| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/logging.h" | 5 #include "base/logging.h" |
| 6 #include "base/stl_util.h" | 6 #include "base/stl_util.h" |
| 7 #include "content/child/webcrypto/algorithm_dispatch.h" | 7 #include "content/child/webcrypto/algorithm_dispatch.h" |
| 8 #include "content/child/webcrypto/crypto_data.h" | 8 #include "content/child/webcrypto/crypto_data.h" |
| 9 #include "content/child/webcrypto/status.h" | 9 #include "content/child/webcrypto/status.h" |
| 10 #include "content/child/webcrypto/test/test_helpers.h" | 10 #include "content/child/webcrypto/test/test_helpers.h" |
| (...skipping 526 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 537 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 537 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 538 blink::WebCryptoAlgorithmIdSha256, | 538 blink::WebCryptoAlgorithmIdSha256, |
| 539 modulus_length, | 539 modulus_length, |
| 540 public_exponent); | 540 public_exponent); |
| 541 bool extractable = true; | 541 bool extractable = true; |
| 542 const blink::WebCryptoKeyUsageMask usage_mask = 0; | 542 const blink::WebCryptoKeyUsageMask usage_mask = 0; |
| 543 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 543 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
| 544 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 544 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
| 545 | 545 |
| 546 EXPECT_EQ(Status::Success(), | 546 EXPECT_EQ(Status::Success(), |
| 547 GenerateKeyPair( | 547 GenerateKey( |
| 548 algorithm, extractable, usage_mask, &public_key, &private_key)); | 548 algorithm, extractable, usage_mask, &public_key, &private_key)); |
| 549 EXPECT_FALSE(public_key.isNull()); | 549 EXPECT_FALSE(public_key.isNull()); |
| 550 EXPECT_FALSE(private_key.isNull()); | 550 EXPECT_FALSE(private_key.isNull()); |
| 551 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 551 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
| 552 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 552 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
| 553 EXPECT_EQ(modulus_length, | 553 EXPECT_EQ(modulus_length, |
| 554 public_key.algorithm().rsaHashedParams()->modulusLengthBits()); | 554 public_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
| 555 EXPECT_EQ(modulus_length, | 555 EXPECT_EQ(modulus_length, |
| 556 private_key.algorithm().rsaHashedParams()->modulusLengthBits()); | 556 private_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
| 557 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, | 557 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, |
| (...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 603 private_key.algorithm().rsaHashedParams()->modulusLengthBits()); | 603 private_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
| 604 } | 604 } |
| 605 | 605 |
| 606 // Fail with bad modulus. | 606 // Fail with bad modulus. |
| 607 algorithm = | 607 algorithm = |
| 608 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 608 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 609 blink::WebCryptoAlgorithmIdSha256, | 609 blink::WebCryptoAlgorithmIdSha256, |
| 610 0, | 610 0, |
| 611 public_exponent); | 611 public_exponent); |
| 612 EXPECT_EQ(Status::ErrorGenerateRsaUnsupportedModulus(), | 612 EXPECT_EQ(Status::ErrorGenerateRsaUnsupportedModulus(), |
| 613 GenerateKeyPair( | 613 GenerateKey( |
| 614 algorithm, extractable, usage_mask, &public_key, &private_key)); | 614 algorithm, extractable, usage_mask, &public_key, &private_key)); |
| 615 | 615 |
| 616 // Fail with bad exponent: larger than unsigned long. | 616 // Fail with bad exponent: larger than unsigned long. |
| 617 unsigned int exponent_length = sizeof(unsigned long) + 1; // NOLINT | 617 unsigned int exponent_length = sizeof(unsigned long) + 1; // NOLINT |
