OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/child/webcrypto/shared_crypto.h" | 5 #include "content/child/webcrypto/shared_crypto.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
11 #include "base/basictypes.h" | 11 #include "base/basictypes.h" |
12 #include "base/file_util.h" | 12 #include "base/file_util.h" |
13 #include "base/json/json_reader.h" | 13 #include "base/json/json_reader.h" |
14 #include "base/json/json_writer.h" | 14 #include "base/json/json_writer.h" |
15 #include "base/logging.h" | 15 #include "base/logging.h" |
16 #include "base/memory/ref_counted.h" | 16 #include "base/memory/ref_counted.h" |
17 #include "base/path_service.h" | 17 #include "base/path_service.h" |
18 #include "base/strings/string_number_conversions.h" | 18 #include "base/strings/string_number_conversions.h" |
19 #include "base/strings/string_util.h" | 19 #include "base/strings/string_util.h" |
| 20 #include "base/strings/stringprintf.h" |
20 #include "content/child/webcrypto/crypto_data.h" | 21 #include "content/child/webcrypto/crypto_data.h" |
21 #include "content/child/webcrypto/status.h" | 22 #include "content/child/webcrypto/status.h" |
22 #include "content/child/webcrypto/webcrypto_util.h" | 23 #include "content/child/webcrypto/webcrypto_util.h" |
23 #include "content/public/common/content_paths.h" | 24 #include "content/public/common/content_paths.h" |
24 #include "testing/gtest/include/gtest/gtest.h" | 25 #include "testing/gtest/include/gtest/gtest.h" |
25 #include "third_party/WebKit/public/platform/WebArrayBuffer.h" | 26 #include "third_party/WebKit/public/platform/WebArrayBuffer.h" |
26 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" | 27 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" |
27 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" | 28 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" |
28 #include "third_party/WebKit/public/platform/WebCryptoKey.h" | 29 #include "third_party/WebKit/public/platform/WebCryptoKey.h" |
29 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h" | 30 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h" |
30 #include "third_party/re2/re2/re2.h" | 31 #include "third_party/re2/re2/re2.h" |
31 | 32 |
32 // The OpenSSL implementation of WebCrypto is less complete, so don't run all of | 33 // The OpenSSL implementation of WebCrypto is less complete, so don't run all of |
33 // the tests: http://crbug.com/267888 | 34 // the tests: http://crbug.com/267888 |
34 #if defined(USE_OPENSSL) | 35 #if defined(USE_OPENSSL) |
35 #define MAYBE(test_name) DISABLED_##test_name | 36 #define MAYBE(test_name) DISABLED_##test_name |
36 #else | 37 #else |
37 #define MAYBE(test_name) test_name | 38 #define MAYBE(test_name) test_name |
38 #endif | 39 #endif |
39 | 40 |
40 // Helper macros to verify the value of a Status. | |
41 #define EXPECT_STATUS_ERROR(code) EXPECT_FALSE((code).IsSuccess()) | |
42 #define EXPECT_STATUS(expected, code) \ | |
43 EXPECT_EQ(expected.ToString(), (code).ToString()) | |
44 #define ASSERT_STATUS(expected, code) \ | |
45 ASSERT_EQ(expected.ToString(), (code).ToString()) | |
46 #define EXPECT_STATUS_SUCCESS(code) EXPECT_STATUS(Status::Success(), code) | |
47 #define ASSERT_STATUS_SUCCESS(code) ASSERT_STATUS(Status::Success(), code) | |
48 | |
49 namespace content { | 41 namespace content { |
50 | 42 |
51 namespace webcrypto { | 43 namespace webcrypto { |
52 | 44 |
| 45 void PrintTo(const Status& status, ::std::ostream* os) { |
| 46 if (status.IsSuccess()) |
| 47 *os << "Success"; |
| 48 else |
| 49 *os << "Error type: " << status.error_type() |
| 50 << " Error details: " << status.error_details(); |
| 51 } |
| 52 |
| 53 bool operator==(const content::webcrypto::Status& a, |
| 54 const content::webcrypto::Status& b) { |
| 55 if (a.IsSuccess() != b.IsSuccess()) |
| 56 return false; |
| 57 if (a.IsSuccess()) |
| 58 return true; |
| 59 return a.error_type() == b.error_type() && |
| 60 a.error_details() == b.error_details(); |
| 61 } |
| 62 |
| 63 bool operator!=(const content::webcrypto::Status& a, |
| 64 const content::webcrypto::Status& b) { |
| 65 return !(a == b); |
| 66 } |
| 67 |
53 namespace { | 68 namespace { |
54 | 69 |
55 // TODO(eroman): For Linux builds using system NSS, AES-GCM support is a | 70 // TODO(eroman): For Linux builds using system NSS, AES-GCM support is a |
56 // runtime dependency. Test it by trying to import a key. | 71 // runtime dependency. Test it by trying to import a key. |
57 // TODO(padolph): Consider caching the result of the import key test. | 72 // TODO(padolph): Consider caching the result of the import key test. |
58 bool SupportsAesGcm() { | 73 bool SupportsAesGcm() { |
59 std::vector<uint8> key_raw(16, 0); | 74 std::vector<uint8> key_raw(16, 0); |
60 | 75 |
61 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 76 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
62 Status status = ImportKey(blink::WebCryptoKeyFormatRaw, | 77 Status status = ImportKey(blink::WebCryptoKeyFormatRaw, |
63 CryptoData(key_raw), | 78 CryptoData(key_raw), |
64 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm), | 79 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm), |
65 true, | 80 true, |
66 blink::WebCryptoKeyUsageEncrypt, | 81 blink::WebCryptoKeyUsageEncrypt, |
67 &key); | 82 &key); |
68 | 83 |
69 if (status.IsError()) | 84 if (status.IsError()) |
70 EXPECT_STATUS(Status::ErrorUnsupported(), status); | 85 EXPECT_EQ(Status::ErrorUnsupported(), status); |
71 return status.IsSuccess(); | 86 return status.IsSuccess(); |
72 } | 87 } |
73 | 88 |
74 blink::WebCryptoAlgorithm CreateRsaKeyGenAlgorithm( | 89 blink::WebCryptoAlgorithm CreateRsaKeyGenAlgorithm( |
75 blink::WebCryptoAlgorithmId algorithm_id, | 90 blink::WebCryptoAlgorithmId algorithm_id, |
76 unsigned int modulus_length, | 91 unsigned int modulus_length, |
77 const std::vector<uint8>& public_exponent) { | 92 const std::vector<uint8>& public_exponent) { |
78 DCHECK_EQ(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, algorithm_id); | 93 DCHECK_EQ(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, algorithm_id); |
79 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( | 94 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( |
80 algorithm_id, | 95 algorithm_id, |
(...skipping 323 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
404 protected: | 419 protected: |
405 virtual void SetUp() OVERRIDE { Init(); } | 420 virtual void SetUp() OVERRIDE { Init(); } |
406 }; | 421 }; |
407 | 422 |
408 blink::WebCryptoKey ImportSecretKeyFromRaw( | 423 blink::WebCryptoKey ImportSecretKeyFromRaw( |
409 const std::vector<uint8>& key_raw, | 424 const std::vector<uint8>& key_raw, |
410 const blink::WebCryptoAlgorithm& algorithm, | 425 const blink::WebCryptoAlgorithm& algorithm, |
411 blink::WebCryptoKeyUsageMask usage) { | 426 blink::WebCryptoKeyUsageMask usage) { |
412 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 427 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
413 bool extractable = true; | 428 bool extractable = true; |
414 EXPECT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatRaw, | 429 EXPECT_EQ(Status::Success(), |
415 CryptoData(key_raw), | 430 ImportKey(blink::WebCryptoKeyFormatRaw, |
416 algorithm, | 431 CryptoData(key_raw), |
417 extractable, | 432 algorithm, |
418 usage, | 433 extractable, |
419 &key)); | 434 usage, |
| 435 &key)); |
420 | 436 |
421 EXPECT_FALSE(key.isNull()); | 437 EXPECT_FALSE(key.isNull()); |
422 EXPECT_TRUE(key.handle()); | 438 EXPECT_TRUE(key.handle()); |
423 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 439 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
424 EXPECT_EQ(algorithm.id(), key.algorithm().id()); | 440 EXPECT_EQ(algorithm.id(), key.algorithm().id()); |
425 EXPECT_EQ(extractable, key.extractable()); | 441 EXPECT_EQ(extractable, key.extractable()); |
426 EXPECT_EQ(usage, key.usages()); | 442 EXPECT_EQ(usage, key.usages()); |
427 return key; | 443 return key; |
428 } | 444 } |
429 | 445 |
430 void ImportRsaKeyPair(const std::vector<uint8>& spki_der, | 446 void ImportRsaKeyPair(const std::vector<uint8>& spki_der, |
431 const std::vector<uint8>& pkcs8_der, | 447 const std::vector<uint8>& pkcs8_der, |
432 const blink::WebCryptoAlgorithm& algorithm, | 448 const blink::WebCryptoAlgorithm& algorithm, |
433 bool extractable, | 449 bool extractable, |
434 blink::WebCryptoKeyUsageMask usage_mask, | 450 blink::WebCryptoKeyUsageMask usage_mask, |
435 blink::WebCryptoKey* public_key, | 451 blink::WebCryptoKey* public_key, |
436 blink::WebCryptoKey* private_key) { | 452 blink::WebCryptoKey* private_key) { |
437 EXPECT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatSpki, | 453 EXPECT_EQ(Status::Success(), |
438 CryptoData(spki_der), | 454 ImportKey(blink::WebCryptoKeyFormatSpki, |
439 algorithm, | 455 CryptoData(spki_der), |
440 true, | 456 algorithm, |
441 usage_mask, | 457 true, |
442 public_key)); | 458 usage_mask, |
| 459 public_key)); |
443 EXPECT_FALSE(public_key->isNull()); | 460 EXPECT_FALSE(public_key->isNull()); |
444 EXPECT_TRUE(public_key->handle()); | 461 EXPECT_TRUE(public_key->handle()); |
445 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key->type()); | 462 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key->type()); |
446 EXPECT_EQ(algorithm.id(), public_key->algorithm().id()); | 463 EXPECT_EQ(algorithm.id(), public_key->algorithm().id()); |
447 EXPECT_EQ(extractable, extractable); | 464 EXPECT_EQ(extractable, extractable); |
448 EXPECT_EQ(usage_mask, public_key->usages()); | 465 EXPECT_EQ(usage_mask, public_key->usages()); |
449 | 466 |
450 EXPECT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatPkcs8, | 467 EXPECT_EQ(Status::Success(), |
451 CryptoData(pkcs8_der), | 468 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
452 algorithm, | 469 CryptoData(pkcs8_der), |
453 extractable, | 470 algorithm, |
454 usage_mask, | 471 extractable, |
455 private_key)); | 472 usage_mask, |
| 473 private_key)); |
456 EXPECT_FALSE(private_key->isNull()); | 474 EXPECT_FALSE(private_key->isNull()); |
457 EXPECT_TRUE(private_key->handle()); | 475 EXPECT_TRUE(private_key->handle()); |
458 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key->type()); | 476 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key->type()); |
459 EXPECT_EQ(algorithm.id(), private_key->algorithm().id()); | 477 EXPECT_EQ(algorithm.id(), private_key->algorithm().id()); |
460 EXPECT_EQ(extractable, extractable); | 478 EXPECT_EQ(extractable, extractable); |
461 EXPECT_EQ(usage_mask, private_key->usages()); | 479 EXPECT_EQ(usage_mask, private_key->usages()); |
462 } | 480 } |
463 | 481 |
464 Status AesGcmEncrypt(const blink::WebCryptoKey& key, | 482 Status AesGcmEncrypt(const blink::WebCryptoKey& key, |
465 const std::vector<uint8>& iv, | 483 const std::vector<uint8>& iv, |
466 const std::vector<uint8>& additional_data, | 484 const std::vector<uint8>& additional_data, |
467 unsigned int tag_length_bits, | 485 unsigned int tag_length_bits, |
468 const std::vector<uint8>& plain_text, | 486 const std::vector<uint8>& plain_text, |
469 std::vector<uint8>* cipher_text, | 487 std::vector<uint8>* cipher_text, |
470 std::vector<uint8>* authentication_tag) { | 488 std::vector<uint8>* authentication_tag) { |
471 EXPECT_TRUE(SupportsAesGcm()); | 489 EXPECT_TRUE(SupportsAesGcm()); |
472 blink::WebCryptoAlgorithm algorithm = | 490 blink::WebCryptoAlgorithm algorithm = |
473 CreateAesGcmAlgorithm(iv, additional_data, tag_length_bits); | 491 CreateAesGcmAlgorithm(iv, additional_data, tag_length_bits); |
474 | 492 |
475 blink::WebArrayBuffer output; | 493 blink::WebArrayBuffer output; |
476 Status status = Encrypt(algorithm, key, CryptoData(plain_text), &output); | 494 Status status = Encrypt(algorithm, key, CryptoData(plain_text), &output); |
477 if (status.IsError()) | 495 if (status.IsError()) |
478 return status; | 496 return status; |
479 | 497 |
480 if (output.byteLength() * 8 < tag_length_bits) { | 498 if (output.byteLength() * 8 < tag_length_bits) { |
481 EXPECT_TRUE(false); | 499 EXPECT_TRUE(false); |
482 return Status::Error(); | 500 return Status::OperationError(); |
483 } | 501 } |
484 | 502 |
485 // The encryption result is cipher text with authentication tag appended. | 503 // The encryption result is cipher text with authentication tag appended. |
486 cipher_text->assign(static_cast<uint8*>(output.data()), | 504 cipher_text->assign(static_cast<uint8*>(output.data()), |
487 static_cast<uint8*>(output.data()) + | 505 static_cast<uint8*>(output.data()) + |
488 (output.byteLength() - tag_length_bits / 8)); | 506 (output.byteLength() - tag_length_bits / 8)); |
489 authentication_tag->assign( | 507 authentication_tag->assign( |
490 static_cast<uint8*>(output.data()) + cipher_text->size(), | 508 static_cast<uint8*>(output.data()) + cipher_text->size(), |
491 static_cast<uint8*>(output.data()) + output.byteLength()); | 509 static_cast<uint8*>(output.data()) + output.byteLength()); |
492 | 510 |
(...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
553 return scoped_ptr<base::DictionaryValue>(dict_value); | 571 return scoped_ptr<base::DictionaryValue>(dict_value); |
554 } | 572 } |
555 | 573 |
556 // Verifies the input dictionary contains the expected values. Exact matches are | 574 // Verifies the input dictionary contains the expected values. Exact matches are |
557 // required on the fields examined. | 575 // required on the fields examined. |
558 ::testing::AssertionResult VerifyJwk( | 576 ::testing::AssertionResult VerifyJwk( |
559 const scoped_ptr<base::DictionaryValue>& dict, | 577 const scoped_ptr<base::DictionaryValue>& dict, |
560 const std::string& kty_expected, | 578 const std::string& kty_expected, |
561 const std::string& alg_expected, | 579 const std::string& alg_expected, |
562 blink::WebCryptoKeyUsageMask use_mask_expected) { | 580 blink::WebCryptoKeyUsageMask use_mask_expected) { |
563 | |
564 // ---- kty | 581 // ---- kty |
565 std::string value_string; | 582 std::string value_string; |
566 if (!dict->GetString("kty", &value_string)) | 583 if (!dict->GetString("kty", &value_string)) |
567 return ::testing::AssertionFailure() << "Missing 'kty'"; | 584 return ::testing::AssertionFailure() << "Missing 'kty'"; |
568 if (value_string != kty_expected) | 585 if (value_string != kty_expected) |
569 return ::testing::AssertionFailure() << "Expected 'kty' to be " | 586 return ::testing::AssertionFailure() << "Expected 'kty' to be " |
570 << kty_expected << "but found " | 587 << kty_expected << "but found " |
571 << value_string; | 588 << value_string; |
572 | 589 |
573 // ---- alg | 590 // ---- alg |
(...skipping 101 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
675 } // namespace | 692 } // namespace |
676 | 693 |
677 TEST_F(SharedCryptoTest, CheckAesGcm) { | 694 TEST_F(SharedCryptoTest, CheckAesGcm) { |
678 if (!SupportsAesGcm()) { | 695 if (!SupportsAesGcm()) { |
679 LOG(WARNING) << "AES GCM not supported on this platform, so some tests " | 696 LOG(WARNING) << "AES GCM not supported on this platform, so some tests " |
680 "will be skipped. Consider upgrading local NSS libraries"; | 697 "will be skipped. Consider upgrading local NSS libraries"; |
681 return; | 698 return; |
682 } | 699 } |
683 } | 700 } |
684 | 701 |
685 TEST_F(SharedCryptoTest, StatusToString) { | 702 // Tests several Status objects against their expected hard coded values, as |
686 EXPECT_EQ("Success", Status::Success().ToString()); | 703 // well as ensuring that comparison of Status objects works. |
687 EXPECT_EQ("", Status::Error().ToString()); | 704 // Comparison should take into account both the error details, as well as the |
688 EXPECT_EQ("The requested operation is unsupported", | 705 // error type. |
689 Status::ErrorUnsupported().ToString()); | 706 TEST_F(SharedCryptoTest, Status) { |
| 707 // Even though the error message is the same, these should not be considered |
| 708 // the same by the tests because the error type is different. |
| 709 EXPECT_NE(Status::DataError(), Status::OperationError()); |
| 710 EXPECT_NE(Status::Success(), Status::OperationError()); |
| 711 |
| 712 EXPECT_EQ(Status::Success(), Status::Success()); |
| 713 EXPECT_EQ(Status::ErrorJwkPropertyWrongType("kty", "string"), |
| 714 Status::ErrorJwkPropertyWrongType("kty", "string")); |
| 715 |
| 716 Status status = Status::Success(); |
| 717 |
| 718 EXPECT_FALSE(status.IsError()); |
| 719 EXPECT_EQ("", status.error_details()); |
| 720 |
| 721 status = Status::OperationError(); |
| 722 EXPECT_TRUE(status.IsError()); |
| 723 EXPECT_EQ("", status.error_details()); |
| 724 EXPECT_EQ(blink::WebCryptoErrorTypeOperation, status.error_type()); |
| 725 |
| 726 status = Status::DataError(); |
| 727 EXPECT_TRUE(status.IsError()); |
| 728 EXPECT_EQ("", status.error_details()); |
| 729 EXPECT_EQ(blink::WebCryptoErrorTypeData, status.error_type()); |
| 730 |
| 731 status = Status::ErrorUnsupported(); |
| 732 EXPECT_TRUE(status.IsError()); |
| 733 EXPECT_EQ("The requested operation is unsupported", status.error_details()); |
| 734 EXPECT_EQ(blink::WebCryptoErrorTypeNotSupported, status.error_type()); |
| 735 |
| 736 status = Status::ErrorJwkPropertyMissing("kty"); |
| 737 EXPECT_TRUE(status.IsError()); |
690 EXPECT_EQ("The required JWK property \"kty\" was missing", | 738 EXPECT_EQ("The required JWK property \"kty\" was missing", |
691 Status::ErrorJwkPropertyMissing("kty").ToString()); | 739 status.error_details()); |
| 740 EXPECT_EQ(blink::WebCryptoErrorTypeData, status.error_type()); |
| 741 |
| 742 status = Status::ErrorJwkPropertyWrongType("kty", "string"); |
| 743 EXPECT_TRUE(status.IsError()); |
692 EXPECT_EQ("The JWK property \"kty\" must be a string", | 744 EXPECT_EQ("The JWK property \"kty\" must be a string", |
693 Status::ErrorJwkPropertyWrongType("kty", "string").ToString()); | 745 status.error_details()); |
| 746 EXPECT_EQ(blink::WebCryptoErrorTypeData, status.error_type()); |
| 747 |
| 748 status = Status::ErrorJwkBase64Decode("n"); |
| 749 EXPECT_TRUE(status.IsError()); |
694 EXPECT_EQ("The JWK property \"n\" could not be base64 decoded", | 750 EXPECT_EQ("The JWK property \"n\" could not be base64 decoded", |
695 Status::ErrorJwkBase64Decode("n").ToString()); | 751 status.error_details()); |
| 752 EXPECT_EQ(blink::WebCryptoErrorTypeData, status.error_type()); |
696 } | 753 } |
697 | 754 |
698 TEST_F(SharedCryptoTest, DigestSampleSets) { | 755 TEST_F(SharedCryptoTest, DigestSampleSets) { |
699 scoped_ptr<base::ListValue> tests; | 756 scoped_ptr<base::ListValue> tests; |
700 ASSERT_TRUE(ReadJsonTestFileToList("digest.json", &tests)); | 757 ASSERT_TRUE(ReadJsonTestFileToList("digest.json", &tests)); |
701 | 758 |
702 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { | 759 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { |
703 SCOPED_TRACE(test_index); | 760 SCOPED_TRACE(test_index); |
704 base::DictionaryValue* test; | 761 base::DictionaryValue* test; |
705 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); | 762 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); |
706 | 763 |
707 blink::WebCryptoAlgorithm test_algorithm = | 764 blink::WebCryptoAlgorithm test_algorithm = |
708 GetDigestAlgorithm(test, "algorithm"); | 765 GetDigestAlgorithm(test, "algorithm"); |
709 std::vector<uint8> test_input = GetBytesFromHexString(test, "input"); | 766 std::vector<uint8> test_input = GetBytesFromHexString(test, "input"); |
710 std::vector<uint8> test_output = GetBytesFromHexString(test, "output"); | 767 std::vector<uint8> test_output = GetBytesFromHexString(test, "output"); |
711 | 768 |
712 blink::WebArrayBuffer output; | 769 blink::WebArrayBuffer output; |
713 ASSERT_STATUS_SUCCESS( | 770 ASSERT_EQ(Status::Success(), |
714 Digest(test_algorithm, CryptoData(test_input), &output)); | 771 Digest(test_algorithm, CryptoData(test_input), &output)); |
715 EXPECT_TRUE(ArrayBufferMatches(test_output, output)); | 772 EXPECT_TRUE(ArrayBufferMatches(test_output, output)); |
716 } | 773 } |
717 } | 774 } |
718 | 775 |
719 TEST_F(SharedCryptoTest, DigestSampleSetsInChunks) { | 776 TEST_F(SharedCryptoTest, DigestSampleSetsInChunks) { |
720 scoped_ptr<base::ListValue> tests; | 777 scoped_ptr<base::ListValue> tests; |
721 ASSERT_TRUE(ReadJsonTestFileToList("digest.json", &tests)); | 778 ASSERT_TRUE(ReadJsonTestFileToList("digest.json", &tests)); |
722 | 779 |
723 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { | 780 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { |
724 SCOPED_TRACE(test_index); | 781 SCOPED_TRACE(test_index); |
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
778 blink::WebCryptoKey key = ImportSecretKeyFromRaw( | 835 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
779 test_key, | 836 test_key, |
780 importAlgorithm, | 837 importAlgorithm, |
781 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify); | 838 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify); |
782 | 839 |
783 EXPECT_EQ(test_hash.id(), key.algorithm().hmacParams()->hash().id()); | 840 EXPECT_EQ(test_hash.id(), key.algorithm().hmacParams()->hash().id()); |
784 EXPECT_EQ(test_key.size() * 8, key.algorithm().hmacParams()->lengthBits()); | 841 EXPECT_EQ(test_key.size() * 8, key.algorithm().hmacParams()->lengthBits()); |
785 | 842 |
786 // Verify exported raw key is identical to the imported data | 843 // Verify exported raw key is identical to the imported data |
787 blink::WebArrayBuffer raw_key; | 844 blink::WebArrayBuffer raw_key; |
788 EXPECT_STATUS_SUCCESS( | 845 EXPECT_EQ(Status::Success(), |
789 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 846 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
790 EXPECT_TRUE(ArrayBufferMatches(test_key, raw_key)); | 847 EXPECT_TRUE(ArrayBufferMatches(test_key, raw_key)); |
791 | 848 |
792 blink::WebArrayBuffer output; | 849 blink::WebArrayBuffer output; |
793 | 850 |
794 ASSERT_STATUS_SUCCESS( | 851 ASSERT_EQ(Status::Success(), |
795 Sign(algorithm, key, CryptoData(test_message), &output)); | 852 Sign(algorithm, key, CryptoData(test_message), &output)); |
796 | 853 |
797 EXPECT_TRUE(ArrayBufferMatches(test_mac, output)); | 854 EXPECT_TRUE(ArrayBufferMatches(test_mac, output)); |
798 | 855 |
799 bool signature_match = false; | 856 bool signature_match = false; |
800 EXPECT_STATUS_SUCCESS(VerifySignature(algorithm, | 857 EXPECT_EQ(Status::Success(), |
801 key, | 858 VerifySignature(algorithm, |
802 CryptoData(output), | 859 key, |
803 CryptoData(test_message), | 860 CryptoData(output), |
804 &signature_match)); | 861 CryptoData(test_message), |
| 862 &signature_match)); |
805 EXPECT_TRUE(signature_match); | 863 EXPECT_TRUE(signature_match); |
806 | 864 |
807 // Ensure truncated signature does not verify by passing one less byte. | 865 // Ensure truncated signature does not verify by passing one less byte. |
808 EXPECT_STATUS_SUCCESS(VerifySignature( | 866 EXPECT_EQ(Status::Success(), |
809 algorithm, | 867 VerifySignature( |
810 key, | 868 algorithm, |
811 CryptoData(static_cast<const unsigned char*>(output.data()), | 869 key, |
812 output.byteLength() - 1), | 870 CryptoData(static_cast<const unsigned char*>(output.data()), |
813 CryptoData(test_message), | 871 output.byteLength() - 1), |
814 &signature_match)); | 872 CryptoData(test_message), |
| 873 &signature_match)); |
815 EXPECT_FALSE(signature_match); | 874 EXPECT_FALSE(signature_match); |
816 | 875 |
817 // Ensure truncated signature does not verify by passing no bytes. | 876 // Ensure truncated signature does not verify by passing no bytes. |
818 EXPECT_STATUS_SUCCESS(VerifySignature(algorithm, | 877 EXPECT_EQ(Status::Success(), |
819 key, | 878 VerifySignature(algorithm, |
820 CryptoData(), | 879 key, |
821 CryptoData(test_message), | 880 CryptoData(), |
822 &signature_match)); | 881 CryptoData(test_message), |
| 882 &signature_match)); |
823 EXPECT_FALSE(signature_match); | 883 EXPECT_FALSE(signature_match); |
824 | 884 |
825 // Ensure extra long signature does not cause issues and fails. | 885 // Ensure extra long signature does not cause issues and fails. |
826 const unsigned char kLongSignature[1024] = {0}; | 886 const unsigned char kLongSignature[1024] = {0}; |
827 EXPECT_STATUS_SUCCESS( | 887 EXPECT_EQ( |
| 888 Status::Success(), |
828 VerifySignature(algorithm, | 889 VerifySignature(algorithm, |
829 key, | 890 key, |
830 CryptoData(kLongSignature, sizeof(kLongSignature)), | 891 CryptoData(kLongSignature, sizeof(kLongSignature)), |
831 CryptoData(test_message), | 892 CryptoData(test_message), |
832 &signature_match)); | 893 &signature_match)); |
833 EXPECT_FALSE(signature_match); | 894 EXPECT_FALSE(signature_match); |
834 } | 895 } |
835 } | 896 } |
836 | 897 |
837 TEST_F(SharedCryptoTest, AesCbcFailures) { | 898 TEST_F(SharedCryptoTest, AesCbcFailures) { |
838 const std::string key_hex = "2b7e151628aed2a6abf7158809cf4f3c"; | 899 const std::string key_hex = "2b7e151628aed2a6abf7158809cf4f3c"; |
839 blink::WebCryptoKey key = ImportSecretKeyFromRaw( | 900 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
840 HexStringToBytes(key_hex), | 901 HexStringToBytes(key_hex), |
841 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 902 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
842 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); | 903 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); |
843 | 904 |
844 // Verify exported raw key is identical to the imported data | 905 // Verify exported raw key is identical to the imported data |
845 blink::WebArrayBuffer raw_key; | 906 blink::WebArrayBuffer raw_key; |
846 EXPECT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 907 EXPECT_EQ(Status::Success(), |
| 908 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
847 ExpectArrayBufferMatchesHex(key_hex, raw_key); | 909 ExpectArrayBufferMatchesHex(key_hex, raw_key); |
848 | 910 |
849 blink::WebArrayBuffer output; | 911 blink::WebArrayBuffer output; |
850 | 912 |
