1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "base/stl_util.h"
6 #include "components/webcrypto/algorithm_dispatch.h"
7 #include "components/webcrypto/algorithms/test_helpers.h"
8 #include "components/webcrypto/crypto_data.h"
9 #include "components/webcrypto/status.h"
10 #include "components/webcrypto/webcrypto_util.h"
11 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"
12 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h"
18 blink::WebCryptoAlgorithm
CreateAesKwKeyGenAlgorithm(
19 unsigned short key_length_bits
) {
20 return CreateAesKeyGenAlgorithm(blink::WebCryptoAlgorithmIdAesKw
,
24 class WebCryptoAesKwTest
: public WebCryptoTestBase
{};
26 TEST_F(WebCryptoAesKwTest
, GenerateKeyBadLength
) {
27 const unsigned short kKeyLen
[] = {0, 127, 257};
28 blink::WebCryptoKey key
;
29 for (size_t i
= 0; i
< arraysize(kKeyLen
); ++i
) {
31 EXPECT_EQ(Status::ErrorGenerateAesKeyLength(),
32 GenerateSecretKey(CreateAesKwKeyGenAlgorithm(kKeyLen
[i
]), true,
33 blink::WebCryptoKeyUsageWrapKey
, &key
));
37 TEST_F(WebCryptoAesKwTest
, GenerateKeyEmptyUsage
) {
38 blink::WebCryptoKey key
;
39 EXPECT_EQ(Status::ErrorCreateKeyEmptyUsages(),
40 GenerateSecretKey(CreateAesKwKeyGenAlgorithm(256), true, 0, &key
));
43 TEST_F(WebCryptoAesKwTest
, ImportKeyEmptyUsage
) {
44 blink::WebCryptoKey key
;
45 EXPECT_EQ(Status::ErrorCreateKeyEmptyUsages(),
46 ImportKey(blink::WebCryptoKeyFormatRaw
,
47 CryptoData(std::vector
<uint8_t>(16)),
48 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw
), true,
52 TEST_F(WebCryptoAesKwTest
, ImportKeyJwkKeyOpsWrapUnwrap
) {
53 blink::WebCryptoKey key
;
54 base::DictionaryValue dict
;
55 dict
.SetString("kty", "oct");
56 dict
.SetString("k", "GADWrMRHwQfoNaXU5fZvTg");
57 base::ListValue
* key_ops
= new base::ListValue
;
58 dict
.Set("key_ops", key_ops
); // Takes ownership.
60 key_ops
->AppendString("wrapKey");
62 EXPECT_EQ(Status::Success(),
64 dict
, CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw
), false,
65 blink::WebCryptoKeyUsageWrapKey
, &key
));
67 EXPECT_EQ(blink::WebCryptoKeyUsageWrapKey
, key
.usages());
69 key_ops
->AppendString("unwrapKey");
71 EXPECT_EQ(Status::Success(),
73 dict
, CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw
), false,
74 blink::WebCryptoKeyUsageUnwrapKey
, &key
));
76 EXPECT_EQ(blink::WebCryptoKeyUsageUnwrapKey
, key
.usages());
79 TEST_F(WebCryptoAesKwTest
, ImportExportJwk
) {
80 const blink::WebCryptoAlgorithm algorithm
=
81 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw
);
84 ImportExportJwkSymmetricKey(
86 blink::WebCryptoKeyUsageWrapKey
| blink::WebCryptoKeyUsageUnwrapKey
,
90 ImportExportJwkSymmetricKey(
92 blink::WebCryptoKeyUsageWrapKey
| blink::WebCryptoKeyUsageUnwrapKey
,
