diff options
author | Florian Dold <florian@dold.me> | 2021-10-19 19:54:15 +0200 |
---|---|---|
committer | Florian Dold <florian@dold.me> | 2021-10-19 19:54:15 +0200 |
commit | 31f7d2ee2cc0747fad45c45e2e51e679e72ee2f6 (patch) | |
tree | 65044e608bd598fb0a8363c29152642a1897a7cc /packages | |
parent | 26738d14f1d60d9aa7471d0be267d286a4644069 (diff) |
anastasis-core: crypto tests and fixes
Diffstat (limited to 'packages')
-rw-r--r-- | packages/anastasis-core/src/crypto.test.ts | 77 | ||||
-rw-r--r-- | packages/anastasis-core/src/crypto.ts | 54 |
2 files changed, 120 insertions, 11 deletions
diff --git a/packages/anastasis-core/src/crypto.test.ts b/packages/anastasis-core/src/crypto.test.ts index 78ff2a65a..e535b7b2b 100644 --- a/packages/anastasis-core/src/crypto.test.ts +++ b/packages/anastasis-core/src/crypto.test.ts @@ -1,5 +1,11 @@ import test from "ava"; -import { userIdentifierDerive } from "./crypto.js"; +import { + accountKeypairDerive, + encryptTruth, + policyKeyDerive, + secureAnswerHash, + userIdentifierDerive, +} from "./crypto.js"; // Vector generated with taler-anastasis-tvg const userIdVector = { @@ -19,3 +25,72 @@ test("user ID derivation", async (t) => { ); t.is(res, userIdVector.output_id); }); + +test("account key pair derive", async (t) => { + const tv = { + operation: "account_keypair_derive", + input_id: + "3E9H5G4K645J6QWZGFZTWZQR54TQ5Y53CJFBZAQCC85QNP0C989Y113QWKC2CTTHP1NQFXMK3APS243WQ3N9BNMK6AMK6NP0ERM73HR", + output_priv_key: "7Y3DH7533MBERGESBE9296D0A503W6PWCK1AK6QNTD7ZCFCWC2G0", + output_pub_key: "QXJ3SJQCB0WGVY61B8R6PBEWCMZGYH07EW4JKBGNVZHN1745JYQ0", + }; + + const res = accountKeypairDerive(tv.input_id); + t.is(res.priv, tv.output_priv_key); + t.is(res.pub, tv.output_pub_key); +}); + +test("policy key derive", async (t) => { + const tv = { + operation: "policy_key_derive", + input_key_shares: [ + "MJ1XCJNJKD0JVDBD2QSYZRE5MS93R9XCA6J10DV7DFYA8NQMT5Z0", + "QPRQRQTC015C80M8DS95Y6H1MKF5DG7ZW7HST6V9MKJHHH5VYX8G", + ], + input_salt: + "EQFPNJVRCV1EABQMVFYSG7T45PW59QDXR7MYRY2Q90ZPB547WJ6C5DCR1B27VM69SXKF3T65EPCAP8KNP7AVMAH1Q5161TA8310RNR0", + output_policy_key: + "431NKRGWG43P4THPFQT7C1NPKJKM1FA8X6163CNMEGXN51Y2MCNEVN5154G8FM8TXMZ5FVSXAX26WV8M5HJYGZA0R8YFH3V8PKK9PX0", + }; + + const res = await policyKeyDerive(tv.input_key_shares, tv.input_salt); + t.is(res, tv.output_policy_key); +}); + +test("secure answer hash", async (t) => { + const tv = { + operation: "secure_answer_hash", + input_answer: "Blah", + input_uuid: "7PMDS95CVS1MGA29KN05SDJ6353TMYRW00P78D0WSQ16QTRQM090", + input_salt: "71BYXM8VCEQ976FA2KXGJ096RW", + output_hash: + "Z0CDC1ZYE15AZ7BR9F8PYTBHY5A0MEVNQEFPTEBKD31NSS4PAXTH7MZRT6HFX7H6F9KE8Y6A72ETSCWA1GCXGNAB1MVTV3R4XYCA908", + }; + + const out = await secureAnswerHash( + tv.input_answer, + tv.input_uuid, + tv.input_salt, + ); + t.is(out, tv.output_hash); +}); + +test("truth encryption", async (t) => { + const tv = { + operation: "truth_encryption", + input_nonce: "G94DP8YHN4V9M2HNYRFB4QQAKJGPH5H817NPANR", + input_truth_enc_key: + "9ZGP521EXMC6PE052HZJWCDR4PCM2PDHVFAGQXSB3S487FGNRYYVMN8NQQ43VGT2A1N9KYW2JRH0GPXYQ9GJ1F3D5PTN3CCJEXW64JG", + input_truth: + "R2AKJNZCAYTC81J0TQW4EZ69GFVMBSKJ6T5KXW2445D44XV5KZYG1QA0D43ZJRWBN1NFTYW60YFX6VDEZKH7G4BCN5Q8VARZ9Y95AK2D2FZG4RA5ESKX84JVZHWSWQ56TX3128KZ01YKWGXT99HX8YQFR7KBZBJJSBEX91KZPG0X4F0GKWQ69R30V14P58NES75K9D83PHZE1BN69QX9EE0CMENN4ND9Y5PPB34AVREV1GTSP5D0F48D07CKP8TCZ9K2BPTNQ8HFRZVRYW9GWER9JMHNMN1TT8FB3GNJH8G3CAD0GDPTMFG587C7PWKSPGCEXB929T4MT1NEPE47VEVE63V98RGFJMT8FR3C6EVYDAR4Q7R61CT50JM1AQ22D5962RHXP27R3M5MQWDQ2VNP38", + output_encrypted_truth: + "G94DP8YHN4V9M2HNYRFB4QQAKJGPH5H817NPANSN3ZN3GG8SS76ZFXNBPRN8G50J6PAVQN63EZXPF343BBCH3CX55C6EY1Y8YJAQZB1PE6VKBWR0G3VCSPSMFYX7TYQRPWQC79SGZC1GTVMMQDNBRANYJHDMZ40V7JCM5BDYVBVSFGVR17EXG1H41G2MSEJC3ZDK1829B9VWSMWNZQQN21YAXRPGQXM1NGY78ZFKRGMCRS6QEHAVMTY6VER9QG35K2SQ400WJATPAM530P15Z8RVEB5TTESKHA2EHM0CYA51JKHMFX02H94Y66PETYEJX5314C7H563K3KK7T71S369GKXTNW9TNFPVVFDH2N1VS57J77772N1ME72VPYNCC3YHXMN2JVQ665NWRNYHSZ68DGGG3X9Y4P8HGAK229ARWQKR29KSZXXAKJFH2BXVW7W88SSETJFTZ3GHVC421682M5R", + }; + + const enc = await encryptTruth( + tv.input_nonce, + tv.input_truth_enc_key, + tv.input_truth, + ); + t.is(enc, tv.output_encrypted_truth); +}); diff --git a/packages/anastasis-core/src/crypto.ts b/packages/anastasis-core/src/crypto.ts index 1332f8492..a5594288b 100644 --- a/packages/anastasis-core/src/crypto.ts +++ b/packages/anastasis-core/src/crypto.ts @@ -12,9 +12,11 @@ import { } from "@gnu-taler/taler-util"; import { argon2id } from "hash-wasm"; -export type Flavor<T, FlavorT> = T & { _flavor?: FlavorT }; -export type FlavorP<T, FlavorT, S extends number> = T & { - _flavor?: FlavorT; +export type Flavor<T, FlavorT extends string> = T & { + _flavor?: `anastasis.${FlavorT}`; +}; +export type FlavorP<T, FlavorT extends string, S extends number> = T & { + _flavor?: `anastasis.${FlavorT}`; _size?: S; }; @@ -29,6 +31,9 @@ export type EncryptedCoreSecret = Flavor<string, "EncryptedCoreSecret">; export type EncryptedMasterKey = Flavor<string, "EncryptedMasterKey">; export type EddsaPublicKey = Flavor<string, "EddsaPublicKey">; export type EddsaPrivateKey = Flavor<string, "EddsaPrivateKey">; +export type TruthUuid = Flavor<string, "TruthUuid">; +export type SecureAnswerHash = Flavor<string, "SecureAnswerHash">; +export type QuestionSalt = Flavor<string, "QuestionSalt">; /** * Truth key, found in the recovery document. */ @@ -110,12 +115,13 @@ export async function policyKeyDerive( policySalt: PolicySalt, ): Promise<PolicyKey> { const chunks = keyShares.map((x) => decodeCrock(x)); - const polKey = kdf( - 64, - taConcat(chunks), - decodeCrock(policySalt), - new Uint8Array(0), - ); + const polKey = kdfKw({ + outputLength: 64, + ikm: taConcat(chunks), + salt: decodeCrock(policySalt), + info: stringToBytes("anastasis-policy-key-derive"), + }); + return encodeCrock(polKey); } @@ -124,7 +130,12 @@ async function deriveKey( nonce: EncryptionNonce, salt: string, ): Promise<Uint8Array> { - return kdf(32, decodeCrock(keySeed), stringToBytes(salt), decodeCrock(nonce)); + return kdfKw({ + outputLength: 32, + salt: decodeCrock(nonce), + ikm: decodeCrock(keySeed), + info: stringToBytes(salt), + }); } async function anastasisEncrypt( @@ -201,3 +212,26 @@ export async function coreSecretEncrypt( encMasterKeys, }; } + +export async function secureAnswerHash( + answer: string, + truthUuid: TruthUuid, + questionSalt: QuestionSalt, +): Promise<SecureAnswerHash> { + const powResult = await argon2id({ + hashLength: 64, + iterations: 3, + memorySize: 1024 /* kibibytes */, + parallelism: 1, + password: stringToBytes(answer), + salt: decodeCrock(questionSalt), + outputType: "binary", + }); + const kdfResult = kdfKw({ + outputLength: 64, + salt: decodeCrock(truthUuid), + ikm: powResult, + info: stringToBytes("anastasis-secure-question-hashing"), + }); + return encodeCrock(kdfResult); +} |