| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "webcrypto_impl.h" | 5 #include "webcrypto_impl.h" |
| 6 | 6 |
| 7 #include "base/basictypes.h" | 7 #include "base/basictypes.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/memory/ref_counted.h" | 9 #include "base/memory/ref_counted.h" |
| 10 #include "base/strings/string_number_conversions.h" | 10 #include "base/strings/string_number_conversions.h" |
| (...skipping 25 matching lines...) Expand all Loading... |
| 36 return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate(id, NULL); | 36 return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate(id, NULL); |
| 37 } | 37 } |
| 38 | 38 |
| 39 WebKit::WebCryptoAlgorithm CreateHmacAlgorithm( | 39 WebKit::WebCryptoAlgorithm CreateHmacAlgorithm( |
| 40 WebKit::WebCryptoAlgorithmId hashId) { | 40 WebKit::WebCryptoAlgorithmId hashId) { |
| 41 return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate( | 41 return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate( |
| 42 WebKit::WebCryptoAlgorithmIdHmac, | 42 WebKit::WebCryptoAlgorithmIdHmac, |
| 43 new WebKit::WebCryptoHmacParams(CreateAlgorithm(hashId))); | 43 new WebKit::WebCryptoHmacParams(CreateAlgorithm(hashId))); |
| 44 } | 44 } |
| 45 | 45 |
| 46 // Returns a pointer to the start of |data|, or NULL if it is empty. This is a |
| 47 // convenience function for getting the pointer, and should not be used beyond |
| 48 // the expected lifetime of |data|. |
| 49 const uint8* Start(const std::vector<uint8>& data) { |
| 50 if (data.empty()) |
| 51 return NULL; |
| 52 return &data[0]; |
| 53 } |
| 54 |
| 46 WebKit::WebCryptoAlgorithm CreateAesCbcAlgorithm( | 55 WebKit::WebCryptoAlgorithm CreateAesCbcAlgorithm( |
| 47 const std::vector<uint8>& iv) { | 56 const std::vector<uint8>& iv) { |
| 48 return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate( | 57 return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate( |
| 49 WebKit::WebCryptoAlgorithmIdAesCbc, | 58 WebKit::WebCryptoAlgorithmIdAesCbc, |
| 50 new WebKit::WebCryptoAesCbcParams(&iv[0], iv.size())); | 59 new WebKit::WebCryptoAesCbcParams(Start(iv), iv.size())); |
| 51 } | 60 } |
| 52 | 61 |
| 53 } // namespace | 62 } // namespace |
| 54 | 63 |
| 55 namespace content { | 64 namespace content { |
| 56 | 65 |
| 57 class WebCryptoImplTest : public testing::Test { | 66 class WebCryptoImplTest : public testing::Test { |
| 58 protected: | 67 protected: |
| 59 WebKit::WebCryptoKey ImportSecretKeyFromRawHexString( | 68 WebKit::WebCryptoKey ImportSecretKeyFromRawHexString( |
| 60 const std::string& key_hex, | 69 const std::string& key_hex, |
| 61 const WebKit::WebCryptoAlgorithm& algorithm, | 70 const WebKit::WebCryptoAlgorithm& algorithm, |
| 62 WebKit::WebCryptoKeyUsageMask usage) { | 71 WebKit::WebCryptoKeyUsageMask usage) { |
| 63 WebKit::WebCryptoKeyType type; | 72 WebKit::WebCryptoKeyType type; |
| 64 scoped_ptr<WebKit::WebCryptoKeyHandle> handle; | 73 scoped_ptr<WebKit::WebCryptoKeyHandle> handle; |
| 65 | 74 |
