From 36dc63bc048e62b5ef0d1b0385e530afdad3fefa Mon Sep 17 00:00:00 2001 From: Dan Finlay Date: Fri, 9 Sep 2016 19:42:18 -0700 Subject: Add new eth-lightwallet salting to vault. eth-lightwallet was previously not salting vault passwords, potentially making it easier to crack them once obtained. This branch incorporates the API changes to allow us to take advantage of the new salting logic. This is still throwing deprecation warnings, but that's actually a bug in eth-lightwallet I wrote, [I've submitted a PR for that here](https://github.com/ConsenSys/eth-lightwallet/pull/116). Fixes #555 --- test/unit/idStore-test.js | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'test') diff --git a/test/unit/idStore-test.js b/test/unit/idStore-test.js index ee4613236..cbbec43b5 100644 --- a/test/unit/idStore-test.js +++ b/test/unit/idStore-test.js @@ -23,6 +23,7 @@ describe('IdentityStore', function() { }) idStore.createNewVault(password, entropy, (err, seeds) => { + assert.ifError(err, 'createNewVault threw error') seedWords = seeds originalKeystore = idStore._idmgmt.keyStore done() @@ -59,6 +60,7 @@ describe('IdentityStore', function() { describe('#recoverFromSeed BIP44 compliance', function() { let seedWords = 'picnic injury awful upper eagle junk alert toss flower renew silly vague' let firstAccount = '0x5d8de92c205279c10e5669f797b853ccef4f739a' + const salt = 'lightwalletSalt' let password = 'secret!' let accounts = [] @@ -70,7 +72,7 @@ describe('IdentityStore', function() { idStore = new IdentityStore({ configManager: configManagerGen(), ethStore: { - addAccount(acct) { accounts.push(acct) }, + addAccount(acct) { accounts.push('0x' + acct) }, }, }) }) -- cgit v1.2.3 From 6763871c416001e19c224b90a99ed7d9ece69158 Mon Sep 17 00:00:00 2001 From: Dan Finlay Date: Sat, 10 Sep 2016 11:46:50 -0700 Subject: Captured #640 in failing test --- test/unit/idStore-test.js | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'test') diff --git a/test/unit/idStore-test.js b/test/unit/idStore-test.js index cbbec43b5..3d28ddf90 100644 --- a/test/unit/idStore-test.js +++ b/test/unit/idStore-test.js @@ -83,8 +83,19 @@ describe('IdentityStore', function() { assert.ifError(err) let newKeystore = idStore._idmgmt.keyStore + assert.equal(accounts[0], firstAccount) - done() + + accounts = [] + const secondSeed = 'radar blur cabbage chef fix engine embark joy scheme fiction master release' + const secondAcct = '0xac39b311dceb2a4b2f5d8461c1cdaf756f4f7ae9' + + idStore.recoverFromSeed(password, secondSeed, (err) => { + + let accounts = idStore._getAddresses() + assert.equal(accounts[0], secondAcct) + done() + }) }) }) }) -- cgit v1.2.3 From 59fd86383fbf379724c3bcca6da9d5a6192bbcf2 Mon Sep 17 00:00:00 2001 From: Dan Finlay Date: Sat, 10 Sep 2016 12:08:27 -0700 Subject: Correctly clear ethStore cache on new vault restore --- test/unit/idStore-test.js | 28 ++++++++++++++++++++++------ 1 file changed, 22 insertions(+), 6 deletions(-) (limited to 'test') diff --git a/test/unit/idStore-test.js b/test/unit/idStore-test.js index 3d28ddf90..422db6f7b 100644 --- a/test/unit/idStore-test.js +++ b/test/unit/idStore-test.js @@ -1,6 +1,7 @@ var assert = require('assert') var IdentityStore = require('../../app/scripts/lib/idStore') var configManagerGen = require('../lib/mock-config-manager') +const ethUtil = require('ethereumjs-util') describe('IdentityStore', function() { @@ -18,7 +19,7 @@ describe('IdentityStore', function() { idStore = new IdentityStore({ configManager: configManagerGen(), ethStore: { - addAccount(acct) { accounts.push(acct) }, + addAccount(acct) { accounts.push(ethUtil.addHexPrefix(acct)) }, }, }) @@ -39,7 +40,7 @@ describe('IdentityStore', function() { idStore = new IdentityStore({ configManager: configManagerGen(), ethStore: { - addAccount(acct) { newAccounts.push(acct) }, + addAccount(acct) { newAccounts.push(ethUtil.addHexPrefix(acct)) }, }, }) }) @@ -62,6 +63,9 @@ describe('IdentityStore', function() { let firstAccount = '0x5d8de92c205279c10e5669f797b853ccef4f739a' const salt = 'lightwalletSalt' + const secondSeed = 'radar blur cabbage chef fix engine embark joy scheme fiction master release' + const secondAcct = '0xac39b311dceb2a4b2f5d8461c1cdaf756f4f7ae9' + let password = 'secret!' let accounts = [] let idStore @@ -72,11 +76,15 @@ describe('IdentityStore', function() { idStore = new IdentityStore({ configManager: configManagerGen(), ethStore: { - addAccount(acct) { accounts.push('0x' + acct) }, + addAccount(acct) { accounts.push(ethUtil.addHexPrefix(acct)) }, }, }) }) + beforeEach(function() { + accounts = [] + }) + it('should return the expected first account', function (done) { idStore.recoverFromSeed(password, seedWords, (err) => { @@ -87,9 +95,6 @@ describe('IdentityStore', function() { assert.equal(accounts[0], firstAccount) accounts = [] - const secondSeed = 'radar blur cabbage chef fix engine embark joy scheme fiction master release' - const secondAcct = '0xac39b311dceb2a4b2f5d8461c1cdaf756f4f7ae9' - idStore.recoverFromSeed(password, secondSeed, (err) => { let accounts = idStore._getAddresses() @@ -98,5 +103,16 @@ describe('IdentityStore', function() { }) }) }) + + it('should return the expected second account', function (done) { + idStore.recoverFromSeed(password, secondSeed, (err) => { + assert.ifError(err) + + let newKeystore = idStore._idmgmt.keyStore + + assert.equal(accounts[0], firstAccount) + done() + }) + }) }) }) -- cgit v1.2.3 From 1b77d5300b1ace16f96cf626d69925a26b5f0d29 Mon Sep 17 00:00:00 2001 From: Dan Finlay Date: Sat, 10 Sep 2016 12:15:05 -0700 Subject: Clean up tests --- test/unit/idStore-test.js | 35 +++++++++++++++++------------------ 1 file changed, 17 insertions(+), 18 deletions(-) (limited to 'test') diff --git a/test/unit/idStore-test.js b/test/unit/idStore-test.js index 422db6f7b..1028e35ea 100644 --- a/test/unit/idStore-test.js +++ b/test/unit/idStore-test.js @@ -59,12 +59,7 @@ describe('IdentityStore', function() { }) describe('#recoverFromSeed BIP44 compliance', function() { - let seedWords = 'picnic injury awful upper eagle junk alert toss flower renew silly vague' - let firstAccount = '0x5d8de92c205279c10e5669f797b853ccef4f739a' - const salt = 'lightwalletSalt' - - const secondSeed = 'radar blur cabbage chef fix engine embark joy scheme fiction master release' - const secondAcct = '0xac39b311dceb2a4b2f5d8461c1cdaf756f4f7ae9' + const salt = 'lightwalletSalt' let password = 'secret!' let accounts = [] @@ -86,31 +81,35 @@ describe('IdentityStore', function() { }) it('should return the expected first account', function (done) { + let seedWords = 'picnic injury awful upper eagle junk alert toss flower renew silly vague' + let firstAccount = '0x5d8de92c205279c10e5669f797b853ccef4f739a' idStore.recoverFromSeed(password, seedWords, (err) => { assert.ifError(err) - let newKeystore = idStore._idmgmt.keyStore - assert.equal(accounts[0], firstAccount) - - accounts = [] - idStore.recoverFromSeed(password, secondSeed, (err) => { - - let accounts = idStore._getAddresses() - assert.equal(accounts[0], secondAcct) - done() - }) + done() }) }) it('should return the expected second account', function (done) { + const secondSeed = 'radar blur cabbage chef fix engine embark joy scheme fiction master release' + const secondAcct = '0xac39b311dceb2a4b2f5d8461c1cdaf756f4f7ae9' + idStore.recoverFromSeed(password, secondSeed, (err) => { assert.ifError(err) + assert.equal(accounts[0], secondAcct) + done() + }) + }) - let newKeystore = idStore._idmgmt.keyStore + it('should return the expected third account', function (done) { + const thirdSeed = 'phone coyote caught pattern found table wedding list tumble broccoli chief swing' + const thirdAcct = '0xb0e868f24bc7fec2bce2efc2b1c344d7569cd9d2' - assert.equal(accounts[0], firstAccount) + idStore.recoverFromSeed(password, thirdSeed, (err) => { + assert.ifError(err) + assert.equal(accounts[0], thirdAcct) done() }) }) -- cgit v1.2.3 From 8922ae1a55d3c5bf743c85aec5e454cf189f94f1 Mon Sep 17 00:00:00 2001 From: Dan Finlay Date: Sat, 10 Sep 2016 12:35:52 -0700 Subject: Made bip44 assertions easier to add to --- test/unit/idStore-test.js | 63 +++++++++++++++++++++++++++-------------------- 1 file changed, 36 insertions(+), 27 deletions(-) (limited to 'test') diff --git a/test/unit/idStore-test.js b/test/unit/idStore-test.js index 1028e35ea..09d8f1b8f 100644 --- a/test/unit/idStore-test.js +++ b/test/unit/idStore-test.js @@ -2,6 +2,7 @@ var assert = require('assert') var IdentityStore = require('../../app/scripts/lib/idStore') var configManagerGen = require('../lib/mock-config-manager') const ethUtil = require('ethereumjs-util') +const async = require('async') describe('IdentityStore', function() { @@ -65,6 +66,29 @@ describe('IdentityStore', function() { let accounts = [] let idStore + var assertions = [ + { + seed: 'picnic injury awful upper eagle junk alert toss flower renew silly vague', + account: '0x5d8de92c205279c10e5669f797b853ccef4f739a', + }, + { + seed: 'radar blur cabbage chef fix engine embark joy scheme fiction master release', + account: '0xac39b311dceb2a4b2f5d8461c1cdaf756f4f7ae9', + }, + { + seed: 'phone coyote caught pattern found table wedding list tumble broccoli chief swing', + account: '0xb0e868f24bc7fec2bce2efc2b1c344d7569cd9d2', + }, + { + seed: 'recycle tag bird palace blue village anxiety census cook soldier example music', + account: '0xab34a45920afe4af212b96ec51232aaa6a33f663', + }, + { + seed: 'half glimpse tape cute harvest sweet bike voyage actual floor poet lazy', + account: '0x28e9044597b625ac4beda7250011670223de43b2', + } + ] + before(function() { window.localStorage = {} // Hacking localStorage support into JSDom @@ -80,36 +104,21 @@ describe('IdentityStore', function() { accounts = [] }) - it('should return the expected first account', function (done) { - let seedWords = 'picnic injury awful upper eagle junk alert toss flower renew silly vague' - let firstAccount = '0x5d8de92c205279c10e5669f797b853ccef4f739a' - - idStore.recoverFromSeed(password, seedWords, (err) => { - assert.ifError(err) - - assert.equal(accounts[0], firstAccount) - done() + it('should enforce seed compliance with TestRPC', function (done) { + const tests = assertions.map((assertion) => { + return function (cb) { + idStore.recoverFromSeed(password, assertion.seed, (err) => { + assert.ifError(err) + + console.log('comparing %s to %s', accounts[0], assertion.account) + assert.equal(accounts[0], assertion.account) + cb() + }) + } }) - }) - - it('should return the expected second account', function (done) { - const secondSeed = 'radar blur cabbage chef fix engine embark joy scheme fiction master release' - const secondAcct = '0xac39b311dceb2a4b2f5d8461c1cdaf756f4f7ae9' - - idStore.recoverFromSeed(password, secondSeed, (err) => { - assert.ifError(err) - assert.equal(accounts[0], secondAcct) - done() - }) - }) - - it('should return the expected third account', function (done) { - const thirdSeed = 'phone coyote caught pattern found table wedding list tumble broccoli chief swing' - const thirdAcct = '0xb0e868f24bc7fec2bce2efc2b1c344d7569cd9d2' - idStore.recoverFromSeed(password, thirdSeed, (err) => { + async.series(tests, function(err, results) { assert.ifError(err) - assert.equal(accounts[0], thirdAcct) done() }) }) -- cgit v1.2.3 From cdd367dc3989d89092c322279972ce5ee18c276e Mon Sep 17 00:00:00 2001 From: Dan Finlay Date: Sat, 10 Sep 2016 12:38:04 -0700 Subject: Add more bip44 assertions --- test/unit/idStore-test.js | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'test') diff --git a/test/unit/idStore-test.js b/test/unit/idStore-test.js index 09d8f1b8f..4327013b3 100644 --- a/test/unit/idStore-test.js +++ b/test/unit/idStore-test.js @@ -86,7 +86,15 @@ describe('IdentityStore', function() { { seed: 'half glimpse tape cute harvest sweet bike voyage actual floor poet lazy', account: '0x28e9044597b625ac4beda7250011670223de43b2', - } + }, + { + seed: 'flavor tiger carpet motor angry hungry document inquiry large critic usage liar', + account: '0xb571be96558940c4e9292e1999461aa7499fb6cd', + }, + { + seed: 'this is a twelve word phrase seven eight nine ten eleven twelve', + account: '0x814e8ec0c3647e140b8e09228fc374b2a867fe48', + }, ] before(function() { -- cgit v1.2.3 From b1590f179e77d80193cc5e82d430c789c6fd816f Mon Sep 17 00:00:00 2001 From: Dan Finlay Date: Sat, 10 Sep 2016 12:39:50 -0700 Subject: Remove log --- test/unit/idStore-test.js | 1 - 1 file changed, 1 deletion(-) (limited to 'test') diff --git a/test/unit/idStore-test.js b/test/unit/idStore-test.js index 