def test_update_info_dict_remove_key(set_up):
m_pwd = u"memorabile"
domain = u"my_domain"
access = u"my_access"
secret_info = {'key1': 'value1', 'key2': 'value2'}
salt = parameters.get_salt_key()
try:
ns = du.count_secrets()
du.insert_secret(domain, access, None, None, secret_info, m_pwd,
parameters.get_salt_key())
assert ns + 1 == du.count_secrets()
res = du.get_secret(domain, access, m_pwd, salt,
False) #no decryption of secret
old_ts = res['timestamp']
info = res['info']
assert 2 == len(info)
del info['key2'] #remove one entry
du.update_secret_info_dictionary(domain, access, info)
res = du.get_secret(domain, access, m_pwd, salt)
ts = res['timestamp']
info = res['info']
assert 1 == len(info)
assert 'value1' == info['key1']
assert ts != old_ts
finally:
du.delete_secret(domain, access)
def test_update_secret_info_change_password_and_a_value(set_up):
m_pwd = u"memorabile"
domain = u"my_domain"
access = u"my_access"
secret_uid = u"me@home"
secret_pwd = u"ciao mamma"
secret_pwd2 = u"another password"
secret_info = {'message': 'secret'}
info_key = 'message'
info_val = 'a new secret'
try:
du.insert_secret(domain, access, secret_uid, secret_pwd, secret_info,
m_pwd, parameters.get_salt_key())
res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key())
old_ts = res['timestamp']
assert 'secret' == res['info'][info_key]
assert secret_pwd == res['pwd']
du.update_secret(domain, access, None, secret_pwd2, info_key, info_val,
m_pwd, parameters.get_salt_key())
res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key())
assert info_val == res['info'][info_key]
assert secret_pwd2 == res['pwd']
assert old_ts < res['timestamp']
finally:
du.delete_secret(domain, access)
def test_update_missing_secret_no_effect(set_up):
m_pwd = u"memorabile"
domain = u"my_domain"
access = u"my_access"
access2 = u"my_second access"
secret_uid = u"me@home"
secret_pwd = u"ciao mamma"
secret_pwd2 = u"my second password"
secret_info = {'message': 'secret'}
try:
ns = du.count_secrets()
du.insert_secret(domain, access, secret_uid, secret_pwd, secret_info,
m_pwd, parameters.get_salt_key())
assert ns + 1 == du.count_secrets()
res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key())
old_ts = res['timestamp']
assert 'secret' == res['info']['message']
assert secret_pwd == res['pwd']
assert secret_uid == res['uid']
du.update_secret(domain, access2, None, secret_pwd2, None, None, m_pwd,
parameters.get_salt_key())
assert ns + 1 == du.count_secrets()
res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key())
assert old_ts == res['timestamp']
finally:
du.delete_secret(domain, access)
def set_up():
#mocking the user input
iou.my_input = lambda _:'yes'
iou.my_output = lambda message,_=False: print(message)
path = os.path.dirname(__file__)
conf_file = os.path.join(path,'data','test_integration.json')
conf_data = get_configuration(conf_file)
parameters.set_data(conf_data)
du.insert_secret(DOMAIN, ACCESS, UID, PWD, INFO, MEM)
p =Process(target=my_session, args =(MEM, 60, 10))
p.start()
yield conf_file
iou.my_input = old_input
iou.my_output = old_output
iou.my_getpass = old_getpass
du.delete_secret(DOMAIN,ACCESS)
parameters.clear()
set_configuration_data(conf_data, conf_file)
if is_connected():
stop_service()
p.terminate()
def test_update_secret_login(set_up):
m_pwd = u"memorabile"
secret_uid = u"me@home"
secret_uid2 = u"me@office"
secret_pwd = u"ciao mamma"
domain = u"my_domain"
access = u"my_access"
try:
ns = du.count_secrets()
du.insert_secret(domain, access, secret_uid, secret_pwd, None, m_pwd,
parameters.get_salt_key())
assert ns + 1 == du.count_secrets()
assert du.has_secret(domain, access)
old_ts = du.get_secret(domain, access, m_pwd,
