[webcrypto] Remove support for AES 192-bit keys (2 of 2)

content/child/webcrypto/shared_crypto_unittest.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/child/webcrypto/shared_crypto.h"
 
 #include <algorithm>
 #include <string>
 #include <vector>
 
@@ skipping 1061 matching lines @@
                   CryptoData(&test_cipher_text[0], test_cipher_text.size() - 3),
                   &output));
     }
   }
 }
 
 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyAes)) {
   // Check key generation for each of AES-CBC, AES-GCM, and AES-KW, and for each
   // allowed key length.
   std::vector<blink::WebCryptoAlgorithm> algorithm;
-  const unsigned short kKeyLength[] = {128, 192, 256};
+  const unsigned short kKeyLength[] = {128, 256};
   for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kKeyLength); ++i) {
     algorithm.push_back(CreateAesCbcKeyGenAlgorithm(kKeyLength[i]));
     algorithm.push_back(CreateAesKwKeyGenAlgorithm(kKeyLength[i]));
     if (SupportsAesGcm())
       algorithm.push_back(CreateAesGcmKeyGenAlgorithm(kKeyLength[i]));
   }
   blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
   std::vector<std::vector<uint8> > keys;
   std::vector<uint8> key_bytes;
   for (size_t i = 0; i < algorithm.size(); ++i) {
@@ skipping 726 matching lines @@
 
   EXPECT_BYTES_EQ_HEX(mac_raw, output);
 
   // TODO(padolph): Import an RSA public key JWK and use it
 }
 
 TEST_F(SharedCryptoTest, MAYBE(ImportExportJwkSymmetricKey)) {
   // Raw keys are generated by openssl:
   // % openssl rand -hex <key length bytes>
   const char* const key_hex_128 = "3f1e7cd4f6f8543f6b1e16002e688623";
-  const char* const key_hex_192 =
-      "ed91f916dc034eba68a0f9e7f34ddd48b98bd2848109e243";
   const char* const key_hex_256 =
       "bd08286b81a74783fd1ccf46b7e05af84ee25ae021210074159e0c4d9d907692";
   const char* const key_hex_384 =
       "a22c5441c8b185602283d64c7221de1d0951e706bfc09539435ec0e0ed614e1d406623f2"
       "b31d31819fec30993380dd82";
   const char* const key_hex_512 =
       "5834f639000d4cf82de124fbfd26fb88d463e99f839a76ba41ac88967c80a3f61e1239a4"
       "52e573dba0750e988152988576efd75b8d0229b7aca2ada2afd392ee";
   const blink::WebCryptoAlgorithm aes_cbc_alg =
       webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc);
@@ skipping 16 matching lines @@
     const blink::WebCryptoKeyUsageMask usage;
     const char* const jwk_alg;
   };
 
   // TODO(padolph): Test AES-CTR JWK export, once AES-CTR import works.
   const TestCase kTests[] = {
       // AES-CBC 128
       {key_hex_128, aes_cbc_alg,
        blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt,
        "A128CBC"},
-      // AES-CBC 192
-      {key_hex_192, aes_cbc_alg, blink::WebCryptoKeyUsageEncrypt, "A192CBC"},
       // AES-CBC 256
       {key_hex_256, aes_cbc_alg, blink::WebCryptoKeyUsageDecrypt, "A256CBC"},
       // AES-GCM 128
       {key_hex_128, aes_gcm_alg,
        blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt,
        "A128GCM"},
-      // AES-CGM 192
-      {key_hex_192, aes_gcm_alg, blink::WebCryptoKeyUsageEncrypt, "A192GCM"},
       // AES-GCM 256
       {key_hex_256, aes_gcm_alg, blink::WebCryptoKeyUsageDecrypt, "A256GCM"},
       // AES-KW 128
       {key_hex_128, aes_kw_alg,
        blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey,
        "A128KW"},
-      // AES-KW 192
-      {key_hex_192, aes_kw_alg,
-       blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey,
-       "A192KW"},
       // AES-KW 256
       {key_hex_256, aes_kw_alg,
        blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey,
        "A256KW"},
       // HMAC SHA-1
       {key_hex_256, hmac_sha_1_alg,
        blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, "HS1"},
       // HMAC SHA-384
       {key_hex_384, hmac_sha_384_alg, blink::WebCryptoKeyUsageSign, "HS384"},
       // HMAC SHA-512
@@ skipping 911 matching lines @@
                       true,
                       blink::WebCryptoKeyUsageWrapKey,
                       &key));
   std::vector<uint8> key_raw_out;
   EXPECT_EQ(Status::Success(),
             ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out));
   EXPECT_BYTES_EQ_HEX(key_raw_hex_in, key_raw_out);
 
