OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/gcm_driver/crypto/gcm_message_cryptographer.h" | 5 #include "components/gcm_driver/crypto/gcm_message_cryptographer.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 | 8 |
9 #include <memory> | 9 #include <memory> |
10 | 10 |
(...skipping 120 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
131 | 131 |
132 std::string local_public_key, peer_public_key; | 132 std::string local_public_key, peer_public_key; |
133 ASSERT_TRUE(base::Base64UrlDecode( | 133 ASSERT_TRUE(base::Base64UrlDecode( |
134 kLocalPublicKeyCommon, base::Base64UrlDecodePolicy::IGNORE_PADDING, | 134 kLocalPublicKeyCommon, base::Base64UrlDecodePolicy::IGNORE_PADDING, |
135 &local_public_key)); | 135 &local_public_key)); |
136 ASSERT_TRUE(base::Base64UrlDecode( | 136 ASSERT_TRUE(base::Base64UrlDecode( |
137 kPeerPublicKeyCommon, base::Base64UrlDecodePolicy::IGNORE_PADDING, | 137 kPeerPublicKeyCommon, base::Base64UrlDecodePolicy::IGNORE_PADDING, |
138 &peer_public_key)); | 138 &peer_public_key)); |
139 | 139 |
140 cryptographer_.reset( | 140 cryptographer_.reset( |
141 new GCMMessageCryptographer(GCMMessageCryptographer::Label::P256, | 141 new GCMMessageCryptographer(local_public_key, peer_public_key, |
142 local_public_key, peer_public_key, | |
143 kAuthSecretCommon)); | 142 kAuthSecretCommon)); |
144 } | 143 } |
145 | 144 |
146 protected: | 145 protected: |
147 // Generates a cryptographically secure random salt of 16-octets in size, the | 146 // Generates a cryptographically secure random salt of 16-octets in size, the |
148 // required length as expected by the HKDF. | 147 // required length as expected by the HKDF. |
149 std::string GenerateRandomSalt() { | 148 std::string GenerateRandomSalt() { |
150 const size_t kSaltSize = 16; | 149 const size_t kSaltSize = 16; |
151 | 150 |
152 std::string salt; | 151 std::string salt; |
(...skipping 193 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
346 | 345 |
347 TEST_F(GCMMessageCryptographerTest, AuthSecretAffectsIKM) { | 346 TEST_F(GCMMessageCryptographerTest, AuthSecretAffectsIKM) { |
348 std::string public_key; | 347 std::string public_key; |
349 ASSERT_TRUE(base::Base64UrlDecode( | 348 ASSERT_TRUE(base::Base64UrlDecode( |
350 kLocalPublicKeyCommon, base::Base64UrlDecodePolicy::IGNORE_PADDING, | 349 kLocalPublicKeyCommon, base::Base64UrlDecodePolicy::IGNORE_PADDING, |
351 &public_key)); | 350 &public_key)); |
352 | 351 |
353 // Fake IKM to use in the DerivePseudoRandomKey calls. | 352 // Fake IKM to use in the DerivePseudoRandomKey calls. |
354 const char kFakeIKM[] = "HelloWorld"; | 353 const char kFakeIKM[] = "HelloWorld"; |
355 | 354 |
356 GCMMessageCryptographer hello_cryptographer( | 355 GCMMessageCryptographer hello_cryptographer(public_key, public_key, "Hello"); |
357 GCMMessageCryptographer::Label::P256, public_key, public_key, "Hello"); | |
358 | 356 |
359 GCMMessageCryptographer world_cryptographer( | 357 GCMMessageCryptographer world_cryptographer(public_key, public_key, "World"); |
360 GCMMessageCryptographer::Label::P256, public_key, public_key, "World"); | |
