Re-subimission of https://codereview.chromium.org/1041213003/
[chromium-blink-merge.git] / content / child / webcrypto / test / aes_ctr_unittest.cc
blob12219959b508ce4ade4297bfc783b50baad3b8e4
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "base/stl_util.h"
6 #include "content/child/webcrypto/algorithm_dispatch.h"
7 #include "content/child/webcrypto/crypto_data.h"
8 #include "content/child/webcrypto/status.h"
9 #include "content/child/webcrypto/test/test_helpers.h"
10 #include "content/child/webcrypto/webcrypto_util.h"
11 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"
12 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h"
14 namespace content {
16 namespace webcrypto {
18 namespace {
20 bool SupportsAesCtr() {
21 #if defined(USE_OPENSSL)
22 return true;
23 #else
24 return false;
25 #endif
28 // Creates an AES-CTR algorithm for encryption/decryption.
29 blink::WebCryptoAlgorithm CreateAesCtrAlgorithm(
30 const std::vector<uint8_t>& counter,
31 uint8_t length_bits) {
32 return blink::WebCryptoAlgorithm::adoptParamsAndCreate(
33 blink::WebCryptoAlgorithmIdAesCtr,
34 new blink::WebCryptoAesCtrParams(length_bits, vector_as_array(&counter),
35 counter.size()));
38 TEST(WebCryptoAesCtrTest, EncryptDecryptKnownAnswer) {
39 if (!SupportsAesCtr()) {
40 LOG(WARNING) << "Skipping test because AES-CTR is not supported";
41 return;
44 scoped_ptr<base::ListValue> tests;
45 ASSERT_TRUE(ReadJsonTestFileToList("aes_ctr.json", &tests));
47 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) {
48 SCOPED_TRACE(test_index);
49 base::DictionaryValue* test;
50 ASSERT_TRUE(tests->GetDictionary(test_index, &test));
52 std::vector<uint8_t> test_key = GetBytesFromHexString(test, "key");
53 std::vector<uint8_t> test_counter = GetBytesFromHexString(test, "counter");
54 int counter_length_bits = 0;
55 ASSERT_TRUE(test->GetInteger("length", &counter_length_bits));
57 std::vector<uint8_t> test_plain_text =
58 GetBytesFromHexString(test, "plain_text");
59 std::vector<uint8_t> test_cipher_text =
60 GetBytesFromHexString(test, "cipher_text");
62 blink::WebCryptoKey key = ImportSecretKeyFromRaw(
63 test_key, CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCtr),
64 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt);
66 EXPECT_EQ(test_key.size() * 8, key.algorithm().aesParams()->lengthBits());
68 std::vector<uint8_t> output;
70 // Test encryption.
71 EXPECT_EQ(Status::Success(),
72 Encrypt(CreateAesCtrAlgorithm(test_counter, counter_length_bits),
73 key, CryptoData(test_plain_text), &output));
74 EXPECT_BYTES_EQ(test_cipher_text, output);
76 // Test decryption.
77 EXPECT_EQ(Status::Success(),
78 Decrypt(CreateAesCtrAlgorithm(test_counter, counter_length_bits),
79 key, CryptoData(test_cipher_text), &output));
80 EXPECT_BYTES_EQ(test_plain_text, output);
84 // The counter block must be exactly 16 bytes.
85 TEST(WebCryptoAesCtrTest, InvalidCounterBlockLength) {
86 if (!SupportsAesCtr()) {
87 LOG(WARNING) << "Skipping test because AES-CTR is not supported";
88 return;
91 const unsigned int kBadCounterBlockLengthBytes[] = {0, 15, 17};
93 blink::WebCryptoKey key = ImportSecretKeyFromRaw(
94 std::vector<uint8>(16), // 128-bit key of all zeros.
