nwaku/tests/v2/test_utils_keyfile.nim
G ea8d72188e
feat: add keyfile support for RLN credentials secure storage (#1285)
* feat(utils): add keyfile + test

* feat(keyfile): make id and version field optional

* feat(rln): enable input password for keyfile encryption

* refactor(keyfile): store multiple keyfiles in single file

* refactor(rln): write and read rln credentials proc using keyfiles + test update

* feat(keyfile): allow skip successful decryption to iterate among multiple keyfiles + test

* fix(rln): add rln-relay-cred-password in wakunode2 config

* chore(keyfile): remove unnencessary echo

* refactor(rln/kesyore): address reviewers' comments

* refactor(rln/keyfile): use defer instead of try/finally

* feat(rln): address reviewers comments; return all successful decryptions

* chore(keyfile): add comments; changed name to loadKeyfiles

* feat(keyfile): chmod 600 for keyfiles

* fix(rln): fix errors raised by readRlnCredentials

* feat(keyfile): add nim-eth tests; address reviewers comments

* fix(keyfile/rln): better error handling

* refactor(keyfile): refactoring nim-eth tests

* fix(keyfile): fix wrong index

* fix(keyfile): fix wrong password generation in test

* feat(keyfile): add wrong mac test

Co-authored-by: Aaryamann Challani <43716372+rymnc@users.noreply.github.com>
2022-10-28 11:13:05 +02:00