851 // Use an invalid |iv| (fewer than 16 bytes) | 913 // Use an invalid |iv| (fewer than 16 bytes) |
852 { | 914 { |
853 std::vector<uint8> input(32); | 915 std::vector<uint8> input(32); |
854 std::vector<uint8> iv; | 916 std::vector<uint8> iv; |
855 EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), | 917 EXPECT_EQ(Status::ErrorIncorrectSizeAesCbcIv(), |
856 Encrypt(webcrypto::CreateAesCbcAlgorithm(iv), | 918 Encrypt(webcrypto::CreateAesCbcAlgorithm(iv), |
857 key, | 919 key, |
858 CryptoData(input), | 920 CryptoData(input), |
859 &output)); | 921 &output)); |
860 EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), | 922 EXPECT_EQ(Status::ErrorIncorrectSizeAesCbcIv(), |
861 Decrypt(webcrypto::CreateAesCbcAlgorithm(iv), | 923 Decrypt(webcrypto::CreateAesCbcAlgorithm(iv), |
862 key, | 924 key, |
863 CryptoData(input), | 925 CryptoData(input), |
864 &output)); | 926 &output)); |
865 } | 927 } |
866 | 928 |
867 // Use an invalid |iv| (more than 16 bytes) | 929 // Use an invalid |iv| (more than 16 bytes) |
868 { | 930 { |
869 std::vector<uint8> input(32); | 931 std::vector<uint8> input(32); |
870 std::vector<uint8> iv(17); | 932 std::vector<uint8> iv(17); |
871 EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), | 933 EXPECT_EQ(Status::ErrorIncorrectSizeAesCbcIv(), |
872 Encrypt(webcrypto::CreateAesCbcAlgorithm(iv), | 934 Encrypt(webcrypto::CreateAesCbcAlgorithm(iv), |
873 key, | 935 key, |
874 CryptoData(input), | 936 CryptoData(input), |
875 &output)); | 937 &output)); |
876 EXPECT_STATUS(Status::ErrorIncorrectSizeAesCbcIv(), | 938 EXPECT_EQ(Status::ErrorIncorrectSizeAesCbcIv(), |
877 Decrypt(webcrypto::CreateAesCbcAlgorithm(iv), | 939 Decrypt(webcrypto::CreateAesCbcAlgorithm(iv), |
878 key, | 940 key, |
879 CryptoData(input), | 941 CryptoData(input), |
880 &output)); | 942 &output)); |
881 } | 943 } |
882 | 944 |
883 // Give an input that is too large (would cause integer overflow when | 945 // Give an input that is too large (would cause integer overflow when |
884 // narrowing to an int). | 946 // narrowing to an int). |
885 { | 947 { |
886 std::vector<uint8> iv(16); | 948 std::vector<uint8> iv(16); |
887 | 949 |
888 // Pretend the input is large. Don't pass data pointer as NULL in case that | 950 // Pretend the input is large. Don't pass data pointer as NULL in case that |
889 // is special cased; the implementation shouldn't actually dereference the | 951 // is special cased; the implementation shouldn't actually dereference the |
890 // data. | 952 // data. |
891 CryptoData input(&iv[0], INT_MAX - 3); | 953 CryptoData input(&iv[0], INT_MAX - 3); |
892 | 954 |
893 EXPECT_STATUS(Status::ErrorDataTooLarge(), | 955 EXPECT_EQ(Status::ErrorDataTooLarge(), |
894 Encrypt(CreateAesCbcAlgorithm(iv), key, input, &output)); | 956 Encrypt(CreateAesCbcAlgorithm(iv), key, input, &output)); |
895 EXPECT_STATUS(Status::ErrorDataTooLarge(), | 957 EXPECT_EQ(Status::ErrorDataTooLarge(), |
896 Decrypt(CreateAesCbcAlgorithm(iv), key, input, &output)); | 958 Decrypt(CreateAesCbcAlgorithm(iv), key, input, &output)); |
897 } | 959 } |
898 | 960 |
899 // Fail importing the key (too few bytes specified) | 961 // Fail importing the key (too few bytes specified) |
900 { | 962 { |
901 std::vector<uint8> key_raw(1); | 963 std::vector<uint8> key_raw(1); |
902 std::vector<uint8> iv(16); | 964 std::vector<uint8> iv(16); |
903 | 965 |
904 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 966 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
905 EXPECT_STATUS(Status::Error(), | 967 EXPECT_EQ(Status::ErrorImportAesKeyLength(), |
906 ImportKey(blink::WebCryptoKeyFormatRaw, | 968 ImportKey(blink::WebCryptoKeyFormatRaw, |
907 CryptoData(key_raw), | 969 CryptoData(key_raw), |
908 CreateAesCbcAlgorithm(iv), | 970 CreateAesCbcAlgorithm(iv), |
909 true, | 971 true, |
910 blink::WebCryptoKeyUsageEncrypt, | 972 blink::WebCryptoKeyUsageEncrypt, |
911 &key)); | 973 &key)); |
912 } | 974 } |
913 | 975 |
914 // Fail exporting the key in SPKI and PKCS#8 formats (not allowed for secret | 976 // Fail exporting the key in SPKI and PKCS#8 formats (not allowed for secret |
915 // keys). | 977 // keys). |
916 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 978 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), |
917 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); | 979 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); |
918 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 980 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), |
919 ExportKey(blink::WebCryptoKeyFormatPkcs8, key, &output)); | 981 ExportKey(blink::WebCryptoKeyFormatPkcs8, key, &output)); |
920 } | 982 } |
921 | 983 |
922 TEST_F(SharedCryptoTest, MAYBE(AesCbcSampleSets)) { | 984 TEST_F(SharedCryptoTest, MAYBE(AesCbcSampleSets)) { |
923 scoped_ptr<base::ListValue> tests; | 985 scoped_ptr<base::ListValue> tests; |
924 ASSERT_TRUE(ReadJsonTestFileToList("aes_cbc.json", &tests)); | 986 ASSERT_TRUE(ReadJsonTestFileToList("aes_cbc.json", &tests)); |
925 | 987 |
926 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { | 988 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) { |
927 SCOPED_TRACE(test_index); | 989 SCOPED_TRACE(test_index); |
928 base::DictionaryValue* test; | 990 base::DictionaryValue* test; |
929 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); | 991 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); |
930 | 992 |
931 std::vector<uint8> test_key = GetBytesFromHexString(test, "key"); | 993 std::vector<uint8> test_key = GetBytesFromHexString(test, "key"); |
932 std::vector<uint8> test_iv = GetBytesFromHexString(test, "iv"); | 994 std::vector<uint8> test_iv = GetBytesFromHexString(test, "iv"); |
933 std::vector<uint8> test_plain_text = | 995 std::vector<uint8> test_plain_text = |
934 GetBytesFromHexString(test, "plain_text"); | 996 GetBytesFromHexString(test, "plain_text"); |
935 std::vector<uint8> test_cipher_text = | 997 std::vector<uint8> test_cipher_text = |
936 GetBytesFromHexString(test, "cipher_text"); | 998 GetBytesFromHexString(test, "cipher_text"); |
937 | 999 |
938 blink::WebCryptoKey key = ImportSecretKeyFromRaw( | 1000 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
939 test_key, | 1001 test_key, |
940 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 1002 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
941 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); | 1003 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); |
942 | 1004 |
943 EXPECT_EQ(test_key.size() * 8, key.algorithm().aesParams()->lengthBits()); | 1005 EXPECT_EQ(test_key.size() * 8, key.algorithm().aesParams()->lengthBits()); |
944 | 1006 |
945 // Verify exported raw key is identical to the imported data | 1007 // Verify exported raw key is identical to the imported data |
946 blink::WebArrayBuffer raw_key; | 1008 blink::WebArrayBuffer raw_key; |
947 EXPECT_STATUS_SUCCESS( | 1009 EXPECT_EQ(Status::Success(), |
948 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 1010 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
949 EXPECT_TRUE(ArrayBufferMatches(test_key, raw_key)); | 1011 EXPECT_TRUE(ArrayBufferMatches(test_key, raw_key)); |
950 | 1012 |
951 blink::WebArrayBuffer output; | 1013 blink::WebArrayBuffer output; |
952 | 1014 |
953 // Test encryption. | 1015 // Test encryption. |
954 EXPECT_STATUS(Status::Success(), | 1016 EXPECT_EQ(Status::Success(), |
955 Encrypt(webcrypto::CreateAesCbcAlgorithm(test_iv), | 1017 Encrypt(webcrypto::CreateAesCbcAlgorithm(test_iv), |
956 key, | 1018 key, |
957 CryptoData(test_plain_text), | 1019 CryptoData(test_plain_text), |
958 &output)); | 1020 &output)); |
959 EXPECT_TRUE(ArrayBufferMatches(test_cipher_text, output)); | 1021 EXPECT_TRUE(ArrayBufferMatches(test_cipher_text, output)); |
960 | 1022 |
961 // Test decryption. | 1023 // Test decryption. |
962 EXPECT_STATUS(Status::Success(), | 1024 EXPECT_EQ(Status::Success(), |
963 Decrypt(webcrypto::CreateAesCbcAlgorithm(test_iv), | 1025 Decrypt(webcrypto::CreateAesCbcAlgorithm(test_iv), |
964 key, | 1026 key, |
965 CryptoData(test_cipher_text), | 1027 CryptoData(test_cipher_text), |
966 &output)); | 1028 &output)); |
967 EXPECT_TRUE(ArrayBufferMatches(test_plain_text, output)); | 1029 EXPECT_TRUE(ArrayBufferMatches(test_plain_text, output)); |
968 | 1030 |
969 const unsigned int kAesCbcBlockSize = 16; | 1031 const unsigned int kAesCbcBlockSize = 16; |
970 | 1032 |
971 // Decrypt with a padding error by stripping the last block. This also ends | 1033 // Decrypt with a padding error by stripping the last block. This also ends |
972 // up testing decryption over empty cipher text. | 1034 // up testing decryption over empty cipher text. |
973 if (test_cipher_text.size() >= kAesCbcBlockSize) { | 1035 if (test_cipher_text.size() >= kAesCbcBlockSize) { |
974 EXPECT_STATUS( | 1036 EXPECT_EQ(Status::OperationError(), |
975 Status::Error(), | 1037 Decrypt(CreateAesCbcAlgorithm(test_iv), |
976 Decrypt(CreateAesCbcAlgorithm(test_iv), | 1038 key, |
977 key, | 1039 CryptoData(&test_cipher_text[0], |
978 CryptoData(&test_cipher_text[0], | 1040 test_cipher_text.size() - kAesCbcBlockSize), |
979 test_cipher_text.size() - kAesCbcBlockSize), | 1041 &output)); |
980 &output)); | |
981 } | 1042 } |
982 | 1043 |
983 // Decrypt cipher text which is not a multiple of block size by stripping | 1044 // Decrypt cipher text which is not a multiple of block size by stripping |
984 // a few bytes off the cipher text. | 1045 // a few bytes off the cipher text. |
985 if (test_cipher_text.size() > 3) { | 1046 if (test_cipher_text.size() > 3) { |
986 EXPECT_STATUS( | 1047 EXPECT_EQ( |
987 Status::Error(), | 1048 Status::OperationError(), |
988 Decrypt(CreateAesCbcAlgorithm(test_iv), | 1049 Decrypt(CreateAesCbcAlgorithm(test_iv), |
989 key, | 1050 key, |
990 CryptoData(&test_cipher_text[0], test_cipher_text.size() - 3), | 1051 CryptoData(&test_cipher_text[0], test_cipher_text.size() - 3), |
991 &output)); | 1052 &output)); |
992 } | 1053 } |
993 } | 1054 } |
994 } | 1055 } |
995 | 1056 |
996 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyAes)) { | 1057 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyAes)) { |
997 // Check key generation for each of AES-CBC, AES-GCM, and AES-KW, and for each | 1058 // Check key generation for each of AES-CBC, AES-GCM, and AES-KW, and for each |
998 // allowed key length. | 1059 // allowed key length. |
999 std::vector<blink::WebCryptoAlgorithm> algorithm; | 1060 std::vector<blink::WebCryptoAlgorithm> algorithm; |
1000 const unsigned short kKeyLength[] = {128, 192, 256}; | 1061 const unsigned short kKeyLength[] = {128, 192, 256}; |
1001 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLength); ++i) { | 1062 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLength); ++i) { |
1002 algorithm.push_back(CreateAesCbcKeyGenAlgorithm(kKeyLength[i])); | 1063 algorithm.push_back(CreateAesCbcKeyGenAlgorithm(kKeyLength[i])); |
1003 algorithm.push_back(CreateAesKwKeyGenAlgorithm(kKeyLength[i])); | 1064 algorithm.push_back(CreateAesKwKeyGenAlgorithm(kKeyLength[i])); |
1004 if (SupportsAesGcm()) | 1065 if (SupportsAesGcm()) |
1005 algorithm.push_back(CreateAesGcmKeyGenAlgorithm(kKeyLength[i])); | 1066 algorithm.push_back(CreateAesGcmKeyGenAlgorithm(kKeyLength[i])); |
1006 } | 1067 } |
1007 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1068 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1008 std::vector<blink::WebArrayBuffer> keys; | 1069 std::vector<blink::WebArrayBuffer> keys; |
1009 blink::WebArrayBuffer key_bytes; | 1070 blink::WebArrayBuffer key_bytes; |
1010 for (size_t i = 0; i < algorithm.size(); ++i) { | 1071 for (size_t i = 0; i < algorithm.size(); ++i) { |
1011 SCOPED_TRACE(i); | 1072 SCOPED_TRACE(i); |
1012 // Generate a small sample of keys. | 1073 // Generate a small sample of keys. |
1013 keys.clear(); | 1074 keys.clear(); |
1014 for (int j = 0; j < 16; ++j) { | 1075 for (int j = 0; j < 16; ++j) { |
1015 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm[i], true, 0, &key)); | 1076 ASSERT_EQ(Status::Success(), |
| 1077 GenerateSecretKey(algorithm[i], true, 0, &key)); |
1016 EXPECT_TRUE(key.handle()); | 1078 EXPECT_TRUE(key.handle()); |
1017 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 1079 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
1018 ASSERT_STATUS_SUCCESS( | 1080 ASSERT_EQ(Status::Success(), |
1019 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_bytes)); | 1081 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_bytes)); |
1020 EXPECT_EQ(key_bytes.byteLength() * 8, | 1082 EXPECT_EQ(key_bytes.byteLength() * 8, |
1021 key.algorithm().aesParams()->lengthBits()); | 1083 key.algorithm().aesParams()->lengthBits()); |
1022 keys.push_back(key_bytes); | 1084 keys.push_back(key_bytes); |
1023 } | 1085 } |
1024 // Ensure all entries in the key sample set are unique. This is a simplistic | 1086 // Ensure all entries in the key sample set are unique. This is a simplistic |
1025 // estimate of whether the generated keys appear random. | 1087 // estimate of whether the generated keys appear random. |
1026 EXPECT_FALSE(CopiesExist(keys)); | 1088 EXPECT_FALSE(CopiesExist(keys)); |
1027 } | 1089 } |
1028 } | 1090 } |
1029 | 1091 |
1030 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyAesBadLength)) { | 1092 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyAesBadLength)) { |
1031 const unsigned short kKeyLen[] = {0, 127, 257}; | 1093 const unsigned short kKeyLen[] = {0, 127, 257}; |
1032 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1094 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1033 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLen); ++i) { | 1095 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLen); ++i) { |
1034 SCOPED_TRACE(i); | 1096 SCOPED_TRACE(i); |
1035 EXPECT_STATUS(Status::ErrorGenerateKeyLength(), | 1097 EXPECT_EQ(Status::ErrorGenerateKeyLength(), |
1036 GenerateSecretKey( | 1098 GenerateSecretKey( |
1037 CreateAesCbcKeyGenAlgorithm(kKeyLen[i]), true, 0, &key)); | 1099 CreateAesCbcKeyGenAlgorithm(kKeyLen[i]), true, 0, &key)); |
1038 EXPECT_STATUS(Status::ErrorGenerateKeyLength(), | 1100 EXPECT_EQ(Status::ErrorGenerateKeyLength(), |
1039 GenerateSecretKey( | 1101 GenerateSecretKey( |
1040 CreateAesKwKeyGenAlgorithm(kKeyLen[i]), true, 0, &key)); | 1102 CreateAesKwKeyGenAlgorithm(kKeyLen[i]), true, 0, &key)); |
1041 if (SupportsAesGcm()) { | 1103 if (SupportsAesGcm()) { |
1042 EXPECT_STATUS( | 1104 EXPECT_EQ(Status::ErrorGenerateKeyLength(), |
1043 Status::ErrorGenerateKeyLength(), | 1105 GenerateSecretKey( |
1044 GenerateSecretKey( | 1106 CreateAesGcmKeyGenAlgorithm(kKeyLen[i]), true, 0, &key)); |
1045 CreateAesGcmKeyGenAlgorithm(kKeyLen[i]), true, 0, &key)); | |
1046 } | 1107 } |
1047 } | 1108 } |
1048 } | 1109 } |
1049 | 1110 |
1050 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyHmac)) { | 1111 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyHmac)) { |
1051 // Generate a small sample of HMAC keys. | 1112 // Generate a small sample of HMAC keys. |
1052 std::vector<blink::WebArrayBuffer> keys; | 1113 std::vector<blink::WebArrayBuffer> keys; |
1053 for (int i = 0; i < 16; ++i) { | 1114 for (int i = 0; i < 16; ++i) { |
1054 blink::WebArrayBuffer key_bytes; | 1115 blink::WebArrayBuffer key_bytes; |
1055 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1116 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1056 blink::WebCryptoAlgorithm algorithm = | 1117 blink::WebCryptoAlgorithm algorithm = |
1057 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 512); | 1118 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 512); |
1058 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); | 1119 ASSERT_EQ(Status::Success(), GenerateSecretKey(algorithm, true, 0, &key)); |
1059 EXPECT_FALSE(key.isNull()); | 1120 EXPECT_FALSE(key.isNull()); |
1060 EXPECT_TRUE(key.handle()); | 1121 EXPECT_TRUE(key.handle()); |
1061 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 1122 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
1062 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); | 1123 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); |
1063 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, | 1124 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, |
1064 key.algorithm().hmacParams()->hash().id()); | 1125 key.algorithm().hmacParams()->hash().id()); |
1065 EXPECT_EQ(512u, key.algorithm().hmacParams()->lengthBits()); | 1126 EXPECT_EQ(512u, key.algorithm().hmacParams()->lengthBits()); |
1066 | 1127 |
1067 blink::WebArrayBuffer raw_key; | 1128 blink::WebArrayBuffer raw_key; |
1068 ASSERT_STATUS_SUCCESS( | 1129 ASSERT_EQ(Status::Success(), |
1069 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 1130 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
1070 EXPECT_EQ(64U, raw_key.byteLength()); | 1131 EXPECT_EQ(64U, raw_key.byteLength()); |
1071 keys.push_back(raw_key); | 1132 keys.push_back(raw_key); |
1072 } | 1133 } |
1073 // Ensure all entries in the key sample set are unique. This is a simplistic | 1134 // Ensure all entries in the key sample set are unique. This is a simplistic |
1074 // estimate of whether the generated keys appear random. | 1135 // estimate of whether the generated keys appear random. |
1075 EXPECT_FALSE(CopiesExist(keys)); | 1136 EXPECT_FALSE(CopiesExist(keys)); |
1076 } | 1137 } |
1077 | 1138 |
1078 // If the key length is not provided, then the block size is used. | 1139 // If the key length is not provided, then the block size is used. |
1079 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyHmacNoLength)) { | 1140 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyHmacNoLength)) { |
1080 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1141 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1081 blink::WebCryptoAlgorithm algorithm = | 1142 blink::WebCryptoAlgorithm algorithm = |
1082 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 0); | 1143 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 0); |
1083 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); | 1144 ASSERT_EQ(Status::Success(), GenerateSecretKey(algorithm, true, 0, &key)); |
1084 EXPECT_TRUE(key.handle()); | 1145 EXPECT_TRUE(key.handle()); |
1085 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 1146 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
1086 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); | 1147 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); |
1087 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, | 1148 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, |
1088 key.algorithm().hmacParams()->hash().id()); | 1149 key.algorithm().hmacParams()->hash().id()); |
1089 EXPECT_EQ(512u, key.algorithm().hmacParams()->lengthBits()); | 1150 EXPECT_EQ(512u, key.algorithm().hmacParams()->lengthBits()); |
1090 blink::WebArrayBuffer raw_key; | 1151 blink::WebArrayBuffer raw_key; |
1091 ASSERT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 1152 ASSERT_EQ(Status::Success(), |
| 1153 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
1092 EXPECT_EQ(64U, raw_key.byteLength()); | 1154 EXPECT_EQ(64U, raw_key.byteLength()); |
1093 | 1155 |
1094 // The block size for HMAC SHA-512 is larger. | 1156 // The block size for HMAC SHA-512 is larger. |
1095 algorithm = CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha512, 0); | 1157 algorithm = CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha512, 0); |
1096 ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); | 1158 ASSERT_EQ(Status::Success(), GenerateSecretKey(algorithm, true, 0, &key)); |
1097 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); | 1159 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); |
1098 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha512, | 1160 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha512, |
1099 key.algorithm().hmacParams()->hash().id()); | 1161 key.algorithm().hmacParams()->hash().id()); |
1100 EXPECT_EQ(1024u, key.algorithm().hmacParams()->lengthBits()); | 1162 EXPECT_EQ(1024u, key.algorithm().hmacParams()->lengthBits()); |
1101 ASSERT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 1163 ASSERT_EQ(Status::Success(), |
| 1164 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
1102 EXPECT_EQ(128U, raw_key.byteLength()); | 1165 EXPECT_EQ(128U, raw_key.byteLength()); |
1103 } | 1166 } |
1104 | 1167 |
1105 TEST_F(SharedCryptoTest, ImportJwkKeyUsage) { | 1168 TEST_F(SharedCryptoTest, ImportJwkKeyUsage) { |
1106 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1169 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1107 base::DictionaryValue dict; | 1170 base::DictionaryValue dict; |
1108 dict.SetString("kty", "oct"); | 1171 dict.SetString("kty", "oct"); |
1109 dict.SetBoolean("ext", false); | 1172 dict.SetBoolean("ext", false); |
1110 dict.SetString("k", "GADWrMRHwQfoNaXU5fZvTg=="); | 1173 dict.SetString("k", "GADWrMRHwQfoNaXU5fZvTg=="); |
1111 const blink::WebCryptoAlgorithm aes_cbc_algorithm = | 1174 const blink::WebCryptoAlgorithm aes_cbc_algorithm = |
1112 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); | 1175 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); |
1113 const blink::WebCryptoAlgorithm hmac_algorithm = | 1176 const blink::WebCryptoAlgorithm hmac_algorithm = |
1114 webcrypto::CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256); | 1177 webcrypto::CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256); |
1115 const blink::WebCryptoAlgorithm aes_kw_algorithm = | 1178 const blink::WebCryptoAlgorithm aes_kw_algorithm = |
1116 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); | 1179 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); |
1117 | 1180 |
1118 // Test null usage. | 1181 // Test null usage. |
1119 base::ListValue* key_ops = new base::ListValue; | 1182 base::ListValue* key_ops = new base::ListValue; |
1120 // Note: the following call makes dict assume ownership of key_ops. | 1183 // Note: the following call makes dict assume ownership of key_ops. |
1121 dict.Set("key_ops", key_ops); | 1184 dict.Set("key_ops", key_ops); |
1122 EXPECT_STATUS_SUCCESS( | 1185 EXPECT_EQ(Status::Success(), |
1123 ImportKeyJwkFromDict(dict, aes_cbc_algorithm, false, 0, &key)); | 1186 ImportKeyJwkFromDict(dict, aes_cbc_algorithm, false, 0, &key)); |
1124 EXPECT_EQ(0, key.usages()); | 1187 EXPECT_EQ(0, key.usages()); |
1125 | 1188 |
1126 // Test each key_ops value translates to the correct Web Crypto value. | 1189 // Test each key_ops value translates to the correct Web Crypto value. |
1127 struct TestCase { | 1190 struct TestCase { |
1128 const char* jwk_key_op; | 1191 const char* jwk_key_op; |
1129 const char* jwk_alg; | 1192 const char* jwk_alg; |
1130 const blink::WebCryptoAlgorithm algorithm; | 1193 const blink::WebCryptoAlgorithm algorithm; |
1131 const blink::WebCryptoKeyUsage usage; | 1194 const blink::WebCryptoKeyUsage usage; |
1132 }; | 1195 }; |
1133 // TODO(padolph): Add 'deriveBits' key_ops value once it is supported. | 1196 // TODO(padolph): Add 'deriveBits' key_ops value once it is supported. |
1134 const TestCase test_case[] = { | 1197 const TestCase test_case[] = { |
1135 {"encrypt", "A128CBC", aes_cbc_algorithm, | 1198 {"encrypt", "A128CBC", aes_cbc_algorithm, |
1136 blink::WebCryptoKeyUsageEncrypt}, | 1199 blink::WebCryptoKeyUsageEncrypt}, |
1137 {"decrypt", "A128CBC", aes_cbc_algorithm, | 1200 {"decrypt", "A128CBC", aes_cbc_algorithm, |
1138 blink::WebCryptoKeyUsageDecrypt}, | 1201 blink::WebCryptoKeyUsageDecrypt}, |
1139 {"sign", "HS256", hmac_algorithm, blink::WebCryptoKeyUsageSign}, | 1202 {"sign", "HS256", hmac_algorithm, blink::WebCryptoKeyUsageSign}, |
1140 {"verify", "HS256", hmac_algorithm, blink::WebCryptoKeyUsageVerify}, | 1203 {"verify", "HS256", hmac_algorithm, blink::WebCryptoKeyUsageVerify}, |
1141 {"wrapKey", "A128KW", aes_kw_algorithm, blink::WebCryptoKeyUsageWrapKey}, | 1204 {"wrapKey", "A128KW", aes_kw_algorithm, blink::WebCryptoKeyUsageWrapKey}, |
1142 {"unwrapKey", "A128KW", aes_kw_algorithm, | 1205 {"unwrapKey", "A128KW", aes_kw_algorithm, |
1143 blink::WebCryptoKeyUsageUnwrapKey}, | 1206 blink::WebCryptoKeyUsageUnwrapKey}, |
1144 {"deriveKey", "HS256", hmac_algorithm, | 1207 {"deriveKey", "HS256", hmac_algorithm, |
1145 blink::WebCryptoKeyUsageDeriveKey}}; | 1208 blink::WebCryptoKeyUsageDeriveKey}}; |
1146 for (size_t test_index = 0; test_index < ARRAYSIZE_UNSAFE(test_case); | 1209 for (size_t test_index = 0; test_index < ARRAYSIZE_UNSAFE(test_case); |
1147 ++test_index) { | 1210 ++test_index) { |
1148 SCOPED_TRACE(test_index); | 1211 SCOPED_TRACE(test_index); |
1149 dict.SetString("alg", test_case[test_index].jwk_alg); | 1212 dict.SetString("alg", test_case[test_index].jwk_alg); |
1150 key_ops->Clear(); | 1213 key_ops->Clear(); |
1151 key_ops->AppendString(test_case[test_index].jwk_key_op); | 1214 key_ops->AppendString(test_case[test_index].jwk_key_op); |
1152 EXPECT_STATUS_SUCCESS(ImportKeyJwkFromDict(dict, | 1215 EXPECT_EQ(Status::Success(), |
1153 test_case[test_index].algorithm, | 1216 ImportKeyJwkFromDict(dict, |
1154 false, | 1217 test_case[test_index].algorithm, |
1155 test_case[test_index].usage, | 1218 false, |
1156 &key)); | 1219 test_case[test_index].usage, |
| 1220 &key)); |
1157 EXPECT_EQ(test_case[test_index].usage, key.usages()); | 1221 EXPECT_EQ(test_case[test_index].usage, key.usages()); |
1158 } | 1222 } |
1159 | 1223 |
1160 // Test discrete multiple usages. | 1224 // Test discrete multiple usages. |
1161 dict.SetString("alg", "A128CBC"); | 1225 dict.SetString("alg", "A128CBC"); |
1162 key_ops->Clear(); | 1226 key_ops->Clear(); |
1163 key_ops->AppendString("encrypt"); | 1227 key_ops->AppendString("encrypt"); |
1164 key_ops->AppendString("decrypt"); | 1228 key_ops->AppendString("decrypt"); |
1165 EXPECT_STATUS_SUCCESS(ImportKeyJwkFromDict( | 1229 EXPECT_EQ(Status::Success(), |
1166 dict, | 1230 ImportKeyJwkFromDict(dict, |
