suggested updates

opentdf · Dec 16, 2024 · 147a9a9 · 147a9a9
1 parent 19523aa
commit 147a9a9
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 3 deletions.
diff --git a/cmd/tdf-inspect.go b/cmd/tdf-inspect.go
@@ -24,6 +24,7 @@ type tdfInspectManifest struct {
 	Method                sdk.Method                `json:"method"`
 	IntegrityInformation  sdk.IntegrityInformation  `json:"integrityInformation"`
 	EncryptionInformation sdk.EncryptionInformation `json:"encryptionInformation"`
+	Assertions            []sdk.Assertion           `json:"assertions,omitempty"`
 }
 
 type nanoInspectResult struct {
@@ -72,6 +73,7 @@ func tdf_InspectCmd(cmd *cobra.Command, args []string) {
 				Method:                result.ZTDFManifest.Method,
 				IntegrityInformation:  result.ZTDFManifest.IntegrityInformation,
 				EncryptionInformation: result.ZTDFManifest.EncryptionInformation,
+				Assertions:            result.ZTDFManifest.Assertions,
 			},
 			Attributes: result.Attributes,
 		}

diff --git a/e2e/encrypt-decrypt.bats b/e2e/encrypt-decrypt.bats
@@ -79,18 +79,27 @@ teardown_file(){
 @test "roundtrip TDF3, assertions, stdin" {
   echo $SECRET_TEXT | ./otdfctl encrypt -o $OUT_TXT --host $HOST --tls-no-verify $DEBUG_LEVEL $WITH_CREDS -a $FQN --with-assertions "$ASSERTIONS"
   ./otdfctl decrypt --host $HOST --tls-no-verify $DEBUG_LEVEL $WITH_CREDS $OUTFILE_TXT | grep "$SECRET_TEXT"
+  ./otdfctl --host $HOST --tls-no-verify $WITH_CREDS inspect $OUTFILE_TXT
+  assertions_present=$(./otdfctl --host $HOST --tls-no-verify $WITH_CREDS inspect $OUTFILE_TXT | jq '.manifest.assertions[0].id')
+  [[ $assertions_present == "\"assertion1\"" ]]
 }
 
-@test "roundtrip TDF3, assertions with HS265 keys and verificaion, file" {
+@test "roundtrip TDF3, assertions with HS265 keys and verification, file" {
   ./otdfctl encrypt -o $OUTFILE_GO_MOD --host $HOST --tls-no-verify $DEBUG_LEVEL $WITH_CREDS -a $FQN --with-assertions $SIGNED_ASSERTIONS_HS256 --tdf-type tdf3 $INFILE_GO_MOD
   ./otdfctl decrypt -o $RESULTFILE_GO_MOD --host $HOST --tls-no-verify $DEBUG_LEVEL $WITH_CREDS --with-assertion-verification-keys $SIGNED_ASSERTION_VERIFICATON_HS256 --tdf-type tdf3 $OUTFILE_GO_MOD
   diff $INFILE_GO_MOD $RESULTFILE_GO_MOD
+  ./otdfctl --host $HOST --tls-no-verify $WITH_CREDS inspect $OUTFILE_GO_MOD
+  assertions_present=$(./otdfctl --host $HOST --tls-no-verify $WITH_CREDS inspect $OUTFILE_GO_MOD | jq '.manifest.assertions[0].id')
+  [[ $assertions_present == "\"assertion1\"" ]]
 }
 
-@test "roundtrip TDF3, assertions with RS256 keys and verificaion, file" {
+@test "roundtrip TDF3, assertions with RS256 keys and verification, file" {
   ./otdfctl encrypt -o $OUTFILE_GO_MOD --host $HOST --tls-no-verify $DEBUG_LEVEL $WITH_CREDS -a $FQN --with-assertions $SIGNED_ASSERTIONS_RS256 --tdf-type tdf3 $INFILE_GO_MOD
   ./otdfctl decrypt -o $RESULTFILE_GO_MOD --host $HOST --tls-no-verify $DEBUG_LEVEL $WITH_CREDS --with-assertion-verification-keys $SIGNED_ASSERTION_VERIFICATON_RS256 --tdf-type tdf3 $OUTFILE_GO_MOD
   diff $INFILE_GO_MOD $RESULTFILE_GO_MOD
+  ./otdfctl --host $HOST --tls-no-verify $WITH_CREDS inspect $OUTFILE_GO_MOD
+  assertions_present=$(./otdfctl --host $HOST --tls-no-verify $WITH_CREDS inspect $OUTFILE_GO_MOD | jq '.manifest.assertions[0].id')
+  [[ $assertions_present == "\"assertion1\"" ]]
 }
 
 @test "roundtrip NANO, no attributes, file" {

diff --git a/pkg/handlers/tdf.go b/pkg/handlers/tdf.go
@@ -73,7 +73,7 @@ func (h Handler) EncryptBytes(tdfType string, unencrypted []byte, attrValues []s
 				}
 			}
 			for i, config := range assertionConfigs {
-				if (config.SigningKey != sdk.AssertionKey{}) {
+				if !config.SigningKey.IsEmpty() {
 					correctedKey, err := correctKeyType(config.SigningKey, false)
 					if err != nil {
 						return nil, fmt.Errorf("error with assertion signing key: %w", err)