96 TEST_F(WebCryptoAesKwTest
, AesKwKeyImport
) {
97 blink::WebCryptoKey key
;
98 blink::WebCryptoAlgorithm algorithm
=
99 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw
);
101 // Import a 128-bit Key Encryption Key (KEK)
102 std::string key_raw_hex_in
= "025a8cf3f08b4f6c5f33bbc76a471939";
103 ASSERT_EQ(Status::Success(),
104 ImportKey(blink::WebCryptoKeyFormatRaw
,
105 CryptoData(HexStringToBytes(key_raw_hex_in
)), algorithm
,
106 true, blink::WebCryptoKeyUsageWrapKey
, &key
));
107 std::vector
<uint8_t> key_raw_out
;
108 EXPECT_EQ(Status::Success(),
109 ExportKey(blink::WebCryptoKeyFormatRaw
, key
, &key_raw_out
));
110 EXPECT_BYTES_EQ_HEX(key_raw_hex_in
, key_raw_out
);
112 // Import a 192-bit KEK
113 key_raw_hex_in
= "c0192c6466b2370decbb62b2cfef4384544ffeb4d2fbc103";
114 ASSERT_EQ(Status::ErrorAes192BitUnsupported(),
115 ImportKey(blink::WebCryptoKeyFormatRaw
,
116 CryptoData(HexStringToBytes(key_raw_hex_in
)), algorithm
,
117 true, blink::WebCryptoKeyUsageWrapKey
, &key
));
119 // Import a 256-bit Key Encryption Key (KEK)
121 "e11fe66380d90fa9ebefb74e0478e78f95664d0c67ca20ce4a0b5842863ac46f";
122 ASSERT_EQ(Status::Success(),
123 ImportKey(blink::WebCryptoKeyFormatRaw
,
124 CryptoData(HexStringToBytes(key_raw_hex_in
)), algorithm
,
125 true, blink::WebCryptoKeyUsageWrapKey
, &key
));
126 EXPECT_EQ(Status::Success(),
127 ExportKey(blink::WebCryptoKeyFormatRaw
, key
, &key_raw_out
));
128 EXPECT_BYTES_EQ_HEX(key_raw_hex_in
, key_raw_out
);
130 // Fail import of 0 length key
132 Status::ErrorImportAesKeyLength(),
133 ImportKey(blink::WebCryptoKeyFormatRaw
, CryptoData(HexStringToBytes("")),
134 algorithm
, true, blink::WebCryptoKeyUsageWrapKey
, &key
));
136 // Fail import of 124-bit KEK
137 key_raw_hex_in
= "3e4566a2bdaa10cb68134fa66c15ddb";
138 EXPECT_EQ(Status::ErrorImportAesKeyLength(),
139 ImportKey(blink::WebCryptoKeyFormatRaw
,
140 CryptoData(HexStringToBytes(key_raw_hex_in
)), algorithm
,
141 true, blink::WebCryptoKeyUsageWrapKey
, &key
));
143 // Fail import of 200-bit KEK
144 key_raw_hex_in
= "0a1d88608a5ad9fec64f1ada269ebab4baa2feeb8d95638c0e";
145 EXPECT_EQ(Status::ErrorImportAesKeyLength(),
146 ImportKey(blink::WebCryptoKeyFormatRaw
,
147 CryptoData(HexStringToBytes(key_raw_hex_in
)), algorithm
,
148 true, blink::WebCryptoKeyUsageWrapKey
, &key
));
150 // Fail import of 260-bit KEK
152 "72d4e475ff34215416c9ad9c8281247a4d730c5f275ac23f376e73e3bce8d7d5a";
153 EXPECT_EQ(Status::ErrorImportAesKeyLength(),
154 ImportKey(blink::WebCryptoKeyFormatRaw
,
155 CryptoData(HexStringToBytes(key_raw_hex_in
)), algorithm
,
156 true, blink::WebCryptoKeyUsageWrapKey
, &key
));
159 TEST_F(WebCryptoAesKwTest
, UnwrapFailures
) {
160 // This test exercises the code path common to all unwrap operations.
