Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
test('\n\n** CryptoKeyStore tests - getKey error tests **\n\n', (t) => {
// override t.end function so it'll always clear the config settings
testutil.resetDefaults();
const cryptoSuite = utils.newCryptoSuite();
cryptoSuite.getKey('blah').catch(err => {
t.ok(err.toString().includes('getKey requires CryptoKeyStore to be set.'),
'Test missing cryptoKeyStore: cryptoSuite.getKey');
t.end();
});
});
test('\n\n** utils.newCryptoSuite tests **\n\n', (t) => {
testutil.resetDefaults();
let cs = utils.newCryptoSuite({keysize: 384, algorithm: 'EC'});
t.equal(cs instanceof CryptoSuite_ECDSA_AES, true, 'Should return an instance of CryptoSuite_ECDSA_AES');
t.equal(cs._keySize, 384, 'Returned instance should have keysize of 384');
cs = utils.newCryptoSuite({keysize: 384});
t.equal(cs instanceof CryptoSuite_ECDSA_AES, true, 'Default test: should return an instance of CryptoSuite_ECDSA_AES');
t.equal(cs._keySize, 384, 'Returned instance should have keysize of 384');
cs = utils.newCryptoSuite({algorithm: 'EC'});
t.equal(cs instanceof CryptoSuite_ECDSA_AES, true, 'Should return an instance of CryptoSuite_ECDSA_AES');
t.equal(cs._keySize, 256, 'Returned instance should have keysize of 256');
// each app instance is expected to use either HSM or software-based key management, as such this question
// is answered with a config setting rather than controlled on a case-by-case basis
utils.setConfigSetting('crypto-hsm', true);
/* eslint-disable-next-line */
let expectedError = '/Error:.*\/usr\/local\/lib/';
let expectedError = '/Error:.*\/usr\/local\/lib/';
if (process.platform === 'win32') {
expectedError = 'Error: Win32 error 126/';
}
t.throws(
() => {
cs = utils.newCryptoSuite({lib: '/usr/local/lib', slot: 0, pin: '1234'});
},
expectedError,
'Should attempt to load the bccsp_pkcs11 module and fail because of the dummy library path'
);
// Control crypto-hsm settings via env variable
process.env.CRYPTO_HSM = false;
testutil.resetDefaults();
cs = utils.newCryptoSuite({keysize: 384, algorithm: 'EC'});
t.equal(cs instanceof CryptoSuite_ECDSA_AES, true, 'Should return an instance of CryptoSuite_ECDSA_AES');
t.equal(cs._keySize, 384, 'Returned instance should have keysize of 384');
process.env.CRYPTO_HSM = true;
testutil.resetDefaults();
t.throws(
() => {
cs = utils.newCryptoSuite({keysize: 384, algorithm: 'EC'});
},
/PKCS11 library path must be specified/,
'Should attempt to load the bccsp_pkcs11 module and fail because of the lack of library path'
);
process.env.CRYPTO_HSM = true;
testutil.resetDefaults();
t.throws(
},
/A valid signature is required to verify/,
'CryptoSuite_ECDSA_AES function tests: verify() should throw "A valid signature is required to verify"'
);
t.throws(
() => {
cryptoUtils.verify('dummy key', 'dummy signature');
},
/A valid message is required to verify/,
'CryptoSuite_ECDSA_AES function tests: verify() should throw "A valid message is required to verify"'
);
utils.setConfigSetting('crypto-keysize', 256);
utils.setConfigSetting('crypto-hash-algo', 'SHA2');
cryptoUtils = utils.newCryptoSuite();
cryptoUtils.setCryptoKeyStore(utils.newCryptoKeyStore());
const testVerify = function (sig, msg, expected) {
// manually construct a key based on the saved privKeyHex and pubKeyHex
const f = new ECDSA({curve: 'secp256r1'});
f.setPrivateKeyHex(TEST_KEY_PRIVATE);
f.setPublicKeyHex(TEST_KEY_PUBLIC);
f.isPrivate = true;
f.isPublic = false;
t.equal(cryptoUtils.verify(new ecdsaKey(f), sig, msg), expected,
'CryptoSuite_ECDSA_AES function tests: verify() method');
};
// these signatures have S values larger than N/2
testVerify(TEST_MSG_SIGNATURE_SHA2_256, TEST_MSG, false);
t.equal(cryptoUtils.hash(TEST_MSG), HASH_MSG_SHA256,
