|
|
|
|
@ -1,7 +1,6 @@
|
|
|
|
|
package config
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"strings"
|
|
|
|
|
"testing"
|
|
|
|
|
"time"
|
|
|
|
|
|
|
|
|
|
@ -141,50 +140,3 @@ func TestDevWorker(t *testing.T) {
|
|
|
|
|
|
|
|
|
|
assert.Equal(t, exp, actual)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func TestConfigDecrypt(t *testing.T) {
|
|
|
|
|
const (
|
|
|
|
|
clr = `
|
|
|
|
|
kms "aead" {
|
|
|
|
|
purpose = "config"
|
|
|
|
|
aead_type = "aes-gcm"
|
|
|
|
|
key = "c964AJj8VW8w4hKz/Jd8MvuLt0kkcjVuFqMiMvTvvN8="
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
kms "aead" {
|
|
|
|
|
purpose = "root"
|
|
|
|
|
aead_type = "aes-gcm"
|
|
|
|
|
key ="eb78KqCwowELYnkOOko/XYz01q1ax3g76J1vCAvt5dQ="
|
|
|
|
|
}`
|
|
|
|
|
|
|
|
|
|
enc = `
|
|
|
|
|
kms "aead" {
|
|
|
|
|
purpose = "config"
|
|
|
|
|
aead_type = "aes-gcm"
|
|
|
|
|
key = "c964AJj8VW8w4hKz/Jd8MvuLt0kkcjVuFqMiMvTvvN8="
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
kms "aead" {
|
|
|
|
|
purpose = "root"
|
|
|
|
|
aead_type = "aes-gcm"
|
|
|
|
|
key ="{{decrypt(Ckh57d4NA6nsnRKV6DiHTyfwLIakdhN8w7qdPJgo-KWnBdlEKv3NQkUFbouU0eorSGik1Qbca5xEy2NqYT9UYj_GUGo6hHz13MEqAA)}}"
|
|
|
|
|
}`
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
kmses, err := configutil.ParseKMSes(enc)
|
|
|
|
|
assert.NoError(t, err)
|
|
|
|
|
|
|
|
|
|
var kms = &configutil.KMS{}
|
|
|
|
|
for _, k := range kmses {
|
|
|
|
|
for _, p := range k.Purpose {
|
|
|
|
|
if p == "config" {
|
|
|
|
|
kms = k
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
got, err := configDecrypt(enc, kms)
|
|
|
|
|
assert.NoError(t, err)
|
|
|
|
|
|
|
|
|
|
assert.Equal(t, strings.TrimSpace(got), strings.TrimSpace(clr))
|
|
|
|
|
}
|
|
|
|
|
|
Jeff Mitchell
6 years ago