package model_test import ( "testing" _ "github.com/crpt/go-crpt/sm2" // 确保 SM2 已注册 "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "go.yandata.net/iod/iod/go-trustlog/api/model" ) func TestNewConfigSigner_SM2(t *testing.T) { t.Parallel() // 生成 SM2 密钥对 keyPair, err := model.GenerateSM2KeyPair() require.NoError(t, err) privateKeyDER, err := model.MarshalSM2PrivateDER(keyPair.Private) require.NoError(t, err) publicKeyDER, err := model.MarshalSM2PublicDER(keyPair.Public) require.NoError(t, err) // 创建签名器 config := &model.CryptoConfig{ SignatureAlgorithm: model.SM2Algorithm, } signer, err := model.NewConfigSigner(privateKeyDER, publicKeyDER, config) require.NoError(t, err) assert.NotNil(t, signer) assert.Equal(t, model.SM2Algorithm, signer.GetAlgorithm()) } func TestNewDefaultSigner(t *testing.T) { t.Parallel() // 生成 SM2 密钥对 keyPair, err := model.GenerateSM2KeyPair() require.NoError(t, err) privateKeyDER, err := model.MarshalSM2PrivateDER(keyPair.Private) require.NoError(t, err) publicKeyDER, err := model.MarshalSM2PublicDER(keyPair.Public) require.NoError(t, err) // 创建默认签名器(应该使用 SM2) signer, err := model.NewDefaultSigner(privateKeyDER, publicKeyDER) require.NoError(t, err) assert.NotNil(t, signer) assert.Equal(t, model.SM2Algorithm, signer.GetAlgorithm()) } func TestConfigSigner_SignAndVerify_SM2(t *testing.T) { t.Parallel() // 生成密钥对 keyPair, err := model.GenerateSM2KeyPair() require.NoError(t, err) privateKeyDER, err := model.MarshalSM2PrivateDER(keyPair.Private) require.NoError(t, err) publicKeyDER, err := model.MarshalSM2PublicDER(keyPair.Public) require.NoError(t, err) // 创建签名器 signer, err := model.NewDefaultSigner(privateKeyDER, publicKeyDER) require.NoError(t, err) // 签名 data := []byte("test data for ConfigSigner") signature, err := signer.Sign(data) require.NoError(t, err) assert.NotEmpty(t, signature) // 验证 ok, err := signer.Verify(data, signature) require.NoError(t, err) assert.True(t, ok) // 验证错误数据 wrongData := []byte("wrong data") ok, err = signer.Verify(wrongData, signature) require.NoError(t, err) assert.False(t, ok) } func TestConfigSigner_SignAndVerify_Ed25519(t *testing.T) { t.Parallel() // 生成 Ed25519 密钥对 config := &model.CryptoConfig{ SignatureAlgorithm: model.Ed25519Algorithm, } keyPair, err := model.GenerateKeyPair(config) require.NoError(t, err) privateKeyDER, err := keyPair.MarshalPrivateKey() require.NoError(t, err) publicKeyDER, err := keyPair.MarshalPublicKey() require.NoError(t, err) // 创建签名器 signer, err := model.NewConfigSigner(privateKeyDER, publicKeyDER, config) require.NoError(t, err) // 签名 data := []byte("test data for Ed25519") signature, err := signer.Sign(data) require.NoError(t, err) assert.NotEmpty(t, signature) // 验证 ok, err := signer.Verify(data, signature) require.NoError(t, err) assert.True(t, ok) } func TestConfigSigner_CompatibleWithSM2Signer(t *testing.T) { t.Parallel() // 生成密钥对 keyPair, err := model.GenerateSM2KeyPair() require.NoError(t, err) privateKeyDER, err := model.MarshalSM2PrivateDER(keyPair.Private) require.NoError(t, err) publicKeyDER, err := model.MarshalSM2PublicDER(keyPair.Public) require.NoError(t, err) // 使用 ConfigSigner 签名 configSigner, err := model.NewDefaultSigner(privateKeyDER, publicKeyDER) require.NoError(t, err) data := []byte("test data") signature1, err := configSigner.Sign(data) require.NoError(t, err) // 使用 SM2Signer 验证 sm2Signer := model.NewSM2Signer(privateKeyDER, publicKeyDER) ok1, err := sm2Signer.Verify(data, signature1) require.NoError(t, err) assert.True(t, ok1, "SM2Signer should verify ConfigSigner's signature") // 使用 SM2Signer 签名 signature2, err := sm2Signer.Sign(data) require.NoError(t, err) // 使用 ConfigSigner 验证 ok2, err := configSigner.Verify(data, signature2) require.NoError(t, err) assert.True(t, ok2, "ConfigSigner should verify SM2Signer's signature") }