eric/onix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: logging module

Browse Source
This commit is contained in:
mayur.popli
2025-03-23 17:06:44 +05:30
parent 7894f673b1
commit 530740c428
27 changed files with 1760 additions and 290 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
pkg/plugin/definition/decrypter.go Normal file
View File

@@ -0,0 +1,15 @@
package definition
import "context"
// Decrypter defines the methods for decryption.
type Decrypter interface {
// Decrypt decrypts the given body using the provided privateKeyBase64 and publicKeyBase64.
Decrypt(ctx context.Context, encryptedData string, privateKeyBase64, publicKeyBase64 string) (string, error)
}
// DecrypterProvider initializes a new decrypter instance with the given config.
type DecrypterProvider interface {
// New creates a new decrypter instance based on the provided config.
New(ctx context.Context, config map[string]string) (Decrypter, func() error, error)
}

15
pkg/plugin/definition/encrypter.go Normal file
View File

@@ -0,0 +1,15 @@
package definition
import "context"
// Encrypter defines the methods for encryption.
type Encrypter interface {
// Encrypt encrypts the given body using the provided privateKeyBase64 and publicKeyBase64.
Encrypt(ctx context.Context, data string, privateKeyBase64, publicKeyBase64 string) (string, error)
}
// EncrypterProvider initializes a new encrypter instance with the given config.
type EncrypterProvider interface {
// New creates a new encrypter instance based on the provided config.
New(ctx context.Context, config map[string]string) (Encrypter, func() error, error)
}

16
pkg/plugin/definition/publisher.go Normal file
View File

@@ -0,0 +1,16 @@
package definition
import "context"
// Publisher defines the general publisher interface for messaging plugins.
type Publisher interface {
// Publish sends a message (as a byte slice) using the underlying messaging system.
Publish(ctx context.Context, msg []byte) error
Close() error // Important for releasing resources.
}
type PublisherProvider interface {
// New initializes a new publisher instance with the given configuration.
New(ctx context.Context, config map[string]string) (Publisher, error)
}

22
pkg/plugin/definition/signVerifier.go Normal file
View File

@@ -0,0 +1,22 @@
package definition
import "context"
// Verifier defines the method for verifying signatures.
type Verifier interface {
// Verify checks the validity of the signature for the given body.
Verify(ctx context.Context, body []byte, header []byte, publicKeyBase64 string) (bool, error)
Close() error // Close for releasing resources
}
// VerifierProvider initializes a new Verifier instance with the given config.
type VerifierProvider interface {
// New creates a new Verifier instance based on the provided config.
New(ctx context.Context, config map[string]string) (Verifier, func() error, error)
}
// PublicKeyManager is the interface for key management plugin.
type PublicKeyManager interface {
// PublicKey retrieves the public key for the given subscriberID and keyID.
PublicKey(ctx context.Context, subscriberID string, keyID string) (string, error)
}

24
pkg/plugin/definition/signer.go Normal file
View File

@@ -0,0 +1,24 @@
package definition
import "context"
// Signer defines the method for signing.
type Signer interface {
// Sign generates a signature for the given body and privateKeyBase64.
// The signature is created with the given timestamps: createdAt (signature creation time)
// and expiresAt (signature expiration time).
Sign(ctx context.Context, body []byte, privateKeyBase64 string, createdAt, expiresAt int64) (string, error)
Close() error // Close for releasing resources
}
// SignerProvider initializes a new signer instance with the given config.
type SignerProvider interface {
// New creates a new signer instance based on the provided config.
New(ctx context.Context, config map[string]string) (Signer, func() error, error)
}
// PrivateKeyManager is the interface for key management plugin.
type PrivateKeyManager interface {
// PrivateKey retrieves the private key for the given subscriberID and keyID.
PrivateKey(ctx context.Context, subscriberID string, keyID string) (string, error)
}

19
pkg/plugin/implementation/decrypter/cmd/plugin.go Normal file
View File

@@ -0,0 +1,19 @@
package main
import (
"context"
"github.com/beckn/beckn-onix/pkg/plugin/definition"
decrypter "github.com/beckn/beckn-onix/pkg/plugin/implementation/decrypter"
)
// DecrypterProvider implements the definition.DecrypterProvider interface.
type DecrypterProvider struct{}
// New creates a new Decrypter instance using the provided configuration.
func (dp DecrypterProvider) New(ctx context.Context, config map[string]string) (definition.Decrypter, func() error, error) {
return decrypter.New(ctx)
}
// Provider is the exported symbol that the plugin manager will look for.
var Provider definition.DecrypterProvider = DecrypterProvider{}

49
pkg/plugin/implementation/decrypter/cmd/plugin_test.go Normal file
View File

@@ -0,0 +1,49 @@
package main
import (
"context"
"testing"
)
func TestDecrypterProviderSuccess(t *testing.T) {
tests := []struct {
name string
ctx context.Context
config map[string]string
}{
{
name: "Valid context with empty config",
ctx: context.Background(),
config: map[string]string{},
},
{
name: "Valid context with non-empty config",
ctx: context.Background(),
config: map[string]string{"key": "value"},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
provider := DecrypterProvider{}
decrypter, cleanup, err := provider.New(tt.ctx, tt.config)
// Check error.
if err != nil {
t.Errorf("New() error = %v, want no error", err)
}
// Check decrypter.
if decrypter == nil {
t.Error("New() decrypter is nil, want non-nil")
}
// Test cleanup function if it exists.
if cleanup != nil {
if err := cleanup(); err != nil {
t.Errorf("cleanup() error = %v", err)
}
}
})
}
}

