXPECT_STATUS_SUCCESS( | 2066 EXPECT_EQ( |
2067 Status::Success(), | |
1972 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 2068 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
1973 CryptoData(private_key_pkcs8), | 2069 CryptoData(private_key_pkcs8), |
1974 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 2070 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1975 true, | 2071 true, |
1976 usage_mask, | 2072 usage_mask, |
1977 &private_key)); | 2073 &private_key)); |
1978 EXPECT_EQ(modulus_length, | 2074 EXPECT_EQ(modulus_length, |
1979 private_key.algorithm().rsaParams()->modulusLengthBits()); | 2075 private_key.algorithm().rsaParams()->modulusLengthBits()); |
1980 | 2076 |
1981 // Fail with bad modulus. | 2077 // Fail with bad modulus. |
1982 algorithm = CreateRsaKeyGenAlgorithm( | 2078 algorithm = CreateRsaKeyGenAlgorithm( |
1983 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, 0, public_exponent); | 2079 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, 0, public_exponent); |
1984 EXPECT_STATUS( | 2080 EXPECT_EQ(Status::ErrorGenerateRsaZeroModulus(), |
1985 Status::ErrorGenerateRsaZeroModulus(), | 2081 GenerateKeyPair( |
1986 GenerateKeyPair( | 2082 algorithm, extractable, usage_mask, &public_key, &private_key)); |
1987 algorithm, extractable, usage_mask, &public_key, &private_key)); | |
1988 | 2083 |
1989 // Fail with bad exponent: larger than unsigned long. | 2084 // Fail with bad exponent: larger than unsigned long. |
1990 unsigned int exponent_length = sizeof(unsigned long) + 1; // NOLINT | 2085 unsigned int exponent_length = sizeof(unsigned long) + 1; // NOLINT |
1991 const std::vector<uint8> long_exponent(exponent_length, 0x01); | 2086 const std::vector<uint8> long_exponent(exponent_length, 0x01); |
1992 algorithm = CreateRsaKeyGenAlgorithm( | 2087 algorithm = CreateRsaKeyGenAlgorithm( |
1993 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, modulus_length, long_exponent); | 2088 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, modulus_length, long_exponent); |
1994 EXPECT_STATUS( | 2089 EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(), |
1995 Status::ErrorGenerateKeyPublicExponent(), | 2090 GenerateKeyPair( |
1996 GenerateKeyPair( | 2091 algorithm, extractable, usage_mask, &public_key, &private_key)); |
1997 algorithm, extractable, usage_mask, &public_key, &private_key)); | |
1998 | 2092 |
1999 // Fail with bad exponent: empty. | 2093 // Fail with bad exponent: empty. |
2000 const std::vector<uint8> empty_exponent; | 2094 const std::vector<uint8> empty_exponent; |
2001 algorithm = | 2095 algorithm = |
2002 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | 2096 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
2003 modulus_length, | 2097 modulus_length, |
2004 empty_exponent); | 2098 empty_exponent); |
2005 EXPECT_STATUS( | 2099 EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(), |
2006 Status::ErrorGenerateKeyPublicExponent(), | 2100 GenerateKeyPair( |
2007 GenerateKeyPair( | 2101 algorithm, extractable, usage_mask, &public_key, &private_key)); |
2008 algorithm, extractable, usage_mask, &public_key, &private_key)); | |
2009 | 2102 |
2010 // Fail with bad exponent: all zeros. | 2103 // Fail with bad exponent: all zeros. |
2011 std::vector<uint8> exponent_with_leading_zeros(15, 0x00); | 2104 std::vector<uint8> exponent_with_leading_zeros(15, 0x00); |
2012 algorithm = | 2105 algorithm = |
2013 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | 2106 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
2014 modulus_length, | 2107 modulus_length, |
2015 exponent_with_leading_zeros); | 2108 exponent_with_leading_zeros); |
2016 EXPECT_STATUS( | 2109 EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(), |
2017 Status::ErrorGenerateKeyPublicExponent(), | 2110 GenerateKeyPair( |
2018 GenerateKeyPair( | 2111 algorithm, extractable, usage_mask, &public_key, &private_key)); |
2019 algorithm, extractable, usage_mask, &public_key, &private_key)); | |
2020 | 2112 |
2021 // Key generation success using exponent with leading zeros. | 2113 // Key generation success using exponent with leading zeros. |
2022 exponent_with_leading_zeros.insert(exponent_with_leading_zeros.end(), | 2114 exponent_with_leading_zeros.insert(exponent_with_leading_zeros.end(), |
2023 public_exponent.begin(), | 2115 public_exponent.begin(), |
2024 public_exponent.end()); | 2116 public_exponent.end()); |
2025 algorithm = | 2117 algorithm = |
2026 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | 2118 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
2027 modulus_length, | 2119 modulus_length, |
2028 exponent_with_leading_zeros); | 2120 exponent_with_leading_zeros); |
2029 EXPECT_STATUS_SUCCESS(GenerateKeyPair( | 2121 EXPECT_EQ(Status::Success(), |
2030 algorithm, extractable, usage_mask, &public_key, &private_key)); | 2122 GenerateKeyPair( |
2123 algorithm, extractable, usage_mask, &public_key, &private_key)); | |
2031 EXPECT_FALSE(public_key.isNull()); | 2124 EXPECT_FALSE(public_key.isNull()); |
2032 EXPECT_FALSE(private_key.isNull()); | 2125 EXPECT_FALSE(private_key.isNull()); |
2033 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 2126 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
2034 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 2127 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
2035 EXPECT_TRUE(public_key.extractable()); | 2128 EXPECT_TRUE(public_key.extractable()); |
2036 EXPECT_EQ(extractable, private_key.extractable()); | 2129 EXPECT_EQ(extractable, private_key.extractable()); |
2037 EXPECT_EQ(usage_mask, public_key.usages()); | 2130 EXPECT_EQ(usage_mask, public_key.usages()); |
2038 EXPECT_EQ(usage_mask, private_key.usages()); | 2131 EXPECT_EQ(usage_mask, private_key.usages()); |
2039 | 2132 |
2040 // Successful WebCryptoAlgorithmIdRsaOaep key generation. | 2133 // Successful WebCryptoAlgorithmIdRsaOaep key generation. |
2041 algorithm = CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaOaep, | 2134 algorithm = CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaOaep, |
2042 blink::WebCryptoAlgorithmIdSha256, | 2135 blink::WebCryptoAlgorithmIdSha256, |
2043 modulus_length, | 2136 modulus_length, |
2044 public_exponent); | 2137 public_exponent); |
2045 EXPECT_STATUS_SUCCESS(GenerateKeyPair( | 2138 EXPECT_EQ(Status::Success(), |
2046 algorithm, extractable, usage_mask, &public_key, &private_key)); | 2139 GenerateKeyPair( |
2140 algorithm, extractable, usage_mask, &public_key, &private_key)); | |
2047 EXPECT_FALSE(public_key.isNull()); | 2141 EXPECT_FALSE(public_key.isNull()); |
2048 EXPECT_FALSE(private_key.isNull()); | 2142 EXPECT_FALSE(private_key.isNull()); |
2049 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 2143 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
2050 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 2144 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
2051 EXPECT_EQ(modulus_length, | 2145 EXPECT_EQ(modulus_length, |
2052 public_key.algorithm().rsaHashedParams()->modulusLengthBits()); | 2146 public_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
2053 EXPECT_EQ(modulus_length, | 2147 EXPECT_EQ(modulus_length, |
2054 private_key.algorithm().rsaHashedParams()->modulusLengthBits()); | 2148 private_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
2055 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, | 2149 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, |
2056 public_key.algorithm().rsaHashedParams()->hash().id()); | 2150 public_key.algorithm().rsaHashedParams()->hash().id()); |
2057 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, | 2151 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, |
2058 private_key.algorithm().rsaHashedParams()->hash().id()); | 2152 private_key.algorithm().rsaHashedParams()->hash().id()); |
2059 EXPECT_TRUE(public_key.extractable()); | 2153 EXPECT_TRUE(public_key.extractable()); |
2060 EXPECT_EQ(extractable, private_key.extractable()); | 2154 EXPECT_EQ(extractable, private_key.extractable()); |
2061 EXPECT_EQ(usage_mask, public_key.usages()); | 2155 EXPECT_EQ(usage_mask, public_key.usages()); |
2062 EXPECT_EQ(usage_mask, private_key.usages()); | 2156 EXPECT_EQ(usage_mask, private_key.usages()); |
2063 | 2157 |
2064 // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation. | 2158 // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation. |
2065 algorithm = | 2159 algorithm = |
2066 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2160 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
2067 blink::WebCryptoAlgorithmIdSha1, | 2161 blink::WebCryptoAlgorithmIdSha1, |
2068 modulus_length, | 2162 modulus_length, |
2069 public_exponent); | 2163 public_exponent); |
2070 EXPECT_STATUS_SUCCESS( | 2164 EXPECT_EQ( |
2165 Status::Success(), | |
2071 GenerateKeyPair(algorithm, false, usage_mask, &public_key, &private_key)); | 2166 GenerateKeyPair(algorithm, false, usage_mask, &public_key, &private_key)); |
2072 EXPECT_FALSE(public_key.isNull()); | 2167 EXPECT_FALSE(public_key.isNull()); |
2073 EXPECT_FALSE(private_key.isNull()); | 2168 EXPECT_FALSE(private_key.isNull()); |
2074 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 2169 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
2075 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 2170 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
2076 EXPECT_EQ(modulus_length, | 2171 EXPECT_EQ(modulus_length, |
2077 public_key.algorithm().rsaHashedParams()->modulusLengthBits()); | 2172 public_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
2078 EXPECT_EQ(modulus_length, | 2173 EXPECT_EQ(modulus_length, |
2079 private_key.algorithm().rsaHashedParams()->modulusLengthBits()); | 2174 private_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
2080 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, | 2175 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, |
2081 public_key.algorithm().rsaHashedParams()->hash().id()); | 2176 public_key.algorithm().rsaHashedParams()->hash().id()); |
2082 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, | 2177 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, |
2083 private_key.algorithm().rsaHashedParams()->hash().id()); | 2178 private_key.algorithm().rsaHashedParams()->hash().id()); |
2084 // Even though "extractable" was set to false, the public key remains | 2179 // Even though "extractable" was set to false, the public key remains |
2085 // extractable. | 2180 // extractable. |
2086 EXPECT_TRUE(public_key.extractable()); | 2181 EXPECT_TRUE(public_key.extractable()); |
2087 EXPECT_FALSE(private_key.extractable()); | 2182 EXPECT_FALSE(private_key.extractable()); |
2088 EXPECT_EQ(usage_mask, public_key.usages()); | 2183 EXPECT_EQ(usage_mask, public_key.usages()); |
2089 EXPECT_EQ(usage_mask, private_key.usages()); | 2184 EXPECT_EQ(usage_mask, private_key.usages()); |
2090 | 2185 |
2091 // Exporting a private key as SPKI format doesn't make sense. However this | 2186 // Exporting a private key as SPKI format doesn't make sense. However this |
2092 // will first fail because the key is not extractable. | 2187 // will first fail because the key is not extractable. |
2093 blink::WebArrayBuffer output; | 2188 blink::WebArrayBuffer output; |
2094 EXPECT_STATUS(Status::ErrorKeyNotExtractable(), | 2189 EXPECT_EQ(Status::ErrorKeyNotExtractable(), |
2095 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output)); | 2190 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output)); |
2096 | 2191 |
2097 // Re-generate an extractable private_key and try to export it as SPKI format. | 2192 // Re-generate an extractable private_key and try to export it as SPKI format. |
2098 // This should fail since spki is for public keys. | 2193 // This should fail since spki is for public keys. |
2099 EXPECT_STATUS_SUCCESS( | 2194 EXPECT_EQ( |
2195 Status::Success(), | |
2100 GenerateKeyPair(algorithm, true, usage_mask, &public_key, &private_key)); | 2196 GenerateKeyPair(algorithm, true, usage_mask, &public_key, &private_key)); |
