forked from codahale/sneaker
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathupload_test.go
88 lines (73 loc) · 1.95 KB
/
upload_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
package sneaker
import (
"bytes"
"io/ioutil"
"strings"
"testing"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/kms"
"github.com/aws/aws-sdk-go/service/s3"
)
func TestUpload(t *testing.T) {
fakeKMS := &FakeKMS{
GenerateOutputs: []kms.GenerateDataKeyOutput{
{
CiphertextBlob: []byte("encrypted key"),
KeyId: aws.String("key1"),
Plaintext: make([]byte, 32),
},
},
}
fakeS3 := &FakeS3{
PutOutputs: []s3.PutObjectOutput{
{},
{},
},
}
man := Manager{
Objects: fakeS3,
Envelope: Envelope{
KMS: fakeKMS,
},
KeyId: "key1",
EncryptionContext: map[string]string{"A": "B"},
Bucket: "bucket",
Prefix: "secrets",
}
if err := man.Upload("weeble.txt", strings.NewReader("this is a test")); err != nil {
t.Fatal(err)
}
putReq := fakeS3.PutInputs[0]
if v, want := *putReq.Bucket, "bucket"; v != want {
t.Errorf("Bucket was %q, but expected %q", v, want)
}
if v, want := *putReq.Key, "secrets/weeble.txt"; v != want {
t.Errorf("Key was %q, but expected %q", v, want)
}
if v, want := *putReq.ContentLength, int64(59); v != want {
t.Errorf("ContentLength was %d, but expected %d", v, want)
}
if v, want := *putReq.ContentType, "application/octet-stream"; v != want {
t.Errorf("ContentType was %q, but expected %q", v, want)
}
actual, err := ioutil.ReadAll(putReq.Body)
if err != nil {
t.Fatal(err)
}
header := actual[:4]
if v := []byte{0x00, 0x00, 0x00, 0x0d}; !bytes.Equal(header, v) {
t.Errorf("Header was %x but expected %x", header, v)
}
blob := actual[4 : 13+4]
if v := []byte("encrypted key"); !bytes.Equal(blob, v) {
t.Errorf("Blob was %x but expected %x", blob, v)
}
ciphertext := actual[13+4:]
plaintext, err := decrypt(make([]byte, 32), ciphertext, []byte("key1"))
if err != nil {
t.Fatal(err)
}
if v, want := string(plaintext), "this is a test"; v != want {
t.Errorf("Plaintext was %x but expected %x", v, want)
}
}