| 618 const std::vector<uint8_t> long_exponent(exponent_length, 0x01); | 618 const std::vector<uint8_t> long_exponent(exponent_length, 0x01); |
| 619 algorithm = | 619 algorithm = |
| 620 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 620 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 621 blink::WebCryptoAlgorithmIdSha256, | 621 blink::WebCryptoAlgorithmIdSha256, |
| 622 modulus_length, | 622 modulus_length, |
| 623 long_exponent); | 623 long_exponent); |
| 624 EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(), | 624 EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(), |
| 625 GenerateKeyPair( | 625 GenerateKey( |
| 626 algorithm, extractable, usage_mask, &public_key, &private_key)); | 626 algorithm, extractable, usage_mask, &public_key, &private_key)); |
| 627 | 627 |
| 628 // Fail with bad exponent: empty. | 628 // Fail with bad exponent: empty. |
| 629 const std::vector<uint8_t> empty_exponent; | 629 const std::vector<uint8_t> empty_exponent; |
| 630 algorithm = | 630 algorithm = |
| 631 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 631 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 632 blink::WebCryptoAlgorithmIdSha256, | 632 blink::WebCryptoAlgorithmIdSha256, |
| 633 modulus_length, | 633 modulus_length, |
| 634 empty_exponent); | 634 empty_exponent); |
| 635 EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(), | 635 EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(), |
| 636 GenerateKeyPair( | 636 GenerateKey( |
| 637 algorithm, extractable, usage_mask, &public_key, &private_key)); | 637 algorithm, extractable, usage_mask, &public_key, &private_key)); |
| 638 | 638 |
| 639 // Fail with bad exponent: all zeros. | 639 // Fail with bad exponent: all zeros. |
| 640 std::vector<uint8_t> exponent_with_leading_zeros(15, 0x00); | 640 std::vector<uint8_t> exponent_with_leading_zeros(15, 0x00); |
| 641 algorithm = | 641 algorithm = |
| 642 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 642 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 643 blink::WebCryptoAlgorithmIdSha256, | 643 blink::WebCryptoAlgorithmIdSha256, |
| 644 modulus_length, | 644 modulus_length, |
| 645 exponent_with_leading_zeros); | 645 exponent_with_leading_zeros); |
| 646 EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(), | 646 EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(), |
| 647 GenerateKeyPair( | 647 GenerateKey( |
| 648 algorithm, extractable, usage_mask, &public_key, &private_key)); | 648 algorithm, extractable, usage_mask, &public_key, &private_key)); |
| 649 | 649 |
| 650 // Key generation success using exponent with leading zeros. | 650 // Key generation success using exponent with leading zeros. |
| 651 exponent_with_leading_zeros.insert(exponent_with_leading_zeros.end(), | 651 exponent_with_leading_zeros.insert(exponent_with_leading_zeros.end(), |
| 652 public_exponent.begin(), | 652 public_exponent.begin(), |
| 653 public_exponent.end()); | 653 public_exponent.end()); |
| 654 algorithm = | 654 algorithm = |
| 655 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 655 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 656 blink::WebCryptoAlgorithmIdSha256, | 656 blink::WebCryptoAlgorithmIdSha256, |
| 657 modulus_length, | 657 modulus_length, |
| 658 exponent_with_leading_zeros); | 658 exponent_with_leading_zeros); |
| 659 EXPECT_EQ(Status::Success(), | 659 EXPECT_EQ(Status::Success(), |
| 660 GenerateKeyPair( | 660 GenerateKey( |
| 661 algorithm, extractable, usage_mask, &public_key, &private_key)); | 661 algorithm, extractable, usage_mask, &public_key, &private_key)); |
| 662 EXPECT_FALSE(public_key.isNull()); | 662 EXPECT_FALSE(public_key.isNull()); |
| 663 EXPECT_FALSE(private_key.isNull()); | 663 EXPECT_FALSE(private_key.isNull()); |
