suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adds worker tests for NIST P-256 and X25519

Browse Source
This commit is contained in:
Mahrud Sayrafi 2018-02-27 16:40:28 -08:00
parent f04273cd8d
commit ecc38d0c6e
No known key found for this signature in database
GPG Key ID: C24071B956C3245F
3 changed files with 179 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/type/ecdh_symkey.js
View File

@ -27,7 +27,7 @@ import util from '../util';
/** /**
* @constructor * @constructor
*/ */
function ECDHSymmetricKey(data) { export default function ECDHSymmetricKey(data) {
if (typeof data === 'undefined') { if (typeof data === 'undefined') {
data = new Uint8Array([]); data = new Uint8Array([]);
} else if (util.isString(data)) { } else if (util.isString(data)) {
@ -65,5 +65,3 @@ ECDHSymmetricKey.prototype.write = function () {
ECDHSymmetricKey.fromClone = function (clone) { ECDHSymmetricKey.fromClone = function (clone) {
return new ECDHSymmetricKey(clone.data); return new ECDHSymmetricKey(clone.data);
}; };
export default ECDHSymmetricKey;

73
test/general/ecc_nist.js
View File

@ -1,3 +1,5 @@
/* globals tryTests: true */
const openpgp = typeof window !== 'undefined' && window.openpgp ? window.openpgp : require('../../dist/openpgp'); const openpgp = typeof window !== 'undefined' && window.openpgp ? window.openpgp : require('../../dist/openpgp');
const chai = require('chai'); const chai = require('chai');
@ -234,4 +236,75 @@ describe('Elliptic Curve Cryptography', function () {
expect(key.publicKeyArmored).to.exist; expect(key.publicKeyArmored).to.exist;
}); });
}); });
function omnibus() {
it('Omnibus NIST P-256 Test', function () {
const options = { userIds: {name: "Hi", email: "hi@hel.lo"}, curve: "p256" };
return openpgp.generateKey(options).then(function (firstKey) {
const hi = firstKey.key;
const pubHi = hi.toPublic();
const options = { userIds: { name: "Bye", email: "bye@good.bye" }, curve: "p256" };
return openpgp.generateKey(options).then(function (secondKey) {
const bye = secondKey.key;
const pubBye = bye.toPublic();
return Promise.all([
// Signing message
openpgp.sign(
{ data: 'Hi, this is me, Hi!', privateKeys: hi }
).then(signed => {
const msg = openpgp.cleartext.readArmored(signed.data);
// Verifying signed message
return Promise.all([
openpgp.verify(
{ message: msg, publicKeys: pubHi }
).then(output => expect(output.signatures[0].valid).to.be.true),
// Verifying detached signature
openpgp.verify(
{ message: openpgp.message.fromText('Hi, this is me, Hi!'),
publicKeys: pubHi,
signature: openpgp.signature.readArmored(signed.data) }
).then(output => expect(output.signatures[0].valid).to.be.true)
]);
}),
// Encrypting and signing
openpgp.encrypt(
{ data: 'Hi, Hi wrote this but only Bye can read it!',
publicKeys: [pubBye],
privateKeys: [hi] }
).then(encrypted => {
const msg = openpgp.message.readArmored(encrypted.data);
// Decrypting and verifying
return openpgp.decrypt(
{ message: msg,
privateKeys: bye,
publicKeys: [pubHi] }
).then(output => {
expect(output.data).to.equal('Hi, Hi wrote this but only Bye can read it!');
expect(output.signatures[0].valid).to.be.true;
});
})
]);
});
});
});
}
omnibus();
tryTests('ECC Worker Tests', omnibus, {
if: typeof window !== 'undefined' && window.Worker,
before: function() {
openpgp.initWorker({ path:'../dist/openpgp.worker.js' });
},
beforeEach: function() {
openpgp.config.use_native = true;
},
after: function() {
openpgp.destroyWorker();
}
});
// TODO find test vectors
}); });