| 66 std::vector<uint8> key_raw = HexStringToBytes(key_hex); | 75 std::vector<uint8> key_raw = HexStringToBytes(key_hex); |
| 67 | 76 |
| 68 EXPECT_TRUE(crypto_.ImportKeyInternal(WebKit::WebCryptoKeyFormatRaw, | 77 EXPECT_TRUE(crypto_.ImportKeyInternal(WebKit::WebCryptoKeyFormatRaw, |
| 69 &key_raw[0], | 78 Start(key_raw), |
| 70 key_raw.size(), | 79 key_raw.size(), |
| 71 algorithm, | 80 algorithm, |
| 72 usage, | 81 usage, |
| 73 &handle, | 82 &handle, |
| 74 &type)); | 83 &type)); |
| 75 | 84 |
| 76 EXPECT_EQ(WebKit::WebCryptoKeyTypeSecret, type); | 85 EXPECT_EQ(WebKit::WebCryptoKeyTypeSecret, type); |
| 77 EXPECT_TRUE(handle.get()); | 86 EXPECT_TRUE(handle.get()); |
| 78 | 87 |
| 79 return WebKit::WebCryptoKey::create( | 88 return WebKit::WebCryptoKey::create( |
| 80 handle.release(), type, false, algorithm, usage); | 89 handle.release(), type, false, algorithm, usage); |
| 81 } | 90 } |
| 82 | 91 |
| 83 // Forwarding methods to gain access to protected methods of | 92 // Forwarding methods to gain access to protected methods of |
| 84 // WebCryptoImpl. | 93 // WebCryptoImpl. |
| 85 | 94 |
| 86 bool DigestInternal( | 95 bool DigestInternal( |
| 87 const WebKit::WebCryptoAlgorithm& algorithm, | 96 const WebKit::WebCryptoAlgorithm& algorithm, |
| 88 const unsigned char* data, | 97 const std::vector<uint8>& data, |
| 89 unsigned data_size, | |
| 90 WebKit::WebArrayBuffer* buffer) { | 98 WebKit::WebArrayBuffer* buffer) { |
| 91 return crypto_.DigestInternal(algorithm, data, data_size, buffer); | 99 return crypto_.DigestInternal(algorithm, Start(data), data.size(), buffer); |
| 92 } | 100 } |
| 93 | 101 |
| 94 bool ImportKeyInternal( | 102 bool ImportKeyInternal( |
| 95 WebKit::WebCryptoKeyFormat format, | 103 WebKit::WebCryptoKeyFormat format, |
| 96 const unsigned char* key_data, | 104 const std::vector<uint8>& key_data, |
| 97 unsigned key_data_size, | |
| 98 const WebKit::WebCryptoAlgorithm& algorithm, | 105 const WebKit::WebCryptoAlgorithm& algorithm, |
| 99 WebKit::WebCryptoKeyUsageMask usage_mask, | 106 WebKit::WebCryptoKeyUsageMask usage_mask, |
| 100 scoped_ptr<WebKit::WebCryptoKeyHandle>* handle, | 107 scoped_ptr<WebKit::WebCryptoKeyHandle>* handle, |
| 101 WebKit::WebCryptoKeyType* type) { | 108 WebKit::WebCryptoKeyType* type) { |
| 102 return crypto_.ImportKeyInternal( | 109 return crypto_.ImportKeyInternal(format, |
| 103 format, key_data, key_data_size, algorithm, usage_mask, handle, type); | 110 Start(key_data), |
| 111 key_data.size(), |
| 112 algorithm, |
| 113 usage_mask, |
| 114 handle, |
| 115 type); |
| 104 } | 116 } |
| 105 | 117 |
| 106 bool SignInternal( | 118 bool SignInternal( |
| 107 const WebKit::WebCryptoAlgorithm& algorithm, | 119 const WebKit::WebCryptoAlgorithm& algorithm, |
| 108 const WebKit::WebCryptoKey& key, | 120 const WebKit::WebCryptoKey& key, |
| 109 const unsigned char* data, | 121 const std::vector<uint8>& data, |
| 110 unsigned data_size, | |
| 111 WebKit::WebArrayBuffer* buffer) { | 122 WebKit::WebArrayBuffer* buffer) { |
