Merge pull request #35 from Snider/feature-add-good-bad-ugly-tests

Add Good, Bad, and Ugly tests

Author: Snider

pkg/crypt/crypt.go

@@ -3,6 +3,7 @@ package crypt
 import (
 	"crypto/md5"
 	"crypto/sha1"
+	"errors"
 	"crypto/sha256"
 	"crypto/sha512"
 	"encoding/binary"
@@ -217,5 +218,8 @@ func (s *Service) VerifyPGP(publicKey, data, signature []byte) error {
 // SymmetricallyEncryptPGP encrypts data with a passphrase.
 func (s *Service) SymmetricallyEncryptPGP(passphrase, data []byte) ([]byte, error) {
 	s.ensurePGP()
+	if len(passphrase) == 0 {
+		return nil, errors.New("passphrase cannot be empty")
+	}
 	return s.pgp.SymmetricallyEncrypt(passphrase, data)
 }

pkg/crypt/crypt_internal_test.go

@@ -6,8 +6,28 @@ import (
 	"github.com/stretchr/testify/assert"
 )
 
-func TestEnsureRSA(t *testing.T) {
+// TestEnsureRSA_Good tests that the RSA service is initialized correctly.
+func TestEnsureRSA_Good(t *testing.T) {
 	s := &Service{}
 	s.ensureRSA()
 	assert.NotNil(t, s.rsa)
 }
+
+// TestEnsureRSA_Bad tests that calling ensureRSA multiple times does not change the RSA service.
+func TestEnsureRSA_Bad(t *testing.T) {
+	s := &Service{}
+	s.ensureRSA()
+	rsa1 := s.rsa
+	s.ensureRSA()
+	rsa2 := s.rsa
+	assert.Same(t, rsa1, rsa2)
+}
+
+// TestEnsureRSA_Ugly tests that ensureRSA works correctly on a service with a pre-initialized RSA service.
+func TestEnsureRSA_Ugly(t *testing.T) {
+	s := NewService() // NewService initializes the RSA service
+	rsa1 := s.rsa
+	s.ensureRSA()
+	rsa2 := s.rsa
+	assert.Same(t, rsa1, rsa2)
+}

pkg/crypt/crypt_test.go

@@ -155,6 +155,63 @@ func TestPGP_Good(t *testing.T) {
 	assert.NotNil(t, ciphertext)
 }
 
+func TestPGP_Bad(t *testing.T) {
+	// Generate two key pairs
+	pubKey1, privKey1, err := service.GeneratePGPKeyPair("test1", "test1@test.com", "")
+	assert.NoError(t, err)
+	pubKey2, privKey2, err := service.GeneratePGPKeyPair("test2", "test2@test.com", "")
+	assert.NoError(t, err)
+
+	message := []byte("secret message")
+
+	// Test decryption with the wrong key
+	ciphertext, err := service.EncryptPGP(pubKey1, message)
+	assert.NoError(t, err)
+	// This should fail because we are using the wrong private key.
+	_, err = service.DecryptPGP(privKey2, ciphertext) // Intentionally using wrong key
+	assert.Error(t, err)
+
+	// Test verification with the wrong key
+	signature, err := service.SignPGP(privKey1, message)
+	assert.NoError(t, err)
+	err = service.VerifyPGP(pubKey2, message, signature)
+	assert.Error(t, err)
+
+	// Test verification with a tampered message
+	tamperedMessage := []byte("tampered message")
+	err = service.VerifyPGP(pubKey1, tamperedMessage, signature)
+	assert.Error(t, err)
+}
+
+func TestPGP_Ugly(t *testing.T) {
+	// Test with malformed keys
+	_, err := service.EncryptPGP([]byte("not a real key"), []byte("message"))
+	assert.Error(t, err)
+
+	_, err = service.DecryptPGP([]byte("not a real key"), []byte("message"))
+	assert.Error(t, err)
+
+	_, err = service.SignPGP([]byte("not a real key"), []byte("message"))
+	assert.Error(t, err)
+
+	err = service.VerifyPGP([]byte("not a real key"), []byte("message"), []byte("not a real signature"))
+	assert.Error(t, err)
+
+	// Test with empty message
+	pubKey, privKey, err := service.GeneratePGPKeyPair("test", "test@test.com", "")
+	assert.NoError(t, err)
+	message := []byte("")
+	ciphertext, err := service.EncryptPGP(pubKey, message)
+	assert.NoError(t, err)
+	plaintext, err := service.DecryptPGP(privKey, ciphertext, )
+	assert.NoError(t, err)
+	assert.Equal(t, message, plaintext)
+
+	// Test symmetric encryption with empty passphrase
+	_, err = service.SymmetricallyEncryptPGP([]byte(""), message)
+	assert.Error(t, err)
+}
+
 // --- IsHashAlgo Tests ---
 
 func TestIsHashAlgo_Good(t *testing.T) {

pkg/enchantrix/enchantrix_test.go

@@ -40,6 +40,21 @@ func TestTransmute_Bad(t *testing.T) {
 	assert.Error(t, err)
 }
 