191
test/general/x25519.js
View File

@ -147,6 +147,8 @@ describe('X25519 Cryptography', function () {
done(); done();
}); });
// This test is slow because the keys are generated by GPG2, which
// by default chooses a larger number for S2K iterations than we do.
it('Load private key', function (done) { it('Load private key', function (done) {
load_priv_key('light'); load_priv_key('light');
load_priv_key('night'); load_priv_key('night');
@ -217,103 +219,120 @@ describe('X25519 Cryptography', function () {
}); });
}); });
// TODO generate, export, then reimport key and validate // TODO export, then reimport key and validate
it('Omnibus Ed25519/Curve25519 Test', function () { function omnibus() {
const options = { it('Omnibus Ed25519/Curve25519 Test', function () {
userIds: {name: "Hi", email: "hi@hel.lo"},
curve: "ed25519"
};
return openpgp.generateKey(options).then(function (firstKey) {
expect(firstKey).to.exist;
expect(firstKey.privateKeyArmored).to.exist;
expect(firstKey.publicKeyArmored).to.exist;
expect(firstKey.key).to.exist;
expect(firstKey.key.primaryKey).to.exist;
expect(firstKey.key.subKeys).to.have.length(1);
expect(firstKey.key.subKeys[0].subKey).to.exist;
const hi = firstKey.key;
const primaryKey = hi.primaryKey;
const subKey = hi.subKeys[0].subKey;
expect(primaryKey.params[0].toHex()).to.equal(elliptic.getCurve('ed25519').oid.toHex());
expect(primaryKey.algorithm).to.equal('eddsa');
expect(subKey.params[0].toHex()).to.equal(elliptic.getCurve('curve25519').oid.toHex());
expect(subKey.algorithm).to.equal('ecdh');
// Self Certificate is valid
const user = hi.users[0];
expect(user.selfCertifications[0].verify(
primaryKey, { userid: user.userId, key: primaryKey }
)).to.eventually.be.true;
expect(user.verifyCertificate(
primaryKey, user.selfCertifications[0], [hi.toPublic()]
)).to.eventually.equal(openpgp.enums.keyStatus.valid);
const options = { const options = {
userIds: { name: "Bye", email: "bye@good.bye" }, userIds: {name: "Hi", email: "hi@hel.lo"},
curve: "curve25519" curve: "ed25519"
}; };
return openpgp.generateKey(options).then(function (secondKey) { return openpgp.generateKey(options).then(function (firstKey) {
const bye = secondKey.key; expect(firstKey).to.exist;
expect(bye.primaryKey.params[0].toHex()).to.equal(elliptic.getCurve('ed25519').oid.toHex()); expect(firstKey.privateKeyArmored).to.exist;
expect(bye.primaryKey.algorithm).to.equal('eddsa'); expect(firstKey.publicKeyArmored).to.exist;
expect(bye.subKeys[0].subKey.params[0].toHex()).to.equal(elliptic.getCurve('curve25519').oid.toHex()); expect(firstKey.key).to.exist;
expect(bye.subKeys[0].subKey.algorithm).to.equal('ecdh'); expect(firstKey.key.primaryKey).to.exist;
expect(firstKey.key.subKeys).to.have.length(1);
expect(firstKey.key.subKeys[0].subKey).to.exist;
const hi = firstKey.key;
const primaryKey = hi.primaryKey;
const subKey = hi.subKeys[0].subKey;
expect(primaryKey.params[0].toHex()).to.equal(elliptic.getCurve('ed25519').oid.toHex());
expect(primaryKey.algorithm).to.equal('eddsa');
expect(subKey.params[0].toHex()).to.equal(elliptic.getCurve('curve25519').oid.toHex());
expect(subKey.algorithm).to.equal('ecdh');
// Self Certificate is valid // Self Certificate is valid
const user = bye.users[0]; const user = hi.users[0];
expect(user.selfCertifications[0].verify( expect(user.selfCertifications[0].verify(
bye.primaryKey, { userid: user.userId, key: bye.primaryKey } primaryKey, { userid: user.userId, key: primaryKey }
)).to.eventually.be.true; )).to.eventually.be.true;
expect(user.verifyCertificate( expect(user.verifyCertificate(
bye.primaryKey, user.selfCertifications[0], [bye.toPublic()] primaryKey, user.selfCertifications[0], [hi.toPublic()]
)).to.eventually.equal(openpgp.enums.keyStatus.valid); )).to.eventually.equal(openpgp.enums.keyStatus.valid);
return Promise.all([ const options = {
// Hi trusts Bye! userIds: { name: "Bye", email: "bye@good.bye" },
