search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Removing uses of X11 native key events.
[chromium-blink-merge.git] / content / child / webcrypto / test / hmac_unittest.cc
blobfe5d082c44c6191045ddd53140d5e27913974ae8
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "base/logging.h"
6 #include "base/stl_util.h"
7 #include "content/child/webcrypto/algorithm_dispatch.h"
8 #include "content/child/webcrypto/crypto_data.h"
9 #include "content/child/webcrypto/status.h"
10 #include "content/child/webcrypto/test/test_helpers.h"
11 #include "content/child/webcrypto/webcrypto_util.h"
12 #include "testing/gtest/include/gtest/gtest.h"
13 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"
14 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h"
15
16 namespace content {
17
18 namespace webcrypto {
19
20 namespace {
21
22 // Creates an HMAC algorithm whose parameters struct is compatible with key
23 // generation. It is an error to call this with a hash_id that is not a SHA*.
24 // The key_length_bits parameter is optional, with zero meaning unspecified.
25 blink::WebCryptoAlgorithm CreateHmacKeyGenAlgorithm(
26 blink::WebCryptoAlgorithmId hash_id,
27 unsigned int key_length_bits) {
28 DCHECK(blink::WebCryptoAlgorithm::isHash(hash_id));
29 // key_length_bytes == 0 means unspecified
30 return blink::WebCryptoAlgorithm::adoptParamsAndCreate(
31 blink::WebCryptoAlgorithmIdHmac,
32 new blink::WebCryptoHmacKeyGenParams(
33 CreateAlgorithm(hash_id), (key_length_bits != 0), key_length_bits));
34 }
35
36 TEST(WebCryptoHmacTest, HMACSampleSets) {
37 scoped_ptr<base::ListValue> tests;
38 ASSERT_TRUE(ReadJsonTestFileToList("hmac.json", &tests));
39 for (size_t test_index = 0; test_index < tests->GetSize(); ++test_index) {
40 SCOPED_TRACE(test_index);
41 base::DictionaryValue* test;
42 ASSERT_TRUE(tests->GetDictionary(test_index, &test));
43
44 blink::WebCryptoAlgorithm test_hash = GetDigestAlgorithm(test, "hash");
45 const std::vector<uint8_t> test_key = GetBytesFromHexString(test, "key");
46 const std::vector<uint8_t> test_message =
47 GetBytesFromHexString(test, "message");
48 const std::vector<uint8_t> test_mac = GetBytesFromHexString(test, "mac");
49
50 blink::WebCryptoAlgorithm algorithm =
51 CreateAlgorithm(blink::WebCryptoAlgorithmIdHmac);
52
53 blink::WebCryptoAlgorithm import_algorithm =
54 CreateHmacImportAlgorithm(test_hash.id());
55
56 blink::WebCryptoKey key = ImportSecretKeyFromRaw(
57 test_key,
58 import_algorithm,
59 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify);
60
61 EXPECT_EQ(test_hash.id(), key.algorithm().hmacParams()->hash().id());
62 EXPECT_EQ(test_key.size() * 8, key.algorithm().hmacParams()->lengthBits());
63
64 // Verify exported raw key is identical to the imported data
65 std::vector<uint8_t> raw_key;
66 EXPECT_EQ(Status::Success(),
67 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key));
68 EXPECT_BYTES_EQ(test_key, raw_key);
69
70 std::vector<uint8_t> output;
71
72 ASSERT_EQ(Status::Success(),
73 Sign(algorithm, key, CryptoData(test_message), &output));
74
75 EXPECT_BYTES_EQ(test_mac, output);
76
77 bool signature_match = false;
78 EXPECT_EQ(Status::Success(),
79 Verify(algorithm,
80 key,
81 CryptoData(output),
82 CryptoData(test_message),
83 &signature_match));
84 EXPECT_TRUE(signature_match);
85
86 // Ensure truncated signature does not verify by passing one less byte.
87 EXPECT_EQ(Status::Success(),
88 Verify(algorithm,
89 key,
90 CryptoData(vector_as_array(&output), output.size() - 1),
91 CryptoData(test_message),
92 &signature_match));
93 EXPECT_FALSE(signature_match);
94
95 // Ensure truncated signature does not verify by passing no bytes.
