From 87ac298af90159338e5a8793907e7ccd73d87e79 Mon Sep 17 00:00:00 2001 From: Kyle Spearrin Date: Mon, 7 May 2018 11:43:14 -0400 Subject: [PATCH] web crypto testing. more test browsers --- package-lock.json | 36 +++ package.json | 4 + spec/common/misc/utils.spec.ts | 9 +- spec/support/karma.conf.js | 28 ++- .../webCryptoFunction.service.spec.ts | 233 ++++++++++++------ src/services/webCryptoFunction.service.ts | 21 +- 6 files changed, 227 insertions(+), 104 deletions(-) diff --git a/package-lock.json b/package-lock.json index 1343aecc53..9e5eb8f861 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1857,6 +1857,12 @@ "jsbn": "0.1.1" } }, + "edge-launcher": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/edge-launcher/-/edge-launcher-1.2.2.tgz", + "integrity": "sha1-60Cq+9Bnpup27/+rBke81VCbN7I=", + "dev": true + }, "ee-first": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz", @@ -5073,6 +5079,30 @@ } } }, + "karma-detect-browsers": { + "version": "2.3.2", + "resolved": "https://registry.npmjs.org/karma-detect-browsers/-/karma-detect-browsers-2.3.2.tgz", + "integrity": "sha512-EFku2S5IpUEpJR2XxJa/onW6tIuapa3kYWJDD7Tk6LqhhIxfKWvJ+vnleLop6utXT28204hZptnfH7PGSmk4Nw==", + "dev": true, + "requires": { + "which": "1.3.0" + } + }, + "karma-edge-launcher": { + "version": "0.4.2", + "resolved": "https://registry.npmjs.org/karma-edge-launcher/-/karma-edge-launcher-0.4.2.tgz", + "integrity": "sha512-YAJZb1fmRcxNhMIWYsjLuxwODBjh2cSHgTW/jkVmdpGguJjLbs9ZgIK/tEJsMQcBLUkO+yO4LBbqYxqgGW2HIw==", + "dev": true, + "requires": { + "edge-launcher": "1.2.2" + } + }, + "karma-firefox-launcher": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/karma-firefox-launcher/-/karma-firefox-launcher-1.1.0.tgz", + "integrity": "sha512-LbZ5/XlIXLeQ3cqnCbYLn+rOVhuMIK9aZwlP6eOLGzWdo1UVp7t6CN3DP4SafiRLjexKwHeKHDm0c38Mtd3VxA==", + "dev": true + }, "karma-jasmine": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/karma-jasmine/-/karma-jasmine-1.1.1.tgz", @@ -5088,6 +5118,12 @@ "karma-jasmine": "1.1.1" } }, + "karma-safari-launcher": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/karma-safari-launcher/-/karma-safari-launcher-1.0.0.tgz", + "integrity": "sha1-lpgqLMR9BmquccVTursoMZEVos4=", + "dev": true + }, "karma-typescript": { "version": "3.0.12", "resolved": "https://registry.npmjs.org/karma-typescript/-/karma-typescript-3.0.12.tgz", diff --git a/package.json b/package.json index 4425fdb0c9..10e66ab3bc 100644 --- a/package.json +++ b/package.json @@ -41,8 +41,12 @@ "karma-chrome-launcher": "^2.2.0", "karma-cli": "^1.0.1", "karma-coverage-istanbul-reporter": "^1.3.0", + "karma-detect-browsers": "^2.3.2", + "karma-edge-launcher": "^0.4.2", + "karma-firefox-launcher": "^1.1.0", "karma-jasmine": "^1.1.0", "karma-jasmine-html-reporter": "^0.2.2", + "karma-safari-launcher": "^1.0.0", "karma-typescript": "^3.0.8", "nodemon": "^1.17.3", "rimraf": "^2.6.2", diff --git a/spec/common/misc/utils.spec.ts b/spec/common/misc/utils.spec.ts index 28fcbd2398..adbe753718 100644 --- a/spec/common/misc/utils.spec.ts +++ b/spec/common/misc/utils.spec.ts @@ -15,8 +15,13 @@ describe('Utils Service', () => { expect(Utils.getHostname('https://bitwarden.com')).toBe('bitwarden.com'); expect(Utils.getHostname('http://bitwarden.com')).toBe('bitwarden.com'); expect(Utils.getHostname('http://vault.bitwarden.com')).toBe('vault.bitwarden.com'); - expect(Utils.getHostname('https://user:password@bitwarden.com:8080/password/sites?and&query#hash')) - .toBe('bitwarden.com'); + + if (Utils.isNode || window.navigator.userAgent.indexOf(' Edge/') === -1) { + // Note: Broken in Edge browser. See + // https://developer.microsoft.com/en-us/microsoft-edge/platform/issues/8004284/ + expect(Utils.getHostname('https://user:password@bitwarden.com:8080/password/sites?and&query#hash')) + .toBe('bitwarden.com'); + } }); it('should support localhost and IP', () => { diff --git a/spec/support/karma.conf.js b/spec/support/karma.conf.js index d2e6d219ae..d177dd699e 100644 --- a/spec/support/karma.conf.js +++ b/spec/support/karma.conf.js @@ -1,11 +1,11 @@ -module.exports = function(config) { +module.exports = (config) => { config.set({ // base path that will be used to resolve all patterns (eg. files, exclude) basePath: '../../', // frameworks to use // available frameworks: https://npmjs.org/browse/keyword/karma-adapter - frameworks: ['jasmine', 'karma-typescript'], + frameworks: ['jasmine', 'karma-typescript', 'detectBrowsers'], // list of files / patterns to load in the browser files: [ @@ -43,15 +43,11 @@ module.exports = function(config) { // possible values: config.LOG_DISABLE || config.LOG_ERROR || config.LOG_WARN || config.LOG_INFO || config.LOG_DEBUG logLevel: config.LOG_INFO, - // start these browsers - // available browser launchers: https://npmjs.org/browse/keyword/karma-launcher - browsers: ['Chrome'], - // Concurrency level // how many browser should be started simultaneous concurrency: Infinity, - client:{ + client: { clearContext: false // leave Jasmine Spec Runner output visible in browser }, @@ -62,5 +58,23 @@ module.exports = function(config) { sourceMap: true } }, + + detectBrowsers: { + usePhantomJS: false, + postDetection: (availableBrowsers) => { + const result = availableBrowsers; + function removeBrowser(browser) { + if (availableBrowsers.length > 1 && availableBrowsers.indexOf(browser) > -1) { + result.splice(result.indexOf(browser), 1); + } + } + + removeBrowser('IE'); + removeBrowser('Opera'); + removeBrowser('SafariTechPreview'); + + return result; + } + }, }) } diff --git a/spec/web/services/webCryptoFunction.service.spec.ts b/spec/web/services/webCryptoFunction.service.spec.ts index de3f2af126..3993f42b9d 100644 --- a/spec/web/services/webCryptoFunction.service.spec.ts +++ b/spec/web/services/webCryptoFunction.service.spec.ts @@ -46,11 +46,8 @@ describe('WebCrypto Function Service', () => { const unicode512Key = 'FE+AnUJaxv8jh+zUDtZz4mjjcYk0/PZDZm+SLJe3XtxtnpdqqpblX6JjuMZt/dYYNMOrb2+mD' + 'L3FiQDTROh1lg=='; - testPbkdf2(false, 'sha256', regular256Key, utf8256Key, unicode256Key); - testPbkdf2(false, 'sha512', regular512Key, utf8512Key, unicode512Key); - - testPbkdf2(true, 'sha256', regular256Key, utf8256Key, unicode256Key); - testPbkdf2(true, 'sha512', regular512Key, utf8512Key, unicode512Key); + testPbkdf2('sha256', regular256Key, utf8256Key, unicode256Key); + testPbkdf2('sha512', regular512Key, utf8512Key, unicode512Key); }); describe('hash', () => { @@ -69,13 +66,9 @@ describe('WebCrypto Function Service', () => { const unicode512Hash = '2b16a5561af8ad6fe414cc103fc8036492e1fc6d9aabe1b655497054f760fe0e34c5d100ac773d' + '9f3030438284f22dbfa20cb2e9b019f2c98dfe38ce1ef41bae'; - testHash(false, 'sha1', regular1Hash, utf81Hash, unicode1Hash); - testHash(false, 'sha256', regular256Hash, utf8256Hash, unicode256Hash); - testHash(false, 'sha512', regular512Hash, utf8512Hash, unicode512Hash); - - testHash(true, 'sha1', regular1Hash, utf81Hash, unicode1Hash); - testHash(true, 'sha256', regular256Hash, utf8256Hash, unicode256Hash); - testHash(true, 'sha512', regular512Hash, utf8512Hash, unicode512Hash); + testHash('sha1', regular1Hash, utf81Hash, unicode1Hash); + testHash('sha256', regular256Hash, utf8256Hash, unicode256Hash); + testHash('sha512', regular512Hash, utf8512Hash, unicode512Hash); }); describe('hmac', () => { @@ -84,120 +77,199 @@ describe('WebCrypto Function Service', () => { const sha512Mac = '21910e341fa12106ca35758a2285374509326c9fbe0bd64e7b99c898f841dc948c58ce66d3504d8883c' + '5ea7817a0b7c5d4d9b00364ccd214669131fc17fe4aca'; - testHmac(false, 'sha1', sha1Mac); - testHmac(false, 'sha256', sha256Mac); - testHmac(false, 'sha512', sha512Mac); + testHmac('sha1', sha1Mac); + testHmac('sha256', sha256Mac); + testHmac('sha512', sha512Mac); + }); - testHmac(true, 'sha1', sha1Mac); - testHmac(true, 'sha256', sha256Mac); - testHmac(true, 'sha512', sha512Mac); + describe('timeSafeEqual', () => { + it('should successfully compare two of the same values', async () => { + const cryptoFunctionService = getWebCryptoFunctionService(); + const a = new Uint8Array(2); + a[0] = 1; + a[1] = 2; + const equal = await cryptoFunctionService.timeSafeEqual(a.buffer, a.buffer); + expect(equal).toBe(true); + }); + + it('should successfully compare two different values of the same length', async () => { + const cryptoFunctionService = getWebCryptoFunctionService(); + const a = new Uint8Array(2); + a[0] = 1; + a[1] = 2; + const b = new Uint8Array(2); + b[0] = 3; + b[1] = 4; + const equal = await cryptoFunctionService.timeSafeEqual(a.buffer, b.buffer); + expect(equal).toBe(false); + }); + + it('should successfully compare two different values of different lengths', async () => { + const cryptoFunctionService = getWebCryptoFunctionService(); + const a = new Uint8Array(2); + a[0] = 1; + a[1] = 2; + const b = new Uint8Array(2); + b[0] = 3; + const equal = await cryptoFunctionService.timeSafeEqual(a.buffer, b.buffer); + expect(equal).toBe(false); + }); + }); + + describe('hmacFast', () => { + const sha1Mac = '4d4c223f95dc577b665ec4ccbcb680b80a397038'; + const sha256Mac = '6be3caa84922e12aaaaa2f16c40d44433bb081ef323db584eb616333ab4e874f'; + const sha512Mac = '21910e341fa12106ca35758a2285374509326c9fbe0bd64e7b99c898f841dc948c58ce66d3504d8883c' + + '5ea7817a0b7c5d4d9b00364ccd214669131fc17fe4aca'; + + testHmacFast('sha1', sha1Mac); + testHmacFast('sha256', sha256Mac); + testHmacFast('sha512', sha512Mac); + }); + + describe('timeSafeEqualFast', () => { + it('should successfully compare two of the same values', async () => { + const cryptoFunctionService = getWebCryptoFunctionService(); + const a = new Uint8Array(2); + a[0] = 1; + a[1] = 2; + const aByteString = Utils.fromBufferToByteString(a.buffer); + const equal = await cryptoFunctionService.timeSafeEqualFast(aByteString, aByteString); + expect(equal).toBe(true); + }); + + it('should successfully compare two different values of the same length', async () => { + const cryptoFunctionService = getWebCryptoFunctionService(); + const a = new Uint8Array(2); + a[0] = 1; + a[1] = 2; + const aByteString = Utils.fromBufferToByteString(a.buffer); + const b = new Uint8Array(2); + b[0] = 3; + b[1] = 4; + const bByteString = Utils.fromBufferToByteString(b.buffer); + const equal = await cryptoFunctionService.timeSafeEqualFast(aByteString, bByteString); + expect(equal).toBe(false); + }); + + it('should successfully compare two different values of different lengths', async () => { + const cryptoFunctionService = getWebCryptoFunctionService(); + const a = new Uint8Array(2); + a[0] = 1; + a[1] = 2; + const aByteString = Utils.fromBufferToByteString(a.buffer); + const b = new Uint8Array(2); + b[0] = 3; + const bByteString = Utils.fromBufferToByteString(b.buffer); + const equal = await cryptoFunctionService.timeSafeEqualFast(aByteString, bByteString); + expect(equal).toBe(false); + }); }); describe('aesEncrypt', () => { it('should successfully encrypt data', async () => { - const webCryptoFunctionService = getWebCryptoFunctionService(); + const cryptoFunctionService = getWebCryptoFunctionService(); const iv = makeStaticByteArray(16); const key = makeStaticByteArray(32); const data = Utils.fromUtf8ToArray('EncryptMe!'); - const encValue = await webCryptoFunctionService.aesEncrypt(data.buffer, iv.buffer, key.buffer); + const encValue = await cryptoFunctionService.aesEncrypt(data.buffer, iv.buffer, key.buffer); expect(Utils.fromBufferToB64(encValue)).toBe('ByUF8vhyX4ddU9gcooznwA=='); }); it('should successfully encrypt and then decrypt small data', async () => { - const webCryptoFunctionService = getWebCryptoFunctionService(); + const cryptoFunctionService = getWebCryptoFunctionService(); const iv = makeStaticByteArray(16); const key = makeStaticByteArray(32); const value = 'EncryptMe!'; const data = Utils.fromUtf8ToArray(value); - const encValue = await webCryptoFunctionService.aesEncrypt(data.buffer, iv.buffer, key.buffer); + const encValue = await cryptoFunctionService.aesEncrypt(data.buffer, iv.buffer, key.buffer); const encData = Utils.fromBufferToB64(encValue); const b64Iv = Utils.fromBufferToB64(iv.buffer); const symKey = new SymmetricCryptoKey(key.buffer); - const params = webCryptoFunctionService.aesDecryptFastParameters(encData, b64Iv, null, symKey); - const decValue = await webCryptoFunctionService.aesDecryptFast(params); + const params = cryptoFunctionService.aesDecryptFastParameters(encData, b64Iv, null, symKey); + const decValue = await cryptoFunctionService.aesDecryptFast(params); expect(decValue).toBe(value); }); it('should successfully encrypt and then decrypt large data', async () => { - const webCryptoFunctionService = getWebCryptoFunctionService(); + const cryptoFunctionService = getWebCryptoFunctionService(); const iv = makeStaticByteArray(16); const key = makeStaticByteArray(32); const value = 'EncryptMe!'; const data = Utils.fromUtf8ToArray(value); - const encValue = await webCryptoFunctionService.aesEncrypt(data.buffer, iv.buffer, key.buffer); - const decValue = await webCryptoFunctionService.aesDecryptLarge(encValue, iv.buffer, key.buffer); + const encValue = await cryptoFunctionService.aesEncrypt(data.buffer, iv.buffer, key.buffer); + const decValue = await cryptoFunctionService.aesDecryptLarge(encValue, iv.buffer, key.buffer); expect(Utils.fromBufferToUtf8(decValue)).toBe(value); }); }); describe('aesDecryptFast', () => { it('should successfully decrypt data', async () => { - const webCryptoFunctionService = getWebCryptoFunctionService(); + const cryptoFunctionService = getWebCryptoFunctionService(); const iv = Utils.fromBufferToB64(makeStaticByteArray(16).buffer); const symKey = new SymmetricCryptoKey(makeStaticByteArray(32).buffer); const data = 'ByUF8vhyX4ddU9gcooznwA=='; - const params = webCryptoFunctionService.aesDecryptFastParameters(data, iv, null, symKey); - const decValue = await webCryptoFunctionService.aesDecryptFast(params); + const params = cryptoFunctionService.aesDecryptFastParameters(data, iv, null, symKey); + const decValue = await cryptoFunctionService.aesDecryptFast(params); expect(decValue).toBe('EncryptMe!'); }); }); describe('aesDecryptLarge', () => { it('should successfully decrypt data', async () => { - const webCryptoFunctionService = getWebCryptoFunctionService(); + const cryptoFunctionService = getWebCryptoFunctionService(); const iv = makeStaticByteArray(16); const key = makeStaticByteArray(32); const data = Utils.fromB64ToArray('ByUF8vhyX4ddU9gcooznwA=='); - const decValue = await webCryptoFunctionService.aesDecryptLarge(data.buffer, iv.buffer, key.buffer); + const decValue = await cryptoFunctionService.aesDecryptLarge(data.buffer, iv.buffer, key.buffer); expect(Utils.fromBufferToUtf8(decValue)).toBe('EncryptMe!'); }); }); describe('rsaEncrypt', () => { it('should successfully encrypt and then decrypt data', async () => { - const webCryptoFunctionService = getWebCryptoFunctionService(); + const