d313449c5c
- 将所有trustlog-sdk文件移动到trustlog/go-trustlog/目录 - 更新README中所有import路径从trustlog-sdk改为go-trustlog - 更新cookiecutter配置文件中的项目名称 - 更新根目录.lefthook.yml以引用新位置的配置 - 添加go.sum文件到版本控制 - 删除过时的示例文件 这次重构与trustlog-server保持一致的目录结构, 为未来支持多语言SDK(Python、Java等)预留空间。
252 lines
5.5 KiB
Go
252 lines
5.5 KiB
Go
package model_test
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
|
|
"go.yandata.net/iod/iod/trustlog-sdk/api/model"
|
|
)
|
|
|
|
func TestCryptoConfig_Validate(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
tests := []struct {
|
|
name string
|
|
config *model.CryptoConfig
|
|
wantErr bool
|
|
}{
|
|
{
|
|
name: "valid SM2 config",
|
|
config: &model.CryptoConfig{
|
|
SignatureAlgorithm: model.SM2Algorithm,
|
|
},
|
|
wantErr: false,
|
|
},
|
|
{
|
|
name: "valid Ed25519 config",
|
|
config: &model.CryptoConfig{
|
|
SignatureAlgorithm: model.Ed25519Algorithm,
|
|
},
|
|
wantErr: false,
|
|
},
|
|
{
|
|
name: "invalid signature algorithm",
|
|
config: &model.CryptoConfig{
|
|
SignatureAlgorithm: "rsa",
|
|
},
|
|
wantErr: true,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
t.Parallel()
|
|
err := tt.config.Validate()
|
|
if tt.wantErr {
|
|
require.Error(t, err)
|
|
} else {
|
|
require.NoError(t, err)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestSetGetGlobalCryptoConfig(t *testing.T) {
|
|
// 不使用 t.Parallel(),因为它修改全局状态
|
|
|
|
// 保存当前配置
|
|
original := model.GetGlobalCryptoConfig()
|
|
|
|
config := &model.CryptoConfig{
|
|
SignatureAlgorithm: model.Ed25519Algorithm,
|
|
}
|
|
|
|
err := model.SetGlobalCryptoConfig(config)
|
|
require.NoError(t, err)
|
|
|
|
retrieved := model.GetGlobalCryptoConfig()
|
|
assert.Equal(t, config.SignatureAlgorithm, retrieved.SignatureAlgorithm)
|
|
|
|
// 恢复原配置
|
|
_ = model.SetGlobalCryptoConfig(original)
|
|
}
|
|
|
|
func TestGenerateKeyPair_SM2(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
config := &model.CryptoConfig{
|
|
SignatureAlgorithm: model.SM2Algorithm,
|
|
}
|
|
|
|
keyPair, err := model.GenerateKeyPair(config)
|
|
require.NoError(t, err)
|
|
assert.NotNil(t, keyPair)
|
|
assert.NotNil(t, keyPair.Public)
|
|
assert.NotNil(t, keyPair.Private)
|
|
assert.Equal(t, model.SM2Algorithm, keyPair.Algorithm)
|
|
}
|
|
|
|
func TestGenerateKeyPair_Ed25519(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
config := &model.CryptoConfig{
|
|
SignatureAlgorithm: model.Ed25519Algorithm,
|
|
}
|
|
|
|
keyPair, err := model.GenerateKeyPair(config)
|
|
require.NoError(t, err)
|
|
assert.NotNil(t, keyPair)
|
|
assert.NotNil(t, keyPair.Public)
|
|
assert.NotNil(t, keyPair.Private)
|
|
assert.Equal(t, model.Ed25519Algorithm, keyPair.Algorithm)
|
|
}
|
|
|
|
func TestKeyPair_SignAndVerify_SM2(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
config := &model.CryptoConfig{
|
|
SignatureAlgorithm: model.SM2Algorithm,
|
|
}
|
|
|
|
keyPair, err := model.GenerateKeyPair(config)
|
|
require.NoError(t, err)
|
|
|
|
data := []byte("test data for SM2 signing")
|
|
|
|
// Sign
|
|
signature, err := keyPair.Sign(data, nil)
|
|
require.NoError(t, err)
|
|
assert.NotEmpty(t, signature)
|
|
|
|
// Verify
|
|
ok, err := keyPair.Verify(data, signature)
|
|
require.NoError(t, err)
|
|
assert.True(t, ok)
|
|
|
|