85
pkg/plugin/implementation/decrypter/decrypter.go Normal file
View File

@@ -0,0 +1,85 @@
package decryption
import (
"context"
"crypto/aes"
"crypto/cipher"
"crypto/ecdh"
"encoding/base64"
"fmt"
"github.com/zenazn/pkcs7pad"
)
// decrypter implements the Decrypter interface and handles the decryption process.
type decrypter struct {
}
// New creates a new decrypter instance with the given configuration.
func New(ctx context.Context) (*decrypter, func() error, error) {
return &decrypter{}, nil, nil
}
// Decrypt decrypts the given encryptedData using the provided privateKeyBase64 and publicKeyBase64.
func (d *decrypter) Decrypt(ctx context.Context, encryptedData, privateKeyBase64, publicKeyBase64 string) (string, error) {
privateKeyBytes, err := base64.StdEncoding.DecodeString(privateKeyBase64)
if err != nil {
return "", fmt.Errorf("invalid private key: %w", err)
}
publicKeyBytes, err := base64.StdEncoding.DecodeString(publicKeyBase64)
if err != nil {
return "", fmt.Errorf("invalid public key: %w", err)
}
// Decode the Base64 encoded encrypted data.
messageByte, err := base64.StdEncoding.DecodeString(encryptedData)
if err != nil {
return "", fmt.Errorf("failed to decode encrypted data: %w", err)
}
aesCipher, err := createAESCipher(privateKeyBytes, publicKeyBytes)
if err != nil {
return "", fmt.Errorf("failed to create AES cipher: %w", err)
}
blocksize := aesCipher.BlockSize()
if len(messageByte)%blocksize != 0 {
return "", fmt.Errorf("ciphertext is not a multiple of the blocksize")
}
for i := 0; i < len(messageByte); i += aesCipher.BlockSize() {
executionSlice := messageByte[i : i+aesCipher.BlockSize()]
aesCipher.Decrypt(executionSlice, executionSlice)
}
messageByte, err = pkcs7pad.Unpad(messageByte)
if err != nil {
return "", fmt.Errorf("failed to unpad data: %w", err)
}
return string(messageByte), nil
}
func createAESCipher(privateKey, publicKey []byte) (cipher.Block, error) {
x25519Curve := ecdh.X25519()
x25519PrivateKey, err := x25519Curve.NewPrivateKey(privateKey)
if err != nil {
return nil, fmt.Errorf("failed to create private key: %w", err)
}
x25519PublicKey, err := x25519Curve.NewPublicKey(publicKey)
if err != nil {
return nil, fmt.Errorf("failed to create public key: %w", err)
}
sharedSecret, err := x25519PrivateKey.ECDH(x25519PublicKey)
if err != nil {
return nil, fmt.Errorf("failed to derive shared secret: %w", err)
}
aesCipher, err := aes.NewCipher(sharedSecret)
if err != nil {
return nil, fmt.Errorf("failed to create AES cipher: %w", err)
}
return aesCipher, nil
}

251
pkg/plugin/implementation/decrypter/decrypter_test.go Normal file
View File

@@ -0,0 +1,251 @@
package decryption
import (
"context"
"crypto/aes"
"crypto/ecdh"
"crypto/rand"
"encoding/base64"
"strings"
"testing"
"github.com/zenazn/pkcs7pad"
)
// Helper function to generate valid test keys.
func generateTestKeys(t *testing.T) (privateKeyB64, publicKeyB64 string) {
curve := ecdh.X25519()
privateKey, err := curve.GenerateKey(rand.Reader)
if err != nil {
t.Fatalf("Failed to generate private key: %v", err)
}
publicKey := privateKey.PublicKey()
privateKeyB64 = base64.StdEncoding.EncodeToString(privateKey.Bytes())
publicKeyB64 = base64.StdEncoding.EncodeToString(publicKey.Bytes())
return privateKeyB64, publicKeyB64
}
// Helper function to encrypt test data.
func encryptTestData(t *testing.T, data []byte, privateKeyBase64, publicKeyBase64 string) string {
privateKeyBytes, err := base64.StdEncoding.DecodeString(privateKeyBase64)
if err != nil {
t.Fatalf("Invalid private key: %v", err)
}
publicKeyBytes, err := base64.StdEncoding.DecodeString(publicKeyBase64)
if err != nil {
t.Fatalf("Invalid public key: %v", err)
}
x25519Curve := ecdh.X25519()
x25519PrivateKey, err := x25519Curve.NewPrivateKey(privateKeyBytes)
if err != nil {
t.Fatalf("Failed to create private key: %v", err)
}
x25519PublicKey, err := x25519Curve.NewPublicKey(publicKeyBytes)
if err != nil {
t.Fatalf("Failed to create public key: %v", err)
}
// Generate shared secret for encryption.
sharedSecret, err := x25519PrivateKey.ECDH(x25519PublicKey)
if err != nil {
t.Fatalf("Failed to create shared secret: %v", err)
}
// Create AES cipher.
block, err := aes.NewCipher(sharedSecret)
if err != nil {
t.Fatalf("Failed to create AES cipher: %v", err)
}
// Pad the data.
paddedData := pkcs7pad.Pad(data, block.BlockSize())
// Encrypt the data.
ciphertext := make([]byte, len(paddedData))
for i := 0; i < len(paddedData); i += block.BlockSize() {
block.Encrypt(ciphertext[i:i+block.BlockSize()], paddedData[i:i+block.BlockSize()])
}
return base64.StdEncoding.EncodeToString(ciphertext)
}
// TestDecrypterSuccess tests successful decryption scenarios.
func TestDecrypterSuccess(t *testing.T) {
senderPrivateKeyB64, senderPublicKeyB64 := generateTestKeys(t)
receiverPrivateKeyB64, receiverPublicKeyB64 := generateTestKeys(t)
tests := []struct {
name string
data []byte
}{
{
name: "Valid decryption with small data",
data: []byte("test"),
},
{
name: "Valid decryption with medium data",
data: []byte("medium length test data that spans multiple blocks"),
},
{
name: "Valid decryption with empty data",
data: []byte{},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
// Encrypt the test data.
encryptedData := encryptTestData(t, tt.data, senderPrivateKeyB64, receiverPublicKeyB64)
decrypter, _, err := New(context.Background())
if err != nil {
t.Fatalf("Failed to create decrypter: %v", err)
}
result, err := decrypter.Decrypt(context.Background(), encryptedData, receiverPrivateKeyB64, senderPublicKeyB64)
if err != nil {
t.Errorf("Decrypt() error = %v", err)
}
if err == nil {
if result != string(tt.data) {
t.Errorf("Decrypt() = %v, want %v", result, string(tt.data))
}
}
})
}
}
// TestDecrypterFailure tests various failure scenarios.
func TestDecrypterFailure(t *testing.T) {
_, senderPublicKeyB64 := generateTestKeys(t)
receiverPrivateKeyB64, _ := generateTestKeys(t)
tests := []struct {
name string
encryptedData string
privateKey string
publicKey string
expectedErr string
}{
{
name: "Invalid private key format",
encryptedData: base64.StdEncoding.EncodeToString(make([]byte, 32)),
privateKey: "invalid-base64!@#$",
publicKey: senderPublicKeyB64,
expectedErr: "invalid private key",
},
{
name: "Invalid public key format",
encryptedData: base64.StdEncoding.EncodeToString(make([]byte, 32)),
privateKey: receiverPrivateKeyB64,
publicKey: "invalid-base64!@#$",
expectedErr: "invalid public key",
},
{
name: "Invalid encrypted data format",
encryptedData: "invalid-base64!@#$",
privateKey: receiverPrivateKeyB64,
publicKey: senderPublicKeyB64,
expectedErr: "failed to decode encrypted data",
},
{
name: "Empty private key",
encryptedData: base64.StdEncoding.EncodeToString(make([]byte, 32)),
privateKey: "",
publicKey: senderPublicKeyB64,
expectedErr: "invalid private key",
},
{
name: "Empty public key",
encryptedData: base64.StdEncoding.EncodeToString(make([]byte, 32)),
privateKey: receiverPrivateKeyB64,
publicKey: "",
expectedErr: "invalid public key",
},
{
name: "Invalid base64 data",
encryptedData: "=invalid-base64", // Invalid encrypted data.
privateKey: receiverPrivateKeyB64,
publicKey: senderPublicKeyB64,
expectedErr: "failed to decode encrypted data",
},
{
name: "Invalid private key size",
encryptedData: base64.StdEncoding.EncodeToString(make([]byte, 32)),
privateKey: base64.StdEncoding.EncodeToString([]byte("short")),
publicKey: senderPublicKeyB64,
expectedErr: "failed to create private key",
},
{
name: "Invalid public key size",
encryptedData: base64.StdEncoding.EncodeToString(make([]byte, 32)),
privateKey: receiverPrivateKeyB64,
publicKey: base64.StdEncoding.EncodeToString([]byte("short")),
expectedErr: "failed to create public key",
},
{
name: "Invalid block size",
encryptedData: base64.StdEncoding.EncodeToString([]byte("not-block-size")),
privateKey: receiverPrivateKeyB64,
publicKey: senderPublicKeyB64,
expectedErr: "ciphertext is not a multiple of the blocksize",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
decrypter, _, err := New(context.Background())
if err != nil {
t.Fatalf("Failed to create decrypter: %v", err)
}
_, err = decrypter.Decrypt(context.Background(), tt.encryptedData, tt.privateKey, tt.publicKey)
if err == nil {
t.Error("Expected error but got none")
}
if err != nil {
if !strings.Contains(err.Error(), tt.expectedErr) {
t.Errorf("Expected error containing %q, got %q", tt.expectedErr, err.Error())
}
}
})
}
}
// TestNewDecrypter tests the creation of new Decrypter instances.
func TestNewDecrypter(t *testing.T) {
tests := []struct {
name string
ctx context.Context
}{
{
name: "Valid context",
ctx: context.Background(),
},
{
name: "Nil context",
ctx: nil,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
decrypter, _, err := New(tt.ctx)
if err != nil {
t.Errorf("New() error = %v", err)
}
if err == nil {
if decrypter == nil {
t.Error("Expected non-nil decrypter")
}
}
})
}
}

