| OLD | NEW |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/logging.h" | 5 #include "base/logging.h" |
| 6 #include "base/stl_util.h" | 6 #include "base/stl_util.h" |
| 7 #include "content/child/webcrypto/algorithm_dispatch.h" | 7 #include "content/child/webcrypto/algorithm_dispatch.h" |
| 8 #include "content/child/webcrypto/crypto_data.h" | 8 #include "content/child/webcrypto/crypto_data.h" |
| 9 #include "content/child/webcrypto/status.h" | 9 #include "content/child/webcrypto/status.h" |
| 10 #include "content/child/webcrypto/test/test_helpers.h" | 10 #include "content/child/webcrypto/test/test_helpers.h" |
| (...skipping 20 matching lines...) Expand all Loading... |
| 31 dict->SetString( | 31 dict->SetString( |
| 32 "n", | 32 "n", |
| 33 "qLOyhK-OtQs4cDSoYPFGxJGfMYdjzWxVmMiuSBGh4KvEx-CwgtaTpef87Wdc9GaFEncsDLxk" | 33 "qLOyhK-OtQs4cDSoYPFGxJGfMYdjzWxVmMiuSBGh4KvEx-CwgtaTpef87Wdc9GaFEncsDLxk" |
| 34 "p0LGxjD1M8jMcvYq6DPEC_JYQumEu3i9v5fAEH1VvbZi9cTg-rmEXLUUjvc5LdOq_5OuHmtm" | 34 "p0LGxjD1M8jMcvYq6DPEC_JYQumEu3i9v5fAEH1VvbZi9cTg-rmEXLUUjvc5LdOq_5OuHmtm" |
| 35 "e7PUJHYW1PW6ENTP0ibeiNOfFvs"); | 35 "e7PUJHYW1PW6ENTP0ibeiNOfFvs"); |
| 36 dict->SetString("e", "AQAB"); | 36 dict->SetString("e", "AQAB"); |
| 37 } | 37 } |
| 38 | 38 |
| 39 TEST(WebCryptoRsaSsaTest, ImportExportSpki) { | 39 TEST(WebCryptoRsaSsaTest, ImportExportSpki) { |
| 40 // Passing case: Import a valid RSA key in SPKI format. | 40 // Passing case: Import a valid RSA key in SPKI format. |
| 41 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 41 blink::WebCryptoKey key; |
| 42 ASSERT_EQ(Status::Success(), | 42 ASSERT_EQ(Status::Success(), |
| 43 ImportKey(blink::WebCryptoKeyFormatSpki, | 43 ImportKey(blink::WebCryptoKeyFormatSpki, |
| 44 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), | 44 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), |
| 45 CreateRsaHashedImportAlgorithm( | 45 CreateRsaHashedImportAlgorithm( |
| 46 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 46 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 47 blink::WebCryptoAlgorithmIdSha256), | 47 blink::WebCryptoAlgorithmIdSha256), |
| 48 true, | 48 true, |
| 49 blink::WebCryptoKeyUsageVerify, | 49 blink::WebCryptoKeyUsageVerify, |
| 50 &key)); | 50 &key)); |
| 51 EXPECT_TRUE(key.handle()); | 51 EXPECT_TRUE(key.handle()); |
| (...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 120 // (e.g. SHA-1 in OID, SHA-256 in params) | 120 // (e.g. SHA-1 in OID, SHA-256 in params) |
| 121 // TODO(eroman): Failing test: Import a SPKI for RSA-SSA, but with params | 121 // TODO(eroman): Failing test: Import a SPKI for RSA-SSA, but with params |
| 122 // as OAEP/PSS | 122 // as OAEP/PSS |
| 123 } | 123 } |
| 124 | 124 |
| 125 TEST(WebCryptoRsaSsaTest, ImportExportPkcs8) { | 125 TEST(WebCryptoRsaSsaTest, ImportExportPkcs8) { |
| 126 if (!SupportsRsaPrivateKeyImport()) | 126 if (!SupportsRsaPrivateKeyImport()) |
| 127 return; | 127 return; |
| 128 | 128 |
| 129 // Passing case: Import a valid RSA key in PKCS#8 format. | 129 // Passing case: Import a valid RSA key in PKCS#8 format. |
| 130 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 130 blink::WebCryptoKey key; |
| 131 ASSERT_EQ(Status::Success(), | 131 ASSERT_EQ(Status::Success(), |
| 132 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 132 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
| 133 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), | 133 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), |
| 134 CreateRsaHashedImportAlgorithm( | 134 CreateRsaHashedImportAlgorithm( |
| 135 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 135 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 136 blink::WebCryptoAlgorithmIdSha1), | 136 blink::WebCryptoAlgorithmIdSha1), |
| 137 true, | 137 true, |
| 138 blink::WebCryptoKeyUsageSign, | 138 blink::WebCryptoKeyUsageSign, |
| 139 &key)); | 139 &key)); |
| 140 EXPECT_TRUE(key.handle()); | 140 EXPECT_TRUE(key.handle()); |
| (...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 219 | 219 |
| 220 for (size_t test_index = 0; test_index < arraysize(kOffsetsToCorrupt); | 220 for (size_t test_index = 0; test_index < arraysize(kOffsetsToCorrupt); |
| 221 ++test_index) { | 221 ++test_index) { |
| 222 SCOPED_TRACE(test_index); | 222 SCOPED_TRACE(test_index); |
| 223 | 223 |
| 224 unsigned int i = kOffsetsToCorrupt[test_index]; | 224 unsigned int i = kOffsetsToCorrupt[test_index]; |
| 225 std::vector<uint8_t> corrupted_data = | 225 std::vector<uint8_t> corrupted_data = |
| 226 HexStringToBytes(kPrivateKeyPkcs8DerHex); | 226 HexStringToBytes(kPrivateKeyPkcs8DerHex); |
| 227 corrupted_data[i] = ~corrupted_data[i]; | 227 corrupted_data[i] = ~corrupted_data[i]; |
| 228 | 228 |
| 229 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 229 blink::WebCryptoKey key; |
| 230 EXPECT_EQ(Status::DataError(), | 230 EXPECT_EQ(Status::DataError(), |
| 231 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 231 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
| 232 CryptoData(corrupted_data), | 232 CryptoData(corrupted_data), |
