-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathencryptable_string_test.go
151 lines (106 loc) · 3.29 KB
/
encryptable_string_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
package psql
import (
"context"
"crypto/rand"
"encoding/hex"
"io"
"testing"
"github.com/stretchr/testify/require"
)
func TestEncryptableString(t *testing.T) {
c := NewClient(nil)
if err := c.Start(""); err != nil {
t.Fatalf("Failed to start %v", err)
}
if _, err := c.Exec(modelsTable); err != nil {
t.Fatalf("failed to create table %v", err)
}
defer func() {
_, _ = c.Exec("drop table mock_models")
_ = c.Close()
}()
defer func(old string) { EncryptionKey = old }(EncryptionKey)
genKey := func() (string, error) {
key := make([]byte, 32)
if _, err := io.ReadFull(rand.Reader, key); err != nil {
return "", err
}
return hex.EncodeToString(key), nil
}
ctx := context.Background()
m := &MockModel{}
//// no key
EncryptionKey = ""
// with null value
m.Encryptable = EncryptableString{}
if err := c.Insert(ctx, m); err != nil {
t.Fatalf("error inserting %v", err)
}
var results []*MockModel
if err := c.Select(m.TableName()).Where(Attrs{"encryptable": nil}).Slice(ctx, &results); err != nil {
t.Fatalf("Select failed %v", err)
}
require.Equal(t, 1, len(results))
require.Equal(t, EncryptableString{}, results[0].Encryptable)
// with value present
m.Encryptable = NewEncryptableString("test string")
if err := c.Insert(ctx, m); err != nil {
t.Fatalf("error inserting %v", err)
}
results = nil
if err := c.Select(m.TableName()).Where(Attrs{"encryptable": m.Encryptable}).Slice(ctx, &results); err != nil {
t.Fatalf("Select failed %v", err)
}
require.Equal(t, 1, len(results))
require.Equal(t, m.Encryptable, results[0].Encryptable)
//// clear
if _, err := c.DeleteAll(m.TableName()).Exec(ctx); err != nil {
t.Fatalf("delete failed %v", err)
}
//// with key (256 bit)
if k, err := genKey(); err != nil {
t.Fatalf("failed to generate key %v", err)
} else {
EncryptionKey = k
}
// with null value
m.Encryptable = EncryptableString{}
if err := c.Insert(ctx, m); err != nil {
t.Fatalf("error inserting %v", err)
}
results = nil
if err := c.Select(m.TableName()).Where(Attrs{"encryptable": nil}).Slice(ctx, &results); err != nil {
t.Fatalf("Select failed %v", err)
}
require.Equal(t, 1, len(results))
require.Equal(t, EncryptableString{}, results[0].Encryptable)
// with value present
m.Encryptable = NewEncryptableString("test string")
if err := c.Insert(ctx, m); err != nil {
t.Fatalf("error inserting %v", err)
}
results = nil
if err := c.Select(m.TableName()).WhereNot(Attrs{"encryptable": nil}).Slice(ctx, &results); err != nil {
t.Fatalf("Select failed %v", err)
}
require.Equal(t, 1, len(results))
require.Equal(t, m.Encryptable, results[0].Encryptable)
// confirm the string does not exist in plain text
results = nil
if err := c.Select(m.TableName()).Where(Attrs{"encryptable": m.Encryptable.String}).Slice(ctx, &results); err != nil {
t.Fatalf("Select failed %v", err)
}
require.Equal(t, 0, len(results))
// when encryption key changes
if k, err := genKey(); err != nil {
t.Fatalf("failed to generate key %v", err)
} else {
EncryptionKey = k
}
results = nil
if err := c.Select(m.TableName()).WhereNot(Attrs{"encryptable": nil}).Slice(ctx, &results); err != nil {
t.Fatalf("Select failed %v", err)
}
require.Equal(t, 1, len(results))
require.Equal(t, EncryptableString{}, results[0].Encryptable)
}