Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(149)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/child/webcrypto/shared_crypto_unittest.cc

Issue 269313004: [webcrypto] Fix AES-KW unwrapping for symmetric keys (NSS). (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: fix chromeos compile failure. macros be crazy. Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « content/child/webcrypto/platform_crypto_nss.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/child/webcrypto/shared_crypto.h" 5 #include "content/child/webcrypto/shared_crypto.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <string> 8 #include <string>
9 #include <vector> 9 #include <vector>
10 10
(...skipping 2767 matching lines...) Expand 10 before | Expand all | Expand 10 after
2778 CryptoData(test_ciphertext), 2778 CryptoData(test_ciphertext),
2779 wrapping_key, 2779 wrapping_key,
2780 wrapping_algorithm, 2780 wrapping_algorithm,
2781 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc), 2781 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
2782 true, 2782 true,
2783 blink::WebCryptoKeyUsageEncrypt, 2783 blink::WebCryptoKeyUsageEncrypt,
2784 &unwrapped_key)); 2784 &unwrapped_key));
2785 EXPECT_FALSE(key.isNull()); 2785 EXPECT_FALSE(key.isNull());
2786 EXPECT_TRUE(key.handle()); 2786 EXPECT_TRUE(key.handle());
2787 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); 2787 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type());
2788 EXPECT_EQ( 2788 EXPECT_EQ(blink::WebCryptoAlgorithmIdAesCbc, key.algorithm().id());
2789 webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc).id(),
2790 key.algorithm().id());
2791 EXPECT_EQ(true, key.extractable()); 2789 EXPECT_EQ(true, key.extractable());
2792 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); 2790 EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages());
2793 2791
2794 // Export the new key and compare its raw bytes with the original known key. 2792 // Export the new key and compare its raw bytes with the original known key.
2795 std::vector<uint8> raw_key; 2793 std::vector<uint8> raw_key;
2796 EXPECT_EQ(Status::Success(), 2794 EXPECT_EQ(Status::Success(),
2797 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key)); 2795 ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key));
2798 EXPECT_BYTES_EQ(test_key, raw_key); 2796 EXPECT_BYTES_EQ(test_key, raw_key);
2799 } 2797 }
2800 } 2798 }
2801 2799
2800 // Unwrap a HMAC key using AES-KW, and then try doing a sign/verify with the
2801 // unwrapped key
2802 TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyUnwrapSignVerifyHmac)) {
2803 scoped_ptr<base::ListValue> tests;
2804 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests));
2805
2806 base::DictionaryValue* test;
2807 ASSERT_TRUE(tests->GetDictionary(0, &test));
2808 const std::vector<uint8> test_kek = GetBytesFromHexString(test, "kek");
2809 const std::vector<uint8> test_ciphertext =
2810 GetBytesFromHexString(test, "ciphertext");
2811 const blink::WebCryptoAlgorithm wrapping_algorithm =
2812 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw);
2813
2814 // Import the wrapping key.
2815 blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw(
2816 test_kek, wrapping_algorithm, blink::WebCryptoKeyUsageUnwrapKey);
2817
2818 // Unwrap the known ciphertext.
2819 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
2820 ASSERT_EQ(
2821 Status::Success(),
2822 UnwrapKey(blink::WebCryptoKeyFormatRaw,
2823 CryptoData(test_ciphertext),
2824 wrapping_key,
2825 wrapping_algorithm,
2826 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha1),
2827 false,
2828 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify,
2829 &key));
2830
2831 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type());
2832 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id());
2833 EXPECT_FALSE(key.extractable());
2834 EXPECT_EQ(blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify,
2835 key.usages());
2836
2837 // Sign an empty message and ensure it is verified.
2838 std::vector<uint8> test_message;
2839 std::vector<uint8> signature;
2840
2841 ASSERT_EQ(Status::Success(),
2842 Sign(CreateAlgorithm(blink::WebCryptoAlgorithmIdHmac),
2843 key,
2844 CryptoData(test_message),
2845 &signature));
2846
2847 EXPECT_GT(signature.size(), 0u);
2848
2849 bool verify_result;
2850 ASSERT_EQ(Status::Success(),
2851 VerifySignature(CreateAlgorithm(blink::WebCryptoAlgorithmIdHmac),
2852 key,
2853 CryptoData(signature),
2854 CryptoData(test_message),
2855 &verify_result));
2856 }
2857
2802 TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyWrapUnwrapErrors)) { 2858 TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyWrapUnwrapErrors)) {
2803 scoped_ptr<base::ListValue> tests; 2859 scoped_ptr<base::ListValue> tests;
2804 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests)); 2860 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests));
2805 base::DictionaryValue* test; 2861 base::DictionaryValue* test;
2806 // Use 256 bits of data with a 256-bit KEK 2862 // Use 256 bits of data with a 256-bit KEK
2807 ASSERT_TRUE(tests->GetDictionary(5, &test)); 2863 ASSERT_TRUE(tests->GetDictionary(5, &test));
2808 const std::vector<uint8> test_kek = GetBytesFromHexString(test, "kek"); 2864 const std::vector<uint8> test_kek = GetBytesFromHexString(test, "kek");
2809 const std::vector<uint8> test_key = GetBytesFromHexString(test, "key"); 2865 const std::vector<uint8> test_key = GetBytesFromHexString(test, "key");
2810 const std::vector<uint8> test_ciphertext = 2866 const std::vector<uint8> test_ciphertext =
2811 GetBytesFromHexString(test, "ciphertext"); 2867 GetBytesFromHexString(test, "ciphertext");
(...skipping 607 matching lines...) Expand 10 before | Expand all | Expand 10 after
3419 algorithm, 3475 algorithm,
3420 CreateAesCbcAlgorithm(std::vector<uint8>(0, 16)), 3476 CreateAesCbcAlgorithm(std::vector<uint8>(0, 16)),
3421 true, 3477 true,
3422 blink::WebCryptoKeyUsageEncrypt, 3478 blink::WebCryptoKeyUsageEncrypt,
3423 &unwrapped_key)); 3479 &unwrapped_key));
3424 } 3480 }
3425 3481
3426 } // namespace webcrypto 3482 } // namespace webcrypto
3427 3483
3428 } // namespace content 3484 } // namespace content
OLDNEW
« no previous file with comments | « content/child/webcrypto/platform_crypto_nss.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698