1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "base/logging.h"
6 #include "base/stl_util.h"
7 #include "components/webcrypto/algorithm_dispatch.h"
8 #include "components/webcrypto/algorithms/test_helpers.h"
9 #include "components/webcrypto/crypto_data.h"
10 #include "components/webcrypto/status.h"
11 #include "components/webcrypto/webcrypto_util.h"
12 #include "testing/gtest/include/gtest/gtest.h"
13 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"
14 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h"
20 // Creates an HMAC algorithm whose parameters struct is compatible with key
21 // generation. It is an error to call this with a hash_id that is not a SHA*.
22 // The key_length_bits parameter is optional, with zero meaning unspecified.
23 blink::WebCryptoAlgorithm
CreateHmacKeyGenAlgorithm(
24 blink::WebCryptoAlgorithmId hash_id
,
25 unsigned int key_length_bits
) {
26 DCHECK(blink::WebCryptoAlgorithm::isHash(hash_id
));
27 // key_length_bytes == 0 means unspecified
28 return blink::WebCryptoAlgorithm::adoptParamsAndCreate(
29 blink::WebCryptoAlgorithmIdHmac
,
30 new blink::WebCryptoHmacKeyGenParams(
31 CreateAlgorithm(hash_id
), (key_length_bits
!= 0), key_length_bits
));
34 blink::WebCryptoAlgorithm
CreateHmacImportAlgorithmWithLength(
35 blink::WebCryptoAlgorithmId hash_id
,
36 unsigned int length_bits
) {
37 DCHECK(blink::WebCryptoAlgorithm::isHash(hash_id
));
38 return blink::WebCryptoAlgorithm::adoptParamsAndCreate(
39 blink::WebCryptoAlgorithmIdHmac
,
40 new blink::WebCryptoHmacImportParams(CreateAlgorithm(hash_id
), true,
44 class WebCryptoHmacTest
: public WebCryptoTestBase
{};
46 TEST_F(WebCryptoHmacTest
, HMACSampleSets
) {
47 scoped_ptr
<base::ListValue
> tests
;
48 ASSERT_TRUE(ReadJsonTestFileToList("hmac.json", &tests
));
49 for (size_t test_index
= 0; test_index
< tests
->GetSize(); ++test_index
) {
50 SCOPED_TRACE(test_index
);
51 base::DictionaryValue
* test
;
52 ASSERT_TRUE(tests
->GetDictionary(test_index
, &test
));
54 blink::WebCryptoAlgorithm test_hash
= GetDigestAlgorithm(test
, "hash");
55 const std::vector
<uint8_t> test_key
= GetBytesFromHexString(test
, "key");
56 const std::vector
<uint8_t> test_message
=
57 GetBytesFromHexString(test
, "message");
58 const std::vector
<uint8_t> test_mac
= GetBytesFromHexString(test
, "mac");
60 blink::WebCryptoAlgorithm algorithm
=
61 CreateAlgorithm(blink::WebCryptoAlgorithmIdHmac
);
63 blink::WebCryptoAlgorithm import_algorithm
=
64 CreateHmacImportAlgorithmNoLength(test_hash
.id());
66 blink::WebCryptoKey key
= ImportSecretKeyFromRaw(
67 test_key
, import_algorithm
,
68 blink::WebCryptoKeyUsageSign
| blink::WebCryptoKeyUsageVerify
);
70 EXPECT_EQ(test_hash
.id(), key
.algorithm().hmacParams()->hash().id());
71 EXPECT_EQ(test_key
.size() * 8, key
.algorithm().hmacParams()->lengthBits());
73 // Verify exported raw key is identical to the imported data
74 std::vector
<uint8_t> raw_key
;
75 EXPECT_EQ(Status::Success(),
76 ExportKey(blink::WebCryptoKeyFormatRaw
, key
, &raw_key
));
77 EXPECT_BYTES_EQ(test_key
, raw_key
);
79 std::vector
<uint8_t> output
;
81 ASSERT_EQ(Status::Success(),
82 Sign(algorithm
, key
, CryptoData(test_message
), &output
));
84 EXPECT_BYTES_EQ(test_mac
, output
);
86 bool signature_match
= false;
87 EXPECT_EQ(Status::Success(),
88 Verify(algorithm
, key
, CryptoData(output
),
89 CryptoData(test_message
), &signature_match
));
90 EXPECT_TRUE(signature_match
);
92 // Ensure truncated signature does not verify by passing one less byte.
