components/webcrypto/algorithms/aes_ctr_unittest.cc

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "base/stl_util.h"
   6 #include "components/webcrypto/algorithm_dispatch.h"
   7 #include "components/webcrypto/algorithms/test_helpers.h"
   8 #include "components/webcrypto/crypto_data.h"
   9 #include "components/webcrypto/status.h"
  10 #include "components/webcrypto/webcrypto_util.h"
  11 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"
  12 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h"
  13
  14 namespace webcrypto {
  15
  16 namespace {
  17
  18 // Creates an AES-CTR algorithm for encryption/decryption.
  19 blink::WebCryptoAlgorithm CreateAesCtrAlgorithm(
  20     const std::vector<uint8_t>& counter,
  21     uint8_t length_bits) {
  22   return blink::WebCryptoAlgorithm::adoptParamsAndCreate(
  23       blink::WebCryptoAlgorithmIdAesCtr,
  24       new blink::WebCryptoAesCtrParams(
  25           length_bits, vector_as_array(&counter),
  26           static_cast<unsigned int>(counter.size())));
  27 }
  28
  29 class WebCryptoAesCtrTest : public WebCryptoTestBase {};
  30
  31 TEST_F(WebCryptoAesCtrTest, EncryptDecryptKnownAnswer) {
  32   scoped_ptr<base::ListValue> tests;
  33   ASSERT_TRUE(ReadJsonTestFileToList("aes_ctr.json", &tests));
  34
  35   for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) {
  36     SCOPED_TRACE(test_index);
  37     base::DictionaryValue* test;
  38     ASSERT_TRUE(tests->GetDictionary(test_index, &test));
  39
  40     std::vector<uint8_t> test_key = GetBytesFromHexString(test, "key");
  41     std::vector<uint8_t> test_counter = GetBytesFromHexString(test, "counter");
  42     int counter_length_bits = 0;
  43     ASSERT_TRUE(test->GetInteger("length", &counter_length_bits));
  44
  45     std::vector<uint8_t> test_plain_text =
  46         GetBytesFromHexString(test, "plain_text");
  47     std::vector<uint8_t> test_cipher_text =
  48         GetBytesFromHexString(test, "cipher_text");
  49
  50     blink::WebCryptoKey key = ImportSecretKeyFromRaw(
  51         test_key, CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCtr),
  52         blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt);
  53
  54     EXPECT_EQ(test_key.size() * 8, key.algorithm().aesParams()->lengthBits());
  55
  56     std::vector<uint8_t> output;
  57
  58     // Test encryption.
  59     EXPECT_EQ(Status::Success(),
  60               Encrypt(CreateAesCtrAlgorithm(test_counter, counter_length_bits),
  61                       key, CryptoData(test_plain_text), &output));
  62     EXPECT_BYTES_EQ(test_cipher_text, output);
  63
  64     // Test decryption.
  65     EXPECT_EQ(Status::Success(),
  66               Decrypt(CreateAesCtrAlgorithm(test_counter, counter_length_bits),
  67                       key, CryptoData(test_cipher_text), &output));
  68     EXPECT_BYTES_EQ(test_plain_text, output);
  69   }
  70 }
  71
  72 // The counter block must be exactly 16 bytes.
  73 TEST_F(WebCryptoAesCtrTest, InvalidCounterBlockLength) {
  74   const unsigned int kBadCounterBlockLengthBytes[] = {0, 15, 17};
  75
  76   blink::WebCryptoKey key = ImportSecretKeyFromRaw(
  77       std::vector<uint8>(16),  // 128-bit key of all zeros.
