1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/services/sync/tests/unit/test_utils_deriveKey.js Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,66 @@
1.4 +Cu.import("resource://services-crypto/WeaveCrypto.js");
1.5 +Cu.import("resource://services-sync/util.js");
1.6 +
1.7 +let cryptoSvc = new WeaveCrypto();
1.8 +
1.9 +function run_test() {
1.10 + if (this.gczeal) {
1.11 + _("Running deriveKey tests with gczeal(2).");
1.12 + gczeal(2);
1.13 + } else {
1.14 + _("Running deriveKey tests with default gczeal.");
1.15 + }
1.16 +
1.17 + var iv = cryptoSvc.generateRandomIV();
1.18 + var der_passphrase = "secret phrase";
1.19 + var der_salt = "RE5YUHpQcGl3bg=="; // btoa("DNXPzPpiwn")
1.20 +
1.21 + _("Testing deriveKeyFromPassphrase. Input is \"" + der_passphrase + "\", \"" + der_salt + "\" (base64-encoded).");
1.22 +
1.23 + // Test friendly-ing.
1.24 + do_check_eq("abcdefghijk8mn9pqrstuvwxyz234567",
1.25 + Utils.base32ToFriendly("ABCDEFGHIJKLMNOPQRSTUVWXYZ234567"));
1.26 + do_check_eq("ABCDEFGHIJKLMNOPQRSTUVWXYZ234567",
1.27 + Utils.base32FromFriendly(
1.28 + Utils.base32ToFriendly("ABCDEFGHIJKLMNOPQRSTUVWXYZ234567")));
1.29 +
1.30 + // Test translation.
1.31 + do_check_false(Utils.isPassphrase("o-5wmnu-o5tqc-7lz2h-amkbw-izqzi")); // Wrong charset.
1.32 + do_check_false(Utils.isPassphrase("O-5WMNU-O5TQC-7LZ2H-AMKBW-IZQZI")); // Wrong charset.
1.33 + do_check_true(Utils.isPassphrase("9-5wmnu-95tqc-78z2h-amkbw-izqzi"));
1.34 + do_check_true(Utils.isPassphrase("9-5WMNU-95TQC-78Z2H-AMKBW-IZQZI")); // isPassphrase normalizes.
1.35 + do_check_true(Utils.isPassphrase(
1.36 + Utils.normalizePassphrase("9-5WMNU-95TQC-78Z2H-AMKBW-IZQZI")));
1.37 +
1.38 + // Base64. We don't actually use this in anger, particularly not with a 32-byte key.
1.39 + var der_key = Utils.deriveEncodedKeyFromPassphrase(der_passphrase, der_salt);
1.40 + _("Derived key in base64: " + der_key);
1.41 + do_check_eq(cryptoSvc.decrypt(cryptoSvc.encrypt("bacon", der_key, iv), der_key, iv), "bacon");
1.42 +
1.43 + // Base64, 16-byte output.
1.44 + var der_key = Utils.deriveEncodedKeyFromPassphrase(der_passphrase, der_salt, 16);
1.45 + _("Derived key in base64: " + der_key);
1.46 + do_check_eq("d2zG0d2cBfXnRwMUGyMwyg==", der_key);
1.47 + do_check_eq(cryptoSvc.decrypt(cryptoSvc.encrypt("bacon", der_key, iv), der_key, iv), "bacon");
1.48 +
1.49 + // Base32. Again, specify '16' to avoid it generating a 256-bit key string.
1.50 + var b32key = Utils.derivePresentableKeyFromPassphrase(der_passphrase, der_salt, 16);
1.51 + var hyphenated = Utils.hyphenatePassphrase(b32key);
1.52 + do_check_true(Utils.isPassphrase(b32key));
1.53 +
1.54 + _("Derived key in base32: " + b32key);
1.55 + do_check_eq(b32key.length, 26);
1.56 + do_check_eq(hyphenated.length, 31); // 1 char, plus 5 groups of 5, hyphenated = 5 + (5*5) + 1 = 31.
1.57 + do_check_eq(hyphenated, "9-5wmnu-95tqc-78z2h-amkbw-izqzi");
1.58 +
1.59 + if (this.gczeal)
1.60 + gczeal(0);
1.61 +
1.62 + // Test the equivalence of our NSS and JS versions.
1.63 + // Will only work on FF4, of course.
1.64 + // Note that we don't add gczeal here: the pure-JS implementation is
1.65 + // astonishingly slow, and this check takes five minutes to run.
1.66 + do_check_eq(
1.67 + Utils.deriveEncodedKeyFromPassphrase(der_passphrase, der_salt, 16, false),
1.68 + Utils.deriveEncodedKeyFromPassphrase(der_passphrase, der_salt, 16, true));
1.69 +}
