Stian/Shade
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
da93b97cce328541140b4e05c362a5ae81f72e4e
Shade/packages/shade-crypto-web/tests/worker-streams.test.ts

231 lines
7.0 KiB
TypeScript
Raw Normal View History

release(v4.0.0): Shade GA — V3.x consolidation + audit prep V3.1 → V3.12 consolidated and tagged for the first GA release. Wire format unchanged from 0.4.x — 4.0 peers interoperate with 0.4.x peers byte-for-byte. The version bump is semantic: audit-cycle complete, opt-in surface fully exposed, threat model refreshed for every new surface. Highlights: - All 24 @shade/* packages bumped to 4.0.0 in lockstep. - CHANGELOG 4.0.0 section is the canonical manifest of what landed. - THREAT-MODEL extended (§10 fingerprint gates, §11 WebRTC P2P, §12 Web-Worker boundary) + residual-risks table refreshed. - OpenAPI now covers all 27 routes: prekey, transfer, KT, inbox, bridge, observer, /metrics, /healthz, /ready. - MIGRATION 0.3.x → 4.0 documented + smoke-tested against shade migrate-storage on a real SQLite DB. - docs/audit/REVIEW-BUNDLE.md + SCOPE.md ready for external reviewer. - scripts/soak.ts harness for the GA-stable 2-week soak window. - All V*.md plans archived under docs/archive/ with Status: Done. - Voice/Video carved out into V5.0; 4.0 audit focuses on the frozen non-realtime stack. Tests: TS 1000/1000 + Kotlin 11/11 cross-platform vectors green. Docker: gt.zyon.no/stian/shade-prekey:4.0.0 builds and reports version 4.0.0 on /health. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-03 18:35:35 +02:00
import { afterEach, describe, expect, test } from 'bun:test';
import { sha256 } from '@noble/hashes/sha2.js';
import {
createDecryptStream,
createEncryptStream,
createWorkerCryptoProvider,
SubtleCryptoProvider,
WorkerCryptoProvider,
} from '../src/index.js';
const WORKER_URL = new URL('../src/worker.ts', import.meta.url);
const subtle = new SubtleCryptoProvider();
let provider: WorkerCryptoProvider | null = null;
afterEach(async () => {
if (provider) {
await provider.destroy();
provider = null;
}
});
async function makeProvider(): Promise<WorkerCryptoProvider> {
provider = await createWorkerCryptoProvider({ workerUrl: WORKER_URL });
return provider;
}
async function readAll(rs: ReadableStream<Uint8Array>): Promise<Uint8Array> {
const reader = rs.getReader();
const parts: Uint8Array[] = [];
let total = 0;
for (;;) {
const { done, value } = await reader.read();
if (done) break;
parts.push(value);
total += value.byteLength;
}
const out = new Uint8Array(total);
let off = 0;
for (const p of parts) {
out.set(p, off);
off += p.byteLength;
}
return out;
}
function streamFromChunks(chunks: Uint8Array[]): ReadableStream<Uint8Array> {
let i = 0;
return new ReadableStream<Uint8Array>({
pull(controller) {
if (i < chunks.length) controller.enqueue(chunks[i++]!);
else controller.close();
},
});
}
describe('encryptStream / decryptStream — round-trip', () => {
test('round-trips small payload exactly', async () => {
const p = await makeProvider();
const streamId = subtle.randomBytes(16);
const streamSecret = subtle.randomBytes(32);
const plaintext = new TextEncoder().encode('hello stream');
const enc = await createEncryptStream({
provider: p,
streamId,
streamSecret,
chunkSize: 1024,
});
const wireBytes = await readAll(
streamFromChunks([plaintext]).pipeThrough(enc.stream),
);
// Frame: each enqueue is one wire envelope. We can't trivially split
// a concatenated buffer back into envelopes, but we know how many
// chunks were emitted (len/chunkSize, plus the final isLast). Easier
// path: collect them as separate writes through a side channel.