93 EXPECT_EQ(Status::Success(),
94 Verify(algorithm
, key
,
95 CryptoData(vector_as_array(&output
),
96 static_cast<unsigned int>(output
.size()) - 1),
97 CryptoData(test_message
), &signature_match
));
98 EXPECT_FALSE(signature_match
);
100 // Ensure truncated signature does not verify by passing no bytes.
101 EXPECT_EQ(Status::Success(),
102 Verify(algorithm
, key
, CryptoData(), CryptoData(test_message
),
104 EXPECT_FALSE(signature_match
);
106 // Ensure extra long signature does not cause issues and fails.
107 const unsigned char kLongSignature
[1024] = {0};
108 EXPECT_EQ(Status::Success(),
109 Verify(algorithm
, key
,
110 CryptoData(kLongSignature
, sizeof(kLongSignature
)),
111 CryptoData(test_message
), &signature_match
));
112 EXPECT_FALSE(signature_match
);
116 TEST_F(WebCryptoHmacTest
, GenerateKeyIsRandom
) {
117 // Generate a small sample of HMAC keys.
118 std::vector
<std::vector
<uint8_t>> keys
;
119 for (int i
= 0; i
< 16; ++i
) {
120 std::vector
<uint8_t> key_bytes
;
121 blink::WebCryptoKey key
;
122 blink::WebCryptoAlgorithm algorithm
=
123 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1
, 512);
126 GenerateSecretKey(algorithm
, true, blink::WebCryptoKeyUsageSign
, &key
));
127 EXPECT_FALSE(key
.isNull());
128 EXPECT_TRUE(key
.handle());
129 EXPECT_EQ(blink::WebCryptoKeyTypeSecret
, key
.type());
130 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac
, key
.algorithm().id());
131 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1
,
132 key
.algorithm().hmacParams()->hash().id());
133 EXPECT_EQ(512u, key
.algorithm().hmacParams()->lengthBits());
135 std::vector
<uint8_t> raw_key
;
136 ASSERT_EQ(Status::Success(),
137 ExportKey(blink::WebCryptoKeyFormatRaw
, key
, &raw_key
));
138 EXPECT_EQ(64U, raw_key
.size());
139 keys
.push_back(raw_key
);
141 // Ensure all entries in the key sample set are unique. This is a simplistic
142 // estimate of whether the generated keys appear random.
143 EXPECT_FALSE(CopiesExist(keys
));
146 // If the key length is not provided, then the block size is used.
147 TEST_F(WebCryptoHmacTest
, GenerateKeyNoLengthSha1
) {
148 blink::WebCryptoKey key
;
149 blink::WebCryptoAlgorithm algorithm
=
150 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1
, 0);
153 GenerateSecretKey(algorithm
, true, blink::WebCryptoKeyUsageSign
, &key
));
154 EXPECT_TRUE(key
.handle());
155 EXPECT_EQ(blink::WebCryptoKeyTypeSecret
, key
.type());
156 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac
, key
.algorithm().id());
157 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1
,
158 key
.algorithm().hmacParams()->hash().id());
159 EXPECT_EQ(512u, key
.algorithm().hmacParams()->lengthBits());
160 std::vector
<uint8_t> raw_key
;
161 ASSERT_EQ(Status::Success(),
162 ExportKey(blink::WebCryptoKeyFormatRaw
, key
, &raw_key
));
163 EXPECT_EQ(64U, raw_key
.size());
166 // If the key length is not provided, then the block size is used.
