Add convergence tests to transit backend

2025-08-11 17:17:01 +02:00 · 2016-07-28 11:30:46 -04:00 · 2016-07-28 11:30:46 -04:00 · 4fd83816bf
commit 4fd83816bf
parent bd682621e0
1 changed files with 37 additions and 0 deletions
--- a/builtin/logical/transit/backend_test.go
+++ b/builtin/logical/transit/backend_test.go
@ -56,6 +56,19 @@ func TestBackend_upsert(t *testing.T) {
 	})
 }

+func TestBackend_upsert_convergent(t *testing.T) {
+	decryptData := make(map[string]interface{})
+	logicaltest.Test(t, logicaltest.TestCase{
+		Factory: Factory,
+		Steps: []logicaltest.TestStep{
+			testAccStepReadPolicy(t, "test", true, false),
+			testAccStepEncryptUpsertConvergent(t, "test", testPlaintext, decryptData),
+			testAccStepReadPolicy(t, "test", false, false),
+			testAccStepDecrypt(t, "test", testPlaintext, decryptData),
+		},
+	})
+}
+
 func TestBackend_datakey(t *testing.T) {
 	dataKeyInfo := make(map[string]interface{})
 	logicaltest.Test(t, logicaltest.TestCase{
@ -310,6 +323,30 @@ func testAccStepEncryptUpsert(
 	}
 }

+func testAccStepEncryptUpsertConvergent(
+	t *testing.T, name, plaintext string, decryptData map[string]interface{}) logicaltest.TestStep {
+	return logicaltest.TestStep{
+		Operation: logical.CreateOperation,
+		Path:      "encrypt/" + name,
+		Data: map[string]interface{}{
+			"plaintext": base64.StdEncoding.EncodeToString([]byte(plaintext)),
+		},
+		Check: func(resp *logical.Response) error {
+			var d struct {
+				Ciphertext string `mapstructure:"ciphertext"`
+			}
+			if err := mapstructure.Decode(resp.Data, &d); err != nil {
+				return err
+			}
+			if d.Ciphertext == "" {
+				return fmt.Errorf("missing ciphertext")
+			}
+			decryptData["ciphertext"] = d.Ciphertext
+			return nil
+		},
+	}
+}
+
 func testAccStepEncryptContext(
 	t *testing.T, name, plaintext, context string, decryptData map[string]interface{}) logicaltest.TestStep {
 	return logicaltest.TestStep{