[webcrypto] Add JWK import for HMAC and AES-CBC key.

content/renderer/webcrypto/webcrypto_impl_unittest.cc

Index: content/renderer/webcrypto/webcrypto_impl_unittest.cc
diff --git a/content/renderer/webcrypto/webcrypto_impl_unittest.cc b/content/renderer/webcrypto/webcrypto_impl_unittest.cc
index 503bdb8c9ffaf327bab4413ecc43091a06872360..428580942b294b661a07f803e21198d8bd68ba9e 100644
--- a/content/renderer/webcrypto/webcrypto_impl_unittest.cc
+++ b/content/renderer/webcrypto/webcrypto_impl_unittest.cc
@@ -5,12 +5,14 @@
 #include "webcrypto_impl.h"
 
 #include "base/basictypes.h"
+#include "base/json/json_writer.h"
 #include "base/logging.h"
 #include "base/memory/ref_counted.h"
 #include "base/strings/string_number_conversions.h"
 #include "content/public/renderer/content_renderer_client.h"
 #include "content/renderer/renderer_webkitplatformsupport_impl.h"
 #include "content/renderer/webcrypto/webcrypto_impl.h"
+#include "content/renderer/webcrypto/webcrypto_util.h"
 #include "testing/gtest/include/gtest/gtest.h"
 #include "third_party/WebKit/public/platform/WebArrayBuffer.h"
 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h"
@@ -33,49 +35,24 @@ void ExpectArrayBufferMatchesHex(const std::string& expected_hex,
           array_buffer.data(), array_buffer.byteLength()).c_str());
 }
 
-WebKit::WebCryptoAlgorithm CreateAlgorithm(WebKit::WebCryptoAlgorithmId id) {
-  return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate(id, NULL);
+std::vector<uint8> MakeJsonVector(const std::string& json_string) {
+  return std::vector<uint8>(json_string.begin(), json_string.end());
 }
 
-WebKit::WebCryptoAlgorithm CreateHmacAlgorithm(
-    WebKit::WebCryptoAlgorithmId hashId) {
-  return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate(
-      WebKit::WebCryptoAlgorithmIdHmac,
-      new WebKit::WebCryptoHmacParams(CreateAlgorithm(hashId)));
-}
-
-WebKit::WebCryptoAlgorithm CreateHmacKeyAlgorithm(
-    WebKit::WebCryptoAlgorithmId hashId,
-    unsigned hash_length) {
-  // hash_length < 0 means unspecified
-  return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate(
-      WebKit::WebCryptoAlgorithmIdHmac,
-      new WebKit::WebCryptoHmacKeyParams(CreateAlgorithm(hashId),
-                                         (hash_length != 0),
-                                         hash_length));
-}
-
-// Returns a pointer to the start of |data|, or NULL if it is empty. This is a
-// convenience function for getting the pointer, and should not be used beyond
-// the expected lifetime of |data|.
-const uint8* Start(const std::vector<uint8>& data) {
-  if (data.empty())
-    return NULL;
-  return &data[0];
-}
-
-WebKit::WebCryptoAlgorithm CreateAesCbcAlgorithm(
-    const std::vector<uint8>& iv) {
-  return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate(
-      WebKit::WebCryptoAlgorithmIdAesCbc,
-      new WebKit::WebCryptoAesCbcParams(Start(iv), iv.size()));
+std::vector<uint8> MakeJsonVector(const base::DictionaryValue& dict) {
+  std::string json;
+  base::JSONWriter::Write(&dict, &json);
+  return MakeJsonVector(json);
 }
 
-WebKit::WebCryptoAlgorithm CreateAesCbcAlgorithm(
-    unsigned short key_length_bits) {
-  return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate(
-      WebKit::WebCryptoAlgorithmIdAesCbc,
-      new WebKit::WebCryptoAesKeyGenParams(key_length_bits));
+// Helper for ImportJwkBadJwk; restores JWK JSON dictionary to a good state
+void RestoreDictionaryForImportBadJwkTest(base::DictionaryValue* dict) {
+  dict->Clear();
+  dict->SetString("kty", "oct");
+  dict->SetString("alg", "A128CBC");
+  dict->SetString("use", "enc");
+  dict->SetBoolean("extractable", false);
+  dict->SetString("k", "GADWrMRHwQfoNaXU5fZvTg==");
 }
 
 WebKit::WebCryptoAlgorithm CreateRsaAlgorithm(
@@ -88,7 +65,9 @@ WebKit::WebCryptoAlgorithm CreateRsaAlgorithm(
   return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate(
       algorithm_id,
       new WebKit::WebCryptoRsaKeyGenParams(
-          modulus_length, Start(public_exponent), public_exponent.size()));
+          modulus_length,
+          content::Start(public_exponent),

[eroman, 2013/11/07 20:54:37]

remove the "content::" prefix (we are already in content namespace).

