OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "base/stl_util.h" | 5 #include "base/stl_util.h" |
6 #include "content/child/webcrypto/algorithm_dispatch.h" | 6 #include "content/child/webcrypto/algorithm_dispatch.h" |
7 #include "content/child/webcrypto/crypto_data.h" | 7 #include "content/child/webcrypto/crypto_data.h" |
8 #include "content/child/webcrypto/status.h" | 8 #include "content/child/webcrypto/status.h" |
9 #include "content/child/webcrypto/test/test_helpers.h" | 9 #include "content/child/webcrypto/test/test_helpers.h" |
10 #include "content/child/webcrypto/webcrypto_util.h" | 10 #include "content/child/webcrypto/webcrypto_util.h" |
(...skipping 155 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
166 blink::WebCryptoKey key; | 166 blink::WebCryptoKey key; |
167 | 167 |
168 std::vector<std::vector<uint8_t>> keys; | 168 std::vector<std::vector<uint8_t>> keys; |
169 std::vector<uint8_t> key_bytes; | 169 std::vector<uint8_t> key_bytes; |
170 | 170 |
171 // Generate a small sample of keys. | 171 // Generate a small sample of keys. |
172 for (int j = 0; j < 16; ++j) { | 172 for (int j = 0; j < 16; ++j) { |
173 ASSERT_EQ(Status::Success(), | 173 ASSERT_EQ(Status::Success(), |
174 GenerateSecretKey( | 174 GenerateSecretKey( |
175 CreateAesCbcKeyGenAlgorithm(kKeyLength[key_length_i]), true, | 175 CreateAesCbcKeyGenAlgorithm(kKeyLength[key_length_i]), true, |
176 0, &key)); | 176 blink::WebCryptoKeyUsageEncrypt, &key)); |
177 EXPECT_TRUE(key.handle()); | 177 EXPECT_TRUE(key.handle()); |
178 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 178 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
179 ASSERT_EQ(Status::Success(), | 179 ASSERT_EQ(Status::Success(), |
180 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_bytes)); | 180 ExportKey(blink::WebCryptoKeyFormatRaw, key, &key_bytes)); |
181 EXPECT_EQ(key_bytes.size() * 8, | 181 EXPECT_EQ(key_bytes.size() * 8, |
182 key.algorithm().aesParams()->lengthBits()); | 182 key.algorithm().aesParams()->lengthBits()); |
183 keys.push_back(key_bytes); | 183 keys.push_back(key_bytes); |
184 } | 184 } |
185 // Ensure all entries in the key sample set are unique. This is a simplistic | 185 // Ensure all entries in the key sample set are unique. This is a simplistic |
186 // estimate of whether the generated keys appear random. | 186 // estimate of whether the generated keys appear random. |
(...skipping 269 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
456 SCOPED_TRACE(i); | 456 SCOPED_TRACE(i); |
457 | 457 |
458 blink::WebCryptoKey key; | 458 blink::WebCryptoKey key; |
459 | 459 |
460 ASSERT_EQ(Status::ErrorCreateKeyBadUsages(), | 460 ASSERT_EQ(Status::ErrorCreateKeyBadUsages(), |
461 GenerateSecretKey(CreateAesCbcKeyGenAlgorithm(128), true, | 461 GenerateSecretKey(CreateAesCbcKeyGenAlgorithm(128), true, |
462 bad_usages[i], &key)); | 462 bad_usages[i], &key)); |
463 } | 463 } |
464 } | 464 } |
465 | 465 |
| 466 // Generate an AES-CBC key with no usages. |
| 467 TEST(WebCryptoAesCbcTest, GenerateKeyEmptyUsages) { |
