lockbox

password manager
Log | Files | Refs | README | LICENSE
commit 5ea6796a3bc63d1635ec87119a728d0af7862d9b
parent 28affbc72fc8e6755b321e9b4ca5a29816b58742
Author: Sean Enck <sean@ttypty.com>
Date:   Mon,  6 Feb 2023 19:20:56 -0500

rekey errors/test

Diffstat:

Minternal/inputs/env.go | 38++++++++++++++++++++++++++++----------


Minternal/inputs/env_test.go | 39+++++++++++++++++++++++++++++++++++++++


2 files changed, 67 insertions(+), 10 deletions(-)

diff --git a/internal/inputs/env.go b/internal/inputs/env.go
@@ -14,16 +14,6 @@ import (
 	"github.com/google/shlex"
 )
 
-func SetReKey() error {
-	for _, k := range []string{keyModeEnv, keyEnv, KeyFileEnv, StoreEnv} {
-		val := os.Getenv(fmt.Sprintf("%s_NEW", k))
-		if err := os.Setenv(k, val); err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
 const (
 	otpAuth        = "otpauth"
 	otpIssuer      = "lbissuer"
@@ -76,6 +66,7 @@ const (
 	ModTimeEnv = prefixKey + "SET_MODTIME"
 	// ModTimeFormat is the expected modtime format
 	ModTimeFormat = time.RFC3339
+	reKeySuffix   = "_NEW"
 )
 
 var (
@@ -99,6 +90,33 @@ type (
 	SystemPlatform string
 )
 
+// SetReKey will enable the rekeying mode for the environment
+func SetReKey() error {
+	hasStore := false
+	hasKey := false
+	hasKeyFile := false
+	for _, k := range []string{keyModeEnv, keyEnv, KeyFileEnv, StoreEnv} {
+		val := os.Getenv(fmt.Sprintf("%s%s", k, reKeySuffix))
+		if val != "" {
+			switch k {
+			case StoreEnv:
+				hasStore = true
+			case keyEnv:
+				hasKey = true
+			case KeyFileEnv:
+				hasKeyFile = true
+			}
+		}
+		if err := os.Setenv(k, val); err != nil {
+			return err
+		}
+	}
+	if !hasStore || (!hasKey && !hasKeyFile) {
+		return errors.New("missing required environment variables for rekey")
+	}
+	return nil
+}
+
 func toString(windows []ColorWindow) string {
 	var results []string
 	for _, w := range windows {
diff --git a/internal/inputs/env_test.go b/internal/inputs/env_test.go
@@ -170,3 +170,42 @@ func TestListVariables(t *testing.T) {
 		t.Errorf("invalid env count, outdated? %d", l)
 	}
 }
+
+func TestReKey(t *testing.T) {
+	os.Setenv("LOCKBOX_STORE_NEW", "")
+	os.Setenv("LOCKBOX_KEY_NEW", "")
+	os.Setenv("LOCKBOX_KEYFILE_NEW", "")
+	err := inputs.SetReKey()
+	if err == nil || err.Error() != "missing required environment variables for rekey" {
+		t.Errorf("failed: %v", err)
+	}
+	os.Setenv("LOCKBOX_STORE_NEW", "abc")
+	err = inputs.SetReKey()
+	if err == nil || err.Error() != "missing required environment variables for rekey" {
+		t.Errorf("failed: %v", err)
+	}
+	if os.Getenv("LOCKBOX_STORE") != "abc" {
+		t.Error("not set")
+	}
+	os.Setenv("LOCKBOX_KEY_NEW", "aaa")
+	err = inputs.SetReKey()
+	if err != nil {
+		t.Errorf("failed: %v", err)
+	}
+	if os.Getenv("LOCKBOX_KEY") != "aaa" && os.Getenv("LOCKBOX_KEYFILE") == "" {
+		t.Error("not set")
+	}
+	os.Setenv("LOCKBOX_KEY_NEW", "")
+	os.Setenv("LOCKBOX_KEYFILE_NEW", "xxx")
+	err = inputs.SetReKey()
+	if err != nil {
+		t.Errorf("failed: %v", err)
+	}
+	if os.Getenv("LOCKBOX_KEYFILE") != "xxx" && os.Getenv("LOCKBOX_KEY") == "" {
+		t.Error("not set")
+	}
+	os.Setenv("LOCKBOX_KEY_NEW", "")
+	os.Setenv("LOCKBOX_STORE_NEW", "")
+	os.Setenv("LOCKBOX_KEY_NEW", "")
+	os.Setenv("LOCKBOX_KEYFILE_NEW", "")
+}