fix: Conditions for materials-management (#185)

Every condition needs a test.
This also uncovered some missing conditions and tests.
* Remove the test_conditions threshold

Author: seebees

modules/decrypt-node/test/decipher_stream.test.ts

@@ -118,15 +118,4 @@ describe('getDecipherStream', () => {
 
     await expect(test._onAuthTag(Buffer.from([]), () => {})).to.rejectedWith(Error, 'AuthTag before frame.')
   })
-
-  it('Precondition: I must have received all content for this frame.', async () => {
-    /* The fact that I can not figure out how to test this,
-     * makes me want to remove the condition.
-     * However, it is very important to make sure that the entire frame has been accumulated.
-     * I suspect that the fact that frameComplete is a closure,
-     * means that this is impossible.
-     * This kind of non-test is also included in the cryptographic materials
-     * for a similar kind of closure around the udkForVerification.
-     */
-  })
 })

modules/material-management/src/cryptographic_material.ts

@@ -58,7 +58,7 @@ function portableTimingSafeEqual (a: Uint8Array, b: Uint8Array) {
    * Side channel attacks are pernicious and subtle.
    */
   eval('') // eslint-disable-line no-eval
-  /* Check for early return (Postcondition): Size is well-know information
+  /* Check for early return (Postcondition) UNTESTED: Size is well-know information.
    * and does not leak information about contents.
    */
   if (a.byteLength !== b.byteLength) return false
@@ -338,8 +338,9 @@ export function decorateCryptographicMaterial<T extends CryptographicMaterial<T>
     udkForVerification.fill(0)
     unencryptedDataKeyZeroed = true
 
-    /* Postcondition: Both unencryptedDataKey and udkForVerification must be either set or unset.
+    /* Postcondition UNTESTED: Both unencryptedDataKey and udkForVerification must be either set or unset.
      * If it is ever the case that only one was unset, then something is wrong in a profound way.
+     * It is not clear how this could ever happen, unless someone is manipulating the OS...
      */
     needs(unsetCount === 0 || unsetCount === 2, 'Either unencryptedDataKey or udkForVerification was not set.')
     return material
@@ -493,7 +494,7 @@ export function decorateWebCryptoMaterial<T extends WebCryptoMaterial<T>> (mater
     if (!material.hasUnencryptedDataKey) {
       /* Precondition: If the CryptoKey is the only version, the trace information must be set here. */
       needs(trace && trace.keyName && trace.keyNamespace, 'Malformed KeyringTrace')
-      /* Precondition: On set the required KeyringTraceFlag must be set. */
+      /* Precondition: On setting the CryptoKey the required KeyringTraceFlag must be set. */
       needs(trace.flags & setFlags, 'Required KeyringTraceFlag not set')
       /* If I a setting a cryptoKey without an unencrypted data key,
        * an unencrypted data should never be set.

modules/material-management/src/keyring.ts

@@ -50,7 +50,7 @@ export abstract class Keyring<S extends SupportedAlgorithmSuites> {
      */
     needs(material === _material, 'New EncryptionMaterial instances can not be created.')
 
-    /* Postcondition: If this keyring generated data key, it must be the right length.
+    /* Postcondition UNTESTED: If this keyring generated data key, it must be the right length.
      * See cryptographic_materials.ts This is handled in setUnencryptedDataKey
      * this condition is listed here to keep help keep track of important conditions
     */

modules/material-management/test/algorithm_suites.test.ts

@@ -28,10 +28,22 @@ describe('AlgorithmSuiteIdentifier', () => {
 describe('AlgorithmSuite', () => {
   it('should not allow an instance', () => {
     // @ts-ignore Trying to test something that Typescript should deny...
-    expect(() => new AlgorithmSuite()).to.throw()
+    expect(() => new AlgorithmSuite()).to.throw('new AlgorithmSuite is not allowed')
   })
 