96 EXPECT_EQ(Status::Success(),
97 Verify(algorithm,
98 key,
99 CryptoData(),
100 CryptoData(test_message),
101 &signature_match));
102 EXPECT_FALSE(signature_match);
103
104 // Ensure extra long signature does not cause issues and fails.
105 const unsigned char kLongSignature[1024] = {0};
106 EXPECT_EQ(Status::Success(),
107 Verify(algorithm,
108 key,
109 CryptoData(kLongSignature, sizeof(kLongSignature)),
110 CryptoData(test_message),
111 &signature_match));
112 EXPECT_FALSE(signature_match);
113 }
114 }
115
116 TEST(WebCryptoHmacTest, GenerateKeyIsRandom) {
117 // Generate a small sample of HMAC keys.
118 std::vector<std::vector<uint8_t> > keys;
119 for (int i = 0; i < 16; ++i) {
120 std::vector<uint8_t> key_bytes;
121 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
122 blink::WebCryptoAlgorithm algorithm =
123 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 512);
124 ASSERT_EQ(Status::Success(), GenerateSecretKey(algorithm, true, 0, &key));
125 EXPECT_FALSE(key.isNull());
126 EXPECT_TRUE(key.handle());
127 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type());
128 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id());
129 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1,
130 key.algorithm().hmacParams()->hash().id());
131 EXPECT_EQ(512u, key.algorithm().hmacParams()->lengthBits());
132
133 std::vector<uint8_t> raw_key;
134 ASSERT_EQ(Status::Success(),
135 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key));
136 EXPECT_EQ(64U, raw_key.size());
137 keys.push_back(raw_key);
138 }
139 // Ensure all entries in the key sample set are unique. This is a simplistic
140 // estimate of whether the generated keys appear random.
141 EXPECT_FALSE(CopiesExist(keys));
142 }
143
144 // If the key length is not provided, then the block size is used.
145 TEST(WebCryptoHmacTest, GenerateKeyNoLengthSha1) {
146 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
147 blink::WebCryptoAlgorithm algorithm =
148 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha1, 0);
149 ASSERT_EQ(Status::Success(), GenerateSecretKey(algorithm, true, 0, &key));
150 EXPECT_TRUE(key.handle());
151 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type());
152 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id());
153 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1,
154 key.algorithm().hmacParams()->hash().id());
155 EXPECT_EQ(512u, key.algorithm().hmacParams()->lengthBits());
156 std::vector<uint8_t> raw_key;
157 ASSERT_EQ(Status::Success(),
158 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key));
159 EXPECT_EQ(64U, raw_key.size());
160 }
161
162 // If the key length is not provided, then the block size is used.
163 TEST(WebCryptoHmacTest, GenerateKeyNoLengthSha512) {
164 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
165 blink::WebCryptoAlgorithm algorithm =
166 CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha512, 0);
167 ASSERT_EQ(Status::Success(), GenerateSecretKey(algorithm, true, 0, &key));
168 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id());
169 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha512,
170 key.algorithm().hmacParams()->hash().id());
171 EXPECT_EQ(1024u, key.algorithm().hmacParams()->lengthBits());
172 std::vector<uint8_t> raw_key;
173 ASSERT_EQ(Status::Success(),
174 ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key));
175 EXPECT_EQ(128U, raw_key.size());
176 }
177
178 TEST(WebCryptoHmacTest, ImportKeyJwkKeyOpsSignVerify) {
179 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
180 base::DictionaryValue dict;
181 dict.SetString("kty", "oct");
182 dict.SetString("k", "GADWrMRHwQfoNaXU5fZvTg==");
183 base::ListValue* key_ops = new base::ListValue;
184 dict.Set("key_ops", key_ops); // Takes ownership.
185
186 key_ops->AppendString("sign");
187
188 EXPECT_EQ(Status::Success(),
189 ImportKeyJwkFromDict(
190 dict,
191 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256),
192 false,
193 blink::WebCryptoKeyUsageSign,
194 &key));
195
196 EXPECT_EQ(blink::WebCryptoKeyUsageSign, key.usages());
197
198 key_ops->AppendString("verify");
199
200 EXPECT_EQ(Status::Success(),
201 ImportKeyJwkFromDict(
202 dict,
203 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256),
204 false,
205 blink::WebCryptoKeyUsageVerify,
206 &key));
207
208 EXPECT_EQ(blink::WebCryptoKeyUsageVerify, key.usages());
209 }
210
211 // Test 'use' inconsistent with 'key_ops'.
