Chromium Code Reviews Chromium Code Reviews
Issue 34583010:
[webcrypto] Add RSA key generation using NSS. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: content/renderer/webcrypto/webcrypto_impl_unittest.cc |
| diff --git a/content/renderer/webcrypto/webcrypto_impl_unittest.cc b/content/renderer/webcrypto/webcrypto_impl_unittest.cc |
| index 99d71ea395b3df2c06b78aa9528994568fd86178..f4981fca4a86cd4eae1cefd6fa78689fd04fce86 100644 |
| --- a/content/renderer/webcrypto/webcrypto_impl_unittest.cc |
| +++ b/content/renderer/webcrypto/webcrypto_impl_unittest.cc |
| @@ -15,6 +15,7 @@ |
| #include "third_party/WebKit/public/platform/WebArrayBuffer.h" |
| #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" |
| #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" |
| +#include "third_party/WebKit/public/platform/WebCryptoKey.h" |
| namespace { |
| @@ -77,6 +78,19 @@ WebKit::WebCryptoAlgorithm CreateAesCbcAlgorithm( |
| new WebKit::WebCryptoAesKeyGenParams(key_length_bits)); |
| } |
| +WebKit::WebCryptoAlgorithm CreateRsaAlgorithm( |
| + WebKit::WebCryptoAlgorithmId algorithm_id, |
| + unsigned modulus_length, |
| + const std::vector<uint8>& public_exponent) { |
| + DCHECK(algorithm_id == WebKit::WebCryptoAlgorithmIdRsaEsPkcs1v1_5 || |
| + algorithm_id == WebKit::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 || |
| + algorithm_id == WebKit::WebCryptoAlgorithmIdRsaOaep); |
| + return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate( |
| + algorithm_id, |
| + new WebKit::WebCryptoRsaKeyGenParams( |
| + modulus_length, Start(public_exponent), public_exponent.size())); |
| +} |
| + |
| } // namespace |
| namespace content { |
| @@ -122,6 +136,16 @@ class WebCryptoImplTest : public testing::Test { |
| return crypto_.GenerateKeyInternal(algorithm, extractable, usage_mask, key); |
| } |
| + bool GenerateKeyPairInternal( |
| + const WebKit::WebCryptoAlgorithm& algorithm, |
| + bool extractable, |
| + WebKit::WebCryptoKeyUsageMask usage_mask, |
| + WebKit::WebCryptoKey* public_key, |
| + WebKit::WebCryptoKey* private_key) { |
| + return crypto_.GenerateKeyPairInternal( |
| + algorithm, extractable, usage_mask, public_key, private_key); |
| + } |
| + |
| bool ImportKeyInternal( |
| WebKit::WebCryptoKeyFormat format, |
| const std::vector<uint8>& key_data, |
| @@ -659,4 +683,113 @@ TEST_F(WebCryptoImplTest, ImportSecretKeyNoAlgorithm) { |
| &key)); |
| } |
| +#if !defined(USE_OPENSSL) |
| + |
| +TEST_F(WebCryptoImplTest, GenerateKeyPairRsa) { |
| + |
| + // Note: using unrealistic short key lengths here to avoid bogging down tests. |
| + |
| + // Successful WebCryptoAlgorithmIdRsaEsPkcs1v1_5 key generation. |
| + const unsigned modulus_length = 256; |
| + const std::vector<uint8> public_exponent = HexStringToBytes("010001"); |
| + WebKit::WebCryptoAlgorithm algorithm = |
| + CreateRsaAlgorithm(WebKit::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
| + modulus_length, |
| + public_exponent); |
| + const bool extractable = false; |
| + const WebKit::WebCryptoKeyUsageMask usage_mask = 0; |
| + WebKit::WebCryptoKey public_key = WebCryptoImpl::NullKey(); |
|
eroman
2013/11/01 21:07:26
Can you use WebCryptoKey::createNull() throughout?
padolph
2013/11/01 21:21:35
Done.
