Matt Bruce
74ec1a8666
Summary: - Sources: update Helpers - Tests: update tests for AppGroupTests.swift, RouterDomainTests.swift, RouterSecurityTests.swift (+1 more) Stats: - 5 files changed, 283 insertions(+), 2 deletions(-)
93 lines
3.2 KiB
Swift
93 lines
3.2 KiB
Swift
import Foundation
|
|
import Testing
|
|
import Security
|
|
@testable import LocalData
|
|
|
|
@Suite struct RouterSecurityTests {
|
|
private let router: StorageRouter
|
|
private let mockKeychain = MockKeychainHelper()
|
|
|
|
init() {
|
|
let testBaseURL = FileManager.default.temporaryDirectory.appending(path: "RouterSecurityTests-\(UUID().uuidString)")
|
|
router = StorageRouter(
|
|
keychain: mockKeychain,
|
|
encryption: EncryptionHelper(keychain: mockKeychain),
|
|
file: FileStorageHelper(configuration: FileStorageConfiguration(baseURL: testBaseURL)),
|
|
defaults: UserDefaultsHelper(defaults: UserDefaults(suiteName: "RouterSecurityTests-\(UUID().uuidString)")!)
|
|
)
|
|
}
|
|
|
|
private struct SecurityKey: StorageKey {
|
|
typealias Value = String
|
|
let name: String
|
|
let domain: StorageDomain
|
|
let security: SecurityPolicy
|
|
let serializer: Serializer<String> = .json
|
|
let owner: String = "SecurityTests"
|
|
let description: String = "Security test key"
|
|
let availability: PlatformAvailability = .all
|
|
let syncPolicy: SyncPolicy = .never
|
|
}
|
|
|
|
@Test func applySecurityNone() async throws {
|
|
let key = SecurityKey(name: "none.key", domain: .userDefaults(suite: nil), security: .none)
|
|
let value = "test-value"
|
|
|
|
try await router.set(value, for: key)
|
|
let retrieved: String = try await router.get(key)
|
|
#expect(retrieved == value)
|
|
}
|
|
|
|
@Test func applySecurityEncryptedAES() async throws {
|
|
let key = SecurityKey(
|
|
name: "aes.key",
|
|
domain: .userDefaults(suite: nil),
|
|
security: .encrypted(.aes256(keyDerivation: .hkdf()))
|
|
)
|
|
let value = "aes-secret"
|
|
|
|
try await router.set(value, for: key)
|
|
let retrieved: String = try await router.get(key)
|
|
#expect(retrieved == value)
|
|
}
|
|
|
|
@Test func applySecurityEncryptedChaCha() async throws {
|
|
let key = SecurityKey(
|
|
name: "chacha.key",
|
|
domain: .userDefaults(suite: nil),
|
|
security: .encrypted(.chacha20Poly1305(keyDerivation: .hkdf()))
|
|
)
|
|
let value = "chacha-secret"
|
|
|
|
try await router.set(value, for: key)
|
|
let retrieved: String = try await router.get(key)
|
|
#expect(retrieved == value)
|
|
}
|
|
|
|
@Test func applySecurityKeychain() async throws {
|
|
let key = SecurityKey(
|
|
name: "keychain.key",
|
|
domain: .keychain(service: "test-service"),
|
|
security: .keychain(accessibility: .afterFirstUnlock, accessControl: .none)
|
|
)
|
|
let value = "keychain-secret"
|
|
|
|
try await router.set(value, for: key)
|
|
let retrieved: String = try await router.get(key)
|
|
#expect(retrieved == value)
|
|
}
|
|
|
|
@Test func applySecurityPBKDF2() async throws {
|
|
let key = SecurityKey(
|
|
name: "pbkdf2.key",
|
|
domain: .userDefaults(suite: nil),
|
|
security: .encrypted(.aes256(keyDerivation: .pbkdf2()))
|
|
)
|
|
let value = "pbkdf2-secret"
|
|
|
|
try await router.set(value, for: key)
|
|
let retrieved: String = try await router.get(key)
|
|
#expect(retrieved == value)
|
|
}
|
|
}
|