parameters.get_salt_key())['timestamp']
du.update_secret(domain, access, secret_uid2, None, None, None, m_pwd,
parameters.get_salt_key())
assert ns + 1 == du.count_secrets(
) #no change to the number of secrets
res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key())
assert secret_uid2 == res['uid']
assert secret_pwd == res['pwd']
assert old_ts < res['timestamp']
finally:
du.delete_secret(domain, access)
def test_rename_secret(set_up):
m_pwd = u"memorabile"
domain = u"my_domain"
access = u"my_access"
new_domain = u"new_domain"
new_access = u"new_access"
info = {'message': 'secret'}
try:
#before
assert not du.has_secret(domain, access)
assert not du.has_secret(new_domain, new_access)
#after insertion
du.insert_secret(domain, access, None, None, info, m_pwd,
parameters.get_salt_key())
assert du.has_secret(domain, access)
assert not du.has_secret(new_domain, new_access)
#after rename
du.rename_secret(domain, access, new_domain, new_access)
assert not du.has_secret(domain, access)
assert du.has_secret(new_domain, new_access)
res = du.get_secret(new_domain, new_access, m_pwd,
parameters.get_salt_key())
assert info['message'] == res['info']['message']
finally:
du.delete_secret(domain, access)
du.delete_secret(new_domain, new_access)
def set(self):
"""
Add or change a secret in the wallet. This could be an entire new secret, with all the information passed inline
or an update of an existing secret. What is set with this command determines the content of a secret, identified
by the domain, access pair. Key values pairs, as defined by the -ik and -iv options, can be added incrementally
by multiple calls to the set command.
"""
parser = argparse.ArgumentParser(description=self.set.__doc__,
prog='secret_wallet set')
#required arguments
parser.add_argument('-d',
dest='domain',
required=True,
help='The domain (category) of the secret')
parser.add_argument(
'-a',
dest='access',
required=True,
help='The sub=domain (sub-category or access) of the secret')
#optional arguments
parser.add_argument('-u',
'--uid',
help='The login id for a given access')
parser.add_argument('-p',
'--pwd',
help='The password for a given access')
parser.add_argument('-ik',
'--info_key',
help='The key in an information map')
parser.add_argument('-iv',
'--info_value',
help='The value in an information map')
args = iou.my_parse(parser, sys.argv[2:])
if args is None:
return
iou.my_output('Running set for domain %s and access %s' %
(args.domain, args.access))
if args.info_key is None or args.info_value is None:
info = None
else:
info = {args.info_key: args.info_value}
try:
memorable, need_session = pm.get_memorable_password(True)
if not has_secret(args.domain, args.access):
insert_secret(args.domain, args.access, args.uid, args.pwd,
info, memorable)
else:
update_secret(args.domain, args.access, args.uid, args.pwd,
args.info_key, args.info_value, memorable)
if need_session:
start_my_session(memorable, parameters.get_session_lifetime(),
parameters.get_session_timeout())
except Exception as e:
iou.my_output(repr(e))
def test_wrong_salt(set_up):
my_access = 'another'
other_key = cu.encrypt_key('pirillo')
sleep(1)
du.insert_secret(DOMAIN, my_access, 'login', 'password', None, 'memorable', other_key)
#the following shoud produce and InvalidToken error
sys.argv=['secret_wallet','get','-d',DOMAIN, '-a', my_access]
with io.StringIO() as buf, redirect_stdout(buf):
Parser()
assert 'InvalidToken' in buf.getvalue()
def test_has_not_secret(set_up):
m_pwd = u"memorabile"
secret_uid = u"me@home"
secret_pwd = u"ciao mamma"
domain = u"my_domain"
access = u"my_access"
try:
du.insert_secret(domain, access, secret_uid, secret_pwd, None, m_pwd,
parameters.get_salt_key())