  78       CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCtr),
  79       blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt);
  80
  81   std::vector<uint8_t> input(32);
  82   std::vector<uint8_t> output;
  83
  84   for (size_t i = 0; i < arraysize(kBadCounterBlockLengthBytes); ++i) {
  85     std::vector<uint8_t> bad_counter(kBadCounterBlockLengthBytes[i]);
  86
  87     EXPECT_EQ(Status::ErrorIncorrectSizeAesCtrCounter(),
  88               Encrypt(CreateAesCtrAlgorithm(bad_counter, 128), key,
  89                       CryptoData(input), &output));
  90
  91     EXPECT_EQ(Status::ErrorIncorrectSizeAesCtrCounter(),
  92               Decrypt(CreateAesCtrAlgorithm(bad_counter, 128), key,
  93                       CryptoData(input), &output));
  94   }
  95 }
  96
  97 // The counter length cannot be less than 1 or greater than 128.
  98 TEST_F(WebCryptoAesCtrTest, InvalidCounterLength) {
  99   const uint8_t kBadCounterLengthBits[] = {0, 129};
 100
 101   blink::WebCryptoKey key = ImportSecretKeyFromRaw(
 102       std::vector<uint8>(16),  // 128-bit key of all zeros.
 103       CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCtr),
 104       blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt);
 105
 106   std::vector<uint8_t> counter(16);
 107   std::vector<uint8_t> input(32);
 108   std::vector<uint8_t> output;
 109
 110   for (size_t i = 0; i < arraysize(kBadCounterLengthBits); ++i) {
 111     uint8_t bad_counter_length_bits = kBadCounterLengthBits[i];
 112
 113     EXPECT_EQ(Status::ErrorInvalidAesCtrCounterLength(),
 114               Encrypt(CreateAesCtrAlgorithm(counter, bad_counter_length_bits),
 115                       key, CryptoData(input), &output));
 116
 117     EXPECT_EQ(Status::ErrorInvalidAesCtrCounterLength(),
 118               Decrypt(CreateAesCtrAlgorithm(counter, bad_counter_length_bits),
 119                       key, CryptoData(input), &output));
 120   }
 121 }
 122
 123 // Tests wrap-around using a 4-bit counter.
 124 //
 125 // Wrap-around is allowed, however if the counter repeats itself an error should
 126 // be thrown.
 127 //
 128 // Using a 4-bit counter it is possible to encrypt 16 blocks. However the 17th
 129 // block would end up wrapping back to the starting value.
 130 TEST_F(WebCryptoAesCtrTest, OverflowAndRepeatCounter) {
 131   const uint8_t kCounterLengthBits = 4;
 132   const uint8_t kStartCounter[] = {0, 1, 15};
 133
 134   blink::WebCryptoKey key = ImportSecretKeyFromRaw(
 135       std::vector<uint8>(16),  // 128-bit key of all zeros.
 136       CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCtr),
 137       blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt);
 138
 139   std::vector<uint8_t> buffer(272);
 140
 141   // 16 and 17 AES blocks worth of data respectively (AES blocks are 16 bytes
 142   // long).
 143   CryptoData input_16(vector_as_array(&buffer), 256);
 144   CryptoData input_17(vector_as_array(&buffer), 272);
 145
 146   std::vector<uint8_t> output;
 147
 148   for (size_t i = 0; i < arraysize(kStartCounter); ++i) {
 149     std::vector<uint8_t> counter(16);
 150     counter[15] = kStartCounter[i];
 151
 152     // Baseline test: Encrypting 16 blocks should work (don't bother to check
 153     // output, the known answer tests already do that).
 154     EXPECT_EQ(Status::Success(),
 155               Encrypt(CreateAesCtrAlgorithm(counter, kCounterLengthBits), key,
 156                       input_16, &output));
 157
 158     // Encrypting/Decrypting 17 however should fail.
 159     EXPECT_EQ(Status::ErrorAesCtrInputTooLongCounterRepeated(),
 160               Encrypt(CreateAesCtrAlgorithm(counter, kCounterLengthBits), key,
 161                       input_17, &output));
 162     EXPECT_EQ(Status::ErrorAesCtrInputTooLongCounterRepeated(),
 163               Decrypt(CreateAesCtrAlgorithm(counter, kCounterLengthBits), key,
 164                       input_17, &output));
 165   }
 166 }
 167
 168 }  // namespace
 169
 170 }  // namespace webcrypto