BeforeEach(func() {
key, err := encryption.NewKey("label", "pass phrase")
Expect(err).NotTo(HaveOccurred())
keyManager, err = encryption.NewKeyManager(key, nil)
Expect(err).NotTo(HaveOccurred())
prng = rand.Reader
})
JustBeforeEach(func() {
cryptor = encryption.NewCryptor(keyManager, prng)
})
It("successfully encrypts and decrypts with a key", func() {
input := []byte("some plaintext data")
encrypted, err := cryptor.Encrypt(input)
Expect(err).NotTo(HaveOccurred())
Expect(encrypted.CipherText).NotTo(HaveLen(0))
Expect(encrypted.CipherText).NotTo(Equal(input))
plaintext, err := cryptor.Decrypt(encrypted)
Expect(err).NotTo(HaveOccurred())
Expect(plaintext).NotTo(HaveLen(0))
Expect(plaintext).To(Equal(input))
})
It("has the expected nonce length", func() {
input := []byte("some plaintext data")
encrypted, err := cryptor.Encrypt(input)
Expect(err).NotTo(HaveOccurred())
Expect(err).NotTo(HaveOccurred())
Expect(decoded).To(Equal([]byte("some-payload")))
})
It("returns an error if the payload is not valid bas64 encoded", func() {
payload := []byte("01c29tZS1wYXl--invalid")
_, err := encoder.Decode(payload)
Expect(err).To(HaveOccurred())
})
})
Describe("BASE64_ENCRYPTED", func() {
It("returns the decrypted payload without an encoding type prefix", func() {
payload := []byte("payload")
encrypted, err := cryptor.Encrypt(payload)
Expect(err).NotTo(HaveOccurred())
encoded := []byte{}
encoded = append(encoded, byte(len(encrypted.KeyLabel)))
encoded = append(encoded, []byte(encrypted.KeyLabel)...)
encoded = append(encoded, encrypted.Nonce...)
encoded = append(encoded, encrypted.CipherText...)
encoded = append(format.BASE64_ENCRYPTED[:], []byte(base64.StdEncoding.EncodeToString(encoded))...)
decoded, err := encoder.Decode(encoded)
Expect(err).NotTo(HaveOccurred())
Expect(decoded).To(Equal(payload))
})
})