| 112 return crypto_.SignInternal(algorithm, key, data, data_size, buffer); | 123 return crypto_.SignInternal( |
| 124 algorithm, key, Start(data), data.size(), buffer); |
| 113 } | 125 } |
| 114 | 126 |
| 115 bool VerifySignatureInternal( | 127 bool VerifySignatureInternal( |
| 116 const WebKit::WebCryptoAlgorithm& algorithm, | 128 const WebKit::WebCryptoAlgorithm& algorithm, |
| 117 const WebKit::WebCryptoKey& key, | 129 const WebKit::WebCryptoKey& key, |
| 118 const unsigned char* signature, | 130 const unsigned char* signature, |
| 119 unsigned signature_size, | 131 unsigned signature_size, |
| 120 const unsigned char* data, | 132 const std::vector<uint8>& data, |
| 121 unsigned data_size, | |
| 122 bool* signature_match) { | 133 bool* signature_match) { |
| 123 return crypto_.VerifySignatureInternal(algorithm, | 134 return crypto_.VerifySignatureInternal(algorithm, |
| 124 key, | 135 key, |
| 125 signature, | 136 signature, |
| 126 signature_size, | 137 signature_size, |
| 127 data, | 138 Start(data), |
| 128 data_size, | 139 data.size(), |
| 129 signature_match); | 140 signature_match); |
| 130 } | 141 } |
| 131 | 142 |
| 132 bool EncryptInternal( | 143 bool EncryptInternal( |
| 133 const WebKit::WebCryptoAlgorithm& algorithm, | 144 const WebKit::WebCryptoAlgorithm& algorithm, |
| 134 const WebKit::WebCryptoKey& key, | 145 const WebKit::WebCryptoKey& key, |
| 135 const unsigned char* data, | 146 const unsigned char* data, |
| 136 unsigned data_size, | 147 unsigned data_size, |
| 137 WebKit::WebArrayBuffer* buffer) { | 148 WebKit::WebArrayBuffer* buffer) { |
| 138 return crypto_.EncryptInternal(algorithm, key, data, data_size, buffer); | 149 return crypto_.EncryptInternal(algorithm, key, data, data_size, buffer); |
| 139 } | 150 } |
| 140 | 151 |
| 152 bool EncryptInternal( |
| 153 const WebKit::WebCryptoAlgorithm& algorithm, |
| 154 const WebKit::WebCryptoKey& key, |
| 155 const std::vector<uint8>& data, |
| 156 WebKit::WebArrayBuffer* buffer) { |
| 157 return crypto_.EncryptInternal( |
| 158 algorithm, key, Start(data), data.size(), buffer); |
| 159 } |
| 160 |
| 161 bool DecryptInternal( |
| 162 const WebKit::WebCryptoAlgorithm& algorithm, |
| 163 const WebKit::WebCryptoKey& key, |
| 164 const unsigned char* data, |
| 165 unsigned data_size, |
| 166 WebKit::WebArrayBuffer* buffer) { |
| 167 return crypto_.DecryptInternal(algorithm, key, data, data_size, buffer); |
| 168 } |
| 169 |
| 170 bool DecryptInternal( |
| 171 const WebKit::WebCryptoAlgorithm& algorithm, |
| 172 const WebKit::WebCryptoKey& key, |
| 173 const std::vector<uint8>& data, |
| 174 WebKit::WebArrayBuffer* buffer) { |
| 175 return crypto_.DecryptInternal( |
| 176 algorithm, key, Start(data), data.size(), buffer); |
| 177 } |
| 178 |
| 141 private: | 179 private: |
| 142 WebCryptoImpl crypto_; | 180 WebCryptoImpl crypto_; |
| 143 }; | 181 }; |
| 144 | 182 |
| 145 TEST_F(WebCryptoImplTest, DigestSampleSets) { | 183 TEST_F(WebCryptoImplTest, DigestSampleSets) { |
| 146 // The results are stored here in hex format for readability. | 184 // The results are stored here in hex format for readability. |
