4 crypto_rand "crypto/rand"
10 kms "github.com/aliyun/alibaba-cloud-sdk-go/services/kms"
14 func (s *OssCryptoBucketSuite) TestKmsClient(c *C) {
15 rand.Seed(time.Now().UnixNano())
16 kmsClient, err := kms.NewClientWithAccessKey(kmsRegion, kmsAccessID, kmsAccessKey)
20 enReq := kms.CreateEncryptRequest()
21 enReq.RpcRequest.Scheme = "https"
22 enReq.RpcRequest.Method = "POST"
23 enReq.RpcRequest.AcceptFormat = "json"
27 buff := make([]byte, 10)
28 _, err = io.ReadFull(crypto_rand.Reader, buff)
30 enReq.Plaintext = base64.StdEncoding.EncodeToString(buff)
32 enResponse, err := kmsClient.Encrypt(enReq)
36 deReq := kms.CreateDecryptRequest()
37 deReq.RpcRequest.Scheme = "https"
38 deReq.RpcRequest.Method = "POST"
39 deReq.RpcRequest.AcceptFormat = "json"
40 deReq.CiphertextBlob = enResponse.CiphertextBlob
41 deResponse, err := kmsClient.Decrypt(deReq)
43 c.Assert(deResponse.Plaintext, Equals, enReq.Plaintext)
46 func (s *OssCryptoBucketSuite) TestMasterAliKmsCipherSuccess(c *C) {
48 kmsClient, err := kms.NewClientWithAccessKey(kmsRegion, kmsAccessID, kmsAccessKey)
51 masterCipher, _ := CreateMasterAliKms(matDesc, kmsID, kmsClient)
54 err = cd.RandomKeyIv(aesKeySize, ivSize)
57 cd.WrapAlgorithm = masterCipher.GetWrapAlgorithm()
58 cd.CEKAlgorithm = KmsAliCryptoWrap
59 cd.MatDesc = masterCipher.GetMatDesc()
62 cd.EncryptedKey, err = masterCipher.Encrypt(cd.Key)
65 cd.EncryptedIV, err = masterCipher.Encrypt(cd.IV)
67 cloneData := cd.Clone()
69 cloneData.Key, _ = masterCipher.Decrypt(cloneData.EncryptedKey)
70 cloneData.IV, _ = masterCipher.Decrypt(cloneData.EncryptedIV)
72 c.Assert(string(cd.Key), Equals, string(cloneData.Key))
73 c.Assert(string(cd.IV), Equals, string(cloneData.IV))
77 func (s *OssCryptoBucketSuite) TestMasterAliKmsCipherError(c *C) {
78 kmsClient, err := kms.NewClientWithAccessKey(kmsRegion, kmsAccessID, kmsAccessKey)
81 masterCipher, _ := CreateMasterAliKms(matDesc, kmsID, kmsClient)
82 v := masterCipher.(MasterAliKmsCipher)
84 _, err = v.Encrypt([]byte("hellow"))
87 _, err = v.Decrypt([]byte("hellow"))