package cryptext import ( "git.blackforestbytes.com/BlackForestBytes/goext/tst" "strings" "testing" ) func TestAESSimpleEmptyData(t *testing.T) { pw := []byte("password") enc, err := EncryptAESSimple(pw, []byte{}, 256) tst.AssertNoErr(t, err) tst.AssertNotEqual(t, enc, "") dec, err := DecryptAESSimple(pw, enc) tst.AssertNoErr(t, err) tst.AssertEqual(t, len(dec), 0) } func TestAESSimpleEmptyPassword(t *testing.T) { pw := []byte{} plain := []byte("some content") enc, err := EncryptAESSimple(pw, plain, 256) tst.AssertNoErr(t, err) dec, err := DecryptAESSimple(pw, enc) tst.AssertNoErr(t, err) tst.AssertEqual(t, string(dec), string(plain)) } func TestAESSimpleWrongPassword(t *testing.T) { plain := []byte("Hello World") enc, err := EncryptAESSimple([]byte("right"), plain, 256) tst.AssertNoErr(t, err) _, err = DecryptAESSimple([]byte("wrong"), enc) if err == nil { t.Errorf("expected error when decrypting with wrong password") } } func TestAESSimpleInvalidBase32(t *testing.T) { _, err := DecryptAESSimple([]byte("pw"), "!!!not-base32!!!") if err == nil { t.Errorf("expected error on invalid base32 input") } } func TestAESSimpleInvalidJSON(t *testing.T) { // "AAAAAAAA" decodes to valid base32 but not valid JSON _, err := DecryptAESSimple([]byte("pw"), "AAAAAAAA") if err == nil { t.Errorf("expected error on invalid JSON payload") } } func TestAESSimpleEmptyEncText(t *testing.T) { _, err := DecryptAESSimple([]byte("pw"), "") if err == nil { t.Errorf("expected error on empty text") } } func TestAESSimpleLargeData(t *testing.T) { pw := []byte("hunter12") plain := []byte(strings.Repeat("ABCDEFGHIJ", 1024)) enc, err := EncryptAESSimple(pw, plain, 256) tst.AssertNoErr(t, err) dec, err := DecryptAESSimple(pw, enc) tst.AssertNoErr(t, err) tst.AssertEqual(t, string(dec), string(plain)) } func TestAESSimpleBinaryData(t *testing.T) { pw := []byte("hunter12") plain := []byte{0x00, 0x01, 0x02, 0x7F, 0x80, 0xFE, 0xFF, 0x00, 0xAA, 0x55} enc, err := EncryptAESSimple(pw, plain, 256) tst.AssertNoErr(t, err) dec, err := DecryptAESSimple(pw, enc) tst.AssertNoErr(t, err) tst.AssertArrayEqual(t, dec, plain) } func TestAESSimpleDifferentRoundsForEachCall(t *testing.T) { pw := []byte("hunter12") plain := []byte("Hello") enc1, err := EncryptAESSimple(pw, plain, 256) tst.AssertNoErr(t, err) enc2, err := EncryptAESSimple(pw, plain, 256) tst.AssertNoErr(t, err) // Two separate encrypt calls on same plaintext should differ (random salt + IV) tst.AssertNotEqual(t, enc1, enc2) // Both should decrypt back to the same plaintext d1, err := DecryptAESSimple(pw, enc1) tst.AssertNoErr(t, err) d2, err := DecryptAESSimple(pw, enc2) tst.AssertNoErr(t, err) tst.AssertEqual(t, string(d1), string(plain)) tst.AssertEqual(t, string(d2), string(plain)) } func TestAESSimpleVariableRounds(t *testing.T) { pw := []byte("hunter12") plain := []byte("rounds-test") for _, r := range []int{16, 32, 64, 128, 256, 512, 1024} { enc, err := EncryptAESSimple(pw, plain, r) tst.AssertNoErr(t, err) dec, err := DecryptAESSimple(pw, enc) tst.AssertNoErr(t, err) tst.AssertEqual(t, string(dec), string(plain)) } } func TestAESSimpleResultIsBase32(t *testing.T) { pw := []byte("hunter12") plain := []byte("Hello World") enc, err := EncryptAESSimple(pw, plain, 64) tst.AssertNoErr(t, err) for _, c := range enc { isUpper := c >= 'A' && c <= 'Z' isDigit := c >= '2' && c <= '7' if !(isUpper || isDigit) { t.Errorf("non-base32 character %q in output", c) break } } }