2101 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 2197 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), |
2102 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output)); | 2198 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output)); |
2103 } | 2199 } |
2104 | 2200 |
2105 TEST_F(SharedCryptoTest, MAYBE(RsaEsRoundTrip)) { | 2201 TEST_F(SharedCryptoTest, MAYBE(RsaEsRoundTrip)) { |
2106 // Import a key pair. | 2202 // Import a key pair. |
2107 blink::WebCryptoAlgorithm algorithm = | 2203 blink::WebCryptoAlgorithm algorithm = |
2108 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 2204 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
2109 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 2205 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
2110 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 2206 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
2111 ImportRsaKeyPair( | 2207 ImportRsaKeyPair( |
2112 HexStringToBytes(kPublicKeySpkiDerHex), | 2208 HexStringToBytes(kPublicKeySpkiDerHex), |
(...skipping 15 matching lines...) Expand all Loading... | |
2128 | 2224 |
2129 // Verify encrypt / decrypt round trip on a few messages. Note that RSA | 2225 // Verify encrypt / decrypt round trip on a few messages. Note that RSA |
2130 // encryption does not support empty input. | 2226 // encryption does not support empty input. |
2131 algorithm = CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 2227 algorithm = CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
2132 const char* const kTestDataHex[] = {"ff", "0102030405060708090a0b0c0d0e0f", | 2228 const char* const kTestDataHex[] = {"ff", "0102030405060708090a0b0c0d0e0f", |
2133 max_data_hex}; | 2229 max_data_hex}; |
2134 blink::WebArrayBuffer encrypted_data; | 2230 blink::WebArrayBuffer encrypted_data; |
2135 blink::WebArrayBuffer decrypted_data; | 2231 blink::WebArrayBuffer decrypted_data; |
2136 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTestDataHex); ++i) { | 2232 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTestDataHex); ++i) { |
2137 SCOPED_TRACE(i); | 2233 SCOPED_TRACE(i); |
2138 EXPECT_STATUS_SUCCESS(Encrypt(algorithm, | 2234 EXPECT_EQ(Status::Success(), |
2139 public_key, | 2235 Encrypt(algorithm, |
2140 CryptoData(HexStringToBytes(kTestDataHex[i])), | 2236 public_key, |
2141 &encrypted_data)); | 2237 CryptoData(HexStringToBytes(kTestDataHex[i])), |
2238 &encrypted_data)); | |
2142 EXPECT_EQ(kModulusLengthBits / 8, encrypted_data.byteLength()); | 2239 EXPECT_EQ(kModulusLengthBits / 8, encrypted_data.byteLength()); |
2143 ASSERT_STATUS_SUCCESS(Decrypt( | 2240 ASSERT_EQ(Status::Success(), |
2144 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data)); | 2241 Decrypt(algorithm, |
2242 private_key, | |
2243 CryptoData(encrypted_data), | |
2244 &decrypted_data)); | |
2145 ExpectArrayBufferMatchesHex(kTestDataHex[i], decrypted_data); | 2245 ExpectArrayBufferMatchesHex(kTestDataHex[i], decrypted_data); |
2146 } | 2246 } |
2147 } | 2247 } |
2148 | 2248 |
2149 TEST_F(SharedCryptoTest, MAYBE(RsaEsKnownAnswer)) { | 2249 TEST_F(SharedCryptoTest, MAYBE(RsaEsKnownAnswer)) { |
2150 scoped_ptr<base::Value> json; | 2250 scoped_ptr<base::Value> json; |
2151 ASSERT_TRUE(ReadJsonTestFile("rsa_es.json", &json)); | 2251 ASSERT_TRUE(ReadJsonTestFile("rsa_es.json", &json)); |
2152 base::DictionaryValue* test = NULL; | 2252 base::DictionaryValue* test = NULL; |
2153 ASSERT_TRUE(json->GetAsDictionary(&test)); | 2253 ASSERT_TRUE(json->GetAsDictionary(&test)); |
2154 | 2254 |
(...skipping 22 matching lines...) Expand all Loading... | |
2177 rsa_pkcs8_der, | 2277 rsa_pkcs8_der, |
2178 algorithm, | 2278 algorithm, |
2179 false, | 2279 false, |
2180 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, | 2280 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, |
2181 &public_key, | 2281 &public_key, |
2182 &private_key); | 2282 &private_key); |
2183 | 2283 |
2184 // Decrypt the known-good ciphertext with the private key. As a check we must | 2284 // Decrypt the known-good ciphertext with the private key. As a check we must |
2185 // get the known original cleartext. | 2285 // get the known original cleartext. |
2186 blink::WebArrayBuffer decrypted_data; | 2286 blink::WebArrayBuffer decrypted_data; |
2187 ASSERT_STATUS_SUCCESS( | 2287 ASSERT_EQ( |
2288 Status::Success(), | |
2188 Decrypt(algorithm, private_key, CryptoData(ciphertext), &decrypted_data)); | 2289 Decrypt(algorithm, private_key, CryptoData(ciphertext), &decrypted_data)); |
2189 EXPECT_FALSE(decrypted_data.isNull()); | 2290 EXPECT_FALSE(decrypted_data.isNull()); |
2190 EXPECT_TRUE(ArrayBufferMatches(cleartext, decrypted_data)); | 2291 EXPECT_TRUE(ArrayBufferMatches(cleartext, decrypted_data)); |
2191 | 2292 |
2192 // Encrypt this decrypted data with the public key. | 2293 // Encrypt this decrypted data with the public key. |
2193 blink::WebArrayBuffer encrypted_data; | 2294 blink::WebArrayBuffer encrypted_data; |
2194 ASSERT_STATUS_SUCCESS(Encrypt( | 2295 ASSERT_EQ( |
2195 algorithm, public_key, CryptoData(decrypted_data), &encrypted_data)); | 2296 Status::Success(), |
2297 Encrypt( | |
2298 algorithm, public_key, CryptoData(decrypted_data), &encrypted_data)); | |
2196 EXPECT_EQ(128u, encrypted_data.byteLength()); | 2299 EXPECT_EQ(128u, encrypted_data.byteLength()); |
2197 | 2300 |
2198 // Finally, decrypt the newly encrypted result with the private key, and | 2301 // Finally, decrypt the newly encrypted result with the private key, and |
2199 // compare to the known original cleartext. | 2302 // compare to the known original cleartext. |
2200 decrypted_data.reset(); | 2303 decrypted_data.reset(); |
2201 ASSERT_STATUS_SUCCESS(Decrypt( | 2304 ASSERT_EQ( |
2202 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data)); | 2305 Status::Success(), |
2306 Decrypt( | |
2307 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data)); | |
2203 EXPECT_FALSE(decrypted_data.isNull()); | 2308 EXPECT_FALSE(decrypted_data.isNull()); |
2204 EXPECT_TRUE(ArrayBufferMatches(cleartext, decrypted_data)); | 2309 EXPECT_TRUE(ArrayBufferMatches(cleartext, decrypted_data)); |
2205 } | 2310 } |
2206 | 2311 |
2207 TEST_F(SharedCryptoTest, MAYBE(RsaEsFailures)) { | 2312 TEST_F(SharedCryptoTest, MAYBE(RsaEsFailures)) { |
2208 // Import a key pair. | 2313 // Import a key pair. |
2209 blink::WebCryptoAlgorithm algorithm = | 2314 blink::WebCryptoAlgorithm algorithm = |
2210 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 2315 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
2211 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 2316 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
2212 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 2317 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
2213 ImportRsaKeyPair( | 2318 ImportRsaKeyPair( |
2214 HexStringToBytes(kPublicKeySpkiDerHex), | 2319 HexStringToBytes(kPublicKeySpkiDerHex), |
2215 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 2320 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
2216 algorithm, | 2321 algorithm, |
2217 false, | 2322 false, |
2218 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, | 2323 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, |
2219 &public_key, | 2324 &public_key, |
2220 &private_key); | 2325 &private_key); |
2221 | 2326 |
2222 // Fail encrypt with a private key. | 2327 // Fail encrypt with a private key. |
2223 blink::WebArrayBuffer encrypted_data; | 2328 blink::WebArrayBuffer encrypted_data; |
2224 const std::string message_hex_str("0102030405060708090a0b0c0d0e0f"); | 2329 const std::string message_hex_str("0102030405060708090a0b0c0d0e0f"); |
2225 const std::vector<uint8> message_hex(HexStringToBytes(message_hex_str)); | 2330 const std::vector<uint8> message_hex(HexStringToBytes(message_hex_str)); |
2226 EXPECT_STATUS( | 2331 EXPECT_EQ( |
2227 Status::ErrorUnexpectedKeyType(), | 2332 Status::ErrorUnexpectedKeyType(), |
2228 Encrypt( | 2333 Encrypt( |
2229 algorithm, private_key, CryptoData(message_hex), &encrypted_data)); | 2334 algorithm, private_key, CryptoData(message_hex), &encrypted_data)); |
2230 | 2335 |
2231 // Fail encrypt with empty message. | 2336 // Fail encrypt with empty message. |
2232 EXPECT_STATUS(Status::Error(), | 2337 EXPECT_EQ(Status::ErrorDataTooSmall(), |
2233 Encrypt(algorithm, | 2338 Encrypt(algorithm, |
2234 public_key, | 2339 public_key, |
2235 CryptoData(std::vector<uint8>()), | 2340 CryptoData(std::vector<uint8>()), |
2236 &encrypted_data)); | 2341 &encrypted_data)); |
2237 | 2342 |
2238 // Fail encrypt with message too large. RSAES can operate on messages up to | 2343 // Fail encrypt with message too large. RSAES can operate on messages up to |
2239 // length of k - 11 bytes, where k is the octet length of the RSA modulus. | 2344 // length of k - 11 bytes, where k is the octet length of the RSA modulus. |
2240 const unsigned int kMaxMsgSizeBytes = kModulusLengthBits / 8 - 11; | 2345 const unsigned int kMaxMsgSizeBytes = kModulusLengthBits / 8 - 11; |
2241 EXPECT_STATUS( | 2346 EXPECT_EQ(Status::ErrorDataTooLarge(), |
2242 Status::ErrorDataTooLarge(), | 2347 Encrypt(algorithm, |
2243 Encrypt(algorithm, | 2348 public_key, |
2244 public_key, | 2349 CryptoData(std::vector<uint8>(kMaxMsgSizeBytes + 1, '0')), |
2245 CryptoData(std::vector<uint8>(kMaxMsgSizeBytes + 1, '0')), | 2350 &encrypted_data)); |
2246 &encrypted_data)); | |
2247 | 2351 |
2248 // Generate encrypted data. | 2352 // Generate encrypted data. |
2249 EXPECT_STATUS( | 2353 EXPECT_EQ( |
2250 Status::Success(), | 2354 Status::Success(), |
2251 Encrypt(algorithm, public_key, CryptoData(message_hex), &encrypted_data)); | 2355 Encrypt(algorithm, public_key, CryptoData(message_hex), &encrypted_data)); |
2252 | 2356 |
2253 // Fail decrypt with a public key. | 2357 // Fail decrypt with a public key. |
2254 blink::WebArrayBuffer decrypted_data; | 2358 blink::WebArrayBuffer decrypted_data; |
2255 EXPECT_STATUS( | 2359 EXPECT_EQ( |
2256 Status::ErrorUnexpectedKeyType(), | 2360 Status::ErrorUnexpectedKeyType(), |
2257 Decrypt( | 2361 Decrypt( |
2258 algorithm, public_key, CryptoData(encrypted_data), &decrypted_data)); | 2362 algorithm, public_key, CryptoData(encrypted_data), &decrypted_data)); |
2259 | 2363 |
2260 // Corrupt encrypted data; ensure decrypt fails because padding was disrupted. | 2364 // Corrupt encrypted data; ensure decrypt fails because padding was disrupted. |
2261 std::vector<uint8> corrupted_data( | 2365 std::vector<uint8> corrupted_data( |
2262 static_cast<uint8*>(encrypted_data.data()), | 2366 static_cast<uint8*>(encrypted_data.data()), |
2263 static_cast<uint8*>(encrypted_data.data()) + encrypted_data.byteLength()); | 2367 static_cast<uint8*>(encrypted_data.data()) + encrypted_data.byteLength()); |
2264 corrupted_data[corrupted_data.size() / 2] ^= 0x01; | 2368 corrupted_data[corrupted_data.size() / 2] ^= 0x01; |
2265 EXPECT_STATUS( | 2369 EXPECT_EQ( |
2266 Status::Error(), | 2370 Status::OperationError(), |
2267 Decrypt( | 2371 Decrypt( |
2268 algorithm, private_key, CryptoData(corrupted_data), &decrypted_data)); | 2372 algorithm, private_key, CryptoData(corrupted_data), &decrypted_data)); |
2269 | 2373 |
2270 // TODO(padolph): Are there other specific data corruption scenarios to | 2374 // TODO(padolph): Are there other specific data corruption scenarios to |
2271 // consider? | 2375 // consider? |
2272 | 2376 |
2273 // Do a successful decrypt with good data just for confirmation. | 2377 // Do a successful decrypt with good data just for confirmation. |
2274 EXPECT_STATUS_SUCCESS(Decrypt( | 2378 EXPECT_EQ( |
2275 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data)); | 2379 Status::Success(), |
2380 Decrypt( | |
2381 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data)); | |
2276 ExpectArrayBufferMatchesHex(message_hex_str, decrypted_data); | 2382 ExpectArrayBufferMatchesHex(message_hex_str, decrypted_data); |
2277 } | 2383 } |
2278 | 2384 |
2279 TEST_F(SharedCryptoTest, MAYBE(RsaSsaSignVerifyFailures)) { | 2385 TEST_F(SharedCryptoTest, MAYBE(RsaSsaSignVerifyFailures)) { |
2280 // Import a key pair. | 2386 // Import a key pair. |
