shithub Public

Watch 1 Fork 0 Star 0

Go · 1748 bytes Raw Blame History

  
        1
        // SPDX-License-Identifier: AGPL-3.0-or-later
      
        2
        
        3
        package keyset
      
        4
        
        5
        import (
      
        6
        	"errors"
      
        7
        	"strings"
      
        8
        	"testing"
      
        9
        )
      
        10
        
        11
        func TestEncodeDecodeRoundtrip(t *testing.T) {
      
        12
        	t.Parallel()
      
        13
        	c := Cursor{Value: 1700000000, ID: 42}
      
        14
        	s := Encode(c)
      
        15
        	got, err := Decode(s)
      
        16
        	if err != nil {
      
        17
        		t.Fatalf("Decode: %v", err)
      
        18
        	}
      
        19
        	if got != c {
      
        20
        		t.Errorf("roundtrip = %+v; want %+v", got, c)
      
        21
        	}
      
        22
        }
      
        23
        
        24
        func TestDecodeRejectsMalformed(t *testing.T) {
      
        25
        	t.Parallel()
      
        26
        	cases := []string{"", "not-base64!", "abc"}
      
        27
        	for _, in := range cases {
      
        28
        		if _, err := Decode(in); !errors.Is(err, ErrInvalidCursor) {
      
        29
        			t.Errorf("Decode(%q) err = %v; want ErrInvalidCursor", in, err)
      
        30
        		}
      
        31
        	}
      
        32
        }
      
        33
        
        34
        func TestSignVerifyRoundtrip(t *testing.T) {
      
        35
        	t.Parallel()
      
        36
        	key := []byte("super-secret-32-bytes-or-longer-")
      
        37
        	c := Cursor{Value: 99, ID: 1}
      
        38
        	s := Sign(c, key)
      
        39
        	got, err := Verify(s, key)
      
        40
        	if err != nil {
      
        41
        		t.Fatalf("Verify: %v", err)
      
        42
        	}
      
        43
        	if got != c {
      
        44
        		t.Errorf("verify roundtrip = %+v; want %+v", got, c)
      
        45
        	}
      
        46
        }
      
        47
        
        48
        func TestVerifyRejectsTamper(t *testing.T) {
      
        49
        	t.Parallel()
      
        50
        	key := []byte("k")
      
        51
        	c := Cursor{Value: 1, ID: 2}
      
        52
        	s := Sign(c, key)
      
        53
        	// Flip a body byte at the start.
      
        54
        	bad := strings.Replace(s, s[:4], "AAAA", 1)
      
        55
        	if _, err := Verify(bad, key); !errors.Is(err, ErrInvalidCursor) {
      
        56
        		t.Errorf("tampered cursor accepted; want ErrInvalidCursor")
      
        57
        	}
      
        58
        }
      
        59
        
        60
        func TestVerifyRejectsWrongKey(t *testing.T) {
      
        61
        	t.Parallel()
      
        62
        	c := Cursor{Value: 1, ID: 2}
      
        63
        	s := Sign(c, []byte("alice"))
      
        64
        	if _, err := Verify(s, []byte("bob")); !errors.Is(err, ErrInvalidCursor) {
      
        65
        		t.Errorf("wrong key accepted; want ErrInvalidCursor")
      
        66
        	}
      
        67
        }
      
        68
        
        69
        func TestSignPanicsOnEmptyKey(t *testing.T) {
      
        70
        	t.Parallel()
      
        71
        	defer func() {
      
        72
        		if r := recover(); r == nil {
      
        73
        			t.Errorf("Sign with empty key did not panic")
      
        74
        		}
      
        75
        	}()
      
        76
        	Sign(Cursor{}, nil)
      
        77
        }
      
        78

1	// SPDX-License-Identifier: AGPL-3.0-or-later
2
3	package keyset
4
5	import (
6	"errors"
7	"strings"
8	"testing"
9	)
10
11	func TestEncodeDecodeRoundtrip(t *testing.T) {
12	t.Parallel()
13	c := Cursor{Value: 1700000000, ID: 42}
14	s := Encode(c)
15	got, err := Decode(s)
16	if err != nil {
17	t.Fatalf("Decode: %v", err)
18	}
19	if got != c {
20	t.Errorf("roundtrip = %+v; want %+v", got, c)
21	}
22	}
23
24	func TestDecodeRejectsMalformed(t *testing.T) {
25	t.Parallel()
26	cases := []string{"", "not-base64!", "abc"}
27	for _, in := range cases {
28	if _, err := Decode(in); !errors.Is(err, ErrInvalidCursor) {
29	t.Errorf("Decode(%q) err = %v; want ErrInvalidCursor", in, err)
30	}
31	}
32	}
33
34	func TestSignVerifyRoundtrip(t *testing.T) {
35	t.Parallel()
36	key := []byte("super-secret-32-bytes-or-longer-")
37	c := Cursor{Value: 99, ID: 1}
38	s := Sign(c, key)
39	got, err := Verify(s, key)
40	if err != nil {
41	t.Fatalf("Verify: %v", err)
42	}
43	if got != c {
44	t.Errorf("verify roundtrip = %+v; want %+v", got, c)
45	}
46	}
47
48	func TestVerifyRejectsTamper(t *testing.T) {
49	t.Parallel()
50	key := []byte("k")
51	c := Cursor{Value: 1, ID: 2}
52	s := Sign(c, key)
53	// Flip a body byte at the start.
54	bad := strings.Replace(s, s[:4], "AAAA", 1)
55	if _, err := Verify(bad, key); !errors.Is(err, ErrInvalidCursor) {
56	t.Errorf("tampered cursor accepted; want ErrInvalidCursor")
57	}
58	}
59
60	func TestVerifyRejectsWrongKey(t *testing.T) {
61	t.Parallel()
62	c := Cursor{Value: 1, ID: 2}
63	s := Sign(c, []byte("alice"))
64	if _, err := Verify(s, []byte("bob")); !errors.Is(err, ErrInvalidCursor) {
65	t.Errorf("wrong key accepted; want ErrInvalidCursor")
66	}
67	}
68
69	func TestSignPanicsOnEmptyKey(t *testing.T) {
70	t.Parallel()
71	defer func() {
72	if r := recover(); r == nil {
73	t.Errorf("Sign with empty key did not panic")
74	}
75	}()
76	Sign(Cursor{}, nil)
77	}
78