diff options
Diffstat (limited to 'vendor/github.com/hashicorp/memberlist/keyring_test.go')
-rw-r--r-- | vendor/github.com/hashicorp/memberlist/keyring_test.go | 154 |
1 files changed, 154 insertions, 0 deletions
diff --git a/vendor/github.com/hashicorp/memberlist/keyring_test.go b/vendor/github.com/hashicorp/memberlist/keyring_test.go new file mode 100644 index 000000000..eec699fd0 --- /dev/null +++ b/vendor/github.com/hashicorp/memberlist/keyring_test.go @@ -0,0 +1,154 @@ +package memberlist + +import ( + "bytes" + "testing" +) + +var TestKeys [][]byte = [][]byte{ + []byte{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15}, + []byte{15, 14, 13, 12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0}, + []byte{8, 9, 10, 11, 12, 13, 14, 15, 0, 1, 2, 3, 4, 5, 6, 7}, +} + +func TestKeyring_EmptyRing(t *testing.T) { + // Keyrings can be created with no encryption keys (disabled encryption) + keyring, err := NewKeyring(nil, nil) + if err != nil { + t.Fatalf("err: %s", err) + } + + keys := keyring.GetKeys() + if len(keys) != 0 { + t.Fatalf("Expected 0 keys but have %d", len(keys)) + } +} + +func TestKeyring_PrimaryOnly(t *testing.T) { + // Keyrings can be created using only a primary key + keyring, err := NewKeyring(nil, TestKeys[0]) + if err != nil { + t.Fatalf("err: %s", err) + } + + keys := keyring.GetKeys() + if len(keys) != 1 { + t.Fatalf("Expected 1 key but have %d", len(keys)) + } +} + +func TestKeyring_GetPrimaryKey(t *testing.T) { + keyring, err := NewKeyring(TestKeys, TestKeys[1]) + if err != nil { + t.Fatalf("err: %s", err) + } + + // GetPrimaryKey returns correct key + primaryKey := keyring.GetPrimaryKey() + if !bytes.Equal(primaryKey, TestKeys[1]) { + t.Fatalf("Unexpected primary key: %v", primaryKey) + } +} + +func TestKeyring_AddRemoveUse(t *testing.T) { + keyring, err := NewKeyring(nil, TestKeys[1]) + if err != nil { + t.Fatalf("err :%s", err) + } + + // Use non-existent key throws error + if err := keyring.UseKey(TestKeys[2]); err == nil { + t.Fatalf("Expected key not installed error") + } + + // Add key to ring + if err := keyring.AddKey(TestKeys[2]); err != nil { + t.Fatalf("err: %s", err) + } + + keys := keyring.GetKeys() + if !bytes.Equal(keys[0], TestKeys[1]) { + t.Fatalf("Unexpected primary key change") + } + + if len(keys) != 2 { + t.Fatalf("Expected 2 keys but have %d", len(keys)) + } + + // Use key that exists should succeed + if err := keyring.UseKey(TestKeys[2]); err != nil { + t.Fatalf("err: %s", err) + } + + primaryKey := keyring.GetPrimaryKey() + if !bytes.Equal(primaryKey, TestKeys[2]) { + t.Fatalf("Unexpected primary key: %v", primaryKey) + } + + // Removing primary key should fail + if err := keyring.RemoveKey(TestKeys[2]); err == nil { + t.Fatalf("Expected primary key removal error") + } + + // Removing non-primary key should succeed + if err := keyring.RemoveKey(TestKeys[1]); err != nil { + t.Fatalf("err: %s", err) + } + + keys = keyring.GetKeys() + if len(keys) != 1 { + t.Fatalf("Expected 1 key but have %d", len(keys)) + } +} + +func TestKeyRing_MultiKeyEncryptDecrypt(t *testing.T) { + plaintext := []byte("this is a plain text message") + extra := []byte("random data") + + keyring, err := NewKeyring(TestKeys, TestKeys[0]) + if err != nil { + t.Fatalf("err: %s", err) + } + + // First encrypt using the primary key and make sure we can decrypt + var buf bytes.Buffer + err = encryptPayload(1, TestKeys[0], plaintext, extra, &buf) + if err != nil { + t.Fatalf("err: %v", err) + } + + msg, err := decryptPayload(keyring.GetKeys(), buf.Bytes(), extra) + if err != nil { + t.Fatalf("err: %v", err) + } + + if !bytes.Equal(msg, plaintext) { + t.Fatalf("bad: %v", msg) + } + + // Now encrypt with a secondary key and try decrypting again. + buf.Reset() + err = encryptPayload(1, TestKeys[2], plaintext, extra, &buf) + if err != nil { + t.Fatalf("err: %v", err) + } + + msg, err = decryptPayload(keyring.GetKeys(), buf.Bytes(), extra) + if err != nil { + t.Fatalf("err: %v", err) + } + + if !bytes.Equal(msg, plaintext) { + t.Fatalf("bad: %v", msg) + } + + // Remove a key from the ring, and then try decrypting again + if err := keyring.RemoveKey(TestKeys[2]); err != nil { + t.Fatalf("err: %s", err) + } + + msg, err = decryptPayload(keyring.GetKeys(), buf.Bytes(), extra) + if err == nil { + t.Fatalf("Expected no keys to decrypt message") + } +} |