-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathencryption_test.go
109 lines (83 loc) · 4.57 KB
/
encryption_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
package gocd_test
import (
_ "embed"
"net/http"
"testing"
"github.com/nikhilsbhat/gocd-sdk-go"
"github.com/stretchr/testify/assert"
)
//go:embed internal/fixtures/encryption.json
var encryptionJSON string
func Test_client_EncryptText(t *testing.T) {
correctEncryptionHeader := map[string]string{"Accept": gocd.HeaderVersionOne, "Content-Type": gocd.ContentJSON}
t.Run("should be able to encrypt the value passed successfully", func(t *testing.T) {
server := mockServer([]byte(encryptionJSON), http.StatusOK, correctEncryptionHeader, false, nil)
client := gocd.NewClient(server.URL, auth, "info", nil)
expected := gocd.Encrypted{EncryptedValue: "aSdiFgRRZ6A="}
actual, err := client.EncryptText("value_to_encrypt")
assert.NoError(t, err)
assert.Equal(t, expected, actual)
})
t.Run("should error out while encrypting a value as server returned non 200 status code", func(t *testing.T) {
server := mockServer([]byte("encryptionJSON"), http.StatusBadGateway, correctEncryptionHeader, false, nil)
client := gocd.NewClient(server.URL, auth, "info", nil)
actual, err := client.EncryptText("value_to_encrypt")
assert.EqualError(t, err, "got 502 from GoCD while making POST call for "+server.URL+"/api/admin/encrypt\nwith BODY:encryptionJSON")
assert.Equal(t, gocd.Encrypted{}, actual)
})
t.Run("should error out while encrypting a value server returned malformed response", func(t *testing.T) {
server := mockServer([]byte(`{"encrypting a value"}`), http.StatusOK, correctEncryptionHeader, false, nil)
client := gocd.NewClient(server.URL, auth, "info", nil)
actual, err := client.EncryptText("value_to_encrypt")
assert.EqualError(t, err, "reading response body errored with: invalid character '}' after object key")
assert.Equal(t, gocd.Encrypted{}, actual)
})
t.Run("should error out while encrypting a value as server is not reachable", func(t *testing.T) {
client := gocd.NewClient("http://localhost:8156/go", auth, "info", nil)
client.SetRetryCount(1)
client.SetRetryWaitTime(1)
actual, err := client.EncryptText("value_to_encrypt")
assert.EqualError(t, err, "call made to encrypt a value errored with: "+
"Post \"http://localhost:8156/go/api/admin/encrypt\": dial tcp [::1]:8156: connect: connection refused")
assert.Equal(t, gocd.Encrypted{}, actual)
})
}
func Test_client_DecryptText(t *testing.T) {
cipher := "ab533bc2b64169f487412301afa6f5f6"
t.Run("should be able to decrypt the secret successfully", func(t *testing.T) {
client := gocd.NewClient("http://localhost:8156/go", auth, "info", nil)
response, err := client.DecryptText("AES:wSOqnltxM6Rp9j0Tb8uWpw==:4zVLtLx9msGleK+pLOOUHg==", cipher)
assert.NoError(t, err)
assert.Equal(t, "badger", response)
})
t.Run("should error out while decrypting secret due to wrong cipher passed", func(t *testing.T) {
client := gocd.NewClient("http://localhost:8156/go", auth, "info", nil)
response, err := client.DecryptText("AES:wSOqnltxM6Rp9j0Tb8uWpw==:4zVLtLx9msGleK+pLOOUHg==", "kencehcf84nnkcxjrfjx48")
assert.EqualError(t, err, "encoding/hex: invalid byte: U+006B 'k'")
assert.Equal(t, "", response)
})
t.Run("should error out while decrypting secret due to malformed encrypted value", func(t *testing.T) {
client := gocd.NewClient("http://localhost:8156/go", auth, "info", nil)
response, err := client.DecryptText("AES:wSOqnltxM6Rp9j0Tb8uWpw==:hjdsdjxwerj474x3+pLOOUHg==", "kencehcf84nnkcxjrfjx48")
assert.EqualError(t, err, "illegal base64 data at input byte 24")
assert.Equal(t, "", response)
})
t.Run("should error out while decrypting secret due to malformed encoded IV", func(t *testing.T) {
client := gocd.NewClient("http://localhost:8156/go", auth, "info", nil)
response, err := client.DecryptText("AES:wefxe343348xnwh43x4ux==:4zVLtLx9msGleK+pLOOUHg==", "kencehcf84nnkcxjrfjx48")
assert.EqualError(t, err, "illegal base64 data at input byte 21")
assert.Equal(t, "", response)
})
t.Run("should error out while decrypting secret as no secret or cipher is passed", func(t *testing.T) {
client := gocd.NewClient("http://localhost:8156/go", auth, "info", nil)
response, err := client.DecryptText("", "")
assert.EqualError(t, err, "value or cipher key cannot be empty")
assert.Equal(t, "", response)
})
t.Run("should be able to decrypt the secret successfully", func(t *testing.T) {
client := gocd.NewClient("http://localhost:8156/go", auth, "info", nil)
response, err := client.DecryptText("AES:wSOqnltxM6Rp9j0Tb8uWpw==:4zVLtLx9msGleK+pLOOUHg==", "cb533bc2b64169f487412301afa6f5f")
assert.EqualError(t, err, "encoding/hex: odd length hex string")
assert.Equal(t, "", response)
})
}