func BuildSignatureAndMetadata(crypto secure.Crypto, signature *Signature) (string, string, error) {
signatureJson, err := json.Marshal(&signature)
if err != nil {
return "", "", err
}
signatureJsonEncrypted, nonce, err := crypto.Encrypt(signatureJson)
if err != nil {
return "", "", err
}
metadata := Metadata{
Nonce: nonce,
}
metadataJson, err := json.Marshal(&metadata)
if err != nil {
return "", "", err
}
metadataHeader := base64.URLEncoding.EncodeToString(metadataJson)
signatureHeader := base64.URLEncoding.EncodeToString(signatureJsonEncrypted)
return signatureHeader, metadataHeader, nil
}
k := secure.NewPbkdf2([]byte("this-is-a-pretty-long-secret"), 16)
Expect(k).To(HaveLen(16))
})
})
})
})
Describe("Encrypt", func() {
var (
plainText = []byte("this is a secret message!")
)
Context("when the key is valid", func() {
It("encrypts the plain text into a cypher text and returns a nonce", func() {
cipherText, nonce, err := aesGcm.Encrypt(plainText)
Expect(err).ToNot(HaveOccurred())
Expect(cipherText).ToNot(Equal(plainText))
Expect(nonce).To(HaveLen(12))
})
It("returns a different nonce for the same plain text", func() {
cipherText, nonce, err := aesGcm.Encrypt(plainText)
Expect(err).ToNot(HaveOccurred())
Expect(cipherText).ToNot(Equal(plainText))
Expect(nonce).To(HaveLen(12))
cipherText2, nonce2, err := aesGcm.Encrypt(plainText)
Expect(err).ToNot(HaveOccurred())
Expect(cipherText).ToNot(Equal(cipherText2))
Expect(nonce).ToNot(Equal(nonce2))