Enable support for draft-ietf-webpush-encryption-08

components/gcm_driver/crypto/gcm_encryption_provider_unittest.cc

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/gcm_driver/crypto/gcm_encryption_provider.h"
 
 #include <stddef.h>
 
 #include <sstream>
 #include <string>
 
 #include "base/base64url.h"
+#include "base/big_endian.h"
 #include "base/bind.h"
 #include "base/bind_helpers.h"
 #include "base/files/scoped_temp_dir.h"
 #include "base/message_loop/message_loop.h"
 #include "base/run_loop.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/strings/string_piece.h"
 #include "base/strings/string_util.h"
 #include "base/test/histogram_tester.h"
 #include "components/gcm_driver/common/gcm_messages.h"
@@ skipping 111 matching lines @@
   // Returns the message resulting from the previous decryption operation.
   const IncomingMessage& decrypted_message() { return decrypted_message_; }
 
   GCMEncryptionProvider* encryption_provider() {
     return encryption_provider_.get();
   }
 
   // Performs a full round-trip test of the encryption feature. Must wrap this
   // in ASSERT_NO_FATAL_FAILURE.
   void TestEncryptionRoundTrip(const std::string& app_id,
-                               const std::string& authorized_entity);
+                               const std::string& authorized_entity,
+                               GCMMessageCryptographer::Version version);
 
  private:
   void DidDecryptMessage(GCMEncryptionProvider::DecryptionResult result,
                          const IncomingMessage& message) {
     decryption_result_ = result;
     decrypted_message_ = message;
   }
 
   base::MessageLoop message_loop_;
   base::ScopedTempDir scoped_temp_dir_;
@@ skipping 24 matching lines @@
   double_header_message.data["crypto-key"] = "";
   EXPECT_FALSE(encryption_provider()->IsEncryptedMessage(
                    double_header_message));
 
   IncomingMessage double_header_with_data_message;
   double_header_with_data_message.data["encryption"] = "";
   double_header_with_data_message.data["crypto-key"] = "";
   double_header_with_data_message.raw_data = "foo";
   EXPECT_TRUE(encryption_provider()->IsEncryptedMessage(
                   double_header_with_data_message));
+
+  IncomingMessage draft08_message;
+  draft08_message.data["content-encoding"] = "aes128gcm";
+  draft08_message.raw_data = "foo";
+  EXPECT_TRUE(encryption_provider()->IsEncryptedMessage(draft08_message));
 }
 
 TEST_F(GCMEncryptionProviderTest, VerifiesEncryptionHeaderParsing) {
   // The Encryption header must be parsable and contain valid values.
   // Note that this is more extensively tested in EncryptionHeaderParsersTest.
 
   IncomingMessage invalid_message;
   invalid_message.data["encryption"] = kInvalidEncryptionHeader;
   invalid_message.data["crypto-key"] = kValidCryptoKeyHeader;
   invalid_message.raw_data = "foo";
@@ skipping 241 matching lines @@
                                               base::Bind(&base::DoNothing));
 
   base::RunLoop().RunUntilIdle();
 
   ASSERT_NO_FATAL_FAILURE(CheckHasKey(authorized_entity_1, false));
   ASSERT_NO_FATAL_FAILURE(CheckHasKey(authorized_entity_2, false));
 }
 
 void GCMEncryptionProviderTest::TestEncryptionRoundTrip(
     const std::string& app_id,
-    const std::string& authorized_entity) {
+    const std::string& authorized_entity,
+    GCMMessageCryptographer::Version version) {
   // Performs a full round-trip of the encryption feature, including getting a
   // public/private key-pair and performing the cryptographic operations. This
   // is more of an integration test than a unit test.
 
   KeyPair pair, server_pair;
   std::string auth_secret, server_authentication;
 
   // Retrieve the public/private key-pair immediately from the key store, given
   // that the GCMEncryptionProvider will only share the public key with users.
   // Also create a second pair, which will act as the server's keys.
@@ skipping 27 matching lines @@
       pair.private_key(), pair.public_key_x509(), server_pair.public_key(),
       &shared_secret));
 
   IncomingMessage message;
   size_t record_size;
 
   message.sender_id = kExampleAuthorizedEntity;
 
   // Encrypts the |kExampleMessage| using the generated shared key and the
   // random |salt|, storing the result in |record_size| and the message.
-  GCMMessageCryptographer cryptographer(
-      GCMMessageCryptographer::Version::DRAFT_03);
+  GCMMessageCryptographer cryptographer(version);
 
+  std::string ciphertext;
   ASSERT_TRUE(cryptographer.Encrypt(
       pair.public_key(), server_pair.public_key(), shared_secret, auth_secret,
-      salt, kExampleMessage, &record_size, &message.raw_data));
+      salt, kExampleMessage, &record_size, &ciphertext));
 
-  std::string encoded_salt, encoded_key;
+  switch (version) {
+    case GCMMessageCryptographer::Version::DRAFT_03: {
+      std::string encoded_salt, encoded_key;
 
