7f37a8aaca
Refactor functions to take the configuration as a parameter.
This allows setting a config option for a single function call, whereas
setting `openpgp.config` could lead to concurrency-related issues when
multiple async function calls are made at the same time.
`openpgp.config` is used as default for unset config values in top-level
functions.
`openpgp.config` is used as default config object in low-level functions
(i.e., when calling a low-level function, it may be required to pass
`{ ...openpgp.config, modifiedConfig: modifiedValue }`).
Also,
- remove `config.rsaBlinding`: blinding is now always applied to RSA decryption
- remove `config.debug`: debugging mode can be enabled by setting
`process.env.NODE_ENV = 'development'`
- remove `config.useNative`: native crypto is always used when available
87 lines
3.1 KiB
JavaScript
87 lines
3.1 KiB
JavaScript
const openpgp = typeof window !== 'undefined' && window.openpgp ? window.openpgp : require('../..');
|
|
const crypto = require('../../src/crypto');
|
|
const util = require('../../src/util');
|
|
|
|
const sandbox = require('sinon/lib/sinon/sandbox');
|
|
const chai = require('chai');
|
|
chai.use(require('chai-as-promised'));
|
|
|
|
const expect = chai.expect;
|
|
|
|
module.exports = () => describe('Symmetric AES-GCM (experimental)', function() {
|
|
let sinonSandbox;
|
|
let getWebCryptoStub;
|
|
let getNodeCryptoStub;
|
|
|
|
beforeEach(function () {
|
|
sinonSandbox = sandbox.create();
|
|
enableNative();
|
|
});
|
|
|
|
afterEach(function () {
|
|
sinonSandbox.restore();
|
|
});
|
|
|
|
const disableNative = () => {
|
|
enableNative();
|
|
// stubbed functions return undefined
|
|
getWebCryptoStub = sinonSandbox.stub(util, "getWebCrypto");
|
|
getNodeCryptoStub = sinonSandbox.stub(util, "getNodeCrypto");
|
|
};
|
|
const enableNative = () => {
|
|
getWebCryptoStub && getWebCryptoStub.restore();
|
|
getNodeCryptoStub && getNodeCryptoStub.restore();
|
|
};
|
|
|
|
function testAESGCM(plaintext, nativeEncrypt, nativeDecrypt) {
|
|
const aesAlgos = Object.keys(openpgp.enums.symmetric).filter(
|
|
algo => algo.substr(0,3) === 'aes'
|
|
);
|
|
aesAlgos.forEach(function(algo) {
|
|
it(algo, async function() {
|
|
const nodeCrypto = util.getNodeCrypto();
|
|
const webCrypto = util.getWebCrypto();
|
|
if (!nodeCrypto && !webCrypto) {
|
|
this.skip(); // eslint-disable-line no-invalid-this
|
|
}
|
|
const key = await crypto.generateSessionKey(algo);
|
|
const iv = await crypto.random.getRandomBytes(crypto.gcm.ivLength);
|
|
|
|
const nativeEncryptSpy = webCrypto ? sinonSandbox.spy(webCrypto, 'encrypt') : sinonSandbox.spy(nodeCrypto, 'createCipheriv');
|
|
const nativeDecryptSpy = webCrypto ? sinonSandbox.spy(webCrypto, 'decrypt') : sinonSandbox.spy(nodeCrypto, 'createDecipheriv');
|
|
|
|
nativeEncrypt || disableNative();
|
|
let modeInstance = await crypto.gcm(algo, key);
|
|
const ciphertext = await modeInstance.encrypt(util.strToUint8Array(plaintext), iv);
|
|
enableNative();
|
|
|
|
nativeDecrypt || disableNative();
|
|
modeInstance = await crypto.gcm(algo, key);
|
|
const decrypted = await modeInstance.decrypt(util.strToUint8Array(util.uint8ArrayToStr(ciphertext)), iv);
|
|
enableNative();
|
|
|
|
const decryptedStr = util.uint8ArrayToStr(decrypted);
|
|
expect(decryptedStr).to.equal(plaintext);
|
|
|
|
if (algo !== 'aes192') { // not implemented by webcrypto
|
|
// sanity check: native crypto was indeed on/off
|
|
expect(nativeEncryptSpy.called).to.equal(nativeEncrypt);
|
|
expect(nativeDecryptSpy.called).to.equal(nativeDecrypt);
|
|
}
|
|
});
|
|
});
|
|
}
|
|
|
|
describe('Symmetric AES-GCM (native)', function() {
|
|
testAESGCM("12345678901234567890123456789012345678901234567890", true, true);
|
|
});
|
|
|
|
describe('Symmetric AES-GCM (asm.js fallback)', function() {
|
|
testAESGCM("12345678901234567890123456789012345678901234567890", false, false);
|
|
});
|
|
|
|
describe('Symmetric AES-GCM (native encrypt, asm.js decrypt)', function() {
|
|
testAESGCM("12345678901234567890123456789012345678901234567890", true, false);
|
|
});
|
|
});
|