package mcrypto import ( . "testing" "time" "github.com/ansel1/merry" "github.com/mediocregopher/mediocre-go-lib/mtest" "github.com/stretchr/testify/assert" ) func TestSigner(t *T) { secret := mtest.RandBytes(16) signer, weakSigner := NewSigner(secret), NewWeakSigner(secret) var prevStr, prevSig, prevWeakSig string for i := 0; i < 10000; i++ { thisStr := mtest.RandHex(512) thisSig := SignString(signer, thisStr) thisWeakSig := SignString(weakSigner, thisStr) // sanity checks assert.NotEqual(t, thisSig, thisWeakSig) assert.True(t, len(thisSig) > len(thisWeakSig)) // Either signer should be able to verify either signature assert.NoError(t, VerifyString(signer, thisSig, thisStr)) assert.NoError(t, VerifyString(weakSigner, thisWeakSig, thisStr)) assert.NoError(t, VerifyString(signer, thisWeakSig, thisStr)) assert.NoError(t, VerifyString(weakSigner, thisSig, thisStr)) if prevStr != "" { assert.NotEqual(t, prevSig, thisSig) assert.NotEqual(t, prevWeakSig, thisWeakSig) err := VerifyString(signer, prevSig, thisStr) assert.True(t, merry.Is(err, ErrInvalidSig)) err = VerifyString(signer, prevWeakSig, thisStr) assert.True(t, merry.Is(err, ErrInvalidSig)) } prevStr = thisStr prevSig = thisSig prevWeakSig = thisWeakSig } } func TestExpireSigner(t *T) { origNow := time.Now() s := ExpireSigner(NewSigner(mtest.RandBytes(16)), 1*time.Hour).(expireSigner) s.testNow = origNow str := mtest.RandHex(32) sig := SignString(s, str) // in the immediate the sig should obviously work assert.NoError(t, VerifyString(s, sig, str)) err := VerifyString(s, sig, mtest.RandHex(32)) assert.True(t, merry.Is(err, ErrInvalidSig)) // within the timeout it should still work s.testNow = s.testNow.Add(1 * time.Minute) assert.NoError(t, VerifyString(s, sig, str)) // but a new "now" should then generate a different sig sig2 := SignString(s, str) assert.NotEqual(t, sig, sig2) assert.NoError(t, VerifyString(s, sig2, str)) // jumping forward an hour should expire the first sig, but not the second s.testNow = s.testNow.Add(1 * time.Hour) err = VerifyString(s, sig, str) assert.True(t, merry.Is(err, ErrInvalidSig)) assert.NoError(t, VerifyString(s, sig2, str)) } func TestUniqueSigner(t *T) { s := UniqueSigner(NewSigner(mtest.RandBytes(16))) str := mtest.RandHex(32) sigA, sigB := SignString(s, str), SignString(s, str) assert.NotEqual(t, sigA, sigB) assert.NoError(t, VerifyString(s, sigA, str)) assert.NoError(t, VerifyString(s, sigB, str)) }