OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/child/webcrypto/shared_crypto.h" | 5 #include "content/child/webcrypto/shared_crypto.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
(...skipping 461 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
472 blink::WebCryptoAlgorithm algorithm = | 472 blink::WebCryptoAlgorithm algorithm = |
473 CreateAesGcmAlgorithm(iv, additional_data, tag_length_bits); | 473 CreateAesGcmAlgorithm(iv, additional_data, tag_length_bits); |
474 | 474 |
475 blink::WebArrayBuffer output; | 475 blink::WebArrayBuffer output; |
476 Status status = Encrypt(algorithm, key, CryptoData(plain_text), &output); | 476 Status status = Encrypt(algorithm, key, CryptoData(plain_text), &output); |
477 if (status.IsError()) | 477 if (status.IsError()) |
478 return status; | 478 return status; |
479 | 479 |
480 if (output.byteLength() * 8 < tag_length_bits) { | 480 if (output.byteLength() * 8 < tag_length_bits) { |
481 EXPECT_TRUE(false); | 481 EXPECT_TRUE(false); |
482 return Status::Error(); | 482 return Status::OperationError(); |
483 } | 483 } |
484 | 484 |
485 // The encryption result is cipher text with authentication tag appended. | 485 // The encryption result is cipher text with authentication tag appended. |
486 cipher_text->assign(static_cast<uint8*>(output.data()), | 486 cipher_text->assign(static_cast<uint8*>(output.data()), |
487 static_cast<uint8*>(output.data()) + | 487 static_cast<uint8*>(output.data()) + |
488 (output.byteLength() - tag_length_bits / 8)); | 488 (output.byteLength() - tag_length_bits / 8)); |
489 authentication_tag->assign( | 489 authentication_tag->assign( |
490 static_cast<uint8*>(output.data()) + cipher_text->size(), | 490 static_cast<uint8*>(output.data()) + cipher_text->size(), |
491 static_cast<uint8*>(output.data()) + output.byteLength()); | 491 static_cast<uint8*>(output.data()) + output.byteLength()); |
492 | 492 |
(...skipping 184 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
677 TEST_F(SharedCryptoTest, CheckAesGcm) { | 677 TEST_F(SharedCryptoTest, CheckAesGcm) { |
678 if (!SupportsAesGcm()) { | 678 if (!SupportsAesGcm()) { |
679 LOG(WARNING) << "AES GCM not supported on this platform, so some tests " | 679 LOG(WARNING) << "AES GCM not supported on this platform, so some tests " |
680 "will be skipped. Consider upgrading local NSS libraries"; | 680 "will be skipped. Consider upgrading local NSS libraries"; |
681 return; | 681 return; |
682 } | 682 } |
683 } | 683 } |
684 | 684 |
685 TEST_F(SharedCryptoTest, StatusToString) { | 685 TEST_F(SharedCryptoTest, StatusToString) { |
686 EXPECT_EQ("Success", Status::Success().ToString()); | 686 EXPECT_EQ("Success", Status::Success().ToString()); |
687 EXPECT_EQ("", Status::Error().ToString()); | 687 EXPECT_EQ("", Status::OperationError().ToString()); |
688 EXPECT_EQ("The requested operation is unsupported", | 688 EXPECT_EQ("The requested operation is unsupported", |
689 Status::ErrorUnsupported().ToString()); | 689 Status::ErrorUnsupported().ToString()); |
690 EXPECT_EQ("The required JWK property \"kty\" was missing", | 690 EXPECT_EQ("The required JWK property \"kty\" was missing", |
691 Status::ErrorJwkPropertyMissing("kty").ToString()); | 691 Status::ErrorJwkPropertyMissing("kty").ToString()); |
692 EXPECT_EQ("The JWK property \"kty\" must be a string", | 692 EXPECT_EQ("The JWK property \"kty\" must be a string", |
693 Status::ErrorJwkPropertyWrongType("kty", "string").ToString()); | 693 Status::ErrorJwkPropertyWrongType("kty", "string").ToString()); |
694 EXPECT_EQ("The JWK property \"n\" could not be base64 decoded", | 694 EXPECT_EQ("The JWK property \"n\" could not be base64 decoded", |
