keejef
/
session-desktop
mirror of https://github.com/oxen-io/session-desktop
2
0
Fork 0
Code Issues 8 Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
unstable
feature/update-crowdin-translations
master
audit2
show
audit
v1.9.1
v1.9.0
v1.8.6
v1.8.5
v1.8.4
v1.8.3
v1.8.2
v1.8.1
v1.8.0
v1.7.9
v1.7.8
v1.7.7
v1.7.6
v1.7.5
v1.7.4
v1.7.3
v1.7.2
v1.7.1
v1.7.0
v1.6.9
v1.6.8
v1.6.7
v1.6.6
v1.6.5
v1.6.4
v1.6.3
v1.6.2
v1.6.11
v1.6.10
v1.6.1
v1.6.0
v1.5.5
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.5.0
v1.4.9
v1.4.8
v1.4.7
v1.4.6
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.11
v1.4.10
v1.4.1
v1.4.0
v1.3.1
v1.3.0
v1.2.1
v1.2.0
v1.14.3
v1.14.2
v1.14.1
v1.14.0
v1.13.2
v1.13.1
v1.13.0
v1.12.5
v1.12.4
v1.12.3
v1.12.2
v1.12.1
v1.12.0
v1.11.5
v1.11.4
v1.11.3
v1.11.2
v1.11.1
v1.11.0
v1.10.8
v1.10.7
v1.10.6
v1.10.5
v1.10.4
v1.10.3
v1.10.2
v1.10.1
v1.10.0
v1.1.2
v1.1.1
v1.0.9
v1.0.8
v1.0.7
v1.0.6
v1.0.5
v1.0.4
v1.0.3
v1.0.2
v1.0.1
v1.0.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'adf0d03d35'
${ noResults }
session-desktop/ts/test/session/unit/crypto/MessageEncrypter_test.ts

377 lines
11 KiB
TypeScript
Raw Blame History

import chai, { expect } from 'chai';
import * as crypto from 'crypto';
import * as sinon from 'sinon';
import {
concatUInt8Array,
getSodium,
MessageEncrypter,
} from '../../../../session/crypto';
import { EncryptionType } from '../../../../session/types/EncryptionType';
import { Stubs, TestUtils } from '../../../test-utils';
import { UserUtil } from '../../../../util';
import { SignalService } from '../../../../protobuf';
import * as Ratchet from '../../../../session/medium_group/ratchet';
import { StringUtils } from '../../../../session/utils';
import chaiBytes from 'chai-bytes';
import { PubKey } from '../../../../session/types';
import { fromHex, toHex } from '../../../../session/utils/String';
chai.use(chaiBytes);
// tslint:disable-next-line: max-func-body-length
describe('MessageEncrypter', () => {
const sandbox = sinon.createSandbox();
const ourNumber = '0123456789abcdef';
beforeEach(() => {
TestUtils.stubWindow('libsignal', {
SignalProtocolAddress: sandbox.stub(),
SessionCipher: Stubs.SessionCipherStub,
} as any);
TestUtils.stubWindow('textsecure', {
storage: {
protocol: sandbox.stub(),
},
});
TestUtils.stubWindow('Signal', {
Metadata: {
SecretSessionCipher: Stubs.SecretSessionCipherStub,
},
});
TestUtils.stubWindow('libloki', {
crypto: {
FallBackSessionCipher: Stubs.FallBackSessionCipherStub,
encryptForPubkey: sinon.fake.returns(''),
} as any,
});
sandbox.stub(UserUtil, 'getCurrentDevicePubKey').resolves(ourNumber);
});
afterEach(() => {
sandbox.restore();
TestUtils.restoreStubs();
});
describe('EncryptionType', () => {
describe('MediumGroup', () => {
it('should return a MEDIUM_GROUP_CIPHERTEXT envelope type', async () => {
const data = crypto.randomBytes(10);
sandbox
.stub(Ratchet, 'encryptWithSenderKey')
.resolves({ ciphertext: '' });
const result = await MessageEncrypter.encrypt(
TestUtils.generateFakePubKey(),
data,
EncryptionType.MediumGroup
);
chai
.expect(result.envelopeType)
.to.deep.equal(SignalService.Envelope.Type.MEDIUM_GROUP_CIPHERTEXT);
});
});
describe('SessionRequest', () => {
it('should call FallbackSessionCipher encrypt', async () => {
const data = crypto.randomBytes(10);
const spy = sandbox.spy(
Stubs.FallBackSessionCipherStub.prototype,