212 TEST(WebCryptoHmacTest, ImportKeyJwkUseInconsisteWithKeyOps) {
213 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
214 base::DictionaryValue dict;
215 dict.SetString("kty", "oct");
216 dict.SetString("k", "GADWrMRHwQfoNaXU5fZvTg==");
217 base::ListValue* key_ops = new base::ListValue;
218 dict.Set("key_ops", key_ops); // Takes ownership.
219
220 dict.SetString("alg", "HS256");
221 dict.SetString("use", "sig");
222 key_ops->AppendString("sign");
223 key_ops->AppendString("verify");
224 key_ops->AppendString("encrypt");
225 EXPECT_EQ(Status::ErrorJwkUseAndKeyopsInconsistent(),
226 ImportKeyJwkFromDict(
227 dict,
228 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256),
229 false,
230 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify,
231 &key));
232 }
233
234 // Test JWK composite 'sig' use
235 TEST(WebCryptoHmacTest, ImportKeyJwkUseSig) {
236 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
237 base::DictionaryValue dict;
238 dict.SetString("kty", "oct");
239 dict.SetString("k", "GADWrMRHwQfoNaXU5fZvTg==");
240
241 dict.SetString("use", "sig");
242 EXPECT_EQ(Status::Success(),
243 ImportKeyJwkFromDict(
244 dict,
245 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256),
246 false,
247 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify,
248 &key));
249
250 EXPECT_EQ(blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify,
251 key.usages());
252 }
253
254 TEST(WebCryptoHmacTest, ImportJwkInputConsistency) {
255 // The Web Crypto spec says that if a JWK value is present, but is
256 // inconsistent with the input value, the operation must fail.
257
258 // Consistency rules when JWK value is not present: Inputs should be used.
259 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
260 bool extractable = false;
261 blink::WebCryptoAlgorithm algorithm =
262 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256);
263 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageVerify;
264 base::DictionaryValue dict;
265 dict.SetString("kty", "oct");
266 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg");
267 std::vector<uint8_t> json_vec = MakeJsonVector(dict);
268 EXPECT_EQ(Status::Success(),
269 ImportKey(blink::WebCryptoKeyFormatJwk,
270 CryptoData(json_vec),
271 algorithm,
272 extractable,
273 usage_mask,
274 &key));
275 EXPECT_TRUE(key.handle());
276 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type());
277 EXPECT_EQ(extractable, key.extractable());
278 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id());
279 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256,
280 key.algorithm().hmacParams()->hash().id());
281 EXPECT_EQ(320u, key.algorithm().hmacParams()->lengthBits());
282 EXPECT_EQ(blink::WebCryptoKeyUsageVerify, key.usages());
283 key = blink::WebCryptoKey::createNull();
284
285 // Consistency rules when JWK value exists: Fail if inconsistency is found.
286
287 // Pass: All input values are consistent with the JWK values.
288 dict.Clear();
289 dict.SetString("kty", "oct");
290 dict.SetString("alg", "HS256");
291 dict.SetString("use", "sig");
292 dict.SetBoolean("ext", false);
293 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg");
294 json_vec = MakeJsonVector(dict);
295 EXPECT_EQ(Status::Success(),
296 ImportKey(blink::WebCryptoKeyFormatJwk,
297 CryptoData(json_vec),
298 algorithm,
299 extractable,
300 usage_mask,
301 &key));
302
303 // Extractable cases:
304 // 1. input=T, JWK=F ==> fail (inconsistent)
305 // 4. input=F, JWK=F ==> pass, result extractable is F
306 // 2. input=T, JWK=T ==> pass, result extractable is T
307 // 3. input=F, JWK=T ==> pass, result extractable is F
308 EXPECT_EQ(Status::ErrorJwkExtInconsistent(),
309 ImportKey(blink::WebCryptoKeyFormatJwk,
310 CryptoData(json_vec),
311 algorithm,
312 true,
313 usage_mask,
314 &key));
315 EXPECT_EQ(Status::Success(),
316 ImportKey(blink::WebCryptoKeyFormatJwk,
317 CryptoData(json_vec),
318 algorithm,
319 false,
320 usage_mask,
321 &key));
322 EXPECT_FALSE(key.extractable());
323 dict.SetBoolean("ext", true);
324 EXPECT_EQ(Status::Success(),
325 ImportKeyJwkFromDict(dict, algorithm, true, usage_mask, &key));
326 EXPECT_TRUE(key.extractable());
327 EXPECT_EQ(Status::Success(),
328 ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key));
329 EXPECT_FALSE(key.extractable());
330 dict.SetBoolean("ext", true); // restore previous value
331
332 // Fail: Input algorithm (AES-CBC) is inconsistent with JWK value
333 // (HMAC SHA256).