'CryptoSuite_ECDSA_AES function tests: using "SHA2" hashing algorithm with default key size which should be 256');
t.equal(cryptoUtils.hash(TEST_LONG_MSG), HASH_LONG_MSG_SHA256,
'CryptoSuite_ECDSA_AES function tests: using "SHA2" hashing algorithm with default key size which should be 256');
// test SHA384 hash
utils.setConfigSetting('crypto-keysize', 384);
cryptoUtils = utils.newCryptoSuite();
t.equal(cryptoUtils.hash(TEST_MSG), HASH_MSG_SHA384,
'CryptoSuite_ECDSA_AES function tests: using "SHA2" hashing algorithm with default key size which should be 384');
// reset to default key size
utils.setConfigSetting('crypto-keysize', 256);
utils.setConfigSetting('key-value-store', 'fabric-common/lib/impl/FileKeyValueStore.js');// force for gulp test
cryptoUtils = utils.newCryptoSuite();
cryptoUtils.setCryptoKeyStore(utils.newCryptoKeyStore());
cryptoUtils.generateKey()
.then((key) => {
t.equal('secp256r1', key.getPublicKey()._key.curveName,
'CryptoSuite_ECDSA_AES function tests: cryptoUtils generated public key curveName == secp256r1');
// test curve 256 with SHA3_256
utils.setConfigSetting('crypto-hash-algo', 'SHA3');
utils.setConfigSetting('crypto-keysize', 256);
cryptoUtils = utils.newCryptoSuite();
cryptoUtils.setCryptoKeyStore(utils.newCryptoKeyStore());
return cryptoUtils.generateKey();
}, (err) => {
t.fail('Failed to generateKey. Can not progress any further. Exiting. ' + err.stack ? err.stack : err);
t.end();
throw new Error('Client.createUser parameter \'opts mspid\' is required.');
}
if (opts.cryptoContent) {
if (!opts.cryptoContent.privateKey && !opts.cryptoContent.privateKeyPEM && !opts.cryptoContent.privateKeyObj) {
throw new Error('Client.createUser one of \'opts cryptoContent privateKey, privateKeyPEM or privateKeyObj\' is required.');
}
if (!opts.cryptoContent.signedCert && !opts.cryptoContent.signedCertPEM) {
throw new Error('Client.createUser either \'opts cryptoContent signedCert or signedCertPEM\' is required.');
}
} else {
throw new Error('Client.createUser parameter \'opts cryptoContent\' is required.');
}
if (this.getCryptoSuite() === null) {
logger.debug('cryptoSuite is null, creating default cryptoSuite and cryptoKeyStore');
this.setCryptoSuite(sdkUtils.newCryptoSuite());
const cryptoStore = Client.newCryptoKeyStore();
this.getCryptoSuite().setCryptoKeyStore(cryptoStore);
} else {
if (this.getCryptoSuite()._cryptoKeyStore) {
logger.debug('cryptoSuite has a cryptoKeyStore');
} else {
logger.debug('cryptoSuite does not have a cryptoKeyStore');
}
}
// need to load private key and pre-enrolled certificate from files based on the MSP
// root MSP config directory structure:
//
// \_ keystore
// \_ admin.pem <<== this is the private key saved in PEM file
// \_ signcerts
test('\n\n ** CryptoSuite_ECDSA_AES - generateEphemeralKey tests **\n\n', (t) => {
testutil.resetDefaults();
const cryptoUtils = utils.newCryptoSuite();
const key = cryptoUtils.generateEphemeralKey();
if (key && key._key && key._key.type === 'EC') {
t.pass('generateEphemeralKey returned key');
t.end();
} else {
t.fail('generateEphemeralKey did not return key');
t.end();
}
});
test('\n\n ** CryptoSuite_ECDSA_AES - createKeyFromRaw **\n\n', async (t) => {
testutil.resetDefaults();
const cryptoUtils = utils.newCryptoSuite();
const key = cryptoUtils.createKeyFromRaw(TEST_KEY_PRIVATE_PEM);
if (key && key._key && key._key.type === 'EC') {
t.pass('importKey returned key using ephemeral true');
} else {
t.fail('importKey did not return key using ephemeral true');
}
});
() => {
cs = utils.newCryptoSuite({lib: '/usr/local/lib', slot: 0, pin: '1234'});
},
expectedError,
addMSP(config) {
if (!config.cryptoSuite) {
config.cryptoSuite = utils.newCryptoSuite();
}
const msp = new MSP(config);
logger.debug('addMSP - msp=', msp.getId());
this._msps[msp.getId()] = msp;
return msp;
}