// Verify with wrong data should fail
|
|
wrongData := []byte("wrong data")
|
|
ok, err = keyPair.Verify(wrongData, signature)
|
|
require.NoError(t, err)
|
|
assert.False(t, ok)
|
|
}
|
|
|
|
func TestKeyPair_SignAndVerify_Ed25519(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
config := &model.CryptoConfig{
|
|
SignatureAlgorithm: model.Ed25519Algorithm,
|
|
}
|
|
|
|
keyPair, err := model.GenerateKeyPair(config)
|
|
require.NoError(t, err)
|
|
|
|
data := []byte("test data for Ed25519 signing")
|
|
|
|
// Sign
|
|
signature, err := keyPair.Sign(data, nil)
|
|
require.NoError(t, err)
|
|
assert.NotEmpty(t, signature)
|
|
|
|
// Verify
|
|
ok, err := keyPair.Verify(data, signature)
|
|
require.NoError(t, err)
|
|
assert.True(t, ok)
|
|
|
|
// Verify with wrong data should fail
|
|
wrongData := []byte("wrong data")
|
|
ok, err = keyPair.Verify(wrongData, signature)
|
|
require.NoError(t, err)
|
|
assert.False(t, ok)
|
|
}
|
|
|
|
func TestKeyPair_MarshalAndParse_SM2(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
config := &model.CryptoConfig{
|
|
SignatureAlgorithm: model.SM2Algorithm,
|
|
}
|
|
|
|
keyPair, err := model.GenerateKeyPair(config)
|
|
require.NoError(t, err)
|
|
|
|
// Marshal private key
|
|
privateKeyDER, err := keyPair.MarshalPrivateKey()
|
|
require.NoError(t, err)
|
|
assert.NotEmpty(t, privateKeyDER)
|
|
|
|
// Marshal public key
|
|
publicKeyDER, err := keyPair.MarshalPublicKey()
|
|
require.NoError(t, err)
|
|
assert.NotEmpty(t, publicKeyDER)
|
|
|
|
// Parse keys back
|
|
parsedPriv, err := model.ParsePrivateKey(privateKeyDER, model.SM2Algorithm)
|
|
require.NoError(t, err)
|
|
assert.NotNil(t, parsedPriv)
|
|
|
|
parsedPub, err := model.ParsePublicKey(publicKeyDER, model.SM2Algorithm)
|
|
require.NoError(t, err)
|
|
assert.NotNil(t, parsedPub)
|
|
|
|
// Test sign/verify with parsed keys
|
|
data := []byte("test data")
|
|
signature, err := model.SignWithConfig(data, privateKeyDER, config)
|
|
require.NoError(t, err)
|
|
|
|
ok, err := model.VerifyWithConfig(data, publicKeyDER, signature, config)
|
|
require.NoError(t, err)
|
|
assert.True(t, ok)
|
|
}
|
|
|
|
func TestSignWithConfig_And_VerifyWithConfig(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
tests := []struct {
|
|
name string
|
|
algorithm model.SignatureAlgorithm
|
|
}{
|
|
{
|
|
name: "SM2",
|
|
algorithm: model.SM2Algorithm,
|
|
},
|
|
{
|
|
name: "Ed25519",
|
|
algorithm: model.Ed25519Algorithm,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
config := &model.CryptoConfig{
|
|
SignatureAlgorithm: tt.algorithm,
|
|
}
|
|
|
|
// Generate key pair
|
|
keyPair, err := model.GenerateKeyPair(config)
|
|
require.NoError(t, err)
|
|
|
|
// Marshal keys
|
|
privateKeyDER, err := keyPair.MarshalPrivateKey()
|
|
require.NoError(t, err)
|
|
|
|
publicKeyDER, err := keyPair.MarshalPublicKey()
|
|
require.NoError(t, err)
|
|
|
|
// Sign
|
|
data := []byte("test data")
|
|
signature, err := model.SignWithConfig(data, privateKeyDER, config)
|
|
require.NoError(t, err)
|
|
assert.NotEmpty(t, signature)
|
|
|
|
// Verify
|
|
ok, err := model.VerifyWithConfig(data, publicKeyDER, signature, config)
|
|
require.NoError(t, err)
|
|
assert.True(t, ok)
|
|
})
|
|
}
|
|
}
|