react / wstein / node_modules / browserify / node_modules / crypto-browserify / node_modules / browserify-aes / test / index.js
80552 viewsvar test = require('tape')1var fixtures = require('./fixtures.json')2var _crypto = require('crypto')3var crypto = require('../browser.js')4var modes = require('../modes')5var types = Object.keys(modes)6var ebtk = require('../EVP_BytesToKey')7function isGCM (cipher) {8return modes[cipher].mode === 'GCM'9}10function isNode10 () {11return process.version && process.version.split('.').length === 3 && parseInt(process.version.split('.')[1], 10) <= 1012}13fixtures.forEach(function (fixture, i) {14// var ciphers = fixture.results.ciphers = {}15types.forEach(function (cipher) {16if (isGCM(cipher)) {17return18}19test('fixture ' + i + ' ' + cipher, function (t) {20t.plan(1)21var suite = crypto.createCipher(cipher, new Buffer(fixture.password))22var buf = new Buffer('')23suite.on('data', function (d) {24buf = Buffer.concat([buf, d])25})26suite.on('error', function (e) {27console.log(e)28})29suite.on('end', function () {30// console.log(fixture.text)31// decriptNoPadding(cipher, new Buffer(fixture.password), buf.toString('hex'), 'a')32// decriptNoPadding(cipher, new Buffer(fixture.password), fixture.results.ciphers[cipher], 'b')33t.equals(buf.toString('hex'), fixture.results.ciphers[cipher])34})35suite.write(new Buffer(fixture.text))36suite.end()37})38test('fixture ' + i + ' ' + cipher + '-legacy', function (t) {39t.plan(3)40var suite = crypto.createCipher(cipher, new Buffer(fixture.password))41var buf = new Buffer('')42var suite2 = _crypto.createCipher(cipher, new Buffer(fixture.password))43var buf2 = new Buffer('')44var inbuf = new Buffer(fixture.text)45var mid = ~~(inbuf.length / 2)46buf = Buffer.concat([buf, suite.update(inbuf.slice(0, mid))])47buf2 = Buffer.concat([buf2, suite2.update(inbuf.slice(0, mid))])48t.equals(buf.toString('hex'), buf2.toString('hex'), 'intermediate')49buf = Buffer.concat([buf, suite.update(inbuf.slice(mid))])50buf2 = Buffer.concat([buf2, suite2.update(inbuf.slice(mid))])51t.equals(buf.toString('hex'), buf2.toString('hex'), 'intermediate 2')52buf = Buffer.concat([buf, suite.final()])53buf2 = Buffer.concat([buf2, suite2.final()])54t.equals(buf.toString('hex'), buf2.toString('hex'), 'final')55})56test('fixture ' + i + ' ' + cipher + '-decrypt', function (t) {57t.plan(1)58var suite = crypto.createDecipher(cipher, new Buffer(fixture.password))59var buf = new Buffer('')60suite.on('data', function (d) {61buf = Buffer.concat([buf, d])62})63suite.on('error', function (e) {64console.log(e)65})66suite.on('end', function () {67// console.log(fixture.text)68// decriptNoPadding(cipher, new Buffer(fixture.password), buf.toString('hex'), 'a')69// decriptNoPadding(cipher, new Buffer(fixture.password), fixture.results.ciphers[cipher], 'b')70t.equals(buf.toString('utf8'), fixture.text)71})72suite.write(new Buffer(fixture.results.ciphers[cipher], 'hex'))73suite.end()74})75test('fixture ' + i + ' ' + cipher + '-decrypt-legacy', function (t) {76t.plan(4)77var suite = crypto.createDecipher(cipher, new Buffer(fixture.password))78var buf = new Buffer('')79var suite2 = _crypto.createDecipher(cipher, new Buffer(fixture.password))80var buf2 = new Buffer('')81var