"github.com/gogo/protobuf/proto"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
"code.cloudfoundry.org/bbs/encryption"
"code.cloudfoundry.org/bbs/encryption/encryptionfakes"
"code.cloudfoundry.org/bbs/format"
"code.cloudfoundry.org/bbs/models"
"code.cloudfoundry.org/bbs/models/test/model_helpers"
)
var _ = Describe("Format", func() {
var (
serializer format.Serializer
cryptor *encryptionfakes.FakeCryptor
encoder format.Encoder
logger lager.Logger
task *models.Task
)
BeforeEach(func() {
task = model_helpers.NewValidTask("a-guid")
logger = lagertest.NewTestLogger("test")
cryptor = &encryptionfakes.FakeCryptor{}
cryptor.EncryptStub = func(plaintext []byte) (encryption.Encrypted, error) {
nonce := [12]byte{}
return encryption.Encrypted{
KeyLabel: "label",
Nonce: nonce[:],
CipherText: plaintext,
}, nil
Expect(err).NotTo(HaveOccurred())
decryptionKeys = append(decryptionKeys, key)
}
if len(decryptionKeys) == 0 {
decryptionKeys = nil
}
keyManager, err := encryption.NewKeyManager(activeKey, decryptionKeys)
Expect(err).NotTo(HaveOccurred())
return encryption.NewCryptor(keyManager, rand.Reader)
}
Describe("PerformEncryption", func() {
It("recursively re-encrypts all existing records", func() {
var cryptor encryption.Cryptor
var encoder format.Encoder
value1 := []byte("some text")
value2 := []byte("more text")
cryptor = makeCryptor("old")
encoder = format.NewEncoder(cryptor)
encoded1, err := encoder.Encode(format.BASE64_ENCRYPTED, value1)
Expect(err).NotTo(HaveOccurred())
encoded2, err := encoder.Encode(format.LEGACY_UNENCODED, value2)
Expect(err).NotTo(HaveOccurred())
_, err = storeClient.Set(fmt.Sprintf("%s/my/key-1", etcd.V1SchemaRoot), encoded1, etcd.NO_TTL)
Expect(err).NotTo(HaveOccurred())
import (
"encoding/base64"
"errors"
"io"
"code.cloudfoundry.org/bbs/encryption"
"code.cloudfoundry.org/bbs/encryption/encryptionfakes"
"code.cloudfoundry.org/bbs/format"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
)
var _ = Describe("Encoding", func() {
var encoder format.Encoder
var prng io.Reader
var cryptor encryption.Cryptor
BeforeEach(func() {
key, err := encryption.NewKey("label", "some pass phrase")
Expect(err).NotTo(HaveOccurred())
keyManager, err := encryption.NewKeyManager(key, nil)
Expect(err).NotTo(HaveOccurred())
prng = &zeroReader{}
cryptor = encryption.NewCryptor(keyManager, prng)
})
JustBeforeEach(func() {
Expect(err).NotTo(HaveOccurred())
decryptionKeys = append(decryptionKeys, key)
}
if len(decryptionKeys) == 0 {
decryptionKeys = nil
}
keyManager, err := encryption.NewKeyManager(activeKey, decryptionKeys)
Expect(err).NotTo(HaveOccurred())
return encryption.NewCryptor(keyManager, rand.Reader)
}
Describe("PerformEncryption", func() {
It("recursively re-encrypts all existing records", func() {
var cryptor encryption.Cryptor
var encoder format.Encoder
unencodedTaskDef := []byte("some text")
unencodedRunInfo := []byte("another value")
unencodedRoutes := []byte("some random routes")
unencodedVolumePlacement := []byte("more value")
taskGuid := "uniquetaskguid"
processGuid := "uniqueprocessguid"
cryptor = makeCryptor("old")
encoder = format.NewEncoder(cryptor)
encodedTaskDef, err := encoder.Encode(format.BASE64_ENCRYPTED, unencodedTaskDef)
Expect(err).NotTo(HaveOccurred())
encodedRunInfo, err := encoder.Encode(format.BASE64_ENCRYPTED, unencodedRunInfo)
Expect(err).NotTo(HaveOccurred())
decryptionKeys = append(decryptionKeys, key)
}
if len(decryptionKeys) == 0 {
decryptionKeys = nil
}
keyManager, err := encryption.NewKeyManager(activeKey, decryptionKeys)
Expect(err).NotTo(HaveOccurred())
return encryption.NewCryptor(keyManager, rand.Reader)
}
Describe("PerformEncryption", func() {
It("recursively re-encrypts all existing records", func() {
var cryptor encryption.Cryptor
var encoder format.Encoder
value1 := []byte("some text")
value2 := []byte("another value")
value3 := []byte("more value")
value4 := []byte("actual value")
taskGuid := "uniquetaskguid"
processGuid := "uniqueprocessguid"
cryptor = makeCryptor("old")
encoder = format.NewEncoder(cryptor)
encoded1, err := encoder.Encode(format.BASE64_ENCRYPTED, value1)
Expect(err).NotTo(HaveOccurred())
encoded2, err := encoder.Encode(format.BASE64_ENCRYPTED, value2)