334 dict.Clear();
335 dict.SetString("kty", "oct");
336 dict.SetString("alg", "HS256");
337 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg");
338 EXPECT_EQ(
339 Status::ErrorJwkAlgorithmInconsistent(),
340 ImportKeyJwkFromDict(dict,
341 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
342 extractable,
343 blink::WebCryptoKeyUsageEncrypt,
344 &key));
345 // Fail: Input usage (encrypt) is inconsistent with JWK value (use=sig).
346 EXPECT_EQ(Status::ErrorJwkUseInconsistent(),
347 ImportKey(blink::WebCryptoKeyFormatJwk,
348 CryptoData(json_vec),
349 CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
350 extractable,
351 blink::WebCryptoKeyUsageEncrypt,
352 &key));
353
354 // Fail: Input algorithm (HMAC SHA1) is inconsistent with JWK value
355 // (HMAC SHA256).
356 EXPECT_EQ(
357 Status::ErrorJwkAlgorithmInconsistent(),
358 ImportKey(blink::WebCryptoKeyFormatJwk,
359 CryptoData(json_vec),
360 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha1),
361 extractable,
362 usage_mask,
363 &key));
364
365 // Pass: JWK alg missing but input algorithm specified: use input value
366 dict.Remove("alg", NULL);
367 EXPECT_EQ(Status::Success(),
368 ImportKeyJwkFromDict(
369 dict,
370 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256),
371 extractable,
372 usage_mask,
373 &key));
374 EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id());
375 dict.SetString("alg", "HS256");
376
377 // Fail: Input usage_mask (encrypt) is not a subset of the JWK value
378 // (sign|verify). Moreover "encrypt" is not a valid usage for HMAC.
379 EXPECT_EQ(Status::ErrorCreateKeyBadUsages(),
380 ImportKey(blink::WebCryptoKeyFormatJwk,
381 CryptoData(json_vec),
382 algorithm,
383 extractable,
384 blink::WebCryptoKeyUsageEncrypt,
385 &key));
386
387 // Fail: Input usage_mask (encrypt|sign|verify) is not a subset of the JWK
388 // value (sign|verify). Moreover "encrypt" is not a valid usage for HMAC.
389 usage_mask = blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageSign |
390 blink::WebCryptoKeyUsageVerify;
391 EXPECT_EQ(Status::ErrorCreateKeyBadUsages(),
392 ImportKey(blink::WebCryptoKeyFormatJwk,
393 CryptoData(json_vec),
394 algorithm,
395 extractable,
396 usage_mask,
397 &key));
398
399 // TODO(padolph): kty vs alg consistency tests: Depending on the kty value,
400 // only certain alg values are permitted. For example, when kty = "RSA" alg
401 // must be of the RSA family, or when kty = "oct" alg must be symmetric
402 // algorithm.
403
404 // TODO(padolph): key_ops consistency tests
405 }
406
407 TEST(WebCryptoHmacTest, ImportJwkHappy) {
408 // This test verifies the happy path of JWK import, including the application
409 // of the imported key material.
410
411 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
412 bool extractable = false;
413 blink::WebCryptoAlgorithm algorithm =
414 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha256);
415 blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageSign;
416
417 // Import a symmetric key JWK and HMAC-SHA256 sign()
418 // Uses the first SHA256 test vector from the HMAC sample set above.
