diff --git a/src/constants.ts b/src/constants.ts index 78f9e77..febbcc1 100644 --- a/src/constants.ts +++ b/src/constants.ts @@ -1,7 +1,6 @@ export const AES_KEY_BYTE_LENGTH = 32; export const IV_LEN_BYTES = 12; -export const CONTEXT_WRAPPING = 'CRYPTO library 2025-08-22 18:10:00 key derived from ecc and kyber secrets'; export const CONTEXT_ENC_KEYSTORE = 'CRYPTO library 2025-07-30 16:18:03 key for opening encryption keys keystore'; export const CONTEXT_RECOVERY = 'CRYPTO library 2025-07-30 16:20:00 key for account recovery'; export const CONTEXT_INDEX = 'CRYPTO library 2025-07-30 17:20:00 key for protecting current search indices'; diff --git a/src/derive-key/core.ts b/src/derive-key/core.ts index af99956..4bd9e60 100644 --- a/src/derive-key/core.ts +++ b/src/derive-key/core.ts @@ -6,7 +6,7 @@ import { ARGON2ID_SALT_BYTE_LENGTH, ARGON2ID_OUTPUT_BYTE_LENGTH, } from '../constants'; -import { randomBytes } from '@noble/post-quantum/utils.js'; +import { randomBytes } from '@noble/hashes/utils.js'; /** * Calculates hash using the argon2id password-hashing function diff --git a/src/derive-key/deriveKeysFromKey.ts b/src/derive-key/deriveKeysFromKey.ts index 9c60b59..91babb4 100644 --- a/src/derive-key/deriveKeysFromKey.ts +++ b/src/derive-key/deriveKeysFromKey.ts @@ -22,28 +22,12 @@ export function deriveSymmetricKeyFromContext(context: string, baseKey: Uint8Arr * @returns The derived secret key */ export function deriveSymmetricKeyFromTwoKeys(key1: Uint8Array, key2: Uint8Array): Uint8Array { - return deriveSymmetricKeyFromTwoKeysAndContext(key1, key2, CONTEXT_DERIVE); -} - -/** - * Derives a symmetric key from two keys and context - * - * @param key1 - The 32-bytes key - * @param key2 - The 32-bytes key - * @param context - The context string - * @returns The derived symmetric key - */ -export function deriveSymmetricKeyFromTwoKeysAndContext( - key1: Uint8Array, - key2: Uint8Array, - context: string, -): Uint8Array { try { if (key2.length != AES_KEY_BYTE_LENGTH || key1.length != AES_KEY_BYTE_LENGTH) { throw new Error(`Input key length must be exactly ${AES_KEY_BYTE_LENGTH} bytes`); } const key = blake3(key1, { key: key2 }); - return blake3(key, { context: UTF8ToUint8(context) }); + return deriveSymmetricKeyFromContext(CONTEXT_DERIVE, key); } catch (error) { throw new Error('Failed to derive symmetric key from two keys and context', { cause: error }); } diff --git a/src/derive-key/deriveKeysFromPassword.ts b/src/derive-key/deriveKeysFromPassword.ts index a686718..2a84d76 100644 --- a/src/derive-key/deriveKeysFromPassword.ts +++ b/src/derive-key/deriveKeysFromPassword.ts @@ -1,4 +1,3 @@ -import { hexToUint8Array, uint8ArrayToHex } from '../utils'; import { argon2, sampleSalt } from './core'; /** @@ -31,48 +30,3 @@ export async function getKeyFromPasswordAndSalt(password: string, salt: Uint8Arr throw new Error('Failed to derive key from password and salt', { cause: error }); } } - -/** - * Derives a HEX symmetric key from a user's password with a randomly sampled salt - * - * @param password - The user's password - * @returns The derived HEX secret key and randomly sampled HEX salt - */ -export async function getKeyFromPasswordHex(password: string): Promise<{ keyHex: string; saltHex: string }> { - try { - const { key, salt } = await getKeyFromPassword(password); - return { keyHex: uint8ArrayToHex(key), saltHex: uint8ArrayToHex(salt) }; - } catch (error) { - throw new Error('Failed to derive key from password', { cause: error }); - } -} - -/** - * Derives a HEX symmetric key from a user's password and salt - * - * @param password - The user's password - * @param saltHex - The given HEX salt - * @returns The derived HEX secret key - */ -export async function getKeyFromPasswordAndSaltHex(password: string, saltHex: string): Promise { - try { - const salt = hexToUint8Array(saltHex); - const key = await getKeyFromPasswordAndSalt(password, salt); - return uint8ArrayToHex(key); - } catch (error) { - throw new Error('Failed to derive key from password and salt', { cause: error }); - } -} - -/** - * Verifies the derived key - * - * @param password - The user's password - * @param saltHex - The given HEX salt - * @param keyHex - The derived HEX key - * @returns The result of the key verification - */ -export async function verifyKeyFromPasswordHex(password: string, saltHex: string, keyHex: string): Promise { - const result = await getKeyFromPasswordAndSaltHex(password, saltHex); - return keyHex === result; -} diff --git a/src/hash/blake3.ts b/src/hash/blake3.ts index 1c997e6..4b95982 100644 --- a/src/hash/blake3.ts +++ b/src/hash/blake3.ts @@ -1,11 +1,10 @@ import { blake3 } from '@noble/hashes/blake3.js'; -import { bytesToHex } from '@noble/hashes/utils.js'; /** * Hashes the given array of data * - * @param data - The data to hash - * @returns The resulting hash array + * @param data - The array of data + * @returns The resulting hash */ export function hashDataArray(data: Uint8Array[]): Uint8Array { try { @@ -20,24 +19,12 @@ export function hashDataArray(data: Uint8Array[]): Uint8Array { } /** - * Hashes the given array of data + * Hashes the given array of data with the given key * - * @param data - The data to hash - * @returns The resulting hash hex string + * @param hashKey - The key for keyed hashing + * @param data - The array of data + * @returns The resulting keyed hash */ -export function hashDataArrayHex(data: Uint8Array[]): string { - return bytesToHex(hashDataArray(data)); -} - -export function hashDataArrayWithKeyHex(hashKey: Uint8Array, data: Uint8Array[]): string { - try { - const hash = hashDataArrayWithKey(hashKey, data); - return bytesToHex(hash); - } catch (error) { - throw new Error('Failed to compute hash hex', { cause: error }); - } -} - export function hashDataArrayWithKey(hashKey: Uint8Array, data: Uint8Array[]): Uint8Array { try { const hasher = blake3.create({ key: hashKey }); @@ -51,13 +38,13 @@ export function hashDataArrayWithKey(hashKey: Uint8Array, data: Uint8Array[]): U } /** - * Hashes the given array of data using blake3 algorithm + * Hashes the given array of data to the desired byte-length * + * @param data - The array of data * @param bytes - The desired output byte-length - * @param data - The data to hash - * @returns The resulting hash value + * @returns The resulting hash of the desired byte-length */ -export function getBytesFromDataArray(bytes: number, data: Uint8Array[]): Uint8Array { +export function getBytesFromDataArray(data: Uint8Array[], bytes: number): Uint8Array { try { const hasher = blake3.create({ dkLen: bytes }); for (const chunk of data) { @@ -70,39 +57,33 @@ export function getBytesFromDataArray(bytes: number, data: Uint8Array[]): Uint8A } /** - * Hashes the given array of data using blake3 algorithm + * Hashes the given data * - * @param bytes - The desired output byte-length - * @param data - The data to hash - * @returns The resulting hash value + * @param data - The data + * @returns The resulting hash */ -export function getBytesFromDataArrayHex(bytes: number, data: Uint8Array[]): string { - try { - const hash = getBytesFromDataArray(bytes, data); - return bytesToHex(hash); - } catch (error) { - throw new Error('Failed to get bytes from data', { cause: error }); - } +export function hashData(data: Uint8Array): Uint8Array { + return blake3(data); } /** - * Hashes the given string using blake3 algorithm + * Hashes the given data with the given key * - * @param bytes - The desired output byte-length - * @param data - The data to hash - * @returns The resulting hash value + * @param hashKey - The key for keyed hashing + * @param data - The data + * @returns The resulting keyed hash */ -export function getBytesFromData(bytes: number, data: Uint8Array): Uint8Array { - return blake3(data, { dkLen: bytes }); +export function hashDataWithKey(hashKey: Uint8Array, data: Uint8Array): Uint8Array { + return blake3(data, { key: hashKey }); } /** - * Hashes the given data using blake3 algorithm + * Hashes the given data to the desired byte-length * + * @param data - The data * @param bytes - The desired output byte-length - * @param data - The data to hash - * @returns The resulting hash value + * @returns The resulting hash of the desired byte-length */ -export function getBytesFromDataHex(bytes: number, data: Uint8Array): string { - return bytesToHex(getBytesFromData(bytes, data)); +export function getBytesFromData(data: Uint8Array, bytes: number): Uint8Array { + return blake3(data, { dkLen: bytes }); } diff --git a/src/hash/index.ts b/src/hash/index.ts index e8d93aa..42f42fe 100644 --- a/src/hash/index.ts +++ b/src/hash/index.ts @@ -1,2 +1 @@ export * from './blake3'; -export * from './mac'; diff --git a/src/hash/mac.ts b/src/hash/mac.ts deleted file mode 100644 index 8b554df..0000000 --- a/src/hash/mac.ts +++ /dev/null @@ -1,20 +0,0 @@ -import { bytesToHex } from '@noble/hashes/utils.js'; -import { AES_KEY_BYTE_LENGTH } from '../constants'; -import { getBytesFromData, hashDataArrayWithKey } from './blake3'; - -/** - * Computes mac for the given key material and data - * - * @param keyMaterial - The key material - * @param data - The data to hash - * @returns The resulting hash hex string - */ -export function computeMac(keyMaterial: Uint8Array, data: Uint8Array[]): string { - try { - const key = getBytesFromData(AES_KEY_BYTE_LENGTH, keyMaterial); - const hash = hashDataArrayWithKey(key, data); - return bytesToHex(hash); - } catch (error) { - throw new Error('Failed to compute mac', { cause: error }); - } -} diff --git a/src/index.ts b/src/index.ts index 8b93549..8ce2132 100644 --- a/src/index.ts +++ b/src/index.ts @@ -1,13 +1,9 @@ export { deriveSecretKey, generateEccKeys } from './asymmetric-crypto'; export { deriveSymmetricKeyFromTwoKeys, - deriveSymmetricKeyFromTwoKeysAndContext, deriveSymmetricKeyFromContext, getKeyFromPassword, getKeyFromPasswordAndSalt, - getKeyFromPasswordHex, - getKeyFromPasswordAndSaltHex, - verifyKeyFromPasswordHex, } from './derive-key'; export { encryptEmailHybrid, @@ -45,12 +41,10 @@ export { export { hashDataArray, hashDataArrayWithKey, - hashDataArrayHex, - hashDataArrayWithKeyHex, + getBytesFromDataArray, + hashData, + hashDataWithKey, getBytesFromData, - getBytesFromDataHex, - getBytesFromDataArrayHex, - computeMac, } from './hash'; export { unwrapKey, wrapKey } from './key-wrapper'; export { createEncryptionAndRecoveryKeystores, openEncryptionKeystore, openRecoveryKeystore } from './keystore-crypto'; diff --git a/src/key-wrapper/aesWrapper.ts b/src/key-wrapper/aesWrapper.ts index 709a22b..5013a78 100644 --- a/src/key-wrapper/aesWrapper.ts +++ b/src/key-wrapper/aesWrapper.ts @@ -1,25 +1,5 @@ -import { CONTEXT_WRAPPING } from '../constants'; -import { deriveSymmetricKeyFromTwoKeysAndContext } from '../derive-key'; import { aeskw } from '@noble/ciphers/aes.js'; -/** - * Derives wrapping key from two secrets - * - * @param eccSecret - The secret exchanged via elliptic curves - * @param kyberSecret - The secret exchanged via Kyber KEM - * @returns The resulting wrapping key - */ -export async function deriveWrappingKey(eccSecret: Uint8Array, kyberSecret: Uint8Array): Promise { - try { - if (eccSecret.length !