| 233 CreateRsaHashedImportAlgorithm( | 233 CreateRsaHashedImportAlgorithm( |
| 234 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 234 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 235 blink::WebCryptoAlgorithmIdSha1), | 235 blink::WebCryptoAlgorithmIdSha1), |
| 236 true, | 236 true, |
| 237 blink::WebCryptoKeyUsageSign, | 237 blink::WebCryptoKeyUsageSign, |
| 238 &key)); | 238 &key)); |
| 239 } | 239 } |
| 240 } | 240 } |
| 241 | 241 |
| 242 // Tests JWK import and export by doing a roundtrip key conversion and ensuring | 242 // Tests JWK import and export by doing a roundtrip key conversion and ensuring |
| 243 // it was lossless: | 243 // it was lossless: |
| 244 // | 244 // |
| 245 // PKCS8 --> JWK --> PKCS8 | 245 // PKCS8 --> JWK --> PKCS8 |
| 246 TEST(WebCryptoRsaSsaTest, ImportRsaPrivateKeyJwkToPkcs8RoundTrip) { | 246 TEST(WebCryptoRsaSsaTest, ImportRsaPrivateKeyJwkToPkcs8RoundTrip) { |
| 247 if (!SupportsRsaPrivateKeyImport()) | 247 if (!SupportsRsaPrivateKeyImport()) |
| 248 return; | 248 return; |
| 249 | 249 |
| 250 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 250 blink::WebCryptoKey key; |
| 251 ASSERT_EQ(Status::Success(), | 251 ASSERT_EQ(Status::Success(), |
| 252 ImportKey(blink::WebCryptoKeyFormatPkcs8, | 252 ImportKey(blink::WebCryptoKeyFormatPkcs8, |
| 253 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), | 253 CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)), |
| 254 CreateRsaHashedImportAlgorithm( | 254 CreateRsaHashedImportAlgorithm( |
| 255 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 255 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 256 blink::WebCryptoAlgorithmIdSha1), | 256 blink::WebCryptoAlgorithmIdSha1), |
| 257 true, | 257 true, |
| 258 blink::WebCryptoKeyUsageSign, | 258 blink::WebCryptoKeyUsageSign, |
| 259 &key)); | 259 &key)); |
| 260 | 260 |
| (...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 334 | 334 |
| 335 // Get the PKCS8 representation of the key. | 335 // Get the PKCS8 representation of the key. |
| 336 std::string pkcs8_hex_string; | 336 std::string pkcs8_hex_string; |
| 337 ASSERT_TRUE(key_values->GetString("pkcs8", &pkcs8_hex_string)); | 337 ASSERT_TRUE(key_values->GetString("pkcs8", &pkcs8_hex_string)); |
| 338 std::vector<uint8_t> pkcs8_bytes = HexStringToBytes(pkcs8_hex_string); | 338 std::vector<uint8_t> pkcs8_bytes = HexStringToBytes(pkcs8_hex_string); |
| 339 | 339 |
| 340 // Get the modulus length for the key. | 340 // Get the modulus length for the key. |
| 341 int modulus_length_bits = 0; | 341 int modulus_length_bits = 0; |
| 342 ASSERT_TRUE(key_values->GetInteger("modulusLength", &modulus_length_bits)); | 342 ASSERT_TRUE(key_values->GetInteger("modulusLength", &modulus_length_bits)); |
| 343 | 343 |
| 344 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 344 blink::WebCryptoKey private_key; |
| 345 | 345 |
| 346 // Import the key from JWK. | 346 // Import the key from JWK. |
| 347 ASSERT_EQ( | 347 ASSERT_EQ( |
| 348 Status::Success(), | 348 Status::Success(), |
| 349 ImportKeyJwkFromDict(*key_jwk, | 349 ImportKeyJwkFromDict(*key_jwk, |
| 350 CreateRsaHashedImportAlgorithm( | 350 CreateRsaHashedImportAlgorithm( |
| 351 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 351 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 352 blink::WebCryptoAlgorithmIdSha256), | 352 blink::WebCryptoAlgorithmIdSha256), |
| 353 true, | 353 true, |
| 354 blink::WebCryptoKeyUsageSign, | 354 blink::WebCryptoKeyUsageSign, |
| (...skipping 27 matching lines...) Expand all Loading... |
| 382 | 382 |
| 383 scoped_ptr<base::ListValue> key_list; | 383 scoped_ptr<base::ListValue> key_list; |
| 384 ASSERT_TRUE(ReadJsonTestFileToList("rsa_private_keys.json", &key_list)); | 384 ASSERT_TRUE(ReadJsonTestFileToList("rsa_private_keys.json", &key_list)); |
| 385 | 385 |
| 386 // Import a 1024-bit private key. | 386 // Import a 1024-bit private key. |
| 387 base::DictionaryValue* key1_props; | 387 base::DictionaryValue* key1_props; |
| 388 ASSERT_TRUE(key_list->GetDictionary(1, &key1_props)); | 388 ASSERT_TRUE(key_list->GetDictionary(1, &key1_props)); |
| 389 base::DictionaryValue* key1_jwk; | 389 base::DictionaryValue* key1_jwk; |
| 390 ASSERT_TRUE(key1_props->GetDictionary("jwk", &key1_jwk)); | 390 ASSERT_TRUE(key1_props->GetDictionary("jwk", &key1_jwk)); |
| 391 | 391 |
| 392 blink::WebCryptoKey key1 = blink::WebCryptoKey::createNull(); | 392 blink::WebCryptoKey key1; |
| 393 ASSERT_EQ(Status::Success(), | 393 ASSERT_EQ(Status::Success(), |
| 394 ImportKeyJwkFromDict(*key1_jwk, | 394 ImportKeyJwkFromDict(*key1_jwk, |
| 395 CreateRsaHashedImportAlgorithm( | 395 CreateRsaHashedImportAlgorithm( |
| 396 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 396 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 397 blink::WebCryptoAlgorithmIdSha256), | 397 blink::WebCryptoAlgorithmIdSha256), |
| 398 true, | 398 true, |
| 399 blink::WebCryptoKeyUsageSign, | 399 blink::WebCryptoKeyUsageSign, |
| 400 &key1)); | 400 &key1)); |
| 401 | 401 |
| 402 ASSERT_EQ(1024u, key1.algorithm().rsaHashedParams()->modulusLengthBits()); | 402 ASSERT_EQ(1024u, key1.algorithm().rsaHashedParams()->modulusLengthBits()); |