695 Status::ErrorJwkBase64Decode("n").ToString()); | 695 Status::ErrorJwkBase64Decode("n").ToString()); |
696 } | 696 } |
697 | 697 |
(...skipping 197 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
895 EXPECT_STATUS(Status::ErrorDataTooLarge(), | 895 EXPECT_STATUS(Status::ErrorDataTooLarge(), |
896 Decrypt(CreateAesCbcAlgorithm(iv), key, input, &output)); | 896 Decrypt(CreateAesCbcAlgorithm(iv), key, input, &output)); |
897 } | 897 } |
898 | 898 |
899 // Fail importing the key (too few bytes specified) | 899 // Fail importing the key (too few bytes specified) |
900 { | 900 { |
901 std::vector<uint8> key_raw(1); | 901 std::vector<uint8> key_raw(1); |
902 std::vector<uint8> iv(16); | 902 std::vector<uint8> iv(16); |
903 | 903 |
904 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 904 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
905 EXPECT_STATUS(Status::Error(), | 905 EXPECT_STATUS(Status::ErrorImportAesKeyLength(), |
906 ImportKey(blink::WebCryptoKeyFormatRaw, | 906 ImportKey(blink::WebCryptoKeyFormatRaw, |
907 CryptoData(key_raw), | 907 CryptoData(key_raw), |
908 CreateAesCbcAlgorithm(iv), | 908 CreateAesCbcAlgorithm(iv), |
909 true, | 909 true, |
910 blink::WebCryptoKeyUsageEncrypt, | 910 blink::WebCryptoKeyUsageEncrypt, |
911 &key)); | 911 &key)); |
912 } | 912 } |
913 | 913 |
914 // Fail exporting the key in SPKI and PKCS#8 formats (not allowed for secret | 914 // Fail exporting the key in SPKI and PKCS#8 formats (not allowed for secret |
915 // keys). | 915 // keys). |
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
965 CryptoData(test_cipher_text), | 965 CryptoData(test_cipher_text), |
966 &output)); | 966 &output)); |
967 EXPECT_TRUE(ArrayBufferMatches(test_plain_text, output)); | 967 EXPECT_TRUE(ArrayBufferMatches(test_plain_text, output)); |
968 | 968 |
969 const unsigned int kAesCbcBlockSize = 16; | 969 const unsigned int kAesCbcBlockSize = 16; |
970 | 970 |
971 // Decrypt with a padding error by stripping the last block. This also ends | 971 // Decrypt with a padding error by stripping the last block. This also ends |
972 // up testing decryption over empty cipher text. | 972 // up testing decryption over empty cipher text. |
973 if (test_cipher_text.size() >= kAesCbcBlockSize) { | 973 if (test_cipher_text.size() >= kAesCbcBlockSize) { |
974 EXPECT_STATUS( | 974 EXPECT_STATUS( |
975 Status::Error(), | 975 Status::OperationError(), |
976 Decrypt(CreateAesCbcAlgorithm(test_iv), | 976 Decrypt(CreateAesCbcAlgorithm(test_iv), |
977 key, | 977 key, |
978 CryptoData(&test_cipher_text[0], | 978 CryptoData(&test_cipher_text[0], |
979 test_cipher_text.size() - kAesCbcBlockSize), | 979 test_cipher_text.size() - kAesCbcBlockSize), |
980 &output)); | 980 &output)); |
981 } | 981 } |
982 | 982 |
983 // Decrypt cipher text which is not a multiple of block size by stripping | 983 // Decrypt cipher text which is not a multiple of block size by stripping |
984 // a few bytes off the cipher text. | 984 // a few bytes off the cipher text. |
985 if (test_cipher_text.size() > 3) { | 985 if (test_cipher_text.size() > 3) { |
986 EXPECT_STATUS( | 986 EXPECT_STATUS( |
987 Status::Error(), | 987 Status::OperationError(), |
988 Decrypt(CreateAesCbcAlgorithm(test_iv), | 988 Decrypt(CreateAesCbcAlgorithm(test_iv), |
989 key, | 989 key, |
990 CryptoData(&test_cipher_text[0], test_cipher_text.size() - 3), | 990 CryptoData(&test_cipher_text[0], test_cipher_text.size() - 3), |
991 &output)); | 991 &output)); |
992 } | 992 } |
993 } | 993 } |
994 } | 994 } |
995 | 995 |
996 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyAes)) { | 996 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyAes)) { |
