github.com/ethereum/go-ethereum@v1.16.1/signer/storage/aes_gcm_storage_test.go

github.com/ethereum/go-ethereum@v1.16.1/signer/storage/aes_gcm_storage_test.go (about)

     1  // Copyright 2018 The go-ethereum Authors
     2  // This file is part of the go-ethereum library.
     3  //
     4  // The go-ethereum library is free software: you can redistribute it and/or modify
     5  // it under the terms of the GNU Lesser General Public License as published by
     6  // the Free Software Foundation, either version 3 of the License, or
     7  // (at your option) any later version.
     8  //
     9  // The go-ethereum library is distributed in the hope that it will be useful,
    10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
    11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    12  // GNU Lesser General Public License for more details.
    13  //
    14  // You should have received a copy of the GNU Lesser General Public License
    15  // along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
    16  
    17  package storage
    18  
    19  import (
    20  	"bytes"
    21  	"encoding/json"
    22  	"fmt"
    23  	"log/slog"
    24  	"os"
    25  	"testing"
    26  
    27  	"github.com/ethereum/go-ethereum/common"
    28  	"github.com/ethereum/go-ethereum/log"
    29  	"github.com/mattn/go-colorable"
    30  )
    31  
    32  func TestEncryption(t *testing.T) {
    33  	t.Parallel()
    34  	//	key := []byte("AES256Key-32Characters1234567890")
    35  	//	plaintext := []byte(value)
    36  	key := []byte("AES256Key-32Characters1234567890")
    37  	plaintext := []byte("exampleplaintext")
    38  
    39  	c, iv, err := encrypt(key, plaintext, nil)
    40  	if err != nil {
    41  		t.Fatal(err)
    42  	}
    43  	t.Logf("Ciphertext %x, nonce %x\n", c, iv)
    44  
    45  	p, err := decrypt(key, iv, c, nil)
    46  	if err != nil {
    47  		t.Fatal(err)
    48  	}
    49  	t.Logf("Plaintext %v\n", string(p))
    50  	if !bytes.Equal(plaintext, p) {
    51  		t.Errorf("Failed: expected plaintext recovery, got %v expected %v", string(plaintext), string(p))
    52  	}
    53  }
    54  
    55  func TestFileStorage(t *testing.T) {
    56  	t.Parallel()
    57  	a := map[string]storedCredential{
    58  		"secret": {
    59  			Iv:         common.Hex2Bytes("cdb30036279601aeee60f16b"),
    60  			CipherText: common.Hex2Bytes("f311ac49859d7260c2c464c28ffac122daf6be801d3cfd3edcbde7e00c9ff74f"),
    61  		},
    62  		"secret2": {
    63  			Iv:         common.Hex2Bytes("afb8a7579bf971db9f8ceeed"),
    64  			CipherText: common.Hex2Bytes("2df87baf86b5073ef1f03e3cc738de75b511400f5465bb0ddeacf47ae4dc267d"),
    65  		},
    66  	}
    67  	d := t.TempDir()
    68  	stored := &AESEncryptedStorage{
    69  		filename: fmt.Sprintf("%v/vault.json", d),
    70  		key:      []byte("AES256Key-32Characters1234567890"),
    71  	}
    72  	stored.writeEncryptedStorage(a)
    73  	read := &AESEncryptedStorage{
    74  		filename: fmt.Sprintf("%v/vault.json", d),
    75  		key:      []byte("AES256Key-32Characters1234567890"),
    76  	}
    77  	creds, err := read.readEncryptedStorage()
    78  	if err != nil {
    79  		t.Fatal(err)
    80  	}
    81  	for k, v := range a {
    82  		if v2, exist := creds[k]; !exist {
    83  			t.Errorf("Missing entry %v", k)
    84  		} else {
    85  			if !bytes.Equal(v.CipherText, v2.CipherText) {
    86  				t.Errorf("Wrong ciphertext, expected %x got %x", v.CipherText, v2.CipherText)
    87  			}
    88  			if !bytes.Equal(v.Iv, v2.Iv) {
    89  				t.Errorf("Wrong iv")
    90  			}
    91  		}
    92  	}
    93  }
    94  func TestEnd2End(t *testing.T) {
    95  	t.Parallel()
    96  	log.SetDefault(log.NewLogger(log.NewTerminalHandlerWithLevel(colorable.NewColorableStderr(), slog.LevelInfo, true)))
    97  
    98  	d := t.TempDir()
    99  
   100  	s1 := &AESEncryptedStorage{
   101  		filename: fmt.Sprintf("%v/vault.json", d),
   102  		key:      []byte("AES256Key-32Characters1234567890"),
   103  	}
   104  	s2 := &AESEncryptedStorage{
   105  		filename: fmt.Sprintf("%v/vault.json", d),
   106  		key:      []byte("AES256Key-32Characters1234567890"),
   107  	}
   108  
   109  	s1.Put("bazonk", "foobar")
   110  	if v, err := s2.Get("bazonk"); v != "foobar" || err != nil {
   111  		t.Errorf("Expected bazonk->foobar (nil error), got '%v' (%v error)", v, err)
   112  	}
   113  }
   114  
   115  func TestSwappedKeys(t *testing.T) {
   116  	t.Parallel()
   117  	// It should not be possible to swap the keys/values, so that
   118  	// K1:V1, K2:V2 can be swapped into K1:V2, K2:V1
   119  	log.SetDefault(log.NewLogger(log.NewTerminalHandlerWithLevel(colorable.NewColorableStderr(), slog.LevelInfo, true)))
   120  
   121  	d := t.TempDir()
   122  
   123  	s1 := &AESEncryptedStorage{
   124  		filename: fmt.Sprintf("%v/vault.json", d),
   125  		key:      []byte("AES256Key-32Characters1234567890"),
   126  	}
   127  	s1.Put("k1", "v1")
   128  	s1.Put("k2", "v2")
   129  	// Now make a modified copy
   130  
   131  	creds := make(map[string]storedCredential)
   132  	raw, err := os.ReadFile(s1.filename)
   133  	if err != nil {
   134  		t.Fatal(err)
   135  	}
   136  	if err = json.Unmarshal(raw, &creds); err != nil {
   137  		t.Fatal(err)
   138  	}
   139  	swap := func() {
   140  		// Turn it into K1:V2, K2:V2
   141  		v1, v2 := creds["k1"], creds["k2"]
   142  		creds["k2"], creds["k1"] = v1, v2
   143  		raw, err = json.Marshal(creds)
   144  		if err != nil {
   145  			t.Fatal(err)
   146  		}
   147  		if err = os.WriteFile(s1.filename, raw, 0600); err != nil {
   148  			t.Fatal(err)
   149  		}
   150  	}
   151  	swap()
   152  	if v, _ := s1.Get("k1"); v != "" {
   153  		t.Errorf("swapped value should return empty")
   154  	}
   155  	swap()
   156  	if v, _ := s1.Get("k1"); v != "v1" {
   157  		t.Errorf("double-swapped value should work fine")
   158  	}
   159  }