mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
ba60f514a6
Store a HMAC with the encrypted symmetric key instead of just the wrapped key and verify that the HMAC matches before unwrapping. Test that normal getting works and a tampered payload/HMAC fails but succeeds on restoring the correct HMAC.
55 lines
1.9 KiB
JavaScript
55 lines
1.9 KiB
JavaScript
Cu.import("resource://weave/engines/clients.js");
|
|
Cu.import("resource://weave/util.js");
|
|
Cu.import("resource://weave/base_records/keys.js");
|
|
Cu.import("resource://weave/base_records/crypto.js");
|
|
|
|
function run_test() {
|
|
let baseUri = "http://fakebase/";
|
|
let pubUri = baseUri + "pubkey";
|
|
let privUri = baseUri + "privkey";
|
|
let cryptoUri = baseUri + "crypto";
|
|
|
|
_("Setting up fake pub/priv keypair and symkey for encrypt/decrypt");
|
|
PubKeys.defaultKeyUri = baseUri + "pubkey";
|
|
let {pubkey, privkey} = PubKeys.createKeypair(passphrase, pubUri, privUri);
|
|
PubKeys.set(pubUri, pubkey);
|
|
PrivKeys.set(privUri, privkey);
|
|
let cryptoMeta = new CryptoMeta(cryptoUri);
|
|
cryptoMeta.addUnwrappedKey(pubkey, Svc.Crypto.generateRandomKey());
|
|
CryptoMetas.set(cryptoUri, cryptoMeta);
|
|
|
|
_("Test that serializing client records results in uploadable ascii");
|
|
Clients.__defineGetter__("cryptoMetaURL", function() cryptoUri);
|
|
Clients.localID = "ascii";
|
|
Clients.localName = "wéävê";
|
|
|
|
_("Make sure we have the expected record");
|
|
let record = Clients._createRecord("ascii");
|
|
do_check_eq(record.id, "ascii");
|
|
do_check_eq(record.name, "wéävê");
|
|
|
|
record.encrypt(passphrase)
|
|
let serialized = JSON.stringify(record);
|
|
let checkCount = 0;
|
|
_("Checking for all ASCII:", serialized);
|
|
Array.forEach(serialized, function(ch) {
|
|
let code = ch.charCodeAt(0);
|
|
_("Checking asciiness of '", ch, "'=", code);
|
|
do_check_true(code < 128);
|
|
checkCount++;
|
|
});
|
|
|
|
_("Processed", checkCount, "characters out of", serialized.length);
|
|
do_check_eq(checkCount, serialized.length);
|
|
|
|
_("Making sure the record still looks like it did before");
|
|
record.decrypt(passphrase)
|
|
do_check_eq(record.id, "ascii");
|
|
do_check_eq(record.name, "wéävê");
|
|
|
|
_("Sanity check that creating the record also gives the same");
|
|
record = Clients._createRecord("ascii");
|
|
do_check_eq(record.id, "ascii");
|
|
do_check_eq(record.name, "wéävê");
|
|
}
|