diff options
| author | eroman@chromium.org <eroman@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-05-09 13:34:42 +0000 |
|---|---|---|
| committer | eroman@chromium.org <eroman@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-05-09 13:34:42 +0000 |
| commit | cd636729b2ffc613f90fa22c605d15d1fe2ba70e (patch) | |
| tree | 00eb9d2b9ffd3442bd27aacbd7608fc0d9777fad /content | |
| parent | 88a6f2063cdba9f3be3e1c0a62aaca2fb6096a77 (diff) | |
| download | chromium_src-cd636729b2ffc613f90fa22c605d15d1fe2ba70e.zip chromium_src-cd636729b2ffc613f90fa22c605d15d1fe2ba70e.tar.gz chromium_src-cd636729b2ffc613f90fa22c605d15d1fe2ba70e.tar.bz2 | |
[webcrypto] Fix AES-KW unwrapping for symmetric keys (NSS).
The unwrapped key did not have the proper flags so it could not be used in other operations (like signing).
BUG=370712,245025
Review URL: https://codereview.chromium.org/269313004
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@269262 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'content')
| -rw-r--r-- | content/child/webcrypto/platform_crypto_nss.cc | 19 | ||||
| -rw-r--r-- | content/child/webcrypto/shared_crypto_unittest.cc | 62 |
2 files changed, 70 insertions, 11 deletions
diff --git a/content/child/webcrypto/platform_crypto_nss.cc b/content/child/webcrypto/platform_crypto_nss.cc index ffa62a5..65dbb2f 100644 --- a/content/child/webcrypto/platform_crypto_nss.cc +++ b/content/child/webcrypto/platform_crypto_nss.cc @@ -560,13 +560,16 @@ Status DoUnwrapSymKeyAesKw(const CryptoData& wrapped_key_data, PORT_SetError(0); #endif - crypto::ScopedPK11SymKey new_key(PK11_UnwrapSymKey(wrapping_key->key(), - CKM_NSS_AES_KEY_WRAP, - param_item.get(), - &cipher_text, - mechanism, - flags, - plaintext_length)); + crypto::ScopedPK11SymKey new_key( + PK11_UnwrapSymKeyWithFlags(wrapping_key->key(), + CKM_NSS_AES_KEY_WRAP, + param_item.get(), + &cipher_text, + mechanism, + CKA_FLAGS_ONLY, + plaintext_length, + flags)); + // TODO(padolph): Use NSS PORT_GetError() and friends to report a more // accurate error, providing if doesn't leak any information to web pages // about other web crypto users, key details, etc. @@ -1575,7 +1578,7 @@ Status DecryptAesKw(SymKey* wrapping_key, // temporarily viewed as a symmetric key to be unwrapped (decrypted). crypto::ScopedPK11SymKey decrypted; Status status = DoUnwrapSymKeyAesKw( - data, wrapping_key, CKK_GENERIC_SECRET, CKA_ENCRYPT, &decrypted); + data, wrapping_key, CKK_GENERIC_SECRET, 0, &decrypted); if (status.IsError()) return status; diff --git a/content/child/webcrypto/shared_crypto_unittest.cc b/content/child/webcrypto/shared_crypto_unittest.cc index 3beadc4..20f1ad5 100644 --- a/content/child/webcrypto/shared_crypto_unittest.cc +++ b/content/child/webcrypto/shared_crypto_unittest.cc @@ -2785,9 +2785,7 @@ TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyWrapUnwrapKnownAnswer)) { EXPECT_FALSE(key.isNull()); EXPECT_TRUE(key.handle()); EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); - EXPECT_EQ( - webcrypto::CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc).id(), - key.algorithm().id()); + EXPECT_EQ(blink::WebCryptoAlgorithmIdAesCbc, key.algorithm().id()); EXPECT_EQ(true, key.extractable()); EXPECT_EQ(blink::WebCryptoKeyUsageEncrypt, key.usages()); @@ -2799,6 +2797,64 @@ TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyWrapUnwrapKnownAnswer)) { } } +// Unwrap a HMAC key using AES-KW, and then try doing a sign/verify with the +// unwrapped key +TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyUnwrapSignVerifyHmac)) { + scoped_ptr<base::ListValue> tests; + ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests)); + + base::DictionaryValue* test; + ASSERT_TRUE(tests->GetDictionary(0, &test)); + const std::vector<uint8> test_kek = GetBytesFromHexString(test, "kek"); + const std::vector<uint8> test_ciphertext = + GetBytesFromHexString(test, "ciphertext"); + const blink::WebCryptoAlgorithm wrapping_algorithm = + CreateAlgorithm(blink::WebCryptoAlgorithmIdAesKw); + + // Import the wrapping key. + blink::WebCryptoKey wrapping_key = ImportSecretKeyFromRaw( + test_kek, wrapping_algorithm, blink::WebCryptoKeyUsageUnwrapKey); + + // Unwrap the known ciphertext. + blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); + ASSERT_EQ( + Status::Success(), + UnwrapKey(blink::WebCryptoKeyFormatRaw, + CryptoData(test_ciphertext), + wrapping_key, + wrapping_algorithm, + CreateHmacImportAlgorithm(blink::WebCryptoAlgorithmIdSha1), + false, + blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, + &key)); + + EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); + EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); + EXPECT_FALSE(key.extractable()); + EXPECT_EQ(blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify, + key.usages()); + + // Sign an empty message and ensure it is verified. + std::vector<uint8> test_message; + std::vector<uint8> signature; + + ASSERT_EQ(Status::Success(), + Sign(CreateAlgorithm(blink::WebCryptoAlgorithmIdHmac), + key, + CryptoData(test_message), + &signature)); + + EXPECT_GT(signature.size(), 0u); + + bool verify_result; + ASSERT_EQ(Status::Success(), + VerifySignature(CreateAlgorithm(blink::WebCryptoAlgorithmIdHmac), + key, + CryptoData(signature), + CryptoData(test_message), + &verify_result)); +} + TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyWrapUnwrapErrors)) { scoped_ptr<base::ListValue> tests; ASSERT_TRUE(ReadJsonTestFileToList("aes_kw.json", &tests)); |