github.com/keybase/client/go@v0.0.0-20241007131713-f10651d043c8/kbfs/libkbfs/crypto_common_test.go (about) 1 // Copyright 2016 Keybase Inc. All rights reserved. 2 // Use of this source code is governed by a BSD 3 // license that can be found in the LICENSE file. 4 5 package libkbfs 6 7 import ( 8 "fmt" 9 "testing" 10 11 "github.com/keybase/client/go/kbfs/data" 12 "github.com/keybase/client/go/kbfs/kbfscodec" 13 "github.com/keybase/client/go/kbfs/kbfscrypto" 14 "github.com/stretchr/testify/assert" 15 "github.com/stretchr/testify/require" 16 "golang.org/x/crypto/nacl/secretbox" 17 ) 18 19 type simpleBlockCryptVersioner struct { 20 t kbfscrypto.EncryptionVer 21 } 22 23 func (sbcv simpleBlockCryptVersioner) BlockCryptVersion() kbfscrypto.EncryptionVer { 24 return sbcv.t 25 } 26 27 func makeBlockCryptV1() simpleBlockCryptVersioner { 28 return simpleBlockCryptVersioner{kbfscrypto.EncryptionSecretbox} 29 } 30 31 func makeBlockCryptV2() simpleBlockCryptVersioner { 32 return simpleBlockCryptVersioner{kbfscrypto.EncryptionSecretboxWithKeyNonce} 33 } 34 35 // Test (very superficially) that MakeRandomTLFEphemeralKeys() returns 36 // non-zero values that aren't equal. 37 func TestCryptoCommonRandomTLFEphemeralKeys(t *testing.T) { 38 c := MakeCryptoCommon(kbfscodec.NewMsgpack(), makeBlockCryptV1()) 39 40 a1, a2, err := c.MakeRandomTLFEphemeralKeys() 41 require.NoError(t, err) 42 require.NotEqual(t, kbfscrypto.TLFEphemeralPublicKey{}, a1) 43 require.NotEqual(t, kbfscrypto.TLFEphemeralPrivateKey{}, a2) 44 45 b1, b2, err := c.MakeRandomTLFEphemeralKeys() 46 require.NoError(t, err) 47 require.NotEqual(t, kbfscrypto.TLFEphemeralPublicKey{}, b1) 48 require.NotEqual(t, kbfscrypto.TLFEphemeralPrivateKey{}, b2) 49 50 require.NotEqual(t, a1, b1) 51 require.NotEqual(t, a2, b2) 52 } 53 54 // Test (very superficially) that MakeRandomTLFKeys() returns non-zero 55 // values that aren't equal. 56 func TestCryptoCommonRandomTLFKeys(t *testing.T) { 57 c := MakeCryptoCommon(kbfscodec.NewMsgpack(), makeBlockCryptV1()) 58 59 a1, a2, a3, err := c.MakeRandomTLFKeys() 60 require.NoError(t, err) 61 require.NotEqual(t, kbfscrypto.TLFPublicKey{}, a1) 62 require.NotEqual(t, kbfscrypto.TLFPrivateKey{}, a2) 63 require.NotEqual(t, kbfscrypto.TLFCryptKey{}, a3) 64 65 b1, b2, b3, err := c.MakeRandomTLFKeys() 66 require.NoError(t, err) 67 require.NotEqual(t, kbfscrypto.TLFPublicKey{}, b1) 68 require.NotEqual(t, kbfscrypto.TLFPrivateKey{}, b2) 69 require.NotEqual(t, kbfscrypto.TLFCryptKey{}, b3) 70 71 require.NotEqual(t, a1, b1) 72 require.NotEqual(t, a2, b2) 73 require.NotEqual(t, a3, b3) 74 } 75 76 type TestBlock struct { 77 A int 78 } 79 80 func (TestBlock) DataVersion() data.Ver { 81 return data.FirstValidVer 82 } 83 84 func (tb TestBlock) GetEncodedSize() uint32 { 85 return 0 86 } 87 88 func (tb TestBlock) SetEncodedSize(size uint32) { 89 } 90 91 func (tb TestBlock) NewEmpty() data.Block { 92 return &TestBlock{} 93 } 94 95 func (tb TestBlock) NewEmptier() func() data.Block { 96 return tb.NewEmpty 97 } 98 99 func (tb *TestBlock) Set(other data.Block) { 100 otherTb := other.