assert not du.has_secret('new_domain', access)
finally:
du.delete_secret(domain, access)
def test_insert_select_compare_info(set_up):
m_pwd = u"memorabile"
secret_info = {'message': 'secret'}
domain = u"my_domain"
access = u"my_access"
try:
du.insert_secret(domain, access, None, None, secret_info, m_pwd,
parameters.get_salt_key())
res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key())
assert secret_info['message'] == res['info']['message']
finally:
du.delete_secret(domain, access)
def test_wrong_memorable(set_up):
m_pwd = u"memorabile"
domain = u"my_domain"
access = u"my_access"
secret_uid = u"me@home"
secret_pwd = u"ciao mamma"
try:
du.insert_secret(domain, access, secret_uid, secret_pwd, None, m_pwd)
with pytest.raises(cryptography.fernet.InvalidToken):
du.get_secret(domain, access, 'pirillo')
finally:
du.delete_secret(domain, access)
def test_insert_select_compare_login(set_up):
m_pwd = u"memorabile"
secret_uid = u"me@home"
secret_pwd = u"ciao mamma"
domain = u"my_domain"
access = u"my_access"
try:
du.insert_secret(domain, access, secret_uid, secret_pwd, None, m_pwd,
parameters.get_salt_key())
res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key())
assert secret_uid == res['uid']
assert secret_pwd == res['pwd']
finally:
du.delete_secret(domain, access)
def test_insert_delete_login(set_up):
m_pwd = u"memorabile"
secret_uid = u"me@home"
secret_pwd = u"ciao mamma"
domain = u"my_domain"
access = u"my_access"
ns = du.count_secrets()
try:
du.insert_secret(domain, access, secret_uid, secret_pwd, None, m_pwd,
parameters.get_salt_key())
assert ns + 1 == du.count_secrets()
finally:
du.delete_secret(domain, access)
assert ns == du.count_secrets()
def test_wrong_salt_key(set_up):
c_pwd = 'pirillo'
wrong_key = cu.encrypt_key(c_pwd)
m_pwd = u"memorabile"
domain = u"my_domain"
access = u"my_access"
secret_uid = u"me@home"
secret_pwd = u"ciao mamma"
try:
du.insert_secret(domain, access, secret_uid, secret_pwd, None, m_pwd,
wrong_key)
with pytest.raises(cryptography.fernet.InvalidToken):
du.get_secret(domain, access, m_pwd)
finally:
du.delete_secret(domain, access)
def test_delete_secrets(set_up):
m_pwd = u"memorabile"
domain = u"my_domain"
info = {'message': 'secret'}
#cleanup
du.delete_secrets(du.list_secrets(None))
cnt = du.count_secrets()
for i in range(5):
access = f"access_{i}"
du.insert_secret(domain, access, None, None, info, m_pwd,
parameters.get_salt_key())
assert cnt + 5 == du.count_secrets()
# now get the secret back by domain
secrets = du.list_secrets(domain)
#delete them in block
du.delete_secrets(secrets)
#check that they are gone
assert cnt == du.count_secrets()
def test_update_secret_info_change_value(set_up):
m_pwd = u"memorabile"
domain = u"my_domain"
access = u"my_access"
secret_info = {'message': 'secret'}
info_key = 'message'
info_val = 'a new secret'
try:
du.insert_secret(domain, access, None, None, secret_info, m_pwd,
parameters.get_salt_key())
res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key())
old_ts = res['timestamp']
assert 'secret' == res['info'][info_key]
du.update_secret(domain, access, None, None, info_key, info_val, m_pwd,
parameters.get_salt_key())
res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key())
assert info_val == res['info'][info_key]
assert old_ts < res['timestamp']
finally:
du.delete_secret(domain, access)
def insert_records():
m_pwd = 'memorable'
du.insert_secret("d1", "a1", "u1", "p1", {"k1": "v1", "k2": "v2"}, m_pwd)
du.insert_secret("d1", "a2", "u2", "p2", {"k3": "v3"}, m_pwd)
du.insert_secret("d2", "a3", "u3", "p3", {"k4": "v4"}, m_pwd)
yield
du.delete_secrets(du.list_secrets("d1"))
du.delete_secrets(du.list_secrets("d2"))