Merge pull request #293 from chainifynet/feature/restruct-pkg

refactor(serialization): move serialization under internal pkg

pkg/client/client.go

@@ -17,6 +17,9 @@ import (
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/suite"
 )
 
+// ErrInvalidConfig is returned when client configuration is invalid.
+var ErrInvalidConfig = errors.New("client config invalid")
+
 // NewClient returns a new client with default [clientconfig.ClientConfig] config
 func NewClient() *Client {
 	cfg, _ := clientconfig.NewConfig()
@@ -82,7 +85,7 @@ func (c *Client) clientConfig() clientconfig.ClientConfig {
 //     respectively. If these functions are not used, default values are applied.
 func (c *Client) Encrypt(ctx context.Context, source []byte, ec suite.EncryptionContext, materialsManager model.CryptoMaterialsManager, optFns ...EncryptOptionFunc) ([]byte, format.MessageHeader, error) {
 	if err := validateParams(ctx, source, materialsManager); err != nil {
-		return nil, nil, fmt.Errorf("validation error: %w", errors.Join(crypto.ErrEncryption, err))
+		return nil, nil, fmt.Errorf("validation error: %w", errors.Join(ErrInvalidConfig, crypto.ErrEncryption, err))
 	}
 	opts := EncryptOptions{
 		Algorithm:   suite.AES_256_GCM_HKDF_SHA512_COMMIT_KEY_ECDSA_P384,
@@ -91,7 +94,7 @@ func (c *Client) Encrypt(ctx context.Context, source []byte, ec suite.Encryption
 	}
 	for _, optFn := range optFns {
 		if err := optFn(&opts); err != nil {
-			return nil, nil, fmt.Errorf("invalid encrypt option: %w", errors.Join(crypto.ErrEncryption, err))
+			return nil, nil, fmt.Errorf("invalid encrypt option: %w", errors.Join(ErrInvalidConfig, crypto.ErrEncryption, err))
 		}
 	}
 	conf := crypto.EncrypterConfig{
@@ -125,15 +128,15 @@ func (c *Client) Encrypt(ctx context.Context, source []byte, ec suite.Encryption
 //   - error: An error if decryption fails.
 func (c *Client) Decrypt(ctx context.Context, ciphertext []byte, materialsManager model.CryptoMaterialsManager, optFns ...DecryptOptionFunc) ([]byte, format.MessageHeader, error) {
 	if err := validateParams(ctx, ciphertext, materialsManager); err != nil {
-		return nil, nil, fmt.Errorf("validation error: %w", errors.Join(crypto.ErrDecryption, err))
+		return nil, nil, fmt.Errorf("validation error: %w", errors.Join(ErrInvalidConfig, crypto.ErrDecryption, err))
 	}
 
 	opts := DecryptOptions{
 		Handler: decrypter.New,
 	}
 	for _, optFn := range optFns {
 		if err := optFn(&opts); err != nil {
-			return nil, nil, fmt.Errorf("invalid decrypt option: %w", errors.Join(crypto.ErrDecryption, err))
+			return nil, nil, fmt.Errorf("invalid decrypt option: %w", errors.Join(ErrInvalidConfig, crypto.ErrDecryption, err))
 		}
 	}
 	handler := opts.Handler(crypto.DecrypterConfig{ClientCfg: c.clientConfig()}, materialsManager)

pkg/client/client_test.go

@@ -77,7 +77,7 @@ func TestClient_Decrypt(t *testing.T) {
 			want:        nil,
 			wantErr:     true,
 			wantErrStr:  "validation error",
-			wantErrType: crypto.ErrDecryption,
+			wantErrType: client.ErrInvalidConfig,
 		},
 		{
 			name:       "Nil Ciphertext",
@@ -89,7 +89,7 @@ func TestClient_Decrypt(t *testing.T) {
 			want:        nil,
 			wantErr:     true,
 			wantErrStr:  "validation error",
-			wantErrType: crypto.ErrDecryption,
+			wantErrType: client.ErrInvalidConfig,
 		},
 		{
 			name:       "Empty Ciphertext",
@@ -101,7 +101,7 @@ func TestClient_Decrypt(t *testing.T) {
 			want:        nil,
 			wantErr:     true,
 			wantErrStr:  "validation error",
-			wantErrType: crypto.ErrDecryption,
+			wantErrType: client.ErrInvalidConfig,
 		},
 		{
 			name:       "Invalid Decrypt Handler",
@@ -115,7 +115,7 @@ func TestClient_Decrypt(t *testing.T) {
 			want:        nil,
 			wantErr:     true,
 			wantErrStr:  "invalid decrypt option",
-			wantErrType: crypto.ErrDecryption,
+			wantErrType: client.ErrInvalidConfig,
 		},
 		{
 			name:       "Decrypt Error",
@@ -237,7 +237,7 @@ func TestClient_Encrypt(t *testing.T) {
 			want:        nil,
 			wantErr:     true,
 			wantErrStr:  "validation error",
-			wantErrType: crypto.ErrEncryption,
+			wantErrType: client.ErrInvalidConfig,
 		},
 		{
 			name:   "Nil Source",
@@ -252,7 +252,7 @@ func TestClient_Encrypt(t *testing.T) {
 			want:        nil,
 			wantErr:     true,
 			wantErrStr:  "validation error",
-			wantErrType: crypto.ErrEncryption,
+			wantErrType: client.ErrInvalidConfig,
 		},
 		{
 			name:   "Empty Source",
@@ -267,7 +267,7 @@ func TestClient_Encrypt(t *testing.T) {
 			want:        nil,
 			wantErr:     true,
 			wantErrStr:  "validation error",
-			wantErrType: crypto.ErrEncryption,
+			wantErrType: client.ErrInvalidConfig,
 		},
 		{
 			name:   "Invalid Encrypt Handler",
@@ -284,7 +284,7 @@ func TestClient_Encrypt(t *testing.T) {
 			want:        nil,
 			wantErr:     true,
 			wantErrStr:  "invalid encrypt option",
-			wantErrType: crypto.ErrEncryption,
+			wantErrType: client.ErrInvalidConfig,
 		},
 		{
 			name:   "Invalid Frame Length",
@@ -301,7 +301,7 @@ func TestClient_Encrypt(t *testing.T) {
 			want:        nil,
 			wantErr:     true,
 			wantErrStr:  "invalid encrypt option",
-			wantErrType: crypto.ErrEncryption,
+			wantErrType: client.ErrInvalidConfig,
 		},
 		{
 			name:   "Unsupported Algorithm",
@@ -318,7 +318,7 @@ func TestClient_Encrypt(t *testing.T) {
 			want:        nil,
 			wantErr:     true,
 			wantErrStr:  "invalid encrypt option",
-			wantErrType: crypto.ErrEncryption,
+			wantErrType: client.ErrInvalidConfig,
 		},
 		{
 			name:   "Encrypt Error",