1167 aes_cbc_algorithm, | 1231 aes_cbc_algorithm, |
1168 false, | 1232 false, |
1169 blink::WebCryptoKeyUsageDecrypt | blink::WebCryptoKeyUsageEncrypt, | 1233 blink::WebCryptoKeyUsageDecrypt | |
1170 &key)); | 1234 blink::WebCryptoKeyUsageEncrypt, |
| 1235 &key)); |
1171 EXPECT_EQ(blink::WebCryptoKeyUsageDecrypt | blink::WebCryptoKeyUsageEncrypt, | 1236 EXPECT_EQ(blink::WebCryptoKeyUsageDecrypt | blink::WebCryptoKeyUsageEncrypt, |
1172 key.usages()); | 1237 key.usages()); |
1173 | 1238 |
1174 // Test constrained key usage (input usage is a subset of JWK usage). | 1239 // Test constrained key usage (input usage is a subset of JWK usage). |
1175 key_ops->Clear(); | 1240 key_ops->Clear(); |
1176 key_ops->AppendString("encrypt"); | 1241 key_ops->AppendString("encrypt"); |
1177 key_ops->AppendString("decrypt"); | 1242 key_ops->AppendString("decrypt"); |
1178 EXPECT_STATUS_SUCCESS(ImportKeyJwkFromDict( | 1243 EXPECT_EQ(Status::Success(), |
1179 dict, aes_cbc_algorithm, false, blink::WebCryptoKeyUsageDecrypt, &key)); | 1244 ImportKeyJwkFromDict(dict, |
| 1245 aes_cbc_algorithm, |
| 1246 false, |
| 1247 blink::WebCryptoKeyUsageDecrypt, |
| 1248 &key)); |
1180 EXPECT_EQ(blink::WebCryptoKeyUsageDecrypt, key.usages()); | 1249 EXPECT_EQ(blink::WebCryptoKeyUsageDecrypt, key.usages()); |
1181 | 1250 |
1182 // Test failure if input usage is NOT a strict subset of the JWK usage. | 1251 // Test failure if input usage is NOT a strict subset of the JWK usage. |
1183 key_ops->Clear(); | 1252 key_ops->Clear(); |
1184 key_ops->AppendString("encrypt"); | 1253 key_ops->AppendString("encrypt"); |
1185 EXPECT_STATUS(Status::ErrorJwkKeyopsInconsistent(), | 1254 EXPECT_EQ(Status::ErrorJwkKeyopsInconsistent(), |
1186 ImportKeyJwkFromDict(dict, | 1255 ImportKeyJwkFromDict(dict, |
1187 aes_cbc_algorithm, | 1256 aes_cbc_algorithm, |
1188 false, | 1257 false, |
1189 blink::WebCryptoKeyUsageEncrypt | | 1258 blink::WebCryptoKeyUsageEncrypt | |
1190 blink::WebCryptoKeyUsageDecrypt, | 1259 blink::WebCryptoKeyUsageDecrypt, |
1191 &key)); | 1260 &key)); |
1192 | 1261 |
1193 // Test 'use' inconsistent with 'key_ops'. | 1262 // Test 'use' inconsistent with 'key_ops'. |
1194 dict.SetString("alg", "HS256"); | 1263 dict.SetString("alg", "HS256"); |
1195 dict.SetString("use", "sig"); | 1264 dict.SetString("use", "sig"); |
1196 key_ops->AppendString("sign"); | 1265 key_ops->AppendString("sign"); |
1197 key_ops->AppendString("verify"); | 1266 key_ops->AppendString("verify"); |
1198 key_ops->AppendString("encrypt"); | 1267 key_ops->AppendString("encrypt"); |
1199 EXPECT_STATUS(Status::ErrorJwkUseAndKeyopsInconsistent(), | 1268 EXPECT_EQ(Status::ErrorJwkUseAndKeyopsInconsistent(), |
1200 ImportKeyJwkFromDict(dict, | 1269 ImportKeyJwkFromDict( |
1201 hmac_algorithm, | 1270 dict, |
1202 false, | 1271 hmac_algorithm, |
1203 blink::WebCryptoKeyUsageSign | | 1272 false, |
1204 blink::WebCryptoKeyUsageVerify, | 1273 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, |
1205 &key)); | 1274 &key)); |
1206 | 1275 |
1207 // Test JWK composite 'sig' use | 1276 // Test JWK composite 'sig' use |
1208 dict.Remove("key_ops", NULL); | 1277 dict.Remove("key_ops", NULL); |
1209 dict.SetString("use", "sig"); | 1278 dict.SetString("use", "sig"); |
1210 EXPECT_STATUS_SUCCESS(ImportKeyJwkFromDict( | 1279 EXPECT_EQ(Status::Success(), |
1211 dict, | 1280 ImportKeyJwkFromDict( |
1212 hmac_algorithm, | 1281 dict, |
1213 false, | 1282 hmac_algorithm, |
1214 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, | 1283 false, |
1215 &key)); | 1284 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, |
| 1285 &key)); |
1216 EXPECT_EQ(blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, | 1286 EXPECT_EQ(blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, |
1217 key.usages()); | 1287 key.usages()); |
1218 | 1288 |
1219 // Test JWK composite use 'enc' usage | 1289 // Test JWK composite use 'enc' usage |
1220 dict.SetString("alg", "A128CBC"); | 1290 dict.SetString("alg", "A128CBC"); |
1221 dict.SetString("use", "enc"); | 1291 dict.SetString("use", "enc"); |
1222 EXPECT_STATUS_SUCCESS(ImportKeyJwkFromDict( | 1292 EXPECT_EQ(Status::Success(), |
1223 dict, | 1293 ImportKeyJwkFromDict(dict, |
1224 aes_cbc_algorithm, | 1294 aes_cbc_algorithm, |
1225 false, | 1295 false, |
1226 blink::WebCryptoKeyUsageDecrypt | blink::WebCryptoKeyUsageEncrypt | | 1296 blink::WebCryptoKeyUsageDecrypt | |
1227 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey | | 1297 blink::WebCryptoKeyUsageEncrypt | |
1228 blink::WebCryptoKeyUsageDeriveKey, | 1298 blink::WebCryptoKeyUsageWrapKey | |
1229 &key)); | 1299 blink::WebCryptoKeyUsageUnwrapKey | |
| 1300 blink::WebCryptoKeyUsageDeriveKey, |
| 1301 &key)); |
1230 EXPECT_EQ(blink::WebCryptoKeyUsageDecrypt | blink::WebCryptoKeyUsageEncrypt | | 1302 EXPECT_EQ(blink::WebCryptoKeyUsageDecrypt | blink::WebCryptoKeyUsageEncrypt | |
1231 blink::WebCryptoKeyUsageWrapKey | | 1303 blink::WebCryptoKeyUsageWrapKey | |
1232 blink::WebCryptoKeyUsageUnwrapKey | | 1304 blink::WebCryptoKeyUsageUnwrapKey | |
1233 blink::WebCryptoKeyUsageDeriveKey, | 1305 blink::WebCryptoKeyUsageDeriveKey, |
1234 key.usages()); | 1306 key.usages()); |
1235 } | 1307 } |
1236 | 1308 |
1237 TEST_F(SharedCryptoTest, ImportJwkFailures) { | 1309 TEST_F(SharedCryptoTest, ImportJwkFailures) { |
1238 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1310 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1239 blink::WebCryptoAlgorithm algorithm = | 1311 blink::WebCryptoAlgorithm algorithm = |
1240 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); | 1312 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); |
1241 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; | 1313 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; |
1242 | 1314 |
1243 // Baseline pass: each test below breaks a single item, so we start with a | 1315 // Baseline pass: each test below breaks a single item, so we start with a |
1244 // passing case to make sure each failure is caused by the isolated break. | 1316 // passing case to make sure each failure is caused by the isolated break. |
1245 // Each breaking subtest below resets the dictionary to this passing case when | 1317 // Each breaking subtest below resets the dictionary to this passing case when |
1246 // complete. | 1318 // complete. |
1247 base::DictionaryValue dict; | 1319 base::DictionaryValue dict; |
1248 RestoreJwkOctDictionary(&dict); | 1320 RestoreJwkOctDictionary(&dict); |
1249 EXPECT_STATUS_SUCCESS( | 1321 EXPECT_EQ(Status::Success(), |
1250 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1322 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1251 | 1323 |
1252 // Fail on empty JSON. | 1324 // Fail on empty JSON. |
1253 EXPECT_STATUS( | 1325 EXPECT_EQ( |
1254 Status::ErrorImportEmptyKeyData(), | 1326 Status::ErrorImportEmptyKeyData(), |
1255 ImportKeyJwk( | 1327 ImportKeyJwk( |
1256 CryptoData(MakeJsonVector("")), algorithm, false, usage_mask, &key)); | 1328 CryptoData(MakeJsonVector("")), algorithm, false, usage_mask, &key)); |
1257 | 1329 |
1258 // Fail on invalid JSON. | 1330 // Fail on invalid JSON. |
1259 const std::vector<uint8> bad_json_vec = MakeJsonVector( | 1331 const std::vector<uint8> bad_json_vec = MakeJsonVector( |
1260 "{" | 1332 "{" |
1261 "\"kty\" : \"oct\"," | 1333 "\"kty\" : \"oct\"," |
1262 "\"alg\" : \"HS256\"," | 1334 "\"alg\" : \"HS256\"," |
1263 "\"use\" : "); | 1335 "\"use\" : "); |
1264 EXPECT_STATUS( | 1336 EXPECT_EQ(Status::ErrorJwkNotDictionary(), |
1265 Status::ErrorJwkNotDictionary(), | 1337 ImportKeyJwk( |
1266 ImportKeyJwk( | 1338 CryptoData(bad_json_vec), algorithm, false, usage_mask, &key)); |
1267 CryptoData(bad_json_vec), algorithm, false, usage_mask, &key)); | |
1268 | 1339 |
1269 // Fail on JWK alg present but unrecognized. | 1340 // Fail on JWK alg present but unrecognized. |
1270 dict.SetString("alg", "A127CBC"); | 1341 dict.SetString("alg", "A127CBC"); |
1271 EXPECT_STATUS(Status::ErrorJwkUnrecognizedAlgorithm(), | 1342 EXPECT_EQ(Status::ErrorJwkUnrecognizedAlgorithm(), |
1272 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1343 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1273 RestoreJwkOctDictionary(&dict); | 1344 RestoreJwkOctDictionary(&dict); |
1274 | 1345 |
1275 // Fail on invalid kty. | 1346 // Fail on invalid kty. |
1276 dict.SetString("kty", "foo"); | 1347 dict.SetString("kty", "foo"); |
1277 EXPECT_STATUS(Status::ErrorJwkUnrecognizedKty(), | 1348 EXPECT_EQ(Status::ErrorJwkUnrecognizedKty(), |
1278 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1349 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1279 RestoreJwkOctDictionary(&dict); | 1350 RestoreJwkOctDictionary(&dict); |
1280 | 1351 |
1281 // Fail on missing kty. | 1352 // Fail on missing kty. |
1282 dict.Remove("kty", NULL); | 1353 dict.Remove("kty", NULL); |
1283 EXPECT_STATUS(Status::ErrorJwkPropertyMissing("kty"), | 1354 EXPECT_EQ(Status::ErrorJwkPropertyMissing("kty"), |
1284 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1355 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1285 RestoreJwkOctDictionary(&dict); | 1356 RestoreJwkOctDictionary(&dict); |
1286 | 1357 |
1287 // Fail on kty wrong type. | 1358 // Fail on kty wrong type. |
1288 dict.SetDouble("kty", 0.1); | 1359 dict.SetDouble("kty", 0.1); |
1289 EXPECT_STATUS(Status::ErrorJwkPropertyWrongType("kty", "string"), | 1360 EXPECT_EQ(Status::ErrorJwkPropertyWrongType("kty", "string"), |
1290 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1361 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1291 RestoreJwkOctDictionary(&dict); | 1362 RestoreJwkOctDictionary(&dict); |
1292 | 1363 |
1293 // Fail on invalid use. | 1364 // Fail on invalid use. |
1294 dict.SetString("use", "foo"); | 1365 dict.SetString("use", "foo"); |
1295 EXPECT_STATUS(Status::ErrorJwkUnrecognizedUse(), | 1366 EXPECT_EQ(Status::ErrorJwkUnrecognizedUse(), |
1296 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1367 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1297 RestoreJwkOctDictionary(&dict); | 1368 RestoreJwkOctDictionary(&dict); |
1298 | 1369 |
1299 // Fail on invalid use (wrong type). | 1370 // Fail on invalid use (wrong type). |
1300 dict.SetBoolean("use", true); | 1371 dict.SetBoolean("use", true); |
1301 EXPECT_STATUS(Status::ErrorJwkPropertyWrongType("use", "string"), | 1372 EXPECT_EQ(Status::ErrorJwkPropertyWrongType("use", "string"), |
1302 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1373 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1303 RestoreJwkOctDictionary(&dict); | 1374 RestoreJwkOctDictionary(&dict); |
1304 | 1375 |
1305 // Fail on invalid extractable (wrong type). | 1376 // Fail on invalid extractable (wrong type). |
1306 dict.SetInteger("ext", 0); | 1377 dict.SetInteger("ext", 0); |
1307 EXPECT_STATUS(Status::ErrorJwkPropertyWrongType("ext", "boolean"), | 1378 EXPECT_EQ(Status::ErrorJwkPropertyWrongType("ext", "boolean"), |
1308 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1379 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1309 RestoreJwkOctDictionary(&dict); | 1380 RestoreJwkOctDictionary(&dict); |
1310 | 1381 |
1311 // Fail on invalid key_ops (wrong type). | 1382 // Fail on invalid key_ops (wrong type). |
1312 dict.SetBoolean("key_ops", true); | 1383 dict.SetBoolean("key_ops", true); |
1313 EXPECT_STATUS(Status::ErrorJwkPropertyWrongType("key_ops", "list"), | 1384 EXPECT_EQ(Status::ErrorJwkPropertyWrongType("key_ops", "list"), |
1314 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1385 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1315 RestoreJwkOctDictionary(&dict); | 1386 RestoreJwkOctDictionary(&dict); |
1316 | 1387 |
1317 // Fail on invalid key_ops (wrong element value). | 1388 // Fail on invalid key_ops (wrong element value). |
1318 base::ListValue* key_ops = new base::ListValue; | 1389 base::ListValue* key_ops = new base::ListValue; |
1319 // Note: the following call makes dict assume ownership of key_ops. | 1390 // Note: the following call makes dict assume ownership of key_ops. |
1320 dict.Set("key_ops", key_ops); | 1391 dict.Set("key_ops", key_ops); |
1321 key_ops->AppendString("foo"); | 1392 key_ops->AppendString("foo"); |
1322 EXPECT_STATUS(Status::ErrorJwkUnrecognizedKeyop(), | 1393 EXPECT_EQ(Status::ErrorJwkUnrecognizedKeyop(), |
1323 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1394 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1324 RestoreJwkOctDictionary(&dict); | 1395 RestoreJwkOctDictionary(&dict); |
1325 } | 1396 } |
1326 | 1397 |
1327 TEST_F(SharedCryptoTest, ImportJwkOctFailures) { | 1398 TEST_F(SharedCryptoTest, ImportJwkOctFailures) { |
1328 base::DictionaryValue dict; | 1399 base::DictionaryValue dict; |
1329 RestoreJwkOctDictionary(&dict); | 1400 RestoreJwkOctDictionary(&dict); |
1330 blink::WebCryptoAlgorithm algorithm = | 1401 blink::WebCryptoAlgorithm algorithm = |
1331 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); | 1402 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc); |
1332 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; | 1403 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; |
1333 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1404 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1334 | 1405 |
1335 // Baseline pass. | 1406 // Baseline pass. |
1336 EXPECT_STATUS_SUCCESS( | 1407 EXPECT_EQ(Status::Success(), |
1337 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1408 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1338 EXPECT_EQ(algorithm.id(), key.algorithm().id()); | 1409 EXPECT_EQ(algorithm.id(), key.algorithm().id()); |
1339 EXPECT_FALSE(key.extractable()); | 1410 EXPECT_FALSE(key.extractable()); |
1340 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); | 1411 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); |
1341 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 1412 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
1342 | 1413 |
1343 // The following are specific failure cases for when kty = "oct". | 1414 // The following are specific failure cases for when kty = "oct". |
1344 | 1415 |
1345 // Fail on missing k. | 1416 // Fail on missing k. |
1346 dict.Remove("k", NULL); | 1417 dict.Remove("k", NULL); |
1347 EXPECT_STATUS(Status::ErrorJwkPropertyMissing("k"), | 1418 EXPECT_EQ(Status::ErrorJwkPropertyMissing("k"), |
1348 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1419 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1349 RestoreJwkOctDictionary(&dict); | 1420 RestoreJwkOctDictionary(&dict); |
1350 | 1421 |
1351 // Fail on bad b64 encoding for k. | 1422 // Fail on bad b64 encoding for k. |
1352 dict.SetString("k", "Qk3f0DsytU8lfza2au #$% Htaw2xpop9GYyTuH0p5GghxTI="); | 1423 dict.SetString("k", "Qk3f0DsytU8lfza2au #$% Htaw2xpop9GYyTuH0p5GghxTI="); |
1353 EXPECT_STATUS(Status::ErrorJwkBase64Decode("k"), | 1424 EXPECT_EQ(Status::ErrorJwkBase64Decode("k"), |
1354 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1425 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1355 RestoreJwkOctDictionary(&dict); | 1426 RestoreJwkOctDictionary(&dict); |
1356 | 1427 |
1357 // Fail on empty k. | 1428 // Fail on empty k. |
1358 dict.SetString("k", ""); | 1429 dict.SetString("k", ""); |
1359 EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), | 1430 EXPECT_EQ(Status::ErrorJwkIncorrectKeyLength(), |
1360 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1431 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1361 RestoreJwkOctDictionary(&dict); | 1432 RestoreJwkOctDictionary(&dict); |
1362 | 1433 |
1363 // Fail on k actual length (120 bits) inconsistent with the embedded JWK alg | 1434 // Fail on k actual length (120 bits) inconsistent with the embedded JWK alg |
1364 // value (128) for an AES key. | 1435 // value (128) for an AES key. |
1365 dict.SetString("k", "AVj42h0Y5aqGtE3yluKL"); | 1436 dict.SetString("k", "AVj42h0Y5aqGtE3yluKL"); |
1366 EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), | 1437 EXPECT_EQ(Status::ErrorJwkIncorrectKeyLength(), |
1367 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1438 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1368 RestoreJwkOctDictionary(&dict); | 1439 RestoreJwkOctDictionary(&dict); |
1369 | 1440 |
1370 // Fail on k actual length (192 bits) inconsistent with the embedded JWK alg | 1441 // Fail on k actual length (192 bits) inconsistent with the embedded JWK alg |
1371 // value (128) for an AES key. | 1442 // value (128) for an AES key. |
1372 dict.SetString("k", "dGhpcyAgaXMgIDI0ICBieXRlcyBsb25n"); | 1443 dict.SetString("k", "dGhpcyAgaXMgIDI0ICBieXRlcyBsb25n"); |
1373 EXPECT_STATUS(Status::ErrorJwkIncorrectKeyLength(), | 1444 EXPECT_EQ(Status::ErrorJwkIncorrectKeyLength(), |
1374 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1445 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1375 RestoreJwkOctDictionary(&dict); | 1446 RestoreJwkOctDictionary(&dict); |
1376 } | 1447 } |
1377 | 1448 |
1378 TEST_F(SharedCryptoTest, MAYBE(ImportExportJwkRsaPublicKey)) { | 1449 TEST_F(SharedCryptoTest, MAYBE(ImportExportJwkRsaPublicKey)) { |
1379 // This test uses kPublicKeySpkiDerHex as the RSA key. The data below | 1450 // This test uses kPublicKeySpkiDerHex as the RSA key. The data below |
1380 // represents the modulus and public exponent extracted from this SPKI blob. | 1451 // represents the modulus and public exponent extracted from this SPKI blob. |
1381 // These values appear explicitly in the JWK rendering of the key. | 1452 // These values appear explicitly in the JWK rendering of the key. |
1382 const std::string n_hex = | 1453 const std::string n_hex = |
1383 "A56E4A0E701017589A5187DC7EA841D156F2EC0E36AD52A44DFEB1E61F7AD991D8C51056" | 1454 "A56E4A0E701017589A5187DC7EA841D156F2EC0E36AD52A44DFEB1E61F7AD991D8C51056" |
1384 "FFEDB162B4C0F283A12A88A394DFF526AB7291CBB307CEABFCE0B1DFD5CD9508096D5B2B" | 1455 "FFEDB162B4C0F283A12A88A394DFF526AB7291CBB307CEABFCE0B1DFD5CD9508096D5B2B" |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1416 blink::WebCryptoAlgorithmIdSha512), | 1487 blink::WebCryptoAlgorithmIdSha512), |
1417 blink::WebCryptoKeyUsageSign, "RS512"}}; | 1488 blink::WebCryptoKeyUsageSign, "RS512"}}; |
1418 | 1489 |
1419 for (size_t test_index = 0; test_index < ARRAYSIZE_UNSAFE(kTests); | 1490 for (size_t test_index = 0; test_index < ARRAYSIZE_UNSAFE(kTests); |
1420 ++test_index) { | 1491 ++test_index) { |
1421 SCOPED_TRACE(test_index); | 1492 SCOPED_TRACE(test_index); |
1422 const TestCase& test = kTests[test_index]; | 1493 const TestCase& test = kTests[test_index]; |
1423 | 1494 |
1424 // Import the spki to create a public key | 1495 // Import the spki to create a public key |
1425 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1496 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
1426 ASSERT_STATUS_SUCCESS( | 1497 ASSERT_EQ(Status::Success(), |
1427 ImportKey(blink::WebCryptoKeyFormatSpki, | 1498 ImportKey(blink::WebCryptoKeyFormatSpki, |
1428 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), | 1499 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), |
1429 test.algorithm, | 1500 test.algorithm, |
1430 true, | 1501 true, |
1431 test.usage, | 1502 test.usage, |
1432 &public_key)); | 1503 &public_key)); |
1433 | 1504 |
1434 // Export the public key as JWK and verify its contents | 1505 // Export the public key as JWK and verify its contents |
1435 blink::WebArrayBuffer jwk; | 1506 blink::WebArrayBuffer jwk; |
1436 ASSERT_STATUS_SUCCESS( | 1507 ASSERT_EQ(Status::Success(), |
1437 ExportKey(blink::WebCryptoKeyFormatJwk, public_key, &jwk)); | 1508 ExportKey(blink::WebCryptoKeyFormatJwk, public_key, &jwk)); |
1438 EXPECT_TRUE(VerifyPublicJwk(jwk, test.jwk_alg, n_hex, e_hex, test.usage)); | 1509 EXPECT_TRUE(VerifyPublicJwk(jwk, test.jwk_alg, n_hex, e_hex, test.usage)); |
1439 | 1510 |
1440 // Import the JWK back in to create a new key | 1511 // Import the JWK back in to create a new key |
1441 blink::WebCryptoKey public_key2 = blink::WebCryptoKey::createNull(); | 1512 blink::WebCryptoKey public_key2 = blink::WebCryptoKey::createNull(); |
1442 EXPECT_STATUS_SUCCESS(ImportKeyJwk( | 1513 EXPECT_EQ( |
1443 CryptoData(jwk), test.algorithm, true, test.usage, &public_key2)); | 1514 Status::Success(), |
| 1515 ImportKeyJwk( |
| 1516 CryptoData(jwk), test.algorithm, true, test.usage, &public_key2)); |
1444 EXPECT_TRUE(public_key2.handle()); | 1517 EXPECT_TRUE(public_key2.handle()); |
1445 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key2.type()); | 1518 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key2.type()); |
1446 EXPECT_EQ(true, public_key2.extractable()); | 1519 EXPECT_EQ(true, public_key2.extractable()); |
1447 EXPECT_EQ(test.algorithm.id(), public_key2.algorithm().id()); | 1520 EXPECT_EQ(test.algorithm.id(), public_key2.algorithm().id()); |
1448 | 1521 |
1449 // Export the new key as spki and compare to the original. | 1522 // Export the new key as spki and compare to the original. |
1450 blink::WebArrayBuffer spki; | 1523 blink::WebArrayBuffer spki; |
1451 ASSERT_STATUS_SUCCESS( | 1524 ASSERT_EQ(Status::Success(), |
1452 ExportKey(blink::WebCryptoKeyFormatSpki, public_key2, &spki)); | 1525 ExportKey(blink::WebCryptoKeyFormatSpki, public_key2, &spki)); |
1453 ExpectCryptoDataMatchesHex(kPublicKeySpkiDerHex, CryptoData(spki)); | 1526 ExpectCryptoDataMatchesHex(kPublicKeySpkiDerHex, CryptoData(spki)); |
1454 } | 1527 } |
1455 } | 1528 } |
1456 | 1529 |
1457 TEST_F(SharedCryptoTest, MAYBE(ImportJwkRsaFailures)) { | 1530 TEST_F(SharedCryptoTest, MAYBE(ImportJwkRsaFailures)) { |
1458 base::DictionaryValue dict; | 1531 base::DictionaryValue dict; |
1459 RestoreJwkRsaDictionary(&dict); | 1532 RestoreJwkRsaDictionary(&dict); |
1460 blink::WebCryptoAlgorithm algorithm = | 1533 blink::WebCryptoAlgorithm algorithm = |
1461 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 1534 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
1462 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; | 1535 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt; |
1463 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1536 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1464 | 1537 |
1465 // An RSA public key JWK _must_ have an "n" (modulus) and an "e" (exponent) | 1538 // An RSA public key JWK _must_ have an "n" (modulus) and an "e" (exponent) |
1466 // entry, while an RSA private key must have those plus at least a "d" | 1539 // entry, while an RSA private key must have those plus at least a "d" |
1467 // (private exponent) entry. | 1540 // (private exponent) entry. |
1468 // See http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-18, | 1541 // See http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-18, |
1469 // section 6.3. | 1542 // section 6.3. |
1470 | 1543 |
1471 // Baseline pass. | 1544 // Baseline pass. |
1472 EXPECT_STATUS_SUCCESS( | 1545 EXPECT_EQ(Status::Success(), |
1473 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1546 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1474 EXPECT_EQ(algorithm.id(), key.algorithm().id()); | 1547 EXPECT_EQ(algorithm.id(), key.algorithm().id()); |
1475 EXPECT_FALSE(key.extractable()); | 1548 EXPECT_FALSE(key.extractable()); |
1476 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); | 1549 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); |
1477 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); | 1550 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); |
1478 | 1551 |
1479 // The following are specific failure cases for when kty = "RSA". | 1552 // The following are specific failure cases for when kty = "RSA". |
1480 | 1553 |
1481 // Fail if either "n" or "e" is not present or malformed. | 1554 // Fail if either "n" or "e" is not present or malformed. |
1482 const std::string kKtyParmName[] = {"n", "e"}; | 1555 const std::string kKtyParmName[] = {"n", "e"}; |
1483 for (size_t idx = 0; idx < ARRAYSIZE_UNSAFE(kKtyParmName); ++idx) { | 1556 for (size_t idx = 0; idx < ARRAYSIZE_UNSAFE(kKtyParmName); ++idx) { |
1484 // Fail on missing parameter. | 1557 // Fail on missing parameter. |
1485 dict.Remove(kKtyParmName[idx], NULL); | 1558 dict.Remove(kKtyParmName[idx], NULL); |
1486 EXPECT_STATUS_ERROR( | 1559 EXPECT_NE(Status::Success(), |
1487 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1560 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1488 RestoreJwkRsaDictionary(&dict); | 1561 RestoreJwkRsaDictionary(&dict); |
1489 | 1562 |
1490 // Fail on bad b64 parameter encoding. | 1563 // Fail on bad b64 parameter encoding. |
1491 dict.SetString(kKtyParmName[idx], "Qk3f0DsytU8lfza2au #$% Htaw2xpop9yTuH0"); | 1564 dict.SetString(kKtyParmName[idx], "Qk3f0DsytU8lfza2au #$% Htaw2xpop9yTuH0"); |
1492 EXPECT_STATUS_ERROR( | 1565 EXPECT_NE(Status::Success(), |
1493 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1566 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1494 RestoreJwkRsaDictionary(&dict); | 1567 RestoreJwkRsaDictionary(&dict); |
1495 | 1568 |
1496 // Fail on empty parameter. | 1569 // Fail on empty parameter. |
1497 dict.SetString(kKtyParmName[idx], ""); | 1570 dict.SetString(kKtyParmName[idx], ""); |
1498 EXPECT_STATUS_ERROR( | 1571 EXPECT_NE(Status::Success(), |
1499 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1572 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1500 RestoreJwkRsaDictionary(&dict); | 1573 RestoreJwkRsaDictionary(&dict); |
1501 } | 1574 } |
1502 | 1575 |
1503 // Fail if "d" parameter is present, implying the JWK is a private key, which | 1576 // Fail if "d" parameter is present, implying the JWK is a private key, which |
1504 // is not supported. | 1577 // is not supported. |
1505 dict.SetString("d", "Qk3f0Dsyt"); | 1578 dict.SetString("d", "Qk3f0Dsyt"); |
1506 EXPECT_STATUS(Status::ErrorJwkRsaPrivateKeyUnsupported(), | 1579 EXPECT_EQ(Status::ErrorJwkRsaPrivateKeyUnsupported(), |
