api: EncryptKey specify armored

gabriel · gabriel · commit e9ae8c5755ae · 2020-12-08T12:46:04.000-08:00
diff --git a/api/key.go b/api/key.go
@@ -38,23 +38,23 @@ func NewKey(k keys.Key) *Key {
 }
 
 // EncryptKey creates encrypted key from a sender to a recipient.
-func EncryptKey(key *Key, sender *keys.EdX25519Key, recipient keys.ID) ([]byte, error) {
+func EncryptKey(key *Key, sender *keys.EdX25519Key, recipient keys.ID, armored bool) ([]byte, error) {
 	b, err := msgpack.Marshal(key)
 	if err != nil {
 		return nil, err
 	}
-	enc, err := saltpack.Signcrypt(b, true, sender, recipient, sender.ID())
+	enc, err := saltpack.Signcrypt(b, armored, sender, recipient, sender.ID())
 	if err != nil {
 		return nil, err
 	}
 	return enc, nil
 }
 
 // DecryptKey decrypts a key from a sender.
-func DecryptKey(b []byte, kr saltpack.Keyring) (*Key, *keys.EdX25519PublicKey, error) {
-	dec, pk, err := saltpack.SigncryptOpen(b, true, kr)
+func DecryptKey(b []byte, kr saltpack.Keyring, armored bool) (*Key, *keys.EdX25519PublicKey, error) {
+	dec, pk, err := saltpack.SigncryptOpen(b, armored, kr)
 	if err != nil {
-		return nil, nil, err
+		return nil, nil, errors.Wrapf(err, "failed to decrypt key")
 	}
 	var key Key
 	if err := msgpack.Unmarshal(dec, &key); err != nil {
diff --git a/api/key_test.go b/api/key_test.go
@@ -73,16 +73,19 @@ func TestEncryptKey(t *testing.T) {
 	key.CreatedAt = clock.NowMillis()
 	key.UpdatedAt = clock.NowMillis()
 
-	out, err := api.EncryptKey(key, alice, bob.ID())
+	out, err := api.EncryptKey(key, alice, bob.ID(), false)
 	require.NoError(t, err)
 
-	dec, pk, err := api.DecryptKey(out, saltpack.NewKeyring(bob))
+	dec, pk, err := api.DecryptKey(out, saltpack.NewKeyring(bob), false)
 	require.NoError(t, err)
 	require.Equal(t, alice.ID(), pk.ID())
 	assert.ObjectsAreEqual(dec, key)
 
-	_, _, err = api.DecryptKey(out, saltpack.NewKeyring())
-	require.EqualError(t, err, "no decryption key found for message")
+	_, _, err = api.DecryptKey(out, saltpack.NewKeyring(), false)
+	require.EqualError(t, err, "failed to decrypt key: no decryption key found for message")
+
+	_, _, err = api.DecryptKey(out, saltpack.NewKeyring(bob), true)
+	require.EqualError(t, err, "failed to decrypt key: invalid data")
 }
 
 func TestEncryptKeyWithPassword(t *testing.T) {

Original file line number	Diff line number	Diff line change
`@@ -38,23 +38,23 @@ func NewKey(k keys.Key) *Key {`
`38`	`38`	`}`
`39`	`39`
`40`	`40`	`// EncryptKey creates encrypted key from a sender to a recipient.`
`41`		`-func EncryptKey(key Key, sender keys.EdX25519Key, recipient keys.ID) ([]byte, error) {`
	`41`	`+func EncryptKey(key Key, sender keys.EdX25519Key, recipient keys.ID, armored bool) ([]byte, error) {`
`42`	`42`	`b, err := msgpack.Marshal(key)`
`43`	`43`	`if err != nil {`
`44`	`44`	`return nil, err`
`45`	`45`	`}`
`46`		`- enc, err := saltpack.Signcrypt(b, true, sender, recipient, sender.ID())`
	`46`	`+ enc, err := saltpack.Signcrypt(b, armored, sender, recipient, sender.ID())`
`47`	`47`	`if err != nil {`
`48`	`48`	`return nil, err`
`49`	`49`	`}`
`50`	`50`	`return enc, nil`
`51`	`51`	`}`
`52`	`52`
`53`	`53`	`// DecryptKey decrypts a key from a sender.`
`54`		`-func DecryptKey(b []byte, kr saltpack.Keyring) (Key, keys.EdX25519PublicKey, error) {`
`55`		`- dec, pk, err := saltpack.SigncryptOpen(b, true, kr)`
	`54`	`+func DecryptKey(b []byte, kr saltpack.Keyring, armored bool) (Key, keys.EdX25519PublicKey, error) {`
	`55`	`+ dec, pk, err := saltpack.SigncryptOpen(b, armored, kr)`
`56`	`56`	`if err != nil {`
`57`		`- return nil, nil, err`
	`57`	`+ return nil, nil, errors.Wrapf(err, "failed to decrypt key")`
`58`	`58`	`}`
`59`	`59`	`var key Key`
`60`	`60`	`if err := msgpack.Unmarshal(dec, &key); err != nil {`