| 403 | 403 |
| 404 // Construct a JWK using the modulus of key1, but all the other fields from | 404 // Construct a JWK using the modulus of key1, but all the other fields from |
| 405 // another key (also a 1024-bit private key). | 405 // another key (also a 1024-bit private key). |
| 406 base::DictionaryValue* key2_props; | 406 base::DictionaryValue* key2_props; |
| 407 ASSERT_TRUE(key_list->GetDictionary(5, &key2_props)); | 407 ASSERT_TRUE(key_list->GetDictionary(5, &key2_props)); |
| 408 base::DictionaryValue* key2_jwk; | 408 base::DictionaryValue* key2_jwk; |
| 409 ASSERT_TRUE(key2_props->GetDictionary("jwk", &key2_jwk)); | 409 ASSERT_TRUE(key2_props->GetDictionary("jwk", &key2_jwk)); |
| 410 std::string modulus; | 410 std::string modulus; |
| 411 key1_jwk->GetString("n", &modulus); | 411 key1_jwk->GetString("n", &modulus); |
| 412 key2_jwk->SetString("n", modulus); | 412 key2_jwk->SetString("n", modulus); |
| 413 | 413 |
| 414 // This should fail, as the n,e,d parameters are not consistent. It MUST NOT | 414 // This should fail, as the n,e,d parameters are not consistent. It MUST NOT |
| 415 // somehow return the key created earlier. | 415 // somehow return the key created earlier. |
| 416 blink::WebCryptoKey key2 = blink::WebCryptoKey::createNull(); | 416 blink::WebCryptoKey key2; |
| 417 ASSERT_EQ(Status::OperationError(), | 417 ASSERT_EQ(Status::OperationError(), |
| 418 ImportKeyJwkFromDict(*key2_jwk, | 418 ImportKeyJwkFromDict(*key2_jwk, |
| 419 CreateRsaHashedImportAlgorithm( | 419 CreateRsaHashedImportAlgorithm( |
| 420 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 420 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 421 blink::WebCryptoAlgorithmIdSha256), | 421 blink::WebCryptoAlgorithmIdSha256), |
| 422 true, | 422 true, |
| 423 blink::WebCryptoKeyUsageSign, | 423 blink::WebCryptoKeyUsageSign, |
| 424 &key2)); | 424 &key2)); |
| 425 } | 425 } |
| 426 | 426 |
| 427 // Import a JWK RSA private key with some optional parameters missing (q, dp, | 427 // Import a JWK RSA private key with some optional parameters missing (q, dp, |
| 428 // dq, qi). | 428 // dq, qi). |
| 429 // | 429 // |
| 430 // The only optional parameter included is "p". | 430 // The only optional parameter included is "p". |
| 431 // | 431 // |
| 432 // This fails because JWA says that producers must include either ALL optional | 432 // This fails because JWA says that producers must include either ALL optional |
| 433 // parameters or NONE. | 433 // parameters or NONE. |
| 434 TEST(WebCryptoRsaSsaTest, ImportRsaPrivateKeyJwkMissingOptionalParams) { | 434 TEST(WebCryptoRsaSsaTest, ImportRsaPrivateKeyJwkMissingOptionalParams) { |
| 435 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 435 blink::WebCryptoKey key; |
| 436 | 436 |
| 437 base::DictionaryValue dict; | 437 base::DictionaryValue dict; |
| 438 dict.SetString("kty", "RSA"); | 438 dict.SetString("kty", "RSA"); |
| 439 dict.SetString("alg", "RS1"); | 439 dict.SetString("alg", "RS1"); |
| 440 | 440 |
| 441 dict.SetString( | 441 dict.SetString( |
| 442 "n", | 442 "n", |
| 443 "pW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h962ZHYxRBW_-2xYrTA8oOhKoijlN_" | 443 "pW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h962ZHYxRBW_-2xYrTA8oOhKoijlN_" |
| 444 "1JqtykcuzB86r_OCx39XNlQgJbVsri2311nHvY3fAkhyyPCcKcOJZjm_4nRnxBazC0_" | 444 "1JqtykcuzB86r_OCx39XNlQgJbVsri2311nHvY3fAkhyyPCcKcOJZjm_4nRnxBazC0_" |
| 445 "DLNfKSgOE4a29kxO8i4eHyDQzoz_siSb2aITc"); | 445 "DLNfKSgOE4a29kxO8i4eHyDQzoz_siSb2aITc"); |
| (...skipping 22 matching lines...) Expand all Loading... |
| 468 // Import a JWK RSA private key, without any of the optional parameters. | 468 // Import a JWK RSA private key, without any of the optional parameters. |
| 469 // | 469 // |
| 470 // According to JWA, such keys are valid, but applications SHOULD | 470 // According to JWA, such keys are valid, but applications SHOULD |
| 471 // include all the parameters when sending, and recipients MAY | 471 // include all the parameters when sending, and recipients MAY |
| 472 // accept them, but are not required to. Chromium's WebCrypto does | 472 // accept them, but are not required to. Chromium's WebCrypto does |
| 473 // not allow such degenerate keys. | 473 // not allow such degenerate keys. |
| 474 TEST(WebCryptoRsaSsaTest, ImportRsaPrivateKeyJwkIncorrectOptionalEmpty) { | 474 TEST(WebCryptoRsaSsaTest, ImportRsaPrivateKeyJwkIncorrectOptionalEmpty) { |
| 475 if (!SupportsRsaPrivateKeyImport()) | 475 if (!SupportsRsaPrivateKeyImport()) |
| 476 return; | 476 return; |
| 477 | 477 |
| 478 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 478 blink::WebCryptoKey key; |
| 479 | 479 |
| 480 base::DictionaryValue dict; | 480 base::DictionaryValue dict; |
| 481 dict.SetString("kty", "RSA"); | 481 dict.SetString("kty", "RSA"); |
| 482 dict.SetString("alg", "RS1"); | 482 dict.SetString("alg", "RS1"); |
| 483 | 483 |
| 484 dict.SetString( | 484 dict.SetString( |
| 485 "n", | 485 "n", |
