@storacha/encrypt-upload-client 1.1.64 → 1.1.65

package/dist/test/mocks/key-manager.js

@@ -1,137 +0,0 @@
-import { createServer } from 'node:http';
-import * as Server from '@ucanto/server';
-import { CAR } from '@ucanto/transport';
-import * as Space from '@storacha/capabilities/space';
-import { base64 } from 'multiformats/bases/base64';
-/**
- * Create mock KMS service with proper capability handlers
- *
- * @param {object} options
- * @param {string} options.mockPublicKey - Mock RSA public key in PEM format
- * @param {string} [options.mockProvider] - Mock KMS provider
- * @param {string} [options.mockAlgorithm] - Mock algorithm
- * @param {Function} [options.onEncryptionSetup] - Optional callback for setup calls
- * @param {Function} [options.onKeyDecrypt] - Optional callback for decrypt calls
- */
-export function createMockKeyManagerService(options) {
-    const { mockPublicKey, mockProvider = 'google-kms', mockAlgorithm = 'RSA-OAEP-2048-SHA256', onEncryptionSetup, onKeyDecrypt, } = options;
-    return {
-        space: {
-            encryption: {
-                setup: Server.provide(Space.EncryptionSetup, async (input) => {
-                    // Call optional callback for testing
-                    if (onEncryptionSetup) {
-                        onEncryptionSetup(input);
-                    }
-                    // Validate the space DID format
-                    if (!input.capability.with.startsWith('did:key:')) {
-                        return Server.error({
-                            name: 'InvalidSpace',
-                            message: 'Space DID must be a did:key',
-                        });
-                    }
-                    // Return mock RSA public key and metadata
-                    return Server.ok({
-                        publicKey: mockPublicKey,
-                        provider: mockProvider,
-                        algorithm: mockAlgorithm,
-                    });
-                }),
-                key: {
-                    decrypt: Server.provide(Space.EncryptionKeyDecrypt, async (input) => {
-                        // Call optional callback for testing
-                        if (onKeyDecrypt) {
-                            onKeyDecrypt(input);
-                        }
-                        // Validate the space DID
-                        if (!input.capability.with.startsWith('did:key:')) {
-                            return Server.error({
-                                name: 'InvalidSpace',
-                                message: 'Space DID must be a did:key',
-                            });
-                        }
-                        // Validate encrypted key is provided
-                        if (!input.capability.nb.key) {
-                            return Server.error({
-                                name: 'KeyNotFound',
-                                message: 'key is required',
-                            });
-                        }
-                        // For testing purposes, "decrypt" by converting bytes back to base64 string
-                        // In real implementation, this would call Google KMS
-                        const keyBytes = input.capability.nb.key;
-                        // No base64 decode here, just return the bytes as base64 string for mock
-                        const mockDecryptedKey = base64.encode(keyBytes);
-                        return Server.ok({
-                            decryptedSymmetricKey: mockDecryptedKey,
-                        });
-                    }),
-                },
-            },
-        },
-    };
-}
-/**
- * Create a mock key manager service server
- *
- * @param {object} service - The service object with capability handlers
- * @param {*} keyManagerServiceDID - The key manager service DID keypair
- * @param {number} port - The port to listen on
- * @param {boolean} [useHttps] - Whether to use HTTPS URLs (testing HTTPS scenarios)
- */
-export function createMockKeyManagerServer(service, keyManagerServiceDID, port, useHttps = false) {
-    const ucantoServer = Server.create({
-        id: keyManagerServiceDID,
-        service,
-        codec: CAR.inbound,
-        validateAuthorization: () => ({ ok: {} }), // Skip auth validation for tests
-    });
-    const httpServer = createServer(async (req, res) => {
-        res.setHeader('Access-Control-Allow-Origin', '*');
-        res.setHeader('Access-Control-Allow-Methods', '*');
-        res.setHeader('Access-Control-Allow-Headers', '*');
-        if (req.method === 'OPTIONS')
-            return res.end();
-        if (req.method === 'POST') {
-            const bodyBuffer = Buffer.concat(await collect(req));
-            const reqHeaders = /** @type {Record<string, string>} */ (Object.fromEntries(Object.entries(req.headers)));
-            const { headers, body, status } = await ucantoServer.request({
-                body: new Uint8Array(bodyBuffer.buffer, bodyBuffer.byteOffset, bodyBuffer.byteLength),
-                headers: reqHeaders,
-            });
-            for (const [key, value] of Object.entries(headers)) {
-                res.setHeader(key, value);
-            }
-            res.writeHead(status ?? 200);
-            res.end(body);
-        }
-        else {
-            res.end();
-        }
-    });
-    return new Promise((resolve, reject) => {
-        httpServer.listen(port, (/** @type {Error | undefined} */ err) => {
-            if (err) {
-                reject(err);
-            }
-            else {
-                const protocol = useHttps ? 'https' : 'http';
-                resolve({
-                    server: httpServer,
-                    url: `${protocol}://localhost:${port}`,
-                    close: () => new Promise((resolve) => httpServer.close(resolve)),
-                });
-            }
-        });
-    });
-}
-/** @param {import('node:stream').Readable} stream */
-const collect = (stream) => {
-    return /** @type {Promise<Buffer[]>} */ (new Promise((resolve, reject) => {
-        const chunks = /** @type {Buffer[]} */ ([]);
-        stream.on('data', (chunk) => chunks.push(Buffer.from(chunk)));
-        stream.on('error', (err) => reject(err));
-        stream.on('end', () => resolve(chunks));
-    }));
-};
-//# sourceMappingURL=key-manager.js.map

