|
| 1 | +package main |
| 2 | + |
| 3 | +import ( |
| 4 | + "testing" |
| 5 | +) |
| 6 | + |
| 7 | +func setupTestDaemon(token string) *Daemon { |
| 8 | + d := &Daemon{token: token} |
| 9 | + d.initEncryption() |
| 10 | + return d |
| 11 | +} |
| 12 | + |
| 13 | +func TestEncryptDecryptRoundtrip(t *testing.T) { |
| 14 | + d := setupTestDaemon("test-token-32-chars-long-enough!") |
| 15 | + |
| 16 | + plaintext := []byte("Hello, mobile!") |
| 17 | + encrypted, err := d.encrypt(plaintext) |
| 18 | + if err != nil { |
| 19 | + t.Fatalf("encrypt failed: %v", err) |
| 20 | + } |
| 21 | + |
| 22 | + decrypted, err := d.decrypt(encrypted) |
| 23 | + if err != nil { |
| 24 | + t.Fatalf("decrypt failed: %v", err) |
| 25 | + } |
| 26 | + |
| 27 | + if string(decrypted) != string(plaintext) { |
| 28 | + t.Errorf("roundtrip failed: got %q, want %q", decrypted, plaintext) |
| 29 | + } |
| 30 | +} |
| 31 | + |
| 32 | +func TestDecryptWithWrongKey(t *testing.T) { |
| 33 | + d1 := setupTestDaemon("token-one") |
| 34 | + d2 := setupTestDaemon("token-two") |
| 35 | + |
| 36 | + encrypted, err := d1.encrypt([]byte("secret")) |
| 37 | + if err != nil { |
| 38 | + t.Fatalf("encrypt failed: %v", err) |
| 39 | + } |
| 40 | + |
| 41 | + _, err = d2.decrypt(encrypted) |
| 42 | + if err == nil { |
| 43 | + t.Error("expected decryption to fail with wrong key") |
| 44 | + } |
| 45 | +} |
| 46 | + |
| 47 | +func TestEncryptNotInitialized(t *testing.T) { |
| 48 | + d := &Daemon{} |
| 49 | + _, err := d.encrypt([]byte("data")) |
| 50 | + if err == nil { |
| 51 | + t.Error("expected error when encryption not initialized") |
| 52 | + } |
| 53 | +} |
| 54 | + |
| 55 | +func TestDecryptNotInitialized(t *testing.T) { |
| 56 | + d := &Daemon{} |
| 57 | + _, err := d.decrypt("dGVzdA==") |
| 58 | + if err == nil { |
| 59 | + t.Error("expected error when encryption not initialized") |
| 60 | + } |
| 61 | +} |
| 62 | + |
| 63 | +func TestEncryptProducesDifferentCiphertexts(t *testing.T) { |
| 64 | + d := setupTestDaemon("test-token") |
| 65 | + plaintext := []byte("same data") |
| 66 | + |
| 67 | + e1, err := d.encrypt(plaintext) |
| 68 | + if err != nil { |
| 69 | + t.Fatalf("first encrypt failed: %v", err) |
| 70 | + } |
| 71 | + |
| 72 | + e2, err := d.encrypt(plaintext) |
| 73 | + if err != nil { |
| 74 | + t.Fatalf("second encrypt failed: %v", err) |
| 75 | + } |
| 76 | + |
| 77 | + if e1 == e2 { |
| 78 | + t.Error("expected different ciphertexts due to random nonce") |
| 79 | + } |
| 80 | +} |
| 81 | + |
| 82 | +func TestEncryptDecryptEmptyData(t *testing.T) { |
| 83 | + d := setupTestDaemon("test-token") |
| 84 | + |
| 85 | + encrypted, err := d.encrypt([]byte{}) |
| 86 | + if err != nil { |
| 87 | + t.Fatalf("encrypt empty failed: %v", err) |
| 88 | + } |
| 89 | + |
| 90 | + decrypted, err := d.decrypt(encrypted) |
| 91 | + if err != nil { |
| 92 | + t.Fatalf("decrypt empty failed: %v", err) |
| 93 | + } |
| 94 | + |
| 95 | + if len(decrypted) != 0 { |
| 96 | + t.Errorf("expected empty result, got %d bytes", len(decrypted)) |
| 97 | + } |
| 98 | +} |
| 99 | + |
| 100 | +func TestEncryptDecryptLargeData(t *testing.T) { |
| 101 | + d := setupTestDaemon("test-token") |
| 102 | + |
| 103 | + plaintext := make([]byte, 1024*1024) // 1MB |
| 104 | + for i := range plaintext { |
| 105 | + plaintext[i] = byte(i % 256) |
| 106 | + } |
| 107 | + |
| 108 | + encrypted, err := d.encrypt(plaintext) |
| 109 | + if err != nil { |
| 110 | + t.Fatalf("encrypt large failed: %v", err) |
| 111 | + } |
| 112 | + |
| 113 | + decrypted, err := d.decrypt(encrypted) |
| 114 | + if err != nil { |
| 115 | + t.Fatalf("decrypt large failed: %v", err) |
| 116 | + } |
| 117 | + |
| 118 | + if len(decrypted) != len(plaintext) { |
| 119 | + t.Fatalf("size mismatch: got %d, want %d", len(decrypted), len(plaintext)) |
| 120 | + } |
| 121 | + for i := range plaintext { |
| 122 | + if decrypted[i] != plaintext[i] { |
| 123 | + t.Fatalf("data mismatch at byte %d", i) |
| 124 | + } |
| 125 | + } |
| 126 | +} |
0 commit comments