997 // Check key generation for each of AES-CBC, AES-GCM, and AES-KW, and for each | 997 // Check key generation for each of AES-CBC, AES-GCM, and AES-KW, and for each |
(...skipping 817 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1815 Status::ErrorImportEmptyKeyData(), | 1815 Status::ErrorImportEmptyKeyData(), |
1816 ImportKey(blink::WebCryptoKeyFormatSpki, | 1816 ImportKey(blink::WebCryptoKeyFormatSpki, |
1817 CryptoData(std::vector<uint8>()), | 1817 CryptoData(std::vector<uint8>()), |
1818 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 1818 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1819 true, | 1819 true, |
1820 blink::WebCryptoKeyUsageEncrypt, | 1820 blink::WebCryptoKeyUsageEncrypt, |
1821 &key)); | 1821 &key)); |
1822 | 1822 |
1823 // Failing case: Bad DER encoding. | 1823 // Failing case: Bad DER encoding. |
1824 EXPECT_STATUS( | 1824 EXPECT_STATUS( |
1825 Status::Error(), | 1825 Status::OperationError(), |
1826 ImportKey(blink::WebCryptoKeyFormatSpki, | 1826 ImportKey(blink::WebCryptoKeyFormatSpki, |
1827 CryptoData(HexStringToBytes("618333c4cb")), | 1827 CryptoData(HexStringToBytes("618333c4cb")), |
1828 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), | 1828 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5), |
1829 true, | 1829 true, |
1830 blink::WebCryptoKeyUsageEncrypt, | 1830 blink::WebCryptoKeyUsageEncrypt, |
1831 &key)); | 1831 &key)); |
1832 | 1832 |
1833 // Failing case: Import RSA key but provide an inconsistent input algorithm. | 1833 // Failing case: Import RSA key but provide an inconsistent input algorithm. |
1834 EXPECT_STATUS(Status::Error(), | 1834 EXPECT_STATUS(Status::OperationError(), |
1835 ImportKey(blink::WebCryptoKeyFormatSpki, | 1835 ImportKey(blink::WebCryptoKeyFormatSpki, |
1836 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), | 1836 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), |
1837 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 1837 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
1838 true, | 1838 true, |
1839 blink::WebCryptoKeyUsageEncrypt, | 1839 blink::WebCryptoKeyUsageEncrypt, |
1840 &key)); | 1840 &key)); |
1841 | 1841 |
1842 // Passing case: Export a previously imported RSA public key in SPKI format | 1842 // Passing case: Export a previously imported RSA public key in SPKI format |
1843 // and compare to original data. | 1843 // and compare to original data. |
1844 blink::WebArrayBuffer output; | 1844 blink::WebArrayBuffer output; |
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1898 CryptoData(std::vector<uint8>()), | 1898 CryptoData(std::vector<uint8>()), |
1899 CreateRsaHashedImportAlgorithm( | 1899 CreateRsaHashedImportAlgorithm( |
1900 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1900 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
1901 blink::WebCryptoAlgorithmIdSha1), | 1901 blink::WebCryptoAlgorithmIdSha1), |
1902 true, | 1902 true, |
1903 blink::WebCryptoKeyUsageSign, | 1903 blink::WebCryptoKeyUsageSign, |
1904 &key)); | 1904 &key)); |
1905 | 1905 |
1906 // Failing case: Bad DER encoding. | 1906 // Failing case: Bad DER encoding. |
1907 EXPECT_STATUS( | 1907 EXPECT_STATUS( |
1908 Status::Error(), | 1908 Status::OperationError(), |
1909 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 1909 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
1910 CryptoData(HexStringToBytes("618333c4cb")), | 1910 CryptoData(HexStringToBytes("618333c4cb")), |
1911 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), | 1911 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), |
1912 true, | 1912 true, |
1913 blink::WebCryptoKeyUsageSign, | 1913 blink::WebCryptoKeyUsageSign, |
1914 &key)); | 1914 &key)); |
