Chromium Code Reviews Chromium Code Reviews
Issue 34583010:
[webcrypto] Add RSA key generation using NSS. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "webcrypto_impl.h" | 5 #include "webcrypto_impl.h" |
| 6 | 6 |
| 7 #include "base/basictypes.h" | 7 #include "base/basictypes.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/memory/ref_counted.h" | 9 #include "base/memory/ref_counted.h" |
| 10 #include "base/strings/string_number_conversions.h" | 10 #include "base/strings/string_number_conversions.h" |
| (...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 52 return &data[0]; | 52 return &data[0]; |
| 53 } | 53 } |
| 54 | 54 |
| 55 WebKit::WebCryptoAlgorithm CreateAesCbcAlgorithm( | 55 WebKit::WebCryptoAlgorithm CreateAesCbcAlgorithm( |
| 56 const std::vector<uint8>& iv) { | 56 const std::vector<uint8>& iv) { |
| 57 return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate( | 57 return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate( |
| 58 WebKit::WebCryptoAlgorithmIdAesCbc, | 58 WebKit::WebCryptoAlgorithmIdAesCbc, |
| 59 new WebKit::WebCryptoAesCbcParams(Start(iv), iv.size())); | 59 new WebKit::WebCryptoAesCbcParams(Start(iv), iv.size())); |
| 60 } | 60 } |
| 61 | 61 |
| 62 WebKit::WebCryptoAlgorithm CreateRsaAlgorithm( | |
| 63 WebKit::WebCryptoAlgorithmId algorithm_id, | |
| 64 unsigned modulus_length, | |
| 65 const std::vector<unsigned char>& public_exponent) { | |
| 66 DCHECK(algorithm_id == WebKit::WebCryptoAlgorithmIdRsaEsPkcs1v1_5 || | |
| 67 algorithm_id == WebKit::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 || | |
| 68 algorithm_id == WebKit::WebCryptoAlgorithmIdRsaOaep); | |
| 69 return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate( | |
| 70 algorithm_id, | |
| 71 new WebKit::WebCryptoRsaKeyGenParams( | |
| 72 modulus_length, Start(public_exponent), public_exponent.size())); | |
| 73 } | |
| 74 | |
| 62 } // namespace | 75 } // namespace |
| 63 | 76 |
| 64 namespace content { | 77 namespace content { |
| 65 | 78 |
| 66 class WebCryptoImplTest : public testing::Test { | 79 class WebCryptoImplTest : public testing::Test { |
| 67 protected: | 80 protected: |
| 68 WebKit::WebCryptoKey ImportSecretKeyFromRawHexString( | 81 WebKit::WebCryptoKey ImportSecretKeyFromRawHexString( |
| 69 const std::string& key_hex, | 82 const std::string& key_hex, |
| 70 const WebKit::WebCryptoAlgorithm& algorithm, | 83 const WebKit::WebCryptoAlgorithm& algorithm, |
| 71 WebKit::WebCryptoKeyUsageMask usage) { | 84 WebKit::WebCryptoKeyUsageMask usage) { |
| (...skipping 27 matching lines...) Expand all Loading... | |
| 99 return crypto_.DigestInternal(algorithm, Start(data), data.size(), buffer); | 112 return crypto_.DigestInternal(algorithm, Start(data), data.size(), buffer); |
| 100 } | 113 } |
| 101 | 114 |
| 102 bool GenerateKeyInternal( | 115 bool GenerateKeyInternal( |
| 103 const WebKit::WebCryptoAlgorithm& algorithm, | 116 const WebKit::WebCryptoAlgorithm& algorithm, |
