fix tests

calimero-network · Oct 25, 2024 · da304f3 · da304f3
1 parent 93c5ed9
commit da304f3
Show file tree

Hide file tree

Showing 2 changed files with 39 additions and 43 deletions.
diff --git a/crates/crypto/Cargo.toml b/crates/crypto/Cargo.toml
@@ -9,10 +9,12 @@ license.workspace = true
 [dependencies]
 curve25519-dalek.workspace = true
 ed25519-dalek = { workspace = true, features = ["rand_core"] }
+ring.workspace = true
+serde = { workspace = true, features = ["derive"] }
+
+[dev-dependencies]
 eyre.workspace = true
-serde.workspace = true
 rand.workspace = true
-ring.workspace = true
 
 [lints]
-workspace = true
+workspace = true
diff --git a/crates/crypto/src/lib.rs b/crates/crypto/src/lib.rs
@@ -1,4 +1,3 @@
-use rand as _;
 use ring::aead;
 use serde::{Deserialize, Serialize};
 
@@ -25,102 +24,97 @@ impl SharedKey {
         }
     }
 
-    pub fn encrypt(
-        &self,
-        token: Vec<u8>,
-        nonce: [u8; aead::NONCE_LEN],
-    ) -> eyre::Result<Vec<u8>, ()> {
+    pub fn encrypt(&self, payload: Vec<u8>, nonce: [u8; aead::NONCE_LEN]) -> Option<Vec<u8>> {
         let encryption_key =
-            aead::LessSafeKey::new(aead::UnboundKey::new(&aead::AES_256_GCM, &self.key).unwrap());
+            aead::LessSafeKey::new(aead::UnboundKey::new(&aead::AES_256_GCM, &self.key).ok()?);
 
-        let mut encrypted_token = token;
+        let mut cipher_text = payload;
         encryption_key
             .seal_in_place_append_tag(
                 aead::Nonce::assume_unique_for_key(nonce),
                 aead::Aad::empty(),
-                &mut encrypted_token,
+                &mut cipher_text,
             )
-            .expect("failed to encrypt token");
+            .ok()?;
 
-        Ok(encrypted_token)
+        Some(cipher_text)
     }
 
-    pub fn decrypt(
-        &self,
-        token: Vec<u8>,
-        nonce: [u8; aead::NONCE_LEN],
-    ) -> eyre::Result<Vec<u8>, ()> {
-        let mut decrypted_token = token;
+    pub fn decrypt(&self, cipher_text: Vec<u8>, nonce: [u8; aead::NONCE_LEN]) -> Option<Vec<u8>> {
         let decryption_key =
-            aead::LessSafeKey::new(aead::UnboundKey::new(&aead::AES_256_GCM, &self.key).unwrap());
+            aead::LessSafeKey::new(aead::UnboundKey::new(&aead::AES_256_GCM, &self.key).ok()?);
 
+        let mut payload = cipher_text;
         let decrypted_len = decryption_key
             .open_in_place(
                 aead::Nonce::assume_unique_for_key(nonce),
                 aead::Aad::empty(),
-                &mut decrypted_token,
+                &mut payload,
             )
-            .expect("failed to decrypt token")
+            .ok()?
             .len();
 
-        decrypted_token.truncate(decrypted_len);
+        payload.truncate(decrypted_len);
 
-        Ok(decrypted_token)
+        Some(payload)
     }
 }
 
 #[cfg(test)]
 mod tests {
-
     use ed25519_dalek::SigningKey;
-    use rand::rngs::OsRng;
+    use eyre::OptionExt;
 
     use super::*;
 
     #[test]
-    fn test_encrypt_decrypt() -> eyre::Result<(), eyre::ErrReport> {
-        let mut csprng = OsRng {};
+    fn test_encrypt_decrypt() -> eyre::Result<()> {
+        let mut csprng = rand::thread_rng();
+
         let signer = SigningKey::generate(&mut csprng);
         let verifier = SigningKey::generate(&mut csprng);
+
         let signer_shared_key = SharedKey::new(&signer, &verifier.verifying_key());
         let verifier_shared_key = SharedKey::new(&verifier, &signer.verifying_key());
 
-        let token = b"privacy is important".to_vec();
+        let payload = b"privacy is important";
         let nonce = [0u8; aead::NONCE_LEN];
 
-        let encrypted_token = signer_shared_key
-            .encrypt(token.clone(), nonce)
-            .expect("encryption failed");
+        let encrypted_payload = signer_shared_key
+            .encrypt(payload.to_vec(), nonce)
+            .ok_or_eyre("encryption failed")?;
 
-        let decrypted_token = verifier_shared_key.decrypt(encrypted_token, nonce);
+        let decrypted_payload = verifier_shared_key
+            .decrypt(encrypted_payload, nonce)
+            .ok_or_eyre("decryption failed")?;
 
-        let decrypted_token = decrypted_token.unwrap();
-        assert_eq!(decrypted_token, token);
-        assert_ne!(decrypted_token, b"privacy is not important".to_vec());
+        assert_eq!(decrypted_payload, payload);
+        assert_ne!(decrypted_payload, b"privacy is not important");
 
         Ok(())
     }
 
     #[test]
-    fn test_decrypt_with_invalid_key() -> eyre::Result<(), eyre::ErrReport> {
-        let mut csprng = OsRng {};
+    fn test_decrypt_with_invalid_key() -> eyre::Result<()> {
+        let mut csprng = rand::thread_rng();
+
         let signer = SigningKey::generate(&mut csprng);
         let verifier = SigningKey::generate(&mut csprng);
         let invalid = SigningKey::generate(&mut csprng);
 
         let signer_shared_key = SharedKey::new(&signer, &verifier.verifying_key());
         let invalid_shared_key = SharedKey::new(&invalid, &invalid.verifying_key());
 
-        let token = b"privacy is important".to_vec();
+        let token = b"privacy is important";
         let nonce = [0u8; aead::NONCE_LEN];
 
         let encrypted_token = signer_shared_key
-            .encrypt(token.clone(), nonce)
-            .expect("encryption failed");
+            .encrypt(token.to_vec(), nonce)
+            .ok_or_eyre("encryption failed")?;
 
         let decrypted_data = invalid_shared_key.decrypt(encrypted_token, nonce);
 
-        assert!(decrypted_data.is_err());
+        assert!(decrypted_data.is_none());
 
         Ok(())
     }