[eroman, 2013/11/09 02:22:14]

Ah my mistake. Thanks for wrapping this section in content:: too.

+          public_exponent.size()));
 }
 
 }  // namespace
@@ -223,6 +202,20 @@ class WebCryptoImplTest : public testing::Test {
         algorithm, key, Start(data), data.size(), buffer);
   }
 
+  bool ImportKeyJwk(
+      const std::vector<uint8>& key_data,
+      const WebKit::WebCryptoAlgorithm& algorithm,
+      bool extractable,
+      WebKit::WebCryptoKeyUsageMask usage_mask,
+      WebKit::WebCryptoKey* key) {
+    return crypto_.ImportKeyJwk(Start(key_data),
+                                key_data.size(),
+                                algorithm,
+                                extractable,
+                                usage_mask,
+                                key);
+  }
+
  private:
   WebCryptoImpl crypto_;
 };
@@ -401,7 +394,8 @@ TEST_F(WebCryptoImplTest, HMACSampleSets) {
     SCOPED_TRACE(test_index);
     const TestCase& test = kTests[test_index];
 
-    WebKit::WebCryptoAlgorithm algorithm = CreateHmacAlgorithm(test.algorithm);
+    WebKit::WebCryptoAlgorithm algorithm =
+        CreateHmacAlgorithmByHashId(test.algorithm);
 
     WebKit::WebCryptoKey key = ImportSecretKeyFromRawHexString(
         test.key, algorithm, WebKit::WebCryptoKeyUsageSign);
@@ -447,6 +441,8 @@ TEST_F(WebCryptoImplTest, HMACSampleSets) {
   }
 }
 
+#if !defined(USE_OPENSSL)
+
 TEST_F(WebCryptoImplTest, AesCbcFailures) {
   WebKit::WebCryptoKey key = ImportSecretKeyFromRawHexString(
       "2b7e151628aed2a6abf7158809cf4f3c",
@@ -642,21 +638,26 @@ TEST_F(WebCryptoImplTest, AesCbcSampleSets) {
 
 TEST_F(WebCryptoImplTest, GenerateKeyAes) {
   WebKit::WebCryptoKey key = WebKit::WebCryptoKey::createNull();
-  ASSERT_TRUE(GenerateKeyInternal(CreateAesCbcAlgorithm(128), &key));
+  ASSERT_TRUE(GenerateKeyInternal(CreateAesCbcKeyGenAlgorithm(128), &key));
   EXPECT_TRUE(key.handle());
   EXPECT_EQ(WebKit::WebCryptoKeyTypeSecret, key.type());
 }
 
 TEST_F(WebCryptoImplTest, GenerateKeyAesBadLength) {
   WebKit::WebCryptoKey key = WebKit::WebCryptoKey::createNull();
-  EXPECT_FALSE(GenerateKeyInternal(CreateAesCbcAlgorithm(0), &key));
-  EXPECT_FALSE(GenerateKeyInternal(CreateAesCbcAlgorithm(129), &key));
+  EXPECT_FALSE(
+      GenerateKeyInternal(CreateAesCbcKeyGenAlgorithm(0), &key));
+  EXPECT_FALSE(
+      GenerateKeyInternal(CreateAesCbcKeyGenAlgorithm(0), &key));
+  EXPECT_FALSE(
+      GenerateKeyInternal(CreateAesCbcKeyGenAlgorithm(129), &key));
 }
 
