Home Verkennen Help
Inloggen
epsylon
/
oasis
Volgen 1
Ster 0
Vork 0
Bestanden Kwesties 0 Pull-aanvragen 0 Wiki
Boom: 944f091f2a
Aftakkingen Labels
oasis
/
test
/
mods
/
crypto
/
primitives.test.js

primitives.test.js 7.5 KB
Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208 
  1. const fs = require('fs');
    2. 

  2. const os = require('os');
    3. 

  3. const path = require('path');
    4. 

  4. const { eq, ok, notOk, deepEq } = require('../../helpers/assert');
    5. 

  5. 

  6. const tmpRoot = path.join(os.tmpdir(), 'oasis-crypto-tests');
    7. 

  7. const fresh = () => {
    8. 

  8.   const dir = path.join(tmpRoot, 'd-' + Date.now() + '-' + Math.random().toString(36).slice(2));
    9. 

  9.   fs.mkdirSync(dir, { recursive: true });
    10. 

  10.   return dir;
    11. 

  11. };
    12. 

  12. 

  13. const tribeCryptoFactory = require('../../../src/models/crypto');
    14. 

  14. 

  15. describe('crypto: keyring', (t) => {
    16. 

  16.   t('generateTribeKey returns 64 hex chars (32 bytes)', () => {
    17. 

  17.     const tc = tribeCryptoFactory(fresh());
    18. 

  18.     const k = tc.generateTribeKey();
    19. 

  19.     eq(k.length, 64);
    20. 

  20.     ok(/^[0-9a-f]+$/.test(k));
    21. 

  21.   });
    22. 

  22. 

  23.   t('setKey persists and getKey reads back', () => {
    24. 

  24.     const dir = fresh();
    25. 

  25.     const tc = tribeCryptoFactory(dir);
    26. 

  26.     tc.setKey('%test.sha256', 'a'.repeat(64), 1);
    27. 

  27.     eq(tc.getKey('%test.sha256'), 'a'.repeat(64));
    28. 

  28.     eq(tc.getGen('%test.sha256'), 1);
    29. 

  29.   });
    30. 

  30. 

  31.   t('addNewKey for multi-gen', () => {
    32. 

  32.     const tc = tribeCryptoFactory(fresh());
    33. 

  33.     tc.setKey('%x.sha256', 'k1', 1);
    34. 

  34.     eq(tc.addNewKey('%x.sha256', 'k2'), 2);
    35. 

  35.     deepEq(tc.getKeys('%x.sha256'), ['k2', 'k1']);
    36. 

  36.   });
    37. 

  37. 

  38.   t('mergeKeys deduplicates', () => {
    39. 

  39.     const tc = tribeCryptoFactory(fresh());
    40. 

  40.     tc.setKey('%x.sha256', 'a', 1);
    41. 

  41.     tc.mergeKeys('%x.sha256', ['a', 'b', 'c'], 3);
    42. 

  42.     deepEq(tc.getKeys('%x.sha256'), ['a', 'b', 'c']);
    43. 

  43.   });
    44. 

  44. 

  45.   t('keyring file is mode 0600', () => {
    46. 

  46.     const dir = fresh();
    47. 

  47.     const tc = tribeCryptoFactory(dir);
    48. 

  48.     tc.setKey('%x.sha256', 'k', 1);
    49. 

  49.     const stat = fs.statSync(path.join(dir, 'keys', 'tribes-keys.json'));
    50. 

  50.     eq(stat.mode & 0o777, 0o600);
    51. 

  51.   });
    52. 

  52. 

  53.   t('namespaces produce separate keyring files', () => {
    54. 

  54.     const dir = fresh();
    55. 

  55.     const tribes = tribeCryptoFactory(dir, 'tribes');
    56. 

  56.     const chats = tribeCryptoFactory(dir, 'chats');
    57. 

  57.     tribes.setKey('%t1.sha256', 'a'.repeat(64), 1);
    58. 

  58.     chats.setKey('%c1.sha256', 'b'.repeat(64), 1);
    59. 

  59.     ok(fs.existsSync(path.join(dir, 'keys', 'tribes-keys.json')));
    60. 

  60.     ok(fs.existsSync(path.join(dir, 'keys', 'chats-keys.json')));
    61. 

  61.     eq(tribes.getKey('%t1.sha256'), 'a'.repeat(64));
    62. 

  62.     eq(chats.getKey('%c1.sha256'), 'b'.repeat(64));
    63. 

  63.     eq(tribes.getKey('%c1.sha256'), null, 'tribes keyring does not see chats keys');
    64. 

  64.     eq(chats.getKey('%t1.sha256'), null, 'chats keyring does not see tribes keys');
    65. 

  65.   });
    66. 

  66. 

