Merge pull request #768 from ryanxcharles/feature/authentication

Authentication

test/index.html

@@ -15,6 +15,7 @@
     <script src="../lib/bitcore/browser/bundle.js"></script> 
     <script src="../js/copayBundle.js"></script>
     <script src="test.blockchain.Insight.js"></script>
+    <script src="test.Message.js"></script>
     <script src="test.network.WebRTC.js"></script>
     <script src="test.PrivateKey.js"></script>
     <script src="test.PublicKeyRing.js"></script>

test/test.Message.js

@@ -0,0 +1,103 @@
+'use strict';
+
+var chai = chai || require('chai');
+var should = chai.should();
+var sinon = require('sinon');
+var Message = require('../js/models/core/Message');
+var bitcore = bitcore || require('bitcore');
+var Buffer = bitcore.Buffer;
+
+describe('Message model', function() {
+  var key = new bitcore.Key();
+  key.private = bitcore.util.sha256(new Buffer('test'));
+  key.regenerateSync();
+
+  var key2 = new bitcore.Key();
+  key2.private = bitcore.util.sha256(new Buffer('test 2'));
+  key2.regenerateSync();
+
+  describe('#encode', function() {
+    
+    it('should encode a message', function() {
+      var message = new Buffer('message');
+      var encoded = Message.encode(key2.public, key, message);
+      should.exist(encoded.pubkey);
+      should.exist(encoded.sig);
+      should.exist(encoded.encrypted);
+    });
+
+  });
+
+  describe('#decode', function() {
+
+    it('should decode an encoded message', function() {
+      var message = new Buffer('message');
+      var messagehex = message.toString('hex');
+      var encoded = Message.encode(key2.public, key, message);
+    
+      var decoded = Message.decode(key2, encoded);
+      decoded.toString('hex').should.equal(messagehex);
+    });
+
+    it('should fail if the version number is incorrect', function() {
+      var payload = new Buffer('message');
+      var fromkey = key;
+      var topubkey = key2.public;
+      var version = new Buffer([1]);
+      var toencrypt = Buffer.concat([version, payload]);
+      var encrypted = Message._encrypt(topubkey, toencrypt);
+      var sig = Message._sign(fromkey, encrypted);
+      var encoded = {
+        pubkey: fromkey.public.toString('hex'),
+        sig: sig.toString('hex'),
+        encrypted: encrypted.toString('hex')
+      };
+    
+      (function() {Message.decode(key2, encoded);}).should.throw('Invalid version number');
+    });
+
+  });
+
+  describe('#_encrypt', function() {
+    
+    it('should encrypt data', function() {
+      var payload = new Buffer('payload');
+      var encrypted = Message._encrypt(key.public, payload);
+      encrypted.length.should.equal(129);
+    });
+
+  });
+
+  describe('#_decrypt', function() {
+    var payload = new Buffer('payload');
+    var payloadhex = payload.toString('hex');
+    
+    it('should decrypt encrypted data', function() {
+      var encrypted = Message._encrypt(key.public, payload);
+      var decrypted = Message._decrypt(key.private, encrypted);
+      decrypted.toString('hex').should.equal(payloadhex);
+    });
+
+  });
+
+  describe('#_sign', function() {
+    
+    it('should sign data', function() {
+      var payload = new Buffer('payload');
+      var sig = Message._sign(key, payload);
+      sig.length.should.be.greaterThan(60);
+    });
+
+  });
+
+  describe('#_verify', function() {
+    var payload = new Buffer('payload');
+    var sig = Message._sign(key, payload);
+    
+    it('should verify signed data', function() {
+      Message._verify(key.public, sig, payload).should.equal(true);
+    });
+
+  });
+
+});

test/test.network.WebRTC.js

@@ -46,26 +46,28 @@ describe('Network / WebRTC', function() {
 
   });
 
-  describe('#_encrypt', function() {
+  describe('#_encode', function() {
 
-    it('should encrypt data successfully', function() {
+    it('should encode data successfully', function() {
       var n = new WebRTC();
-      var data = new bitcore.Buffer('my data to encrypt');
+      var data = new bitcore.Buffer('my data to encode');
       var privkeystr = new bitcore.Buffer('test privkey');
       var privkey = bitcore.util.sha256(privkeystr);
       var key = new bitcore.Key();
       key.private = privkey;
       key.regenerateSync();
-      var encrypted = n._encrypt(key.public, data);
-      encrypted.length.should.not.equal(0);
-      encrypted.length.should.equal(145);
+      var encoded = n._encode(key.public, key, data);
+      should.exist(encoded);
+      encoded.sig.length.should.not.equal(0);
+      encoded.pubkey.length.should.not.equal(0);
+      encoded.encrypted.length.should.not.equal(0);
     });
 
   });
 
