var expect = require("chai").expect; var createHash = require("crypto").createHash; var bufferEqual = require("buffer-equal"); var eccrypto = require("./"); var msg = createHash("sha256").update("test").digest(); var otherMsg = createHash("sha256").update("test2").digest(); var shortMsg = createHash("sha1").update("test").digest(); var privateKey = Buffer.alloc(32); privateKey.fill(1); var publicKey = eccrypto.getPublic(privateKey); var publicKeyCompressed = eccrypto.getPublicCompressed(privateKey); var privateKeyA = Buffer.alloc(32); privateKeyA.fill(2); var publicKeyA = eccrypto.getPublic(privateKeyA); var publicKeyACompressed = eccrypto.getPublicCompressed(privateKeyA); var privateKeyB = Buffer.alloc(32); privateKeyB.fill(3); var publicKeyB = eccrypto.getPublic(privateKeyB); var publicKeyBCompressed = eccrypto.getPublicCompressed(privateKeyB); describe("Hashes", function() { it("should comply to the Spec", function() { const sample_sha512 = "9b71d224bd62f3785d96d46ad3ea3d73319bfbc2890caadae2dff72519673ca72323c3d99ba5c11d7c7acc6e14b8c5da0c4663475c2e5c3adef46f73bcdec043", sample_double_sha512 = "0592a10584ffabf96539f3d780d776828c67da1ab5b169e9e8aed838aaecc9ed36d49ff1423c55f019e050c66c6324f53588be88894fef4dcffdb74b98e2b200", sample_bm160 = "79a324faeebcbf9849f310545ed531556882487e"; var sha512 = createHash("sha512").update("hello").digest(), double_sha512 = createHash("sha512").update(sha512).digest(), bm160 = createHash("ripemd160").update(sha512).digest(); expect(sha512.toString("hex")).to.equal(sample_sha512); expect(double_sha512.toString("hex")).to.equal(sample_double_sha512); expect(bm160.toString("hex")).to.equal(sample_bm160); }); }); describe("Key conversion", function() { it("should allow to convert private key to public", function() { expect(Buffer.isBuffer(publicKey)).to.be.true; expect(publicKey.toString("hex")).to.equal("041b84c5567b126440995d3ed5aaba0565d71e1834604819ff9c17f5e9d5dd078f70beaf8f588b541507fed6a642c5ab42dfdf8120a7f639de5122d47a69a8e8d1"); }); it("should allow to convert private key to compressed public", function() { expect(Buffer.isBuffer(publicKeyCompressed)).to.be.true; expect(publicKeyCompressed.toString("hex")).to.equal("031b84c5567b126440995d3ed5aaba0565d71e1834604819ff9c17f5e9d5dd078f"); }); it("should throw on invalid private key", function() { expect(eccrypto.getPublic.bind(null, Buffer.from("00", "hex"))).to.throw(Error); expect(eccrypto.getPublic.bind(null, Buffer.from("test"))).to.throw(Error); }); }); describe("ECDSA", function() { it("should allow to sign and verify message", function() { return eccrypto.sign(privateKey, msg).then(function(sig) { expect(Buffer.isBuffer(sig)).to.be.true; expect(sig.toString("hex")).to.equal("3044022078c15897a34de6566a0d396fdef660698c59fef56d34ee36bef14ad89ee0f6f8022016e02e8b7285d93feafafbe745702f142973a77d5c2fa6293596357e17b3b47c"); return eccrypto.verify(publicKey, msg, sig); }); }); it("should allow to sign and verify message using a compressed public key", function() { return eccrypto.sign(privateKey, msg).then(function(sig) { expect(Buffer.isBuffer(sig)).to.be.true; expect(sig.toString("hex")).to.equal("3044022078c15897a34de6566a0d396fdef660698c59fef56d34ee36bef14ad89ee0f6f8022016e02e8b7285d93feafafbe745702f142973a77d5c2fa6293596357e17b3b47c"); return eccrypto.verify(publicKeyCompressed, msg, sig); }); }); it("shouldn't