Merge pull request #3 from MGTheTrain/feature/crypto-operations

Feature/crypto operations

.devcontainer/devcontainer.json

@@ -1,5 +1,5 @@
 {
-    // Docker images officially provided by Microsoft that can utilized as base images
+    // Docker images officially provided by Microsoft that can be utilized as base images
     // https://hub.docker.com/_/microsoft-vscode-devcontainers
     "name": "Tools for building and running Go projects",
     "image": "mcr.microsoft.com/vscode/devcontainers/go:1.21",

README.md

@@ -44,4 +44,22 @@ TBD
 
 ## Getting Started
 
-TBD
+### Run Tests
+
+To run `unit` tests on Unix systems execute:
+
+```sh
+cd scripts
+./run-test.sh -u
+```
+
+**TBD** To run `integration` tests on Unix systems execute:
+
+```sh
+cd scripts
+./run-test.sh -i
+```
+
+### Applications
+
+You can find applications utilizing [internal packages](./internal/) in the [cmd folder](./cmd/).

cmd/crypto-vault-cli/crypto-vault-cli.go

@@ -14,6 +14,7 @@ import (
 	"github.com/spf13/cobra"
 
 	cryptography "crypto_vault_service/internal/infrastructure/cryptography"
+	utils "crypto_vault_service/internal/infrastructure/utils"
 )
 
 // Encrypts a file using AES and saves the encryption key
@@ -37,7 +38,7 @@ func encryptAESCmd(cmd *cobra.Command, args []string) {
 	}
 
 	// Encrypt the file
-	plainText, err := cryptography.ReadFile(inputFile)
+	plainText, err := utils.ReadFile(inputFile)
 	if err != nil {
 		log.Fatalf("Error reading input file: %v\n", err)
 	}
@@ -48,15 +49,15 @@ func encryptAESCmd(cmd *cobra.Command, args []string) {
 	}
 
 	// Save encrypted file
-	err = cryptography.WriteFile(outputFile, encryptedData)
+	err = utils.WriteFile(outputFile, encryptedData)
 	if err != nil {
 		log.Fatalf("Error writing encrypted file: %v\n", err)
 	}
 	fmt.Printf("Encrypted data saved to %s\n", outputFile)
 
 	// Save the AES key to the specified key directory
 	keyFilePath := filepath.Join(keyDir, "encryption_key.bin")
-	err = cryptography.WriteFile(keyFilePath, key)
+	err = utils.WriteFile(keyFilePath, key)
 	if err != nil {
 		log.Fatalf("Error writing AES key to file: %v\n", err)
 	}
@@ -81,7 +82,7 @@ func decryptAESCmd(cmd *cobra.Command, args []string) {
 	}
 
 	// Decrypt the file
-	encryptedData, err := cryptography.ReadFile(inputFile)
+	encryptedData, err := utils.ReadFile(inputFile)
 	if err != nil {
 		log.Fatalf("Error reading encrypted file: %v\n", err)
 	}
@@ -94,7 +95,7 @@ func decryptAESCmd(cmd *cobra.Command, args []string) {
 	}
 
 	// Save decrypted file
-	err = cryptography.WriteFile(outputFile, decryptedData)
+	err = utils.WriteFile(outputFile, decryptedData)
 	if err != nil {
 		log.Fatalf("Error writing decrypted file: %v\n", err)
 	}
@@ -139,7 +140,7 @@ func encryptRSACmd(cmd *cobra.Command, args []string) {
 	}
 
 	// Encrypt the file
-	plainText, err := cryptography.ReadFile(inputFile)
+	plainText, err := utils.ReadFile(inputFile)
 	if err != nil {
 		log.Fatalf("Error reading input file: %v\n", err)
 	}
@@ -150,7 +151,7 @@ func encryptRSACmd(cmd *cobra.Command, args []string) {
 	}
 
 	// Save encrypted file
-	err = cryptography.WriteFile(outputFile, encryptedData)
+	err = utils.WriteFile(outputFile, encryptedData)
 	if err != nil {
 		log.Fatalf("Error writing encrypted file: %v\n", err)
 	}
@@ -189,7 +190,7 @@ func decryptRSACmd(cmd *cobra.Command, args []string) {
 	}
 
 	// Decrypt the file
-	encryptedData, err := cryptography.ReadFile(inputFile)
+	encryptedData, err := utils.ReadFile(inputFile)
 	if err != nil {
 		log.Fatalf("Error reading encrypted file: %v\n", err)
 	}
@@ -200,7 +201,7 @@ func decryptRSACmd(cmd *cobra.Command, args []string) {
 	}
 
 	// Save decrypted file
-	err = cryptography.WriteFile(outputFile, decryptedData)
+	err = utils.WriteFile(outputFile, decryptedData)
 	if err != nil {
 		log.Fatalf("Error writing decrypted file: %v\n", err)
 	}
@@ -226,7 +227,7 @@ func signECCCmd(cmd *cobra.Command, args []string) {
 	}
 