1507 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1580 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1508 RestoreJwkRsaDictionary(&dict); | 1581 RestoreJwkRsaDictionary(&dict); |
1509 } | 1582 } |
1510 | 1583 |
1511 TEST_F(SharedCryptoTest, MAYBE(ImportJwkInputConsistency)) { | 1584 TEST_F(SharedCryptoTest, MAYBE(ImportJwkInputConsistency)) { |
1512 // The Web Crypto spec says that if a JWK value is present, but is | 1585 // The Web Crypto spec says that if a JWK value is present, but is |
1513 // inconsistent with the input value, the operation must fail. | 1586 // inconsistent with the input value, the operation must fail. |
1514 | 1587 |
1515 // Consistency rules when JWK value is not present: Inputs should be used. | 1588 // Consistency rules when JWK value is not present: Inputs should be used. |
1516 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1589 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1517 bool extractable = false; | 1590 bool extractable = false; |
1518 blink::WebCryptoAlgorithm algorithm = | 1591 blink::WebCryptoAlgorithm algorithm = |
1519 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256); | 1592 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256); |
1520 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageVerify; | 1593 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageVerify; |
1521 base::DictionaryValue dict; | 1594 base::DictionaryValue dict; |
1522 dict.SetString("kty", "oct"); | 1595 dict.SetString("kty", "oct"); |
1523 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); | 1596 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); |
1524 std::vector<uint8> json_vec = MakeJsonVector(dict); | 1597 std::vector<uint8> json_vec = MakeJsonVector(dict); |
1525 EXPECT_STATUS_SUCCESS(ImportKeyJwk( | 1598 EXPECT_EQ( |
1526 CryptoData(json_vec), algorithm, extractable, usage_mask, &key)); | 1599 Status::Success(), |
| 1600 ImportKeyJwk( |
| 1601 CryptoData(json_vec), algorithm, extractable, usage_mask, &key)); |
1527 EXPECT_TRUE(key.handle()); | 1602 EXPECT_TRUE(key.handle()); |
1528 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 1603 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
1529 EXPECT_EQ(extractable, key.extractable()); | 1604 EXPECT_EQ(extractable, key.extractable()); |
1530 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); | 1605 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); |
1531 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, | 1606 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, |
1532 key.algorithm().hmacParams()->hash().id()); | 1607 key.algorithm().hmacParams()->hash().id()); |
1533 EXPECT_EQ(320u, key.algorithm().hmacParams()->lengthBits()); | 1608 EXPECT_EQ(320u, key.algorithm().hmacParams()->lengthBits()); |
1534 EXPECT_EQ(blink::WebCryptoKeyUsageVerify, key.usages()); | 1609 EXPECT_EQ(blink::WebCryptoKeyUsageVerify, key.usages()); |
1535 key = blink::WebCryptoKey::createNull(); | 1610 key = blink::WebCryptoKey::createNull(); |
1536 | 1611 |
1537 // Consistency rules when JWK value exists: Fail if inconsistency is found. | 1612 // Consistency rules when JWK value exists: Fail if inconsistency is found. |
1538 | 1613 |
1539 // Pass: All input values are consistent with the JWK values. | 1614 // Pass: All input values are consistent with the JWK values. |
1540 dict.Clear(); | 1615 dict.Clear(); |
1541 dict.SetString("kty", "oct"); | 1616 dict.SetString("kty", "oct"); |
1542 dict.SetString("alg", "HS256"); | 1617 dict.SetString("alg", "HS256"); |
1543 dict.SetString("use", "sig"); | 1618 dict.SetString("use", "sig"); |
1544 dict.SetBoolean("ext", false); | 1619 dict.SetBoolean("ext", false); |
1545 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); | 1620 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); |
1546 json_vec = MakeJsonVector(dict); | 1621 json_vec = MakeJsonVector(dict); |
1547 EXPECT_STATUS_SUCCESS(ImportKeyJwk( | 1622 EXPECT_EQ( |
1548 CryptoData(json_vec), algorithm, extractable, usage_mask, &key)); | 1623 Status::Success(), |
| 1624 ImportKeyJwk( |
| 1625 CryptoData(json_vec), algorithm, extractable, usage_mask, &key)); |
1549 | 1626 |
1550 // Extractable cases: | 1627 // Extractable cases: |
1551 // 1. input=T, JWK=F ==> fail (inconsistent) | 1628 // 1. input=T, JWK=F ==> fail (inconsistent) |
1552 // 4. input=F, JWK=F ==> pass, result extractable is F | 1629 // 4. input=F, JWK=F ==> pass, result extractable is F |
1553 // 2. input=T, JWK=T ==> pass, result extractable is T | 1630 // 2. input=T, JWK=T ==> pass, result extractable is T |
1554 // 3. input=F, JWK=T ==> pass, result extractable is F | 1631 // 3. input=F, JWK=T ==> pass, result extractable is F |
1555 EXPECT_STATUS( | 1632 EXPECT_EQ( |
1556 Status::ErrorJwkExtInconsistent(), | 1633 Status::ErrorJwkExtInconsistent(), |
1557 ImportKeyJwk(CryptoData(json_vec), algorithm, true, usage_mask, &key)); | 1634 ImportKeyJwk(CryptoData(json_vec), algorithm, true, usage_mask, &key)); |
1558 EXPECT_STATUS_SUCCESS( | 1635 EXPECT_EQ( |
| 1636 Status::Success(), |
1559 ImportKeyJwk(CryptoData(json_vec), algorithm, false, usage_mask, &key)); | 1637 ImportKeyJwk(CryptoData(json_vec), algorithm, false, usage_mask, &key)); |
1560 EXPECT_FALSE(key.extractable()); | 1638 EXPECT_FALSE(key.extractable()); |
1561 dict.SetBoolean("ext", true); | 1639 dict.SetBoolean("ext", true); |
1562 EXPECT_STATUS_SUCCESS( | 1640 EXPECT_EQ(Status::Success(), |
1563 ImportKeyJwkFromDict(dict, algorithm, true, usage_mask, &key)); | 1641 ImportKeyJwkFromDict(dict, algorithm, true, usage_mask, &key)); |
1564 EXPECT_TRUE(key.extractable()); | 1642 EXPECT_TRUE(key.extractable()); |
1565 EXPECT_STATUS_SUCCESS( | 1643 EXPECT_EQ(Status::Success(), |
1566 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1644 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1567 EXPECT_FALSE(key.extractable()); | 1645 EXPECT_FALSE(key.extractable()); |
1568 dict.SetBoolean("ext", true); // restore previous value | 1646 dict.SetBoolean("ext", true); // restore previous value |
1569 | 1647 |
1570 // Fail: Input algorithm (AES-CBC) is inconsistent with JWK value | 1648 // Fail: Input algorithm (AES-CBC) is inconsistent with JWK value |
1571 // (HMAC SHA256). | 1649 // (HMAC SHA256). |
1572 EXPECT_STATUS(Status::ErrorJwkAlgorithmInconsistent(), | 1650 EXPECT_EQ(Status::ErrorJwkAlgorithmInconsistent(), |
1573 ImportKeyJwk(CryptoData(json_vec), | 1651 ImportKeyJwk(CryptoData(json_vec), |
1574 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 1652 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
1575 extractable, | 1653 extractable, |
1576 usage_mask, | 1654 usage_mask, |
1577 &key)); | 1655 &key)); |
1578 | 1656 |
1579 // Fail: Input algorithm (HMAC SHA1) is inconsistent with JWK value | 1657 // Fail: Input algorithm (HMAC SHA1) is inconsistent with JWK value |
1580 // (HMAC SHA256). | 1658 // (HMAC SHA256). |
1581 EXPECT_STATUS( | 1659 EXPECT_EQ( |
1582 Status::ErrorJwkAlgorithmInconsistent(), | 1660 Status::ErrorJwkAlgorithmInconsistent(), |
1583 ImportKeyJwk(CryptoData(json_vec), | 1661 ImportKeyJwk(CryptoData(json_vec), |
1584 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha1), | 1662 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha1), |
1585 extractable, | 1663 extractable, |
1586 usage_mask, | 1664 usage_mask, |
1587 &key)); | 1665 &key)); |
1588 | 1666 |
1589 // Pass: JWK alg missing but input algorithm specified: use input value | 1667 // Pass: JWK alg missing but input algorithm specified: use input value |
1590 dict.Remove("alg", NULL); | 1668 dict.Remove("alg", NULL); |
1591 EXPECT_STATUS_SUCCESS(ImportKeyJwkFromDict( | 1669 EXPECT_EQ(Status::Success(), |
1592 dict, | 1670 ImportKeyJwkFromDict( |
1593 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256), | 1671 dict, |
1594 extractable, | 1672 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256), |
1595 usage_mask, | 1673 extractable, |
1596 &key)); | 1674 usage_mask, |
| 1675 &key)); |
1597 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); | 1676 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); |
1598 dict.SetString("alg", "HS256"); | 1677 dict.SetString("alg", "HS256"); |
1599 | 1678 |
1600 // Fail: Input usage_mask (encrypt) is not a subset of the JWK value | 1679 // Fail: Input usage_mask (encrypt) is not a subset of the JWK value |
1601 // (sign|verify) | 1680 // (sign|verify) |
1602 EXPECT_STATUS(Status::ErrorJwkUseInconsistent(), | 1681 EXPECT_EQ(Status::ErrorJwkUseInconsistent(), |
1603 ImportKeyJwk(CryptoData(json_vec), | 1682 ImportKeyJwk(CryptoData(json_vec), |
1604 algorithm, | 1683 algorithm, |
1605 extractable, | 1684 extractable, |
1606 blink::WebCryptoKeyUsageEncrypt, | 1685 blink::WebCryptoKeyUsageEncrypt, |
1607 &key)); | 1686 &key)); |
1608 | 1687 |
1609 // Fail: Input usage_mask (encrypt|sign|verify) is not a subset of the JWK | 1688 // Fail: Input usage_mask (encrypt|sign|verify) is not a subset of the JWK |
1610 // value (sign|verify) | 1689 // value (sign|verify) |
1611 usage_mask = blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageSign | | 1690 usage_mask = blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageSign | |
1612 blink::WebCryptoKeyUsageVerify; | 1691 blink::WebCryptoKeyUsageVerify; |
1613 EXPECT_STATUS( | 1692 EXPECT_EQ( |
1614 Status::ErrorJwkUseInconsistent(), | 1693 Status::ErrorJwkUseInconsistent(), |
1615 ImportKeyJwk( | 1694 ImportKeyJwk( |
1616 CryptoData(json_vec), algorithm, extractable, usage_mask, &key)); | 1695 CryptoData(json_vec), algorithm, extractable, usage_mask, &key)); |
1617 | 1696 |
1618 // TODO(padolph): kty vs alg consistency tests: Depending on the kty value, | 1697 // TODO(padolph): kty vs alg consistency tests: Depending on the kty value, |
1619 // only certain alg values are permitted. For example, when kty = "RSA" alg | 1698 // only certain alg values are permitted. For example, when kty = "RSA" alg |
1620 // must be of the RSA family, or when kty = "oct" alg must be symmetric | 1699 // must be of the RSA family, or when kty = "oct" alg must be symmetric |
1621 // algorithm. | 1700 // algorithm. |
1622 | 1701 |
1623 // TODO(padolph): key_ops consistency tests | 1702 // TODO(padolph): key_ops consistency tests |
(...skipping 12 matching lines...) Expand all Loading... |
1636 // Import a symmetric key JWK and HMAC-SHA256 sign() | 1715 // Import a symmetric key JWK and HMAC-SHA256 sign() |
1637 // Uses the first SHA256 test vector from the HMAC sample set above. | 1716 // Uses the first SHA256 test vector from the HMAC sample set above. |
1638 | 1717 |
1639 base::DictionaryValue dict; | 1718 base::DictionaryValue dict; |
1640 dict.SetString("kty", "oct"); | 1719 dict.SetString("kty", "oct"); |
1641 dict.SetString("alg", "HS256"); | 1720 dict.SetString("alg", "HS256"); |
1642 dict.SetString("use", "sig"); | 1721 dict.SetString("use", "sig"); |
1643 dict.SetBoolean("ext", false); | 1722 dict.SetBoolean("ext", false); |
1644 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); | 1723 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg"); |
1645 | 1724 |
1646 ASSERT_STATUS_SUCCESS( | 1725 ASSERT_EQ( |
| 1726 Status::Success(), |
1647 ImportKeyJwkFromDict(dict, algorithm, extractable, usage_mask, &key)); | 1727 ImportKeyJwkFromDict(dict, algorithm, extractable, usage_mask, &key)); |
1648 | 1728 |
1649 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, | 1729 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, |
1650 key.algorithm().hmacParams()->hash().id()); | 1730 key.algorithm().hmacParams()->hash().id()); |
1651 | 1731 |
1652 const std::vector<uint8> message_raw = HexStringToBytes( | 1732 const std::vector<uint8> message_raw = HexStringToBytes( |
1653 "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a" | 1733 "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a" |
1654 "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92" | 1734 "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92" |
1655 "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f" | 1735 "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f" |
1656 "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e"); | 1736 "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e"); |
1657 | 1737 |
1658 blink::WebArrayBuffer output; | 1738 blink::WebArrayBuffer output; |
1659 | 1739 |
1660 ASSERT_STATUS_SUCCESS(Sign(CreateAlgorithm(blink::WebCryptoAlgorithmIdHmac), | 1740 ASSERT_EQ(Status::Success(), |
1661 key, | 1741 Sign(CreateAlgorithm(blink::WebCryptoAlgorithmIdHmac), |
1662 CryptoData(message_raw), | 1742 key, |
1663 &output)); | 1743 CryptoData(message_raw), |
| 1744 &output)); |
1664 | 1745 |
1665 const std::string mac_raw = | 1746 const std::string mac_raw = |
1666 "769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b"; | 1747 "769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b"; |
1667 | 1748 |
1668 ExpectArrayBufferMatchesHex(mac_raw, output); | 1749 ExpectArrayBufferMatchesHex(mac_raw, output); |
1669 | 1750 |
1670 // TODO(padolph): Import an RSA public key JWK and use it | 1751 // TODO(padolph): Import an RSA public key JWK and use it |
1671 } | 1752 } |
1672 | 1753 |
1673 TEST_F(SharedCryptoTest, MAYBE(ImportExportJwkSymmetricKey)) { | 1754 TEST_F(SharedCryptoTest, MAYBE(ImportExportJwkSymmetricKey)) { |
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1742 // HMAC SHA-384 | 1823 // HMAC SHA-384 |
1743 {key_hex_384, hmac_sha_384_alg, blink::WebCryptoKeyUsageSign, "HS384"}, | 1824 {key_hex_384, hmac_sha_384_alg, blink::WebCryptoKeyUsageSign, "HS384"}, |
1744 // HMAC SHA-512 | 1825 // HMAC SHA-512 |
1745 {key_hex_512, hmac_sha_512_alg, blink::WebCryptoKeyUsageVerify, "HS512"}, | 1826 {key_hex_512, hmac_sha_512_alg, blink::WebCryptoKeyUsageVerify, "HS512"}, |
1746 // Large usage value | 1827 // Large usage value |
1747 {key_hex_256, aes_cbc_alg, | 1828 {key_hex_256, aes_cbc_alg, |
1748 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt | | 1829 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt | |
1749 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey, | 1830 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey, |
1750 "A256CBC"}, | 1831 "A256CBC"}, |
1751 // Zero usage value | 1832 // Zero usage value |
1752 {key_hex_512, hmac_sha_512_alg, 0, "HS512"}, }; | 1833 {key_hex_512, hmac_sha_512_alg, 0, "HS512"}, |
| 1834 }; |
1753 | 1835 |
1754 // Round-trip import/export each key. | 1836 // Round-trip import/export each key. |
1755 | 1837 |
1756 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1838 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1757 blink::WebArrayBuffer json; | 1839 blink::WebArrayBuffer json; |
1758 for (size_t test_index = 0; test_index < ARRAYSIZE_UNSAFE(kTests); | 1840 for (size_t test_index = 0; test_index < ARRAYSIZE_UNSAFE(kTests); |
1759 ++test_index) { | 1841 ++test_index) { |
1760 SCOPED_TRACE(test_index); | 1842 SCOPED_TRACE(test_index); |
1761 const TestCase& test = kTests[test_index]; | 1843 const TestCase& test = kTests[test_index]; |
1762 | 1844 |
1763 // Skip AES-GCM tests where not supported. | 1845 // Skip AES-GCM tests where not supported. |
1764 if (test.algorithm.id() == blink::WebCryptoAlgorithmIdAesGcm && | 1846 if (test.algorithm.id() == blink::WebCryptoAlgorithmIdAesGcm && |
1765 !SupportsAesGcm()) { | 1847 !SupportsAesGcm()) { |
1766 continue; | 1848 continue; |
1767 } | 1849 } |
1768 | 1850 |
1769 // Import a raw key. | 1851 // Import a raw key. |
1770 key = ImportSecretKeyFromRaw( | 1852 key = ImportSecretKeyFromRaw( |
1771 HexStringToBytes(test.key_hex), test.algorithm, test.usage); | 1853 HexStringToBytes(test.key_hex), test.algorithm, test.usage); |
1772 | 1854 |
1773 // Export the key in JWK format and validate. | 1855 // Export the key in JWK format and validate. |
1774 ASSERT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatJwk, key, &json)); | 1856 ASSERT_EQ(Status::Success(), |
| 1857 ExportKey(blink::WebCryptoKeyFormatJwk, key, &json)); |
1775 EXPECT_TRUE(VerifySecretJwk(json, test.jwk_alg, test.key_hex, test.usage)); | 1858 EXPECT_TRUE(VerifySecretJwk(json, test.jwk_alg, test.key_hex, test.usage)); |
1776 | 1859 |
1777 // Import the JWK-formatted key. | 1860 // Import the JWK-formatted key. |
1778 ASSERT_STATUS_SUCCESS( | 1861 ASSERT_EQ( |
| 1862 Status::Success(), |
1779 ImportKeyJwk(CryptoData(json), test.algorithm, true, test.usage, &key)); | 1863 ImportKeyJwk(CryptoData(json), test.algorithm, true, test.usage, &key)); |
1780 EXPECT_TRUE(key.handle()); | 1864 EXPECT_TRUE(key.handle()); |
1781 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 1865 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
1782 EXPECT_EQ(test.algorithm.id(), key.algorithm().id()); | 1866 EXPECT_EQ(test.algorithm.id(), key.algorithm().id()); |
1783 EXPECT_EQ(true, key.extractable()); | 1867 EXPECT_EQ(true, key.extractable()); |
1784 EXPECT_EQ(test.usage, key.usages()); | 1868 EXPECT_EQ(test.usage, key.usages()); |
1785 | 1869 |
1786 // Export the key in raw format and compare to the original. | 1870 // Export the key in raw format and compare to the original. |
1787 blink::WebArrayBuffer key_raw_out; | 1871 blink::WebArrayBuffer key_raw_out; |
1788 ASSERT_STATUS_SUCCESS( | 1872 ASSERT_EQ(Status::Success(), |
1789 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out)); | 1873 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out)); |
1790 ExpectArrayBufferMatchesHex(test.key_hex, key_raw_out); | 1874 ExpectArrayBufferMatchesHex(test.key_hex, key_raw_out); |
1791 } | 1875 } |
1792 } | 1876 } |
1793 | 1877 |
1794 TEST_F(SharedCryptoTest, MAYBE(ImportExportSpki)) { | 1878 TEST_F(SharedCryptoTest, MAYBE(ImportExportSpki)) { |
1795 // Passing case: Import a valid RSA key in SPKI format. | 1879 // Passing case: Import a valid RSA key in SPKI format. |
1796 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1880 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1797 ASSERT_STATUS_SUCCESS( | 1881 ASSERT_EQ( |
| 1882 Status::Success(), |
1798 ImportKey(blink::WebCryptoKeyFormatSpki, | 1883 ImportKey(blink::WebCryptoKeyFormatSpki, |
1799 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), | 1884 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), |
1800 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 1885 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1801 true, | 1886 true, |
1802 blink::WebCryptoKeyUsageEncrypt, | 1887 blink::WebCryptoKeyUsageEncrypt, |
1803 &key)); | 1888 &key)); |
1804 EXPECT_TRUE(key.handle()); | 1889 EXPECT_TRUE(key.handle()); |
1805 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); | 1890 EXPECT_EQ(blink::WebCryptoKeyTypePublic, key.type()); |
1806 EXPECT_TRUE(key.extractable()); | 1891 EXPECT_TRUE(key.extractable()); |
1807 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); | 1892 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); |
1808 EXPECT_EQ(kModulusLengthBits, | 1893 EXPECT_EQ(kModulusLengthBits, |
1809 key.algorithm().rsaParams()->modulusLengthBits()); | 1894 key.algorithm().rsaParams()->modulusLengthBits()); |
1810 ExpectCryptoDataMatchesHex( | 1895 ExpectCryptoDataMatchesHex( |
1811 "010001", CryptoData(key.algorithm().rsaParams()->publicExponent())); | 1896 "010001", CryptoData(key.algorithm().rsaParams()->publicExponent())); |
1812 | 1897 |
1813 // Failing case: Empty SPKI data | 1898 // Failing case: Empty SPKI data |
1814 EXPECT_STATUS( | 1899 EXPECT_EQ( |
1815 Status::ErrorImportEmptyKeyData(), | 1900 Status::ErrorImportEmptyKeyData(), |
1816 ImportKey(blink::WebCryptoKeyFormatSpki, | 1901 ImportKey(blink::WebCryptoKeyFormatSpki, |
1817 CryptoData(std::vector<uint8>()), | 1902 CryptoData(std::vector<uint8>()), |
1818 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 1903 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1819 true, | 1904 true, |
1820 blink::WebCryptoKeyUsageEncrypt, | 1905 blink::WebCryptoKeyUsageEncrypt, |
1821 &key)); | 1906 &key)); |
1822 | 1907 |
1823 // Failing case: Bad DER encoding. | 1908 // Failing case: Bad DER encoding. |
1824 EXPECT_STATUS( | 1909 EXPECT_EQ( |
1825 Status::Error(), | 1910 Status::DataError(), |
1826 ImportKey(blink::WebCryptoKeyFormatSpki, | 1911 ImportKey(blink::WebCryptoKeyFormatSpki, |
1827 CryptoData(HexStringToBytes("618333c4cb")), | 1912 CryptoData(HexStringToBytes("618333c4cb")), |
1828 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 1913 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1829 true, | 1914 true, |
1830 blink::WebCryptoKeyUsageEncrypt, | 1915 blink::WebCryptoKeyUsageEncrypt, |
1831 &key)); | 1916 &key)); |
1832 | 1917 |
1833 // Failing case: Import RSA key but provide an inconsistent input algorithm. | 1918 // Failing case: Import RSA key but provide an inconsistent input algorithm. |
1834 EXPECT_STATUS(Status::Error(), | 1919 EXPECT_EQ(Status::DataError(), |
1835 ImportKey(blink::WebCryptoKeyFormatSpki, | 1920 ImportKey(blink::WebCryptoKeyFormatSpki, |
1836 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), | 1921 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), |
1837 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 1922 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
1838 true, | 1923 true, |
1839 blink::WebCryptoKeyUsageEncrypt, | 1924 blink::WebCryptoKeyUsageEncrypt, |
1840 &key)); | 1925 &key)); |
1841 | 1926 |
1842 // Passing case: Export a previously imported RSA public key in SPKI format | 1927 // Passing case: Export a previously imported RSA public key in SPKI format |
1843 // and compare to original data. | 1928 // and compare to original data. |
1844 blink::WebArrayBuffer output; | 1929 blink::WebArrayBuffer output; |
1845 ASSERT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); | 1930 ASSERT_EQ(Status::Success(), |
| 1931 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); |
1846 ExpectArrayBufferMatchesHex(kPublicKeySpkiDerHex, output); | 1932 ExpectArrayBufferMatchesHex(kPublicKeySpkiDerHex, output); |
1847 | 1933 |
1848 // Failing case: Try to export a previously imported RSA public key in raw | 1934 // Failing case: Try to export a previously imported RSA public key in raw |
1849 // format (not allowed for a public key). | 1935 // format (not allowed for a public key). |
1850 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 1936 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), |
1851 ExportKey(blink::WebCryptoKeyFormatRaw, key, &output)); | 1937 ExportKey(blink::WebCryptoKeyFormatRaw, key, &output)); |
1852 | 1938 |
1853 // Failing case: Try to export a non-extractable key | 1939 // Failing case: Try to export a non-extractable key |
1854 ASSERT_STATUS_SUCCESS( | 1940 ASSERT_EQ( |
| 1941 Status::Success(), |
1855 ImportKey(blink::WebCryptoKeyFormatSpki, | 1942 ImportKey(blink::WebCryptoKeyFormatSpki, |
1856 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), | 1943 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), |
1857 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 1944 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1858 false, | 1945 false, |
1859 blink::WebCryptoKeyUsageEncrypt, | 1946 blink::WebCryptoKeyUsageEncrypt, |
1860 &key)); | 1947 &key)); |
1861 EXPECT_TRUE(key.handle()); | 1948 EXPECT_TRUE(key.handle()); |
1862 EXPECT_FALSE(key.extractable()); | 1949 EXPECT_FALSE(key.extractable()); |
1863 EXPECT_STATUS(Status::ErrorKeyNotExtractable(), | 1950 EXPECT_EQ(Status::ErrorKeyNotExtractable(), |
1864 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); | 1951 ExportKey(blink::WebCryptoKeyFormatSpki, key, &output)); |
1865 } | 1952 } |
1866 | 1953 |
1867 TEST_F(SharedCryptoTest, MAYBE(ImportExportPkcs8)) { | 1954 TEST_F(SharedCryptoTest, MAYBE(ImportExportPkcs8)) { |
1868 // Passing case: Import a valid RSA key in PKCS#8 format. | 1955 // Passing case: Import a valid RSA key in PKCS#8 format. |
1869 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1956 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1870 ASSERT_STATUS_SUCCESS(ImportKey( | 1957 ASSERT_EQ(Status::Success(), |
1871 blink::WebCryptoKeyFormatPkcs8, | 1958 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
1872 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), | 1959 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), |
1873 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1960 CreateRsaHashedImportAlgorithm( |
1874 blink::WebCryptoAlgorithmIdSha1), | 1961 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
1875 true, | 1962 blink::WebCryptoAlgorithmIdSha1), |
1876 blink::WebCryptoKeyUsageSign, | 1963 true, |
1877 &key)); | 1964 blink::WebCryptoKeyUsageSign, |
| 1965 &key)); |
1878 EXPECT_TRUE(key.handle()); | 1966 EXPECT_TRUE(key.handle()); |
1879 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, key.type()); | 1967 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, key.type()); |
1880 EXPECT_TRUE(key.extractable()); | 1968 EXPECT_TRUE(key.extractable()); |
1881 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages()); | 1969 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages()); |
1882 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, | 1970 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, |
1883 key.algorithm().rsaHashedParams()->hash().id()); | 1971 key.algorithm().rsaHashedParams()->hash().id()); |
1884 EXPECT_EQ(kModulusLengthBits, | 1972 EXPECT_EQ(kModulusLengthBits, |
1885 key.algorithm().rsaHashedParams()->modulusLengthBits()); | 1973 key.algorithm().rsaHashedParams()->modulusLengthBits()); |
1886 ExpectCryptoDataMatchesHex( | 1974 ExpectCryptoDataMatchesHex( |
1887 "010001", | 1975 "010001", |
1888 CryptoData(key.algorithm().rsaHashedParams()->publicExponent())); | 1976 CryptoData(key.algorithm().rsaHashedParams()->publicExponent())); |
1889 | 1977 |
1890 blink::WebArrayBuffer exported_key; | 1978 blink::WebArrayBuffer exported_key; |
1891 ASSERT_STATUS_SUCCESS( | 1979 ASSERT_EQ(Status::Success(), |
