[webcrypto] Don't fail JWK import if key_ops contains an unrecognized value.

content/child/webcrypto/shared_crypto_unittest.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/child/webcrypto/shared_crypto.h"
 
 #include <algorithm>
 #include <string>
 #include <vector>
 
@@ skipping 1379 matching lines @@
   EXPECT_EQ(Status::ErrorJwkPropertyWrongType("ext", "boolean"),
             ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key));
   RestoreJwkOctDictionary(&dict);
 
   // Fail on invalid key_ops (wrong type).
   dict.SetBoolean("key_ops", true);
   EXPECT_EQ(Status::ErrorJwkPropertyWrongType("key_ops", "list"),
             ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key));
   RestoreJwkOctDictionary(&dict);
 
-  // Fail on invalid key_ops (wrong element value).
+  // Fail on inconsistent key_ops - asking for "encrypt" however JWK contains
+  // only "foo".
   base::ListValue* key_ops = new base::ListValue;
   // Note: the following call makes dict assume ownership of key_ops.
   dict.Set("key_ops", key_ops);
   key_ops->AppendString("foo");
-  EXPECT_EQ(Status::ErrorJwkUnrecognizedKeyop(),
+  EXPECT_EQ(Status::ErrorJwkKeyopsInconsistent(),
             ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key));
   RestoreJwkOctDictionary(&dict);
 }
 
+// Import a JWK with unrecognized values for "key_ops".
+TEST_F(SharedCryptoTest, ImportJwkUnrecognizedKeyOps) {
+  blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
+  blink::WebCryptoAlgorithm algorithm =
+      CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc);
+  blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt;
+
+  base::DictionaryValue dict;
+  RestoreJwkOctDictionary(&dict);
+
+  base::ListValue* key_ops = new base::ListValue;
+  dict.Set("key_ops", key_ops);
+  key_ops->AppendString("foo");
+  key_ops->AppendString("bar");
+  key_ops->AppendString("baz");
+  key_ops->AppendString("encrypt");
+  EXPECT_EQ(Status::Success(),
+            ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key));
+}
+
+// Import a JWK with a value in key_ops array that is not a string.
+TEST_F(SharedCryptoTest, ImportJwkNonStringKeyOp) {
+  blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
+  blink::WebCryptoAlgorithm algorithm =
+      CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc);
+  blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt;
+
+  base::DictionaryValue dict;
+  RestoreJwkOctDictionary(&dict);
+
+  base::ListValue* key_ops = new base::ListValue;
+  dict.Set("key_ops", key_ops);
+  key_ops->AppendString("encrypt");
+  key_ops->AppendInteger(3);
+  EXPECT_EQ(Status::ErrorJwkPropertyWrongType("key_ops[1]", "string"),
+            ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key));
+}
+
 TEST_F(SharedCryptoTest, ImportJwkOctFailures) {
   base::DictionaryValue dict;
   RestoreJwkOctDictionary(&dict);
   blink::WebCryptoAlgorithm algorithm =
       CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc);
   blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt;
   blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
 
   // Baseline pass.
   EXPECT_EQ(Status::Success(),
@@ skipping 2649 matching lines @@
   EXPECT_EQ(public_key_spki, unwrapped_public_key_spki);
   EXPECT_EQ(private_key_pkcs8, unwrapped_private_key_pkcs8);
 
   EXPECT_NE(public_key_spki, wrapped_public_key);
   EXPECT_NE(private_key_pkcs8, wrapped_private_key);
 }
 
 }  // namespace webcrypto
 
 }  // namespace content