forked from aws/aws-encryption-sdk-javascript
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathframed_encrypt_stream.test.ts
150 lines (133 loc) · 4.92 KB
/
framed_encrypt_stream.test.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
/*
* Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use
* this file except in compliance with the License. A copy of the License is
* located at
*
* http://aws.amazon.com/apache2.0/
*
* or in the "license" file accompanying this file. This file is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
* implied. See the License for the specific language governing permissions and
* limitations under the License.
*/
/* eslint-env mocha */
import * as chai from 'chai'
import chaiAsPromised from 'chai-as-promised'
import 'mocha'
import { getFramedEncryptStream, getEncryptFrame } from '../src/framed_encrypt_stream'
chai.use(chaiAsPromised)
const { expect } = chai
describe('getFramedEncryptStream', () => {
it('can be created', () => {
const getCipher: any = () => {}
const test = getFramedEncryptStream(getCipher, {} as any, () => {})
expect(test._transform).is.a('function')
})
it('Precondition: plaintextLength must be within bounds.', () => {
const getCipher: any = () => {}
expect(() => getFramedEncryptStream(getCipher, {} as any, () => {}, -1)).to.throw(Error, 'plaintextLength out of bounds.')
expect(() => getFramedEncryptStream(getCipher, {} as any, () => {}, Number.MAX_SAFE_INTEGER + 1)).to.throw(Error, 'plaintextLength out of bounds.')
/* Math is hard.
* I want to make sure that I don't have an errant off by 1 error.
*/
expect(() => getFramedEncryptStream(getCipher, {} as any, () => {}, Number.MAX_SAFE_INTEGER)).to.not.throw(Error)
})
it('Precondition: Must not process more than plaintextLength.', () => {
const getCipher: any = () => {}
const test = getFramedEncryptStream(getCipher, { } as any, () => {}, 8)
expect(() => test._transform(Buffer.from(Array(9)), 'binary', () => {})).to.throw(Error, 'Encrypted data exceeded plaintextLength.')
})
it('Check for early return (Postcondition): Have not accumulated a frame.', () => {
const getCipher: any = () => {}
const frameLength = 10
const test = getFramedEncryptStream(getCipher, { frameLength } as any, () => {})
let called = false
test._transform(Buffer.from(Array(9)), 'binary', () => {
called = true
})
expect(called).to.equal(true)
})
})
describe('getEncryptFrame', () => {
it('can return an EncryptFrame', () => {
const input = {
pendingFrame: {
content: [Buffer.from([1, 2, 3, 4, 5])],
contentLength: 5,
sequenceNumber: 1
},
isFinalFrame: false,
getCipher: () => ({ setAAD: () => {} }) as any,
messageHeader: {
frameLength: 5,
contentType: 2,
messageId: Buffer.from([]),
headerIvLength: 12 as 12,
version: 1,
type: 12,
suiteId: 1,
encryptionContext: {},
encryptedDataKeys: []
}
}
const test1 = getEncryptFrame(input)
expect(test1.content).to.equal(input.pendingFrame.content)
expect(test1.isFinalFrame).to.equal(input.isFinalFrame)
// Just a quick flip to make sure...
input.isFinalFrame = true
const test2 = getEncryptFrame(input)
expect(test2.content).to.equal(input.pendingFrame.content)
expect(test2.isFinalFrame).to.equal(input.isFinalFrame)
})
it('Precondition: The content length MUST correlate with the frameLength.', () => {
const inputFinalFrameToLarge = {
pendingFrame: {
content: [Buffer.from([1, 2, 3, 4, 5, 6])],
// This exceeds the frameLength below
contentLength: 6,
sequenceNumber: 1
},
isFinalFrame: true,
getCipher: () => ({ setAAD: () => {} }) as any,
messageHeader: {
frameLength: 5,
contentType: 2,
messageId: Buffer.from([]),
headerIvLength: 12 as 12,
version: 1,
type: 12,
suiteId: 1,
encryptionContext: {},
encryptedDataKeys: []
}
}
expect(() => getEncryptFrame(inputFinalFrameToLarge)).to.throw('Final frame length exceeds frame length.')
const inputFrame = {
pendingFrame: {
content: [Buffer.from([1, 2, 3, 4, 5])],
contentLength: 5,
sequenceNumber: 1
},
isFinalFrame: false,
getCipher: () => ({ setAAD: () => {} }) as any,
messageHeader: {
frameLength: 5,
contentType: 2,
messageId: Buffer.from([]),
headerIvLength: 12 as 12,
version: 1,
type: 12,
suiteId: 1,
encryptionContext: {},
encryptedDataKeys: []
}
}
// Make sure that it must be equal as long as we are here...
inputFrame.pendingFrame.contentLength = 4
expect(() => getEncryptFrame(inputFrame)).to.throw('Final frame length exceeds frame length.')
inputFrame.pendingFrame.contentLength = 6
expect(() => getEncryptFrame(inputFrame)).to.throw('Final frame length exceeds frame length.')
})
})