   // Import a 192-bit KEK
   key_raw_hex_in = "c0192c6466b2370decbb62b2cfef4384544ffeb4d2fbc103";
-  ASSERT_EQ(Status::Success(),
+  ASSERT_EQ(Status::ErrorAes192BitUnsupported(),
             ImportKey(blink::WebCryptoKeyFormatRaw,
                       CryptoData(HexStringToBytes(key_raw_hex_in)),
                       algorithm,
                       true,
                       blink::WebCryptoKeyUsageWrapKey,
                       &key));
-  EXPECT_EQ(Status::Success(),
-            ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_raw_out));
-  EXPECT_BYTES_EQ_HEX(key_raw_hex_in, key_raw_out);
 
   // Import a 256-bit Key Encryption Key (KEK)
   key_raw_hex_in =
       "e11fe66380d90fa9ebefb74e0478e78f95664d0c67ca20ce4a0b5842863ac46f";
   ASSERT_EQ(Status::Success(),
             ImportKey(blink::WebCryptoKeyFormatRaw,
                       CryptoData(HexStringToBytes(key_raw_hex_in)),
                       algorithm,
                       true,
                       blink::WebCryptoKeyUsageWrapKey,
@@ skipping 90 matching lines @@
 
     // Import the wrapping key.
     blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw(
         test_kek,
         wrapping_algorithm,
         blink::WebCryptoKeyUsageWrapKey | blink::WebCryptoKeyUsageUnwrapKey);
 
     // Import the key to be wrapped.
     blink::WebCryptoKey key = ImportSecretKeyFromRaw(
         test_key,
-        webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
-        blink::WebCryptoKeyUsageEncrypt);
+        CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha1),
+        blink::WebCryptoKeyUsageSign);
 
     // Wrap the key and verify the ciphertext result against the known answer.
     std::vector<uint8> wrapped_key;
     ASSERT_EQ(Status::Success(),
               WrapKey(blink::WebCryptoKeyFormatRaw,
                       key,
                       wrapping_key,
                       wrapping_algorithm,
                       &wrapped_key));
     EXPECT_BYTES_EQ(test_ciphertext, wrapped_key);
 
     // Unwrap the known ciphertext to get a new test_key.
     blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull();
     ASSERT_EQ(
         Status::Success(),
         UnwrapKey(blink::WebCryptoKeyFormatRaw,
                   CryptoData(test_ciphertext),
                   wrapping_key,
                   wrapping_algorithm,
-                  webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
+                  CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha1),
                   true,
-                  blink::WebCryptoKeyUsageEncrypt,
+                  blink::WebCryptoKeyUsageSign,
                   &unwrapped_key));
     EXPECT_FALSE(key.isNull());
     EXPECT_TRUE(key.handle());
     EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type());
-    EXPECT_EQ(blink::WebCryptoAlgorithmIdAesCbc, key.algorithm().id());
+    EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id());
     EXPECT_EQ(true, key.extractable());
-    EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages());
+    EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages());
 
     // Export the new key and compare its raw bytes with the original known key.
     std::vector<uint8> raw_key;
     EXPECT_EQ(Status::Success(),
               ExportKey(blink::WebCryptoKeyFormatRaw, unwrapped_key, &raw_key));
     EXPECT_BYTES_EQ(test_key, raw_key);
   }
 }
 
 // Unwrap a HMAC key using AES-KW, and then try doing a sign/verify with the
@@ skipping 52 matching lines @@
                             CryptoData(signature),
                             CryptoData(test_message),
                             &verify_result));
 }
 
 TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyWrapUnwrapErrors)) {
   scoped_ptr<base::ListValue> tests;
   ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests));
   base::DictionaryValue* test;
   // Use 256 bits of data with a 256-bit KEK
-  ASSERT_TRUE(tests->GetDictionary(5, &test));
+  ASSERT_TRUE(tests->GetDictionary(3, &test));
   const std::vector<uint8> test_kek = GetBytesFromHexString(test, "kek");
   const std::vector<uint8> test_key = GetBytesFromHexString(test, "key");
   const std::vector<uint8> test_ciphertext =
       GetBytesFromHexString(test, "ciphertext");
   const blink::WebCryptoAlgorithm wrapping_algorithm =
       webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw);
   const blink::WebCryptoAlgorithm key_algorithm =
       webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc);
   // Import the wrapping key.
   blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw(
@@ skipping 32 matching lines @@
                       true,
                       blink::WebCryptoKeyUsageEncrypt,
                       &unwrapped_key));
 }
 
 TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyUnwrapCorruptData)) {
   scoped_ptr<base::ListValue> tests;
   ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests));
   base::DictionaryValue* test;
   // Use 256 bits of data with a 256-bit KEK
-  ASSERT_TRUE(tests->GetDictionary(5, &test));
+  ASSERT_TRUE(tests->GetDictionary(3, &test));
   const std::vector<uint8> test_kek = GetBytesFromHexString(test, "kek");
   const std::vector<uint8> test_key = GetBytesFromHexString(test, "key");
   const std::vector<uint8> test_ciphertext =
       GetBytesFromHexString(test, "ciphertext");
   const blink::WebCryptoAlgorithm wrapping_algorithm =
       webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw);
 
   // Import the wrapping key.
   blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw(
       test_kek,
@@ skipping 186 matching lines @@
                               test_iv,
                               test_additional_data,
                               wrong_tag_size_bits,
                               test_cipher_text,
                               test_authentication_tag,
                               &plain_text));
     }
   }
 }
 
+// AES 192-bit is not allowed: http://crbug.com/381829
+TEST_F(SharedCryptoTest, MAYBE(ImportAesCbc192Raw)) {
+  std::vector<uint8> key_raw(24, 0);
+  blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
+  Status status = ImportKey(blink::WebCryptoKeyFormatRaw,
+                            CryptoData(key_raw),
+                            CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
+                            true,
+                            blink::WebCryptoKeyUsageEncrypt,
+                            &key);
+  ASSERT_EQ(Status::ErrorAes192BitUnsupported(), status);
+}
+
+// AES 192-bit is not allowed: http://crbug.com/381829
+TEST_F(SharedCryptoTest, MAYBE(ImportAesCbc192Jwk)) {
+  blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
+
+  base::DictionaryValue dict;
+  dict.SetString("kty", "oct");
+  dict.SetString("alg", "A192CBC");
+  dict.SetString("k", "YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFh");
+
+  EXPECT_EQ(
+      Status::ErrorAes192BitUnsupported(),
+      ImportKeyJwkFromDict(dict,
+                           CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
+                           false,
+                           blink::WebCryptoKeyUsageEncrypt,
+                           &key));
+}
+
+// AES 192-bit is not allowed: http://crbug.com/381829
+TEST_F(SharedCryptoTest, MAYBE(GenerateAesCbc192)) {
+  blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
+  Status status = GenerateSecretKey(CreateAesCbcKeyGenAlgorithm(192),
+                                    true,
+                                    blink::WebCryptoKeyUsageEncrypt,
+                                    &key);
+  ASSERT_EQ(Status::ErrorAes192BitUnsupported(), status);
+}
+
+// AES 192-bit is not allowed: http://crbug.com/381829
+TEST_F(SharedCryptoTest, MAYBE(UnwrapAesCbc192)) {
+  std::vector<uint8> wrapping_key_data(16, 0);
+  std::vector<uint8> wrapped_key = HexStringToBytes(
+      "1A07ACAB6C906E50883173C29441DB1DE91D34F45C435B5F99C822867FB3956F");
+
+  blink::WebCryptoKey wrapping_key =
+      ImportSecretKeyFromRaw(wrapping_key_data,
+                             CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw),
+                             blink::WebCryptoKeyUsageUnwrapKey);
+
+  blink::WebCryptoKey unwrapped_key = blink::WebCryptoKey::createNull();
+      ASSERT_EQ(Status::ErrorAes192BitUnsupported(),
+                UnwrapKey(blink::WebCryptoKeyFormatRaw,
+                          CryptoData(wrapped_key),
+                          wrapping_key,
+                          CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw),
+                          CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
+                          true,
+                          blink::WebCryptoKeyUsageEncrypt,
+                          &unwrapped_key));
+}
+
 class SharedCryptoRsaOaepTest : public ::testing::Test {
  public:
   SharedCryptoRsaOaepTest() { Init(); }
 
   scoped_ptr<base::DictionaryValue> CreatePublicKeyJwkDict() {
     scoped_ptr<base::DictionaryValue> jwk(new base::DictionaryValue());
     jwk->SetString("kty", "RSA");
     jwk->SetString("n",
                    Base64EncodeUrlSafe(HexStringToBytes(kPublicKeyModulusHex)));
     jwk->SetString(
@@ skipping 955 matching lines @@
   EXPECT_EQ(public_key_spki, unwrapped_public_key_spki);
   EXPECT_EQ(private_key_pkcs8, unwrapped_private_key_pkcs8);
 
   EXPECT_NE(public_key_spki, wrapped_public_key);
   EXPECT_NE(private_key_pkcs8, wrapped_private_key);
 }
 
 }  // namespace webcrypto
 
 }  // namespace content