diff --git a/karma.conf.js b/karma.conf.js index 8b1c405fa..d9b224d28 100644 --- a/karma.conf.js +++ b/karma.conf.js @@ -88,6 +88,7 @@ module.exports = function(karma) { 'tests/blockchain_wallet_spec.js.coffee', 'tests/rng_spec.js.coffee', 'tests/transaction_list_spec.js.coffee', + 'tests/wallet_crypto_spec.js.coffee', ] }; diff --git a/tests/data/aes-256-vectors.json b/tests/data/aes-256-vectors.json new file mode 100644 index 000000000..ff0dd2afd --- /dev/null +++ b/tests/data/aes-256-vectors.json @@ -0,0 +1,77 @@ +{ + "cbc": { + "key": "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", + "tests": [ + { + "iv": "000102030405060708090A0B0C0D0E0F", + "testvector": "6bc1bee22e409f96e93d7e117393172a", + "ciphertext": "f58c4c04d6e5f1ba779eabfb5f7bfbd6" + }, + { + "iv": "F58C4C04D6E5F1BA779EABFB5F7BFBD6", + "testvector": "ae2d8a571e03ac9c9eb76fac45af8e51", + "ciphertext": "9cfc4e967edb808d679f777bc6702c7d" + }, + { + "iv": "9CFC4E967EDB808D679F777BC6702C7D", + "testvector": "30c81c46a35ce411e5fbc1191a0a52ef", + "ciphertext": "39f23369a9d9bacfa530e26304231461" + }, + { + "iv": "39F23369A9D9BACFA530E26304231461", + "testvector": "f69f2445df4f9b17ad2b417be66c3710", + "ciphertext": "b2eb05e2c39be9fcda6c19078c6a9d1b" + } + ] + }, + "ofb": { + "key": "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", + "tests": [ + { + "iv": "000102030405060708090A0B0C0D0E0F", + "testvector": "6bc1bee22e409f96e93d7e117393172a", + "ciphertext": "dc7e84bfda79164b7ecd8486985d3860" + }, + { + "iv": "B7BF3A5DF43989DD97F0FA97EBCE2F4A", + "testvector": "ae2d8a571e03ac9c9eb76fac45af8e51", + "ciphertext": "4febdc6740d20b3ac88f6ad82a4fb08d" + }, + { + "iv": "E1C656305ED1A7A6563805746FE03EDC", + "testvector": "30c81c46a35ce411e5fbc1191a0a52ef", + "ciphertext": "71ab47a086e86eedf39d1c5bba97c408" + }, + { + "iv": "41635BE625B48AFC1666DD42A09D96E7", + "testvector": "f69f2445df4f9b17ad2b417be66c3710", + "ciphertext": "0126141d67f37be8538f5a8be740e484" + } + ] + }, + "ecb": { + "key": "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", + "tests": [ + { + "iv": "", + "testvector": "6bc1bee22e409f96e93d7e117393172a", + "ciphertext": "f3eed1bdb5d2a03c064b5a7e3db181f8" + }, + { + "iv": "", + "testvector": "ae2d8a571e03ac9c9eb76fac45af8e51", + "ciphertext": "591ccb10d410ed26dc5ba74a31362870" + }, + { + "iv": "", + "testvector": "30c81c46a35ce411e5fbc1191a0a52ef", + "ciphertext": "b6ed21b99ca6f4f9f153e7b1beafed1d" + }, + { + "iv": "", + "testvector": "f69f2445df4f9b17ad2b417be66c3710", + "ciphertext": "23304b7a39f9f3ff067d8d8f9e24ecc7" + } + ] + } +} diff --git a/tests/data/wallet-data.json b/tests/data/wallet-data.json new file mode 100644 index 000000000..baa540942 --- /dev/null +++ b/tests/data/wallet-data.json @@ -0,0 +1,82 @@ +{ + "v3": [ + { + "guid": "15506a26-fa63-4158-a898-63e6f81aaf9f", + "password": "testpassword", + "iterations": 5000, + "data": { + "guid": "15506a26-fa63-4158-a898-63e6f81aaf9f", + "sharedKey": "5ee0973f-44c3-4317-9edb-dea9cf25bcdc", + "double_encryption": false, + "options": { + "pbkdf2_iterations": 5000, + "fee_per_kb": 10000, + "html5_notifications": false, + "logout_time": 600000 + }, + "address_book": [], + "tx_notes": {}, + "tx_names": [], + "keys": [], + "paidTo": {}, + "hd_wallets": [ + { + "seed_hex": "5f99079b5162acb585a9b0d719c05de3", + "passphrase": "", + "mnemonic_verified": false, + "default_account_idx": 0, + "accounts": [ + { + "label": "My Bitcoin Wallet", + "archived": false, + "xpriv": "xprv9yBZ9TrUgcmm8HSeW53rkmDi3AkQfxYhBq6hitM5WyVt7iPuikhfo5GpVgRkZncKMVNHzEH5eraZUfKnDXDHjFhXyuuc9iyEPXQSD7H6FF4", + "xpub": "xpub6CAuYyPNWzL4LmX7c6as7uASbCau5RGYZ42JXGkh5K2rzWj4GJ1vLsbJLzjksGursEwwXmyyg47sRkwN2YQBA7kiCTdqSETpd64LBqL84t1", + "address_labels": [], + "cache": { + "receiveAccount": "xpub6EiGuhE74faCYPBMFX8YbmWh8TzxKA4wupxhsyfNZhA4TCyEdJGjeYYQXLWoBERW36gNeawowC48TvVMzdjbxeVRWS1wjCAjoeP5aHUewyq", + "changeAccount": "xpub6EiGuhE74faCaYuTxzXjWiKvx3JSgqpurM7RF8GLXanHeQ5f5kZiLoRiqdgTYZkFiBEiXQ4L1sQfKQCbjNqkAGSvwkGxku7JgQDLzQNEF8u" + } + } + ] + } + ] + }, + "iv": "6d0de58acba8a1f2badef0de907c0b1d", + "pad": "514ec8", + "enc": "{\"pbkdf2_iterations\":5000,\"version\":3,\"payload\":\"bQ3lisuoofK63vDekHwLHY0DPWsP9wULcj/B5VlkGmsPQsDp7eQ66rMV+eRKu/dir3dprqprTudHoyx9DVfs0uNvuMdjYFY6uAN+1OL0TVkFdbueyviHShRwIfI+Sv1H57AmGrBVAkjyWgNpl9+idBUDiL4goyOCpwRE36Xttk8yLxNQKuGY/Sa487eyU+iC4LVS90DXPl8PCQmaZhAnfN6Cn4h7g0Z9z6PZz8ZIzvUT8kfMPa6wewp8452SUoPhVT9acoCM8XNlj/ErfC718PyidExZsX05rtkq/3Q/5/eEOb8e2n6YFtDVpWWvXkGw47K1WKAHSB2U0vuDGpsmG4FBwub0F2cFb6FYh7HkMeRYf4/z6UqVnlD1jRDLzFhVwGPHZiTni80zl6GqtnEfcvUubsp8i5ygWkhtLbaP+IChr3JzUgl9Y1QHozPzxFuTwNRmjjgft