4b72a37120
主要更新: 1. 数据库持久化功能 - 支持三种策略:仅落库、既落库又存证、仅存证 - 实现 Cursor Worker 异步扫描和存证机制 - 实现 Retry Worker 失败重试机制 - 支持 PostgreSQL、MySQL、SQLite 等多种数据库 - 添加 ClientIP 和 ServerIP 字段(可空,仅落库) 2. 集群并发安全 - 使用 SELECT FOR UPDATE SKIP LOCKED 防止重复处理 - 实现 CAS (Compare-And-Set) 原子状态更新 - 添加 updated_at 字段支持并发控制 3. Cursor 初始化优化 - 自动基于历史数据初始化 cursor - 确保不遗漏任何历史记录 - 修复 UPSERT 逻辑 4. 测试完善 - 添加 E2E 集成测试(含 Pulsar 消费者验证) - 添加 PostgreSQL 集成测试 - 添加 Pulsar 集成测试 - 添加集群并发安全测试 - 添加 Cursor 初始化验证测试 - 补充大量单元测试,提升覆盖率 5. 工具脚本 - 添加数据库迁移脚本 - 添加 Cursor 状态检查工具 - 添加 Cursor 初始化工具 - 添加 Pulsar 消息验证工具 6. 文档清理 - 删除冗余文档,只保留根目录 README 测试结果: - 所有 E2E 测试通过(100%) - 数据库持久化与异步存证流程验证通过 - 集群环境下的并发安全性验证通过 - Cursor 自动初始化和历史数据处理验证通过
252 lines
5.5 KiB
Go
252 lines
5.5 KiB
Go
package model_test
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
|
|
"go.yandata.net/iod/iod/go-trustlog/api/model"
|
|
)
|
|
|
|
func TestCryptoConfig_Validate(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
tests := []struct {
|
|
name string
|
|
config *model.CryptoConfig
|
|
wantErr bool
|
|
}{
|
|
{
|
|
name: "valid SM2 config",
|
|
config: &model.CryptoConfig{
|
|
SignatureAlgorithm: model.SM2Algorithm,
|
|
},
|
|
wantErr: false,
|
|
},
|
|
{
|
|
name: "valid Ed25519 config",
|
|
config: &model.CryptoConfig{
|
|
SignatureAlgorithm: model.Ed25519Algorithm,
|
|
},
|
|
wantErr: false,
|
|
},
|
|
{
|
|
name: "invalid signature algorithm",
|
|
config: &model.CryptoConfig{
|
|
SignatureAlgorithm: "rsa",
|
|
},
|
|
wantErr: true,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
t.Parallel()
|
|
err := tt.config.Validate()
|
|
if tt.wantErr {
|
|
require.Error(t, err)
|
|
} else {
|
|
require.NoError(t, err)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestSetGetGlobalCryptoConfig(t *testing.T) {
|
|
// 不使用 t.Parallel(),因为它修改全局状态
|
|
|
|
// 保存当前配置
|
|
original := model.GetGlobalCryptoConfig()
|
|
|
|
config := &model.CryptoConfig{
|
|
SignatureAlgorithm: model.Ed25519Algorithm,
|
|
}
|
|
|
|
err := model.SetGlobalCryptoConfig(config)
|
|
require.NoError(t, err)
|
|
|
|
retrieved := model.GetGlobalCryptoConfig()
|
|
assert.Equal(t, config.SignatureAlgorithm, retrieved.SignatureAlgorithm)
|
|
|
|
// 恢复原配置
|
|
_ = model.SetGlobalCryptoConfig(original)
|
|
}
|
|
|
|
func TestGenerateKeyPair_SM2(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
config := &model.CryptoConfig{
|
|
SignatureAlgorithm: model.SM2Algorithm,
|
|
}
|
|
|
|
keyPair, err := model.GenerateKeyPair(config)
|
|
require.NoError(t, err)
|
|
assert.NotNil(t, keyPair)
|
|
assert.NotNil(t, keyPair.Public)
|
|
assert.NotNil(t, keyPair.Private)
|
|
assert.Equal(t, model.SM2Algorithm, keyPair.Algorithm)
|
|
}
|
|
|
|
func TestGenerateKeyPair_Ed25519(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
config := &model.CryptoConfig{
|
|
SignatureAlgorithm: model.Ed25519Algorithm,
|
|
}
|
|
|
|
keyPair, err := model.GenerateKeyPair(config)
|
|
require.NoError(t, err)
|
|
assert.NotNil(t, keyPair)
|
|
assert.NotNil(t, keyPair.Public)
|
|
assert.NotNil(t, keyPair.Private)
|
|
assert.Equal(t, model.Ed25519Algorithm, keyPair.Algorithm)
|
|
}
|
|
|
|
func TestKeyPair_SignAndVerify_SM2(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
config := &model.CryptoConfig{
|
|
SignatureAlgorithm: model.SM2Algorithm,
|
|
}
|
|
|
|
keyPair, err := model.GenerateKeyPair(config)
|
|
require.NoError(t, err)
|
|
|
|
data := []byte("test data for SM2 signing")
|
|
|
|
// Sign
|
|