161 scoped_ptr
<base::ListValue
> tests
;
162 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests
));
163 base::DictionaryValue
* test
;
164 ASSERT_TRUE(tests
->GetDictionary(0, &test
));
165 const std::vector
<uint8_t> test_kek
= GetBytesFromHexString(test
, "kek");
166 const std::vector
<uint8_t> test_ciphertext
=
167 GetBytesFromHexString(test
, "ciphertext");
169 blink::WebCryptoKey unwrapped_key
;
171 // Using a wrapping algorithm that does not match the wrapping key algorithm
173 blink::WebCryptoKey wrapping_key
= ImportSecretKeyFromRaw(
174 test_kek
, CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw
),
175 blink::WebCryptoKeyUsageUnwrapKey
);
176 EXPECT_EQ(Status::ErrorUnexpected(),
177 UnwrapKey(blink::WebCryptoKeyFormatRaw
, CryptoData(test_ciphertext
),
179 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc
),
180 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc
), true,
181 blink::WebCryptoKeyUsageEncrypt
, &unwrapped_key
));
184 TEST_F(WebCryptoAesKwTest
, AesKwRawSymkeyWrapUnwrapKnownAnswer
) {
185 scoped_ptr
<base::ListValue
> tests
;
186 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests
));
188 for (size_t test_index
= 0; test_index
< tests
->GetSize(); ++test_index
) {
189 SCOPED_TRACE(test_index
);
190 base::DictionaryValue
* test
;
191 ASSERT_TRUE(tests
->GetDictionary(test_index
, &test
));
192 const std::vector
<uint8_t> test_kek
= GetBytesFromHexString(test
, "kek");
193 const std::vector
<uint8_t> test_key
= GetBytesFromHexString(test
, "key");
194 const std::vector
<uint8_t> test_ciphertext
=
195 GetBytesFromHexString(test
, "ciphertext");
196 const blink::WebCryptoAlgorithm wrapping_algorithm
=
197 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw
);
199 // Import the wrapping key.
200 blink::WebCryptoKey wrapping_key
= ImportSecretKeyFromRaw(
201 test_kek
, wrapping_algorithm
,
202 blink::WebCryptoKeyUsageWrapKey
| blink::WebCryptoKeyUsageUnwrapKey
);
204 // Import the key to be wrapped.
205 blink::WebCryptoKey key
= ImportSecretKeyFromRaw(
207 CreateHmacImportAlgorithmNoLength(blink::WebCryptoAlgorithmIdSha1
),
208 blink::WebCryptoKeyUsageSign
);
210 // Wrap the key and verify the ciphertext result against the known answer.
211 std::vector
<uint8_t> wrapped_key
;
212 ASSERT_EQ(Status::Success(),
213 WrapKey(blink::WebCryptoKeyFormatRaw
, key
, wrapping_key
,
214 wrapping_algorithm
, &wrapped_key
));
215 EXPECT_BYTES_EQ(test_ciphertext
, wrapped_key
);
217 // Unwrap the known ciphertext to get a new test_key.
218 blink::WebCryptoKey unwrapped_key
;
222 blink::WebCryptoKeyFormatRaw
, CryptoData(test_ciphertext
),
223 wrapping_key
, wrapping_algorithm
,
224 CreateHmacImportAlgorithmNoLength(blink::WebCryptoAlgorithmIdSha1
),
225 true, blink::WebCryptoKeyUsageSign
, &unwrapped_key
));
226 EXPECT_FALSE(key
.isNull());
227 EXPECT_TRUE(key
.handle());
228 EXPECT_EQ(blink::WebCryptoKeyTypeSecret
, key
.type());
229 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac
, key
.algorithm().id());
230 EXPECT_EQ(true, key
.extractable());
231 EXPECT_EQ(blink::WebCryptoKeyUsageSign
, key
.usages());
233 // Export the new key and compare its raw bytes with the original known key.
