remove now-unused function, consolidate remaining common functions

[squeep-mystery-box] / test / lib / mystery-box.js

/* eslint-env mocha */
/* eslint-disable capitalized-comments */
'use strict';

const assert = require('assert');
const sinon = require('sinon'); // eslint-disable-line node/no-unpublished-require
const MysteryBox = require('../../lib/mystery-box');
const { MysteryBoxError } = require('../../lib/errors');
const crypto = require('crypto');

function _verbose(mb) {
  if (process.env.VERBOSE_TESTS) {
    mb.on('statistics', (...args) => console.log(...args));
  }
}

describe('MysteryBox', function () {
  let mb, options, object;
  beforeEach(function () {
    options = {
      encryptionSecret: 'this is not a very good secret',
    };
  });
  afterEach(function () {
    sinon.restore();
  });

  describe('constructor', function () {
    it('needs a secret', async function () {
      options = {};
      assert.rejects(() => new MysteryBox(options));
    });

    it('accepts multiple secrets', async function () {
      this.slow(500);
      options = {
        encryptionSecret: ['first poor secret', 'second poor secret'],
      };
      mb = new MysteryBox(options);
      _verbose(mb);
      object = {
        foo: 'bar',
        baz: 'quux',
        flarp: 13,
      };
      const encryptedResult = await mb.pack(object);
      const decryptedResult = await mb.unpack(encryptedResult);
      assert.deepStrictEqual(decryptedResult, object);
    });

    it('covers options', function () {
      assert.rejects(() => new MysteryBox());
    });

    it('covers bad flags', function () {
      options.defaultFlags = 300;
      assert.rejects(() => new MysteryBox(options), MysteryBoxError);
    });

    it('covers missing ciphers', function () {
      sinon.stub(crypto, 'getCiphers').returns(['rot13']);
      assert.rejects(() => new MysteryBox(options));
    });
  }); // constructor

  describe('_ensureArray', function () {
    it('returns empty array for no data', function () {
      const result = MysteryBox._ensureArray();
      assert.deepStrictEqual(result, []);
    });
    it('returns same array passed in', function () {
      const expected = [1, 2, 3, 'foo'];
      const result = MysteryBox._ensureArray(expected);
      assert.deepStrictEqual(result, expected);
    });
    it('returns array containing non-array data', function () {
      const data = 'bar';
      const result = MysteryBox._ensureArray(data);
      assert.deepStrictEqual(result, [data]);
    });
  }); // _ensureArray

  describe('_keyFromSecret', function () {
    it('covers invalid', async function () {
      assert.rejects(() => MysteryBox._keyFromSecret('unknown deriver', 'secret', 'salt', 32), MysteryBoxError);
    });
  }); // _keyFromSecret

  describe('_versionHeaderDecode', function () {
    function _check(firstByte, numBytes, value) {
      const result = MysteryBox._versionHeaderDecode(firstByte);
      assert.strictEqual(result.numBytes, numBytes);
      assert.strictEqual(result.firstByte, value);
    }
    it('decodes single byte, min', function () {
      _check(0x00, 1, 0x00);
    });
    it('decodes single byte, max', function () {
      _check(0x7f, 1, 0x7f);
    });
    it('decodes double byte, min', function () {
      _check(0x80, 2, 0x00);
    });
    it('decodes double byte, max', function () {
      _check(0xbf, 2, 0x3f);
    });
    it('decodes triple byte, min', function () {
      _check(0xc0, 3, 0x00);
    });
    it('decodes triple byte, max', function () {
      _check(0xdf, 3, 0x1f);
    });
    it('decodes quadruple byte, min', function () {
      _check(0xe0, 4, 0x00);
    });
    it('decodes quadruple byte, max', function () {
      _check(0xef, 4, 0x0f);
    });
    it('decodes quintuple byte, min', function () {
      _check(0xf0, 5, 0x00);
    });
    it('decodes quintuple byte, max', function () {
      _check(0xf7, 5, 0x07);
    });
    it('decodes sextuple byte, min', function () {
      _check(0xf8, 6, 0x00);
    });
    it('decodes sextuple byte, max', function () {
      _check(0xfb, 6, 0x03);
    });
    it('decodes septuple byte, min', function () {
      _check(0xfc, 7, 0x00);
    });
    it('decodes septuple byte, max', function () {
      _check(0xfd, 7, 0x01);
    });
    it('decodes double byte, min', function () {
      _check(0xfe, 8, 0x00);
    });
    it('decodes double byte, max', function () {
      _check(0xfe, 8, 0x00);
    });
    it('covers unsupported', function () {
      assert.throws(() => MysteryBox._versionHeaderDecode(0xff), MysteryBoxError);
    });
  }); // _versionHeaderDecode