 	// Read the file content
-	fileContent, err := cryptography.ReadFile(inputFile)
+	fileContent, err := utils.ReadFile(inputFile)
 	if err != nil {
 		log.Fatalf("Error reading input file: %v\n", err)
 	}
@@ -292,7 +293,7 @@ func verifyECCCmd(cmd *cobra.Command, args []string) {
 	}
 
 	// Read the file content (optional: you can also hash the content before verifying)
-	fileContent, err := cryptography.ReadFile(inputFile)
+	fileContent, err := utils.ReadFile(inputFile)
 	if err != nil {
 		log.Fatalf("Error reading input file: %v\n", err)
 	}

cmd/crypto-vault-service/README.md

@@ -0,0 +1,4 @@
+# crypto-vault-service
+
+TBD
+

go.mod

@@ -7,6 +7,7 @@ require (
 	github.com/bytedance/sonic/loader v0.2.1 // indirect
 	github.com/cloudwego/base64x v0.1.4 // indirect
 	github.com/cloudwego/iasm v0.2.0 // indirect
+	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/fsnotify/fsnotify v1.7.0 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.6 // indirect
 	github.com/gin-contrib/sse v0.1.0 // indirect
@@ -26,6 +27,7 @@ require (
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/pelletier/go-toml/v2 v2.2.3 // indirect
+	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/sagikazarmark/locafero v0.4.0 // indirect
 	github.com/sagikazarmark/slog-shim v0.1.0 // indirect
 	github.com/sourcegraph/conc v0.3.0 // indirect
@@ -34,6 +36,7 @@ require (
 	github.com/spf13/cobra v1.8.1 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/spf13/viper v1.19.0 // indirect
+	github.com/stretchr/testify v1.9.0 // indirect
 	github.com/subosito/gotenv v1.6.0 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	github.com/ugorji/go/codec v1.2.12 // indirect

go.sum

@@ -10,6 +10,8 @@ github.com/cloudwego/iasm v0.2.0/go.mod h1:8rXZaNYT2n95jn+zTI1sDr+IgcD2GVs0nlbbQ
 github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
+github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
 github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
 github.com/gabriel-vasile/mimetype v1.4.6 h1:3+PzJTKLkvgjeTbts6msPJt4DixhT4YtFNf1gtGe3zc=
@@ -53,6 +55,8 @@ github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjY
 github.com/pelletier/go-toml/v2 v2.2.3 h1:YmeHyLY8mFWbdkNWwpr+qIL2bEqT0o95WSdkNHvL12M=
 github.com/pelletier/go-toml/v2 v2.2.3/go.mod h1:MfCQTFTvCcUyyvvwm1+G6H/jORL20Xlb6rzQu9GuUkc=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
+github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/sagikazarmark/locafero v0.4.0 h1:HApY1R9zGo4DBgr7dqsTH/JJxLTTsOt7u6keLGt6kNQ=
 github.com/sagikazarmark/locafero v0.4.0/go.mod h1:Pe1W6UlPYUk/+wc/6KFhbORCfqzgYEpgQ3O5fPuL3H4=
@@ -78,6 +82,7 @@ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
 github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8=
 github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU=

internal/infrastructure/connector/az_blob.go

@@ -0,0 +1 @@
+package connector

internal/infrastructure/connector/az_postgres.go

@@ -0,0 +1 @@
+package connector

internal/infrastructure/connector/az_vault.go

@@ -0,0 +1 @@
+package connector

internal/infrastructure/cryptography/aes.go

@@ -48,6 +48,10 @@ func (a *AESImpl) GenerateKey(keySize int) ([]byte, error) {
 
 // Encrypt data using AES in CBC mode
 func (a *AESImpl) Encrypt(plainText, key []byte) ([]byte, error) {
+	if key == nil {
+		return nil, fmt.Errorf("key key cannot be nil")
+	}
+
 	block, err := aes.NewCipher(key)
 	if err != nil {
 		return nil, err
@@ -69,6 +73,10 @@ func (a *AESImpl) Encrypt(plainText, key []byte) ([]byte, error) {
 
 // Decrypt data using AES in CBC mode
 func (a *AESImpl) Decrypt(ciphertext, key []byte) ([]byte, error) {
+	if key == nil {
+		return nil, fmt.Errorf("key key cannot be nil")
+	}
+
 	block, err := aes.NewCipher(key)
 	if err != nil {
 		return nil, err

internal/infrastructure/cryptography/ecdsa.go

@@ -41,6 +41,15 @@ func (e *ECDSAImpl) GenerateKeys(curve elliptic.Curve) (*ecdsa.PrivateKey, *ecds
 