234 std::vector
<uint8_t> raw_key
;
235 EXPECT_EQ(Status::Success(),
236 ExportKey(blink::WebCryptoKeyFormatRaw
, unwrapped_key
, &raw_key
));
237 EXPECT_BYTES_EQ(test_key
, raw_key
);
241 // Unwrap a HMAC key using AES-KW, and then try doing a sign/verify with the
243 TEST_F(WebCryptoAesKwTest
, AesKwRawSymkeyUnwrapSignVerifyHmac
) {
244 scoped_ptr
<base::ListValue
> tests
;
245 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests
));
247 base::DictionaryValue
* test
;
248 ASSERT_TRUE(tests
->GetDictionary(0, &test
));
249 const std::vector
<uint8_t> test_kek
= GetBytesFromHexString(test
, "kek");
250 const std::vector
<uint8_t> test_ciphertext
=
251 GetBytesFromHexString(test
, "ciphertext");
252 const blink::WebCryptoAlgorithm wrapping_algorithm
=
253 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw
);
255 // Import the wrapping key.
256 blink::WebCryptoKey wrapping_key
= ImportSecretKeyFromRaw(
257 test_kek
, wrapping_algorithm
, blink::WebCryptoKeyUsageUnwrapKey
);
259 // Unwrap the known ciphertext.
260 blink::WebCryptoKey key
;
264 blink::WebCryptoKeyFormatRaw
, CryptoData(test_ciphertext
),
265 wrapping_key
, wrapping_algorithm
,
266 CreateHmacImportAlgorithmNoLength(blink::WebCryptoAlgorithmIdSha1
),
267 false, blink::WebCryptoKeyUsageSign
| blink::WebCryptoKeyUsageVerify
,
270 EXPECT_EQ(blink::WebCryptoKeyTypeSecret
, key
.type());
271 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac
, key
.algorithm().id());
272 EXPECT_FALSE(key
.extractable());
273 EXPECT_EQ(blink::WebCryptoKeyUsageSign
| blink::WebCryptoKeyUsageVerify
,
276 // Sign an empty message and ensure it is verified.
277 std::vector
<uint8_t> test_message
;
278 std::vector
<uint8_t> signature
;
280 ASSERT_EQ(Status::Success(),
281 Sign(CreateAlgorithm(blink::WebCryptoAlgorithmIdHmac
), key
,
282 CryptoData(test_message
), &signature
));
284 EXPECT_GT(signature
.size(), 0u);
289 Verify(CreateAlgorithm(blink::WebCryptoAlgorithmIdHmac
), key
,
290 CryptoData(signature
), CryptoData(test_message
), &verify_result
));
293 TEST_F(WebCryptoAesKwTest
, AesKwRawSymkeyWrapUnwrapErrors
) {
294 scoped_ptr
<base::ListValue
> tests
;
295 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests
));
296 base::DictionaryValue
* test
;
297 // Use 256 bits of data with a 256-bit KEK
298 ASSERT_TRUE(tests
->GetDictionary(3, &test
));
299 const std::vector
<uint8_t> test_kek
= GetBytesFromHexString(test
, "kek");
300 const std::vector
<uint8_t> test_key
= GetBytesFromHexString(test
, "key");
301 const std::vector
<uint8_t> test_ciphertext
=
302 GetBytesFromHexString(test
, "ciphertext");
303 const blink::WebCryptoAlgorithm wrapping_algorithm
=
304 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw
);
305 const blink::WebCryptoAlgorithm key_algorithm
=
306 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc
);
307 // Import the wrapping key.
308 blink::WebCryptoKey wrapping_key
= ImportSecretKeyFromRaw(
309 test_kek
, wrapping_algorithm
,
310 blink::WebCryptoKeyUsageWrapKey
| blink::WebCryptoKeyUsageUnwrapKey
);
311 // Import the key to be wrapped.
312 blink::WebCryptoKey key
= ImportSecretKeyFromRaw(
313 test_key
, CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc
),
314 blink::WebCryptoKeyUsageEncrypt
);
316 // Unwrap with wrapped data too small must fail.
317 const std::vector
<uint8_t> small_data(test_ciphertext
.begin(),
318 test_ciphertext
.begin() + 23);
319 blink::WebCryptoKey unwrapped_key
;
320 EXPECT_EQ(Status::ErrorDataTooSmall(),
321 UnwrapKey(blink::WebCryptoKeyFormatRaw
, CryptoData(small_data
),
322 wrapping_key
, wrapping_algorithm
, key_algorithm
, true,
323 blink::WebCryptoKeyUsageEncrypt
, &unwrapped_key
));
325 // Unwrap with wrapped data size not a multiple of 8 bytes must fail.
