def test_create_secret_file_permissions(filename):
create_secret_file(filename)
st = os.stat(filename).st_mode
assert st & stat.S_IRUSR
assert st & stat.S_IWUSR
for perm in ['RGRP', 'WGRP', 'XGRP', 'ROTH', 'WOTH', 'XOTH']:
assert not st & getattr(stat, 'S_I%s' % perm)
def test_create_secret_file_overwrite(filename):
create_secret_file(filename)
with open(filename) as f:
keys = json.loads(f.read(), encoding='iso-8859-1')
create_secret_file(filename, overwrite=True)
with open(filename) as f:
new_keys = json.loads(f.read(), encoding='iso-8859-1')
for key, value in new_keys.items():
assert keys[key] != value
assert len(keys[key]) == len(value)
assert len(keys) == len(new_keys)
def test_get_secret_keys_wrong_permissions(filename):
create_secret_file(filename)
os.chmod(filename, stat.S_IRUSR | stat.S_IWUSR | stat.S_IROTH)
with pytest.raises(ValueError):
get_secret_keys(filename)
def test_get_secret_keys(filename):
create_secret_file(filename)
keys = get_secret_keys(filename)
assert len(keys["encryption_key"]) == 32
assert len(keys["signature_key"]) == 32
def test_create_secret_file_no_overwrite(filename):
create_secret_file(filename)
with pytest.raises(ValueError):
create_secret_file(filename)
def test_create_secret_file_custom_length(filename):
create_secret_file(filename, 64, 64)
with open(filename) as f:
keys = json.loads(f.read(), encoding='iso-8859-1')
assert len(keys["encryption_key"]) == 64
assert len(keys["signature_key"]) == 64
def test_get_or_create_secret_keys_get(filename):
create_secret_file(filename)
assert get_or_create_secret_keys(filename) == get_secret_keys(filename)
def test_get_secret_keys_wrong_permissions_ignore(filename):
create_secret_file(filename)
os.chmod(filename, stat.S_IRUSR | stat.S_IWUSR | stat.S_IROTH)
assert get_secret_keys(filename, ignore_permissions=True)