6bN/43WRuD3sjTPJz6HOn9Hti9zqYm546+mU+UBEhzmKy6MeSV27oHhHTLrBddcCU80AAxopJsC76hxWh0SzjuTWEhmAczZfdllkawQs/sSIOR9YLb25+jusoPmylQyBfLL3bt+g6ek7xcg9kBxeqhuSQj6C+OGolHtBJzhOKKqs/fgPy+0Vjzd8jHo6QM0yauuzUR1oQOfV9iIWORVhYGqcNrXAccRnQCXTlxGVi4v5Zk9CGmhpCjenccTtT+bZVzrqAHvmopZ4GgbYak9lTy8OtddYM741TmhhqExztnNP+gUZcxVNe0/yO7K2qXveLqO7sO3WB1fV2bgI8y1JwEyNKq+cPoMxdueMsna/H0UvgXPC/b0On/e3YctFeUHDYfGZSBKq/pHefp+MoSxUszuS19ALh3paKeK0QhrEgFPUvT7ScUNMzhKc4LiViviSgrgfyojrqpOkhAokrrBpq8XDSgNJxxGRfVDH75kUFJEBHBSCE32If8V1M4H+R9ypqhQ8R6/V8dCffCO/GI4UdFaeLVy/2DniPvR4zoPQN0ilwT8ypE6Y+QWnZJc6VYidVtipwKmD5cZMcaZeRNv3hJ0WBSj6v/Nr0LUxG1lNbFWMzMEARG3dhkZNAhCY+vAFkArUIDpawskQ8A9jQ2ZpGN89A6UrVGzTVPbyKisPJ+9YCuKF+v3tM3WpRaK7WQGpvPmsnl6AAT7W/utiVdSDtpPQ+G6D7pLEcZuJBAkwX+gcf3f8AsyCy8v1xYv15kL2xFXybjnA3lgGqJaqFxWOQwXhXXkovjiX0IJzJ/QH9aL32moB5OsRNvcCRMBiQoDus+fKJ1epo356R8xsvwjE2FF2NuPQS8CtZRmTKpCO3mGe3Aoi3QKpaPeg0ZWUUqmvfTr3suDTtWPJg9dX4J5FDAjLxeof4RNZR0=\"}" + } + ], + "v2": [ + { + "guid": "cc90a34d-9eeb-49e7-95ef-9741b77de443", + "password": "testtest12", + "enc": "{\"version\":2,\"pbkdf2_iterations\":5000,\"payload\":\"\"}" + } + ], + "v1": [ + { + "mode": "CBC", + "padding": "Iso10126", + "iterations": 10, + "guid": "6253e902-ce79-4027-bdc4-af51ed970eb5", + "password": "testpassword", + "enc": "OPWBr1rsrvGsbNpIidlztqc0YsPwS0gg51rz6gWlrsJzY+VidziSekuiy7AcxVF42sMcJp9XD41xPsmq0m9yEWrFw6QufwLjSWNE4IK8mD6jIYH35a7fWKbK0LXGq4UIHCfM2W8WVoz/l0QO+JrGrqC3gg8qGyHP3NsVZKVAqG6cGmBi9WEs688U5B0NNGPXPLKE1ZXzHbSd6Pdub1xWv/BEo4RsAu1NySQJpcq3hqo9nLMsza9aiwKH5rG1aMUDu50LNtGs3vCx8ZAkcZpYVp1ZLeoD3pnZVc7siq3kiqJ7zDQoE3FORgD6PuAc6YB2PXW6I3ubw4hkvFMnkIK4/Cc/AEB8RYar6rjmgPVYXSm+ok39sPi9ppIE23k4LkFzz3dUbTM2ub1kKPCUoJLp2E4tUg4hqRidaC7rNxkPyI3lyBWrS8JD457pFYlTWYsUtU1P2sHhxKZuKdeDPQ/Jvo0y+xO5rK9OgmKCg0qxuwaXf4NYu6laqaGEQywRmRyhT1f3E0pQZ371dObo4FOdiVEODhvadPf0FCHjOtuaxWwEkFwyFHVtc0lVNhcy0rg65j2efHpDUXqQnqFBgc2PG23BVI1gY0JIDT5zp33wdFX3r6MjYxSUV7KbRBDwCD0Q3a9NepX9bqv3wpi1qYJ6kcht0iMAE+5WmHHeHWza2HFMXcUApSAU6cu2fzOfK+4gRMJPjNAdk/nVQT1UnWy9k+s6jvwaXBPI10ewaTz5ayRTXyku36N1xLsM6DnBPoJCunuDEXMI5dILgr3BVSCqvzboWsRW04bAfFbpYANioQgdDD5zerygHa61V7ICyD/x5G4li6VLIefsCGGBo+7fU149zYkHv7ruH8F/J26b11UH+gpThimLgenJectT3MnksMFaz8LiSRn6jnz7CMeXssxBoYRT0gvq4MN6JxFGD01HfcqfVuBkWXk8Mo1OE75v3HWovrJOrTXhYbr+JaPppA==" + }, + { + "mode": "OFB", + "padding": "NoPadding", + "iterations": 