   it('prototype should be immutable', () => {
     expect(Object.isFrozen(AlgorithmSuite.prototype))
   })
+
+  it('Precondition: A algorithm suite specification must be passed.', () => {
+    class Test extends AlgorithmSuite {}
+
+    expect(() => new Test(undefined as any)).to.throw('Algorithm specification not set.')
+  })
+
+  it('Precondition: The Algorithm Suite Identifier must exist.', () => {
+    class Test extends AlgorithmSuite {}
+
+    expect(() => new Test({ id: 'does not exist' } as any)).to.throw('No suite by that identifier exists.')
+  })
 })

modules/material-management/test/cryptographic_material.test.ts

@@ -97,12 +97,24 @@ describe('decorateCryptographicMaterial', () => {
     expect(() => test.unencryptedDataKeyLength).to.throw()
   })
 
-  it('Precondition: If the unencryptedDataKey has not been set, it should not be settable later.', () => {
+  it('Precondition: the unencryptedDataKey must not be Zeroed out.', () => {
+    const suite = new NodeAlgorithmSuite(AlgorithmSuiteIdentifier.ALG_AES128_GCM_IV12_TAG16)
+    const test = decorateCryptographicMaterial((<any>{ suite, keyringTrace: [] }), KeyringTraceFlag.WRAPPING_KEY_GENERATED_DATA_KEY)
+    const dataKey = new Uint8Array(suite.keyLengthBytes).fill(1)
+    const trace = { keyNamespace: 'k', keyName: 'k', flags: KeyringTraceFlag.WRAPPING_KEY_GENERATED_DATA_KEY }
+    test.setUnencryptedDataKey(dataKey, trace)
+    test.zeroUnencryptedDataKey()
+    expect(() => test.unencryptedDataKeyLength).to.throw('unencryptedDataKey has been zeroed.')
+  })
+
+  it(`Precondition: If the unencryptedDataKey has not been set, it should not be settable later.
+      Precondition: If the udkForVerification has not been set, it should not be settable later.`, () => {
     const suite = new NodeAlgorithmSuite(AlgorithmSuiteIdentifier.ALG_AES128_GCM_IV12_TAG16)
     const test = decorateCryptographicMaterial((<any>{ suite, keyringTrace: [] }), KeyringTraceFlag.WRAPPING_KEY_GENERATED_DATA_KEY)
     test.zeroUnencryptedDataKey()
     const dataKey = new Uint8Array(suite.keyLengthBytes).fill(1)
     const trace = { keyNamespace: 'k', keyName: 'k', flags: KeyringTraceFlag.WRAPPING_KEY_GENERATED_DATA_KEY }
+    // It is very hard to test this perfectly.  However, this tests the spirit.
     expect(() => test.setUnencryptedDataKey(dataKey, trace)).to.throw()
   })
 