| 664 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 664 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
| 665 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 665 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
| 666 EXPECT_TRUE(public_key.extractable()); | 666 EXPECT_TRUE(public_key.extractable()); |
| 667 EXPECT_EQ(extractable, private_key.extractable()); | 667 EXPECT_EQ(extractable, private_key.extractable()); |
| 668 EXPECT_EQ(usage_mask, public_key.usages()); | 668 EXPECT_EQ(usage_mask, public_key.usages()); |
| 669 EXPECT_EQ(usage_mask, private_key.usages()); | 669 EXPECT_EQ(usage_mask, private_key.usages()); |
| 670 | 670 |
| 671 // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation (sha1) | 671 // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation (sha1) |
| 672 algorithm = | 672 algorithm = |
| 673 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 673 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 674 blink::WebCryptoAlgorithmIdSha1, | 674 blink::WebCryptoAlgorithmIdSha1, |
| 675 modulus_length, | 675 modulus_length, |
| 676 public_exponent); | 676 public_exponent); |
| 677 EXPECT_EQ( | 677 EXPECT_EQ( |
| 678 Status::Success(), | 678 Status::Success(), |
| 679 GenerateKeyPair(algorithm, false, usage_mask, &public_key, &private_key)); | 679 GenerateKey(algorithm, false, usage_mask, &public_key, &private_key)); |
| 680 EXPECT_FALSE(public_key.isNull()); | 680 EXPECT_FALSE(public_key.isNull()); |
| 681 EXPECT_FALSE(private_key.isNull()); | 681 EXPECT_FALSE(private_key.isNull()); |
| 682 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 682 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
| 683 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 683 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
| 684 EXPECT_EQ(modulus_length, | 684 EXPECT_EQ(modulus_length, |
| 685 public_key.algorithm().rsaHashedParams()->modulusLengthBits()); | 685 public_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
| 686 EXPECT_EQ(modulus_length, | 686 EXPECT_EQ(modulus_length, |
| 687 private_key.algorithm().rsaHashedParams()->modulusLengthBits()); | 687 private_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
| 688 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, | 688 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, |
| 689 public_key.algorithm().rsaHashedParams()->hash().id()); | 689 public_key.algorithm().rsaHashedParams()->hash().id()); |
| 690 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, | 690 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, |
| 691 private_key.algorithm().rsaHashedParams()->hash().id()); | 691 private_key.algorithm().rsaHashedParams()->hash().id()); |
| 692 // Even though "extractable" was set to false, the public key remains | 692 // Even though "extractable" was set to false, the public key remains |
| 693 // extractable. | 693 // extractable. |
| 694 EXPECT_TRUE(public_key.extractable()); | 694 EXPECT_TRUE(public_key.extractable()); |
| 695 EXPECT_FALSE(private_key.extractable()); | 695 EXPECT_FALSE(private_key.extractable()); |
| 696 EXPECT_EQ(usage_mask, public_key.usages()); | 696 EXPECT_EQ(usage_mask, public_key.usages()); |
| 697 EXPECT_EQ(usage_mask, private_key.usages()); | 697 EXPECT_EQ(usage_mask, private_key.usages()); |
| 698 | 698 |
| 699 // Exporting a private key as SPKI format doesn't make sense. However this | 699 // Exporting a private key as SPKI format doesn't make sense. However this |
| 700 // will first fail because the key is not extractable. | 700 // will first fail because the key is not extractable. |
| 701 std::vector<uint8_t> output; | 701 std::vector<uint8_t> output; |
| 702 EXPECT_EQ(Status::ErrorKeyNotExtractable(), | 702 EXPECT_EQ(Status::ErrorKeyNotExtractable(), |
