Beispiel #1
0
func (_ Test) EncryptXXTea() {

	str := "Hello World! 你好,中国!"
	key := "1234567890"
	encrypt_data := xxtea.Encrypt([]byte(str), []byte(key))
	decrypt_data := string(xxtea.Decrypt(encrypt_data, []byte(key)))
	if str == decrypt_data {
		e.InfoLog.Println("success!")
	} else {
		e.InfoLog.Println("fail!")
	}
}
Beispiel #2
0
// NewAuthtoken creates a token according to model.Authtoken provided
func (au Authority) NewAuthtoken(a model.Authtoken) (string, error) {
	bytes := authtoken2bytes(authtoken{
		authtoken: a,
		created:   time.Now(),
	})

	for i := range au.privateKeys {
		bytes = xxtea.Encrypt(bytes, au.privateKeys[len(au.privateKeys)-1-i])
	}

	return hex.EncodeToString(bytes), nil
}
Beispiel #3
0
func TestAuth(t *testing.T) {
	Convey("Given a authority", t, func() {
		c := New(50*time.Millisecond, []byte("key1"), []byte("key2"), []byte("key3"))

		Convey("When create new authtoken with info", func() {
			a := model.Authtoken{}
			a.Email = "*****@*****.**"
			a.Username = "******"
			token, _ := c.NewAuthtoken(a)

			Convey("The info should resemble a", func() {
				info, _ := c.Authenticate(token)
				So(info, ShouldResemble, a)
			})

			Convey("After 50ms, token is expired", func() {
				time.Sleep(500 * time.Millisecond)
				_, err := c.Authenticate(token)
				So(err.(errors.Error).Is(errors.ErrUnauthorized), ShouldBeTrue)
			})
		})

		Convey("When given invalid hex, maybe hacked by someone", func() {
			_, err := c.Authenticate(`invalidhex`)

			Convey("The detailed error should be hex decode error", func() {
				So(err.(errors.Error).Is(errors.ErrServerInternal), ShouldBeTrue)
			})
		})

		Convey("When given invalid token, maybe hacked by someone", func() {
			bytes := []byte("invalid json")
			privateKeys := [][]byte{[]byte("key1"), []byte("key2"), []byte("key3")}
			for i := range privateKeys {
				bytes = xxtea.Encrypt(bytes, privateKeys[len(privateKeys)-1-i])
			}
			token := hex.EncodeToString(bytes)
			_, err := c.Authenticate(token)

			Convey("The error should be token has been expired", func() {
				So(err.(errors.Error).Is(errors.ErrUnauthorized), ShouldBeTrue)
			})
		})
	})
}