diff --git a/src/config/CryConfigFile.cpp b/src/config/CryConfigFile.cpp index bc8c2a17..d6abedf3 100644 --- a/src/config/CryConfigFile.cpp +++ b/src/config/CryConfigFile.cpp @@ -41,7 +41,6 @@ optional CryConfigFile::load(const bf::path &path, const string & } CryConfig config = CryConfig::load(decrypted->data); if (config.Cipher() != decrypted->cipherName) { - //TODO Test that this fails LOG(ERROR) << "Inner cipher algorithm used to encrypt config file doesn't match config value"; return none; } diff --git a/src/config/CryConfigLoader.cpp b/src/config/CryConfigLoader.cpp index d07e0a41..b8b5f094 100644 --- a/src/config/CryConfigLoader.cpp +++ b/src/config/CryConfigLoader.cpp @@ -34,7 +34,6 @@ optional CryConfigLoader::_loadConfig(const bf::path &filename) { return none; } if (_cipher != none && config->config()->Cipher() != *_cipher) { - //TODO Test this fails throw std::runtime_error("Filesystem uses "+config->config()->Cipher()+" cipher and not "+*_cipher+" as specified."); } return std::move(*config); diff --git a/test/config/CryConfigFileTest.cpp b/test/config/CryConfigFileTest.cpp index 31896364..1fd2a305 100644 --- a/test/config/CryConfigFileTest.cpp +++ b/test/config/CryConfigFileTest.cpp @@ -10,6 +10,7 @@ using std::string; using boost::optional; using boost::none; using cpputils::SCrypt; +using cpputils::Data; namespace bf = boost::filesystem; //gtest/boost::optional workaround for working with optional @@ -146,3 +147,13 @@ TEST_F(CryConfigFileTest, CanSaveAndLoadModififedCipher) { CryConfigFile loaded = Load().value(); EXPECT_EQ("twofish-128-cfb", loaded.config()->Cipher()); } + +TEST_F(CryConfigFileTest, FailsIfConfigFileIsEncryptedWithACipherDifferentToTheOneSpecifiedByTheUser) { + auto encryptor = CryConfigEncryptorFactory::deriveKey("mypassword", SCrypt::TestSettings); + auto config = Config(); + config.SetCipher("aes-256-gcm"); + Data encrypted = encryptor->encrypt(config.save(), "aes-256-cfb"); + encrypted.StoreToFile(file.path()); + auto loaded = Load("mypassword"); + EXPECT_EQ(none, loaded); +}