1892 ExportKey(blink::WebCryptoKeyFormatPkcs8, key, &exported_key)); | 1980 ExportKey(blink::WebCryptoKeyFormatPkcs8, key, &exported_key)); |
1893 ExpectArrayBufferMatchesHex(kPrivateKeyPkcs8DerHex, exported_key); | 1981 ExpectArrayBufferMatchesHex(kPrivateKeyPkcs8DerHex, exported_key); |
1894 | 1982 |
1895 // Failing case: Empty PKCS#8 data | 1983 // Failing case: Empty PKCS#8 data |
1896 EXPECT_STATUS(Status::ErrorImportEmptyKeyData(), | 1984 EXPECT_EQ(Status::ErrorImportEmptyKeyData(), |
1897 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 1985 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
1898 CryptoData(std::vector<uint8>()), | 1986 CryptoData(std::vector<uint8>()), |
1899 CreateRsaHashedImportAlgorithm( | 1987 CreateRsaHashedImportAlgorithm( |
1900 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1988 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
1901 blink::WebCryptoAlgorithmIdSha1), | 1989 blink::WebCryptoAlgorithmIdSha1), |
1902 true, | 1990 true, |
1903 blink::WebCryptoKeyUsageSign, | 1991 blink::WebCryptoKeyUsageSign, |
1904 &key)); | 1992 &key)); |
1905 | 1993 |
1906 // Failing case: Bad DER encoding. | 1994 // Failing case: Bad DER encoding. |
1907 EXPECT_STATUS( | 1995 EXPECT_EQ( |
1908 Status::Error(), | 1996 Status::DataError(), |
1909 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 1997 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
1910 CryptoData(HexStringToBytes("618333c4cb")), | 1998 CryptoData(HexStringToBytes("618333c4cb")), |
1911 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), | 1999 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), |
1912 true, | 2000 true, |
1913 blink::WebCryptoKeyUsageSign, | 2001 blink::WebCryptoKeyUsageSign, |
1914 &key)); | 2002 &key)); |
1915 | 2003 |
1916 // Failing case: Import RSA key but provide an inconsistent input algorithm. | 2004 // Failing case: Import RSA key but provide an inconsistent input algorithm. |
1917 EXPECT_STATUS(Status::Error(), | 2005 EXPECT_EQ(Status::DataError(), |
1918 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 2006 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
1919 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), | 2007 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), |
1920 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 2008 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
1921 true, | 2009 true, |
1922 blink::WebCryptoKeyUsageSign, | 2010 blink::WebCryptoKeyUsageSign, |
1923 &key)); | 2011 &key)); |
1924 } | 2012 } |
1925 | 2013 |
1926 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyPairRsa)) { | 2014 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyPairRsa)) { |
1927 // Note: using unrealistic short key lengths here to avoid bogging down tests. | 2015 // Note: using unrealistic short key lengths here to avoid bogging down tests. |
1928 | 2016 |
1929 // Successful WebCryptoAlgorithmIdRsaEsPkcs1v1_5 key generation. | 2017 // Successful WebCryptoAlgorithmIdRsaEsPkcs1v1_5 key generation. |
1930 const unsigned int modulus_length = 256; | 2018 const unsigned int modulus_length = 256; |
1931 const std::vector<uint8> public_exponent = HexStringToBytes("010001"); | 2019 const std::vector<uint8> public_exponent = HexStringToBytes("010001"); |
1932 blink::WebCryptoAlgorithm algorithm = | 2020 blink::WebCryptoAlgorithm algorithm = |
1933 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | 2021 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
1934 modulus_length, | 2022 modulus_length, |
1935 public_exponent); | 2023 public_exponent); |
1936 bool extractable = true; | 2024 bool extractable = true; |
1937 const blink::WebCryptoKeyUsageMask usage_mask = 0; | 2025 const blink::WebCryptoKeyUsageMask usage_mask = 0; |
1938 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 2026 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
1939 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 2027 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
1940 ASSERT_STATUS_SUCCESS(GenerateKeyPair( | 2028 ASSERT_EQ(Status::Success(), |
1941 algorithm, extractable, usage_mask, &public_key, &private_key)); | 2029 GenerateKeyPair( |
| 2030 algorithm, extractable, usage_mask, &public_key, &private_key)); |
1942 EXPECT_FALSE(public_key.isNull()); | 2031 EXPECT_FALSE(public_key.isNull()); |
1943 EXPECT_FALSE(private_key.isNull()); | 2032 EXPECT_FALSE(private_key.isNull()); |
1944 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 2033 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
1945 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 2034 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
1946 EXPECT_TRUE(public_key.extractable()); | 2035 EXPECT_TRUE(public_key.extractable()); |
1947 EXPECT_EQ(extractable, private_key.extractable()); | 2036 EXPECT_EQ(extractable, private_key.extractable()); |
1948 EXPECT_EQ(usage_mask, public_key.usages()); | 2037 EXPECT_EQ(usage_mask, public_key.usages()); |
1949 EXPECT_EQ(usage_mask, private_key.usages()); | 2038 EXPECT_EQ(usage_mask, private_key.usages()); |
1950 | 2039 |
1951 // Try exporting the generated key pair, and then re-importing to verify that | 2040 // Try exporting the generated key pair, and then re-importing to verify that |
1952 // the exported data was valid. | 2041 // the exported data was valid. |
1953 blink::WebArrayBuffer public_key_spki; | 2042 blink::WebArrayBuffer public_key_spki; |
1954 EXPECT_STATUS_SUCCESS( | 2043 EXPECT_EQ( |
| 2044 Status::Success(), |
1955 ExportKey(blink::WebCryptoKeyFormatSpki, public_key, &public_key_spki)); | 2045 ExportKey(blink::WebCryptoKeyFormatSpki, public_key, &public_key_spki)); |
1956 public_key = blink::WebCryptoKey::createNull(); | 2046 public_key = blink::WebCryptoKey::createNull(); |
1957 EXPECT_STATUS_SUCCESS( | 2047 EXPECT_EQ( |
| 2048 Status::Success(), |
1958 ImportKey(blink::WebCryptoKeyFormatSpki, | 2049 ImportKey(blink::WebCryptoKeyFormatSpki, |
1959 CryptoData(public_key_spki), | 2050 CryptoData(public_key_spki), |
1960 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 2051 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1961 true, | 2052 true, |
1962 usage_mask, | 2053 usage_mask, |
1963 &public_key)); | 2054 &public_key)); |
1964 EXPECT_EQ(modulus_length, | 2055 EXPECT_EQ(modulus_length, |
1965 public_key.algorithm().rsaParams()->modulusLengthBits()); | 2056 public_key.algorithm().rsaParams()->modulusLengthBits()); |
1966 | 2057 |
1967 blink::WebArrayBuffer private_key_pkcs8; | 2058 blink::WebArrayBuffer private_key_pkcs8; |
1968 EXPECT_STATUS_SUCCESS(ExportKey( | 2059 EXPECT_EQ( |
1969 blink::WebCryptoKeyFormatPkcs8, private_key, &private_key_pkcs8)); | 2060 Status::Success(), |
| 2061 ExportKey( |
| 2062 blink::WebCryptoKeyFormatPkcs8, private_key, &private_key_pkcs8)); |
1970 private_key = blink::WebCryptoKey::createNull(); | 2063 private_key = blink::WebCryptoKey::createNull(); |
1971 EXPECT_STATUS_SUCCESS( | 2064 EXPECT_EQ( |
| 2065 Status::Success(), |
1972 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 2066 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
1973 CryptoData(private_key_pkcs8), | 2067 CryptoData(private_key_pkcs8), |
1974 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 2068 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1975 true, | 2069 true, |
1976 usage_mask, | 2070 usage_mask, |
1977 &private_key)); | 2071 &private_key)); |
1978 EXPECT_EQ(modulus_length, | 2072 EXPECT_EQ(modulus_length, |
1979 private_key.algorithm().rsaParams()->modulusLengthBits()); | 2073 private_key.algorithm().rsaParams()->modulusLengthBits()); |
1980 | 2074 |
1981 // Fail with bad modulus. | 2075 // Fail with bad modulus. |
1982 algorithm = CreateRsaKeyGenAlgorithm( | 2076 algorithm = CreateRsaKeyGenAlgorithm( |
1983 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, 0, public_exponent); | 2077 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, 0, public_exponent); |
1984 EXPECT_STATUS( | 2078 EXPECT_EQ(Status::ErrorGenerateRsaZeroModulus(), |
1985 Status::ErrorGenerateRsaZeroModulus(), | 2079 GenerateKeyPair( |
1986 GenerateKeyPair( | 2080 algorithm, extractable, usage_mask, &public_key, &private_key)); |
1987 algorithm, extractable, usage_mask, &public_key, &private_key)); | |
1988 | 2081 |
1989 // Fail with bad exponent: larger than unsigned long. | 2082 // Fail with bad exponent: larger than unsigned long. |
1990 unsigned int exponent_length = sizeof(unsigned long) + 1; // NOLINT | 2083 unsigned int exponent_length = sizeof(unsigned long) + 1; // NOLINT |
1991 const std::vector<uint8> long_exponent(exponent_length, 0x01); | 2084 const std::vector<uint8> long_exponent(exponent_length, 0x01); |
1992 algorithm = CreateRsaKeyGenAlgorithm( | 2085 algorithm = CreateRsaKeyGenAlgorithm( |
1993 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, modulus_length, long_exponent); | 2086 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, modulus_length, long_exponent); |
1994 EXPECT_STATUS( | 2087 EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(), |
1995 Status::ErrorGenerateKeyPublicExponent(), | 2088 GenerateKeyPair( |
1996 GenerateKeyPair( | 2089 algorithm, extractable, usage_mask, &public_key, &private_key)); |
1997 algorithm, extractable, usage_mask, &public_key, &private_key)); | |
1998 | 2090 |
1999 // Fail with bad exponent: empty. | 2091 // Fail with bad exponent: empty. |
2000 const std::vector<uint8> empty_exponent; | 2092 const std::vector<uint8> empty_exponent; |
2001 algorithm = | 2093 algorithm = |
2002 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | 2094 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
2003 modulus_length, | 2095 modulus_length, |
2004 empty_exponent); | 2096 empty_exponent); |
2005 EXPECT_STATUS( | 2097 EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(), |
2006 Status::ErrorGenerateKeyPublicExponent(), | 2098 GenerateKeyPair( |
2007 GenerateKeyPair( | 2099 algorithm, extractable, usage_mask, &public_key, &private_key)); |
2008 algorithm, extractable, usage_mask, &public_key, &private_key)); | |
2009 | 2100 |
2010 // Fail with bad exponent: all zeros. | 2101 // Fail with bad exponent: all zeros. |
2011 std::vector<uint8> exponent_with_leading_zeros(15, 0x00); | 2102 std::vector<uint8> exponent_with_leading_zeros(15, 0x00); |
2012 algorithm = | 2103 algorithm = |
2013 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | 2104 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
2014 modulus_length, | 2105 modulus_length, |
2015 exponent_with_leading_zeros); | 2106 exponent_with_leading_zeros); |
2016 EXPECT_STATUS( | 2107 EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(), |
2017 Status::ErrorGenerateKeyPublicExponent(), | 2108 GenerateKeyPair( |
2018 GenerateKeyPair( | 2109 algorithm, extractable, usage_mask, &public_key, &private_key)); |
2019 algorithm, extractable, usage_mask, &public_key, &private_key)); | |
2020 | 2110 |
2021 // Key generation success using exponent with leading zeros. | 2111 // Key generation success using exponent with leading zeros. |
2022 exponent_with_leading_zeros.insert(exponent_with_leading_zeros.end(), | 2112 exponent_with_leading_zeros.insert(exponent_with_leading_zeros.end(), |
2023 public_exponent.begin(), | 2113 public_exponent.begin(), |
2024 public_exponent.end()); | 2114 public_exponent.end()); |
2025 algorithm = | 2115 algorithm = |
2026 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | 2116 CreateRsaKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
2027 modulus_length, | 2117 modulus_length, |
2028 exponent_with_leading_zeros); | 2118 exponent_with_leading_zeros); |
2029 EXPECT_STATUS_SUCCESS(GenerateKeyPair( | 2119 EXPECT_EQ(Status::Success(), |
2030 algorithm, extractable, usage_mask, &public_key, &private_key)); | 2120 GenerateKeyPair( |
| 2121 algorithm, extractable, usage_mask, &public_key, &private_key)); |
2031 EXPECT_FALSE(public_key.isNull()); | 2122 EXPECT_FALSE(public_key.isNull()); |
2032 EXPECT_FALSE(private_key.isNull()); | 2123 EXPECT_FALSE(private_key.isNull()); |
2033 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 2124 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
2034 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 2125 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
2035 EXPECT_TRUE(public_key.extractable()); | 2126 EXPECT_TRUE(public_key.extractable()); |
2036 EXPECT_EQ(extractable, private_key.extractable()); | 2127 EXPECT_EQ(extractable, private_key.extractable()); |
2037 EXPECT_EQ(usage_mask, public_key.usages()); | 2128 EXPECT_EQ(usage_mask, public_key.usages()); |
2038 EXPECT_EQ(usage_mask, private_key.usages()); | 2129 EXPECT_EQ(usage_mask, private_key.usages()); |
2039 | 2130 |
2040 // Successful WebCryptoAlgorithmIdRsaOaep key generation. | 2131 // Successful WebCryptoAlgorithmIdRsaOaep key generation. |
2041 algorithm = CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaOaep, | 2132 algorithm = CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaOaep, |
2042 blink::WebCryptoAlgorithmIdSha256, | 2133 blink::WebCryptoAlgorithmIdSha256, |
2043 modulus_length, | 2134 modulus_length, |
2044 public_exponent); | 2135 public_exponent); |
2045 EXPECT_STATUS_SUCCESS(GenerateKeyPair( | 2136 EXPECT_EQ(Status::Success(), |
2046 algorithm, extractable, usage_mask, &public_key, &private_key)); | 2137 GenerateKeyPair( |
| 2138 algorithm, extractable, usage_mask, &public_key, &private_key)); |
2047 EXPECT_FALSE(public_key.isNull()); | 2139 EXPECT_FALSE(public_key.isNull()); |
2048 EXPECT_FALSE(private_key.isNull()); | 2140 EXPECT_FALSE(private_key.isNull()); |
2049 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 2141 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
2050 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 2142 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
2051 EXPECT_EQ(modulus_length, | 2143 EXPECT_EQ(modulus_length, |
2052 public_key.algorithm().rsaHashedParams()->modulusLengthBits()); | 2144 public_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
2053 EXPECT_EQ(modulus_length, | 2145 EXPECT_EQ(modulus_length, |
2054 private_key.algorithm().rsaHashedParams()->modulusLengthBits()); | 2146 private_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
2055 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, | 2147 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, |
2056 public_key.algorithm().rsaHashedParams()->hash().id()); | 2148 public_key.algorithm().rsaHashedParams()->hash().id()); |
2057 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, | 2149 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, |
2058 private_key.algorithm().rsaHashedParams()->hash().id()); | 2150 private_key.algorithm().rsaHashedParams()->hash().id()); |
2059 EXPECT_TRUE(public_key.extractable()); | 2151 EXPECT_TRUE(public_key.extractable()); |
2060 EXPECT_EQ(extractable, private_key.extractable()); | 2152 EXPECT_EQ(extractable, private_key.extractable()); |
2061 EXPECT_EQ(usage_mask, public_key.usages()); | 2153 EXPECT_EQ(usage_mask, public_key.usages()); |
2062 EXPECT_EQ(usage_mask, private_key.usages()); | 2154 EXPECT_EQ(usage_mask, private_key.usages()); |
2063 | 2155 |
2064 // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation. | 2156 // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation. |
2065 algorithm = | 2157 algorithm = |
2066 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2158 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
2067 blink::WebCryptoAlgorithmIdSha1, | 2159 blink::WebCryptoAlgorithmIdSha1, |
2068 modulus_length, | 2160 modulus_length, |
2069 public_exponent); | 2161 public_exponent); |
2070 EXPECT_STATUS_SUCCESS( | 2162 EXPECT_EQ( |
| 2163 Status::Success(), |
2071 GenerateKeyPair(algorithm, false, usage_mask, &public_key, &private_key)); | 2164 GenerateKeyPair(algorithm, false, usage_mask, &public_key, &private_key)); |
2072 EXPECT_FALSE(public_key.isNull()); | 2165 EXPECT_FALSE(public_key.isNull()); |
2073 EXPECT_FALSE(private_key.isNull()); | 2166 EXPECT_FALSE(private_key.isNull()); |
2074 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 2167 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
2075 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 2168 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
2076 EXPECT_EQ(modulus_length, | 2169 EXPECT_EQ(modulus_length, |
2077 public_key.algorithm().rsaHashedParams()->modulusLengthBits()); | 2170 public_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
2078 EXPECT_EQ(modulus_length, | 2171 EXPECT_EQ(modulus_length, |
2079 private_key.algorithm().rsaHashedParams()->modulusLengthBits()); | 2172 private_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
2080 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, | 2173 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, |
2081 public_key.algorithm().rsaHashedParams()->hash().id()); | 2174 public_key.algorithm().rsaHashedParams()->hash().id()); |
2082 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, | 2175 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, |
2083 private_key.algorithm().rsaHashedParams()->hash().id()); | 2176 private_key.algorithm().rsaHashedParams()->hash().id()); |
2084 // Even though "extractable" was set to false, the public key remains | 2177 // Even though "extractable" was set to false, the public key remains |
2085 // extractable. | 2178 // extractable. |
2086 EXPECT_TRUE(public_key.extractable()); | 2179 EXPECT_TRUE(public_key.extractable()); |
2087 EXPECT_FALSE(private_key.extractable()); | 2180 EXPECT_FALSE(private_key.extractable()); |
2088 EXPECT_EQ(usage_mask, public_key.usages()); | 2181 EXPECT_EQ(usage_mask, public_key.usages()); |
2089 EXPECT_EQ(usage_mask, private_key.usages()); | 2182 EXPECT_EQ(usage_mask, private_key.usages()); |
2090 | 2183 |
2091 // Exporting a private key as SPKI format doesn't make sense. However this | 2184 // Exporting a private key as SPKI format doesn't make sense. However this |
2092 // will first fail because the key is not extractable. | 2185 // will first fail because the key is not extractable. |
2093 blink::WebArrayBuffer output; | 2186 blink::WebArrayBuffer output; |
2094 EXPECT_STATUS(Status::ErrorKeyNotExtractable(), | 2187 EXPECT_EQ(Status::ErrorKeyNotExtractable(), |
2095 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output)); | 2188 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output)); |
2096 | 2189 |
2097 // Re-generate an extractable private_key and try to export it as SPKI format. | 2190 // Re-generate an extractable private_key and try to export it as SPKI format. |
2098 // This should fail since spki is for public keys. | 2191 // This should fail since spki is for public keys. |
2099 EXPECT_STATUS_SUCCESS( | 2192 EXPECT_EQ( |
| 2193 Status::Success(), |
2100 GenerateKeyPair(algorithm, true, usage_mask, &public_key, &private_key)); | 2194 GenerateKeyPair(algorithm, true, usage_mask, &public_key, &private_key)); |
2101 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 2195 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), |
2102 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output)); | 2196 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output)); |
2103 } | 2197 } |
2104 | 2198 |
2105 TEST_F(SharedCryptoTest, MAYBE(RsaEsRoundTrip)) { | 2199 TEST_F(SharedCryptoTest, MAYBE(RsaEsRoundTrip)) { |
2106 // Import a key pair. | 2200 // Import a key pair. |
2107 blink::WebCryptoAlgorithm algorithm = | 2201 blink::WebCryptoAlgorithm algorithm = |
2108 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 2202 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
2109 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 2203 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
2110 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 2204 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
2111 ImportRsaKeyPair( | 2205 ImportRsaKeyPair( |
2112 HexStringToBytes(kPublicKeySpkiDerHex), | 2206 HexStringToBytes(kPublicKeySpkiDerHex), |
(...skipping 15 matching lines...) Expand all Loading... |
2128 | 2222 |
2129 // Verify encrypt / decrypt round trip on a few messages. Note that RSA | 2223 // Verify encrypt / decrypt round trip on a few messages. Note that RSA |
2130 // encryption does not support empty input. | 2224 // encryption does not support empty input. |
2131 algorithm = CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 2225 algorithm = CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
2132 const char* const kTestDataHex[] = {"ff", "0102030405060708090a0b0c0d0e0f", | 2226 const char* const kTestDataHex[] = {"ff", "0102030405060708090a0b0c0d0e0f", |
2133 max_data_hex}; | 2227 max_data_hex}; |
2134 blink::WebArrayBuffer encrypted_data; | 2228 blink::WebArrayBuffer encrypted_data; |
2135 blink::WebArrayBuffer decrypted_data; | 2229 blink::WebArrayBuffer decrypted_data; |
2136 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTestDataHex); ++i) { | 2230 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTestDataHex); ++i) { |
2137 SCOPED_TRACE(i); | 2231 SCOPED_TRACE(i); |
2138 EXPECT_STATUS_SUCCESS(Encrypt(algorithm, | 2232 EXPECT_EQ(Status::Success(), |
2139 public_key, | 2233 Encrypt(algorithm, |
2140 CryptoData(HexStringToBytes(kTestDataHex[i])), | 2234 public_key, |
2141 &encrypted_data)); | 2235 CryptoData(HexStringToBytes(kTestDataHex[i])), |
| 2236 &encrypted_data)); |
2142 EXPECT_EQ(kModulusLengthBits / 8, encrypted_data.byteLength()); | 2237 EXPECT_EQ(kModulusLengthBits / 8, encrypted_data.byteLength()); |
2143 ASSERT_STATUS_SUCCESS(Decrypt( | 2238 ASSERT_EQ(Status::Success(), |
2144 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data)); | 2239 Decrypt(algorithm, |
| 2240 private_key, |
| 2241 CryptoData(encrypted_data), |
| 2242 &decrypted_data)); |
2145 ExpectArrayBufferMatchesHex(kTestDataHex[i], decrypted_data); | 2243 ExpectArrayBufferMatchesHex(kTestDataHex[i], decrypted_data); |
2146 } | 2244 } |
2147 } | 2245 } |
2148 | 2246 |
2149 TEST_F(SharedCryptoTest, MAYBE(RsaEsKnownAnswer)) { | 2247 TEST_F(SharedCryptoTest, MAYBE(RsaEsKnownAnswer)) { |
2150 scoped_ptr<base::Value> json; | 2248 scoped_ptr<base::Value> json; |
2151 ASSERT_TRUE(ReadJsonTestFile("rsa_es.json", &json)); | 2249 ASSERT_TRUE(ReadJsonTestFile("rsa_es.json", &json)); |
2152 base::DictionaryValue* test = NULL; | 2250 base::DictionaryValue* test = NULL; |
2153 ASSERT_TRUE(json->GetAsDictionary(&test)); | 2251 ASSERT_TRUE(json->GetAsDictionary(&test)); |
2154 | 2252 |
(...skipping 22 matching lines...) Expand all Loading... |
2177 rsa_pkcs8_der, | 2275 rsa_pkcs8_der, |
2178 algorithm, | 2276 algorithm, |
2179 false, | 2277 false, |
2180 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, | 2278 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, |
2181 &public_key, | 2279 &public_key, |
2182 &private_key); | 2280 &private_key); |
2183 | 2281 |
2184 // Decrypt the known-good ciphertext with the private key. As a check we must | 2282 // Decrypt the known-good ciphertext with the private key. As a check we must |
2185 // get the known original cleartext. | 2283 // get the known original cleartext. |
2186 blink::WebArrayBuffer decrypted_data; | 2284 blink::WebArrayBuffer decrypted_data; |
2187 ASSERT_STATUS_SUCCESS( | 2285 ASSERT_EQ( |
| 2286 Status::Success(), |
2188 Decrypt(algorithm, private_key, CryptoData(ciphertext), &decrypted_data)); | 2287 Decrypt(algorithm, private_key, CryptoData(ciphertext), &decrypted_data)); |
2189 EXPECT_FALSE(decrypted_data.isNull()); | 2288 EXPECT_FALSE(decrypted_data.isNull()); |
2190 EXPECT_TRUE(ArrayBufferMatches(cleartext, decrypted_data)); | 2289 EXPECT_TRUE(ArrayBufferMatches(cleartext, decrypted_data)); |
2191 | 2290 |
2192 // Encrypt this decrypted data with the public key. | 2291 // Encrypt this decrypted data with the public key. |
2193 blink::WebArrayBuffer encrypted_data; | 2292 blink::WebArrayBuffer encrypted_data; |
2194 ASSERT_STATUS_SUCCESS(Encrypt( | 2293 ASSERT_EQ( |
2195 algorithm, public_key, CryptoData(decrypted_data), &encrypted_data)); | 2294 Status::Success(), |
| 2295 Encrypt( |
| 2296 algorithm, public_key, CryptoData(decrypted_data), &encrypted_data)); |
2196 EXPECT_EQ(128u, encrypted_data.byteLength()); | 2297 EXPECT_EQ(128u, encrypted_data.byteLength()); |
2197 | 2298 |
2198 // Finally, decrypt the newly encrypted result with the private key, and | 2299 // Finally, decrypt the newly encrypted result with the private key, and |
2199 // compare to the known original cleartext. | 2300 // compare to the known original cleartext. |
2200 decrypted_data.reset(); | 2301 decrypted_data.reset(); |
2201 ASSERT_STATUS_SUCCESS(Decrypt( | 2302 ASSERT_EQ( |
2202 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data)); | 2303 Status::Success(), |
| 2304 Decrypt( |
| 2305 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data)); |
2203 EXPECT_FALSE(decrypted_data.isNull()); | 2306 EXPECT_FALSE(decrypted_data.isNull()); |
2204 EXPECT_TRUE(ArrayBufferMatches(cleartext, decrypted_data)); | 2307 EXPECT_TRUE(ArrayBufferMatches(cleartext, decrypted_data)); |
2205 } | 2308 } |
2206 | 2309 |
2207 TEST_F(SharedCryptoTest, MAYBE(RsaEsFailures)) { | 2310 TEST_F(SharedCryptoTest, MAYBE(RsaEsFailures)) { |
2208 // Import a key pair. | 2311 // Import a key pair. |
2209 blink::WebCryptoAlgorithm algorithm = | 2312 blink::WebCryptoAlgorithm algorithm = |
2210 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 2313 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
2211 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 2314 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
2212 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 2315 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
2213 ImportRsaKeyPair( | 2316 ImportRsaKeyPair( |
2214 HexStringToBytes(kPublicKeySpkiDerHex), | 2317 HexStringToBytes(kPublicKeySpkiDerHex), |