167 TEST_F(WebCryptoHmacTest
, GenerateKeyNoLengthSha512
) {
168 blink::WebCryptoKey key
;
169 blink::WebCryptoAlgorithm algorithm
=
170 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha512
, 0);
173 GenerateSecretKey(algorithm
, true, blink::WebCryptoKeyUsageSign
, &key
));
174 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac
, key
.algorithm().id());
175 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha512
,
176 key
.algorithm().hmacParams()->hash().id());
177 EXPECT_EQ(1024u, key
.algorithm().hmacParams()->lengthBits());
178 std::vector
<uint8_t> raw_key
;
179 ASSERT_EQ(Status::Success(),
180 ExportKey(blink::WebCryptoKeyFormatRaw
, key
, &raw_key
));
181 EXPECT_EQ(128U, raw_key
.size());
184 TEST_F(WebCryptoHmacTest
, GenerateKeyEmptyUsage
) {
185 blink::WebCryptoKey key
;
186 blink::WebCryptoAlgorithm algorithm
=
187 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha512
, 0);
188 ASSERT_EQ(Status::ErrorCreateKeyEmptyUsages(),
189 GenerateSecretKey(algorithm
, true, 0, &key
));
192 // Generate a 1 bit key. The exported key is 1 byte long, and 7 of the bits are
193 // guaranteed to be zero.
194 TEST_F(WebCryptoHmacTest
, Generate1BitKey
) {
195 blink::WebCryptoKey key
;
196 blink::WebCryptoAlgorithm algorithm
=
197 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1
, 1);
201 GenerateSecretKey(algorithm
, true, blink::WebCryptoKeyUsageSign
, &key
));
202 EXPECT_EQ(1u, key
.algorithm().hmacParams()->lengthBits());
204 std::vector
<uint8_t> raw_key
;
205 ASSERT_EQ(Status::Success(),
206 ExportKey(blink::WebCryptoKeyFormatRaw
, key
, &raw_key
));
207 ASSERT_EQ(1U, raw_key
.size());
209 EXPECT_FALSE(raw_key
[0] & 0x7F);
212 TEST_F(WebCryptoHmacTest
, ImportKeyEmptyUsage
) {
213 blink::WebCryptoKey key
;
214 std::string key_raw_hex_in
= "025a8cf3f08b4f6c5f33bbc76a471939";
215 EXPECT_EQ(Status::ErrorCreateKeyEmptyUsages(),
216 ImportKey(blink::WebCryptoKeyFormatRaw
,
217 CryptoData(HexStringToBytes(key_raw_hex_in
)),
218 CreateHmacImportAlgorithmNoLength(
219 blink::WebCryptoAlgorithmIdSha1
),
223 TEST_F(WebCryptoHmacTest
, ImportKeyJwkKeyOpsSignVerify
) {
224 blink::WebCryptoKey key
;
225 base::DictionaryValue dict
;
226 dict
.SetString("kty", "oct");
227 dict
.SetString("k", "GADWrMRHwQfoNaXU5fZvTg");
228 base::ListValue
* key_ops
= new base::ListValue
;
229 dict
.Set("key_ops", key_ops
); // Takes ownership.
231 key_ops
->AppendString("sign");
233 EXPECT_EQ(Status::Success(),
234 ImportKeyJwkFromDict(dict
, CreateHmacImportAlgorithmNoLength(
235 blink::WebCryptoAlgorithmIdSha256
),
236 false, blink::WebCryptoKeyUsageSign
, &key
));
238 EXPECT_EQ(blink::WebCryptoKeyUsageSign
, key
.usages());
240 key_ops
->AppendString("verify");
242 EXPECT_EQ(Status::Success(),
243 ImportKeyJwkFromDict(dict
, CreateHmacImportAlgorithmNoLength(
244 blink::WebCryptoAlgorithmIdSha256
),
245 false, blink::WebCryptoKeyUsageVerify
, &key
));
247 EXPECT_EQ(blink::WebCryptoKeyUsageVerify
, key
.usages());
250 // Test 'use' inconsistent with 'key_ops'.
251 TEST_F(WebCryptoHmacTest
, ImportKeyJwkUseInconsisteWithKeyOps
) {
252 blink::WebCryptoKey key
;
253 base::DictionaryValue dict
;
254 dict
.SetString("kty", "oct");
255 dict
.SetString("k", "GADWrMRHwQfoNaXU5fZvTg");
256 base::ListValue
* key_ops
= new base::ListValue
;
257 dict
.Set("key_ops", key_ops
); // Takes ownership.