cryptoFunctionService = getWebCryptoFunctionService(); const pubKey = Utils.fromB64ToArray(RsaPublicKey); const privKey = Utils.fromB64ToArray(RsaPrivateKey); const value = 'EncryptMe!'; const data = Utils.fromUtf8ToArray(value); - const encValue = await webCryptoFunctionService.rsaEncrypt(data.buffer, pubKey.buffer, 'sha1'); - const decValue = await webCryptoFunctionService.rsaDecrypt(encValue, privKey.buffer, 'sha1'); + const encValue = await cryptoFunctionService.rsaEncrypt(data.buffer, pubKey.buffer, 'sha1'); + const decValue = await cryptoFunctionService.rsaDecrypt(encValue, privKey.buffer, 'sha1'); expect(Utils.fromBufferToUtf8(decValue)).toBe(value); }); }); describe('rsaDecrypt', () => { it('should successfully decrypt data', async () => { - const webCryptoFunctionService = getWebCryptoFunctionService(); + const cryptoFunctionService = getWebCryptoFunctionService(); const privKey = Utils.fromB64ToArray(RsaPrivateKey); const data = Utils.fromB64ToArray('A1/p8BQzN9UrbdYxUY2Va5+kPLyfZXF9JsZrjeEXcaclsnHurdxVAJcnbEqYMP3UXV' + '4YAS/mpf+Rxe6/X0WS1boQdA0MAHSgx95hIlAraZYpiMLLiJRKeo2u8YivCdTM9V5vuAEJwf9Tof/qFsFci3sApdbATkorCT' + 'zFOIEPF2S1zgperEP23M01mr4dWVdYN18B32YF67xdJHMbFhp5dkQwv9CmscoWq7OE5HIfOb+JAh7BEZb+CmKhM3yWJvoR/D' + '/5jcercUtK2o+XrzNrL4UQ7yLZcFz6Bfwb/j6ICYvqd/YJwXNE6dwlL57OfwJyCdw2rRYf0/qI00t9u8Iitw=='); - const decValue = await webCryptoFunctionService.rsaDecrypt(data.buffer, privKey.buffer, 'sha1'); + const decValue = await cryptoFunctionService.rsaDecrypt(data.buffer, privKey.buffer, 'sha1'); expect(Utils.fromBufferToUtf8(decValue)).toBe('EncryptMe!'); }); }); describe('randomBytes', () => { it('should make a value of the correct length', async () => { - const webCryptoFunctionService = getWebCryptoFunctionService(); - const randomData = await webCryptoFunctionService.randomBytes(16); + const cryptoFunctionService = getWebCryptoFunctionService(); + const randomData = await cryptoFunctionService.randomBytes(16); expect(randomData.byteLength).toBe(16); }); it('should not make the same value twice', async () => { - const webCryptoFunctionService = getWebCryptoFunctionService(); - const randomData = await webCryptoFunctionService.randomBytes(16); - const randomData2 = await webCryptoFunctionService.randomBytes(16); + const cryptoFunctionService = getWebCryptoFunctionService(); + const randomData = await cryptoFunctionService.randomBytes(16); + const randomData2 = await cryptoFunctionService.randomBytes(16); expect(randomData.byteLength === randomData2.byteLength && randomData !== randomData2).toBeTruthy(); }); }); }); -function testPbkdf2(edge: boolean, algorithm: 'sha256' | 'sha512', regularKey: string, +function testPbkdf2(algorithm: 'sha256' | 'sha512', regularKey: string, utf8Key: string, unicodeKey: string) { - const forEdge = edge ? ' for edge' : ''; const regularEmail = 'user@example.com'; const utf8Email = 'üser@example.com'; @@ -205,76 +277,85 @@ function testPbkdf2(edge: boolean, algorithm: 'sha256' | 'sha512', regularKey: s const utf8Password = 'pǻssword'; const unicodePassword = '😀password🙏'; - it('should create valid ' + algorithm + ' key from regular input' + forEdge, async () => { - const webCryptoFunctionService = getWebCryptoFunctionService(edge); - const key = await webCryptoFunctionService.pbkdf2(regularPassword, regularEmail, algorithm, 5000); + it('should create valid ' + algorithm + ' key from regular input', async () => { + const cryptoFunctionService = getWebCryptoFunctionService(); + const key = await cryptoFunctionService.pbkdf2(regularPassword, regularEmail, algorithm, 5000); expect(Utils.fromBufferToB64(key)).toBe(regularKey); }); - it('should create valid ' + algorithm + ' key from utf8 