2215 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 2318 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
2216 algorithm, | 2319 algorithm, |
2217 false, | 2320 false, |
2218 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, | 2321 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, |
2219 &public_key, | 2322 &public_key, |
2220 &private_key); | 2323 &private_key); |
2221 | 2324 |
2222 // Fail encrypt with a private key. | 2325 // Fail encrypt with a private key. |
2223 blink::WebArrayBuffer encrypted_data; | 2326 blink::WebArrayBuffer encrypted_data; |
2224 const std::string message_hex_str("0102030405060708090a0b0c0d0e0f"); | 2327 const std::string message_hex_str("0102030405060708090a0b0c0d0e0f"); |
2225 const std::vector<uint8> message_hex(HexStringToBytes(message_hex_str)); | 2328 const std::vector<uint8> message_hex(HexStringToBytes(message_hex_str)); |
2226 EXPECT_STATUS( | 2329 EXPECT_EQ( |
2227 Status::ErrorUnexpectedKeyType(), | 2330 Status::ErrorUnexpectedKeyType(), |
2228 Encrypt( | 2331 Encrypt( |
2229 algorithm, private_key, CryptoData(message_hex), &encrypted_data)); | 2332 algorithm, private_key, CryptoData(message_hex), &encrypted_data)); |
2230 | 2333 |
2231 // Fail encrypt with empty message. | 2334 // Fail encrypt with empty message. |
2232 EXPECT_STATUS(Status::Error(), | 2335 EXPECT_EQ(Status::ErrorDataTooSmall(), |
2233 Encrypt(algorithm, | 2336 Encrypt(algorithm, |
2234 public_key, | 2337 public_key, |
2235 CryptoData(std::vector<uint8>()), | 2338 CryptoData(std::vector<uint8>()), |
2236 &encrypted_data)); | 2339 &encrypted_data)); |
2237 | 2340 |
2238 // Fail encrypt with message too large. RSAES can operate on messages up to | 2341 // Fail encrypt with message too large. RSAES can operate on messages up to |
2239 // length of k - 11 bytes, where k is the octet length of the RSA modulus. | 2342 // length of k - 11 bytes, where k is the octet length of the RSA modulus. |
2240 const unsigned int kMaxMsgSizeBytes = kModulusLengthBits / 8 - 11; | 2343 const unsigned int kMaxMsgSizeBytes = kModulusLengthBits / 8 - 11; |
2241 EXPECT_STATUS( | 2344 EXPECT_EQ(Status::ErrorDataTooLarge(), |
2242 Status::ErrorDataTooLarge(), | 2345 Encrypt(algorithm, |
2243 Encrypt(algorithm, | 2346 public_key, |
2244 public_key, | 2347 CryptoData(std::vector<uint8>(kMaxMsgSizeBytes + 1, '0')), |
2245 CryptoData(std::vector<uint8>(kMaxMsgSizeBytes + 1, '0')), | 2348 &encrypted_data)); |
2246 &encrypted_data)); | |
2247 | 2349 |
2248 // Generate encrypted data. | 2350 // Generate encrypted data. |
2249 EXPECT_STATUS( | 2351 EXPECT_EQ( |
2250 Status::Success(), | 2352 Status::Success(), |
2251 Encrypt(algorithm, public_key, CryptoData(message_hex), &encrypted_data)); | 2353 Encrypt(algorithm, public_key, CryptoData(message_hex), &encrypted_data)); |
2252 | 2354 |
2253 // Fail decrypt with a public key. | 2355 // Fail decrypt with a public key. |
2254 blink::WebArrayBuffer decrypted_data; | 2356 blink::WebArrayBuffer decrypted_data; |
2255 EXPECT_STATUS( | 2357 EXPECT_EQ( |
2256 Status::ErrorUnexpectedKeyType(), | 2358 Status::ErrorUnexpectedKeyType(), |
2257 Decrypt( | 2359 Decrypt( |
2258 algorithm, public_key, CryptoData(encrypted_data), &decrypted_data)); | 2360 algorithm, public_key, CryptoData(encrypted_data), &decrypted_data)); |
2259 | 2361 |
2260 // Corrupt encrypted data; ensure decrypt fails because padding was disrupted. | 2362 // Corrupt encrypted data; ensure decrypt fails because padding was disrupted. |
2261 std::vector<uint8> corrupted_data( | 2363 std::vector<uint8> corrupted_data( |
2262 static_cast<uint8*>(encrypted_data.data()), | 2364 static_cast<uint8*>(encrypted_data.data()), |
2263 static_cast<uint8*>(encrypted_data.data()) + encrypted_data.byteLength()); | 2365 static_cast<uint8*>(encrypted_data.data()) + encrypted_data.byteLength()); |
2264 corrupted_data[corrupted_data.size() / 2] ^= 0x01; | 2366 corrupted_data[corrupted_data.size() / 2] ^= 0x01; |
2265 EXPECT_STATUS( | 2367 EXPECT_EQ( |
2266 Status::Error(), | 2368 Status::OperationError(), |
2267 Decrypt( | 2369 Decrypt( |
2268 algorithm, private_key, CryptoData(corrupted_data), &decrypted_data)); | 2370 algorithm, private_key, CryptoData(corrupted_data), &decrypted_data)); |
2269 | 2371 |
2270 // TODO(padolph): Are there other specific data corruption scenarios to | 2372 // TODO(padolph): Are there other specific data corruption scenarios to |
2271 // consider? | 2373 // consider? |
2272 | 2374 |
2273 // Do a successful decrypt with good data just for confirmation. | 2375 // Do a successful decrypt with good data just for confirmation. |
2274 EXPECT_STATUS_SUCCESS(Decrypt( | 2376 EXPECT_EQ( |
2275 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data)); | 2377 Status::Success(), |
| 2378 Decrypt( |
| 2379 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data)); |
2276 ExpectArrayBufferMatchesHex(message_hex_str, decrypted_data); | 2380 ExpectArrayBufferMatchesHex(message_hex_str, decrypted_data); |
2277 } | 2381 } |
2278 | 2382 |
2279 TEST_F(SharedCryptoTest, MAYBE(RsaSsaSignVerifyFailures)) { | 2383 TEST_F(SharedCryptoTest, MAYBE(RsaSsaSignVerifyFailures)) { |
2280 // Import a key pair. | 2384 // Import a key pair. |
2281 blink::WebCryptoKeyUsageMask usage_mask = | 2385 blink::WebCryptoKeyUsageMask usage_mask = |
2282 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify; | 2386 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify; |
2283 blink::WebCryptoAlgorithm importAlgorithm = | 2387 blink::WebCryptoAlgorithm importAlgorithm = |
2284 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2388 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
2285 blink::WebCryptoAlgorithmIdSha1); | 2389 blink::WebCryptoAlgorithmIdSha1); |
2286 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 2390 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
2287 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 2391 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
2288 ImportRsaKeyPair(HexStringToBytes(kPublicKeySpkiDerHex), | 2392 ImportRsaKeyPair(HexStringToBytes(kPublicKeySpkiDerHex), |
2289 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 2393 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
2290 importAlgorithm, | 2394 importAlgorithm, |
2291 false, | 2395 false, |
2292 usage_mask, | 2396 usage_mask, |
2293 &public_key, | 2397 &public_key, |
2294 &private_key); | 2398 &private_key); |
2295 | 2399 |
2296 blink::WebCryptoAlgorithm algorithm = | 2400 blink::WebCryptoAlgorithm algorithm = |
2297 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5); | 2401 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5); |
2298 | 2402 |
2299 blink::WebArrayBuffer signature; | 2403 blink::WebArrayBuffer signature; |
2300 bool signature_match; | 2404 bool signature_match; |
2301 | 2405 |
2302 // Compute a signature. | 2406 // Compute a signature. |
2303 const std::vector<uint8> data = HexStringToBytes("010203040506070809"); | 2407 const std::vector<uint8> data = HexStringToBytes("010203040506070809"); |
2304 ASSERT_STATUS_SUCCESS( | 2408 ASSERT_EQ(Status::Success(), |
2305 Sign(algorithm, private_key, CryptoData(data), &signature)); | 2409 Sign(algorithm, private_key, CryptoData(data), &signature)); |
2306 | 2410 |
2307 // Ensure truncated signature does not verify by passing one less byte. | 2411 // Ensure truncated signature does not verify by passing one less byte. |
2308 EXPECT_STATUS_SUCCESS(VerifySignature( | 2412 EXPECT_EQ( |
2309 algorithm, | 2413 Status::Success(), |
2310 public_key, | 2414 VerifySignature( |
2311 CryptoData(reinterpret_cast<const unsigned char*>(signature.data()), | 2415 algorithm, |
2312 signature.byteLength() - 1), | 2416 public_key, |
2313 CryptoData(data), | 2417 CryptoData(reinterpret_cast<const unsigned char*>(signature.data()), |
2314 &signature_match)); | 2418 signature.byteLength() - 1), |
| 2419 CryptoData(data), |
| 2420 &signature_match)); |
2315 EXPECT_FALSE(signature_match); | 2421 EXPECT_FALSE(signature_match); |
2316 | 2422 |
2317 // Ensure truncated signature does not verify by passing no bytes. | 2423 // Ensure truncated signature does not verify by passing no bytes. |
2318 EXPECT_STATUS_SUCCESS(VerifySignature( | 2424 EXPECT_EQ(Status::Success(), |
2319 algorithm, public_key, CryptoData(), CryptoData(data), &signature_match)); | 2425 VerifySignature(algorithm, |
| 2426 public_key, |
| 2427 CryptoData(), |
| 2428 CryptoData(data), |
| 2429 &signature_match)); |
2320 EXPECT_FALSE(signature_match); | 2430 EXPECT_FALSE(signature_match); |
2321 | 2431 |
2322 // Ensure corrupted signature does not verify. | 2432 // Ensure corrupted signature does not verify. |
2323 std::vector<uint8> corrupt_sig( | 2433 std::vector<uint8> corrupt_sig( |
2324 static_cast<uint8*>(signature.data()), | 2434 static_cast<uint8*>(signature.data()), |
2325 static_cast<uint8*>(signature.data()) + signature.byteLength()); | 2435 static_cast<uint8*>(signature.data()) + signature.byteLength()); |
2326 corrupt_sig[corrupt_sig.size() / 2] ^= 0x1; | 2436 corrupt_sig[corrupt_sig.size() / 2] ^= 0x1; |
2327 EXPECT_STATUS_SUCCESS(VerifySignature(algorithm, | 2437 EXPECT_EQ(Status::Success(), |
2328 public_key, | 2438 VerifySignature(algorithm, |
2329 CryptoData(corrupt_sig), | 2439 public_key, |
2330 CryptoData(data), | 2440 CryptoData(corrupt_sig), |
2331 &signature_match)); | 2441 CryptoData(data), |
| 2442 &signature_match)); |
2332 EXPECT_FALSE(signature_match); | 2443 EXPECT_FALSE(signature_match); |
2333 | 2444 |
2334 // Ensure signatures that are greater than the modulus size fail. | 2445 // Ensure signatures that are greater than the modulus size fail. |
2335 const unsigned int long_message_size_bytes = 1024; | 2446 const unsigned int long_message_size_bytes = 1024; |
2336 DCHECK_GT(long_message_size_bytes, kModulusLengthBits / 8); | 2447 DCHECK_GT(long_message_size_bytes, kModulusLengthBits / 8); |
2337 const unsigned char kLongSignature[long_message_size_bytes] = {0}; | 2448 const unsigned char kLongSignature[long_message_size_bytes] = {0}; |
2338 EXPECT_STATUS_SUCCESS( | 2449 EXPECT_EQ(Status::Success(), |
2339 VerifySignature(algorithm, | 2450 VerifySignature(algorithm, |
2340 public_key, | 2451 public_key, |
2341 CryptoData(kLongSignature, sizeof(kLongSignature)), | 2452 CryptoData(kLongSignature, sizeof(kLongSignature)), |
2342 CryptoData(data), | 2453 CryptoData(data), |
2343 &signature_match)); | 2454 &signature_match)); |
2344 EXPECT_FALSE(signature_match); | 2455 EXPECT_FALSE(signature_match); |
2345 | 2456 |
2346 // Ensure that verifying using a private key, rather than a public key, fails. | 2457 // Ensure that verifying using a private key, rather than a public key, fails. |
2347 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 2458 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), |
2348 VerifySignature(algorithm, | 2459 VerifySignature(algorithm, |
2349 private_key, | 2460 private_key, |
2350 CryptoData(signature), | 2461 CryptoData(signature), |
2351 CryptoData(data), | 2462 CryptoData(data), |
2352 &signature_match)); | 2463 &signature_match)); |
2353 | 2464 |
2354 // Ensure that signing using a public key, rather than a private key, fails. | 2465 // Ensure that signing using a public key, rather than a private key, fails. |
2355 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 2466 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), |
2356 Sign(algorithm, public_key, CryptoData(data), &signature)); | 2467 Sign(algorithm, public_key, CryptoData(data), &signature)); |
2357 | 2468 |
2358 // Ensure that signing and verifying with an incompatible algorithm fails. | 2469 // Ensure that signing and verifying with an incompatible algorithm fails. |
2359 algorithm = CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 2470 algorithm = CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
2360 | 2471 |
2361 EXPECT_STATUS(Status::ErrorUnexpected(), | 2472 EXPECT_EQ(Status::ErrorUnexpected(), |
2362 Sign(algorithm, private_key, CryptoData(data), &signature)); | 2473 Sign(algorithm, private_key, CryptoData(data), &signature)); |
2363 EXPECT_STATUS(Status::ErrorUnexpected(), | 2474 EXPECT_EQ(Status::ErrorUnexpected(), |
2364 VerifySignature(algorithm, | 2475 VerifySignature(algorithm, |
2365 public_key, | 2476 public_key, |
2366 CryptoData(signature), | 2477 CryptoData(signature), |
2367 CryptoData(data), | 2478 CryptoData(data), |
2368 &signature_match)); | 2479 &signature_match)); |
2369 | 2480 |
2370 // Some crypto libraries (NSS) can automatically select the RSA SSA inner hash | 2481 // Some crypto libraries (NSS) can automatically select the RSA SSA inner hash |
2371 // based solely on the contents of the input signature data. In the Web Crypto | 2482 // based solely on the contents of the input signature data. In the Web Crypto |
2372 // implementation, the inner hash should be specified uniquely by the key | 2483 // implementation, the inner hash should be specified uniquely by the key |
2373 // algorithm parameter. To validate this behavior, call Verify with a computed | 2484 // algorithm parameter. To validate this behavior, call Verify with a computed |
2374 // signature that used one hash type (SHA-1), but pass in a key with a | 2485 // signature that used one hash type (SHA-1), but pass in a key with a |
2375 // different inner hash type (SHA-256). If the hash type is determined by the | 2486 // different inner hash type (SHA-256). If the hash type is determined by the |
2376 // signature itself (undesired), the verify will pass, while if the hash type | 2487 // signature itself (undesired), the verify will pass, while if the hash type |
2377 // is specified by the key algorithm (desired), the verify will fail. | 2488 // is specified by the key algorithm (desired), the verify will fail. |
2378 | 2489 |
2379 // Compute a signature using SHA-1 as the inner hash. | 2490 // Compute a signature using SHA-1 as the inner hash. |
2380 EXPECT_STATUS_SUCCESS( | 2491 EXPECT_EQ(Status::Success(), |
2381 Sign(CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), | 2492 Sign(CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), |
2382 private_key, | 2493 private_key, |
2383 CryptoData(data), | 2494 CryptoData(data), |
2384 &signature)); | 2495 &signature)); |
2385 | 2496 |
2386 blink::WebCryptoKey public_key_256 = blink::WebCryptoKey::createNull(); | 2497 blink::WebCryptoKey public_key_256 = blink::WebCryptoKey::createNull(); |
2387 EXPECT_STATUS_SUCCESS(ImportKey( | 2498 EXPECT_EQ(Status::Success(), |
2388 blink::WebCryptoKeyFormatSpki, | 2499 ImportKey(blink::WebCryptoKeyFormatSpki, |
2389 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), | 2500 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), |
2390 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2501 CreateRsaHashedImportAlgorithm( |
2391 blink::WebCryptoAlgorithmIdSha256), | 2502 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
2392 true, | 2503 blink::WebCryptoAlgorithmIdSha256), |
2393 usage_mask, | 2504 true, |
2394 &public_key_256)); | 2505 usage_mask, |
| 2506 &public_key_256)); |
2395 | 2507 |
2396 // Now verify using an algorithm whose inner hash is SHA-256, not SHA-1. The | 2508 // Now verify using an algorithm whose inner hash is SHA-256, not SHA-1. The |
2397 // signature should not verify. | 2509 // signature should not verify. |
2398 // NOTE: public_key was produced by generateKey, and so its associated | 2510 // NOTE: public_key was produced by generateKey, and so its associated |
2399 // algorithm has WebCryptoRsaKeyGenParams and not WebCryptoRsaSsaParams. Thus | 2511 // algorithm has WebCryptoRsaKeyGenParams and not WebCryptoRsaSsaParams. Thus |
2400 // it has no inner hash to conflict with the input algorithm. | 2512 // it has no inner hash to conflict with the input algorithm. |
2401 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, | 2513 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, |
2402 private_key.algorithm().rsaHashedParams()->hash().id()); | 2514 private_key.algorithm().rsaHashedParams()->hash().id()); |
2403 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, | 2515 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, |
2404 public_key_256.algorithm().rsaHashedParams()->hash().id()); | 2516 public_key_256.algorithm().rsaHashedParams()->hash().id()); |
2405 | 2517 |
2406 bool is_match; | 2518 bool is_match; |
2407 EXPECT_STATUS_SUCCESS(VerifySignature( | 2519 EXPECT_EQ(Status::Success(), |
2408 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), | 2520 VerifySignature( |
2409 public_key_256, | 2521 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), |
2410 CryptoData(signature), | 2522 public_key_256, |
2411 CryptoData(data), | 2523 CryptoData(signature), |
2412 &is_match)); | 2524 CryptoData(data), |
| 2525 &is_match)); |
2413 EXPECT_FALSE(is_match); | 2526 EXPECT_FALSE(is_match); |
2414 } | 2527 } |
2415 | 2528 |
2416 TEST_F(SharedCryptoTest, MAYBE(RsaSignVerifyKnownAnswer)) { | 2529 TEST_F(SharedCryptoTest, MAYBE(RsaSignVerifyKnownAnswer)) { |
2417 scoped_ptr<base::ListValue> tests; | 2530 scoped_ptr<base::ListValue> tests; |
2418 ASSERT_TRUE(ReadJsonTestFileToList("pkcs1v15_sign.json", &tests)); | 2531 ASSERT_TRUE(ReadJsonTestFileToList("pkcs1v15_sign.json", &tests)); |
2419 | 2532 |
2420 // Import the key pair. | 2533 // Import the key pair. |
2421 blink::WebCryptoAlgorithm importAlgorithm = | 2534 blink::WebCryptoAlgorithm importAlgorithm = |
2422 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2535 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
(...skipping 19 matching lines...) Expand all Loading... |
2442 | 2555 |
2443 base::DictionaryValue* test; | 2556 base::DictionaryValue* test; |
2444 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); | 2557 ASSERT_TRUE(tests->GetDictionary(test_index, &test)); |
2445 | 2558 |
2446 std::vector<uint8> test_message = | 2559 std::vector<uint8> test_message = |
2447 GetBytesFromHexString(test, "message_hex"); | 2560 GetBytesFromHexString(test, "message_hex"); |
2448 std::vector<uint8> test_signature = | 2561 std::vector<uint8> test_signature = |
2449 GetBytesFromHexString(test, "signature_hex"); | 2562 GetBytesFromHexString(test, "signature_hex"); |
2450 | 2563 |
2451 signature.reset(); | 2564 signature.reset(); |
2452 ASSERT_STATUS_SUCCESS( | 2565 ASSERT_EQ( |
| 2566 Status::Success(), |
2453 Sign(algorithm, private_key, CryptoData(test_message), &signature)); | 2567 Sign(algorithm, private_key, CryptoData(test_message), &signature)); |
2454 EXPECT_TRUE(ArrayBufferMatches(test_signature, signature)); | 2568 EXPECT_TRUE(ArrayBufferMatches(test_signature, signature)); |
2455 | 2569 |
2456 bool is_match = false; | 2570 bool is_match = false; |
2457 ASSERT_STATUS_SUCCESS(VerifySignature(algorithm, | 2571 ASSERT_EQ(Status::Success(), |
2458 public_key, | 2572 VerifySignature(algorithm, |
2459 CryptoData(test_signature), | 2573 public_key, |
2460 CryptoData(test_message), | 2574 CryptoData(test_signature), |
2461 &is_match)); | 2575 CryptoData(test_message), |
| 2576 &is_match)); |
2462 EXPECT_TRUE(is_match); | 2577 EXPECT_TRUE(is_match); |
2463 } | 2578 } |
2464 } | 2579 } |
2465 | 2580 |
2466 TEST_F(SharedCryptoTest, MAYBE(AesKwKeyImport)) { | 2581 TEST_F(SharedCryptoTest, MAYBE(AesKwKeyImport)) { |
2467 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 2582 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
2468 blink::WebCryptoAlgorithm algorithm = | 2583 blink::WebCryptoAlgorithm algorithm = |
2469 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); | 2584 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); |
2470 | 2585 |
2471 // Import a 128-bit Key Encryption Key (KEK) | 2586 // Import a 128-bit Key Encryption Key (KEK) |
2472 std::string key_raw_hex_in = "025a8cf3f08b4f6c5f33bbc76a471939"; | 2587 std::string key_raw_hex_in = "025a8cf3f08b4f6c5f33bbc76a471939"; |
2473 ASSERT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatRaw, | 2588 ASSERT_EQ(Status::Success(), |
2474 CryptoData(HexStringToBytes(key_raw_hex_in)), | 2589 ImportKey(blink::WebCryptoKeyFormatRaw, |
2475 algorithm, | 2590 CryptoData(HexStringToBytes(key_raw_hex_in)), |
2476 true, | 2591 algorithm, |
2477 blink::WebCryptoKeyUsageWrapKey, | 2592 true, |
2478 &key)); | 2593 blink::WebCryptoKeyUsageWrapKey, |
| 2594 &key)); |
2479 blink::WebArrayBuffer key_raw_out; | 2595 blink::WebArrayBuffer key_raw_out; |
2480 EXPECT_STATUS_SUCCESS( | 2596 EXPECT_EQ(Status::Success(), |
2481 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out)); | 2597 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out)); |
2482 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); | 2598 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); |
2483 | 2599 |
2484 // Import a 192-bit KEK | 2600 // Import a 192-bit KEK |
2485 key_raw_hex_in = "c0192c6466b2370decbb62b2cfef4384544ffeb4d2fbc103"; | 2601 key_raw_hex_in = "c0192c6466b2370decbb62b2cfef4384544ffeb4d2fbc103"; |
2486 ASSERT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatRaw, | 2602 ASSERT_EQ(Status::Success(), |
2487 CryptoData(HexStringToBytes(key_raw_hex_in)), | 2603 ImportKey(blink::WebCryptoKeyFormatRaw, |
2488 algorithm, | 2604 CryptoData(HexStringToBytes(key_raw_hex_in)), |
2489 true, | 2605 algorithm, |
2490 blink::WebCryptoKeyUsageWrapKey, | 2606 true, |
2491 &key)); | 2607 blink::WebCryptoKeyUsageWrapKey, |
2492 EXPECT_STATUS_SUCCESS( | 2608 &key)); |
2493 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out)); | 2609 EXPECT_EQ(Status::Success(), |
| 2610 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out)); |
2494 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); | 2611 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); |
2495 | 2612 |
2496 // Import a 256-bit Key Encryption Key (KEK) | 2613 // Import a 256-bit Key Encryption Key (KEK) |
2497 key_raw_hex_in = | 2614 key_raw_hex_in = |
2498 "e11fe66380d90fa9ebefb74e0478e78f95664d0c67ca20ce4a0b5842863ac46f"; | 2615 "e11fe66380d90fa9ebefb74e0478e78f95664d0c67ca20ce4a0b5842863ac46f"; |
2499 ASSERT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatRaw, | 2616 ASSERT_EQ(Status::Success(), |
2500 CryptoData(HexStringToBytes(key_raw_hex_in)), | 2617 ImportKey(blink::WebCryptoKeyFormatRaw, |
2501 algorithm, | 2618 CryptoData(HexStringToBytes(key_raw_hex_in)), |
2502 true, | 2619 algorithm, |
2503 blink::WebCryptoKeyUsageWrapKey, | 2620 true, |
2504 &key)); | 2621 blink::WebCryptoKeyUsageWrapKey, |
2505 EXPECT_STATUS_SUCCESS( | 2622 &key)); |
2506 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out)); | 2623 EXPECT_EQ(Status::Success(), |
| 2624 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out)); |
2507 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); | 2625 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); |
2508 | 2626 |
2509 // Fail import of 0 length key | 2627 // Fail import of 0 length key |
2510 EXPECT_STATUS(Status::Error(), | 2628 EXPECT_EQ(Status::ErrorImportAesKeyLength(), |
2511 ImportKey(blink::WebCryptoKeyFormatRaw, | 2629 ImportKey(blink::WebCryptoKeyFormatRaw, |
2512 CryptoData(HexStringToBytes("")), | 2630 CryptoData(HexStringToBytes("")), |
2513 algorithm, | 2631 algorithm, |
2514 true, | 2632 true, |
2515 blink::WebCryptoKeyUsageWrapKey, | 2633 blink::WebCryptoKeyUsageWrapKey, |
2516 &key)); | 2634 &key)); |
2517 | 2635 |
2518 // Fail import of 124-bit KEK | 2636 // Fail import of 124-bit KEK |
2519 key_raw_hex_in = "3e4566a2bdaa10cb68134fa66c15ddb"; | 2637 key_raw_hex_in = "3e4566a2bdaa10cb68134fa66c15ddb"; |
2520 EXPECT_STATUS(Status::Error(), | 2638 EXPECT_EQ(Status::ErrorImportAesKeyLength(), |
2521 ImportKey(blink::WebCryptoKeyFormatRaw, | 2639 ImportKey(blink::WebCryptoKeyFormatRaw, |
2522 CryptoData(HexStringToBytes(key_raw_hex_in)), | 2640 CryptoData(HexStringToBytes(key_raw_hex_in)), |
2523 algorithm, | 2641 algorithm, |
2524 true, | 2642 true, |
2525 blink::WebCryptoKeyUsageWrapKey, | 2643 blink::WebCryptoKeyUsageWrapKey, |
2526 &key)); | 2644 &key)); |
2527 | 2645 |
2528 // Fail import of 200-bit KEK | 2646 // Fail import of 200-bit KEK |
2529 key_raw_hex_in = "0a1d88608a5ad9fec64f1ada269ebab4baa2feeb8d95638c0e"; | 2647 key_raw_hex_in = "0a1d88608a5ad9fec64f1ada269ebab4baa2feeb8d95638c0e"; |
2530 EXPECT_STATUS(Status::Error(), | 2648 EXPECT_EQ(Status::ErrorImportAesKeyLength(), |
2531 ImportKey(blink::WebCryptoKeyFormatRaw, | 2649 ImportKey(blink::WebCryptoKeyFormatRaw, |
2532 CryptoData(HexStringToBytes(key_raw_hex_in)), | 2650 CryptoData(HexStringToBytes(key_raw_hex_in)), |
2533 algorithm, | 2651 algorithm, |
2534 true, | 2652 true, |
2535 blink::WebCryptoKeyUsageWrapKey, | 2653 blink::WebCryptoKeyUsageWrapKey, |
2536 &key)); | 2654 &key)); |
2537 | 2655 |
2538 // Fail import of 260-bit KEK | 2656 // Fail import of 260-bit KEK |
2539 key_raw_hex_in = | 2657 key_raw_hex_in = |
2540 "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a"; | 2658 "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a"; |
2541 EXPECT_STATUS(Status::Error(), | 2659 EXPECT_EQ(Status::ErrorImportAesKeyLength(), |
2542 ImportKey(blink::WebCryptoKeyFormatRaw, | 2660 ImportKey(blink::WebCryptoKeyFormatRaw, |
2543 CryptoData(HexStringToBytes(key_raw_hex_in)), | 2661 CryptoData(HexStringToBytes(key_raw_hex_in)), |
2544 algorithm, | 2662 algorithm, |
2545 true, | 2663 true, |
2546 blink::WebCryptoKeyUsageWrapKey, | 2664 blink::WebCryptoKeyUsageWrapKey, |
2547 &key)); | 2665 &key)); |
2548 } | 2666 } |
2549 | 2667 |
2550 TEST_F(SharedCryptoTest, MAYBE(UnwrapFailures)) { | 2668 TEST_F(SharedCryptoTest, MAYBE(UnwrapFailures)) { |
2551 // This test exercises the code path common to all unwrap operations. | 2669 // This test exercises the code path common to all unwrap operations. |
2552 scoped_ptr<base::ListValue> tests; | 2670 scoped_ptr<base::ListValue> tests; |
2553 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests)); | 2671 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests)); |