| 104 scoped_ptr<WebKit::WebCryptoKeyHandle>* handle, | 117 scoped_ptr<WebKit::WebCryptoKeyHandle>* handle, |
| 105 WebKit::WebCryptoKeyType* type) { | 118 WebKit::WebCryptoKeyType* type) { |
| 106 return crypto_.GenerateKeyInternal(algorithm, handle, type); | 119 return crypto_.GenerateKeyInternal(algorithm, handle, type); |
| 107 } | 120 } |
| 108 | 121 |
| 122 bool GenerateKeyPairInternal( | |
| 123 const WebKit::WebCryptoAlgorithm& algorithm, | |
| 124 scoped_ptr<WebKit::WebCryptoKeyHandle>* public_key, | |
| 125 scoped_ptr<WebKit::WebCryptoKeyHandle>* private_key) { | |
| 126 return crypto_.GenerateKeyPairInternal(algorithm, public_key, private_key); | |
| 127 } | |
| 128 | |
| 109 bool ImportKeyInternal( | 129 bool ImportKeyInternal( |
| 110 WebKit::WebCryptoKeyFormat format, | 130 WebKit::WebCryptoKeyFormat format, |
| 111 const std::vector<uint8>& key_data, | 131 const std::vector<uint8>& key_data, |
| 112 const WebKit::WebCryptoAlgorithm& algorithm, | 132 const WebKit::WebCryptoAlgorithm& algorithm, |
| 113 WebKit::WebCryptoKeyUsageMask usage_mask, | 133 WebKit::WebCryptoKeyUsageMask usage_mask, |
| 114 scoped_ptr<WebKit::WebCryptoKeyHandle>* handle, | 134 scoped_ptr<WebKit::WebCryptoKeyHandle>* handle, |
| 115 WebKit::WebCryptoKeyType* type) { | 135 WebKit::WebCryptoKeyType* type) { |
| 116 return crypto_.ImportKeyInternal(format, | 136 return crypto_.ImportKeyInternal(format, |
| 117 Start(key_data), | 137 Start(key_data), |
| 118 key_data.size(), | 138 key_data.size(), |
| (...skipping 543 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 662 WebKit::WebCryptoAlgorithmIdHmac, params.release())); | 682 WebKit::WebCryptoAlgorithmIdHmac, params.release())); |
| 663 | 683 |
| 664 scoped_ptr<WebKit::WebCryptoKeyHandle> result; | 684 scoped_ptr<WebKit::WebCryptoKeyHandle> result; |
| 665 WebKit::WebCryptoKeyType type = WebKit::WebCryptoKeyTypePublic; | 685 WebKit::WebCryptoKeyType type = WebKit::WebCryptoKeyTypePublic; |
| 666 | 686 |
| 667 ASSERT_TRUE(GenerateKeyInternal(algorithm, &result, &type)); | 687 ASSERT_TRUE(GenerateKeyInternal(algorithm, &result, &type)); |
| 668 EXPECT_TRUE(bool(result)); | 688 EXPECT_TRUE(bool(result)); |
| 669 EXPECT_EQ(type, WebKit::WebCryptoKeyTypeSecret); | 689 EXPECT_EQ(type, WebKit::WebCryptoKeyTypeSecret); |
| 670 } | 690 } |
| 671 | 691 |
| 672 #endif //#if !defined(USE_OPENSSL) | 692 TEST_F(WebCryptoImplTest, GenerateKeyPairRsa) { |
| 693 | |
| 694 // Note: using unrealistic short key lengths here to avoid bogging down tests. | |
| 695 | |
| 696 // happy WebCryptoAlgorithmIdRsaEsPkcs1v1_5 key gen | |
| 697 unsigned modulus_length = 256; | |
| 698 const unsigned char f4[3] = {0x01, 0x00, 0x01}; | |
| 699 std::vector<unsigned char> public_exponent(&f4[0], &f4[0] + sizeof(f4)); | |
|
eroman
2013/10/24 22:28:59
[optional] You may consider using HexStringToBytes
padolph
2013/10/25 01:21:46
Done.
