diff --git a/index.js b/index.js index 3aff528..50a1f45 100644 --- a/index.js +++ b/index.js @@ -41,7 +41,7 @@ const encryption_mode_cbc_128 = { /** * creates a random string * - * @param {number} len string length default: 6 + * @param {number} len string length default: 8 * @returns {string} random string */ function random_string (len = 8) { diff --git a/package.json b/package.json index 1d9343e..8d17f2d 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@sapphirecode/crypto-helper", - "version": "1.1.61", + "version": "1.1.62", "main": "index.js", "author": { "name": "Timo Hocker", diff --git a/test/spec/index.js b/test/spec/index.js index eef222c..a6ff525 100644 --- a/test/spec/index.js +++ b/test/spec/index.js @@ -28,7 +28,7 @@ describe ('crypto helper', () => { .toMatch (/^[0-9a-f]+$/iu); }); - it ('random_hex should refuse lenght smaller 1', () => { + it ('random_hex should refuse length smaller 1', () => { expect ( () => (crypto.random_hex (0)) ) @@ -55,7 +55,7 @@ describe ('crypto helper', () => { .toEqual (8); }); - it ('random_string should refuse lenght smaller 1', () => { + it ('random_string should refuse length smaller 1', () => { expect ( () => (crypto.random_string (0)) ) @@ -126,6 +126,14 @@ describe ('crypto helper', () => { .toEqual (dec); }); + it ('should reject tampered signatures', () => { + const obj = { foo: 'bar' }; + const str = crypto.sign_object (obj, 'baz'); + const dec = crypto.verify_signature (str, 'foo'); + expect (dec) + .toEqual (null); + }); + it ('should return null on invalid input', () => { const ver = crypto.verify_signature (null, 'foo'); expect (ver) @@ -136,44 +144,86 @@ describe ('crypto helper', () => { }); it ('should not fail verification if timeout unspecified', async () => { + jasmine.clock () + .install (); + const base_time = (new Date); + jasmine.clock () + .mockDate (base_time); + const obj = { foo: 'bar' }; const str = crypto.sign_object (obj, 'baz'); - await new Promise ((res) => { - setTimeout (res, 10); - }); + + jasmine.clock () + .tick (36e5); + const dec = crypto.verify_signature (str, 'baz'); expect (obj) .toEqual (dec); - }); - it ('should reject tampered signatures', () => { - const obj = { foo: 'bar' }; - const str = crypto.sign_object (obj, 'baz'); - const dec = crypto.verify_signature (str, 'foo'); - expect (dec) - .toEqual (null); + jasmine.clock () + .uninstall (); }); it ('should reject old signatures', async () => { + jasmine.clock () + .install (); + const base_time = (new Date); + jasmine.clock () + .mockDate (base_time); + const obj = { foo: 'bar' }; const str = crypto.sign_object (obj, 'baz'); - await new Promise ((res) => { - setTimeout (res, 10); - }); + + jasmine.clock () + .tick (50); + const dec = crypto.verify_signature (str, 'baz', 1); expect (dec) .toEqual (null); + + jasmine.clock () + .uninstall (); }); it ('should not reject valid signatures', async () => { + jasmine.clock () + .install (); + const base_time = (new Date); + jasmine.clock () + .mockDate (base_time); + const obj = { foo: 'bar' }; const str = crypto.sign_object (obj, 'baz'); - await new Promise ((res) => { - setTimeout (res, 10); - }); + + jasmine.clock () + .tick (50); + const dec = crypto.verify_signature (str, 'baz', 100); expect (obj) .toEqual (dec); + + jasmine.clock () + .uninstall (); + }); + + it ('verify_signature on almost timed out packet', () => { + jasmine.clock () + .install (); + const base_time = (new Date); + jasmine.clock () + .mockDate (base_time); + + const obj = { foo: 'bar' }; + const str = crypto.sign_object (obj, 'baz'); + + jasmine.clock () + .tick (10); + const dec = crypto.verify_signature (str, 'baz', 10); + expect (obj) + .toEqual (dec); + + jasmine.clock () + .uninstall (); }); it ('should decode problematic token', () => {