2281 blink::WebCryptoKeyUsageMask usage_mask = | 2387 blink::WebCryptoKeyUsageMask usage_mask = |
2282 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify; | 2388 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify; |
2283 blink::WebCryptoAlgorithm importAlgorithm = | 2389 blink::WebCryptoAlgorithm importAlgorithm = |
2284 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2390 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
2285 blink::WebCryptoAlgorithmIdSha1); | 2391 blink::WebCryptoAlgorithmIdSha1); |
2286 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 2392 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
2287 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 2393 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
2288 ImportRsaKeyPair(HexStringToBytes(kPublicKeySpkiDerHex), | 2394 ImportRsaKeyPair(HexStringToBytes(kPublicKeySpkiDerHex), |
2289 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 2395 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
2290 importAlgorithm, | 2396 importAlgorithm, |
2291 false, | 2397 false, |
2292 usage_mask, | 2398 usage_mask, |
2293 &public_key, | 2399 &public_key, |
2294 &private_key); | 2400 &private_key); |
2295 | 2401 |
2296 blink::WebCryptoAlgorithm algorithm = | 2402 blink::WebCryptoAlgorithm algorithm = |
2297 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5); | 2403 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5); |
2298 | 2404 |
2299 blink::WebArrayBuffer signature; | 2405 blink::WebArrayBuffer signature; |
2300 bool signature_match; | 2406 bool signature_match; |
2301 | 2407 |
2302 // Compute a signature. | 2408 // Compute a signature. |
2303 const std::vector<uint8> data = HexStringToBytes("010203040506070809"); | 2409 const std::vector<uint8> data = HexStringToBytes("010203040506070809"); |
2304 ASSERT_STATUS_SUCCESS( | 2410 ASSERT_EQ(Status::Success(), |
2305 Sign(algorithm, private_key, CryptoData(data), &signature)); | 2411 Sign(algorithm, private_key, CryptoData(data), &signature)); |
2306 | 2412 |
2307 // Ensure truncated signature does not verify by passing one less byte. | 2413 // Ensure truncated signature does not verify by passing one less byte. |
2308 EXPECT_STATUS_SUCCESS(VerifySignature( | 2414 EXPECT_EQ( |
2309 algorithm, | 2415 Status::Success(), |
2310 public_key, | 2416 VerifySignature( |
2311 CryptoData(reinterpret_cast<const unsigned char*>(signature.data()), | 2417 algorithm, |
2312 signature.byteLength() - 1), | 2418 public_key, |
2313 CryptoData(data), | 2419 CryptoData(reinterpret_cast<const unsigned char*>(signature.data()), |
2314 &signature_match)); | 2420 signature.byteLength() - 1), |
2421 CryptoData(data), | |
2422 &signature_match)); | |
2315 EXPECT_FALSE(signature_match); | 2423 EXPECT_FALSE(signature_match); |
2316 | 2424 |
2317 // Ensure truncated signature does not verify by passing no bytes. | 2425 // Ensure truncated signature does not verify by passing no bytes. |
2318 EXPECT_STATUS_SUCCESS(VerifySignature( | 2426 EXPECT_EQ(Status::Success(), |
2319 algorithm, public_key, CryptoData(), CryptoData(data), &signature_match)); | 2427 VerifySignature(algorithm, |
2428 public_key, | |
2429 CryptoData(), | |
2430 CryptoData(data), | |
2431 &signature_match)); | |
2320 EXPECT_FALSE(signature_match); | 2432 EXPECT_FALSE(signature_match); |
2321 | 2433 |
2322 // Ensure corrupted signature does not verify. | 2434 // Ensure corrupted signature does not verify. |
2323 std::vector<uint8> corrupt_sig( | 2435 std::vector<uint8> corrupt_sig( |
2324 static_cast<uint8*>(signature.data()), | 2436 static_cast<uint8*>(signature.data()), |
2325 static_cast<uint8*>(signature.data()) + signature.byteLength()); | 2437 static_cast<uint8*>(signature.data()) + signature.byteLength()); |
2326 corrupt_sig[corrupt_sig.size() / 2] ^= 0x1; | 2438 corrupt_sig[corrupt_sig.size() / 2] ^= 0x1; |
2327 EXPECT_STATUS_SUCCESS(VerifySignature(algorithm, | 2439 EXPECT_EQ(Status::Success(), |
2328 public_key, | 2440 VerifySignature(algorithm, |
2329 CryptoData(corrupt_sig), | 2441 public_key, |
2330 CryptoData(data), | 2442 CryptoData(corrupt_sig), |
2331 &signature_match)); | 2443 CryptoData(data), |
2444 &signature_match)); | |
2332 EXPECT_FALSE(signature_match); | 2445 EXPECT_FALSE(signature_match); |
2333 | 2446 |
2334 // Ensure signatures that are greater than the modulus size fail. | 2447 // Ensure signatures that are greater than the modulus size fail. |
2335 const unsigned int long_message_size_bytes = 1024; | 2448 const unsigned int long_message_size_bytes = 1024; |
2336 DCHECK_GT(long_message_size_bytes, kModulusLengthBits / 8); | 2449 DCHECK_GT(long_message_size_bytes, kModulusLengthBits / 8); |
2337 const unsigned char kLongSignature[long_message_size_bytes] = {0}; | 2450 const unsigned char kLongSignature[long_message_size_bytes] = {0}; |
2338 EXPECT_STATUS_SUCCESS( | 2451 EXPECT_EQ(Status::Success(), |
2339 VerifySignature(algorithm, | 2452 VerifySignature(algorithm, |
2340 public_key, | 2453 public_key, |
2341 CryptoData(kLongSignature, sizeof(kLongSignature)), | 2454 CryptoData(kLongSignature, sizeof(kLongSignature)), |
2342 CryptoData(data), | 2455 CryptoData(data), |
2343 &signature_match)); | 2456 &signature_match)); |
2344 EXPECT_FALSE(signature_match); | 2457 EXPECT_FALSE(signature_match); |
2345 | 2458 |
2346 // Ensure that verifying using a private key, rather than a public key, fails. | 2459 // Ensure that verifying using a private key, rather than a public key, fails. |
2347 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 2460 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), |
2348 VerifySignature(algorithm, | 2461 VerifySignature(algorithm, |
2349 private_key, | 2462 private_key, |
2350 CryptoData(signature), | 2463 CryptoData(signature), |
2351 CryptoData(data), | 2464 CryptoData(data), |
2352 &signature_match)); | 2465 &signature_match)); |
2353 | 2466 |
2354 // Ensure that signing using a public key, rather than a private key, fails. | 2467 // Ensure that signing using a public key, rather than a private key, fails. |
2355 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 2468 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), |
2356 Sign(algorithm, public_key, CryptoData(data), &signature)); | 2469 Sign(algorithm, public_key, CryptoData(data), &signature)); |
2357 | 2470 |
2358 // Ensure that signing and verifying with an incompatible algorithm fails. | 2471 // Ensure that signing and verifying with an incompatible algorithm fails. |
2359 algorithm = CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 2472 algorithm = CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
2360 | 2473 |
2361 EXPECT_STATUS(Status::ErrorUnexpected(), | 2474 EXPECT_EQ(Status::ErrorUnexpected(), |
2362 Sign(algorithm, private_key, CryptoData(data), &signature)); | 2475 Sign(algorithm, private_key, CryptoData(data), &signature)); |
2363 EXPECT_STATUS(Status::ErrorUnexpected(), | 2476 EXPECT_EQ(Status::ErrorUnexpected(), |
2364 VerifySignature(algorithm, | 2477 VerifySignature(algorithm, |
2365 public_key, | 2478 public_key, |
2366 CryptoData(signature), | 2479 CryptoData(signature), |
2367 CryptoData(data), | 2480 CryptoData(data), |
2368 &signature_match)); | 2481 &signature_match)); |
2369 | 2482 |
2370 // Some crypto libraries (NSS) can automatically select the RSA SSA inner hash | 2483 // Some crypto libraries (NSS) can automatically select the RSA SSA inner hash |
2371 // based solely on the contents of the input signature data. In the Web Crypto | 2484 // based solely on the contents of the input signature data. In the Web Crypto |
2372 // implementation, the inner hash should be specified uniquely by the key | 2485 // implementation, the inner hash should be specified uniquely by the key |
2373 // algorithm parameter. To validate this behavior, call Verify with a computed | 2486 // algorithm parameter. To validate this behavior, call Verify with a computed |
2374 // signature that used one hash type (SHA-1), but pass in a key with a | 2487 // signature that used one hash type (SHA-1), but pass in a key with a |
2375 // different inner hash type (SHA-256). If the hash type is determined by the | 2488 // different inner hash type (SHA-256). If the hash type is determined by the |
2376 // signature itself (undesired), the verify will pass, while if the hash type | 2489 // signature itself (undesired), the verify will pass, while if the hash type |
2377 // is specified by the key algorithm (desired), the verify will fail. | 2490 // is specified by the key algorithm (desired), the verify will fail. |
2378 | 2491 |
2379 // Compute a signature using SHA-1 as the inner hash. | 2492 // Compute a signature using SHA-1 as the inner hash. |
2380 EXPECT_STATUS_SUCCESS( | 2493 EXPECT_EQ(Status::Success(), |
2381 Sign(CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), | 2494 Sign(CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), |
2382 private_key, | 2495 private_key, |
2383 CryptoData(data), | 2496 CryptoData(data), |
2384 &signature)); | 2497 &signature)); |
2385 | 2498 |
2386 blink::WebCryptoKey public_key_256 = blink::WebCryptoKey::createNull(); | 2499 blink::WebCryptoKey public_key_256 = blink::WebCryptoKey::createNull(); |
2387 EXPECT_STATUS_SUCCESS(ImportKey( | 2500 EXPECT_EQ(Status::Success(), |
2388 blink::WebCryptoKeyFormatSpki, | 2501 ImportKey(blink::WebCryptoKeyFormatSpki, |
2389 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), | 2502 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), |
2390 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2503 CreateRsaHashedImportAlgorithm( |
2391 blink::WebCryptoAlgorithmIdSha256), | 2504 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
2392 true, | 2505 blink::WebCryptoAlgorithmIdSha256), |
2393 usage_mask, | 2506 true, |
2394 &public_key_256)); | 2507 usage_mask, |
2508 &public_key_256)); | |
2395 | 2509 |
2396 // Now verify using an algorithm whose inner hash is SHA-256, not SHA-1. The | 2510 // Now verify using an algorithm whose inner hash is SHA-256, not SHA-1. The |
2397 // signature should not verify. | 2511 // signature should not verify. |
2398 // NOTE: public_key was produced by generateKey, and so its associated | 2512 // NOTE: public_key was produced by generateKey, and so its associated |
2399 // algorithm has WebCryptoRsaKeyGenParams and not WebCryptoRsaSsaParams. Thus | 2513 // algorithm has WebCryptoRsaKeyGenParams and not WebCryptoRsaSsaParams. Thus |
2400 // it has no inner hash to conflict with the input algorithm. | 2514 // it has no inner hash to conflict with the input algorithm. |
2401 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, | 2515 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, |
2402 private_key.algorithm().rsaHashedParams()->hash().id()); | 2516 private_key.algorithm().rsaHashedParams()->hash().id()); |
2403 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, | 2517 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, |
2404 public_key_256.algorithm().rsaHashedParams()->hash().id()); | 2518 public_key_256.algorithm().rsaHashedParams()->hash().id()); |
2405 | 2519 |
2406 bool is_match; | 2520 bool is_match; |
2407 EXPECT_STATUS_SUCCESS(VerifySignature( | 2521 EXPECT_EQ(Status::Success(), |
2408 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), | 2522 VerifySignature( |
2409 public_key_256, | 2523 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), |
2410 CryptoData(signature), | 2524 public_key_256, |
2411 CryptoData(data), | 2525 CryptoData(signature), |
2412 &is_match)); | 2526 CryptoData(data), |
2527 &is_match)); | |
2413 EXPECT_FALSE(is_match); | 2528 EXPECT_FALSE(is_match); |
2414 } | 2529 } |
2415 | 2530 |
2416 TEST_F(SharedCryptoTest, MAYBE(RsaSignVerifyKnownAnswer)) { | 2531 TEST_F(SharedCryptoTest, MAYBE(RsaSignVerifyKnownAnswer)) { |
2417 scoped_ptr<base::ListValue> tests; | 2532 scoped_ptr<base::ListValue> tests; |
2418 ASSERT_TRUE(ReadJsonTestFileToList("pkcs1v15_sign.json", &tests)); | 2533 ASSERT_TRUE(ReadJsonTestFileToList("pkcs1v15_sign.json", &tests)); |
2419 | 2534 |