-  // Compile the incoming GCM message, including the required headers.
-  base::Base64UrlEncode(
-      salt, base::Base64UrlEncodePolicy::INCLUDE_PADDING, &encoded_salt);
-  base::Base64UrlEncode(
-      server_pair.public_key(), base::Base64UrlEncodePolicy::INCLUDE_PADDING,
-      &encoded_key);
+      // Compile the incoming GCM message, including the required headers.
+      base::Base64UrlEncode(salt, base::Base64UrlEncodePolicy::INCLUDE_PADDING,
+                            &encoded_salt);
+      base::Base64UrlEncode(server_pair.public_key(),
+                            base::Base64UrlEncodePolicy::INCLUDE_PADDING,
+                            &encoded_key);
 
-  std::stringstream encryption_header;
-  encryption_header << "rs=" << base::SizeTToString(record_size) << ";";
-  encryption_header << "salt=" << encoded_salt;
+      std::stringstream encryption_header;
+      encryption_header << "rs=" << base::SizeTToString(record_size) << ";";
+      encryption_header << "salt=" << encoded_salt;
 
-  message.data["encryption"] = encryption_header.str();
-  message.data["crypto-key"] = "dh=" + encoded_key;
+      message.data["encryption"] = encryption_header.str();
+      message.data["crypto-key"] = "dh=" + encoded_key;
+      message.raw_data.swap(ciphertext);
+      break;
+    }
+    case GCMMessageCryptographer::Version::DRAFT_08: {
+      uint32_t rs = record_size;
+      uint8_t key_length = server_pair.public_key().size();
+
+      std::vector<char> payload(salt.size() + sizeof(rs) + sizeof(key_length) +
+                                server_pair.public_key().size() +
+                                ciphertext.size());
+
+      char* current = &payload.front();
+
+      memcpy(current, salt.data(), salt.size());
+      current += salt.size();
+
+      base::WriteBigEndian(current, rs);
+      current += sizeof(rs);
+
+      base::WriteBigEndian(current, key_length);
+      current += sizeof(key_length);
+
+      memcpy(current, server_pair.public_key().data(),
+             server_pair.public_key().size());
+      current += server_pair.public_key().size();
+
+      memcpy(current, ciphertext.data(), ciphertext.size());
+
+      message.data["content-encoding"] = "aes128gcm";
+      message.raw_data.assign(payload.begin(), payload.end());
+      break;
+    }
+  }
 
   ASSERT_TRUE(encryption_provider()->IsEncryptedMessage(message));
 
   // Decrypt the message, and expect everything to go wonderfully well.
   ASSERT_NO_FATAL_FAILURE(Decrypt(message));
-  ASSERT_EQ(GCMEncryptionProvider::DECRYPTION_RESULT_DECRYPTED,
+  ASSERT_EQ(version == GCMMessageCryptographer::Version::DRAFT_03
+                ? GCMEncryptionProvider::DECRYPTION_RESULT_DECRYPTED_DRAFT_03
+                : GCMEncryptionProvider::DECRYPTION_RESULT_DECRYPTED_DRAFT_08,
             decryption_result());
 
   EXPECT_TRUE(decrypted_message().decrypted);
   EXPECT_EQ(kExampleMessage, decrypted_message().raw_data);
 }
 
 TEST_F(GCMEncryptionProviderTest, EncryptionRoundTripGCMRegistration) {
   // GCMEncryptionProvider::DecryptMessage should succeed when the message was
   // sent to a non-InstanceID GCM registration (empty authorized_entity).
   ASSERT_NO_FATAL_FAILURE(TestEncryptionRoundTrip(
-      kExampleAppId, "" /* empty authorized entity for non-InstanceID */));
+      kExampleAppId, "" /* empty authorized entity for non-InstanceID */,
+      GCMMessageCryptographer::Version::DRAFT_03));
 }
 
 TEST_F(GCMEncryptionProviderTest, EncryptionRoundTripInstanceIDToken) {
   // GCMEncryptionProvider::DecryptMessage should succeed when the message was
   // sent to an InstanceID token (non-empty authorized_entity).
   ASSERT_NO_FATAL_FAILURE(
-      TestEncryptionRoundTrip(kExampleAppId, kExampleAuthorizedEntity));
+      TestEncryptionRoundTrip(kExampleAppId, kExampleAuthorizedEntity,
+                              GCMMessageCryptographer::Version::DRAFT_03));
+}
+
+TEST_F(GCMEncryptionProviderTest, EncryptionRoundTripDraft08) {
+  // GCMEncryptionProvider::DecryptMessage should succeed when the message was
+  // encrypted following raft-ietf-webpush-encryption-08.
+  ASSERT_NO_FATAL_FAILURE(
+      TestEncryptionRoundTrip(kExampleAppId, kExampleAuthorizedEntity,
+                              GCMMessageCryptographer::Version::DRAFT_08));
 }
 
 }  // namespace gcm