Refactor RSA key generation for WebCrypto's NSS implementation.

content/child/webcrypto/shared_crypto_unittest.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <algorithm>
 #include <string>
 #include <vector>
 
 #include "base/basictypes.h"
 #include "base/file_util.h"
@@ skipping 2608 matching lines @@
 
   // Re-generate an extractable private_key and try to export it as SPKI format.
   // This should fail since spki is for public keys.
   EXPECT_EQ(
       Status::Success(),
       GenerateKeyPair(algorithm, true, usage_mask, &public_key, &private_key));
   EXPECT_EQ(Status::ErrorUnexpectedKeyType(),
             ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output));
 }
 
-TEST_F(SharedCryptoTest, MAYBE(GenerateKeyPairRsaBadModulusLength)) {
-  const unsigned int kBadModulus[] = {
+TEST_F(SharedCryptoTest, GenerateKeyPairRsaBadModulusLength) {
+  const unsigned int kBadModulusBits[] = {
       0,
-      255,         // Not a multiple of 8.
+      248,         // Too small.
+      257,         // Not a multiple of 8.
       1023,        // Not a multiple of 8.
-      0xFFFFFFFF,  // Cannot fit in a signed int.
+      0xFFFFFFFF,  // Too big.
       16384 + 8,   // 16384 is the maxmimum length that NSS succeeds for.
   };
 
   const std::vector<uint8_t> public_exponent = HexStringToBytes("010001");
 
-  for (size_t i = 0; i < arraysize(kBadModulus); ++i) {
-    const unsigned int modulus_length = kBadModulus[i];
+  for (size_t i = 0; i < arraysize(kBadModulusBits); ++i) {
+    const unsigned int modulus_length_bits = kBadModulusBits[i];
     blink::WebCryptoAlgorithm algorithm = CreateRsaHashedKeyGenAlgorithm(
         blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5,
         blink::WebCryptoAlgorithmIdSha256,
-        modulus_length,
+        modulus_length_bits,
         public_exponent);
     bool extractable = true;
     const blink::WebCryptoKeyUsageMask usage_mask = 0;
     blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull();
     blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull();
 
-    EXPECT_FALSE(
+    const Status expected_error =
+        modulus_length_bits == 0 ? Status::ErrorGenerateRsaZeroModulus()

[Ryan Sleevi, 2014/07/21 21:36:45]

Why is this a special case? Just seems like it should fall through to
unsupported.

[eroman, 2014/07/21 21:52:21]

Done.

Indeed, not sure why this was a separate error

+                                 : Status::ErrorGenerateRsaUnsupportedModulus();
+
+    EXPECT_EQ(
+        expected_error,
         GenerateKeyPair(
-            algorithm, extractable, usage_mask, &public_key, &private_key)
-            .IsSuccess());
+            algorithm, extractable, usage_mask, &public_key, &private_key));
   }
 }
 
 // Try generating RSA key pairs using unsupported public exponents. Only
 // exponents of 3 and 65537 are supported. While both OpenSSL and NSS can
 // support other values, OpenSSL hangs when given invalid exponents, so use a
 // whitelist to validate the parameters.
 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyPairRsaBadExponent)) {
   const unsigned int modulus_length = 1024;
 
@@ skipping 1753 matching lines @@
   EXPECT_EQ(public_key_spki, unwrapped_public_key_spki);
   EXPECT_EQ(private_key_pkcs8, unwrapped_private_key_pkcs8);
 
   EXPECT_NE(public_key_spki, wrapped_public_key);
   EXPECT_NE(private_key_pkcs8, wrapped_private_key);
 }
 
 }  // namespace webcrypto
 
 }  // namespace content