326 const std::vector
<uint8_t> unaligned_data(test_ciphertext
.begin(),
327 test_ciphertext
.end() - 2);
328 EXPECT_EQ(Status::ErrorInvalidAesKwDataLength(),
329 UnwrapKey(blink::WebCryptoKeyFormatRaw
, CryptoData(unaligned_data
),
330 wrapping_key
, wrapping_algorithm
, key_algorithm
, true,
331 blink::WebCryptoKeyUsageEncrypt
, &unwrapped_key
));
334 TEST_F(WebCryptoAesKwTest
, AesKwRawSymkeyUnwrapCorruptData
) {
335 scoped_ptr
<base::ListValue
> tests
;
336 ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests
));
337 base::DictionaryValue
* test
;
338 // Use 256 bits of data with a 256-bit KEK
339 ASSERT_TRUE(tests
->GetDictionary(3, &test
));
340 const std::vector
<uint8_t> test_kek
= GetBytesFromHexString(test
, "kek");
341 const std::vector
<uint8_t> test_key
= GetBytesFromHexString(test
, "key");
342 const std::vector
<uint8_t> test_ciphertext
=
343 GetBytesFromHexString(test
, "ciphertext");
344 const blink::WebCryptoAlgorithm wrapping_algorithm
=
345 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw
);
347 // Import the wrapping key.
348 blink::WebCryptoKey wrapping_key
= ImportSecretKeyFromRaw(
349 test_kek
, wrapping_algorithm
,
350 blink::WebCryptoKeyUsageWrapKey
| blink::WebCryptoKeyUsageUnwrapKey
);
352 // Unwrap of a corrupted version of the known ciphertext should fail, due to
353 // AES-KW's built-in integrity check.
354 blink::WebCryptoKey unwrapped_key
;
355 EXPECT_EQ(Status::OperationError(),
356 UnwrapKey(blink::WebCryptoKeyFormatRaw
,
357 CryptoData(Corrupted(test_ciphertext
)), wrapping_key
,
359 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc
), true,
360 blink::WebCryptoKeyUsageEncrypt
, &unwrapped_key
));
363 TEST_F(WebCryptoAesKwTest
, AesKwJwkSymkeyUnwrapKnownData
) {
364 // The following data lists a known HMAC SHA-256 key, then a JWK
365 // representation of this key which was encrypted ("wrapped") using AES-KW and
366 // the following wrapping key.
367 // For reference, the intermediate clear JWK is
368 // {"alg":"HS256","ext":true,"k":<b64urlKey>,"key_ops":["verify"],"kty":"oct"}
369 // (Not shown is space padding to ensure the cleartext meets the size
370 // requirements of the AES-KW algorithm.)
371 const std::vector
<uint8_t> key_data
= HexStringToBytes(
372 "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F");
373 const std::vector
<uint8_t> wrapped_key_data
= HexStringToBytes(
374 "14E6380B35FDC5B72E1994764B6CB7BFDD64E7832894356AAEE6C3768FC3D0F115E6B0"
375 "6729756225F999AA99FDF81FD6A359F1576D3D23DE6CB69C3937054EB497AC1E8C38D5"
376 "5E01B9783A20C8D930020932CF25926103002213D0FC37279888154FEBCEDF31832158"
377 "97938C5CFE5B10B4254D0C399F39D0");
378 const std::vector
<uint8_t> wrapping_key_data
=
379 HexStringToBytes("000102030405060708090A0B0C0D0E0F");
380 const blink::WebCryptoAlgorithm wrapping_algorithm
=
381 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw
);
383 // Import the wrapping key.