inbuf = new Buffer(fixture.results.ciphers[cipher], 'hex')82var mid = ~~(inbuf.length / 2)83buf = Buffer.concat([buf, suite.update(inbuf.slice(0, mid))])84buf2 = Buffer.concat([buf2, suite2.update(inbuf.slice(0, mid))])85t.equals(buf.toString('utf8'), buf2.toString('utf8'), 'intermediate')86buf = Buffer.concat([buf, suite.update(inbuf.slice(mid))])87buf2 = Buffer.concat([buf2, suite2.update(inbuf.slice(mid))])88t.equals(buf.toString('utf8'), buf2.toString('utf8'), 'intermediate 2')89buf = Buffer.concat([buf, suite.final()])90buf2 = Buffer.concat([buf2, suite2.final()])91t.equals(buf.toString('utf8'), fixture.text)92t.equals(buf.toString('utf8'), buf2.toString('utf8'), 'final')93})94})95types.forEach(function (cipher) {96if (modes[cipher].mode === 'ECB') {97return98}99if (isGCM(cipher) && isNode10()) {100return101}102test('fixture ' + i + ' ' + cipher + '-iv', function (t) {103if (isGCM(cipher)) {104t.plan(4)105} else {106t.plan(2)107}108var suite = crypto.createCipheriv(cipher, ebtk(fixture.password, modes[cipher].key).key, isGCM(cipher) ? (new Buffer(fixture.iv, 'hex').slice(0, 12)) : (new Buffer(fixture.iv, 'hex')))109var suite2 = _crypto.createCipheriv(cipher, ebtk(fixture.password, modes[cipher].key).key, isGCM(cipher) ? (new Buffer(fixture.iv, 'hex').slice(0, 12)) : (new Buffer(fixture.iv, 'hex')))110var buf = new Buffer('')111var buf2 = new Buffer('')112suite.on('data', function (d) {113buf = Buffer.concat([buf, d])114})115suite.on('error', function (e) {116console.log(e)117})118suite2.on('data', function (d) {119buf2 = Buffer.concat([buf2, d])120})121suite2.on('error', function (e) {122console.log(e)123})124suite.on('end', function () {125t.equals(buf.toString('hex'), fixture.results.cipherivs[cipher], 'vs fixture')126t.equals(buf.toString('hex'), buf2.toString('hex'), 'vs node')127if (isGCM(cipher)) {128t.equals(suite.getAuthTag().toString('hex'), fixture.authtag[cipher], 'authtag vs fixture')129t.equals(suite.getAuthTag().toString('hex'), suite2.getAuthTag().toString('hex'), 'authtag vs node')130}131})132if (isGCM(cipher)) {133suite.setAAD(new Buffer(fixture.aad, 'hex'))134suite2.setAAD(new Buffer(fixture.aad, 'hex'))135}136suite2.write(new Buffer(fixture.text))137suite2.end()138suite.write(new Buffer(fixture.text))139suite.end()140})141142test('fixture ' + i + ' ' + cipher + '-legacy-iv', function (t) {143if (isGCM(cipher)) {144t.plan(6)145} else {146t.plan(4)147}148var suite = crypto.createCipheriv(cipher, ebtk(fixture.password, modes[cipher].key).key, isGCM(cipher) ? (new Buffer(fixture.iv, 'hex').slice(0, 12)) : (new Buffer(fixture.iv, 'hex')))149var suite2 = _crypto.createCipheriv(cipher, ebtk(fixture.password, modes[cipher].key).key, isGCM(cipher) ? (new Buffer(fixture.iv, 'hex').slice(0, 12)) : (new Buffer(fixture.iv, 'hex')))150var buf = new Buffer('')151var buf2 = new Buffer('')152var inbuf = new Buffer(fixture.text)153var mid = ~~(inbuf.length / 2)154if (isGCM(cipher)) {155suite.setAAD(new Buffer(fixture.aad, 'hex'))156suite2.setAAD(new Buffer(fixture.aad, 'hex'))157}158buf = Buffer.concat([buf, suite.update(inbuf.slice(0, mid))])159buf2 = Buffer.concat([buf2, suite2.update(inbuf.slice(0, mid))])160t.equals(buf.toString('hex'), buf2.toString('hex'), 'intermediate')161buf = Buffer.concat([buf, suite.update(inbuf.slice(mid))])162buf2 = Buffer.concat([buf2, suite2.update(inbuf.slice(mid))])163t.equals(buf.toString('hex'), buf2.toString('hex'), 'intermediate 2')164buf = Buffer.concat([buf, suite.final()])165buf2 = Buffer.concat([buf2, suite2.final()])166t.equals(buf.toString('hex'), fixture.results.cipherivs[cipher])167t.equals(buf.toString('hex'), buf2.toString('hex'), 'final')168if (isGCM(cipher)) {169t.equals(suite.getAuthTag().toString('hex'), fixture.authtag[cipher], 'authtag vs fixture')170t.equals(suite.getAuthTag().toString('hex'), suite2.getAuthTag().toString('hex'), 'authtag vs node')171}172})173test('fixture ' + i + ' ' + cipher + '-iv-decrypt', function (t) {174t.plan(2)175var suite = crypto.createDecipheriv(cipher, ebtk(fixture.password, modes[cipher].key).key, isGCM(cipher) ? (new Buffer(fixture.iv, 'hex').slice(0, 12)) : (new Buffer(fixture.iv, 'hex')))176var buf = new Buffer('')177var suite2 = _crypto.createDecipheriv(cipher, ebtk(fixture.password, modes[cipher].key).key, isGCM(cipher) ? (new Buffer(fixture.iv, 'hex').slice(0, 12)) : (new Buffer(fixture.iv, 'hex')))178var buf2 = new Buffer('')179suite.on('data', function (d) {180buf = Buffer.concat([buf, d])181})182suite.on('error', function (e) {183t.notOk(e)184})185suite2.on('data', function (d) {186buf2 = Buffer.concat([buf2, d])187})188suite2.on('error', function (e) {189t.notOk(e)190})191suite.on('end', function () {192t.equals(buf.toString('utf8'), fixture.text, 'correct text vs fixture')193t.equals(buf.toString('utf8'), buf2.toString('utf8'), 'correct text vs node')194})195if (isGCM(cipher)) {196suite.setAuthTag(new Buffer(fixture.authtag[cipher], 'hex'))197suite2.setAuthTag(new Buffer(fixture.authtag[cipher], 'hex'))198suite.setAAD(new Buffer(fixture.aad, 'hex'))199suite2.setAAD(new Buffer(fixture.aad, 'hex'))200}201202suite2.write(new Buffer(fixture.results.cipherivs[cipher], 'hex'))203suite.write(new Buffer(fixture.results.cipherivs[cipher], 'hex'))204suite2.end()205suite.end()206})207test('fixture ' + i + ' ' + cipher + '-decrypt-legacy', function (t) {208t.plan(4)209var suite = crypto.createDecipheriv(cipher, ebtk(fixture.password, modes[cipher].key).key, isGCM(cipher) ? (new Buffer(fixture.iv, 'hex').slice(0, 12)) : (new Buffer(fixture.iv, 'hex')))210var buf = new Buffer('')211var suite2 = _crypto.createDecipheriv(cipher, ebtk(fixture.password, modes[cipher].key).key, isGCM(cipher) ? (new Buffer(fixture.iv, 'hex').slice(0, 12)) : (new Buffer(fixture.iv, 'hex')))212var buf2 = new Buffer('')213var inbuf = new Buffer(fixture.results.cipherivs[cipher], 'hex')214var mid = ~~(inbuf.length / 2)215if (isGCM(cipher)) {216suite.setAAD(new Buffer(fixture.aad, 'hex'))217suite2.setAAD(new Buffer(fixture.aad, 'hex'))218suite.setAuthTag(new Buffer(fixture.authtag[cipher], 'hex'))219suite2.setAuthTag(new Buffer(fixture.authtag[cipher], 'hex'))220}221buf = Buffer.concat([buf, suite.update(inbuf.slice(0, mid))])222buf2 = Buffer.concat([buf2, suite2.update(inbuf.slice(0, mid))])223224t.equals(buf.toString('utf8'), buf2.toString('utf8'), 'intermediate')225buf = Buffer.concat([buf, suite.update(inbuf.slice(mid))])226buf2 = Buffer.concat([buf2, suite2.update(inbuf.slice(mid))])227t.equals(buf.toString('utf8'), buf2.toString('utf8'), 