| 486 "pW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h962ZHYxRBW_-2xYrTA8oOhKoijlN_" | 486 "pW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h962ZHYxRBW_-2xYrTA8oOhKoijlN_" |
| 487 "1JqtykcuzB86r_OCx39XNlQgJbVsri2311nHvY3fAkhyyPCcKcOJZjm_4nRnxBazC0_" | 487 "1JqtykcuzB86r_OCx39XNlQgJbVsri2311nHvY3fAkhyyPCcKcOJZjm_4nRnxBazC0_" |
| 488 "DLNfKSgOE4a29kxO8i4eHyDQzoz_siSb2aITc"); | 488 "DLNfKSgOE4a29kxO8i4eHyDQzoz_siSb2aITc"); |
| (...skipping 19 matching lines...) Expand all Loading... |
| 508 base::DictionaryValue dict; | 508 base::DictionaryValue dict; |
| 509 | 509 |
| 510 dict.SetString("kty", "RSA"); | 510 dict.SetString("kty", "RSA"); |
| 511 dict.SetString("e", "AAEAAQ"); // 00 01 00 01 | 511 dict.SetString("e", "AAEAAQ"); // 00 01 00 01 |
| 512 dict.SetString( | 512 dict.SetString( |
| 513 "n", | 513 "n", |
| 514 "qLOyhK-OtQs4cDSoYPFGxJGfMYdjzWxVmMiuSBGh4KvEx-CwgtaTpef87Wdc9GaFEncsDLxk" | 514 "qLOyhK-OtQs4cDSoYPFGxJGfMYdjzWxVmMiuSBGh4KvEx-CwgtaTpef87Wdc9GaFEncsDLxk" |
| 515 "p0LGxjD1M8jMcvYq6DPEC_JYQumEu3i9v5fAEH1VvbZi9cTg-rmEXLUUjvc5LdOq_5OuHmtm" | 515 "p0LGxjD1M8jMcvYq6DPEC_JYQumEu3i9v5fAEH1VvbZi9cTg-rmEXLUUjvc5LdOq_5OuHmtm" |
| 516 "e7PUJHYW1PW6ENTP0ibeiNOfFvs"); | 516 "e7PUJHYW1PW6ENTP0ibeiNOfFvs"); |
| 517 | 517 |
| 518 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 518 blink::WebCryptoKey key; |
| 519 | 519 |
| 520 EXPECT_EQ(Status::ErrorJwkBigIntegerHasLeadingZero("e"), | 520 EXPECT_EQ(Status::ErrorJwkBigIntegerHasLeadingZero("e"), |
| 521 ImportKeyJwkFromDict(dict, | 521 ImportKeyJwkFromDict(dict, |
| 522 CreateRsaHashedImportAlgorithm( | 522 CreateRsaHashedImportAlgorithm( |
| 523 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 523 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 524 blink::WebCryptoAlgorithmIdSha256), | 524 blink::WebCryptoAlgorithmIdSha256), |
| 525 false, | 525 false, |
| 526 blink::WebCryptoKeyUsageVerify, | 526 blink::WebCryptoKeyUsageVerify, |
| 527 &key)); | 527 &key)); |
| 528 } | 528 } |
| 529 | 529 |
| 530 TEST(WebCryptoRsaSsaTest, GenerateKeyPairRsa) { | 530 TEST(WebCryptoRsaSsaTest, GenerateKeyPairRsa) { |
| 531 // Note: using unrealistic short key lengths here to avoid bogging down tests. | 531 // Note: using unrealistic short key lengths here to avoid bogging down tests. |
| 532 | 532 |
| 533 // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation (sha256) | 533 // Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation (sha256) |
| 534 const unsigned int modulus_length = 256; | 534 const unsigned int modulus_length = 256; |
| 535 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); | 535 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); |
| 536 blink::WebCryptoAlgorithm algorithm = | 536 blink::WebCryptoAlgorithm algorithm = |
| 537 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 537 CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 538 blink::WebCryptoAlgorithmIdSha256, | 538 blink::WebCryptoAlgorithmIdSha256, |
| 539 modulus_length, | 539 modulus_length, |
| 540 public_exponent); | 540 public_exponent); |
| 541 bool extractable = true; | 541 bool extractable = true; |
| 542 const blink::WebCryptoKeyUsageMask usage_mask = 0; | 542 const blink::WebCryptoKeyUsageMask usage_mask = 0; |
| 543 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 543 blink::WebCryptoKey public_key; |
| 544 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 544 blink::WebCryptoKey private_key; |
| 545 | 545 |
| 546 EXPECT_EQ(Status::Success(), | 546 EXPECT_EQ(Status::Success(), |
| 547 GenerateKeyPair( | 547 GenerateKeyPair( |
| 548 algorithm, extractable, usage_mask, &public_key, &private_key)); | 548 algorithm, extractable, usage_mask, &public_key, &private_key)); |
| 549 EXPECT_FALSE(public_key.isNull()); | 549 EXPECT_FALSE(public_key.isNull()); |
| 550 EXPECT_FALSE(private_key.isNull()); | 550 EXPECT_FALSE(private_key.isNull()); |
| 551 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); | 551 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
| 552 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); | 552 EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
| 553 EXPECT_EQ(modulus_length, | 553 EXPECT_EQ(modulus_length, |
| 554 public_key.algorithm().rsaHashedParams()->modulusLengthBits()); | 554 public_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
| (...skipping 170 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 725 | 725 |
| 726 for (size_t i = 0; i < arraysize(kBadModulusBits); ++i) { | 726 for (size_t i = 0; i < arraysize(kBadModulusBits); ++i) { |
| 727 const unsigned int modulus_length_bits = kBadModulusBits[i]; | 727 const unsigned int modulus_length_bits = kBadModulusBits[i]; |
| 728 blink::WebCryptoAlgorithm algorithm = CreateRsaHashedKeyGenAlgorithm( | 728 blink::WebCryptoAlgorithm algorithm = CreateRsaHashedKeyGenAlgorithm( |
| 729 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 729 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 730 blink::WebCryptoAlgorithmIdSha256, | 730 blink::WebCryptoAlgorithmIdSha256, |
| 731 modulus_length_bits, | 731 modulus_length_bits, |
| 732 public_exponent); | 732 public_exponent); |