18
pkg/plugin/implementation/encrypter/cmd/plugin.go Normal file
View File

@@ -0,0 +1,18 @@
package main
import (
"context"
"github.com/beckn/beckn-onix/pkg/plugin/definition"
"github.com/beckn/beckn-onix/pkg/plugin/implementation/encrypter"
)
// EncrypterProvider implements the definition.EncrypterProvider interface.
type EncrypterProvider struct{}
func (ep EncrypterProvider) New(ctx context.Context, config map[string]string) (definition.Encrypter, func() error, error) {
return encrypter.New(ctx)
}
// Provider is the exported symbol that the plugin manager will look for.
var Provider definition.EncrypterProvider = EncrypterProvider{}

49
pkg/plugin/implementation/encrypter/cmd/plugin_test.go Normal file
View File

@@ -0,0 +1,49 @@
package main
import (
"context"
"testing"
)
func TestEncrypterProviderSuccess(t *testing.T) {
tests := []struct {
name string
ctx context.Context
config map[string]string
}{
{
name: "Valid empty config",
ctx: context.Background(),
config: map[string]string{},
},
{
name: "Valid config with algorithm",
ctx: context.Background(),
config: map[string]string{
"algorithm": "AES",
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
// Create provider and encrypter.
provider := EncrypterProvider{}
encrypter, cleanup, err := provider.New(tt.ctx, tt.config)
if err != nil {
t.Fatalf("EncrypterProvider.New() error = %v", err)
}
if encrypter == nil {
t.Fatal("EncrypterProvider.New() returned nil encrypter")
}
defer func() {
if cleanup != nil {
if err := cleanup(); err != nil {
t.Errorf("Cleanup() error = %v", err)
}
}
}()
})
}
}

70
pkg/plugin/implementation/encrypter/encrypter.go Normal file
View File

@@ -0,0 +1,70 @@
package encrypter
import (
"context"
"crypto/aes"
"crypto/cipher"
"crypto/ecdh"
"encoding/base64"
"fmt"
"github.com/zenazn/pkcs7pad"
)
// encrypter implements the Encrypter interface and handles the encryption process.
type encrypter struct {
}
// New creates a new encrypter instance with the given configuration.
func New(ctx context.Context) (*encrypter, func() error, error) {
return &encrypter{}, nil, nil
}
func (e *encrypter) Encrypt(ctx context.Context, data string, privateKeyBase64, publicKeyBase64 string) (string, error) {
privateKeyBytes, err := base64.StdEncoding.DecodeString(privateKeyBase64)
if err != nil {
return "", fmt.Errorf("invalid private key: %w", err)
}
publicKeyBytes, err := base64.StdEncoding.DecodeString(publicKeyBase64)
if err != nil {
return "", fmt.Errorf("invalid public key: %w", err)
}
// Convert the input string to a byte slice.
dataByte := []byte(data)
aesCipher, err := createAESCipher(privateKeyBytes, publicKeyBytes)
if err != nil {
return "", fmt.Errorf("failed to create AES cipher: %w", err)
}
dataByte = pkcs7pad.Pad(dataByte, aesCipher.BlockSize())
for i := 0; i < len(dataByte); i += aesCipher.BlockSize() {
aesCipher.Encrypt(dataByte[i:i+aesCipher.BlockSize()], dataByte[i:i+aesCipher.BlockSize()])
}
return base64.StdEncoding.EncodeToString(dataByte), nil
}
func createAESCipher(privateKey, publicKey []byte) (cipher.Block, error) {
x25519Curve := ecdh.X25519()
x25519PrivateKey, err := x25519Curve.NewPrivateKey(privateKey)
if err != nil {
return nil, fmt.Errorf("failed to create private key: %w", err)
}
x25519PublicKey, err := x25519Curve.NewPublicKey(publicKey)
if err != nil {
return nil, fmt.Errorf("failed to create public key: %w", err)
}
sharedSecret, err := x25519PrivateKey.ECDH(x25519PublicKey)
if err != nil {
return nil, fmt.Errorf("failed to derive shared secret: %w", err)
}
aesCipher, err := aes.NewCipher(sharedSecret)
if err != nil {
return nil, fmt.Errorf("failed to create AES cipher: %w", err)
}
return aesCipher, nil
}

