示例#1
0
func SignatureFromHeaders(signatureHeader, metadataHeader string, crypto secure.Crypto) (Signature, error) {
	metadata := Metadata{}
	signature := Signature{}

	if metadataHeader == "" {
		return signature, errors.New("No metadata found")
	}

	metadataDecoded, err := base64.URLEncoding.DecodeString(metadataHeader)
	if err != nil {
		return signature, err
	}

	err = json.Unmarshal(metadataDecoded, &metadata)
	signatureDecoded, err := base64.URLEncoding.DecodeString(signatureHeader)
	if err != nil {
		return signature, err
	}

	signatureDecrypted, err := crypto.Decrypt(signatureDecoded, metadata.Nonce)
	if err != nil {
		return signature, err
	}

	err = json.Unmarshal([]byte(signatureDecrypted), &signature)

	return signature, err
}
示例#2
0
			plainText  = []byte("this is a secret message!")
			cipherText []byte
			nonce      []byte
		)

		BeforeEach(func() {
			var err error
			cipherText, nonce, err = aesGcm.Encrypt(plainText)
			Expect(err).ToNot(HaveOccurred())
			Expect(cipherText).ToNot(Equal(plainText))
			Expect(nonce).ToNot(BeNil())
		})

		Context("when using correct key and nonce", func() {
			It("decrypts the cipher text", func() {
				decryptedText, err := aesGcm.Decrypt(cipherText, nonce)
				Expect(err).ToNot(HaveOccurred())
				Expect(decryptedText).To(Equal(plainText))
			})
		})

		Context("when using an invalid key", func() {
			It("returns an error", func() {
				otherKey := []byte("0123456789ABCDEF")

				otherAesGcm, err := secure.NewAesGCM(otherKey)
				Expect(err).ToNot(HaveOccurred())

				decryptedText, err := otherAesGcm.Decrypt(cipherText, nonce)
				Expect(err).To(HaveOccurred())
				Expect(err.Error()).Should(ContainSubstring("authentication failed"))