wal-g

1
package awskms
2

3
import (
4
	"bytes"
5
	"io"
6
	"testing"
7

8
	"github.com/stretchr/testify/assert"
9
	"github.com/wal-g/wal-g/internal/crypto"
10
)
11

12
type MockSymmetricKey struct {
13
	SymmetricKey
14
}
15

16
func (symmetricKey *MockSymmetricKey) Encrypt() error {
17
	salt := "152 random bytes to imitate aws kms encryption method, random words here: witch collapse practice feed shame open despair creek road again ice least it!"
18
	symmetricKey.SetEncryptedKey(append(symmetricKey.GetKey(), salt...))
19
	return nil
20
}
21

22
func (symmetricKey *MockSymmetricKey) Decrypt() error {
23
	symmetricKey.SetKey(symmetricKey.GetEncryptedKey()[:symmetricKey.GetKeyLen()])
24
	return nil
25
}
26

27
func NewMockSymmetricKey(kmsKeyID string, keyLen int, encryptedKeyLen int) *MockSymmetricKey {
28
	return &MockSymmetricKey{SymmetricKey{SymmetricKeyLen: keyLen, EncryptedSymmetricKeyLen: encryptedKeyLen, KeyID: kmsKeyID}}
29
}
30

31
func MockCrypterFromKeyID(CseKmsID string) crypto.Crypter {
32
	return &Crypter{SymmetricKey: NewMockSymmetricKey(CseKmsID, 32, 184)}
33
}
34

35
func TestEncryptionCycle(t *testing.T) {
36
	const someSecret = "so very secret thingy"
37

38
	CseKmsID := "AWSKMSKEYID"
39

40
	crypter := MockCrypterFromKeyID(CseKmsID)
41

42
	buf := new(bytes.Buffer)
43
	encrypt, err := crypter.Encrypt(buf)
44
	assert.NoErrorf(t, err, "Encryption error: %v", err)
45

46
	encrypt.Write([]byte(someSecret))
47
	encrypt.Close()
48

49
	decrypt, err := crypter.Decrypt(buf)
50
	assert.NoErrorf(t, err, "Decryption error: %v", err)
51

52
	decryptedBytes, err := io.ReadAll(decrypt)
53
	assert.NoErrorf(t, err, "Decryption read error: %v", err)
54

55
	assert.Equal(t, someSecret, string(decryptedBytes), "Decrypted text not equals open text")
56
}
57