| 703 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output)); | 703 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output)); |
| 704 | 704 |
| 705 // Re-generate an extractable private_key and try to export it as SPKI format. | 705 // Re-generate an extractable private_key and try to export it as SPKI format. |
| 706 // This should fail since spki is for public keys. | 706 // This should fail since spki is for public keys. |
| 707 EXPECT_EQ( | 707 EXPECT_EQ( |
| 708 Status::Success(), | 708 Status::Success(), |
| 709 GenerateKeyPair(algorithm, true, usage_mask, &public_key, &private_key)); | 709 GenerateKey(algorithm, true, usage_mask, &public_key, &private_key)); |
| 710 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), | 710 EXPECT_EQ(Status::ErrorUnexpectedKeyType(), |
| 711 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output)); | 711 ExportKey(blink::WebCryptoKeyFormatSpki, private_key, &output)); |
| 712 } | 712 } |
| 713 | 713 |
| 714 TEST(WebCryptoRsaSsaTest, GenerateKeyPairRsaBadModulusLength) { | 714 TEST(WebCryptoRsaSsaTest, GenerateKeyPairRsaBadModulusLength) { |
| 715 const unsigned int kBadModulusBits[] = { | 715 const unsigned int kBadModulusBits[] = { |
| 716 0, | 716 0, |
| 717 248, // Too small. | 717 248, // Too small. |
| 718 257, // Not a multiple of 8. | 718 257, // Not a multiple of 8. |
| 719 1023, // Not a multiple of 8. | 719 1023, // Not a multiple of 8. |
| (...skipping 10 matching lines...) Expand all Loading... |
| 730 blink::WebCryptoAlgorithmIdSha256, | 730 blink::WebCryptoAlgorithmIdSha256, |
| 731 modulus_length_bits, | 731 modulus_length_bits, |
| 732 public_exponent); | 732 public_exponent); |
| 733 bool extractable = true; | 733 bool extractable = true; |
| 734 const blink::WebCryptoKeyUsageMask usage_mask = 0; | 734 const blink::WebCryptoKeyUsageMask usage_mask = 0; |
| 735 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 735 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
| 736 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 736 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
| 737 | 737 |
| 738 EXPECT_EQ( | 738 EXPECT_EQ( |
| 739 Status::ErrorGenerateRsaUnsupportedModulus(), | 739 Status::ErrorGenerateRsaUnsupportedModulus(), |
| 740 GenerateKeyPair( | 740 GenerateKey( |
| 741 algorithm, extractable, usage_mask, &public_key, &private_key)); | 741 algorithm, extractable, usage_mask, &public_key, &private_key)); |
| 742 } | 742 } |
| 743 } | 743 } |
| 744 | 744 |
| 745 // Try generating RSA key pairs using unsupported public exponents. Only | 745 // Try generating RSA key pairs using unsupported public exponents. Only |
| 746 // exponents of 3 and 65537 are supported. While both OpenSSL and NSS can | 746 // exponents of 3 and 65537 are supported. While both OpenSSL and NSS can |
| 747 // support other values, OpenSSL hangs when given invalid exponents, so use a | 747 // support other values, OpenSSL hangs when given invalid exponents, so use a |
| 748 // whitelist to validate the parameters. | 748 // whitelist to validate the parameters. |
| 749 TEST(WebCryptoRsaSsaTest, GenerateKeyPairRsaBadExponent) { | 749 TEST(WebCryptoRsaSsaTest, GenerateKeyPairRsaBadExponent) { |
| 750 const unsigned int modulus_length = 1024; | 750 const unsigned int modulus_length = 1024; |
| 751 | 751 |
| 752 const char* const kPublicExponents[] = { | 752 const char* const kPublicExponents[] = { |
| 753 "11", // 17 - This is a valid public exponent, but currently disallowed. | 753 "11", // 17 - This is a valid public exponent, but currently disallowed. |
| 754 "00", "01", "02", | 754 "00", "01", "02", |
| 755 "010000", // 65536 | 755 "010000", // 65536 |
| 756 }; | 756 }; |
| 757 | 757 |
