OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/child/webcrypto/shared_crypto.h" | 5 #include "content/child/webcrypto/shared_crypto.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
(...skipping 113 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
124 #else | 124 #else |
125 #if defined(USE_NSS) | 125 #if defined(USE_NSS) |
126 if (!NSS_VersionCheck("3.16.2")) | 126 if (!NSS_VersionCheck("3.16.2")) |
127 return false; | 127 return false; |
128 #endif | 128 #endif |
129 crypto::ScopedPK11Slot slot(PK11_GetInternalKeySlot()); | 129 crypto::ScopedPK11Slot slot(PK11_GetInternalKeySlot()); |
130 return !!PK11_DoesMechanism(slot.get(), CKM_RSA_PKCS_OAEP); | 130 return !!PK11_DoesMechanism(slot.get(), CKM_RSA_PKCS_OAEP); |
131 #endif | 131 #endif |
132 } | 132 } |
133 | 133 |
| 134 bool SupportsRsaKeyImport() { |
| 135 #if defined(USE_NSS) |
| 136 if (!NSS_VersionCheck("3.16.2")) { |
| 137 LOG(WARNING) << "RSA key import is not supported by this version of NSS. " |
| 138 "Skipping some tests"; |
| 139 return false; |
| 140 } |
| 141 #endif |
| 142 return true; |
| 143 } |
| 144 |
134 blink::WebCryptoAlgorithm CreateRsaHashedKeyGenAlgorithm( | 145 blink::WebCryptoAlgorithm CreateRsaHashedKeyGenAlgorithm( |
135 blink::WebCryptoAlgorithmId algorithm_id, | 146 blink::WebCryptoAlgorithmId algorithm_id, |
136 const blink::WebCryptoAlgorithmId hash_id, | 147 const blink::WebCryptoAlgorithmId hash_id, |
137 unsigned int modulus_length, | 148 unsigned int modulus_length, |
138 const std::vector<uint8>& public_exponent) { | 149 const std::vector<uint8>& public_exponent) { |
139 DCHECK(algorithm_id == blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 || | 150 DCHECK(algorithm_id == blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 || |
140 algorithm_id == blink::WebCryptoAlgorithmIdRsaOaep); | 151 algorithm_id == blink::WebCryptoAlgorithmIdRsaOaep); |
141 DCHECK(blink::WebCryptoAlgorithm::isHash(hash_id)); | 152 DCHECK(blink::WebCryptoAlgorithm::isHash(hash_id)); |
142 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( | 153 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( |
143 algorithm_id, | 154 algorithm_id, |
(...skipping 1352 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1496 | 1507 |
1497 // Fail on k actual length (192 bits) inconsistent with the embedded JWK alg | 1508 // Fail on k actual length (192 bits) inconsistent with the embedded JWK alg |
1498 // value (128) for an AES key. | 1509 // value (128) for an AES key. |
1499 dict.SetString("k", "dGhpcyAgaXMgIDI0ICBieXRlcyBsb25n"); | 1510 dict.SetString("k", "dGhpcyAgaXMgIDI0ICBieXRlcyBsb25n"); |
1500 EXPECT_EQ(Status::ErrorJwkIncorrectKeyLength(), | 1511 EXPECT_EQ(Status::ErrorJwkIncorrectKeyLength(), |
1501 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1512 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1502 RestoreJwkOctDictionary(&dict); | 1513 RestoreJwkOctDictionary(&dict); |
1503 } | 1514 } |
1504 | 1515 |
1505 TEST_F(SharedCryptoTest, MAYBE(ImportExportJwkRsaPublicKey)) { | 1516 TEST_F(SharedCryptoTest, MAYBE(ImportExportJwkRsaPublicKey)) { |
| 1517 if (!SupportsRsaKeyImport()) |
| 1518 return; |
| 1519 |
1506 const bool supports_rsa_oaep = SupportsRsaOaep(); | 1520 const bool supports_rsa_oaep = SupportsRsaOaep(); |
1507 if (!supports_rsa_oaep) { | 1521 if (!supports_rsa_oaep) { |
1508 LOG(WARNING) << "RSA-OAEP not supported on this platform. Skipping some" | 1522 LOG(WARNING) << "RSA-OAEP not supported on this platform. Skipping some" |
1509 << "tests."; | 1523 << "tests."; |
1510 } | 1524 } |
1511 | 1525 |
1512 struct TestCase { | 1526 struct TestCase { |
1513 const blink::WebCryptoAlgorithm algorithm; | 1527 const blink::WebCryptoAlgorithm algorithm; |
1514 const blink::WebCryptoKeyUsageMask usage; | 1528 const blink::WebCryptoKeyUsageMask usage; |
1515 const char* const jwk_alg; | 1529 const char* const jwk_alg; |
(...skipping 453 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1969 EXPECT_EQ(0u, key.algorithm().hmacParams()->lengthBits()); | 1983 EXPECT_EQ(0u, key.algorithm().hmacParams()->lengthBits()); |
1970 | 1984 |
1971 std::vector<uint8> exported_key_data; | 1985 std::vector<uint8> exported_key_data; |
1972 EXPECT_EQ(Status::Success(), | 1986 EXPECT_EQ(Status::Success(), |
1973 ExportKey(blink::WebCryptoKeyFormatRaw, key, &exported_key_data)); | 1987 ExportKey(blink::WebCryptoKeyFormatRaw, key, &exported_key_data)); |
1974 | 1988 |
1975 EXPECT_EQ(0u, exported_key_data.size()); | 1989 EXPECT_EQ(0u, exported_key_data.size()); |
1976 } | 1990 } |
1977 | 1991 |
1978 TEST_F(SharedCryptoTest, MAYBE(ImportExportSpki)) { | 1992 TEST_F(SharedCryptoTest, MAYBE(ImportExportSpki)) { |
| 1993 if (!SupportsRsaKeyImport()) |
| 1994 return; |
| 1995 |
1979 // Passing case: Import a valid RSA key in SPKI format. | 1996 // Passing case: Import a valid RSA key in SPKI format. |
1980 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1997 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1981 ASSERT_EQ(Status::Success(), | 1998 ASSERT_EQ(Status::Success(), |
1982 ImportKey(blink::WebCryptoKeyFormatSpki, | 1999 ImportKey(blink::WebCryptoKeyFormatSpki, |
1983 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), | 2000 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), |
1984 CreateRsaHashedImportAlgorithm( | 2001 CreateRsaHashedImportAlgorithm( |
1985 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2002 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
1986 blink::WebCryptoAlgorithmIdSha256), | 2003 blink::WebCryptoAlgorithmIdSha256), |
1987 true, | 2004 true, |
1988 blink::WebCryptoKeyUsageVerify, | 2005 blink::WebCryptoKeyUsageVerify, |
(...skipping 66 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2055 | 2072 |
2056 // TODO(eroman): Failing test: Import a SPKI with an unrecognized hash OID | 2073 // TODO(eroman): Failing test: Import a SPKI with an unrecognized hash OID |
2057 // TODO(eroman): Failing test: Import a SPKI with invalid algorithm params | 2074 // TODO(eroman): Failing test: Import a SPKI with invalid algorithm params |
2058 // TODO(eroman): Failing test: Import a SPKI with inconsistent parameters | 2075 // TODO(eroman): Failing test: Import a SPKI with inconsistent parameters |
2059 // (e.g. SHA-1 in OID, SHA-256 in params) | 2076 // (e.g. SHA-1 in OID, SHA-256 in params) |
2060 // TODO(eroman): Failing test: Import a SPKI for RSA-SSA, but with params | 2077 // TODO(eroman): Failing test: Import a SPKI for RSA-SSA, but with params |
2061 // as OAEP/PSS | 2078 // as OAEP/PSS |
2062 } | 2079 } |
2063 | 2080 |
2064 TEST_F(SharedCryptoTest, MAYBE(ImportExportPkcs8)) { | 2081 TEST_F(SharedCryptoTest, MAYBE(ImportExportPkcs8)) { |
| 2082 if (!SupportsRsaKeyImport()) |
| 2083 return; |
| 2084 |
2065 // Passing case: Import a valid RSA key in PKCS#8 format. | 2085 // Passing case: Import a valid RSA key in PKCS#8 format. |
2066 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 2086 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
2067 ASSERT_EQ(Status::Success(), | 2087 ASSERT_EQ(Status::Success(), |
2068 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 2088 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
2069 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), | 2089 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), |
2070 CreateRsaHashedImportAlgorithm( | 2090 CreateRsaHashedImportAlgorithm( |
2071 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2091 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
2072 blink::WebCryptoAlgorithmIdSha1), | 2092 blink::WebCryptoAlgorithmIdSha1), |
2073 true, | 2093 true, |
2074 blink::WebCryptoKeyUsageSign, | 2094 blink::WebCryptoKeyUsageSign, |
(...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2122 true, | 2142 true, |
2123 blink::WebCryptoKeyUsageSign, | 2143 blink::WebCryptoKeyUsageSign, |
2124 &key)); | 2144 &key)); |
2125 } | 2145 } |
2126 | 2146 |
2127 // Tests JWK import and export by doing a roundtrip key conversion and ensuring | 2147 // Tests JWK import and export by doing a roundtrip key conversion and ensuring |
2128 // it was lossless: | 2148 // it was lossless: |
2129 // | 2149 // |
2130 // PKCS8 --> JWK --> PKCS8 | 2150 // PKCS8 --> JWK --> PKCS8 |
2131 TEST_F(SharedCryptoTest, MAYBE(ImportRsaPrivateKeyJwkToPkcs8RoundTrip)) { | 2151 TEST_F(SharedCryptoTest, MAYBE(ImportRsaPrivateKeyJwkToPkcs8RoundTrip)) { |
| 2152 if (!SupportsRsaKeyImport()) |
| 2153 return; |
| 2154 |
2132 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 2155 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
2133 ASSERT_EQ(Status::Success(), | 2156 ASSERT_EQ(Status::Success(), |
2134 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 2157 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
2135 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), | 2158 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), |
2136 CreateRsaHashedImportAlgorithm( | 2159 CreateRsaHashedImportAlgorithm( |
2137 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2160 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
2138 blink::WebCryptoAlgorithmIdSha1), | 2161 blink::WebCryptoAlgorithmIdSha1), |
2139 true, | 2162 true, |
2140 blink::WebCryptoKeyUsageSign, | 2163 blink::WebCryptoKeyUsageSign, |
2141 &key)); | 2164 &key)); |
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2187 } | 2210 } |
2188 | 2211 |
2189 // Tests importing multiple RSA private keys from JWK, and then exporting to | 2212 // Tests importing multiple RSA private keys from JWK, and then exporting to |
2190 // PKCS8. | 2213 // PKCS8. |
2191 // | 2214 // |
2192 // This is a regression test for http://crbug.com/378315, for which importing | 2215 // This is a regression test for http://crbug.com/378315, for which importing |
2193 // a sequence of keys from JWK could yield the wrong key. The first key would | 2216 // a sequence of keys from JWK could yield the wrong key. The first key would |
2194 // be imported correctly, however every key after that would actually import | 2217 // be imported correctly, however every key after that would actually import |
2195 // the first key. | 2218 // the first key. |
2196 TEST_F(SharedCryptoTest, MAYBE(ImportMultipleRSAPrivateKeysJwk)) { | 2219 TEST_F(SharedCryptoTest, MAYBE(ImportMultipleRSAPrivateKeysJwk)) { |
| 2220 if (!SupportsRsaKeyImport()) |
| 2221 return; |
| 2222 |
2197 scoped_ptr<base::ListValue> key_list; | 2223 scoped_ptr<base::ListValue> key_list; |
2198 ASSERT_TRUE(ReadJsonTestFileToList("rsa_private_keys.json", &key_list)); | 2224 ASSERT_TRUE(ReadJsonTestFileToList("rsa_private_keys.json", &key_list)); |
2199 | 2225 |
2200 // For this test to be meaningful the keys MUST be kept alive before importing | 2226 // For this test to be meaningful the keys MUST be kept alive before importing |
2201 // new keys. | 2227 // new keys. |
2202 std::vector<blink::WebCryptoKey> live_keys; | 2228 std::vector<blink::WebCryptoKey> live_keys; |
2203 | 2229 |
2204 for (size_t key_index = 0; key_index < key_list->GetSize(); ++key_index) { | 2230 for (size_t key_index = 0; key_index < key_list->GetSize(); ++key_index) { |
2205 SCOPED_TRACE(key_index); | 2231 SCOPED_TRACE(key_index); |
2206 | 2232 |
(...skipping 141 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2348 &key)); | 2374 &key)); |
2349 } | 2375 } |
2350 | 2376 |
2351 // Import a JWK RSA private key, without any of the optional parameters. | 2377 // Import a JWK RSA private key, without any of the optional parameters. |
2352 // | 2378 // |
2353 // This is expected to work, however based on the current NSS implementation it | 2379 // This is expected to work, however based on the current NSS implementation it |
2354 // does not. | 2380 // does not. |
2355 // | 2381 // |
2356 // TODO(eroman): http://crbug/com/374927 | 2382 // TODO(eroman): http://crbug/com/374927 |
2357 TEST_F(SharedCryptoTest, MAYBE(ImportRsaPrivateKeyJwkIncorrectOptionalEmpty)) { | 2383 TEST_F(SharedCryptoTest, MAYBE(ImportRsaPrivateKeyJwkIncorrectOptionalEmpty)) { |
| 2384 if (!SupportsRsaKeyImport()) |
| 2385 return; |
| 2386 |
2358 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 2387 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
2359 | 2388 |
2360 base::DictionaryValue dict; | 2389 base::DictionaryValue dict; |
2361 dict.SetString("kty", "RSA"); | 2390 dict.SetString("kty", "RSA"); |
2362 dict.SetString("alg", "RS1"); | 2391 dict.SetString("alg", "RS1"); |
2363 | 2392 |
2364 dict.SetString( | 2393 dict.SetString( |
2365 "n", | 2394 "n", |
2366 "pW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h962ZHYxRBW_-2xYrTA8oOhKoijlN_" | 2395 "pW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h962ZHYxRBW_-2xYrTA8oOhKoijlN_" |
2367 "1JqtykcuzB86r_OCx39XNlQgJbVsri2311nHvY3fAkhyyPCcKcOJZjm_4nRnxBazC0_" | 2396 "1JqtykcuzB86r_OCx39XNlQgJbVsri2311nHvY3fAkhyyPCcKcOJZjm_4nRnxBazC0_" |
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2423 EXPECT_EQ(extractable, private_key.extractable()); | 2452 EXPECT_EQ(extractable, private_key.extractable()); |
2424 EXPECT_EQ(usage_mask, public_key.usages()); | 2453 EXPECT_EQ(usage_mask, public_key.usages()); |
2425 EXPECT_EQ(usage_mask, private_key.usages()); | 2454 EXPECT_EQ(usage_mask, private_key.usages()); |
2426 | 2455 |
2427 // Try exporting the generated key pair, and then re-importing to verify that | 2456 // Try exporting the generated key pair, and then re-importing to verify that |
2428 // the exported data was valid. | 2457 // the exported data was valid. |
2429 std::vector<uint8> public_key_spki; | 2458 std::vector<uint8> public_key_spki; |
2430 EXPECT_EQ( | 2459 EXPECT_EQ( |
2431 Status::Success(), | 2460 Status::Success(), |
2432 ExportKey(blink::WebCryptoKeyFormatSpki, public_key, &public_key_spki)); | 2461 ExportKey(blink::WebCryptoKeyFormatSpki, public_key, &public_key_spki)); |
2433 public_key = blink::WebCryptoKey::createNull(); | |
2434 EXPECT_EQ(Status::Success(), | |
2435 ImportKey(blink::WebCryptoKeyFormatSpki, | |
2436 CryptoData(public_key_spki), | |
2437 CreateRsaHashedImportAlgorithm( | |
2438 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | |
2439 blink::WebCryptoAlgorithmIdSha256), | |
2440 true, | |
2441 usage_mask, | |
2442 &public_key)); | |
2443 EXPECT_EQ(modulus_length, | |
2444 public_key.algorithm().rsaHashedParams()->modulusLengthBits()); | |
2445 | 2462 |
2446 std::vector<uint8> private_key_pkcs8; | 2463 if (SupportsRsaKeyImport()) { |
2447 EXPECT_EQ( | 2464 public_key = blink::WebCryptoKey::createNull(); |
2448 Status::Success(), | 2465 EXPECT_EQ(Status::Success(), |
2449 ExportKey( | 2466 ImportKey(blink::WebCryptoKeyFormatSpki, |
2450 blink::WebCryptoKeyFormatPkcs8, private_key, &private_key_pkcs8)); | 2467 CryptoData(public_key_spki), |
2451 private_key = blink::WebCryptoKey::createNull(); | 2468 CreateRsaHashedImportAlgorithm( |
2452 EXPECT_EQ(Status::Success(), | 2469 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
2453 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 2470 blink::WebCryptoAlgorithmIdSha256), |
2454 CryptoData(private_key_pkcs8), | 2471 true, |
2455 CreateRsaHashedImportAlgorithm( | 2472 usage_mask, |
2456 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2473 &public_key)); |
2457 blink::WebCryptoAlgorithmIdSha256), | 2474 EXPECT_EQ(modulus_length, |
2458 true, | 2475 public_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
2459 usage_mask, | 2476 |
2460 &private_key)); | 2477 std::vector<uint8> private_key_pkcs8; |
2461 EXPECT_EQ(modulus_length, | 2478 EXPECT_EQ( |
2462 private_key.algorithm().rsaHashedParams()->modulusLengthBits()); | 2479 Status::Success(), |
| 2480 ExportKey( |
| 2481 blink::WebCryptoKeyFormatPkcs8, private_key, &private_key_pkcs8)); |
| 2482 private_key = blink::WebCryptoKey::createNull(); |
| 2483 EXPECT_EQ(Status::Success(), |
| 2484 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
| 2485 CryptoData(private_key_pkcs8), |
| 2486 CreateRsaHashedImportAlgorithm( |
| 2487 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 2488 blink::WebCryptoAlgorithmIdSha256), |
| 2489 true, |
| 2490 usage_mask, |
| 2491 &private_key)); |
| 2492 EXPECT_EQ(modulus_length, |
| 2493 private_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
| 2494 } |
2463 | 2495 |
2464 // Fail with bad modulus. | 2496 // Fail with bad modulus. |
2465 algorithm = | 2497 algorithm = |
2466 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2498 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
2467 blink::WebCryptoAlgorithmIdSha256, | 2499 blink::WebCryptoAlgorithmIdSha256, |
2468 0, | 2500 0, |
2469 public_exponent); | 2501 public_exponent); |
2470 EXPECT_EQ(Status::ErrorGenerateRsaZeroModulus(), | 2502 EXPECT_EQ(Status::ErrorGenerateRsaZeroModulus(), |
2471 GenerateKeyPair( | 2503 GenerateKeyPair( |
2472 algorithm, extractable, usage_mask, &public_key, &private_key)); | 2504 algorithm, extractable, usage_mask, &public_key, &private_key)); |
(...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2595 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 2627 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
2596 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 2628 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
2597 | 2629 |
2598 EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(), | 2630 EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(), |
2599 GenerateKeyPair( | 2631 GenerateKeyPair( |
2600 algorithm, true, 0, &public_key, &private_key)); | 2632 algorithm, true, 0, &public_key, &private_key)); |
2601 } | 2633 } |
2602 } | 2634 } |
2603 | 2635 |
2604 TEST_F(SharedCryptoTest, MAYBE(RsaSsaSignVerifyFailures)) { | 2636 TEST_F(SharedCryptoTest, MAYBE(RsaSsaSignVerifyFailures)) { |
| 2637 if (!SupportsRsaKeyImport()) |
| 2638 return; |
| 2639 |
2605 // Import a key pair. | 2640 // Import a key pair. |
2606 blink::WebCryptoAlgorithm import_algorithm = | 2641 blink::WebCryptoAlgorithm import_algorithm = |
2607 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2642 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
2608 blink::WebCryptoAlgorithmIdSha1); | 2643 blink::WebCryptoAlgorithmIdSha1); |
2609 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 2644 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
2610 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 2645 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
2611 ASSERT_NO_FATAL_FAILURE( | 2646 ASSERT_NO_FATAL_FAILURE( |
2612 ImportRsaKeyPair(HexStringToBytes(kPublicKeySpkiDerHex), | 2647 ImportRsaKeyPair(HexStringToBytes(kPublicKeySpkiDerHex), |
2613 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 2648 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
2614 import_algorithm, | 2649 import_algorithm, |
(...skipping 110 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2725 VerifySignature( | 2760 VerifySignature( |
2726 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), | 2761 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), |
2727 public_key_256, | 2762 public_key_256, |
2728 CryptoData(signature), | 2763 CryptoData(signature), |
2729 CryptoData(data), | 2764 CryptoData(data), |
2730 &is_match)); | 2765 &is_match)); |
2731 EXPECT_FALSE(is_match); | 2766 EXPECT_FALSE(is_match); |
2732 } | 2767 } |
2733 | 2768 |
2734 TEST_F(SharedCryptoTest, MAYBE(RsaSignVerifyKnownAnswer)) { | 2769 TEST_F(SharedCryptoTest, MAYBE(RsaSignVerifyKnownAnswer)) { |
| 2770 if (!SupportsRsaKeyImport()) |
| 2771 return; |
| 2772 |
2735 scoped_ptr<base::ListValue> tests; | 2773 scoped_ptr<base::ListValue> tests; |
2736 ASSERT_TRUE(ReadJsonTestFileToList("pkcs1v15_sign.json", &tests)); | 2774 ASSERT_TRUE(ReadJsonTestFileToList("pkcs1v15_sign.json", &tests)); |
2737 | 2775 |
2738 // Import the key pair. | 2776 // Import the key pair. |
2739 blink::WebCryptoAlgorithm import_algorithm = | 2777 blink::WebCryptoAlgorithm import_algorithm = |
2740 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2778 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
2741 blink::WebCryptoAlgorithmIdSha1); | 2779 blink::WebCryptoAlgorithmIdSha1); |
2742 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 2780 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
2743 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 2781 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
2744 ASSERT_NO_FATAL_FAILURE( | 2782 ASSERT_NO_FATAL_FAILURE( |
(...skipping 1462 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
4207 &private_key)); | 4245 &private_key)); |
4208 | 4246 |
4209 EXPECT_EQ(0, public_key.usages()); | 4247 EXPECT_EQ(0, public_key.usages()); |
4210 EXPECT_EQ(blink::WebCryptoKeyUsageSign, private_key.usages()); | 4248 EXPECT_EQ(blink::WebCryptoKeyUsageSign, private_key.usages()); |
4211 } | 4249 } |
4212 | 4250 |
4213 // Generate an AES-CBC key and an RSA key pair. Use the AES-CBC key to wrap the | 4251 // Generate an AES-CBC key and an RSA key pair. Use the AES-CBC key to wrap the |
4214 // key pair (using SPKI format for public key, PKCS8 format for private key). | 4252 // key pair (using SPKI format for public key, PKCS8 format for private key). |
4215 // Then unwrap the wrapped key pair and verify that the key data is the same. | 4253 // Then unwrap the wrapped key pair and verify that the key data is the same. |
4216 TEST_F(SharedCryptoTest, MAYBE(WrapUnwrapRoundtripSpkiPkcs8UsingAesCbc)) { | 4254 TEST_F(SharedCryptoTest, MAYBE(WrapUnwrapRoundtripSpkiPkcs8UsingAesCbc)) { |
| 4255 if (!SupportsRsaKeyImport()) |
| 4256 return; |
| 4257 |
4217 // Generate the wrapping key. | 4258 // Generate the wrapping key. |
4218 blink::WebCryptoKey wrapping_key = blink::WebCryptoKey::createNull(); | 4259 blink::WebCryptoKey wrapping_key = blink::WebCryptoKey::createNull(); |
4219 ASSERT_EQ(Status::Success(), | 4260 ASSERT_EQ(Status::Success(), |
4220 GenerateSecretKey(CreateAesCbcKeyGenAlgorithm(128), | 4261 GenerateSecretKey(CreateAesCbcKeyGenAlgorithm(128), |
4221 true, | 4262 true, |
4222 blink::WebCryptoKeyUsageWrapKey | | 4263 blink::WebCryptoKeyUsageWrapKey | |
4223 blink::WebCryptoKeyUsageUnwrapKey, | 4264 blink::WebCryptoKeyUsageUnwrapKey, |
4224 &wrapping_key)); | 4265 &wrapping_key)); |
4225 | 4266 |
4226 // Generate an RSA key pair to be wrapped. | 4267 // Generate an RSA key pair to be wrapped. |
(...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
4317 EXPECT_EQ(public_key_spki, unwrapped_public_key_spki); | 4358 EXPECT_EQ(public_key_spki, unwrapped_public_key_spki); |
4318 EXPECT_EQ(private_key_pkcs8, unwrapped_private_key_pkcs8); | 4359 EXPECT_EQ(private_key_pkcs8, unwrapped_private_key_pkcs8); |
4319 | 4360 |
4320 EXPECT_NE(public_key_spki, wrapped_public_key); | 4361 EXPECT_NE(public_key_spki, wrapped_public_key); |
4321 EXPECT_NE(private_key_pkcs8, wrapped_private_key); | 4362 EXPECT_NE(private_key_pkcs8, wrapped_private_key); |
4322 } | 4363 } |
4323 | 4364 |
4324 } // namespace webcrypto | 4365 } // namespace webcrypto |
4325 | 4366 |
4326 } // namespace content | 4367 } // namespace content |
OLD | NEW |