address some comments from original PR

johnstcn · johnstcn · commit e1a77a6163ee · 2023-08-29T14:13:00.000Z
diff --git a/enterprise/dbcrypt/cipher.go b/enterprise/dbcrypt/cipher.go
@@ -46,6 +46,8 @@ func (a *AES256) Encrypt(plaintext []byte) ([]byte, error) {
 	if err != nil {
 		return nil, err
 	}
+	// TODO: the below fails with "cipher: message authentication failed"
+	//return a.aead.Seal(nil, nonce, plaintext, nil), nil
 	return a.aead.Seal(nonce, nonce, plaintext, nil), nil
 }
 
diff --git a/enterprise/dbcrypt/cipher_test.go b/enterprise/dbcrypt/cipher_test.go
@@ -2,6 +2,7 @@ package dbcrypt_test
 
 import (
 	"bytes"
+	"encoding/base64"
 	"testing"
 
 	"github.com/stretchr/testify/require"
@@ -42,6 +43,26 @@ func TestCipherAES256(t *testing.T) {
 		_, err := dbcrypt.CipherAES256(bytes.Repeat([]byte{'a'}, 31))
 		require.ErrorContains(t, err, "key must be 32 bytes")
 	})
+
+	t.Run("TestNonce", func(t *testing.T) {
+		key := bytes.Repeat([]byte{'a'}, 32)
+		cipher, err := dbcrypt.CipherAES256(key)
+		require.NoError(t, err)
+		require.Equal(t, "3ba3f5f", cipher.HexDigest())
+
+		encrypted1, err := cipher.Encrypt([]byte("hello world"))
+		require.NoError(t, err)
+		encrypted2, err := cipher.Encrypt([]byte("hello world"))
+		require.NoError(t, err)
+		require.NotEqual(t, encrypted1, encrypted2, "nonce should be different for each encryption")
+
+		munged := make([]byte, len(encrypted1))
+		copy(munged, encrypted1)
+		munged[0] = munged[0] ^ 0xff
+		_, err = cipher.Decrypt(munged)
+		var decryptErr *dbcrypt.DecryptFailedError
+		require.ErrorAs(t, err, &decryptErr, "munging the first byte of the encrypted data should cause decryption to fail")
+	})
 }
 
 func TestCiphers(t *testing.T) {
@@ -92,3 +113,32 @@ func TestCiphers(t *testing.T) {
 		_ = dbcrypt.NewCiphers(ciphers)
 	})
 }
+
+// This test ensures backwards compatibility. If it breaks, something is very wrong.
+func TestCiphersBackwardCompatibility(t *testing.T) {
+	t.Parallel()
+	var (
+		msg = "hello world"
+		key = bytes.Repeat([]byte{'a'}, 32)
+		//nolint: gosec // The below is the base64-encoded result of encrypting the above message with the above key.
+		encoded = `M2JhM2Y1Zi3r1KSStbmfMBXDzdjVcCrtumdMFsJ4QiYlb3fV1HB8yxg9obHaz5I=`
+	)
+
+	// This is the code that was used to generate the above.
+	// Note that the output of this code will change every time it is run.
+	//encrypted, err := cs.Encrypt([]byte(msg))
+	//require.NoError(t, err)
+	//t.Logf("encoded: %q", base64.StdEncoding.EncodeToString(encrypted))
+
+	cipher, err := dbcrypt.CipherAES256(key)
+	require.NoError(t, err)
+	require.Equal(t, "3ba3f5f", cipher.HexDigest())
+	cs := dbcrypt.NewCiphers(cipher)
+
+	decoded, err := base64.StdEncoding.DecodeString(encoded)
+	require.NoError(t, err, "the encoded string should be valid base64")
+	decrypted, err := cs.Decrypt(decoded)
+	require.NoError(t, err, "decryption should succeed")
+	require.Equal(t, msg, string(decrypted), "decrypted message should match original message")
+
+}

Original file line number	Diff line number	Diff line change
`@@ -46,6 +46,8 @@ func (a *AES256) Encrypt(plaintext []byte) ([]byte, error) {`
`46`	`46`	`if err != nil {`
`47`	`47`	`return nil, err`
`48`	`48`	`}`
	`49`	`+ // TODO: the below fails with "cipher: message authentication failed"`
	`50`	`+ //return a.aead.Seal(nil, nonce, plaintext, nil), nil`
`49`	`51`	`return a.aead.Seal(nonce, nonce, plaintext, nil), nil`
`50`	`52`	`}`
`51`	`53`