github.com/google/osv-scalibr@v0.4.1/veles/secrets/tinkkeyset/detector_test.go (about) 1 // Copyright 2025 Google LLC 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package tinkkeyset_test 16 17 import ( 18 "encoding/json" 19 "strings" 20 "testing" 21 22 "github.com/google/go-cmp/cmp" 23 "github.com/google/go-cmp/cmp/cmpopts" 24 "github.com/google/osv-scalibr/veles" 25 "github.com/google/osv-scalibr/veles/secrets/tinkkeyset" 26 ) 27 28 func TestDetector_truePositives(t *testing.T) { 29 engine, err := veles.NewDetectionEngine([]veles.Detector{tinkkeyset.NewDetector()}) 30 if err != nil { 31 t.Fatal(err) 32 } 33 cases := []struct { 34 name string 35 input string 36 want []veles.Secret 37 }{ 38 { 39 name: "plain json", 40 input: `{"primaryKeyId":1976038263,"key":[{"keyData":{"typeUrl":"type.googleapis.com/google.crypto.tink.AesGcmKey","value":"GhBi7O0TErBM9eTl3UppUGZg","keyMaterialType":"SYMMETRIC"},"status":"ENABLED","keyId":1976038263,"outputPrefixType":"TINK"}]}`, 41 want: []veles.Secret{tinkkeyset.TinkKeySet{ 42 Content: `{"primaryKeyId":1976038263, "key":[{"keyData":{"typeUrl":"type.googleapis.com/google.crypto.tink.AesGcmKey", "value":"GhBi7O0TErBM9eTl3UppUGZg", "keyMaterialType":"SYMMETRIC"}, "status":"ENABLED", "keyId":1976038263, "outputPrefixType":"TINK"}]}`, 43 }}, 44 }, 45 { 46 name: "pretty_json", 47 input: `{ 48 "primaryKeyId":1976038263, 49 "key":[ 50 { 51 "keyData":{ 52 "typeUrl":"type.googleapis.com/google.crypto.tink.AesGcmKey", 53 "value":"GhBi7O0TErBM9eTl3UppUGZg", 54 "keyMaterialType":"SYMMETRIC" 55 }, 56 "status":"ENABLED", 57 "keyId":1976038263, 58 "outputPrefixType":"TINK" 59 } 60 ] 61 }`, 62 want: []veles.Secret{tinkkeyset.TinkKeySet{ 63 Content: `{"primaryKeyId":1976038263, "key":[{"keyData":{"typeUrl":"type.googleapis.com/google.crypto.tink.AesGcmKey", "value":"GhBi7O0TErBM9eTl3UppUGZg", "keyMaterialType":"SYMMETRIC"}, "status":"ENABLED", "keyId":1976038263, "outputPrefixType":"TINK"}]}`, 64 }}, 65 }, 66 { 67 name: "multiple keys json", 68 input: `{"primaryKeyId":65177451,"key":[{"keyData":{"typeUrl":"type.googleapis.com/google.crypto.tink.AesGcmKey","value":"GhBcKD0QJVkaSbbFnrmuIV+e","keyMaterialType":"SYMMETRIC"},"status":"ENABLED","keyId":65177451,"outputPrefixType":"TINK"},{"keyData":{"typeUrl":"type.googleapis.com/google.crypto.tink.AesGcmKey","value":"GiCPZRivnJJeqCAXGJemTND9SmOMQkCwxbHGUXGoRmvZcw==","keyMaterialType":"SYMMETRIC"},"status":"ENABLED","keyId":3858149861,"outputPrefixType":"TINK"}]}`, 