diff --git a/pkg/crypto/encryption/aead.go b/pkg/crypto/encryption/aead.go index d57eb00..18c15f5 100644 --- a/pkg/crypto/encryption/aead.go +++ b/pkg/crypto/encryption/aead.go @@ -12,6 +12,8 @@ import ( // Encrypt uses AES-GCM to encrypt the given plaintext with the given key. The // plaintext is sealed with a 12-byte nonce, which is prepended to the ciphertext. +// The nonce adds 28 bytes to the ciphertext, so the total length of the ciphertext +// is the length of the plaintext plus 28 bytes. func Encrypt(key, plaintext []byte) ([]byte, error) { switch len(key) { case 16, 24, 32: // AES-128, AES-192, AES-256 diff --git a/pkg/crypto/encryption/aead_test.go b/pkg/crypto/encryption/aead_test.go new file mode 100644 index 0000000..7e37026 --- /dev/null +++ b/pkg/crypto/encryption/aead_test.go @@ -0,0 +1,35 @@ +package encryption_test + +import ( + "crypto/rand" + "testing" + + "koti.casa/numenor-labs/dsfx/pkg/crypto/encryption" +) + +func TestEncryptDecrypt(t *testing.T) { + key := make([]byte, 32) + _, err := rand.Read(key) + if err != nil { + t.Fatal(err) + return + } + + plaintext := []byte("Hello, Worlskljfsjflskfjlskjfjslkfjsfjslkfjsfd!") + ciphertext, err := encryption.Encrypt(key, plaintext) + if err != nil { + t.Fatal(err) + return + } + + decrypted, err := encryption.Decrypt(key, ciphertext) + if err != nil { + t.Fatal(err) + return + } + + if string(decrypted) != string(plaintext) { + t.Errorf("decrypted text does not match original plaintext") + return + } +} diff --git a/pkg/crypto/identity/ecdsa_test.go b/pkg/crypto/identity/ecdsa_test.go index 65ae29c..c3c5648 100644 --- a/pkg/crypto/identity/ecdsa_test.go +++ b/pkg/crypto/identity/ecdsa_test.go @@ -4,7 +4,6 @@ import ( "crypto/ecdsa" "crypto/elliptic" "crypto/rand" - "log" "testing" "koti.casa/numenor-labs/dsfx/pkg/crypto/identity" @@ -48,7 +47,6 @@ func TestImportExportPublic(t *testing.T) { return } - log.Println("keylen", len(exported)) imported, err := identity.ImportPublicKey(exported) if err != nil { t.Fatalf("failed to import key: %v", err)