377 lines
13 KiB
Nim

{.used.}
import
std/[json, os],
stew/byteutils,
testutils/unittests, chronos,
eth/keys
import
../../waku/v2/utils/keyfile
from ../../waku/v2/protocol/waku_noise/noise_utils import randomSeqByte
suite "KeyFile test suite":
let rng = newRng()
test "Create/Save/Load single keyfile":
# The password we use to encrypt our secret
let password = "randompassword"
# The filepath were the keyfile will be stored
let filepath = "./test.keyfile"
defer: removeFile(filepath)
# The secret
var secret = randomSeqByte(rng[], 300)
# We create a keyfile encrypting the secret with password
let keyfile = createKeyFileJson(secret, password)
check:
keyfile.isOk()
# We save to disk the keyfile
saveKeyFile(filepath, keyfile.get()).isOk()
# We load from the file all the decrypted keyfiles encrypted under password
var decodedKeyfiles = loadKeyFiles(filepath, password)
check:
decodedKeyfiles.isOk()
# Since only one secret was stored in file, we expect only one keyfile being decrypted
decodedKeyfiles.get().len == 1
# We check if the decrypted secret is the same as the original secret
let decodedSecret = decodedKeyfiles.get()[0]
check:
secret == decodedSecret.get()
test "Create/Save/Load multiple keyfiles in same file":
# We set different passwords for different keyfiles that will be stored in same file
let password1 = string.fromBytes(randomSeqByte(rng[], 20))
let password2 = ""
let password3 = string.fromBytes(randomSeqByte(rng[], 20))
var keyfile: KfResult[JsonNode]
let filepath = "./test.keyfile"
defer: removeFile(filepath)
# We generate 6 different secrets and we encrypt them using 3 different passwords, and we store the obtained keystore
let secret1 = randomSeqByte(rng[], 300)
keyfile = createKeyFileJson(secret1, password1)
check:
keyfile.isOk()
saveKeyFile(filepath, keyfile.get()).isOk()
let secret2 = randomSeqByte(rng[], 300)
keyfile = createKeyFileJson(secret2, password2)
check:
keyfile.isOk()
saveKeyFile(filepath, keyfile.get()).isOk()
let secret3 = randomSeqByte(rng[], 300)
keyfile = createKeyFileJson(secret3, password3)
check:
keyfile.isOk()
saveKeyFile(filepath, keyfile.get()).isOk()
# We encrypt secret4 with password3
let secret4 = randomSeqByte(rng[], 300)
keyfile = createKeyFileJson(secret4, password3)
check:
keyfile.isOk()
saveKeyFile(filepath, keyfile.get()).isOk()
# We encrypt secret5 with password1
let secret5 = randomSeqByte(rng[], 300)
keyfile = createKeyFileJson(secret5, password1)
check:
keyfile.isOk()
saveKeyFile(filepath, keyfile.get()).isOk()
# We encrypt secret6 with password1
let secret6 = randomSeqByte(rng[], 300)
keyfile = createKeyFileJson(secret6, password1)
check:
keyfile.isOk()
saveKeyFile(filepath, keyfile.get()).isOk()
# Now there are 6 keyfiles stored in filepath encrypted with 3 different passwords
# We decrypt the keyfiles using the respective passwords and we check that the number of
# successful decryptions corresponds to the number of secrets encrypted under that password
var decodedKeyfilesPassword1 = loadKeyFiles(filepath, password1)
check:
decodedKeyfilesPassword1.isOk()
decodedKeyfilesPassword1.get().len == 3
var decodedSecretsPassword1 = decodedKeyfilesPassword1.get()
var decodedKeyfilesPassword2 = loadKeyFiles(filepath, password2)
check:
decodedKeyfilesPassword2.isOk()
decodedKeyfilesPassword2.get().len == 1
var decodedSecretsPassword2 = decodedKeyfilesPassword2.get()
var decodedKeyfilesPassword3 = loadKeyFiles(filepath, password3)
check:
decodedKeyfilesPassword3.isOk()
decodedKeyfilesPassword3.get().len == 2
var decodedSecretsPassword3 = decodedKeyfilesPassword3.get()
# We check if the corresponding secrets are correct
check:
