1 package cryptostore_test
6 "github.com/stretchr/testify/assert"
7 "github.com/stretchr/testify/require"
9 cmn "github.com/tendermint/tmlibs/common"
11 "github.com/tendermint/go-crypto/keys/cryptostore"
14 func TestNoopEncoder(t *testing.T) {
15 assert, require := assert.New(t), require.New(t)
16 noop := cryptostore.Noop
18 key, err := cryptostore.GenEd25519.Generate(cmn.RandBytes(16))
20 key2, err := cryptostore.GenSecp256k1.Generate(cmn.RandBytes(16))
23 b, err := noop.Encrypt(key, "encode")
27 b2, err := noop.Encrypt(key2, "encode")
30 assert.NotEqual(b, b2)
32 // note the decode with a different password works - not secure!
33 pk, err := noop.Decrypt(b, "decode")
38 pk2, err := noop.Decrypt(b2, "kggugougp")
41 assert.Equal(key2, pk2)
44 func TestSecretBox(t *testing.T) {
45 assert, require := assert.New(t), require.New(t)
46 enc := cryptostore.SecretBox
48 key, err := cryptostore.GenEd25519.Generate(cmn.RandBytes(16))
50 pass := "some-special-secret"
52 b, err := enc.Encrypt(key, pass)
56 // decoding with a different pass is an error
57 pk, err := enc.Decrypt(b, "decode")
59 require.True(pk.Empty())
61 // but decoding with the same passphrase gets us our key
62 pk, err = enc.Decrypt(b, pass)
67 func TestSecretBoxNoPass(t *testing.T) {
68 assert, require := assert.New(t), require.New(t)
69 enc := cryptostore.SecretBox
71 key, rerr := cryptostore.GenEd25519.Generate(cmn.RandBytes(16))
80 {"foo", "food", false},
86 for i, tc := range cases {
87 b, err := enc.Encrypt(key, tc.encode)
88 require.Nil(err, "%d: %+v", i, err)
89 assert.NotEmpty(b, "%d", i)
91 pk, err := enc.Decrypt(b, tc.decode)
93 require.Nil(err, "%d: %+v", i, err)
94 assert.Equal(key, pk, "%d", i)
96 require.NotNil(err, "%d", i)
100 // now let's make sure raw bytes also work...
102 pk, err := enc.Decrypt(b, "")
103 require.Nil(err, "%+v", err)
104 assert.Equal(key, pk)