384 blink::WebCryptoKey wrapping_key
= ImportSecretKeyFromRaw(
385 wrapping_key_data
, wrapping_algorithm
, blink::WebCryptoKeyUsageUnwrapKey
);
387 // Unwrap the known wrapped key data to produce a new key
388 blink::WebCryptoKey unwrapped_key
;
392 blink::WebCryptoKeyFormatJwk
, CryptoData(wrapped_key_data
),
393 wrapping_key
, wrapping_algorithm
,
394 CreateHmacImportAlgorithmNoLength(blink::WebCryptoAlgorithmIdSha256
),
395 true, blink::WebCryptoKeyUsageVerify
, &unwrapped_key
));
397 // Validate the new key's attributes.
398 EXPECT_FALSE(unwrapped_key
.isNull());
399 EXPECT_TRUE(unwrapped_key
.handle());
400 EXPECT_EQ(blink::WebCryptoKeyTypeSecret
, unwrapped_key
.type());
401 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac
, unwrapped_key
.algorithm().id());
402 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256
,
403 unwrapped_key
.algorithm().hmacParams()->hash().id());
404 EXPECT_EQ(256u, unwrapped_key
.algorithm().hmacParams()->lengthBits());
405 EXPECT_EQ(true, unwrapped_key
.extractable());
406 EXPECT_EQ(blink::WebCryptoKeyUsageVerify
, unwrapped_key
.usages());
408 // Export the new key's raw data and compare to the known original.
409 std::vector
<uint8_t> raw_key
;
410 EXPECT_EQ(Status::Success(),
411 ExportKey(blink::WebCryptoKeyFormatRaw
, unwrapped_key
, &raw_key
));
412 EXPECT_BYTES_EQ(key_data
, raw_key
);
415 // Try importing an AES-KW key with unsupported key usages using raw
416 // format. AES-KW keys support the following usages:
417 // 'wrapKey', 'unwrapKey'
418 TEST_F(WebCryptoAesKwTest
, ImportKeyBadUsage_Raw
) {
419 const blink::WebCryptoAlgorithm algorithm
=
420 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw
);
422 blink::WebCryptoKeyUsageMask bad_usages
[] = {
423 blink::WebCryptoKeyUsageEncrypt
,
424 blink::WebCryptoKeyUsageDecrypt
,
425 blink::WebCryptoKeyUsageSign
,
426 blink::WebCryptoKeyUsageSign
| blink::WebCryptoKeyUsageUnwrapKey
,
427 blink::WebCryptoKeyUsageDeriveBits
,
428 blink::WebCryptoKeyUsageUnwrapKey
| blink::WebCryptoKeyUsageVerify
,
431 std::vector
<uint8_t> key_bytes(16);
433 for (size_t i
= 0; i
< arraysize(bad_usages
); ++i
) {
436 blink::WebCryptoKey key
;
437 ASSERT_EQ(Status::ErrorCreateKeyBadUsages(),
438 ImportKey(blink::WebCryptoKeyFormatRaw
, CryptoData(key_bytes
),
439 algorithm
, true, bad_usages
[i
], &key
));
443 // Try unwrapping an HMAC key with unsupported usages using JWK format and
444 // AES-KW. HMAC keys support the following usages:
446 TEST_F(WebCryptoAesKwTest
, UnwrapHmacKeyBadUsage_JWK
) {
447 const blink::WebCryptoAlgorithm unwrap_algorithm
=
448 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw
);
450 blink::WebCryptoKeyUsageMask bad_usages
[] = {
451 blink::WebCryptoKeyUsageEncrypt
,
452 blink::WebCryptoKeyUsageDecrypt
,
453 blink::WebCryptoKeyUsageWrapKey
,
454 blink::WebCryptoKeyUsageSign
| blink::WebCryptoKeyUsageWrapKey
,
455 blink::WebCryptoKeyUsageVerify
| blink::WebCryptoKeyUsageDeriveKey
,
458 // Import the wrapping key.