'intermediate 2')228buf = Buffer.concat([buf, suite.final()])229buf2 = Buffer.concat([buf2, suite2.final()])230t.equals(buf.toString('utf8'), fixture.text)231t.equals(buf.toString('utf8'), buf2.toString('utf8'), 'final')232})233})234})235236if (!isNode10()) {237test('node tests', function (t) {238var TEST_CASES = [239{ algo: 'aes-128-gcm', key: '6970787039613669314d623455536234',240iv: '583673497131313748307652', plain: 'Hello World!',241ct: '4BE13896F64DFA2C2D0F2C76',242tag: '272B422F62EB545EAA15B5FF84092447', tampered: false },243{ algo: 'aes-128-gcm', key: '6970787039613669314d623455536234',244iv: '583673497131313748307652', plain: 'Hello World!',245ct: '4BE13896F64DFA2C2D0F2C76', aad: '000000FF',246tag: 'BA2479F66275665A88CB7B15F43EB005', tampered: false },247{ algo: 'aes-128-gcm', key: '6970787039613669314d623455536234',248iv: '583673497131313748307652', plain: 'Hello World!',249ct: '4BE13596F64DFA2C2D0FAC76',250tag: '272B422F62EB545EAA15B5FF84092447', tampered: true },251{ algo: 'aes-256-gcm', key: '337a54767a7233703637564336316a6d56353472495975313534357834546c59',252iv: '36306950306836764a6f4561', plain: 'Hello node.js world!',253ct: '58E62CFE7B1D274111A82267EBB93866E72B6C2A',254tag: '9BB44F663BADABACAE9720881FB1EC7A', tampered: false },255{ algo: 'aes-256-gcm', key: '337a54767a7233703637564336316a6d56353472495975313534357834546c59',256iv: '36306950306836764a6f4561', plain: 'Hello node.js world!',257ct: '58E62CFF7B1D274011A82267EBB93866E72B6C2B',258tag: '9BB44F663BADABACAE9720881FB1EC7A', tampered: true },259{ algo: 'aes-192-gcm', key: '1ed2233fa2223ef5d7df08546049406c7305220bca40d4c9',260iv: '0e1791e9db3bd21a9122c416', plain: 'Hello node.js world!',261password: 'very bad password', aad: '63616c76696e',262ct: 'DDA53A4059AA17B88756984995F7BBA3C636CC44',263tag: 'D2A35E5C611E5E3D2258360241C5B045', tampered: false }264]265266var ciphers = Object.keys(modes)267function testIt (i) {268t.test('test case ' + i, function (t) {269var test = TEST_CASES[i]270271if (ciphers.indexOf(test.algo) === -1) {272console.log('skipping unsupported ' + test.algo + ' test')273return274}275276(function () {277var encrypt = crypto.createCipheriv(test.algo,278new Buffer(test.key, 'hex'), new Buffer(test.iv, 'hex'))279if (test.aad) encrypt.setAAD(new Buffer(test.aad, 'hex'))280281var hex = encrypt.update(test.plain, 'ascii', 'hex')282hex += encrypt.final('hex')283var auth_tag = encrypt.getAuthTag()284// only test basic encryption run if output is marked as tampered.285if (!test.tampered) {286t.equal(hex.toUpperCase(), test.ct)287t.equal(auth_tag.toString('hex').toUpperCase(), test.tag)288}289})()290;(function () {291var decrypt = crypto.createDecipheriv(test.algo,292new Buffer(test.key, 'hex'), new Buffer(test.iv, 'hex'))293decrypt.setAuthTag(new Buffer(test.tag, 'hex'))294if (test.aad) decrypt.setAAD(new Buffer(test.aad, 'hex'))295var msg = decrypt.update(test.ct, 'hex', 'ascii')296if (!test.tampered) {297msg += decrypt.final('ascii')298t.equal(msg, test.plain)299} else {300// assert that final throws if input data could not be verified!301t.throws(function () { decrypt.final('ascii') }, / auth/)302}303})()304;(function () {305if (!test.password) return306var