-  describe('#_decrypt', function() {
+  describe('#_decode', function() {
 
-    it('should decrypt that which was encrypted', function() {
+    it('should decode that which was encoded', function() {
       var n = new WebRTC();
       var data = new bitcore.Buffer('my data to encrypt');
       var privkeystr = new bitcore.Buffer('test privkey');
@@ -73,10 +75,10 @@ describe('Network / WebRTC', function() {
       var key = new bitcore.Key();
       key.private = privkey;
       key.regenerateSync();
-      var encrypted = n._encrypt(key.public, data);
-      var decrypted = n._decrypt(key.private, encrypted);
-      encrypted.length.should.not.equal(0);
-      decrypted.toString().should.equal('my data to encrypt');
+      var encoded = n._encode(key.public, key, data);
+      var decoded = n._decode(key, encoded);
+      encoded.sig.should.not.equal(0);
+      decoded.toString().should.equal('my data to encrypt');
     });
 
   });
@@ -85,6 +87,7 @@ describe('Network / WebRTC', function() {
 
     it('should call _sendToOne for a copayer', function(done) {
       var n = new WebRTC();
+      n.privkey = bitcore.util.sha256('test');
 
       var data = new bitcore.Buffer('my data to send');
 
@@ -95,7 +98,7 @@ describe('Network / WebRTC', function() {
       key.regenerateSync();
 
       var copayerId = key.public.toString('hex');
-      n._sendToOne = function(a1, a2, a3, cb) {
+      n._sendToOne = function(a1, a2, cb) {
         cb();
       };
       var sig = undefined;
@@ -107,6 +110,7 @@ describe('Network / WebRTC', function() {
 
     it('should call _sendToOne with encrypted data for a copayer', function(done) {
       var n = new WebRTC();
+      n.privkey = bitcore.util.sha256('test');
 
       var data = new bitcore.Buffer('my data to send');
 
@@ -117,8 +121,9 @@ describe('Network / WebRTC', function() {
       key.regenerateSync();
 
       var copayerId = key.public.toString('hex');
-      n._sendToOne = function(a1, encPayload, a3, cb) {
-        encPayload.length.should.be.greaterThan(0);
+      n._sendToOne = function(a1, enc, cb) {
+        var encPayload = JSON.parse(enc.toString());
+        encPayload.sig.length.should.be.greaterThan(0);
         cb();
       };
       var sig = undefined;
@@ -130,6 +135,7 @@ describe('Network / WebRTC', function() {
 
     it('should call _sendToOne for a list of copayers', function(done) {
       var n = new WebRTC();
+      n.privkey = bitcore.util.sha256('test');
 
       var data = new bitcore.Buffer('my data to send');
 
@@ -140,7 +146,7 @@ describe('Network / WebRTC', function() {
       key.regenerateSync();
 
       var copayerIds = [key.public.toString('hex')];
-      n._sendToOne = function(a1, a2, a3, cb) {
+      n._sendToOne = function(a1, a2, cb) {
         cb();
       };
       var sig = undefined;
@@ -151,4 +157,73 @@ describe('Network / WebRTC', function() {
     });
   });
 
+  describe('#_onData', function() {
+    var privkey1 = bitcore.util.sha256('test privkey 1');
+    var privkey2 = bitcore.util.sha256('test privkey 2');
+    var privkey3 = bitcore.util.sha256('test privkey 2');
+
+    var key1 = new bitcore.Key();
+    key1.private = privkey1;
+    key1.regenerateSync();
+
+    var key2 = new bitcore.Key();
+    key2.private = privkey2;
+    key2.regenerateSync();
+
+    var key3 = new bitcore.Key();
+    key3.private = privkey3;
+    key3.regenerateSync();
+
+    it('should not reject data sent from a peer with hijacked pubkey', function() {
+      var n = new WebRTC();
+      n.privkey = key2.private.toString('hex');
+
+      var message = {
+        type: 'hello',
+        copayerId: key1.public.toString('hex')
+      };
+      var messagestr = JSON.stringify(message);
+      var messagebuf = new Buffer(messagestr);
+
+      var encoded = n._encode(key2.public, key1, messagebuf);
+      var encodedstr = JSON.stringify(encoded);
+      var encodeduint = new Buffer(encodedstr);
+
+      var isInbound = true;
+      var peerId = new bitcore.SIN(key1.public);
+
+      n._deletePeer = sinon.spy();
+
+      n._onData(encodeduint, isInbound, peerId);
+      n._deletePeer.calledOnce.should.equal(false);
+    });
+
+    it('should reject data sent from a peer with hijacked pubkey', function() {
+      var n = new WebRTC();
+      n.privkey = key2.private.toString('hex');
+
+      var message = {
+        type: 'hello',
+        copayerId: key3.public.toString('hex') //MITM pubkey 3
+      };
+      var messagestr = JSON.stringify(message);
+      var messagebuf = new Buffer(messagestr);
+
+      var encoded = n._encode(key2.public, key1, messagebuf);
+      var encodedstr = JSON.stringify(encoded);
+      var encodeduint = new Buffer(encodedstr);
+
+      var isInbound = true;
+      var peerId = new bitcore.SIN(key1.public);
+
+      n._deletePeer = sinon.spy();
+
+      n._onData(encodeduint, isInbound, peerId);
+      n._deletePeer.calledOnce.should.equal(true);
+      n._deletePeer.getCall(0).args[0].should.equal(peerId);
+      n._deletePeer.getCall(0).args[1].should.equal('incorrect pubkey for peerId');
+    });
+
+  });
+
 });