459 blink::WebCryptoKey wrapping_key
;
460 ASSERT_EQ(Status::Success(),
461 ImportKey(blink::WebCryptoKeyFormatRaw
,
462 CryptoData(std::vector
<uint8_t>(16)), unwrap_algorithm
,
463 true, blink::WebCryptoKeyUsageUnwrapKey
, &wrapping_key
));
465 // The JWK plain text is:
466 // {"kty":"oct","alg":"HS256","k":"GADWrMRHwQfoNaXU5fZvTg"}
467 const char* kWrappedJwk
=
468 "C2B7F19A32EE31372CD40C9C969B8CD67553E5AEA7FD1144874584E46ABCD79FDC308848"
469 "B2DD8BD36A2D61062B9C5B8B499B8D6EF8EB320D87A614952B4EE771";
471 for (size_t i
= 0; i
< arraysize(bad_usages
); ++i
) {
474 blink::WebCryptoKey key
;
477 Status::ErrorCreateKeyBadUsages(),
478 UnwrapKey(blink::WebCryptoKeyFormatJwk
,
479 CryptoData(HexStringToBytes(kWrappedJwk
)), wrapping_key
,
480 unwrap_algorithm
, CreateHmacImportAlgorithmNoLength(
481 blink::WebCryptoAlgorithmIdSha256
),
482 true, bad_usages
[i
], &key
));
486 // Try unwrapping an RSA-SSA public key with unsupported usages using JWK format
487 // and AES-KW. RSA-SSA public keys support the following usages:
489 TEST_F(WebCryptoAesKwTest
, UnwrapRsaSsaPublicKeyBadUsage_JWK
) {
490 const blink::WebCryptoAlgorithm unwrap_algorithm
=
491 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw
);
493 blink::WebCryptoKeyUsageMask bad_usages
[] = {
494 blink::WebCryptoKeyUsageEncrypt
,
495 blink::WebCryptoKeyUsageSign
,
496 blink::WebCryptoKeyUsageDecrypt
,
497 blink::WebCryptoKeyUsageWrapKey
,
498 blink::WebCryptoKeyUsageSign
| blink::WebCryptoKeyUsageWrapKey
,
501 // Import the wrapping key.
502 blink::WebCryptoKey wrapping_key
;
503 ASSERT_EQ(Status::Success(),
504 ImportKey(blink::WebCryptoKeyFormatRaw
,
505 CryptoData(std::vector
<uint8_t>(16)), unwrap_algorithm
,
506 true, blink::WebCryptoKeyUsageUnwrapKey
, &wrapping_key
));
508 // The JWK plaintext is:
509 // { "kty": "RSA","alg": "RS256","n": "...","e": "AQAB"}
511 const char* kWrappedJwk
=
512 "CE8DAEF99E977EE58958B8C4494755C846E883B2ECA575C5366622839AF71AB30875F152"
513 "E8E33E15A7817A3A2874EB53EFE05C774D98BC936BA9BA29BEB8BB3F3C3CE2323CB3359D"
514 "E3F426605CF95CCF0E01E870ABD7E35F62E030B5FB6E520A5885514D1D850FB64B57806D"
515 "1ADA57C6E27DF345D8292D80F6B074F1BE51C4CF3D76ECC8886218551308681B44FAC60B"
516 "8CF6EA439BC63239103D0AE81ADB96F908680586C6169284E32EB7DD09D31103EBDAC0C2"
517 "40C72DCF0AEA454113CC47457B13305B25507CBEAB9BDC8D8E0F867F9167F9DCEF0D9F9B"
518 "30F2EE83CEDFD51136852C8A5939B768";
520 for (size_t i
= 0; i
< arraysize(bad_usages
); ++i
) {
523 blink::WebCryptoKey key
;
525 ASSERT_EQ(Status::ErrorCreateKeyBadUsages(),
526 UnwrapKey(blink::WebCryptoKeyFormatJwk
,
527 CryptoData(HexStringToBytes(kWrappedJwk
)), wrapping_key
,
529 CreateRsaHashedImportAlgorithm(
530 blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5
,
531 blink::WebCryptoAlgorithmIdSha256
),
532 true, bad_usages
[i
], &key
));
538 } // namespace webcrypto