session-desktop/test/crypto_test.js

/* global Signal, textsecure, libsignal */

'use strict';

describe('Crypto', () => {
  describe('accessKey/profileKey', () => {
    it('verification roundtrips', async () => {
      const profileKey = await Signal.Crypto.getRandomBytes(32);
      const accessKey = await Signal.Crypto.deriveAccessKey(profileKey);

      const verifier = await Signal.Crypto.getAccessKeyVerifier(accessKey);

      const correct = await Signal.Crypto.verifyAccessKey(accessKey, verifier);

      assert.strictEqual(correct, true);
    });
  });

  describe('symmetric encryption', () => {
    it('roundtrips', async () => {
      const message = 'this is my message';
      const plaintext = dcodeIO.ByteBuffer.wrap(
        message,
        'binary'
      ).toArrayBuffer();
      const key = textsecure.crypto.getRandomBytes(32);

      const encrypted = await Signal.Crypto.encryptSymmetric(key, plaintext);
      const decrypted = await Signal.Crypto.decryptSymmetric(key, encrypted);

      const equal = Signal.Crypto.constantTimeEqual(plaintext, decrypted);
      if (!equal) {
        throw new Error('The output and input did not match!');
      }
    });

    it('roundtrip fails if nonce is modified', async () => {
      const message = 'this is my message';
      const plaintext = dcodeIO.ByteBuffer.wrap(
        message,
        'binary'
      ).toArrayBuffer();
      const key = textsecure.crypto.getRandomBytes(32);

      const encrypted = await Signal.Crypto.encryptSymmetric(key, plaintext);
      const uintArray = new Uint8Array(encrypted);
      uintArray[2] += 2;

      try {
        await Signal.Crypto.decryptSymmetric(key, uintArray.buffer);
      } catch (error) {
        assert.strictEqual(
          error.message,
          'decryptSymmetric: Failed to decrypt; MAC verification failed'
        );
        return;
      }

      throw new Error('Expected error to be thrown');
    });

    it('roundtrip fails if mac is modified', async () => {
      const message = 'this is my message';
      const plaintext = dcodeIO.ByteBuffer.wrap(
        message,
        'binary'
      ).toArrayBuffer();
      const key = textsecure.crypto.getRandomBytes(32);

      const encrypted = await Signal.Crypto.encryptSymmetric(key, plaintext);
      const uintArray = new Uint8Array(encrypted);
      uintArray[uintArray.length - 3] += 2;

      try {
        await Signal.Crypto.decryptSymmetric(key, uintArray.buffer);
      } catch (error) {
        assert.strictEqual(
          error.message,
          'decryptSymmetric: Failed to decrypt; MAC verification failed'
        );
        return;
      }

      throw new Error('Expected error to be thrown');
    });

    it('roundtrip fails if encrypted contents are modified', async () => {
      const message = 'this is my message';
      const plaintext = dcodeIO.ByteBuffer.wrap(
        message,
        'binary'
      ).toArrayBuffer();
      const key = textsecure.crypto.getRandomBytes(32);

      const encrypted = await Signal.Crypto.encryptSymmetric(key, plaintext);
      const uintArray = new Uint8Array(encrypted);
      uintArray[35] += 9;

      try {
        await Signal.Crypto.decryptSymmetric(key, uintArray.buffer);
      } catch (error) {
        assert.strictEqual(
          error.message,
          'decryptSymmetric: Failed to decrypt; MAC verification failed'
        );
        return;
      }

      throw new Error('Expected error to be thrown');
    });
  });

  describe('encrypted device name', () => {
    it('roundtrips', async () => {
      const deviceName = 'v1.19.0 on Windows 10';
      const identityKey = await libsignal.KeyHelper.generateIdentityKeyPair();

      const encrypted = await Signal.Crypto.encryptDeviceName(
        deviceName,
        identityKey.pubKey
      );
      const decrypted = await Signal.Crypto.decryptDeviceName(
        encrypted,
        identityKey.privKey
      );

      assert.strictEqual(decrypted, deviceName);
    });

    it('fails if iv is changed', async () => {
      const deviceName = 'v1.19.0 on Windows 10';
      const identityKey = await libsignal.KeyHelper.generateIdentityKeyPair();

      const encrypted = await Signal.Crypto.encryptDeviceName(
        deviceName,
        identityKey.pubKey
      );
      encrypted.syntheticIv = Signal.Crypto.getRandomBytes(16);
      try {
        await Signal.Crypto.decryptDeviceName(encrypted, identityKey.privKey);
      } catch (error) {
        assert.strictEqual(
          error.message,
          'decryptDeviceName: synthetic IV did not match'
        );
      }
    });
  });

  describe('attachment encryption', () => {
    it('roundtrips', async () => {
      const staticKeyPair = await libsignal.KeyHelper.generateIdentityKeyPair();
      const message = 'this is my message';
      const plaintext = Signal.Crypto.bytesFromString(message);
      const path =
        'fa/facdf99c22945b1c9393345599a276f4b36ad7ccdc8c2467f5441b742c2d11fa';