  describe('_versionDecode', function () {
    function _checkDecodeRange(start, end, numBytes, headerByte) {
      const headerMask = ((0xff << (8 - numBytes)) & 0xff) >>> 0;
      const hByte = ((0xff << (8 - numBytes + 1)) & 0xff) >>> 0;
      assert.strictEqual(hByte, headerByte, `TEST ERROR: unexpected header for length, computed: ${hByte.toString(16)} passed: ${headerByte.toString(16)}`);
      for (let v = start; v <= end; v++) {
        const buffer = Buffer.alloc(numBytes);
        buffer.writeUIntBE(v, 0, numBytes);
        assert((buffer[0] & headerMask) === 0, `TEST ERROR: version ${v} encroached on headerByte 0x${headerByte.toString(16)} (${headerByte.toString(2)} & ${buffer[0].toString(2)})`);
        buffer[0] = (buffer[0] | headerByte) >>> 0;
        const { version, versionBytes } = MysteryBox._versionDecode(buffer);
        assert.strictEqual(versionBytes, numBytes);
        assert.strictEqual(version, v);
      }
    }
    it('covers single-byte versions', function () {
      _checkDecodeRange(0, 127, 1, 0x00);
    });
    it('covers double-byte versions', function () {
      _checkDecodeRange(128, 136, 2, 0x80);
      // ...
      _checkDecodeRange(16375, 16383, 2, 0x80);
    });
    it('covers triple-byte versions', function () {
      _checkDecodeRange(16384, 16390, 3, 0xc0);
      // ...
      _checkDecodeRange(2097145, 2097151, 3, 0xc0);
    });
    it('covers quadruple-byte versions', function () {
      _checkDecodeRange(2097151, 2097160, 4, 0xe0);
      // ...
      _checkDecodeRange(268435445, 268435455, 4, 0xe0);
    });
    it('covers quintuple-byte versions', function () {
      _checkDecodeRange(268435445, 268435445, 5, 0xf0);
      // ...
      _checkDecodeRange(34359738360, 34359738367, 5, 0xf0);
    });
    it('covers sextuple-byte versions', function () {
      _checkDecodeRange(34359738367, 34359738375, 6, 0xf8);
      // ...
      _checkDecodeRange(4398046511093, 4398046511103, 6, 0xf8);
    });
    it('covers too big', function () {
      const buffer = Buffer.from([0xfc, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]);
      assert.throws(() => MysteryBox._versionDecode(buffer), MysteryBoxError);
    });
  }); // _versionDecode

  describe('_versionEncode', function () {
    function _checkEncodeRange(start, end, bytes, headerBits) {
      for (let version = start; version <= end; version++) {
        const expected = Buffer.alloc(bytes);
        expected.writeUIntBE(version, 0, bytes);
        expected[0] = (expected[0] | headerBits) >>> 0;