| 147 // | 185 // |
| 148 // TODO(bryaneyler): Eventually, all these sample test sets should be replaced | 186 // TODO(bryaneyler): Eventually, all these sample test sets should be replaced |
| 149 // with the sets here: http://csrc.nist.gov/groups/STM/cavp/index.html#03 | 187 // with the sets here: http://csrc.nist.gov/groups/STM/cavp/index.html#03 |
| 150 // | 188 // |
| (...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 211 | 249 |
| 212 for (size_t test_index = 0; test_index < ARRAYSIZE_UNSAFE(kTests); | 250 for (size_t test_index = 0; test_index < ARRAYSIZE_UNSAFE(kTests); |
| 213 ++test_index) { | 251 ++test_index) { |
| 214 SCOPED_TRACE(test_index); | 252 SCOPED_TRACE(test_index); |
| 215 const TestCase& test = kTests[test_index]; | 253 const TestCase& test = kTests[test_index]; |
| 216 | 254 |
| 217 WebKit::WebCryptoAlgorithm algorithm = CreateAlgorithm(test.algorithm); | 255 WebKit::WebCryptoAlgorithm algorithm = CreateAlgorithm(test.algorithm); |
| 218 std::vector<uint8> input = HexStringToBytes(test.hex_input); | 256 std::vector<uint8> input = HexStringToBytes(test.hex_input); |
| 219 | 257 |
| 220 WebKit::WebArrayBuffer output; | 258 WebKit::WebArrayBuffer output; |
| 221 ASSERT_TRUE(DigestInternal(algorithm, &input[0], input.size(), &output)); | 259 ASSERT_TRUE(DigestInternal(algorithm, input, &output)); |
| 222 ExpectArrayBufferMatchesHex(test.hex_result, output); | 260 ExpectArrayBufferMatchesHex(test.hex_result, output); |
| 223 } | 261 } |
| 224 } | 262 } |
| 225 | 263 |
| 226 TEST_F(WebCryptoImplTest, HMACSampleSets) { | 264 TEST_F(WebCryptoImplTest, HMACSampleSets) { |
| 227 struct TestCase { | 265 struct TestCase { |
| 228 WebKit::WebCryptoAlgorithmId algorithm; | 266 WebKit::WebCryptoAlgorithmId algorithm; |
| 229 const char* key; | 267 const char* key; |
| 230 const char* message; | 268 const char* message; |
| 231 const char* mac; | 269 const char* mac; |
| (...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 318 | 356 |
| 319 WebKit::WebCryptoAlgorithm algorithm = CreateHmacAlgorithm(test.algorithm); | 357 WebKit::WebCryptoAlgorithm algorithm = CreateHmacAlgorithm(test.algorithm); |
| 320 | 358 |
| 321 WebKit::WebCryptoKey key = ImportSecretKeyFromRawHexString( | 359 WebKit::WebCryptoKey key = ImportSecretKeyFromRawHexString( |
| 322 test.key, algorithm, WebKit::WebCryptoKeyUsageSign); | 360 test.key, algorithm, WebKit::WebCryptoKeyUsageSign); |
| 323 | 361 |
| 324 std::vector<uint8> message_raw = HexStringToBytes(test.message); | 362 std::vector<uint8> message_raw = HexStringToBytes(test.message); |
| 325 | 363 |
| 326 WebKit::WebArrayBuffer output; | 364 WebKit::WebArrayBuffer output; |
| 327 | 365 |
| 328 ASSERT_TRUE(SignInternal( | 366 ASSERT_TRUE(SignInternal(algorithm, key, message_raw, &output)); |
| 329 algorithm, key, &message_raw[0], message_raw.size(), &output)); | |
| 330 | 367 |
| 331 ExpectArrayBufferMatchesHex(test.mac, output); | 368 ExpectArrayBufferMatchesHex(test.mac, output); |