      const encrypted = await Signal.Crypto.encryptAttachment(
        staticKeyPair.pubKey.slice(1),
        path,
        plaintext
      );
      const decrypted = await Signal.Crypto.decryptAttachment(
        staticKeyPair.privKey,
        path,
        encrypted
      );

      const equal = Signal.Crypto.constantTimeEqual(plaintext, decrypted);
      if (!equal) {
        throw new Error('The output and input did not match!');
      }
    });
  });
});
Encrypt device name on account create, on first launch if needed 7 years ago			`/* global Signal, textsecure, libsignal */`
eslintify all test files 7 years ago
Encryption support for backup and restore Also moved to the _ prefix in backup.js for all private methods exported for testing. 8 years ago			`'use strict';`

Sealed Sender support https://signal.org/blog/sealed-sender/ 7 years ago			`describe('Crypto', () => {`
			`describe('accessKey/profileKey', () => {`
			`it('verification roundtrips', async () => {`
			`const profileKey = await Signal.Crypto.getRandomBytes(32);`
			`const accessKey = await Signal.Crypto.deriveAccessKey(profileKey);`
Encryption support for backup and restore Also moved to the _ prefix in backup.js for all private methods exported for testing. 8 years ago
Sealed Sender support https://signal.org/blog/sealed-sender/ 7 years ago			`const verifier = await Signal.Crypto.getAccessKeyVerifier(accessKey);`

			`const correct = await Signal.Crypto.verifyAccessKey(accessKey, verifier);`
Encryption support for backup and restore Also moved to the _ prefix in backup.js for all private methods exported for testing. 8 years ago
Sealed Sender support https://signal.org/blog/sealed-sender/ 7 years ago			`assert.strictEqual(correct, true);`
			`});`
Encryption support for backup and restore Also moved to the _ prefix in backup.js for all private methods exported for testing. 8 years ago			`});`

Sealed Sender support https://signal.org/blog/sealed-sender/ 7 years ago			`describe('symmetric encryption', () => {`
			`it('roundtrips', async () => {`
eslintify all test files 7 years ago			`const message = 'this is my message';`
			`const plaintext = dcodeIO.ByteBuffer.wrap(`
Sealed Sender support https://signal.org/blog/sealed-sender/ 7 years ago			`message,`
			`'binary'`
			`).toArrayBuffer();`
eslintify all test files 7 years ago			`const key = textsecure.crypto.getRandomBytes(32);`
Sealed Sender support https://signal.org/blog/sealed-sender/ 7 years ago
eslintify all test files 7 years ago			`const encrypted = await Signal.Crypto.encryptSymmetric(key, plaintext);`
			`const decrypted = await Signal.Crypto.decryptSymmetric(key, encrypted);`
Sealed Sender support https://signal.org/blog/sealed-sender/ 7 years ago
eslintify all test files 7 years ago			`const equal = Signal.Crypto.constantTimeEqual(plaintext, decrypted);`
Sealed Sender support https://signal.org/blog/sealed-sender/ 7 years ago			`if (!equal) {`
			`throw new Error('The output and input did not match!');`
			`}`
			`});`

			`it('roundtrip fails if nonce is modified', async () => {`
eslintify all test files 7 years ago			`const message = 'this is my message';`
			`const plaintext = dcodeIO.ByteBuffer.wrap(`
Sealed Sender support https://signal.org/blog/sealed-sender/ 7 years ago			`message,`
			`'binary'`
			`).toArrayBuffer();`
eslintify all test files 7 years ago			`const key = textsecure.crypto.getRandomBytes(32);`
Sealed Sender support https://signal.org/blog/sealed-sender/ 7 years ago
eslintify all test files 7 years ago			`const encrypted = await Signal.Crypto.encryptSymmetric(key, plaintext);`
			`const uintArray = new Uint8Array(encrypted);`
Updates to backup infrastructure 7 years ago			`uintArray[2] += 2;`
Sealed Sender support https://signal.org/blog/sealed-sender/ 7 years ago
			`try {`
eslintify all test files 7 years ago			`await Signal.Crypto.decryptSymmetric(key, uintArray.buffer);`
Sealed Sender support https://signal.org/blog/sealed-sender/ 7 years ago			`} catch (error) {`
			`assert.strictEqual(`
			`error.message,`
			`'decryptSymmetric: Failed to decrypt; MAC verification failed'`
			`);`
			`return;`
			`}`