pkg/crypto/errors.go

@@ -8,7 +8,8 @@ import (
 )
 
 var (
-	ErrInvalidMessage = errors.New("invalid message format")
-	ErrDecryption     = errors.New("decryption error")
-	ErrEncryption     = errors.New("encryption error")
+	// ErrDecryption is returned when decryption fails.
+	ErrDecryption = errors.New("decryption error")
+	// ErrEncryption is returned when encryption fails.
+	ErrEncryption = errors.New("encryption error")
 )

pkg/internal/crypto/decrypter/decrypt.go

@@ -13,14 +13,17 @@ import (
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/crypto"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/internal/crypto/policy"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/internal/crypto/signature"
+	"github.com/chainifynet/aws-encryption-sdk-go/pkg/internal/serialization"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/internal/utils/bodyaad"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/model"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/model/format"
-	"github.com/chainifynet/aws-encryption-sdk-go/pkg/serialization"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/utils/encryption"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/utils/keyderivation"
 )
 
+// ErrInvalidMessage is returned when the message format is invalid.
+var ErrInvalidMessage = errors.New("invalid message format")
+
 type Decrypter struct {
 	cmm             model.CryptoMaterialsManager
 	cfg             crypto.DecrypterConfig
@@ -64,7 +67,7 @@ func (d *Decrypter) decryptData(ctx context.Context, ciphertext []byte) ([]byte,
 	// early stage check if cipher text contains needed first byte of message version
 	// by doing this we avoid mistakes with base64 byte sequence
 	if ciphertext[0] != firstByteEncryptedMessageV1 && ciphertext[0] != firstByteEncryptedMessageV2 {
-		return nil, nil, fmt.Errorf("first byte does not contain message version: %w", crypto.ErrInvalidMessage)
+		return nil, nil, fmt.Errorf("first byte does not contain message version: %w", ErrInvalidMessage)
 	}
 	buf := bytes.NewBuffer(b)
 

pkg/internal/crypto/decrypter/decrypt_test.go

@@ -353,7 +353,7 @@ func TestDecrypter_decryptData(t *testing.T) {
 			},
 			want:        nil,
 			wantErr:     true,
-			wantErrType: crypto.ErrInvalidMessage,
+			wantErrType: ErrInvalidMessage,
 			wantErrStr:  "first byte does not contain message version",
 		},
 		{

pkg/internal/crypto/encrypter/encrypt.go

@@ -13,10 +13,10 @@ import (
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/crypto"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/internal/crypto/policy"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/internal/crypto/signature"
+	"github.com/chainifynet/aws-encryption-sdk-go/pkg/internal/serialization"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/internal/utils/bodyaad"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/model"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/model/format"
-	"github.com/chainifynet/aws-encryption-sdk-go/pkg/serialization"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/suite"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/utils/encryption"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/utils/keyderivation"

pkg/serialization/wrappingkey/wrapping_test.go → pkg/internal/serialization/wrappingkey/wrapping_test.go

@@ -8,7 +8,7 @@ import (
 
 	"github.com/stretchr/testify/assert"
 
-	"github.com/chainifynet/aws-encryption-sdk-go/pkg/serialization/wrappingkey"
+	"github.com/chainifynet/aws-encryption-sdk-go/pkg/internal/serialization/wrappingkey"
 )
 
 func TestWrappingKey_SerializeEncryptedDataKey(t *testing.T) {

pkg/keys/raw/raw.go

@@ -9,9 +9,9 @@ import (
 	"errors"
 	"fmt"
 
+	"github.com/chainifynet/aws-encryption-sdk-go/pkg/internal/serialization/wrappingkey"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/keys"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/model"
-	"github.com/chainifynet/aws-encryption-sdk-go/pkg/serialization/wrappingkey"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/suite"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/utils/encryption"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/utils/keyderivation"

pkg/keys/raw/raw_test.go

@@ -14,9 +14,9 @@ import (
 
 	mocks "github.com/chainifynet/aws-encryption-sdk-go/mocks/github.com/chainifynet/aws-encryption-sdk-go/pkg/model"
 	mocksrand "github.com/chainifynet/aws-encryption-sdk-go/mocks/github.com/chainifynet/aws-encryption-sdk-go/pkg/utils/rand"
+	"github.com/chainifynet/aws-encryption-sdk-go/pkg/internal/serialization/wrappingkey"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/keys"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/model"
-	"github.com/chainifynet/aws-encryption-sdk-go/pkg/serialization/wrappingkey"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/suite"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/utils/encryption"
 	"github.com/chainifynet/aws-encryption-sdk-go/pkg/utils/rand"