3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-10 15:47:36 +02:00
Code Issues Projects Releases Packages Wiki Activity

cryptutil: always use kek public id, add x509 support (#2066)

Browse source
This commit is contained in:
Caleb Doxsey 2021-04-07 10:44:36 -06:00 committed by GitHub
parent 294addd857
commit 9de340b48b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 200 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

8
pkg/cryptutil/kek_test.go
View file

@ -21,7 +21,7 @@ func TestKeyEncryptionKey(t *testing.T) {
t.Run("anonymous", func(t *testing.T) {
kek, err := GenerateKeyEncryptionKey()
require.NoError(t, err)
kekPublic, err := NewPublicKeyEncryptionKey(kek.ID(), kek.Public().KeyBytes())
kekPublic, err := NewPublicKeyEncryptionKey(kek.Public().KeyBytes())
require.NoError(t, err)
ciphertext, err := kekPublic.Encrypt([]byte("HELLO WORLD"))
require.NoError(t, err)
@ -43,7 +43,7 @@ func TestKeyEncryptionKey(t *testing.T) {
t.Run("ID", func(t *testing.T) {
kek, err := GenerateKeyEncryptionKey()
require.NoError(t, err)
assert.Equal(t, kek.id, kek.ID())
assert.Equal(t, kek.Public().id, kek.ID())
})
t.Run("KeyBytes", func(t *testing.T) {
private, err := GenerateKeyEncryptionKey()
@ -60,12 +60,12 @@ func TestKeyEncryptionKey(t *testing.T) {
})
t.Run("invalid key", func(t *testing.T) {
t.Run("private", func(t *testing.T) {
kek, err := NewPrivateKeyEncryptionKey("TEST", []byte("NOT BIG ENOUGH"))
kek, err := NewPrivateKeyEncryptionKey([]byte("NOT BIG ENOUGH"))
require.Nil(t, kek)
require.Error(t, err)
})
t.Run("public", func(t *testing.T) {
kek, err := NewPublicKeyEncryptionKey("TEST", []byte("NOT BIG ENOUGH"))
kek, err := NewPublicKeyEncryptionKey([]byte("NOT BIG ENOUGH"))
require.Nil(t, kek)
require.Error(t, err)
})