  67.   t('legacy ~/.ssb/tribe-keys.json auto-migrates to keys/tribes-keys.json', () => {
    68. 

  68.     const dir = fresh();
    69. 

  69.     const legacyPath = path.join(dir, 'tribe-keys.json');
    70. 

  70.     fs.writeFileSync(legacyPath, JSON.stringify({ '%legacy.sha256': { keys: ['ff'.repeat(32)], gen: 1 } }), { mode: 0o600 });
    71. 

  71.     const tc = tribeCryptoFactory(dir, 'tribes');
    72. 

  72.     notOk(fs.existsSync(legacyPath), 'legacy file removed');
    73. 

  73.     ok(fs.existsSync(path.join(dir, 'keys', 'tribes-keys.json')), 'new file present');
    74. 

  74.     eq(tc.getKey('%legacy.sha256'), 'ff'.repeat(32), 'data preserved');
    75. 

  75.   });
    76. 

  76. 

  77.   t('per-module keyrings: tribes, chats, pads, maps, calendars produce 5 files', () => {
    78. 

  78.     const dir = fresh();
    79. 

  79.     for (const ns of ['tribes', 'chats', 'pads', 'maps', 'calendars']) {
    80. 

  80.       const inst = tribeCryptoFactory(dir, ns);
    81. 

  81.       inst.setKey(`%${ns}.sha256`, ns.charAt(0).repeat(64), 1);
    82. 

  82.     }
    83. 

  83.     for (const ns of ['tribes', 'chats', 'pads', 'maps', 'calendars']) {
    84. 

  84.       ok(fs.existsSync(path.join(dir, 'keys', `${ns}-keys.json`)), `${ns}-keys.json exists`);
    85. 

  85.     }
    86. 

  86.   });
    87. 

  87. });
    88. 

  88. 

  89. describe('crypto: fingerprint', (t) => {
    90. 

  90.   t('deterministic, 32 hex', () => {
    91. 

  91.     const tc = tribeCryptoFactory(fresh());
    92. 

  92.     const k = '1234567890abcdef'.repeat(4);
    93. 

  93.     const fp = tc.fingerprint(k);
    94. 

  94.     eq(fp.length, 32);
    95. 

  95.     eq(tc.fingerprint(k), fp);
    96. 

  96.   });
    97. 

  97. 

  98.   t('different keys produce different fingerprints', () => {
    99. 

  99.     const tc = tribeCryptoFactory(fresh());
    100. 

  100.     notOk(tc.fingerprint(tc.generateTribeKey()) === tc.fingerprint(tc.generateTribeKey()));
    101. 

  101.   });
    102. 

  102. 

  103.   t('buildFingerprintIndex maps fp to all keys (multi-gen)', () => {
    104. 

  104.     const tc = tribeCryptoFactory(fresh());
    105. 

  105.     tc.setKey('%a.sha256', 'a'.repeat(64), 1);
    106. 

  106.     tc.addNewKey('%a.sha256', 'b'.repeat(64));
    107. 

  107.     const idx = tc.buildFingerprintIndex();
    108. 

  108.     eq(idx.size, 2);
    109. 

  109.     const fpA = tc.fingerprint('a'.repeat(64));
    110. 

  110.     const fpB = tc.fingerprint('b'.repeat(64));
    111. 

  111.     eq(idx.get(fpA).rootId, '%a.sha256');
    112. 

  112.     eq(idx.get(fpB).isCurrent, true);
    113. 

  113.     eq(idx.get(fpA).isCurrent, false);
    114. 

  114.   });
    115. 

  115. });
    116. 

  116. 

  117. describe('crypto: wrap/unwrap', (t) => {
    118. 

  118.   t('roundtrip preserves body', () => {
    119. 

  119.     const tc = tribeCryptoFactory(fresh());
    120. 

  120.     const k = tc.generateTribeKey();
    121. 

  121.     tc.setKey('%root.sha256', k, 1);
    122. 

  122.     const body = { k: 'tribe', op: 'create', title: 'x' };
    123. 

  123.     const env = tc.wrapMsg(body, k);
    124. 

  124.     eq(env.type, 'tribe-msg');
    125. 

  125.     eq(env.v, 1);
    126. 

  126.     eq(env.fp, tc.fingerprint(k));
    127. 

  127.     const r = tc.unwrapMsg(env, tc.buildFingerprintIndex());
    128. 

  128.     deepEq(r.body, body);
    129. 

  129.     eq(r.rootId, '%root.sha256');
    130. 

  130.   });
    131. 

  131. 

  132.   t('unwrap with empty fpIdx returns null', () => {
    133. 

  133.     const tc = tribeCryptoFactory(fresh());
    134. 