1, + "guid": "6253e902-ce79-4027-bdc4-af51ed970eb5", + "password": "testpassword", + "enc": "1LbdcPCYTFMr3Yv27kaJ/kqKflbhLMsQJXAL4EyWOzTKiDHmVrO6JTInh0GzXwTcDSJJQw4G614LT7YyfaZLd3+shhFDQycvSLKrnC4wM40CcIE1Ow335YlolV6+WAJAAQ951ipS2cUERXSpxbbDy41AbUG+wIX/R2wCbiosT6OLHjnMSuQWx5CyEB1ZqRUXfc3TYwbh1iCJdBDaPFnmTPN/LpRegC99DFEJ0E94dPim42Q/8KV4mDNvCOUGjLfqsi/3I+M6kGJtzC5CUo0dVZ0bzzTTXEXm7Ga0eo3arCdMQUDPVGcbJbGK8qTcWcHXHw90EJEGBUi6i4p1XXw+26T5k+Qs6Fl7GD3PHl5Urusk4twB5DM/Hwp5vFWnsCsbM78CRhJl3rbheBMx6t1RJKvxpOUrh/OyvOwhWtU6hRXmS/zrwwDqbWiVG9/LzZP19hnAvlTJ0o1jF/Dmz+EoTaotkVHFZDUuYDKfWPY/+K7sQGkagfdv5W1X9rfary22prDUo8kFiRvNHvGMie3TiM1ucSdpBj1DpgfwCxnWzLIeoRl8ZJFUN/V8CkGjpPoyBYZFfjCeGq9+ET0wXL4s9qfNXaHfx2oEuiwcLcDDf71us655hIW6t/OPaPZ3WPhnW4KqrTtL4xduYrisYbhoZkmqJe5Jl110jhiKdNYdvmOcFo764RDPcu2Oa1bszYhGTbRPc45kLauJUAW3e/UUbA87RpAqFnOLH/0vcNMJvcKbvID9A1RSZNjmlerSOptab+yYI97D6EitvFDx9tFMmUrfWFRGs5bOrjiAHobcCqpJ60AivYHPkkkaz8gROz30aqa9Dpz15wplbOVIpKVqf8hly8Bghj5QK4+m2Nf2qALDdBfX+1ZIUh23kiy0s3duWoJQttIyK0AeEU8oHa0MRP5T/ikMatVvw7GVmcDzO8pFBdBxssxReEhnXCpd4nmjcuWbroa+5oaCMWtzXH4I" + }, + { + "mode": "CBC", + "padding": "Iso10126", + "iterations": 1, + "guid": "6253e902-ce79-4027-bdc4-af51ed970eb5", + "password": "testpassword", + "enc": "BuAqphHuJDoKyTIHRXlzlm1ZMVo1NKM9l6fDFldPGOPTobqEG+9RjO9UHLcUO04HAbqogDZdoOxU2cyNM7bi7JYEZDTlfiIYldFkJUP+zGA4Wg+twCS+oOJrv4D8VoKaFl8oAnIns2n8o8MEQscxxkBzjNWoZ3yE6jG1AjtoYt8owrz97S8XFmnSaK3/Q3doTMKFPaRZ7NAR7z0gWI4KaHtfmHMYEsiGy33M4riq3DCyiGGezg+f2IlUUsRj/+VmxZd5KlCpA4ZIG3fPpp19BPj2S3yFdDqZtMjfggo570iHi7eMogFrZAo+yiLJlYSaoWT8fs8vTmnm8pxxRYb1601AmrBnNlPPpvGRNSBiV/rfKdaVqPYygonTBca5fLBA+QQQ8k5HJdiKRjgfJkZWpjexxdXTuLi/bRKYfKOp5GT+fDrgNAv/E56U4rpwpolAQYzJI8XGDF6CZCVJHWAIPqq8XO7sBBofRuGpUoJMZChDoSbVJV12ZYKSo52j/oo+G/e/Rylrydb2u2qte4RdvYQE+Fr9FIX8nR3JUJwXpXx3/rUImPJa+9P9+ySOjRo4zvmh04Zj+C6eGfsLO4GvpKe748d6WrQzTZwzcVmzCeFA0spcDmJaeQ6iB9HKh8yYo5YDWiEiuHw1CIxDb83wnlLepxmk0isEMCIXETNJ+8ns1263kBbYKbt9FyfB8gNrSHEM7tyVc5v03Z++c11+9dSONnLyQArQSLCvnktPQlKm2cb/rRfmbk8ASlCfZkkhn6TR7Ugcvgoj+Sh7fm9LWYISdPx3vmPriplQjvnYnrvBcXoNmJuFmNG6tBgCK8wdbtOCtFw4KS0e8nAOjZ4o0xfNuLv+TmMyyA9xAXRGDEPV+5Z//MAQJc69usAazTaojxicUh0RghUlQOpiqHW5Mbg0tUlkAkCJJYJKfu6elNDslw8l6NwjIvaR7rgdF6JGXbRrX9zl81dAYfyWxJg9Nw==" + } + ] +} diff --git a/tests/wallet_crypto_spec.js.coffee