259 dict
.SetString("alg", "HS256");
260 dict
.SetString("use", "sig");
261 key_ops
->AppendString("sign");
262 key_ops
->AppendString("verify");
263 key_ops
->AppendString("encrypt");
265 Status::ErrorJwkUseAndKeyopsInconsistent(),
266 ImportKeyJwkFromDict(
268 CreateHmacImportAlgorithmNoLength(blink::WebCryptoAlgorithmIdSha256
),
269 false, blink::WebCryptoKeyUsageSign
| blink::WebCryptoKeyUsageVerify
,
273 // Test JWK composite 'sig' use
274 TEST_F(WebCryptoHmacTest
, ImportKeyJwkUseSig
) {
275 blink::WebCryptoKey key
;
276 base::DictionaryValue dict
;
277 dict
.SetString("kty", "oct");
278 dict
.SetString("k", "GADWrMRHwQfoNaXU5fZvTg");
280 dict
.SetString("use", "sig");
283 ImportKeyJwkFromDict(
285 CreateHmacImportAlgorithmNoLength(blink::WebCryptoAlgorithmIdSha256
),
286 false, blink::WebCryptoKeyUsageSign
| blink::WebCryptoKeyUsageVerify
,
289 EXPECT_EQ(blink::WebCryptoKeyUsageSign
| blink::WebCryptoKeyUsageVerify
,
293 TEST_F(WebCryptoHmacTest
, ImportJwkInputConsistency
) {
294 // The Web Crypto spec says that if a JWK value is present, but is
295 // inconsistent with the input value, the operation must fail.
297 // Consistency rules when JWK value is not present: Inputs should be used.
298 blink::WebCryptoKey key
;
299 bool extractable
= false;
300 blink::WebCryptoAlgorithm algorithm
=
301 CreateHmacImportAlgorithmNoLength(blink::WebCryptoAlgorithmIdSha256
);
302 blink::WebCryptoKeyUsageMask usages
= blink::WebCryptoKeyUsageVerify
;
303 base::DictionaryValue dict
;
304 dict
.SetString("kty", "oct");
305 dict
.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg");
306 std::vector
<uint8_t> json_vec
= MakeJsonVector(dict
);
307 EXPECT_EQ(Status::Success(),
308 ImportKey(blink::WebCryptoKeyFormatJwk
, CryptoData(json_vec
),
309 algorithm
, extractable
, usages
, &key
));
310 EXPECT_TRUE(key
.handle());
311 EXPECT_EQ(blink::WebCryptoKeyTypeSecret
, key
.type());
312 EXPECT_EQ(extractable
, key
.extractable());
313 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac
, key
.algorithm().id());
314 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256
,
315 key
.algorithm().hmacParams()->hash().id());
316 EXPECT_EQ(320u, key
.algorithm().hmacParams()->lengthBits());
317 EXPECT_EQ(blink::WebCryptoKeyUsageVerify
, key
.usages());
318 key
= blink::WebCryptoKey::createNull();
320 // Consistency rules when JWK value exists: Fail if inconsistency is found.
322 // Pass: All input values are consistent with the JWK values.
324 dict
.SetString("kty", "oct");
325 dict
.SetString("alg", "HS256");
326 dict
.SetString("use", "sig");
327 dict
.SetBoolean("ext", false);
328 dict
.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg");
329 json_vec
= MakeJsonVector(dict
);
330 EXPECT_EQ(Status::Success(),
331 ImportKey(blink::WebCryptoKeyFormatJwk
, CryptoData(json_vec
),
332 algorithm
, extractable
, usages
, &key
));
334 // Extractable cases:
335 // 1. input=T, JWK=F ==> fail (inconsistent)
336 // 4. input=F, JWK=F ==> pass, result extractable is F
337 // 2. input=T, JWK=T ==> pass, result extractable is T
338 // 3. input=F, JWK=T ==> pass, result extractable is F
339 EXPECT_EQ(Status::ErrorJwkExtInconsistent(),
340 ImportKey(blink::WebCryptoKeyFormatJwk
, CryptoData(json_vec
),
341 algorithm
, true, usages
, &key
));
342 EXPECT_EQ(Status::Success(),
343 ImportKey(blink::WebCryptoKeyFormatJwk
, CryptoData(json_vec
),
344 algorithm
, false, usages
, &key
));
345 EXPECT_FALSE(key
.extractable());
346 dict
.SetBoolean("ext", true);
347 EXPECT_EQ(Status::Success(),
348 ImportKeyJwkFromDict(dict
, algorithm
, true, usages
, &key
));
349 EXPECT_TRUE(key
.extractable());
350 EXPECT_EQ(Status::Success(),
351 ImportKeyJwkFromDict(dict
, algorithm
, false, usages
, &key
));
352 EXPECT_FALSE(key
.extractable());
353 dict
.SetBoolean("ext", true); // restore previous value
355 // Fail: Input algorithm (AES-CBC) is inconsistent with JWK value
358 dict
.SetString("kty", "oct");
359 dict
.SetString("alg", "HS256");
360 dict
.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg");
361 EXPECT_EQ(Status::ErrorJwkAlgorithmInconsistent(),
362 ImportKeyJwkFromDict(
363 dict
, CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc
),
364 extractable
, blink::WebCryptoKeyUsageEncrypt
, &key
));
365 // Fail: Input usage (encrypt) is inconsistent with JWK value (use=sig).