183
pkg/plugin/implementation/encrypter/encrypter_test.go Normal file
View File

@@ -0,0 +1,183 @@
package encrypter
import (
"context"
"crypto/ecdh"
"crypto/rand"
"encoding/base64"
"strings"
"testing"
)
// Helper function to generate a test X25519 key pair.
func generateTestKeyPair(t *testing.T) (string, string) {
curve := ecdh.X25519()
privateKey, err := curve.GenerateKey(rand.Reader)
if err != nil {
t.Fatalf("Failed to generate private key: %v", err)
}
publicKeyBytes := privateKey.PublicKey().Bytes()
// Encode public and private key to base64.
publicKeyBase64 := base64.StdEncoding.EncodeToString(publicKeyBytes)
privateKeyBase64 := base64.StdEncoding.EncodeToString(privateKey.Bytes())
return publicKeyBase64, privateKeyBase64
}
// TestEncryptSuccess tests successful encryption scenarios.
func TestEncryptSuccess(t *testing.T) {
_, privateKey := generateTestKeyPair(t)
peerpublicKey, _ := generateTestKeyPair(t)
tests := []struct {
name string
data string
pubKey string
privKey string
}{
{
name: "Valid short message",
data: "Hello, World!",
pubKey: peerpublicKey,
privKey: privateKey,
},
{
name: "Valid JSON message",
data: `{"key":"value"}`,
pubKey: peerpublicKey,
privKey: privateKey,
},
{
name: "Valid empty message",
data: "",
pubKey: peerpublicKey,
privKey: privateKey,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
encrypter := &encrypter{}
encrypted, err := encrypter.Encrypt(context.Background(), tt.data, tt.privKey, tt.pubKey)
if err != nil {
t.Errorf("Encrypt() expected no error, but got: %v", err)
}
// Verify the encrypted data is valid base64.
_, err = base64.StdEncoding.DecodeString(encrypted)
if err != nil {
t.Errorf("Encrypt() output is not valid base64: %v", err)
}
// Since we can't decrypt without the ephemeral private key,
// we can only verify that encryption doesn't return empty data.
if encrypted == "" {
t.Error("Encrypt() returned empty string")
}
// Verify the output is different from input (basic encryption check).
if encrypted == tt.data {
t.Error("Encrypt() output matches input, suggesting no encryption occurred")
}
})
}
}
// TestEncryptFailure tests encryption failure scenarios.
func TestEncryptFailure(t *testing.T) {
// Generate a valid key pair for testing.
_, privateKey := generateTestKeyPair(t)
peerpublicKey, _ := generateTestKeyPair(t)
tests := []struct {
name string
data string
publicKey string
privKey string
errorContains string
}{
{
name: "Invalid public key format",
data: "test data",
publicKey: "invalid-base64!@#$",
privKey: privateKey,
errorContains: "invalid public key",
},
{
name: "Invalid key bytes(public key)",
data: "test data",
publicKey: base64.StdEncoding.EncodeToString([]byte("invalid-key-bytes")),
privKey: privateKey,
errorContains: "failed to create public key",
},
{
name: "Invalid key bytes(private key)",
data: "test data",
publicKey: peerpublicKey,
privKey: base64.StdEncoding.EncodeToString([]byte("invalid-key-bytes")),
errorContains: "failed to create private key",
},
{
name: "Empty public key",
data: "test data",
publicKey: "",
privKey: privateKey,
errorContains: "invalid public key",
},
{
name: "Too short key",
data: "test data",
publicKey: base64.StdEncoding.EncodeToString([]byte{1, 2, 3, 4}),
privKey: privateKey,
errorContains: "failed to create public key",
},
{
name: "Invalid private key",
data: "test data",
publicKey: peerpublicKey,
privKey: "invalid-base64!@#$",
errorContains: "invalid private key",
},
{
name: "Empty private key",
data: "test data",
publicKey: peerpublicKey,
privKey: "",
errorContains: "invalid private key",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
encrypter := &encrypter{}
_, err := encrypter.Encrypt(context.Background(), tt.data, tt.privKey, tt.publicKey)
if err != nil && !strings.Contains(err.Error(), tt.errorContains) {
t.Errorf("Encrypt() error = %v, want error containing %q", err, tt.errorContains)
}
})
}
}
// TestNew tests the creation of new encrypter instances.
func TestNew(t *testing.T) {
tests := []struct {
name string
ctx context.Context
}{
{
name: "Success",
ctx: context.Background(),
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
encrypter, _, err := New(tt.ctx)
if err == nil && encrypter == nil {
t.Error("New() returned nil encrypter")
}
})
}
}

25
pkg/plugin/implementation/signVerifier/cmd/plugin.go Normal file
View File

@@ -0,0 +1,25 @@
package main
import (
"context"
"errors"
"github.com/beckn/beckn-onix/pkg/plugin/definition"
verifier "github.com/beckn/beckn-onix/pkg/plugin/implementation/signVerifier"
)
// VerifierProvider provides instances of Verifier.
type VerifierProvider struct{}
// New initializes a new Verifier instance.
func (vp VerifierProvider) New(ctx context.Context, config map[string]string) (definition.Verifier, func() error, error) {
if ctx == nil {
return nil, nil, errors.New("context cannot be nil")
}
return verifier.New(ctx, &verifier.Config{})
}
// Provider is the exported symbol that the plugin manager will look for.
var Provider definition.VerifierProvider = VerifierProvider{}

