github.com/aavshr/aws-sdk-go@v1.41.3/service/s3/s3crypto/aes_gcm_content_cipher_test.go

github.com/aavshr/aws-sdk-go@v1.41.3/service/s3/s3crypto/aes_gcm_content_cipher_test.go (about)

     1  package s3crypto
     2  
     3  import (
     4  	"strings"
     5  	"testing"
     6  
     7  	"github.com/aavshr/aws-sdk-go/awstesting/unit"
     8  	"github.com/aavshr/aws-sdk-go/service/kms"
     9  )
    10  
    11  func TestAESGCMContentCipherBuilder(t *testing.T) {
    12  	generator := mockGenerator{}
    13  	if builder := AESGCMContentCipherBuilder(generator); builder == nil {
    14  		t.Error("expected non-nil value")
    15  	}
    16  }
    17  
    18  func TestAESGCMContentCipherNewEncryptor(t *testing.T) {
    19  	generator := mockGenerator{}
    20  	builder := AESGCMContentCipherBuilder(generator)
    21  	cipher, err := builder.ContentCipher()
    22  
    23  	if err != nil {
    24  		t.Errorf("expected no error, but received %v", err)
    25  	}
    26  
    27  	if cipher == nil {
    28  		t.Errorf("expected non-nil vaue")
    29  	}
    30  }
    31  
    32  func TestAESGCMContentCipherBuilderV2(t *testing.T) {
    33  	builder := AESGCMContentCipherBuilderV2(mockGeneratorV2{})
    34  	cipher, err := builder.ContentCipher()
    35  
    36  	if err != nil {
    37  		t.Errorf("expected no error, but received %v", err)
    38  	}
    39  
    40  	if cipher == nil {
    41  		t.Errorf("expected non-nil vaue")
    42  	}
    43  }
    44  
    45  func TestGcmContentCipherBuilder_isFixtureEncryptionCompatible(t *testing.T) {
    46  	builder := AESGCMContentCipherBuilder(NewKMSKeyGenerator(mockKMS{}, "cmkID"))
    47  	features, ok := builder.(compatibleEncryptionFixture)
    48  	if !ok {
    49  		t.Errorf("expected to implement compatibleEncryptionFixture interface")
    50  	}
    51  
    52  	if err := features.isEncryptionVersionCompatible(v1ClientVersion); err != nil {
    53  		t.Errorf("expected to receive no error, got %v", err)
    54  	}
    55  
    56  	if err := features.isEncryptionVersionCompatible(v2ClientVersion); err == nil {
    57  		t.Errorf("expected to receive error, got nil")
    58  	}
    59  }
    60  
    61  func TestGcmContentCipherBuilderV2_isFixtureEncryptionCompatible(t *testing.T) {
    62  	builder := AESGCMContentCipherBuilderV2(NewKMSContextKeyGenerator(mockKMS{}, "cmkID", nil))
    63  	features, ok := builder.(compatibleEncryptionFixture)
    64  	if !ok {
    65  		t.Errorf("expected to implement compatibleEncryptionFixture interface")
    66  	}
    67  
    68  	if err := features.isEncryptionVersionCompatible(v1ClientVersion); err == nil {
    69  		t.Error("expected to receive error, got nil")
    70  	}
    71  
    72  	if err := features.isEncryptionVersionCompatible(v2ClientVersion); err != nil {
    73  		t.Errorf("expected to receive no error, got %v", err)
    74  	}
    75  }
    76  
    77  func TestRegisterAESGCMContentCipher(t *testing.T) {
    78  	cr := NewCryptoRegistry()
    79  	err := RegisterAESGCMContentCipher(cr)
    80  	if err != nil {
    81  		t.Fatalf("expected no error, got %v", err)
    82  	}
    83  
    84  	if v, ok := cr.GetCEK("AES/GCM/NoPadding"); !ok {
    85  		t.Fatal("expected cek handler to be registered")
    86  	} else if v == nil {
    87  		t.Fatal("expected non-nil cek handler")
    88  	}
    89  
    90  	if v, ok := cr.GetPadder("NoPadding"); !ok {
    91  		t.Fatal("expected padder to be registered")
    92  	} else if v != NoPadder {
    93  		t.Fatal("padder did not match expected type")
    94  	}
    95  
    96  	err = RegisterAESGCMContentCipher(cr)
    97  	if err == nil {
    98  		t.Fatal("expected error, got none")
    99  	} else if !strings.Contains(err.Error(), "duplicate cek registry entry") {
   100  		t.Errorf("expected duplicate entry, got %v", err)
   101  	}
   102  
   103  	if _, ok := cr.RemoveCEK("AES/GCM/NoPadding"); !ok {
   104  		t.Error("expected value to be removed")
   105  	}
   106  	err = RegisterAESGCMContentCipher(cr)
   107  	if err != nil {
   108  		t.Fatalf("expected no error, got %v", err)
   109  	}
   110  
   111  	if _, ok := cr.RemoveCEK("AES/GCM/NoPadding"); !ok {
   112  		t.Fatalf("expected value to be removed")
   113  	}
   114  	if _, ok := cr.RemovePadder("NoPadding"); !ok {
   115  		t.Fatalf("expected value to be removed")
   116  	}
   117  	if err := cr.AddPadder("NoPadding", mockPadder{}); err != nil {
   118  		t.Fatalf("expected no error, got %v", err)
   119  	}
   120  
   121  	err = RegisterAESGCMContentCipher(cr)
   122  	if err == nil {
   123  		t.Fatalf("expected error, got %v", err)
   124  	} else if !strings.Contains(err.Error(), "does not match expected type") {
   125  		t.Errorf("expected padder type error, got %v", err)
   126  	}
   127  }
   128  
   129  func TestAESGCMContentCipherBuilderV2_isAWSFixture(t *testing.T) {
   130  	builder := AESGCMContentCipherBuilderV2(NewKMSContextKeyGenerator(kms.New(unit.Session.Copy()), "cmk", nil))
   131  	if !builder.(awsFixture).isAWSFixture() {
   132  		t.Error("expected to be AWS ContentCipherBuilder constructed with a AWS CipherDataGenerator")
   133  	}
   134  
   135  	builder = AESGCMContentCipherBuilderV2(mockGeneratorV2{})
   136  	if builder.(awsFixture).isAWSFixture() {
   137  		t.Error("expected to return that this is not an AWS fixture")
   138  	}
   139  }