+
 TEST_F(WebCryptoImplTest, GenerateKeyHmac) {
   WebKit::WebCryptoKey key = WebKit::WebCryptoKey::createNull();
   WebKit::WebCryptoAlgorithm algorithm =
-      CreateHmacKeyAlgorithm(WebKit::WebCryptoAlgorithmIdSha1, 128);
+      CreateHmacKeyGenAlgorithm(WebKit::WebCryptoAlgorithmIdSha1, 128);
   ASSERT_TRUE(GenerateKeyInternal(algorithm, &key));
   EXPECT_TRUE(key.handle());
   EXPECT_EQ(WebKit::WebCryptoKeyTypeSecret, key.type());
@@ -665,7 +666,7 @@ TEST_F(WebCryptoImplTest, GenerateKeyHmac) {
 TEST_F(WebCryptoImplTest, GenerateKeyHmacNoLength) {
   WebKit::WebCryptoKey key = WebKit::WebCryptoKey::createNull();
   WebKit::WebCryptoAlgorithm algorithm =
-      CreateHmacKeyAlgorithm(WebKit::WebCryptoAlgorithmIdSha1, 0);
+      CreateHmacKeyGenAlgorithm(WebKit::WebCryptoAlgorithmIdSha1, 0);
   ASSERT_TRUE(GenerateKeyInternal(algorithm, &key));
   EXPECT_TRUE(key.handle());
   EXPECT_EQ(WebKit::WebCryptoKeyTypeSecret, key.type());
@@ -683,6 +684,240 @@ TEST_F(WebCryptoImplTest, ImportSecretKeyNoAlgorithm) {
       &key));
 }
 
+#endif  //#if !defined(USE_OPENSSL)
+
+TEST_F(WebCryptoImplTest, ImportJwkBadJwk) {
+
+  WebKit::WebCryptoKey key = WebKit::WebCryptoKey::createNull();
+  WebKit::WebCryptoAlgorithm algorithm =
+      CreateAesCbcAlgorithm(std::vector<uint8>());

[eroman, 2013/11/07 20:54:37]

or CreateAlgorithm(WebKit::WebCryptoAlgorithmIdAesCbc), since there doesn't need
to be any parameters.

[padolph, 2013/11/09 00:33:38]

Done.

