session-desktop/test/crypto_test.js

/* global Signal, textsecure, libsignal */

'use strict';

describe('Crypto', () => {
  describe('accessKey/profileKey', () => {
    it('verification roundtrips', async () => {
      const profileKey = await Signal.Crypto.getRandomBytes(32);
      const accessKey = await Signal.Crypto.deriveAccessKey(profileKey);

      const verifier = await Signal.Crypto.getAccessKeyVerifier(accessKey);

      const correct = await Signal.Crypto.verifyAccessKey(accessKey, verifier);

      assert.strictEqual(correct, true);
    });
  });

  describe('symmetric encryption', () => {
    it('roundtrips', async () => {
      const message = 'this is my message';
      const plaintext = dcodeIO.ByteBuffer.wrap(
        message,
        'binary'
      ).toArrayBuffer();
      const key = textsecure.crypto.getRandomBytes(32);

      const encrypted = await Signal.Crypto.encryptSymmetric(key, plaintext);
      const decrypted = await Signal.Crypto.decryptSymmetric(key, encrypted);

      const equal = Signal.Crypto.constantTimeEqual(plaintext, decrypted);
      if (!equal) {
        throw new Error('The output and input did not match!');
      }
    });

    it('roundtrip fails if nonce is modified', async () => {
      const message = 'this is my message';
      const plaintext = dcodeIO.ByteBuffer.wrap(
        message,
        'binary'
      ).toArrayBuffer();
      const key = textsecure.crypto.getRandomBytes(32);

      const encrypted = await Signal.Crypto.encryptSymmetric(key, plaintext);
      const uintArray = new Uint8Array(encrypted);
      uintArray[2] = 9;

      try {
        await Signal.Crypto.decryptSymmetric(key, uintArray.buffer);
      } catch (error) {
        assert.strictEqual(
          error.message,
          'decryptSymmetric: Failed to decrypt; MAC verification failed'
        );
        return;
      }

      throw new Error('Expected error to be thrown');
    });

    it('roundtrip fails if mac is modified', async () => {
      const message = 'this is my message';
      const plaintext = dcodeIO.ByteBuffer.wrap(
        message,
        'binary'
      ).toArrayBuffer();
      const key = textsecure.crypto.getRandomBytes(32);

      const encrypted = await Signal.Crypto.encryptSymmetric(key, plaintext);
      const uintArray = new Uint8Array(encrypted);
      uintArray[uintArray.length - 3] = 9;

      try {
        await Signal.Crypto.decryptSymmetric(key, uintArray.buffer);
      } catch (error) {
        assert.strictEqual(
          error.message,
          'decryptSymmetric: Failed to decrypt; MAC verification failed'
        );
        return;
      }

      throw new Error('Expected error to be thrown');
    });

    it('roundtrip fails if encrypted contents are modified', async () => {
      const message = 'this is my message';
      const plaintext = dcodeIO.ByteBuffer.wrap(
        message,
        'binary'
      ).toArrayBuffer();
      const key = textsecure.crypto.getRandomBytes(32);

      const encrypted = await Signal.Crypto.encryptSymmetric(key, plaintext);
      const uintArray = new Uint8Array(encrypted);
      uintArray[35] = 9;

      try {
        await Signal.Crypto.decryptSymmetric(key, uintArray.buffer);
      } catch (error) {
        assert.strictEqual(
          error.message,
          'decryptSymmetric: Failed to decrypt; MAC verification failed'
        );
        return;
      }

      throw new Error('Expected error to be thrown');
    });
  });

  describe('encrypted device name', () => {
    it('roundtrips', async () => {
      const deviceName = 'v1.19.0 on Windows 10';
      const identityKey = await libsignal.KeyHelper.generateIdentityKeyPair();

      const encrypted = await Signal.Crypto.encryptDeviceName(
        deviceName,
        identityKey.pubKey
      );
      const decrypted = await Signal.Crypto.decryptDeviceName(
        encrypted,
        identityKey.privKey
      );

      assert.strictEqual(decrypted, deviceName);
    });

    it('fails if iv is changed', async () => {
      const deviceName = 'v1.19.0 on Windows 10';
      const identityKey = await libsignal.KeyHelper.generateIdentityKeyPair();

      const encrypted = await Signal.Crypto.encryptDeviceName(
        deviceName,
        identityKey.pubKey
      );
      encrypted.syntheticIv = Signal.Crypto.getRandomBytes(16);
      try {
        await Signal.Crypto.decryptDeviceName(encrypted, identityKey.privKey);
      } catch (error) {
        assert.strictEqual(
          error.message,
          'decryptDeviceName: synthetic IV did not match'
        );
      }
    });
  });
});
Encrypt device name on account create, on first launch if needed 2018-12-13 20:12:33 +01:00			`/* global Signal, textsecure, libsignal */`
eslintify all test files 2018-11-02 19:02:53 +01:00
Encryption support for backup and restore Also moved to the _ prefix in backup.js for all private methods exported for testing. 2018-03-19 20:42:12 +01:00			`'use strict';`

