| OLD | NEW |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <algorithm> | 5 #include <algorithm> |
| 6 #include <string> | 6 #include <string> |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "base/basictypes.h" | 9 #include "base/basictypes.h" |
| 10 #include "base/file_util.h" | 10 #include "base/file_util.h" |
| (...skipping 2424 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2435 ASSERT_EQ(Status::OperationError(), | 2435 ASSERT_EQ(Status::OperationError(), |
| 2436 ImportKeyJwkFromDict(dict, | 2436 ImportKeyJwkFromDict(dict, |
| 2437 CreateRsaHashedImportAlgorithm( | 2437 CreateRsaHashedImportAlgorithm( |
| 2438 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2438 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 2439 blink::WebCryptoAlgorithmIdSha1), | 2439 blink::WebCryptoAlgorithmIdSha1), |
| 2440 true, | 2440 true, |
| 2441 blink::WebCryptoKeyUsageSign, | 2441 blink::WebCryptoKeyUsageSign, |
| 2442 &key)); | 2442 &key)); |
| 2443 } | 2443 } |
| 2444 | 2444 |
| 2445 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyPairRsa)) { | 2445 TEST_F(SharedCryptoTest, GenerateKeyPairRsa) { |
| 2446 // Note: using unrealistic short key lengths here to avoid bogging down tests. | 2446 // Note: using unrealistic short key lengths here to avoid bogging down tests. |
| 2447 | 2447 |
| 2448 // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation (sha256) | 2448 // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation (sha256) |
| 2449 const unsigned int modulus_length = 256; | 2449 const unsigned int modulus_length = 256; |
| 2450 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); | 2450 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); |
| 2451 blink::WebCryptoAlgorithm algorithm = | 2451 blink::WebCryptoAlgorithm algorithm = |
| 2452 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 2452 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 2453 blink::WebCryptoAlgorithmIdSha256, | 2453 blink::WebCryptoAlgorithmIdSha256, |
| 2454 modulus_length, | 2454 modulus_length, |
| 2455 public_exponent); | 2455 public_exponent); |
| (...skipping 163 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2619 | 2619 |
| 2620 // Re-generate an extractable private_key and try to export it as SPKI format. | 2620 // Re-generate an extractable private_key and try to export it as SPKI format. |
| 2621 // This should fail since spki is for public keys. | 2621 // This should fail since spki is for public keys. |
| 2622 EXPECT_EQ( | 2622 EXPECT_EQ( |
| 2623 Status::Success(), | 2623 Status::Success(), |
| 2624 GenerateKeyPair(algorithm, true, usage_mask, &public_key, &private_key)); | 2624 GenerateKeyPair(algorithm, true, usage_mask, &public_key, &private_key)); |
| 2625 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), | 2625 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), |
| 2626 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output)); | 2626 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output)); |
| 2627 } | 2627 } |
| 2628 | 2628 |
| 2629 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyPairRsaBadModulusLength)) { | 2629 TEST_F(SharedCryptoTest, GenerateKeyPairRsaBadModulusLength) { |
| 2630 const unsigned int kBadModulusBits[] = { | 2630 const unsigned int kBadModulusBits[] = { |
| 2631 0, | 2631 0, |
| 2632 248, // Too small. | 2632 248, // Too small. |
| 2633 257, // Not a multiple of 8. | 2633 257, // Not a multiple of 8. |
| 2634 1023, // Not a multiple of 8. | 2634 1023, // Not a multiple of 8. |
| 2635 0xFFFFFFFF, // Too big. | 2635 0xFFFFFFFF, // Too big. |
| 2636 16384 + 8, // 16384 is the maxmimum length that NSS succeeds for. | 2636 16384 + 8, // 16384 is the maxmimum length that NSS succeeds for. |
| 2637 }; | 2637 }; |
| 2638 | 2638 |
| 2639 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); | 2639 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); |
| (...skipping 14 matching lines...) Expand all Loading... |
| 2654 Status::ErrorGenerateRsaUnsupportedModulus(), | 2654 Status::ErrorGenerateRsaUnsupportedModulus(), |
| 2655 GenerateKeyPair( | 2655 GenerateKeyPair( |
| 2656 algorithm, extractable, usage_mask, &public_key, &private_key)); | 2656 algorithm, extractable, usage_mask, &public_key, &private_key)); |
| 2657 } | 2657 } |
| 2658 } | 2658 } |
| 2659 | 2659 |
| 2660 // Try generating RSA key pairs using unsupported public exponents. Only | 2660 // Try generating RSA key pairs using unsupported public exponents. Only |
| 2661 // exponents of 3 and 65537 are supported. While both OpenSSL and NSS can | 2661 // exponents of 3 and 65537 are supported. While both OpenSSL and NSS can |
| 2662 // support other values, OpenSSL hangs when given invalid exponents, so use a | 2662 // support other values, OpenSSL hangs when given invalid exponents, so use a |
| 2663 // whitelist to validate the parameters. | 2663 // whitelist to validate the parameters. |