| 733 bool extractable = true; | 733 bool extractable = true; |
| 734 const blink::WebCryptoKeyUsageMask usage_mask = 0; | 734 const blink::WebCryptoKeyUsageMask usage_mask = 0; |
| 735 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 735 blink::WebCryptoKey public_key; |
| 736 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 736 blink::WebCryptoKey private_key; |
| 737 | 737 |
| 738 EXPECT_EQ( | 738 EXPECT_EQ( |
| 739 Status::ErrorGenerateRsaUnsupportedModulus(), | 739 Status::ErrorGenerateRsaUnsupportedModulus(), |
| 740 GenerateKeyPair( | 740 GenerateKeyPair( |
| 741 algorithm, extractable, usage_mask, &public_key, &private_key)); | 741 algorithm, extractable, usage_mask, &public_key, &private_key)); |
| 742 } | 742 } |
| 743 } | 743 } |
| 744 | 744 |
| 745 // Try generating RSA key pairs using unsupported public exponents. Only | 745 // Try generating RSA key pairs using unsupported public exponents. Only |
| 746 // exponents of 3 and 65537 are supported. While both OpenSSL and NSS can | 746 // exponents of 3 and 65537 are supported. While both OpenSSL and NSS can |
| 747 // support other values, OpenSSL hangs when given invalid exponents, so use a | 747 // support other values, OpenSSL hangs when given invalid exponents, so use a |
| 748 // whitelist to validate the parameters. | 748 // whitelist to validate the parameters. |
| 749 TEST(WebCryptoRsaSsaTest, GenerateKeyPairRsaBadExponent) { | 749 TEST(WebCryptoRsaSsaTest, GenerateKeyPairRsaBadExponent) { |
| 750 const unsigned int modulus_length = 1024; | 750 const unsigned int modulus_length = 1024; |
| 751 | 751 |
| 752 const char* const kPublicExponents[] = { | 752 const char* const kPublicExponents[] = { |
| 753 "11", // 17 - This is a valid public exponent, but currently disallowed. | 753 "11", // 17 - This is a valid public exponent, but currently disallowed. |
| 754 "00", "01", "02", | 754 "00", "01", "02", |
| 755 "010000", // 65536 | 755 "010000", // 65536 |
| 756 }; | 756 }; |
| 757 | 757 |
| 758 for (size_t i = 0; i < arraysize(kPublicExponents); ++i) { | 758 for (size_t i = 0; i < arraysize(kPublicExponents); ++i) { |
| 759 SCOPED_TRACE(i); | 759 SCOPED_TRACE(i); |
| 760 blink::WebCryptoAlgorithm algorithm = CreateRsaHashedKeyGenAlgorithm( | 760 blink::WebCryptoAlgorithm algorithm = CreateRsaHashedKeyGenAlgorithm( |
| 761 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 761 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 762 blink::WebCryptoAlgorithmIdSha256, | 762 blink::WebCryptoAlgorithmIdSha256, |
| 763 modulus_length, | 763 modulus_length, |
| 764 HexStringToBytes(kPublicExponents[i])); | 764 HexStringToBytes(kPublicExponents[i])); |
| 765 | 765 |
| 766 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 766 blink::WebCryptoKey public_key; |
| 767 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 767 blink::WebCryptoKey private_key; |
| 768 | 768 |
| 769 EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(), | 769 EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(), |
| 770 GenerateKeyPair(algorithm, true, 0, &public_key, &private_key)); | 770 GenerateKeyPair(algorithm, true, 0, &public_key, &private_key)); |
| 771 } | 771 } |
| 772 } | 772 } |
| 773 | 773 |
| 774 TEST(WebCryptoRsaSsaTest, SignVerifyFailures) { | 774 TEST(WebCryptoRsaSsaTest, SignVerifyFailures) { |
| 775 if (!SupportsRsaPrivateKeyImport()) | 775 if (!SupportsRsaPrivateKeyImport()) |
| 776 return; | 776 return; |
| 777 | 777 |
| 778 // Import a key pair. | 778 // Import a key pair. |
| 779 blink::WebCryptoAlgorithm import_algorithm = | 779 blink::WebCryptoAlgorithm import_algorithm = |
| 780 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 780 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 781 blink::WebCryptoAlgorithmIdSha1); | 781 blink::WebCryptoAlgorithmIdSha1); |
| 782 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 782 blink::WebCryptoKey public_key; |
| 783 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 783 blink::WebCryptoKey private_key; |
| 784 ASSERT_NO_FATAL_FAILURE( | 784 ASSERT_NO_FATAL_FAILURE( |
| 785 ImportRsaKeyPair(HexStringToBytes(kPublicKeySpkiDerHex), | 785 ImportRsaKeyPair(HexStringToBytes(kPublicKeySpkiDerHex), |
| 786 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 786 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
| 787 import_algorithm, | 787 import_algorithm, |
| 788 false, | 788 false, |
| 789 blink::WebCryptoKeyUsageVerify, | 789 blink::WebCryptoKeyUsageVerify, |
| 790 blink::WebCryptoKeyUsageSign, | 790 blink::WebCryptoKeyUsageSign, |
| 791 &public_key, | 791 &public_key, |
| 792 &private_key)); | 792 &private_key)); |
| 793 | 793 |
| (...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 865 // signature itself (undesired), the verify will pass, while if the hash type | 865 // signature itself (undesired), the verify will pass, while if the hash type |
| 866 // is specified by the key algorithm (desired), the verify will fail. | 866 // is specified by the key algorithm (desired), the verify will fail. |
| 867 | 867 |
| 868 // Compute a signature using SHA-1 as the inner hash. | 868 // Compute a signature using SHA-1 as the inner hash. |