(*TestBlock) 101 tb.A = otherTb.A 102 } 103 104 func (tb *TestBlock) ToCommonBlock() *data.CommonBlock { 105 return nil 106 } 107 108 func (tb *TestBlock) IsIndirect() bool { 109 return false 110 } 111 112 func (tb *TestBlock) IsTail() bool { 113 return true 114 } 115 116 func (tb TestBlock) OffsetExceedsData(_, _ data.Offset) bool { 117 return false 118 } 119 120 func (tb TestBlock) BytesCanBeDirtied() int64 { 121 return 0 122 } 123 124 func TestCryptoCommonEncryptDecryptBlock(t *testing.T) { 125 c := MakeCryptoCommon(kbfscodec.NewMsgpack(), makeBlockCryptV1()) 126 127 block := TestBlock{42} 128 tlfCryptKey := kbfscrypto.TLFCryptKey{} 129 blockServerHalf := kbfscrypto.BlockCryptKeyServerHalf{} 130 131 _, encryptedBlock, err := c.EncryptBlock( 132 &block, tlfCryptKey, blockServerHalf) 133 require.NoError(t, err) 134 135 var decryptedBlock TestBlock 136 err = c.DecryptBlock( 137 encryptedBlock, tlfCryptKey, blockServerHalf, &decryptedBlock) 138 require.NoError(t, err) 139 require.Equal(t, block, decryptedBlock) 140 } 141 142 func checkSecretboxOpenPrivateMetadata(t *testing.T, encryptedPrivateMetadata kbfscrypto.EncryptedPrivateMetadata, key kbfscrypto.TLFCryptKey) (encodedData []byte) { 143 require.Equal( 144 t, kbfscrypto.EncryptionSecretbox, encryptedPrivateMetadata.Version) 145 require.Equal(t, 24, len(encryptedPrivateMetadata.Nonce)) 146 147 var nonce [24]byte 148 copy(nonce[:], encryptedPrivateMetadata.Nonce) 149 require.NotEqual(t, [24]byte{}, nonce) 150 151 keyData := key.Data() 152 encodedData, ok := secretbox.Open(nil, encryptedPrivateMetadata.EncryptedData, &nonce, &keyData) 153 require.True(t, ok) 154 155 return encodedData 156 } 157 158 // Test that crypto.EncryptPrivateMetadata() encrypts its passed-in 159 // PrivateMetadata object properly. 160 func TestEncryptPrivateMetadata(t *testing.T) { 161 c := MakeCryptoCommon(kbfscodec.NewMsgpack(), makeBlockCryptV1()) 162 163 _, tlfPrivateKey, cryptKey, err := c.MakeRandomTLFKeys() 164 require.NoError(t, err) 165 166 privateMetadata := PrivateMetadata{ 167 TLFPrivateKey: tlfPrivateKey, 168 } 169 expectedEncodedPrivateMetadata, err := c.codec.Encode(privateMetadata) 170 require.NoError(t, err) 171 172 encryptedPrivateMetadata, err := c.EncryptPrivateMetadata(privateMetadata, cryptKey) 173 require.NoError(t, err) 174 175 encodedPrivateMetadata := checkSecretboxOpenPrivateMetadata(t, encryptedPrivateMetadata, cryptKey) 176 177 require.Equal(t, expectedEncodedPrivateMetadata, encodedPrivateMetadata) 178 } 179 180 // Test that crypto.DecryptPrivateMetadata() decrypts an encrypted 181 // PrivateMetadata object. 182 func TestDecryptPrivateMetadata(t *testing.T) { 183 codec := kbfscodec.NewMsgpack() 184 c := MakeCryptoCommon(codec, makeBlockCryptV1()) 185 186 _, tlfPrivateKey, cryptKey, err := c.MakeRandomTLFKeys() 187 require.NoError(t, err) 188 189 privateMetadata := PrivateMetadata{ 190 TLFPrivateKey: tlfPrivateKey, 191 } 192 193 encodedPrivateMetadata, err := codec.Encode(privateMetadata) 194 require.NoError(t, err) 195 196 encryptedPrivateMetadata, err := kbfscrypto.EncryptEncodedPrivateMetadata( 197 encodedPrivateMetadata, cryptKey) 198 require.NoError(t, err) 199 200 decryptedPrivateMetadata, err := c.DecryptPrivateMetadata( 201 encryptedPrivateMetadata, cryptKey) 202 require.NoError(t, err) 203 require.Equal(t, privateMetadata, decryptedPrivateMetadata) 204 } 205 206 func makeFakeBlockCryptKey(t *testing.T) ( 207 kbfscrypto.TLFCryptKey, kbfscrypto.BlockCryptKeyServerHalf, 208 kbfscrypto.BlockCryptKey) { 209 tlfCryptKey, err := kbfscrypto.MakeRandomTLFCryptKey() 210 require.NoError(t, err) 211 blockServerHalf, err := kbfscrypto.MakeRandomBlockCryptKeyServerHalf() 212 require.NoError(t, err) 213 key := kbfscrypto.UnmaskBlockCryptKey(blockServerHalf, tlfCryptKey) 