sg
/
wechatpay-go


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198
							// Copyright 2021 Tencent Inc. All rights reserved.

package verifiers

import (
	"context"
	"crypto/x509"
	"git.nanodreamtech.com/sg/wechatpay-go/core/auth"
	"testing"

	"git.nanodreamtech.com/sg/wechatpay-go/core"
	"git.nanodreamtech.com/sg/wechatpay-go/utils"
)

const (
	testWechatPayVerifierPlatformSerialNumber = "F5765756002FDD77"
	testWechatPayVerifierPlatformCertificate  = `-----BEGIN CERTIFICATE-----
MIIDVzCCAj+gAwIBAgIJAPV2V1YAL913MA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNV
BAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQg
Q29tcGFueSBMdGQwHhcNMjEwNDI3MDg0MDMyWhcNMzEwNDI1MDg0MDMyWjBCMQsw
CQYDVQQGEwJYWDEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MRwwGgYDVQQKDBNEZWZh
dWx0IENvbXBhbnkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
2VCTd91fnUn73Xy9DLvt/V62TVxRTEEstVdeRaZ3B3leO0pldE806mXO4RwdHXag
HQ4vGeZN0yqm++rDsGK+U3AH7kejyD2pXshNP9Cq5YwbptiLGtjcquw4HNxJQUOm
DeJf2vg6byms9RUipiq4SzbJKqJFlUpbuIPDpSpWz10PYmyCNeDGUUK65E5h2B83
4uxl1zNLYQCrkdBzb8oUxwYeP5a2DNxmjL5lsJML7DGr5znsevnoqGRwTm9fxCGf
y8wus7hwKz6clt3Whmmda7UAdb1c08hEQFVRbF14AR73xbnd8N0obCWJPCbzMCtk
aSef4FdEEgEXJiw0VAJT8wIDAQABo1AwTjAdBgNVHQ4EFgQUT1c7nd/SUO76HSoZ
umNUJv1R5PwwHwYDVR0jBBgwFoAUT1c7nd/SUO76HSoZumNUJv1R5PwwDAYDVR0T
BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAM+tslqBxYwqL9fdvGG6hfy69sjfX
UhBtBLWYugKKQCOWWLeq5dDWm3i5Cx2Rgiy9uc7RfmJNxQfIKlcoCNP85BjDoG1B
YnVc6znlcrT9uHgseha3987WwZsFAQbcy8TLUYHzVB8gmDgq8O08xdIe0eczatI8
t3Rg8WXO6Gs66JJ4JR+rD01o3FiSOQCRWhn19NSyDydsgPlOR2t9B9L+MkJwlsMG
Krn85TnwL3qcInzRnU8X86faXXJrI0IJi44tECKw8ftngCl6vyNwNNKPDwdkcuuV
8y3iBixO5IuKxEKEp2wGPV/4W1AXO73Z3Gb7z/1oxdgeO0hVqz1hBasTCQ==
-----END CERTIFICATE-----`
	testExpectedSignature = "BKyAfU4iMCuvXMXS0Wzam3V/cnxZ+JaqigPM5OhljS2iOT95OO6Fsuml2JkFANJU9" +
		"K6q9bLlDhPXuoVz+pp4hAm6pHU4ld815U4jsKu1RkyaII+1CYBUYC8TK0XtJ8FwUXXz8vZHh58rrAVN1XwNyv" +
		"D1vfpxrMT4SL536GLwvpUHlCqIMzoZUguLli/K8V29QiOhuH6IEqLNJn8e9b3nwNcQ7be3CzYGpDAKBfDGPCq" +
		"Cv8Rw5zndhlffk2FEA70G4hvMwe51qMN/RAJbknXG23bSlObuTCN7Ndj1aJGH6/L+hdwfLpUtJm4QYVazzW7D" +
		"FD27EpSQEqA8bX9+8m1rLg=="
)

var (
	certificate *x509.Certificate
)

func init() {
	certificate, _ = utils.LoadCertificate(testWechatPayVerifierPlatformCertificate)
}

