(t *testing.T)
| 463 | } |
| 464 | |
| 465 | func TestMasterKey_decryptWithGnuPG(t *testing.T) { |
| 466 | t.Run("decrypt", func(t *testing.T) { |
| 467 | gnuPGHome, err := NewGnuPGHome() |
| 468 | assert.NoError(t, err) |
| 469 | t.Cleanup(func() { |
| 470 | _ = os.RemoveAll(gnuPGHome.String()) |
| 471 | }) |
| 472 | assert.NoError(t, gnuPGHome.ImportFile(mockPrivateKey)) |
| 473 | |
| 474 | fingerprint := shortenFingerprint(mockFingerprint) |
| 475 | |
| 476 | data := []byte("this data is absolutely top secret") |
| 477 | stdout, stderr, err := gpgExec(context.Background(), gnuPGHome.String(), []string{ |
| 478 | "--no-default-recipient", |
| 479 | "--yes", |
| 480 | "--encrypt", |
| 481 | "-a", |
| 482 | "-r", |
| 483 | fingerprint, |
| 484 | "--trusted-key", |
| 485 | fingerprint, |
| 486 | "--no-encrypt-to", |
| 487 | }, bytes.NewReader(data)) |
| 488 | assert.Nil(t, err) |
| 489 | assert.NoErrorf(t, gnuPGHome.ImportFile(mockPrivateKey), stderr.String()) |
| 490 | |
| 491 | encryptedData := stdout.String() |
| 492 | assert.NotEqualValues(t, data, encryptedData) |
| 493 | |
| 494 | key := NewMasterKeyFromFingerprint(mockFingerprint) |
| 495 | gnuPGHome.ApplyToMasterKey(key) |
| 496 | key.EncryptedKey = encryptedData |
| 497 | |
| 498 | got, err := key.decryptWithGnuPG(context.Background()) |
| 499 | assert.NoError(t, err) |
| 500 | assert.Equal(t, data, got) |
| 501 | }) |
| 502 | |
| 503 | t.Run("invalid data error", func(t *testing.T) { |
| 504 | key := NewMasterKeyFromFingerprint(mockFingerprint) |
| 505 | key.EncryptedKey = "absolute invalid" |
| 506 | got, err := key.decryptWithGnuPG(context.Background()) |
| 507 | assert.Error(t, err) |
| 508 | assert.ErrorContains(t, err, "gpg: no valid OpenPGP data found") |
| 509 | assert.Nil(t, got) |
| 510 | }) |
| 511 | } |
| 512 | |
| 513 | func TestMasterKey_EncryptDecrypt_RoundTrip(t *testing.T) { |
| 514 | gnuPGHome, err := NewGnuPGHome() |
nothing calls this directly
no test coverage detected