419
420 base::DictionaryValue dict;
421 dict.SetString("kty", "oct");
422 dict.SetString("alg", "HS256");
423 dict.SetString("use", "sig");
424 dict.SetBoolean("ext", false);
425 dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg");
426
427 ASSERT_EQ(
428 Status::Success(),
429 ImportKeyJwkFromDict(dict, algorithm, extractable, usage_mask, &key));
430
431 EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256,
432 key.algorithm().hmacParams()->hash().id());
433
434 const std::vector<uint8_t> message_raw = HexStringToBytes(
435 "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a"
436 "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92"
437 "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f"
438 "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e");
439
440 std::vector<uint8_t> output;
441
442 ASSERT_EQ(Status::Success(),
443 Sign(CreateAlgorithm(blink::WebCryptoAlgorithmIdHmac),
444 key,
445 CryptoData(message_raw),
446 &output));
447
448 const std::string mac_raw =
449 "769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b";
450
451 EXPECT_BYTES_EQ_HEX(mac_raw, output);
452
453 // TODO(padolph): Import an RSA public key JWK and use it
454 }
455
456 TEST(WebCryptoHmacTest, ImportExportJwk) {
457 // HMAC SHA-1
458 ImportExportJwkSymmetricKey(
459 256,
460 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha1),
461 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify,
462 "HS1");
463
464 // HMAC SHA-384
465 ImportExportJwkSymmetricKey(
466 384,
467 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha384),
468 blink::WebCryptoKeyUsageSign,
469 "HS384");
470
471 // HMAC SHA-512
472 ImportExportJwkSymmetricKey(
473 512,
474 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha512),
475 blink::WebCryptoKeyUsageVerify,
476 "HS512");
477
478 // Zero usage value
479 ImportExportJwkSymmetricKey(
480 512,
481 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha512),
482 0,
483 "HS512");
484 }
485
486 TEST(WebCryptoHmacTest, ExportJwkEmptyKey) {
487 const blink::WebCryptoAlgorithm import_algorithm =
488 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha1);
489
490 blink::WebCryptoKeyUsageMask usages = blink::WebCryptoKeyUsageSign;
491 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
492
493 // Import a zero-byte HMAC key.
494 const char key_data_hex[] = "";
495 key = ImportSecretKeyFromRaw(
496 HexStringToBytes(key_data_hex), import_algorithm, usages);
497 EXPECT_EQ(0u, key.algorithm().hmacParams()->lengthBits());
498
499 // Export the key in JWK format and validate.
500 std::vector<uint8_t> json;
501 ASSERT_EQ(Status::Success(),
502 ExportKey(blink::WebCryptoKeyFormatJwk, key, &json));
503 EXPECT_TRUE(VerifySecretJwk(json, "HS1", key_data_hex, usages));
504
505 // Now try re-importing the JWK key.
506 key = blink::WebCryptoKey::createNull();
507 EXPECT_EQ(Status::Success(),
508 ImportKey(blink::WebCryptoKeyFormatJwk,
509 CryptoData(json),
510 import_algorithm,
511 true,
512 usages,
513 &key));
514
515 EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type());
516 EXPECT_EQ(0u, key.algorithm().hmacParams()->lengthBits());
517
518 std::vector<uint8_t> exported_key_data;
519 EXPECT_EQ(Status::Success(),
520 ExportKey(blink::WebCryptoKeyFormatRaw, key, &exported_key_data));
521
522 EXPECT_EQ(0u, exported_key_data.size());
523 }
524
525 // Import a huge hmac key (UINT_MAX bytes). This will fail before actually
526 // reading the bytes, as the key is too large.
527 TEST(WebCryptoHmacTest, ImportRawKeyTooLarge) {
528 CryptoData big_data(NULL, UINT_MAX); // Invalid data of big length.
529
530 blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
531 EXPECT_EQ(
532 Status::ErrorDataTooLarge(),
533 ImportKey(blink::WebCryptoKeyFormatRaw,
534 CryptoData(big_data),
535 CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha1),
536 true,
537 blink::WebCryptoKeyUsageSign,
538 &key));
539 }
540
541 } // namespace
542
543 } // namespace webcrypto
544
545 } // namespace content