go/ucan
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

address pr remarks

Browse Source
This commit is contained in:
Fabio Bozzo
2024-11-04 19:11:25 +01:00
parent 76c015e78b
commit d21c17c4ca
3 changed files with 19 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
pkg/crypto/aes.go
View File

@@ -9,10 +9,11 @@ import (
) )
var ErrShortCipherText = errors.New("ciphertext too short") var ErrShortCipherText = errors.New("ciphertext too short")
var ErrNoEncryptionKey = errors.New("encryption key is required")
func EncryptWithAESKey(data, key []byte) ([]byte, error) { func EncryptWithAESKey(data, key []byte) ([]byte, error) {
if key == nil { if key == nil {
return data, nil return data, ErrNoEncryptionKey
} }
block, err := aes.NewCipher(key) block, err := aes.NewCipher(key)
@@ -35,7 +36,7 @@ func EncryptWithAESKey(data, key []byte) ([]byte, error) {
func DecryptStringWithAESKey(data, key []byte) ([]byte, error) { func DecryptStringWithAESKey(data, key []byte) ([]byte, error) {
if key == nil { if key == nil {
return data, nil return data, ErrNoEncryptionKey
} }
block, err := aes.NewCipher(key) block, err := aes.NewCipher(key)

13
pkg/crypto/aes_test.go
View File

@@ -3,6 +3,7 @@ package crypto
import ( import (
"bytes" "bytes"
"crypto/rand" "crypto/rand"
"fmt"
"testing" "testing"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
@@ -28,10 +29,10 @@ func TestAESEncryption(t *testing.T) {
wantErr: false, wantErr: false,
}, },
{ {
name: "nil key returns original data", name: "nil key returns error",
data: []byte("hello world"), data: []byte("hello world"),
key: nil, key: nil,
wantErr: false, wantErr: true,
}, },
{ {
name: "empty data", name: "empty data",
@@ -59,6 +60,8 @@ func TestAESEncryption(t *testing.T) {
} }
require.NoError(t, err) require.NoError(t, err)
fmt.Println(string(encrypted))
decrypted, err := DecryptStringWithAESKey(encrypted, tt.key) decrypted, err := DecryptStringWithAESKey(encrypted, tt.key)
require.NoError(t, err) require.NoError(t, err)
@@ -98,6 +101,12 @@ func TestDecryptionErrors(t *testing.T) {
key: key, key: key,
errMsg: "message authentication failed", errMsg: "message authentication failed",
}, },
{
name: "missing key",
data: []byte("<22>`M<><4D><EFBFBD>l\u001AIF<49>\u0012<31><32><EFBFBD>=h<>?<3F>c<EFBFBD> <20><>\u0012<31><32><EFBFBD><EFBFBD>\u001C<31>\u0018Ƽ(g"),
key: nil,
errMsg: "encryption key is required",
},
} }
for _, tt := range tests { for _, tt := range tests {

11
token/delegation/delegation_test.go
View File

@@ -210,16 +210,15 @@ func TestEncryptedMeta(t *testing.T) {
"secret2": "value2", "secret2": "value2",
"secret3": "value3", "secret3": "value3",
} }
var opts []delegation.Option
for k, v := range values {
opts = append(opts, delegation.WithEncryptedMeta(k, v, encryptionKey))
}
// Create token with multiple encrypted values // Create token with multiple encrypted values
tkn, err := delegation.New(privKey, aud, cmd, pol, delegation.WithMeta("foo", "bar")) tkn, err := delegation.New(privKey, aud, cmd, pol, opts...)
require.NoError(t, err) require.NoError(t, err)
for k, v := range values {
err := tkn.Meta().AddEncrypted(k, v, encryptionKey)
require.NoError(t, err)
}
data, err := tkn.ToDagCbor(privKey) data, err := tkn.ToDagCbor(privKey)
require.NoError(t, err) require.NoError(t, err)