== kyberSecret.length) { - throw new Error('secrets must have equal length'); - } - return deriveSymmetricKeyFromTwoKeysAndContext(eccSecret, kyberSecret, CONTEXT_WRAPPING); - } catch (error) { - throw new Error('Failed to derive wrapping key', { cause: error }); - } -} - /** * Unwraps the given wrapped key * diff --git a/src/keystore-crypto/core.ts b/src/keystore-crypto/core.ts index a124123..353bd15 100644 --- a/src/keystore-crypto/core.ts +++ b/src/keystore-crypto/core.ts @@ -1,8 +1,7 @@ import { encryptSymmetrically, decryptSymmetrically } from '../symmetric-crypto'; import { base64ToUint8Array, uint8ArrayToBase64, UTF8ToUint8, mnemonicToBytes } from '../utils'; import { deriveSymmetricKeyFromContext } from '../derive-key'; -import { CONTEXT_ENC_KEYSTORE, AES_KEY_BYTE_LENGTH, CONTEXT_RECOVERY } from '../constants'; -import { getBytesFromData } from '../hash'; +import { CONTEXT_ENC_KEYSTORE, CONTEXT_RECOVERY } from '../constants'; import { EncryptedKeystore, HybridKeyPair, KeystoreType } from '../types'; /** @@ -70,8 +69,7 @@ export async function decryptKeystoreContent( */ export async function deriveRecoveryKey(recoveryCodes: string): Promise { const recoverCodesArray = mnemonicToBytes(recoveryCodes); - const recoveryCodesBuffer = getBytesFromData(AES_KEY_BYTE_LENGTH, recoverCodesArray); - return deriveSymmetricKeyFromContext(CONTEXT_RECOVERY, recoveryCodesBuffer); + return deriveSymmetricKeyFromContext(CONTEXT_RECOVERY, recoverCodesArray); } /** diff --git a/tests/derive-keys/deriveKeysFromPwd.test.ts b/tests/derive-keys/deriveKeysFromPwd.test.ts index a1b05c2..12a2e1e 100644 --- a/tests/derive-keys/deriveKeysFromPwd.test.ts +++ b/tests/derive-keys/deriveKeysFromPwd.test.ts @@ -1,11 +1,5 @@ import { describe, expect, it } from 'vitest'; -import { - getKeyFromPasswordAndSalt, - verifyKeyFromPasswordHex, - getKeyFromPasswordAndSaltHex, - getKeyFromPasswordHex, - getKeyFromPassword, -} from '../../src/derive-key'; +import { getKeyFromPasswordAndSalt, getKeyFromPassword } from '../../src/derive-key'; import { argon2, sampleSalt } from '../../src/derive-key/core'; import { uint8ArrayToHex } from '../../src/utils'; @@ -38,14 +32,6 @@ describe('Test Argon2', () => { expect(test_salt_1).not.toBe(test_salt_2); }); - it('should sucessfully verify generated from the password and salt key', async () => { - const test_password = 'text demo'; - const test_salt = uint8ArrayToHex(sampleSalt()); - const test_key = await getKeyFromPasswordAndSaltHex(test_password, test_salt); - const result = await verifyKeyFromPasswordHex(test_password, test_salt, test_key); - expect(result).toBe(true); - }); - it('should give the same result for the same password and salt', async () => { const test_password = 'text demo'; const test_salt = sampleSalt(); @@ -54,24 +40,7 @@ describe('Test Argon2', () => { expect(result1).toStrictEqual(result2); }); - it('should give different result for the same password but different salt', async () => { - const test_password = 'text demo'; - const test_salt_1 = uint8ArrayToHex(sampleSalt()); - const test_salt_2 = uint8ArrayToHex(sampleSalt()); - const result1 = await