'use strict'; const { getCryptoParams, PushCrypto, } = Cu.import('resource://gre/modules/PushCrypto.jsm', {}); function run_test() { run_next_test(); } add_task(function* test_crypto_getCryptoParams() { // These headers should parse correctly. let shouldParse = [{ desc: 'aesgcm with multiple keys', headers: { encoding: 'aesgcm', crypto_key: 'keyid=p256dh;dh=Iy1Je2Kv11A,p256ecdsa=o2M8QfiEKuI', encryption: 'keyid=p256dh;salt=upk1yFkp1xI', }, params: { dh: 'Iy1Je2Kv11A', salt: 'upk1yFkp1xI', rs: 4096, padSize: 2, }, }, { desc: 'aesgcm with quoted key param', headers: { encoding: 'aesgcm', crypto_key: 'dh="byfHbUffc-k"', encryption: 'salt=C11AvAsp6Gc', }, params: { dh: 'byfHbUffc-k', salt: 'C11AvAsp6Gc', rs: 4096, padSize: 2, }, }, { desc: 'aesgcm with Crypto-Key and rs = 24', headers: { encoding: 'aesgcm', crypto_key: 'dh="ybuT4VDz-Bg"', encryption: 'salt=H7U7wcIoIKs; rs=24', }, params: { dh: 'ybuT4VDz-Bg', salt: 'H7U7wcIoIKs', rs: 24, padSize: 2, }, }, { desc: 'aesgcm128 with Encryption-Key and rs = 2', headers: { encoding: 'aesgcm128', encryption_key: 'keyid=legacy; dh=LqrDQuVl9lY', encryption: 'keyid=legacy; salt=YngI8B7YapM; rs=2', }, params: { dh: 'LqrDQuVl9lY', salt: 'YngI8B7YapM', rs: 2, padSize: 1, }, }, { desc: 'aesgcm128 with Encryption-Key', headers: { encoding: 'aesgcm128', encryption_key: 'keyid=v2; dh=VA6wmY1IpiE', encryption: 'keyid=v2; salt=khtpyXhpDKM', }, params: { dh: 'VA6wmY1IpiE', salt: 'khtpyXhpDKM', rs: 4096, padSize: 1, } }]; for (let test of shouldParse) { let params = getCryptoParams(test.headers); deepEqual(params, test.params, test.desc); } // These headers should be rejected. let shouldThrow = [{ desc: 'aesgcm128 with Crypto-Key', headers: { encoding: 'aesgcm128', crypto_key: 'keyid=v2; dh=VA6wmY1IpiE', encryption: 'keyid=v2; salt=F0Im7RtGgNY', }, }, { desc: 'Invalid encoding', headers: { encoding: 'nonexistent', }, }, { desc: 'Invalid record size', headers: { encoding: 'aesgcm', crypto_key: 'dh=pbmv1QkcEDY', encryption: 'dh=Esao8aTBfIk;rs=bad', }, }, { desc: 'Insufficiently large record size', headers: { encoding: 'aesgcm', crypto_key: 'dh=fK0EXaw5IU8', encryption: 'salt=orbLLmlbJfM;rs=1', }, }, { desc: 'aesgcm with Encryption-Key', headers: { encoding: 'aesgcm', encryption_key: 'dh=FplK5KkvUF0', encryption: 'salt=p6YHhFF3BQY', }, }]; for (let test of shouldThrow) { throws(() => getCryptoParams(test.headers), test.desc); } }); add_task(function* test_crypto_decodeMsg() { let privateKey = { crv: 'P-256', d: '4h23G_KkXC9TvBSK2v0Q7ImpS2YAuRd8hQyN0rFAwBg', ext: true, key_ops: ['deriveBits'], kty: 'EC', x: 'sd85ZCbEG6dEkGMCmDyGBIt454Qy-Yo-1xhbaT2Jlk4', y: 'vr3cKpQ-Sp1kpZ9HipNjUCwSA55yy0uM8N9byE8dmLs', }; let publicKey = ChromeUtils.base64URLDecode('BLHfOWQmxBunRJBjApg8hgSLeOeEMvmKPtcYW2k9iZZOvr3cKpQ-Sp1kpZ9HipNjUCwSA55yy0uM8N9byE8dmLs', { padding: "reject", }); let expectedSuccesses = [{ desc: 'padSize = 2, rs = 24, pad = 0', result: 'Some message', data: 'Oo34w2F9VVnTMFfKtdx48AZWQ9Li9M6DauWJVgXU', authSecret: 'aTDc6JebzR6eScy2oLo4RQ', headers: { crypto_key: 'dh=BCHFVrflyxibGLlgztLwKelsRZp4gqX3tNfAKFaxAcBhpvYeN1yIUMrxaDKiLh4LNKPtj0BOXGdr-IQ-QP82Wjo', encryption: 'salt=zCU18Rw3A5aB_Xi-vfixmA; rs=24', encoding: 'aesgcm', }, }, { desc: 'padSize = 2, rs = 8, pad = 16', result: 'Yet another message', data: 'uEC5B_tR-fuQ3delQcrzrDCp40W6ipMZjGZ78USDJ5sMj-6bAOVG3AK6JqFl9E6AoWiBYYvMZfwThVxmDnw6RHtVeLKFM5DWgl1EwkOohwH2EhiDD0gM3io-d79WKzOPZE9rDWUSv64JstImSfX_ADQfABrvbZkeaWxh53EG59QMOElFJqHue4dMURpsMXg', authSecret: '6plwZnSpVUbF7APDXus3UQ', headers: { crypto_key: 'dh=BEaA4gzA3i0JDuirGhiLgymS4hfFX7TNTdEhSk_HBlLpkjgCpjPL5c-GL9uBGIfa_fhGNKKFhXz1k9Kyens2ZpQ', encryption: 'salt=ZFhzj0S-n29g9P2p4-I7tA; rs=8', encoding: 'aesgcm', }, }, { desc: 'padSize = 1, rs = 4096, pad = 2', result: 'aesgcm128 encrypted message', data: 'ljBJ44NPzJFH9EuyT5xWMU4vpZ90MdAqaq1TC1kOLRoPNHtNFXeJ0GtuSaE', headers: { encryption_key: 'dh=BOmnfg02vNd6RZ7kXWWrCGFF92bI-rQ-bV0Pku3-KmlHwbGv4ejWqgasEdLGle5Rhmp6SKJunZw2l2HxKvrIjfI', encryption: 'salt=btxxUtclbmgcc30b9rT3Bg; rs=4096', encoding: 'aesgcm128', }, }, { desc: 'padSize = 2, rs = 3, pad = 0', result: 'Small record size', data: 'oY4e5eDatDVt2fpQylxbPJM-3vrfhDasfPc8Q1PWt4tPfMVbz_sDNL_cvr0DXXkdFzS1lxsJsj550USx4MMl01ihjImXCjrw9R5xFgFrCAqJD3GwXA1vzS4T5yvGVbUp3SndMDdT1OCcEofTn7VC6xZ-zP8rzSQfDCBBxmPU7OISzr8Z4HyzFCGJeBfqiZ7yUfNlKF1x5UaZ4X6iU_TXx5KlQy_toV1dXZ2eEAMHJUcSdArvB6zRpFdEIxdcHcJyo1BIYgAYTDdAIy__IJVCPY_b2CE5W_6ohlYKB7xDyH8giNuWWXAgBozUfScLUVjPC38yJTpAUi6w6pXgXUWffende5FreQpnMFL1L4G-38wsI_-ISIOzdO8QIrXHxmtc1S5xzYu8bMqSgCinvCEwdeGFCmighRjj8t1zRWo0D14rHbQLPR_b1P5SvEeJTtS9Nm3iibM', authSecret: 'g2rWVHUCpUxgcL9Tz7vyeQ', headers: { crypto_key: 'dh=BCg6ZIGuE2ZNm2ti6Arf4CDVD_8--aLXAGLYhpghwjl1xxVjTLLpb7zihuEOGGbyt8Qj0_fYHBP4ObxwJNl56bk', encryption: 'salt=5LIDBXbvkBvvb7ZdD-T4PQ; rs=3', encoding: 'aesgcm', }, }]; for (let test of expectedSuccesses) { let authSecret = test.authSecret ? ChromeUtils.base64URLDecode(test.authSecret, { padding: "reject", }) : null; let data = ChromeUtils.base64URLDecode(test.data, { padding: "reject", }); let