def test__decrypt_ciphertext(self):
'''
test _decrypt_ciphertext
'''
key_dir = '/etc/salt/gpgkeys'
secret = 'Use more salt.'
crypted = '-----BEGIN PGP MESSAGE-----!@#$%^&*()_+-----END PGP MESSAGE-----'
multisecret = 'password is {0} and salt is {0}'.format(secret)
multicrypted = 'password is {0} and salt is {0}'.format(crypted)
class GPGDecrypt(object):
def communicate(self, *args, **kwargs):
return [secret, None]
class GPGNotDecrypt(object):
def communicate(self, *args, **kwargs):
return [None, 'decrypt error']
with patch('salt.renderers.gpg._get_key_dir', MagicMock(return_value=key_dir)), \
patch('salt.utils.path.which', MagicMock()):
with patch('salt.renderers.gpg.Popen',
MagicMock(return_value=GPGDecrypt())):
self.assertEqual(gpg._decrypt_ciphertexts(crypted), secret)
self.assertEqual(gpg._decrypt_ciphertexts(multicrypted),
multisecret)
with patch('salt.renderers.gpg.Popen',
MagicMock(return_value=GPGNotDecrypt())):
self.assertEqual(gpg._decrypt_ciphertexts(crypted), crypted)
self.assertEqual(gpg._decrypt_ciphertexts(multicrypted),
multicrypted)
def test__decrypt_ciphertext(self):
"""
test _decrypt_ciphertext
"""
key_dir = "/etc/salt/gpgkeys"
secret = "Use more salt."
crypted = "-----BEGIN PGP MESSAGE-----!@#$%^&*()_+-----END PGP MESSAGE-----"
multisecret = "password is {0} and salt is {0}".format(secret)
multicrypted = "password is {0} and salt is {0}".format(crypted)
class GPGDecrypt(object):
def communicate(self, *args, **kwargs):
return [secret, None]
class GPGNotDecrypt(object):
def communicate(self, *args, **kwargs):
return [None, "decrypt error"]
with patch(
"salt.renderers.gpg._get_key_dir", MagicMock(return_value=key_dir)
), patch("salt.utils.path.which", MagicMock()):
with patch(
"salt.renderers.gpg.Popen", MagicMock(return_value=GPGDecrypt())
):
self.assertEqual(gpg._decrypt_ciphertexts(crypted), secret)
self.assertEqual(gpg._decrypt_ciphertexts(multicrypted), multisecret)
with patch(
"salt.renderers.gpg.Popen", MagicMock(return_value=GPGNotDecrypt())
):
self.assertEqual(gpg._decrypt_ciphertexts(crypted), crypted)
self.assertEqual(gpg._decrypt_ciphertexts(multicrypted), multicrypted)
def test__decrypt_ciphertext():
"""
test _decrypt_ciphertext
"""
key_dir = "/etc/salt/gpgkeys"
secret = "Use more salt."
crypted = "-----BEGIN PGP MESSAGE-----!@#$%^&*()_+-----END PGP MESSAGE-----"
multisecret = "password is {0} and salt is {0}".format(secret)
multicrypted = "password is {0} and salt is {0}".format(crypted)
class GPGDecrypt:
def communicate(self, *args, **kwargs):
return [secret, None]
class GPGNotDecrypt:
def communicate(self, *args, **kwargs):
return [None, "decrypt error"]
with patch("salt.renderers.gpg._get_key_dir",
MagicMock(return_value=key_dir)), patch("salt.utils.path.which",
MagicMock()):
with patch("salt.renderers.gpg.Popen",
MagicMock(return_value=GPGDecrypt())):
assert gpg._decrypt_ciphertexts(crypted) == secret
assert gpg._decrypt_ciphertexts(multicrypted) == multisecret
with patch("salt.renderers.gpg.Popen",
MagicMock(return_value=GPGNotDecrypt())):
with pytest.raises(SaltRenderError) as decrypt_error:
gpg._decrypt_ciphertexts(crypted)
# Assertions must be made after closure of context manager
assert decrypt_error.value.args[0].startswith(
"Could not decrypt cipher ")
assert crypted in decrypt_error.value.args[0]
assert "decrypt error" in decrypt_error.value.args[0]
with pytest.raises(SaltRenderError) as multidecrypt_error:
gpg._decrypt_ciphertexts(multicrypted)
assert multidecrypt_error.value.args[0].startswith(
"Could not decrypt cipher ")
# Function will raise on a single ciphertext even if multiple are passed
assert crypted in multidecrypt_error.value.args[0]
assert "decrypt error" in multidecrypt_error.value.args[0]