        const { buffer, versionBytes } = MysteryBox._versionEncode(version);
        assert.deepStrictEqual(versionBytes, bytes, `version ${version} has ${versionBytes} bytes instead of expected ${bytes}`);
        assert.deepStrictEqual(buffer, expected, `version ${version} buffer not expected: ${JSON.stringify(buffer)} vs ${JSON.stringify(expected)}`);
      }
    }
    function _cheeckReciprical(version) {
      const { buffer, versionBytes: encVB } = MysteryBox._versionEncode(version);
      const { version: decV, versionBytes: decVB } = MysteryBox._versionDecode(buffer);
      assert.strictEqual(encVB, decVB, `differing lengths for ${version}: enc:${encVB} dec:${decVB}`);
      assert.strictEqual(decV, version, `failed for ${version}: ${JSON.stringify({ buffer, versionBytes: encVB })}`);
    }
    it('covers single-byte-packable versions', function () {
      _checkEncodeRange(0, 127, 1, 0x00);
    });
    it('covers double-byte-packable versions', function () {
      _checkEncodeRange(128, 200, 2, 0x80);
      /* ... */
      _checkEncodeRange(16380, 16383, 2, 0x80);
    });
    it('covers triple-byte-packable versions', function () {
      _checkEncodeRange(16384, 16390, 3, 0xc0);
      /* ... */
      _checkEncodeRange(2097141, 2097151, 3, 0xc0);
    });
    it('covers quadruple-byte-packable versions', function () {
      _checkEncodeRange(2097152, 2097161, 4, 0xe0);
      /* ... */
      _checkEncodeRange(268435445, 268435455, 4, 0xe0);
    });
    it('covers quintuple-byte-packable versions', function () {
      _checkEncodeRange(268435456, 268435465, 5, 0xf0)
      /* ... */
      _checkEncodeRange(4294967294, 4294967296, 5, 0xf0)
      /* ... */
      _checkEncodeRange(34359738360, 34359738367, 5, 0xf0)
    });
    it('covers sextuple-byte-packable versions', function () {
      _checkEncodeRange(34359738368, 34359738377, 6, 0xf8)
      /* ... */
      _checkEncodeRange(4398046511093, 4398046511103, 6, 0xf8)
    });
    it('covers too large', function () {
      const version = 277076930199552;
      assert.rejects(() => MysteryBox._versionEncode(version), MysteryBoxError);
    });
    it('recipricates', function () {
      [
        0, 127,
        128, 16383,
        16384, 2097151,
        2097152, 268435455,
        268435456, 34359738367,
        34359738368, 4398046511103,
      ].forEach((v) => _cheeckReciprical(v));
    });
  }); // _versionEncode

  describe('pack, unpack', function () {
    beforeEach(function () {
      mb = new MysteryBox(options);
      _verbose(mb);
    });
  
    it('covers packing unsupported version', async function () {
      assert.rejects(() => mb.pack({}, 0), MysteryBoxError);
    });

    it('covers unpacking unsupported version', async function () {
      const badBuffer = Buffer.alloc(128);
      badBuffer.writeUInt8(0, 0); // No such thing as version 0
      const badPayload = badBuffer.toString('base64url');
      assert.rejects(() => mb.unpack(badPayload), MysteryBoxError);
    });

    it('encrypts and decrypts default version', async function () {
      this.slow(500);
      object = {
        foo: 'bar',
        baz: 'quux',
        flarp: 13,
      };
      const encryptedResult = await mb.pack(object);
      const decryptedResult = await mb.unpack(encryptedResult);
      assert.deepStrictEqual(decryptedResult, object);
    });

    it('encrypts and decrypts default version, buffer contents', async function () {
      this.slow(500);
      object = Buffer.from('a fine little buffer');
      const encryptedResult = await mb.pack(object);
      const decryptedResult = await mb.unpack(encryptedResult);
      assert.deepStrictEqual(decryptedResult, object);
    });

    it('encrypts and decrypts default version, coerced buffer contents', async function () {
      this.slow(500);
      object = 'a string a string';
      const encryptedResult = await mb.pack(object, undefined, mb.Flags.BufferPayload | mb.defaultFlags);
      const decryptedResult = await mb.unpack(encryptedResult);
      assert.deepStrictEqual(decryptedResult, Buffer.from(object));
    });

    it('decrypts secondary (older) secret', async function () {
      this.slow(500);
      const oldmb = new MysteryBox({ encryptionSecret: 'old secret' });
      _verbose(oldmb);
      const newmb = new MysteryBox({ encryptionSecret: ['new secret', 'old secret'] });
      _verbose(newmb);
      object = {
        foo: 'bar',
        baz: 'quux',
        flarp: 13,
      };
      const oldEncrypted = await oldmb.pack(object);
      const newDecrypted = await newmb.unpack(oldEncrypted);
      assert.deepStrictEqual(newDecrypted, object);
    });

