shadow-crypt 1.0.9

Secure password-based file encryption with filename obfuscation
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78

use shadow_crypt_shell::{
    decryption::{
        cli::DecryptionCliArgs, file::DecryptionInput,
        validation::validate_input as validate_decryption_input,
        workflow::run_workflow as run_decryption_workflow,
    },
    memory::SecureString,
};
use std::fs;
use std::sync::Mutex;
use tempfile::TempDir;

static TEST_MUTEX: Mutex<()> = Mutex::new(());

#[test]
fn test_v1_backward_compatibility() {
    let _lock = TEST_MUTEX.lock().unwrap();
    let temp_dir = TempDir::new().unwrap();
    let original_dir = std::env::current_dir().unwrap();

    // Change to temp directory for the test
    std::env::set_current_dir(&temp_dir).unwrap();

    let result: Result<(), Box<dyn std::error::Error>> = {
        // Copy the test v1 encrypted file to temp directory
        let test_shadow_file = std::path::Path::new(env!("CARGO_MANIFEST_DIR"))
            .join("tests")
            .join("fixtures")
            .join("test_v1.shadow");

        if !test_shadow_file.exists() {
            panic!("Test V1 encrypted file not found at {:?}", test_shadow_file);
        }

        let temp_shadow_file = temp_dir.path().join("test_v1.shadow");
        fs::copy(&test_shadow_file, &temp_shadow_file).unwrap();

        // Create decryption CLI args
        let decrypt_cli_args = DecryptionCliArgs {
            input_files: vec![temp_shadow_file.to_str().unwrap().to_string()],
        };

        // Validate decryption input
        let valid_decrypt_args = validate_decryption_input(decrypt_cli_args).unwrap();

        // Create decryption input with the hardcoded password
        let decrypt_password = SecureString::new("testpassword".to_string()); // DO NOT CHANGE THIS PASSWORD
        let decryption_input = DecryptionInput::new(
            valid_decrypt_args.files,
            decrypt_password,
            temp_dir.path().to_path_buf(),
        );

        // Run decryption
        run_decryption_workflow(decryption_input).unwrap();

        // Check that the decrypted file exists and has the expected content
        let expected_filename = "test_v1_plaintext.txt";
        let decrypted_file = temp_dir.path().join(expected_filename);
        assert!(decrypted_file.exists(), "Decrypted file was not created");

        let decrypted_content = fs::read(&decrypted_file).unwrap();
        let expected_content = b"This is a test file for backward compatibility testing. It contains known content that should be decrypted correctly.\n";

        assert_eq!(
            decrypted_content, expected_content,
            "Decrypted content does not match expected content"
        );

        Ok(())
    };

    // Always restore original directory before temp_dir is dropped
    let _ = std::env::set_current_dir(original_dir);

    // Propagate any test failure
    result.unwrap();
}