Start fleshing out the tests.

mozilla · Jan 24, 2019 · 7fa784c · 7fa784c
1 parent 614dae4
commit 7fa784c
Show file tree

Hide file tree

Showing 16 changed files with 1,005 additions and 286 deletions.
diff --git a/dist/FxAccountsPairingChannel.babel.umd.js b/dist/FxAccountsPairingChannel.babel.umd.js
diff --git a/dist/FxAccountsPairingChannel.js b/dist/FxAccountsPairingChannel.js
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -37,7 +37,9 @@
     "karma-chai-plugins": "~0.9.0",
     "karma-firefox-launcher": "~1.1.0",
     "karma-mocha": "~1.3.0",
+    "karma-sinon": "^1.0.5",
     "mocha": "~5.2.0",
+    "sinon": "^7.2.3",
     "webpack": "~4.27.1",
     "webpack-cli": "~3.1.2"
   }

diff --git a/src/crypto.js b/src/crypto.js
@@ -18,6 +18,7 @@ import {
   utf8ToBytes,
   BufferWriter,
 } from './utils.js';
+import { ALERT_DESCRIPTION, TLSError } from './alerts.js';
 
 export const AEAD_SIZE_INFLATION = 16;
 export const KEY_LENGTH = 16;
@@ -40,12 +41,17 @@ export async function encrypt(key, iv, plaintext, additionalData) {
 }
 
 export async function decrypt(key, iv, ciphertext, additionalData) {
-  const plaintext = await crypto.subtle.decrypt({
-    additionalData,
-    iv,
-    name: 'AES-GCM',
-    tagLength: AEAD_SIZE_INFLATION * 8
-  }, key, ciphertext);
+  let plaintext;
+  try {
+    plaintext = await crypto.subtle.decrypt({
+      additionalData,
+      iv,
+      name: 'AES-GCM',
+      tagLength: AEAD_SIZE_INFLATION * 8
+    }, key, ciphertext);
+  } catch (err) {
+    throw new TLSError(ALERT_DESCRIPTION.BAD_RECORD_MAC);
+  }
   assert(plaintext.byteLength + AEAD_SIZE_INFLATION === ciphertext.byteLength, 'incorrect AEAD_SIZE_INFLATION');
   return new Uint8Array(plaintext);
 }

diff --git a/src/index.js b/src/index.js
@@ -20,7 +20,7 @@ import {
   bytesToUtf8,
 } from './utils.js';
 
-import {EventTarget} from 'event-target-shim';
+import { EventTarget } from 'event-target-shim';
 
 const CLOSE_FLUSH_BUFFER_INTERVAL_MS = 200;
 const CLOSE_FLUSH_BUFFER_MAX_TRIES = 5;
@@ -96,7 +96,6 @@ export class PairingChannel extends EventTarget {
         const payload = await this._connection.recv(hexToBytes(channelServerEnvelope.message));
         if (payload !== null) {
           const data = JSON.parse(bytesToUtf8(payload));
-          console.log('MESSAGE', data);
           this.dispatchEvent(new CustomEvent('message', {
             detail: {
               data,
@@ -105,15 +104,11 @@ export class PairingChannel extends EventTarget {
           }));
         }
       } catch (error) {
-        console.log('RECV ERROR', error, this);
-        setTimeout(() => {
         this.dispatchEvent(new CustomEvent('error', {
           detail: {
             error,
           },
         }));
-        }, 500);
-        console.log('  dispatched');
       }
     });
     // Relay the WebSocket events.
@@ -169,3 +164,21 @@ export class PairingChannel extends EventTarget {
 
 // Re-export helpful utilities for calling code to use.
 export { bytesToHex, hexToBytes, bytesToUtf8, utf8ToBytes };
+
+// For running tests using the built bundle,
+// expose a bunch of implementation details.
+
+import { TLSError } from './alerts.js';
+import { BufferReader, BufferWriter, bytesAreEqual } from './utils.js';
+export const _internals = {
+  BufferReader,
+  BufferWriter,
+  ClientConnection,
+  ServerConnection,
+  TLSError,
+  bytesAreEqual,
+  bytesToHex,
+  bytesToUtf8,
+  hexToBytes,
+  utf8ToBytes,
+};
diff --git a/src/recordlayer.js b/src/recordlayer.js
@@ -66,6 +66,7 @@ import {
   BufferWriter,
   EMPTY,
 } from './utils.js';
+import { alertIf, ALERT_DESCRIPTION } from './alerts.js';
 
 /* eslint-disable sorting/sort-object-props */
 export const RECORD_TYPE = {
@@ -197,9 +198,9 @@ export class RecordLayer {
     }
     let length = buf.tell() - RECORD_HEADER_SIZE;
     if (this._sendCipherState.key === null) {
+      assert(type !== RECORD_TYPE.APPLICATION_DATA, 'must encrypt application data');
       // Generate an unencrypted `TLSPlaintext` struct by just
       // filling in an appropriate record header.
-      assert(type !== RECORD_TYPE.APPLICATION_DATA, 'must encrypt application data');
       buf.seek(0);
       buf.writeUint8(type);
       buf.writeUint16(VERSION_TLS_1_2);
@@ -266,14 +267,15 @@ export class RecordLayer {
       const length = buf.readUint16();
       let plaintext;
       if (this._recvCipherState.key === null || type === RECORD_TYPE.CHANGE_CIPHER_SPEC) {
+        // Application data must never be received plaintext.
+        alertIf(type === RECORD_TYPE.APPLICATION_DATA, ALERT_DESCRIPTION.UNEXPECTED_MESSAGE);
         // An unencrypted `TLSPlaintext` struct.
-        assert(type !== RECORD_TYPE.APPLICATION_DATA, 'must encrypt application data');
-        assert(length < MAX_RECORD_SIZE, 'record_overflow');
+        alertIf(length >= MAX_RECORD_SIZE, ALERT_DESCRIPTION.RECORD_OVERFLOW);
         plaintext = buf.readBytes(length);
       } else {
         // An encrypted `TLSCiphertext` struct.
-        assert(length < MAX_ENCRYPTED_RECORD_SIZE, 'record_overflow');
-        assert(type === RECORD_TYPE.APPLICATION_DATA, 'outer opaque_type should always be application data');
+        alertIf(length >= MAX_ENCRYPTED_RECORD_SIZE, ALERT_DESCRIPTION.RECORD_OVERFLOW);
+        alertIf(type !== RECORD_TYPE.APPLICATION_DATA, ALERT_DESCRIPTION.DECODE_ERROR);
         // Decrypt and decode the contained `TLSInnerPlaintext` struct:
         //
         //    struct {