github.com/zntrio/harp/v2@v2.0.9/pkg/container/seal/v2/key_test.go

github.com/zntrio/harp/v2@v2.0.9/pkg/container/seal/v2/key_test.go (about)

     1  // Licensed to Elasticsearch B.V. under one or more contributor
     2  // license agreements. See the NOTICE file distributed with
     3  // this work for additional information regarding copyright
     4  // ownership. Elasticsearch B.V. licenses this file to you under
     5  // the Apache License, Version 2.0 (the "License"); you may
     6  // not use this file except in compliance with the License.
     7  // You may obtain a copy of the License at
     8  //
     9  //	http://www.apache.org/licenses/LICENSE-2.0
    10  //
    11  // Unless required by applicable law or agreed to in writing,
    12  // software distributed under the License is distributed on an
    13  // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
    14  // KIND, either express or implied.  See the License for the
    15  // specific language governing permissions and limitations
    16  // under the License.
    17  package v2
    18  
    19  import (
    20  	"bytes"
    21  	"testing"
    22  
    23  	"github.com/awnumar/memguard"
    24  	"github.com/stretchr/testify/assert"
    25  
    26  	"github.com/zntrio/harp/v2/pkg/container/seal"
    27  )
    28  
    29  func TestGenerateKey(t *testing.T) {
    30  	adapter := New()
    31  
    32  	t.Run("deterministic", func(t *testing.T) {
    33  		pub, pk, err := adapter.GenerateKey(
    34  			seal.WithDeterministicKey(memguard.NewBufferFromBytes([]byte("deterministic-seed-for-test-00001")), "Release 64"),
    35  		)
    36  		assert.NoError(t, err)
    37  		assert.NotNil(t, pk)
    38  		assert.Equal(t, "v2.ck.QwUEpYFxXpwFGrHQbHXGH0k4w_g9iDw38d67f9YHZwhvmEyE0R3McDMYr260lNck", pk)
    39  		assert.NotNil(t, pub)
    40  		assert.Equal(t, "v2.sk.AuSjVpMZben6n9fXiaDj8bMjSvhcZ9n7c82VOt7v9_UBzZJaMLamkQUFAVp_9frpAg", pub)
    41  	})
    42  
    43  	t.Run("deterministic - same key with different target", func(t *testing.T) {
    44  		pub, pk, err := adapter.GenerateKey(
    45  			seal.WithDeterministicKey(memguard.NewBufferFromBytes([]byte("deterministic-seed-for-test-00001")), "Release 65"),
    46  		)
    47  		assert.NoError(t, err)
    48  		assert.NotNil(t, pk)
    49  		assert.Equal(t, "v2.ck.2pWmwDtEjYAsLMR-7es_p3IvyYNrc3qSo5KbqrYmbCq5COcquwpr3SDnOmJrrbDp", pk)
    50  		assert.NotNil(t, pub)
    51  		assert.Equal(t, "v2.sk.AwzwXF1XaZVry-pppsQ1ovSIMLtix-Nhq8NkBDEp46ulrHuY2onMg2_VusdD5D2YXg", pub)
    52  	})
    53  
    54  	t.Run("master key too short", func(t *testing.T) {
    55  		pub, pk, err := adapter.GenerateKey(
    56  			seal.WithDeterministicKey(memguard.NewBufferFromBytes([]byte("too-short-masterkey")), "Release 64"),
    57  		)
    58  		assert.Error(t, err)
    59  		assert.Empty(t, pk)
    60  		assert.Empty(t, pub)
    61  	})
    62  
    63  	t.Run("default with given random source", func(t *testing.T) {
    64  		pub, pk, err := adapter.GenerateKey(seal.WithRandom(bytes.NewReader([]byte("UlLYMVJzTrAv0KYbl2KqCo9fnsyPLu9YNAO5iUsABeYMmkKe2TnSp8JLD9zThZk"))))
    65  		assert.NoError(t, err)
    66  		assert.NotNil(t, pk)
    67  		assert.Equal(t, "v2.ck.VHJBdjBLWWJsMktxQ285ZoFXc5G4HY_0qSMZAibGlchUmqt915byglIOGeel-5X5", pk)
    68  		assert.NotNil(t, pub)
    69  		assert.Equal(t, "v2.sk.A0V1xCxGNtVAE9EVhaKi-pIADhd1in8xV_FI5Y0oHSHLAkew9gDAqiALSd6VgvBCbQ", pub)
    70  	})
    71  
    72  	t.Run("default", func(t *testing.T) {
    73  		pub, pk, err := adapter.GenerateKey()
    74  		assert.NoError(t, err)
    75  		assert.NotEmpty(t, pk)
    76  		assert.NotEmpty(t, pub)
    77  	})
    78  }