| 468 blink::WebCryptoKey key; |
| 469 |
| 470 ASSERT_EQ(Status::ErrorCreateKeyEmptyUsages(), |
| 471 GenerateSecretKey(CreateAesCbcKeyGenAlgorithm(128), true, 0, &key)); |
| 472 } |
| 473 |
466 // Generate an AES-CBC key and an RSA key pair. Use the AES-CBC key to wrap the | 474 // Generate an AES-CBC key and an RSA key pair. Use the AES-CBC key to wrap the |
467 // key pair (using SPKI format for public key, PKCS8 format for private key). | 475 // key pair (using SPKI format for public key, PKCS8 format for private key). |
468 // Then unwrap the wrapped key pair and verify that the key data is the same. | 476 // Then unwrap the wrapped key pair and verify that the key data is the same. |
469 TEST(WebCryptoAesCbcTest, WrapUnwrapRoundtripSpkiPkcs8) { | 477 TEST(WebCryptoAesCbcTest, WrapUnwrapRoundtripSpkiPkcs8) { |
470 if (!SupportsRsaPrivateKeyImport()) | 478 if (!SupportsRsaPrivateKeyImport()) |
471 return; | 479 return; |
472 | 480 |
473 // Generate the wrapping key. | 481 // Generate the wrapping key. |
474 blink::WebCryptoKey wrapping_key; | 482 blink::WebCryptoKey wrapping_key; |
475 ASSERT_EQ(Status::Success(), | 483 ASSERT_EQ(Status::Success(), |
476 GenerateSecretKey(CreateAesCbcKeyGenAlgorithm(128), true, | 484 GenerateSecretKey(CreateAesCbcKeyGenAlgorithm(128), true, |
477 blink::WebCryptoKeyUsageWrapKey | | 485 blink::WebCryptoKeyUsageWrapKey | |
478 blink::WebCryptoKeyUsageUnwrapKey, | 486 blink::WebCryptoKeyUsageUnwrapKey, |
479 &wrapping_key)); | 487 &wrapping_key)); |
480 | 488 |
481 // Generate an RSA key pair to be wrapped. | 489 // Generate an RSA key pair to be wrapped. |
482 const unsigned int modulus_length = 256; | 490 const unsigned int modulus_length = 256; |
483 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); | 491 const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); |
484 | 492 |
485 blink::WebCryptoKey public_key; | 493 blink::WebCryptoKey public_key; |
486 blink::WebCryptoKey private_key; | 494 blink::WebCryptoKey private_key; |
487 ASSERT_EQ(Status::Success(), | 495 ASSERT_EQ(Status::Success(), |
488 GenerateKeyPair(CreateRsaHashedKeyGenAlgorithm( | 496 GenerateKeyPair(CreateRsaHashedKeyGenAlgorithm( |
489 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, | 497 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
490 blink::WebCryptoAlgorithmIdSha256, | 498 blink::WebCryptoAlgorithmIdSha256, |
491 modulus_length, public_exponent), | 499 modulus_length, public_exponent), |
492 true, 0, &public_key, &private_key)); | 500 true, blink::WebCryptoKeyUsageSign, &public_key, |
| 501 &private_key)); |
493 | 502 |
494 // Export key pair as SPKI + PKCS8 | 503 // Export key pair as SPKI + PKCS8 |
495 std::vector<uint8_t> public_key_spki; | 504 std::vector<uint8_t> public_key_spki; |
496 ASSERT_EQ(Status::Success(), ExportKey(blink::WebCryptoKeyFormatSpki, | 505 ASSERT_EQ(Status::Success(), ExportKey(blink::WebCryptoKeyFormatSpki, |
497 public_key, &public_key_spki)); | 506 public_key, &public_key_spki)); |
498 | 507 |
