github.com/zntrio/harp/v2@v2.0.9/pkg/sdk/value/encryption/secretbox/transformer_test.go (about) 1 // Licensed to Elasticsearch B.V. under one or more contributor 2 // license agreements. See the NOTICE file distributed with 3 // this work for additional information regarding copyright 4 // ownership. Elasticsearch B.V. licenses this file to you under 5 // the Apache License, Version 2.0 (the "License"); you may 6 // not use this file except in compliance with the License. 7 // You may obtain a copy of the License at 8 // 9 // http://www.apache.org/licenses/LICENSE-2.0 10 // 11 // Unless required by applicable law or agreed to in writing, 12 // software distributed under the License is distributed on an 13 // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 // KIND, either express or implied. See the License for the 15 // specific language governing permissions and limitations 16 // under the License. 17 18 package secretbox 19 20 import ( 21 "context" 22 "encoding/base64" 23 "encoding/hex" 24 "fmt" 25 "testing" 26 27 "github.com/golang/mock/gomock" 28 "github.com/google/go-cmp/cmp" 29 ) 30 31 func Test_Transformer_SecretBox_InvalidKey(t *testing.T) { 32 keys := []string{ 33 "", 34 "foo", 35 "123456", 36 } 37 for _, k := range keys { 38 key := k 39 t.Run(fmt.Sprintf("key `%s`", key), func(t *testing.T) { 40 underTest, err := Transformer(key) 41 if err == nil { 42 t.Fatalf("Transformer should raise an error with key `%s`", key) 43 } 44 if underTest != nil { 45 t.Fatalf("Transformer instance should be nil") 46 } 47 }) 48 } 49 } 50 51 func Test_Transformer_SecretBox_From(t *testing.T) { 52 // Load a secretbox key 53 kRaw, _ := hex.DecodeString("0f5297b6f0114171e9de547801b1e8bb929fe1d091e63c6377a392ec1baa3d0b") 54 var k [keyLength]byte 55 copy(k[:], kRaw) 56 57 // Prepare valid dataset 58 plainText := []byte("cool-protected-data") 59 encrypted, err := encrypt(plainText, k) 60 if err != nil { 61 t.Fatalf("unable to encrypt data with secretbox key: %v", err) 62 } 63 64 // Prepare testcases 65 testCases := []struct { 66 name string 67 input []byte 68 wantErr bool 69 want []byte 70 }{ 71 { 72 name: "Invalid encrypted payload", 73 input: []byte("bad-encryption-payload"), 74 wantErr: true, 75 }, 76 { 77 name: "Invalid encrypted payload more than nonce length", 78 input: []byte("012345678901234567890123456789"), 79 wantErr: true, 80 }, 81 { 82 name: "Valid payload", 83 input: encrypted, 84 wantErr: false, 85 want: plainText, 86 }, 87 } 88 89 // For each testcase 90 for _, tc := range testCases { 91 testCase := tc 92 t.Run(testCase.name, func(t *testing.T) { 93 t.Parallel() 94 95 ctrl := gomock.NewController(t) 96 defer ctrl.Finish() 97 98 // Initialize mock 99 ctx := context.Background() 100 101 // Initialize transformer 102 underTest, err := Transformer(base64.URLEncoding.EncodeToString(k[:])) 103 if err != nil { 104 t.Fatalf("unable to initialize transformer: %v", err) 105 } 106 107 // Do the call 108 got, err := underTest.From(ctx, testCase.input) 109 110 // Assert results expectations 111 if (err != nil) != testCase.wantErr { 112 t.Errorf("error during the call, error = %v, wantErr %v", err, testCase.wantErr) 113 return 114 } 115 if testCase.wantErr { 116 return 117 } 118 if diff := cmp.Diff(got, testCase.want); diff != "" { 119 t.Errorf("%q. SecretBox.From():\n-got/+want\ndiff %s", testCase.name, diff) 120 } 121 }) 122 } 123 } 124 125 func Test_Transformer_SecretBox_To(t *testing.T) { 126 // Load a secretbox key 127 kRaw, _ := hex.DecodeString("0f5297b6f0114171e9de547801b1e8bb929fe1d091e63c6377a392ec1baa3d0b") 128 var k [keyLength]byte 129 copy(k[:], kRaw) 130 131 // Prepare valid dataset 132 plainText := []byte("cool-protected-data") 133 134 // Prepare testcases 135 testCases := []struct { 136 name string 137 input []byte 138 wantErr bool 139 want []byte 140 }{ 141 { 142 name: "Valid payload", 143 input: plainText, 144 wantErr: false, 145 }, 146 } 147 148 // For each testcase 149 for _, tc := range testCases { 150 testCase := tc 151 t.Run(testCase.name, func(t *testing.T) { 152 t.Parallel() 153 154 ctrl := gomock.NewController(t) 155 defer ctrl.Finish() 156 157 // Initialize mock 158 ctx := context.Background() 159 160 // Initialize transformer 161 underTest, err := Transformer(base64.URLEncoding.EncodeToString(k[:])) 162 if err != nil { 163 t.Fatalf("unable to initialize transformer: %v", err) 164 } 165 166 // Do the call 167 got, err := underTest.To(ctx, testCase.input) 168 169 // Assert results expectations 170 if (err != nil) != testCase.wantErr { 171 t.Errorf("error during the call, error = %v, wantErr %v", err, testCase.wantErr) 172 return 173 } 174 if testCase.wantErr { 175 return 176 } 177 out, err := underTest.From(ctx, got) 178 if err != nil { 179 t.Errorf("error during the SecretBox.From() call, error = %v", err) 180 } 181 if diff := cmp.Diff(out, testCase.input); diff != "" { 182 t.Errorf("%q. SecretBox.To():\n-got/+want\ndiff %s", testCase.name, diff) 183 } 184 }) 185 } 186 }