| 869 EXPECT_EQ(Status::Success(), | 869 EXPECT_EQ(Status::Success(), |
| 870 Sign(CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), | 870 Sign(CreateAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5), |
| 871 private_key, | 871 private_key, |
| 872 CryptoData(data), | 872 CryptoData(data), |
| 873 &signature)); | 873 &signature)); |
| 874 | 874 |
| 875 blink::WebCryptoKey public_key_256 = blink::WebCryptoKey::createNull(); | 875 blink::WebCryptoKey public_key_256; |
| 876 EXPECT_EQ(Status::Success(), | 876 EXPECT_EQ(Status::Success(), |
| 877 ImportKey(blink::WebCryptoKeyFormatSpki, | 877 ImportKey(blink::WebCryptoKeyFormatSpki, |
| 878 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), | 878 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), |
| 879 CreateRsaHashedImportAlgorithm( | 879 CreateRsaHashedImportAlgorithm( |
| 880 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 880 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 881 blink::WebCryptoAlgorithmIdSha256), | 881 blink::WebCryptoAlgorithmIdSha256), |
| 882 true, | 882 true, |
| 883 blink::WebCryptoKeyUsageVerify, | 883 blink::WebCryptoKeyUsageVerify, |
| 884 &public_key_256)); | 884 &public_key_256)); |
| 885 | 885 |
| (...skipping 21 matching lines...) Expand all Loading... |
| 907 if (!SupportsRsaPrivateKeyImport()) | 907 if (!SupportsRsaPrivateKeyImport()) |
| 908 return; | 908 return; |
| 909 | 909 |
| 910 scoped_ptr<base::ListValue> tests; | 910 scoped_ptr<base::ListValue> tests; |
| 911 ASSERT_TRUE(ReadJsonTestFileToList("pkcs1v15_sign.json", &tests)); | 911 ASSERT_TRUE(ReadJsonTestFileToList("pkcs1v15_sign.json", &tests)); |
| 912 | 912 |
| 913 // Import the key pair. | 913 // Import the key pair. |
| 914 blink::WebCryptoAlgorithm import_algorithm = | 914 blink::WebCryptoAlgorithm import_algorithm = |
| 915 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 915 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 916 blink::WebCryptoAlgorithmIdSha1); | 916 blink::WebCryptoAlgorithmIdSha1); |
| 917 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 917 blink::WebCryptoKey public_key; |
| 918 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 918 blink::WebCryptoKey private_key; |
| 919 ASSERT_NO_FATAL_FAILURE( | 919 ASSERT_NO_FATAL_FAILURE( |
| 920 ImportRsaKeyPair(HexStringToBytes(kPublicKeySpkiDerHex), | 920 ImportRsaKeyPair(HexStringToBytes(kPublicKeySpkiDerHex), |
| 921 HexStringToBytes(kPrivateKeyPkcs8DerHex), | 921 HexStringToBytes(kPrivateKeyPkcs8DerHex), |
| 922 import_algorithm, | 922 import_algorithm, |
| 923 false, | 923 false, |
| 924 blink::WebCryptoKeyUsageVerify, | 924 blink::WebCryptoKeyUsageVerify, |
| 925 blink::WebCryptoKeyUsageSign, | 925 blink::WebCryptoKeyUsageSign, |
| 926 &public_key, | 926 &public_key, |
| 927 &private_key)); | 927 &private_key)); |
| 928 | 928 |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 969 blink::WebCryptoKeyUsageMask bad_usages[] = { | 969 blink::WebCryptoKeyUsageMask bad_usages[] = { |
| 970 blink::WebCryptoKeyUsageSign, | 970 blink::WebCryptoKeyUsageSign, |
| 971 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, | 971 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, |
| 972 blink::WebCryptoKeyUsageEncrypt, | 972 blink::WebCryptoKeyUsageEncrypt, |
| 973 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, | 973 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt, |
| 974 }; | 974 }; |
| 975 | 975 |
| 976 for (size_t i = 0; i < arraysize(bad_usages); ++i) { | 976 for (size_t i = 0; i < arraysize(bad_usages); ++i) { |
| 977 SCOPED_TRACE(i); | 977 SCOPED_TRACE(i); |
| 978 | 978 |
| 979 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 979 blink::WebCryptoKey public_key; |
| 980 ASSERT_EQ(Status::ErrorCreateKeyBadUsages(), | 980 ASSERT_EQ(Status::ErrorCreateKeyBadUsages(), |
| 981 ImportKey(blink::WebCryptoKeyFormatSpki, | 981 ImportKey(blink::WebCryptoKeyFormatSpki, |
| 982 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), | 982 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), |
| 983 algorithm, | 983 algorithm, |
| 984 false, | 984 false, |
| 985 bad_usages[i], | 985 bad_usages[i], |
| 986 &public_key)); | 986 &public_key)); |
| 987 } | 987 } |
| 988 } | 988 } |
| 989 | 989 |
| (...skipping 12 matching lines...) Expand all Loading... |
| 1002 }; | 1002 }; |
| 1003 | 1003 |
| 1004 base::DictionaryValue dict; | 1004 base::DictionaryValue dict; |
| 1005 RestoreJwkRsaDictionary(&dict); | 1005 RestoreJwkRsaDictionary(&dict); |
| 1006 dict.Remove("use", NULL); | 1006 dict.Remove("use", NULL); |
| 1007 dict.SetString("alg", "RS256"); | 1007 dict.SetString("alg", "RS256"); |
| 1008 | 1008 |
| 1009 for (size_t i = 0; i < arraysize(bad_usages); ++i) { | 1009 for (size_t i = 0; i < arraysize(bad_usages); ++i) { |
| 1010 SCOPED_TRACE(i); | 1010 SCOPED_TRACE(i); |
| 1011 | 1011 |
| 1012 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1012 blink::WebCryptoKey public_key; |
| 1013 ASSERT_EQ(Status::ErrorCreateKeyBadUsages(), | 1013 ASSERT_EQ(Status::ErrorCreateKeyBadUsages(), |