verify incorrect signature", function(done) { eccrypto.sign(privateKey, msg).then(function(sig) { expect(Buffer.isBuffer(sig)).to.be.true; eccrypto.verify(publicKey, otherMsg, sig).catch(function() { done(); }); }); }); it("should reject promise on invalid key when signing", function(done) { var k4 = Buffer.from("test"); var k192 = Buffer.from("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "hex"); var k384 = Buffer.from("bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb", "hex"); eccrypto.sign(k4, msg).catch(function() { eccrypto.sign(k192, msg).catch(function() { eccrypto.sign(k384, msg).catch(function() { done(); }); }); }); }); it("should reject promise on invalid key when verifying", function(done) { eccrypto.sign(privateKey, msg).then(function(sig) { expect(Buffer.isBuffer(sig)).to.be.true; eccrypto.verify(Buffer.from("test"), msg, sig).catch(function() { var badKey = Buffer.alloc(65); publicKey.copy(badKey); badKey[0] ^= 1; eccrypto.verify(badKey, msg, sig).catch(function() { done(); }); }); }); }); it("should reject promise on invalid sig when verifying", function(done) { eccrypto.sign(privateKey, msg).then(function(sig) { expect(Buffer.isBuffer(sig)).to.be.true; sig[0] ^= 1; eccrypto.verify(publicKey, msg, sig).catch(function() { done(); }); }); }); it("should allow to sign and verify messages less than 32 bytes", function() { return eccrypto.sign(privateKey, shortMsg).then(function(sig) { expect(Buffer.isBuffer(sig)).to.be.true; expect(sig.toString("hex")).to.equal("304402204737396b697e5a3400e3aedd203d8be89879f97708647252bd0c17752ff4c8f302201d52ef234de82ce0719679fa220334c83b80e21b8505a781d32d94a27d9310aa"); return eccrypto.verify(publicKey, shortMsg, sig); }); }); it("shouldn't sign and verify messages longer than 32 bytes", function(done) { var longMsg = Buffer.alloc(40); var someSig = Buffer.from("304402204737396b697e5a3400e3aedd203d8be89879f97708647252bd0c17752ff4c8f302201d52ef234de82ce0719679fa220334c83b80e21b8505a781d32d94a27d9310aa", "hex"); eccrypto.sign(privateKey, longMsg).catch(function() { eccrypto.verify(privateKey, longMsg, someSig).catch(function(e) { expect(e.message).to.not.match(/bad signature/i); done(); }); }); }); it("shouldn't sign and verify empty messages", function(done) { var emptyMsg = Buffer.alloc(0); var someSig = Buffer.from("304402204737396b697e5a3400e3aedd203d8be89879f97708647252bd0c17752ff4c8f302201d52ef234de82ce0719679fa220334c83b80e21b8505a781d32d94a27d9310aa", "hex"); eccrypto.sign(privateKey, emptyMsg).catch(function() { eccrypto.verify(publicKey, emptyMsg, someSig).catch(function(e) { expect(e.message).to.not.match(/bad signature/i); done(); }); }); }); }); describe("ECDH", function() { it("should derive shared secret from privkey A and pubkey B", function() { return eccrypto.derive(privateKeyA, publicKeyB).then(function(Px) { expect(Buffer.isBuffer(Px)).to.be.true; expect(Px.length).to.equal(32); expect(Px.toString("hex")).to.equal("aca78f27d5f23b2e7254a0bb8df128e7c0f922d47ccac72814501e07b7291886"); return eccrypto.derive(privateKeyB, publicKeyA).then(function(Px2) { expect(Buffer.isBuffer(Px2)).to.be.true; expect(Px2.length).to.equal(32); expect(bufferEqual(Px, Px2)).to.be.true; }); }); }); it("should derive shared secret from privkey A and compressed pubkey B", function() { return