89
pkg/plugin/implementation/signVerifier/cmd/plugin_test.go Normal file
View File

@@ -0,0 +1,89 @@
package main
import (
"context"
"testing"
)
// TestVerifierProviderSuccess tests successful creation of a verifier.
func TestVerifierProviderSuccess(t *testing.T) {
provider := VerifierProvider{}
tests := []struct {
name string
ctx context.Context
config map[string]string
}{
{
name: "Successful creation",
ctx: context.Background(),
config: map[string]string{},
},
{
name: "Nil context",
ctx: context.TODO(),
config: map[string]string{},
},
{
name: "Empty config",
ctx: context.Background(),
config: map[string]string{},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
verifier, close, err := provider.New(tt.ctx, tt.config)
if err != nil {
t.Fatalf("Expected no error, but got: %v", err)
}
if verifier == nil {
t.Fatal("Expected verifier instance to be non-nil")
}
if close != nil {
if err := close(); err != nil {
t.Fatalf("Test %q failed: cleanup function returned an error: %v", tt.name, err)
}
}
})
}
}
// TestVerifierProviderFailure tests cases where verifier creation should fail.
func TestVerifierProviderFailure(t *testing.T) {
provider := VerifierProvider{}
tests := []struct {
name string
ctx context.Context
config map[string]string
wantErr bool
}{
{
name: "Nil context failure",
ctx: nil,
config: map[string]string{},
wantErr: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
verifierInstance, close, err := provider.New(tt.ctx, tt.config)
if (err != nil) != tt.wantErr {
t.Fatalf("Expected error: %v, but got: %v", tt.wantErr, err)
}
if verifierInstance != nil {
t.Fatal("Expected verifier instance to be nil")
}
if close != nil {
if err := close(); err != nil {
t.Fatalf("Test %q failed: cleanup function returned an error: %v", tt.name, err)
}
}
})
}
}

120
pkg/plugin/implementation/signVerifier/signVerifier.go Normal file
View File

@@ -0,0 +1,120 @@
package verifier
import (
"context"
"crypto/ed25519"
"encoding/base64"
"fmt"
"strconv"
"strings"
"time"
"golang.org/x/crypto/blake2b"
)
// Config struct for Verifier.
type Config struct {
}
// Verifier implements the Verifier interface.
type Verifier struct {
config *Config
}
// New creates a new Verifier instance.
func New(ctx context.Context, config *Config) (*Verifier, func() error, error) {
v := &Verifier{config: config}
return v, v.Close, nil
}
// Verify checks the signature for the given payload and public key.
func (v *Verifier) Verify(ctx context.Context, body []byte, header []byte, publicKeyBase64 string) (bool, error) {
createdTimestamp, expiredTimestamp, signature, err := parseAuthHeader(string(header))
if err != nil {
// TODO: Return appropriate error code when Error Code Handling Module is ready
return false, fmt.Errorf("error parsing header: %w", err)
}
signatureBytes, err := base64.StdEncoding.DecodeString(signature)
if err != nil {
// TODO: Return appropriate error code when Error Code Handling Module is ready
return false, fmt.Errorf("error decoding signature: %w", err)
}
currentTime := time.Now().Unix()
if createdTimestamp > currentTime || currentTime > expiredTimestamp {
// TODO: Return appropriate error code when Error Code Handling Module is ready
return false, fmt.Errorf("signature is expired or not yet valid")
}
createdTime := time.Unix(createdTimestamp, 0)
expiredTime := time.Unix(expiredTimestamp, 0)
signingString := hash(body, createdTime.Unix(), expiredTime.Unix())
decodedPublicKey, err := base64.StdEncoding.DecodeString(publicKeyBase64)
if err != nil {
// TODO: Return appropriate error code when Error Code Handling Module is ready
return false, fmt.Errorf("error decoding public key: %w", err)
}
if !ed25519.Verify(ed25519.PublicKey(decodedPublicKey), []byte(signingString), signatureBytes) {
// TODO: Return appropriate error code when Error Code Handling Module is ready
return false, fmt.Errorf("signature verification failed")
}
return true, nil
}
// parseAuthHeader extracts signature values from the Authorization header.
func parseAuthHeader(header string) (int64, int64, string, error) {
header = strings.TrimPrefix(header, "Signature ")
parts := strings.Split(header, ",")
signatureMap := make(map[string]string)
for _, part := range parts {
keyValue := strings.SplitN(strings.TrimSpace(part), "=", 2)
if len(keyValue) == 2 {
key := strings.TrimSpace(keyValue[0])
value := strings.Trim(keyValue[1], "\"")
signatureMap[key] = value
}
}
createdTimestamp, err := strconv.ParseInt(signatureMap["created"], 10, 64)
if err != nil {
// TODO: Return appropriate error code when Error Code Handling Module is ready
return 0, 0, "", fmt.Errorf("invalid created timestamp: %w", err)
}
expiredTimestamp, err := strconv.ParseInt(signatureMap["expires"], 10, 64)
if err != nil {
// TODO: Return appropriate error code when Error Code Handling Module is ready
return 0, 0, "", fmt.Errorf("invalid expires timestamp: %w", err)
}
signature := signatureMap["signature"]
if signature == "" {
// TODO: Return appropriate error code when Error Code Handling Module is ready
return 0, 0, "", fmt.Errorf("signature missing in header")
}
return createdTimestamp, expiredTimestamp, signature, nil
}
// hash constructs a signing string for verification.
func hash(payload []byte, createdTimestamp, expiredTimestamp int64) string {
hasher, _ := blake2b.New512(nil)
hasher.Write(payload)
hashSum := hasher.Sum(nil)
digestB64 := base64.StdEncoding.EncodeToString(hashSum)
return fmt.Sprintf("(created): %d\n(expires): %d\ndigest: BLAKE-512=%s", createdTimestamp, expiredTimestamp, digestB64)
}
// Close releases resources (mock implementation returning nil).
func (v *Verifier) Close() error {
return nil
}

153
pkg/plugin/implementation/signVerifier/signVerifier_test.go Normal file
View File

