UNPKG

@bsv/sdk

Version:

BSV Blockchain Software Development Kit

github.com/bsv-blockchain/ts-sdk

bsv-blockchain/ts-sdk

147 lines (122 loc) 4.95 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
import { PrivateKey, Utils } from '../../../primitives/index' import { WalletInterface } from '../../../wallet/Wallet.interfaces' import { createNonce } from '../../../auth/utils/createNonce' import { verifyNonce } from '../../../auth/utils/verifyNonce' import { CompletedProtoWallet } from '../../../auth/certificates/__tests/CompletedProtoWallet' describe('createNonce', () => { let mockWallet: WalletInterface beforeEach(() => { mockWallet = { createHmac: jest.fn().mockResolvedValue({ hmac: new Uint8Array(16) }) } as unknown as WalletInterface }) afterEach(() => { jest.clearAllMocks() }) it('throws an error if wallet fails to create HMAC', async () => { // Mock failure of HMAC creation (mockWallet.createHmac as jest.Mock).mockRejectedValue( new Error('Failed to create HMAC') ) await expect(createNonce(mockWallet)).rejects.toThrow( 'Failed to create HMAC' ) }) it('creates a 256-bit nonce', async () => { const nonce = await createNonce(mockWallet) expect(Buffer.from(nonce, 'base64').byteLength).toEqual(32) }) }) describe('verifyNonce', () => { let mockWallet: WalletInterface beforeEach(() => { mockWallet = { createHmac: jest.fn().mockResolvedValue({ hmac: new Uint8Array(16) }), verifyHmac: jest.fn().mockResolvedValue({ valid: true }) } as unknown as WalletInterface }) afterEach(() => { jest.clearAllMocks() }) it('does not verify an invalid nonce', async () => { (mockWallet.verifyHmac as jest.Mock).mockResolvedValue({ valid: false }) const nonce = await createNonce(mockWallet) await expect(verifyNonce(nonce + 'ABC', mockWallet)).rejects.toThrow( /Invalid base64 padding|Invalid base64/i ) await expect(verifyNonce(nonce + '=', mockWallet)).resolves.toEqual(false) await expect( verifyNonce( Buffer.from( nonce + Buffer.from('extra').toString('base64'), 'base64' ).toString('base64'), mockWallet ) ).resolves.toEqual(false) }) it('returns false for an invalid HMAC verification', async () => { (mockWallet.verifyHmac as jest.Mock).mockResolvedValue({ valid: false }) const nonce = await createNonce(mockWallet) await expect(verifyNonce(nonce, mockWallet)).resolves.toEqual(false) }) it('verifies a 256-bit nonce', async () => { (mockWallet.verifyHmac as jest.Mock).mockResolvedValue({ valid: true }) const nonce1 = await createNonce(mockWallet) const nonce2 = await createNonce(mockWallet) expect(Buffer.from(nonce1, 'base64').byteLength).toEqual(32) expect(Buffer.from(nonce2, 'base64').byteLength).toEqual(32) await expect(verifyNonce(nonce1, mockWallet)).resolves.toEqual(true) await expect(verifyNonce(nonce2, mockWallet)).resolves.toEqual(true) }) it('verifies nonce using real createHmac and verifyHmac', async () => { const realWallet = new CompletedProtoWallet(PrivateKey.fromRandom()) const nonce = await createNonce(realWallet) const isValid = await verifyNonce(nonce, realWallet) expect(isValid).toEqual(true) }) it('SerialNumber use-case', async () => { const clientWallet = new CompletedProtoWallet(PrivateKey.fromRandom()) const serverWallet = new CompletedProtoWallet(PrivateKey.fromRandom()) // Client creates a random nonce that the server can verify const clientNonce = await createNonce( clientWallet, (await serverWallet.getPublicKey({ identityKey: true })).publicKey ) // The server verifies the client created the nonce provided await verifyNonce( clientNonce, serverWallet, (await clientWallet.getPublicKey({ identityKey: true })).publicKey ) // Server creates a random nonce that the client can verify const serverNonce = await createNonce( serverWallet, (await clientWallet.getPublicKey({ identityKey: true })).publicKey ) // The server compute a serial number from the client and server nonce const { hmac: serialNumber } = await serverWallet.createHmac({ data: Utils.toArray(clientNonce + serverNonce, 'utf8'), protocolID: [2, 'certificate creation'], keyID: serverNonce + clientNonce, counterparty: (await clientWallet.getPublicKey({ identityKey: true })) .publicKey }) // Client verifies server's nonce await verifyNonce( serverNonce, clientWallet, (await serverWallet.getPublicKey({ identityKey: true })).publicKey ) // Client verifies the server included their nonce const { valid } = await clientWallet.verifyHmac({ hmac: serialNumber, data: Utils.toArray(clientNonce + serverNonce, 'utf8'), protocolID: [2, 'certificate creation'], keyID: serverNonce + clientNonce, counterparty: (await serverWallet.getPublicKey({ identityKey: true })) .publicKey }) expect(valid).toEqual(true) }) })