github.com/sentienttechnologies/studio-go-runner@v0.0.0-20201118202441-6d21f2ced8ee/internal/runner/block_crypto_test.go (about) 1 // Copyright 2018-2020 (c) Cognizant Digital Business, Evolutionary AI. All rights reserved. Issued under the Apache 2.0 License. 2 3 package runner 4 5 import ( 6 "fmt" 7 "io/ioutil" 8 "os" 9 "path/filepath" 10 "strings" 11 "testing" 12 13 "github.com/go-stack/stack" 14 "github.com/go-test/deep" 15 "github.com/jjeffery/kv" 16 "github.com/rs/xid" 17 ) 18 19 // TestCrypt is used to validate the AES large block/file style of symetric encryption 20 func TestCrypt(t *testing.T) { 21 data := RandomString(16 * 1024) 22 key, encrypted, err := EncryptBlock([]byte(data)) 23 if err != nil { 24 t.Fatal(err.With("stack", stack.Trace().TrimRuntime())) 25 } 26 27 decrypted, err := DecryptBlock(key, encrypted) 28 if err != nil { 29 t.Fatal(err.With("stack", stack.Trace().TrimRuntime())) 30 } 31 if strings.Compare(data, string(decrypted)) != 0 { 32 t.Fatal(kv.NewError("encryption decryption cycle failed").With("stack", stack.Trace().TrimRuntime())) 33 } 34 35 // Test the negative case for the key 36 key[0] = 'x' 37 decrypted, err = DecryptBlock(key, encrypted) 38 if err == nil { 39 t.Fatal(kv.NewError("bad key was accepted").With("stack", stack.Trace().TrimRuntime())) 40 } 41 if strings.Compare(data, string(decrypted)) == 0 { 42 t.Fatal(kv.NewError("bad key was accepted").With("stack", stack.Trace().TrimRuntime())) 43 } 44 } 45 46 // TestCryptoPython is used to test symmetric encryption in python using nacl SecretBox and Go 47 // crypto libraries 48 func TestCryptoPython(t *testing.T) { 49 // Create a new TMPDIR because the python pip tends to leave dirt behind 50 // when doing pip builds etc 51 tmpDir, errGo := ioutil.TempDir("", "") 52 if errGo != nil { 53 t.Fatal(kv.Wrap(errGo).With("stack", stack.Trace().TrimRuntime())) 54 } 55 defer func() { 56 os.RemoveAll(tmpDir) 57 }() 58 59 // Create a random passphrase 60 passphrase := xid.New().String() 61 // Get a pair of RSA private keys to use just for this test 62 if err := GenerateTestKeys(tmpDir, 4096, passphrase); err != nil { 63 t.Fatal(err) 64 } 65 66 publicPEM, err := ioutil.ReadFile(filepath.Join(tmpDir, "public.pem")) 67 if err != nil { 68 t.Fatal(err) 69 } 70 privatePEM, err := ioutil.ReadFile(filepath.Join(tmpDir, "private.pem")) 71 if err != nil { 72 t.Fatal(err) 73 } 74 75 // Grab known files from the crypto test library and place them into 76 // our temporary test directory 77 testFiles := map[string]os.FileMode{ 78 filepath.Join("..", "..", "assets", "crypto", "encryptor.py"): 0600, 79 filepath.Join("..", "..", "assets", "crypto", "encryptor.sh"): 0700, 80 } 81 output, err := PythonRun(testFiles, tmpDir, 20) 82 if err != nil { 83 for _, line := range output { 84 fmt.Println(line) 85 } 86 t.Fatal(err) 87 } 88 89 payload, errGo := ioutil.ReadFile(filepath.Join(tmpDir, "payload")) 90 if errGo != nil { 91 t.Fatal(errGo) 92 } 93 94 lines := strings.Split(string(payload), "\n") 95 clear := lines[0] 96 encrypted := lines[1] 97 98 w, err := NewWrapper(publicPEM, privatePEM, []byte(passphrase)) 99 if err != nil { 100 t.Fatal(err) 101 } 102 103 decrypted, err := w.unwrapRaw(encrypted) 104 if err != nil { 105 for _, aLine := range output { 106 fmt.Println(aLine) 107 } 108 t.Fatal(err) 109 } 110 111 // Create our own encryption wrapper and break things apart 112 // UnwrapRequest 113 if diff := deep.Equal(clear, string(decrypted)); diff != nil { 114 t.Fatal(diff) 115 } 116 }