2420 // Import the key pair. | 2535 // Import the key pair. |
2421 blink::WebCryptoAlgorithm importAlgorithm = | 2536 blink::WebCryptoAlgorithm importAlgorithm = |
2422 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2537 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
(...skipping 19 matching lines...) Expand all Loading... | |
2442 | 2557 |
2443 base::DictionaryValue* test; | 2558 base::DictionaryValue* test; |
2444 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); | 2559 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); |
2445 | 2560 |
2446 std::vector<uint8> test_message = | 2561 std::vector<uint8> test_message = |
2447 GetBytesFromHexString(test, "message_hex"); | 2562 GetBytesFromHexString(test, "message_hex"); |
2448 std::vector<uint8> test_signature = | 2563 std::vector<uint8> test_signature = |
2449 GetBytesFromHexString(test, "signature_hex"); | 2564 GetBytesFromHexString(test, "signature_hex"); |
2450 | 2565 |
2451 signature.reset(); | 2566 signature.reset(); |
2452 ASSERT_STATUS_SUCCESS( | 2567 ASSERT_EQ( |
2568 Status::Success(), | |
2453 Sign(algorithm, private_key, CryptoData(test_message), &signature)); | 2569 Sign(algorithm, private_key, CryptoData(test_message), &signature)); |
2454 EXPECT_TRUE(ArrayBufferMatches(test_signature, signature)); | 2570 EXPECT_TRUE(ArrayBufferMatches(test_signature, signature)); |
2455 | 2571 |
2456 bool is_match = false; | 2572 bool is_match = false; |
2457 ASSERT_STATUS_SUCCESS(VerifySignature(algorithm, | 2573 ASSERT_EQ(Status::Success(), |
2458 public_key, | 2574 VerifySignature(algorithm, |
2459 CryptoData(test_signature), | 2575 public_key, |
2460 CryptoData(test_message), | 2576 CryptoData(test_signature), |
2461 &is_match)); | 2577 CryptoData(test_message), |
2578 &is_match)); | |
2462 EXPECT_TRUE(is_match); | 2579 EXPECT_TRUE(is_match); |
2463 } | 2580 } |
2464 } | 2581 } |
2465 | 2582 |
2466 TEST_F(SharedCryptoTest, MAYBE(AesKwKeyImport)) { | 2583 TEST_F(SharedCryptoTest, MAYBE(AesKwKeyImport)) { |
2467 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 2584 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
2468 blink::WebCryptoAlgorithm algorithm = | 2585 blink::WebCryptoAlgorithm algorithm = |
2469 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); | 2586 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); |
2470 | 2587 |
2471 // Import a 128-bit Key Encryption Key (KEK) | 2588 // Import a 128-bit Key Encryption Key (KEK) |
2472 std::string key_raw_hex_in = "025a8cf3f08b4f6c5f33bbc76a471939"; | 2589 std::string key_raw_hex_in = "025a8cf3f08b4f6c5f33bbc76a471939"; |
2473 ASSERT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatRaw, | 2590 ASSERT_EQ(Status::Success(), |
2474 CryptoData(HexStringToBytes(key_raw_hex_in)), | 2591 ImportKey(blink::WebCryptoKeyFormatRaw, |
2475 algorithm, | 2592 CryptoData(HexStringToBytes(key_raw_hex_in)), |
2476 true, | 2593 algorithm, |
2477 blink::WebCryptoKeyUsageWrapKey, | 2594 true, |
2478 &key)); | 2595 blink::WebCryptoKeyUsageWrapKey, |
2596 &key)); | |
2479 blink::WebArrayBuffer key_raw_out; | 2597 blink::WebArrayBuffer key_raw_out; |
2480 EXPECT_STATUS_SUCCESS( | 2598 EXPECT_EQ(Status::Success(), |
2481 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out)); | 2599 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out)); |
2482 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); | 2600 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); |
2483 | 2601 |
2484 // Import a 192-bit KEK | 2602 // Import a 192-bit KEK |
2485 key_raw_hex_in = "c0192c6466b2370decbb62b2cfef4384544ffeb4d2fbc103"; | 2603 key_raw_hex_in = "c0192c6466b2370decbb62b2cfef4384544ffeb4d2fbc103"; |
2486 ASSERT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatRaw, | 2604 ASSERT_EQ(Status::Success(), |
2487 CryptoData(HexStringToBytes(key_raw_hex_in)), | 2605 ImportKey(blink::WebCryptoKeyFormatRaw, |
2488 algorithm, | 2606 CryptoData(HexStringToBytes(key_raw_hex_in)), |
2489 true, | 2607 algorithm, |
2490 blink::WebCryptoKeyUsageWrapKey, | 2608 true, |
2491 &key)); | 2609 blink::WebCryptoKeyUsageWrapKey, |
2492 EXPECT_STATUS_SUCCESS( | 2610 &key)); |
2493 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out)); | 2611 EXPECT_EQ(Status::Success(), |
2612 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out)); | |
2494 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); | 2613 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); |
2495 | 2614 |
2496 // Import a 256-bit Key Encryption Key (KEK) | 2615 // Import a 256-bit Key Encryption Key (KEK) |
2497 key_raw_hex_in = | 2616 key_raw_hex_in = |
2498 "e11fe66380d90fa9ebefb74e0478e78f95664d0c67ca20ce4a0b5842863ac46f"; | 2617 "e11fe66380d90fa9ebefb74e0478e78f95664d0c67ca20ce4a0b5842863ac46f"; |
2499 ASSERT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatRaw, | 2618 ASSERT_EQ(Status::Success(), |
2500 CryptoData(HexStringToBytes(key_raw_hex_in)), | 2619 ImportKey(blink::WebCryptoKeyFormatRaw, |
2501 algorithm, | 2620 CryptoData(HexStringToBytes(key_raw_hex_in)), |
2502 true, | 2621 algorithm, |
2503 blink::WebCryptoKeyUsageWrapKey, | 2622 true, |
2504 &key)); | 2623 blink::WebCryptoKeyUsageWrapKey, |
2505 EXPECT_STATUS_SUCCESS( | 2624 &key)); |
2506 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out)); | 2625 EXPECT_EQ(Status::Success(), |
2626 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out)); | |
2507 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); | 2627 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); |
2508 | 2628 |
2509 // Fail import of 0 length key | 2629 // Fail import of 0 length key |
2510 EXPECT_STATUS(Status::Error(), | 2630 EXPECT_EQ(Status::ErrorImportAesKeyLength(), |
2511 ImportKey(blink::WebCryptoKeyFormatRaw, | 2631 ImportKey(blink::WebCryptoKeyFormatRaw, |
2512 CryptoData(HexStringToBytes("")), | 2632 CryptoData(HexStringToBytes("")), |
2513 algorithm, | 2633 algorithm, |
2514 true, | 2634 true, |
2515 blink::WebCryptoKeyUsageWrapKey, | 2635 blink::WebCryptoKeyUsageWrapKey, |
2516 &key)); | 2636 &key)); |
2517 | 2637 |
2518 // Fail import of 124-bit KEK | 2638 // Fail import of 124-bit KEK |
2519 key_raw_hex_in = "3e4566a2bdaa10cb68134fa66c15ddb"; | 2639 key_raw_hex_in = "3e4566a2bdaa10cb68134fa66c15ddb"; |
2520 EXPECT_STATUS(Status::Error(), | 2640 EXPECT_EQ(Status::ErrorImportAesKeyLength(), |
2521 ImportKey(blink::WebCryptoKeyFormatRaw, | 2641 ImportKey(blink::WebCryptoKeyFormatRaw, |
2522 CryptoData(HexStringToBytes(key_raw_hex_in)), | 2642 CryptoData(HexStringToBytes(key_raw_hex_in)), |
2523 algorithm, | 2643 algorithm, |
2524 true, | 2644 true, |
2525 blink::WebCryptoKeyUsageWrapKey, | 2645 blink::WebCryptoKeyUsageWrapKey, |
2526 &key)); | 2646 &key)); |
2527 | 2647 |
2528 // Fail import of 200-bit KEK | 2648 // Fail import of 200-bit KEK |
2529 key_raw_hex_in = "0a1d88608a5ad9fec64f1ada269ebab4baa2feeb8d95638c0e"; | 2649 key_raw_hex_in = "0a1d88608a5ad9fec64f1ada269ebab4baa2feeb8d95638c0e"; |
2530 EXPECT_STATUS(Status::Error(), | 2650 EXPECT_EQ(Status::ErrorImportAesKeyLength(), |
2531 ImportKey(blink::WebCryptoKeyFormatRaw, | 2651 ImportKey(blink::WebCryptoKeyFormatRaw, |
2532 CryptoData(HexStringToBytes(key_raw_hex_in)), | 2652 CryptoData(HexStringToBytes(key_raw_hex_in)), |
2533 algorithm, | 2653 algorithm, |
2534 true, | 2654 true, |
2535 blink::WebCryptoKeyUsageWrapKey, | 2655 blink::WebCryptoKeyUsageWrapKey, |
2536 &key)); | 2656 &key)); |
2537 | 2657 |
2538 // Fail import of 260-bit KEK | 2658 // Fail import of 260-bit KEK |
2539 key_raw_hex_in = | 2659 key_raw_hex_in = |
2540 "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a"; | 2660 "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a"; |
2541 EXPECT_STATUS(Status::Error(), | 2661 EXPECT_EQ(Status::ErrorImportAesKeyLength(), |
2542 ImportKey(blink::WebCryptoKeyFormatRaw, | 2662 ImportKey(blink::WebCryptoKeyFormatRaw, |
2543 CryptoData(HexStringToBytes(key_raw_hex_in)), | 2663 CryptoData(HexStringToBytes(key_raw_hex_in)), |
2544 algorithm, | 2664 algorithm, |
2545 true, | 2665 true, |
2546 blink::WebCryptoKeyUsageWrapKey, | 2666 blink::WebCryptoKeyUsageWrapKey, |
2547 &key)); | 2667 &key)); |
2548 } | 2668 } |
2549 | 2669 |
2550 TEST_F(SharedCryptoTest, MAYBE(UnwrapFailures)) { | 2670 TEST_F(SharedCryptoTest, MAYBE(UnwrapFailures)) { |
2551 // This test exercises the code path common to all unwrap operations. | 2671 // This test exercises the code path common to all unwrap operations. |
2552 scoped_ptr<base::ListValue> tests; | 2672 scoped_ptr<base::ListValue> tests; |
2553 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests)); | 2673 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests)); |
2554 base::DictionaryValue* test; | 2674 base::DictionaryValue* test; |
2555 ASSERT_TRUE(tests->GetDictionary(0, &test)); | 2675 ASSERT_TRUE(tests->GetDictionary(0, &test)); |
2556 const std::vector<uint8> test_kek = GetBytesFromHexString(test, "kek"); | 2676 const std::vector<uint8> test_kek = GetBytesFromHexString(test, "kek"); |
2557 const std::vector<uint8> test_ciphertext = | 2677 const std::vector<uint8> test_ciphertext = |
2558 GetBytesFromHexString(test, "ciphertext"); | 2678 GetBytesFromHexString(test, "ciphertext"); |
2559 | 2679 |
2560 // Using a key that does not have unwrapKey usage should fail. | 2680 // Using a key that does not have unwrapKey usage should fail. |
2561 blink::WebCryptoKey bad_wrapping_key = ImportSecretKeyFromRaw( | 2681 blink::WebCryptoKey bad_wrapping_key = ImportSecretKeyFromRaw( |
2562 test_kek, | 2682 test_kek, |
2563 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw), | 2683 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw), |
2564 blink::WebCryptoKeyUsageDecrypt); // <-- should be UnwrapKey | 2684 blink::WebCryptoKeyUsageDecrypt); // <-- should be UnwrapKey |
2565 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 2685 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
2566 EXPECT_STATUS( | 2686 EXPECT_EQ( |
2567 Status::ErrorUnexpected(), | 2687 Status::ErrorUnexpected(), |
2568 UnwrapKey(blink::WebCryptoKeyFormatRaw, | 2688 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
2569 CryptoData(test_ciphertext), | 2689 CryptoData(test_ciphertext), |
2570 bad_wrapping_key, | 2690 bad_wrapping_key, |
2571 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw), | 2691 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw), |
2572 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 2692 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
2573 true, | 2693 true, |
2574 blink::WebCryptoKeyUsageEncrypt, | 2694 blink::WebCryptoKeyUsageEncrypt, |
2575 &unwrapped_key)); | 2695 &unwrapped_key)); |
2576 | 2696 |
2577 // Using a wrapping algorithm that does not match the wrapping key algorithm | 2697 // Using a wrapping algorithm that does not match the wrapping key algorithm |
2578 // should fail. | 2698 // should fail. |
2579 blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw( | 2699 blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw( |
2580 test_kek, | 2700 test_kek, |
2581 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw), | 2701 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw), |
2582 blink::WebCryptoKeyUsageUnwrapKey); | 2702 blink::WebCryptoKeyUsageUnwrapKey); |
2583 EXPECT_STATUS( | 2703 EXPECT_EQ( |
2584 Status::ErrorUnexpected(), | 2704 Status::ErrorUnexpected(), |
2585 UnwrapKey(blink::WebCryptoKeyFormatRaw, | 2705 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
2586 CryptoData(test_ciphertext), | 2706 CryptoData(test_ciphertext), |
2587 wrapping_key, | 2707 wrapping_key, |
2588 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 2708 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
2589 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 2709 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
2590 true, | 2710 true, |
2591 blink::WebCryptoKeyUsageEncrypt, | 2711 blink::WebCryptoKeyUsageEncrypt, |
2592 &unwrapped_key)); | 2712 &unwrapped_key)); |
2593 } | 2713 } |
(...skipping 20 matching lines...) Expand all Loading... | |
