github.com/opentofu/opentofu@v1.7.1/internal/encryption/method/aesgcm/config_test.go (about) 1 package aesgcm 2 3 import ( 4 "bytes" 5 "errors" 6 "testing" 7 8 "github.com/opentofu/opentofu/internal/encryption/keyprovider" 9 10 "github.com/opentofu/opentofu/internal/encryption/method" 11 ) 12 13 func TestConfig_Build(t *testing.T) { 14 var testCases = []struct { 15 name string 16 config *Config 17 errorType any 18 expected aesgcm 19 }{ 20 { 21 name: "key-32-bytes", 22 config: &Config{ 23 Keys: keyprovider.Output{ 24 EncryptionKey: []byte("bohwu9zoo7Zool5olaileef1eibeathe"), 25 DecryptionKey: []byte("bohwu9zoo7Zool5olaileef1eibeathd"), 26 }, 27 }, 28 errorType: nil, 29 expected: aesgcm{ 30 encryptionKey: []byte("bohwu9zoo7Zool5olaileef1eibeathe"), 31 decryptionKey: []byte("bohwu9zoo7Zool5olaileef1eibeathd"), 32 }, 33 }, 34 { 35 name: "key-24-bytes", 36 config: &Config{ 37 Keys: keyprovider.Output{ 38 EncryptionKey: []byte("bohwu9zoo7Zool5olaileefe"), 39 DecryptionKey: []byte("bohwu9zoo7Zool5olaileefd"), 40 }, 41 }, 42 errorType: nil, 43 expected: aesgcm{ 44 encryptionKey: []byte("bohwu9zoo7Zool5olaileefe"), 45 decryptionKey: []byte("bohwu9zoo7Zool5olaileefd"), 46 }, 47 }, 48 { 49 name: "key-16-bytes", 50 config: &Config{ 51 Keys: keyprovider.Output{ 52 EncryptionKey: []byte("bohwu9zoo7Zool5e"), 53 DecryptionKey: []byte("bohwu9zoo7Zool5d"), 54 }, 55 }, 56 errorType: nil, 57 expected: aesgcm{ 58 encryptionKey: []byte("bohwu9zoo7Zool5e"), 59 decryptionKey: []byte("bohwu9zoo7Zool5d"), 60 }, 61 }, 62 { 63 name: "no-key", 64 config: &Config{}, 65 errorType: &method.ErrInvalidConfiguration{}, 66 }, 67 { 68 name: "encryption-key-15-bytes", 69 config: &Config{ 70 Keys: keyprovider.Output{ 71 EncryptionKey: []byte("bohwu9zoo7Ze15"), 72 DecryptionKey: []byte("bohwu9zoo7Zod16"), 73 }, 74 }, 75 errorType: &method.ErrInvalidConfiguration{}, 76 }, 77 { 78 name: "decryption-key-15-bytes", 79 config: &Config{ 80 Keys: keyprovider.Output{ 81 EncryptionKey: []byte("bohwu9zoo7Zooe16"), 82 DecryptionKey: []byte("bohwu9zoo7Zod15"), 83 }, 84 }, 85 errorType: &method.ErrInvalidConfiguration{}, 86 }, 87 { 88 name: "aad", 89 config: &Config{ 90 Keys: keyprovider.Output{ 91 EncryptionKey: []byte("bohwu9zoo7Zool5olaileef1eibeathe"), 92 DecryptionKey: []byte("bohwu9zoo7Zool5olaileef1eibeathd"), 93 }, 94 AAD: []byte("foobar"), 95 }, 96 expected: aesgcm{ 97 encryptionKey: []byte("bohwu9zoo7Zool5olaileef1eibeathe"), 98 decryptionKey: []byte("bohwu9zoo7Zool5olaileef1eibeathd"), 99 aad: []byte("foobar"), 100 }, 101 errorType: nil, 102 }, 103 } 104 for _, tc := range testCases { 105 t.Run(tc.name, func(t *testing.T) { 106 built, err := tc.config.Build() 107 if tc.errorType == nil { 108 if err != nil { 109 t.Fatalf("Unexpected error returned: %v", err) 110 } 111 112 built := built.(*aesgcm) 113 114 if !bytes.Equal(tc.expected.encryptionKey, built.encryptionKey) { 115 t.Fatalf("Incorrect encryption key built: %v != %v", tc.expected.encryptionKey, built.encryptionKey) 116 } 117 if !bytes.Equal(tc.expected.decryptionKey, built.decryptionKey) { 118 t.Fatalf("Incorrect decryption key built: %v != %v", tc.expected.decryptionKey, built.decryptionKey) 119 } 120 if !bytes.Equal(tc.expected.aad, built.aad) { 121 t.Fatalf("Incorrect aad built: %v != %v", tc.expected.aad, built.aad) 122 } 123 124 } else if tc.errorType != nil { 125 if err == nil { 126 t.Fatal("Expected error, none received") 127 } 128 if !errors.As(err, &tc.errorType) { 129 t.Fatalf("Incorrect error type received: %T", err) 130 } 131 t.Logf("Correct error of type %T received: %v", err, err) 132 } 133 134 }) 135 } 136 }