57 lines
1023 B
Go
57 lines
1023 B
Go
package libcrypto
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"io"
|
|
"testing"
|
|
|
|
"github.com/portainer/portainer/pkg/fips"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func init() {
|
|
fips.InitFIPS(false)
|
|
}
|
|
|
|
func TestEncryptDecrypt(t *testing.T) {
|
|
dataFn := func() []byte {
|
|
data := make([]byte, 1024)
|
|
_, err := io.ReadFull(rand.Reader, data)
|
|
require.NoError(t, err)
|
|
|
|
return data
|
|
}
|
|
|
|
fn := func(t *testing.T, fips bool) {
|
|
data := dataFn()
|
|
|
|
encrypted, err := encrypt(data, []byte("test"), fips)
|
|
require.NoError(t, err)
|
|
|
|
decrypted, err := decrypt(encrypted, []byte("test"), fips)
|
|
require.NoError(t, err)
|
|
|
|
require.Equal(t, data, decrypted)
|
|
}
|
|
|
|
t.Run("fips", func(t *testing.T) {
|
|
fn(t, true)
|
|
})
|
|
|
|
t.Run("non-fips", func(t *testing.T) {
|
|
fn(t, false)
|
|
})
|
|
|
|
t.Run("system_fips_mode", func(t *testing.T) {
|
|
data := dataFn()
|
|
|
|
encrypted, err := Encrypt(data, []byte("test"))
|
|
require.NoError(t, err)
|
|
|
|
decrypted, err := Decrypt(encrypted, []byte("test"))
|
|
require.NoError(t, err)
|
|
|
|
require.Equal(t, data, decrypted)
|
|
})
|
|
}
|