@@ -116,8 +128,32 @@ describe('decorateCryptographicMaterial', () => {
     const suite = new NodeAlgorithmSuite(AlgorithmSuiteIdentifier.ALG_AES128_GCM_IV12_TAG16)
     const test = decorateCryptographicMaterial((<any>{ suite, keyringTrace: [] }), KeyringTraceFlag.WRAPPING_KEY_GENERATED_DATA_KEY)
     const dataKey = new Uint8Array(suite.keyLengthBytes).fill(1)
-    test.setUnencryptedDataKey(dataKey, { keyNamespace: 'k', keyName: 'k', flags: KeyringTraceFlag.WRAPPING_KEY_GENERATED_DATA_KEY })
-    expect(() => test.setUnencryptedDataKey(dataKey)).to.throw()
+    const trace = { keyNamespace: 'k', keyName: 'k', flags: KeyringTraceFlag.WRAPPING_KEY_GENERATED_DATA_KEY }
+    test.setUnencryptedDataKey(dataKey, trace)
+    expect(() => test.setUnencryptedDataKey(dataKey, trace)).to.throw('unencryptedDataKey has already been set')
+  })
+
+  it('Precondition: dataKey should have an ArrayBuffer that *only* stores the key.', () => {
+    const suite = new NodeAlgorithmSuite(AlgorithmSuiteIdentifier.ALG_AES128_GCM_IV12_TAG16)
+    const test = decorateCryptographicMaterial((<any>{ suite, keyringTrace: [] }), KeyringTraceFlag.WRAPPING_KEY_GENERATED_DATA_KEY)
+    const dataKey = new Uint8Array(new ArrayBuffer(suite.keyLengthBytes + 10), 5, suite.keyLengthBytes).fill(1)
+    const trace = { keyNamespace: 'k', keyName: 'k', flags: KeyringTraceFlag.WRAPPING_KEY_GENERATED_DATA_KEY }
+    expect(() => test.setUnencryptedDataKey(dataKey, trace)).to.throw('Unencrypted Master Key must be an isolated buffer.')
+  })
+
+  it('Precondition: Trace must be set, and the flag must indicate that the data key was generated.', () => {
+    const suite = new NodeAlgorithmSuite(AlgorithmSuiteIdentifier.ALG_AES128_GCM_IV12_TAG16)
+    const test = decorateCryptographicMaterial((<any>{ suite, keyringTrace: [] }), KeyringTraceFlag.WRAPPING_KEY_GENERATED_DATA_KEY)
+    const dataKey = new Uint8Array(suite.keyLengthBytes).fill(1)
+    expect(() => test.setUnencryptedDataKey(dataKey, {} as any)).to.throw('Malformed KeyringTrace')
+  })
+
+  it('Precondition: On set the required KeyringTraceFlag must be set.', () => {
+    const suite = new NodeAlgorithmSuite(AlgorithmSuiteIdentifier.ALG_AES128_GCM_IV12_TAG16)
+    const test = decorateCryptographicMaterial((<any>{ suite, keyringTrace: [] }), KeyringTraceFlag.WRAPPING_KEY_GENERATED_DATA_KEY)
+    const dataKey = new Uint8Array(suite.keyLengthBytes).fill(1)
+    const trace = { keyNamespace: 'k', keyName: 'k', flags: KeyringTraceFlag.WRAPPING_KEY_SIGNED_ENC_CTX }
+    expect(() => test.setUnencryptedDataKey(dataKey, trace)).to.throw('Required KeyringTraceFlag not set')
   })
 
   it('Precondition: The unencryptedDataKey must not have been modified.', () => {
@@ -172,6 +208,13 @@ describe('decorateEncryptionMaterial', () => {
     expect(() => test.addEncryptedDataKey(edk, KeyringTraceFlag.WRAPPING_KEY_ENCRYPTED_DATA_KEY)).to.throw()
   })
 
+  it('Precondition: flags must indicate that the key was encrypted.', () => {
+    const suite = new NodeAlgorithmSuite(AlgorithmSuiteIdentifier.ALG_AES128_GCM_IV12_TAG16)
+    const test: any = decorateEncryptionMaterial((<any>{ suite, keyringTrace: [], hasUnencryptedDataKey: true }))
+    const edk = new EncryptedDataKey({ providerId: 'p', providerInfo: 'p', encryptedDataKey: new Uint8Array(3) })
+    expect(() => test.addEncryptedDataKey(edk, KeyringTraceFlag.WRAPPING_KEY_VERIFIED_ENC_CTX)).to.throw('Encrypted data key flag must be set.')
+  })
+
   it('Precondition: The SignatureKey stored must agree with the algorithm specification.', () => {
     const suiteWithSig = new NodeAlgorithmSuite(AlgorithmSuiteIdentifier.ALG_AES256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384)
     const suite = new NodeAlgorithmSuite(AlgorithmSuiteIdentifier.ALG_AES128_GCM_IV12_TAG16)
@@ -309,6 +352,27 @@ describe('decorateWebCryptoMaterial', () => {
     expect(() => test.setCryptoKey(key2, trace)).to.throw()
   })
 
