- Refactors `trix.Encode` and `trix.Decode` to allow for dependency injection, enabling the testing of I/O error paths.
- Adds comprehensive tests for the `trix` package to cover all error paths.
- Adds tests for the `Fletcher` checksums and `ensureRSA` function in the `crypt` package.
- Adds tests for the `lthn` package to cover the `SetKeyMap` and `GetKeyMap` functions.
- Adds tests for the `chachapoly` package to cover error paths.
- Adds tests for the `rsa` package to cover error paths.
- Fixes the example in `examples/main.go` to work with the refactored `trix` package.
- Refactors the `lthn` keymap test to be thread-safe by using a mutex and `t.Cleanup` to ensure state is properly restored.
- Corrects the `mockReader` implementation in the `trix` tests to adhere to the `io.Reader` interface contract.
- Removes dead code from `pkg/trix/trix.go`.
- Refactors `trix.Encode` and `trix.Decode` to allow for dependency injection, enabling the testing of I/O error paths.
- Adds comprehensive tests for the `trix` package to cover all error paths.
- Adds tests for the `Fletcher` checksums and `ensureRSA` function in the `crypt` package.
- Adds tests for the `lthn` package to cover the `SetKeyMap` and `GetKeyMap` functions.
- Adds tests for the `chachapoly` package to cover error paths.
- Adds tests for the `rsa` package to cover error paths.
This commit introduces several improvements to the RSA implementation:
- Preserves zero-value service safety by lazily initializing the RSA service in `pkg/crypt/crypt.go`.
- Enforces a minimum RSA key size of 2048 bits in `pkg/crypt/std/rsa/rsa.go` to prevent the generation of insecure keys.
- Exposes the OAEP label parameter in `Encrypt` and `Decrypt` functions, allowing for more advanced use cases.
- Adds a test case to verify that `GenerateKeyPair` correctly rejects key sizes below the new minimum.
This commit introduces a standard RSA implementation in `pkg/crypt/std/rsa`.
The new `rsa.Service` provides a clean API for RSA operations, including:
- Key pair generation
- Encryption and decryption of data
The implementation uses the standard `crypto/rsa` package and follows best practices, including OAEP padding. The main `crypt.Service` has been updated to integrate and expose this new functionality.
This work was done to validate the build environment, and the tests for this implementation pass successfully, confirming that the previous testing issues were isolated to the OpenPGP library.
This commit restructures the `crypt` service to be more modular and decoupled from storage concerns.
- The standard cryptographic implementations (`lthn`, `chachapoly`, `rsa`) have been moved to the `pkg/crypt/std` directory.
- The `rootfs` components have been removed to decouple the library from storage.
- Import paths have been updated to reflect the new structure.