| 332 | 369 |
| 333 bool signature_match = false; | 370 bool signature_match = false; |
| 334 EXPECT_TRUE(VerifySignatureInternal( | 371 EXPECT_TRUE(VerifySignatureInternal( |
| 335 algorithm, | 372 algorithm, |
| 336 key, | 373 key, |
| 337 static_cast<const unsigned char*>(output.data()), | 374 static_cast<const unsigned char*>(output.data()), |
| 338 output.byteLength(), | 375 output.byteLength(), |
| 339 &message_raw[0], | 376 message_raw, |
| 340 message_raw.size(), | |
| 341 &signature_match)); | 377 &signature_match)); |
| 342 EXPECT_TRUE(signature_match); | 378 EXPECT_TRUE(signature_match); |
| 343 | 379 |
| 344 // Ensure truncated signature does not verify by passing one less byte. | 380 // Ensure truncated signature does not verify by passing one less byte. |
| 345 EXPECT_TRUE(VerifySignatureInternal( | 381 EXPECT_TRUE(VerifySignatureInternal( |
| 346 algorithm, | 382 algorithm, |
| 347 key, | 383 key, |
| 348 static_cast<const unsigned char*>(output.data()), | 384 static_cast<const unsigned char*>(output.data()), |
| 349 output.byteLength() - 1, | 385 output.byteLength() - 1, |
| 350 &message_raw[0], | 386 message_raw, |
| 351 message_raw.size(), | |
| 352 &signature_match)); | 387 &signature_match)); |
| 353 EXPECT_FALSE(signature_match); | 388 EXPECT_FALSE(signature_match); |
| 354 | 389 |
| 355 // Ensure extra long signature does not cause issues and fails. | 390 // Ensure extra long signature does not cause issues and fails. |
| 356 const unsigned char kLongSignature[1024] = { 0 }; | 391 const unsigned char kLongSignature[1024] = { 0 }; |
| 357 EXPECT_TRUE(VerifySignatureInternal( | 392 EXPECT_TRUE(VerifySignatureInternal( |
| 358 algorithm, | 393 algorithm, |
| 359 key, | 394 key, |
| 360 kLongSignature, | 395 kLongSignature, |
| 361 sizeof(kLongSignature), | 396 sizeof(kLongSignature), |
| 362 &message_raw[0], | 397 message_raw, |
| 363 message_raw.size(), | |
| 364 &signature_match)); | 398 &signature_match)); |
| 365 EXPECT_FALSE(signature_match); | 399 EXPECT_FALSE(signature_match); |
| 366 } | 400 } |
| 367 } | 401 } |
| 368 | 402 |
| 369 TEST_F(WebCryptoImplTest, AesCbcEncryptionFailures) { | 403 TEST_F(WebCryptoImplTest, AesCbcFailures) { |
| 370 WebKit::WebCryptoKey key = ImportSecretKeyFromRawHexString( | 404 WebKit::WebCryptoKey key = ImportSecretKeyFromRawHexString( |
| 371 "2b7e151628aed2a6abf7158809cf4f3c", | 405 "2b7e151628aed2a6abf7158809cf4f3c", |
| 372 CreateAlgorithm(WebKit::WebCryptoAlgorithmIdAesCbc), | 406 CreateAlgorithm(WebKit::WebCryptoAlgorithmIdAesCbc), |
| 373 WebKit::WebCryptoKeyUsageEncrypt | WebKit::WebCryptoKeyUsageDecrypt); | 407 WebKit::WebCryptoKeyUsageEncrypt | WebKit::WebCryptoKeyUsageDecrypt); |
| 374 | 408 |
| 375 WebKit::WebArrayBuffer output; | 409 WebKit::WebArrayBuffer output; |
| 376 | 410 |
| 377 // Use an invalid |iv| (fewer than 16 bytes) | 411 // Use an invalid |iv| (fewer than 16 bytes) |
| 378 { | 412 { |
| 379 std::vector<uint8> plain_text(33); | 413 std::vector<uint8> input(32); |
