Chromium Code Reviews| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <algorithm> | 5 #include <algorithm> |
| 6 #include <string> | 6 #include <string> |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "base/basictypes.h" | 9 #include "base/basictypes.h" |
| 10 #include "base/file_util.h" | 10 #include "base/file_util.h" |
| (...skipping 2608 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2619 | 2619 |
| 2620 // Re-generate an extractable private_key and try to export it as SPKI format. | 2620 // Re-generate an extractable private_key and try to export it as SPKI format. |
| 2621 // This should fail since spki is for public keys. | 2621 // This should fail since spki is for public keys. |
| 2622 EXPECT_EQ( | 2622 EXPECT_EQ( |
| 2623 Status::Success(), | 2623 Status::Success(), |
| 2624 GenerateKeyPair(algorithm, true, usage_mask, &public_key, &private_key)); | 2624 GenerateKeyPair(algorithm, true, usage_mask, &public_key, &private_key)); |
| 2625 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), | 2625 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), |
| 2626 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output)); | 2626 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output)); |
| 2627 } | 2627 } |
| 2628 | 2628 |
| 2629 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyPairRsaBadModulusLength)) { | 2629 TEST_F(SharedCryptoTest, GenerateKeyPairRsaBadModulusLength) { |
| 2630 const unsigned int kBadModulus[] = { | 2630 const unsigned int kBadModulusBits[] = { |
| 2631 0, | 2631 0, |
| 2632 255, // Not a multiple of 8. | 2632 248, // Too small. |
| 2633 257, // Not a multiple of 8. | |
| 2633 1023, // Not a multiple of 8. | 2634 1023, // Not a multiple of 8. |
| 2634 0xFFFFFFFF, // Cannot fit in a signed int. | 2635 0xFFFFFFFF, // Too big. |
| 2635 16384 + 8, // 16384 is the maxmimum length that NSS succeeds for. | 2636 16384 + 8, // 16384 is the maxmimum length that NSS succeeds for. |
| 2636 }; | 2637 }; |
| 2637 | 2638 |
| 2638 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); | 2639 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); |
| 2639 | 2640 |
| 2640 for (size_t i = 0; i < arraysize(kBadModulus); ++i) { | 2641 for (size_t i = 0; i < arraysize(kBadModulusBits); ++i) { |
| 2641 const unsigned int modulus_length = kBadModulus[i]; | 2642 const unsigned int modulus_length_bits = kBadModulusBits[i]; |
| 2642 blink::WebCryptoAlgorithm algorithm = CreateRsaHashedKeyGenAlgorithm( | 2643 blink::WebCryptoAlgorithm algorithm = CreateRsaHashedKeyGenAlgorithm( |
| 2643 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2644 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 2644 blink::WebCryptoAlgorithmIdSha256, | 2645 blink::WebCryptoAlgorithmIdSha256, |
| 2645 modulus_length, | 2646 modulus_length_bits, |
| 2646 public_exponent); | 2647 public_exponent); |
| 2647 bool extractable = true; | 2648 bool extractable = true; |
| 2648 const blink::WebCryptoKeyUsageMask usage_mask = 0; | 2649 const blink::WebCryptoKeyUsageMask usage_mask = 0; |
| 2649 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 2650 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
| 2650 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 2651 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
| 2651 | 2652 |
| 2652 EXPECT_FALSE( | 2653 const Status expected_error = |
| 2654 modulus_length_bits == 0 ? Status::ErrorGenerateRsaZeroModulus() | |
|
Ryan Sleevi
2014/07/21 21:36:45
Why is this a special case? Just seems like it sho
eroman
2014/07/21 21:52:21
Done.
Indeed, not sure why this was a separate er
| |
| 2655 : Status::ErrorGenerateRsaUnsupportedModulus(); | |
| 2656 | |
| 2657 EXPECT_EQ( | |
| 2658 expected_error, | |
| 2653 GenerateKeyPair( | 2659 GenerateKeyPair( |
| 2654 algorithm, extractable, usage_mask, &public_key, &private_key) | 2660 algorithm, extractable, usage_mask, &public_key, &private_key)); |
| 2655 .IsSuccess()); | |
| 2656 } | 2661 } |
| 2657 } | 2662 } |
| 2658 | 2663 |
| 2659 // Try generating RSA key pairs using unsupported public exponents. Only | 2664 // Try generating RSA key pairs using unsupported public exponents. Only |
| 2660 // exponents of 3 and 65537 are supported. While both OpenSSL and NSS can | 2665 // exponents of 3 and 65537 are supported. While both OpenSSL and NSS can |
| 2661 // support other values, OpenSSL hangs when given invalid exponents, so use a | 2666 // support other values, OpenSSL hangs when given invalid exponents, so use a |
| 2662 // whitelist to validate the parameters. | 2667 // whitelist to validate the parameters. |
| 2663 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyPairRsaBadExponent)) { | 2668 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyPairRsaBadExponent)) { |
| 2664 const unsigned int modulus_length = 1024; | 2669 const unsigned int modulus_length = 1024; |
| 2665 | 2670 |
| (...skipping 1753 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 4419 EXPECT_EQ(public_key_spki, unwrapped_public_key_spki); | 4424 EXPECT_EQ(public_key_spki, unwrapped_public_key_spki); |
| 4420 EXPECT_EQ(private_key_pkcs8, unwrapped_private_key_pkcs8); | 4425 EXPECT_EQ(private_key_pkcs8, unwrapped_private_key_pkcs8); |
| 4421 | 4426 |
| 4422 EXPECT_NE(public_key_spki, wrapped_public_key); | 4427 EXPECT_NE(public_key_spki, wrapped_public_key); |
| 4423 EXPECT_NE(private_key_pkcs8, wrapped_private_key); | 4428 EXPECT_NE(private_key_pkcs8, wrapped_private_key); |
| 4424 } | 4429 } |
| 4425 | 4430 |
| 4426 } // namespace webcrypto | 4431 } // namespace webcrypto |
| 4427 | 4432 |
| 4428 } // namespace content | 4433 } // namespace content |
| OLD | NEW |