|
| + WebKit::WebCryptoKey private_key = WebCryptoImpl::NullKey(); |
| + EXPECT_TRUE(GenerateKeyPairInternal( |
| + algorithm, extractable, usage_mask, &public_key, &private_key)); |
| + EXPECT_TRUE(!public_key.isNull()); |
| + EXPECT_TRUE(!private_key.isNull()); |
| + EXPECT_EQ(WebKit::WebCryptoKeyTypePublic, public_key.type()); |
| + EXPECT_EQ(WebKit::WebCryptoKeyTypePrivate, private_key.type()); |
| + EXPECT_EQ(extractable, public_key.extractable()); |
| + EXPECT_EQ(extractable, private_key.extractable()); |
| + EXPECT_EQ(usage_mask, public_key.usages()); |
| + EXPECT_EQ(usage_mask, private_key.usages()); |
| + |
| + // Fail with bad modulus. |
| + algorithm = CreateRsaAlgorithm( |
| + WebKit::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, 0, public_exponent); |
| + EXPECT_FALSE(GenerateKeyPairInternal( |
| + algorithm, extractable, usage_mask, &public_key, &private_key)); |
| + |
| + // Fail with bad exponent: larger than unsigned long. |
| + unsigned exponent_length = sizeof(unsigned long) + 1; |
| + const std::vector<uint8> long_exponent(exponent_length, 0x01); |
| + algorithm = CreateRsaAlgorithm(WebKit::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
| + modulus_length, |
| + long_exponent); |
| + EXPECT_FALSE(GenerateKeyPairInternal( |
| + algorithm, extractable, usage_mask, &public_key, &private_key)); |
| + |
| + // Fail with bad exponent: empty. |
| + const std::vector<uint8> empty_exponent; |
| + algorithm = CreateRsaAlgorithm(WebKit::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
| + modulus_length, |
| + empty_exponent); |
| + EXPECT_FALSE(GenerateKeyPairInternal( |
| + algorithm, extractable, usage_mask, &public_key, &private_key)); |
| + |
| + // Fail with bad exponent: all zeros. |
| + std::vector<uint8> exponent_with_leading_zeros(15, 0x00); |
| + algorithm = CreateRsaAlgorithm(WebKit::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
| + modulus_length, |
| + exponent_with_leading_zeros); |
| + EXPECT_FALSE(GenerateKeyPairInternal( |
| + algorithm, extractable, usage_mask, &public_key, &private_key)); |
| + |
| + // Key generation success using exponent with leading zeros. |
| + exponent_with_leading_zeros.insert(exponent_with_leading_zeros.end(), |
| + public_exponent.begin(), |
| + public_exponent.end()); |
| + algorithm = CreateRsaAlgorithm(WebKit::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, |
| + modulus_length, |
| + exponent_with_leading_zeros); |
| + EXPECT_TRUE(GenerateKeyPairInternal( |
| + algorithm, extractable, usage_mask, &public_key, &private_key)); |
| + EXPECT_TRUE(!public_key.isNull()); |
|
eroman
2013/11/01 21:07:26
Or alternately, EXPECT_FALSE(public_key.isNull());
padolph
2013/11/01 21:21:35
Done.
|
| + EXPECT_TRUE(!private_key.isNull()); |
| + EXPECT_EQ(WebKit::WebCryptoKeyTypePublic, public_key.type()); |
| + EXPECT_EQ(WebKit::WebCryptoKeyTypePrivate, private_key.type()); |
| + EXPECT_EQ(extractable, public_key.extractable()); |
| + EXPECT_EQ(extractable, private_key.extractable()); |
| + EXPECT_EQ(usage_mask, public_key.usages()); |
| + EXPECT_EQ(usage_mask, private_key.usages()); |
| + |
| + // Successful WebCryptoAlgorithmIdRsaOaep key generation. |
| + algorithm = CreateRsaAlgorithm( |
| + WebKit::WebCryptoAlgorithmIdRsaOaep, modulus_length, public_exponent); |
| + EXPECT_TRUE(GenerateKeyPairInternal( |
| + algorithm, extractable, usage_mask, &public_key, &private_key)); |
| + EXPECT_TRUE(!public_key.isNull()); |
| + EXPECT_TRUE(!private_key.isNull()); |
| + EXPECT_EQ(WebKit::WebCryptoKeyTypePublic, public_key.type()); |
| + EXPECT_EQ(WebKit::WebCryptoKeyTypePrivate, private_key.type()); |
| + EXPECT_EQ(extractable, public_key.extractable()); |
| + EXPECT_EQ(extractable, private_key.extractable()); |
| + EXPECT_EQ(usage_mask, public_key.usages()); |
| + EXPECT_EQ(usage_mask, private_key.usages()); |
| + |
| + // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation. |
| + algorithm = CreateRsaAlgorithm(WebKit::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| + modulus_length, |
| + public_exponent); |
| + EXPECT_TRUE(GenerateKeyPairInternal( |
| + algorithm, extractable, usage_mask, &public_key, &private_key)); |
| + EXPECT_TRUE(!public_key.isNull()); |
| + EXPECT_TRUE(!private_key.isNull()); |
| + EXPECT_EQ(WebKit::WebCryptoKeyTypePublic, public_key.type()); |
| + EXPECT_EQ(WebKit::WebCryptoKeyTypePrivate, private_key.type()); |
| + EXPECT_EQ(extractable, public_key.extractable()); |
| + EXPECT_EQ(extractable, private_key.extractable()); |
| + EXPECT_EQ(usage_mask, public_key.usages()); |
| + EXPECT_EQ(usage_mask, private_key.usages()); |
| +} |
| + |
| +#endif // #if !defined(USE_OPENSSL) |
| + |
| } // namespace content |