Sealed Sender support https://signal.org/blog/sealed-sender/ 2018-10-18 03:01:21 +02:00			`describe('Crypto', () => {`
			`describe('accessKey/profileKey', () => {`
			`it('verification roundtrips', async () => {`
			`const profileKey = await Signal.Crypto.getRandomBytes(32);`
			`const accessKey = await Signal.Crypto.deriveAccessKey(profileKey);`
Encryption support for backup and restore Also moved to the _ prefix in backup.js for all private methods exported for testing. 2018-03-19 20:42:12 +01:00
Sealed Sender support https://signal.org/blog/sealed-sender/ 2018-10-18 03:01:21 +02:00			`const verifier = await Signal.Crypto.getAccessKeyVerifier(accessKey);`

			`const correct = await Signal.Crypto.verifyAccessKey(accessKey, verifier);`
Encryption support for backup and restore Also moved to the _ prefix in backup.js for all private methods exported for testing. 2018-03-19 20:42:12 +01:00
Sealed Sender support https://signal.org/blog/sealed-sender/ 2018-10-18 03:01:21 +02:00			`assert.strictEqual(correct, true);`
			`});`
Encryption support for backup and restore Also moved to the _ prefix in backup.js for all private methods exported for testing. 2018-03-19 20:42:12 +01:00			`});`

Sealed Sender support https://signal.org/blog/sealed-sender/ 2018-10-18 03:01:21 +02:00			`describe('symmetric encryption', () => {`
			`it('roundtrips', async () => {`
eslintify all test files 2018-11-02 19:02:53 +01:00			`const message = 'this is my message';`
			`const plaintext = dcodeIO.ByteBuffer.wrap(`
Sealed Sender support https://signal.org/blog/sealed-sender/ 2018-10-18 03:01:21 +02:00			`message,`
			`'binary'`
			`).toArrayBuffer();`
eslintify all test files 2018-11-02 19:02:53 +01:00			`const key = textsecure.crypto.getRandomBytes(32);`
Sealed Sender support https://signal.org/blog/sealed-sender/ 2018-10-18 03:01:21 +02:00
eslintify all test files 2018-11-02 19:02:53 +01:00			`const encrypted = await Signal.Crypto.encryptSymmetric(key, plaintext);`
			`const decrypted = await Signal.Crypto.decryptSymmetric(key, encrypted);`
Sealed Sender support https://signal.org/blog/sealed-sender/ 2018-10-18 03:01:21 +02:00
eslintify all test files 2018-11-02 19:02:53 +01:00			`const equal = Signal.Crypto.constantTimeEqual(plaintext, decrypted);`
Sealed Sender support https://signal.org/blog/sealed-sender/ 2018-10-18 03:01:21 +02:00			`if (!equal) {`
			`throw new Error('The output and input did not match!');`
			`}`
			`});`

			`it('roundtrip fails if nonce is modified', async () => {`
eslintify all test files 2018-11-02 19:02:53 +01:00			`const message = 'this is my message';`
			`const plaintext = dcodeIO.ByteBuffer.wrap(`
Sealed Sender support https://signal.org/blog/sealed-sender/ 2018-10-18 03:01:21 +02:00			`message,`
			`'binary'`
			`).toArrayBuffer();`
eslintify all test files 2018-11-02 19:02:53 +01:00			`const key = textsecure.crypto.getRandomBytes(32);`
Sealed Sender support https://signal.org/blog/sealed-sender/ 2018-10-18 03:01:21 +02:00
eslintify all test files 2018-11-02 19:02:53 +01:00			`const encrypted = await Signal.Crypto.encryptSymmetric(key, plaintext);`
			`const uintArray = new Uint8Array(encrypted);`
Sealed Sender support https://signal.org/blog/sealed-sender/ 2018-10-18 03:01:21 +02:00			`uintArray[2] = 9;`

			`try {`
eslintify all test files 2018-11-02 19:02:53 +01:00			`await Signal.Crypto.decryptSymmetric(key, uintArray.buffer);`
Sealed Sender support https://signal.org/blog/sealed-sender/ 2018-10-18 03:01:21 +02:00			`} catch (error) {`
			`assert.strictEqual(`
			`error.message,`
			`'decryptSymmetric: Failed to decrypt; MAC verification failed'`
			`);`
			`return;`
			`}`

