Update code and deps, add api key (#36)

* Update code and deps, add api key * Remove codeql gh action * Fix release wf * Update release wf * Fix deprecation notices
2025-11-29 22:37:28 +02:00 · 2025-02-07 22:36:53 +00:00
parent fe6849fc72
commit 3e0c0763e8
14 changed files with 363 additions and 793 deletions
--- a/crypto/encrypt/encrypt_test.go
+++ b/crypto/encrypt/encrypt_test.go
@@ -5,7 +5,7 @@ Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at

-    http://www.apache.org/licenses/LICENSE-2.0
+	http://www.apache.org/licenses/LICENSE-2.0

 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
@@ -18,39 +18,48 @@ package encrypt_test
 import (
 	"crypto/aes"
 	"crypto/cipher"
-	"strings"
 	"testing"

 	"github.com/sniptt-official/ots/crypto/encrypt"
 )

 func TestBytes(t *testing.T) {
-	unencryptedSecret := "nuclear_launch_codes"
+	t.Run("successfully encrypts and decrypts data", func(t *testing.T) {
+		unencryptedSecret := "nuclear_launch_codes"

-	encryptedBytes, err := encrypt.Bytes([]byte(unencryptedSecret))
-	if err != nil {
-		t.Fatalf(err.Error())
-	}
+		encryptedBytes, err := encrypt.Bytes([]byte(unencryptedSecret))
+		if err != nil {
+			t.Fatalf("encryption failed: %v", err)
+		}

-	ciphertext, key, nonce := encryptedBytes.Ciphertext, encryptedBytes.Key, encryptedBytes.Nonce
-	ciphertext = ciphertext[len(nonce):] // Remove nonce from start of ciphertext.
+		// Use helper methods to get ciphertext without nonce
+		ciphertext := encryptedBytes.CiphertextWithoutNonce()
+		nonce := encryptedBytes.ExtractNonce()

-	block, err := aes.NewCipher(key)
-	if err != nil {
-		t.Fatalf(err.Error())
-	}
+		block, err := aes.NewCipher(encryptedBytes.Key)
+		if err != nil {
+			t.Fatalf("failed to create cipher: %v", err)
+		}

-	aesGCM, err := cipher.NewGCM(block)
-	if err != nil {
-		t.Fatalf(err.Error())
-	}
+		aesGCM, err := cipher.NewGCM(block)
+		if err != nil {
+			t.Fatalf("failed to create GCM: %v", err)
+		}

-	decryptedSecret, err := aesGCM.Open(nil, nonce, ciphertext, nil)
-	if err != nil {
-		t.Fatalf(err.Error())
-	}
+		decryptedSecret, err := aesGCM.Open(nil, nonce, ciphertext, nil)
+		if err != nil {
+			t.Fatalf("decryption failed: %v", err)
+		}

-	if strings.Compare(unencryptedSecret, string(decryptedSecret)) != 0 {
-		t.Fatalf(`Bytes(nil, %v) = %v; want: %v`, []byte(unencryptedSecret), string(decryptedSecret), unencryptedSecret)
-	}
+		if got := string(decryptedSecret); got != unencryptedSecret {
+			t.Errorf("got %q, want %q", got, unencryptedSecret)
+		}
+	})
+
+	t.Run("returns error for empty input", func(t *testing.T) {
+		_, err := encrypt.Bytes([]byte{})
+		if err == nil {
+			t.Error("expected error for empty input, got nil")
+		}
+	})
 }