generated from PenaSide/GolangTemplate
183 lines
4.9 KiB
Go
183 lines
4.9 KiB
Go
package encrypt_test
|
||
|
||
import (
|
||
"errors"
|
||
"strings"
|
||
"testing"
|
||
|
||
"github.com/stretchr/testify/assert"
|
||
"penahub.gitlab.yandexcloud.net/pena-services/pena-social-auth/internal/models"
|
||
"penahub.gitlab.yandexcloud.net/pena-services/pena-social-auth/internal/service/encrypt"
|
||
"penahub.gitlab.yandexcloud.net/pena-services/pena-social-auth/internal/service/encrypt/mocks"
|
||
)
|
||
|
||
var (
|
||
privateKeyCurve25519 = strings.Replace(
|
||
`-----BEGIN PRIVATE KEY-----
|
||
MC4CAQAwBQYDK2VwBCIEIKn0BKwF3vZvODgWAnUIwQhd8de5oZhY48gc23EWfrfs
|
||
-----END PRIVATE KEY-----`,
|
||
"\t",
|
||
"",
|
||
-1,
|
||
)
|
||
|
||
privateKeyCurve25519Invalid = strings.Replace(
|
||
`-----BEGIN PRIVATE KEY-----
|
||
MC4CAQAwBQYDK2VwBCIE3vZvODgWAnUIhd8de5oZhY48gc23EWfrfs
|
||
-----END PRIVATE KEY-----`,
|
||
"\t",
|
||
"",
|
||
-1,
|
||
)
|
||
|
||
publicKeyCurve25519 = strings.Replace(
|
||
`-----BEGIN PUBLIC KEY-----
|
||
MCowBQYDK2VwAyEAEbnIvjIMle4rqVol6K2XUqOxHy1KJoNoZdKJrRUPKL4=
|
||
-----END PUBLIC KEY-----`,
|
||
"\t",
|
||
"",
|
||
-1,
|
||
)
|
||
|
||
publicKeyCurve25519InvalidLength = strings.Replace(
|
||
`-----BEGIN PUBLIC KEY-----
|
||
MowBQYDK2VwA9yEAEbnIvjIMle4rqVol6K2XUqOxHy1KJoNoZdKJrRUPKL4=
|
||
-----END PUBLIC KEY-----`,
|
||
"\t",
|
||
"",
|
||
-1,
|
||
)
|
||
)
|
||
|
||
func TestSignCommonSecret(t *testing.T) {
|
||
t.Run("Успешная подпись общего секрета", func(t *testing.T) {
|
||
encryptService := encrypt.New(&encrypt.ServiceDeps{
|
||
PrivateCurveKey: privateKeyCurve25519,
|
||
SignSecret: "secret",
|
||
})
|
||
|
||
assert.NotPanics(t, func() {
|
||
encryptedText, err := encryptService.SignCommonSecret()
|
||
|
||
assert.NoError(t, err)
|
||
assert.NotEmpty(t, encryptedText)
|
||
assert.NotZero(t, encryptedText)
|
||
})
|
||
})
|
||
|
||
t.Run("Ошибка подписи из-за кривого ключа (заголовок имеется)", func(t *testing.T) {
|
||
encryptService := encrypt.New(&encrypt.ServiceDeps{
|
||
PrivateCurveKey: privateKeyCurve25519Invalid,
|
||
SignSecret: "secret",
|
||
})
|
||
|
||
assert.NotPanics(t, func() {
|
||
encryptedText, err := encryptService.SignCommonSecret()
|
||
|
||
assert.Error(t, err)
|
||
assert.Empty(t, encryptedText)
|
||
assert.Zero(t, encryptedText)
|
||
})
|
||
})
|
||
|
||
t.Run("Ошибка подписи из-за рандомного кривого ключа", func(t *testing.T) {
|
||
encryptService := encrypt.New(&encrypt.ServiceDeps{
|
||
PrivateCurveKey: "testtesttesttest",
|
||
SignSecret: "secret",
|
||
})
|
||
|
||
assert.NotPanics(t, func() {
|
||
encryptedText, err := encryptService.SignCommonSecret()
|
||
|
||
assert.Error(t, err)