1915 | 1915 |
1916 // Failing case: Import RSA key but provide an inconsistent input algorithm. | 1916 // Failing case: Import RSA key but provide an inconsistent input algorithm. |
1917 EXPECT_STATUS(Status::Error(), | 1917 EXPECT_STATUS(Status::OperationError(), |
1918 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 1918 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
1919 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), | 1919 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), |
1920 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 1920 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
1921 true, | 1921 true, |
1922 blink::WebCryptoKeyUsageSign, | 1922 blink::WebCryptoKeyUsageSign, |
1923 &key)); | 1923 &key)); |
1924 } | 1924 } |
1925 | 1925 |
1926 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyPairRsa)) { | 1926 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyPairRsa)) { |
1927 // Note: using unrealistic short key lengths here to avoid bogging down tests. | 1927 // Note: using unrealistic short key lengths here to avoid bogging down tests. |
(...skipping 294 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2222 // Fail encrypt with a private key. | 2222 // Fail encrypt with a private key. |
2223 blink::WebArrayBuffer encrypted_data; | 2223 blink::WebArrayBuffer encrypted_data; |
2224 const std::string message_hex_str("0102030405060708090a0b0c0d0e0f"); | 2224 const std::string message_hex_str("0102030405060708090a0b0c0d0e0f"); |
2225 const std::vector<uint8> message_hex(HexStringToBytes(message_hex_str)); | 2225 const std::vector<uint8> message_hex(HexStringToBytes(message_hex_str)); |
2226 EXPECT_STATUS( | 2226 EXPECT_STATUS( |
2227 Status::ErrorUnexpectedKeyType(), | 2227 Status::ErrorUnexpectedKeyType(), |
2228 Encrypt( | 2228 Encrypt( |
2229 algorithm, private_key, CryptoData(message_hex), &encrypted_data)); | 2229 algorithm, private_key, CryptoData(message_hex), &encrypted_data)); |
2230 | 2230 |
2231 // Fail encrypt with empty message. | 2231 // Fail encrypt with empty message. |
2232 EXPECT_STATUS(Status::Error(), | 2232 EXPECT_STATUS(Status::ErrorDataTooSmall(), |
2233 Encrypt(algorithm, | 2233 Encrypt(algorithm, |
2234 public_key, | 2234 public_key, |
2235 CryptoData(std::vector<uint8>()), | 2235 CryptoData(std::vector<uint8>()), |
2236 &encrypted_data)); | 2236 &encrypted_data)); |
2237 | 2237 |
2238 // Fail encrypt with message too large. RSAES can operate on messages up to | 2238 // Fail encrypt with message too large. RSAES can operate on messages up to |
2239 // length of k - 11 bytes, where k is the octet length of the RSA modulus. | 2239 // length of k - 11 bytes, where k is the octet length of the RSA modulus. |
2240 const unsigned int kMaxMsgSizeBytes = kModulusLengthBits / 8 - 11; | 2240 const unsigned int kMaxMsgSizeBytes = kModulusLengthBits / 8 - 11; |
2241 EXPECT_STATUS( | 2241 EXPECT_STATUS( |
2242 Status::ErrorDataTooLarge(), | 2242 Status::ErrorDataTooLarge(), |
(...skipping 13 matching lines...) Expand all Loading... |
2256 Status::ErrorUnexpectedKeyType(), | 2256 Status::ErrorUnexpectedKeyType(), |
2257 Decrypt( | 2257 Decrypt( |
2258 algorithm, public_key, CryptoData(encrypted_data), &decrypted_data)); | 2258 algorithm, public_key, CryptoData(encrypted_data), &decrypted_data)); |
2259 | 2259 |
2260 // Corrupt encrypted data; ensure decrypt fails because padding was disrupted. | 2260 // Corrupt encrypted data; ensure decrypt fails because padding was disrupted. |
2261 std::vector<uint8> corrupted_data( | 2261 std::vector<uint8> corrupted_data( |
2262 static_cast<uint8*>(encrypted_data.data()), | 2262 static_cast<uint8*>(encrypted_data.data()), |