2614 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey); | 2734 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey); |
2615 | 2735 |
2616 // Import the key to be wrapped. | 2736 // Import the key to be wrapped. |
2617 blink::WebCryptoKey key = ImportSecretKeyFromRaw( | 2737 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
2618 test_key, | 2738 test_key, |
2619 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 2739 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
2620 blink::WebCryptoKeyUsageEncrypt); | 2740 blink::WebCryptoKeyUsageEncrypt); |
2621 | 2741 |
2622 // Wrap the key and verify the ciphertext result against the known answer. | 2742 // Wrap the key and verify the ciphertext result against the known answer. |
2623 blink::WebArrayBuffer wrapped_key; | 2743 blink::WebArrayBuffer wrapped_key; |
2624 ASSERT_STATUS_SUCCESS(WrapKey(blink::WebCryptoKeyFormatRaw, | 2744 ASSERT_EQ(Status::Success(), |
2625 wrapping_key, | 2745 WrapKey(blink::WebCryptoKeyFormatRaw, |
2626 key, | 2746 wrapping_key, |
2627 wrapping_algorithm, | 2747 key, |
2628 &wrapped_key)); | 2748 wrapping_algorithm, |
2749 &wrapped_key)); | |
2629 EXPECT_TRUE(ArrayBufferMatches(test_ciphertext, wrapped_key)); | 2750 EXPECT_TRUE(ArrayBufferMatches(test_ciphertext, wrapped_key)); |
2630 | 2751 |
2631 // Unwrap the known ciphertext to get a new test_key. | 2752 // Unwrap the known ciphertext to get a new test_key. |
2632 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 2753 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
2633 ASSERT_STATUS_SUCCESS( | 2754 ASSERT_EQ( |
2755 Status::Success(), | |
2634 UnwrapKey(blink::WebCryptoKeyFormatRaw, | 2756 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
2635 CryptoData(test_ciphertext), | 2757 CryptoData(test_ciphertext), |
2636 wrapping_key, | 2758 wrapping_key, |
2637 wrapping_algorithm, | 2759 wrapping_algorithm, |
2638 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 2760 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
2639 true, | 2761 true, |
2640 blink::WebCryptoKeyUsageEncrypt, | 2762 blink::WebCryptoKeyUsageEncrypt, |
2641 &unwrapped_key)); | 2763 &unwrapped_key)); |
2642 EXPECT_FALSE(key.isNull()); | 2764 EXPECT_FALSE(key.isNull()); |
2643 EXPECT_TRUE(key.handle()); | 2765 EXPECT_TRUE(key.handle()); |
2644 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 2766 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
2645 EXPECT_EQ( | 2767 EXPECT_EQ( |
2646 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc).id(), | 2768 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc).id(), |
2647 key.algorithm().id()); | 2769 key.algorithm().id()); |
2648 EXPECT_EQ(true, key.extractable()); | 2770 EXPECT_EQ(true, key.extractable()); |
2649 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); | 2771 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); |
2650 | 2772 |
2651 // Export the new key and compare its raw bytes with the original known key. | 2773 // Export the new key and compare its raw bytes with the original known key. |
2652 blink::WebArrayBuffer raw_key; | 2774 blink::WebArrayBuffer raw_key; |
2653 EXPECT_STATUS_SUCCESS( | 2775 EXPECT_EQ(Status::Success(), |
2654 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); | 2776 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); |
2655 EXPECT_TRUE(ArrayBufferMatches(test_key, raw_key)); | 2777 EXPECT_TRUE(ArrayBufferMatches(test_key, raw_key)); |
2656 } | 2778 } |
2657 } | 2779 } |
2658 | 2780 |
2659 TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyWrapUnwrapErrors)) { | 2781 TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyWrapUnwrapErrors)) { |
2660 scoped_ptr<base::ListValue> tests; | 2782 scoped_ptr<base::ListValue> tests; |
2661 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests)); | 2783 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests)); |
2662 base::DictionaryValue* test; | 2784 base::DictionaryValue* test; |
2663 // Use 256 bits of data with a 256-bit KEK | 2785 // Use 256 bits of data with a 256-bit KEK |
2664 ASSERT_TRUE(tests->GetDictionary(5, &test)); | 2786 ASSERT_TRUE(tests->GetDictionary(5, &test)); |
(...skipping 13 matching lines...) Expand all Loading... | |
2678 // Import the key to be wrapped. | 2800 // Import the key to be wrapped. |
2679 blink::WebCryptoKey key = ImportSecretKeyFromRaw( | 2801 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
2680 test_key, | 2802 test_key, |
2681 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 2803 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
2682 blink::WebCryptoKeyUsageEncrypt); | 2804 blink::WebCryptoKeyUsageEncrypt); |
2683 | 2805 |
2684 // Unwrap with wrapped data too small must fail. | 2806 // Unwrap with wrapped data too small must fail. |
2685 const std::vector<uint8> small_data(test_ciphertext.begin(), | 2807 const std::vector<uint8> small_data(test_ciphertext.begin(), |
2686 test_ciphertext.begin() + 23); | 2808 test_ciphertext.begin() + 23); |
2687 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 2809 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
2688 EXPECT_STATUS(Status::ErrorDataTooSmall(), | 2810 EXPECT_EQ(Status::ErrorDataTooSmall(), |
2689 UnwrapKey(blink::WebCryptoKeyFormatRaw, | 2811 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
2690 CryptoData(small_data), | 2812 CryptoData(small_data), |
2691 wrapping_key, | 2813 wrapping_key, |
2692 wrapping_algorithm, | 2814 wrapping_algorithm, |
2693 key_algorithm, | 2815 key_algorithm, |
2694 true, | 2816 true, |
2695 blink::WebCryptoKeyUsageEncrypt, | 2817 blink::WebCryptoKeyUsageEncrypt, |
2696 &unwrapped_key)); | 2818 &unwrapped_key)); |
2697 | 2819 |
2698 // Unwrap with wrapped data size not a multiple of 8 bytes must fail. | 2820 // Unwrap with wrapped data size not a multiple of 8 bytes must fail. |
2699 const std::vector<uint8> unaligned_data(test_ciphertext.begin(), | 2821 const std::vector<uint8> unaligned_data(test_ciphertext.begin(), |
2700 test_ciphertext.end() - 2); | 2822 test_ciphertext.end() - 2); |
2701 EXPECT_STATUS(Status::ErrorInvalidAesKwDataLength(), | 2823 EXPECT_EQ(Status::ErrorInvalidAesKwDataLength(), |
2702 UnwrapKey(blink::WebCryptoKeyFormatRaw, | 2824 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
2703 CryptoData(unaligned_data), | 2825 CryptoData(unaligned_data), |
2704 wrapping_key, | 2826 wrapping_key, |
2705 wrapping_algorithm, | 2827 wrapping_algorithm, |
2706 key_algorithm, | 2828 key_algorithm, |
2707 true, | 2829 true, |
2708 blink::WebCryptoKeyUsageEncrypt, | 2830 blink::WebCryptoKeyUsageEncrypt, |
2709 &unwrapped_key)); | 2831 &unwrapped_key)); |
2710 } | 2832 } |
2711 | 2833 |
2712 TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyUnwrapCorruptData)) { | 2834 TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyUnwrapCorruptData)) { |
2713 scoped_ptr<base::ListValue> tests; | 2835 scoped_ptr<base::ListValue> tests; |
2714 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests)); | 2836 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests)); |
2715 base::DictionaryValue* test; | 2837 base::DictionaryValue* test; |
2716 // Use 256 bits of data with a 256-bit KEK | 2838 // Use 256 bits of data with a 256-bit KEK |
2717 ASSERT_TRUE(tests->GetDictionary(5, &test)); | 2839 ASSERT_TRUE(tests->GetDictionary(5, &test)); |
2718 const std::vector<uint8> test_kek = GetBytesFromHexString(test, "kek"); | 2840 const std::vector<uint8> test_kek = GetBytesFromHexString(test, "kek"); |
2719 const std::vector<uint8> test_key = GetBytesFromHexString(test, "key"); | 2841 const std::vector<uint8> test_key = GetBytesFromHexString(test, "key"); |
2720 const std::vector<uint8> test_ciphertext = | 2842 const std::vector<uint8> test_ciphertext = |
2721 GetBytesFromHexString(test, "ciphertext"); | 2843 GetBytesFromHexString(test, "ciphertext"); |
2722 const blink::WebCryptoAlgorithm wrapping_algorithm = | 2844 const blink::WebCryptoAlgorithm wrapping_algorithm = |
2723 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); | 2845 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); |
2724 | 2846 |
2725 // Import the wrapping key. | 2847 // Import the wrapping key. |
2726 blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw( | 2848 blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw( |
2727 test_kek, | 2849 test_kek, |
2728 wrapping_algorithm, | 2850 wrapping_algorithm, |
2729 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey); | 2851 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey); |
2730 | 2852 |
2731 // Unwrap of a corrupted version of the known ciphertext should fail, due to | 2853 // Unwrap of a corrupted version of the known ciphertext should fail, due to |
2732 // AES-KW's built-in integrity check. | 2854 // AES-KW's built-in integrity check. |
2733 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 2855 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
2734 EXPECT_STATUS( | 2856 EXPECT_EQ( |
2735 Status::Error(), | 2857 Status::OperationError(), |
2736 UnwrapKey(blink::WebCryptoKeyFormatRaw, | 2858 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
2737 CryptoData(Corrupted(test_ciphertext)), | 2859 CryptoData(Corrupted(test_ciphertext)), |
2738 wrapping_key, | 2860 wrapping_key, |
2739 wrapping_algorithm, | 2861 wrapping_algorithm, |
2740 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 2862 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
2741 true, | 2863 true, |
2742 blink::WebCryptoKeyUsageEncrypt, | 2864 blink::WebCryptoKeyUsageEncrypt, |
2743 &unwrapped_key)); | 2865 &unwrapped_key)); |
2744 } | 2866 } |
2745 | 2867 |
(...skipping 16 matching lines...) Expand all Loading... | |
2762 HexStringToBytes("000102030405060708090A0B0C0D0E0F"); | 2884 HexStringToBytes("000102030405060708090A0B0C0D0E0F"); |
2763 const blink::WebCryptoAlgorithm wrapping_algorithm = | 2885 const blink::WebCryptoAlgorithm wrapping_algorithm = |
2764 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); | 2886 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); |
2765 | 2887 |
2766 // Import the wrapping key. | 2888 // Import the wrapping key. |
2767 blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw( | 2889 blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw( |
2768 wrapping_key_data, wrapping_algorithm, blink::WebCryptoKeyUsageUnwrapKey); | 2890 wrapping_key_data, wrapping_algorithm, blink::WebCryptoKeyUsageUnwrapKey); |
2769 | 2891 |
2770 // Unwrap the known wrapped key data to produce a new key | 2892 // Unwrap the known wrapped key data to produce a new key |
2771 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 2893 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
2772 ASSERT_STATUS_SUCCESS( | 2894 ASSERT_EQ( |
2895 Status::Success(), | |
2773 UnwrapKey(blink::WebCryptoKeyFormatJwk, | 2896 UnwrapKey(blink::WebCryptoKeyFormatJwk, |
2774 CryptoData(wrapped_key_data), | 2897 CryptoData(wrapped_key_data), |
2775 wrapping_key, | 2898 wrapping_key, |
2776 wrapping_algorithm, | 2899 wrapping_algorithm, |
2777 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256), | 2900 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256), |
2778 true, | 2901 true, |
2779 blink::WebCryptoKeyUsageVerify, | 2902 blink::WebCryptoKeyUsageVerify, |
2780 &unwrapped_key)); | 2903 &unwrapped_key)); |
2781 | 2904 |
2782 // Validate the new key's attributes. | 2905 // Validate the new key's attributes. |
2783 EXPECT_FALSE(unwrapped_key.isNull()); | 2906 EXPECT_FALSE(unwrapped_key.isNull()); |
2784 EXPECT_TRUE(unwrapped_key.handle()); | 2907 EXPECT_TRUE(unwrapped_key.handle()); |
2785 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, unwrapped_key.type()); | 2908 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, unwrapped_key.type()); |
2786 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, unwrapped_key.algorithm().id()); | 2909 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, unwrapped_key.algorithm().id()); |
2787 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, | 2910 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, |