| 758 for (size_t i = 0; i < arraysize(kPublicExponents); ++i) { | 758 for (size_t i = 0; i < arraysize(kPublicExponents); ++i) { |
| 759 SCOPED_TRACE(i); | 759 SCOPED_TRACE(i); |
| 760 blink::WebCryptoAlgorithm algorithm = CreateRsaHashedKeyGenAlgorithm( | 760 blink::WebCryptoAlgorithm algorithm = CreateRsaHashedKeyGenAlgorithm( |
| 761 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 761 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 762 blink::WebCryptoAlgorithmIdSha256, | 762 blink::WebCryptoAlgorithmIdSha256, |
| 763 modulus_length, | 763 modulus_length, |
| 764 HexStringToBytes(kPublicExponents[i])); | 764 HexStringToBytes(kPublicExponents[i])); |
| 765 | 765 |
| 766 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 766 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
| 767 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 767 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
| 768 | 768 |
| 769 EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(), | 769 EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(), |
| 770 GenerateKeyPair(algorithm, true, 0, &public_key, &private_key)); | 770 GenerateKey(algorithm, true, 0, &public_key, &private_key)); |
| 771 } | 771 } |
| 772 } | 772 } |
| 773 | 773 |
| 774 TEST(WebCryptoRsaSsaTest, SignVerifyFailures) { | 774 TEST(WebCryptoRsaSsaTest, SignVerifyFailures) { |
| 775 if (!SupportsRsaPrivateKeyImport()) | 775 if (!SupportsRsaPrivateKeyImport()) |
| 776 return; | 776 return; |
| 777 | 777 |
| 778 // Import a key pair. | 778 // Import a key pair. |
| 779 blink::WebCryptoAlgorithm import_algorithm = | 779 blink::WebCryptoAlgorithm import_algorithm = |
| 780 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 780 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| (...skipping 247 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1028 const unsigned int modulus_length = 256; | 1028 const unsigned int modulus_length = 256; |
| 1029 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); | 1029 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); |
| 1030 | 1030 |
| 1031 for (size_t i = 0; i < arraysize(bad_usages); ++i) { | 1031 for (size_t i = 0; i < arraysize(bad_usages); ++i) { |
| 1032 SCOPED_TRACE(i); | 1032 SCOPED_TRACE(i); |
| 1033 | 1033 |
| 1034 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1034 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
| 1035 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 1035 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
| 1036 | 1036 |
| 1037 ASSERT_EQ(Status::ErrorCreateKeyBadUsages(), | 1037 ASSERT_EQ(Status::ErrorCreateKeyBadUsages(), |
| 1038 GenerateKeyPair(CreateRsaHashedKeyGenAlgorithm( | 1038 GenerateKey(CreateRsaHashedKeyGenAlgorithm( |
| 1039 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1039 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 1040 blink::WebCryptoAlgorithmIdSha256, | 1040 blink::WebCryptoAlgorithmIdSha256, |
| 1041 modulus_length, | 1041 modulus_length, |
| 1042 public_exponent), | 1042 public_exponent), |
| 1043 true, | 1043 true, |
| 1044 bad_usages[i], | 1044 bad_usages[i], |
| 1045 &public_key, | 1045 &public_key, |
| 1046 &private_key)); | 1046 &private_key)); |
| 1047 } | 1047 } |
| 1048 } | 1048 } |
| 1049 | 1049 |
| 1050 // Generate an RSA-SSA key pair. The public and private keys should select the | 1050 // Generate an RSA-SSA key pair. The public and private keys should select the |
| 1051 // key usages which are applicable, and not have the exact same usages as was | 1051 // key usages which are applicable, and not have the exact same usages as was |
| 1052 // specified to GenerateKey | 1052 // specified to GenerateKey |
| 1053 TEST(WebCryptoRsaSsaTest, GenerateKeyPairIntersectUsages) { | 1053 TEST(WebCryptoRsaSsaTest, GenerateKeyPairIntersectUsages) { |