4327013b3..28111a85e 100644 --- a/test/unit/idStore-test.js +++ b/test/unit/idStore-test.js @@ -118,7 +118,6 @@ describe('IdentityStore', function() { idStore.recoverFromSeed(password, assertion.seed, (err) => { assert.ifError(err) - console.log('comparing %s to %s', accounts[0], assertion.account) assert.equal(accounts[0], assertion.account) cb() }) -- cgit v1.2.3 From 5e60b2f0c4c1a88839a87cc93d867c9c40d1090d Mon Sep 17 00:00:00 2001 From: Dan Finlay Date: Sat, 10 Sep 2016 12:57:11 -0700 Subject: Correct assertion for BIP32 compliance According to [axic's work here](https://github.com/MetaMask/metamask-plugin/issues/640#issuecomment-246133672), MetaMask is generating the correct address, so I've corrected that assertion accordingly. --- test/unit/idStore-test.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'test') diff --git a/test/unit/idStore-test.js b/test/unit/idStore-test.js index 28111a85e..b3bb1a49c 100644 --- a/test/unit/idStore-test.js +++ b/test/unit/idStore-test.js @@ -73,7 +73,7 @@ describe('IdentityStore', function() { }, { seed: 'radar blur cabbage chef fix engine embark joy scheme fiction master release', - account: '0xac39b311dceb2a4b2f5d8461c1cdaf756f4f7ae9', + account: '0xe15D894BeCB0354c501AE69429B05143679F39e0', }, { seed: 'phone coyote caught pattern found table wedding list tumble broccoli chief swing', -- cgit v1.2.3 From 9b861b6687d5b079560a67b35e4a4890da643b03 Mon Sep 17 00:00:00 2001 From: Dan Finlay Date: Sat, 10 Sep 2016 15:45:34 -0700 Subject: Fixed caching bug Fixed bug where the second new vault created in an IdStore would initially return the accounts from the original store. Also fixed some tests that were incorrect. --- test/unit/idStore-test.js | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) (limited to 'test') diff --git a/test/unit/idStore-test.js b/test/unit/idStore-test.js index b3bb1a49c..a763eb0e7 100644 --- a/test/unit/idStore-test.js +++ b/test/unit/idStore-test.js @@ -73,7 +73,7 @@ describe('IdentityStore', function() { }, { seed: 'radar blur cabbage chef fix engine embark joy scheme fiction master release', - account: '0xe15D894BeCB0354c501AE69429B05143679F39e0', + account: '0xe15d894becb0354c501ae69429b05143679f39e0', }, { seed: 'phone coyote caught pattern found table wedding list tumble broccoli chief swing', @@ -91,10 +91,6 @@ describe('IdentityStore', function() { seed: 'flavor tiger carpet motor angry hungry document inquiry large critic usage liar', account: '0xb571be96558940c4e9292e1999461aa7499fb6cd', }, - { - seed: 'this is a twelve word phrase seven eight nine ten eleven twelve', - account: '0x814e8ec0c3647e140b8e09228fc374b2a867fe48', - }, ] before(function() { @@ -115,10 +111,13 @@ describe('IdentityStore', function() { it('should enforce seed compliance with TestRPC', function (done) { const tests = assertions.map((assertion) => { return function (cb) { + accounts = [] idStore.recoverFromSeed(password, assertion.seed, (err) => { assert.ifError(err) - assert.equal(accounts[0], assertion.account) + var received = accounts[0].toLowerCase() + var expected = assertion.account.toLowerCase() + assert.equal(received, expected) cb() }) } -- cgit v1.2.3 From 5c1d8e299e68be6a74935f4eff56f68a9ccf5b72 Mon Sep 17 00:00:00 2001 From: Dan Finlay Date: Mon, 12 Sep 2016 08:50:42 -0700 Subject: Select first address when restoring vault Fixes #642 --- test/unit/idStore-test.js | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'test') diff --git a/test/unit/idStore-test.js b/test/unit/idStore-test.js index a763eb0e7..1ed1bf9a7 100644 --- a/test/unit/idStore-test.js +++ b/test/unit/idStore-test.js @@ -128,5 +128,23 @@ describe('IdentityStore', function() { done() }) }) + + it('should allow restoring and unlocking again', function (done) { + const assertion = assertions[0] + idStore.recoverFromSeed(password, assertion.seed, (err) => { + assert.ifError(err) + + var received = accounts[0].toLowerCase() + var expected = assertion.account.toLowerCase() + assert.equal(received, expected) + + + idStore.submitPassword(password, function(err, account) { + assert.ifError(err) + assert.equal(account, expected) + done() + }) + }) + }) }) }) -- cgit v1.2.3