499 std::vector<uint8_t> private_key_pkcs8; | 508 std::vector<uint8_t> private_key_pkcs8; |
500 ASSERT_EQ(Status::Success(), ExportKey(blink::WebCryptoKeyFormatPkcs8, | 509 ASSERT_EQ(Status::Success(), ExportKey(blink::WebCryptoKeyFormatPkcs8, |
501 private_key, &private_key_pkcs8)); | 510 private_key, &private_key_pkcs8)); |
502 | 511 |
(...skipping 22 matching lines...) Expand all Loading... |
525 Status::Success(), | 534 Status::Success(), |
526 UnwrapKey(blink::WebCryptoKeyFormatSpki, CryptoData(wrapped_public_key), | 535 UnwrapKey(blink::WebCryptoKeyFormatSpki, CryptoData(wrapped_public_key), |
527 wrapping_key, wrap_algorithm, rsa_import_algorithm, true, 0, | 536 wrapping_key, wrap_algorithm, rsa_import_algorithm, true, 0, |
528 &unwrapped_public_key)); | 537 &unwrapped_public_key)); |
529 | 538 |
530 blink::WebCryptoKey unwrapped_private_key; | 539 blink::WebCryptoKey unwrapped_private_key; |
531 | 540 |
532 ASSERT_EQ( | 541 ASSERT_EQ( |
533 Status::Success(), | 542 Status::Success(), |
534 UnwrapKey(blink::WebCryptoKeyFormatPkcs8, CryptoData(wrapped_private_key), | 543 UnwrapKey(blink::WebCryptoKeyFormatPkcs8, CryptoData(wrapped_private_key), |
535 wrapping_key, wrap_algorithm, rsa_import_algorithm, true, 0, | 544 wrapping_key, wrap_algorithm, rsa_import_algorithm, true, |
536 &unwrapped_private_key)); | 545 blink::WebCryptoKeyUsageSign, &unwrapped_private_key)); |
537 | 546 |
538 // Export unwrapped key pair as SPKI + PKCS8 | 547 // Export unwrapped key pair as SPKI + PKCS8 |
539 std::vector<uint8_t> unwrapped_public_key_spki; | 548 std::vector<uint8_t> unwrapped_public_key_spki; |
540 ASSERT_EQ(Status::Success(), | 549 ASSERT_EQ(Status::Success(), |
541 ExportKey(blink::WebCryptoKeyFormatSpki, unwrapped_public_key, | 550 ExportKey(blink::WebCryptoKeyFormatSpki, unwrapped_public_key, |
542 &unwrapped_public_key_spki)); | 551 &unwrapped_public_key_spki)); |
543 | 552 |
544 std::vector<uint8_t> unwrapped_private_key_pkcs8; | 553 std::vector<uint8_t> unwrapped_private_key_pkcs8; |
545 ASSERT_EQ(Status::Success(), | 554 ASSERT_EQ(Status::Success(), |
546 ExportKey(blink::WebCryptoKeyFormatPkcs8, unwrapped_private_key, | 555 ExportKey(blink::WebCryptoKeyFormatPkcs8, unwrapped_private_key, |
547 &unwrapped_private_key_pkcs8)); | 556 &unwrapped_private_key_pkcs8)); |
548 | 557 |
549 EXPECT_EQ(public_key_spki, unwrapped_public_key_spki); | 558 EXPECT_EQ(public_key_spki, unwrapped_public_key_spki); |
550 EXPECT_EQ(private_key_pkcs8, unwrapped_private_key_pkcs8); | 559 EXPECT_EQ(private_key_pkcs8, unwrapped_private_key_pkcs8); |
551 | 560 |
552 EXPECT_NE(public_key_spki, wrapped_public_key); | 561 EXPECT_NE(public_key_spki, wrapped_public_key); |
553 EXPECT_NE(private_key_pkcs8, wrapped_private_key); | 562 EXPECT_NE(private_key_pkcs8, wrapped_private_key); |
554 } | 563 } |
555 | 564 |
556 } // namespace | 565 } // namespace |
557 | 566 |
558 } // namespace webcrypto | 567 } // namespace webcrypto |
559 | 568 |
560 } // namespace content | 569 } // namespace content |
OLD | NEW |