def test_get_plaintext_value_is_plaintext(self):
scfg = SecureConfigParser(ck=self.ck)
scfg.read(TEST_INI)
plainval = scfg.get(testd['section'], testd['plain']['key'])
self.assertEqual(
plainval,
testd['plain']['raw_val']
)
def test_write_config_unchanged(self):
filename = 'unchanged.ini'
path = os.path.join(CWD, filename)
scfg = SecureConfigParser()
scfg.read(TEST_INI)
write_config(scfg, filename)
self.assertTrue(os.path.exists(path))
cfg = ConfigParser()
cfg.read(path)
assert(cfg.get(testd['section'], testd['plain']['key']) == testd['plain']['raw_val'])
def test_write_config_with_new_encrypted_values(self):
filename = 'new_encrypted_values.ini'
path = os.path.join(CWD, filename)
scfg = SecureConfigParser(ck=self.ck)
scfg.read(TEST_INI)
scfg.set(testd['section'], testd['enc']['key'], testd['enc']['raw_val'], encrypt=True)
write_config(scfg, path)
scfg2 = SecureConfigParser(ck=self.ck)
scfg2.read(path)
assert scfg2.get(testd['section'], testd['enc']['key'])==testd['enc']['raw_val']
assert scfg2.get(testd['section'], testd['plain']['key'])==testd['plain']['raw_val']
def main():
# Main function.
parser = argparse.ArgumentParser("Generates encrypted credentials")
parser.add_argument(
'--secret-file',
help='Name of the file to store the secret encrypted credentials',
required=True)
parser.add_argument(
'--unencrypted-credentials',
help='Name of the file that currently stores unencrypted credentials')
parser.add_argument(
'--key-file',
help=
"Specifies the name of the file where to store the secret key that will unlock the secret file",
required=True)
args = vars(parser.parse_args())
ck = CryptKeeper()
key = ck.generate_key()
# Now, if we received the argument generate-key, let's generate the file
scfg = SecureConfigParser.from_key(key)
scfg.read(args["unencrypted_credentials"])
username = scfg.get('credentials', 'username')
password = scfg.get('credentials', 'password')
scfg.set('credentials', 'username', username, encrypt=True)
scfg.set('credentials', 'password', password, encrypt=True)
file = open(args['secret_file'], "w")
scfg.write(file)
file.close()
# Now we store the secret key
secret_file = open(args['key_file'], "w")
secret_file.write(key)
secret_file.close()
def test_set_encrypted_value_is_encrypted(self):
scfg = SecureConfigParser(ck=self.ck)
scfg.read(TEST_INI)
scfg.set(testd['section'], testd['enc']['key'], testd['enc']['raw_val'], encrypt=True)
result = scfg.raw_get(testd['section'], testd['enc']['key'])
self.assertFalse(result == testd['enc']['raw_val'])
self.assertTrue(result.startswith(scfg.ck.sigil))
self.assertTrue(scfg.get(testd['section'], testd['enc']['key']) == testd['enc']['raw_val'])
def test_set_encrypted_value_is_encrypted(self):
scfg = SecureConfigParser(ck=self.ck)
scfg.read(TEST_INI)
scfg.set(testd['section'], testd['enc']['key'], testd['enc']['raw_val'], encrypt=True)
result = scfg.raw_get(testd['section'], testd['enc']['key'])
self.assertFalse(result == testd['enc']['raw_val'])
self.assertTrue(result.startswith(scfg.ck.sigil))
self.assertTrue(scfg.get(testd['section'], testd['enc']['key']) == testd['enc']['raw_val'])
def test_write_config_with_new_encrypted_values(self):
filename = 'new_encrypted_values.ini'
path = os.path.join(CWD, filename)
scfg = SecureConfigParser(ck=self.ck)
scfg.read(TEST_INI)
scfg.set(testd['section'], testd['enc']['key'], testd['enc']['raw_val'], encrypt=True)
write_config(scfg, path)
scfg2 = SecureConfigParser(ck=self.ck)
scfg2.read(path)
self.assertEqual(
scfg2.get(testd['section'], testd['enc']['key']),
testd['enc']['raw_val'],
)
self.assertEqual(
scfg2.get(testd['section'], testd['plain']['key']),
testd['plain']['raw_val'],
)
def test_wrong_ck_raises_InvalidToken(self):
scfg = SecureConfigParser(ck=self.ck_wrong)
scfg.read(TEST_INI_OUTFILE)
self.assertRaises(InvalidToken, scfg.get(testd['section'], testd['enc']['key']))
def test_get_plaintext_value_is_plaintext(self):
scfg = SecureConfigParser(ck=self.ck)
scfg.read(TEST_INI)
plainval = scfg.get(testd['section'], testd['plain']['key'])
assert plainval == testd['plain']['raw_val']
def test_wrong_ck_raises_InvalidToken(self):
scfg = SecureConfigParser(ck=self.ck_wrong)
scfg.read(TEST_INI_OUTFILE)
self.assertRaises(InvalidToken, scfg.get(testd['section'], testd['enc']['key']))
def test_wrong_ck_raises_InvalidToken(self):
scfg = SecureConfigParser(ck=self.ck_wrong)
scfg.read(TEST_INI_OUTFILE)
with self.assertRaises(InvalidToken,
msg='data field not generated by check'):
scfg.get(testd['section'], testd['enc']['key'])