| 2664 TEST_F(SharedCryptoTest, MAYBE(GenerateKeyPairRsaBadExponent)) { | 2664 TEST_F(SharedCryptoTest, GenerateKeyPairRsaBadExponent) { |
| 2665 const unsigned int modulus_length = 1024; | 2665 const unsigned int modulus_length = 1024; |
| 2666 | 2666 |
| 2667 const char* const kPublicExponents[] = { | 2667 const char* const kPublicExponents[] = { |
| 2668 "11", // 17 - This is a valid public exponent, but currently disallowed. | 2668 "11", // 17 - This is a valid public exponent, but currently disallowed. |
| 2669 "00", | 2669 "00", |
| 2670 "01", | 2670 "01", |
| 2671 "02", | 2671 "02", |
| 2672 "010000", // 65536 | 2672 "010000", // 65536 |
| 2673 }; | 2673 }; |
| 2674 | 2674 |
| (...skipping 1548 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 4223 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 4223 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
| 4224 | 4224 |
| 4225 ASSERT_EQ(Status::ErrorCreateKeyBadUsages(), | 4225 ASSERT_EQ(Status::ErrorCreateKeyBadUsages(), |
| 4226 GenerateSecretKey( | 4226 GenerateSecretKey( |
| 4227 CreateAesCbcKeyGenAlgorithm(128), true, bad_usages[i], &key)); | 4227 CreateAesCbcKeyGenAlgorithm(128), true, bad_usages[i], &key)); |
| 4228 } | 4228 } |
| 4229 } | 4229 } |
| 4230 | 4230 |
| 4231 // Generate an RSA-SSA key pair with invalid usages. RSA-SSA supports: | 4231 // Generate an RSA-SSA key pair with invalid usages. RSA-SSA supports: |
| 4232 // 'sign', 'verify' | 4232 // 'sign', 'verify' |
| 4233 TEST_F(SharedCryptoTest, MAYBE(GenerateRsaSsaBadUsages)) { | 4233 TEST_F(SharedCryptoTest, GenerateRsaSsaBadUsages) { |
| 4234 blink::WebCryptoKeyUsageMask bad_usages[] = { | 4234 blink::WebCryptoKeyUsageMask bad_usages[] = { |
| 4235 blink::WebCryptoKeyUsageDecrypt, | 4235 blink::WebCryptoKeyUsageDecrypt, |
| 4236 blink::WebCryptoKeyUsageVerify | blink::WebCryptoKeyUsageDecrypt, | 4236 blink::WebCryptoKeyUsageVerify | blink::WebCryptoKeyUsageDecrypt, |
| 4237 blink::WebCryptoKeyUsageWrapKey, | 4237 blink::WebCryptoKeyUsageWrapKey, |
| 4238 }; | 4238 }; |
| 4239 | 4239 |
| 4240 const unsigned int modulus_length = 256; | 4240 const unsigned int modulus_length = 256; |
| 4241 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); | 4241 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); |
| 4242 | 4242 |
| 4243 for (size_t i = 0; i < arraysize(bad_usages); ++i) { | 4243 for (size_t i = 0; i < arraysize(bad_usages); ++i) { |
| (...skipping 11 matching lines...) Expand all Loading... |
| 4255 true, | 4255 true, |
| 4256 bad_usages[i], | 4256 bad_usages[i], |
| 4257 &public_key, | 4257 &public_key, |
| 4258 &private_key)); | 4258 &private_key)); |
| 4259 } | 4259 } |
| 4260 } | 4260 } |
| 4261 | 4261 |
| 4262 // Generate an RSA-SSA key pair. The public and private keys should select the | 4262 // Generate an RSA-SSA key pair. The public and private keys should select the |
| 4263 // key usages which are applicable, and not have the exact same usages as was | 4263 // key usages which are applicable, and not have the exact same usages as was |
| 4264 // specified to GenerateKey | 4264 // specified to GenerateKey |
| 4265 TEST_F(SharedCryptoTest, MAYBE(GenerateRsaSsaKeyPairIntersectUsages)) { | 4265 TEST_F(SharedCryptoTest, GenerateRsaSsaKeyPairIntersectUsages) { |
| 4266 const unsigned int modulus_length = 256; | 4266 const unsigned int modulus_length = 256; |
| 4267 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); | 4267 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); |
| 4268 | 4268 |
| 4269 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 4269 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
| 4270 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 4270 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
| 4271 | 4271 |
| 4272 ASSERT_EQ(Status::Success(), | 4272 ASSERT_EQ(Status::Success(), |
| 4273 GenerateKeyPair( | 4273 GenerateKeyPair( |
| 4274 CreateRsaHashedKeyGenAlgorithm( | 4274 CreateRsaHashedKeyGenAlgorithm( |
| 4275 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 4275 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| (...skipping 134 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 4410 EXPECT_EQ(public_key_spki, unwrapped_public_key_spki); | 4410 EXPECT_EQ(public_key_spki, unwrapped_public_key_spki); |
| 4411 EXPECT_EQ(private_key_pkcs8, unwrapped_private_key_pkcs8); | 4411 EXPECT_EQ(private_key_pkcs8, unwrapped_private_key_pkcs8); |
| 4412 | 4412 |
| 4413 EXPECT_NE(public_key_spki, wrapped_public_key); | 4413 EXPECT_NE(public_key_spki, wrapped_public_key); |
| 4414 EXPECT_NE(private_key_pkcs8, wrapped_private_key); | 4414 EXPECT_NE(private_key_pkcs8, wrapped_private_key); |
| 4415 } | 4415 } |
| 4416 | 4416 |
| 4417 } // namespace webcrypto | 4417 } // namespace webcrypto |
| 4418 | 4418 |
| 4419 } // namespace content | 4419 } // namespace content |
| OLD | NEW |