# Secrets encrypted with password 1
secret1 == decodedSecretsPassword1[0].get()
secret5 == decodedSecretsPassword1[1].get()
secret6 == decodedSecretsPassword1[2].get()
# Secrets encrypted with password 2
secret2 == decodedSecretsPassword2[0].get()
# Secrets encrypted with password 3
secret3 == decodedSecretsPassword3[0].get()
secret4 == decodedSecretsPassword3[1].get()
# The following tests are originally from the nim-eth keyfile tests module https://github.com/status-im/nim-eth/blob/master/tests/keyfile/test_keyfile.nim
# and are slightly adapted to test backwards compatibility with nim-eth implementation of our customized version of the utils/keyfile module
# Note: the original nim-eth "Create/Save/Load test" is redefined and expanded above in "KeyFile test suite"
suite "KeyFile test suite (adapted from nim-eth keyfile tests)":
let rng = newRng()
# Testvectors originally from https://github.com/status-im/nim-eth/blob/fef47331c37ee8abb8608037222658737ff498a6/tests/keyfile/test_keyfile.nim#L22-L168
let TestVectors = [
%*{
"keyfile": {
"crypto" : {
"cipher" : "aes-128-ctr",
"cipherparams" : {"iv" : "6087dab2f9fdbbfaddc31a909735c1e6"},
"ciphertext" : "5318b4d5bcd28de64ee5559e671353e16f075ecae9f99c7a79a38af5f869aa46",
"kdf" : "pbkdf2",
"kdfparams" : {
"c" : 262144,
"dklen" : 32,
"prf" : "hmac-sha256",
"salt" : "ae3cd4e7013836a3df6bd7241b12db061dbe2c6785853cce422d148a624ce0bd"
},
"mac" : "517ead924a9d0dc3124507e3393d175ce3ff7c1e96529c6c555ce9e51205e9b2"
},
"id" : "3198bc9c-6672-5ab3-d995-4942343ae5b6",
"version" : 3
},
"name": "test1",
"password": "testpassword",
"priv": "7a28b5ba57c53603b0b07b56bba752f7784bf506fa95edc395f5cf6c7514fe9d"
},
%*{
"keyfile": {
"version": 3,
"crypto": {
"ciphertext": "ee75456c006b1e468133c5d2a916bacd3cf515ced4d9b021b5c59978007d1e87",
"version": 1,
"kdf": "pbkdf2",
"kdfparams": {
"dklen": 32,
"c": 262144,
"prf": "hmac-sha256",
"salt": "504490577620f64f43d73f29479c2cf0"
},
"mac": "196815708465de9af7504144a1360d08874fc3c30bb0e648ce88fbc36830d35d",
"cipherparams": {"iv": "514ccc8c4fb3e60e5538e0cf1e27c233"},
"cipher": "aes-128-ctr"
},
"id": "98d193c7-5174-4c7c-5345-c1daf95477b5"
},
"name": "python_generated_test_with_odd_iv",
"password": "foo",
"priv": "0101010101010101010101010101010101010101010101010101010101010101"
},
%*{
"keyfile": {
"version": 3,
"crypto": {
"ciphertext": "d69313b6470ac1942f75d72ebf8818a0d484ac78478a132ee081cd954d6bd7a9",
"cipherparams": {"iv": "ffffffffffffffffffffffffffffffff"},
"kdf": "pbkdf2",
"kdfparams": {
"dklen": 32,
"c": 262144,
"prf": "hmac-sha256",
"salt": "c82ef14476014cbf438081a42709e2ed"
},
"mac": "cf6bfbcc77142a22c4a908784b4a16f1023a1d0e2aff404c20158fa4f1587177",
"cipher": "aes-128-ctr",
"version": 1
},
"id": "abb67040-8dbe-0dad-fc39-2b082ef0ee5f"
},
"name": "evilnonce",
"password": "bar",
"priv": "0202020202020202020202020202020202020202020202020202020202020202"
},
%*{
"keyfile": {
"version" : 3,
"crypto" : {
"cipher" : "aes-128-ctr",
"cipherparams" : {
"iv" : "83dbcc02d8ccb40e466191a123791e0e"
},
"ciphertext" : "d172bf743a674da9cdad04534d56926ef8358534d458fffccd4e6ad2fbde479c",
"kdf" : "scrypt",
"kdfparams" : {
"dklen" : 32,
"n" : 262144,
"r" : 1,
"p" : 8,
"salt" : "ab0c7876052600dd703518d6fc3fe8984592145b591fc8fb5c6d43190334ba19"
},
"mac" : "2103ac29920d71da29f15d75b4a16dbe95cfd7ff8faea1056c33131d846e3097"
},
"id" : "3198bc9c-6672-5ab3-d995-4942343ae5b6"
},
"name" : "test2",
"password": "testpassword",
"priv": "7a28b5ba57c53603b0b07b56bba752f7784bf506fa95edc395f5cf6c7514fe9d"
},
%*{
"keyfile": {
"version": 3,
"address": "460121576cc7df020759730751f92bd62fd78dd6",
"crypto": {