366 EXPECT_EQ(Status::ErrorJwkUseInconsistent(),
367 ImportKey(blink::WebCryptoKeyFormatJwk
, CryptoData(json_vec
),
368 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc
),
369 extractable
, blink::WebCryptoKeyUsageEncrypt
, &key
));
371 // Fail: Input algorithm (HMAC SHA1) is inconsistent with JWK value
373 EXPECT_EQ(Status::ErrorJwkAlgorithmInconsistent(),
374 ImportKey(blink::WebCryptoKeyFormatJwk
, CryptoData(json_vec
),
375 CreateHmacImportAlgorithmNoLength(
376 blink::WebCryptoAlgorithmIdSha1
),
377 extractable
, usages
, &key
));
379 // Pass: JWK alg missing but input algorithm specified: use input value
380 dict
.Remove("alg", NULL
);
381 EXPECT_EQ(Status::Success(),
382 ImportKeyJwkFromDict(dict
, CreateHmacImportAlgorithmNoLength(
383 blink::WebCryptoAlgorithmIdSha256
),
384 extractable
, usages
, &key
));
385 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac
, algorithm
.id());
386 dict
.SetString("alg", "HS256");
388 // Fail: Input usages (encrypt) is not a subset of the JWK value
389 // (sign|verify). Moreover "encrypt" is not a valid usage for HMAC.
391 Status::ErrorCreateKeyBadUsages(),
392 ImportKey(blink::WebCryptoKeyFormatJwk
, CryptoData(json_vec
), algorithm
,
393 extractable
, blink::WebCryptoKeyUsageEncrypt
, &key
));
395 // Fail: Input usages (encrypt|sign|verify) is not a subset of the JWK
396 // value (sign|verify). Moreover "encrypt" is not a valid usage for HMAC.
397 usages
= blink::WebCryptoKeyUsageEncrypt
| blink::WebCryptoKeyUsageSign
|
398 blink::WebCryptoKeyUsageVerify
;
399 EXPECT_EQ(Status::ErrorCreateKeyBadUsages(),
400 ImportKey(blink::WebCryptoKeyFormatJwk
, CryptoData(json_vec
),
401 algorithm
, extractable
, usages
, &key
));
403 // TODO(padolph): kty vs alg consistency tests: Depending on the kty value,
404 // only certain alg values are permitted. For example, when kty = "RSA" alg
405 // must be of the RSA family, or when kty = "oct" alg must be symmetric
408 // TODO(padolph): key_ops consistency tests
411 TEST_F(WebCryptoHmacTest
, ImportJwkHappy
) {
412 // This test verifies the happy path of JWK import, including the application
413 // of the imported key material.
415 blink::WebCryptoKey key
;
416 bool extractable
= false;
417 blink::WebCryptoAlgorithm algorithm
=
418 CreateHmacImportAlgorithmNoLength(blink::WebCryptoAlgorithmIdSha256
);
419 blink::WebCryptoKeyUsageMask usages
= blink::WebCryptoKeyUsageSign
;
421 // Import a symmetric key JWK and HMAC-SHA256 sign()
422 // Uses the first SHA256 test vector from the HMAC sample set above.
