[webcrypto] Add decrypt() for AES-CBC.

content/renderer/webcrypto_impl_unittest.cc

Index: content/renderer/webcrypto_impl_unittest.cc
diff --git a/content/renderer/webcrypto_impl_unittest.cc b/content/renderer/webcrypto_impl_unittest.cc
index c23aa31dc90145094619308c84a2241f0d25833b..375f772a7d699d19440fb3cd4507792a3a3e9327 100644
--- a/content/renderer/webcrypto_impl_unittest.cc
+++ b/content/renderer/webcrypto_impl_unittest.cc
@@ -121,6 +121,15 @@ class WebCryptoImplTest : public testing::Test {
     return crypto_.EncryptInternal(algorithm, key, data, data_size, buffer);
   }
 
+  bool DecryptInternal(
+      const WebKit::WebCryptoAlgorithm& algorithm,
+      const WebKit::WebCryptoKey& key,
+      const unsigned char* data,
+      unsigned data_size,
+      WebKit::WebArrayBuffer* buffer) {
+    return crypto_.DecryptInternal(algorithm, key, data, data_size, buffer);
+  }
+
  private:
   WebCryptoImpl crypto_;
 };
@@ -315,7 +324,7 @@ TEST_F(WebCryptoImplTest, HMACSampleSets) {
   }
 }
 
-TEST_F(WebCryptoImplTest, AesCbcEncryptionFailures) {
+TEST_F(WebCryptoImplTest, AesCbcFailures) {
   WebKit::WebCryptoKey key = ImportSecretKeyFromRawHexString(
       "2b7e151628aed2a6abf7158809cf4f3c",
       CreateAlgorithm(WebKit::WebCryptoAlgorithmIdAesCbc),
@@ -325,24 +334,22 @@ TEST_F(WebCryptoImplTest, AesCbcEncryptionFailures) {
 
   // Use an invalid |iv| (fewer than 16 bytes)
   {
-    std::vector<uint8> plain_text(33);
+    std::vector<uint8> input(32);
     std::vector<uint8> iv;
-    EXPECT_FALSE(EncryptInternal(CreateAesCbcAlgorithm(iv),
-                                 key,
-                                 plain_text.data(),
-                                 plain_text.size(),
-                                 &output));
+    EXPECT_FALSE(EncryptInternal(
+        CreateAesCbcAlgorithm(iv), key, input.data(), input.size(), &output));
+    EXPECT_FALSE(DecryptInternal(
+        CreateAesCbcAlgorithm(iv), key, input.data(), input.size(), &output));
   }
 
   // Use an invalid |iv| (more than 16 bytes)
   {
-    std::vector<uint8> plain_text(33);
+    std::vector<uint8> input(32);
     std::vector<uint8> iv(17);
-    EXPECT_FALSE(EncryptInternal(CreateAesCbcAlgorithm(iv),
-                                 key,
-                                 plain_text.data(),
-                                 plain_text.size(),
-                                 &output));
+    EXPECT_FALSE(EncryptInternal(
+        CreateAesCbcAlgorithm(iv), key, input.data(), input.size(), &output));
+    EXPECT_FALSE(DecryptInternal(
+        CreateAesCbcAlgorithm(iv), key, input.data(), input.size(), &output));
   }
 
   // Give an input that is too large (would cause integer overflow when
@@ -353,11 +360,13 @@ TEST_F(WebCryptoImplTest, AesCbcEncryptionFailures) {
     // Pretend the input is large. Don't pass data pointer as NULL in case that
     // is special cased; the implementation shouldn't actually dereference the
     // data.
-    const unsigned char* plain_text = iv.data();
-    unsigned plain_text_len = INT_MAX - 3;
+    const unsigned char* input = iv.data();
+    unsigned input_len = INT_MAX - 3;
 
     EXPECT_FALSE(EncryptInternal(
-        CreateAesCbcAlgorithm(iv), key, plain_text, plain_text_len, &output));
+        CreateAesCbcAlgorithm(iv), key, input, input_len, &output));
+    EXPECT_FALSE(DecryptInternal(
+        CreateAesCbcAlgorithm(iv), key, input, input_len, &output));
   }
 
   // Fail importing the key (too few bytes specified)
@@ -470,13 +479,44 @@ TEST_F(WebCryptoImplTest, AesCbcSampleSets) {
 
     WebKit::WebArrayBuffer output;
 
+    // Test encryption.
     EXPECT_TRUE(EncryptInternal(CreateAesCbcAlgorithm(iv),
                                 key,
                                 plain_text.data(),
                                 plain_text.size(),
                                 &output));
-
     ExpectArrayBufferMatchesHex(test.cipher_text, output);
+
+    // Test decryption.
+    std::vector<uint8> cipher_text = HexStringToBytes(test.cipher_text);
+    EXPECT_TRUE(DecryptInternal(CreateAesCbcAlgorithm(iv),
+                                key,
+                                cipher_text.data(),
+                                cipher_text.size(),
+                                &output));
+    ExpectArrayBufferMatchesHex(test.plain_text, output);
+
+    const unsigned kAesCbcBlockSize = 16;
+
+    // Decrypt with a padding error by stripping the last block. This also ends
+    // up testing decryption over empty cipher text.
+    if (cipher_text.size() >= kAesCbcBlockSize) {
+      EXPECT_FALSE(DecryptInternal(CreateAesCbcAlgorithm(iv),

[Ryan Sleevi, 2013/09/25 20:36:14]

This reminds me: There should be a test for Encrypt with a 0 byte input buffer.
This is legal, and is used to 'randomize' the padding (since it effectively ends
up encrypting the IV).

[eroman, 2013/09/25 20:39:13]

The last test vector in AesCbcSampleSets does that (search for EmptyEncrypt). Is
this different from what you had in mind?

[Ryan Sleevi, 2013/09/25 20:41:05]

D'oh. Missed that. Yup.

+                                   key,
+                                   cipher_text.data(),
+                                   cipher_text.size() - kAesCbcBlockSize,
+                                   &output));
+    }
+
+    // Decrypt cipher text which is not block-aligned, by stripping a few bytes
+    // off the cipher text.
+    if (cipher_text.size() > 3) {
+      EXPECT_FALSE(DecryptInternal(CreateAesCbcAlgorithm(iv),
+                                   key,
+                                   cipher_text.data(),
+                                   cipher_text.size() - 3,
+                                   &output));
+    }
   }
 }