69 want: []veles.Secret{tinkkeyset.TinkKeySet{ 70 Content: `{"primaryKeyId":65177451,"key":[{"keyData":{"typeUrl":"type.googleapis.com/google.crypto.tink.AesGcmKey","value":"GhBcKD0QJVkaSbbFnrmuIV+e","keyMaterialType":"SYMMETRIC"},"status":"ENABLED","keyId":65177451,"outputPrefixType":"TINK"},{"keyData":{"typeUrl":"type.googleapis.com/google.crypto.tink.AesGcmKey","value":"GiCPZRivnJJeqCAXGJemTND9SmOMQkCwxbHGUXGoRmvZcw==","keyMaterialType":"SYMMETRIC"},"status":"ENABLED","keyId":3858149861,"outputPrefixType":"TINK"}]}`, 71 }}, 72 }, 73 { 74 name: "multiple keysets json", 75 input: `[{ "primaryKeyId": 2090791689, "key": [ { "keyData": { "typeUrl": "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey", "value": "EhYSAggQGhDWzHIvfSnRr5S1JFDTqbBSGigSBAgDEBAaIG52KwuWno/8wN0lqzNpN/3QxX0k5mGDOGTEBy+8J4yO", "keyMaterialType": "SYMMETRIC" }, "status": "ENABLED", "keyId": 2090791689, "outputPrefixType": "TINK" } ] },{"primaryKeyId":1045837809,"key":[{"keyData":{"typeUrl":"type.googleapis.com/google.crypto.tink.AesGcmKey","value":"GhBC+B6GqV6rZI4jIA8XXDVD","keyMaterialType":"SYMMETRIC"},"status":"ENABLED","keyId":1045837809,"outputPrefixType":"TINK"}]}]`, 76 want: []veles.Secret{ 77 tinkkeyset.TinkKeySet{ 78 Content: `{ "primaryKeyId": 2090791689, "key": [ { "keyData": { "typeUrl": "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey", "value": "EhYSAggQGhDWzHIvfSnRr5S1JFDTqbBSGigSBAgDEBAaIG52KwuWno/8wN0lqzNpN/3QxX0k5mGDOGTEBy+8J4yO", "keyMaterialType": "SYMMETRIC" }, "status": "ENABLED", "keyId": 2090791689, "outputPrefixType": "TINK" } ] }`, 79 }, 80 tinkkeyset.TinkKeySet{ 81 Content: `{"primaryKeyId":1045837809,"key":[{"keyData":{"typeUrl":"type.googleapis.com/google.crypto.tink.AesGcmKey","value":"GhBC+B6GqV6rZI4jIA8XXDVD","keyMaterialType":"SYMMETRIC"},"status":"ENABLED","keyId":1045837809,"outputPrefixType":"TINK"}]}`, 82 }, 83 }, 84 }, 85 { 86 name: "multiple_keysets_pretty_json", 87 input: `[ 88 { "primaryKeyId": 2090791689, "key": [ { "keyData": { "typeUrl": "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey", "value": "EhYSAggQGhDWzHIvfSnRr5S1JFDTqbBSGigSBAgDEBAaIG52KwuWno/8wN0lqzNpN/3QxX0k5mGDOGTEBy+8J4yO", "keyMaterialType": "SYMMETRIC" }, "status": "ENABLED", "keyId": 