@@ -0,0 +1,153 @@
package verifier
import (
"context"
"crypto/ed25519"
"encoding/base64"
"strconv"
"testing"
"time"
)
// generateTestKeyPair generates a new ED25519 key pair for testing.
func generateTestKeyPair() (string, string) {
publicKey, privateKey, _ := ed25519.GenerateKey(nil)
return base64.StdEncoding.EncodeToString(privateKey), base64.StdEncoding.EncodeToString(publicKey)
}
// signTestData creates a valid signature for test cases.
func signTestData(privateKeyBase64 string, body []byte, createdAt, expiresAt int64) string {
privateKeyBytes, _ := base64.StdEncoding.DecodeString(privateKeyBase64)
privateKey := ed25519.PrivateKey(privateKeyBytes)
signingString := hash(body, createdAt, expiresAt)
signature := ed25519.Sign(privateKey, []byte(signingString))
return base64.StdEncoding.EncodeToString(signature)
}
// TestVerifySuccessCases tests all valid signature verification cases.
func TestVerifySuccess(t *testing.T) {
privateKeyBase64, publicKeyBase64 := generateTestKeyPair()
tests := []struct {
name string
body []byte
createdAt int64
expiresAt int64
}{
{
name: "Valid Signature",
body: []byte("Test Payload"),
createdAt: time.Now().Unix(),
expiresAt: time.Now().Unix() + 3600,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
signature := signTestData(privateKeyBase64, tt.body, tt.createdAt, tt.expiresAt)
header := `Signature created="` + strconv.FormatInt(tt.createdAt, 10) +
`", expires="` + strconv.FormatInt(tt.expiresAt, 10) +
`", signature="` + signature + `"`
verifier, close, _ := New(context.Background(), &Config{})
valid, err := verifier.Verify(context.Background(), tt.body, []byte(header), publicKeyBase64)
if err != nil {
t.Fatalf("Expected no error, but got: %v", err)
}
if !valid {
t.Fatal("Expected signature verification to succeed")
}
if close != nil {
if err := close(); err != nil {
t.Fatalf("Test %q failed: cleanup function returned an error: %v", tt.name, err)
}
}
})
}
}
// TestVerifyFailureCases tests all invalid signature verification cases.
func TestVerifyFailure(t *testing.T) {
privateKeyBase64, publicKeyBase64 := generateTestKeyPair()
_, wrongPublicKeyBase64 := generateTestKeyPair()
tests := []struct {
name string
body []byte
header string
pubKey string
}{
{
name: "Missing Authorization Header",
body: []byte("Test Payload"),
header: "",
pubKey: publicKeyBase64,
},
{
name: "Malformed Header",
body: []byte("Test Payload"),
header: `InvalidSignature created="wrong"`,
pubKey: publicKeyBase64,
},
{
name: "Invalid Base64 Signature",
body: []byte("Test Payload"),
header: `Signature created="` + strconv.FormatInt(time.Now().Unix(), 10) +
`", expires="` + strconv.FormatInt(time.Now().Unix()+3600, 10) +
`", signature="!!INVALIDBASE64!!"`,
pubKey: publicKeyBase64,
},
{
name: "Expired Signature",
body: []byte("Test Payload"),
header: `Signature created="` + strconv.FormatInt(time.Now().Unix()-7200, 10) +
`", expires="` + strconv.FormatInt(time.Now().Unix()-3600, 10) +
`", signature="` + signTestData(privateKeyBase64, []byte("Test Payload"), time.Now().Unix()-7200, time.Now().Unix()-3600) + `"`,
pubKey: publicKeyBase64,
},
{
name: "Invalid Public Key",
body: []byte("Test Payload"),
header: `Signature created="` + strconv.FormatInt(time.Now().Unix(), 10) +
`", expires="` + strconv.FormatInt(time.Now().Unix()+3600, 10) +
`", signature="` + signTestData(privateKeyBase64, []byte("Test Payload"), time.Now().Unix(), time.Now().Unix()+3600) + `"`,
pubKey: wrongPublicKeyBase64,
},
{
name: "Invalid Expires Timestamp",
body: []byte("Test Payload"),
header: `Signature created="` + strconv.FormatInt(time.Now().Unix(), 10) +
`", expires="invalid_timestamp"`,
pubKey: publicKeyBase64,
},
{
name: "Signature Missing in Headers",
body: []byte("Test Payload"),
header: `Signature created="` + strconv.FormatInt(time.Now().Unix(), 10) +
`", expires="` + strconv.FormatInt(time.Now().Unix()+3600, 10) + `"`,
pubKey: publicKeyBase64,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
verifier, close, _ := New(context.Background(), &Config{})
valid, err := verifier.Verify(context.Background(), tt.body, []byte(tt.header), tt.pubKey)
if err == nil {
t.Fatal("Expected an error but got none")
}
if valid {
t.Fatal("Expected verification to fail")
}
if close != nil {
if err := close(); err != nil {
t.Fatalf("Test %q failed: cleanup function returned an error: %v", tt.name, err)
}
}
})
}
}

24
pkg/plugin/implementation/signer/cmd/plugin.go Normal file
View File

@@ -0,0 +1,24 @@
package main
import (
"context"
"errors"
"github.com/beckn/beckn-onix/pkg/plugin/definition"
"github.com/beckn/beckn-onix/pkg/plugin/implementation/signer"
)
// SignerProvider implements the definition.SignerProvider interface.
type SignerProvider struct{}
// New creates a new Signer instance using the provided configuration.
func (p SignerProvider) New(ctx context.Context, config map[string]string) (definition.Signer, func() error, error) {
if ctx == nil {
return nil, nil, errors.New("context cannot be nil")
}
return signer.New(ctx, &signer.Config{})
}
// Provider is the exported symbol that the plugin manager will look for.
var Provider definition.SignerProvider = SignerProvider{}

