Index: content/child/webcrypto/test/rsa_ssa_unittest.cc |
diff --git a/content/child/webcrypto/test/rsa_ssa_unittest.cc b/content/child/webcrypto/test/rsa_ssa_unittest.cc |
index 0f3725356cb6e6dc3b6bd3bd938027125dcd0c0f..1733ae78e3a9ce92aef0d0e05bb9d6edd9f4399b 100644 |
--- a/content/child/webcrypto/test/rsa_ssa_unittest.cc |
+++ b/content/child/webcrypto/test/rsa_ssa_unittest.cc |
@@ -318,14 +318,18 @@ TEST(WebCryptoRsaSsaTest, GenerateKeyPairRsa) { |
blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
blink::WebCryptoAlgorithmIdSha256, modulus_length, public_exponent); |
bool extractable = true; |
- const blink::WebCryptoKeyUsageMask usages = 0; |
+ const blink::WebCryptoKeyUsageMask public_usages = |
+ blink::WebCryptoKeyUsageVerify; |
+ const blink::WebCryptoKeyUsageMask private_usages = |
+ blink::WebCryptoKeyUsageSign; |
+ const blink::WebCryptoKeyUsageMask usages = public_usages | private_usages; |
blink::WebCryptoKey public_key; |
blink::WebCryptoKey private_key; |
EXPECT_EQ(Status::Success(), GenerateKeyPair(algorithm, extractable, usages, |
&public_key, &private_key)); |
- EXPECT_FALSE(public_key.isNull()); |
- EXPECT_FALSE(private_key.isNull()); |
+ ASSERT_FALSE(public_key.isNull()); |
+ ASSERT_FALSE(private_key.isNull()); |
EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
EXPECT_EQ(modulus_length, |
@@ -338,8 +342,8 @@ TEST(WebCryptoRsaSsaTest, GenerateKeyPairRsa) { |
private_key.algorithm().rsaHashedParams()->hash().id()); |
EXPECT_TRUE(public_key.extractable()); |
EXPECT_EQ(extractable, private_key.extractable()); |
- EXPECT_EQ(usages, public_key.usages()); |
- EXPECT_EQ(usages, private_key.usages()); |
+ EXPECT_EQ(public_usages, public_key.usages()); |
+ EXPECT_EQ(private_usages, private_key.usages()); |
// Try exporting the generated key pair, and then re-importing to verify that |
// the exported data was valid. |
@@ -349,13 +353,13 @@ TEST(WebCryptoRsaSsaTest, GenerateKeyPairRsa) { |
if (SupportsRsaPrivateKeyImport()) { |
public_key = blink::WebCryptoKey::createNull(); |
- EXPECT_EQ( |
+ ASSERT_EQ( |
Status::Success(), |
ImportKey(blink::WebCryptoKeyFormatSpki, CryptoData(public_key_spki), |
CreateRsaHashedImportAlgorithm( |
blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
blink::WebCryptoAlgorithmIdSha256), |
- true, usages, &public_key)); |
+ true, public_usages, &public_key)); |
EXPECT_EQ(modulus_length, |
public_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
@@ -363,13 +367,13 @@ TEST(WebCryptoRsaSsaTest, GenerateKeyPairRsa) { |
EXPECT_EQ(Status::Success(), ExportKey(blink::WebCryptoKeyFormatPkcs8, |
private_key, &private_key_pkcs8)); |
private_key = blink::WebCryptoKey::createNull(); |
- EXPECT_EQ( |
+ ASSERT_EQ( |
Status::Success(), |
ImportKey(blink::WebCryptoKeyFormatPkcs8, CryptoData(private_key_pkcs8), |
CreateRsaHashedImportAlgorithm( |
blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
blink::WebCryptoAlgorithmIdSha256), |
- true, usages, &private_key)); |
+ true, private_usages, &private_key)); |
EXPECT_EQ(modulus_length, |
private_key.algorithm().rsaHashedParams()->modulusLengthBits()); |
} |
@@ -415,10 +419,11 @@ TEST(WebCryptoRsaSsaTest, GenerateKeyPairRsa) { |
exponent_with_leading_zeros.insert(exponent_with_leading_zeros.end(), |
public_exponent.begin(), |
public_exponent.end()); |
- algorithm = CreateRsaHashedKeyGenAlgorithm( |
- blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
- blink::WebCryptoAlgorithmIdSha256, modulus_length, |
- exponent_with_leading_zeros); |
+ algorithm = |
+ CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
+ blink::WebCryptoAlgorithmIdSha256, |
+ modulus_length, |
+ exponent_with_leading_zeros); |
EXPECT_EQ(Status::Success(), GenerateKeyPair(algorithm, extractable, usages, |
&public_key, &private_key)); |
EXPECT_FALSE(public_key.isNull()); |
@@ -427,15 +432,18 @@ TEST(WebCryptoRsaSsaTest, GenerateKeyPairRsa) { |