+  it('Precondition: If the CryptoKey is the only version, the trace information must be set here.', () => {
+    const suite = new NodeAlgorithmSuite(AlgorithmSuiteIdentifier.ALG_AES128_GCM_IV12_TAG16_HKDF_SHA256_ECDSA_P256)
+    const test: any = decorateWebCryptoMaterial((<any>{ suite, validUsages: ['deriveKey'], keyringTrace: [] }), KeyringTraceFlag.WRAPPING_KEY_DECRYPTED_DATA_KEY)
+    decorateCryptographicMaterial(test, KeyringTraceFlag.WRAPPING_KEY_DECRYPTED_DATA_KEY)
+
+    const key: any = { type: 'secret', algorithm: { name: 'HKDF' }, usages: ['deriveKey'], extractable: false }
+    expect(() => test.setCryptoKey(key, { keyNamespace: 'k', flags: KeyringTraceFlag.WRAPPING_KEY_DECRYPTED_DATA_KEY })).to.throw('Malformed KeyringTrace')
+    expect(() => test.setCryptoKey(key, { keyName: 'k', flags: KeyringTraceFlag.WRAPPING_KEY_DECRYPTED_DATA_KEY })).to.throw('Malformed KeyringTrace')
+    expect(() => test.setCryptoKey(key)).to.throw('Malformed KeyringTrace')
+  })
+
+  it('Precondition: On setting the CryptoKey the required KeyringTraceFlag must be set.', () => {
+    const suite = new NodeAlgorithmSuite(AlgorithmSuiteIdentifier.ALG_AES128_GCM_IV12_TAG16_HKDF_SHA256_ECDSA_P256)
+    const test: any = decorateWebCryptoMaterial((<any>{ suite, validUsages: ['deriveKey'], keyringTrace: [] }), KeyringTraceFlag.WRAPPING_KEY_DECRYPTED_DATA_KEY)
+    decorateCryptographicMaterial(test, KeyringTraceFlag.WRAPPING_KEY_DECRYPTED_DATA_KEY)
+
+    const key: any = { type: 'secret', algorithm: { name: 'HKDF' }, usages: ['deriveKey'], extractable: false }
+    const trace = { keyNamespace: 'k', keyName: 'k', flags: KeyringTraceFlag.WRAPPING_KEY_SIGNED_ENC_CTX }
+    expect(() => test.setCryptoKey(key, trace)).to.throw('Required KeyringTraceFlag not set')
+  })
+
   it('Precondition: dataKey must be a supported type.', () => {
     const test: any = decorateWebCryptoMaterial((<any>{}), KeyringTraceFlag.WRAPPING_KEY_DECRYPTED_DATA_KEY)
     const key: any = {}

modules/material-management/test/multi_keyring.test.ts

@@ -290,7 +290,7 @@ describe('MultiKeyring: onDecrypt', () => {
     expect(test.getUnencryptedDataKey()).to.deep.equal(unencryptedDataKey)
   })
 
-  it('does not call subsequent Keyrings after receiving DecryptionMaterial', async () => {
+  it('Check for early return (Postcondition): Do not attempt to decrypt once I have a valid key.', async () => {
     const suite = new NodeAlgorithmSuite(AlgorithmSuiteIdentifier.ALG_AES128_GCM_IV12_TAG16)
     const unencryptedDataKey = new Uint8Array(suite.keyLengthBytes)
     const [edk0, keyringTrace0] = makeEDKandTrace(0)
@@ -338,13 +338,14 @@ describe('MultiKeyring: onDecrypt', () => {
     })
 
     let called = false
-    const childNotSucceded = keyRingFactory({
+    const childNotSucceeded = keyRingFactory({
       async onDecrypt () {
+        // Because this keyring does not return a value, it will result in an error
         called = true
       },
       onEncrypt: never
     })
-    const children = [childNotSucceded, child]
+    const children = [childNotSucceeded, child]
 
