mirror of
https://github.com/openpgpjs/openpgpjs.git
synced 2025-11-24 06:25:50 +00:00
Add test for PKESK encrypt/decrypt flow for different public key algos
This commit is contained in:
larabr
parent
da88cc22e8
commit
8a0c60ff84
@ -8,6 +8,8 @@ chaiUse(chaiAsPromised);
|
|||||||
import openpgp from '../initOpenpgp.js';
|
import openpgp from '../initOpenpgp.js';
|
||||||
import crypto from '../../src/crypto';
|
import crypto from '../../src/crypto';
|
||||||
import util from '../../src/util.js';
|
import util from '../../src/util.js';
|
||||||
|
import * as packet from '../../src/packet';
|
||||||
|
|
||||||
|
|
||||||
import * as input from './testInputs.js';
|
import * as input from './testInputs.js';
|
||||||
|
|
||||||
@ -469,32 +471,64 @@ export default () => describe('Packet', function() {
|
|||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
it('Public key encrypted symmetric key packet', function() {
|
describe('Public key encrypted symmetric key packet - roundtrip', () => {
|
||||||
const rsa = openpgp.enums.publicKey.rsaEncryptSign;
|
const testData = [{
|
||||||
const keySize = 1024;
|
algoLabel: 'RSA',
|
||||||
|
publicKeyAlgorithm: openpgp.enums.publicKey.rsaEncryptSign,
|
||||||
|
paramsPromise: crypto.generateParams(openpgp.enums.publicKey.rsaEncryptSign, 1024, 65537)
|
||||||
|
},
|
||||||
|
{
|
||||||
|
algoLabel: 'ECDH NIST P-256',
|
||||||
|
publicKeyAlgorithm: openpgp.enums.publicKey.ecdh,
|
||||||
|
paramsPromise: crypto.generateParams(openpgp.enums.publicKey.ecdh, null, openpgp.enums.curve.nistP256)
|
||||||
|
},
|
||||||
|
{
|
||||||
|
algoLabel: 'ECDH x25519Legacy',
|
||||||
|
publicKeyAlgorithm: openpgp.enums.publicKey.ecdh,
|
||||||
|
paramsPromise: crypto.generateParams(openpgp.enums.publicKey.ecdh, null, openpgp.enums.curve.curve25519Legacy)
|
||||||
|
},
|
||||||
|
{
|
||||||
|
algoLabel: 'x25519',
|
||||||
|
publicKeyAlgorithm: openpgp.enums.publicKey.x25519,
|
||||||
|
paramsPromise: crypto.generateParams(openpgp.enums.publicKey.x25519)
|
||||||
|
}];
|
||||||
|
|
||||||
return crypto.generateParams(rsa, keySize, 65537).then(function({ publicParams, privateParams }) {
|
function testRoundtrip({ v6 }) {
|
||||||
const enc = new openpgp.PublicKeyEncryptedSessionKeyPacket();
|
testData.forEach(({ algoLabel, publicKeyAlgorithm, paramsPromise }) => {
|
||||||
enc.version = 3;
|
it(`${algoLabel} (PKESK ${v6 ? 'v6' : 'v3'})`, async () => {
|
||||||
const msg = new openpgp.PacketList();
|
const { publicParams, privateParams } = await paramsPromise;
|
||||||
const msg2 = new openpgp.PacketList();
|
// cannot use the `openpgp` exported values, since the different context gives issues when internally
|
||||||
|
// evaluating the `OID` instanceof of `publicParams.oid`, as part of `pkesk.encrypt` and `decrypt`
|
||||||
|
const pkesk = new packet.PublicKeyEncryptedSessionKeyPacket();
|
||||||
|
pkesk.version = v6 ? 6 : 3;
|
||||||
|
const msg = new packet.PacketList();
|
||||||
|
const msg2 = new packet.PacketList();
|
||||||
|
|
||||||
enc.sessionKey = new Uint8Array([1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2]);
|
const privateKey = {
|
||||||
enc.publicKeyAlgorithm = openpgp.enums.publicKey.rsaEncryptSign;
|
algorithm: publicKeyAlgorithm,
|
||||||
enc.sessionKeyAlgorithm = openpgp.enums.symmetric.aes256;
|
publicParams,
|
||||||
enc.publicKeyID.bytes = '12345678';
|
privateParams,
|
||||||
return enc.encrypt({ publicParams, getFingerprintBytes() {} }).then(async () => {
|
getFingerprintBytes: () => new Uint8Array(64)
|
||||||
|
};
|
||||||
|
pkesk.sessionKey = new Uint8Array([1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2]);
|
||||||
|
pkesk.publicKeyAlgorithm = publicKeyAlgorithm;
|
||||||
|
pkesk.sessionKeyAlgorithm = openpgp.enums.symmetric.aes256;
|
||||||
|
pkesk.publicKeyID.bytes = '12345678';
|
||||||
|
await pkesk.encrypt({ publicParams: privateKey.publicParams, getFingerprintBytes: privateKey.getFingerprintBytes });
|
||||||
|
|
||||||
msg.push(enc);
|
msg.push(pkesk);
|
||||||
|
const allAllowedPackets = util.constructAllowedPackets([...Object.values(packet).filter(packetClass => !!packetClass.tag)]);
|
||||||
await msg2.read(msg.write(), allAllowedPackets);
|
await msg2.read(msg.write(), allAllowedPackets);
|
||||||
|
|
||||||
const privateKey = { algorithm: openpgp.enums.publicKey.rsaEncryptSign, publicParams, privateParams, getFingerprintBytes() {} };
|
await msg2[0].decrypt(privateKey);
|
||||||
return msg2[0].decrypt(privateKey).then(() => {
|
expect(msg2[0].sessionKey).to.deep.equal(pkesk.sessionKey);
|
||||||
expect(stringify(msg2[0].sessionKey)).to.equal(stringify(enc.sessionKey));
|
expect(msg2[0].sessionKeyAlgorithm).to.equal(v6 ? null : pkesk.sessionKeyAlgorithm);
|
||||||
expect(msg2[0].sessionKeyAlgorithm).to.equal(enc.sessionKeyAlgorithm);
|
|
||||||
});
|
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
testRoundtrip({ v6: false });
|
||||||
|
testRoundtrip({ v6: true });
|
||||||
});
|
});
|
||||||
|
|
||||||
it('Secret key packet (reading, unencrypted)', async function() {
|
it('Secret key packet (reading, unencrypted)', async function() {
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user