mirror of
https://github.com/oauth2-proxy/oauth2-proxy.git
synced 2025-04-25 12:24:41 +02:00
Add subtests inside of encryption unit test loops
This commit is contained in:
Nick Meves
parent
f60e24d9c3
commit
559152a10f
@ -3,6 +3,7 @@ package encryption
|
|||||||
import (
|
import (
|
||||||
"crypto/rand"
|
"crypto/rand"
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
@ -46,9 +47,15 @@ func TestEncodeAndDecodeAccessTokenB64(t *testing.T) {
|
|||||||
|
|
||||||
func TestEncryptAndDecrypt(t *testing.T) {
|
func TestEncryptAndDecrypt(t *testing.T) {
|
||||||
// Test our 2 cipher types
|
// Test our 2 cipher types
|
||||||
for _, initCipher := range []func([]byte) (Cipher, error){NewCFBCipher, NewGCMCipher} {
|
ciphers := map[string]func([]byte) (Cipher, error){
|
||||||
|
"CFB": NewCFBCipher,
|
||||||
|
"GCM": NewGCMCipher,
|
||||||
|
}
|
||||||
|
for name, initCipher := range ciphers {
|
||||||
// Test all 3 valid AES sizes
|
// Test all 3 valid AES sizes
|
||||||
for _, secretSize := range []int{16, 24, 32} {
|
for _, secretSize := range []int{16, 24, 32} {
|
||||||
|
subTestName := fmt.Sprintf("%s::%d", name, secretSize)
|
||||||
|
t.Run(subTestName, func(t *testing.T) {
|
||||||
secret := make([]byte, secretSize)
|
secret := make([]byte, secretSize)
|
||||||
_, err := io.ReadFull(rand.Reader, secret)
|
_, err := io.ReadFull(rand.Reader, secret)
|
||||||
assert.Equal(t, nil, err)
|
assert.Equal(t, nil, err)
|
||||||
@ -71,15 +78,22 @@ func TestEncryptAndDecrypt(t *testing.T) {
|
|||||||
assert.Equal(t, data, decrypted)
|
assert.Equal(t, data, decrypted)
|
||||||
assert.NotEqual(t, encrypted, decrypted)
|
assert.NotEqual(t, encrypted, decrypted)
|
||||||
}
|
}
|
||||||
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestEncryptAndDecryptBase64(t *testing.T) {
|
func TestEncryptAndDecryptBase64(t *testing.T) {
|
||||||
// Test our cipher types wrapped in Base64 encoder
|
// Test our cipher types wrapped in Base64 encoder
|
||||||
for _, initCipher := range []func([]byte) (Cipher, error){NewCFBCipher, NewGCMCipher} {
|
ciphers := map[string]func([]byte) (Cipher, error){
|
||||||
|
"CFB": NewCFBCipher,
|
||||||
|
"GCM": NewGCMCipher,
|
||||||
|
}
|
||||||
|
for name, initCipher := range ciphers {
|
||||||
// Test all 3 valid AES sizes
|
// Test all 3 valid AES sizes
|
||||||
for _, secretSize := range []int{16, 24, 32} {
|
for _, secretSize := range []int{16, 24, 32} {
|
||||||
|
subTestName := fmt.Sprintf("%s::%d", name, secretSize)
|
||||||
|
t.Run(subTestName, func(t *testing.T) {
|
||||||
secret := make([]byte, secretSize)
|
secret := make([]byte, secretSize)
|
||||||
_, err := io.ReadFull(rand.Reader, secret)
|
_, err := io.ReadFull(rand.Reader, secret)
|
||||||
assert.Equal(t, nil, err)
|
assert.Equal(t, nil, err)
|
||||||
@ -102,6 +116,7 @@ func TestEncryptAndDecryptBase64(t *testing.T) {
|
|||||||
assert.Equal(t, data, decrypted)
|
assert.Equal(t, data, decrypted)
|
||||||
assert.NotEqual(t, encrypted, decrypted)
|
assert.NotEqual(t, encrypted, decrypted)
|
||||||
}
|
}
|
||||||
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -150,6 +165,8 @@ func TestIntermixCiphersErrors(t *testing.T) {
|
|||||||
// Encrypt with GCM, Decrypt with CFB: Results in Garbage data
|
// Encrypt with GCM, Decrypt with CFB: Results in Garbage data
|
||||||
// Test all 3 valid AES sizes
|
// Test all 3 valid AES sizes
|
||||||
for _, secretSize := range []int{16, 24, 32} {
|
for _, secretSize := range []int{16, 24, 32} {
|
||||||
|
subTestName := fmt.Sprintf("GCM->CFB::%d", secretSize)
|
||||||
|
t.Run(subTestName, func(t *testing.T) {
|
||||||
secret := make([]byte, secretSize)
|
secret := make([]byte, secretSize)
|
||||||
_, err := io.ReadFull(rand.Reader, secret)
|
_, err := io.ReadFull(rand.Reader, secret)
|
||||||
assert.Equal(t, nil, err)
|
assert.Equal(t, nil, err)
|
||||||
@ -176,11 +193,14 @@ func TestIntermixCiphersErrors(t *testing.T) {
|
|||||||
assert.NotEqual(t, data, decrypted)
|
assert.NotEqual(t, data, decrypted)
|
||||||
assert.NotEqual(t, encrypted, decrypted)
|
assert.NotEqual(t, encrypted, decrypted)
|
||||||
}
|
}
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
// Encrypt with CFB, Decrypt with GCM: Results in errors
|
// Encrypt with CFB, Decrypt with GCM: Results in errors
|
||||||
// Test all 3 valid AES sizes
|
// Test all 3 valid AES sizes
|
||||||
for _, secretSize := range []int{16, 24, 32} {
|
for _, secretSize := range []int{16, 24, 32} {
|
||||||
|
subTestName := fmt.Sprintf("CFB->GCM::%d", secretSize)
|
||||||
|
t.Run(subTestName, func(t *testing.T) {
|
||||||
secret := make([]byte, secretSize)
|
secret := make([]byte, secretSize)
|
||||||
_, err := io.ReadFull(rand.Reader, secret)
|
_, err := io.ReadFull(rand.Reader, secret)
|
||||||
assert.Equal(t, nil, err)
|
assert.Equal(t, nil, err)
|
||||||
@ -205,6 +225,7 @@ func TestIntermixCiphersErrors(t *testing.T) {
|
|||||||
_, err = gcm.Decrypt(encrypted)
|
_, err = gcm.Decrypt(encrypted)
|
||||||
assert.Error(t, err)
|
assert.Error(t, err)
|
||||||
}
|
}
|
||||||
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user