[webcrypto] Don't fail JWK import if key_ops contains an unrecognized value.

BUG=378084,245025 Review URL: https://codereview.chromium.org/308183003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@274465 0039d316-1c4b-4281-b951-d872f2087c98

[webcrypto] Don't fail JWK import if key_ops contains an unrecognized value.
BUG=378084,245025 Review URL: https://codereview.chromium.org/308183003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@274465 0039d316-1c4b-4281-b951-d872f2087c98
aee9f1fc · eroman@chromium.org · a225993e · aee9f1fc · aee9f1fc
Commit aee9f1fc authored Jun 03, 2014 by eroman@chromium.org
Showing with 43 additions and 4 deletions

content/child/webcrypto/shared_crypto_unittest.cc content/child/webcrypto/shared_crypto_unittest.cc +41 -2

content/child/webcrypto/webcrypto_util.cc content/child/webcrypto/webcrypto_util.cc +2 -2

No files found.
--- a/content/child/webcrypto/shared_crypto_unittest.cc
+++ b/content/child/webcrypto/shared_crypto_unittest.cc
@@ -1397,16 +1397,55 @@ TEST_F(SharedCryptoTest, ImportJwkFailures) {
            ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key));
  RestoreJwkOctDictionary(&dict);

-  // Fail on invalid key_ops (wrong element value).
+  // Fail on inconsistent key_ops - asking for "encrypt" however JWK contains
+  // only "foo".
  base::ListValue* key_ops = new base::ListValue;
  // Note: the following call makes dict assume ownership of key_ops.
  dict.Set("key_ops", key_ops);
  key_ops->AppendString("foo");
-  EXPECT_EQ(Status::ErrorJwkUnrecognizedKeyop(),
+  EXPECT_EQ(Status::ErrorJwkKeyopsInconsistent(),
            ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key));
  RestoreJwkOctDictionary(&dict);
 }

+// Import a JWK with unrecognized values for "key_ops".
+TEST_F(SharedCryptoTest, ImportJwkUnrecognizedKeyOps) {
+  blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
+  blink::WebCryptoAlgorithm algorithm =
+      CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc);
+  blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt;
+
+  base::DictionaryValue dict;
+  RestoreJwkOctDictionary(&dict);
+
+  base::ListValue* key_ops = new base::ListValue;
+  dict.Set("key_ops", key_ops);
+  key_ops->AppendString("foo");
+  key_ops->AppendString("bar");
+  key_ops->AppendString("baz");
+  key_ops->AppendString("encrypt");
+  EXPECT_EQ(Status::Success(),
+            ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key));
+}
+
+// Import a JWK with a value in key_ops array that is not a string.
+TEST_F(SharedCryptoTest, ImportJwkNonStringKeyOp) {
+  blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
+  blink::WebCryptoAlgorithm algorithm =
+      CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc);
+  blink::WebCryptoKeyUsageMask usage_mask = blink::WebCryptoKeyUsageEncrypt;
+
+  base::DictionaryValue dict;
+  RestoreJwkOctDictionary(&dict);
+
+  base::ListValue* key_ops = new base::ListValue;
+  dict.Set("key_ops", key_ops);
+  key_ops->AppendString("encrypt");
+  key_ops->AppendInteger(3);
+  EXPECT_EQ(Status::ErrorJwkPropertyWrongType("key_ops[1]", "string"),
+            ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key));
+}
+
 TEST_F(SharedCryptoTest, ImportJwkOctFailures) {
  base::DictionaryValue dict;
  RestoreJwkOctDictionary(&dict);

--- a/content/child/webcrypto/webcrypto_util.cc
+++ b/content/child/webcrypto/webcrypto_util.cc
@@ -103,8 +103,8 @@ Status GetWebCryptoUsagesFromJwkKeyOps(
      return Status::ErrorJwkPropertyWrongType(
          base::StringPrintf("key_ops[%d]", static_cast<int>(i)), "string");
    }
-    if (!JwkKeyOpToWebCryptoUsage(key_op, usage_mask))
-      return Status::ErrorJwkUnrecognizedKeyop();
+    // Unrecognized key_ops are silently skipped.
+    ignore_result(JwkKeyOpToWebCryptoUsage(key_op, usage_mask));
  }
  return Status::Success();
 }