2788 unwrapped_key.algorithm().hmacParams()->hash().id()); | 2911 unwrapped_key.algorithm().hmacParams()->hash().id()); |
2789 EXPECT_EQ(256u, unwrapped_key.algorithm().hmacParams()->lengthBits()); | 2912 EXPECT_EQ(256u, unwrapped_key.algorithm().hmacParams()->lengthBits()); |
2790 EXPECT_EQ(true, unwrapped_key.extractable()); | 2913 EXPECT_EQ(true, unwrapped_key.extractable()); |
2791 EXPECT_EQ(blink::WebCryptoKeyUsageVerify, unwrapped_key.usages()); | 2914 EXPECT_EQ(blink::WebCryptoKeyUsageVerify, unwrapped_key.usages()); |
2792 | 2915 |
2793 // Export the new key's raw data and compare to the known original. | 2916 // Export the new key's raw data and compare to the known original. |
2794 blink::WebArrayBuffer raw_key; | 2917 blink::WebArrayBuffer raw_key; |
2795 EXPECT_STATUS_SUCCESS( | 2918 EXPECT_EQ(Status::Success(), |
2796 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); | 2919 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); |
2797 EXPECT_TRUE(ArrayBufferMatches(key_data, raw_key)); | 2920 EXPECT_TRUE(ArrayBufferMatches(key_data, raw_key)); |
2798 } | 2921 } |
2799 | 2922 |
2800 // TODO(eroman): | 2923 // TODO(eroman): |
2801 // * Test decryption when the tag length exceeds input size | 2924 // * Test decryption when the tag length exceeds input size |
2802 // * Test decryption with empty input | 2925 // * Test decryption with empty input |
2803 // * Test decryption with tag length of 0. | 2926 // * Test decryption with tag length of 0. |
2804 TEST_F(SharedCryptoTest, MAYBE(AesGcmSampleSets)) { | 2927 TEST_F(SharedCryptoTest, MAYBE(AesGcmSampleSets)) { |
2805 // Some Linux test runners may not have a new enough version of NSS. | 2928 // Some Linux test runners may not have a new enough version of NSS. |
2806 if (!SupportsAesGcm()) { | 2929 if (!SupportsAesGcm()) { |
(...skipping 22 matching lines...) Expand all Loading... | |
2829 const std::vector<uint8> test_cipher_text = | 2952 const std::vector<uint8> test_cipher_text = |
2830 GetBytesFromHexString(test, "cipher_text"); | 2953 GetBytesFromHexString(test, "cipher_text"); |
2831 | 2954 |
2832 blink::WebCryptoKey key = ImportSecretKeyFromRaw( | 2955 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
2833 test_key, | 2956 test_key, |
2834 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm), | 2957 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm), |
2835 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); | 2958 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); |
2836 | 2959 |
2837 // Verify exported raw key is identical to the imported data | 2960 // Verify exported raw key is identical to the imported data |
2838 blink::WebArrayBuffer raw_key; | 2961 blink::WebArrayBuffer raw_key; |
2839 EXPECT_STATUS_SUCCESS( | 2962 EXPECT_EQ(Status::Success(), |
2840 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 2963 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
2841 | 2964 |
2842 EXPECT_TRUE(ArrayBufferMatches(test_key, raw_key)); | 2965 EXPECT_TRUE(ArrayBufferMatches(test_key, raw_key)); |
2843 | 2966 |
2844 // Test encryption. | 2967 // Test encryption. |
2845 std::vector<uint8> cipher_text; | 2968 std::vector<uint8> cipher_text; |
2846 std::vector<uint8> authentication_tag; | 2969 std::vector<uint8> authentication_tag; |
2847 EXPECT_STATUS_SUCCESS(AesGcmEncrypt(key, | 2970 EXPECT_EQ(Status::Success(), |
2848 test_iv, | 2971 AesGcmEncrypt(key, |
2849 test_additional_data, | 2972 test_iv, |
2850 test_tag_size_bits, | 2973 test_additional_data, |
2851 test_plain_text, | 2974 test_tag_size_bits, |
2852 &cipher_text, | 2975 test_plain_text, |
2853 &authentication_tag)); | 2976 &cipher_text, |
2977 &authentication_tag)); | |
2854 | 2978 |
2855 ExpectVectorMatches(test_cipher_text, cipher_text); | 2979 ExpectVectorMatches(test_cipher_text, cipher_text); |
2856 ExpectVectorMatches(test_authentication_tag, authentication_tag); | 2980 ExpectVectorMatches(test_authentication_tag, authentication_tag); |
2857 | 2981 |
2858 // Test decryption. | 2982 // Test decryption. |
2859 blink::WebArrayBuffer plain_text; | 2983 blink::WebArrayBuffer plain_text; |
2860 EXPECT_STATUS_SUCCESS(AesGcmDecrypt(key, | 2984 EXPECT_EQ(Status::Success(), |
2861 test_iv, | 2985 AesGcmDecrypt(key, |
2862 test_additional_data, | 2986 test_iv, |
2863 test_tag_size_bits, | 2987 test_additional_data, |
2864 test_cipher_text, | 2988 test_tag_size_bits, |
2865 test_authentication_tag, | 2989 test_cipher_text, |
2866 &plain_text)); | 2990 test_authentication_tag, |
2991 &plain_text)); | |
2867 EXPECT_TRUE(ArrayBufferMatches(test_plain_text, plain_text)); | 2992 EXPECT_TRUE(ArrayBufferMatches(test_plain_text, plain_text)); |
2868 | 2993 |
2869 // Decryption should fail if any of the inputs are tampered with. | 2994 // Decryption should fail if any of the inputs are tampered with. |
2870 EXPECT_STATUS(Status::Error(), | 2995 EXPECT_EQ(Status::OperationError(), |
2871 AesGcmDecrypt(key, | 2996 AesGcmDecrypt(key, |
2872 Corrupted(test_iv), | 2997 Corrupted(test_iv), |
2873 test_additional_data, | 2998 test_additional_data, |
2874 test_tag_size_bits, | 2999 test_tag_size_bits, |
2875 test_cipher_text, | 3000 test_cipher_text, |
2876 test_authentication_tag, | 3001 test_authentication_tag, |
2877 &plain_text)); | 3002 &plain_text)); |
2878 EXPECT_STATUS(Status::Error(), | 3003 EXPECT_EQ(Status::OperationError(), |
2879 AesGcmDecrypt(key, | 3004 AesGcmDecrypt(key, |
2880 test_iv, | 3005 test_iv, |
2881 Corrupted(test_additional_data), | 3006 Corrupted(test_additional_data), |
2882 test_tag_size_bits, | 3007 test_tag_size_bits, |
2883 test_cipher_text, | 3008 test_cipher_text, |
2884 test_authentication_tag, | 3009 test_authentication_tag, |
2885 &plain_text)); | 3010 &plain_text)); |
2886 EXPECT_STATUS(Status::Error(), | 3011 EXPECT_EQ(Status::OperationError(), |
2887 AesGcmDecrypt(key, | 3012 AesGcmDecrypt(key, |
2888 test_iv, | 3013 test_iv, |
2889 test_additional_data, | 3014 test_additional_data, |
2890 test_tag_size_bits, | 3015 test_tag_size_bits, |
2891 Corrupted(test_cipher_text), | 3016 Corrupted(test_cipher_text), |
2892 test_authentication_tag, | 3017 test_authentication_tag, |
2893 &plain_text)); | 3018 &plain_text)); |
2894 EXPECT_STATUS(Status::Error(), | 3019 EXPECT_EQ(Status::OperationError(), |
2895 AesGcmDecrypt(key, | 3020 AesGcmDecrypt(key, |
2896 test_iv, | 3021 test_iv, |
2897 test_additional_data, | 3022 test_additional_data, |
2898 test_tag_size_bits, | 3023 test_tag_size_bits, |
2899 test_cipher_text, | 3024 test_cipher_text, |
2900 Corrupted(test_authentication_tag), | 3025 Corrupted(test_authentication_tag), |
2901 &plain_text)); | 3026 &plain_text)); |
2902 | 3027 |
2903 // Try different incorrect tag lengths | 3028 // Try different incorrect tag lengths |
2904 uint8 kAlternateTagLengths[] = {0, 8, 96, 120, 128, 160, 255}; | 3029 uint8 kAlternateTagLengths[] = {0, 8, 96, 120, 128, 160, 255}; |
2905 for (size_t tag_i = 0; tag_i < arraysize(kAlternateTagLengths); ++tag_i) { | 3030 for (size_t tag_i = 0; tag_i < arraysize(kAlternateTagLengths); ++tag_i) { |
2906 unsigned int wrong_tag_size_bits = kAlternateTagLengths[tag_i]; | 3031 unsigned int wrong_tag_size_bits = kAlternateTagLengths[tag_i]; |
2907 if (test_tag_size_bits == wrong_tag_size_bits) | 3032 if (test_tag_size_bits == wrong_tag_size_bits) |
2908 continue; | 3033 continue; |
2909 EXPECT_STATUS_ERROR(AesGcmDecrypt(key, | 3034 EXPECT_NE(Status::Success(), |
2910 test_iv, | 3035 AesGcmDecrypt(key, |
2911 test_additional_data, | 3036 test_iv, |
2912 wrong_tag_size_bits, | 3037 test_additional_data, |
2913 test_cipher_text, | 3038 wrong_tag_size_bits, |
2914 test_authentication_tag, | 3039 test_cipher_text, |
2915 &plain_text)); | 3040 test_authentication_tag, |
3041 &plain_text)); | |
2916 } | 3042 } |
2917 } | 3043 } |
2918 } | 3044 } |
2919 | 3045 |
2920 TEST_F(SharedCryptoTest, MAYBE(RsaEsRawSymkeyWrapUnwrapKnownAnswer)) { | 3046 TEST_F(SharedCryptoTest, MAYBE(RsaEsRawSymkeyWrapUnwrapKnownAnswer)) { |
2921 scoped_ptr<base::Value> json; | 3047 scoped_ptr<base::Value> json; |
2922 ASSERT_TRUE(ReadJsonTestFile("rsa_es.json", &json)); | 3048 ASSERT_TRUE(ReadJsonTestFile("rsa_es.json", &json)); |
2923 base::DictionaryValue* test = NULL; | 3049 base::DictionaryValue* test = NULL; |
2924 ASSERT_TRUE(json->GetAsDictionary(&test)); | 3050 ASSERT_TRUE(json->GetAsDictionary(&test)); |
2925 const std::vector<uint8> rsa_spki_der = | 3051 const std::vector<uint8> rsa_spki_der = |
(...skipping 15 matching lines...) Expand all Loading... | |
2941 rsa_spki_der, | 3067 rsa_spki_der, |
2942 rsa_pkcs8_der, | 3068 rsa_pkcs8_der, |
2943 algorithm, | 3069 algorithm, |
2944 false, | 3070 false, |
2945 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey, | 3071 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey, |
2946 &public_key, | 3072 &public_key, |
2947 &private_key); | 3073 &private_key); |
2948 | 3074 |
2949 // Import the symmetric key. | 3075 // Import the symmetric key. |
2950 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 3076 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
2951 ASSERT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatRaw, | 3077 ASSERT_EQ(Status::Success(), |
2952 CryptoData(cleartext), | 3078 ImportKey(blink::WebCryptoKeyFormatRaw, |
2953 key_algorithm, | 3079 CryptoData(cleartext), |
2954 true, | 3080 key_algorithm, |
2955 blink::WebCryptoKeyUsageSign, | 3081 true, |
2956 &key)); | 3082 blink::WebCryptoKeyUsageSign, |
3083 &key)); | |
2957 | 3084 |
2958 // Wrap the symmetric key with raw format. | 3085 // Wrap the symmetric key with raw format. |
2959 blink::WebArrayBuffer wrapped_key; | 3086 blink::WebArrayBuffer wrapped_key; |
2960 ASSERT_STATUS_SUCCESS(WrapKey( | 3087 ASSERT_EQ(Status::Success(), |
2961 blink::WebCryptoKeyFormatRaw, public_key, key, algorithm, &wrapped_key)); | 3088 WrapKey(blink::WebCryptoKeyFormatRaw, |
3089 public_key, | |
3090 key, | |
3091 algorithm, | |
3092 &wrapped_key)); | |
2962 | 3093 |
2963 // Unwrap the wrapped key. | 3094 // Unwrap the wrapped key. |
2964 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 3095 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
2965 ASSERT_STATUS_SUCCESS(UnwrapKey(blink::WebCryptoKeyFormatRaw, | 3096 ASSERT_EQ(Status::Success(), |
2966 CryptoData(wrapped_key), | 3097 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
2967 private_key, | 3098 CryptoData(wrapped_key), |
2968 algorithm, | 3099 private_key, |
2969 key_algorithm, | 3100 algorithm, |
2970 true, | 3101 key_algorithm, |
2971 blink::WebCryptoKeyUsageSign, | 3102 true, |
2972 &unwrapped_key)); | 3103 blink::WebCryptoKeyUsageSign, |
3104 &unwrapped_key)); | |
2973 EXPECT_FALSE(key.isNull()); | 3105 EXPECT_FALSE(key.isNull()); |
2974 EXPECT_TRUE(key.handle()); | 3106 EXPECT_TRUE(key.handle()); |
2975 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 3107 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
2976 EXPECT_EQ(key_algorithm.id(), key.algorithm().id()); | 3108 EXPECT_EQ(key_algorithm.id(), key.algorithm().id()); |
2977 EXPECT_EQ(true, key.extractable()); | 3109 EXPECT_EQ(true, key.extractable()); |
2978 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages()); | 3110 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages()); |
2979 | 3111 |
2980 // Export the new key and compare its raw bytes with the original known data. | 3112 // Export the new key and compare its raw bytes with the original known data. |
2981 blink::WebArrayBuffer raw_key; | 3113 blink::WebArrayBuffer raw_key; |
2982 EXPECT_STATUS_SUCCESS( | 3114 EXPECT_EQ(Status::Success(), |
2983 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); | 3115 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); |
2984 EXPECT_TRUE(ArrayBufferMatches(cleartext, raw_key)); | 3116 EXPECT_TRUE(ArrayBufferMatches(cleartext, raw_key)); |
2985 | 3117 |
2986 // Unwrap the known wrapped key and compare to the known cleartext. | 3118 // Unwrap the known wrapped key and compare to the known cleartext. |
2987 ASSERT_STATUS_SUCCESS(UnwrapKey(blink::WebCryptoKeyFormatRaw, | 3119 ASSERT_EQ(Status::Success(), |