bye.toPublic().signPrimaryUser([hi]).then(trustedBye => { curve: "curve25519"
expect(trustedBye.users[0].otherCertifications[0].verify( };
primaryKey, { userid: user.userId, key: bye.toPublic().primaryKey } return openpgp.generateKey(options).then(function (secondKey) {
)).to.eventually.be.true; const bye = secondKey.key;
}), expect(bye.primaryKey.params[0].toHex()).to.equal(elliptic.getCurve('ed25519').oid.toHex());
// Signing message expect(bye.primaryKey.algorithm).to.equal('eddsa');
openpgp.sign( expect(bye.subKeys[0].subKey.params[0].toHex()).to.equal(elliptic.getCurve('curve25519').oid.toHex());
{ data: 'Hi, this is me, Hi!', privateKeys: hi } expect(bye.subKeys[0].subKey.algorithm).to.equal('ecdh');
).then(signed => {
const msg = openpgp.cleartext.readArmored(signed.data); // Self Certificate is valid
// Verifying signed message const user = bye.users[0];
return Promise.all([ expect(user.selfCertifications[0].verify(
openpgp.verify( bye.primaryKey, { userid: user.userId, key: bye.primaryKey }
{ message: msg, publicKeys: hi.toPublic() } )).to.eventually.be.true;
).then(output => expect(output.signatures[0].valid).to.be.true), expect(user.verifyCertificate(
// Verifying detached signature bye.primaryKey, user.selfCertifications[0], [bye.toPublic()]
openpgp.verify( )).to.eventually.equal(openpgp.enums.keyStatus.valid);
{ message: openpgp.message.fromText('Hi, this is me, Hi!'),
publicKeys: hi.toPublic(), return Promise.all([
signature: openpgp.signature.readArmored(signed.data) } // Hi trusts Bye!
).then(output => expect(output.signatures[0].valid).to.be.true) bye.toPublic().signPrimaryUser([hi]).then(trustedBye => {
]); expect(trustedBye.users[0].otherCertifications[0].verify(
}), primaryKey, { userid: user.userId, key: bye.toPublic().primaryKey }
// Encrypting and signing )).to.eventually.be.true;
openpgp.encrypt( }),
{ data: 'Hi, Hi wrote this but only Bye can read it!', // Signing message
publicKeys: [bye.toPublic()], openpgp.sign(
privateKeys: [hi] } { data: 'Hi, this is me, Hi!', privateKeys: hi }
).then(encrypted => { ).then(signed => {
const msg = openpgp.message.readArmored(encrypted.data); const msg = openpgp.cleartext.readArmored(signed.data);
// Decrypting and verifying // Verifying signed message
return openpgp.decrypt( return Promise.all([
{ message: msg, openpgp.verify(
privateKeys: bye, { message: msg, publicKeys: hi.toPublic() }
publicKeys: [hi.toPublic()] } ).then(output => expect(output.signatures[0].valid).to.be.true),
).then(output => { // Verifying detached signature
expect(output.data).to.equal('Hi, Hi wrote this but only Bye can read it!'); openpgp.verify(
expect(output.signatures[0].valid).to.be.true; { message: openpgp.message.fromText('Hi, this is me, Hi!'),
}); publicKeys: hi.toPublic(),
}) signature: openpgp.signature.readArmored(signed.data) }
]); ).then(output => expect(output.signatures[0].valid).to.be.true)
]);
}),
// Encrypting and signing
openpgp.encrypt(
{ data: 'Hi, Hi wrote this but only Bye can read it!',
publicKeys: [bye.toPublic()],
privateKeys: [hi] }
).then(encrypted => {
const msg = openpgp.message.readArmored(encrypted.data);
// Decrypting and verifying
return openpgp.decrypt(
{ message: msg,
privateKeys: bye,
publicKeys: [hi.toPublic()] }
).then(output => {
expect(output.data).to.equal('Hi, Hi wrote this but only Bye can read it!');
expect(output.signatures[0].valid).to.be.true;
});
})
]);
});
}); });
}); });
}
omnibus();
tryTests('X25519 Worker Tests', omnibus, {
if: typeof window !== 'undefined' && window.Worker,
before: function() {
openpgp.initWorker({ path:'../dist/openpgp.worker.js' });
},
beforeEach: function() {
openpgp.config.use_native = true;
},
after: function() {
openpgp.destroyWorker();
}
}); });
describe('Ed25519 Test Vectors from RFC8032', function () { describe('Ed25519 Test Vectors from RFC8032', function () {