     const mkeyring = new MultiKeyringNode({ children })
 

modules/material-management/test/signature_key.test.ts

@@ -49,6 +49,17 @@ describe('SignatureKey', () => {
     const compressPoint = SignatureKey.encodeCompressPoint(publicKey, suite)
     expect(compressPoint).to.deep.equal(new Uint8Array(prime256v1CompressedFixture))
   })
+
+  it('Precondition: Do not create a SignatureKey for an algorithm suite that does not have an EC named curve.', () => {
+    const suite = new NodeAlgorithmSuite(AlgorithmSuiteIdentifier.ALG_AES128_GCM_IV12_TAG16)
+    expect(() => new SignatureKey(new Uint8Array(3), new Uint8Array(3), suite)).to.throw('Unsupported Algorithm')
+  })
+
+  it('Precondition: Do not return a compress point for an algorithm suite that does not have an EC named curve.', () => {
+    const publicKey = new Uint8Array(prime256v1PublicFixture)
+    const suite = new NodeAlgorithmSuite(AlgorithmSuiteIdentifier.ALG_AES128_GCM_IV12_TAG16)
+    expect(() => SignatureKey.encodeCompressPoint(publicKey, suite)).to.throw('Unsupported Algorithm')
+  })
 })
 
 describe('VerificationKey', () => {
@@ -65,4 +76,15 @@ describe('VerificationKey', () => {
     const publicKey = VerificationKey.decodeCompressPoint(compressPoint, suite)
     expect(publicKey).to.deep.equal(new Uint8Array(prime256v1PublicFixture))
   })
+
+  it('Precondition: Do not create a VerificationKey for an algorithm suite that does not have an EC named curve.', () => {
+    const suite = new NodeAlgorithmSuite(AlgorithmSuiteIdentifier.ALG_AES128_GCM_IV12_TAG16)
+    expect(() => new VerificationKey(new Uint8Array(3), suite)).to.throw('Unsupported Algorithm')
+  })
+
+  it('Precondition: Do not decode a public key for an algorithm suite that does not have an EC named curve.', () => {
+    const compressPoint = new Uint8Array(prime256v1CompressedFixture)
+    const suite = new NodeAlgorithmSuite(AlgorithmSuiteIdentifier.ALG_AES128_GCM_IV12_TAG16)
+    expect(() => VerificationKey.decodeCompressPoint(compressPoint, suite)).to.throw('Unsupported Algorithm')
+  })
 })

modules/raw-rsa-keyring-browser/src/get_import_options.ts

@@ -123,7 +123,7 @@ export function verify (...args: RsaWrappingKeyAlgorithm[]) {
 }
 
 export function flattenMixedCryptoKey (key?: CryptoKey|MixedBackendCryptoKey): CryptoKey[] {
-  /* Check for early return (Postcondition): nothing is an empty array. */
+  /* Check for early return (Postcondition): empty inputs should return an empty array. */
   if (!key) return []
   if (isCryptoKey(key)) return [key]
   const { nonZeroByteCryptoKey, zeroByteCryptoKey } = key

package.json

@@ -26,7 +26,7 @@
     "integration-node-encrypt": "npm run build; lerna run integration_node --stream --no-prefix -- -- encrypt -m $npm_package_config_encryptManifestList -k $npm_package_config_encryptKeyManifest -o $npm_package_config_decryptOracle",
     "integration-node": "run-s integration-node-*",
     "integration": "run-s integration-*",
-    "test_conditions": "./util/bootstrap_tsconfig 23"
+    "test_conditions": "./util/bootstrap_tsconfig"
   },
   "config": {
     "localTestVectors": "../../aws-encryption-sdk-test-vectors/vectors/awses-decrypt/python-1.3.8.zip",