Ensure Cipher.Encrypt doesn't mangle input data []byte

2025-02-15 14:03:45 +02:00 · 2020-05-11 12:33:11 -07:00 · 2020-05-11 12:33:11 -07:00 · 9382293b0b
commit 9382293b0b
parent 7bb5fc0a81
1 changed files with 9 additions and 3 deletions
--- a/pkg/encryption/cipher_test.go
+++ b/pkg/encryption/cipher_test.go
@ -80,20 +80,26 @@ func TestEncryptAndDecrypt(t *testing.T) {
 									_, err := io.ReadFull(rand.Reader, data)
 									assert.Equal(t, nil, err)

+									// Ensure our Encrypt function doesn't encrypt in place
+									immutableData := make([]byte, len(data))
+									copy(immutableData, data)
+
 									encrypted, err := c.Encrypt(data)
 									assert.Equal(t, nil, err)
 									assert.NotEqual(t, encrypted, data)
+									// Encrypt didn't operate in-place on []byte
+									assert.Equal(t, data, immutableData)

 									// Ensure our Decrypt function doesn't decrypt in place
-									immutable := make([]byte, len(encrypted))
-									copy(immutable, encrypted)
+									immutableEnc := make([]byte, len(encrypted))
+									copy(immutableEnc, encrypted)

 									decrypted, err := c.Decrypt(encrypted)
 									assert.Equal(t, nil, err)
 									// Original data back
 									assert.Equal(t, data, decrypted)
 									// Decrypt didn't operate in-place on []byte
-									assert.Equal(t, encrypted, immutable)
+									assert.Equal(t, encrypted, immutableEnc)
 									// Encrypt/Decrypt actually did something
 									assert.NotEqual(t, encrypted, decrypted)
 								})