361 | 358 |
362 ASSERT_NE(hello_cryptographer.DerivePseudoRandomKey(kFakeIKM), kFakeIKM); | 359 ASSERT_NE(hello_cryptographer.DerivePseudoRandomKey(kFakeIKM), kFakeIKM); |
363 ASSERT_NE(world_cryptographer.DerivePseudoRandomKey(kFakeIKM), kFakeIKM); | 360 ASSERT_NE(world_cryptographer.DerivePseudoRandomKey(kFakeIKM), kFakeIKM); |
364 | 361 |
365 ASSERT_NE(hello_cryptographer.DerivePseudoRandomKey(kFakeIKM), | 362 ASSERT_NE(hello_cryptographer.DerivePseudoRandomKey(kFakeIKM), |
366 world_cryptographer.DerivePseudoRandomKey(kFakeIKM)); | 363 world_cryptographer.DerivePseudoRandomKey(kFakeIKM)); |
367 | 364 |
368 std::string salt = GenerateRandomSalt(); | 365 std::string salt = GenerateRandomSalt(); |
369 | 366 |
370 // Verify that the IKM actually gets used by the transformations. | 367 // Verify that the IKM actually gets used by the transformations. |
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
439 encoded_sender_public_key, | 436 encoded_sender_public_key, |
440 base::Base64UrlDecodePolicy::IGNORE_PADDING, &sender_public_key)); | 437 base::Base64UrlDecodePolicy::IGNORE_PADDING, &sender_public_key)); |
441 | 438 |
442 if (encoded_auth_secret) { | 439 if (encoded_auth_secret) { |
443 ASSERT_TRUE(base::Base64UrlDecode( | 440 ASSERT_TRUE(base::Base64UrlDecode( |
444 encoded_auth_secret, | 441 encoded_auth_secret, |
445 base::Base64UrlDecodePolicy::IGNORE_PADDING, &auth_secret)); | 442 base::Base64UrlDecodePolicy::IGNORE_PADDING, &auth_secret)); |
446 } | 443 } |
447 | 444 |
448 std::unique_ptr<GCMMessageCryptographer> instance( | 445 std::unique_ptr<GCMMessageCryptographer> instance( |
449 new GCMMessageCryptographer(GCMMessageCryptographer::Label::P256, | 446 new GCMMessageCryptographer(receiver_public_key, sender_public_key, |
450 receiver_public_key, sender_public_key, | |
451 auth_secret)); | 447 auth_secret)); |
452 | 448 |
453 if (auth_secret.empty()) | 449 if (auth_secret.empty()) |
454 instance->set_allow_empty_auth_secret_for_tests(true); | 450 instance->set_allow_empty_auth_secret_for_tests(true); |
455 | 451 |
456 cryptographer->swap(instance); | 452 cryptographer->swap(instance); |
457 } | 453 } |
458 }; | 454 }; |
459 | 455 |
460 TEST_F(GCMMessageCryptographerReferenceTest, WithAuthSecret) { | 456 TEST_F(GCMMessageCryptographerReferenceTest, WithAuthSecret) { |
(...skipping 139 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
600 &encoded_ciphertext); | 596 &encoded_ciphertext); |
601 ASSERT_EQ(kCiphertext, encoded_ciphertext); | 597 ASSERT_EQ(kCiphertext, encoded_ciphertext); |
602 | 598 |
603 // Verify that decrypting |kCiphertext| yields the expected |kPlaintext|. | 599 // Verify that decrypting |kCiphertext| yields the expected |kPlaintext|. |
604 ASSERT_TRUE(cryptographer->Decrypt(ciphertext, sender_shared_secret, salt, | 600 ASSERT_TRUE(cryptographer->Decrypt(ciphertext, sender_shared_secret, salt, |
605 record_size, &plaintext)); | 601 record_size, &plaintext)); |
606 ASSERT_EQ(kPlaintext, plaintext); | 602 ASSERT_EQ(kPlaintext, plaintext); |
607 } | 603 } |
608 | 604 |
609 } // namespace gcm | 605 } // namespace gcm |
OLD | NEW |