def testCryptoOpen(self): _LOOP_DEV0 = self._loopMap[self._LOOP_DEVICES[0]] _LOOP_DEV1 = self._loopMap[self._LOOP_DEVICES[1]] _name0 = self._names[self._LOOP_DEVICES[0]] _name1 = self._names[self._LOOP_DEVICES[1]] ## ## luks_format ## # pass self.assertEqual( crypto.luks_format(_LOOP_DEV0, passphrase="secret", cipher="aes-cbc-essiv:sha256", key_size=256), None) self.assertEqual( crypto.luks_format(_LOOP_DEV1, passphrase="hidden", cipher="aes-cbc-essiv:sha256", key_size=256), None) ## ## luks_open ## # pass self.assertEqual( crypto.luks_open(_LOOP_DEV0, _name0, passphrase="secret"), None) self.assertEqual( crypto.luks_open(_LOOP_DEV1, _name1, passphrase="hidden"), None) ## ## luks_status ## # pass self.assertEqual(crypto.luks_status(_name0), 2) self.assertEqual(crypto.luks_status(_name1), 2) ## ## luks_uuid ## # pass uuid = crypto.luks_uuid(_LOOP_DEV0) self.assertEqual(crypto.luks_uuid(_LOOP_DEV0), uuid) uuid = crypto.luks_uuid(_LOOP_DEV1) self.assertEqual(crypto.luks_uuid(_LOOP_DEV1), uuid) ## ## luks_close ## # pass self.assertEqual(crypto.luks_close(_name0), None) self.assertEqual(crypto.luks_close(_name1), None) # already closed self.assertRaisesRegexp(IOError, "Device cannot be opened", crypto.luks_close, "crypted") self.assertRaisesRegexp(IOError, "Device cannot be opened", crypto.luks_close, "encrypted")
def tearDown(self): """Close all devices just in case they are still open.""" for name in self._names: try: crypto.luks_close(name) except (IOError, CryptoError): pass super(CryptoTestCase2, self).tearDown()
def tearDown(self): """Close all devices just in case they are still open.""" for name in self._names.values(): try: crypto.luks_close(name) except (IOError, CryptoError): pass super(CryptoTestCase2, self).tearDown()
def testCryptoOpen(self): _LOOP_DEV0 = self._loopMap[self._LOOP_DEVICES[0]] _LOOP_DEV1 = self._loopMap[self._LOOP_DEVICES[1]] _name0 = self._names[self._LOOP_DEVICES[0]] _name1 = self._names[self._LOOP_DEVICES[1]] ## ## luks_format ## # pass self.assertEqual(crypto.luks_format(_LOOP_DEV0, passphrase="secret", cipher="aes-cbc-essiv:sha256", key_size=256), None) self.assertEqual(crypto.luks_format(_LOOP_DEV1, passphrase="hidden", cipher="aes-cbc-essiv:sha256", key_size=256), None) ## ## luks_open ## # pass self.assertEqual(crypto.luks_open(_LOOP_DEV0, _name0, passphrase="secret"), None) self.assertEqual(crypto.luks_open(_LOOP_DEV1, _name1, passphrase="hidden"), None) ## ## luks_status ## # pass self.assertEqual(crypto.luks_status(_name0), 2) self.assertEqual(crypto.luks_status(_name1), 2) ## ## luks_uuid ## # pass uuid = crypto.luks_uuid(_LOOP_DEV0) self.assertEqual(crypto.luks_uuid(_LOOP_DEV0), uuid) uuid = crypto.luks_uuid(_LOOP_DEV1) self.assertEqual(crypto.luks_uuid(_LOOP_DEV1), uuid) ## ## luks_close ## # pass self.assertEqual(crypto.luks_close(_name0), None) self.assertEqual(crypto.luks_close(_name1), None) # already closed self.assertRaisesRegexp(IOError, "Device cannot be opened", crypto.luks_close, "crypted") self.assertRaisesRegexp(IOError, "Device cannot be opened", crypto.luks_close, "encrypted")
def testCryptoMisc(self): _LOOP_DEV0 = self.loopDevices[0] _LOOP_DEV1 = self.loopDevices[1] ## ## is_luks ## # pass self.assertEqual(crypto.is_luks(_LOOP_DEV0), -22) with self.assertRaisesRegexp(IOError, "Device cannot be opened"): crypto.is_luks("/not/existing/device") ## ## luks_format ## # pass self.assertEqual(crypto.luks_format(_LOOP_DEV0, passphrase="secret", cipher="aes-cbc-essiv:sha256", key_size=256), None) self.assertEqual(crypto.is_luks(_LOOP_DEV0), 0) # make a key file handle, keyfile = tempfile.mkstemp(prefix="key", text=False) os.write(handle, "nobodyknows") os.close(handle) # format with key file with self.assertRaisesRegexp(ValueError, "requires passphrase"): crypto.luks_format(_LOOP_DEV1, key_file=keyfile) # fail with self.assertRaisesRegexp(IOError, "Device cannot be opened"): crypto.luks_format("/not/existing/device", passphrase="secret", cipher="aes-cbc-essiv:sha256", key_size=256) # no passhprase or key file with self.assertRaisesRegexp(ValueError, "requires passphrase"): crypto.luks_format(_LOOP_DEV1, cipher="aes-cbc-essiv:sha256", key_size=256) ## ## is_luks ## # pass self.assertEqual(crypto.is_luks(_LOOP_DEV0), 0) # 0 = is luks self.assertEqual(crypto.is_luks(_LOOP_DEV1), -22) ## ## luks_add_key ## # pass self.assertEqual(crypto.luks_add_key(_LOOP_DEV0, new_passphrase="another-secret", passphrase="secret"), None) # fail