package cryptutil
import (
"bytes"
"encoding/hex"
"fmt"
"testing"
"time"
)
func TestHMAC(t *testing.T) {
// https://groups.google.com/d/msg/sci.crypt/OolWgsgQD-8/jHciyWkaL0gJ
hmacTests := []struct {
key string
data string
digest string
}{
{
key: "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
data: "4869205468657265", // "Hi There"
digest: "9f9126c3d9c3c330d760425ca8a217e31feae31bfe70196ff81642b868402eab",
},
{
key: "4a656665", // "Jefe"
data: "7768617420646f2079612077616e7420666f72206e6f7468696e673f", // "what do ya want for nothing?"
digest: "6df7b24630d5ccb2ee335407081a87188c221489768fa2020513b2d593359456",
},
}
for idx, tt := range hmacTests {
keySlice, _ := hex.DecodeString(tt.key)
dataBytes, _ := hex.DecodeString(tt.data)
expectedDigest, _ := hex.DecodeString(tt.digest)
keyBytes := &[32]byte{}
copy(keyBytes[:], keySlice)
macDigest := GenerateHMAC(dataBytes, keyBytes[:])
if !bytes.Equal(macDigest, expectedDigest) {
t.Errorf("test %d generated unexpected mac", idx)
}
if !CheckHMAC(dataBytes, macDigest, keyBytes[:]) {
t.Errorf("test %d generated unexpected mac", idx)
}
}
}
func TestValidTimestamp(t *testing.T) {
t.Parallel()
tests := []struct {
name string
ts string
wantErr bool
}{
{"good - now", fmt.Sprint(time.Now().Unix()), false},
{"good - now - 200ms", fmt.Sprint(time.Now().Add(-200 * time.Millisecond).Unix()), false},
{"good - now + 200ms", fmt.Sprint(time.Now().Add(200 * time.Millisecond).Unix()), false},
{"bad - now + 10m", fmt.Sprint(time.Now().Add(10 * time.Minute).Unix()), true},
{"bad - now - 10m", fmt.Sprint(time.Now().Add(-10 * time.Minute).Unix()), true},
{"malformed - non int", "pomerium", true},
{"malformed - negative number", "-1", true},
{"malformed - huge number", fmt.Sprintf("%d", 10*10000000000), true},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
if err := ValidTimestamp(tt.ts); (err != nil) != tt.wantErr {
t.Errorf("ValidTimestamp() error = %v, wantErr %v", err, tt.wantErr)
}
})
}
}