package/dist/test/node-crypto-adapter.spec.d.ts

@@ -1,2 +0,0 @@
-export {};
-//# sourceMappingURL=node-crypto-adapter.spec.d.ts.map

package/dist/test/node-crypto-adapter.spec.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"node-crypto-adapter.spec.d.ts","sourceRoot":"","sources":["../../test/node-crypto-adapter.spec.js"],"names":[],"mappings":""}

package/dist/test/node-crypto-adapter.spec.js

@@ -1,103 +0,0 @@
-import { test, describe } from 'node:test';
-import assert from 'node:assert';
-import { NodeAesCbcCrypto } from '../src/crypto/symmetric/node-aes-cbc-crypto.js';
-import { stringToUint8Array, uint8ArrayToString, streamToUint8Array, createMockBlob, } from './helpers/test-file-utils.js';
-await describe('NodeAesCbcCrypto', async () => {
-    await test('should encrypt and decrypt data and return the original data', async () => {
-        const adapter = new NodeAesCbcCrypto();
-        const originalText = 'Hello, this is a test for Node.js AES-CBC encryption!';
-        const mockBlob = createMockBlob(stringToUint8Array(originalText));
-        // Encrypt
-        const { key, iv, encryptedStream } = await adapter.encryptStream(mockBlob);
-        // Decrypt
-        const decryptedStream = await adapter.decryptStream(encryptedStream, key, iv);
-        const decryptedBytes = await streamToUint8Array(decryptedStream);
-        const decryptedText = uint8ArrayToString(decryptedBytes);
-        assert.strictEqual(decryptedText, originalText);
-    });
-    await test('should handle empty data', async () => {
-        const adapter = new NodeAesCbcCrypto();
-        const mockBlob = createMockBlob(new Uint8Array(0));
-        const { key, iv, encryptedStream } = await adapter.encryptStream(mockBlob);
-        const decryptedStream = await adapter.decryptStream(encryptedStream, key, iv);
-        const decryptedBytes = await streamToUint8Array(decryptedStream);
-        assert.strictEqual(decryptedBytes.length, 0);
-    });
-    await test('should combine key and IV correctly', async () => {
-        const adapter = new NodeAesCbcCrypto();
-        const key = new Uint8Array(32).fill(3); // 32-byte AES-256 key
-        const iv = new Uint8Array(16).fill(6); // 16-byte AES-CBC IV
-        const combined = adapter.combineKeyAndIV(key, iv);
-        assert.strictEqual(combined.length, 48, 'Combined length should be 48 bytes (32 + 16)');
-        // Verify first 32 bytes are the key
-        for (let i = 0; i < 32; i++) {
-            assert.strictEqual(combined[i], 3, `Key byte ${i} should match`);
-        }
-        // Verify last 16 bytes are the IV
-        for (let i = 32; i < 48; i++) {
-            assert.strictEqual(combined[i], 6, `IV byte ${i - 32} should match`);
-        }
-    });
-    await test('should split combined key and IV correctly', async () => {
-        const adapter = new NodeAesCbcCrypto();
-        const originalKey = new Uint8Array(32).fill(123);
-        const originalIV = new Uint8Array(16).fill(234);
-        const combined = adapter.combineKeyAndIV(originalKey, originalIV);
-        const { key, iv } = adapter.splitKeyAndIV(combined);
-        assert.strictEqual(key.length, 32, 'Split key should be 32 bytes');
-        assert.strictEqual(iv.length, 16, 'Split IV should be 16 bytes');