101
pkg/plugin/implementation/signer/cmd/plugin_test.go Normal file
View File

@@ -0,0 +1,101 @@
package main
import (
"context"
"testing"
)
// TestSignerProviderSuccess verifies successful scenarios for SignerProvider.
func TestSignerProviderSuccess(t *testing.T) {
provider := SignerProvider{}
successTests := []struct {
name string
ctx context.Context
config map[string]string
}{
{
name: "Valid Config",
ctx: context.Background(),
config: map[string]string{},
},
{
name: "Unexpected Config Key",
ctx: context.Background(),
config: map[string]string{"unexpected_key": "some_value"},
},
{
name: "Empty Config",
ctx: context.Background(),
config: map[string]string{},
},
{
name: "Config with empty TTL",
ctx: context.Background(),
config: map[string]string{"ttl": ""},
},
{
name: "Config with negative TTL",
ctx: context.Background(),
config: map[string]string{"ttl": "-100"},
},
{
name: "Config with non-numeric TTL",
ctx: context.Background(),
config: map[string]string{"ttl": "not_a_number"},
},
}
for _, tt := range successTests {
t.Run(tt.name, func(t *testing.T) {
signer, close, err := provider.New(tt.ctx, tt.config)
if err != nil {
t.Fatalf("Test %q failed: expected no error, but got: %v", tt.name, err)
}
if signer == nil {
t.Fatalf("Test %q failed: signer instance should not be nil", tt.name)
}
if close != nil {
if err := close(); err != nil {
t.Fatalf("Cleanup function returned an error: %v", err)
}
}
})
}
}
// TestSignerProviderFailure verifies failure scenarios for SignerProvider.
func TestSignerProviderFailure(t *testing.T) {
provider := SignerProvider{}
failureTests := []struct {
name string
ctx context.Context
config map[string]string
wantErr bool
}{
{
name: "Nil Context",
ctx: nil,
config: map[string]string{},
wantErr: true,
},
}
for _, tt := range failureTests {
t.Run(tt.name, func(t *testing.T) {
signerInstance, close, err := provider.New(tt.ctx, tt.config)
if (err != nil) != tt.wantErr {
t.Fatalf("Test %q failed: expected error: %v, got: %v", tt.name, tt.wantErr, err)
}
if signerInstance != nil {
t.Fatalf("Test %q failed: expected signer instance to be nil", tt.name)
}
if close != nil {
t.Fatalf("Test %q failed: expected cleanup function to be nil", tt.name)
}
})
}
}

77
pkg/plugin/implementation/signer/signer.go Normal file
View File

@@ -0,0 +1,77 @@
package signer
import (
"context"
"crypto/ed25519"
"encoding/base64"
"errors"
"fmt"
"golang.org/x/crypto/blake2b"
)
// Config holds the configuration for the signing process.
type Config struct {
}
// Signer implements the Signer interface and handles the signing process.
type Signer struct {
config *Config
}
// New creates a new Signer instance with the given configuration.
func New(ctx context.Context, config *Config) (*Signer, func() error, error) {
s := &Signer{config: config}
return s, s.Close, nil
}
// hash generates a signing string using BLAKE-512 hashing.
func hash(payload []byte, createdAt, expiresAt int64) (string, error) {
hasher, _ := blake2b.New512(nil)
_, err := hasher.Write(payload)
if err != nil {
return "", fmt.Errorf("failed to hash payload: %w", err)
}
hashSum := hasher.Sum(nil)
digestB64 := base64.StdEncoding.EncodeToString(hashSum)
return fmt.Sprintf("(created): %d\n(expires): %d\ndigest: BLAKE-512=%s", createdAt, expiresAt, digestB64), nil
}
// generateSignature signs the given signing string using the provided private key.
func generateSignature(signingString []byte, privateKeyBase64 string) ([]byte, error) {
privateKeyBytes, err := base64.StdEncoding.DecodeString(privateKeyBase64)
if err != nil {
return nil, fmt.Errorf("error decoding private key: %w", err)
}
if len(privateKeyBytes) != ed25519.PrivateKeySize {
return nil, errors.New("invalid private key length")
}
privateKey := ed25519.PrivateKey(privateKeyBytes)
return ed25519.Sign(privateKey, signingString), nil
}
// Sign generates a digital signature for the provided payload.
func (s *Signer) Sign(ctx context.Context, body []byte, privateKeyBase64 string, createdAt, expiresAt int64) (string, error) {
signingString, err := hash(body, createdAt, expiresAt)
if err != nil {
return "", err
}
signature, err := generateSignature([]byte(signingString), privateKeyBase64)
if err != nil {
return "", err
}
return base64.StdEncoding.EncodeToString(signature), nil
}
// Close releases resources (mock implementation returning nil).
func (s *Signer) Close() error {
return nil
}

104
pkg/plugin/implementation/signer/signer_test.go Normal file
View File

@@ -0,0 +1,104 @@
package signer
import (
"context"
"crypto/ed25519"
"encoding/base64"
"strings"
"testing"
"time"
)
// generateTestKeys generates a test private and public key pair in base64 encoding.
func generateTestKeys() (string, string) {
publicKey, privateKey, _ := ed25519.GenerateKey(nil)
return base64.StdEncoding.EncodeToString(privateKey), base64.StdEncoding.EncodeToString(publicKey)
}
// TestSignSuccess tests the Sign method with valid inputs to ensure it produces a valid signature.
func TestSignSuccess(t *testing.T) {
privateKey, _ := generateTestKeys()
config := Config{}
signer, close, _ := New(context.Background(), &config)
successTests := []struct {
name string
payload []byte
privateKey string
createdAt int64
expiresAt int64
}{
{
name: "Valid Signing",
payload: []byte("test payload"),
privateKey: privateKey,
createdAt: time.Now().Unix(),
expiresAt: time.Now().Unix() + 3600,
},
}
for _, tt := range successTests {
t.Run(tt.name, func(t *testing.T) {
signature, err := signer.Sign(context.Background(), tt.payload, tt.privateKey, tt.createdAt, tt.expiresAt)
if err != nil {
t.Errorf("unexpected error: %v", err)
}
if len(signature) == 0 {
t.Errorf("expected a non-empty signature, but got empty")
}
if close != nil {
if err := close(); err != nil {
t.Fatalf("Cleanup function returned an error: %v", err)
}
}
})
}
}
// TestSignFailure tests the Sign method with invalid inputs to ensure proper error handling.
func TestSignFailure(t *testing.T) {
config := Config{}
signer, close, _ := New(context.Background(), &config)
failureTests := []struct {
name string
payload []byte
privateKey string
createdAt int64
expiresAt int64
expectErrString string
}{
{
name: "Invalid Private Key",
payload: []byte("test payload"),
privateKey: "invalid_key",
createdAt: time.Now().Unix(),
expiresAt: time.Now().Unix() + 3600,
expectErrString: "error decoding private key",
},
{
name: "Short Private Key",
payload: []byte("test payload"),
privateKey: base64.StdEncoding.EncodeToString([]byte("short_key")),
createdAt: time.Now().Unix(),
expiresAt: time.Now().Unix() + 3600,
expectErrString: "invalid private key length",
},
}
for _, tt := range failureTests {
t.Run(tt.name, func(t *testing.T) {
_, err := signer.Sign(context.Background(), tt.payload, tt.privateKey, tt.createdAt, tt.expiresAt)
if err == nil {
t.Errorf("expected error but got none")
} else if !strings.Contains(err.Error(), tt.expectErrString) {
t.Errorf("expected error message to contain %q, got %v", tt.expectErrString, err)
}
if close != nil {
if err := close(); err != nil {
t.Fatalf("Cleanup function returned an error: %v", err)
}
}
})
}
}