| 380 std::vector<uint8> iv; | 414 std::vector<uint8> iv; |
| 381 EXPECT_FALSE(EncryptInternal(CreateAesCbcAlgorithm(iv), | 415 EXPECT_FALSE( |
| 382 key, | 416 EncryptInternal(CreateAesCbcAlgorithm(iv), key, input, &output)); |
| 383 &plain_text[0], | 417 EXPECT_FALSE( |
| 384 plain_text.size(), | 418 DecryptInternal(CreateAesCbcAlgorithm(iv), key, input, &output)); |
| 385 &output)); | |
| 386 } | 419 } |
| 387 | 420 |
| 388 // Use an invalid |iv| (more than 16 bytes) | 421 // Use an invalid |iv| (more than 16 bytes) |
| 389 { | 422 { |
| 390 std::vector<uint8> plain_text(33); | 423 std::vector<uint8> input(32); |
| 391 std::vector<uint8> iv(17); | 424 std::vector<uint8> iv(17); |
| 392 EXPECT_FALSE(EncryptInternal(CreateAesCbcAlgorithm(iv), | 425 EXPECT_FALSE( |
| 393 key, | 426 EncryptInternal(CreateAesCbcAlgorithm(iv), key, input, &output)); |
| 394 &plain_text[0], | 427 EXPECT_FALSE( |
| 395 plain_text.size(), | 428 DecryptInternal(CreateAesCbcAlgorithm(iv), key, input, &output)); |
| 396 &output)); | |
| 397 } | 429 } |
| 398 | 430 |
| 399 // Give an input that is too large (would cause integer overflow when | 431 // Give an input that is too large (would cause integer overflow when |
| 400 // narrowing to an int). | 432 // narrowing to an int). |
| 401 { | 433 { |
| 402 std::vector<uint8> iv(16); | 434 std::vector<uint8> iv(16); |
| 403 | 435 |
| 404 // Pretend the input is large. Don't pass data pointer as NULL in case that | 436 // Pretend the input is large. Don't pass data pointer as NULL in case that |
| 405 // is special cased; the implementation shouldn't actually dereference the | 437 // is special cased; the implementation shouldn't actually dereference the |
| 406 // data. | 438 // data. |
| 407 const unsigned char* plain_text = &iv[0]; | 439 const unsigned char* input = &iv[0]; |
| 408 unsigned plain_text_len = INT_MAX - 3; | 440 unsigned input_len = INT_MAX - 3; |
| 409 | 441 |
| 410 EXPECT_FALSE(EncryptInternal( | 442 EXPECT_FALSE(EncryptInternal( |
| 411 CreateAesCbcAlgorithm(iv), key, plain_text, plain_text_len, &output)); | 443 CreateAesCbcAlgorithm(iv), key, input, input_len, &output)); |
| 444 EXPECT_FALSE(DecryptInternal( |
| 445 CreateAesCbcAlgorithm(iv), key, input, input_len, &output)); |
| 412 } | 446 } |
| 413 | 447 |
| 414 // Fail importing the key (too few bytes specified) | 448 // Fail importing the key (too few bytes specified) |
| 415 { | 449 { |
| 416 WebKit::WebCryptoKeyType type; | 450 WebKit::WebCryptoKeyType type; |
| 417 scoped_ptr<WebKit::WebCryptoKeyHandle> handle; | 451 scoped_ptr<WebKit::WebCryptoKeyHandle> handle; |
| 418 | 452 |
| 419 std::vector<uint8> key_raw(1); | 453 std::vector<uint8> key_raw(1); |
| 420 std::vector<uint8> iv(16); | 454 std::vector<uint8> iv(16); |
| 421 | 455 |
| 422 EXPECT_FALSE(ImportKeyInternal(WebKit::WebCryptoKeyFormatRaw, | 456 EXPECT_FALSE(ImportKeyInternal(WebKit::WebCryptoKeyFormatRaw, |
| 423 &key_raw[0], | 457 key_raw, |
| 424 key_raw.size(), | |
| 425 CreateAesCbcAlgorithm(iv), | 458 CreateAesCbcAlgorithm(iv), |
