BeforeEach(func() { key, err := encryption.NewKey("label", "pass phrase") Expect(err).NotTo(HaveOccurred()) keyManager, err = encryption.NewKeyManager(key, nil) Expect(err).NotTo(HaveOccurred()) prng = rand.Reader }) JustBeforeEach(func() { cryptor = encryption.NewCryptor(keyManager, prng) }) It("successfully encrypts and decrypts with a key", func() { input := []byte("some plaintext data") encrypted, err := cryptor.Encrypt(input) Expect(err).NotTo(HaveOccurred()) Expect(encrypted.CipherText).NotTo(HaveLen(0)) Expect(encrypted.CipherText).NotTo(Equal(input)) plaintext, err := cryptor.Decrypt(encrypted) Expect(err).NotTo(HaveOccurred()) Expect(plaintext).NotTo(HaveLen(0)) Expect(plaintext).To(Equal(input)) }) It("has the expected nonce length", func() { input := []byte("some plaintext data") encrypted, err := cryptor.Encrypt(input) Expect(err).NotTo(HaveOccurred())
Expect(err).NotTo(HaveOccurred()) Expect(decoded).To(Equal([]byte("some-payload"))) }) It("returns an error if the payload is not valid bas64 encoded", func() { payload := []byte("01c29tZS1wYXl--invalid") _, err := encoder.Decode(payload) Expect(err).To(HaveOccurred()) }) }) Describe("BASE64_ENCRYPTED", func() { It("returns the decrypted payload without an encoding type prefix", func() { payload := []byte("payload") encrypted, err := cryptor.Encrypt(payload) Expect(err).NotTo(HaveOccurred()) encoded := []byte{} encoded = append(encoded, byte(len(encrypted.KeyLabel))) encoded = append(encoded, []byte(encrypted.KeyLabel)...) encoded = append(encoded, encrypted.Nonce...) encoded = append(encoded, encrypted.CipherText...) encoded = append(format.BASE64_ENCRYPTED[:], []byte(base64.StdEncoding.EncodeToString(encoded))...) decoded, err := encoder.Decode(encoded) Expect(err).NotTo(HaveOccurred()) Expect(decoded).To(Equal(payload)) }) })