MCPcopy
hub / github.com/getsops/sops / TestMasterKey_Decrypt

Function TestMasterKey_Decrypt

hcvault/keysource_test.go:243–273  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

241}
242
243func TestMasterKey_Decrypt(t *testing.T) {
244 if testSkipDocker {
245 return
246 }
247
248 key := NewMasterKey(testVaultAddress, testEnginePath, "decrypt")
249 (Token(testVaultToken)).ApplyToMasterKey(key)
250 assert.NoError(t, createVaultKey(key))
251
252 client, err := vaultClient(key.VaultAddress, key.token, nil)
253 assert.NoError(t, err)
254
255 dataKey := []byte("the heart of a shrimp is located in its head")
256 secret, err := client.Logical().Write(key.encryptPath(), encryptPayload(dataKey))
257 assert.NoError(t, err)
258
259 encryptedKey, err := encryptedKeyFromSecret(secret)
260 assert.NoError(t, err)
261
262 key.EncryptedKey = encryptedKey
263 got, err := key.Decrypt()
264 assert.NoError(t, err)
265 assert.Equal(t, dataKey, got)
266
267 key.EnginePath = "invalid"
268 assert.Error(t, key.Encrypt(dataKey))
269
270 key.EnginePath = testEnginePath
271 key.token = ""
272 assert.Error(t, key.Encrypt(dataKey))
273}
274
275func TestMasterKey_EncryptDecrypt_RoundTrip(t *testing.T) {
276 if testSkipDocker {

Callers

nothing calls this directly

Calls 11

encryptPathMethod · 0.95
DecryptMethod · 0.95
EncryptMethod · 0.95
TokenTypeAlias · 0.85
createVaultKeyFunction · 0.85
vaultClientFunction · 0.85
encryptPayloadFunction · 0.85
encryptedKeyFromSecretFunction · 0.85
NewMasterKeyFunction · 0.70
ApplyToMasterKeyMethod · 0.45
ErrorMethod · 0.45

Tested by

no test coverage detected