+func TestTransmute_Ugly(t *testing.T) {
+	// Test with nil data
+	_, err := enchantrix.Transmute(nil, []enchantrix.Sigil{&enchantrix.ReverseSigil{}})
+	assert.NoError(t, err)
+
+	// Test with nil sigils
+	_, err = enchantrix.Transmute([]byte("hello"), nil)
+	assert.NoError(t, err)
+
+	// Test with no sigils
+	result, err := enchantrix.Transmute([]byte("hello"), []enchantrix.Sigil{})
+	assert.NoError(t, err)
+	assert.Equal(t, "hello", string(result))
+}
+
 // --- Factory Tests ---
 
 func TestNewSigil_Good(t *testing.T) {
@@ -63,3 +78,20 @@ func TestNewSigil_Bad(t *testing.T) {
 	assert.Nil(t, sigil)
 	assert.Contains(t, err.Error(), "unknown sigil name")
 }
+
+func TestNewSigil_Ugly(t *testing.T) {
+	// Test with empty string
+	sigil, err := enchantrix.NewSigil("")
+	assert.Error(t, err)
+	assert.Nil(t, sigil)
+
+	// Test with whitespace
+	sigil, err = enchantrix.NewSigil("  ")
+	assert.Error(t, err)
+	assert.Nil(t, sigil)
+
+	// Test with non-printable characters
+	sigil, err = enchantrix.NewSigil("\x00\x01\x02")
+	assert.Error(t, err)
+	assert.Nil(t, sigil)
+}

pkg/enchantrix/sigils.go

@@ -26,6 +26,9 @@ type ReverseSigil struct{}
 
 // In reverses the bytes of the data.
 func (s *ReverseSigil) In(data []byte) ([]byte, error) {
+	if data == nil {
+		return nil, nil
+	}
 	reversed := make([]byte, len(data))
 	for i, j := 0, len(data)-1; i < len(data); i, j = i+1, j-1 {
 		reversed[i] = data[j]
@@ -43,13 +46,19 @@ type HexSigil struct{}
 
 // In encodes the data to hexadecimal.
 func (s *HexSigil) In(data []byte) ([]byte, error) {
+	if data == nil {
+		return nil, nil
+	}
 	dst := make([]byte, hex.EncodedLen(len(data)))
 	hex.Encode(dst, data)
 	return dst, nil
 }
 
 // Out decodes the data from hexadecimal.
 func (s *HexSigil) Out(data []byte) ([]byte, error) {
+	if data == nil {
+		return nil, nil
+	}
 	dst := make([]byte, hex.DecodedLen(len(data)))
 	_, err := hex.Decode(dst, data)
 	return dst, err
@@ -60,13 +69,19 @@ type Base64Sigil struct{}
 
 // In encodes the data to base64.
 func (s *Base64Sigil) In(data []byte) ([]byte, error) {
+	if data == nil {
+		return nil, nil
+	}
 	dst := make([]byte, base64.StdEncoding.EncodedLen(len(data)))
 	base64.StdEncoding.Encode(dst, data)
 	return dst, nil
 }
 
 // Out decodes the data from base64.
 func (s *Base64Sigil) Out(data []byte) ([]byte, error) {
+	if data == nil {
+		return nil, nil
+	}
 	dst := make([]byte, base64.StdEncoding.DecodedLen(len(data)))
 	n, err := base64.StdEncoding.Decode(dst, data)
 	return dst[:n], err
@@ -79,6 +94,9 @@ type GzipSigil struct {
 
 // In compresses the data using gzip.
 func (s *GzipSigil) In(data []byte) ([]byte, error) {
+	if data == nil {
+		return nil, nil
+	}
 	var b bytes.Buffer
 	w := s.writer
 	if w == nil {
@@ -96,6 +114,9 @@ func (s *GzipSigil) In(data []byte) ([]byte, error) {
 
 // Out decompresses the data using gzip.
 func (s *GzipSigil) Out(data []byte) ([]byte, error) {
+	if data == nil {
+		return nil, nil
+	}
 	r, err := gzip.NewReader(bytes.NewReader(data))
 	if err != nil {
 		return nil, err