encrypt = crypto.createCipher(test.algo, test.password)307if (test.aad) encrypt.setAAD(new Buffer(test.aad, 'hex'))308var hex = encrypt.update(test.plain, 'ascii', 'hex')309hex += encrypt.final('hex')310var auth_tag = encrypt.getAuthTag()311// only test basic encryption run if output is marked as tampered.312if (!test.tampered) {313t.equal(hex.toUpperCase(), test.ct)314t.equal(auth_tag.toString('hex').toUpperCase(), test.tag)315}316})()317;(function () {318if (!test.password) return319var decrypt = crypto.createDecipher(test.algo, test.password)320decrypt.setAuthTag(new Buffer(test.tag, 'hex'))321if (test.aad) decrypt.setAAD(new Buffer(test.aad, 'hex'))322var msg = decrypt.update(test.ct, 'hex', 'ascii')323if (!test.tampered) {324msg += decrypt.final('ascii')325t.equal(msg, test.plain)326} else {327// assert that final throws if input data could not be verified!328t.throws(function () { decrypt.final('ascii') }, / auth/)329}330})()331332// after normal operation, test some incorrect ways of calling the API:333// it's most certainly enough to run these tests with one algorithm only.334335if (i > 0) {336t.end()337return338}339340(function () {341// non-authenticating mode:342var encrypt = crypto.createCipheriv('aes-128-cbc',343'ipxp9a6i1Mb4USb4', '6fKjEjR3Vl30EUYC')344encrypt.update('blah', 'ascii')345encrypt.final()346t.throws(function () { encrypt.getAuthTag() })347t.throws(function () {348encrypt.setAAD(new Buffer('123', 'ascii'))349})350})()351;(function () {352// trying to get tag before inputting all data:353var encrypt = crypto.createCipheriv(test.algo,354new Buffer(test.key, 'hex'), new Buffer(test.iv, 'hex'))355encrypt.update('blah', 'ascii')356t.throws(function () { encrypt.getAuthTag() }, / state/)357})()358;(function () {359// trying to set tag on encryption object:360var encrypt = crypto.createCipheriv(test.algo,361new Buffer(test.key, 'hex'), new Buffer(test.iv, 'hex'))362t.throws(function () {363encrypt.setAuthTag(new Buffer(test.tag, 'hex'))364}, / state/)365})()366;(function () {367// trying to read tag from decryption object:368var decrypt = crypto.createDecipheriv(test.algo,369new Buffer(test.key, 'hex'), new Buffer(test.iv, 'hex'))370t.throws(function () { decrypt.getAuthTag() }, / state/)371})()372t.end()373})374}375for (var i in TEST_CASES) {376testIt(i)377}378})379}380function corectPaddingWords (padding, result) {381test('correct padding ' + padding.toString('hex'), function (t) {382t.plan(1)383var block1 = new Buffer(16)384block1.fill(4)385result = block1.toString('hex') + result.toString('hex')386var cipher = _crypto.createCipher('aes128', new Buffer('password'))387cipher.setAutoPadding(false)388var decipher = crypto.createDecipher('aes128', new Buffer('password'))389var out = new Buffer('')390out = Buffer.concat([out, cipher.update(block1)])391out = Buffer.concat([out, cipher.update(padding)])392var deciphered = decipher.update(out)393deciphered = Buffer.concat([deciphered, decipher.final()])394t.equals(deciphered.toString('hex'), result)395})396}397398var sixteens = new Buffer(16)399sixteens.fill(16)400corectPaddingWords(sixteens, new Buffer(''))401var fifteens = new Buffer(16)402fifteens.fill(15)403fifteens[0] = 5404corectPaddingWords(fifteens, new Buffer([5]))405var