| |
| 700 WebKit::WebCryptoAlgorithm algorithm = | |
| 701 CreateRsaAlgorithm(WebKit::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | |
| 702 modulus_length, | |
| 703 public_exponent); | |
| 704 scoped_ptr<WebKit::WebCryptoKeyHandle> public_key_handle; | |
| 705 scoped_ptr<WebKit::WebCryptoKeyHandle> private_key_handle; | |
| 706 EXPECT_TRUE(GenerateKeyPairInternal( | |
| 707 algorithm, &public_key_handle, &private_key_handle)); | |
| 708 EXPECT_TRUE(public_key_handle); | |
| 709 EXPECT_TRUE(private_key_handle); | |
| 710 | |
| 711 // bad modulus | |
| 712 modulus_length = 0; | |
| 713 algorithm = CreateRsaAlgorithm(WebKit::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | |
| 714 modulus_length, | |
| 715 public_exponent); | |
| 716 EXPECT_FALSE(GenerateKeyPairInternal( | |
| 717 algorithm, &public_key_handle, &private_key_handle)); | |
| 718 modulus_length = 256; // restore modulus_length for next test | |
| 719 | |
| 720 // bad exponent, larger than unsigned long | |
| 721 unsigned exponent_length = sizeof(unsigned long) + 1; | |
| 722 const std::vector<unsigned char> long_exponent(exponent_length, 0x01); | |
| 723 algorithm = CreateRsaAlgorithm(WebKit::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | |
| 724 modulus_length, | |
| 725 long_exponent); | |
| 726 EXPECT_FALSE(GenerateKeyPairInternal( | |
| 727 algorithm, &public_key_handle, &private_key_handle)); | |
| 728 | |
| 729 // bad exponent, empty | |
| 730 const std::vector<unsigned char> empty_exponent; | |
| 731 algorithm = CreateRsaAlgorithm(WebKit::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | |
| 732 modulus_length, | |
| 733 empty_exponent); | |
| 734 EXPECT_FALSE(GenerateKeyPairInternal( | |
| 735 algorithm, &public_key_handle, &private_key_handle)); | |
| 736 | |
| 737 // bad exponent, all zeros | |
| 738 std::vector<unsigned char> exponent_with_leading_zeros(15, 0x00); | |
| 739 algorithm = CreateRsaAlgorithm(WebKit::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | |
| 740 modulus_length, | |
| 741 exponent_with_leading_zeros); | |
| 742 EXPECT_FALSE(GenerateKeyPairInternal( | |
| 743 algorithm, &public_key_handle, &private_key_handle)); | |
| 744 | |
| 745 // good exponent with leading zeros | |
| 746 exponent_with_leading_zeros.insert(exponent_with_leading_zeros.end(), | |
| 747 public_exponent.begin(), | |
| 748 public_exponent.end()); | |
| 749 algorithm = CreateRsaAlgorithm(WebKit::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, | |
| 750 modulus_length, | |
| 751 exponent_with_leading_zeros); | |
| 752 EXPECT_TRUE(GenerateKeyPairInternal( | |
| 753 algorithm, &public_key_handle, &private_key_handle)); | |
| 754 EXPECT_TRUE(public_key_handle); | |
| 755 EXPECT_TRUE(private_key_handle); | |
| 756 | |
| 757 // happy WebCryptoAlgorithmIdRsaOaep | |
| 758 algorithm = CreateRsaAlgorithm(WebKit::WebCryptoAlgorithmIdRsaOaep, | |
| 759 modulus_length, | |
| 760 public_exponent); | |
| 761 EXPECT_TRUE(GenerateKeyPairInternal( | |
| 762 algorithm, &public_key_handle, &private_key_handle)); | |
| 763 EXPECT_TRUE(public_key_handle); | |
| 764 EXPECT_TRUE(private_key_handle); | |
| 765 | |
| 766 // happy WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 | |
| 767 algorithm = CreateRsaAlgorithm(WebKit::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | |
| 768 modulus_length, | |
| 769 public_exponent); | |
| 770 EXPECT_TRUE(GenerateKeyPairInternal( | |
| 771 algorithm, &public_key_handle, &private_key_handle)); | |
| 772 EXPECT_TRUE(public_key_handle); | |
| 773 EXPECT_TRUE(private_key_handle); | |
| 774 } | |
| 775 | |
| 776 #endif // #if !defined(USE_OPENSSL) | |
| 673 | 777 |
| 674 } // namespace content | 778 } // namespace content |
| OLD | NEW |