result = yield PushCrypto.decrypt(privateKey, publicKey, authSecret, test.headers, data); let decoder = new TextDecoder('utf-8'); equal(decoder.decode(new Uint8Array(result)), test.result, test.desc); } let expectedFailures = [{ desc: 'padSize = 1, rs = 4096, auth secret, pad = 8', data: 'h0FmyldY8aT5EQ6CJrbfRn_IdDvytoLeHb9_q5CjtdFRfgDRknxLmOzavLaVG4oOiS0r', senderPublicKey: '', authSecret: 'Sxb6u0gJIhGEogyLawjmCw', headers: { crypto_key: 'dh=BCXHk7O8CE-9AOp6xx7g7c-NCaNpns1PyyHpdcmDaijLbT6IdGq0ezGatBwtFc34BBfscFxdk4Tjksa2Mx5rRCM', encryption: 'salt=aGBpoKklLtrLcAUCcCr7JQ', encoding: 'aesgcm128', }, }, { desc: 'Missing padding', data: 'anvsHj7oBQTPMhv7XSJEsvyMS4-8EtbC7HgFZsKaTg', headers: { crypto_key: 'dh=BMSqfc3ohqw2DDgu3nsMESagYGWubswQPGxrW1bAbYKD18dIHQBUmD3ul_lu7MyQiT5gNdzn5JTXQvCcpf-oZE4', encryption: 'salt=Czx2i18rar8XWOXAVDnUuw', encoding: 'aesgcm128', }, }, { desc: 'padSize > rs', data: 'Ct_h1g7O55e6GvuhmpjLsGnv8Rmwvxgw8iDESNKGxk_8E99iHKDzdV8wJPyHA-6b2E6kzuVa5UWiQ7s4Zms1xzJ4FKgoxvBObXkc_r_d4mnb-j245z3AcvRmcYGk5_HZ0ci26SfhAN3lCgxGzTHS4nuHBRkGwOb4Tj4SFyBRlLoTh2jyVK2jYugNjH9tTrGOBg7lP5lajLTQlxOi91-RYZSfFhsLX3LrAkXuRoN7G1CdiI7Y3_eTgbPIPabDcLCnGzmFBTvoJSaQF17huMl_UnWoCj2WovA4BwK_TvWSbdgElNnQ4CbArJ1h9OqhDOphVu5GUGr94iitXRQR-fqKPMad0ULLjKQWZOnjuIdV1RYEZ873r62Yyd31HoveJcSDb1T8l_QK2zVF8V4k0xmK9hGuC0rF5YJPYPHgl5__usknzxMBnRrfV5_MOL5uPZwUEFsu', headers: { crypto_key: 'dh=BAcMdWLJRGx-kPpeFtwqR3GE1LWzd1TYh2rg6CEFu53O-y3DNLkNe_BtGtKRR4f7ZqpBMVS6NgfE2NwNPm3Ndls', encryption: 'salt=NQVTKhB0rpL7ZzKkotTGlA; rs=1', encoding: 'aesgcm', }, }, { desc: 'Encrypted with padSize = 1, decrypted with padSize = 2 and auth secret', data: 'fwkuwTTChcLnrzsbDI78Y2EoQzfnbMI8Ax9Z27_rwX8', authSecret: 'BhbpNTWyO5wVJmVKTV6XaA', headers: { crypto_key: 'dh=BCHn-I-J3dfPRLJBlNZ3xFoAqaBLZ6qdhpaz9W7Q00JW1oD-hTxyEECn6KYJNK8AxKUyIDwn6Icx_PYWJiEYjQ0', encryption: 'salt=c6JQl9eJ0VvwrUVCQDxY7Q', encoding: 'aesgcm', }, }, { desc: 'Truncated input', data: 'AlDjj6NvT5HGyrHbT8M5D6XBFSra6xrWS9B2ROaCIjwSu3RyZ1iyuv0', headers: { crypto_key: 'dh=BCHn-I-J3dfPRLJBlNZ3xFoAqaBLZ6qdhpaz9W7Q00JW1oD-hTxyEECn6KYJNK8AxKUyIDwn6Icx_PYWJiEYjQ0', encryption: 'salt=c6JQl9eJ0VvwrUVCQDxY7Q; rs=25', encoding: 'aesgcm', }, }]; for (let test of expectedFailures) { let authSecret = test.authSecret ? ChromeUtils.base64URLDecode(test.authSecret, { padding: "reject", }) : null; let data = ChromeUtils.base64URLDecode(test.data, { padding: "reject", }); yield rejects( PushCrypto.decrypt(privateKey, publicKey, authSecret, test.headers, data), test.desc ); } });