From 734a9dc2abb8c0333095ff3491b5a41ef05749ec Mon Sep 17 00:00:00 2001 From: Filip Skokan Date: Wed, 19 Feb 2020 10:53:08 +0100 Subject: [PATCH] test: refactor jwe long running tests --- test/fixtures/index.js | 9 +++- test/fixtures/rsa_512.pem | 4 -- test/jwe/smoke.P-256K.test.js | 32 -------------- test/jwe/smoke.oct.test.js | 52 +++++++++++++++++++++++ test/jwe/smoke.p256.test.js | 1 + test/jwe/smoke.p384.test.js | 1 + test/jwe/smoke.p521.test.js | 1 + test/jwe/smoke.rsa.test.js | 1 + test/jwe/smoke.rsamin.test.js | 20 +++++++++ test/jwe/smoke.test.js | 78 ++++------------------------------- test/jwe/smoke.x25519.test.js | 1 + test/jwe/smoke.x448.test.js | 1 + test/macros/test_asymm_enc.js | 36 ++++++++++++++++ 13 files changed, 129 insertions(+), 108 deletions(-) delete mode 100644 test/fixtures/rsa_512.pem delete mode 100644 test/jwe/smoke.P-256K.test.js create mode 100644 test/jwe/smoke.oct.test.js create mode 100644 test/jwe/smoke.p256.test.js create mode 100644 test/jwe/smoke.p384.test.js create mode 100644 test/jwe/smoke.p521.test.js create mode 100644 test/jwe/smoke.rsa.test.js create mode 100644 test/jwe/smoke.rsamin.test.js create mode 100644 test/jwe/smoke.x25519.test.js create mode 100644 test/jwe/smoke.x448.test.js create mode 100644 test/macros/test_asymm_enc.js diff --git a/test/fixtures/index.js b/test/fixtures/index.js index 0a5e7b2f..f7fc5e50 100644 --- a/test/fixtures/index.js +++ b/test/fixtures/index.js @@ -1,5 +1,6 @@ const { readFileSync } = require('fs') const { join } = require('path') +const { improvedDH } = require('../../lib/help/runtime_support') module.exports.JWK = { RSA_PUBLIC: { @@ -89,26 +90,28 @@ module.exports.JWK = { } } -module.exports.RSA_512 = readFileSync(join(__dirname, 'rsa_512.pem')) - module.exports.PEM = { RSA: { private: readFileSync(join(__dirname, 'rsa.key')), public: readFileSync(join(__dirname, 'rsa.pem')) }, Ed25519: { + testEnc: false, private: readFileSync(join(__dirname, 'Ed25519.key')), public: readFileSync(join(__dirname, 'Ed25519.pem')) }, Ed448: { + testEnc: false, private: readFileSync(join(__dirname, 'Ed448.key')), public: readFileSync(join(__dirname, 'Ed448.pem')) }, X25519: { + testEnc: improvedDH && !('electron' in process.versions), private: readFileSync(join(__dirname, 'X25519.key')), public: readFileSync(join(__dirname, 'X25519.pem')) }, X448: { + testEnc: improvedDH && !('electron' in process.versions), private: readFileSync(join(__dirname, 'X448.key')), public: readFileSync(join(__dirname, 'X448.pem')) }, @@ -117,10 +120,12 @@ module.exports.PEM = { public: readFileSync(join(__dirname, 'P-256.pem')) }, secp256k1: { + testEnc: false, private: readFileSync(join(__dirname, 'secp256k1.key')), public: readFileSync(join(__dirname, 'secp256k1.pem')) }, 'P-256K': { + testEnc: false, private: readFileSync(join(__dirname, 'secp256k1.key')), public: readFileSync(join(__dirname, 'secp256k1.pem')) }, diff --git a/test/fixtures/rsa_512.pem b/test/fixtures/rsa_512.pem deleted file mode 100644 