const chunks: Uint8Array[] = [];
await streamFromChunks([plaintext])
.pipeThrough(
(
await createEncryptStream({
provider: p,
streamId,
streamSecret,
chunkSize: 1024,
})
).stream,
)
.pipeTo(
new WritableStream<Uint8Array>({
write(c) {
chunks.push(c);
},
}),
);
const dec = await createDecryptStream({ provider: p, streamId, streamSecret });
const recovered = await readAll(streamFromChunks(chunks).pipeThrough(dec.stream));
expect(recovered).toEqual(plaintext);
expect(wireBytes.byteLength).toBeGreaterThan(plaintext.byteLength); // overhead
});
test('round-trips multi-chunk payload with sha256 parity', async () => {
const p = await makeProvider();
const streamId = subtle.randomBytes(16);
const streamSecret = subtle.randomBytes(32);
const total = 750 * 1024; // 750 KiB → forces 3+ chunks at 256 KiB
const plaintext = subtle.randomBytes(total);
const expectedSha = sha256(plaintext);
const enc = await createEncryptStream({
provider: p,
streamId,
streamSecret,
chunkSize: 256 * 1024,
});
const wireChunks: Uint8Array[] = [];
await streamFromChunks([plaintext])
.pipeThrough(enc.stream)
.pipeTo(
new WritableStream<Uint8Array>({
write(c) {
wireChunks.push(c);
},
}),
);
// 750 KiB / 256 KiB = 2 full chunks + 1 final (238 KiB, isLast=true)
expect(wireChunks.length).toBe(3);
const senderLaneSha = await enc.laneSha256;
expect(senderLaneSha).toEqual(expectedSha);
const dec = await createDecryptStream({
provider: p,
streamId,
streamSecret,
});
const recovered = await readAll(streamFromChunks(wireChunks).pipeThrough(dec.stream));
expect(recovered).toEqual(plaintext);
expect(await dec.laneSha256).toEqual(expectedSha);
});
test('fragmented input produces same output as single-shot', async () => {
const p = await makeProvider();
const streamId = subtle.randomBytes(16);
const streamSecret = subtle.randomBytes(32);
const plaintext = subtle.randomBytes(50_000);
async function run(parts: Uint8Array[]): Promise<Uint8Array[]> {
const wire: Uint8Array[] = [];
const e = await createEncryptStream({
provider: p!,
streamId,
streamSecret,
chunkSize: 8 * 1024,
});
await streamFromChunks(parts)
.pipeThrough(e.stream)
.pipeTo(new WritableStream({ write: (c) => void wire.push(c) }));
return wire;
}
const single = await run([plaintext]);
const split = await run([
plaintext.subarray(0, 17_000),
plaintext.subarray(17_000, 33_000),
plaintext.subarray(33_000),
]);
expect(split.length).toBe(single.length);
for (let i = 0; i < single.length; i++) {
// Same chunk size, same lane key, same seq — wire bytes match
// byte-for-byte (deterministic nonces + AEAD).
expect(split[i]).toEqual(single[i]!);
}
});
test('100 KiB stream end-to-end completes', async () => {
const p = await makeProvider();
const streamId = subtle.randomBytes(16);
const streamSecret = subtle.randomBytes(32);
const plaintext = subtle.randomBytes(100 * 1024);
const enc = await createEncryptStream({
provider: p,
streamId,
streamSecret,
chunkSize: 16 * 1024,
});
const wire: Uint8Array[] = [];
await streamFromChunks([plaintext])
.pipeThrough(enc.stream)
.pipeTo(new WritableStream({ write: (c) => void wire.push(c) }));
const dec = await createDecryptStream({ provider: p, streamId, streamSecret });
const out = await readAll(streamFromChunks(wire).pipeThrough(dec.stream));
expect(out).toEqual(plaintext);
expect(await dec.laneSha256).toEqual(await enc.laneSha256);
});
test('decryptStream rejects out-of-order chunks', async () => {
const p = await makeProvider();
const streamId = subtle.randomBytes(16);
const streamSecret = subtle.randomBytes(32);
const plaintext = subtle.randomBytes(20_000);
const enc = await createEncryptStream({
provider: p,
streamId,
streamSecret,
chunkSize: 4 * 1024,
});
const wire: Uint8Array[] = [];
await streamFromChunks([plaintext])
.pipeThrough(enc.stream)
.pipeTo(new WritableStream({ write: (c) => void wire.push(c) }));
expect(wire.length).toBeGreaterThan(2);
// Swap first and second chunk
[wire[0], wire[1]] = [wire[1]!, wire[0]!];
const dec = await createDecryptStream({ provider: p, streamId, streamSecret });
await expect(
streamFromChunks(wire).pipeThrough(dec.stream).pipeTo(
new WritableStream({ write() {} }),
),
).rejects.toThrow();
});
});
Reference in New Issue Copy Permalink