| 426 WebKit::WebCryptoKeyUsageDecrypt, | 459 WebKit::WebCryptoKeyUsageDecrypt, |
| 427 &handle, | 460 &handle, |
| 428 &type)); | 461 &type)); |
| 429 } | 462 } |
| 430 } | 463 } |
| 431 | 464 |
| 432 TEST_F(WebCryptoImplTest, AesCbcSampleSets) { | 465 TEST_F(WebCryptoImplTest, AesCbcSampleSets) { |
| 433 struct TestCase { | 466 struct TestCase { |
| 434 const char* key; | 467 const char* key; |
| (...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 514 WebKit::WebCryptoKey key = ImportSecretKeyFromRawHexString( | 547 WebKit::WebCryptoKey key = ImportSecretKeyFromRawHexString( |
| 515 test.key, | 548 test.key, |
| 516 CreateAlgorithm(WebKit::WebCryptoAlgorithmIdAesCbc), | 549 CreateAlgorithm(WebKit::WebCryptoAlgorithmIdAesCbc), |
| 517 WebKit::WebCryptoKeyUsageEncrypt | WebKit::WebCryptoKeyUsageDecrypt); | 550 WebKit::WebCryptoKeyUsageEncrypt | WebKit::WebCryptoKeyUsageDecrypt); |
| 518 | 551 |
| 519 std::vector<uint8> plain_text = HexStringToBytes(test.plain_text); | 552 std::vector<uint8> plain_text = HexStringToBytes(test.plain_text); |
| 520 std::vector<uint8> iv = HexStringToBytes(test.iv); | 553 std::vector<uint8> iv = HexStringToBytes(test.iv); |
| 521 | 554 |
| 522 WebKit::WebArrayBuffer output; | 555 WebKit::WebArrayBuffer output; |
| 523 | 556 |
| 557 // Test encryption. |
| 524 EXPECT_TRUE(EncryptInternal(CreateAesCbcAlgorithm(iv), | 558 EXPECT_TRUE(EncryptInternal(CreateAesCbcAlgorithm(iv), |
| 525 key, | 559 key, |
| 526 &plain_text[0], | 560 plain_text, |
| 527 plain_text.size(), | |
| 528 &output)); | 561 &output)); |
| 562 ExpectArrayBufferMatchesHex(test.cipher_text, output); |
| 529 | 563 |
| 530 ExpectArrayBufferMatchesHex(test.cipher_text, output); | 564 // Test decryption. |
| 565 std::vector<uint8> cipher_text = HexStringToBytes(test.cipher_text); |
| 566 EXPECT_TRUE(DecryptInternal(CreateAesCbcAlgorithm(iv), |
| 567 key, |
| 568 cipher_text, |
| 569 &output)); |
| 570 ExpectArrayBufferMatchesHex(test.plain_text, output); |
| 571 |
| 572 const unsigned kAesCbcBlockSize = 16; |
| 573 |
| 574 // Decrypt with a padding error by stripping the last block. This also ends |
| 575 // up testing decryption over empty cipher text. |
| 576 if (cipher_text.size() >= kAesCbcBlockSize) { |
| 577 EXPECT_FALSE(DecryptInternal(CreateAesCbcAlgorithm(iv), |
| 578 key, |
| 579 &cipher_text[0], |
| 580 cipher_text.size() - kAesCbcBlockSize, |
| 581 &output)); |
| 582 } |
| 583 |
| 584 // Decrypt cipher text which is not a multiple of block size by stripping |
| 585 // a few bytes off the cipher text. |
| 586 if (cipher_text.size() > 3) { |
| 587 EXPECT_FALSE(DecryptInternal(CreateAesCbcAlgorithm(iv), |
| 588 key, |
| 589 &cipher_text[0], |
| 590 cipher_text.size() - 3, |
| 591 &output)); |
| 592 } |
| 531 } | 593 } |
| 532 } | 594 } |
| 533 | 595 |
| 534 } // namespace content | 596 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 24656002:
[webcrypto] Add decrypt() for AES-CBC. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src