'encrypt'
);
await MessageEncrypter.encrypt(
TestUtils.generateFakePubKey(),
data,
EncryptionType.Fallback
);
chai
.expect(spy.called)
.to.equal(true, 'FallbackSessionCipher.encrypt should be called.');
});
it('should pass the padded message body to encrypt', async () => {
const data = crypto.randomBytes(10);
const spy = sandbox.spy(
Stubs.FallBackSessionCipherStub.prototype,
'encrypt'
);
await MessageEncrypter.encrypt(
TestUtils.generateFakePubKey(),
data,
EncryptionType.Fallback
);
const paddedData = MessageEncrypter.padPlainTextBuffer(data);
const firstArgument = new Uint8Array(spy.args[0][0]);
chai.expect(firstArgument).to.deep.equal(paddedData);
});
it('should return an UNIDENTIFIED SENDER envelope type', async () => {
const data = crypto.randomBytes(10);
const result = await MessageEncrypter.encrypt(
TestUtils.generateFakePubKey(),
data,
EncryptionType.Fallback
);
chai
.expect(result.envelopeType)
.to.deep.equal(SignalService.Envelope.Type.UNIDENTIFIED_SENDER);
});
});
});
describe('Sealed Sender', () => {
it('should pass the correct values to SecretSessionCipher encrypt', async () => {
const types = [EncryptionType.Fallback, EncryptionType.Signal];
for (const type of types) {
const spy = sandbox.spy(
Stubs.SecretSessionCipherStub.prototype,
'encrypt'
);
const user = TestUtils.generateFakePubKey();
await MessageEncrypter.encrypt(user, crypto.randomBytes(10), type);
const args = spy.args[0];
const [device, certificate] = args;
const expectedCertificate = SignalService.SenderCertificate.create({
sender: ourNumber,
senderDevice: 1,
});
chai.expect(device).to.equal(user.key);
chai
.expect(certificate.toJSON())
.to.deep.equal(expectedCertificate.toJSON());
spy.restore();
}
});
});
// tslint:disable-next-line: max-func-body-length
describe('Session Protocol', () => {
let sandboxSessionProtocol: sinon.SinonSandbox;
const ourUserEd25516Keypair = {
pubKey:
'37e1631b002de498caf7c5c1712718bde7f257c6dadeed0c21abf5e939e6c309',
privKey:
'be1d11154ff9b6de77873f0b6b0bcc460000000000000000000000000000000037e1631b002de498caf7c5c1712718bde7f257c6dadeed0c21abf5e939e6c309',
};
const ourIdentityKeypair = {
pubKey: new Uint8Array([
5,
44,
2,
168,
162,
203,
50,
66,
136,
81,
30,
221,
57,
245,
1,
148,
162,
194,
255,
47,
134,
104,
180,
207,
188,
18,
71,
62,
58,
107,
23,
92,
97,
]),
privKey: new Uint8Array([
200,
45,
226,
75,
253,
235,
213,
108,
187,
188,
217,
9,
51,
105,
65,
15,
97,
36,
233,
33,
21,
31,
7,
90,
145,
30,
52,
254,
47,
162,
192,
105,
]),
};
beforeEach(async () => {
sandboxSessionProtocol = sinon.createSandbox();
sandboxSessionProtocol
.stub(UserUtil, 'getUserED25519KeyPair')
.resolves(ourUserEd25516Keypair);
sandboxSessionProtocol
.stub(UserUtil, 'getIdentityKeyPair')
.resolves(ourIdentityKeypair);
});
afterEach(() => {
sandboxSessionProtocol.restore();
});
it('should pass the correct data for sodium crypto_sign', async () => {
const keypair = await UserUtil.getUserED25519KeyPair();
const recipient = TestUtils.generateFakePubKey();
const sodium = await getSodium();
const cryptoSignDetachedSpy = sandboxSessionProtocol.spy(
sodium,
'crypto_sign_detached'
);
const plainText = '123456';
const plainTextBytes = new Uint8Array(
StringUtils.encode(plainText, 'utf8')
);
const userED25519PubKeyBytes = new Uint8Array(
// tslint:disable: no-non-null-assertion
StringUtils.fromHex(keypair!.pubKey)
