Test SessionCipher for encrypt/decrypt identity checks

liliakai · liliakai · commit e68e17c86197 · 2017-05-30T14:54:27.000-07:00
In order to facilitate generation of session state in these tests, move some
helpers from SessionBuilderTest.js into global namespace of the test page
diff --git a/test/SessionBuilderTest.js b/test/SessionBuilderTest.js
@@ -1,51 +1,5 @@
 describe('SessionBuilder', function() {
     this.timeout(5000);
-    var KeyHelper = libsignal.KeyHelper;
-
-    function generateIdentity(store) {
-        return Promise.all([
-            KeyHelper.generateIdentityKeyPair(),
-            KeyHelper.generateRegistrationId(),
-        ]).then(function(result) {
-            store.put('identityKey', result[0]);
-            store.put('registrationId', result[1]);
-        });
-    }
-
-    function generatePreKeyBundle(store, preKeyId, signedPreKeyId) {
-        return Promise.all([
-            store.getIdentityKeyPair(),
-            store.getLocalRegistrationId()
-        ]).then(function(result) {
-            var identity = result[0];
-            var registrationId = result[1];
-
-            return Promise.all([
-                KeyHelper.generatePreKey(preKeyId),
-                KeyHelper.generateSignedPreKey(identity, signedPreKeyId),
-            ]).then(function(keys) {
-                var preKey = keys[0]
-                var signedPreKey = keys[1];
-
-                store.storePreKey(preKeyId, preKey.keyPair);
-                store.storeSignedPreKey(signedPreKeyId, signedPreKey.keyPair);
-
-                return {
-                    identityKey: identity.pubKey,
-                    registrationId : registrationId,
-                    preKey:  {
-                        keyId     : preKeyId,
-                        publicKey : preKey.keyPair.pubKey
-                    },
-                    signedPreKey: {
-                        keyId     : signedPreKeyId,
-                        publicKey : signedPreKey.keyPair.pubKey,
-                        signature : signedPreKey.signature
-                    }
-                };
-            });
-        });
-    }
 
     var ALICE_ADDRESS = new SignalProtocolAddress("+14151111111", 1);
     var BOB_ADDRESS   = new SignalProtocolAddress("+14152222222", 1);
diff --git a/test/SessionCipherTest.js b/test/SessionCipherTest.js
@@ -365,4 +365,68 @@ describe('SessionCipher', function() {
             });
         });
     });
+
+    describe("key changes", function() {
+      var ALICE_ADDRESS = new SignalProtocolAddress("+14151111111", 1);
+      var BOB_ADDRESS   = new SignalProtocolAddress("+14152222222", 1);
+      var originalMessage = util.toArrayBuffer("L'homme est condamné à être libre");
+
+      var aliceStore = new SignalProtocolStore();
+
+      var bobStore = new SignalProtocolStore();
+      var bobPreKeyId = 1337;
+      var bobSignedKeyId = 1;
+
+      var Curve = libsignal.Curve;
+
+      var bobSessionCipher = new libsignal.SessionCipher(bobStore, ALICE_ADDRESS);
+
+      before(function(done) {
+        Promise.all(
+          [aliceStore, bobStore].map(generateIdentity)
+        ).then(function() {
+            return generatePreKeyBundle(bobStore, bobPreKeyId, bobSignedKeyId);
+        }).then(function(preKeyBundle) {
+            var builder = new libsignal.SessionBuilder(aliceStore, BOB_ADDRESS);
+            return builder.processPreKey(preKeyBundle).then(function() {
+              var aliceSessionCipher = new libsignal.SessionCipher(aliceStore, BOB_ADDRESS);
+              return aliceSessionCipher.encrypt(originalMessage);
+            }).then(function(ciphertext) {
+              return bobSessionCipher.decryptPreKeyWhisperMessage(ciphertext.body, 'binary');
+            }).then(function() {
+              done();
+            });
+          }).catch(done);
+      });
+
+
+      describe("When bob's identity changes", function() {
+        var messageFromBob;
+        before(function(done) {
+          return bobSessionCipher.encrypt(originalMessage).then(function(ciphertext) {
+            messageFromBob = ciphertext;
+          }).then(function() {
+            return generateIdentity(bobStore);
+          }).then(function() {
+            return aliceStore.saveIdentity(BOB_ADDRESS.getName(), bobStore.get('identityKey').pubKey);