    it('fails to decrypt invalid secret', async function () {
      this.slow(500);
      const oldmb = new MysteryBox({ encryptionSecret: 'very old secret' });
      _verbose(oldmb);
      const newmb = new MysteryBox({ encryptionSecret: ['new secret', 'old secret'] });
      _verbose(newmb);
      object = {
        foo: 'bar',
        baz: 'quux',
        flarp: 13,
      };
      const oldEncrypted = await oldmb.pack(object);
      assert.rejects(() => newmb.unpack(oldEncrypted));
    });

    it('encrypts and decrypts all available versions no compression', async function () {
      Object.keys(mb.versionParameters).map((v) => Number(v)).forEach(async (version) => {
        object = {
          foo: 'bar',
          baz: 'quux',
          flarp: 13,
        };
        const encryptedResult = await mb.pack(object, version, 0x00);
        const decryptedResult = await mb.unpack(encryptedResult);
        assert.deepStrictEqual(decryptedResult, object, `${version} results not symmetric`);
      });
    });

    it('encrypts and decrypts all available versions +brotli', async function () {
      Object.keys(mb.versionParameters).map((v) => Number(v)).forEach(async (version) => {
        object = {
          foo: 'bar',
          baz: 'quux',
          flarp: 13,
        };
        const encryptedResult = await mb.pack(object, version, mb.Flags.Brotli);
        const decryptedResult = await mb.unpack(encryptedResult);
        assert.deepStrictEqual(decryptedResult, object, `${version} results not symmetric`);
      });
    });

    it('encrypts and decrypts all available versions +flate', async function () {
      Object.keys(mb.versionParameters).map((v) => Number(v)).forEach(async (version) => {
        object = {
          foo: 'bar',
          baz: 'quux',
          flarp: 13,
        };
        const encryptedResult = await mb.pack(object, version, mb.Flags.Flate);
        const decryptedResult = await mb.unpack(encryptedResult);
        assert.deepStrictEqual(decryptedResult, object, `${version} results not symmetric`);
      });
    });

    it('handles large object +brotli', async function () {
      this.timeout(5000);
      this.slow(2000);
      const firstChar = 32, lastChar = 126;
      const rnd = () => {
        return Math.floor(firstChar + (lastChar - firstChar + 1) * Math.random());
      }
      object = {
        longProperty: 'x'.repeat(384 * 1024).split('').map(() => String.fromCharCode(rnd())).join(''),
      };
      const encryptedResult = await mb.pack(object, mb.bestVersion, mb.Flags.Brotli);
      const decryptedResult = await mb.unpack(encryptedResult);
      assert.deepStrictEqual(decryptedResult, object);
    });

    it('handles large object +flate', async function () {
      this.timeout(5000);
      this.slow(2000);
      const firstChar = 32, lastChar = 126;
      const rnd = () => {
        return Math.floor(firstChar + (lastChar - firstChar + 1) * Math.random());
      }
      object = {
        longProperty: 'x'.repeat(384 * 1024).split('').map(() => String.fromCharCode(rnd())).join(''),
      };
      const encryptedResult = await mb.pack(object, mb.bestVersion, mb.Flags.Flate);
      const decryptedResult = await mb.unpack(encryptedResult);
      assert.deepStrictEqual(decryptedResult, object);
    });

    it('handles undefined', async function () {
      assert.rejects(() => mb.unpack(), MysteryBoxError);
    });

    it('handles incomplete', async function () {
      this.slow(500);
      const encryptedResult = await mb.pack({ foo: 'bar' });
      assert.rejects(() => mb.unpack(encryptedResult.slice(0, 6)), MysteryBoxError);
    });

    it('covers internal error, incorrect version byte size, pack', async function () {
      this.slow(500);
      const version = 1;
      sinon.stub(mb.versionParameters[version], 'versionBytes').value(10);
      assert.rejects(() => mb.pack({}, version), Error);
    });

    it('covers internal error, incorrect version byte size, unpack', async function () {
      this.slow(500);
      const version = 1;
      const encryptedResult = await mb.pack({}, version);
      sinon.stub(mb.versionParameters[version], 'versionBytes').value(10);
      assert.rejects(() => mb.unpack(encryptedResult), Error);
    });

  }); // pack, unpack

}); // MysteryBox