214 return tlfCryptKey, blockServerHalf, key 215 } 216 217 func checkSecretboxOpenBlock(t *testing.T, encryptedBlock kbfscrypto.EncryptedBlock, key kbfscrypto.BlockCryptKey) (encodedData []byte) { 218 require.Equal( 219 t, kbfscrypto.EncryptionSecretbox, encryptedBlock.Version) 220 require.Equal(t, 24, len(encryptedBlock.Nonce)) 221 222 var nonce [24]byte 223 copy(nonce[:], encryptedBlock.Nonce) 224 require.NotEqual(t, [24]byte{}, nonce) 225 226 keyData := key.Data() 227 encodedData, ok := secretbox.Open(nil, encryptedBlock.EncryptedData, &nonce, &keyData) 228 require.True(t, ok) 229 230 return encodedData 231 } 232 233 // Test that crypto.EncryptBlock() encrypts its passed-in Block object 234 // properly. 235 func TestEncryptBlock(t *testing.T) { 236 c := MakeCryptoCommon(kbfscodec.NewMsgpack(), makeBlockCryptV1()) 237 238 tlfCryptKey, blockServerHalf, cryptKey := makeFakeBlockCryptKey(t) 239 240 block := TestBlock{50} 241 expectedEncodedBlock, err := c.codec.Encode(block) 242 require.NoError(t, err) 243 244 plainSize, encryptedBlock, err := c.EncryptBlock( 245 &block, tlfCryptKey, blockServerHalf) 246 require.NoError(t, err) 247 require.Equal(t, len(expectedEncodedBlock), plainSize) 248 249 paddedBlock := checkSecretboxOpenBlock(t, encryptedBlock, cryptKey) 250 encodedBlock, err := kbfscrypto.DepadBlock(paddedBlock) 251 require.NoError(t, err) 252 require.Equal(t, expectedEncodedBlock, encodedBlock) 253 } 254 255 func testDecryptEncryptedBlock(t *testing.T, c CryptoCommon) { 256 tlfCryptKey, blockServerHalf, _ := makeFakeBlockCryptKey(t) 257 258 block := TestBlock{50} 259 260 _, encryptedBlock, err := c.EncryptBlock( 261 &block, tlfCryptKey, blockServerHalf) 262 require.NoError(t, err) 263 264 require.Equal( 265 t, c.blockCryptVersioner.BlockCryptVersion(), encryptedBlock.Version) 266 267 var decryptedBlock TestBlock 268 err = c.DecryptBlock( 269 encryptedBlock, tlfCryptKey, blockServerHalf, &decryptedBlock) 270 require.NoError(t, err) 271 require.Equal(t, block, decryptedBlock) 272 } 273 274 // Test that crypto.DecryptBlock() decrypts a encrypted Block object. 275 func TestDecryptEncryptedBlock(t *testing.T) { 276 c := MakeCryptoCommon(kbfscodec.NewMsgpack(), makeBlockCryptV1()) 277 testDecryptEncryptedBlock(t, c) 278 } 279 280 // Test that crypto.DecryptBlock() decrypts a V2-encrypted Block object. 281 func TestDecryptV2EncryptedBlock(t *testing.T) { 282 c := MakeCryptoCommon(kbfscodec.NewMsgpack(), makeBlockCryptV2()) 283 testDecryptEncryptedBlock(t, c) 284 } 285 286 // Test that secretbox encrypted data length is a deterministic 287 // function of the input data length. 288 func TestSecretboxEncryptedLen(t *testing.T) { 289 const startSize = 100 290 const endSize = 100000 291 const iterations = 5 292 293 // Generating random data is slow, so do it all up-front and 294 // index into it. Note that we're intentionally re-using most 295 // of the data between iterations intentionally. 