Add configurable vault security settings

This commit is contained in:
Joe Julian
2026-03-30 07:58:27 -07:00
parent 9afddd7a93
commit b7a4742ee6
11 changed files with 458 additions and 47 deletions
+29
View File
@@ -741,6 +741,35 @@ func TestRemoteSaveAndReopenPreservesCrossFeatureState(t *testing.T) {
}
}
func TestConfigureSecurityAppliesToCreatedVaultAndPersists(t *testing.T) {
t.Parallel()
var sess Manager
if err := sess.ConfigureSecurity(vault.SecuritySettings{
Cipher: vault.CipherAES256,
KDF: vault.KDFAES,
}); err != nil {
t.Fatalf("ConfigureSecurity() error = %v", err)
}
if err := sess.Create(vault.Model{}, vault.MasterKey{Password: "correct horse battery staple"}); err != nil {
t.Fatalf("Create() error = %v", err)
}
path := filepath.Join(t.TempDir(), "secure.kdbx")
if err := sess.SaveAs(path); err != nil {
t.Fatalf("SaveAs() error = %v", err)
}
var reopened Manager
if err := reopened.Open(path, vault.MasterKey{Password: "correct horse battery staple"}); err != nil {
t.Fatalf("Open() error = %v", err)
}
got := reopened.SecuritySettings()
if got.Cipher != vault.CipherAES256 || got.KDF != vault.KDFAES {
t.Fatalf("SecuritySettings() = %#v, want aes256/aes-kdf", got)
}
}
func TestSynchronizeRemotePreservesOverwrittenRemoteVariantInHistory(t *testing.T) {
t.Parallel()