+  WebKit::WebCryptoKeyUsageMask usage_mask = WebKit::WebCryptoKeyUsageEncrypt;
+
+  // Baseline pass: each test below breaks a single item, so we start with a
+  // passing case to make sure each failure is caused by the isolated break.
+  // Each breaking subtest below resets the dictionary to this passing case when
+  // complete.
+  base::DictionaryValue dict;
+  RestoreDictionaryForImportBadJwkTest(&dict);
+  std::vector<uint8> json_vec = MakeJsonVector(dict);
+  EXPECT_TRUE(ImportKeyJwk(json_vec, algorithm, false, usage_mask, &key));
+
+  // Fail on empty JSON.
+  EXPECT_FALSE(ImportKeyJwk(
+      MakeJsonVector(""), algorithm, false, usage_mask, &key));
+
+  // Fail on invalid JSON.
+  const std::vector<uint8> bad_json_vec = MakeJsonVector(
+      "{"
+        "\"kty\"         : \"oct\","
+        "\"alg\"         : \"HS256\","
+        "\"use\"         : "
+  );
+  EXPECT_FALSE(ImportKeyJwk(bad_json_vec, algorithm, false, usage_mask, &key));
+
+  // Fail on JWK alg present but unrecognized.
+  dict.SetString("alg", "A127CBC");
+  json_vec = MakeJsonVector(dict);
+  EXPECT_FALSE(ImportKeyJwk(json_vec, algorithm, false, usage_mask, &key));
+  RestoreDictionaryForImportBadJwkTest(&dict);
+
+  // Fail on both JWK and input algorithm missing.
+  dict.Remove("alg", NULL);
+  json_vec = MakeJsonVector(dict);
+  EXPECT_FALSE(ImportKeyJwk(json_vec,
+                            WebKit::WebCryptoAlgorithm::createNull(),
+                            false,
+                            usage_mask,
+                            &key));
+  RestoreDictionaryForImportBadJwkTest(&dict);
+
+  // Fail on invalid kty.
+  dict.SetString("kty", "foo");
+  json_vec = MakeJsonVector(dict);
+  EXPECT_FALSE(ImportKeyJwk(json_vec, algorithm, false, usage_mask, &key));
+  RestoreDictionaryForImportBadJwkTest(&dict);
+
+  // Fail on missing kty.
+  dict.Remove("kty", NULL);
+  json_vec = MakeJsonVector(dict);
+  EXPECT_FALSE(ImportKeyJwk(json_vec, algorithm, false, usage_mask, &key));
+  RestoreDictionaryForImportBadJwkTest(&dict);
+
+  // Fail on invalid use.
+  dict.SetString("use", "foo");
+  json_vec = MakeJsonVector(dict);
+  EXPECT_FALSE(ImportKeyJwk(json_vec, algorithm, false, usage_mask, &key));
+  RestoreDictionaryForImportBadJwkTest(&dict);
+
+  // Fail on missing k when kty = "oct".
+  dict.Remove("k", NULL);
+  json_vec = MakeJsonVector(dict);
+  EXPECT_FALSE(ImportKeyJwk(json_vec, algorithm, false, usage_mask, &key));
+  RestoreDictionaryForImportBadJwkTest(&dict);
+
+  // Fail on bad b64 encoding for k.
+  dict.SetString("k", "Qk3f0DsytU8lfza2au #$% Htaw2xpop9GYyTuH0p5GghxTI=");
+  json_vec = MakeJsonVector(dict);
+  EXPECT_FALSE(ImportKeyJwk(json_vec, algorithm, false, usage_mask, &key));
+  RestoreDictionaryForImportBadJwkTest(&dict);
+
+  // Fail on empty k.
+  dict.SetString("k", "");
+  json_vec = MakeJsonVector(dict);
+  EXPECT_FALSE(ImportKeyJwk(json_vec, algorithm, false, usage_mask, &key));
+  RestoreDictionaryForImportBadJwkTest(&dict);
+
+  // Fail on k actual length (120 bits) inconsistent with the embedded JWK alg
+  // value (128) for an AES key.
+  dict.SetString("k", "AVj42h0Y5aqGtE3yluKL");
+  json_vec = MakeJsonVector(dict);
+  EXPECT_FALSE(ImportKeyJwk(json_vec, algorithm, false, usage_mask, &key));
+  RestoreDictionaryForImportBadJwkTest(&dict);
+
+  // TODO(padolph) RSA public key bad data:
+  // Missing n or e when kty = "RSA"
+  // Bad encoding for n or e
+  // Size check on n??
+  // Value check on e??
+}
+
+TEST_F(WebCryptoImplTest, ImportJwkInputInconsistent) {
+  // The Web Crypto spec says that if a JWK value is present, but is
+  // inconsistent with the input value, the operation must fail.
+
+  // Consistency rules when JWK value is not present: Inputs should be used.
+  WebKit::WebCryptoKey key = WebKit::WebCryptoKey::createNull();
+  bool extractable = true;
+  WebKit::WebCryptoAlgorithm algorithm =
+      CreateHmacAlgorithmByHashId(WebKit::WebCryptoAlgorithmIdSha256);
+  WebKit::WebCryptoKeyUsageMask usage_mask = WebKit::WebCryptoKeyUsageVerify;
+  base::DictionaryValue dict;
+  dict.SetString("kty", "oct");
+  dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg");
+  std::vector<uint8> json_vec = MakeJsonVector(dict);
+  EXPECT_TRUE(ImportKeyJwk(json_vec, algorithm, extractable, usage_mask, &key));
+  EXPECT_TRUE(key.handle());
+  EXPECT_EQ(WebKit::WebCryptoKeyTypeSecret, key.type());
+  EXPECT_EQ(extractable, key.extractable());
+  EXPECT_EQ(WebKit::WebCryptoAlgorithmIdHmac, key.algorithm().id());
+  EXPECT_EQ(WebKit::WebCryptoAlgorithmIdSha256,
+            key.algorithm().hmacParams()->hash().id());
+  EXPECT_EQ(WebKit::WebCryptoKeyUsageVerify, key.usages());
+  key = WebKit::WebCryptoKey::createNull();
+
+  // Consistency rules when JWK value exists: Fail if inconsistency is found.
+  // Happy path: all input values are consistent with the JWK values.
+  dict.Clear();
+  dict.SetString("kty", "oct");
+  dict.SetString("alg", "HS256");
+  dict.SetString("use", "sig");
+  dict.SetBoolean("extractable", true);
+  dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg");
+  json_vec = MakeJsonVector(dict);
+  EXPECT_TRUE(ImportKeyJwk(
+      json_vec, algorithm, extractable, usage_mask, &key));
+
+  // Fail: Input extractable (false) is inconsistent with JWK value (true).

[eroman, 2013/11/07 20:54:37]

Thanks for the test! As mentioned in other comment, my interpretation is that
this is in fact "consistent".

If you disagree then no change necessary.

[padolph, 2013/11/09 00:33:38]

I changed the logic and added new tests that match your interpretation. Please
take a look.