			`throw new Error('Expected error to be thrown');`
			`});`

			`it('roundtrip fails if mac is modified', async () => {`
eslintify all test files 7 years ago			`const message = 'this is my message';`
			`const plaintext = dcodeIO.ByteBuffer.wrap(`
Sealed Sender support https://signal.org/blog/sealed-sender/ 7 years ago			`message,`
			`'binary'`
			`).toArrayBuffer();`
eslintify all test files 7 years ago			`const key = textsecure.crypto.getRandomBytes(32);`
Sealed Sender support https://signal.org/blog/sealed-sender/ 7 years ago
eslintify all test files 7 years ago			`const encrypted = await Signal.Crypto.encryptSymmetric(key, plaintext);`
			`const uintArray = new Uint8Array(encrypted);`
Updates to backup infrastructure 7 years ago			`uintArray[uintArray.length - 3] += 2;`
Sealed Sender support https://signal.org/blog/sealed-sender/ 7 years ago
			`try {`
eslintify all test files 7 years ago			`await Signal.Crypto.decryptSymmetric(key, uintArray.buffer);`
Sealed Sender support https://signal.org/blog/sealed-sender/ 7 years ago			`} catch (error) {`
			`assert.strictEqual(`
			`error.message,`
			`'decryptSymmetric: Failed to decrypt; MAC verification failed'`
			`);`
			`return;`
			`}`

			`throw new Error('Expected error to be thrown');`
			`});`

			`it('roundtrip fails if encrypted contents are modified', async () => {`
eslintify all test files 7 years ago			`const message = 'this is my message';`
			`const plaintext = dcodeIO.ByteBuffer.wrap(`
Sealed Sender support https://signal.org/blog/sealed-sender/ 7 years ago			`message,`
			`'binary'`
			`).toArrayBuffer();`
eslintify all test files 7 years ago			`const key = textsecure.crypto.getRandomBytes(32);`
Sealed Sender support https://signal.org/blog/sealed-sender/ 7 years ago
eslintify all test files 7 years ago			`const encrypted = await Signal.Crypto.encryptSymmetric(key, plaintext);`
			`const uintArray = new Uint8Array(encrypted);`
Updates to backup infrastructure 7 years ago			`uintArray[35] += 9;`
Sealed Sender support https://signal.org/blog/sealed-sender/ 7 years ago
			`try {`
eslintify all test files 7 years ago			`await Signal.Crypto.decryptSymmetric(key, uintArray.buffer);`
Sealed Sender support https://signal.org/blog/sealed-sender/ 7 years ago			`} catch (error) {`
			`assert.strictEqual(`
			`error.message,`
			`'decryptSymmetric: Failed to decrypt; MAC verification failed'`
			`);`
			`return;`
			`}`

			`throw new Error('Expected error to be thrown');`
			`});`
Encryption support for backup and restore Also moved to the _ prefix in backup.js for all private methods exported for testing. 8 years ago			`});`
Encrypt device name on account create, on first launch if needed 7 years ago
			`describe('encrypted device name', () => {`
			`it('roundtrips', async () => {`
			`const deviceName = 'v1.19.0 on Windows 10';`
			`const identityKey = await libsignal.KeyHelper.generateIdentityKeyPair();`

			`const encrypted = await Signal.Crypto.encryptDeviceName(`
			`deviceName,`
			`identityKey.pubKey`
			`);`
			`const decrypted = await Signal.Crypto.decryptDeviceName(`
			`encrypted,`
			`identityKey.privKey`
			`);`

			`assert.strictEqual(decrypted, deviceName);`
			`});`

			`it('fails if iv is changed', async () => {`
			`const deviceName = 'v1.19.0 on Windows 10';`
			`const identityKey = await libsignal.KeyHelper.generateIdentityKeyPair();`

			`const encrypted = await Signal.Crypto.encryptDeviceName(`
			`deviceName,`
			`identityKey.pubKey`
			`);`
			`encrypted.syntheticIv = Signal.Crypto.getRandomBytes(16);`
			`try {`
			`await Signal.Crypto.decryptDeviceName(encrypted, identityKey.privKey);`
			`} catch (error) {`
			`assert.strictEqual(`
			`error.message,`
			`'decryptDeviceName: synthetic IV did not match'`
			`);`
			`}`
			`});`
			`});`
Updates to backup infrastructure 7 years ago
			`describe('attachment encryption', () => {`
			`it('roundtrips', async () => {`
			`const staticKeyPair = await libsignal.KeyHelper.generateIdentityKeyPair();`
			`const message = 'this is my message';`
			`const plaintext = Signal.Crypto.bytesFromString(message);`
			`const path =`
			`'fa/facdf99c22945b1c9393345599a276f4b36ad7ccdc8c2467f5441b742c2d11fa';`

			`const encrypted = await Signal.Crypto.encryptAttachment(`
			`staticKeyPair.pubKey.slice(1),`
			`path,`
			`plaintext`
			`);`
			`const decrypted = await Signal.Crypto.decryptAttachment(`
			`staticKeyPair.privKey,`
			`path,`
			`encrypted`
			`);`

			`const equal = Signal.Crypto.constantTimeEqual(plaintext, decrypted);`
			`if (!equal) {`
			`throw new Error('The output and input did not match!');`
			`}`
			`});`
			`});`
Encryption support for backup and restore Also moved to the _ prefix in backup.js for all private methods exported for testing. 8 years ago			`});`