+          }).then(function() {
+            done();
+          });
+        });
+
+        it('alice cannot encrypt with the old session', function(done) {
+          var aliceSessionCipher = new libsignal.SessionCipher(aliceStore, BOB_ADDRESS);
+          return aliceSessionCipher.encrypt(originalMessage).catch(function(e) {
+            assert.strictEqual(e.message, 'Identity key changed');
+          }).then(done,done);
+        });
+
+        it('alice cannot decrypt from the old session', function(done) {
+          var aliceSessionCipher = new libsignal.SessionCipher(aliceStore, BOB_ADDRESS);
+          return aliceSessionCipher.decryptWhisperMessage(messageFromBob.body, 'binary').catch(function(e) {
+            assert.strictEqual(e.message, 'Identity key changed');
+          }).then(done, done);
+        });
+      });
+    });
 });
diff --git a/test/_test.js b/test/_test.js
@@ -52,3 +52,50 @@ function hexToArrayBuffer(str) {
     array[i] = parseInt(str.substr(i*2, 2), 16);
   return ret;
 };
+
+var KeyHelper = libsignal.KeyHelper;
+
+function generateIdentity(store) {
+    return Promise.all([
+        KeyHelper.generateIdentityKeyPair(),
+        KeyHelper.generateRegistrationId(),
+    ]).then(function(result) {
+        store.put('identityKey', result[0]);
+        store.put('registrationId', result[1]);
+    });
+}
+
+function generatePreKeyBundle(store, preKeyId, signedPreKeyId) {
+    return Promise.all([
+        store.getIdentityKeyPair(),
+        store.getLocalRegistrationId()
+    ]).then(function(result) {
+        var identity = result[0];
+        var registrationId = result[1];
+
+        return Promise.all([
+            KeyHelper.generatePreKey(preKeyId),
+            KeyHelper.generateSignedPreKey(identity, signedPreKeyId),
+        ]).then(function(keys) {
+            var preKey = keys[0]
+            var signedPreKey = keys[1];
+
+            store.storePreKey(preKeyId, preKey.keyPair);
+            store.storeSignedPreKey(signedPreKeyId, signedPreKey.keyPair);
+
+            return {
+                identityKey: identity.pubKey,
+                registrationId : registrationId,
+                preKey:  {
+                    keyId     : preKeyId,
+                    publicKey : preKey.keyPair.pubKey
+                },
+                signedPreKey: {
+                    keyId     : signedPreKeyId,
+                    publicKey : signedPreKey.keyPair.pubKey,
+                    signature : signedPreKey.signature
+                }
+            };
+        });
+    });
+}
diff --git a/test/test.js b/test/test.js
@@ -34453,3 +34453,50 @@ function hexToArrayBuffer(str) {
     array[i] = parseInt(str.substr(i*2, 2), 16);
   return ret;
 };
+
+var KeyHelper = libsignal.KeyHelper;
+
+function generateIdentity(store) {
+    return Promise.all([
+        KeyHelper.generateIdentityKeyPair(),
+        KeyHelper.generateRegistrationId(),
+    ]).then(function(result) {
+        store.put('identityKey', result[0]);
+        store.put('registrationId', result[1]);
+    });
+}
+
+function generatePreKeyBundle(store, preKeyId, signedPreKeyId) {
+    return Promise.all([
+        store.getIdentityKeyPair(),
+        store.getLocalRegistrationId()
+    ]).then(function(result) {
+        var identity = result[0];
+        var registrationId = result[1];
+
+        return Promise.all([
+            KeyHelper.generatePreKey(preKeyId),
+            KeyHelper.generateSignedPreKey(identity, signedPreKeyId),
+        ]).then(function(keys) {
+            var preKey = keys[0]
+            var signedPreKey = keys[1];
+
+            store.storePreKey(preKeyId, preKey.keyPair);
+            store.storeSignedPreKey(signedPreKeyId, signedPreKey.keyPair);
+
+            return {
+                identityKey: identity.pubKey,
+                registrationId : registrationId,
+                preKey:  {
+                    keyId     : preKeyId,
+                    publicKey : preKey.keyPair.pubKey
+                },
+                signedPreKey: {
+                    keyId     : signedPreKeyId,
+                    publicKey : signedPreKey.keyPair.pubKey,
+                    signature : signedPreKey.signature
+                }
+            };
+        });
+    });
+}