2988 CryptoData(ciphertext), | 3120 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
2989 private_key, | 3121 CryptoData(ciphertext), |
2990 algorithm, | 3122 private_key, |
2991 key_algorithm, | 3123 algorithm, |
2992 true, | 3124 key_algorithm, |
2993 blink::WebCryptoKeyUsageSign, | 3125 true, |
2994 &unwrapped_key)); | 3126 blink::WebCryptoKeyUsageSign, |
2995 EXPECT_STATUS_SUCCESS( | 3127 &unwrapped_key)); |
2996 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); | 3128 EXPECT_EQ(Status::Success(), |
3129 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); | |
2997 EXPECT_TRUE(ArrayBufferMatches(cleartext, raw_key)); | 3130 EXPECT_TRUE(ArrayBufferMatches(cleartext, raw_key)); |
2998 } | 3131 } |
2999 | 3132 |
3000 TEST_F(SharedCryptoTest, MAYBE(RsaEsRawSymkeyWrapUnwrapErrors)) { | 3133 TEST_F(SharedCryptoTest, MAYBE(RsaEsRawSymkeyWrapUnwrapErrors)) { |
3001 const std::vector<uint8> data(64, 0); | 3134 const std::vector<uint8> data(64, 0); |
3002 blink::WebCryptoAlgorithm key_algorithm = | 3135 blink::WebCryptoAlgorithm key_algorithm = |
3003 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256); | 3136 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256); |
3004 | 3137 |
3005 // Import the RSA key pair. | 3138 // Import the RSA key pair. |
3006 blink::WebCryptoAlgorithm wrapping_algorithm = | 3139 blink::WebCryptoAlgorithm wrapping_algorithm = |
3007 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 3140 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
3008 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 3141 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
3009 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 3142 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
3010 ImportRsaKeyPair( | 3143 ImportRsaKeyPair( |
3011 HexStringToBytes(kPublicKeySpkiDerHex), | 3144 HexStringToBytes(kPublicKeySpkiDerHex), |
3012 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 3145 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
3013 wrapping_algorithm, | 3146 wrapping_algorithm, |
3014 false, | 3147 false, |
3015 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey, | 3148 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey, |
3016 &public_key, | 3149 &public_key, |
3017 &private_key); | 3150 &private_key); |
3018 | 3151 |
3019 // Import the symmetric key. | 3152 // Import the symmetric key. |
3020 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 3153 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
3021 ASSERT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatRaw, | 3154 ASSERT_EQ(Status::Success(), |
3022 CryptoData(data), | 3155 ImportKey(blink::WebCryptoKeyFormatRaw, |
3023 key_algorithm, | 3156 CryptoData(data), |
3024 true, | 3157 key_algorithm, |
3025 blink::WebCryptoKeyUsageSign, | 3158 true, |
3026 &key)); | 3159 blink::WebCryptoKeyUsageSign, |
3160 &key)); | |
3027 | 3161 |
3028 // Wrapping with a private key should fail. | 3162 // Wrapping with a private key should fail. |
3029 blink::WebArrayBuffer wrapped_key; | 3163 blink::WebArrayBuffer wrapped_key; |
3030 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 3164 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), |
3031 WrapKey(blink::WebCryptoKeyFormatRaw, | 3165 WrapKey(blink::WebCryptoKeyFormatRaw, |
3032 private_key, | 3166 private_key, |
3033 key, | 3167 key, |
3034 wrapping_algorithm, | 3168 wrapping_algorithm, |
3035 &wrapped_key)); | 3169 &wrapped_key)); |
3036 | 3170 |
3037 // Wrapping a key whose raw keying material is too large for the wrapping key | 3171 // Wrapping a key whose raw keying material is too large for the wrapping key |
3038 // should fail. | 3172 // should fail. |
3039 // RSAES can encrypt data up to length of k - 11 bytes, where k is the octet | 3173 // RSAES can encrypt data up to length of k - 11 bytes, where k is the octet |
3040 // length of the RSA modulus, and can decrypt data up to length k. Fabricate a | 3174 // length of the RSA modulus, and can decrypt data up to length k. Fabricate a |
3041 // big piece of data here that fails both of these criteria, so it can be used | 3175 // big piece of data here that fails both of these criteria, so it can be used |
3042 // for both wrap and unwrap negative tests below. | 3176 // for both wrap and unwrap negative tests below. |
3043 const std::vector<uint8> big_data(kModulusLengthBits / 8 + 1, 0); | 3177 const std::vector<uint8> big_data(kModulusLengthBits / 8 + 1, 0); |
3044 blink::WebCryptoKey big_key = blink::WebCryptoKey::createNull(); | 3178 blink::WebCryptoKey big_key = blink::WebCryptoKey::createNull(); |
3045 ASSERT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatRaw, | 3179 ASSERT_EQ(Status::Success(), |
3046 CryptoData(big_data), | 3180 ImportKey(blink::WebCryptoKeyFormatRaw, |
3047 key_algorithm, | 3181 CryptoData(big_data), |
3048 true, | 3182 key_algorithm, |
3049 blink::WebCryptoKeyUsageSign, | 3183 true, |
3050 &big_key)); | 3184 blink::WebCryptoKeyUsageSign, |
3051 EXPECT_STATUS(Status::ErrorDataTooLarge(), | 3185 &big_key)); |
3052 WrapKey(blink::WebCryptoKeyFormatRaw, | 3186 EXPECT_EQ(Status::ErrorDataTooLarge(), |
3053 public_key, | 3187 WrapKey(blink::WebCryptoKeyFormatRaw, |
3054 big_key, | 3188 public_key, |
3055 wrapping_algorithm, | 3189 big_key, |
3056 &wrapped_key)); | 3190 wrapping_algorithm, |
3191 &wrapped_key)); | |
3057 | 3192 |
3058 // Unwrapping with a public key should fail. | 3193 // Unwrapping with a public key should fail. |
3059 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 3194 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
3060 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 3195 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), |
3061 UnwrapKey(blink::WebCryptoKeyFormatRaw, | 3196 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
3062 CryptoData(data), | 3197 CryptoData(data), |
3063 public_key, | 3198 public_key, |
3064 wrapping_algorithm, | 3199 wrapping_algorithm, |
3065 key_algorithm, | 3200 key_algorithm, |
3066 true, | 3201 true, |
3067 blink::WebCryptoKeyUsageSign, | 3202 blink::WebCryptoKeyUsageSign, |
3068 &unwrapped_key)); | 3203 &unwrapped_key)); |
3069 | 3204 |
3070 // Unwrapping empty data should fail. | 3205 // Unwrapping empty data should fail. |
3071 const std::vector<uint8> emtpy_data; | 3206 const std::vector<uint8> emtpy_data; |
3072 EXPECT_STATUS(Status::ErrorDataTooSmall(), | 3207 EXPECT_EQ(Status::ErrorDataTooSmall(), |
3073 UnwrapKey(blink::WebCryptoKeyFormatRaw, | 3208 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
3074 CryptoData(emtpy_data), | 3209 CryptoData(emtpy_data), |
3075 private_key, | 3210 private_key, |
3076 wrapping_algorithm, | 3211 wrapping_algorithm, |
3077 key_algorithm, | 3212 key_algorithm, |
3078 true, | 3213 true, |
3079 blink::WebCryptoKeyUsageSign, | 3214 blink::WebCryptoKeyUsageSign, |
3080 &unwrapped_key)); | 3215 &unwrapped_key)); |
3081 | 3216 |
3082 // Unwrapping data too large for the wrapping key should fail. | 3217 // Unwrapping data too large for the wrapping key should fail. |
3083 EXPECT_STATUS(Status::ErrorDataTooLarge(), | 3218 EXPECT_EQ(Status::ErrorDataTooLarge(), |
3084 UnwrapKey(blink::WebCryptoKeyFormatRaw, | 3219 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
3085 CryptoData(big_data), | 3220 CryptoData(big_data), |
3086 private_key, | 3221 private_key, |
3087 wrapping_algorithm, | 3222 wrapping_algorithm, |
3088 key_algorithm, | 3223 key_algorithm, |
3089 true, | 3224 true, |
3090 blink::WebCryptoKeyUsageSign, | 3225 blink::WebCryptoKeyUsageSign, |
3091 &unwrapped_key)); | 3226 &unwrapped_key)); |
3092 } | 3227 } |
3093 | 3228 |
3094 TEST_F(SharedCryptoTest, MAYBE(RsaEsJwkSymkeyUnwrapKnownAnswer)) { | 3229 TEST_F(SharedCryptoTest, MAYBE(RsaEsJwkSymkeyUnwrapKnownAnswer)) { |
3095 // The following data lists a known 128-bit AES-CBC key, then a JWK | 3230 // The following data lists a known 128-bit AES-CBC key, then a JWK |
3096 // representation of this key that was encrypted ("wrapped") using | 3231 // representation of this key that was encrypted ("wrapped") using |
3097 // RSAES-PKCS1-v1_5 and kPublicKeySpkiDerHex as the wrapping key. | 3232 // RSAES-PKCS1-v1_5 and kPublicKeySpkiDerHex as the wrapping key. |
3098 // For reference, the intermediate clear JWK is | 3233 // For reference, the intermediate clear JWK is |
3099 // {"alg":"A128CBC","ext":true,"k":<b64url>,"key_ops":["encrypt"],"kty":"oct"} | 3234 // {"alg":"A128CBC","ext":true,"k":<b64url>,"key_ops":["encrypt"],"kty":"oct"} |
3100 const std::vector<uint8> key_data = | 3235 const std::vector<uint8> key_data = |
3101 HexStringToBytes("8f56a26e7e8b77dca15ed54339724bf5"); | 3236 HexStringToBytes("8f56a26e7e8b77dca15ed54339724bf5"); |
3102 const std::vector<uint8> wrapped_key_data = HexStringToBytes( | 3237 const std::vector<uint8> wrapped_key_data = HexStringToBytes( |
3103 "9debcabd9c731d6a779622dbef38635419c409b3077af67b3cf0601b2da7054f2ec26156" | 3238 "9debcabd9c731d6a779622dbef38635419c409b3077af67b3cf0601b2da7054f2ec26156" |
3104 "06bb764e4986f45dd09ce660432a7abbac48b5249924f12dea52275b6d67d8b8a2f63525" | 3239 "06bb764e4986f45dd09ce660432a7abbac48b5249924f12dea52275b6d67d8b8a2f63525" |
3105 "fbbf67d61244c1afa9e30857b87b7a48cdc0b3196dc1477738cbf9e42ea65d5e0edc3b05" | 3240 "fbbf67d61244c1afa9e30857b87b7a48cdc0b3196dc1477738cbf9e42ea65d5e0edc3b05" |
3106 "afafadc7d7400e26a51270d251040d51ce46cecc"); | 3241 "afafadc7d7400e26a51270d251040d51ce46cecc"); |
3107 const blink::WebCryptoAlgorithm wrapping_algorithm = | 3242 const blink::WebCryptoAlgorithm wrapping_algorithm = |
3108 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 3243 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
3109 | 3244 |
3110 // Import the private wrapping key. | 3245 // Import the private wrapping key. |
3111 blink::WebCryptoKey private_wrapping_key = blink::WebCryptoKey::createNull(); | 3246 blink::WebCryptoKey private_wrapping_key = blink::WebCryptoKey::createNull(); |
3112 ASSERT_STATUS_SUCCESS(ImportKey( | 3247 ASSERT_EQ(Status::Success(), |
3113 blink::WebCryptoKeyFormatPkcs8, | 3248 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
3114 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), | 3249 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), |
3115 wrapping_algorithm, | 3250 wrapping_algorithm, |
3116 false, | 3251 false, |
3117 blink::WebCryptoKeyUsageDecrypt | blink::WebCryptoKeyUsageUnwrapKey, | 3252 blink::WebCryptoKeyUsageDecrypt | |
3118 &private_wrapping_key)); | 3253 blink::WebCryptoKeyUsageUnwrapKey, |
3254 &private_wrapping_key)); | |
3119 | 3255 |
3120 // Unwrap the key. | 3256 // Unwrap the key. |
3121 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 3257 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
3122 EXPECT_STATUS_SUCCESS( | 3258 EXPECT_EQ(Status::Success(), |
3123 UnwrapKey(blink::WebCryptoKeyFormatJwk, | 3259 UnwrapKey(blink::WebCryptoKeyFormatJwk, |
3124 CryptoData(wrapped_key_data), | 3260 CryptoData(wrapped_key_data), |
3125 private_wrapping_key, | 3261 private_wrapping_key, |
3126 wrapping_algorithm, | 3262 wrapping_algorithm, |
3127 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 3263 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
3128 true, | 3264 true, |
3129 blink::WebCryptoKeyUsageEncrypt, | 3265 blink::WebCryptoKeyUsageEncrypt, |
3130 &unwrapped_key)); | 3266 &unwrapped_key)); |
3131 EXPECT_FALSE(unwrapped_key.isNull()); | 3267 EXPECT_FALSE(unwrapped_key.isNull()); |
3132 EXPECT_TRUE(unwrapped_key.handle()); | 3268 EXPECT_TRUE(unwrapped_key.handle()); |
3133 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, unwrapped_key.type()); | 3269 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, unwrapped_key.type()); |
3134 EXPECT_EQ(blink::WebCryptoAlgorithmIdAesCbc, unwrapped_key.algorithm().id()); | 3270 EXPECT_EQ(blink::WebCryptoAlgorithmIdAesCbc, unwrapped_key.algorithm().id()); |
3135 EXPECT_EQ(true, unwrapped_key.extractable()); | 3271 EXPECT_EQ(true, unwrapped_key.extractable()); |
3136 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, unwrapped_key.usages()); | 3272 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, unwrapped_key.usages()); |
