/** * Unit Tests for PacificaSigner * * Tests the Pacifica signing strategy implementation in isolation. */ import { PacificaSigner } from '@/core/credential-manager/signers/PacificaSigner' import { Platform } from '@/types/credential' describe('PacificaSigner Unit Tests', () => { let signer: PacificaSigner beforeEach(() => { signer = new PacificaSigner() }) describe('Platform Properties', () => { test('should have correct platform identifier', () => { expect(signer.platform).toBe(Platform.PACIFICA) }) test('should have correct algorithm identifier', () => { expect(signer.algorithm).toBe('ed25519') }) }) describe('Public Key Derivation', () => { test('should derive public key from private key', async () => { const privateKey = 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' const publicKey = await signer.derivePublicKey(privateKey) expect(publicKey).toBeDefined() expect(typeof publicKey).toBe('string') expect(publicKey.length).toBe(64) // 32 bytes in hex }) test('should return consistent public key for same private key', async () => { const privateKey = 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' const publicKey1 = await signer.derivePublicKey(privateKey) const publicKey2 = await signer.derivePublicKey(privateKey) expect(publicKey1).toBe(publicKey2) }) test('should throw error for invalid private key format', async () => { const invalidKeys = [ '', // Empty 'invalid-hex', // Non-hex '123', // Too short 'f'.repeat(63), // Wrong length (31 bytes) 'g'.repeat(64) // Invalid hex characters ] for (const invalidKey of invalidKeys) { await expect(signer.derivePublicKey(invalidKey)) .rejects.toThrow() } }) }) describe('Signing Operations', () => { test('should sign message with valid credentials', async () => { const message = new TextEncoder().encode('test message') const credentials = { type: 'ed25519' as const, privateKey: 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' } const signature = await signer.sign(message, credentials) expect(signature).toBeDefined() expect(typeof signature).toBe('string') expect(signature.length).toBeGreaterThan(0) }) test('should produce deterministic signatures', async () => { const message = new TextEncoder().encode('deterministic test') const credentials = { type: 'ed25519' as const, privateKey: 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' } const signature1 = await signer.sign(message, credentials) const signature2 = await signer.sign(message, credentials) expect(signature1).toBe(signature2) }) test('should produce different signatures for different messages', async () => { const message1 = new TextEncoder().encode('message one') const message2 = new TextEncoder().encode('message two') const credentials = { type: 'ed25519' as const, privateKey: 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' } const signature1 = await signer.sign(message1, credentials) const signature2 = await signer.sign(message2, credentials) expect(signature1).not.toBe(signature2) }) test('should produce different signatures for different private keys', async () => { const message = new TextEncoder().encode('same message') const credentials1 = { type: 'ed25519' as const, privateKey: 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' } const credentials2 = { type: 'ed25519' as const, privateKey: 'a26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' } const signature1 = await signer.sign(message, credentials1) const signature2 = await signer.sign(message, credentials2) expect(signature1).not.toBe(signature2) }) test('should handle empty messages', async () => { const emptyMessage = new Uint8Array(0) const credentials = { type: 'ed25519' as const, privateKey: 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' } const signature = await signer.sign(emptyMessage, credentials) expect(signature).toBeDefined() expect(typeof signature).toBe('string') }) test('should handle large messages', async () => { const largeMessage = new Uint8Array(1024 * 1024) // 1MB largeMessage.fill(42) // Fill with test data const credentials = { type: 'ed25519' as const, privateKey: 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' } const signature = await signer.sign(largeMessage, credentials) expect(signature).toBeDefined() expect(typeof signature).toBe('string') }) test('should throw error for invalid credentials', async () => { const message = new TextEncoder().encode('test message') const invalidCredentials = [ { type: 'ed25519' as const, privateKey: '' // Empty key }, { type: 'ed25519' as const, privateKey: 'invalid-hex' }, { type: 'ed25519' as const, privateKey: 'f'.repeat(63) // Wrong length }, { type: 'wrong-type' as any, privateKey: 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' } ] for (const invalidCred of invalidCredentials) { await expect(signer.sign(message, invalidCred)) .rejects.toThrow() } }) }) describe('Verification Operations', () => { test('should verify valid signature', async () => { const message = new TextEncoder().encode('verification test') const credentials = { type: 'ed25519' as const, privateKey: 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' } const signature = await signer.sign(message, credentials) const publicKey = await signer.derivePublicKey(credentials.privateKey) const isValid = await signer.verify(message, signature, publicKey) expect(isValid).toBe(true) }) test('should reject invalid signature', async () => { const message = new TextEncoder().encode('verification test') const credentials = { type: 'ed25519' as const, privateKey: 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' } const signature = await signer.sign(message, credentials) const publicKey = await signer.derivePublicKey(credentials.privateKey) // Modify signature to make it invalid const invalidSignature = signature.slice(0, -2) + '00' const isValid = await signer.verify(message, invalidSignature, publicKey) expect(isValid).toBe(false) }) test('should reject signature with wrong public key', async () => { const message = new TextEncoder().encode('verification test') const credentials1 = { type: 'ed25519' as const, privateKey: 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' } const credentials2 = { type: 'ed25519' as const, privateKey: 'a26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' } const signature = await signer.sign(message, credentials1) const wrongPublicKey = await signer.derivePublicKey(credentials2.privateKey) const isValid = await