| 265 | } |
| 266 | |
| 267 | func TestMACOnlyEncrypted(t *testing.T) { |
| 268 | branches := TreeBranches{ |
| 269 | TreeBranch{ |
| 270 | TreeItem{ |
| 271 | Key: "foo_encrypted", |
| 272 | Value: "bar", |
| 273 | }, |
| 274 | TreeItem{ |
| 275 | Key: "bar", |
| 276 | Value: TreeBranch{ |
| 277 | TreeItem{ |
| 278 | Key: "foo", |
| 279 | Value: "bar", |
| 280 | }, |
| 281 | }, |
| 282 | }, |
| 283 | }, |
| 284 | } |
| 285 | tree := Tree{Branches: branches, Metadata: Metadata{EncryptedSuffix: "_encrypted", MACOnlyEncrypted: true}} |
| 286 | onlyEncrypted := TreeBranches{ |
| 287 | TreeBranch{ |
| 288 | TreeItem{ |
| 289 | Key: "foo_encrypted", |
| 290 | Value: "bar", |
| 291 | }, |
| 292 | }, |
| 293 | } |
| 294 | treeOnlyEncrypted := Tree{Branches: onlyEncrypted, Metadata: Metadata{EncryptedSuffix: "_encrypted", MACOnlyEncrypted: true}} |
| 295 | cipher := reverseCipher{} |
| 296 | mac, err := tree.Encrypt(bytes.Repeat([]byte("f"), 32), cipher) |
| 297 | if err != nil { |
| 298 | t.Errorf("Encrypting the tree failed: %s", err) |
| 299 | } |
| 300 | macOnlyEncrypted, err := treeOnlyEncrypted.Encrypt(bytes.Repeat([]byte("f"), 32), cipher) |
| 301 | if err != nil { |
| 302 | t.Errorf("Encrypting the treeOnlyEncrypted failed: %s", err) |
| 303 | } |
| 304 | if mac != macOnlyEncrypted { |
| 305 | t.Errorf("MACs don't match:\ngot \t\t%+v,\nexpected \t\t%+v", mac, macOnlyEncrypted) |
| 306 | } |
| 307 | } |
| 308 | |
| 309 | func TestMACOnlyEncryptedNoConfusion(t *testing.T) { |
| 310 | branches := TreeBranches{ |