signature, err := keyPair.Sign(data, nil)
|
|
require.NoError(t, err)
|
|
assert.NotEmpty(t, signature)
|
|
|
|
// Verify
|
|
ok, err := keyPair.Verify(data, signature)
|
|
require.NoError(t, err)
|
|
assert.True(t, ok)
|
|
|
|
// Verify with wrong data should fail
|
|
wrongData := []byte("wrong data")
|
|
ok, err = keyPair.Verify(wrongData, signature)
|
|
require.NoError(t, err)
|
|
assert.False(t, ok)
|
|
}
|
|
|
|
func TestKeyPair_SignAndVerify_Ed25519(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
config := &model.CryptoConfig{
|
|
SignatureAlgorithm: model.Ed25519Algorithm,
|
|
}
|
|
|
|
keyPair, err := model.GenerateKeyPair(config)
|
|
require.NoError(t, err)
|
|
|
|
data := []byte("test data for Ed25519 signing")
|
|
|
|
// Sign
|
|
signature, err := keyPair.Sign(data, nil)
|
|
require.NoError(t, err)
|
|
assert.NotEmpty(t, signature)
|
|
|
|
// Verify
|
|
ok, err := keyPair.Verify(data, signature)
|
|
require.NoError(t, err)
|
|
assert.True(t, ok)
|
|
|
|
// Verify with wrong data should fail
|
|
wrongData := []byte("wrong data")
|
|
ok, err = keyPair.Verify(wrongData, signature)
|
|
require.NoError(t, err)
|
|
assert.False(t, ok)
|
|
}
|
|
|
|
func TestKeyPair_MarshalAndParse_SM2(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
config := &model.CryptoConfig{
|
|
SignatureAlgorithm: model.SM2Algorithm,
|
|
}
|
|
|
|
keyPair, err := model.GenerateKeyPair(config)
|
|
require.NoError(t, err)
|
|
|
|
// Marshal private key
|
|
privateKeyDER, err := keyPair.MarshalPrivateKey()
|
|
require.NoError(t, err)
|
|
assert.NotEmpty(t, privateKeyDER)
|
|
|
|
// Marshal public key
|
|
publicKeyDER, err := keyPair.MarshalPublicKey()
|
|
require.NoError(t, err)
|
|
assert.NotEmpty(t, publicKeyDER)
|
|
|
|
// Parse keys back
|
|
parsedPriv, err := model.ParsePrivateKey(privateKeyDER, model.SM2Algorithm)
|
|
require.NoError(t, err)
|
|
assert.NotNil(t, parsedPriv)
|
|
|
|
parsedPub, err := model.ParsePublicKey(publicKeyDER, model.SM2Algorithm)
|
|
require.NoError(t, err)
|
|
assert.NotNil(t, parsedPub)
|
|
|
|
// Test sign/verify with parsed keys
|
|
data := []byte("test data")
|
|
signature, err := model.SignWithConfig(data, privateKeyDER, config)
|
|
require.NoError(t, err)
|
|
|
|
ok, err := model.VerifyWithConfig(data, publicKeyDER, signature, config)
|
|
require.NoError(t, err)
|
|
assert.True(t, ok)
|
|
}
|
|
|
|
func TestSignWithConfig_And_VerifyWithConfig(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
tests := []struct {
|
|
name string
|
|
algorithm model.SignatureAlgorithm
|
|
}{
|
|
{
|
|
name: "SM2",
|
|
algorithm: model.SM2Algorithm,
|
|
},
|
|
{
|
|
name: "Ed25519",
|
|
algorithm: model.Ed25519Algorithm,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
config := &model.CryptoConfig{
|
|
SignatureAlgorithm: tt.algorithm,
|
|
}
|
|
|
|
// Generate key pair
|
|
keyPair, err := model.GenerateKeyPair(config)
|
|
require.NoError(t, err)
|
|
|
|
// Marshal keys
|
|
privateKeyDER, err := keyPair.MarshalPrivateKey()
|
|
require.NoError(t, err)
|
|
|
|
publicKeyDER, err := keyPair.MarshalPublicKey()
|
|
require.NoError(t, err)
|
|
|
|
// Sign
|
|
data := []byte("test data")
|
|
signature, err := model.SignWithConfig(data, privateKeyDER, config)
|
|
require.NoError(t, err)
|
|
assert.NotEmpty(t, signature)
|
|
|
|
// Verify
|
|
ok, err := model.VerifyWithConfig(data, publicKeyDER, signature, config)
|
|
require.NoError(t, err)
|
|
assert.True(t, ok)
|
|
})
|
|
}
|
|
}
|