github.com/keybase/client/go@v0.0.0-20241007131713-f10651d043c8/kbfs/kbfsmd/key_bundle_v3_test.go (about) 1 // Copyright 2016 Keybase Inc. All rights reserved. 2 // Use of this source code is governed by a BSD 3 // license that can be found in the LICENSE file. 4 5 package kbfsmd 6 7 import ( 8 "testing" 9 10 "github.com/keybase/client/go/kbfs/kbfscodec" 11 "github.com/keybase/client/go/kbfs/kbfscrypto" 12 "github.com/keybase/client/go/protocol/keybase1" 13 "github.com/keybase/go-codec/codec" 14 "github.com/stretchr/testify/require" 15 ) 16 17 // Make sure creating an WKB ID for a WKB with no keys fails. 18 func TestWKBID(t *testing.T) { 19 codec := kbfscodec.NewMsgpack() 20 21 var wkb TLFWriterKeyBundleV3 22 23 _, err := MakeTLFWriterKeyBundleID(codec, wkb) 24 require.Error(t, err) 25 26 wkb.Keys = UserDeviceKeyInfoMapV3{ 27 keybase1.UID("0"): nil, 28 } 29 30 _, err = MakeTLFWriterKeyBundleID(codec, wkb) 31 require.NoError(t, err) 32 } 33 34 // Make sure that RKBs can be created with nil vs. empty keys get the 35 // same ID. 36 func TestRKBID(t *testing.T) { 37 codec := kbfscodec.NewMsgpack() 38 39 var wkb1, wkb2 TLFReaderKeyBundleV3 40 wkb2.Keys = make(UserDeviceKeyInfoMapV3) 41 42 id1, err := MakeTLFReaderKeyBundleID(codec, wkb1) 43 require.NoError(t, err) 44 45 id2, err := MakeTLFReaderKeyBundleID(codec, wkb2) 46 require.NoError(t, err) 47 48 require.Equal(t, id1, id2) 49 } 50 51 // TestRemoveDevicesNotInV3 checks basic functionality of 52 // removeDevicesNotIn(). 53 func TestRemoveDevicesNotInV3(t *testing.T) { 54 uid1 := keybase1.MakeTestUID(0x1) 55 uid2 := keybase1.MakeTestUID(0x2) 56 uid3 := keybase1.MakeTestUID(0x3) 57 58 key1a := kbfscrypto.MakeFakeCryptPublicKeyOrBust("key1") 59 key1b := kbfscrypto.MakeFakeCryptPublicKeyOrBust("key2") 60 key2a := kbfscrypto.MakeFakeCryptPublicKeyOrBust("key3") 61 key2b := kbfscrypto.MakeFakeCryptPublicKeyOrBust("key4") 62 key2c := kbfscrypto.MakeFakeCryptPublicKeyOrBust("key5") 63 key3a := kbfscrypto.MakeFakeCryptPublicKeyOrBust("key6") 64 65 half1a := kbfscrypto.MakeTLFCryptKeyServerHalf([32]byte{0x1}) 66 half1b := kbfscrypto.MakeTLFCryptKeyServerHalf([32]byte{0x2}) 67 half2a := kbfscrypto.MakeTLFCryptKeyServerHalf([32]byte{0x3}) 68 half2b := kbfscrypto.MakeTLFCryptKeyServerHalf([32]byte{0x4}) 69 half2c := kbfscrypto.MakeTLFCryptKeyServerHalf([32]byte{0x5}) 70 half3a := kbfscrypto.MakeTLFCryptKeyServerHalf([32]byte{0x6}) 71 72 id1a, err := kbfscrypto.MakeTLFCryptKeyServerHalfID(uid1, key1a, half1a) 73 require.NoError(t, err) 74 id1b, err := kbfscrypto.MakeTLFCryptKeyServerHalfID(uid1, key1b, half1b) 75 require.NoError(t, err) 76 id2a, err := kbfscrypto.MakeTLFCryptKeyServerHalfID(uid2, key2a, half2a) 77 require.NoError(t, err) 78 id2b, err := kbfscrypto.MakeTLFCryptKeyServerHalfID(uid2, key2b, half2b) 79 require.NoError(t, err) 80 id2c, err := kbfscrypto.MakeTLFCryptKeyServerHalfID(uid2, key2c, half2c) 81 require.NoError(t, err) 82 id3a, err := kbfscrypto.MakeTLFCryptKeyServerHalfID(uid2, key3a, half3a) 83 require.NoError(t, err) 84 85 udkimV3 := UserDeviceKeyInfoMapV3{ 86 uid1: DeviceKeyInfoMapV3{ 87 key1a: TLFCryptKeyInfo{ 88 ServerHalfID: id1a, 89 EPubKeyIndex: 1, 90 }, 91 key1b: TLFCryptKeyInfo{ 92 ServerHalfID: id1b, 93 EPubKeyIndex: 2, 94 }, 95 }, 96 uid2: DeviceKeyInfoMapV3{ 97 key2a: TLFCryptKeyInfo{ 98 ServerHalfID: id2a, 99 EPubKeyIndex: 2, 100 }, 101 key2b: TLFCryptKeyInfo{ 102 ServerHalfID: id2b, 103 EPubKeyIndex: 0, 104 }, 105 key2c: TLFCryptKeyInfo{ 106 ServerHalfID: id2c, 107 EPubKeyIndex: 0, 108 }, 109 }, 110 uid3: DeviceKeyInfoMapV3{ 111 key3a: TLFCryptKeyInfo{ 112 ServerHalfID: id3a, 113 EPubKeyIndex: 2, 114 }, 115 }, 116 } 117 118 removalInfo := udkimV3.RemoveDevicesNotIn(UserDevicePublicKeys{ 119 uid2: {key2a: true, key2c: true}, 120 uid3: {key3a: true}, 121 }) 122 123 require.Equal(t, UserDeviceKeyInfoMapV3{ 124 uid2: DeviceKeyInfoMapV3{ 125 key2a: TLFCryptKeyInfo{ 126 ServerHalfID: id2a, 127 EPubKeyIndex: 2, 128 }, 129 key2c: TLFCryptKeyInfo{ 130 ServerHalfID: id2c, 131 EPubKeyIndex: 0, 132 }, 133 }, 134 uid3: DeviceKeyInfoMapV3{ 135 key3a: TLFCryptKeyInfo{ 136 ServerHalfID: id3a, 137 EPubKeyIndex: 2, 138 }, 139 }, 140 }, udkimV3) 141 142 require.Equal(t, ServerHalfRemovalInfo{ 143 uid1: UserServerHalfRemovalInfo{ 144 UserRemoved: true, 145 DeviceServerHalfIDs: DeviceServerHalfRemovalInfo{ 146 key1a: []kbfscrypto.TLFCryptKeyServerHalfID{id1a}, 147 key1b: []kbfscrypto.TLFCryptKeyServerHalfID{id1b}, 148 }, 149 }, 150 uid2: UserServerHalfRemovalInfo{ 151 UserRemoved: false, 152 DeviceServerHalfIDs: DeviceServerHalfRemovalInfo{ 153 key2b: []kbfscrypto.TLFCryptKeyServerHalfID{id2b}, 154 }, 155 }, 156 }, removalInfo) 157 } 158 159 // TestRemoveLastDeviceV3 checks behavior of removeDevicesNotIn() with 160 // respect to removing the last device of a user vs. removing the user 161 // completely. 162 // 163 // This is a regression test for KBFS-1898. 164 func TestRemoveLastDeviceV3(t *testing.T) { 165 uid1 := keybase1.MakeTestUID(0x1) 166 uid2 := keybase1.MakeTestUID(0x2) 167 uid3 := keybase1.MakeTestUID(0x3) 168 uid4 := keybase1.MakeTestUID(0x4) 169 170 key1 := kbfscrypto.MakeFakeCryptPublicKeyOrBust("key1") 171 key2 := kbfscrypto.MakeFakeCryptPublicKeyOrBust("key2") 172 173 half1 := kbfscrypto.MakeTLFCryptKeyServerHalf([32]byte{0x1}) 174 half2 := kbfscrypto.MakeTLFCryptKeyServerHalf([32]byte{0x2}) 175 176 id1, err := kbfscrypto.MakeTLFCryptKeyServerHalfID(uid1, key1, half1) 177 require.NoError(t, err) 178 id2, err := kbfscrypto.MakeTLFCryptKeyServerHalfID(uid2, key2, half2) 179 require.NoError(t, err) 180 181 udkimV3 := UserDeviceKeyInfoMapV3{ 182 uid1: DeviceKeyInfoMapV3{ 183 key1: TLFCryptKeyInfo{ 184 ServerHalfID: id1, 185 EPubKeyIndex: 1, 186 }, 187 }, 188 uid2: DeviceKeyInfoMapV3{ 189 key2: TLFCryptKeyInfo{ 190 ServerHalfID: id2, 191 EPubKeyIndex: 2, 192 }, 193 }, 194 uid3: DeviceKeyInfoMapV3{}, 195 uid4: DeviceKeyInfoMapV3{}, 196 } 197 198 removalInfo := udkimV3.RemoveDevicesNotIn(UserDevicePublicKeys{ 199 uid1: {}, 200 uid3: {}, 201 }) 202 203 require.Equal(t, UserDeviceKeyInfoMapV3{ 204 uid1: DeviceKeyInfoMapV3{}, 205 uid3: DeviceKeyInfoMapV3{}, 206 }, udkimV3) 207 208 require.Equal(t, ServerHalfRemovalInfo{ 209 uid1: UserServerHalfRemovalInfo{ 210 UserRemoved: false, 211 DeviceServerHalfIDs: DeviceServerHalfRemovalInfo{ 212 key1: []kbfscrypto.TLFCryptKeyServerHalfID{id1}, 213 }, 214 }, 215 uid2: UserServerHalfRemovalInfo{ 216 UserRemoved: true, 217 DeviceServerHalfIDs: DeviceServerHalfRemovalInfo{ 218 key2: []kbfscrypto.TLFCryptKeyServerHalfID{id2}, 219 }, 220 }, 221 uid4: UserServerHalfRemovalInfo{ 