| 1014 ImportKeyJwkFromDict( | 1014 ImportKeyJwkFromDict( |
| 1015 dict, algorithm, false, bad_usages[i], &public_key)); | 1015 dict, algorithm, false, bad_usages[i], &public_key)); |
| 1016 } | 1016 } |
| 1017 } | 1017 } |
| 1018 | 1018 |
| 1019 // Generate an RSA-SSA key pair with invalid usages. RSA-SSA supports: | 1019 // Generate an RSA-SSA key pair with invalid usages. RSA-SSA supports: |
| 1020 // 'sign', 'verify' | 1020 // 'sign', 'verify' |
| 1021 TEST(WebCryptoRsaSsaTest, GenerateKeyBadUsages) { | 1021 TEST(WebCryptoRsaSsaTest, GenerateKeyBadUsages) { |
| 1022 blink::WebCryptoKeyUsageMask bad_usages[] = { | 1022 blink::WebCryptoKeyUsageMask bad_usages[] = { |
| 1023 blink::WebCryptoKeyUsageDecrypt, | 1023 blink::WebCryptoKeyUsageDecrypt, |
| 1024 blink::WebCryptoKeyUsageVerify | blink::WebCryptoKeyUsageDecrypt, | 1024 blink::WebCryptoKeyUsageVerify | blink::WebCryptoKeyUsageDecrypt, |
| 1025 blink::WebCryptoKeyUsageWrapKey, | 1025 blink::WebCryptoKeyUsageWrapKey, |
| 1026 }; | 1026 }; |
| 1027 | 1027 |
| 1028 const unsigned int modulus_length = 256; | 1028 const unsigned int modulus_length = 256; |
| 1029 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); | 1029 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); |
| 1030 | 1030 |
| 1031 for (size_t i = 0; i < arraysize(bad_usages); ++i) { | 1031 for (size_t i = 0; i < arraysize(bad_usages); ++i) { |
| 1032 SCOPED_TRACE(i); | 1032 SCOPED_TRACE(i); |
| 1033 | 1033 |
| 1034 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1034 blink::WebCryptoKey public_key; |
| 1035 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 1035 blink::WebCryptoKey private_key; |
| 1036 | 1036 |
| 1037 ASSERT_EQ(Status::ErrorCreateKeyBadUsages(), | 1037 ASSERT_EQ(Status::ErrorCreateKeyBadUsages(), |
| 1038 GenerateKeyPair(CreateRsaHashedKeyGenAlgorithm( | 1038 GenerateKeyPair(CreateRsaHashedKeyGenAlgorithm( |
| 1039 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1039 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 1040 blink::WebCryptoAlgorithmIdSha256, | 1040 blink::WebCryptoAlgorithmIdSha256, |
| 1041 modulus_length, | 1041 modulus_length, |
| 1042 public_exponent), | 1042 public_exponent), |
| 1043 true, | 1043 true, |
| 1044 bad_usages[i], | 1044 bad_usages[i], |
| 1045 &public_key, | 1045 &public_key, |
| 1046 &private_key)); | 1046 &private_key)); |
| 1047 } | 1047 } |
| 1048 } | 1048 } |
| 1049 | 1049 |
| 1050 // Generate an RSA-SSA key pair. The public and private keys should select the | 1050 // Generate an RSA-SSA key pair. The public and private keys should select the |
| 1051 // key usages which are applicable, and not have the exact same usages as was | 1051 // key usages which are applicable, and not have the exact same usages as was |
| 1052 // specified to GenerateKey | 1052 // specified to GenerateKey |
| 1053 TEST(WebCryptoRsaSsaTest, GenerateKeyPairIntersectUsages) { | 1053 TEST(WebCryptoRsaSsaTest, GenerateKeyPairIntersectUsages) { |
| 1054 const unsigned int modulus_length = 256; | 1054 const unsigned int modulus_length = 256; |
| 1055 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); | 1055 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); |
| 1056 | 1056 |
| 1057 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1057 blink::WebCryptoKey public_key; |
| 1058 blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); | 1058 blink::WebCryptoKey private_key; |
| 1059 | 1059 |
| 1060 ASSERT_EQ(Status::Success(), | 1060 ASSERT_EQ(Status::Success(), |
| 1061 GenerateKeyPair( | 1061 GenerateKeyPair( |
| 1062 CreateRsaHashedKeyGenAlgorithm( | 1062 CreateRsaHashedKeyGenAlgorithm( |
| 1063 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1063 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 1064 blink::WebCryptoAlgorithmIdSha256, | 1064 blink::WebCryptoAlgorithmIdSha256, |
| 1065 modulus_length, | 1065 modulus_length, |
| 1066 public_exponent), | 1066 public_exponent), |
| 1067 true, | 1067 true, |
| 1068 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, | 1068 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1105 | 1105 |
| 1106 for (size_t test_index = 0; test_index < arraysize(kTests); ++test_index) { | 1106 for (size_t test_index = 0; test_index < arraysize(kTests); ++test_index) { |
| 1107 SCOPED_TRACE(test_index); | 1107 SCOPED_TRACE(test_index); |
| 1108 const TestCase& test = kTests[test_index]; | 1108 const TestCase& test = kTests[test_index]; |
| 1109 | 1109 |
| 1110 const blink::WebCryptoAlgorithm import_algorithm = | 1110 const blink::WebCryptoAlgorithm import_algorithm = |
| 1111 CreateRsaHashedImportAlgorithm( | 1111 CreateRsaHashedImportAlgorithm( |
| 1112 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, test.hash); | 1112 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, test.hash); |
| 1113 | 1113 |
| 1114 // Import the spki to create a public key | 1114 // Import the spki to create a public key |
| 1115 blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); | 1115 blink::WebCryptoKey public_key; |
| 1116 ASSERT_EQ(Status::Success(), | 1116 ASSERT_EQ(Status::Success(), |