171
pkg/plugin/manager.go Normal file
View File

@@ -0,0 +1,171 @@
package plugin
import (
"context"
"fmt"
"path/filepath"
"plugin"
"strings"
"github.com/beckn/beckn-onix/pkg/plugin/definition"
)
// Config represents the plugin manager configuration.
type Config struct {
Root string `yaml:"root"`
Signer PluginConfig `yaml:"signer"`
Verifier PluginConfig `yaml:"verifier"`
Decrypter PluginConfig `yaml:"decrypter"`
Encrypter PluginConfig `yaml:"encrypter"`
Publisher PluginConfig `yaml:"publisher"`
}
// PluginConfig represents configuration details for a plugin.
type PluginConfig struct {
ID string `yaml:"id"`
Config map[string]string `yaml:"config"`
}
// Manager handles dynamic plugin loading and management.
type Manager struct {
sp definition.SignerProvider
vp definition.VerifierProvider
dp definition.DecrypterProvider
ep definition.EncrypterProvider
pb definition.PublisherProvider
cfg *Config
}
// NewManager initializes a new Manager with the given configuration file.
func NewManager(ctx context.Context, cfg *Config) (*Manager, error) {
if cfg == nil {
return nil, fmt.Errorf("configuration cannot be nil")
}
// Load signer plugin.
sp, err := provider[definition.SignerProvider](cfg.Root, cfg.Signer.ID)
if err != nil {
return nil, fmt.Errorf("failed to load signer plugin: %w", err)
}
// Load publisher plugin.
pb, err := provider[definition.PublisherProvider](cfg.Root, cfg.Publisher.ID)
if err != nil {
return nil, fmt.Errorf("failed to load publisher plugin: %w", err)
}
// Load verifier plugin.
vp, err := provider[definition.VerifierProvider](cfg.Root, cfg.Verifier.ID)
if err != nil {
return nil, fmt.Errorf("failed to load Verifier plugin: %w", err)
}
// Load decrypter plugin.
dp, err := provider[definition.DecrypterProvider](cfg.Root, cfg.Decrypter.ID)
if err != nil {
return nil, fmt.Errorf("failed to load Decrypter plugin: %w", err)
}
// Load encryption plugin.
ep, err := provider[definition.EncrypterProvider](cfg.Root, cfg.Encrypter.ID)
if err != nil {
return nil, fmt.Errorf("failed to load encryption plugin: %w", err)
}
return &Manager{sp: sp, vp: vp, pb: pb, ep: ep, dp: dp, cfg: cfg}, nil
}
// provider loads a plugin dynamically and retrieves its provider instance.
func provider[T any](root, id string) (T, error) {
var zero T
if len(strings.TrimSpace(id)) == 0 {
return zero, nil
}
p, err := plugin.Open(pluginPath(root, id))
if err != nil {
return zero, fmt.Errorf("failed to open plugin %s: %w", id, err)
}
symbol, err := p.Lookup("Provider")
if err != nil {
return zero, fmt.Errorf("failed to find Provider symbol in plugin %s: %w", id, err)
}
prov, ok := symbol.(*T)
if !ok {
return zero, fmt.Errorf("failed to cast Provider for %s", id)
}
return *prov, nil
}
// pluginPath constructs the path to the plugin shared object file.
func pluginPath(root, id string) string {
return filepath.Join(root, id+".so")
}
// Signer retrieves the signing plugin instance.
func (m *Manager) Signer(ctx context.Context) (definition.Signer, func() error, error) {
if m.sp == nil {
return nil, nil, fmt.Errorf("signing plugin provider not loaded")
}
signer, close, err := m.sp.New(ctx, m.cfg.Signer.Config)
if err != nil {
return nil, nil, fmt.Errorf("failed to initialize signer: %w", err)
}
return signer, close, nil
}
// Verifier retrieves the verification plugin instance.
func (m *Manager) Verifier(ctx context.Context) (definition.Verifier, func() error, error) {
if m.vp == nil {
return nil, nil, fmt.Errorf("Verifier plugin provider not loaded")
}
Verifier, close, err := m.vp.New(ctx, m.cfg.Verifier.Config)
if err != nil {
return nil, nil, fmt.Errorf("failed to initialize Verifier: %w", err)
}
return Verifier, close, nil
}
// Decrypter retrieves the decryption plugin instance.
func (m *Manager) Decrypter(ctx context.Context) (definition.Decrypter, func() error, error) {
if m.dp == nil {
return nil, nil, fmt.Errorf("decrypter plugin provider not loaded")
}
decrypter, close, err := m.dp.New(ctx, m.cfg.Decrypter.Config)
if err != nil {
return nil, nil, fmt.Errorf("failed to initialize Decrypter: %w", err)
}
return decrypter, close, nil
}
// Encrypter retrieves the encryption plugin instance.
func (m *Manager) Encrypter(ctx context.Context) (definition.Encrypter, func() error, error) {
if m.ep == nil {
return nil, nil, fmt.Errorf("encryption plugin provider not loaded")
}
encrypter, close, err := m.ep.New(ctx, m.cfg.Encrypter.Config)
if err != nil {
return nil, nil, fmt.Errorf("failed to initialize encrypter: %w", err)
}
return encrypter, close, nil
}
// Publisher retrieves the publisher plugin instance.
func (m *Manager) Publisher(ctx context.Context) (definition.Publisher, error) {
if m.pb == nil {
return nil, fmt.Errorf("publisher plugin provider not loaded")
}
publisher, err := m.pb.New(ctx, m.cfg.Publisher.Config)
if err != nil {
return nil, fmt.Errorf("failed to initialize publisher: %w", err)
}
return publisher, nil
}