222 UserRemoved: true, 223 DeviceServerHalfIDs: DeviceServerHalfRemovalInfo{}, 224 }, 225 }, removalInfo) 226 } 227 228 type deviceKeyInfoMapV3Future map[kbfscrypto.CryptPublicKey]tlfCryptKeyInfoFuture 229 230 func (dkimf deviceKeyInfoMapV3Future) toCurrent() DeviceKeyInfoMapV3 { 231 dkim := make(DeviceKeyInfoMapV3, len(dkimf)) 232 for k, kif := range dkimf { 233 ki := kif.toCurrent() 234 dkim[k] = ki 235 } 236 return dkim 237 } 238 239 type userDeviceKeyInfoMapV3Future map[keybase1.UID]deviceKeyInfoMapV3Future 240 241 func (udkimf userDeviceKeyInfoMapV3Future) toCurrent() UserDeviceKeyInfoMapV3 { 242 udkim := make(UserDeviceKeyInfoMapV3) 243 for u, dkimf := range udkimf { 244 dkim := dkimf.toCurrent() 245 udkim[u] = dkim 246 } 247 return udkim 248 } 249 250 type tlfWriterKeyBundleV3Future struct { 251 TLFWriterKeyBundleV3 252 // Override TLFWriterKeyBundleV3.Keys. 253 Keys userDeviceKeyInfoMapV3Future `codec:"wKeys"` 254 kbfscodec.Extra 255 } 256 257 func (wkbf tlfWriterKeyBundleV3Future) toCurrent() TLFWriterKeyBundleV3 { 258 wkb := wkbf.TLFWriterKeyBundleV3 259 wkb.Keys = wkbf.Keys.toCurrent() 260 return wkb 261 } 262 263 func (wkbf tlfWriterKeyBundleV3Future) ToCurrentStruct() kbfscodec.CurrentStruct { 264 return wkbf.toCurrent() 265 } 266 267 func makeFakeDeviceKeyInfoMapV3Future(t *testing.T) userDeviceKeyInfoMapV3Future { 268 return userDeviceKeyInfoMapV3Future{ 269 "fake uid": deviceKeyInfoMapV3Future{ 270 kbfscrypto.MakeFakeCryptPublicKeyOrBust("fake key"): makeFakeTLFCryptKeyInfoFuture(t), 271 }, 272 } 273 } 274 275 func makeFakeTLFWriterKeyBundleV3Future(t *testing.T) tlfWriterKeyBundleV3Future { 276 wkb := TLFWriterKeyBundleV3{ 277 nil, 278 kbfscrypto.MakeTLFPublicKey([32]byte{0xa}), 279 kbfscrypto.TLFEphemeralPublicKeys{ 280 kbfscrypto.MakeTLFEphemeralPublicKey([32]byte{0xb}), 281 }, 282 kbfscrypto.EncryptedTLFCryptKeys{}, 283 codec.UnknownFieldSetHandler{}, 284 } 285 return tlfWriterKeyBundleV3Future{ 286 wkb, 287 makeFakeDeviceKeyInfoMapV3Future(t), 288 kbfscodec.MakeExtraOrBust("TLFWriterKeyBundleV3", t), 289 } 290 } 291 292 func TestTLFWriterKeyBundleV3UnknownFields(t *testing.T) { 293 testStructUnknownFields(t, makeFakeTLFWriterKeyBundleV3Future(t)) 294 } 295 296 type tlfReaderKeyBundleV3Future struct { 297 TLFReaderKeyBundleV3 298 // Override TLFReaderKeyBundleV3.Keys. 299 Keys userDeviceKeyInfoMapV3Future `codec:"rKeys"` 300 kbfscodec.Extra 301 } 302 303 func (rkbf tlfReaderKeyBundleV3Future) toCurrent() TLFReaderKeyBundleV3 { 304 rkb := rkbf.TLFReaderKeyBundleV3 305 rkb.Keys = rkbf.Keys.toCurrent() 306 return rkb 307 } 308 309 func (rkbf tlfReaderKeyBundleV3Future) ToCurrentStruct() kbfscodec.CurrentStruct { 310 return rkbf.toCurrent() 311 } 312 313 func makeFakeTLFReaderKeyBundleV3Future( 314 t *testing.T) tlfReaderKeyBundleV3Future { 315 rkb := TLFReaderKeyBundleV3{ 316 nil, 317 kbfscrypto.TLFEphemeralPublicKeys{ 318 kbfscrypto.MakeTLFEphemeralPublicKey([32]byte{0xc}), 319 }, 320 codec.UnknownFieldSetHandler{}, 321 } 322 return tlfReaderKeyBundleV3Future{ 323 rkb, 324 makeFakeDeviceKeyInfoMapV3Future(t), 325 kbfscodec.MakeExtraOrBust("TLFReaderKeyBundleV3", t), 326 } 327 } 328 329 func TestTLFReaderKeyBundleV3UnknownFields(t *testing.T) { 330 testStructUnknownFields(t, makeFakeTLFReaderKeyBundleV3Future(t)) 331 }