DeBros/network
4
0
Fork 0
mirror of https://github.com/DeBrosOfficial/network.git synced 2026-01-30 19:03:03 +00:00
Code Issues Packages Projects Releases Wiki Activity
network/pkg/environments/production/wireguard_test.go

168 lines
4.4 KiB
Go
Raw Blame History

package production
import (
"encoding/base64"
"strings"
"testing"
)
func TestGenerateKeyPair(t *testing.T) {
priv, pub, err := GenerateKeyPair()
if err != nil {
t.Fatalf("GenerateKeyPair failed: %v", err)
}
// Keys should be base64, 44 chars (32 bytes + padding)
if len(priv) != 44 {
t.Errorf("private key length = %d, want 44", len(priv))
}
if len(pub) != 44 {
t.Errorf("public key length = %d, want 44", len(pub))
}
// Should be valid base64
if _, err := base64.StdEncoding.DecodeString(priv); err != nil {
t.Errorf("private key is not valid base64: %v", err)
}
if _, err := base64.StdEncoding.DecodeString(pub); err != nil {
t.Errorf("public key is not valid base64: %v", err)
}
// Private and public should differ
if priv == pub {
t.Error("private and public keys should differ")
}
}
func TestGenerateKeyPair_Unique(t *testing.T) {
priv1, _, _ := GenerateKeyPair()
priv2, _, _ := GenerateKeyPair()
if priv1 == priv2 {
t.Error("two generated key pairs should be unique")
}
}
func TestPublicKeyFromPrivate(t *testing.T) {
priv, expectedPub, err := GenerateKeyPair()
if err != nil {
t.Fatalf("GenerateKeyPair failed: %v", err)
}
pub, err := PublicKeyFromPrivate(priv)
if err != nil {
t.Fatalf("PublicKeyFromPrivate failed: %v", err)
}
if pub != expectedPub {
t.Errorf("PublicKeyFromPrivate = %s, want %s", pub, expectedPub)
}
}
func TestPublicKeyFromPrivate_InvalidKey(t *testing.T) {
_, err := PublicKeyFromPrivate("not-valid-base64!!!")
if err == nil {
t.Error("expected error for invalid base64")
}
_, err = PublicKeyFromPrivate(base64.StdEncoding.EncodeToString([]byte("short")))
if err == nil {
t.Error("expected error for short key")
}
}
func TestWireGuardProvisioner_GenerateConfig_NoPeers(t *testing.T) {
wp := NewWireGuardProvisioner(WireGuardConfig{
PrivateIP: "10.0.0.1",
ListenPort: 51820,
PrivateKey: "dGVzdHByaXZhdGVrZXl0ZXN0cHJpdmF0ZWtleXM=",
})
config := wp.GenerateConfig()
if !strings.Contains(config, "[Interface]") {
t.Error("config should contain [Interface] section")
}
if !strings.Contains(config, "Address = 10.0.0.1/24") {
t.Error("config should contain correct Address")
}
if !strings.Contains(config, "ListenPort = 51820") {
t.Error("config should contain ListenPort")
}
if !strings.Contains(config, "PrivateKey = dGVzdHByaXZhdGVrZXl0ZXN0cHJpdmF0ZWtleXM=") {
t.Error("config should contain PrivateKey")
}
if strings.Contains(config, "[Peer]") {
t.Error("config should NOT contain [Peer] section with no peers")
}
}
func TestWireGuardProvisioner_GenerateConfig_WithPeers(t *testing.T) {
wp := NewWireGuardProvisioner(WireGuardConfig{
PrivateIP: "10.0.0.1",
ListenPort: 51820,
PrivateKey: "dGVzdHByaXZhdGVrZXl0ZXN0cHJpdmF0ZWtleXM=",
Peers: []WireGuardPeer{
{
PublicKey: "cGVlcjFwdWJsaWNrZXlwZWVyMXB1YmxpY2tleXM=",
Endpoint: "1.2.3.4:51820",
AllowedIP: "10.0.0.2/32",
},
{
PublicKey: "cGVlcjJwdWJsaWNrZXlwZWVyMnB1YmxpY2tleXM=",
Endpoint: "5.6.7.8:51820",
AllowedIP: "10.0.0.3/32",
},
},
})
config := wp.GenerateConfig()
if strings.Count(config, "[Peer]") != 2 {
t.Errorf("expected 2 [Peer] sections, got %d", strings.Count(config, "[Peer]"))
}
if !strings.Contains(config, "Endpoint = 1.2.3.4:51820") {
t.Error("config should contain first peer endpoint")
}
if !strings.Contains(config, "AllowedIPs = 10.0.0.2/32") {
t.Error("config should contain first peer AllowedIPs")
}
if !strings.Contains(config, "PersistentKeepalive = 25") {
t.Error("config should contain PersistentKeepalive")
}
if !strings.Contains(config, "Endpoint = 5.6.7.8:51820") {
t.Error("config should contain second peer endpoint")
}
}
func TestWireGuardProvisioner_GenerateConfig_PeerWithoutEndpoint(t *testing.T) {
wp := NewWireGuardProvisioner(WireGuardConfig{
PrivateIP: "10.0.0.1",
ListenPort: 51820,
PrivateKey: "dGVzdHByaXZhdGVrZXl0ZXN0cHJpdmF0ZWtleXM=",
Peers: []WireGuardPeer{
{
PublicKey: "cGVlcjFwdWJsaWNrZXlwZWVyMXB1YmxpY2tleXM=",
AllowedIP: "10.0.0.2/32",
},
},
})
config := wp.GenerateConfig()
if strings.Contains(config, "Endpoint") {
t.Error("config should NOT contain Endpoint when peer has none")
}
}
func TestWireGuardProvisioner_DefaultPort(t *testing.T) {
wp := NewWireGuardProvisioner(WireGuardConfig{
PrivateIP: "10.0.0.1",
PrivateKey: "dGVzdHByaXZhdGVrZXl0ZXN0cHJpdmF0ZWtleXM=",
})
if wp.config.ListenPort != 51820 {
t.Errorf("default ListenPort = %d, want 51820", wp.config.ListenPort)
}
}
Reference in New Issue View Git Blame Copy Permalink