+  EXPECT_FALSE(
+      ImportKeyJwk(json_vec, algorithm, false, usage_mask, &key));
+
+  // Fail: Input algorithm (AES-CBC) is inconsistent with JWK value
+  // (HMAC SHA256).
+  EXPECT_FALSE(ImportKeyJwk(json_vec,
+                            CreateAlgorithm(WebKit::WebCryptoAlgorithmIdAesCbc),
+                            extractable,
+                            usage_mask,
+                            &key));
+
+  // Fail: Input algorithm (HMAC SHA1) is inconsistent with JWK value
+  // (HMAC SHA256).
+  EXPECT_FALSE(ImportKeyJwk(
+      json_vec,
+      CreateHmacAlgorithmByHashId(WebKit::WebCryptoAlgorithmIdSha1),
+      extractable,
+      usage_mask,
+      &key));
+
+  // Pass: JWK alg valid but input algorithm isNull: use JWK algorithm value.
+  EXPECT_TRUE(ImportKeyJwk(json_vec,
+                           WebKit::WebCryptoAlgorithm::createNull(),
+                           extractable,
+                           usage_mask,
+                           &key));
+  EXPECT_EQ(WebKit::WebCryptoAlgorithmIdHmac, algorithm.id());
+
+  // Pass: JWK alg missing but input algorithm specified: use input value
+  dict.Remove("alg", NULL);
+  EXPECT_TRUE(ImportKeyJwk(
+      MakeJsonVector(dict),
+      CreateHmacAlgorithmByHashId(WebKit::WebCryptoAlgorithmIdSha256),
+      extractable,
+      usage_mask,
+      &key));
+  EXPECT_EQ(WebKit::WebCryptoAlgorithmIdHmac, algorithm.id());
+  dict.SetString("alg", "HS256");
+
+  // Fail: Input usage_mask (encrypt) is not a subset of the JWK value
+  // (sign|verify)
+  EXPECT_FALSE(ImportKeyJwk(json_vec,
+                            algorithm,
+                            extractable,
+                            WebKit::WebCryptoKeyUsageEncrypt,
+                            &key));
+
+  // Fail: Input usage_mask (encrypt|sign|verify) is not a subset of the JWK
+  // value (sign|verify)
+  usage_mask = WebKit::WebCryptoKeyUsageEncrypt |
+               WebKit::WebCryptoKeyUsageSign | WebKit::WebCryptoKeyUsageVerify;
+  EXPECT_FALSE(ImportKeyJwk(
+      json_vec, algorithm, extractable, usage_mask, &key));
+  usage_mask = WebKit::WebCryptoKeyUsageSign | WebKit::WebCryptoKeyUsageVerify;
+}
+
+TEST_F(WebCryptoImplTest, ImportJwkHappy) {
+
+  // This test verifies the happy path of JWK import, including the application
+  // of the imported key material.
+
+  WebKit::WebCryptoKey key = WebKit::WebCryptoKey::createNull();
+  bool extractable = false;
+  WebKit::WebCryptoAlgorithm algorithm =
+      CreateHmacAlgorithmByHashId(WebKit::WebCryptoAlgorithmIdSha256);
+  WebKit::WebCryptoKeyUsageMask usage_mask = WebKit::WebCryptoKeyUsageSign;
+
+  // Import a symmetric key JWK and HMAC-SHA256 sign()
+  // Uses the first SHA256 test vector from the HMAC sample set above.
+
+  base::DictionaryValue dict;
+  dict.SetString("kty", "oct");
+  dict.SetString("alg", "HS256");
+  dict.SetString("use", "sig");
+  dict.SetBoolean("extractable", false);
+  dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg");
+  std::vector<uint8> json_vec = MakeJsonVector(dict);
+
+  ASSERT_TRUE(ImportKeyJwk(
+      json_vec, algorithm, extractable, usage_mask, &key));
+
+  const std::vector<uint8> message_raw = HexStringToBytes(
+      "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a"
+      "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92"
+      "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f"
+      "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e");
+
+  WebKit::WebArrayBuffer output;
+
+  ASSERT_TRUE(SignInternal(algorithm, key, message_raw, &output));
+
+  const std::string mac_raw =
+      "769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b";
+
+  ExpectArrayBufferMatchesHex(mac_raw, output);
+
+  // TODO(padolph)
+  // Import an RSA public key JWK and use it
+}
+
 #if !defined(USE_OPENSSL)
 
 TEST_F(WebCryptoImplTest, GenerateKeyPairRsa) {