func TestDecrypt(t *testing.T) {
	mockCrypter := &internal.MockCrypter{}
	internal.CryptersMap["mock"] = mockCrypter
	mockCrypter.On(
		"Decrypt",
		internal.Ciphertext("my-abc"),
		internal.DecryptParams{
			"k1": "v1",
			"k2": "v2",
		}).Return("myplaintext", nil)

	secret, err := LoadStrictSecret("mock:k1=v1&k2=v2:my-abc")
	assert.NoError(t, err)

	plaintext, err := secret.Decrypt()
	assert.NoError(t, err)
	assert.Equal(t, plaintext, "myplaintext")
	mockCrypter.AssertExpectations(t)
}
Exemple #2
0
// UnmarshalText loads the secret from its textual representation.
func (s *StrictSecret) UnmarshalText(text []byte) error {
	if len(text) == 0 {
		return nil
	}
	tokens := strings.SplitN(string(text), ":", 3)
	if len(tokens) < 3 {
		return fmt.Errorf("Malformed secret '%s'", text)
	}

	var exists bool
	s.crypter, exists = internal.CryptersMap[tokens[0]]
	if !exists {
		return fmt.Errorf("Invalid crypter name in secret %s", text)
	}

	var err error
	s.decryptParams, err = internal.ParseDecryptParams(tokens[1])
	if err != nil {
		return fmt.Errorf("Invalid decryption parameters in secret %s: %s", text, err)
	}

	s.ciphertext = internal.Ciphertext(tokens[2])
	return nil
}