"ciphertext": "54ae683c6287fa3d58321f09d56e26d94e58a00d4f90bdd95782ae0e4aab618b",
"cipherparams": {
"iv": "681679cdb125bba9495d068b002816a4"
},
"cipher": "aes-128-ctr",
"kdf": "scrypt",
"kdfparams": {
"dklen": 32,
"salt": "c3407f363fce02a66e3c4bf4a8f6b7da1c1f54266cef66381f0625c251c32785",
"n": 8192,
"r": 8,
"p": 1
},
"mac": "dea6bdf22a2f522166ed82808c22a6311e84c355f4bbe100d4260483ff675a46"
},
"id": "0eb785e0-340a-4290-9c42-90a11973ee47"
},
"name": "mycrypto",
"password": "foobartest121",
"priv": "05a4d3eb46c742cb8850440145ce70cbc80b59f891cf5f50fd3e9c280b50c4e4"
},
%*{
"keyfile": {
"crypto": {
"cipher": "aes-128-ctr",
"cipherparams": {
"iv": "7e7b02d2b4ef45d6c98cb885e75f48d5",
},
"ciphertext": "a7a5743a6c7eb3fa52396bd3fd94043b79075aac3ccbae8e62d3af94db00397c",
"kdf": "scrypt",
"kdfparams": {
"dklen": 32,
"n": 8192,
"p": 1,
"r": 8,
"salt": "247797c7a357b707a3bdbfaa55f4c553756bca09fec20ddc938e7636d21e4a20",
},
"mac": "5a3ba5bebfda2c384586eda5fcda9c8397d37c9b0cc347fea86525cf2ea3a468",
},
"address": "0b6f2de3dee015a95d3330dcb7baf8e08aa0112d",
"id": "3c8efdd6-d538-47ec-b241-36783d3418b9",
"version": 3
},
"password": "moomoocow",
"priv": "21eac69b9a52f466bfe9047f0f21c9caf3a5cdaadf84e2750a9b3265d450d481",
"name": "eth-keyfile-conftest"
}
]
test "Testing nim-eth test vectors":
var secret: KfResult[seq[byte]]
var expectedSecret: seq[byte]
for i in 0..<TestVectors.len:
# Decryption with correct password
expectedSecret = decodeHex(TestVectors[i].getOrDefault("priv").getStr())
secret =
decodeKeyFileJson(TestVectors[i].getOrDefault("keyfile"),
TestVectors[i].getOrDefault("password").getStr())
check:
secret.isOk()
secret.get() == expectedSecret
# Decryption with wrong password
secret = decodeKeyFileJson(TestVectors[i].getOrDefault("keyfile"), "wrongpassword")
check:
secret.isErr()
secret.error == KeyFileError.IncorrectMac
test "Wrong mac in keyfile":
# This keyfile is the same as the first one in TestVectors,
# but the last byte of mac is changed to 00.
# While ciphertext is the correct encryption of priv under password,
# mac verfication should fail and nothing will be decrypted
let keyfileWrongMac = %*{
"keyfile": {
"crypto" : {
"cipher" : "aes-128-ctr",
"cipherparams" : {"iv" : "6087dab2f9fdbbfaddc31a909735c1e6"},
"ciphertext" : "5318b4d5bcd28de64ee5559e671353e16f075ecae9f99c7a79a38af5f869aa46",
"kdf" : "pbkdf2",
"kdfparams" : {
"c" : 262144,
"dklen" : 32,
"prf" : "hmac-sha256",
"salt" : "ae3cd4e7013836a3df6bd7241b12db061dbe2c6785853cce422d148a624ce0bd"
},
"mac" : "517ead924a9d0dc3124507e3393d175ce3ff7c1e96529c6c555ce9e51205e900"
},
"id" : "3198bc9c-6672-5ab3-d995-4942343ae5b6",
"version" : 3
},
"name": "test1",
"password": "testpassword",
"priv": "7a28b5ba57c53603b0b07b56bba752f7784bf506fa95edc395f5cf6c7514fe9d"
}
# Decryption with correct password
let expectedSecret = decodeHex(keyfileWrongMac.getOrDefault("priv").getStr())
let secret =
decodeKeyFileJson(keyfileWrongMac.getOrDefault("keyfile"),
keyfileWrongMac.getOrDefault("password").getStr())
check:
secret.isErr()
secret.error == KeyFileError.IncorrectMac
test "Scrypt keyfiles":
let
expectedSecret = randomSeqByte(rng[], 300)
password = "miawmiawcat"
# By default, keyfiles' encryption key is derived from password using PBKDF2.
# Here we test keyfiles encypted with a key derived from password using scrypt
jsonKeyfile = createKeyFileJson(expectedSecret, password, 3, AES128CTR, SCRYPT)
check:
jsonKeyfile.isOk()
let secret = decodeKeyFileJson(jsonKeyfile.get(), password)
check:
secret.isOk()
secret.get() == expectedSecret
test "Load non-existent keyfile test":
check:
loadKeyFiles("nonexistant.keyfile", "password").error ==
KeyFileError.KeyfileDoesNotExist