EXPECT_EQ(blink::WebCryptoKeyTypePrivate, private_key.type()); |
EXPECT_TRUE(public_key.extractable()); |
EXPECT_EQ(extractable, private_key.extractable()); |
- EXPECT_EQ(usages, public_key.usages()); |
- EXPECT_EQ(usages, private_key.usages()); |
+ EXPECT_EQ(public_usages, public_key.usages()); |
+ EXPECT_EQ(private_usages, private_key.usages()); |
// Successful WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 key generation (sha1) |
- algorithm = CreateRsaHashedKeyGenAlgorithm( |
- blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
- blink::WebCryptoAlgorithmIdSha1, modulus_length, public_exponent); |
- EXPECT_EQ(Status::Success(), GenerateKeyPair(algorithm, false, usages, |
- &public_key, &private_key)); |
+ algorithm = |
+ CreateRsaHashedKeyGenAlgorithm(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
+ blink::WebCryptoAlgorithmIdSha1, |
+ modulus_length, |
+ public_exponent); |
+ EXPECT_EQ( |
+ Status::Success(), |
+ GenerateKeyPair(algorithm, false, usages, &public_key, &private_key)); |
EXPECT_FALSE(public_key.isNull()); |
EXPECT_FALSE(private_key.isNull()); |
EXPECT_EQ(blink::WebCryptoKeyTypePublic, public_key.type()); |
@@ -452,8 +460,8 @@ TEST(WebCryptoRsaSsaTest, GenerateKeyPairRsa) { |
// extractable. |
EXPECT_TRUE(public_key.extractable()); |
EXPECT_FALSE(private_key.extractable()); |
- EXPECT_EQ(usages, public_key.usages()); |
- EXPECT_EQ(usages, private_key.usages()); |
+ EXPECT_EQ(public_usages, public_key.usages()); |
+ EXPECT_EQ(private_usages, private_key.usages()); |
// Exporting a private key as SPKI format doesn't make sense. However this |
// will first fail because the key is not extractable. |
@@ -488,7 +496,7 @@ TEST(WebCryptoRsaSsaTest, GenerateKeyPairRsaBadModulusLength) { |
blink::WebCryptoAlgorithmIdSha256, modulus_length_bits, |
public_exponent); |
bool extractable = true; |
- const blink::WebCryptoKeyUsageMask usages = 0; |
+ const blink::WebCryptoKeyUsageMask usages = blink::WebCryptoKeyUsageSign; |
blink::WebCryptoKey public_key; |
blink::WebCryptoKey private_key; |
@@ -524,7 +532,8 @@ TEST(WebCryptoRsaSsaTest, GenerateKeyPairRsaBadExponent) { |
blink::WebCryptoKey private_key; |
EXPECT_EQ(Status::ErrorGenerateKeyPublicExponent(), |
- GenerateKeyPair(algorithm, true, 0, &public_key, &private_key)); |
+ GenerateKeyPair(algorithm, true, blink::WebCryptoKeyUsageSign, |
+ &public_key, &private_key)); |
} |
} |
@@ -799,6 +808,21 @@ TEST(WebCryptoRsaSsaTest, GenerateKeyPairIntersectUsages) { |
EXPECT_EQ(blink::WebCryptoKeyUsageSign, private_key.usages()); |
} |
+TEST(WebCryptoRsaSsaTest, GenerateKeyPairEmptyUsages) { |
+ const unsigned int modulus_length = 256; |
+ const std::vector<uint8_t> public_exponent = HexStringToBytes("010001"); |
+ |
+ blink::WebCryptoKey public_key; |
+ blink::WebCryptoKey private_key; |
+ |
+ ASSERT_EQ(Status::ErrorCreateKeyEmptyUsages(), |
+ GenerateKeyPair(CreateRsaHashedKeyGenAlgorithm( |
+ blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
+ blink::WebCryptoAlgorithmIdSha256, |
+ modulus_length, public_exponent), |
+ true, 0, &public_key, &private_key)); |
+} |
+ |
TEST(WebCryptoRsaSsaTest, ImportExportJwkRsaPublicKey) { |
struct TestCase { |
const blink::WebCryptoAlgorithmId hash; |
@@ -949,12 +973,15 @@ TEST(WebCryptoRsaSsaTest, ImportInvalidKeyData) { |
std::string test_error; |
ASSERT_TRUE(test->GetString("error", &test_error)); |
+ blink::WebCryptoKeyUsageMask usages = blink::WebCryptoKeyUsageSign; |
+ if (key_format == blink::WebCryptoKeyFormatSpki) |
+ usages = blink::WebCryptoKeyUsageVerify; |
blink::WebCryptoKey key; |
Status status = ImportKey(key_format, CryptoData(key_data), |
CreateRsaHashedImportAlgorithm( |
blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, |
blink::WebCryptoAlgorithmIdSha256), |
- true, 0, &key); |
+ true, usages, &key); |
EXPECT_EQ(test_error, StatusToString(status)); |
} |
} |