eccrypto.derive(privateKeyA, publicKeyBCompressed).then(function(Px) { expect(Buffer.isBuffer(Px)).to.be.true; expect(Px.length).to.equal(32); expect(Px.toString("hex")).to.equal("aca78f27d5f23b2e7254a0bb8df128e7c0f922d47ccac72814501e07b7291886"); return eccrypto.derive(privateKeyB, publicKeyA).then(function(Px2) { expect(Buffer.isBuffer(Px2)).to.be.true; expect(Px2.length).to.equal(32); expect(bufferEqual(Px, Px2)).to.be.true; }); }); }); it("should reject promise on bad keys", function(done) { eccrypto.derive(Buffer.from("test"), publicKeyB).catch(function() { eccrypto.derive(publicKeyB, publicKeyB).catch(function() { eccrypto.derive(privateKeyA, privateKeyA).catch(function() { eccrypto.derive(privateKeyB, Buffer.from("test")).catch(function() { done(); }); }); }); }); }); it("should reject promise on bad arguments", function(done) { eccrypto.derive({}, {}).catch(function(e) { expect(e.message).to.match(/Bad private key/i); done(); }); }); }); describe("ECIES", function() { // To comply to the Spec const samplePrivateKey = Buffer.from( "5be6facd941b76e9d3ead03029fbdb6b6e0809293f7fb197d0c51f84e96b8ba4", "hex"), sampleIV = Buffer.from("bddb7c2829b08038753084a2f3991681", "hex"), // notice the simple (not encoded) pubkey here samplePublicKey = Buffer.from( "0409d4e5c0ab3d25fe048c64c9da1a242c7f19417e9517cd266950d72c755713585c6178e97fe092fc897c9a1f1720d5770ae8eaad2fa8fcbd08e9324a5dde1857", "hex"), sampleData = "The quick brown fox jumps over the lazy dog.", sampleCiphertext = Buffer.from( "64203d5b24688e2547bba345fa139a5a1d962220d4d48a0cf3b1572c0d95b61643a6f9a0d75af7eacc1bd957147bf723", "hex"), // a pubkey encoded with curve number and length sampleEphemPublicKey = Buffer.from( "02ca00200293213dcf1388b61c2ae5cf80fee6ffffc049a2f9fe7365fe3867813ca812920020df94686c6afb565ac6149b153d61b3b287ee2c7f997c14238796c12b43a3865a", "hex"), sampleMAC = Buffer.from( "f2526d61b4851fb23409863826fd206165edc021368c7946571cead69046e619", "hex"), encOpts = {ephemPrivateKey: samplePrivateKey, iv: sampleIV}; const data = Buffer.from("test"), ciphertext = Buffer.from("dd2e0b29bd31f9b6c1f9b49c5eda29c9", "hex"), mac = Buffer.from( "109603cc4568edd10c9a3850d82846c4610dc1d11cfc84da64161025a47147b7", "hex"); var decOpts = { iv: sampleIV, ephemPublicKey: sampleEphemPublicKey, ciphertext: ciphertext, mac: mac}; it("should comply to the Spec and the network", function() { return eccrypto.encrypt(samplePublicKey, sampleData, encOpts) .then(function(enc) { expect(bufferEqual(enc.iv, sampleIV)).to.be.true; expect(bufferEqual(enc.ciphertext, sampleCiphertext)).to.be.true; expect(bufferEqual(enc.ephemPublicKey, sampleEphemPublicKey)).to.be.true; expect(bufferEqual(enc.mac, sampleMAC)).to.be.true; }); }); it("should encrypt", function() { return eccrypto.encrypt(publicKeyB, data, encOpts) .then(function(enc) { expect(bufferEqual(enc.iv, sampleIV)).to.be.true; expect(bufferEqual(enc.ciphertext, ciphertext)).to.be.true; expect(bufferEqual(enc.ephemPublicKey, sampleEphemPublicKey)).to.be.true; expect(bufferEqual(enc.mac, mac)).to.be.true; }); }); it("should decrypt", function() { return eccrypto.decrypt(privateKeyB, decOpts) .then(function(msg) { expect(bufferEqual(msg, data)).to.be.true; }); }); it("should encrypt and decrypt", function() { return eccrypto.encrypt(publicKeyA, Buffer.from("to a")).then(function(enc) { return