getKeyFromPasswordAndSaltHex(test_password, test_salt_1); - const result2 = await getKeyFromPasswordAndSaltHex(test_password, test_salt_2); - expect(result1).not.toBe(result2); - }); - - it('should sucessfully verify generated from the password key', async () => { - const test_password = 'text demo'; - const { keyHex: hash, saltHex: salt } = await getKeyFromPasswordHex(test_password); - const result = await verifyKeyFromPasswordHex(test_password, salt, hash); - expect(result).toBe(true); - }); - it('should throw an error if no password is given', async () => { - await expect(getKeyFromPasswordHex('')).rejects.toThrowError(/Failed to derive key from password/); await expect(getKeyFromPassword('')).rejects.toThrowError(/Failed to derive key from password/); }); @@ -84,12 +53,5 @@ describe('Test Argon2', () => { await expect(getKeyFromPasswordAndSalt('', test_salt)).rejects.toThrowError( /Failed to derive key from password and salt/, ); - - await expect(getKeyFromPasswordAndSaltHex(test_password, '')).rejects.toThrowError( - /Failed to derive key from password and salt/, - ); - await expect(getKeyFromPasswordAndSaltHex('', uint8ArrayToHex(test_salt))).rejects.toThrowError( - /Failed to derive key from password and salt/, - ); }); }); diff --git a/tests/hash/blake3.test.ts b/tests/hash/blake3.test.ts index d42133e..69f5991 100644 --- a/tests/hash/blake3.test.ts +++ b/tests/hash/blake3.test.ts @@ -1,5 +1,13 @@ import { describe, expect, it } from 'vitest'; -import { getBytesFromDataHex, hashDataArrayHex, getBytesFromDataArrayHex } from '../../src/hash'; +import { + getBytesFromData, + hashDataArray, + hashData, + getBytesFromDataArray, + hashDataWithKey, + hashDataArrayWithKey, +} from '../../src/hash'; +import { uint8ArrayToHex, UTF8ToUint8 } from '../../src/utils'; describe('Test hash module with blake3 test vectors', () => { function getBuffer(length: number) { @@ -18,73 +26,96 @@ describe('Test hash module with blake3 test vectors', () => { it('should compute correct hash value', () => { const message = new Uint8Array(); - const result = hashDataArrayHex([message]); + const resultArray = hashDataArray([message]); + const result = hashData(message); + const resultHex = uint8ArrayToHex(result); + const resultArrayHex = uint8ArrayToHex(resultArray); const testResult = 'af1349b9f5f9a1a6a0404dea36dcc9499bcb25c9adc112b7cc9a93cae41f3262'; - expect(result).toStrictEqual(testResult); + expect(resultHex).toStrictEqual(testResult); + expect(resultHex).toStrictEqual(resultArrayHex); }); it('should pass test with input length 0 from blake3 team', () => { const message = new Uint8Array(); - const result = getBytesFromDataArrayHex(expectedLen, [message]); - const result_string = getBytesFromDataHex(expectedLen, message); + const resultArray = getBytesFromDataArray([message], expectedLen); + const result = getBytesFromData(message, expectedLen); + const resultArrayHex = uint8ArrayToHex(resultArray); + const resultHex = uint8ArrayToHex(result); const testResult = 'af1349b9f5f9a1a6a0404dea36dcc9499bcb25c9adc112b7cc9a93cae41f3262e00f03e7b69af26b7faaf09fcd333050338ddfe085b8cc869ca98b206c08243a26f5487789e8f660afe6c99ef9e0c52b92e7393024a80459cf91f476f9ffdbda7001c22e159b402631f277ca96f2defdf1078282314e763699a31c5363165421cce14d'; - expect(result).toStrictEqual(result_string); - expect(result).toStrictEqual(testResult); + expect(resultHex).toStrictEqual(resultArrayHex); + expect(resultHex).toStrictEqual(testResult); }); it('should pass test with input length 1 from blake3 team', () => { const message = new Uint8Array([0]); - const result = getBytesFromDataArrayHex(expectedLen, [message]); + const result = getBytesFromDataArray([message], expectedLen); + const resultHex = uint8ArrayToHex(result); const testResult = '2d3adedff11b61f14c886e35afa036736dcd87a74d27b5c1510225d0f592e213c3a6cb8bf623e20cdb535f8d1a5ffb86342d9c0b64aca3bce1d31f60adfa137b358ad4d79f97b47c3d5e79f179df87a3b9776ef8325f8329886ba42f07fb138bb502f4081cbcec3195c5871e6c23e2cc97d3c69a613eba131e5f1351f3f1da786545e5'; - expect(result).toStrictEqual(testResult); + expect(resultHex).toStrictEqual(testResult); }); it('should pass test with input length 2 from blake3 team', () => { const message = new Uint8Array([0, 1]); - const result = getBytesFromDataArrayHex(expectedLen, [message]); + const result = getBytesFromDataArray([message], expectedLen); + const resultHex = uint8ArrayToHex(result); const testResult = '7b7015bb92cf0b318037702a6cdd81dee41224f734684c2c122cd6359cb1ee63d8386b22e2ddc05836b7c1bb693d92af006deb5ffbc4c70fb44d0195d0c6f252faac61659ef86523aa16517f87cb5f1340e723756ab65efb2f91964e14391de2a432263a6faf1d146937b35a33621c12d00be8223a7f1919cec0acd12097ff3ab00ab1'; - expect(result).toStrictEqual(testResult); + expect(resultHex).toStrictEqual(testResult); }); it('should pass test with input length 7 from blake3 team', async () => { const message = getBuffer(7); - const result = await getBytesFromDataArrayHex(expectedLen, [message]); + const result = getBytesFromDataArray([message], expectedLen); + const resultHex = uint8ArrayToHex(result); const testResult = '3f8770f387faad08faa9d8414e9f449ac68e6ff0417f673f602a646a891419fe66036ef6e6d1a8f54baa9fed1fc11c77cfb9cff65bae915045027046ebe0c01bf5a941f3bb0f73791d3fc0b84370f9f30af0cd5b0fc334dd61f70feb60dad785f070fef1f343ed933b49a5ca0d16a503f599a365a4296739248b28d1a20b0e2cc8975c'; - expect(result).toStrictEqual(testResult); + expect(resultHex).toStrictEqual(testResult); }); it('should pass test with input length 63 from blake3 team', async () => { const message = getBuffer(63); - const result = await getBytesFromDataArrayHex(expectedLen, [message]); + const result = getBytesFromDataArray([message], expectedLen); + const resultHex = uint8ArrayToHex(result); const testResult = 'e9bc37a594daad83be9470df7f7b3798297c3d834ce80ba85d6e207627b7db7b1197012b1e7d9af4d7cb7bdd1f3bb49a90a9b5dec3ea2bbc6eaebce77f4e470cbf4687093b5352f04e4a4570fba233164e6acc36900e35d185886a827f7ea9bdc1e5c3ce88b095a200e62c10c043b3e9bc6cb9b6ac4dfa51794b02ace9f98779040755'; - expect(result).toStrictEqual(testResult); + expect(resultHex).toStrictEqual(testResult); + + const keyStr = 'whats the Elvish word for friend'; + const key = UTF8ToUint8(keyStr); + const keyedHash = hashDataWithKey(key, message); + const keyedHashHex = uint8ArrayToHex(keyedHash); + + const keyedHashArray = hashDataArrayWithKey(key, [message]); + const keyedHashArrayHex = uint8ArrayToHex(keyedHashArray); + const testKeyedHash = 'bb1eb5d4afa793c1ebdd9fb08def6c36d10096986ae0cfe148cd101170ce37ae'; + expect(keyedHashHex).toStrictEqual(testKeyedHash); + expect(keyedHashHex).toStrictEqual(keyedHashArrayHex); }); it('should pass test with input length 1023 from blake3 team', async () => { const message = getBuffer(1023); - const result = await getBytesFromDataArrayHex(expectedLen, [message]); + const result = getBytesFromDataArray([message], expectedLen); + const resultHex = uint8ArrayToHex(result); const testResult = '10108970eeda3eb932baac1428c7a2163b0e924c9a9e25b35bba72b28f70bd11a182d27a591b05592b15607500e1e8dd56bc6c7fc063715b7a1d737df5bad3339c56778957d870eb9717b57ea3d9fb68d1b55127bba6a906a4a24bbd5acb2d123a37b28f9e9a81bbaae360d58f85e5fc9d75f7c370a0cc09b6522d9c8d822f2f28f485'; - expect(result).toStrictEqual(testResult); + expect(resultHex).toStrictEqual(testResult); }); it('should