wangsiyuan/go-trustlog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity
Files
d313449c5cfbde1f1ab6af39adc5b13b75e28119
go-trustlog/api/model/envelope_sign_verify_test.go
ryan d313449c5c refactor: 重构trustlog-sdk目录结构到trustlog/go-trustlog 
- 将所有trustlog-sdk文件移动到trustlog/go-trustlog/目录
- 更新README中所有import路径从trustlog-sdk改为go-trustlog
- 更新cookiecutter配置文件中的项目名称
- 更新根目录.lefthook.yml以引用新位置的配置
- 添加go.sum文件到版本控制
- 删除过时的示例文件

这次重构与trustlog-server保持一致的目录结构,
为未来支持多语言SDK(Python、Java等)预留空间。
2025-12-22 13:37:57 +08:00

127 lines
3.9 KiB
Go
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
package model_test
import (
"testing"
"time"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"go.yandata.net/iod/iod/trustlog-sdk/api/model"
)
// TestSignVerifyConsistency 测试加签和验签的一致性
// 验证加签时使用的数据和验签时使用的数据是否一致.
func TestSignVerifyConsistency(t *testing.T) {
t.Parallel()
// 生成SM2密钥对
keyPair, err := model.GenerateSM2KeyPair()
require.NoError(t, err)
// 序列化为DER格式
privateKeyDER, err := model.MarshalSM2PrivateDER(keyPair.Private)
require.NoError(t, err)
publicKeyDER, err := model.MarshalSM2PublicDER(keyPair.Public)
require.NoError(t, err)
// 创建签名配置
signConfig := model.NewSM2EnvelopeConfig(privateKeyDER, publicKeyDER)
verifyConfig := model.NewSM2VerifyConfig(publicKeyDER)
// 创建测试Operation
op := &model.Operation{
OpID: "op-test-001",
Timestamp: time.Now(),
OpSource: model.OpSourceIRP,
OpType: model.OpTypeOCCreateHandle,
DoPrefix: "test",
DoRepository: "repo",
Doid: "test/repo/123",
ProducerID: "producer-1",
OpActor: "actor-1",
}
err = op.CheckAndInit()
require.NoError(t, err)
// 1. 加签序列化为Envelope
envelopeData, err := model.MarshalOperation(op, signConfig)
require.NoError(t, err)
require.NotNil(t, envelopeData)
// 2. 验签验证Envelope
verifiedEnv, err := model.VerifyEnvelopeWithConfig(envelopeData, verifyConfig)
require.NoError(t, err)
require.NotNil(t, verifiedEnv)
// 3. 验证加签时使用的body和验签时使用的body应该一致
// 手动反序列化envelope以获取body
originalEnv, err := model.UnmarshalEnvelope(envelopeData)
require.NoError(t, err)
// 验证body一致
assert.Equal(t, originalEnv.Body, verifiedEnv.Body, "加签和验签时使用的body应该完全一致")
assert.Equal(t, originalEnv.ProducerID, verifiedEnv.ProducerID)
assert.Equal(t, originalEnv.Signature, verifiedEnv.Signature)
// 4. 验证如果修改body验签应该失败
// 创建完全不同的body内容
modifiedBody := []byte("completely different body content")
require.NotEqual(t, originalEnv.Body, modifiedBody, "修改后的body应该不同")
modifiedEnv := &model.Envelope{
ProducerID: originalEnv.ProducerID,
Signature: originalEnv.Signature, // 使用旧的签名
Body: modifiedBody, // 使用修改后的body
}
modifiedData, err := model.MarshalEnvelope(modifiedEnv)
require.NoError(t, err)
// 验签应该失败因为body被修改了但签名还是旧的
_, err = model.VerifyEnvelopeWithConfig(modifiedData, verifyConfig)
require.Error(t, err, "修改body后验签应该失败")
assert.Contains(t, err.Error(), "signature verification failed")
}
// TestSignVerifyDirectData 直接测试对相同数据的签名和验证.
func TestSignVerifyDirectData(t *testing.T) {
t.Parallel()
// 生成SM2密钥对
keyPair, err := model.GenerateSM2KeyPair()
require.NoError(t, err)
// 序列化为DER格式
privateKeyDER, err := model.MarshalSM2PrivateDER(keyPair.Private)
require.NoError(t, err)
publicKeyDER, err := model.MarshalSM2PublicDER(keyPair.Public)
require.NoError(t, err)
// 创建签名器
signer := model.NewSM2Signer(privateKeyDER, publicKeyDER)
// 测试数据
testData := []byte("test data for signing")
// 1. 签名
signature, err := signer.Sign(testData)
require.NoError(t, err)
require.NotNil(t, signature)
// 2. 验证(使用相同的数据)
valid, err := signer.Verify(testData, signature)
require.NoError(t, err)
assert.True(t, valid, "使用相同数据验证应该成功")
// 3. 验证(使用不同的数据)
modifiedData := []byte("modified test data")
valid, err = signer.Verify(modifiedData, signature)
// VerifySignature在验证失败时会返回错误这是预期的
require.Error(t, err, "使用不同数据验证应该失败并返回错误")
assert.Contains(t, err.Error(), "signature verification failed")
assert.False(t, valid)
}
Reference in New Issue View Git Blame Copy Permalink