-        // Verify key matches
-        for (let i = 0; i < 32; i++) {
-            assert.strictEqual(key[i], originalKey[i], `Key byte ${i} should match original`);
-        }
-        // Verify IV matches
-        for (let i = 0; i < 16; i++) {
-            assert.strictEqual(iv[i], originalIV[i], `IV byte ${i} should match original`);
-        }
-    });
-    await test('should roundtrip combine/split correctly', async () => {
-        const adapter = new NodeAesCbcCrypto();
-        const { randomBytes } = await import('crypto');
-        // Convert Buffer to Uint8Array to match the expected types
-        const originalKey = new Uint8Array(randomBytes(32));
-        const originalIV = new Uint8Array(randomBytes(16));
-        const combined = adapter.combineKeyAndIV(originalKey, originalIV);
-        const { key, iv } = adapter.splitKeyAndIV(combined);
-        assert.deepStrictEqual(key, originalKey, 'Roundtrip key should match original');
-        assert.deepStrictEqual(iv, originalIV, 'Roundtrip IV should match original');
-    });
-    await test('should validate key length in combineKeyAndIV', async () => {
-        const adapter = new NodeAesCbcCrypto();
-        const wrongKey = new Uint8Array(31); // Wrong size
-        const correctIV = new Uint8Array(16);
-        assert.throws(() => adapter.combineKeyAndIV(wrongKey, correctIV), {
-            name: 'Error',
-            message: 'AES-256 key must be 32 bytes, got 31',
-        }, 'Should throw error for wrong key size');
-    });
-    await test('should validate IV length in combineKeyAndIV', async () => {
-        const adapter = new NodeAesCbcCrypto();
-        const correctKey = new Uint8Array(32);
-        const wrongIV = new Uint8Array(15); // Wrong size
-        assert.throws(() => adapter.combineKeyAndIV(correctKey, wrongIV), {
-            name: 'Error',
-            message: 'AES-CBC IV must be 16 bytes, got 15',
-        }, 'Should throw error for wrong IV size');
-    });
-    await test('should validate combined length in splitKeyAndIV', async () => {
-        const adapter = new NodeAesCbcCrypto();
-        const wrongCombined = new Uint8Array(47); // Wrong size
-        assert.throws(() => adapter.splitKeyAndIV(wrongCombined), {
-            name: 'Error',
-            message: 'AES-256-CBC combined key+IV must be 48 bytes, got 47',
-        }, 'Should throw error for wrong combined size');
-    });
-    await test('should use constants for validation', async () => {
-        const adapter = new NodeAesCbcCrypto();
-        // Test with different wrong sizes to ensure constants are used
-        assert.throws(() => adapter.combineKeyAndIV(new Uint8Array(16), new Uint8Array(16)), /AES-256 key must be 32 bytes, got 16/, 'Should use KEY_LENGTH constant in error message');
-        assert.throws(() => adapter.combineKeyAndIV(new Uint8Array(32), new Uint8Array(8)), /AES-CBC IV must be 16 bytes, got 8/, 'Should use IV_LENGTH constant in error message');
-        assert.throws(() => adapter.splitKeyAndIV(new Uint8Array(32)), /AES-256-CBC combined key\+IV must be 48 bytes, got 32/, 'Should use calculated expected length in error message');
-    });
-});
-//# sourceMappingURL=node-crypto-adapter.spec.js.map