			`throw new Error('Expected error to be thrown');`
			`});`

			`it('roundtrip fails if mac is modified', async () => {`
eslintify all test files 2018-11-02 19:02:53 +01:00			`const message = 'this is my message';`
			`const plaintext = dcodeIO.ByteBuffer.wrap(`
Sealed Sender support https://signal.org/blog/sealed-sender/ 2018-10-18 03:01:21 +02:00			`message,`
			`'binary'`
			`).toArrayBuffer();`
eslintify all test files 2018-11-02 19:02:53 +01:00			`const key = textsecure.crypto.getRandomBytes(32);`
Sealed Sender support https://signal.org/blog/sealed-sender/ 2018-10-18 03:01:21 +02:00
eslintify all test files 2018-11-02 19:02:53 +01:00			`const encrypted = await Signal.Crypto.encryptSymmetric(key, plaintext);`
			`const uintArray = new Uint8Array(encrypted);`
Sealed Sender support https://signal.org/blog/sealed-sender/ 2018-10-18 03:01:21 +02:00			`uintArray[uintArray.length - 3] = 9;`

			`try {`
eslintify all test files 2018-11-02 19:02:53 +01:00			`await Signal.Crypto.decryptSymmetric(key, uintArray.buffer);`
Sealed Sender support https://signal.org/blog/sealed-sender/ 2018-10-18 03:01:21 +02:00			`} catch (error) {`
			`assert.strictEqual(`
			`error.message,`
			`'decryptSymmetric: Failed to decrypt; MAC verification failed'`
			`);`
			`return;`
			`}`

			`throw new Error('Expected error to be thrown');`
			`});`

			`it('roundtrip fails if encrypted contents are modified', async () => {`
eslintify all test files 2018-11-02 19:02:53 +01:00			`const message = 'this is my message';`
			`const plaintext = dcodeIO.ByteBuffer.wrap(`
Sealed Sender support https://signal.org/blog/sealed-sender/ 2018-10-18 03:01:21 +02:00			`message,`
			`'binary'`
			`).toArrayBuffer();`
eslintify all test files 2018-11-02 19:02:53 +01:00			`const key = textsecure.crypto.getRandomBytes(32);`
Sealed Sender support https://signal.org/blog/sealed-sender/ 2018-10-18 03:01:21 +02:00
eslintify all test files 2018-11-02 19:02:53 +01:00			`const encrypted = await Signal.Crypto.encryptSymmetric(key, plaintext);`
			`const uintArray = new Uint8Array(encrypted);`
Sealed Sender support https://signal.org/blog/sealed-sender/ 2018-10-18 03:01:21 +02:00			`uintArray[35] = 9;`

			`try {`
eslintify all test files 2018-11-02 19:02:53 +01:00			`await Signal.Crypto.decryptSymmetric(key, uintArray.buffer);`
Sealed Sender support https://signal.org/blog/sealed-sender/ 2018-10-18 03:01:21 +02:00			`} catch (error) {`
			`assert.strictEqual(`
			`error.message,`
			`'decryptSymmetric: Failed to decrypt; MAC verification failed'`
			`);`
			`return;`
			`}`

			`throw new Error('Expected error to be thrown');`
			`});`
Encryption support for backup and restore Also moved to the _ prefix in backup.js for all private methods exported for testing. 2018-03-19 20:42:12 +01:00			`});`
Encrypt device name on account create, on first launch if needed 2018-12-13 20:12:33 +01:00
			`describe('encrypted device name', () => {`
			`it('roundtrips', async () => {`
			`const deviceName = 'v1.19.0 on Windows 10';`
			`const identityKey = await libsignal.KeyHelper.generateIdentityKeyPair();`

			`const encrypted = await Signal.Crypto.encryptDeviceName(`
			`deviceName,`
			`identityKey.pubKey`
			`);`
			`const decrypted = await Signal.Crypto.decryptDeviceName(`
			`encrypted,`
			`identityKey.privKey`
			`);`

			`assert.strictEqual(decrypted, deviceName);`
			`});`

			`it('fails if iv is changed', async () => {`
			`const deviceName = 'v1.19.0 on Windows 10';`
			`const identityKey = await libsignal.KeyHelper.generateIdentityKeyPair();`

			`const encrypted = await Signal.Crypto.encryptDeviceName(`
			`deviceName,`
			`identityKey.pubKey`
			`);`
			`encrypted.syntheticIv = Signal.Crypto.getRandomBytes(16);`
			`try {`
			`await Signal.Crypto.decryptDeviceName(encrypted, identityKey.privKey);`
			`} catch (error) {`
			`assert.strictEqual(`
			`error.message,`
			`'decryptDeviceName: synthetic IV did not match'`
			`);`
			`}`
			`});`
			`});`
Encryption support for backup and restore Also moved to the _ prefix in backup.js for all private methods exported for testing. 2018-03-19 20:42:12 +01:00			`});`