2263 static_cast<uint8*>(encrypted_data.data()) + encrypted_data.byteLength()); | 2263 static_cast<uint8*>(encrypted_data.data()) + encrypted_data.byteLength()); |
2264 corrupted_data[corrupted_data.size() / 2] ^= 0x01; | 2264 corrupted_data[corrupted_data.size() / 2] ^= 0x01; |
2265 EXPECT_STATUS( | 2265 EXPECT_STATUS( |
2266 Status::Error(), | 2266 Status::OperationError(), |
2267 Decrypt( | 2267 Decrypt( |
2268 algorithm, private_key, CryptoData(corrupted_data), &decrypted_data)); | 2268 algorithm, private_key, CryptoData(corrupted_data), &decrypted_data)); |
2269 | 2269 |
2270 // TODO(padolph): Are there other specific data corruption scenarios to | 2270 // TODO(padolph): Are there other specific data corruption scenarios to |
2271 // consider? | 2271 // consider? |
2272 | 2272 |
2273 // Do a successful decrypt with good data just for confirmation. | 2273 // Do a successful decrypt with good data just for confirmation. |
2274 EXPECT_STATUS_SUCCESS(Decrypt( | 2274 EXPECT_STATUS_SUCCESS(Decrypt( |
2275 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data)); | 2275 algorithm, private_key, CryptoData(encrypted_data), &decrypted_data)); |
2276 ExpectArrayBufferMatchesHex(message_hex_str, decrypted_data); | 2276 ExpectArrayBufferMatchesHex(message_hex_str, decrypted_data); |
(...skipping 223 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2500 CryptoData(HexStringToBytes(key_raw_hex_in)), | 2500 CryptoData(HexStringToBytes(key_raw_hex_in)), |
2501 algorithm, | 2501 algorithm, |
2502 true, | 2502 true, |
2503 blink::WebCryptoKeyUsageWrapKey, | 2503 blink::WebCryptoKeyUsageWrapKey, |
2504 &key)); | 2504 &key)); |
2505 EXPECT_STATUS_SUCCESS( | 2505 EXPECT_STATUS_SUCCESS( |
2506 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out)); | 2506 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out)); |
2507 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); | 2507 ExpectArrayBufferMatchesHex(key_raw_hex_in, key_raw_out); |
2508 | 2508 |
2509 // Fail import of 0 length key | 2509 // Fail import of 0 length key |
2510 EXPECT_STATUS(Status::Error(), | 2510 EXPECT_STATUS(Status::ErrorImportAesKeyLength(), |
2511 ImportKey(blink::WebCryptoKeyFormatRaw, | 2511 ImportKey(blink::WebCryptoKeyFormatRaw, |
2512 CryptoData(HexStringToBytes("")), | 2512 CryptoData(HexStringToBytes("")), |
2513 algorithm, | 2513 algorithm, |
2514 true, | 2514 true, |
2515 blink::WebCryptoKeyUsageWrapKey, | 2515 blink::WebCryptoKeyUsageWrapKey, |
2516 &key)); | 2516 &key)); |
2517 | 2517 |
2518 // Fail import of 124-bit KEK | 2518 // Fail import of 124-bit KEK |
2519 key_raw_hex_in = "3e4566a2bdaa10cb68134fa66c15ddb"; | 2519 key_raw_hex_in = "3e4566a2bdaa10cb68134fa66c15ddb"; |
2520 EXPECT_STATUS(Status::Error(), | 2520 EXPECT_STATUS(Status::ErrorImportAesKeyLength(), |
2521 ImportKey(blink::WebCryptoKeyFormatRaw, | 2521 ImportKey(blink::WebCryptoKeyFormatRaw, |
2522 CryptoData(HexStringToBytes(key_raw_hex_in)), | 2522 CryptoData(HexStringToBytes(key_raw_hex_in)), |
2523 algorithm, | 2523 algorithm, |
2524 true, | 2524 true, |
2525 blink::WebCryptoKeyUsageWrapKey, | 2525 blink::WebCryptoKeyUsageWrapKey, |
2526 &key)); | 2526 &key)); |
2527 | 2527 |
2528 // Fail import of 200-bit KEK | 2528 // Fail import of 200-bit KEK |
2529 key_raw_hex_in = "0a1d88608a5ad9fec64f1ada269ebab4baa2feeb8d95638c0e"; | 2529 key_raw_hex_in = "0a1d88608a5ad9fec64f1ada269ebab4baa2feeb8d95638c0e"; |
2530 EXPECT_STATUS(Status::Error(), | 2530 EXPECT_STATUS(Status::ErrorImportAesKeyLength(), |
2531 ImportKey(blink::WebCryptoKeyFormatRaw, | 2531 ImportKey(blink::WebCryptoKeyFormatRaw, |
2532 CryptoData(HexStringToBytes(key_raw_hex_in)), | 2532 CryptoData(HexStringToBytes(key_raw_hex_in)), |
