package model_test import ( "testing" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "go.yandata.net/iod/iod/go-trustlog/api/model" ) func TestComputeSignature_EmptyPrivateKey(t *testing.T) { t.Parallel() _, err := model.ComputeSignature([]byte("data"), nil) require.Error(t, err) assert.Contains(t, err.Error(), "private key cannot be empty") } func TestComputeSignature_EmptyData(t *testing.T) { t.Parallel() privateKey := []byte("invalid-key") _, err := model.ComputeSignature(nil, privateKey) require.Error(t, err) assert.Contains(t, err.Error(), "data to sign cannot be empty") } func TestComputeSignature_InvalidKey(t *testing.T) { t.Parallel() _, err := model.ComputeSignature([]byte("data"), []byte("invalid-key")) require.Error(t, err) assert.Contains(t, err.Error(), "failed to parse SM2 private key") } func TestVerifySignature_EmptyPublicKey(t *testing.T) { t.Parallel() _, err := model.VerifySignature([]byte("data"), nil, []byte("signature")) require.Error(t, err) assert.Contains(t, err.Error(), "public key cannot be empty") } func TestVerifySignature_EmptyData(t *testing.T) { t.Parallel() publicKey := []byte("invalid-key") _, err := model.VerifySignature(nil, publicKey, []byte("signature")) require.Error(t, err) assert.Contains(t, err.Error(), "data to verify cannot be empty") } func TestVerifySignature_InvalidKey(t *testing.T) { t.Parallel() publicKey := []byte("invalid-key") valid, err := model.VerifySignature([]byte("data"), publicKey, []byte("signature")) require.Error(t, err) assert.False(t, valid) assert.Contains(t, err.Error(), "failed to parse SM2 public key") } func TestGenerateSM2KeyPair(t *testing.T) { t.Parallel() keyPair, err := model.GenerateSM2KeyPair() require.NoError(t, err) assert.NotNil(t, keyPair) assert.NotNil(t, keyPair.Public) assert.NotNil(t, keyPair.Private) } func TestMarshalSM2PrivateDER_Nil(t *testing.T) { t.Parallel() _, err := model.MarshalSM2PrivateDER(nil) require.Error(t, err) assert.Contains(t, err.Error(), "private key is nil") } func TestMarshalSM2PrivateDER(t *testing.T) { t.Parallel() keyPair, err := model.GenerateSM2KeyPair() require.NoError(t, err) der, err := model.MarshalSM2PrivateDER(keyPair.Private) require.NoError(t, err) assert.NotNil(t, der) assert.NotEmpty(t, der) } func TestParseSM2PrivateDER_Empty(t *testing.T) { t.Parallel() _, err := model.ParseSM2PrivateDER(nil) require.Error(t, err) assert.Contains(t, err.Error(), "DER encoded private key cannot be empty") } func TestParseSM2PrivateDER_Invalid(t *testing.T) { t.Parallel() _, err := model.ParseSM2PrivateDER([]byte("invalid-der")) require.Error(t, err) assert.Contains(t, err.Error(), "failed to parse SM2 private key from DER") } func TestParseSM2PrivateDER_RoundTrip(t *testing.T) { t.Parallel() keyPair, err := model.GenerateSM2KeyPair() require.NoError(t, err) der, err := model.MarshalSM2PrivateDER(keyPair.Private) require.NoError(t, err) parsedKey, err := model.ParseSM2PrivateDER(der) require.NoError(t, err) assert.NotNil(t, parsedKey) } func TestMarshalSM2PublicDER_Nil(t *testing.T) { t.Parallel() _, err := model.MarshalSM2PublicDER(nil) require.Error(t, err) assert.Contains(t, err.Error(), "public key is nil") } func TestMarshalSM2PublicDER(t *testing.T) { t.Parallel() keyPair, err := model.GenerateSM2KeyPair() require.NoError(t, err) der, err := model.MarshalSM2PublicDER(keyPair.Public) require.NoError(t, err) assert.NotNil(t, der) assert.NotEmpty(t, der) } func TestParseSM2PublicDER_Empty(t *testing.T) { t.Parallel() _, err := model.ParseSM2PublicDER(nil) require.Error(t, err) assert.Contains(t, err.Error(), "DER encoded public key cannot be empty") } func TestParseSM2PublicDER_Invalid(t *testing.T) { t.Parallel() _, err := model.ParseSM2PublicDER([]byte("invalid-der")) require.Error(t, err) assert.Contains(t, err.Error(), "failed to parse SM2 public key") } func TestParseSM2PublicDER_RoundTrip(t *testing.T) { t.Parallel() keyPair, err := model.GenerateSM2KeyPair() require.NoError(t, err) der, err := model.MarshalSM2PublicDER(keyPair.Public) require.NoError(t, err) parsedKey, err := model.ParseSM2PublicDER(der) require.NoError(t, err) assert.NotNil(t, parsedKey) } func TestSM2SignAndVerify_RoundTrip(t *testing.T) { t.Parallel() // Generate key pair keyPair, err := model.GenerateSM2KeyPair() require.NoError(t, err) // Marshal keys privateKeyDER, err := model.MarshalSM2PrivateDER(keyPair.Private) require.NoError(t, err) publicKeyDER, err := model.MarshalSM2PublicDER(keyPair.Public) require.NoError(t, err) // Sign data data := []byte("test data") signature, err := model.ComputeSignature(data, privateKeyDER) require.NoError(t, err) assert.NotNil(t, signature) assert.NotEmpty(t, signature) // Verify signature valid, err := model.VerifySignature(data, publicKeyDER, signature) require.NoError(t, err) assert.True(t, valid) } func TestSM2SignAndVerify_WrongData(t *testing.T) { t.Parallel() // Generate key pair keyPair, err := model.GenerateSM2KeyPair() require.NoError(t, err) // Marshal keys privateKeyDER, err := model.MarshalSM2PrivateDER(keyPair.Private) require.NoError(t, err) publicKeyDER, err := model.MarshalSM2PublicDER(keyPair.Public) require.NoError(t, err) // Sign data data := []byte("test data") signature, err := model.ComputeSignature(data, privateKeyDER) require.NoError(t, err) // Verify with wrong data wrongData := []byte("wrong data") valid, err := model.VerifySignature(wrongData, publicKeyDER, signature) // Verification should return error require.Error(t, err) assert.False(t, valid) assert.Contains(t, err.Error(), "signature verification failed") } func TestSM2SignAndVerify_WrongSignature(t *testing.T) { t.Parallel() // Generate key pair keyPair, err := model.GenerateSM2KeyPair() require.NoError(t, err) // Marshal keys privateKeyDER, err := model.MarshalSM2PrivateDER(keyPair.Private) require.NoError(t, err) publicKeyDER, err := model.MarshalSM2PublicDER(keyPair.Public) require.NoError(t, err) // Sign data data := []byte("test data") _, err = model.ComputeSignature(data, privateKeyDER) require.NoError(t, err) // Verify with wrong signature wrongSignature := []byte("wrong signature") valid, err := model.VerifySignature(data, publicKeyDER, wrongSignature) require.Error(t, err) // Should fail verification assert.False(t, valid) }