b/tests/wallet_crypto_spec.js.coffee new file mode 100644 index 000000000..d18b0b855 --- /dev/null +++ b/tests/wallet_crypto_spec.js.coffee @@ -0,0 +1,128 @@ + +describe 'WalletCrypto', -> + + WalletCrypto = require('../src/wallet-crypto') + crypto = require('crypto') + walletData = require('./data/wallet-data') + + describe 'decryptWalletSync()', -> + + describe 'wallet v3', -> + walletData.v3.forEach (wallet) -> + it "should decrypt #{wallet.guid}", -> + dec = WalletCrypto.decryptWalletSync(wallet.enc, wallet.password) + expect(dec.guid).toEqual(wallet.guid) + + describe 'legacy wallet v2', -> + walletData.v2.forEach (wallet) -> + it "should decrypt #{wallet.guid}", -> + dec = WalletCrypto.decryptWalletSync(wallet.enc, wallet.password) + expect(dec.guid).toEqual(wallet.guid) + + describe 'legacy wallet v1', -> + walletData.v1.forEach (wallet) -> + it "should decrypt #{wallet.mode}, #{wallet.padding}, #{wallet.iterations} iterations", -> + dec = WalletCrypto.decryptWalletSync(wallet.enc, wallet.password) + expect(dec.guid).toEqual(wallet.guid) + + describe 'encryptWallet()', -> + v3 = walletData.v3[0] + + it 'should encrypt a v3 wallet', -> + spyOn(crypto, 'randomBytes').and.callFake((bytes) -> + salt = new Buffer(v3.iv, 'hex') + padding = new Buffer(v3.pad, 'hex') + return if bytes == 16 then salt else padding + ) + enc = WalletCrypto.encryptWallet(JSON.stringify(v3.data), v3.password, v3.iterations, 3) + expect(enc).toEqual(v3.enc) + + describe 'aes-256', -> + vectors = require('./data/aes-256-vectors') + + ['cbc', 'ofb', 'ecb'].forEach (mode) -> + + describe "#{mode}", -> + key = new Buffer(vectors[mode].key, 'hex') + + opts = + mode: WalletCrypto.AES[mode.toUpperCase()] + padding: WalletCrypto.pad.NoPadding + + vectors[mode].tests.forEach (caseData) -> + enc = undefined + + iv = if caseData.iv then new Buffer(caseData.iv, 'hex') else null + testvector = new Buffer(caseData.testvector, 'hex') + ciphertext = new Buffer(caseData.ciphertext, 'hex') + + it "should encrypt #{caseData.testvector}", -> + enc = WalletCrypto.AES.encrypt(testvector, key, iv, opts) + expect(enc.compare(ciphertext)).toEqual(0) + + it "should decrypt #{caseData.testvector}", -> + dec = WalletCrypto.AES.decrypt(enc, key, iv, opts) + expect(dec.compare(testvector)).toEqual(0) + + describe 