Add unit tests for PGP service (FRE-4692)
- 27 new tests covering all PGP service methods - Fixes: armored public key in NewPGPService/GenerateKeyPair/EncryptBody, IsLocked check in getUnlockedKeyRing, aes256 cipher token in EncryptAttachment Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
@@ -25,15 +25,25 @@ func NewPGPService(privateKeyArmored string) (*PGPService, error) {
|
||||
return nil, fmt.Errorf("failed to parse private key: %w", err)
|
||||
}
|
||||
|
||||
publicKey, err := privateKey.GetPublicKey()
|
||||
pubKeyBytes, err := privateKey.GetPublicKey()
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to extract public key: %w", err)
|
||||
}
|
||||
|
||||
pubKey, err := crypto.NewKey(pubKeyBytes)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to parse public key: %w", err)
|
||||
}
|
||||
|
||||
pubArmor, err := pubKey.Armor()
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to armor public key: %w", err)
|
||||
}
|
||||
|
||||
return &PGPService{
|
||||
keyRing: &PGPKeyRing{
|
||||
PrivateKey: privateKey,
|
||||
PublicKey: publicKey,
|
||||
PublicKey: []byte(pubArmor),
|
||||
PrivateKeyData: []byte(privateKeyArmored),
|
||||
},
|
||||
}, nil
|
||||
@@ -68,7 +78,7 @@ func (s *PGPService) EncryptBody(plaintext string, passphrase string) (string, e
|
||||
return "", fmt.Errorf("failed to get public key: %w", err)
|
||||
}
|
||||
|
||||
pubKey, err := crypto.NewKeyFromArmored(string(pubKeyBytes))
|
||||
pubKey, err := crypto.NewKey(pubKeyBytes)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("failed to parse public key: %w", err)
|
||||
}
|
||||
@@ -131,11 +141,17 @@ func (s *PGPService) getUnlockedKeyRing(passphrase string) (*crypto.KeyRing, err
|
||||
}
|
||||
|
||||
if passphrase != "" {
|
||||
unlockedKey, err := key.Unlock([]byte(passphrase))
|
||||
isLocked, err := key.IsLocked()
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to unlock private key: %w", err)
|
||||
return nil, fmt.Errorf("failed to check key lock status: %w", err)
|
||||
}
|
||||
if isLocked {
|
||||
unlockedKey, err := key.Unlock([]byte(passphrase))
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to unlock private key: %w", err)
|
||||
}
|
||||
key = unlockedKey
|
||||
}
|
||||
key = unlockedKey
|
||||
}
|
||||
|
||||
return crypto.NewKeyRing(key)
|
||||
@@ -176,7 +192,15 @@ func (s *PGPService) GenerateKeyPair(email string, passphrase string) (privateKe
|
||||
return "", "", fmt.Errorf("failed to extract public key: %w", err)
|
||||
}
|
||||
|
||||
pubArmor := string(pubKeyBytes)
|
||||
pubKey, err := crypto.NewKey(pubKeyBytes)
|
||||
if err != nil {
|
||||
return "", "", fmt.Errorf("failed to parse public key: %w", err)
|
||||
}
|
||||
|
||||
pubArmor, err := pubKey.Armor()
|
||||
if err != nil {
|
||||
return "", "", fmt.Errorf("failed to armor public key: %w", err)
|
||||
}
|
||||
|
||||
return privateArmor, pubArmor, nil
|
||||
}
|
||||
@@ -229,7 +253,7 @@ func (s *PGPService) EncryptAttachment(data []byte, recipientPublicKey *crypto.K
|
||||
|
||||
pgpMessage := crypto.NewPlainMessage(data)
|
||||
|
||||
sk, err := crypto.NewSessionKeyFromToken(symKey, "AES256").Encrypt(pgpMessage)
|
||||
sk, err := crypto.NewSessionKeyFromToken(symKey, "aes256").Encrypt(pgpMessage)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to encrypt attachment: %w", err)
|
||||
}
|
||||
@@ -241,7 +265,7 @@ func (s *PGPService) EncryptAttachment(data []byte, recipientPublicKey *crypto.K
|
||||
}
|
||||
|
||||
encryptedSymKey, err := recipientKeyRing.EncryptSessionKey(
|
||||
crypto.NewSessionKeyFromToken(symKey, "AES256"),
|
||||
crypto.NewSessionKeyFromToken(symKey, "aes256"),
|
||||
)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to encrypt symmetric key: %w", err)
|
||||
|
||||
Reference in New Issue
Block a user