2554 base::DictionaryValue* test; | 2672 base::DictionaryValue* test; |
2555 ASSERT_TRUE(tests->GetDictionary(0, &test)); | 2673 ASSERT_TRUE(tests->GetDictionary(0, &test)); |
2556 const std::vector<uint8> test_kek = GetBytesFromHexString(test, "kek"); | 2674 const std::vector<uint8> test_kek = GetBytesFromHexString(test, "kek"); |
2557 const std::vector<uint8> test_ciphertext = | 2675 const std::vector<uint8> test_ciphertext = |
2558 GetBytesFromHexString(test, "ciphertext"); | 2676 GetBytesFromHexString(test, "ciphertext"); |
2559 | 2677 |
2560 // Using a key that does not have unwrapKey usage should fail. | 2678 // Using a key that does not have unwrapKey usage should fail. |
2561 blink::WebCryptoKey bad_wrapping_key = ImportSecretKeyFromRaw( | 2679 blink::WebCryptoKey bad_wrapping_key = ImportSecretKeyFromRaw( |
2562 test_kek, | 2680 test_kek, |
2563 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw), | 2681 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw), |
2564 blink::WebCryptoKeyUsageDecrypt); // <-- should be UnwrapKey | 2682 blink::WebCryptoKeyUsageDecrypt); // <-- should be UnwrapKey |
2565 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 2683 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
2566 EXPECT_STATUS( | 2684 EXPECT_EQ( |
2567 Status::ErrorUnexpected(), | 2685 Status::ErrorUnexpected(), |
2568 UnwrapKey(blink::WebCryptoKeyFormatRaw, | 2686 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
2569 CryptoData(test_ciphertext), | 2687 CryptoData(test_ciphertext), |
2570 bad_wrapping_key, | 2688 bad_wrapping_key, |
2571 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw), | 2689 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw), |
2572 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 2690 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
2573 true, | 2691 true, |
2574 blink::WebCryptoKeyUsageEncrypt, | 2692 blink::WebCryptoKeyUsageEncrypt, |
2575 &unwrapped_key)); | 2693 &unwrapped_key)); |
2576 | 2694 |
2577 // Using a wrapping algorithm that does not match the wrapping key algorithm | 2695 // Using a wrapping algorithm that does not match the wrapping key algorithm |
2578 // should fail. | 2696 // should fail. |
2579 blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw( | 2697 blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw( |
2580 test_kek, | 2698 test_kek, |
2581 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw), | 2699 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw), |
2582 blink::WebCryptoKeyUsageUnwrapKey); | 2700 blink::WebCryptoKeyUsageUnwrapKey); |
2583 EXPECT_STATUS( | 2701 EXPECT_EQ( |
2584 Status::ErrorUnexpected(), | 2702 Status::ErrorUnexpected(), |
2585 UnwrapKey(blink::WebCryptoKeyFormatRaw, | 2703 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
2586 CryptoData(test_ciphertext), | 2704 CryptoData(test_ciphertext), |
2587 wrapping_key, | 2705 wrapping_key, |
2588 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 2706 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
2589 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 2707 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
2590 true, | 2708 true, |
2591 blink::WebCryptoKeyUsageEncrypt, | 2709 blink::WebCryptoKeyUsageEncrypt, |
2592 &unwrapped_key)); | 2710 &unwrapped_key)); |
2593 } | 2711 } |
(...skipping 20 matching lines...) Expand all Loading... |
2614 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey); | 2732 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey); |
2615 | 2733 |
2616 // Import the key to be wrapped. | 2734 // Import the key to be wrapped. |
2617 blink::WebCryptoKey key = ImportSecretKeyFromRaw( | 2735 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
2618 test_key, | 2736 test_key, |
2619 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 2737 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
2620 blink::WebCryptoKeyUsageEncrypt); | 2738 blink::WebCryptoKeyUsageEncrypt); |
2621 | 2739 |
2622 // Wrap the key and verify the ciphertext result against the known answer. | 2740 // Wrap the key and verify the ciphertext result against the known answer. |
2623 blink::WebArrayBuffer wrapped_key; | 2741 blink::WebArrayBuffer wrapped_key; |
2624 ASSERT_STATUS_SUCCESS(WrapKey(blink::WebCryptoKeyFormatRaw, | 2742 ASSERT_EQ(Status::Success(), |
2625 wrapping_key, | 2743 WrapKey(blink::WebCryptoKeyFormatRaw, |
2626 key, | 2744 wrapping_key, |
2627 wrapping_algorithm, | 2745 key, |
2628 &wrapped_key)); | 2746 wrapping_algorithm, |
| 2747 &wrapped_key)); |
2629 EXPECT_TRUE(ArrayBufferMatches(test_ciphertext, wrapped_key)); | 2748 EXPECT_TRUE(ArrayBufferMatches(test_ciphertext, wrapped_key)); |
2630 | 2749 |
2631 // Unwrap the known ciphertext to get a new test_key. | 2750 // Unwrap the known ciphertext to get a new test_key. |
2632 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 2751 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
2633 ASSERT_STATUS_SUCCESS( | 2752 ASSERT_EQ( |
| 2753 Status::Success(), |
2634 UnwrapKey(blink::WebCryptoKeyFormatRaw, | 2754 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
2635 CryptoData(test_ciphertext), | 2755 CryptoData(test_ciphertext), |
2636 wrapping_key, | 2756 wrapping_key, |
2637 wrapping_algorithm, | 2757 wrapping_algorithm, |
2638 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 2758 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
2639 true, | 2759 true, |
2640 blink::WebCryptoKeyUsageEncrypt, | 2760 blink::WebCryptoKeyUsageEncrypt, |
2641 &unwrapped_key)); | 2761 &unwrapped_key)); |
2642 EXPECT_FALSE(key.isNull()); | 2762 EXPECT_FALSE(key.isNull()); |
2643 EXPECT_TRUE(key.handle()); | 2763 EXPECT_TRUE(key.handle()); |
2644 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 2764 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
2645 EXPECT_EQ( | 2765 EXPECT_EQ( |
2646 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc).id(), | 2766 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc).id(), |
2647 key.algorithm().id()); | 2767 key.algorithm().id()); |
2648 EXPECT_EQ(true, key.extractable()); | 2768 EXPECT_EQ(true, key.extractable()); |
2649 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); | 2769 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); |
2650 | 2770 |
2651 // Export the new key and compare its raw bytes with the original known key. | 2771 // Export the new key and compare its raw bytes with the original known key. |
2652 blink::WebArrayBuffer raw_key; | 2772 blink::WebArrayBuffer raw_key; |
2653 EXPECT_STATUS_SUCCESS( | 2773 EXPECT_EQ(Status::Success(), |
2654 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); | 2774 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); |
2655 EXPECT_TRUE(ArrayBufferMatches(test_key, raw_key)); | 2775 EXPECT_TRUE(ArrayBufferMatches(test_key, raw_key)); |
2656 } | 2776 } |
2657 } | 2777 } |
2658 | 2778 |
2659 TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyWrapUnwrapErrors)) { | 2779 TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyWrapUnwrapErrors)) { |
2660 scoped_ptr<base::ListValue> tests; | 2780 scoped_ptr<base::ListValue> tests; |
2661 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests)); | 2781 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests)); |
2662 base::DictionaryValue* test; | 2782 base::DictionaryValue* test; |
2663 // Use 256 bits of data with a 256-bit KEK | 2783 // Use 256 bits of data with a 256-bit KEK |
2664 ASSERT_TRUE(tests->GetDictionary(5, &test)); | 2784 ASSERT_TRUE(tests->GetDictionary(5, &test)); |
(...skipping 13 matching lines...) Expand all Loading... |
2678 // Import the key to be wrapped. | 2798 // Import the key to be wrapped. |
2679 blink::WebCryptoKey key = ImportSecretKeyFromRaw( | 2799 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
2680 test_key, | 2800 test_key, |
2681 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 2801 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
2682 blink::WebCryptoKeyUsageEncrypt); | 2802 blink::WebCryptoKeyUsageEncrypt); |
2683 | 2803 |
2684 // Unwrap with wrapped data too small must fail. | 2804 // Unwrap with wrapped data too small must fail. |
2685 const std::vector<uint8> small_data(test_ciphertext.begin(), | 2805 const std::vector<uint8> small_data(test_ciphertext.begin(), |
2686 test_ciphertext.begin() + 23); | 2806 test_ciphertext.begin() + 23); |
2687 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 2807 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
2688 EXPECT_STATUS(Status::ErrorDataTooSmall(), | 2808 EXPECT_EQ(Status::ErrorDataTooSmall(), |
2689 UnwrapKey(blink::WebCryptoKeyFormatRaw, | 2809 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
2690 CryptoData(small_data), | 2810 CryptoData(small_data), |
2691 wrapping_key, | 2811 wrapping_key, |
2692 wrapping_algorithm, | 2812 wrapping_algorithm, |
2693 key_algorithm, | 2813 key_algorithm, |
2694 true, | 2814 true, |
2695 blink::WebCryptoKeyUsageEncrypt, | 2815 blink::WebCryptoKeyUsageEncrypt, |
2696 &unwrapped_key)); | 2816 &unwrapped_key)); |
2697 | 2817 |
2698 // Unwrap with wrapped data size not a multiple of 8 bytes must fail. | 2818 // Unwrap with wrapped data size not a multiple of 8 bytes must fail. |
2699 const std::vector<uint8> unaligned_data(test_ciphertext.begin(), | 2819 const std::vector<uint8> unaligned_data(test_ciphertext.begin(), |
2700 test_ciphertext.end() - 2); | 2820 test_ciphertext.end() - 2); |
2701 EXPECT_STATUS(Status::ErrorInvalidAesKwDataLength(), | 2821 EXPECT_EQ(Status::ErrorInvalidAesKwDataLength(), |
2702 UnwrapKey(blink::WebCryptoKeyFormatRaw, | 2822 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
2703 CryptoData(unaligned_data), | 2823 CryptoData(unaligned_data), |
2704 wrapping_key, | 2824 wrapping_key, |
2705 wrapping_algorithm, | 2825 wrapping_algorithm, |
2706 key_algorithm, | 2826 key_algorithm, |
2707 true, | 2827 true, |
2708 blink::WebCryptoKeyUsageEncrypt, | 2828 blink::WebCryptoKeyUsageEncrypt, |
2709 &unwrapped_key)); | 2829 &unwrapped_key)); |
2710 } | 2830 } |
2711 | 2831 |
2712 TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyUnwrapCorruptData)) { | 2832 TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyUnwrapCorruptData)) { |
2713 scoped_ptr<base::ListValue> tests; | 2833 scoped_ptr<base::ListValue> tests; |
2714 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests)); | 2834 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests)); |
2715 base::DictionaryValue* test; | 2835 base::DictionaryValue* test; |
2716 // Use 256 bits of data with a 256-bit KEK | 2836 // Use 256 bits of data with a 256-bit KEK |
2717 ASSERT_TRUE(tests->GetDictionary(5, &test)); | 2837 ASSERT_TRUE(tests->GetDictionary(5, &test)); |
2718 const std::vector<uint8> test_kek = GetBytesFromHexString(test, "kek"); | 2838 const std::vector<uint8> test_kek = GetBytesFromHexString(test, "kek"); |
2719 const std::vector<uint8> test_key = GetBytesFromHexString(test, "key"); | 2839 const std::vector<uint8> test_key = GetBytesFromHexString(test, "key"); |
2720 const std::vector<uint8> test_ciphertext = | 2840 const std::vector<uint8> test_ciphertext = |
2721 GetBytesFromHexString(test, "ciphertext"); | 2841 GetBytesFromHexString(test, "ciphertext"); |
2722 const blink::WebCryptoAlgorithm wrapping_algorithm = | 2842 const blink::WebCryptoAlgorithm wrapping_algorithm = |
2723 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); | 2843 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); |
2724 | 2844 |
2725 // Import the wrapping key. | 2845 // Import the wrapping key. |
2726 blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw( | 2846 blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw( |
2727 test_kek, | 2847 test_kek, |
2728 wrapping_algorithm, | 2848 wrapping_algorithm, |
2729 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey); | 2849 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey); |
2730 | 2850 |
2731 // Unwrap of a corrupted version of the known ciphertext should fail, due to | 2851 // Unwrap of a corrupted version of the known ciphertext should fail, due to |
2732 // AES-KW's built-in integrity check. | 2852 // AES-KW's built-in integrity check. |
2733 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 2853 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
2734 EXPECT_STATUS( | 2854 EXPECT_EQ( |
2735 Status::Error(), | 2855 Status::OperationError(), |
2736 UnwrapKey(blink::WebCryptoKeyFormatRaw, | 2856 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
2737 CryptoData(Corrupted(test_ciphertext)), | 2857 CryptoData(Corrupted(test_ciphertext)), |
2738 wrapping_key, | 2858 wrapping_key, |
2739 wrapping_algorithm, | 2859 wrapping_algorithm, |
2740 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 2860 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
2741 true, | 2861 true, |
2742 blink::WebCryptoKeyUsageEncrypt, | 2862 blink::WebCryptoKeyUsageEncrypt, |
2743 &unwrapped_key)); | 2863 &unwrapped_key)); |
2744 } | 2864 } |
2745 | 2865 |
(...skipping 16 matching lines...) Expand all Loading... |
2762 HexStringToBytes("000102030405060708090A0B0C0D0E0F"); | 2882 HexStringToBytes("000102030405060708090A0B0C0D0E0F"); |
2763 const blink::WebCryptoAlgorithm wrapping_algorithm = | 2883 const blink::WebCryptoAlgorithm wrapping_algorithm = |
2764 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); | 2884 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); |
2765 | 2885 |
2766 // Import the wrapping key. | 2886 // Import the wrapping key. |
2767 blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw( | 2887 blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw( |
2768 wrapping_key_data, wrapping_algorithm, blink::WebCryptoKeyUsageUnwrapKey); | 2888 wrapping_key_data, wrapping_algorithm, blink::WebCryptoKeyUsageUnwrapKey); |
2769 | 2889 |
2770 // Unwrap the known wrapped key data to produce a new key | 2890 // Unwrap the known wrapped key data to produce a new key |
2771 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 2891 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
2772 ASSERT_STATUS_SUCCESS( | 2892 ASSERT_EQ( |
| 2893 Status::Success(), |
2773 UnwrapKey(blink::WebCryptoKeyFormatJwk, | 2894 UnwrapKey(blink::WebCryptoKeyFormatJwk, |
2774 CryptoData(wrapped_key_data), | 2895 CryptoData(wrapped_key_data), |
2775 wrapping_key, | 2896 wrapping_key, |
2776 wrapping_algorithm, | 2897 wrapping_algorithm, |
2777 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256), | 2898 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256), |
2778 true, | 2899 true, |
2779 blink::WebCryptoKeyUsageVerify, | 2900 blink::WebCryptoKeyUsageVerify, |
2780 &unwrapped_key)); | 2901 &unwrapped_key)); |
2781 | 2902 |
2782 // Validate the new key's attributes. | 2903 // Validate the new key's attributes. |
2783 EXPECT_FALSE(unwrapped_key.isNull()); | 2904 EXPECT_FALSE(unwrapped_key.isNull()); |
2784 EXPECT_TRUE(unwrapped_key.handle()); | 2905 EXPECT_TRUE(unwrapped_key.handle()); |
2785 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, unwrapped_key.type()); | 2906 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, unwrapped_key.type()); |
2786 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, unwrapped_key.algorithm().id()); | 2907 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, unwrapped_key.algorithm().id()); |
2787 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, | 2908 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, |
2788 unwrapped_key.algorithm().hmacParams()->hash().id()); | 2909 unwrapped_key.algorithm().hmacParams()->hash().id()); |
2789 EXPECT_EQ(256u, unwrapped_key.algorithm().hmacParams()->lengthBits()); | 2910 EXPECT_EQ(256u, unwrapped_key.algorithm().hmacParams()->lengthBits()); |
2790 EXPECT_EQ(true, unwrapped_key.extractable()); | 2911 EXPECT_EQ(true, unwrapped_key.extractable()); |
2791 EXPECT_EQ(blink::WebCryptoKeyUsageVerify, unwrapped_key.usages()); | 2912 EXPECT_EQ(blink::WebCryptoKeyUsageVerify, unwrapped_key.usages()); |
2792 | 2913 |
2793 // Export the new key's raw data and compare to the known original. | 2914 // Export the new key's raw data and compare to the known original. |
2794 blink::WebArrayBuffer raw_key; | 2915 blink::WebArrayBuffer raw_key; |
2795 EXPECT_STATUS_SUCCESS( | 2916 EXPECT_EQ(Status::Success(), |
2796 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); | 2917 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); |
2797 EXPECT_TRUE(ArrayBufferMatches(key_data, raw_key)); | 2918 EXPECT_TRUE(ArrayBufferMatches(key_data, raw_key)); |
2798 } | 2919 } |
2799 | 2920 |
2800 // TODO(eroman): | 2921 // TODO(eroman): |
2801 // * Test decryption when the tag length exceeds input size | 2922 // * Test decryption when the tag length exceeds input size |
2802 // * Test decryption with empty input | 2923 // * Test decryption with empty input |
2803 // * Test decryption with tag length of 0. | 2924 // * Test decryption with tag length of 0. |
2804 TEST_F(SharedCryptoTest, MAYBE(AesGcmSampleSets)) { | 2925 TEST_F(SharedCryptoTest, MAYBE(AesGcmSampleSets)) { |
2805 // Some Linux test runners may not have a new enough version of NSS. | 2926 // Some Linux test runners may not have a new enough version of NSS. |
2806 if (!SupportsAesGcm()) { | 2927 if (!SupportsAesGcm()) { |
(...skipping 22 matching lines...) Expand all Loading... |
2829 const std::vector<uint8> test_cipher_text = | 2950 const std::vector<uint8> test_cipher_text = |
2830 GetBytesFromHexString(test, "cipher_text"); | 2951 GetBytesFromHexString(test, "cipher_text"); |
2831 | 2952 |
2832 blink::WebCryptoKey key = ImportSecretKeyFromRaw( | 2953 blink::WebCryptoKey key = ImportSecretKeyFromRaw( |
2833 test_key, | 2954 test_key, |
2834 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm), | 2955 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesGcm), |
2835 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); | 2956 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt); |
2836 | 2957 |
2837 // Verify exported raw key is identical to the imported data | 2958 // Verify exported raw key is identical to the imported data |
2838 blink::WebArrayBuffer raw_key; | 2959 blink::WebArrayBuffer raw_key; |
2839 EXPECT_STATUS_SUCCESS( | 2960 EXPECT_EQ(Status::Success(), |
2840 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); | 2961 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); |
2841 | 2962 |
2842 EXPECT_TRUE(ArrayBufferMatches(test_key, raw_key)); | 2963 EXPECT_TRUE(ArrayBufferMatches(test_key, raw_key)); |
2843 | 2964 |
2844 // Test encryption. | 2965 // Test encryption. |
2845 std::vector<uint8> cipher_text; | 2966 std::vector<uint8> cipher_text; |
2846 std::vector<uint8> authentication_tag; | 2967 std::vector<uint8> authentication_tag; |
2847 EXPECT_STATUS_SUCCESS(AesGcmEncrypt(key, | 2968 EXPECT_EQ(Status::Success(), |
2848 test_iv, | 2969 AesGcmEncrypt(key, |
2849 test_additional_data, | 2970 test_iv, |
2850 test_tag_size_bits, | 2971 test_additional_data, |
2851 test_plain_text, | 2972 test_tag_size_bits, |
2852 &cipher_text, | 2973 test_plain_text, |
2853 &authentication_tag)); | 2974 &cipher_text, |
| 2975 &authentication_tag)); |
2854 | 2976 |
2855 ExpectVectorMatches(test_cipher_text, cipher_text); | 2977 ExpectVectorMatches(test_cipher_text, cipher_text); |
2856 ExpectVectorMatches(test_authentication_tag, authentication_tag); | 2978 ExpectVectorMatches(test_authentication_tag, authentication_tag); |
2857 | 2979 |
2858 // Test decryption. | 2980 // Test decryption. |
2859 blink::WebArrayBuffer plain_text; | 2981 blink::WebArrayBuffer plain_text; |
2860 EXPECT_STATUS_SUCCESS(AesGcmDecrypt(key, | 2982 EXPECT_EQ(Status::Success(), |
2861 test_iv, | 2983 AesGcmDecrypt(key, |
2862 test_additional_data, | 2984 test_iv, |
2863 test_tag_size_bits, | 2985 test_additional_data, |
2864 test_cipher_text, | 2986 test_tag_size_bits, |
2865 test_authentication_tag, | 2987 test_cipher_text, |
2866 &plain_text)); | 2988 test_authentication_tag, |
| 2989 &plain_text)); |
2867 EXPECT_TRUE(ArrayBufferMatches(test_plain_text, plain_text)); | 2990 EXPECT_TRUE(ArrayBufferMatches(test_plain_text, plain_text)); |
2868 | 2991 |
2869 // Decryption should fail if any of the inputs are tampered with. | 2992 // Decryption should fail if any of the inputs are tampered with. |
2870 EXPECT_STATUS(Status::Error(), | 2993 EXPECT_EQ(Status::OperationError(), |
2871 AesGcmDecrypt(key, | 2994 AesGcmDecrypt(key, |
2872 Corrupted(test_iv), | 2995 Corrupted(test_iv), |
2873 test_additional_data, | 2996 test_additional_data, |
2874 test_tag_size_bits, | 2997 test_tag_size_bits, |
2875 test_cipher_text, | 2998 test_cipher_text, |
2876 test_authentication_tag, | 2999 test_authentication_tag, |
2877 &plain_text)); | 3000 &plain_text)); |
2878 EXPECT_STATUS(Status::Error(), | 3001 EXPECT_EQ(Status::OperationError(), |
2879 AesGcmDecrypt(key, | 3002 AesGcmDecrypt(key, |
2880 test_iv, | 3003 test_iv, |
2881 Corrupted(test_additional_data), | 3004 Corrupted(test_additional_data), |
2882 test_tag_size_bits, | 3005 test_tag_size_bits, |
2883 test_cipher_text, | 3006 test_cipher_text, |
2884 test_authentication_tag, | 3007 test_authentication_tag, |
2885 &plain_text)); | 3008 &plain_text)); |
2886 EXPECT_STATUS(Status::Error(), | 3009 EXPECT_EQ(Status::OperationError(), |
2887 AesGcmDecrypt(key, | 3010 AesGcmDecrypt(key, |
2888 test_iv, | 3011 test_iv, |
2889 test_additional_data, | 3012 test_additional_data, |
2890 test_tag_size_bits, | 3013 test_tag_size_bits, |
2891 Corrupted(test_cipher_text), | 3014 Corrupted(test_cipher_text), |
2892 test_authentication_tag, | 3015 test_authentication_tag, |
2893 &plain_text)); | 3016 &plain_text)); |
2894 EXPECT_STATUS(Status::Error(), | 3017 EXPECT_EQ(Status::OperationError(), |
2895 AesGcmDecrypt(key, | 3018 AesGcmDecrypt(key, |
2896 test_iv, | 3019 test_iv, |
2897 test_additional_data, | 3020 test_additional_data, |
2898 test_tag_size_bits, | 3021 test_tag_size_bits, |
2899 test_cipher_text, | 3022 test_cipher_text, |
2900 Corrupted(test_authentication_tag), | 3023 Corrupted(test_authentication_tag), |
2901 &plain_text)); | 3024 &plain_text)); |
2902 | 3025 |
2903 // Try different incorrect tag lengths | 3026 // Try different incorrect tag lengths |
2904 uint8 kAlternateTagLengths[] = {0, 8, 96, 120, 128, 160, 255}; | 3027 uint8 kAlternateTagLengths[] = {0, 8, 96, 120, 128, 160, 255}; |
2905 for (size_t tag_i = 0; tag_i < arraysize(kAlternateTagLengths); ++tag_i) { | 3028 for (size_t tag_i = 0; tag_i < arraysize(kAlternateTagLengths); ++tag_i) { |
2906 unsigned int wrong_tag_size_bits = kAlternateTagLengths[tag_i]; | 3029 unsigned int wrong_tag_size_bits = kAlternateTagLengths[tag_i]; |
2907 if (test_tag_size_bits == wrong_tag_size_bits) | 3030 if (test_tag_size_bits == wrong_tag_size_bits) |
2908 continue; | 3031 continue; |
2909 EXPECT_STATUS_ERROR(AesGcmDecrypt(key, | 3032 EXPECT_NE(Status::Success(), |
2910 test_iv, | 3033 AesGcmDecrypt(key, |
2911 test_additional_data, | 3034 test_iv, |
2912 wrong_tag_size_bits, | 3035 test_additional_data, |
2913 test_cipher_text, | 3036 wrong_tag_size_bits, |
2914 test_authentication_tag, | 3037 test_cipher_text, |
2915 &plain_text)); | 3038 test_authentication_tag, |
| 3039 &plain_text)); |
2916 } | 3040 } |
2917 } | 3041 } |
2918 } | 3042 } |
2919 | 3043 |
2920 TEST_F(SharedCryptoTest, MAYBE(RsaEsRawSymkeyWrapUnwrapKnownAnswer)) { | 3044 TEST_F(SharedCryptoTest, MAYBE(RsaEsRawSymkeyWrapUnwrapKnownAnswer)) { |
2921 scoped_ptr<base::Value> json; | 3045 scoped_ptr<base::Value> json; |
2922 ASSERT_TRUE(ReadJsonTestFile("rsa_es.json", &json)); | 3046 ASSERT_TRUE(ReadJsonTestFile("rsa_es.json", &json)); |
2923 base::DictionaryValue* test = NULL; | 3047 base::DictionaryValue* test = NULL; |
2924 ASSERT_TRUE(json->GetAsDictionary(&test)); | 3048 ASSERT_TRUE(json->GetAsDictionary(&test)); |
2925 const std::vector<uint8> rsa_spki_der = | 3049 const std::vector<uint8> rsa_spki_der = |
(...skipping 15 matching lines...) Expand all Loading... |
2941 rsa_spki_der, | 3065 rsa_spki_der, |
2942 rsa_pkcs8_der, | 3066 rsa_pkcs8_der, |
2943 algorithm, | 3067 algorithm, |
2944 false, | 3068 false, |
2945 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey, | 3069 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey, |
2946 &public_key, | 3070 &public_key, |
2947 &private_key); | 3071 &private_key); |
2948 | 3072 |
2949 // Import the symmetric key. | 3073 // Import the symmetric key. |
2950 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 3074 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
2951 ASSERT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatRaw, | 3075 ASSERT_EQ(Status::Success(), |
2952 CryptoData(cleartext), | 3076 ImportKey(blink::WebCryptoKeyFormatRaw, |
2953 key_algorithm, | 3077 CryptoData(cleartext), |
2954 true, | 3078 key_algorithm, |
2955 blink::WebCryptoKeyUsageSign, | 3079 true, |
2956 &key)); | 3080 blink::WebCryptoKeyUsageSign, |
| 3081 &key)); |
2957 | 3082 |
2958 // Wrap the symmetric key with raw format. | 3083 // Wrap the symmetric key with raw format. |
2959 blink::WebArrayBuffer wrapped_key; | 3084 blink::WebArrayBuffer wrapped_key; |
2960 ASSERT_STATUS_SUCCESS(WrapKey( | 3085 ASSERT_EQ(Status::Success(), |
2961 blink::WebCryptoKeyFormatRaw, public_key, key, algorithm, &wrapped_key)); | 3086 WrapKey(blink::WebCryptoKeyFormatRaw, |
| 3087 public_key, |
| 3088 key, |
| 3089 algorithm, |
| 3090 &wrapped_key)); |
2962 | 3091 |
2963 // Unwrap the wrapped key. | 3092 // Unwrap the wrapped key. |
2964 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 3093 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
2965 ASSERT_STATUS_SUCCESS(UnwrapKey(blink::WebCryptoKeyFormatRaw, | 3094 ASSERT_EQ(Status::Success(), |
2966 CryptoData(wrapped_key), | 3095 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
2967 private_key, | 3096 CryptoData(wrapped_key), |
