diff --git a/digests.txt b/digests.txt index f457354..a68d055 100644 --- a/digests.txt +++ b/digests.txt @@ -1,4 +1,4 @@ -18e304d889046b605899a49675dfac60706b0cf7431ef221abd125e75ba932d2 turnkey.darwin-aarch64 -b14ee79bef05348c6dc48e8007c5b61650b08d3815c875d0af8d275b9a5d6246 turnkey.darwin-x86_64 -c8709cfbe46d8f07e7e1469f80c11c64853fe4e94e3462079a18ee2e4675ef73 turnkey.linux-aarch64 -f507170cd2772a5f57f97c65c132e2a123cd72a140f3b299ae730dcebdb9350c turnkey.linux-x86_64 +59e258836b3ac1d15efb49c2ff9637bcf8d72aa6a74165999525b0520af3c16c turnkey.darwin-aarch64 +da1534435bf06f6c988ec01c48c3a0645984327a349e26156c1d142df3d27ef4 turnkey.darwin-x86_64 +ea239121f7c7816532f9bc36563439b86f53da6b8d2ce7b7342a2eda29dbfd07 turnkey.linux-aarch64 +10e01fce0e0287bead3a3a600d43eb64510a68937d7c9345d9484bb1e3853e38 turnkey.linux-x86_64 diff --git a/src/cmd/turnkey/main_test.go b/src/cmd/turnkey/main_test.go index b5e634b..7c05c36 100644 --- a/src/cmd/turnkey/main_test.go +++ b/src/cmd/turnkey/main_test.go @@ -57,7 +57,7 @@ func TestHelpText(t *testing.T) { assert.Contains(t, out, "Available Commands:") } -func TestKeygenInTmpFolder(t *testing.T) { +func TestAPIKeygenInTmpFolder(t *testing.T) { orgID := uuid.New() tmpDir, err := os.MkdirTemp(TempDir, "keys") @@ -83,7 +83,34 @@ func TestKeygenInTmpFolder(t *testing.T) { assert.Equal(t, parsedOut["privateKeyFile"], tmpDir+"/mykey.private") } -func TestKeygenDetectExistingKey(t *testing.T) { +func TestEncryptionKeygenInTmpFolder(t *testing.T) { + orgID := uuid.New() + userID := uuid.New() + + tmpDir, err := os.MkdirTemp(TempDir, "encryption-keys") + assert.Nil(t, err) + + defer func() { assert.Nil(t, os.RemoveAll(tmpDir)) }() + + out, err := RunCliWithArgs(t, []string{"generate", "encryption-key", "--encryption-keys-folder", tmpDir, "--encryption-key-name", "mykey", "--organization", orgID.String(), "--user", userID.String()}) + assert.Nil(t, err) + + assert.FileExists(t, tmpDir+"/mykey.public") + assert.FileExists(t, tmpDir+"/mykey.private") + + publicKeyData, err := os.ReadFile(tmpDir + "/mykey.public") + assert.Nil(t, err) + + var parsedOut map[string]string + + assert.Nil(t, json.Unmarshal([]byte(out), &parsedOut)) + + assert.Equal(t, parsedOut["publicKey"], string(publicKeyData)) + assert.Equal(t, parsedOut["publicKeyFile"], tmpDir+"/mykey.public") + assert.Equal(t, parsedOut["privateKeyFile"], tmpDir+"/mykey.private") +} + +func TestAPIKeygenDetectExistingKey(t *testing.T) { orgID := uuid.New() tmpDir, err := os.MkdirTemp(TempDir, "keys") @@ -105,6 +132,29 @@ func TestKeygenDetectExistingKey(t *testing.T) { assert.Equal(t, err.Error(), "exit status 1") } +func TestEncryptionKeygenDetectExistingKey(t *testing.T) { + orgID := uuid.New() + userID := uuid.New() + + tmpDir, err := os.MkdirTemp(TempDir, "encryption-keys") + defer func() { assert.Nil(t, os.RemoveAll(tmpDir)) }() + + assert.Nil(t, err) + + err = os.WriteFile(tmpDir+"/myexistingkey.public", []byte("mykey.public"), 0o755) + assert.Nil(t, err) + + err = os.WriteFile(tmpDir+"/myexistingkey.private", []byte("mykey.private"), 0o755) + assert.Nil(t, err) + + assert.FileExists(t, tmpDir+"/myexistingkey.public") + assert.FileExists(t, tmpDir+"/myexistingkey.private") + + _, err = RunCliWithArgs(t, []string{"generate", "encryption-key", "--organization", orgID.String(), "--user", userID.String(), "--encryption-keys-folder", tmpDir, "--encryption-key-name", "myexistingkey"}) + assert.NotNil(t, err) + assert.Equal(t, err.Error(), "exit status 1") +} + func TestStamp(t *testing.T) { orgID := uuid.New() diff --git a/src/cmd/turnkey/pkg/decrypt.go b/src/cmd/turnkey/pkg/decrypt.go index 85a4f23..c260e02 100644 --- a/src/cmd/turnkey/pkg/decrypt.go +++ b/src/cmd/turnkey/pkg/decrypt.go @@ -107,8 +107,18 @@ func LoadEncryptionKeypair(name string) { Organization = encryptionKey.Organization } - // If org is _still_ empty, the API key is not usable. + // If org is _still_ empty, the encryption key is not usable. if Organization == "" { OutputError(eris.New("failed to associate the encryption key with an organization; please manually specify the organization ID")) } + + // If we haven't had the user explicitly set try to load it from key metadata. + if User == "" { + User = encryptionKey.User + } + + // If user is _still_ empty, the encryption key is not usable. + if User == "" { + OutputError(eris.New("failed to associate the encryption key with a user; please manually specify the user ID")) + } }