def test_get_plaintext_value_is_plaintext(self): scfg = SecureConfigParser(ck=self.ck) scfg.read(TEST_INI) plainval = scfg.get(testd['section'], testd['plain']['key']) self.assertEqual( plainval, testd['plain']['raw_val'] )
def test_write_config_unchanged(self): filename = 'unchanged.ini' path = os.path.join(CWD, filename) scfg = SecureConfigParser() scfg.read(TEST_INI) write_config(scfg, filename) self.assertTrue(os.path.exists(path)) cfg = ConfigParser() cfg.read(path) assert(cfg.get(testd['section'], testd['plain']['key']) == testd['plain']['raw_val'])
def test_write_config_with_new_encrypted_values(self): filename = 'new_encrypted_values.ini' path = os.path.join(CWD, filename) scfg = SecureConfigParser(ck=self.ck) scfg.read(TEST_INI) scfg.set(testd['section'], testd['enc']['key'], testd['enc']['raw_val'], encrypt=True) write_config(scfg, path) scfg2 = SecureConfigParser(ck=self.ck) scfg2.read(path) assert scfg2.get(testd['section'], testd['enc']['key'])==testd['enc']['raw_val'] assert scfg2.get(testd['section'], testd['plain']['key'])==testd['plain']['raw_val']
def main(): # Main function. parser = argparse.ArgumentParser("Generates encrypted credentials") parser.add_argument( '--secret-file', help='Name of the file to store the secret encrypted credentials', required=True) parser.add_argument( '--unencrypted-credentials', help='Name of the file that currently stores unencrypted credentials') parser.add_argument( '--key-file', help= "Specifies the name of the file where to store the secret key that will unlock the secret file", required=True) args = vars(parser.parse_args()) ck = CryptKeeper() key = ck.generate_key() # Now, if we received the argument generate-key, let's generate the file scfg = SecureConfigParser.from_key(key) scfg.read(args["unencrypted_credentials"]) username = scfg.get('credentials', 'username') password = scfg.get('credentials', 'password') scfg.set('credentials', 'username', username, encrypt=True) scfg.set('credentials', 'password', password, encrypt=True) file = open(args['secret_file'], "w") scfg.write(file) file.close() # Now we store the secret key secret_file = open(args['key_file'], "w") secret_file.write(key) secret_file.close()
def test_set_encrypted_value_is_encrypted(self): scfg = SecureConfigParser(ck=self.ck) scfg.read(TEST_INI) scfg.set(testd['section'], testd['enc']['key'], testd['enc']['raw_val'], encrypt=True) result = scfg.raw_get(testd['section'], testd['enc']['key']) self.assertFalse(result == testd['enc']['raw_val']) self.assertTrue(result.startswith(scfg.ck.sigil)) self.assertTrue(scfg.get(testd['section'], testd['enc']['key']) == testd['enc']['raw_val'])
def test_write_config_with_new_encrypted_values(self): filename = 'new_encrypted_values.ini' path = os.path.join(CWD, filename) scfg = SecureConfigParser(ck=self.ck) scfg.read(TEST_INI) scfg.set(testd['section'], testd['enc']['key'], testd['enc']['raw_val'], encrypt=True) write_config(scfg, path) scfg2 = SecureConfigParser(ck=self.ck) scfg2.read(path) self.assertEqual( scfg2.get(testd['section'], testd['enc']['key']), testd['enc']['raw_val'], ) self.assertEqual( scfg2.get(testd['section'], testd['plain']['key']), testd['plain']['raw_val'], )
def test_wrong_ck_raises_InvalidToken(self): scfg = SecureConfigParser(ck=self.ck_wrong) scfg.read(TEST_INI_OUTFILE) self.assertRaises(InvalidToken, scfg.get(testd['section'], testd['enc']['key']))
def test_get_plaintext_value_is_plaintext(self): scfg = SecureConfigParser(ck=self.ck) scfg.read(TEST_INI) plainval = scfg.get(testd['section'], testd['plain']['key']) assert plainval == testd['plain']['raw_val']
def test_wrong_ck_raises_InvalidToken(self): scfg = SecureConfigParser(ck=self.ck_wrong) scfg.read(TEST_INI_OUTFILE) with self.assertRaises(InvalidToken, msg='data field not generated by check'): scfg.get(testd['section'], testd['enc']['key'])