示例#1
0
		keyManager, err := encryption.NewKeyManager(key, nil)
		Expect(err).NotTo(HaveOccurred())

		prng = &zeroReader{}
		cryptor = encryption.NewCryptor(keyManager, prng)
	})

	JustBeforeEach(func() {
		encoder = format.NewEncoder(cryptor)
	})

	Describe("Encode", func() {
		Describe("LEGACY_UNENCODED", func() {
			It("returns the payload back", func() {
				payload := []byte("some-payload")
				encoded, err := encoder.Encode(format.LEGACY_UNENCODED, payload)

				Expect(err).NotTo(HaveOccurred())
				Expect(encoded).To(Equal(payload))
			})
		})

		Describe("UNENCODED", func() {
			It("returns the payload back with an encoding type prefix", func() {
				payload := []byte("some-payload")
				encoded, err := encoder.Encode(format.UNENCODED, payload)

				Expect(err).NotTo(HaveOccurred())
				Expect(encoded).To(Equal(append([]byte("00"), payload...)))
			})
		})
示例#2
0
		Expect(err).NotTo(HaveOccurred())
		return encryption.NewCryptor(keyManager, rand.Reader)
	}

	Describe("PerformEncryption", func() {
		It("recursively re-encrypts all existing records", func() {
			var cryptor encryption.Cryptor
			var encoder format.Encoder

			value1 := []byte("some text")
			value2 := []byte("more text")

			cryptor = makeCryptor("old")
			encoder = format.NewEncoder(cryptor)

			encoded1, err := encoder.Encode(format.BASE64_ENCRYPTED, value1)
			Expect(err).NotTo(HaveOccurred())

			encoded2, err := encoder.Encode(format.LEGACY_UNENCODED, value2)
			Expect(err).NotTo(HaveOccurred())

			_, err = storeClient.Set(fmt.Sprintf("%s/my/key-1", etcd.V1SchemaRoot), encoded1, etcd.NO_TTL)
			Expect(err).NotTo(HaveOccurred())
			_, err = storeClient.Set(fmt.Sprintf("%s/my/nested/key-2", etcd.V1SchemaRoot), encoded2, etcd.NO_TTL)
			Expect(err).NotTo(HaveOccurred())

			cryptor = makeCryptor("new", "old")

			etcdDB = etcd.NewETCD(format.ENCRYPTED_PROTO, 100, 100, DesiredLRPCreationTimeout, cryptor, storeClient, clock)
			err = etcdDB.PerformEncryption(logger)
			Expect(err).NotTo(HaveOccurred())
示例#3
0
	Describe("PerformEncryption", func() {
		It("recursively re-encrypts all existing records", func() {
			var cryptor encryption.Cryptor
			var encoder format.Encoder

			value1 := []byte("some text")
			value2 := []byte("another value")
			value3 := []byte("more value")
			value4 := []byte("actual value")
			taskGuid := "uniquetaskguid"
			processGuid := "uniqueprocessguid"

			cryptor = makeCryptor("old")
			encoder = format.NewEncoder(cryptor)

			encoded1, err := encoder.Encode(format.BASE64_ENCRYPTED, value1)
			Expect(err).NotTo(HaveOccurred())

			encoded2, err := encoder.Encode(format.BASE64_ENCRYPTED, value2)
			Expect(err).NotTo(HaveOccurred())

			encoded3, err := encoder.Encode(format.BASE64_ENCRYPTED, value3)
			Expect(err).NotTo(HaveOccurred())

			encoded4, err := encoder.Encode(format.BASE64_ENCRYPTED, value4)
			Expect(err).NotTo(HaveOccurred())

			queryStr := "INSERT INTO tasks (guid, domain, task_definition) VALUES (?, ?, ?)"
			if test_helpers.UsePostgres() {
				queryStr = test_helpers.ReplaceQuestionMarks(queryStr)
			}