| 1117 ImportKey(blink::WebCryptoKeyFormatSpki, | 1117 ImportKey(blink::WebCryptoKeyFormatSpki, |
| 1118 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), | 1118 CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)), |
| 1119 import_algorithm, | 1119 import_algorithm, |
| 1120 true, | 1120 true, |
| 1121 test.usage, | 1121 test.usage, |
| 1122 &public_key)); | 1122 &public_key)); |
| 1123 | 1123 |
| 1124 // Export the public key as JWK and verify its contents | 1124 // Export the public key as JWK and verify its contents |
| 1125 std::vector<uint8_t> jwk; | 1125 std::vector<uint8_t> jwk; |
| 1126 ASSERT_EQ(Status::Success(), | 1126 ASSERT_EQ(Status::Success(), |
| 1127 ExportKey(blink::WebCryptoKeyFormatJwk, public_key, &jwk)); | 1127 ExportKey(blink::WebCryptoKeyFormatJwk, public_key, &jwk)); |
| 1128 EXPECT_TRUE(VerifyPublicJwk(jwk, | 1128 EXPECT_TRUE(VerifyPublicJwk(jwk, |
| 1129 test.jwk_alg, | 1129 test.jwk_alg, |
| 1130 kPublicKeyModulusHex, | 1130 kPublicKeyModulusHex, |
| 1131 kPublicKeyExponentHex, | 1131 kPublicKeyExponentHex, |
| 1132 test.usage)); | 1132 test.usage)); |
| 1133 | 1133 |
| 1134 // Import the JWK back in to create a new key | 1134 // Import the JWK back in to create a new key |
| 1135 blink::WebCryptoKey public_key2 = blink::WebCryptoKey::createNull(); | 1135 blink::WebCryptoKey public_key2; |
| 1136 ASSERT_EQ(Status::Success(), | 1136 ASSERT_EQ(Status::Success(), |
| 1137 ImportKey(blink::WebCryptoKeyFormatJwk, | 1137 ImportKey(blink::WebCryptoKeyFormatJwk, |
| 1138 CryptoData(jwk), | 1138 CryptoData(jwk), |
| 1139 import_algorithm, | 1139 import_algorithm, |
| 1140 true, | 1140 true, |
| 1141 test.usage, | 1141 test.usage, |
| 1142 &public_key2)); | 1142 &public_key2)); |
| 1143 ASSERT_TRUE(public_key2.handle()); | 1143 ASSERT_TRUE(public_key2.handle()); |
| 1144 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key2.type()); | 1144 EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key2.type()); |
| 1145 EXPECT_TRUE(public_key2.extractable()); | 1145 EXPECT_TRUE(public_key2.extractable()); |
| 1146 EXPECT_EQ(import_algorithm.id(), public_key2.algorithm().id()); | 1146 EXPECT_EQ(import_algorithm.id(), public_key2.algorithm().id()); |
| 1147 | 1147 |
| 1148 // Export the new key as spki and compare to the original. | 1148 // Export the new key as spki and compare to the original. |
| 1149 std::vector<uint8_t> spki; | 1149 std::vector<uint8_t> spki; |
| 1150 ASSERT_EQ(Status::Success(), | 1150 ASSERT_EQ(Status::Success(), |
| 1151 ExportKey(blink::WebCryptoKeyFormatSpki, public_key2, &spki)); | 1151 ExportKey(blink::WebCryptoKeyFormatSpki, public_key2, &spki)); |
| 1152 EXPECT_BYTES_EQ_HEX(kPublicKeySpkiDerHex, CryptoData(spki)); | 1152 EXPECT_BYTES_EQ_HEX(kPublicKeySpkiDerHex, CryptoData(spki)); |
| 1153 } | 1153 } |
| 1154 } | 1154 } |
| 1155 | 1155 |
| 1156 TEST(WebCryptoRsaSsaTest, ImportJwkRsaFailures) { | 1156 TEST(WebCryptoRsaSsaTest, ImportJwkRsaFailures) { |
| 1157 base::DictionaryValue dict; | 1157 base::DictionaryValue dict; |
| 1158 RestoreJwkRsaDictionary(&dict); | 1158 RestoreJwkRsaDictionary(&dict); |
| 1159 blink::WebCryptoAlgorithm algorithm = | 1159 blink::WebCryptoAlgorithm algorithm = |
| 1160 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 1160 CreateRsaHashedImportAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
| 1161 blink::WebCryptoAlgorithmIdSha256); | 1161 blink::WebCryptoAlgorithmIdSha256); |
| 1162 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageVerify; | 1162 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageVerify; |
| 1163 blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); | 1163 blink::WebCryptoKey key; |
| 1164 | 1164 |
| 1165 // An RSA public key JWK _must_ have an "n" (modulus) and an "e" (exponent) | 1165 // An RSA public key JWK _must_ have an "n" (modulus) and an "e" (exponent) |
| 1166 // entry, while an RSA private key must have those plus at least a "d" | 1166 // entry, while an RSA private key must have those plus at least a "d" |
| 1167 // (private exponent) entry. | 1167 // (private exponent) entry. |
| 1168 // See http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-18, | 1168 // See http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-18, |
| 1169 // section 6.3. | 1169 // section 6.3. |
| 1170 | 1170 |
| 1171 // Baseline pass. | 1171 // Baseline pass. |
| 1172 EXPECT_EQ(Status::Success(), | 1172 EXPECT_EQ(Status::Success(), |
| 1173 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1173 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
| (...skipping 25 matching lines...) Expand all Loading... |
| 1199 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); | 1199 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key)); |
| 1200 RestoreJwkRsaDictionary(&dict); | 1200 RestoreJwkRsaDictionary(&dict); |
| 1201 } | 1201 } |
| 1202 } | 1202 } |
| 1203 | 1203 |
| 1204 } // namespace | 1204 } // namespace |
| 1205 | 1205 |
| 1206 } // namespace webcrypto | 1206 } // namespace webcrypto |
| 1207 | 1207 |
| 1208 } // namespace content | 1208 } // namespace content |
| OLD | NEW |