Files

74 lines
1.7 KiB
Go

package secretcrypto
import "strings"
import "testing"
func TestEncryptDecryptRoundTrip(t *testing.T) {
var box *Box
var enc string
var dec string
var err error
box = New(t.TempDir())
enc, err = box.Encrypt(`{"password":"hunter2","token":"abc"}`)
if err != nil {
t.Fatalf("encrypt: %v", err)
}
if !strings.HasPrefix(enc, Prefix) {
t.Fatalf("ciphertext missing prefix: %q", enc)
}
if strings.Contains(enc, "hunter2") {
t.Fatalf("plaintext leaked into ciphertext: %q", enc)
}
dec, err = box.Decrypt(enc)
if err != nil {
t.Fatalf("decrypt: %v", err)
}
if dec != `{"password":"hunter2","token":"abc"}` {
t.Fatalf("round-trip mismatch: %q", dec)
}
}
func TestEncryptEmptyIsEmpty(t *testing.T) {
var box *Box
var enc string
var err error
box = New(t.TempDir())
enc, err = box.Encrypt("")
if err != nil || enc != "" {
t.Fatalf("empty payload should encrypt to empty, got %q err=%v", enc, err)
}
}
func TestDecryptPassthroughForPlaintext(t *testing.T) {
var box *Box
var out string
var err error
box = New(t.TempDir())
// A value without the prefix (legacy/plaintext) is returned as-is.
out, err = box.Decrypt("not-encrypted")
if err != nil || out != "not-encrypted" {
t.Fatalf("passthrough failed: %q err=%v", out, err)
}
}
func TestKeyPersistsAcrossBoxes(t *testing.T) {
var dir string
var enc string
var dec string
var err error
dir = t.TempDir()
enc, err = New(dir).Encrypt("secret-value")
if err != nil {
t.Fatalf("encrypt: %v", err)
}
// A fresh Box over the same data dir must reuse the persisted key.
dec, err = New(dir).Decrypt(enc)
if err != nil {
t.Fatalf("decrypt with new box: %v", err)
}
if dec != "secret-value" {
t.Fatalf("expected secret-value, got %q", dec)
}
}