eccrypto.decrypt(privateKeyA, enc); }).then(function(msg) { expect(msg.toString()).to.equal("to a"); }); }); it("should encrypt and decrypt with message size > 15", function() { return eccrypto.encrypt(publicKeyA, Buffer.from("message size that is greater than 15 for sure =)")).then(function(enc) { return eccrypto.decrypt(privateKeyA, enc); }).then(function(msg) { expect(msg.toString()).to.equal("message size that is greater than 15 for sure =)"); }); }); it("should encrypt with compressed public key", function() { return eccrypto.encrypt(publicKeyBCompressed, Buffer.from("test"), encOpts) .then(function(enc) { expect(bufferEqual(enc.iv, sampleIV)).to.be.true; expect(bufferEqual(enc.ephemPublicKey, sampleEphemPublicKey)).to.be.true; expect(bufferEqual(enc.ciphertext, ciphertext)).to.be.true; expect(bufferEqual(enc.mac, mac)).to.be.true; }); }); it("should encrypt and decrypt with compressed public key", function() { return eccrypto.encrypt(publicKeyACompressed, Buffer.from("to a")).then(function(enc) { return eccrypto.decrypt(privateKeyA, enc); }).then(function(msg) { expect(msg.toString()).to.equal("to a"); }); }); it("should encrypt and decrypt with generated private and public key", function () { var privateKey = eccrypto.generatePrivate(); var publicKey = eccrypto.getPublic(privateKey); return eccrypto.encrypt(publicKey, Buffer.from("generated private key")) .then(function(enc) { return eccrypto.decrypt(privateKey, enc); }) .then(function(msg) { expect(msg.toString()).to.equal("generated private key"); }); }); // To comply to the Spec and the network it("should comply to the Spec", function() { return eccrypto.encrypt(samplePublicKey, sampleData, { iv: sampleIV, ephemPrivateKey: samplePrivateKey }).then( function(enc) { expect(bufferEqual(enc.iv, sampleIV)).to.be.true; expect(bufferEqual(enc.ciphertext, sampleCiphertext)).to.be.true; expect(bufferEqual(enc.ephemPublicKey, sampleEphemPublicKey)).to.be.true; expect(bufferEqual(enc.mac, sampleMAC)).to.be.true; }); }); it("should reject promise on bad private key when decrypting", function(done) { eccrypto.encrypt(publicKeyA, Buffer.from("test")).then(function(enc) { eccrypto.decrypt(privateKeyB, enc).catch(function() { done(); }); }); }); it("should reject promise on bad IV when decrypting", function(done) { eccrypto.encrypt(publicKeyA, Buffer.from("test")).then(function(enc) { enc.iv[0] ^= 1; eccrypto.decrypt(privateKeyA, enc).catch(function() { done(); }); }); }); // it("should reject promise on bad R when decrypting", function(done) { // eccrypto.encrypt(publicKeyA, Buffer.from("test")).then(function(enc) { // enc.ephemPublicKey[0] ^= 1; // eccrypto.decrypt(privateKeyA, enc).catch(function() { // done(); // }); // }); // }); it("should reject promise on bad ciphertext when decrypting", function(done) { eccrypto.encrypt(publicKeyA, Buffer.from("test")).then(function(enc) { enc.ciphertext[0] ^= 1; eccrypto.decrypt(privateKeyA, enc).catch(function() { done(); }); }); }); it("should reject promise on bad MAC when decrypting", function(done) { eccrypto.encrypt(publicKeyA, Buffer.from("test")).then(function(enc) { var origMac = enc.mac; enc.mac = mac.slice(1); eccrypto.decrypt(privateKeyA, enc).catch(function() { enc.mac = origMac; enc.mac[10] ^= 1; eccrypto.decrypt(privateKeyA, enc).catch(function() { done(); }); }); }); }); });