func TestWechatPayVerifier_Verify(t *testing.T) {
	type fields struct {
		Certificates map[string]*x509.Certificate
	}
	type args struct {
		ctx          context.Context
		serialNumber string
		message      string
		signature    string
	}
	tests := []struct {
		name    string
		fields  fields
		args    args
		wantErr bool
	}{
		{
			name: "verify success",
			fields: fields{
				Certificates: map[string]*x509.Certificate{testWechatPayVerifierPlatformSerialNumber: certificate},
			},
			args: args{
				ctx:          context.Background(),
				serialNumber: testWechatPayVerifierPlatformSerialNumber,
				signature:    testExpectedSignature,
				message:      "source",
			},
			wantErr: false,
		},
		{
			name: "verify failed",
			fields: fields{
				Certificates: map[string]*x509.Certificate{testWechatPayVerifierPlatformSerialNumber: certificate},
			},
			args: args{
				ctx:          context.Background(),
				serialNumber: testWechatPayVerifierPlatformSerialNumber,
				signature:    testExpectedSignature,
				message:      "wrong source",
			},
			wantErr: true,
		},
		{
			name: "verify failed with null context",
			fields: fields{
				Certificates: map[string]*x509.Certificate{testWechatPayVerifierPlatformSerialNumber: certificate},
			},
			args: args{
				ctx:          nil,
				serialNumber: testWechatPayVerifierPlatformSerialNumber,
				signature:    testExpectedSignature,
				message:      "source",
			},
			wantErr: true,
		},
		{
			name: "verify failed with empty serialNumber",
			fields: fields{
				Certificates: map[string]*x509.Certificate{testWechatPayVerifierPlatformSerialNumber: certificate},
			},
			args: args{
				ctx:          context.Background(),
				serialNumber: "",
				signature:    testExpectedSignature,
				message:      "source",
			},
			wantErr: true,
		},
		{
			name: "verify failed with empty message",
			fields: fields{
				Certificates: map[string]*x509.Certificate{testWechatPayVerifierPlatformSerialNumber: certificate},
			},
			args: args{
				ctx:          context.Background(),
				serialNumber: testWechatPayVerifierPlatformSerialNumber,
				signature:    testExpectedSignature,
				message:      "",
			},
			wantErr: true,
		},
		{
			name: "verify failed with empty signature",
			fields: fields{
				Certificates: map[string]*x509.Certificate{testWechatPayVerifierPlatformSerialNumber: certificate},
			},
			args: args{
				ctx:          context.Background(),
				serialNumber: testWechatPayVerifierPlatformSerialNumber,
				signature:    "",
				message:      "source",
			},
			wantErr: true,
		},
		{
			name: "verify failed with no cert getter",
			fields: fields{
				Certificates: nil,
			},
			args: args{
				ctx:          context.Background(),
				serialNumber: testWechatPayVerifierPlatformSerialNumber,
				signature:    testExpectedSignature,
				message:      "source",
			},
			wantErr: true,
		},
		{
			name: "verify failed with non-base64 signature",
			fields: fields{
				Certificates: map[string]*x509.Certificate{testWechatPayVerifierPlatformSerialNumber: certificate},
			},
			args: args{
				ctx:          context.Background(),
				serialNumber: testWechatPayVerifierPlatformSerialNumber,
				signature:    "invalid base64 signature",
				message:      "source",
			},
			wantErr: true,
		},
		{
			name:   "verify failed with no corresponding certificate",
			fields: fields{Certificates: map[string]*x509.Certificate{}},
			args: args{
				ctx:          context.Background(),
				serialNumber: testWechatPayVerifierPlatformSerialNumber,
				signature:    testExpectedSignature,
				message:      "source",
			},
			wantErr: true,
		},
	}
	for _, tt := range tests {
		t.Run(tt.name, func(t *testing.T) {
			var verifier auth.Verifier
			if tt.fields.Certificates == nil {
				verifier = NewSHA256WithRSAVerifier(nil)
			} else {
				verifier = NewSHA256WithRSAVerifier(core.NewCertificateMap(tt.fields.Certificates))
			}
			if err := verifier.Verify(tt.args.ctx, tt.args.serialNumber, tt.args.message,
				tt.args.signature); (err != nil) != tt.wantErr {
				t.Errorf("Verify() error = %v, wantErr %v", err, tt.wantErr)
			}
		})
	}
}