|
| 1 | +/*! |
| 2 | + * |
| 3 | + * Copyright (c) 2017 Cisco Systems, Inc. See LICENSE file. |
| 4 | + */ |
| 5 | + |
| 6 | +"use strict"; |
| 7 | + |
| 8 | +var forEach = require("lodash.foreach"); |
| 9 | +var chai = require("chai"); |
| 10 | + |
| 11 | +var JWE = require("../../lib/jwe"), |
| 12 | + JWK = require("../../lib/jwk"); |
| 13 | + |
| 14 | +var assert = chai.assert; |
| 15 | + |
| 16 | +describe("jwe/ecdhinvalid", function() { |
| 17 | + var vectors = [ |
| 18 | + { |
| 19 | + desc: "ECDH-ES+A128KW + A128CBC-HS256", |
| 20 | + jwk: { |
| 21 | + "kty": "EC", |
| 22 | + "kid": "3f7b122d-e9d2-4ff7-bdeb-a1487063d799", |
| 23 | + "crv": "P-256", |
| 24 | + "x": "weNJy2HscCSM6AEDTDg04biOvhFhyyWvOHQfeF_PxMQ", |
| 25 | + "y": "e8lnCO-AlStT-NJVX-crhB7QRYhiix03illJOVAOyck", |
| 26 | + "d": "VEmDZpDXXK8p8N0Cndsxs924q6nS1RXFASRl6BfUqdw" |
| 27 | + }, |
| 28 | + alg: "ECDH-ES+A128KW", |
| 29 | + enc: "A128CBC-HS256", |
| 30 | + plaintext: new Buffer("Gambling is illegal at Bushwood sir, and I never slice.", "utf8") |
| 31 | + } |
| 32 | + ]; |
| 33 | + forEach(vectors, function(v) { |
| 34 | + it("test invalid key for " + v.desc, function() { |
| 35 | + var promise, |
| 36 | + key; |
| 37 | + promise = JWK.asKey(v.jwk); |
| 38 | + promise = promise.then(function(jwk) { |
| 39 | + key = jwk; |
| 40 | + var cfg = { |
| 41 | + contentAlg: v.enc |
| 42 | + }; |
| 43 | + var recipient = { |
| 44 | + key: key, |
| 45 | + header: { |
| 46 | + alg: v.alg |
| 47 | + } |
| 48 | + }; |
| 49 | + var jwe = JWE.createEncrypt(cfg, recipient); |
| 50 | + return jwe.update(v.plaintext).final(); |
| 51 | + }); |
| 52 | + promise = promise.then(function(result) { |
| 53 | + |
| 54 | + //The malicious JWE contains a public key with order 113 |
| 55 | + var maliciousJWE1 = {}; |
| 56 | + maliciousJWE1.protected = "eyJhbGciOiJFQ0RILUVTK0ExMjhLVyIsImVuYyI6IkExMjhDQkMtSFMyNTYiLCJlcGsiOnsia3R5IjoiRUMiLCJ4IjoiZ1RsaTY1ZVRRN3otQmgxNDdmZjhLM203azJVaURpRzJMcFlrV0FhRkpDYyIsInkiOiJjTEFuakthNGJ6akQ3REpWUHdhOUVQclJ6TUc3ck9OZ3NpVUQta2YzMEZzIiwiY3J2IjoiUC0yNTYifX0"; |
| 57 | + maliciousJWE1.encrypted_key = "qGAdxtEnrV_3zbIxU2ZKrMWcejNltjA_dtefBFnRh9A2z9cNIqYRWg"; |
| 58 | + maliciousJWE1.iv = "pEA5kX304PMCOmFSKX_cEg"; |
| 59 | + maliciousJWE1.ciphertext = "a9fwUrx2JXi1OnWEMOmZhXd94-bEGCH9xxRwqcGuG2AMo-AwHoljdsH5C_kcTqlXS5p51OB1tvgQcMwB5rpTxg"; |
| 60 | + maliciousJWE1.tag = "72CHiYFecyDvuUa43KKT6w"; |
| 61 | + |
| 62 | + assert.ok(result); |
| 63 | + var jwe = JWE.createDecrypt(key); |
| 64 | + //this proof that jwk.d (the private key) is equals 26 % 113 |
| 65 | + //THIS CAN BE DOIN MANY TIME |
| 66 | + //.... |
| 67 | + //AND THAN CHINESE REMAINDER THEOREM FTW |
| 68 | + return jwe.decrypt(maliciousJWE1); |
| 69 | + }); |
| 70 | + promise = promise.then(function(result) { |
| 71 | + assert.ok(false, "unexpected success"); |
| 72 | + }, function(err) { |
| 73 | + assert.ok(err); |
| 74 | + }); |
| 75 | + return promise; |
| 76 | + }); |
| 77 | + }); |
| 78 | +}); |
0 commit comments