|
||
assert.Empty(t, encryptedText)
|
||
assert.Zero(t, encryptedText)
|
||
})
|
||
})
|
||
}
|
||
|
||
func TestVerifySignature(t *testing.T) {
|
||
t.Run("Успешное подтвеждение подписи", func(t *testing.T) {
|
||
encryptService := encrypt.New(&encrypt.ServiceDeps{
|
||
PublicCurveKey: publicKeyCurve25519,
|
||
PrivateCurveKey: privateKeyCurve25519,
|
||
SignSecret: "secret",
|
||
})
|
||
|
||
assert.NotPanics(t, func() {
|
||
signature, _ := encryptService.SignCommonSecret()
|
||
isValid, err := encryptService.VerifySignature(signature)
|
||
|
||
assert.NoError(t, err)
|
||
assert.Equal(t, true, isValid)
|
||
})
|
||
})
|
||
|
||
t.Run("Неудачное подтверждение подписи из-за невалидности ключа", func(t *testing.T) {
|
||
encryptService := encrypt.New(&encrypt.ServiceDeps{
|
||
PublicCurveKey: "teettaegarehah",
|
||
PrivateCurveKey: privateKeyCurve25519,
|
||
SignSecret: "secret",
|
||
})
|
||
|
||
assert.NotPanics(t, func() {
|
||
signature, _ := encryptService.SignCommonSecret()
|
||
isValid, err := encryptService.VerifySignature(signature)
|
||
|
||
assert.Error(t, err)
|
||
assert.Equal(t, false, isValid)
|
||
})
|
||
})
|
||
|
||
t.Run("Неудачное подтверждение подписи при использовании ключа у которого невалидный размер (слишком большой)", func(t *testing.T) {
|
||
encryptService := encrypt.New(&encrypt.ServiceDeps{
|
||
PublicCurveKey: publicKeyCurve25519InvalidLength,
|
||
PrivateCurveKey: privateKeyCurve25519,
|
||
SignSecret: "secret",
|
||
})
|
||
|
||
assert.NotPanics(t, func() {
|
||
signature, _ := encryptService.SignCommonSecret()
|
||
isValid, err := encryptService.VerifySignature(signature)
|
||
|
||
assert.Error(t, err)
|
||
assert.Equal(t, false, isValid)
|
||
})
|
||
})
|
||
}
|
||
|
||
func TestVerifyJWT(t *testing.T) {
|
||
jwtToken := "token-token"
|
||
jwtUser := models.JWTAuthUser{
|
||
ID: "id1",
|
||
}
|
||
|
||
t.Run("Успешное подтверждение токена", func(t *testing.T) {
|
||
jwtUtil := mocks.NewJwtUtil(t)
|
||
encryptService := encrypt.New(&encrypt.ServiceDeps{
|
||
JWT: jwtUtil,
|
||
})
|
||
|
||
jwtUtil.EXPECT().Validate(jwtToken).Return(&jwtUser, nil).Once()
|
||
|
||
id, err := encryptService.VerifyJWT(jwtToken)
|
||
|
||
assert.NoError(t, err)
|
||
assert.Equal(t, jwtUser.ID, id)
|
||
})
|
||
|
||
t.Run("Ошибка подтверждения токена", func(t *testing.T) {
|
||
jwtUtil := mocks.NewJwtUtil(t)
|
||
encryptService := encrypt.New(&encrypt.ServiceDeps{
|
||
JWT: jwtUtil,
|
||
})
|
||
|
||
jwtUtil.EXPECT().Validate(jwtToken).Return(nil, errors.New("validate jwt error")).Once()
|
||
|
||
id, err := encryptService.VerifyJWT(jwtToken)
|
||
|
||
assert.Error(t, err)
|
||
assert.Empty(t, id)
|
||
})
|
||
}
|