424 base::DictionaryValue dict
;
425 dict
.SetString("kty", "oct");
426 dict
.SetString("alg", "HS256");
427 dict
.SetString("use", "sig");
428 dict
.SetBoolean("ext", false);
429 dict
.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg");
431 ASSERT_EQ(Status::Success(),
432 ImportKeyJwkFromDict(dict
, algorithm
, extractable
, usages
, &key
));
434 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256
,
435 key
.algorithm().hmacParams()->hash().id());
437 const std::vector
<uint8_t> message_raw
= HexStringToBytes(
438 "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a"
439 "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92"
440 "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f"
441 "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e");
443 std::vector
<uint8_t> output
;
445 ASSERT_EQ(Status::Success(),
446 Sign(CreateAlgorithm(blink::WebCryptoAlgorithmIdHmac
), key
,
447 CryptoData(message_raw
), &output
));
449 const std::string mac_raw
=
450 "769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b";
452 EXPECT_BYTES_EQ_HEX(mac_raw
, output
);
454 // TODO(padolph): Import an RSA public key JWK and use it
457 TEST_F(WebCryptoHmacTest
, ImportExportJwk
) {
459 ImportExportJwkSymmetricKey(
460 256, CreateHmacImportAlgorithmNoLength(blink::WebCryptoAlgorithmIdSha1
),
461 blink::WebCryptoKeyUsageSign
| blink::WebCryptoKeyUsageVerify
, "HS1");
464 ImportExportJwkSymmetricKey(
465 384, CreateHmacImportAlgorithmNoLength(blink::WebCryptoAlgorithmIdSha384
),
466 blink::WebCryptoKeyUsageSign
, "HS384");
469 ImportExportJwkSymmetricKey(
470 512, CreateHmacImportAlgorithmNoLength(blink::WebCryptoAlgorithmIdSha512
),
471 blink::WebCryptoKeyUsageVerify
, "HS512");
474 TEST_F(WebCryptoHmacTest
, ExportJwkEmptyKey
) {
475 blink::WebCryptoKeyUsageMask usages
= blink::WebCryptoKeyUsageSign
;
477 // Importing empty HMAC key is no longer allowed. However such a key can be
478 // created via de-serialization.
479 blink::WebCryptoKey key
;
480 ASSERT_TRUE(DeserializeKeyForClone(blink::WebCryptoKeyAlgorithm::createHmac(
481 blink::WebCryptoAlgorithmIdSha1
, 0),
482 blink::WebCryptoKeyTypeSecret
, true,
483 usages
, CryptoData(), &key
));
485 // Export the key in JWK format and validate.
486 std::vector
<uint8_t> json
;
487 ASSERT_EQ(Status::Success(),
488 ExportKey(blink::WebCryptoKeyFormatJwk
, key
, &json
));
489 EXPECT_TRUE(VerifySecretJwk(json
, "HS1", "", usages
));
491 // Now try re-importing the JWK key.
492 key
= blink::WebCryptoKey::createNull();
493 EXPECT_EQ(Status::ErrorHmacImportEmptyKey(),
494 ImportKey(blink::WebCryptoKeyFormatJwk
, CryptoData(json
),
495 CreateHmacImportAlgorithmNoLength(
496 blink::WebCryptoAlgorithmIdSha1
),
497 true, usages
, &key
));
500 // Imports an HMAC key contaning no byte data.
501 TEST_F(WebCryptoHmacTest
, ImportRawEmptyKey
) {
502 const blink::WebCryptoAlgorithm import_algorithm
=
503 CreateHmacImportAlgorithmNoLength(blink::WebCryptoAlgorithmIdSha1
);
505 blink::WebCryptoKeyUsageMask usages
= blink::WebCryptoKeyUsageSign
;
506 blink::WebCryptoKey key
;
508 ASSERT_EQ(Status::ErrorHmacImportEmptyKey(),
509 ImportKey(blink::WebCryptoKeyFormatRaw
, CryptoData(),
510 import_algorithm
, true, usages
, &key
));
513 // Imports an HMAC key contaning 1 byte data, however the length was set to 0.