95 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCtr),
96 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt);
98 std::vector<uint8_t> input(32);
99 std::vector<uint8_t> output;
101 for (size_t i = 0; i < arraysize(kBadCounterBlockLengthBytes); ++i) {
102 std::vector<uint8_t> bad_counter(kBadCounterBlockLengthBytes[i]);
104 EXPECT_EQ(Status::ErrorIncorrectSizeAesCtrCounter(),
105 Encrypt(CreateAesCtrAlgorithm(bad_counter, 128), key,
106 CryptoData(input), &output));
108 EXPECT_EQ(Status::ErrorIncorrectSizeAesCtrCounter(),
109 Decrypt(CreateAesCtrAlgorithm(bad_counter, 128), key,
110 CryptoData(input), &output));
114 // The counter length cannot be less than 1 or greater than 128.
115 TEST(WebCryptoAesCtrTest, InvalidCounterLength) {
116 if (!SupportsAesCtr()) {
117 LOG(WARNING) << "Skipping test because AES-CTR is not supported";
118 return;
121 const uint8_t kBadCounterLengthBits[] = {0, 129};
123 blink::WebCryptoKey key = ImportSecretKeyFromRaw(
124 std::vector<uint8>(16), // 128-bit key of all zeros.
125 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCtr),
126 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt);
128 std::vector<uint8_t> counter(16);
129 std::vector<uint8_t> input(32);
130 std::vector<uint8_t> output;
132 for (size_t i = 0; i < arraysize(kBadCounterLengthBits); ++i) {
133 uint8_t bad_counter_length_bits = kBadCounterLengthBits[i];
135 EXPECT_EQ(Status::ErrorInvalidAesCtrCounterLength(),
136 Encrypt(CreateAesCtrAlgorithm(counter, bad_counter_length_bits),
137 key, CryptoData(input), &output));
139 EXPECT_EQ(Status::ErrorInvalidAesCtrCounterLength(),
140 Decrypt(CreateAesCtrAlgorithm(counter, bad_counter_length_bits),
141 key, CryptoData(input), &output));
145 // Tests wrap-around using a 4-bit counter.
147 // Wrap-around is allowed, however if the counter repeats itself an error should
148 // be thrown.
150 // Using a 4-bit counter it is possible to encrypt 16 blocks. However the 17th
151 // block would end up wrapping back to the starting value.
152 TEST(WebCryptoAesCtrTest, OverflowAndRepeatCounter) {
153 if (!SupportsAesCtr()) {
154 LOG(WARNING) << "Skipping test because AES-CTR is not supported";
155 return;
158 const uint8_t kCounterLengthBits = 4;
159 const uint8_t kStartCounter[] = {0, 1, 15};
161 blink::WebCryptoKey key = ImportSecretKeyFromRaw(
162 std::vector<uint8>(16), // 128-bit key of all zeros.
163 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCtr),
164 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt);
166 std::vector<uint8_t> buffer(272);
168 // 16 and 17 AES blocks worth of data respectively (AES blocks are 16 bytes
169 // long).
170 CryptoData input_16(vector_as_array(&buffer), 256);
171 CryptoData input_17(vector_as_array(&buffer), 272);
173 std::vector<uint8_t> output;
175 for (size_t i = 0; i < arraysize(kStartCounter); ++i) {
176 std::vector<uint8_t> counter(16);
177 counter[15] = kStartCounter[i];
179 // Baseline test: Encrypting 16 blocks should work (don't bother to check
180 // output, the known answer tests already do that).
181 EXPECT_EQ(Status::Success(),
182 Encrypt(CreateAesCtrAlgorithm(counter, kCounterLengthBits), key,
183 input_16, &output));
185 // Encrypting/Decrypting 17 however should fail.
186 EXPECT_EQ(Status::ErrorAesCtrInputTooLongCounterRepeated(),
187 Encrypt(CreateAesCtrAlgorithm(counter, kCounterLengthBits), key,
188 input_17, &output));
189 EXPECT_EQ(Status::ErrorAesCtrInputTooLongCounterRepeated(),
190 Decrypt(CreateAesCtrAlgorithm(counter, kCounterLengthBits), key,
191 input_17, &output));
195 } // namespace
197 } // namespace webcrypto
199 } // namespace content