package pkcs7 import ( "bytes" "crypto/x509" "testing" ) func TestEncrypt(t *testing.T) { modes := []int{ EncryptionAlgorithmDESCBC, EncryptionAlgorithmAES128CBC, EncryptionAlgorithmAES256CBC, EncryptionAlgorithmAES128GCM, EncryptionAlgorithmAES256GCM, } sigalgs := []x509.SignatureAlgorithm{ x509.SHA1WithRSA, x509.SHA256WithRSA, x509.SHA512WithRSA, } for _, mode := range modes { for _, sigalg := range sigalgs { ContentEncryptionAlgorithm = mode plaintext := []byte("Hello Secret World!") cert, err := createTestCertificate(sigalg) if err != nil { t.Fatal(err) } encrypted, err := Encrypt(plaintext, []*x509.Certificate{cert.Certificate}) if err != nil { t.Fatal(err) } p7, err := Parse(encrypted) if err != nil { t.Fatalf("cannot Parse encrypted result: %s", err) } result, err := p7.Decrypt(cert.Certificate, *cert.PrivateKey) if err != nil { t.Fatalf("cannot Decrypt encrypted result: %s", err) } if !bytes.Equal(plaintext, result) { t.Errorf("encrypted data does not match plaintext:\n\tExpected: %s\n\tActual: %s", plaintext, result) } } } } func TestEncryptUsingPSK(t *testing.T) { modes := []int{ EncryptionAlgorithmDESCBC, EncryptionAlgorithmAES128GCM, } for _, mode := range modes { ContentEncryptionAlgorithm = mode plaintext := []byte("Hello Secret World!") var key []byte switch mode { case EncryptionAlgorithmDESCBC: key = []byte("64BitKey") case EncryptionAlgorithmAES128GCM: key = []byte("128BitKey4AESGCM") } ciphertext, err := EncryptUsingPSK(plaintext, key) if err != nil { t.Fatal(err) } p7, _ := Parse(ciphertext) result, err := p7.DecryptUsingPSK(key) if err != nil { t.Fatalf("cannot Decrypt encrypted result: %s", err) } if !bytes.Equal(plaintext, result) { t.Errorf("encrypted data does not match plaintext:\n\tExpected: %s\n\tActual: %s", plaintext, result) } } } func TestPad(t *testing.T) { tests := []struct { Original []byte Expected []byte BlockSize int }{ {[]byte{0x1, 0x2, 0x3, 0x10}, []byte{0x1, 0x2, 0x3, 0x10, 0x4, 0x4, 0x4, 0x4}, 8}, {[]byte{0x1, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0}, []byte{0x1, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8, 0x8, 0x8, 0x8, 0x8, 0x8, 0x8}, 8}, } for _, test := range tests { padded, err := pad(test.Original, test.BlockSize) if err != nil { t.Errorf("pad encountered error: %s", err) continue } if !bytes.Equal(test.Expected, padded) { t.Errorf("pad results mismatch:\n\tExpected: %X\n\tActual: %X", test.Expected, padded) } } }