| 1054 const unsigned int modulus_length = 256; | 1054 const unsigned int modulus_length = 256; |
| 1055 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); | 1055 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); |
| 1056 | 1056 |
| 1057 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1057 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
| 1058 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 1058 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
| 1059 | 1059 |
| 1060 ASSERT_EQ(Status::Success(), | 1060 ASSERT_EQ( |
| 1061 GenerateKeyPair( | 1061 Status::Success(), |
| 1062 CreateRsaHashedKeyGenAlgorithm( | 1062 GenerateKey(CreateRsaHashedKeyGenAlgorithm( |
| 1063 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1063 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 1064 blink::WebCryptoAlgorithmIdSha256, | 1064 blink::WebCryptoAlgorithmIdSha256, |
| 1065 modulus_length, | 1065 modulus_length, |
| 1066 public_exponent), | 1066 public_exponent), |
| 1067 true, | 1067 true, |
| 1068 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, | 1068 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, |
| 1069 &public_key, | 1069 &public_key, |
| 1070 &private_key)); | 1070 &private_key)); |
| 1071 | 1071 |
| 1072 EXPECT_EQ(blink::WebCryptoKeyUsageVerify, public_key.usages()); | 1072 EXPECT_EQ(blink::WebCryptoKeyUsageVerify, public_key.usages()); |
| 1073 EXPECT_EQ(blink::WebCryptoKeyUsageSign, private_key.usages()); | 1073 EXPECT_EQ(blink::WebCryptoKeyUsageSign, private_key.usages()); |
| 1074 | 1074 |
| 1075 // Try again but this time without the Verify usages. | 1075 // Try again but this time without the Verify usages. |
| 1076 ASSERT_EQ(Status::Success(), | 1076 ASSERT_EQ(Status::Success(), |
| 1077 GenerateKeyPair(CreateRsaHashedKeyGenAlgorithm( | 1077 GenerateKey(CreateRsaHashedKeyGenAlgorithm( |
| 1078 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1078 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 1079 blink::WebCryptoAlgorithmIdSha256, | 1079 blink::WebCryptoAlgorithmIdSha256, |
| 1080 modulus_length, | 1080 modulus_length, |
| 1081 public_exponent), | 1081 public_exponent), |
| 1082 true, | 1082 true, |
| 1083 blink::WebCryptoKeyUsageSign, | 1083 blink::WebCryptoKeyUsageSign, |
| 1084 &public_key, | 1084 &public_key, |
| 1085 &private_key)); | 1085 &private_key)); |
| 1086 | 1086 |
| 1087 EXPECT_EQ(0, public_key.usages()); | 1087 EXPECT_EQ(0, public_key.usages()); |
| 1088 EXPECT_EQ(blink::WebCryptoKeyUsageSign, private_key.usages()); | 1088 EXPECT_EQ(blink::WebCryptoKeyUsageSign, private_key.usages()); |
| 1089 } | 1089 } |
| 1090 | 1090 |
| 1091 TEST(WebCryptoRsaSsaTest, ImportExportJwkRsaPublicKey) { | 1091 TEST(WebCryptoRsaSsaTest, ImportExportJwkRsaPublicKey) { |
| 1092 struct TestCase { | 1092 struct TestCase { |
| 1093 const blink::WebCryptoAlgorithmId hash; | 1093 const blink::WebCryptoAlgorithmId hash; |
| 1094 const blink::WebCryptoKeyUsageMask usage; | 1094 const blink::WebCryptoKeyUsageMask usage; |
| 1095 const char* const jwk_alg; | 1095 const char* const jwk_alg; |
| (...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1200 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1200 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
| 1201 RestoreJwkRsaDictionary(&dict); | 1201 RestoreJwkRsaDictionary(&dict); |
| 1202 } | 1202 } |
| 1203 } | 1203 } |
| 1204 | 1204 |
| 1205 } // namespace | 1205 } // namespace |
| 1206 | 1206 |
| 1207 } // namespace webcrypto | 1207 } // namespace webcrypto |
| 1208 | 1208 |
| 1209 } // namespace content | 1209 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 512023002:
Refactor the interface for generating keys. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master