  134.     const env = tc.wrapMsg({ k: 'tribe' }, tc.generateTribeKey());
    135. 

  135.     eq(tc.unwrapMsg(env, new Map()), null);
    136. 

  136.   });
    137. 

  137. 

  138.   t('tampering envelope.fp invalidates ciphertext (AAD)', () => {
    139. 

  139.     const tc = tribeCryptoFactory(fresh());
    140. 

  140.     const k = tc.generateTribeKey();
    141. 

  141.     tc.setKey('%root.sha256', k, 1);
    142. 

  142.     const env = tc.wrapMsg({ k: 'tribe' }, k);
    143. 

  143.     env.fp = 'f'.repeat(32);
    144. 

  144.     eq(tc.unwrapMsg(env, tc.buildFingerprintIndex()), null);
    145. 

  145.   });
    146. 

  146. });
    147. 

  147. 

  148. describe('crypto: invites', (t) => {
    149. 

  149.   t('encrypt/decrypt invite chain roundtrip', () => {
    150. 

  150.     const tc = tribeCryptoFactory(fresh());
    151. 

  151.     const k = tc.generateTribeKey();
    152. 

  152.     tc.setKey('%root.sha256', k, 1);
    153. 

  153.     const code = 'mycode';
    154. 

  154.     const salt = tc.generateInviteSalt();
    155. 

  155.     const ek = tc.encryptChainForInvite(['%root.sha256'], code, salt);
    156. 

  156.     const chain = tc.decryptChainFromInvite(ek, code, salt);
    157. 

  157.     eq(chain[0].rootId, '%root.sha256');
    158. 

  158.     eq(chain[0].key, k);
    159. 

  159.   });
    160. 

  160. 

  161.   t('decrypt with wrong code returns null', () => {
    162. 

  162.     const tc = tribeCryptoFactory(fresh());
    163. 

  163.     const k = tc.generateTribeKey();
    164. 

  164.     tc.setKey('%root.sha256', k, 1);
    165. 

  165.     const salt = tc.generateInviteSalt();
    166. 

  166.     const ek = tc.encryptChainForInvite(['%root.sha256'], 'right', salt);
    167. 

  167.     eq(tc.decryptChainFromInvite(ek, 'wrong', salt), null);
    168. 

  168.   });
    169. 

  169. 

  170.   t('inviteMatchesCode via codeHash', () => {
    171. 

  171.     const tc = tribeCryptoFactory(fresh());
    172. 

  172.     const code = 'abc123';
    173. 

  173.     const salt = tc.generateInviteSalt();
    174. 

  174.     const inv = { codeHash: tc.hashInviteCode(code, salt), salt };
    175. 

  175.     ok(tc.inviteMatchesCode(inv, code));
    176. 

  176.     notOk(tc.inviteMatchesCode(inv, 'other'));
    177. 

  177.   });
    178. 

  178. });
    179. 

  179. 

  180. describe('crypto: AES-GCM primitives', (t) => {
    181. 

  181.   t('roundtrip with AAD', () => {
    182. 

  182.     const tc = tribeCryptoFactory(fresh());
    183. 

  183.     const k = tc.generateTribeKey();
    184. 

  184.     const aad = Buffer.from('test-aad');
    185. 

  185.     eq(tc.decryptWithKey(tc.encryptWithKey('hello', k, aad), k, aad), 'hello');
    186. 

  186.   });
    187. 

  187. 

  188.   t('decrypt with wrong AAD throws', () => {
    189. 

  189.     const tc = tribeCryptoFactory(fresh());
    190. 

  190.     const k = tc.generateTribeKey();
    191. 

  191.     const enc = tc.encryptWithKey('x', k, Buffer.from('a'));
    192. 

  192.     let threw = false;
    193. 

  193.     try { tc.decryptWithKey(enc, k, Buffer.from('b')); } catch (_) { threw = true; }
    194. 

  194.     ok(threw);
    195. 

  195.   });
    196. 

  196. });
    197. 

  197. 

  198. describe('crypto: legacy encryptContent (audit fix)', (t) => {
    199. 

  199.   t('no no-AAD fallback - tampered envelope rejected', () => {
    200. 

  200.     const tc = tribeCryptoFactory(fresh());
    201. 

  201.     const k = tc.generateTribeKey();
    202. 

  202.     const content = { type: 'chat', tribeId: '%t.sha256', title: 'x', author: '@a', createdAt: 'now' };
    203. 

  203.     const enc = tc.encryptContent(content, [k], true);
    204. 

  204.     const tampered = { ...enc, tribeId: '%other.sha256' };
    205. 

  205.     ok(tc.decryptContent(tampered, [[k]])._undecryptable);
    206. 

  206.   });
    207. 

  207. });
    208. 

  208.