296 randomData := make([]byte, endSize+iterations) 297 err := kbfscrypto.RandRead(randomData) 298 require.NoError(t, err) 299 300 cryptKeys := make([]kbfscrypto.TLFCryptKey, iterations) 301 serverHalfs := make([]kbfscrypto.BlockCryptKeyServerHalf, iterations) 302 for j := 0; j < iterations; j++ { 303 cryptKeys[j], serverHalfs[j], _ = makeFakeBlockCryptKey(t) 304 } 305 306 for i := startSize; i < endSize; i += 1000 { 307 var enclen int 308 for j := 0; j < iterations; j++ { 309 data := randomData[j : j+i] 310 enc, err := kbfscrypto.EncryptPaddedEncodedBlock( 311 data, cryptKeys[j], serverHalfs[j], 312 kbfscrypto.EncryptionSecretboxWithKeyNonce) 313 require.NoError(t, err) 314 if j == 0 { 315 enclen = len(enc.EncryptedData) 316 } else { 317 assert.Equal(t, len(enc.EncryptedData), enclen) 318 } 319 } 320 } 321 } 322 323 type testBlockArray []byte 324 325 func (tba testBlockArray) GetEncodedSize() uint32 { 326 return 0 327 } 328 329 func (tba testBlockArray) SetEncodedSize(size uint32) { 330 } 331 332 func (testBlockArray) DataVersion() data.Ver { 333 return data.FirstValidVer 334 } 335 336 func (tba testBlockArray) NewEmpty() data.Block { 337 return &testBlockArray{} 338 } 339 340 func (tba testBlockArray) NewEmptier() func() data.Block { 341 return tba.NewEmpty 342 } 343 344 func (tba testBlockArray) ToCommonBlock() *data.CommonBlock { 345 return nil 346 } 347 348 func (tba *testBlockArray) Set(other data.Block) { 349 otherTba := other.(*testBlockArray) 350 *tba = *otherTba 351 } 352 353 func (tba testBlockArray) IsIndirect() bool { 354 return false 355 } 356 357 func (tba *testBlockArray) IsTail() bool { 358 return true 359 } 360 361 func (tba testBlockArray) OffsetExceedsData(_, _ data.Offset) bool { 362 return false 363 } 364 365 func (tba testBlockArray) BytesCanBeDirtied() int64 { 366 return 0 367 } 368 369 // Test that block encrypted data length is the same for data 370 // length within same power of 2. 371 func TestBlockEncryptedLen(t *testing.T) { 372 c := MakeCryptoCommon(kbfscodec.NewMsgpack(), makeBlockCryptV1()) 373 tlfCryptKey, blockServerHalf, _ := makeFakeBlockCryptKey(t) 374 375 const startSize = 1025 376 const endSize = 2000 377 378 // Generating random data is slow, so do it all up-front and 379 // index into it. Note that we're intentionally re-using most 380 // of the data between iterations intentionally. 381 randomData := make(testBlockArray, endSize) 382 err := kbfscrypto.RandRead(randomData) 383 require.NoError(t, err) 384 385 var expectedLen int 386 for i := startSize; i < endSize; i++ { 387 data := randomData[:i] 388 _, encBlock, err := c.EncryptBlock(&data, tlfCryptKey, blockServerHalf) 389 require.NoError(t, err) 390 391 if expectedLen == 0 { 392 expectedLen = len(encBlock.EncryptedData) 393 continue 394 } 395 require.Equal(t, expectedLen, len(encBlock.EncryptedData)) 396 } 397 } 398 399 func benchmarkEncryptBlock(b *testing.B, blockSize int) { 400 c := MakeCryptoCommon(kbfscodec.NewMsgpack(), makeBlockCryptV1()) 401 402 // Fill in the block with varying data to make sure not to 403 // trigger any encoding optimizations. 404 buf := make([]byte, 512<<10) 405 for i := 0; i < len(buf); i++ { 406 buf[i] = byte(i) 407 } 408 block := data.FileBlock{ 409 Contents: buf, 410 } 411 tlfCryptKey := kbfscrypto.TLFCryptKey{} 412 blockServerHalf := kbfscrypto.BlockCryptKeyServerHalf{} 413 414 b.ResetTimer() 415 for i := 0; i < b.N; i++ { 416 _, _, err := c.EncryptBlock(&block, tlfCryptKey, blockServerHalf) 417 require.NoError(b, err) 418 } 419 } 420 421 func BenchmarkEncryptBlock(b *testing.B) { 422 blockSizes := []int{ 423 0, 424 1024, 425 32 * 1024, 426 512 * 1024, 427 } 428 for _, blockSize := range blockSizes { 429 // Capture range variable. 430 blockSize := blockSize 431 b.Run(fmt.Sprintf("blockSize=%d", blockSize), 432 func(b *testing.B) { 433 benchmarkEncryptBlock(b, blockSize) 434 }) 435 } 436 }