package starnotify import ( "errors" "testing" "b612.me/notify" ) func testModernPSKOptions() *notify.ModernPSKOptions { return ¬ify.ModernPSKOptions{ Salt: []byte("starnotify-modern-psk-test-salt"), AAD: []byte("starnotify-modern-psk-test-aad"), Argon2Params: notify.DefaultModernPSKOptions().Argon2Params, } } func TestNewModernPSKClientStoresConfiguredClient(t *testing.T) { const key = "modern-client" _ = DeleteClient(key) defer DeleteClient(key) client, err := NewModernPSKClient(key, []byte("shared-secret"), testModernPSKOptions()) if err != nil { t.Fatalf("NewModernPSKClient failed: %v", err) } if got := C(key); got != client { t.Fatal("stored client does not match returned client") } if !client.SkipExchangeKey() { t.Fatal("modern PSK client should skip legacy key exchange") } if len(client.GetSecretKey()) == 0 { t.Fatal("modern PSK client should derive a transport key") } } func TestNewModernPSKServerStoresConfiguredServer(t *testing.T) { const key = "modern-server" _ = DeleteServer(key) defer DeleteServer(key) server, err := NewModernPSKServer(key, []byte("shared-secret"), testModernPSKOptions()) if err != nil { t.Fatalf("NewModernPSKServer failed: %v", err) } if got := S(key); got != server { t.Fatal("stored server does not match returned server") } if len(server.GetSecretKey()) == 0 { t.Fatal("modern PSK server should derive a transport key") } } func TestNewLegacySecurityClientStoresConfiguredClient(t *testing.T) { const key = "legacy-client" _ = DeleteClient(key) defer DeleteClient(key) client := NewLegacySecurityClient(key) if got := C(key); got != client { t.Fatal("stored client does not match returned client") } if client.SkipExchangeKey() { t.Fatal("legacy client should keep legacy key exchange enabled") } if len(client.GetSecretKey()) == 0 { t.Fatal("legacy client should restore a transport key") } } func TestNewLegacySecurityServerStoresConfiguredServer(t *testing.T) { const key = "legacy-server" _ = DeleteServer(key) defer DeleteServer(key) server := NewLegacySecurityServer(key) if got := S(key); got != server { t.Fatal("stored server does not match returned server") } if len(server.GetSecretKey()) == 0 { t.Fatal("legacy server should restore a transport key") } } func TestUseModernPSKClientConfiguresExistingClient(t *testing.T) { const key = "existing-client" _ = DeleteClient(key) defer DeleteClient(key) client := NewClient(key) if err := UseModernPSKClient(key, []byte("shared-secret"), testModernPSKOptions()); err != nil { t.Fatalf("UseModernPSKClient failed: %v", err) } if !client.SkipExchangeKey() { t.Fatal("existing client should skip legacy key exchange after UseModernPSKClient") } } func TestUseLegacySecurityClientConfiguresExistingClient(t *testing.T) { const key = "existing-legacy-client" _ = DeleteClient(key) defer DeleteClient(key) client := NewClient(key) if err := UseLegacySecurityClient(key); err != nil { t.Fatalf("UseLegacySecurityClient failed: %v", err) } if client.SkipExchangeKey() { t.Fatal("existing client should re-enable legacy exchange after UseLegacySecurityClient") } } func TestStarnotifyNewClientUsesModernDefault(t *testing.T) { const key = "default-modern-client" _ = DeleteClient(key) defer DeleteClient(key) client := NewClient(key) err := client.Connect("tcp", "127.0.0.1:1") if err == nil { t.Fatal("default client should require security configuration before Connect") } if !errors.Is(err, notify.NewClient().Connect("tcp", "127.0.0.1:1")) { t.Fatalf("default client error = %v, want notify modern-default behavior", err) } } func TestUseModernPSKServerMissingKey(t *testing.T) { if err := UseModernPSKServer("missing-server", []byte("shared-secret"), testModernPSKOptions()); err == nil { t.Fatal("UseModernPSKServer should fail for missing key") } } func TestUseLegacySecurityServerMissingKey(t *testing.T) { if err := UseLegacySecurityServer("missing-server"); err == nil { t.Fatal("UseLegacySecurityServer should fail for missing key") } }