2090791689, "outputPrefixType": "TINK" } ] }, 89 {"primaryKeyId":1045837809,"key":[{"keyData":{"typeUrl":"type.googleapis.com/google.crypto.tink.AesGcmKey","value":"GhBC+B6GqV6rZI4jIA8XXDVD","keyMaterialType":"SYMMETRIC"},"status":"ENABLED","keyId":1045837809,"outputPrefixType":"TINK"}]} 90 ]`, 91 want: []veles.Secret{ 92 tinkkeyset.TinkKeySet{ 93 Content: `{ "primaryKeyId": 2090791689, "key": [ { "keyData": { "typeUrl": "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey", "value": "EhYSAggQGhDWzHIvfSnRr5S1JFDTqbBSGigSBAgDEBAaIG52KwuWno/8wN0lqzNpN/3QxX0k5mGDOGTEBy+8J4yO", "keyMaterialType": "SYMMETRIC" }, "status": "ENABLED", "keyId": 2090791689, "outputPrefixType": "TINK" } ] }`, 94 }, 95 tinkkeyset.TinkKeySet{ 96 Content: `{"primaryKeyId":1045837809,"key":[{"keyData":{"typeUrl":"type.googleapis.com/google.crypto.tink.AesGcmKey","value":"GhBC+B6GqV6rZI4jIA8XXDVD","keyMaterialType":"SYMMETRIC"},"status":"ENABLED","keyId":1045837809,"outputPrefixType":"TINK"}]}`, 97 }, 98 }, 99 }, 100 { 101 name: "base64 encoded binary", 102 input: "CPHv2PIDElQKSAowdHlwZS5nb29nbGVhcGlzLmNvbS9nb29nbGUuY3J5cHRvLnRpbmsuQWVzR2NtS2V5EhIaEEL4HoapXqtkjiMgDxdcNUMYARABGPHv2PIDIAE=", 103 want: []veles.Secret{tinkkeyset.TinkKeySet{ 104 Content: `{"primaryKeyId":1045837809,"key":[{"keyData":{"typeUrl":"type.googleapis.com/google.crypto.tink.AesGcmKey","value":"GhBC+B6GqV6rZI4jIA8XXDVD","keyMaterialType":"SYMMETRIC"},"status":"ENABLED","keyId":1045837809,"outputPrefixType":"TINK"}]}`, 105 }}, 106 }, 107 { 108 name: "base64 encoded json", 109 input: "eyJwcmltYXJ5S2V5SWQiOjEwNDU4Mzc4MDksImtleSI6W3sia2V5RGF0YSI6eyJ0eXBlVXJsIjoidHlwZS5nb29nbGVhcGlzLmNvbS9nb29nbGUuY3J5cHRvLnRpbmsuQWVzR2NtS2V5IiwidmFsdWUiOiJHaEJDK0I2R3FWNnJaSTRqSUE4WFhEVkQiLCJrZXlNYXRlcmlhbFR5cGUiOiJTWU1NRVRSSUMifSwic3RhdHVzIjoiRU5BQkxFRCIsImtleUlkIjoxMDQ1ODM3ODA5LCJvdXRwdXRQcmVmaXhUeXBlIjoiVElOSyJ9XX0=", 110 want: []veles.Secret{tinkkeyset.TinkKeySet{ 111 Content: `{"primaryKeyId":1045837809,"key":[{"keyData":{"typeUrl":"type.googleapis.com/google.crypto.tink.AesGcmKey","value":"GhBC+B6GqV6rZI4jIA8XXDVD","keyMaterialType":"SYMMETRIC"},"status":"ENABLED","keyId":1045837809,"outputPrefixType":"TINK"}]}`, 112 }}, 113 }, 114 { 115 name: "base64 encoded multiple keysets json", 116 input: "W3sgInByaW1hcnlLZXlJZCI6IDIwOTA3OTE2ODksICJrZXkiOiBbIHsgImtleURhdGEiOiB7ICJ0eXBlVXJsIjogInR5cGUuZ29vZ2xlYXBpcy5jb20vZ29vZ2xlLmNyeXB0by50aW5rLkFlc0N0ckhtYWNBZWFkS2V5IiwgInZhbHVlIjogIkVoWVNBZ2dRR2hEV3pISXZmU25ScjVTMUpGRFRxYkJTR2lnU0JBZ0RFQkFhSUc1Mkt3dVduby84d04wbHF6TnBOLzNReFgwazVtR0RPR1RFQnkrOEo0eU8iLCAia2V5TWF0ZXJpYWxUeXBlIjogIlNZTU1FVFJJQyIgfSwgInN0YXR1cyI6ICJFTkFCTEVEIiwgImtleUlkIjogMjA5MDc5MTY4OSwgIm91dHB1dFByZWZpeFR5cGUiOiAiVElOSyIgfSBdIH0seyJwcmltYXJ5S2V5SWQiOjEwNDU4Mzc4MDksImtleSI6W3sia2V5RGF0YSI6eyJ0eXBlVXJsIjoidHlwZS5nb29nbGVhcGlzLmNvbS9nb29nbGUuY3J5cHRvLnRpbmsuQWVzR2NtS2V5IiwidmFsdWUiOiJHaEJDK0I2R3FWNnJaSTRqSUE4WFhEVkQiLCJrZXlNYXRlcmlhbFR5cGUiOiJTWU1NRVRSSUMifSwic3RhdHVzIjoiRU5BQkxFRCIsImtleUlkIjoxMDQ1ODM3ODA5LCJvdXRwdXRQcmVmaXhUeXBlIjoiVElOSyJ9XX1dCg==", 117 want: []veles.Secret{ 118 tinkkeyset.TinkKeySet{ 119 Content: `{ "primaryKeyId": 2090791689, "key": [ { "keyData": { "typeUrl": "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey", "value": "EhYSAggQGhDWzHIvfSnRr5S1JFDTqbBSGigSBAgDEBAaIG52KwuWno/8wN0lqzNpN/3QxX0k5mGDOGTEBy+8J4yO", "keyMaterialType": "SYMMETRIC" }, "status": "ENABLED", "keyId": 2090791689, "outputPrefixType": "TINK" } ] }`, 120 }, 121 tinkkeyset.TinkKeySet{ 122 Content: `{"primaryKeyId":1045837809,"key":[{"keyData":{"typeUrl":"type.googleapis.com/google.crypto.tink.AesGcmKey","value":"GhBC+B6GqV6rZI4jIA8XXDVD","keyMaterialType":"SYMMETRIC"},"status":"ENABLED","keyId":1045837809,"outputPrefixType":"TINK"}]}`, 123 }, 124 }, 125 }, 126 { 127 name: "base64 encoded pretty json", 128 input: "ewoJCQkJInByaW1hcnlLZXlJZCI6MTk3NjAzODI2MywKCQkJCSJrZXkiOlsKCQkJCQl7CgkJCQkJCSJrZXlEYXRhIjp7CgkJCQkJCQkidHlwZVVybCI6InR5cGUuZ29vZ2xlYXBpcy5jb20vZ29vZ2xlLmNyeXB0by50aW5rLkFlc0djbUtleSIsCgkJCQkJCQkidmFsdWUiOiJHaEJpN08wVEVyQk05ZVRsM1VwcFVHWmciLAoJCQkJCQkJImtleU1hdGVyaWFsVHlwZSI6IlNZTU1FVFJJQyIKCQkJCQkJCX0sCgkJCQkJCSJzdGF0dXMiOiJFTkFCTEVEIiwKCQkJCQkJImtleUlkIjoxOTc2MDM4MjYzLAoJCQkJCQkib3V0cHV0UHJlZml4VHlwZSI6IlRJTksiCgkJCQkJfQoJCQkJXQoJCQl9Cg==", 129 want: []veles.Secret{tinkkeyset.TinkKeySet{ 130 Content: `{"primaryKeyId":1976038263,"key":[{"keyData":{"typeUrl":"type.googleapis.com/google.crypto.tink.AesGcmKey","value":"GhBi7O0TErBM9eTl3UppUGZg","keyMaterialType":"SYMMETRIC"},"status":"ENABLED","keyId":1976038263,"outputPrefixType":"TINK"}]}`, 131 }}, 132 }, 133 { 134 name: "nested_escaped_json", 135 input: `{ 136 "prop1": 1, 137 "key": "{\"primaryKeyId\":1976038263,\n\"key\":[{\"keyData\":{\"typeUrl\":\"type.googleapis.com/google.crypto.tink.AesGcmKey\",\"value\":\"GhBi7O0TErBM9eTl3UppUGZg\",\"keyMaterialType\":\"SYMMETRIC\"},\"status\":\"ENABLED\",\"keyId\":1976038263,\"outputPrefixType\":\"TINK\"}]}", 138 "prop2": "test" 139 }`, 140 want: []veles.Secret{tinkkeyset.TinkKeySet{ 141 Content: `{"primaryKeyId":1976038263,"key":[{"keyData":{"typeUrl":"type.googleapis.com/google.crypto.tink.AesGcmKey","value":"GhBi7O0TErBM9eTl3UppUGZg","keyMaterialType":"SYMMETRIC"},"status":"ENABLED","keyId":1976038263,"outputPrefixType":"TINK"}]}`, 142 }}, 143 }, 144 { 145 name: "double_nested_escaped_json", 146 input: `{ 147 "prop1": 1, 148 "key": "{\"sub-key\":\""{\\"primaryKeyId\\":1976038263,\\"key\\":[{\\"keyData\\":{\\"typeUrl\\":\\"type.googleapis.com/google.crypto.tink.AesGcmKey\\",\\"value\\":\\"GhBi7O0TErBM9eTl3UppUGZg\\",\\"keyMaterialType\\":\\"SYMMETRIC\\"},\\"status\\":\\"ENABLED\\",\\"keyId\\":1976038263,\\"outputPrefixType\\":\\"TINK\\"}]}\\"\"}", 149 "prop2": "test" 150 }`, 151 want: []veles.Secret{tinkkeyset.TinkKeySet{ 152 Content: `{"primaryKeyId":1976038263,"key":[{"keyData":{"typeUrl":"type.googleapis.com/google.crypto.tink.AesGcmKey","value":"GhBi7O0TErBM9eTl3UppUGZg","keyMaterialType":"SYMMETRIC"},"status":"ENABLED","keyId":1976038263,"outputPrefixType":"TINK"}]}`, 153 }}, 154 }, 155 { 156 name: "nested_base64_encoded_json", 157 input: `{ 158 "prop1": 1, 159 "key": "eyJwcmltYXJ5S2V5SWQiOjEwNDU4Mzc4MDksImtleSI6W3sia2V5RGF0YSI6eyJ0eXBlVXJsIjoidHlwZS5nb29nbGVhcGlzLmNvbS9nb29nbGUuY3J5cHRvLnRpbmsuQWVzR2NtS2V5IiwidmFsdWUiOiJHaEJDK0I2R3FWNnJaSTRqSUE4WFhEVkQiLCJrZXlNYXRlcmlhbFR5cGUiOiJTWU1NRVRSSUMifSwic3RhdHVzIjoiRU5BQkxFRCIsImtleUlkIjoxMDQ1ODM3ODA5LCJvdXRwdXRQcmVmaXhUeXBlIjoiVElOSyJ9XX0=", 160 "prop2": "test" 161 }`, 162 want: []veles.Secret{tinkkeyset.TinkKeySet{ 163 Content: `{"primaryKeyId":1045837809,"key":[{"keyData":{"typeUrl":"type.googleapis.com/google.crypto.tink.AesGcmKey","value":"GhBC+B6GqV6rZI4jIA8XXDVD","keyMaterialType":"SYMMETRIC"},"status":"ENABLED","keyId":1045837809,"outputPrefixType":"TINK"}]}`, 164 }}, 165 }, 166 { 167 name: "nested_base64_encoded_binary_yml", 168 input: ` 169 something_else: 170 - 1 171 - 2 172 something: 173 key: CMqC1egBEu0BCuABCjZ0eXBlLmdvb2dsZWFwaXMuY29tL2dvb2dsZS5jcnlwdG8udGluay5FY2RzYVByaXZhdGVLZXkSowESbhIGCAIQAxgCGjEALtEnNfLN9e2OEVYeweLj35F9/Tzr2kV+YZUmV4wR2lgYBTu6JAujO3+iJvtiQi5EIjEAHFyd64L5Uox0INu7FL3WGz5/BBUmNhEssMoaGJQKYisImuXu4KX6j+3bpHP4LTR7GjEAs0ZzCdzmNyaHnqGtYNywvw8AvkJv9zemuyXIRmmLPj/eR+Uwzn8cXasTrw5dD+ESGAIQARjKgtXoASAD 