with self.assertRaisesRegexp(CryptoError, "luks add key failed"): crypto.luks_add_key(_LOOP_DEV0, new_passphrase="another-secret", passphrase="wrong-passphrase") ## ## luks_remove_key ## # fail with self.assertRaisesRegexp(CryptoError, "luks remove key failed"): crypto.luks_remove_key(_LOOP_DEV0, del_passphrase="another-secret", passphrase="wrong-pasphrase") # pass self.assertEqual(crypto.luks_remove_key(_LOOP_DEV0, del_passphrase="another-secret", passphrase="secret"), None) # fail with self.assertRaisesRegexp(IOError, "Device cannot be opened"): crypto.luks_open("/not/existing/device", "another-crypted", passphrase="secret") # no passhprase or key file with self.assertRaisesRegexp(ValueError, "luks_format requires passphrase"): crypto.luks_open(_LOOP_DEV1, "another-crypted") with self.assertRaisesRegexp(IOError, "Device cannot be opened"): crypto.luks_status("another-crypted") with self.assertRaisesRegexp(IOError, "Device cannot be opened"): crypto.luks_close("wrong-name") # cleanup os.unlink(keyfile)
def testCrypto(self): _LOOP_DEV0 = self._loopMap[self._LOOP_DEVICES[0]] _LOOP_DEV1 = self._loopMap[self._LOOP_DEVICES[1]] import blivet.devicelibs.crypto as crypto ## ## is_luks ## # pass self.assertEqual(crypto.is_luks(_LOOP_DEV0), -22) self.assertEqual(crypto.is_luks("/not/existing/device"), -22) ## ## luks_format ## # pass self.assertEqual(crypto.luks_format(_LOOP_DEV0, passphrase="secret", cipher="aes-cbc-essiv:sha256", key_size=256), None) # make a key file handle, keyfile = tempfile.mkstemp(prefix="key", text=False) os.write(handle, "nobodyknows") os.close(handle) # format with key file self.assertEqual(crypto.luks_format(_LOOP_DEV1, key_file=keyfile), None) # fail self.assertRaises(crypto.CryptoError, crypto.luks_format, "/not/existing/device", passphrase="secret", cipher="aes-cbc-essiv:sha256", key_size=256) # no passhprase or key file self.assertRaises(ValueError, crypto.luks_format, _LOOP_DEV1, cipher="aes-cbc-essiv:sha256", key_size=256) ## ## is_luks ## # pass self.assertEqual(crypto.is_luks(_LOOP_DEV0), 0) # 0 = is luks self.assertEqual(crypto.is_luks(_LOOP_DEV1), 0) ## ## luks_add_key ## # pass self.assertEqual(crypto.luks_add_key(_LOOP_DEV0, new_passphrase="another-secret", passphrase="secret"), None) # make another key file handle, new_keyfile = tempfile.mkstemp(prefix="key", text=False) os.write(handle, "area51") os.close(handle) # add new key file self.assertEqual(crypto.luks_add_key(_LOOP_DEV1, new_key_file=new_keyfile, key_file=keyfile), None) # fail self.assertRaises(crypto.CryptoError, crypto.luks_add_key, _LOOP_DEV0, new_passphrase="another-secret", passphrase="wrong-passphrase") ## ## luks_remove_key ## # fail self.assertRaises(RuntimeError, crypto.luks_remove_key, _LOOP_DEV0, del_passphrase="another-secret", passphrase="wrong-pasphrase") # pass self.assertEqual(crypto.luks_remove_key(_LOOP_DEV0, del_passphrase="another-secret", passphrase="secret"), None) # remove key file self.assertEqual(crypto.luks_remove_key(LOOP_DEV1, del_key_file=new_keyfile, key_file=keyfile), None) ## ## luks_open ## # pass self.assertEqual(crypto.luks_open(_LOOP_DEV0, "crypted", passphrase="secret"), None) self.assertEqual(crypto.luks_open(_LOOP_DEV1, "encrypted", key_file=keyfile), None) # fail self.assertRaises(crypto.CryptoError, crypto.luks_open, "/not/existing/device", "another-crypted", passphrase="secret") self.assertRaises(crypto.CryptoError, crypto.luks_open, "/not/existing/device", "another-crypted", key_file=keyfile) # no passhprase or key file self.assertRaises(ValueError, crypto.luks_open, _LOOP_DEV1, "another-crypted") ## ## luks_status ## # pass self.assertEqual(crypto.luks_status("crypted"), True) self.assertEqual(crypto.luks_status("encrypted"), True) self.assertEqual(crypto.luks_status("another-crypted"), False) ## ## luks_uuid ## # pass uuid = crypto.luks_uuid(_LOOP_DEV0) self.assertEqual(crypto.luks_uuid(_LOOP_DEV0), uuid) uuid = crypto.luks_uuid(_LOOP_DEV1) self.assertEqual(crypto.luks_uuid(_LOOP_DEV1), uuid) ## ## luks_close ## # pass self.assertEqual(crypto.luks_close("crypted"), None) self.assertEqual(crypto.luks_close("encrypted"), None) # fail self.assertRaises(crypto.CryptoError, crypto.luks_close, "wrong-name") # already closed self.assertRaises(crypto.CryptoError, crypto.luks_close, "crypted") self.assertRaises(crypto.CryptoError, crypto.luks_close, "encrypted") # cleanup os.unlink(keyfile) os.unlink(new_keyfile)