signer.verify(message, signature, wrongPublicKey) expect(isValid).toBe(false) }) test('should reject signature with wrong message', async () => { const message1 = new TextEncoder().encode('original message') const message2 = new TextEncoder().encode('different message') const credentials = { type: 'ed25519' as const, privateKey: 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' } const signature = await signer.sign(message1, credentials) const publicKey = await signer.derivePublicKey(credentials.privateKey) const isValid = await signer.verify(message2, signature, publicKey) expect(isValid).toBe(false) }) test('should handle malformed signature gracefully', async () => { const message = new TextEncoder().encode('test message') const publicKey = await signer.derivePublicKey('f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5') const malformedSignatures = [ '', // Empty 'invalid', // Not hex '12345', // Too short 'g'.repeat(128) // Invalid hex characters ] for (const malformedSig of malformedSignatures) { const isValid = await signer.verify(message, malformedSig, publicKey) expect(isValid).toBe(false) } }) test('should handle malformed public key gracefully', async () => { const message = new TextEncoder().encode('test message') const credentials = { type: 'ed25519' as const, privateKey: 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' } const signature = await signer.sign(message, credentials) const malformedPublicKeys = [ '', // Empty 'invalid', // Not hex '12345', // Too short 'g'.repeat(64) // Invalid hex characters ] for (const malformedPubKey of malformedPublicKeys) { const isValid = await signer.verify(message, signature, malformedPubKey) expect(isValid).toBe(false) } }) }) describe('Performance Requirements', () => { test('should sign within performance requirements', async () => { const message = new TextEncoder().encode('performance test') const credentials = { type: 'ed25519' as const, privateKey: 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' } const startTime = performance.now() await signer.sign(message, credentials) const duration = performance.now() - startTime expect(duration).toBeLessThan(50) // Should be very fast for Ed25519 }) test('should verify within performance requirements', async () => { const message = new TextEncoder().encode('verification performance test') const credentials = { type: 'ed25519' as const, privateKey: 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' } const signature = await signer.sign(message, credentials) const publicKey = await signer.derivePublicKey(credentials.privateKey) const startTime = performance.now() await signer.verify(message, signature, publicKey) const duration = performance.now() - startTime expect(duration).toBeLessThan(50) // Should be fast }) test('should handle concurrent operations efficiently', async () => { const message = new TextEncoder().encode('concurrent test') const credentials = { type: 'ed25519' as const, privateKey: 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' } const startTime = performance.now() const promises = Array.from({ length: 10 }, () => signer.sign(message, credentials)) const signatures = await Promise.all(promises) const duration = performance.now() - startTime expect(signatures).toHaveLength(10) expect(signatures.every(sig => sig === signatures[0])).toBe(true) // Deterministic expect(duration).toBeLessThan(100) // 10 concurrent operations }) }) describe('Credential Validation', () => { test('should accept valid Ed25519 credentials', () => { const validCredentials = [ { type: 'ed25519' as const, privateKey: 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' }, { type: 'ed25519' as const, privateKey: '0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef' }, { type: 'ed25519' as const, privateKey: 'ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789' } ] validCredentials.forEach(creds => { expect(() => signer.validateCredentials(creds)).not.toThrow() }) }) test('should reject invalid credential types', () => { const invalidCredentials = [ { type: 'secp256k1' as any, privateKey: 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' }, { type: 'hmac' as any, apiKey: 'test', secretKey: 'test' }, { type: 'rsa' as any, privateKey: 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' } ] invalidCredentials.forEach(creds => { expect(() => signer.validateCredentials(creds)).toThrow() }) }) test('should reject malformed private keys', () => { const invalidPrivateKeys = [ '', // Empty 'invalid-hex', '12345', // Too short 'f'.repeat(63), // 31 bytes 'f'.repeat(65), // 33 bytes 'g'.repeat(64) // Invalid hex ] invalidPrivateKeys.forEach(privateKey => { const credentials = { type: 'ed25519' as const, privateKey } expect(() => signer.validateCredentials(credentials)).toThrow() }) }) }) describe('Edge Cases', () => { test('should handle null and undefined inputs gracefully', async () => { const credentials = { type: 'ed25519' as const, privateKey: 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' } // These should throw appropriate errors, not crash await expect(signer.sign(null as any, credentials)).rejects.toThrow() await expect(signer.sign(undefined as any, credentials)).rejects.toThrow() const message = new TextEncoder().encode('test') await expect(signer.sign(message, null as any)).rejects.toThrow() await expect(signer.sign(message, undefined as any)).rejects.toThrow() }) test('should handle very large messages efficiently', async () => { const megaMessage = new Uint8Array(10 * 1024 * 1024) // 10MB megaMessage.fill(123) const credentials = { type: 'ed25519' as const, privateKey: 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' } const startTime = performance.now() const signature = await signer.sign(megaMessage, credentials) const duration = performance.now() - startTime expect(signature).toBeDefined() expect(duration).toBeLessThan(1000) // Should handle large messages within 1 second }) test('should maintain consistency across multiple instances', async () => { const signer1 = new PacificaSigner() const signer2 = new PacificaSigner() const message = new TextEncoder().encode('consistency test') const credentials = { type: 'ed25519' as const, privateKey: 'f26670e2ca334117f8859f9f32e50251641953a30b54f6ffcf82db836cfdfea5' } const signature1 = await signer1.sign(message, credentials) const signature2 = await signer2.sign(message, credentials) expect(signature1).toBe(signature2) }) }) })