2533 algorithm, | 2533 algorithm, |
2534 true, | 2534 true, |
2535 blink::WebCryptoKeyUsageWrapKey, | 2535 blink::WebCryptoKeyUsageWrapKey, |
2536 &key)); | 2536 &key)); |
2537 | 2537 |
2538 // Fail import of 260-bit KEK | 2538 // Fail import of 260-bit KEK |
2539 key_raw_hex_in = | 2539 key_raw_hex_in = |
2540 "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a"; | 2540 "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a"; |
2541 EXPECT_STATUS(Status::Error(), | 2541 EXPECT_STATUS(Status::ErrorImportAesKeyLength(), |
2542 ImportKey(blink::WebCryptoKeyFormatRaw, | 2542 ImportKey(blink::WebCryptoKeyFormatRaw, |
2543 CryptoData(HexStringToBytes(key_raw_hex_in)), | 2543 CryptoData(HexStringToBytes(key_raw_hex_in)), |
2544 algorithm, | 2544 algorithm, |
2545 true, | 2545 true, |
2546 blink::WebCryptoKeyUsageWrapKey, | 2546 blink::WebCryptoKeyUsageWrapKey, |
2547 &key)); | 2547 &key)); |
2548 } | 2548 } |
2549 | 2549 |
2550 TEST_F(SharedCryptoTest, MAYBE(UnwrapFailures)) { | 2550 TEST_F(SharedCryptoTest, MAYBE(UnwrapFailures)) { |
2551 // This test exercises the code path common to all unwrap operations. | 2551 // This test exercises the code path common to all unwrap operations. |
(...skipping 173 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2725 // Import the wrapping key. | 2725 // Import the wrapping key. |
2726 blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw( | 2726 blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw( |
2727 test_kek, | 2727 test_kek, |
2728 wrapping_algorithm, | 2728 wrapping_algorithm, |
2729 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey); | 2729 blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey); |
2730 | 2730 |
2731 // Unwrap of a corrupted version of the known ciphertext should fail, due to | 2731 // Unwrap of a corrupted version of the known ciphertext should fail, due to |
2732 // AES-KW's built-in integrity check. | 2732 // AES-KW's built-in integrity check. |
2733 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 2733 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
2734 EXPECT_STATUS( | 2734 EXPECT_STATUS( |
2735 Status::Error(), | 2735 Status::OperationError(), |
2736 UnwrapKey(blink::WebCryptoKeyFormatRaw, | 2736 UnwrapKey(blink::WebCryptoKeyFormatRaw, |
2737 CryptoData(Corrupted(test_ciphertext)), | 2737 CryptoData(Corrupted(test_ciphertext)), |
2738 wrapping_key, | 2738 wrapping_key, |
2739 wrapping_algorithm, | 2739 wrapping_algorithm, |
2740 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), | 2740 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), |
2741 true, | 2741 true, |
2742 blink::WebCryptoKeyUsageEncrypt, | 2742 blink::WebCryptoKeyUsageEncrypt, |
2743 &unwrapped_key)); | 2743 &unwrapped_key)); |
2744 } | 2744 } |
2745 | 2745 |
(...skipping 114 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2860 EXPECT_STATUS_SUCCESS(AesGcmDecrypt(key, | 2860 EXPECT_STATUS_SUCCESS(AesGcmDecrypt(key, |
2861 test_iv, | 2861 test_iv, |
2862 test_additional_data, | 2862 test_additional_data, |
2863 test_tag_size_bits, | 2863 test_tag_size_bits, |
2864 test_cipher_text, | 2864 test_cipher_text, |
2865 test_authentication_tag, | 2865 test_authentication_tag, |
2866 &plain_text)); | 2866 &plain_text)); |
2867 EXPECT_TRUE(ArrayBufferMatches(test_plain_text, plain_text)); | 2867 EXPECT_TRUE(ArrayBufferMatches(test_plain_text, plain_text)); |
2868 | 2868 |
2869 // Decryption should fail if any of the inputs are tampered with. | 2869 // Decryption should fail if any of the inputs are tampered with. |
2870 EXPECT_STATUS(Status::Error(), | 2870 EXPECT_STATUS(Status::OperationError(), |