2968 algorithm, | 3097 private_key, |
2969 key_algorithm, | 3098 algorithm, |
2970 true, | 3099 key_algorithm, |
2971 blink::WebCryptoKeyUsageSign, | 3100 true, |
2972 &unwrapped_key)); | 3101 blink::WebCryptoKeyUsageSign, |
| 3102 &unwrapped_key)); |
2973 EXPECT_FALSE(key.isNull()); | 3103 EXPECT_FALSE(key.isNull()); |
2974 EXPECT_TRUE(key.handle()); | 3104 EXPECT_TRUE(key.handle()); |
2975 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 3105 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
2976 EXPECT_EQ(key_algorithm.id(), key.algorithm().id()); | 3106 EXPECT_EQ(key_algorithm.id(), key.algorithm().id()); |
2977 EXPECT_EQ(true, key.extractable()); | 3107 EXPECT_EQ(true, key.extractable()); |
2978 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages()); | 3108 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages()); |
2979 | 3109 |
2980 // Export the new key and compare its raw bytes with the original known data. | 3110 // Export the new key and compare its raw bytes with the original known data. |
2981 blink::WebArrayBuffer raw_key; | 3111 blink::WebArrayBuffer raw_key; |
2982 EXPECT_STATUS_SUCCESS( | 3112 EXPECT_EQ(Status::Success(), |
2983 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); | 3113 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); |
2984 EXPECT_TRUE(ArrayBufferMatches(cleartext, raw_key)); | 3114 EXPECT_TRUE(ArrayBufferMatches(cleartext, raw_key)); |
2985 | 3115 |
2986 // Unwrap the known wrapped key and compare to the known cleartext. | 3116 // Unwrap the known wrapped key and compare to the known cleartext. |
2987 ASSERT_STATUS_SUCCESS(UnwrapKey(blink::WebCryptoKeyFormatRaw, | 3117 ASSERT_EQ(Status::Success(), |
2988 CryptoData(ciphertext), | 3118 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
2989 private_key, | 3119 CryptoData(ciphertext), |
2990 algorithm, | 3120 private_key, |
2991 key_algorithm, | 3121 algorithm, |
2992 true, | 3122 key_algorithm, |
2993 blink::WebCryptoKeyUsageSign, | 3123 true, |
2994 &unwrapped_key)); | 3124 blink::WebCryptoKeyUsageSign, |
2995 EXPECT_STATUS_SUCCESS( | 3125 &unwrapped_key)); |
2996 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); | 3126 EXPECT_EQ(Status::Success(), |
| 3127 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); |
2997 EXPECT_TRUE(ArrayBufferMatches(cleartext, raw_key)); | 3128 EXPECT_TRUE(ArrayBufferMatches(cleartext, raw_key)); |
2998 } | 3129 } |
2999 | 3130 |
3000 TEST_F(SharedCryptoTest, MAYBE(RsaEsRawSymkeyWrapUnwrapErrors)) { | 3131 TEST_F(SharedCryptoTest, MAYBE(RsaEsRawSymkeyWrapUnwrapErrors)) { |
3001 const std::vector<uint8> data(64, 0); | 3132 const std::vector<uint8> data(64, 0); |
3002 blink::WebCryptoAlgorithm key_algorithm = | 3133 blink::WebCryptoAlgorithm key_algorithm = |
3003 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256); | 3134 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256); |
3004 | 3135 |
3005 // Import the RSA key pair. | 3136 // Import the RSA key pair. |
3006 blink::WebCryptoAlgorithm wrapping_algorithm = | 3137 blink::WebCryptoAlgorithm wrapping_algorithm = |
3007 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 3138 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
3008 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 3139 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
3009 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 3140 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
3010 ImportRsaKeyPair( | 3141 ImportRsaKeyPair( |
3011 HexStringToBytes(kPublicKeySpkiDerHex), | 3142 HexStringToBytes(kPublicKeySpkiDerHex), |
3012 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 3143 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
3013 wrapping_algorithm, | 3144 wrapping_algorithm, |
3014 false, | 3145 false, |
3015 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey, | 3146 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey, |
3016 &public_key, | 3147 &public_key, |
3017 &private_key); | 3148 &private_key); |
3018 | 3149 |
3019 // Import the symmetric key. | 3150 // Import the symmetric key. |
3020 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 3151 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
3021 ASSERT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatRaw, | 3152 ASSERT_EQ(Status::Success(), |
3022 CryptoData(data), | 3153 ImportKey(blink::WebCryptoKeyFormatRaw, |
3023 key_algorithm, | 3154 CryptoData(data), |
3024 true, | 3155 key_algorithm, |
3025 blink::WebCryptoKeyUsageSign, | 3156 true, |
3026 &key)); | 3157 blink::WebCryptoKeyUsageSign, |
| 3158 &key)); |
3027 | 3159 |
3028 // Wrapping with a private key should fail. | 3160 // Wrapping with a private key should fail. |
3029 blink::WebArrayBuffer wrapped_key; | 3161 blink::WebArrayBuffer wrapped_key; |
3030 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 3162 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), |
3031 WrapKey(blink::WebCryptoKeyFormatRaw, | 3163 WrapKey(blink::WebCryptoKeyFormatRaw, |
3032 private_key, | 3164 private_key, |
3033 key, | 3165 key, |
3034 wrapping_algorithm, | 3166 wrapping_algorithm, |
3035 &wrapped_key)); | 3167 &wrapped_key)); |
3036 | 3168 |
3037 // Wrapping a key whose raw keying material is too large for the wrapping key | 3169 // Wrapping a key whose raw keying material is too large for the wrapping key |
3038 // should fail. | 3170 // should fail. |
3039 // RSAES can encrypt data up to length of k - 11 bytes, where k is the octet | 3171 // RSAES can encrypt data up to length of k - 11 bytes, where k is the octet |
3040 // length of the RSA modulus, and can decrypt data up to length k. Fabricate a | 3172 // length of the RSA modulus, and can decrypt data up to length k. Fabricate a |
3041 // big piece of data here that fails both of these criteria, so it can be used | 3173 // big piece of data here that fails both of these criteria, so it can be used |
3042 // for both wrap and unwrap negative tests below. | 3174 // for both wrap and unwrap negative tests below. |
3043 const std::vector<uint8> big_data(kModulusLengthBits / 8 + 1, 0); | 3175 const std::vector<uint8> big_data(kModulusLengthBits / 8 + 1, 0); |
3044 blink::WebCryptoKey big_key = blink::WebCryptoKey::createNull(); | 3176 blink::WebCryptoKey big_key = blink::WebCryptoKey::createNull(); |
3045 ASSERT_STATUS_SUCCESS(ImportKey(blink::WebCryptoKeyFormatRaw, | 3177 ASSERT_EQ(Status::Success(), |
3046 CryptoData(big_data), | 3178 ImportKey(blink::WebCryptoKeyFormatRaw, |
3047 key_algorithm, | 3179 CryptoData(big_data), |
3048 true, | 3180 key_algorithm, |
3049 blink::WebCryptoKeyUsageSign, | 3181 true, |
3050 &big_key)); | 3182 blink::WebCryptoKeyUsageSign, |
3051 EXPECT_STATUS(Status::ErrorDataTooLarge(), | 3183 &big_key)); |
3052 WrapKey(blink::WebCryptoKeyFormatRaw, | 3184 EXPECT_EQ(Status::ErrorDataTooLarge(), |
3053 public_key, | 3185 WrapKey(blink::WebCryptoKeyFormatRaw, |
3054 big_key, | 3186 public_key, |
3055 wrapping_algorithm, | 3187 big_key, |
3056 &wrapped_key)); | 3188 wrapping_algorithm, |
| 3189 &wrapped_key)); |
3057 | 3190 |
3058 // Unwrapping with a public key should fail. | 3191 // Unwrapping with a public key should fail. |
3059 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 3192 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
3060 EXPECT_STATUS(Status::ErrorUnexpectedKeyType(), | 3193 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), |
3061 UnwrapKey(blink::WebCryptoKeyFormatRaw, | 3194 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
3062 CryptoData(data), | 3195 CryptoData(data), |
3063 public_key, | 3196 public_key, |
3064 wrapping_algorithm, | 3197 wrapping_algorithm, |
3065 key_algorithm, | 3198 key_algorithm, |
3066 true, | 3199 true, |
3067 blink::WebCryptoKeyUsageSign, | 3200 blink::WebCryptoKeyUsageSign, |
3068 &unwrapped_key)); | 3201 &unwrapped_key)); |
3069 | 3202 |
3070 // Unwrapping empty data should fail. | 3203 // Unwrapping empty data should fail. |
3071 const std::vector<uint8> emtpy_data; | 3204 const std::vector<uint8> emtpy_data; |
3072 EXPECT_STATUS(Status::ErrorDataTooSmall(), | 3205 EXPECT_EQ(Status::ErrorDataTooSmall(), |
3073 UnwrapKey(blink::WebCryptoKeyFormatRaw, | 3206 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
3074 CryptoData(emtpy_data), | 3207 CryptoData(emtpy_data), |
3075 private_key, | 3208 private_key, |
3076 wrapping_algorithm, | 3209 wrapping_algorithm, |
3077 key_algorithm, | 3210 key_algorithm, |
3078 true, | 3211 true, |
3079 blink::WebCryptoKeyUsageSign, | 3212 blink::WebCryptoKeyUsageSign, |
3080 &unwrapped_key)); | 3213 &unwrapped_key)); |
3081 | 3214 |
3082 // Unwrapping data too large for the wrapping key should fail. | 3215 // Unwrapping data too large for the wrapping key should fail. |
3083 EXPECT_STATUS(Status::ErrorDataTooLarge(), | 3216 EXPECT_EQ(Status::ErrorDataTooLarge(), |
3084 UnwrapKey(blink::WebCryptoKeyFormatRaw, | 3217 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
3085 CryptoData(big_data), | 3218 CryptoData(big_data), |
3086 private_key, | 3219 private_key, |
3087 wrapping_algorithm, | 3220 wrapping_algorithm, |
3088 key_algorithm, | 3221 key_algorithm, |
3089 true, | 3222 true, |
3090 blink::WebCryptoKeyUsageSign, | 3223 blink::WebCryptoKeyUsageSign, |
3091 &unwrapped_key)); | 3224 &unwrapped_key)); |
3092 } | 3225 } |
3093 | 3226 |
3094 TEST_F(SharedCryptoTest, MAYBE(RsaEsJwkSymkeyUnwrapKnownAnswer)) { | 3227 TEST_F(SharedCryptoTest, MAYBE(RsaEsJwkSymkeyUnwrapKnownAnswer)) { |
3095 // The following data lists a known 128-bit AES-CBC key, then a JWK | 3228 // The following data lists a known 128-bit AES-CBC key, then a JWK |
3096 // representation of this key that was encrypted ("wrapped") using | 3229 // representation of this key that was encrypted ("wrapped") using |
3097 // RSAES-PKCS1-v1_5 and kPublicKeySpkiDerHex as the wrapping key. | 3230 // RSAES-PKCS1-v1_5 and kPublicKeySpkiDerHex as the wrapping key. |
3098 // For reference, the intermediate clear JWK is | 3231 // For reference, the intermediate clear JWK is |
3099 // {"alg":"A128CBC","ext":true,"k":<b64url>,"key_ops":["encrypt"],"kty":"oct"} | 3232 // {"alg":"A128CBC","ext":true,"k":<b64url>,"key_ops":["encrypt"],"kty":"oct"} |
3100 const std::vector<uint8> key_data = | 3233 const std::vector<uint8> key_data = |
3101 HexStringToBytes("8f56a26e7e8b77dca15ed54339724bf5"); | 3234 HexStringToBytes("8f56a26e7e8b77dca15ed54339724bf5"); |
3102 const std::vector<uint8> wrapped_key_data = HexStringToBytes( | 3235 const std::vector<uint8> wrapped_key_data = HexStringToBytes( |
3103 "9debcabd9c731d6a779622dbef38635419c409b3077af67b3cf0601b2da7054f2ec26156" | 3236 "9debcabd9c731d6a779622dbef38635419c409b3077af67b3cf0601b2da7054f2ec26156" |
3104 "06bb764e4986f45dd09ce660432a7abbac48b5249924f12dea52275b6d67d8b8a2f63525" | 3237 "06bb764e4986f45dd09ce660432a7abbac48b5249924f12dea52275b6d67d8b8a2f63525" |
3105 "fbbf67d61244c1afa9e30857b87b7a48cdc0b3196dc1477738cbf9e42ea65d5e0edc3b05" | 3238 "fbbf67d61244c1afa9e30857b87b7a48cdc0b3196dc1477738cbf9e42ea65d5e0edc3b05" |
3106 "afafadc7d7400e26a51270d251040d51ce46cecc"); | 3239 "afafadc7d7400e26a51270d251040d51ce46cecc"); |
3107 const blink::WebCryptoAlgorithm wrapping_algorithm = | 3240 const blink::WebCryptoAlgorithm wrapping_algorithm = |
3108 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 3241 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
3109 | 3242 |
3110 // Import the private wrapping key. | 3243 // Import the private wrapping key. |
3111 blink::WebCryptoKey private_wrapping_key = blink::WebCryptoKey::createNull(); | 3244 blink::WebCryptoKey private_wrapping_key = blink::WebCryptoKey::createNull(); |
3112 ASSERT_STATUS_SUCCESS(ImportKey( | 3245 ASSERT_EQ(Status::Success(), |
3113 blink::WebCryptoKeyFormatPkcs8, | 3246 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
3114 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), | 3247 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), |
3115 wrapping_algorithm, | 3248 wrapping_algorithm, |
3116 false, | 3249 false, |
3117 blink::WebCryptoKeyUsageDecrypt | blink::WebCryptoKeyUsageUnwrapKey, | 3250 blink::WebCryptoKeyUsageDecrypt | |
3118 &private_wrapping_key)); | 3251 blink::WebCryptoKeyUsageUnwrapKey, |
| 3252 &private_wrapping_key)); |
3119 | 3253 |
3120 // Unwrap the key. | 3254 // Unwrap the key. |
3121 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 3255 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
3122 EXPECT_STATUS_SUCCESS( | 3256 EXPECT_EQ(Status::Success(), |
3123 UnwrapKey(blink::WebCryptoKeyFormatJwk, | 3257 UnwrapKey(blink::WebCryptoKeyFormatJwk, |
3124 CryptoData(wrapped_key_data), | 3258 CryptoData(wrapped_key_data), |
3125 private_wrapping_key, | 3259 private_wrapping_key, |
3126 wrapping_algorithm, | 3260 wrapping_algorithm, |
3127 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 3261 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
3128 true, | 3262 true, |
3129 blink::WebCryptoKeyUsageEncrypt, | 3263 blink::WebCryptoKeyUsageEncrypt, |
3130 &unwrapped_key)); | 3264 &unwrapped_key)); |
3131 EXPECT_FALSE(unwrapped_key.isNull()); | 3265 EXPECT_FALSE(unwrapped_key.isNull()); |
3132 EXPECT_TRUE(unwrapped_key.handle()); | 3266 EXPECT_TRUE(unwrapped_key.handle()); |
3133 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, unwrapped_key.type()); | 3267 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, unwrapped_key.type()); |
3134 EXPECT_EQ(blink::WebCryptoAlgorithmIdAesCbc, unwrapped_key.algorithm().id()); | 3268 EXPECT_EQ(blink::WebCryptoAlgorithmIdAesCbc, unwrapped_key.algorithm().id()); |
3135 EXPECT_EQ(true, unwrapped_key.extractable()); | 3269 EXPECT_EQ(true, unwrapped_key.extractable()); |
3136 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, unwrapped_key.usages()); | 3270 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, unwrapped_key.usages()); |
3137 | 3271 |
3138 // Export the unwrapped key and compare to the original. | 3272 // Export the unwrapped key and compare to the original. |
3139 blink::WebArrayBuffer raw_key; | 3273 blink::WebArrayBuffer raw_key; |
3140 EXPECT_STATUS_SUCCESS( | 3274 EXPECT_EQ(Status::Success(), |
3141 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); | 3275 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); |
3142 EXPECT_TRUE(ArrayBufferMatches(key_data, raw_key)); | 3276 EXPECT_TRUE(ArrayBufferMatches(key_data, raw_key)); |
3143 } | 3277 } |
3144 | 3278 |
3145 TEST_F(SharedCryptoTest, MAYBE(RsaEsJwkSymkeyWrapUnwrapRoundTrip)) { | 3279 TEST_F(SharedCryptoTest, MAYBE(RsaEsJwkSymkeyWrapUnwrapRoundTrip)) { |
3146 // Generate the symkey to be wrapped (256-bit AES-CBC key). | 3280 // Generate the symkey to be wrapped (256-bit AES-CBC key). |
3147 const blink::WebCryptoAlgorithm gen_algorithm = | 3281 const blink::WebCryptoAlgorithm gen_algorithm = |
3148 CreateAesCbcKeyGenAlgorithm(256); | 3282 CreateAesCbcKeyGenAlgorithm(256); |
3149 blink::WebCryptoKey key_to_wrap = blink::WebCryptoKey::createNull(); | 3283 blink::WebCryptoKey key_to_wrap = blink::WebCryptoKey::createNull(); |
3150 ASSERT_STATUS_SUCCESS(GenerateSecretKey( | 3284 ASSERT_EQ( |
3151 gen_algorithm, true, blink::WebCryptoKeyUsageEncrypt, &key_to_wrap)); | 3285 Status::Success(), |
| 3286 GenerateSecretKey( |
| 3287 gen_algorithm, true, blink::WebCryptoKeyUsageEncrypt, &key_to_wrap)); |
3152 | 3288 |
3153 // Import the wrapping key pair. | 3289 // Import the wrapping key pair. |
3154 const blink::WebCryptoAlgorithm wrapping_algorithm = | 3290 const blink::WebCryptoAlgorithm wrapping_algorithm = |
3155 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 3291 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
3156 blink::WebCryptoKey public_wrapping_key = blink::WebCryptoKey::createNull(); | 3292 blink::WebCryptoKey public_wrapping_key = blink::WebCryptoKey::createNull(); |
3157 blink::WebCryptoKey private_wrapping_key = blink::WebCryptoKey::createNull(); | 3293 blink::WebCryptoKey private_wrapping_key = blink::WebCryptoKey::createNull(); |
3158 ImportRsaKeyPair( | 3294 ImportRsaKeyPair( |
3159 HexStringToBytes(kPublicKeySpkiDerHex), | 3295 HexStringToBytes(kPublicKeySpkiDerHex), |
3160 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 3296 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
3161 wrapping_algorithm, | 3297 wrapping_algorithm, |
3162 false, | 3298 false, |
3163 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey, | 3299 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey, |
3164 &public_wrapping_key, | 3300 &public_wrapping_key, |
3165 &private_wrapping_key); | 3301 &private_wrapping_key); |
3166 | 3302 |
3167 // Wrap the symkey in JWK format, using the public wrapping key. | 3303 // Wrap the symkey in JWK format, using the public wrapping key. |
3168 blink::WebArrayBuffer wrapped_data; | 3304 blink::WebArrayBuffer wrapped_data; |
3169 ASSERT_STATUS_SUCCESS(WrapKey(blink::WebCryptoKeyFormatJwk, | 3305 ASSERT_EQ(Status::Success(), |
3170 public_wrapping_key, | 3306 WrapKey(blink::WebCryptoKeyFormatJwk, |
3171 key_to_wrap, | 3307 public_wrapping_key, |
3172 wrapping_algorithm, | 3308 key_to_wrap, |
3173 &wrapped_data)); | 3309 wrapping_algorithm, |
| 3310 &wrapped_data)); |
3174 | 3311 |
3175 // Unwrap the key using the private wrapping key. | 3312 // Unwrap the key using the private wrapping key. |
3176 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 3313 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
3177 ASSERT_STATUS_SUCCESS( | 3314 ASSERT_EQ(Status::Success(), |
3178 UnwrapKey(blink::WebCryptoKeyFormatJwk, | 3315 UnwrapKey(blink::WebCryptoKeyFormatJwk, |
3179 CryptoData(wrapped_data), | 3316 CryptoData(wrapped_data), |
3180 private_wrapping_key, | 3317 private_wrapping_key, |
3181 wrapping_algorithm, | 3318 wrapping_algorithm, |
3182 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 3319 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
3183 true, | 3320 true, |
3184 blink::WebCryptoKeyUsageEncrypt, | 3321 blink::WebCryptoKeyUsageEncrypt, |
3185 &unwrapped_key)); | 3322 &unwrapped_key)); |
3186 | 3323 |
3187 // Export the original symkey and the unwrapped key and compare. | 3324 // Export the original symkey and the unwrapped key and compare. |
3188 blink::WebArrayBuffer raw_key1, raw_key2; | 3325 blink::WebArrayBuffer raw_key1, raw_key2; |
3189 EXPECT_STATUS_SUCCESS( | 3326 EXPECT_EQ(Status::Success(), |
3190 ExportKey(blink::WebCryptoKeyFormatRaw, key_to_wrap, &raw_key1)); | 3327 ExportKey(blink::WebCryptoKeyFormatRaw, key_to_wrap, &raw_key1)); |
3191 EXPECT_STATUS_SUCCESS( | 3328 EXPECT_EQ(Status::Success(), |
3192 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key2)); | 3329 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key2)); |
3193 EXPECT_TRUE(ArrayBuffersEqual(raw_key1, raw_key2)); | 3330 EXPECT_TRUE(ArrayBuffersEqual(raw_key1, raw_key2)); |
3194 } | 3331 } |
3195 | 3332 |
3196 TEST_F(SharedCryptoTest, MAYBE(RsaEsJwkSymkeyWrapUnwrapErrors)) { | 3333 TEST_F(SharedCryptoTest, MAYBE(RsaEsJwkSymkeyWrapUnwrapErrors)) { |
3197 // Unwrap JWK-formatted data that can be successfully decrypted, but contains | 3334 // Unwrap JWK-formatted data that can be successfully decrypted, but contains |
3198 // an error in the plaintext JWK so it cannot be subsequently imported, and | 3335 // an error in the plaintext JWK so it cannot be subsequently imported, and |
3199 // ensure that a generic error is returned instead of some other more specific | 3336 // ensure that a generic error is returned instead of some other more specific |
3200 // error. This shows that information about the plaintext JWK inside the | 3337 // error. This shows that information about the plaintext JWK inside the |
3201 // encrypted data is not leaked. | 3338 // encrypted data is not leaked. |
3202 // Note that it is sufficient to consider just one JWK import failure mode | 3339 // Note that it is sufficient to consider just one JWK import failure mode |
3203 // here; others are validated in the ImportJwkFailures Test. The specific | 3340 // here; others are validated in the ImportJwkFailures Test. The specific |
3204 // error in the cleartext data below is kty = "foo", which is an invalid kty | 3341 // error in the cleartext data below is kty = "foo", which is an invalid kty |
3205 // value. | 3342 // value. |
3206 const std::string cleartext = | 3343 const std::string cleartext = |
3207 "{\"alg\":\"A128CBC\",\"ext\":true,\"k\":" | 3344 "{\"alg\":\"A128CBC\",\"ext\":true,\"k\":" |
3208 "\"j1aibn6Ld9yhXtVDOXJL9Q\",\"key_ops\":[\"encrypt\"],\"kty\":\"foo\"}"; | 3345 "\"j1aibn6Ld9yhXtVDOXJL9Q\",\"key_ops\":[\"encrypt\"],\"kty\":\"foo\"}"; |
3209 // ciphertext is the cleartext above encrypted with kPublicKeySpkiDerHex, and | 3346 // ciphertext is the cleartext above encrypted with kPublicKeySpkiDerHex, and |
3210 // can be decrypted with kPrivateKeyPkcs8DerHex | 3347 // can be decrypted with kPrivateKeyPkcs8DerHex |
3211 const std::vector<uint8> ciphertext = HexStringToBytes( | 3348 const std::vector<uint8> ciphertext = HexStringToBytes( |
3212 "93bc7bb2ca8502fcf3224e19b12ba455ac32d01695611022c76d3dbdd797c044de047d44" | 3349 "93bc7bb2ca8502fcf3224e19b12ba455ac32d01695611022c76d3dbdd797c044de047d44" |
3213 "6c5ed5de5b8f79147ffe1df8da9c894b58881b238d39bd24cecd5c1a98a7c0b07354aee6" | 3350 "6c5ed5de5b8f79147ffe1df8da9c894b58881b238d39bd24cecd5c1a98a7c0b07354aee6" |
3214 "24791b2d549b7ecf1219c49513a1bcbb0fac5c6b59d350b564c44dc3678dadf84b4ea3d1" | 3351 "24791b2d549b7ecf1219c49513a1bcbb0fac5c6b59d350b564c44dc3678dadf84b4ea3d1" |
3215 "32e576e88f8d4a2d27c173e033a97bbda7e47bb9"); | 3352 "32e576e88f8d4a2d27c173e033a97bbda7e47bb9"); |
3216 | 3353 |
3217 // Import the private decryption key. | 3354 // Import the private decryption key. |
3218 const blink::WebCryptoAlgorithm algorithm = | 3355 const blink::WebCryptoAlgorithm algorithm = |
3219 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | 3356 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); |
3220 blink::WebCryptoKey private_decryption_key = | 3357 blink::WebCryptoKey private_decryption_key = |
3221 blink::WebCryptoKey::createNull(); | 3358 blink::WebCryptoKey::createNull(); |
3222 ASSERT_STATUS_SUCCESS( | 3359 ASSERT_EQ(Status::Success(), |
3223 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 3360 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
3224 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), | 3361 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), |
3225 algorithm, | 3362 algorithm, |
3226 false, | 3363 false, |
3227 blink::WebCryptoKeyUsageDecrypt, | 3364 blink::WebCryptoKeyUsageDecrypt, |
3228 &private_decryption_key)); | 3365 &private_decryption_key)); |
3229 | 3366 |
3230 // Decrypt the ciphertext and validate the result, to prove that decryption is | 3367 // Decrypt the ciphertext and validate the result, to prove that decryption is |
3231 // successful. | 3368 // successful. |
3232 blink::WebArrayBuffer decrypted_data; | 3369 blink::WebArrayBuffer decrypted_data; |
3233 ASSERT_STATUS_SUCCESS(Decrypt(algorithm, | 3370 ASSERT_EQ(Status::Success(), |
3234 private_decryption_key, | 3371 Decrypt(algorithm, |
3235 CryptoData(ciphertext), | 3372 private_decryption_key, |
3236 &decrypted_data)); | 3373 CryptoData(ciphertext), |
| 3374 &decrypted_data)); |
3237 const std::string decrypted(static_cast<const char*>(decrypted_data.data()), | 3375 const std::string decrypted(static_cast<const char*>(decrypted_data.data()), |
3238 decrypted_data.byteLength()); | 3376 decrypted_data.byteLength()); |
3239 EXPECT_EQ(cleartext, decrypted); | 3377 EXPECT_EQ(cleartext, decrypted); |
3240 | 3378 |
3241 // Import the private wrapping key. Note this is the same underlying keying | 3379 // Import the private wrapping key. Note this is the same underlying keying |
3242 // material used for private_decryption_key above. The only difference is that | 3380 // material used for private_decryption_key above. The only difference is that |
3243 // it has unwrap rather than decrypt usage. | 3381 // it has unwrap rather than decrypt usage. |
3244 blink::WebCryptoKey private_wrapping_key = blink::WebCryptoKey::createNull(); | 3382 blink::WebCryptoKey private_wrapping_key = blink::WebCryptoKey::createNull(); |
3245 ASSERT_STATUS_SUCCESS( | 3383 ASSERT_EQ(Status::Success(), |
3246 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 3384 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
3247 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), | 3385 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), |
3248 algorithm, | 3386 algorithm, |
3249 false, | 3387 false, |
3250 blink::WebCryptoKeyUsageUnwrapKey, | 3388 blink::WebCryptoKeyUsageUnwrapKey, |
3251 &private_wrapping_key)); | 3389 &private_wrapping_key)); |
3252 | 3390 |
3253 // Treat the ciphertext as a wrapped key and try to unwrap it. Ensure a | 3391 // Treat the ciphertext as a wrapped key and try to unwrap it. Ensure a |
3254 // generic error is received. | 3392 // generic error is received. |
3255 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 3393 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
3256 EXPECT_STATUS(Status::Error(), | 3394 EXPECT_EQ(Status::OperationError(), |
3257 UnwrapKey(blink::WebCryptoKeyFormatJwk, | 3395 UnwrapKey(blink::WebCryptoKeyFormatJwk, |
3258 CryptoData(ciphertext), | 3396 CryptoData(ciphertext), |
3259 private_wrapping_key, | 3397 private_wrapping_key, |
3260 algorithm, | 3398 algorithm, |
3261 CreateAesCbcAlgorithm(std::vector<uint8>(0, 16)), | 3399 CreateAesCbcAlgorithm(std::vector<uint8>(0, 16)), |
3262 true, | 3400 true, |
3263 blink::WebCryptoKeyUsageEncrypt, | 3401 blink::WebCryptoKeyUsageEncrypt, |
3264 &unwrapped_key)); | 3402 &unwrapped_key)); |
3265 } | 3403 } |
3266 | 3404 |
3267 } // namespace webcrypto | 3405 } // namespace webcrypto |
3268 | 3406 |
3269 } // namespace content | 3407 } // namespace content |
OLD | NEW |