github.com/opentofu/opentofu@v1.7.1/internal/encryption/method/aesgcm/aesgcm_test.go

github.com/opentofu/opentofu@v1.7.1/internal/encryption/method/aesgcm/aesgcm_test.go (about)

     1  package aesgcm_test
     2  
     3  import (
     4  	"errors"
     5  	"testing"
     6  
     7  	"github.com/opentofu/opentofu/internal/encryption/keyprovider"
     8  
     9  	"github.com/opentofu/opentofu/internal/encryption/method"
    10  	"github.com/opentofu/opentofu/internal/encryption/method/aesgcm"
    11  )
    12  
    13  var config = &aesgcm.Config{
    14  	Keys: keyprovider.Output{
    15  		EncryptionKey: []byte("aeshi1quahb2Rua0ooquaiwahbonedoh"),
    16  		DecryptionKey: []byte("aeshi1quahb2Rua0ooquaiwahbonedoh"),
    17  	},
    18  }
    19  
    20  func TestDecryptEmptyData(t *testing.T) {
    21  	m, err := config.Build()
    22  	if err != nil {
    23  		t.Fatalf("unexpected error (%v)", err)
    24  	}
    25  
    26  	_, err = m.Decrypt(nil)
    27  	if err == nil {
    28  		t.Fatalf("Expected error, none returned.")
    29  	}
    30  
    31  	var e *method.ErrDecryptionFailed
    32  	if !errors.As(err, &e) {
    33  		t.Fatalf("Incorrect error type returned: %T (%v)", err, err)
    34  	}
    35  }
    36  
    37  func TestDecryptShortData(t *testing.T) {
    38  	m, err := config.Build()
    39  	if err != nil {
    40  		t.Fatalf("unexpected error (%v)", err)
    41  	}
    42  
    43  	// Passing a non-empty, but shorter-than-nonce data
    44  	_, err = m.Decrypt([]byte("1"))
    45  	if err == nil {
    46  		t.Fatalf("Expected error, none returned.")
    47  	}
    48  
    49  	var e *method.ErrDecryptionFailed
    50  	if !errors.As(err, &e) {
    51  		t.Fatalf("Incorrect error type returned: %T (%v)", err, err)
    52  	}
    53  }
    54  
    55  func TestDecryptInvalidData(t *testing.T) {
    56  	m, err := config.Build()
    57  	if err != nil {
    58  		t.Fatalf("unexpected error (%v)", err)
    59  	}
    60  
    61  	// Passing a non-empty, but shorter-than-nonce data
    62  	_, err = m.Decrypt([]byte("abcdefghijklmnopqrstuvwxyz"))
    63  	if err == nil {
    64  		t.Fatalf("Expected error, none returned.")
    65  	}
    66  
    67  	var e *method.ErrDecryptionFailed
    68  	if !errors.As(err, &e) {
    69  		t.Fatalf("Incorrect error type returned: %T (%v)", err, err)
    70  	}
    71  }
    72  
    73  func TestDecryptCorruptData(t *testing.T) {
    74  	m, err := config.Build()
    75  	if err != nil {
    76  		t.Fatalf("unexpected error (%v)", err)
    77  	}
    78  
    79  	encrypted, err := m.Encrypt([]byte("Hello world!"))
    80  	if err != nil {
    81  		t.Fatalf("unexpected error (%v)", err)
    82  	}
    83  
    84  	encrypted = encrypted[:len(encrypted)-1]
    85  	decrypted, err := m.Decrypt(encrypted)
    86  	if err == nil {
    87  		t.Fatalf("Expected error, got: %v", decrypted)
    88  	}
    89  	var e *method.ErrDecryptionFailed
    90  	if !errors.As(err, &e) {
    91  		t.Fatalf("Incorrect error type returned: %T (%v)", err, err)
    92  	}
    93  }