94 lines
2.9 KiB
TypeScript
94 lines
2.9 KiB
TypeScript
import {PrivateBox, PrivateWrap, SecretBox, SecretWrap, signature} from '..'
|
|
import {beforeAll, expect, test} from 'bun:test'
|
|
|
|
let wrap_key!: CryptoKey
|
|
|
|
beforeAll(async () => {
|
|
wrap_key = await SecretWrap.gen(true)
|
|
})
|
|
|
|
async function seal(key: CryptoKey): Promise<CryptoKey> {
|
|
const box = await SecretWrap.wrap(key, wrap_key)
|
|
expect(box).not.toBeNull()
|
|
const unboxed = await box!.unwrap(wrap_key)
|
|
expect(unboxed).not.toBeNull()
|
|
return unboxed!
|
|
}
|
|
async function cant_seal(key: CryptoKey): Promise<void> {
|
|
expect(key.extractable).toBeFalse()
|
|
const box = await SecretWrap.wrap(key, wrap_key)
|
|
expect(box).toBeNull()
|
|
}
|
|
|
|
test('Signature', async () => {
|
|
const k = await signature.gen(true)
|
|
const privk = await seal(k.privateKey)
|
|
|
|
const message = new Uint8Array(8)
|
|
const signed = await signature.sign(message, privk)
|
|
const verification = await signature.verify(message, k.publicKey, signed)
|
|
expect(verification).toBeTrue()
|
|
})
|
|
test('SecretWrap', async () => {
|
|
let k = await SecretWrap.gen(true)
|
|
const box = await SecretWrap.wrap(k, k) // Please kids, never do this for real !
|
|
expect(box).not.toBeNull()
|
|
k = await seal(k)
|
|
|
|
const unbox = await box!.unwrap(k)
|
|
expect(unbox).not.toBeNull()
|
|
expect(unbox).toEqual(k)
|
|
})
|
|
test('SecretBox', async () => {
|
|
const message = crypto.getRandomValues(new Uint8Array(8))
|
|
let k = await SecretBox.gen(true)
|
|
const box = await SecretBox.encrypt(message, k)
|
|
expect(box).not.toBeNull()
|
|
k = await seal(k)
|
|
|
|
const unbox = await box!.decrypt(k)
|
|
expect(unbox).not.toBeNull()
|
|
expect(unbox).toEqual(message)
|
|
})
|
|
test('PrivateWrap', async () => {
|
|
const k = await PrivateWrap.gen(true)
|
|
const box = await PrivateWrap.wrap(wrap_key, k.publicKey)
|
|
expect(box).not.toBeNull()
|
|
const privk = await seal(k.privateKey)
|
|
|
|
const unbox = await box!.unwrap(privk)
|
|
expect(unbox).not.toBeNull()
|
|
expect(unbox).toEqual(wrap_key)
|
|
})
|
|
test('PrivateBox', async () => {
|
|
const message = crypto.getRandomValues(new Uint8Array(8))
|
|
let k = await PrivateBox.gen(true)
|
|
const box = await PrivateBox.encrypt(message, k.publicKey)
|
|
expect(box).not.toBeNull()
|
|
const privk = await seal(k.privateKey)
|
|
|
|
const unbox = await box!.decrypt(privk)
|
|
expect(unbox).not.toBeNull()
|
|
expect(unbox).toEqual(message)
|
|
})
|
|
test("Can't unwrap with a different key", async () => {
|
|
const wrap_k2 = await SecretWrap.gen(false)
|
|
const box = await SecretWrap.wrap(wrap_key, wrap_key) // Never do this kids !
|
|
expect(box).not.toBeNull()
|
|
const unbox = await box!.unwrap(wrap_k2)
|
|
expect(unbox).toBeNull()
|
|
})
|
|
test("Can't wrap non-extractable", async () => {
|
|
const k_sb = await SecretBox.gen(false)
|
|
const k_sw = await SecretWrap.gen(false)
|
|
const k_pb = await PrivateBox.gen(false)
|
|
const k_pw = await PrivateWrap.gen(false)
|
|
const sig = await signature.gen(false)
|
|
|
|
await cant_seal(k_sb)
|
|
await cant_seal(k_sw)
|
|
await cant_seal(k_pb.privateKey)
|
|
await cant_seal(k_pw.privateKey)
|
|
await cant_seal(sig.privateKey)
|
|
})
|