input' + forEdge, async () => { - const webCryptoFunctionService = getWebCryptoFunctionService(edge); - const key = await webCryptoFunctionService.pbkdf2(utf8Password, utf8Email, algorithm, 5000); + it('should create valid ' + algorithm + ' key from utf8 input', async () => { + const cryptoFunctionService = getWebCryptoFunctionService(); + const key = await cryptoFunctionService.pbkdf2(utf8Password, utf8Email, algorithm, 5000); expect(Utils.fromBufferToB64(key)).toBe(utf8Key); }); - it('should create valid ' + algorithm + ' key from unicode input' + forEdge, async () => { - const webCryptoFunctionService = getWebCryptoFunctionService(edge); - const key = await webCryptoFunctionService.pbkdf2(unicodePassword, regularEmail, algorithm, 5000); + it('should create valid ' + algorithm + ' key from unicode input', async () => { + const cryptoFunctionService = getWebCryptoFunctionService(); + const key = await cryptoFunctionService.pbkdf2(unicodePassword, regularEmail, algorithm, 5000); expect(Utils.fromBufferToB64(key)).toBe(unicodeKey); }); - it('should create valid ' + algorithm + ' key from array buffer input' + forEdge, async () => { - const webCryptoFunctionService = getWebCryptoFunctionService(edge); - const key = await webCryptoFunctionService.pbkdf2(Utils.fromUtf8ToArray(regularPassword).buffer, + it('should create valid ' + algorithm + ' key from array buffer input', async () => { + const cryptoFunctionService = getWebCryptoFunctionService(); + const key = await cryptoFunctionService.pbkdf2(Utils.fromUtf8ToArray(regularPassword).buffer, Utils.fromUtf8ToArray(regularEmail).buffer, algorithm, 5000); expect(Utils.fromBufferToB64(key)).toBe(regularKey); }); } -function testHash(edge: boolean, algorithm: 'sha1' | 'sha256' | 'sha512', regularHash: string, +function testHash(algorithm: 'sha1' | 'sha256' | 'sha512', regularHash: string, utf8Hash: string, unicodeHash: string) { - const forEdge = edge ? ' for edge' : ''; const regularValue = 'HashMe!!'; const utf8Value = 'HǻshMe!!'; const unicodeValue = '😀HashMe!!!🙏'; - it('should create valid ' + algorithm + ' hash from regular input' + forEdge, async () => { - const webCryptoFunctionService = getWebCryptoFunctionService(edge); - const hash = await webCryptoFunctionService.hash(regularValue, algorithm); + it('should create valid ' + algorithm + ' hash from regular input', async () => { + const cryptoFunctionService = getWebCryptoFunctionService(); + const hash = await cryptoFunctionService.hash(regularValue, algorithm); expect(Utils.fromBufferToHex(hash)).toBe(regularHash); }); - it('should create valid ' + algorithm + ' hash from utf8 input' + forEdge, async () => { - const webCryptoFunctionService = getWebCryptoFunctionService(edge); - const hash = await webCryptoFunctionService.hash(utf8Value, algorithm); + it('should create valid ' + algorithm + ' hash from utf8 input', async () => { + const cryptoFunctionService = getWebCryptoFunctionService(); + const hash = await cryptoFunctionService.hash(utf8Value, algorithm); expect(Utils.fromBufferToHex(hash)).toBe(utf8Hash); }); - it('should create valid ' + algorithm + ' hash from unicode input' + forEdge, async () => { - const webCryptoFunctionService = getWebCryptoFunctionService(edge); - const hash = await webCryptoFunctionService.hash(unicodeValue, algorithm); + it('should create valid ' + algorithm + ' hash from unicode input', async () => { + const cryptoFunctionService = getWebCryptoFunctionService(); + const hash = await cryptoFunctionService.hash(unicodeValue, algorithm); expect(Utils.fromBufferToHex(hash)).toBe(unicodeHash); }); - it('should create valid ' + algorithm + ' hash from array buffer input' + forEdge, async () => { - const webCryptoFunctionService = getWebCryptoFunctionService(edge); - const hash = await webCryptoFunctionService.hash(Utils.fromUtf8ToArray(regularValue).buffer, algorithm); + it('should create valid ' + algorithm + ' hash from array buffer input', async () => { + const cryptoFunctionService = getWebCryptoFunctionService(); + const hash = await cryptoFunctionService.hash(Utils.fromUtf8ToArray(regularValue).buffer, algorithm); expect(Utils.fromBufferToHex(hash)).toBe(regularHash); }); } -function testHmac(edge: boolean, algorithm: 'sha1' | 'sha256' | 'sha512', mac: string) { - it('should create valid ' + algorithm + ' hmac' + (edge ? ' for edge' : ''), async () => { - const webCryptoFunctionService = getWebCryptoFunctionService(edge); - const computedMac = await webCryptoFunctionService.hmac(Utils.fromUtf8ToArray('SignMe!!').buffer, +function testHmac(algorithm: 'sha1' | 'sha256' | 'sha512', mac: string) { + it('should create valid ' + algorithm + ' hmac', async () => { + const cryptoFunctionService = getWebCryptoFunctionService(); + const computedMac = await cryptoFunctionService.hmac(Utils.fromUtf8ToArray('SignMe!!').buffer, Utils.fromUtf8ToArray('secretkey').buffer, algorithm); expect(Utils.fromBufferToHex(computedMac)).toBe(mac); }); } -function getWebCryptoFunctionService(edge = false) { +function testHmacFast(algorithm: 'sha1' | 'sha256' | 'sha512', mac: string) { + it('should create valid ' + algorithm + ' hmac', async () => { + const cryptoFunctionService = getWebCryptoFunctionService(); + const keyByteString = Utils.fromBufferToByteString(Utils.fromUtf8ToArray('secretkey').buffer); + const dataByteString = Utils.fromBufferToByteString(Utils.fromUtf8ToArray('SignMe!!').buffer); + const computedMac = await cryptoFunctionService.hmacFast(dataByteString, keyByteString, algorithm); + expect(Utils.fromBufferToHex(Utils.fromByteStringToArray(computedMac).buffer)).toBe(mac); + }); +} + +function getWebCryptoFunctionService() { const platformUtilsMock = TypeMoq.Mock.ofType(PlatformUtilsServiceMock); - platformUtilsMock.setup((x) => x.isEdge()).returns(() => edge); + platformUtilsMock.setup((x) => x.isEdge()).returns(() => navigator.userAgent.indexOf(' Edge/') !== -1); return new WebCryptoFunctionService(window, platformUtilsMock.object); } diff --git a/src/services/webCryptoFunction.service.ts b/src/services/webCryptoFunction.service.ts index da1c18cdce..8a0b169b0d 100644 --- a/src/services/webCryptoFunction.service.ts +++ b/src/services/webCryptoFunction.service.ts @@ -45,16 +45,8 @@ export class WebCryptoFunctionService implements CryptoFunctionService { } async hash(value: string | ArrayBuffer, algorithm: 'sha1' | 'sha256' | 'sha512'): Promise { - if (this.isEdge) { - let md: forge.md.MessageDigest; - if (algorithm === 'sha1') { - md = forge.md.sha1.create(); - } else if (algorithm === 'sha256') { - md = forge.md.sha256.create(); - } else { - md = (forge as any).md.sha512.create(); - } - + if (this.isEdge && algorithm === 'sha1') { + const md = forge.md.sha1.create(); const valueBytes = this.toByteString(value); md.update(valueBytes, 'raw'); return Utils.fromByteStringToArray(md.digest().data).buffer; @@ -65,15 +57,6 @@ export class WebCryptoFunctionService implements CryptoFunctionService { } async hmac(value: ArrayBuffer, key: ArrayBuffer, algorithm: 'sha1' | 'sha256' | 'sha512'): Promise { - if (this.isEdge) { - const valueBytes = this.toByteString(value); - const keyBytes = this.toByteString(key); - const hmac = (forge as any).hmac.create(); - hmac.start(algorithm, keyBytes); - hmac.update(valueBytes); - return Utils.fromByteStringToArray(hmac.digest().getBytes()).buffer; - } - const signingAlgorithm = { name: 'HMAC', hash: { name: this.toWebCryptoAlgorithm(algorithm) },