one = _crypto.randomBytes(16)406one[15] = 1407corectPaddingWords(one, one.slice(0, -1))408function incorectPaddingthrows (padding) {409test('incorrect padding ' + padding.toString('hex'), function (t) {410t.plan(2)411var block1 = new Buffer(16)412block1.fill(4)413var cipher = crypto.createCipher('aes128', new Buffer('password'))414cipher.setAutoPadding(false)415var decipher = crypto.createDecipher('aes128', new Buffer('password'))416var decipher2 = _crypto.createDecipher('aes128', new Buffer('password'))417var out = new Buffer('')418out = Buffer.concat([out, cipher.update(block1)])419out = Buffer.concat([out, cipher.update(padding)])420decipher.update(out)421decipher2.update(out)422t.throws(function () {423decipher.final()424}, 'mine')425t.throws(function () {426decipher2.final()427}, 'node')428})429}430function incorectPaddingDoesNotThrow (padding) {431test('stream incorrect padding ' + padding.toString('hex'), function (t) {432t.plan(2)433var block1 = new Buffer(16)434block1.fill(4)435var cipher = crypto.createCipher('aes128', new Buffer('password'))436cipher.setAutoPadding(false)437var decipher = crypto.createDecipher('aes128', new Buffer('password'))438var decipher2 = _crypto.createDecipher('aes128', new Buffer('password'))439cipher.pipe(decipher)440cipher.pipe(decipher2)441cipher.write(block1)442cipher.write(padding)443decipher.on('error', function (e) {444t.ok(e, 'mine')445})446decipher2.on('error', function (e) {447t.ok(e, 'node')448})449cipher.end()450})451}452var sixteens2 = new Buffer(16)453sixteens2.fill(16)454sixteens2[3] = 5455incorectPaddingthrows(sixteens2)456incorectPaddingDoesNotThrow(sixteens2)457var fifteens2 = new Buffer(16)458fifteens2.fill(15)459fifteens2[0] = 5460fifteens2[1] = 6461incorectPaddingthrows(fifteens2)462incorectPaddingDoesNotThrow(fifteens2)463var two = _crypto.randomBytes(16)464two[15] = 2465two[14] = 1466incorectPaddingthrows(two)467incorectPaddingDoesNotThrow(two)468test('autopadding false decipher', function (t) {469t.plan(2)470var mycipher = crypto.createCipher('AES-128-ECB', new Buffer('password'))471var nodecipher = _crypto.createCipher('AES-128-ECB', new Buffer('password'))472var myEnc = mycipher.final()473var nodeEnc = nodecipher.final()474t.equals(myEnc.toString('hex'), nodeEnc.toString('hex'), 'same encryption')475var decipher = crypto.createDecipher('aes-128-ecb', new Buffer('password'))476decipher.setAutoPadding(false)477var decipher2 = _crypto.createDecipher('aes-128-ecb', new Buffer('password'))478decipher2.setAutoPadding(false)479t.equals(decipher.update(myEnc).toString('hex'), decipher2.update(nodeEnc).toString('hex'), 'same decryption')480})481482test('autopadding false cipher throws', function (t) {483t.plan(2)484var mycipher = crypto.createCipher('aes-128-ecb', new Buffer('password'))485mycipher.setAutoPadding(false)486var nodecipher = _crypto.createCipher('aes-128-ecb', new Buffer('password'))487nodecipher.setAutoPadding(false)488mycipher.update('foo')489nodecipher.update('foo')490t.throws(function () {491mycipher.final()492}, 'mine')493t.throws(function () {494nodecipher.final()495}, 'node')496})497498test('getCiphers works', function (t) {499t.plan(1)500t.ok(crypto.getCiphers().length, 'get some ciphers')501})502503504