3137 | 3273 |
3138 // Export the unwrapped key and compare to the original. | 3274 // Export the unwrapped key and compare to the original. |
3139 blink::WebArrayBuffer raw_key; | 3275 blink::WebArrayBuffer raw_key; |
3140 EXPECT_STATUS_SUCCESS( | 3276 EXPECT_EQ(Status::Success(), |
3141 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); | 3277 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); |
3142 EXPECT_TRUE(ArrayBufferMatches(key_data, raw_key)); | 3278 EXPECT_TRUE(ArrayBufferMatches(key_data, raw_key)); |
3143 } | 3279 } |
3144 | 3280 |
3145 TEST_F(SharedCryptoTest, MAYBE(RsaEsJwkSymkeyWrapUnwrapRoundTrip)) { | 3281 TEST_F(SharedCryptoTest, MAYBE(RsaEsJwkSymkeyWrapUnwrapRoundTrip)) { |
3146 // Generate the symkey to be wrapped (256-bit AES-CBC key). | 3282 // Generate the symkey to be wrapped (256-bit AES-CBC key). |
3147 const blink::WebCryptoAlgorithm gen_algorithm = | 3283 const blink::WebCryptoAlgorithm gen_algorithm = |
3148 CreateAesCbcKeyGenAlgorithm(256); | 3284 CreateAesCbcKeyGenAlgorithm(256); |
3149 blink::WebCryptoKey key_to_wrap = blink::WebCryptoKey::createNull(); | 3285 blink::WebCryptoKey key_to_wrap = blink::WebCryptoKey::createNull(); |
3150 ASSERT_STATUS_SUCCESS(GenerateSecretKey( | 3286 ASSERT_EQ( |
3151 gen_algorithm, true, blink::WebCryptoKeyUsageEncrypt, &key_to_wrap)); | 3287 Status::Success(), |
3288 GenerateSecretKey( | |
3289 gen_algorithm, true, blink::WebCryptoKeyUsageEncrypt, &key_to_wrap)); | |
3152 | 3290 |
3153 // Import the wrapping key pair. | 3291 // Import the wrapping key pair. |
3154 const blink::WebCryptoAlgorithm wrapping_algorithm = | 3292 const blink::WebCryptoAlgorithm wrapping_algorithm = |
3155 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 3293 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
3156 blink::WebCryptoKey public_wrapping_key = blink::WebCryptoKey::createNull(); | 3294 blink::WebCryptoKey public_wrapping_key = blink::WebCryptoKey::createNull(); |
3157 blink::WebCryptoKey private_wrapping_key = blink::WebCryptoKey::createNull(); | 3295 blink::WebCryptoKey private_wrapping_key = blink::WebCryptoKey::createNull(); |
3158 ImportRsaKeyPair( | 3296 ImportRsaKeyPair( |
3159 HexStringToBytes(kPublicKeySpkiDerHex), | 3297 HexStringToBytes(kPublicKeySpkiDerHex), |
3160 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 3298 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
3161 wrapping_algorithm, | 3299 wrapping_algorithm, |
3162 false, | 3300 false, |
3163 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey, | 3301 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey, |
3164 &public_wrapping_key, | 3302 &public_wrapping_key, |
3165 &private_wrapping_key); | 3303 &private_wrapping_key); |
3166 | 3304 |
3167 // Wrap the symkey in JWK format, using the public wrapping key. | 3305 // Wrap the symkey in JWK format, using the public wrapping key. |
3168 blink::WebArrayBuffer wrapped_data; | 3306 blink::WebArrayBuffer wrapped_data; |
3169 ASSERT_STATUS_SUCCESS(WrapKey(blink::WebCryptoKeyFormatJwk, | 3307 ASSERT_EQ(Status::Success(), |
3170 public_wrapping_key, | 3308 WrapKey(blink::WebCryptoKeyFormatJwk, |
3171 key_to_wrap, | 3309 public_wrapping_key, |
3172 wrapping_algorithm, | 3310 key_to_wrap, |
3173 &wrapped_data)); | 3311 wrapping_algorithm, |
3312 &wrapped_data)); | |
3174 | 3313 |
3175 // Unwrap the key using the private wrapping key. | 3314 // Unwrap the key using the private wrapping key. |
3176 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 3315 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
3177 ASSERT_STATUS_SUCCESS( | 3316 ASSERT_EQ(Status::Success(), |
3178 UnwrapKey(blink::WebCryptoKeyFormatJwk, | 3317 UnwrapKey(blink::WebCryptoKeyFormatJwk, |
3179 CryptoData(wrapped_data), | 3318 CryptoData(wrapped_data), |
3180 private_wrapping_key, | 3319 private_wrapping_key, |
3181 wrapping_algorithm, | 3320 wrapping_algorithm, |
3182 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 3321 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
3183 true, | 3322 true, |
3184 blink::WebCryptoKeyUsageEncrypt, | 3323 blink::WebCryptoKeyUsageEncrypt, |
3185 &unwrapped_key)); | 3324 &unwrapped_key)); |
3186 | 3325 |
3187 // Export the original symkey and the unwrapped key and compare. | 3326 // Export the original symkey and the unwrapped key and compare. |
3188 blink::WebArrayBuffer raw_key1, raw_key2; | 3327 blink::WebArrayBuffer raw_key1, raw_key2; |
3189 EXPECT_STATUS_SUCCESS( | 3328 EXPECT_EQ(Status::Success(), |
3190 ExportKey(blink::WebCryptoKeyFormatRaw, key_to_wrap, &raw_key1)); | 3329 ExportKey(blink::WebCryptoKeyFormatRaw, key_to_wrap, &raw_key1)); |
3191 EXPECT_STATUS_SUCCESS( | 3330 EXPECT_EQ(Status::Success(), |
3192 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key2)); | 3331 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key2)); |
3193 EXPECT_TRUE(ArrayBuffersEqual(raw_key1, raw_key2)); | 3332 EXPECT_TRUE(ArrayBuffersEqual(raw_key1, raw_key2)); |
3194 } | 3333 } |
3195 | 3334 |
3196 TEST_F(SharedCryptoTest, MAYBE(RsaEsJwkSymkeyWrapUnwrapErrors)) { | 3335 TEST_F(SharedCryptoTest, MAYBE(RsaEsJwkSymkeyWrapUnwrapErrors)) { |
3197 // Unwrap JWK-formatted data that can be successfully decrypted, but contains | 3336 // Unwrap JWK-formatted data that can be successfully decrypted, but contains |
3198 // an error in the plaintext JWK so it cannot be subsequently imported, and | 3337 // an error in the plaintext JWK so it cannot be subsequently imported, and |
3199 // ensure that a generic error is returned instead of some other more specific | 3338 // ensure that a generic error is returned instead of some other more specific |
3200 // error. This shows that information about the plaintext JWK inside the | 3339 // error. This shows that information about the plaintext JWK inside the |
3201 // encrypted data is not leaked. | 3340 // encrypted data is not leaked. |
3202 // Note that it is sufficient to consider just one JWK import failure mode | 3341 // Note that it is sufficient to consider just one JWK import failure mode |
3203 // here; others are validated in the ImportJwkFailures Test. The specific | 3342 // here; others are validated in the ImportJwkFailures Test. The specific |
3204 // error in the cleartext data below is kty = "foo", which is an invalid kty | 3343 // error in the cleartext data below is kty = "foo", which is an invalid kty |
3205 // value. | 3344 // value. |
3206 const std::string cleartext = | 3345 const std::string cleartext = |
3207 "{\"alg\":\"A128CBC\",\"ext\":true,\"k\":" | 3346 "{\"alg\":\"A128CBC\",\"ext\":true,\"k\":" |
3208 "\"j1aibn6Ld9yhXtVDOXJL9Q\",\"key_ops\":[\"encrypt\"],\"kty\":\"foo\"}"; | 3347 "\"j1aibn6Ld9yhXtVDOXJL9Q\",\"key_ops\":[\"encrypt\"],\"kty\":\"foo\"}"; |
3209 // ciphertext is the cleartext above encrypted with kPublicKeySpkiDerHex, and | 3348 // ciphertext is the cleartext above encrypted with kPublicKeySpkiDerHex, and |
3210 // can be decrypted with kPrivateKeyPkcs8DerHex | 3349 // can be decrypted with kPrivateKeyPkcs8DerHex |
3211 const std::vector<uint8> ciphertext = HexStringToBytes( | 3350 const std::vector<uint8> ciphertext = HexStringToBytes( |
3212 "93bc7bb2ca8502fcf3224e19b12ba455ac32d01695611022c76d3dbdd797c044de047d44" | 3351 "93bc7bb2ca8502fcf3224e19b12ba455ac32d01695611022c76d3dbdd797c044de047d44" |
3213 "6c5ed5de5b8f79147ffe1df8da9c894b58881b238d39bd24cecd5c1a98a7c0b07354aee6" | 3352 "6c5ed5de5b8f79147ffe1df8da9c894b58881b238d39bd24cecd5c1a98a7c0b07354aee6" |
3214 "24791b2d549b7ecf1219c49513a1bcbb0fac5c6b59d350b564c44dc3678dadf84b4ea3d1" | 3353 "24791b2d549b7ecf1219c49513a1bcbb0fac5c6b59d350b564c44dc3678dadf84b4ea3d1" |
3215 "32e576e88f8d4a2d27c173e033a97bbda7e47bb9"); | 3354 "32e576e88f8d4a2d27c173e033a97bbda7e47bb9"); |
3216 | 3355 |
3217 // Import the private decryption key. | 3356 // Import the private decryption key. |
3218 const blink::WebCryptoAlgorithm algorithm = | 3357 const blink::WebCryptoAlgorithm algorithm = |
3219 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 3358 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
3220 blink::WebCryptoKey private_decryption_key = | 3359 blink::WebCryptoKey private_decryption_key = |
3221 blink::WebCryptoKey::createNull(); | 3360 blink::WebCryptoKey::createNull(); |
3222 ASSERT_STATUS_SUCCESS( | 3361 ASSERT_EQ(Status::Success(), |
3223 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 3362 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
3224 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), | 3363 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), |
3225 algorithm, | 3364 algorithm, |
3226 false, | 3365 false, |
3227 blink::WebCryptoKeyUsageDecrypt, | 3366 blink::WebCryptoKeyUsageDecrypt, |
3228 &private_decryption_key)); | 3367 &private_decryption_key)); |
3229 | 3368 |
3230 // Decrypt the ciphertext and validate the result, to prove that decryption is | 3369 // Decrypt the ciphertext and validate the result, to prove that decryption is |
3231 // successful. | 3370 // successful. |
3232 blink::WebArrayBuffer decrypted_data; | 3371 blink::WebArrayBuffer decrypted_data; |
3233 ASSERT_STATUS_SUCCESS(Decrypt(algorithm, | 3372 ASSERT_EQ(Status::Success(), |
3234 private_decryption_key, | 3373 Decrypt(algorithm, |
3235 CryptoData(ciphertext), | 3374 private_decryption_key, |
3236 &decrypted_data)); | 3375 CryptoData(ciphertext), |
3376 &decrypted_data)); | |
3237 const std::string decrypted(static_cast<const char*>(decrypted_data.data()), | 3377 const std::string decrypted(static_cast<const char*>(decrypted_data.data()), |
3238 decrypted_data.byteLength()); | 3378 decrypted_data.byteLength()); |
3239 EXPECT_EQ(cleartext, decrypted); | 3379 EXPECT_EQ(cleartext, decrypted); |
3240 | 3380 |
3241 // Import the private wrapping key. Note this is the same underlying keying | 3381 // Import the private wrapping key. Note this is the same underlying keying |
3242 // material used for private_decryption_key above. The only difference is that | 3382 // material used for private_decryption_key above. The only difference is that |
3243 // it has unwrap rather than decrypt usage. | 3383 // it has unwrap rather than decrypt usage. |
3244 blink::WebCryptoKey private_wrapping_key = blink::WebCryptoKey::createNull(); | 3384 blink::WebCryptoKey private_wrapping_key = blink::WebCryptoKey::createNull(); |
3245 ASSERT_STATUS_SUCCESS( | 3385 ASSERT_EQ(Status::Success(), |
3246 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 3386 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
3247 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), | 3387 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), |
3248 algorithm, | 3388 algorithm, |
3249 false, | 3389 false, |
3250 blink::WebCryptoKeyUsageUnwrapKey, | 3390 blink::WebCryptoKeyUsageUnwrapKey, |
3251 &private_wrapping_key)); | 3391 &private_wrapping_key)); |
3252 | 3392 |
3253 // Treat the ciphertext as a wrapped key and try to unwrap it. Ensure a | 3393 // Treat the ciphertext as a wrapped key and try to unwrap it. Ensure a |
3254 // generic error is received. | 3394 // generic error is received. |
3255 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 3395 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
3256 EXPECT_STATUS(Status::Error(), | 3396 EXPECT_EQ(Status::OperationError(), |
3257 UnwrapKey(blink::WebCryptoKeyFormatJwk, | 3397 UnwrapKey(blink::WebCryptoKeyFormatJwk, |
3258 CryptoData(ciphertext), | 3398 CryptoData(ciphertext), |
3259 private_wrapping_key, | 3399 private_wrapping_key, |
3260 algorithm, | 3400 algorithm, |
3261 CreateAesCbcAlgorithm(std::vector<uint8>(0, 16)), | 3401 CreateAesCbcAlgorithm(std::vector<uint8>(0, 16)), |
3262 true, | 3402 true, |
3263 blink::WebCryptoKeyUsageEncrypt, | 3403 blink::WebCryptoKeyUsageEncrypt, |
3264 &unwrapped_key)); | 3404 &unwrapped_key)); |
3265 } | 3405 } |
3266 | 3406 |
3267 } // namespace webcrypto | 3407 } // namespace webcrypto |
3268 | 3408 |
3269 } // namespace content | 3409 } // namespace content |
OLD | NEW |