MCPcopy
hub / github.com/dgraph-io/dgraph / TestDecrypt

Function TestDecrypt

audit/run_test.go:28–103  ·  view source on GitHub ↗

check whether we can properly decrypt an encryped audit log that is truncated at the tail

(t *testing.T)

Source from the content-addressed store, hash-verified

26
27// check whether we can properly decrypt an encryped audit log that is truncated at the tail
28func TestDecrypt(t *testing.T) {
29 key, err := os.ReadFile("../enc/test-fixtures/enc-key")
30 require.NoError(t, err)
31
32 // encrypted audit logs generated by TestGenerateAuditLogForTestDecrypt in testutil/audit.go
33 // we check this in because we want this test to be a unit test
34 filePath := "testfiles/zero_audit_0_1.log.enc"
35 copyPath := "testfiles/zero_audit_0_1.log.enc.copy"
36 decryptedPath := "testfiles/zero_audit_0_1.log"
37
38 // during test we will truncate copy of file
39 copy(t, filePath, copyPath)
40 defer os.RemoveAll(copyPath)
41
42 file, err := os.OpenFile(copyPath, os.O_RDWR, 0666)
43 require.NoError(t, err)
44 defer func() {
45 if err := file.Close(); err != nil {
46 t.Fatal("error closing file")
47 }
48 }()
49
50 stat, err := os.Stat(copyPath)
51 require.NoError(t, err)
52 sz := stat.Size() // get size of audit log
53
54 outfile, err := os.OpenFile(decryptedPath,
55 os.O_CREATE|os.O_WRONLY|os.O_TRUNC, os.ModePerm)
56 require.NoError(t, err)
57 defer func() {
58 if err := outfile.Close(); err != nil {
59 t.Fatal(err)
60 }
61 }()
62 defer os.RemoveAll("testfiles/zero_audit_0_1.log")
63 block, err := aes.NewCipher(key)
64 require.NoError(t, err)
65
66 zeroCmd := []string{"/removeNode", "/assign", "/moveTablet"}
67
68 // size of audit log is 825 bytes
69 // keep truncating encrypted audit log file 5 bytes at a time
70 for i := 0; i <= int(sz); i = i + 5 {
71 switch {
72 case i == 0:
73 require.NoError(t, decrypt(file, outfile, block, sz))
74 testaudit.VerifyLogs(t, decryptedPath, zeroCmd)
75 // clear output file
76 require.NoError(t, outfile.Truncate(0))
77 _, err := outfile.Seek(0, 0)
78 require.NoError(t, err)
79 case 5 <= i && i <= 275:
80 require.NoError(t, file.Truncate(sz-int64(i)))
81 require.NoError(t, decrypt(file, outfile, block, sz))
82 testaudit.VerifyLogs(t, decryptedPath, zeroCmd[0:1])
83 require.NoError(t, outfile.Truncate(0))
84 _, err := outfile.Seek(0, 0)
85 require.NoError(t, err)

Callers

nothing calls this directly

Calls 9

VerifyLogsFunction · 0.92
copyFunction · 0.85
RemoveAllMethod · 0.80
FatalMethod · 0.80
SeekMethod · 0.80
decryptFunction · 0.70
OpenFileMethod · 0.65
CloseMethod · 0.65
SizeMethod · 0.45

Tested by

no test coverage detected