Bill/obsidian-mcp-server
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

feat: add API key encryption utilities using Electron safeStorage

Browse Source 
Implement encryption utilities for securely storing API keys:
- encryptApiKey(): encrypts keys using Electron safeStorage with base64 encoding
- decryptApiKey(): decrypts stored keys
- isEncryptionAvailable(): checks platform support

Encryption falls back to plaintext on platforms without keyring support.
Includes comprehensive test coverage with Electron mock.
This commit is contained in:
Bill Ballou
2025-10-25 21:02:15 -04:00
parent fb959338c3
commit cb21681dd0
3 changed files with 147 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
tests/__mocks__/electron.ts Normal file
View File

@@ -0,0 +1,13 @@
/**
* Mock Electron API for testing
* This provides minimal mocks for the Electron types used in tests
*/
export const safeStorage = {
isEncryptionAvailable: jest.fn(() => true),
encryptString: jest.fn((data: string) => Buffer.from(`encrypted:${data}`)),
decryptString: jest.fn((buffer: Buffer) => {
const str = buffer.toString();
return str.replace('encrypted:', '');
})
};

73
tests/encryption-utils.test.ts Normal file
View File

@@ -0,0 +1,73 @@
import { encryptApiKey, decryptApiKey } from '../src/utils/encryption-utils';
// Mock electron module
jest.mock('electron', () => ({
safeStorage: {
isEncryptionAvailable: jest.fn(() => true),
encryptString: jest.fn((data: string) => Buffer.from(`encrypted:${data}`)),
decryptString: jest.fn((buffer: Buffer) => {
const str = buffer.toString();
return str.replace('encrypted:', '');
})
}
}));
describe('Encryption Utils', () => {
describe('encryptApiKey', () => {
it('should encrypt API key when encryption is available', () => {
const apiKey = 'test-api-key-12345';
const encrypted = encryptApiKey(apiKey);
expect(encrypted).toMatch(/^encrypted:/);
expect(encrypted).not.toContain('test-api-key-12345');
});
it('should return plaintext when encryption is not available', () => {
const { safeStorage } = require('electron');
safeStorage.isEncryptionAvailable.mockReturnValueOnce(false);
const apiKey = 'test-api-key-12345';
const result = encryptApiKey(apiKey);
expect(result).toBe(apiKey);
});
it('should handle empty string', () => {
const result = encryptApiKey('');
expect(result).toBe('');
});
});
describe('decryptApiKey', () => {
it('should decrypt encrypted API key', () => {
const apiKey = 'test-api-key-12345';
const encrypted = encryptApiKey(apiKey);
const decrypted = decryptApiKey(encrypted);
expect(decrypted).toBe(apiKey);
});
it('should return plaintext if not encrypted format', () => {
const plaintext = 'plain-api-key';
const result = decryptApiKey(plaintext);
expect(result).toBe(plaintext);
});
it('should handle empty string', () => {
const result = decryptApiKey('');
expect(result).toBe('');
});
});
describe('round-trip encryption', () => {
it('should successfully encrypt and decrypt', () => {
const original = 'my-secret-api-key-abc123';
const encrypted = encryptApiKey(original);
const decrypted = decryptApiKey(encrypted);
expect(decrypted).toBe(original);
expect(encrypted).not.toBe(original);
});
});
});