2871 AesGcmDecrypt(key, | 2871 AesGcmDecrypt(key, |
2872 Corrupted(test_iv), | 2872 Corrupted(test_iv), |
2873 test_additional_data, | 2873 test_additional_data, |
2874 test_tag_size_bits, | 2874 test_tag_size_bits, |
2875 test_cipher_text, | 2875 test_cipher_text, |
2876 test_authentication_tag, | 2876 test_authentication_tag, |
2877 &plain_text)); | 2877 &plain_text)); |
2878 EXPECT_STATUS(Status::Error(), | 2878 EXPECT_STATUS(Status::OperationError(), |
2879 AesGcmDecrypt(key, | 2879 AesGcmDecrypt(key, |
2880 test_iv, | 2880 test_iv, |
2881 Corrupted(test_additional_data), | 2881 Corrupted(test_additional_data), |
2882 test_tag_size_bits, | 2882 test_tag_size_bits, |
2883 test_cipher_text, | 2883 test_cipher_text, |
2884 test_authentication_tag, | 2884 test_authentication_tag, |
2885 &plain_text)); | 2885 &plain_text)); |
2886 EXPECT_STATUS(Status::Error(), | 2886 EXPECT_STATUS(Status::OperationError(), |
2887 AesGcmDecrypt(key, | 2887 AesGcmDecrypt(key, |
2888 test_iv, | 2888 test_iv, |
2889 test_additional_data, | 2889 test_additional_data, |
2890 test_tag_size_bits, | 2890 test_tag_size_bits, |
2891 Corrupted(test_cipher_text), | 2891 Corrupted(test_cipher_text), |
2892 test_authentication_tag, | 2892 test_authentication_tag, |
2893 &plain_text)); | 2893 &plain_text)); |
2894 EXPECT_STATUS(Status::Error(), | 2894 EXPECT_STATUS(Status::OperationError(), |
2895 AesGcmDecrypt(key, | 2895 AesGcmDecrypt(key, |
2896 test_iv, | 2896 test_iv, |
2897 test_additional_data, | 2897 test_additional_data, |
2898 test_tag_size_bits, | 2898 test_tag_size_bits, |
2899 test_cipher_text, | 2899 test_cipher_text, |
2900 Corrupted(test_authentication_tag), | 2900 Corrupted(test_authentication_tag), |
2901 &plain_text)); | 2901 &plain_text)); |
2902 | 2902 |
2903 // Try different incorrect tag lengths | 2903 // Try different incorrect tag lengths |
2904 uint8 kAlternateTagLengths[] = {0, 8, 96, 120, 128, 160, 255}; | 2904 uint8 kAlternateTagLengths[] = {0, 8, 96, 120, 128, 160, 255}; |
(...skipping 341 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3246 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 3246 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
3247 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), | 3247 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), |
3248 algorithm, | 3248 algorithm, |
3249 false, | 3249 false, |
3250 blink::WebCryptoKeyUsageUnwrapKey, | 3250 blink::WebCryptoKeyUsageUnwrapKey, |
3251 &private_wrapping_key)); | 3251 &private_wrapping_key)); |
3252 | 3252 |
3253 // Treat the ciphertext as a wrapped key and try to unwrap it. Ensure a | 3253 // Treat the ciphertext as a wrapped key and try to unwrap it. Ensure a |
3254 // generic error is received. | 3254 // generic error is received. |
3255 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); | 3255 blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull(); |
3256 EXPECT_STATUS(Status::Error(), | 3256 EXPECT_STATUS(Status::OperationError(), |
3257 UnwrapKey(blink::WebCryptoKeyFormatJwk, | 3257 UnwrapKey(blink::WebCryptoKeyFormatJwk, |
3258 CryptoData(ciphertext), | 3258 CryptoData(ciphertext), |
3259 private_wrapping_key, | 3259 private_wrapping_key, |
3260 algorithm, | 3260 algorithm, |
3261 CreateAesCbcAlgorithm(std::vector<uint8>(0, 16)), | 3261 CreateAesCbcAlgorithm(std::vector<uint8>(0, 16)), |
3262 true, | 3262 true, |
3263 blink::WebCryptoKeyUsageEncrypt, | 3263 blink::WebCryptoKeyUsageEncrypt, |
3264 &unwrapped_key)); | 3264 &unwrapped_key)); |
3265 } | 3265 } |
3266 | 3266 |
3267 } // namespace webcrypto | 3267 } // namespace webcrypto |
3268 | 3268 |
3269 } // namespace content | 3269 } // namespace content |
OLD | NEW |