Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(470)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/child/webcrypto/shared_crypto_unittest.cc

Issue 329673002: [webcrypto] Restrict public exponent for RSA key generation to 3 or 65537. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« content/child/webcrypto/shared_crypto.cc ('K') | « content/child/webcrypto/shared_crypto.cc ('k') | content/child/webcrypto/status.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/child/webcrypto/shared_crypto.h" 5 #include "content/child/webcrypto/shared_crypto.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <string> 8 #include <string>
9 #include <vector> 9 #include <vector>
10 10
(...skipping 2561 matching lines...) Expand 10 before | Expand all | Expand 10 after
2572 2572
2573 // Re-generate an extractable private_key and try to export it as SPKI format. 2573 // Re-generate an extractable private_key and try to export it as SPKI format.
2574 // This should fail since spki is for public keys. 2574 // This should fail since spki is for public keys.
2575 EXPECT_EQ( 2575 EXPECT_EQ(
2576 Status::Success(), 2576 Status::Success(),
2577 GenerateKeyPair(algorithm, true, usage_mask, &public_key, &private_key)); 2577 GenerateKeyPair(algorithm, true, usage_mask, &public_key, &private_key));
2578 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), 2578 EXPECT_EQ(Status::ErrorUnexpectedKeyType(),
2579 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output)); 2579 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output));
2580 } 2580 }
2581 2581
2582 // Try generating RSA key pairs using unsupported public exponents. Only
2583 // exponents of 3 and 65537 are supported. While both OpenSSL and NSS can
2584 // support other values, OpenSSL hangs when given invalid exponents, so use a
2585 // whitelist to validate the parameters.
2586 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyPairRsaBadExponent)) {
2587 const unsigned int modulus_length = 1024;
2588
2589 const char* const kPublicExponents[] = {
2590 "11", // 17 - This is a valid public exponent, but currently disallowed.
2591 "00",
2592 "01",
2593 "02",
2594 "010000", // 65536
2595 };
2596
2597 for (size_t i = 0; i < arraysize(kPublicExponents); ++i) {
2598 SCOPED_TRACE(i);
2599 blink::WebCryptoAlgorithm algorithm = CreateRsaHashedKeyGenAlgorithm(
2600 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5,
2601 blink::WebCryptoAlgorithmIdSha256,
2602 modulus_length,
2603 HexStringToBytes(kPublicExponents[i]));
2604
2605 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull();
2606 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull();
2607
2608 EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(),
2609 GenerateKeyPair(
2610 algorithm, true, 0, &public_key, &private_key));
2611 }
2612 }
2613
2582 TEST_F(SharedCryptoTest, MAYBE(RsaSsaSignVerifyFailures)) { 2614 TEST_F(SharedCryptoTest, MAYBE(RsaSsaSignVerifyFailures)) {
2583 // Import a key pair. 2615 // Import a key pair.
2584 blink::WebCryptoAlgorithm import_algorithm = 2616 blink::WebCryptoAlgorithm import_algorithm =
2585 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, 2617 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5,
2586 blink::WebCryptoAlgorithmIdSha1); 2618 blink::WebCryptoAlgorithmIdSha1);
2587 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); 2619 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull();
2588 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); 2620 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull();
2589 ASSERT_NO_FATAL_FAILURE( 2621 ASSERT_NO_FATAL_FAILURE(
2590 ImportRsaKeyPair(HexStringToBytes(kPublicKeySpkiDerHex), 2622 ImportRsaKeyPair(HexStringToBytes(kPublicKeySpkiDerHex),
2591 HexStringToBytes(kPrivateKeyPkcs8DerHex), 2623 HexStringToBytes(kPrivateKeyPkcs8DerHex),
(...skipping 1642 matching lines...) Expand 10 before | Expand all | Expand 10 after
4234 EXPECT_EQ(public_key_spki, unwrapped_public_key_spki); 4266 EXPECT_EQ(public_key_spki, unwrapped_public_key_spki);
4235 EXPECT_EQ(private_key_pkcs8, unwrapped_private_key_pkcs8); 4267 EXPECT_EQ(private_key_pkcs8, unwrapped_private_key_pkcs8);
4236 4268
4237 EXPECT_NE(public_key_spki, wrapped_public_key); 4269 EXPECT_NE(public_key_spki, wrapped_public_key);
4238 EXPECT_NE(private_key_pkcs8, wrapped_private_key); 4270 EXPECT_NE(private_key_pkcs8, wrapped_private_key);
4239 } 4271 }
4240 4272
4241 } // namespace webcrypto 4273 } // namespace webcrypto
4242 4274
4243 } // namespace content 4275 } // namespace content
OLDNEW
« content/child/webcrypto/shared_crypto.cc ('K') | « content/child/webcrypto/shared_crypto.cc ('k') | content/child/webcrypto/status.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698