pass test with input length 102400 from blake3 team', async () => { const message = getBuffer(102400); - const result = await getBytesFromDataArrayHex(expectedLen, [message]); + const result = getBytesFromDataArray([message], expectedLen); + const resultHex = uint8ArrayToHex(result); const testResult = 'bc3e3d41a1146b069abffad3c0d44860cf664390afce4d9661f7902e7943e085e01c59dab908c04c3342b816941a26d69c2605ebee5ec5291cc55e15b76146e6745f0601156c3596cb75065a9c57f35585a52e1ac70f69131c23d611ce11ee4ab1ec2c009012d236648e77be9295dd0426f29b764d65de58eb7d01dd42248204f45f8e'; - expect(result).toStrictEqual(testResult); + expect(resultHex).toStrictEqual(testResult); }); }); diff --git a/tests/hash/mac.test.ts b/tests/hash/mac.test.ts deleted file mode 100644 index fccb10f..0000000 --- a/tests/hash/mac.test.ts +++ /dev/null @@ -1,20 +0,0 @@ -import { describe, expect, it } from 'vitest'; -import { computeMac, hashDataArrayWithKeyHex } from '../../src/hash'; - -describe('Test mac via blake3 test vectors', () => { - it('keyed hash should work with blake 3 test vector', async () => { - const key = new TextEncoder().encode('whats the Elvish word for friend'); - const data = new Uint8Array([0, 1, 2, 3, 4, 5, 6]); - const mac = hashDataArrayWithKeyHex(key, [data]); - expect(mac).toEqual('af0a7ec382aedc0cfd626e49e7628bc7a353a4cb108855541a5651bf64fbb28a'); - }); - - it('compute should work', async () => { - const key = new TextEncoder().encode( - 'Srp6AzybbyludWuaVwGoHa1C2H0Qtv7JR0sKGLSWe8Ho8_q9hezfYD2RYb9IUrW999pH4VlABgDLse484zAapg', - ); - const data = [new TextEncoder().encode('test'), new TextEncoder().encode('this'), new TextEncoder().encode('mac')]; - const mac = computeMac(key, data); - expect(mac).toEqual('69e61015d45f1d2e33e380952cada43dd293e45188bfee5e35635e6d12edd815'); - }); -}); diff --git a/tests/key-wrapper/aesWrapper.test.ts b/tests/key-wrapper/aesWrapper.test.ts index e6f913b..4c68962 100644 --- a/tests/key-wrapper/aesWrapper.test.ts +++ b/tests/key-wrapper/aesWrapper.test.ts @@ -1,24 +1,10 @@ import { describe, expect, it } from 'vitest'; -import { wrapKey, unwrapKey, deriveWrappingKey } from '../../src/key-wrapper'; +import { wrapKey, unwrapKey } from '../../src/key-wrapper'; import { genSymmetricKey } from '../../src/symmetric-crypto'; -import { AES_KEY_BYTE_LENGTH } from '../../src/constants'; describe('Test key wrapping functions', () => { - it('should scuessfully derive wrapping key', async () => { - const secret1 = genSymmetricKey(); - const secret2 = genSymmetricKey(); - - const result = await deriveWrappingKey(secret1, secret2); - - expect(result).toBeInstanceOf(Uint8Array); - expect(result.length).toBe(AES_KEY_BYTE_LENGTH); - }); - it('should scuessfully wrap and unwrap key', async () => { - const secret1 = genSymmetricKey(); - const secret2 = genSymmetricKey(); - - const wrappingKey = await deriveWrappingKey(secret1, secret2); + const wrappingKey = genSymmetricKey(); const encryptionKey = genSymmetricKey(); const ciphertext = await wrapKey(encryptionKey, wrappingKey); @@ -26,10 +12,4 @@ describe('Test key wrapping functions', () => { expect(result).toStrictEqual(encryptionKey); }); - - it('should throw error if secrets are of different length', async () => { - const ecc = new Uint8Array([1, 2, 3, 4, 5, 6, 7, 8, 9, 10]); - const kyber = new Uint8Array([1, 2, 3, 4, 5, 6, 7, 8, 9]); - await expect(deriveWrappingKey(ecc, kyber)).rejects.toThrowError(/Failed to derive wrapping key/); - }); });