index 4e89803c..00000000 --- a/test/fixtures/rsa_512.pem +++ /dev/null @@ -1,4 +0,0 @@ ------BEGIN PUBLIC KEY----- -MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANfIj0FsIfWjNqyGxriALLDMU6qUTts+ -LvQc2rVWj9iC4IPFZKIFZB10V+FDGBsA8o9VmQlA6/fDxsZNW+rRLckCAwEAAQ== ------END PUBLIC KEY----- diff --git a/test/jwe/smoke.P-256K.test.js b/test/jwe/smoke.P-256K.test.js deleted file mode 100644 index 7eb40843..00000000 --- a/test/jwe/smoke.P-256K.test.js +++ /dev/null @@ -1,32 +0,0 @@ -// require 'secp256k1' renamed to 'P-256K' -require('../../P-256K') - -const test = require('ava') - -if ('electron' in process.versions) return - -const { JWK: { asKey } } = require('../..') - -const ENCS = [ - 'A128GCM', - 'A192GCM', - 'A256GCM', - 'A128CBC-HS256', - 'A192CBC-HS384', - 'A256CBC-HS512' -] - -const type = 'P-256K' -const { private: key, public: pub } = require('../fixtures').PEM[type] - -const { JWE: { success, failure } } = require('../macros') - -const eKey = asKey(pub) -const dKey = asKey(key) - -;[...eKey.algorithms('wrapKey'), ...eKey.algorithms('deriveKey')].forEach((alg) => { - ENCS.forEach((enc) => { - test(`key ${type} > alg ${alg} > ${enc}`, success, eKey, dKey, alg, enc) - test(`key ${type} > alg ${alg} > ${enc} (negative cases)`, failure, eKey, dKey, alg, enc) - }) -}) diff --git a/test/jwe/smoke.oct.test.js b/test/jwe/smoke.oct.test.js new file mode 100644 index 00000000..ba80fe0e --- /dev/null +++ b/test/jwe/smoke.oct.test.js @@ -0,0 +1,52 @@ +const test = require('ava') + +const { randomBytes } = require('crypto') + +const { keyObjectSupported } = require('../../lib/help/runtime_support') +const { JWK: { asKey } } = require('../..') +const registry = require('../../lib/registry') + +const { JWE: { success, failure } } = require('../macros') + +const ENCS = [...registry.JWA.encrypt.keys()] + +;[16, 24, 32, 48, 64].forEach((len) => { + const sk = randomBytes(len) + const sym = asKey(sk) + ;[...sym.algorithms('wrapKey'), 'dir'].forEach((alg) => { + (alg === 'dir' ? sym.algorithms('encrypt') : ENCS).forEach((enc) => { + test(`key ${sym.kty}(${len * 8} bits) > alg ${alg} > ${enc}`, success, sym, sym, alg, enc) + test(`key ${sym.kty}(${len * 8} bits) > alg ${alg} > ${enc} (key as bare input)`, success, sk, sk, alg, enc) + if (keyObjectSupported) { + test(`key ${sym.kty}(${len * 8} bits) > alg ${alg} > ${enc} (key as keyobject)`, success, sym.keyObject, sym.keyObject, alg, enc) + } + test(`key ${sym.kty}(${len * 8} bits) > alg ${alg} > ${enc} (key as JWK)`, success, sym.toJWK(true), sym.toJWK(true), alg, enc) + test(`key ${sym.kty}(${len * 8} bits) > alg ${alg} > ${enc} (negative cases, key as bare input)`, failure, sk, sk, alg, enc) + if (keyObjectSupported) { + test(`key ${sym.kty}(${len * 8} bits) > alg ${alg} > ${enc} (negative cases, key as keyobject)`, failure, sym.keyObject, sym.keyObject, alg, enc) + } + test(`key ${sym.kty}(${len * 8} bits) > alg ${alg} > ${enc} (negative cases, key as JWK)`, failure, sym.toJWK(true), sym.toJWK(true), alg, enc) + }) + }) +}) + +{ + // PBES2 derive only + const sk = Buffer.from('hunter2', 'utf-8') + const sym = asKey(sk) + sym.algorithms('deriveKey').forEach((alg) => { + ENCS.forEach((enc) => { + test(`key ${sym.kty}(password) > alg ${alg} > ${enc}`, success, sym, sym, alg, enc) + test(`key ${sym.kty}(password) > alg ${alg} > ${enc} (key as bare input)`, success, sk, sk, alg, enc) + if (keyObjectSupported) { + test(`key ${sym.kty}(password) > alg ${alg} > ${enc} (key as keyobject)`, success, sym.keyObject, sym.keyObject, alg, enc) + } + test(`key ${sym.kty}(password) > alg ${alg} > ${enc} (key as JWK)`, success, sym.toJWK(true), sym.toJWK(true), alg, enc) + test(`key ${sym.kty}(password) > alg ${alg} > ${enc} (negative cases, key as bare input)`, failure, sk, sk, alg, enc) + if (keyObjectSupported) { + test(`key ${sym.kty}(password) > alg ${alg} > ${enc} (negative cases, key as keyobject)`, failure, sym.keyObject, sym.keyObject, alg, enc) + } + test(`key ${sym.kty}(password) > alg ${alg} > ${enc} (negative cases, key as JWK)`, failure, sym.toJWK(true), sym.toJWK(true), alg, enc) + }) + }) +} diff --git a/test/jwe/smoke.p256.test.js b/test/jwe/smoke.p256.test.js new file mode 100644 index 00000000..40baefc6 --- /dev/null +++ b/test/jwe/smoke.p256.test.js @@ -0,0 +1 @@ +require('../macros/test_asymm_enc')('P-256') diff --git a/test/jwe/smoke.p384.test.js b/test/jwe/smoke.p384.test.js new file mode 100644 index 00000000..009034e5 --- /dev/null +++ b/test/jwe/smoke.p384.test.js @@ -0,0 +1 @@ +require('../macros/test_asymm_enc')('P-384') diff --git a/test/jwe/smoke.p521.test.js b/test/jwe/smoke.p521.test.js new file mode 100644 index 00000000..089b1fbb --- /dev/null +++ b/test/jwe/smoke.p521.test.js @@ -0,0 +1 @@ +require('../macros/test_asymm_enc')('P-521') diff --git a/test/jwe/smoke.rsa.test.js b/test/jwe/smoke.rsa.test.js new file mode 100644 index 00000000..8353d341 --- /dev/null +++ b/test/jwe/smoke.rsa.test.js @@ -0,0 +1 @@ +require('../macros/test_asymm_enc')('RSA') diff --git a/test/jwe/smoke.rsamin.test.js b/test/jwe/smoke.rsamin.test.js new file mode 100644 index 00000000..0e15689e --- /dev/null +++ b/test/jwe/smoke.rsamin.test.js @@ -0,0 +1,20 @@ +const test = require('ava') + +const { JWK: { asKey, generateSync } } = require('../..') +const registry = require('../../lib/registry') + +const { JWE: { success, failure } } = require('../macros') + +const ENCS = [...registry.JWA.encrypt.keys()] + +{ + const rsa = generateSync('RSA') + const dKey = asKey({ kty: 'RSA', e: rsa.e, n: rsa.n, d: rsa.d }, { calculateMissingRSAPrimes: true }) + const eKey = asKey({ kty: 'RSA', e: rsa.e, n: rsa.n }) + eKey.algorithms('wrapKey').forEach((alg) => { + ENCS.forEach((enc) => { + test(`key RSA (min) > alg ${alg} > ${enc}`, success, eKey, dKey, alg, enc) + test(`key RSA (min) > alg ${alg} > ${enc} (negative cases)`, failure, eKey, dKey, alg, enc) + }) + }) +} diff --git a/test/jwe/smoke.test.js b/test/jwe/smoke.test.js index 97af0acd..e5f5a6b4 100644 --- a/test/jwe/smoke.test.js +++ b/test/jwe/smoke.test.js @@ -1,77 +1,15 @@ const test = require('ava') -const { randomBytes } = require('crypto') - -const { edDSASupported, keyObjectSupported } = require('../../lib/help/runtime_support') -const { JWK: { asKey, generateSync } } = require('../..') - -const ENCS = [ - 'A128GCM', - 'A192GCM', - 'A256GCM', - 'A128CBC-HS256', - 'A192CBC-HS384', - 'A256CBC-HS512' -] +const { existsSync } = require('fs') +const path = require('path') const fixtures = require('../fixtures') -const { JWE: { success, failure } } = require('../macros') - -Object.entries(fixtures.PEM).forEach(([type, { private: key, public: pub }]) => { - if (type === 'P-256K') return - if ('electron' in process.versions && (type.startsWith('X') || type === 'Ed448' || type === 'secp256k1')) return - if (!edDSASupported && (type.startsWith('Ed') || type.startsWith('X'))) return - - const eKey = asKey(pub) - const dKey = asKey(key) - - ;[...eKey.algorithms('wrapKey'), ...eKey.algorithms('deriveKey')].forEach((alg) => { - ENCS.forEach((enc) => { - test(`key ${type} > alg ${alg} > ${enc}`, success, eKey, dKey, alg, enc) - test(`key ${type} > alg ${alg} > ${enc} (key as bare input)`, success, pub, key, alg, enc) - if (keyObjectSupported) { - test(`key ${type} > alg ${alg} > ${enc} (key as keyObject)`, success, eKey.keyObject, dKey.keyObject, alg, enc) - } - test(`key ${type} > alg ${alg} > ${enc} (key as JWK)`, success, eKey.toJWK(false), dKey.toJWK(true), alg, enc) - test(`key ${type} > alg ${alg} > ${enc} (negative cases)`, failure, eKey, dKey, alg, enc) - test(`key ${type} > alg ${alg} > ${enc} (negative cases, key as bare input)`, failure, pub, key, alg, enc) - if (keyObjectSupported) { - test(`key ${type} > alg ${alg} > ${enc} (negative cases, key as keyObject)`, failure, eKey.keyObject, dKey.keyObject, alg, enc) - } - test(`key ${type} > alg ${alg} > ${enc} (negative cases, key as JWK)`, failure, eKey.toJWK(false), dKey.toJWK(true), alg, enc) +Object.entries(fixtures.PEM).forEach(([type, { testEnc = true }]) => { + if (testEnc) { + const filename = `smoke.${type.toLowerCase().replace('-', '')}.test.js` + test(`${type} is tested`, t => { + t.true(existsSync(path.join(__dirname, filename))) }) - }) + } }) - -;[16, 24, 32, 48, 64].forEach((len) => { - const sk = randomBytes(len) - const sym = asKey(sk) - ;[...sym.algorithms('wrapKey'), ...sym.algorithms('deriveKey')].forEach((alg) => { - sym.algorithms('encrypt').forEach((enc) => { - test(`key ${sym.kty} > alg ${alg} > ${enc}`, success, sym, sym, alg, enc) - test(`key ${sym.kty} > alg ${alg} > ${enc} (key as bare input)`, success, sk, sk, alg, enc) - if (keyObjectSupported) { - test(`key ${sym.kty} > alg ${alg} > ${enc} (key as keyobject)`, success, sym.keyObject, sym.keyObject, alg, enc) - } - test(`key ${sym.kty} > alg ${alg} > ${enc} (key as JWK)`, success, sym.toJWK(true), sym.toJWK(true), alg, enc) - test(`key ${sym.kty} > alg ${alg} > ${enc} (negative cases, key as bare input)`, failure, sk, sk, alg, enc) - if (keyObjectSupported) { - test(`key ${sym.kty} > alg ${alg} > ${enc} (negative cases, key as keyobject)`, failure, sym.keyObject, sym.keyObject, alg, enc) - } - test(`key ${sym.kty} > alg ${alg} > ${enc} (negative cases, key as JWK)`, failure, sym.toJWK(true), sym.toJWK(true), alg, enc) - }) - }) -}) - -{ - const rsa = generateSync('RSA') - const dKey = asKey({ kty: 'RSA', e: rsa.e, n: rsa.n, d: rsa.d }, { calculateMissingRSAPrimes: true }) - const eKey = asKey({ kty: 'RSA', e: rsa.e, n: rsa.n }) - eKey.algorithms('wrapKey').forEach((alg) => { - ENCS.forEach((enc) => { - test(`key RSA (min) > alg ${alg} > ${enc}`, success, eKey, dKey, alg, enc) - test(`key RSA (min) > alg ${alg} > ${enc} (negative cases)`, failure, eKey, dKey, alg, enc) - }) - }) -} diff --git a/test/jwe/smoke.x25519.test.js b/test/jwe/smoke.x25519.test.js new file mode 100644 index 00000000..da7d29ae --- /dev/null +++ b/test/jwe/smoke.x25519.test.js @@ -0,0 +1 @@ +require('../macros/test_asymm_enc')('X25519') diff --git a/test/jwe/smoke.x448.test.js b/test/jwe/smoke.x448.test.js new file mode 100644 index 00000000..2e03d65c --- /dev/null +++ b/test/jwe/smoke.x448.test.js @@ -0,0 +1 @@ +require('../macros/test_asymm_enc')('X448') diff --git a/test/macros/test_asymm_enc.js b/test/macros/test_asymm_enc.js new file mode 100644 index 00000000..45d36b9f --- /dev/null +++ b/test/macros/test_asymm_enc.js @@ -0,0 +1,36 @@ +const test = require('ava') + +const { keyObjectSupported } = require('../../lib/help/runtime_support') +const { JWK: { asKey } } = require('../..') +const registry = require('../../lib/registry') + +const fixtures = require('../fixtures') +const { JWE: { success, failure } } = require('../macros') + +const ENCS = [...registry.JWA.encrypt.keys()] + +module.exports = (type) => { + const { private: key, public: pub, testEnc = true } = fixtures.PEM[type] + + if (!testEnc) return + + const eKey = asKey(pub) + const dKey = asKey(key) + + ;[...eKey.algorithms('wrapKey'), ...eKey.algorithms('deriveKey')].forEach((alg) => { + ENCS.forEach((enc) => { + test(`key ${type} > alg ${alg} > ${enc}`, success, eKey, dKey, alg, enc) + test(`key ${type} > alg ${alg} > ${enc} (key as bare input)`, success, pub, key, alg, enc) + if (keyObjectSupported) { + test(`key ${type} > alg ${alg} > ${enc} (key as keyObject)`, success, eKey.keyObject, dKey.keyObject, alg, enc) + } + test(`key ${type} > alg ${alg} > ${enc} (key as JWK)`, success, eKey.toJWK(false), dKey.toJWK(true), alg, enc) + test(`key ${type} > alg ${alg} > ${enc} (negative cases)`, failure, eKey, dKey, alg, enc) + test(`key ${type} > alg ${alg} > ${enc} (negative cases, key as bare input)`, failure, pub, key, alg, enc) + if (keyObjectSupported) { + test(`key ${type} > alg ${alg} > ${enc} (negative cases, key as keyObject)`, failure, eKey.keyObject, dKey.keyObject, alg, enc) + } + test(`key ${type} > alg ${alg} > ${enc} (negative cases, key as JWK)`, failure, eKey.toJWK(false), dKey.toJWK(true), alg, enc) + }) + }) +}