 // Sign signs a message with the private key
 func (e *ECDSAImpl) Sign(message []byte, privateKey *ecdsa.PrivateKey) ([]byte, error) {
+	if privateKey == nil {
+		return nil, fmt.Errorf("private key cannot be nil")
+	}
+
+	// Check if the private key is valid (D should not be zero)
+	if privateKey.D.Sign() == 0 {
+		return nil, fmt.Errorf("invalid private key: D cannot be zero")
+	}
+
 	// Hash the message before signing it
 	hash := sha256.Sum256(message)
 	r, s, err := ecdsa.Sign(rand.Reader, privateKey, hash[:])
@@ -55,6 +64,10 @@ func (e *ECDSAImpl) Sign(message []byte, privateKey *ecdsa.PrivateKey) ([]byte,
 
 // Verify verifies the signature of a message with the public key
 func (e *ECDSAImpl) Verify(message, signature []byte, publicKey *ecdsa.PublicKey) (bool, error) {
+	if publicKey == nil {
+		return false, fmt.Errorf("public key cannot be nil")
+	}
+
 	// Hash the message before verifying it
 	hash := sha256.Sum256(message)
 

internal/infrastructure/cryptography/rsa.go

@@ -5,6 +5,7 @@ import (
 	"crypto/rsa"
 	"crypto/x509"
 	"encoding/pem"
+	"errors"
 	"fmt"
 	"io/ioutil"
 	"os"
@@ -36,6 +37,10 @@ func (r *RSAImpl) GenerateKeys(bits int) (*rsa.PrivateKey, *rsa.PublicKey, error
 
 // Encrypt data using RSA public key
 func (r *RSAImpl) Encrypt(plainText []byte, publicKey *rsa.PublicKey) ([]byte, error) {
+	if publicKey == nil {
+		return nil, errors.New("public key cannot be nil")
+	}
+
 	encryptedData, err := rsa.EncryptPKCS1v15(rand.Reader, publicKey, plainText)
 	if err != nil {
 		return nil, fmt.Errorf("failed to encrypt data: %v", err)
@@ -45,6 +50,10 @@ func (r *RSAImpl) Encrypt(plainText []byte, publicKey *rsa.PublicKey) ([]byte, e
 
 // Decrypt data using RSA private key
 func (r *RSAImpl) Decrypt(ciphertext []byte, privateKey *rsa.PrivateKey) ([]byte, error) {
+	if privateKey == nil {
+		return nil, fmt.Errorf("private key cannot be nil")
+	}
+
 	decryptedData, err := rsa.DecryptPKCS1v15(rand.Reader, privateKey, ciphertext)
 	if err != nil {
 		return nil, fmt.Errorf("failed to decrypt data: %v", err)

internal/infrastructure/cryptography/io.go → internal/infrastructure/utils/io.go

@@ -1,4 +1,4 @@
-package cryptography
+package utils
 
 import (
 	"io/ioutil"

scripts/run-test.sh

@@ -0,0 +1,48 @@
+#!/bin/bash
+
+set -euo pipefail
+
+SCRIPT_DIR=$(dirname "$BASH_SOURCE")
+ROOT_PROJECT_DIR=$SCRIPT_DIR/..
+
+cd $ROOT_PROJECT_DIR
+
+BLUE='\033[0;34m'
+NC='\033[0m'
+
+# Default flag values
+RUN_UNIT_TESTS=true
+RUN_INTEGRATION_TESTS=true
+
+# Parse arguments
+while getopts "ui" opt; do
+  case ${opt} in
+    u)
+      RUN_UNIT_TESTS=true
+      RUN_INTEGRATION_TESTS=false
+      ;;
+    i)
+      RUN_UNIT_TESTS=false
+      RUN_INTEGRATION_TESTS=true
+      ;;
+    *)
+      echo "Usage: $0 [-u] (for unit tests) [-i] (for integration tests)"
+      exit 1
+      ;;
+  esac
+done
+
+echo "#####################################################################################################"
+echo -e "$BLUE INFO: $NC About to run tests based on the flags"
+
+if [ "$RUN_UNIT_TESTS" = true ]; then
+  echo -e "$BLUE INFO: $NC Running unit tests..."
+  go test ./test/unit/...
+fi
+
+if [ "$RUN_INTEGRATION_TESTS" = true ]; then
+  echo -e "$BLUE INFO: $NC Running integration tests..."
+  go test ./test/integration/...
+fi
+
+cd $SCRIPT_DIR

test/unit/infrastructure/connector/az_blob_test.go

@@ -0,0 +1 @@
+package connector

test/unit/infrastructure/connector/az_postgres_test.go

@@ -0,0 +1 @@
+package connector

test/unit/infrastructure/connector/az_vault_test.go

@@ -0,0 +1 @@
+package connector