174 `, 175 want: []veles.Secret{tinkkeyset.TinkKeySet{ 176 Content: `{"primaryKeyId":487932234,"key":[{"keyData":{"typeUrl":"type.googleapis.com/google.crypto.tink.EcdsaPrivateKey","value":"Em4SBggCEAMYAhoxAC7RJzXyzfXtjhFWHsHi49+Rff0869pFfmGVJleMEdpYGAU7uiQLozt/oib7YkIuRCIxABxcneuC+VKMdCDbuxS91hs+fwQVJjYRLLDKGhiUCmIrCJrl7uCl+o/t26Rz+C00exoxALNGcwnc5jcmh56hrWDcsL8PAL5Cb/c3prslyEZpiz4/3kflMM5/HF2rE68OXQ/hEg==","keyMaterialType":"ASYMMETRIC_PRIVATE"},"status":"ENABLED","keyId":487932234,"outputPrefixType":"RAW"}]}`, 177 }}, 178 }, 179 { 180 name: "nested_base64_encoded_binary_and_json_yml", 181 input: ` 182 something_else: 183 - 1 184 - 2 185 something: 186 key: CMqC1egBEu0BCuABCjZ0eXBlLmdvb2dsZWFwaXMuY29tL2dvb2dsZS5jcnlwdG8udGluay5FY2RzYVByaXZhdGVLZXkSowESbhIGCAIQAxgCGjEALtEnNfLN9e2OEVYeweLj35F9/Tzr2kV+YZUmV4wR2lgYBTu6JAujO3+iJvtiQi5EIjEAHFyd64L5Uox0INu7FL3WGz5/BBUmNhEssMoaGJQKYisImuXu4KX6j+3bpHP4LTR7GjEAs0ZzCdzmNyaHnqGtYNywvw8AvkJv9zemuyXIRmmLPj/eR+Uwzn8cXasTrw5dD+ESGAIQARjKgtXoASAD 187 key2: ewogICJwcmltYXJ5S2V5SWQiOiAyMDkwNzkxNjg5LAogICJrZXkiOiBbCiAgICB7CiAgICAgICJrZXlEYXRhIjogewogICAgICAgICJ0eXBlVXJsIjogInR5cGUuZ29vZ2xlYXBpcy5jb20vZ29vZ2xlLmNyeXB0by50aW5rLkFlc0N0ckhtYWNBZWFkS2V5IiwKICAgICAgICAidmFsdWUiOiAiRWhZU0FnZ1FHaERXekhJdmZTblJyNVMxSkZEVHFiQlNHaWdTQkFnREVCQWFJRzUyS3d1V25vLzh3TjBscXpOcE4vM1F4WDBrNW1HRE9HVEVCeSs4SjR5TyIsCiAgICAgICAgImtleU1hdGVyaWFsVHlwZSI6ICJTWU1NRVRSSUMiCiAgICAgIH0sCiAgICAgICJzdGF0dXMiOiAiRU5BQkxFRCIsCiAgICAgICJrZXlJZCI6IDIwOTA3OTE2ODksCiAgICAgICJvdXRwdXRQcmVmaXhUeXBlIjogIlRJTksiCiAgICB9CiAgXQp9 188 `, 189 want: []veles.Secret{ 190 tinkkeyset.TinkKeySet{ 191 Content: `{"primaryKeyId":487932234,"key":[{"keyData":{"typeUrl":"type.googleapis.com/google.crypto.tink.EcdsaPrivateKey","value":"Em4SBggCEAMYAhoxAC7RJzXyzfXtjhFWHsHi49+Rff0869pFfmGVJleMEdpYGAU7uiQLozt/oib7YkIuRCIxABxcneuC+VKMdCDbuxS91hs+fwQVJjYRLLDKGhiUCmIrCJrl7uCl+o/t26Rz+C00exoxALNGcwnc5jcmh56hrWDcsL8PAL5Cb/c3prslyEZpiz4/3kflMM5/HF2rE68OXQ/hEg==","keyMaterialType":"ASYMMETRIC_PRIVATE"},"status":"ENABLED","keyId":487932234,"outputPrefixType":"RAW"}]}`, 192 }, 193 tinkkeyset.TinkKeySet{ 194 Content: `{ "primaryKeyId": 2090791689, "key": [ { "keyData": { "typeUrl": "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey", "value": "EhYSAggQGhDWzHIvfSnRr5S1JFDTqbBSGigSBAgDEBAaIG52KwuWno/8wN0lqzNpN/3QxX0k5mGDOGTEBy+8J4yO", "keyMaterialType": "SYMMETRIC" }, "status": "ENABLED", "keyId": 2090791689, "outputPrefixType": "TINK" } ] }`, 195 }, 196 }, 197 }, 198 } 199 200 cmpOpt := cmp.Comparer(func(x, y tinkkeyset.TinkKeySet) bool { 201 var xJSON, yJSON any 202 if err := json.Unmarshal([]byte(x.Content), &xJSON); err != nil { 203 return false 204 } 205 if err := json.Unmarshal([]byte(y.Content), &yJSON); err != nil { 206 return false 207 } 208 return cmp.Equal(xJSON, yJSON) 209 }) 210 211 for _, tc := range cases { 212 t.Run(tc.name, func(t *testing.T) { 213 got, err := engine.Detect(t.Context(), strings.NewReader(tc.input)) 214 if err != nil { 215 t.Errorf("Detect() error: %v, want nil", err) 216 } 217 if diff := cmp.Diff(tc.want, got, cmpopts.EquateEmpty(), cmpOpt); diff != "" { 218 t.Errorf("Detect() diff (-want +got):\n%s", diff) 219 } 220 }) 221 } 222 } 223 224 func TestDetector_trueNegatives(t *testing.T) { 225 engine, err := veles.NewDetectionEngine([]veles.Detector{tinkkeyset.NewDetector()}) 226 if err != nil { 227 t.Fatal(err) 228 } 229 cases := []struct { 230 name string 231 input string 232 want []veles.Secret 233 }{ 234 { 235 name: "test", 236 input: `{ 237 "encryptedKeyset":"AdeMbh3U2oN9f4wR2wm6qMNqDNRsRoYonk+13vlyDIHSSob8c7KHDr1oBntEOz+Un2jQIzVBj2YzxgmtFRwa5TBW7xElrsJsNpDu8UtIPPX/5yAI9mO8Pf0gKK242lDnefciNpX6FXWRB6mxwklXKxF2v1eY2uxIII2ZG/ETuQ09L3Sn1FcSjYPeyy0Bi5ov7uTDNFJ5uU1LgGeGYmwlxK7QE/bCG7Ww+iCo/JdR/kNL5bdSp1q8ywcUk/1RDR9FnGx3XA8crFjAVbeMPgSIBJ1N7a69dQyttVawwm+3GyLCMB6gfqLLKbnuBpXb45/mhQdml6/U6cLxOZlxEOzU0GoC2bjQ7+qneTWwmDsNPgkwxjaNVm8p", 238 "keysetInfo":{ 239 "primaryKeyId":1519620947, 240 "keyInfo":[ 241 { 242 "typeUrl":"type.googleapis.com/google.crypto.tink.EcdsaPrivateKey", 243 "status":"ENABLED","keyId":1519620947,"outputPrefixType":"RAW" 244 } 245 ] 246 } 247 }`, 248 want: []veles.Secret{}, 249 }, 250 } 251 for _, tc := range cases { 252 t.Run(tc.name, func(t *testing.T) { 253 got, err := engine.Detect(t.Context(), strings.NewReader(tc.input)) 254 if err != nil { 255 t.Errorf("Detect() error: %v, want nil", err) 256 } 257 if diff := cmp.Diff(tc.want, got, cmpopts.EquateEmpty()); diff != "" { 258 t.Errorf("Detect() diff (-want +got):\n%s", diff) 259 } 260 }) 261 } 262 }