);
const recipientX25519PublicKeyWithoutPrefix = PubKey.remove05PrefixIfNeeded(
recipient.key
);
const recipientX25519PublicKey = new Uint8Array(
StringUtils.fromHex(recipientX25519PublicKeyWithoutPrefix)
);
await MessageEncrypter.encryptUsingSessionProtocol(
recipient,
plainTextBytes
);
const [
dataForSign,
userED25519SecretKeyBytes,
] = cryptoSignDetachedSpy.args[0];
const userEdPrivkeyBytes = new Uint8Array(
StringUtils.fromHex(keypair!.privKey)
);
expect(userED25519SecretKeyBytes).to.equalBytes(userEdPrivkeyBytes);
// dataForSign must be plaintext | userED25519PubKeyBytes | recipientX25519PublicKey
expect(
(dataForSign as Uint8Array).subarray(0, plainTextBytes.length)
).to.equalBytes(plainTextBytes);
expect(
(dataForSign as Uint8Array).subarray(
plainTextBytes.length,
plainTextBytes.length + userED25519PubKeyBytes.length
)
).to.equalBytes(userED25519PubKeyBytes);
// the recipient pubkey must have its 05 prefix removed
expect(
(dataForSign as Uint8Array).subarray(
plainTextBytes.length + userED25519PubKeyBytes.length
)
).to.equalBytes(recipientX25519PublicKey);
});
it('should return valid decodable ciphertext', async () => {
// for testing, we encode a message to ourself
const userX25519KeyPair = await UserUtil.getIdentityKeyPair();
const userEd25519KeyPair = await UserUtil.getUserED25519KeyPair();
const plainTextBytes = new Uint8Array(
StringUtils.encode('123456789', 'utf8')
);
const sodium = await getSodium();
const recipientX25519PrivateKey = userX25519KeyPair!.privKey;
const recipientX25519PublicKeyHex = toHex(userX25519KeyPair!.pubKey);
const recipientX25519PublicKeyWithoutPrefix = PubKey.remove05PrefixIfNeeded(
recipientX25519PublicKeyHex
);
const recipientX25519PublicKey = new PubKey(
recipientX25519PublicKeyWithoutPrefix
);
const ciphertext = await MessageEncrypter.encryptUsingSessionProtocol(
recipientX25519PublicKey,
plainTextBytes
);
// decrypt content
const plaintextWithMetadata = sodium.crypto_box_seal_open(
ciphertext,
new Uint8Array(fromHex(recipientX25519PublicKey.key)),
new Uint8Array(recipientX25519PrivateKey)
);
// get message parts
const signatureSize = sodium.crypto_sign_BYTES;
const ed25519PublicKeySize = sodium.crypto_sign_PUBLICKEYBYTES;
const signatureStart = plaintextWithMetadata.byteLength - signatureSize;
const signature = plaintextWithMetadata.subarray(signatureStart);
const pubkeyStart =
plaintextWithMetadata.byteLength -
(signatureSize + ed25519PublicKeySize);
const pubkeyEnd = plaintextWithMetadata.byteLength - signatureSize;
// this should be ours ed25519 pubkey
const senderED25519PublicKey = plaintextWithMetadata.subarray(
pubkeyStart,
pubkeyEnd
);
const plainTextEnd =
plaintextWithMetadata.byteLength -
(signatureSize + ed25519PublicKeySize);
const plaintextDecoded = plaintextWithMetadata.subarray(0, plainTextEnd);
expect(plaintextDecoded).to.equalBytes(plainTextBytes);
expect(senderED25519PublicKey).to.equalBytes(userEd25519KeyPair!.pubKey);
// verify the signature is valid
const dataForVerify = concatUInt8Array(
plaintextDecoded,
senderED25519PublicKey,
new Uint8Array(fromHex(recipientX25519PublicKey.key))
);
const isValid = sodium.crypto_sign_verify_detached(
signature,
dataForVerify,
senderED25519PublicKey
);
expect(isValid).to.be.equal(true, 'the signature cannot be verified');
});
});
});
Reference in New Issue View Git Blame Copy Permalink