514 TEST_F(WebCryptoHmacTest
, ImportRawKeyWithZeroLength
) {
515 const blink::WebCryptoAlgorithm import_algorithm
=
516 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha1
, 0);
518 blink::WebCryptoKeyUsageMask usages
= blink::WebCryptoKeyUsageSign
;
519 blink::WebCryptoKey key
;
521 std::vector
<uint8_t> key_data(1);
522 ASSERT_EQ(Status::ErrorHmacImportBadLength(),
523 ImportKey(blink::WebCryptoKeyFormatRaw
, CryptoData(key_data
),
524 import_algorithm
, true, usages
, &key
));
527 // Import a huge hmac key (UINT_MAX bytes). This will fail before actually
528 // reading the bytes, as the key is too large.
529 TEST_F(WebCryptoHmacTest
, ImportRawKeyTooLarge
) {
530 CryptoData
big_data(NULL
, UINT_MAX
); // Invalid data of big length.
532 blink::WebCryptoKey key
;
533 EXPECT_EQ(Status::ErrorDataTooLarge(),
534 ImportKey(blink::WebCryptoKeyFormatRaw
, CryptoData(big_data
),
535 CreateHmacImportAlgorithmNoLength(
536 blink::WebCryptoAlgorithmIdSha1
),
537 true, blink::WebCryptoKeyUsageSign
, &key
));
540 // Import an HMAC key with 120 bits of data, however request 128 bits worth.
541 TEST_F(WebCryptoHmacTest
, ImportRawKeyLengthTooLarge
) {
542 blink::WebCryptoKey key
;
543 EXPECT_EQ(Status::ErrorHmacImportBadLength(),
544 ImportKey(blink::WebCryptoKeyFormatRaw
,
545 CryptoData(std::vector
<uint8_t>(15)),
546 CreateHmacImportAlgorithmWithLength(
547 blink::WebCryptoAlgorithmIdSha1
, 128),
548 true, blink::WebCryptoKeyUsageSign
, &key
));
551 // Import an HMAC key with 128 bits of data, however request 120 bits worth.
552 TEST_F(WebCryptoHmacTest
, ImportRawKeyLengthTooSmall
) {
553 blink::WebCryptoKey key
;
554 EXPECT_EQ(Status::ErrorHmacImportBadLength(),
555 ImportKey(blink::WebCryptoKeyFormatRaw
,
556 CryptoData(std::vector
<uint8_t>(16)),
557 CreateHmacImportAlgorithmWithLength(
558 blink::WebCryptoAlgorithmIdSha1
, 120),
559 true, blink::WebCryptoKeyUsageSign
, &key
));
562 // Import an HMAC key with 16 bits of data and request a 12 bit key, using the
564 TEST_F(WebCryptoHmacTest
, ImportRawKeyTruncation
) {
565 const std::vector
<uint8_t> data
= HexStringToBytes("b1ff");
567 blink::WebCryptoKey key
;
568 EXPECT_EQ(Status::Success(),
569 ImportKey(blink::WebCryptoKeyFormatRaw
, CryptoData(data
),
570 CreateHmacImportAlgorithmWithLength(
571 blink::WebCryptoAlgorithmIdSha1
, 12),
572 true, blink::WebCryptoKeyUsageSign
, &key
));
574 // On export the last 4 bits has been set to zero.
575 std::vector
<uint8_t> raw_key
;
576 EXPECT_EQ(Status::Success(),
577 ExportKey(blink::WebCryptoKeyFormatRaw
, key
, &raw_key
));
578 EXPECT_BYTES_EQ(HexStringToBytes("b1f0"), raw_key
);
581 // The same test as above, but using the JWK format.
582 TEST_F(WebCryptoHmacTest
, ImportJwkKeyTruncation
) {
583 base::DictionaryValue dict
;
584 dict
.SetString("kty", "oct");
585 dict
.SetString("k", "sf8"); // 0xB1FF
587 blink::WebCryptoKey key
;
588 EXPECT_EQ(Status::Success(),
589 ImportKeyJwkFromDict(dict
, CreateHmacImportAlgorithmWithLength(
590 blink::WebCryptoAlgorithmIdSha1
, 12),
591 true, blink::WebCryptoKeyUsageSign
, &key
));
593 // On export the last 4 bits has been set to zero.
594 std::vector
<uint8_t> raw_key
;
595 EXPECT_EQ(Status::Success(),
596 ExportKey(blink::WebCryptoKeyFormatRaw
, key
, &raw_key
));
597 EXPECT_BYTES_EQ(HexStringToBytes("b1f0"), raw_key
);
602 } // namespace webcrypto