Browse Source

add boolean checkers for which key we're handling

Kieran Gibb 3 years ago
parent
commit
47d9f933af
No account linked to committer's email address
2 changed files with 69 additions and 29 deletions
  1. 34
    13
      index.js
  2. 35
    16
      test/index.test.js

+ 34
- 13
index.js View File

@@ -15,24 +15,45 @@ class Crypto {
15 15
     return key
16 16
   }
17 17
 
18
-  readKey (pubKey, secretKey) {
19
-    const readKey = sodium.sodium_malloc(sodium.crypto_sign_PUBLICKEYBYTES + sodium.crypto_secretbox_KEYBYTES)
18
+  accessKey () {
19
+    return this.pack(this.keyPair().publicKey, this.symmetricKey())
20
+  }
20 21
 
21
-    if (pubKey && Buffer.isBuffer(pubKey)) pubKey.copy(readKey)
22
-    else this.keyPair().publicKey.copy(readKey)
22
+  pack (pubKey, symKey) {
23
+    const accessKey = sodium.sodium_malloc(sodium.crypto_sign_PUBLICKEYBYTES + sodium.crypto_secretbox_KEYBYTES)
24
+    pubKey.copy(accessKey)
25
+    symKey.copy(accessKey, sodium.crypto_secretbox_KEYBYTES)
26
+    return accessKey
27
+  }
23 28
 
24
-    if (secretKey && Buffer.isBuffer(secretKey)) secretKey.copy(readKey, sodium.crypto_sign_PUBLICKEYBYTES)
25
-    else this.symmetricKey().copy(readKey, sodium.crypto_sign_PUBLICKEYBYTES)
29
+  unpack (accessKey) {
30
+    if (accessKey.length < sodium.crypto_sign_PUBLICKEYBYTES) throw new Error('Invalid key length')
31
+    if (accessKey.length === sodium.crypto_sign_PUBLICKEYBYTES) return { publicKey: accessKey }
32
+    const publicKey = accessKey.slice(0, sodium.crypto_sign_PUBLICKEYBYTES)
33
+    const symmetricKey = accessKey.slice(sodium.crypto_secretbox_KEYBYTES)
34
+    return { publicKey, symmetricKey }
35
+  }
26 36
 
27
-    return readKey
37
+  isAccessKey (key) {
38
+    try { var keys = this.unpack(key) }
39
+    catch (err) { return false }
40
+    return keys.publicKey !== undefined &&
41
+      keys.publicKey !== null &&
42
+      keys.publicKey.length === sodium.crypto_sign_PUBLICKEYBYTES &&
43
+      keys.symmetricKey !== undefined &&
44
+      keys.symmetricKey !== null &&
45
+      keys.symmetricKey.length === sodium.crypto_secretbox_KEYBYTES
28 46
   }
29 47
 
30
-  unpackKey (readKey) {
31
-    if (readKey.length < sodium.crypto_sign_PUBLICKEYBYTES) throw new Error('Invalid key length')
32
-    if (readKey.length === sodium.crypto_sign_PUBLICKEYBYTES) return { publicKey: readKey }
33
-    const publicKey = readKey.slice(0, sodium.crypto_sign_PUBLICKEYBYTES)
34
-    const symmetricKey = readKey.slice(sodium.crypto_secretbox_KEYBYTES)
35
-    return { publicKey, symmetricKey }
48
+  isBlindKey (key) {
49
+    try { var keys = this.unpack(key) }
50
+    catch (err) { return false }
51
+    var keys = this.unpack(key)
52
+    return keys.publicKey !== undefined &&
53
+      keys.publicKey !== null &&
54
+      keys.publicKey.length === sodium.crypto_sign_PUBLICKEYBYTES &&
55
+      (keys.symmetricKey === undefined ||
56
+      keys.symmetricKey === null)
36 57
   }
37 58
 
38 59
   encoder (encryptionKey, opts = {}) {

+ 35
- 16
test/index.test.js View File

@@ -24,35 +24,54 @@ describe('key generation', (context) => {
24 24
     next()
25 25
   })
26 26
 
27
-  context('generate a read key', (assert, next) => {
28
-    const readKey = crypto.readKey()
29
-    assert.ok(readKey, 'Key successfully generated')
30
-    assert.same(readKey.length, 64, 'Read key is 64 bytes')
31
-    assert.ok(readKey instanceof Buffer, 'Read key is a buffer')
27
+  context('generate an access key', (assert, next) => {
28
+    const accessKey = crypto.accessKey()
29
+    assert.ok(accessKey, 'Key successfully generated')
30
+    assert.same(accessKey.length, 64, 'Read key is 64 bytes')
31
+    assert.ok(accessKey instanceof Buffer, 'Read key is a buffer')
32
+    next()
33
+  })
32 34
 
35
+  context('pack an access key', (assert, next) => {
33 36
     const pubKey = crypto.keyPair().publicKey
34 37
     const secretKey = crypto.symmetricKey()
35 38
 
36
-    const anotherReadKey = crypto.readKey(pubKey, secretKey)
37
-    assert.ok(anotherReadKey, 'Key successfully generated')
38
-    assert.ok(anotherReadKey instanceof Buffer, 'Read key is a buffer')
39
-    assert.same(anotherReadKey.length, 64, 'read key is 64 bytes')
40
-    assert.same(anotherReadKey.slice(0, 32), pubKey)
41
-    assert.same(anotherReadKey.slice(32, 64), secretKey)
39
+    const accessKey = crypto.pack(pubKey, secretKey)
40
+    assert.ok(accessKey, 'Key successfully generated')
41
+    assert.ok(accessKey instanceof Buffer, 'Access key is a buffer')
42
+    assert.same(accessKey.length, 64, 'read key is 64 bytes')
43
+    assert.same(accessKey.slice(0, 32), pubKey)
44
+    assert.same(accessKey.slice(32, 64), secretKey)
42 45
     next()
43 46
   })
44 47
 
45
-  context('unpack a read key', (assert, next) => {
46
-    const readKey = crypto.readKey()
48
+  context('unpack an access key', (assert, next) => {
49
+    const accessKey = crypto.accessKey()
47 50
 
48
-    const keys = crypto.unpackKey(readKey)
49
-    const pubKey = readKey.slice(0, 32)
50
-    const symKey = readKey.slice(32, 64)
51
+    const keys = crypto.unpack(accessKey)
52
+    const pubKey = accessKey.slice(0, 32)
53
+    const symKey = accessKey.slice(32, 64)
51 54
 
52 55
     assert.same(keys.publicKey, pubKey, 'Unpacks the public key')
53 56
     assert.same(keys.symmetricKey, symKey, 'Unpacks the symmetric key')
54 57
     next()
55 58
   })
59
+
60
+  context('check a key is a valid blind replication / public key', (assert, next) => {
61
+    const accessKey = crypto.accessKey()
62
+    assert.same(false, crypto.isBlindKey(accessKey), 'access key is not a valid blind replication key')
63
+    const blindKey = crypto.keyPair().publicKey
64
+    assert.same(true, crypto.isBlindKey(blindKey), '32 byte public key is a valid blind replication key')
65
+    next()
66
+  })
67
+
68
+  context('check a key is a valid access key', (assert, next) => {
69
+    const blindKey = crypto.keyPair().publicKey
70
+    assert.same(crypto.isAccessKey(blindKey), false, '32 byte public key is not a valid access key')
71
+    const accessKey = crypto.accessKey()
72
+    assert.same(crypto.isAccessKey(accessKey), true, '64 byte access key is a valid access key')
73
+    next()
74
+  })
56 75
 })
57 76
 
58 77
 describe('message encoding', (context) => {