'padding', -> + + BLOCK_SIZE_BYTES = 16 + pad = WalletCrypto.pad + input = new Buffer(10).fill(0xff) + + describe 'NoPadding', -> + it 'should not add bytes when padding', -> + output = pad.NoPadding.pad(input, BLOCK_SIZE_BYTES) + expect(output.compare(input)).toEqual(0) + + it 'should not remove bytes when unpadding', -> + output = pad.NoPadding.unpad(input) + expect(output.compare(input)).toEqual(0) + + describe 'ZeroPadding', -> + it 'should fill the remaining block space with 0x00 bytes', -> + output = pad.ZeroPadding.pad(input, BLOCK_SIZE_BYTES) + expect(output.length).toEqual(BLOCK_SIZE_BYTES) + expect(output.toString('hex').match(/(00)+$/)[0].length/2).toEqual(6) + + it 'should remove all trailing 0x00 bytes when unpadding', -> + padded = Buffer.concat([ input, new Buffer(6).fill(0x00) ]) + output = pad.ZeroPadding.unpad(padded) + expect(output.length).toEqual(10) + + it 'should unpad a ZeroPadding padded buffer', -> + output = pad.ZeroPadding.unpad(pad.ZeroPadding.pad(input, BLOCK_SIZE_BYTES)) + expect(output.compare(input)).toEqual(0) + + describe 'Iso10126', -> + it 'should set the last byte to the padding length', -> + output = pad.Iso10126.pad(input, BLOCK_SIZE_BYTES) + expect(output[output.length - 1]).toEqual(0x06) + + it 'should pad using random bytes', -> + spyOn(crypto, 'randomBytes').and.callThrough() + pad.Iso10126.pad(input, BLOCK_SIZE_BYTES) + expect(crypto.randomBytes).toHaveBeenCalledWith(5) + + it 'should unpad based on the last byte', -> + padded = new Buffer(BLOCK_SIZE_BYTES) + padded[padded.length - 1] = 0x07 + output = pad.Iso10126.unpad(padded) + expect(output.length).toEqual(9) + + it 'should unpad an Iso10126 padded buffer', -> + output = pad.Iso97971.unpad(pad.Iso97971.pad(input, BLOCK_SIZE_BYTES)) + expect(output.compare(input)).toEqual(0) + + describe 'Iso97971', -> + it 'should set the first padding byte to 0x80', -> + output = pad.Iso97971.pad(input, BLOCK_SIZE_BYTES) + expect(output[input.length]).toEqual(0x80) + + it 'should pad the rest with 0x00 bytes', -> + output = pad.Iso97971.pad(input, BLOCK_SIZE_BYTES) + expect(output.toString('hex').match(/(00)+$/)[0].length/2).toEqual(5) + + it 'should unpad an Iso97971 padded buffer', -> + output = pad.Iso97971.unpad(pad.Iso97971.pad(input, BLOCK_SIZE_BYTES)) + expect(output.compare(input)).toEqual(0)