package/dist/test/node-generic-crypto-adapter.spec.d.ts

@@ -1,2 +0,0 @@
-export {};
-//# sourceMappingURL=node-generic-crypto-adapter.spec.d.ts.map

package/dist/test/node-generic-crypto-adapter.spec.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"node-generic-crypto-adapter.spec.d.ts","sourceRoot":"","sources":["../../test/node-generic-crypto-adapter.spec.js"],"names":[],"mappings":""}

package/dist/test/node-generic-crypto-adapter.spec.js

@@ -1,95 +0,0 @@
-import './setup.js';
-import { test, describe } from 'node:test';
-import assert from 'node:assert';
-import { GenericAesCtrStreamingCrypto } from '../src/crypto/symmetric/generic-aes-ctr-streaming-crypto.js';
-import { stringToUint8Array, streamToUint8Array, uint8ArrayToString, } from './helpers/test-file-utils.js';
-await describe('GenericAesCtrStreamingCrypto (Node Environment)', async () => {
-    await test('should encrypt and decrypt a Blob and return the original data', async () => {
-        const adapter = new GenericAesCtrStreamingCrypto();
-        const originalText = 'Op, this is a test for streaming encryption!';
-        const blob = new Blob([stringToUint8Array(originalText)]);
-        // Encrypt
-        const { key, iv, encryptedStream } = await adapter.encryptStream(blob);
-        // Decrypt
-        const decryptedStream = await adapter.decryptStream(encryptedStream, key, iv);
-        const decryptedBytes = await streamToUint8Array(decryptedStream);
-        const decryptedText = uint8ArrayToString(decryptedBytes);
-        assert.strictEqual(decryptedText, originalText);
-    });
-    await test('should handle empty data', async () => {
-        const adapter = new GenericAesCtrStreamingCrypto();
-        const blob = new Blob([]);
-        const { key, iv, encryptedStream } = await adapter.encryptStream(blob);
-        const decryptedStream = await adapter.decryptStream(encryptedStream, key, iv);
-        const decryptedBytes = await streamToUint8Array(decryptedStream);
-        assert.strictEqual(decryptedBytes.length, 0);
-    });
-    await test('should combine key and IV correctly', async () => {
-        const adapter = new GenericAesCtrStreamingCrypto();
-        const key = new Uint8Array(32).fill(1); // 32-byte AES-256 key
-        const iv = new Uint8Array(16).fill(2); // 16-byte AES-CTR IV
-        const combined = adapter.combineKeyAndIV(key, iv);
-        assert.strictEqual(combined.length, 48, 'Combined length should be 48 bytes (32 + 16)');
-        // Verify first 32 bytes are the key
-        for (let i = 0; i < 32; i++) {
-            assert.strictEqual(combined[i], 1, `Key byte ${i} should match`);
-        }
-        // Verify last 16 bytes are the IV
-        for (let i = 32; i < 48; i++) {
-            assert.strictEqual(combined[i], 2, `IV byte ${i - 32} should match`);
-        }
-    });
-    await test('should split combined key and IV correctly', async () => {
-        const adapter = new GenericAesCtrStreamingCrypto();
-        const originalKey = new Uint8Array(32).fill(42);
-        const originalIV = new Uint8Array(16).fill(84);
-        const combined = adapter.combineKeyAndIV(originalKey, originalIV);
-        const { key, iv } = adapter.splitKeyAndIV(combined);
-        assert.strictEqual(key.length, 32, 'Split key should be 32 bytes');
-        assert.strictEqual(iv.length, 16, 'Split IV should be 16 bytes');
-        // Verify key matches
-        for (let i = 0; i < 32; i++) {
-            assert.strictEqual(key[i], originalKey[i], `Key byte ${i} should match original`);
-        }
-        // Verify IV matches
-        for (let i = 0; i < 16; i++) {
-            assert.strictEqual(iv[i], originalIV[i], `IV byte ${i} should match original`);
-        }
-    });
-    await test('should roundtrip combine/split correctly', async () => {
-        const adapter = new GenericAesCtrStreamingCrypto();
-        const originalKey = globalThis.crypto.getRandomValues(new Uint8Array(32));
-        const originalIV = globalThis.crypto.getRandomValues(new Uint8Array(16));
-        const combined = adapter.combineKeyAndIV(originalKey, originalIV);
-        const { key, iv } = adapter.splitKeyAndIV(combined);
-        assert.deepStrictEqual(key, originalKey, 'Roundtrip key should match original');
-        assert.deepStrictEqual(iv, originalIV, 'Roundtrip IV should match original');
-    });
-    await test('should validate key length in combineKeyAndIV', async () => {
-        const adapter = new GenericAesCtrStreamingCrypto();
-        const wrongKey = new Uint8Array(31); // Wrong size
-        const correctIV = new Uint8Array(16);
-        assert.throws(() => adapter.combineKeyAndIV(wrongKey, correctIV), {
-            name: 'Error',
-            message: 'AES-256 key must be 32 bytes, got 31',
-        }, 'Should throw error for wrong key size');
-    });
-    await test('should validate IV length in combineKeyAndIV', async () => {
-        const adapter = new GenericAesCtrStreamingCrypto();
-        const correctKey = new Uint8Array(32);
-        const wrongIV = new Uint8Array(15); // Wrong size
-        assert.throws(() => adapter.combineKeyAndIV(correctKey, wrongIV), {
-            name: 'Error',
-            message: 'AES-CTR IV must be 16 bytes, got 15',
-        }, 'Should throw error for wrong IV size');
-    });
-    await test('should validate combined length in splitKeyAndIV', async () => {
-        const adapter = new GenericAesCtrStreamingCrypto();
-        const wrongCombined = new Uint8Array(47); // Wrong size
-        assert.throws(() => adapter.splitKeyAndIV(wrongCombined), {
-            name: 'Error',
-            message: 'AES-256-CTR combined key+IV must be 48 bytes, got 47',
-        }, 'Should throw error for wrong combined size');
-    });
-});
-//# sourceMappingURL=node-generic-crypto-adapter.spec.js.map