[webcrypto] Fix AES-KW unwrapping for symmetric keys (NSS).

content/child/webcrypto/shared_crypto_unittest.cc

Index: content/child/webcrypto/shared_crypto_unittest.cc
diff --git a/content/child/webcrypto/shared_crypto_unittest.cc b/content/child/webcrypto/shared_crypto_unittest.cc
index 3beadc476170cd9b88ad1d7204d2ec19bf300580..3edbe9936c9a456cec1b8eebd68508e7d2a1c4d1 100644
--- a/content/child/webcrypto/shared_crypto_unittest.cc
+++ b/content/child/webcrypto/shared_crypto_unittest.cc
@@ -2785,9 +2785,7 @@ TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyWrapUnwrapKnownAnswer)) {
     EXPECT_FALSE(key.isNull());
     EXPECT_TRUE(key.handle());
     EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type());
-    EXPECT_EQ(
-        webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc).id(),
-        key.algorithm().id());
+    EXPECT_EQ(blink::WebCryptoAlgorithmIdAesCbc, key.algorithm().id());
     EXPECT_EQ(true, key.extractable());
     EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages());
 
@@ -2799,6 +2797,63 @@ TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyWrapUnwrapKnownAnswer)) {
   }
 }
 
+// Unwrap a HMAC key using AES-KW, and then try signing using the unwrapped key.

[Ryan Sleevi, 2014/05/08 00:58:44]

"then try doing a sign/verify with the unwrapped key"

[eroman, 2014/05/08 01:02:40]

Done.

+TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyUnwrapSignVerifyHmac)) {
+  scoped_ptr<base::ListValue> tests;
+  ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests));
+
+  base::DictionaryValue* test;
+  ASSERT_TRUE(tests->GetDictionary(0, &test));
+  const std::vector<uint8> test_kek = GetBytesFromHexString(test, "kek");
+  const std::vector<uint8> test_ciphertext =
+      GetBytesFromHexString(test, "ciphertext");
+  const blink::WebCryptoAlgorithm wrapping_algorithm =
+      CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw);
+
+  // Import the wrapping key.
+  blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw(
+      test_kek, wrapping_algorithm, blink::WebCryptoKeyUsageUnwrapKey);
+
+  // Unwrap the known ciphertext.
+  blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
+  ASSERT_EQ(
+      Status::Success(),
+      UnwrapKey(blink::WebCryptoKeyFormatRaw,
+                CryptoData(test_ciphertext),
+                wrapping_key,
+                wrapping_algorithm,
+                CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha1),
+                false,
+                blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify,
+                &key));
+
+  EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type());
+  EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id());
+  EXPECT_EQ(false, key.extractable());
+  EXPECT_EQ(blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify,
+            key.usages());
+
+  // Sign an empty message and ensure it is verified.
+  std::vector<uint8> test_message;
+  std::vector<uint8> signature;
+
+  ASSERT_EQ(Status::Success(),
+            Sign(CreateAlgorithm(blink::WebCryptoAlgorithmIdHmac),
+                 key,
+                 CryptoData(test_message),
+                 &signature));
+
+  EXPECT_GT(signature.size(), 0u);
+
+  bool verify_result;
+  ASSERT_EQ(Status::Success(),
+            VerifySignature(CreateAlgorithm(blink::WebCryptoAlgorithmIdHmac),
+                            key,
+                            CryptoData(signature),
+                            CryptoData(test_message),
+                            &verify_result));
+}
+
 TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyWrapUnwrapErrors)) {
   scoped_ptr<base::ListValue> tests;
   ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests));