OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/child/webcrypto/shared_crypto.h" | 5 #include "content/child/webcrypto/shared_crypto.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
(...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
115 | 115 |
116 if (status.IsError()) | 116 if (status.IsError()) |
117 EXPECT_EQ(blink::WebCryptoErrorTypeNotSupported, status.error_type()); | 117 EXPECT_EQ(blink::WebCryptoErrorTypeNotSupported, status.error_type()); |
118 return status.IsSuccess(); | 118 return status.IsSuccess(); |
119 } | 119 } |
120 | 120 |
121 bool SupportsRsaOaep() { | 121 bool SupportsRsaOaep() { |
122 #if defined(USE_OPENSSL) | 122 #if defined(USE_OPENSSL) |
123 return false; | 123 return false; |
124 #else | 124 #else |
| 125 // TODO(eroman): Exclude version test for OS_CHROMEOS |
125 #if defined(USE_NSS) | 126 #if defined(USE_NSS) |
126 if (!NSS_VersionCheck("3.16.2")) | 127 if (!NSS_VersionCheck("3.16.2")) |
127 return false; | 128 return false; |
128 #endif | 129 #endif |
129 crypto::ScopedPK11Slot slot(PK11_GetInternalKeySlot()); | 130 crypto::ScopedPK11Slot slot(PK11_GetInternalKeySlot()); |
130 return !!PK11_DoesMechanism(slot.get(), CKM_RSA_PKCS_OAEP); | 131 return !!PK11_DoesMechanism(slot.get(), CKM_RSA_PKCS_OAEP); |
131 #endif | 132 #endif |
132 } | 133 } |
133 | 134 |
| 135 bool SupportsRsaKeyImport() { |
| 136 // TODO(eroman): Exclude version test for OS_CHROMEOS |
| 137 #if defined(USE_NSS) |
| 138 if (!NSS_VersionCheck("3.16.2")) { |
| 139 LOG(WARNING) << "RSA key import is not supported by this version of NSS. " |
| 140 "Skipping some tests"; |
| 141 return false; |
| 142 } |
| 143 #endif |
| 144 return true; |
| 145 } |
| 146 |
134 blink::WebCryptoAlgorithm CreateRsaHashedKeyGenAlgorithm( | 147 blink::WebCryptoAlgorithm CreateRsaHashedKeyGenAlgorithm( |
135 blink::WebCryptoAlgorithmId algorithm_id, | 148 blink::WebCryptoAlgorithmId algorithm_id, |
136 const blink::WebCryptoAlgorithmId hash_id, | 149 const blink::WebCryptoAlgorithmId hash_id, |
137 unsigned int modulus_length, | 150 unsigned int modulus_length, |
138 const std::vector<uint8>& public_exponent) { | 151 const std::vector<uint8>& public_exponent) { |
139 DCHECK(algorithm_id == blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 || | 152 DCHECK(algorithm_id == blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 || |
140 algorithm_id == blink::WebCryptoAlgorithmIdRsaOaep); | 153 algorithm_id == blink::WebCryptoAlgorithmIdRsaOaep); |
141 DCHECK(blink::WebCryptoAlgorithm::isHash(hash_id)); | 154 DCHECK(blink::WebCryptoAlgorithm::isHash(hash_id)); |
142 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( | 155 return blink::WebCryptoAlgorithm::adoptParamsAndCreate( |
143 algorithm_id, | 156 algorithm_id, |
(...skipping 1352 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1496 | 1509 |
1497 // Fail on k actual length (192 bits) inconsistent with the embedded JWK alg | 1510 // Fail on k actual length (192 bits) inconsistent with the embedded JWK alg |
1498 // value (128) for an AES key. | 1511 // value (128) for an AES key. |
1499 dict.SetString("k", "dGhpcyAgaXMgIDI0ICBieXRlcyBsb25n"); | 1512 dict.SetString("k", "dGhpcyAgaXMgIDI0ICBieXRlcyBsb25n"); |
1500 EXPECT_EQ(Status::ErrorJwkIncorrectKeyLength(), | 1513 EXPECT_EQ(Status::ErrorJwkIncorrectKeyLength(), |
1501 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1514 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
1502 RestoreJwkOctDictionary(&dict); | 1515 RestoreJwkOctDictionary(&dict); |
1503 } | 1516 } |
1504 | 1517 |
1505 TEST_F(SharedCryptoTest, MAYBE(ImportExportJwkRsaPublicKey)) { | 1518 TEST_F(SharedCryptoTest, MAYBE(ImportExportJwkRsaPublicKey)) { |
| 1519 if (!SupportsRsaKeyImport()) |
| 1520 return; |
| 1521 |
1506 const bool supports_rsa_oaep = SupportsRsaOaep(); | 1522 const bool supports_rsa_oaep = SupportsRsaOaep(); |
1507 if (!supports_rsa_oaep) { | 1523 if (!supports_rsa_oaep) { |
1508 LOG(WARNING) << "RSA-OAEP not supported on this platform. Skipping some" | 1524 LOG(WARNING) << "RSA-OAEP not supported on this platform. Skipping some" |
1509 << "tests."; | 1525 << "tests."; |
1510 } | 1526 } |
1511 | 1527 |
1512 struct TestCase { | 1528 struct TestCase { |
1513 const blink::WebCryptoAlgorithm algorithm; | 1529 const blink::WebCryptoAlgorithm algorithm; |
1514 const blink::WebCryptoKeyUsageMask usage; | 1530 const blink::WebCryptoKeyUsageMask usage; |
1515 const char* const jwk_alg; | 1531 const char* const jwk_alg; |
(...skipping 453 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1969 EXPECT_EQ(0u, key.algorithm().hmacParams()->lengthBits()); | 1985 EXPECT_EQ(0u, key.algorithm().hmacParams()->lengthBits()); |
1970 | 1986 |
1971 std::vector<uint8> exported_key_data; | 1987 std::vector<uint8> exported_key_data; |
1972 EXPECT_EQ(Status::Success(), | 1988 EXPECT_EQ(Status::Success(), |
1973 ExportKey(blink::WebCryptoKeyFormatRaw, key, &exported_key_data)); | 1989 ExportKey(blink::WebCryptoKeyFormatRaw, key, &exported_key_data)); |
1974 | 1990 |
1975 EXPECT_EQ(0u, exported_key_data.size()); | 1991 EXPECT_EQ(0u, exported_key_data.size()); |
1976 } | 1992 } |
1977 | 1993 |
1978 TEST_F(SharedCryptoTest, MAYBE(ImportExportSpki)) { | 1994 TEST_F(SharedCryptoTest, MAYBE(ImportExportSpki)) { |
| 1995 if (!SupportsRsaKeyImport()) |
| 1996 return; |
| 1997 |
1979 // Passing case: Import a valid RSA key in SPKI format. | 1998 // Passing case: Import a valid RSA key in SPKI format. |
1980 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1999 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
1981 ASSERT_EQ(Status::Success(), | 2000 ASSERT_EQ(Status::Success(), |
1982 ImportKey(blink::WebCryptoKeyFormatSpki, | 2001 ImportKey(blink::WebCryptoKeyFormatSpki, |
1983 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), | 2002 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), |
1984 CreateRsaHashedImportAlgorithm( | 2003 CreateRsaHashedImportAlgorithm( |
1985 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2004 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
1986 blink::WebCryptoAlgorithmIdSha256), | 2005 blink::WebCryptoAlgorithmIdSha256), |
1987 true, | 2006 true, |
1988 blink::WebCryptoKeyUsageVerify, | 2007 blink::WebCryptoKeyUsageVerify, |
(...skipping 66 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2055 | 2074 |
2056 // TODO(eroman): Failing test: Import a SPKI with an unrecognized hash OID | 2075 // TODO(eroman): Failing test: Import a SPKI with an unrecognized hash OID |
2057 // TODO(eroman): Failing test: Import a SPKI with invalid algorithm params | 2076 // TODO(eroman): Failing test: Import a SPKI with invalid algorithm params |
2058 // TODO(eroman): Failing test: Import a SPKI with inconsistent parameters | 2077 // TODO(eroman): Failing test: Import a SPKI with inconsistent parameters |
2059 // (e.g. SHA-1 in OID, SHA-256 in params) | 2078 // (e.g. SHA-1 in OID, SHA-256 in params) |
2060 // TODO(eroman): Failing test: Import a SPKI for RSA-SSA, but with params | 2079 // TODO(eroman): Failing test: Import a SPKI for RSA-SSA, but with params |
2061 // as OAEP/PSS | 2080 // as OAEP/PSS |
2062 } | 2081 } |
2063 | 2082 |
2064 TEST_F(SharedCryptoTest, MAYBE(ImportExportPkcs8)) { | 2083 TEST_F(SharedCryptoTest, MAYBE(ImportExportPkcs8)) { |
| 2084 if (!SupportsRsaKeyImport()) |
| 2085 return; |
| 2086 |
2065 // Passing case: Import a valid RSA key in PKCS#8 format. | 2087 // Passing case: Import a valid RSA key in PKCS#8 format. |
2066 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 2088 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
2067 ASSERT_EQ(Status::Success(), | 2089 ASSERT_EQ(Status::Success(), |
2068 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 2090 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
2069 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), | 2091 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), |
2070 CreateRsaHashedImportAlgorithm( | 2092 CreateRsaHashedImportAlgorithm( |
2071 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2093 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
2072 blink::WebCryptoAlgorithmIdSha1), | 2094 blink::WebCryptoAlgorithmIdSha1), |
2073 true, | 2095 true, |
2074 blink::WebCryptoKeyUsageSign, | 2096 blink::WebCryptoKeyUsageSign, |
(...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2122 true, | 2144 true, |
2123 blink::WebCryptoKeyUsageSign, | 2145 blink::WebCryptoKeyUsageSign, |
2124 &key)); | 2146 &key)); |
2125 } | 2147 } |
2126 | 2148 |
2127 // Tests JWK import and export by doing a roundtrip key conversion and ensuring | 2149 // Tests JWK import and export by doing a roundtrip key conversion and ensuring |
2128 // it was lossless: | 2150 // it was lossless: |
2129 // | 2151 // |
2130 // PKCS8 --> JWK --> PKCS8 | 2152 // PKCS8 --> JWK --> PKCS8 |
2131 TEST_F(SharedCryptoTest, MAYBE(ImportRsaPrivateKeyJwkToPkcs8RoundTrip)) { | 2153 TEST_F(SharedCryptoTest, MAYBE(ImportRsaPrivateKeyJwkToPkcs8RoundTrip)) { |
| 2154 if (!SupportsRsaKeyImport()) |
| 2155 return; |
| 2156 |
2132 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 2157 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
2133 ASSERT_EQ(Status::Success(), | 2158 ASSERT_EQ(Status::Success(), |
2134 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 2159 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
2135 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), | 2160 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), |
2136 CreateRsaHashedImportAlgorithm( | 2161 CreateRsaHashedImportAlgorithm( |
2137 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2162 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
2138 blink::WebCryptoAlgorithmIdSha1), | 2163 blink::WebCryptoAlgorithmIdSha1), |
2139 true, | 2164 true, |
2140 blink::WebCryptoKeyUsageSign, | 2165 blink::WebCryptoKeyUsageSign, |
2141 &key)); | 2166 &key)); |
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2187 } | 2212 } |
2188 | 2213 |
2189 // Tests importing multiple RSA private keys from JWK, and then exporting to | 2214 // Tests importing multiple RSA private keys from JWK, and then exporting to |
2190 // PKCS8. | 2215 // PKCS8. |
2191 // | 2216 // |
2192 // This is a regression test for http://crbug.com/378315, for which importing | 2217 // This is a regression test for http://crbug.com/378315, for which importing |
2193 // a sequence of keys from JWK could yield the wrong key. The first key would | 2218 // a sequence of keys from JWK could yield the wrong key. The first key would |
2194 // be imported correctly, however every key after that would actually import | 2219 // be imported correctly, however every key after that would actually import |
2195 // the first key. | 2220 // the first key. |
2196 TEST_F(SharedCryptoTest, MAYBE(ImportMultipleRSAPrivateKeysJwk)) { | 2221 TEST_F(SharedCryptoTest, MAYBE(ImportMultipleRSAPrivateKeysJwk)) { |
| 2222 if (!SupportsRsaKeyImport()) |
| 2223 return; |
| 2224 |
2197 scoped_ptr<base::ListValue> key_list; | 2225 scoped_ptr<base::ListValue> key_list; |
2198 ASSERT_TRUE(ReadJsonTestFileToList("rsa_private_keys.json", &key_list)); | 2226 ASSERT_TRUE(ReadJsonTestFileToList("rsa_private_keys.json", &key_list)); |
2199 | 2227 |
2200 // For this test to be meaningful the keys MUST be kept alive before importing | 2228 // For this test to be meaningful the keys MUST be kept alive before importing |
2201 // new keys. | 2229 // new keys. |
2202 std::vector<blink::WebCryptoKey> live_keys; | 2230 std::vector<blink::WebCryptoKey> live_keys; |
2203 | 2231 |
2204 for (size_t key_index = 0; key_index < key_list->GetSize(); ++key_index) { | 2232 for (size_t key_index = 0; key_index < key_list->GetSize(); ++key_index) { |
2205 SCOPED_TRACE(key_index); | 2233 SCOPED_TRACE(key_index); |
2206 | 2234 |
(...skipping 141 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2348 &key)); | 2376 &key)); |
2349 } | 2377 } |
2350 | 2378 |
2351 // Import a JWK RSA private key, without any of the optional parameters. | 2379 // Import a JWK RSA private key, without any of the optional parameters. |
2352 // | 2380 // |
2353 // This is expected to work, however based on the current NSS implementation it | 2381 // This is expected to work, however based on the current NSS implementation it |
2354 // does not. | 2382 // does not. |
2355 // | 2383 // |
2356 // TODO(eroman): http://crbug/com/374927 | 2384 // TODO(eroman): http://crbug/com/374927 |
2357 TEST_F(SharedCryptoTest, MAYBE(ImportRsaPrivateKeyJwkIncorrectOptionalEmpty)) { | 2385 TEST_F(SharedCryptoTest, MAYBE(ImportRsaPrivateKeyJwkIncorrectOptionalEmpty)) { |
| 2386 if (!SupportsRsaKeyImport()) |
| 2387 return; |
| 2388 |
2358 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 2389 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
2359 | 2390 |
2360 base::DictionaryValue dict; | 2391 base::DictionaryValue dict; |
2361 dict.SetString("kty", "RSA"); | 2392 dict.SetString("kty", "RSA"); |
2362 dict.SetString("alg", "RS1"); | 2393 dict.SetString("alg", "RS1"); |
2363 | 2394 |
2364 dict.SetString( | 2395 dict.SetString( |
2365 "n", | 2396 "n", |
2366 "pW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h962ZHYxRBW_-2xYrTA8oOhKoijlN_" | 2397 "pW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h962ZHYxRBW_-2xYrTA8oOhKoijlN_" |
2367 "1JqtykcuzB86r_OCx39XNlQgJbVsri2311nHvY3fAkhyyPCcKcOJZjm_4nRnxBazC0_" | 2398 "1JqtykcuzB86r_OCx39XNlQgJbVsri2311nHvY3fAkhyyPCcKcOJZjm_4nRnxBazC0_" |
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2423 EXPECT_EQ(extractable, private_key.extractable()); | 2454 EXPECT_EQ(extractable, private_key.extractable()); |
2424 EXPECT_EQ(usage_mask, public_key.usages()); | 2455 EXPECT_EQ(usage_mask, public_key.usages()); |
2425 EXPECT_EQ(usage_mask, private_key.usages()); | 2456 EXPECT_EQ(usage_mask, private_key.usages()); |
2426 | 2457 |
2427 // Try exporting the generated key pair, and then re-importing to verify that | 2458 // Try exporting the generated key pair, and then re-importing to verify that |
2428 // the exported data was valid. | 2459 // the exported data was valid. |
2429 std::vector<uint8> public_key_spki; | 2460 std::vector<uint8> public_key_spki; |
2430 EXPECT_EQ( | 2461 EXPECT_EQ( |
2431 Status::Success(), | 2462 Status::Success(), |
2432 ExportKey(blink::WebCryptoKeyFormatSpki, public_key, &public_key_spki)); | 2463 ExportKey(blink::WebCryptoKeyFormatSpki, public_key, &public_key_spki)); |
2433 public_key = blink::WebCryptoKey::createNull(); | |
2434 EXPECT_EQ(Status::Success(), | |
2435 ImportKey(blink::WebCryptoKeyFormatSpki, | |
2436 CryptoData(public_key_spki), | |
2437 CreateRsaHashedImportAlgorithm( | |
2438 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | |
2439 blink::WebCryptoAlgorithmIdSha256), | |
2440 true, | |
2441 usage_mask, | |
2442 &public_key)); | |
2443 EXPECT_EQ(modulus_length, | |
2444 public_key.algorithm().rsaHashedParams()->modulusLengthBits()); | |
2445 | 2464 |
2446 std::vector<uint8> private_key_pkcs8; | 2465 if (SupportsRsaKeyImport()) { |
2447 EXPECT_EQ( | 2466 public_key = blink::WebCryptoKey::createNull(); |
2448 Status::Success(), | 2467 EXPECT_EQ(Status::Success(), |
2449 ExportKey( | 2468 ImportKey(blink::WebCryptoKeyFormatSpki, |
2450 blink::WebCryptoKeyFormatPkcs8, private_key, &private_key_pkcs8)); | 2469 CryptoData(public_key_spki), |
2451 private_key = blink::WebCryptoKey::createNull(); | 2470 CreateRsaHashedImportAlgorithm( |
2452 EXPECT_EQ(Status::Success(), | 2471 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
2453 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 2472 blink::WebCryptoAlgorithmIdSha256), |
2454 CryptoData(private_key_pkcs8), | 2473 true, |
2455 CreateRsaHashedImportAlgorithm( | 2474 usage_mask, |
2456 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2475 &public_key)); |
2457 blink::WebCryptoAlgorithmIdSha256), | 2476 EXPECT_EQ(modulus_length, |
2458 true, | 2477 public_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
2459 usage_mask, | 2478 |
2460 &private_key)); | 2479 std::vector<uint8> private_key_pkcs8; |
2461 EXPECT_EQ(modulus_length, | 2480 EXPECT_EQ( |
2462 private_key.algorithm().rsaHashedParams()->modulusLengthBits()); | 2481 Status::Success(), |
| 2482 ExportKey( |
| 2483 blink::WebCryptoKeyFormatPkcs8, private_key, &private_key_pkcs8)); |
| 2484 private_key = blink::WebCryptoKey::createNull(); |
| 2485 EXPECT_EQ(Status::Success(), |
| 2486 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
| 2487 CryptoData(private_key_pkcs8), |
| 2488 CreateRsaHashedImportAlgorithm( |
| 2489 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 2490 blink::WebCryptoAlgorithmIdSha256), |
| 2491 true, |
| 2492 usage_mask, |
| 2493 &private_key)); |
| 2494 EXPECT_EQ(modulus_length, |
| 2495 private_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
| 2496 } |
2463 | 2497 |
2464 // Fail with bad modulus. | 2498 // Fail with bad modulus. |
2465 algorithm = | 2499 algorithm = |
2466 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2500 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
2467 blink::WebCryptoAlgorithmIdSha256, | 2501 blink::WebCryptoAlgorithmIdSha256, |
2468 0, | 2502 0, |
2469 public_exponent); | 2503 public_exponent); |
2470 EXPECT_EQ(Status::ErrorGenerateRsaZeroModulus(), | 2504 EXPECT_EQ(Status::ErrorGenerateRsaZeroModulus(), |
2471 GenerateKeyPair( | 2505 GenerateKeyPair( |
2472 algorithm, extractable, usage_mask, &public_key, &private_key)); | 2506 algorithm, extractable, usage_mask, &public_key, &private_key)); |
(...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2595 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 2629 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
2596 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 2630 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
2597 | 2631 |
2598 EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(), | 2632 EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(), |
2599 GenerateKeyPair( | 2633 GenerateKeyPair( |
2600 algorithm, true, 0, &public_key, &private_key)); | 2634 algorithm, true, 0, &public_key, &private_key)); |
2601 } | 2635 } |
2602 } | 2636 } |
2603 | 2637 |
2604 TEST_F(SharedCryptoTest, MAYBE(RsaSsaSignVerifyFailures)) { | 2638 TEST_F(SharedCryptoTest, MAYBE(RsaSsaSignVerifyFailures)) { |
| 2639 if (!SupportsRsaKeyImport()) |
| 2640 return; |
| 2641 |
2605 // Import a key pair. | 2642 // Import a key pair. |
2606 blink::WebCryptoAlgorithm import_algorithm = | 2643 blink::WebCryptoAlgorithm import_algorithm = |
2607 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2644 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
2608 blink::WebCryptoAlgorithmIdSha1); | 2645 blink::WebCryptoAlgorithmIdSha1); |
2609 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 2646 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
2610 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 2647 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
2611 ASSERT_NO_FATAL_FAILURE( | 2648 ASSERT_NO_FATAL_FAILURE( |
2612 ImportRsaKeyPair(HexStringToBytes(kPublicKeySpkiDerHex), | 2649 ImportRsaKeyPair(HexStringToBytes(kPublicKeySpkiDerHex), |
2613 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 2650 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
2614 import_algorithm, | 2651 import_algorithm, |
(...skipping 110 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2725 VerifySignature( | 2762 VerifySignature( |
2726 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), | 2763 CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), |
2727 public_key_256, | 2764 public_key_256, |
2728 CryptoData(signature), | 2765 CryptoData(signature), |
2729 CryptoData(data), | 2766 CryptoData(data), |
2730 &is_match)); | 2767 &is_match)); |
2731 EXPECT_FALSE(is_match); | 2768 EXPECT_FALSE(is_match); |
2732 } | 2769 } |
2733 | 2770 |
2734 TEST_F(SharedCryptoTest, MAYBE(RsaSignVerifyKnownAnswer)) { | 2771 TEST_F(SharedCryptoTest, MAYBE(RsaSignVerifyKnownAnswer)) { |
| 2772 if (!SupportsRsaKeyImport()) |
| 2773 return; |
| 2774 |
2735 scoped_ptr<base::ListValue> tests; | 2775 scoped_ptr<base::ListValue> tests; |
2736 ASSERT_TRUE(ReadJsonTestFileToList("pkcs1v15_sign.json", &tests)); | 2776 ASSERT_TRUE(ReadJsonTestFileToList("pkcs1v15_sign.json", &tests)); |
2737 | 2777 |
2738 // Import the key pair. | 2778 // Import the key pair. |
2739 blink::WebCryptoAlgorithm import_algorithm = | 2779 blink::WebCryptoAlgorithm import_algorithm = |
2740 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2780 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
2741 blink::WebCryptoAlgorithmIdSha1); | 2781 blink::WebCryptoAlgorithmIdSha1); |
2742 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 2782 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
2743 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 2783 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
2744 ASSERT_NO_FATAL_FAILURE( | 2784 ASSERT_NO_FATAL_FAILURE( |
(...skipping 1462 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
4207 &private_key)); | 4247 &private_key)); |
4208 | 4248 |
4209 EXPECT_EQ(0, public_key.usages()); | 4249 EXPECT_EQ(0, public_key.usages()); |
4210 EXPECT_EQ(blink::WebCryptoKeyUsageSign, private_key.usages()); | 4250 EXPECT_EQ(blink::WebCryptoKeyUsageSign, private_key.usages()); |
4211 } | 4251 } |
4212 | 4252 |
4213 // Generate an AES-CBC key and an RSA key pair. Use the AES-CBC key to wrap the | 4253 // Generate an AES-CBC key and an RSA key pair. Use the AES-CBC key to wrap the |
4214 // key pair (using SPKI format for public key, PKCS8 format for private key). | 4254 // key pair (using SPKI format for public key, PKCS8 format for private key). |
4215 // Then unwrap the wrapped key pair and verify that the key data is the same. | 4255 // Then unwrap the wrapped key pair and verify that the key data is the same. |
4216 TEST_F(SharedCryptoTest, MAYBE(WrapUnwrapRoundtripSpkiPkcs8UsingAesCbc)) { | 4256 TEST_F(SharedCryptoTest, MAYBE(WrapUnwrapRoundtripSpkiPkcs8UsingAesCbc)) { |
| 4257 if (!SupportsRsaKeyImport()) |
| 4258 return; |
| 4259 |
4217 // Generate the wrapping key. | 4260 // Generate the wrapping key. |
4218 blink::WebCryptoKey wrapping_key = blink::WebCryptoKey::createNull(); | 4261 blink::WebCryptoKey wrapping_key = blink::WebCryptoKey::createNull(); |
4219 ASSERT_EQ(Status::Success(), | 4262 ASSERT_EQ(Status::Success(), |
4220 GenerateSecretKey(CreateAesCbcKeyGenAlgorithm(128), | 4263 GenerateSecretKey(CreateAesCbcKeyGenAlgorithm(128), |
4221 true, | 4264 true, |
4222 blink::WebCryptoKeyUsageWrapKey | | 4265 blink::WebCryptoKeyUsageWrapKey | |
4223 blink::WebCryptoKeyUsageUnwrapKey, | 4266 blink::WebCryptoKeyUsageUnwrapKey, |
4224 &wrapping_key)); | 4267 &wrapping_key)); |
4225 | 4268 |
4226 // Generate an RSA key pair to be wrapped. | 4269 // Generate an RSA key pair to be wrapped. |
(...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
4317 EXPECT_EQ(public_key_spki, unwrapped_public_key_spki); | 4360 EXPECT_EQ(public_key_spki, unwrapped_public_key_spki); |
4318 EXPECT_EQ(private_key_pkcs8, unwrapped_private_key_pkcs8); | 4361 EXPECT_EQ(private_key_pkcs8, unwrapped_private_key_pkcs8); |
4319 | 4362 |
4320 EXPECT_NE(public_key_spki, wrapped_public_key); | 4363 EXPECT_NE(public_key_spki, wrapped_public_key); |
4321 EXPECT_NE(private_key_pkcs8, wrapped_private_key); | 4364 EXPECT_NE(private_key_pkcs8, wrapped_private_key); |
4322 } | 4365 } |
4323 | 4366 |
4324 } // namespace webcrypto | 4367 } // namespace webcrypto |
4325 | 4368 |
4326 } // namespace content | 4369 } // namespace content |
OLD | NEW |