def test_decrypt_key_needs_recrypt(self):
self.require_aes_support()
wallet = AppWallet({'1': PASS1, '2': PASS2}, encrypt_cost=13)
ref = dict(v=1, c=13, s='AAAA', k='AAAA', t='2')
self.assertFalse(wallet.decrypt_key(ref)[1])
temp = ref.copy()
temp.update(c=8)
self.assertTrue(wallet.decrypt_key(temp)[1])
temp = ref.copy()
temp.update(t='1')
self.assertTrue(wallet.decrypt_key(temp)[1])
def test_from_source(self):
from otp.ai.passlib.totp import TOTP
from_source = TOTP.from_source
otp = from_source(
u('otpauth://totp/Example:[email protected]?secret=JBSWY3DPEHPK3PXP&issuer=Example'
))
self.assertEqual(otp.key, KEY4_RAW)
otp = from_source(
'otpauth://totp/Example:[email protected]?secret=JBSWY3DPEHPK3PXP&issuer=Example'
)
self.assertEqual(otp.key, KEY4_RAW)
otp = from_source(dict(v=1, type='totp', key=KEY4))
self.assertEqual(otp.key, KEY4_RAW)
otp = from_source(
u('{"v": 1, "type": "totp", "key": "JBSWY3DPEHPK3PXP"}'))
self.assertEqual(otp.key, KEY4_RAW)
otp = from_source(
'{"v": 1, "type": "totp", "key": "JBSWY3DPEHPK3PXP"}')
self.assertEqual(otp.key, KEY4_RAW)
self.assertIs(from_source(otp), otp)
wallet1 = AppWallet()
otp1 = TOTP.using(wallet=wallet1).from_source(otp)
self.assertIsNot(otp1, otp)
self.assertEqual(otp1.to_dict(), otp.to_dict())
otp2 = TOTP.using(wallet=wallet1).from_source(otp1)
self.assertIs(otp2, otp1)
self.assertRaises(ValueError, from_source, u('foo'))
self.assertRaises(ValueError, from_source, 'foo')
def test_secrets_types(self):
wallet = AppWallet()
self.assertEqual(wallet._secrets, {})
self.assertFalse(wallet.has_secrets)
ref = {'1': 'aaa', '2': 'bbb'}
wallet = AppWallet(ref)
self.assertEqual(wallet._secrets, ref)
self.assertTrue(wallet.has_secrets)
wallet = AppWallet('\n 1: aaa\n# comment\n \n2: bbb ')
self.assertEqual(wallet._secrets, ref)
wallet = AppWallet('1: aaa: bbb \n# comment\n \n2: bbb ')
self.assertEqual(wallet._secrets, {'1': 'aaa: bbb', '2': 'bbb'})
wallet = AppWallet('{"1":"aaa","2":"bbb"}')
self.assertEqual(wallet._secrets, ref)
self.assertRaises(TypeError, AppWallet, 123)
self.assertRaises(TypeError, AppWallet, '[123]')
self.assertRaises(ValueError, AppWallet, {'1': 'aaa', '2': ''})
def test_encrypt_cost_timing(self):
self.require_aes_support()
wallet = AppWallet({'1': 'aaa'})
wallet.encrypt_cost -= 2
delta, _ = time_call(partial(wallet.encrypt_key, KEY1_RAW), maxtime=0)
wallet.encrypt_cost += 3
delta2, _ = time_call(partial(wallet.encrypt_key, KEY1_RAW), maxtime=0)
self.assertAlmostEqual(delta2, delta * 8, delta=delta * 8 * 0.5)
def test_secrets_tags(self):
ref = {'1': 'aaa', '02': 'bbb', 'C': 'ccc'}
wallet = AppWallet(ref)
self.assertEqual(wallet._secrets, ref)
wallet = AppWallet({u('1'): 'aaa', u('02'): 'bbb', u('C'): 'ccc'})
self.assertEqual(wallet._secrets, ref)
wallet = AppWallet({1: 'aaa', '02': 'bbb', 'C': 'ccc'})
self.assertEqual(wallet._secrets, ref)
self.assertRaises(TypeError, AppWallet, {(1, ): 'aaa'})
wallet = AppWallet({'1-2_3.4': 'aaa'})
self.assertRaises(ValueError, AppWallet, {'-abc': 'aaa'})
self.assertRaises(ValueError, AppWallet, {'ab*$': 'aaa'})
wallet = AppWallet({'1': u('aaa'), '02': 'bbb', 'C': 'ccc'})
self.assertEqual(wallet._secrets, ref)
self.assertRaises(TypeError, AppWallet, {'1': 123})
self.assertRaises(TypeError, AppWallet, {'1': None})
self.assertRaises(TypeError, AppWallet, {'1': []})
return
def test_decrypt_key(self):
wallet = AppWallet({'1': PASS1, '2': PASS2})
CIPHER1 = dict(v=1,
c=13,
s='6D7N7W53O7HHS37NLUFQ',
k='MHCTEGSNPFN5CGBJ',
t='1')
self.require_aes_support(canary=partial(wallet.decrypt_key, CIPHER1))
self.assertEqual(wallet.decrypt_key(CIPHER1)[0], KEY1_RAW)
CIPHER2 = dict(v=1,
c=13,
s='SPZJ54Y6IPUD2BYA4C6A',
k='ZGDXXTVQOWYLC2AU',
t='1')
self.assertEqual(wallet.decrypt_key(CIPHER2)[0], KEY1_RAW)
CIPHER3 = dict(v=1,
c=8,
s='FCCTARTIJWE7CPQHUDKA',
k='D2DRS32YESGHHINWFFCELKN7Z6NAHM4M',
t='2')
self.assertEqual(wallet.decrypt_key(CIPHER3)[0], KEY2_RAW)
temp = CIPHER1.copy()
temp.update(t='2')
self.assertEqual(wallet.decrypt_key(temp)[0], '\xafD6.F7\xeb\x19\x05Q')
temp = CIPHER1.copy()
temp.update(t='3')
self.assertRaises(KeyError, wallet.decrypt_key, temp)
temp = CIPHER1.copy()
temp.update(v=999)
self.assertRaises(ValueError, wallet.decrypt_key, temp)
def test_default_tag(self):
wallet = AppWallet({'1': 'one', '02': 'two'})
self.assertEqual(wallet.default_tag, '02')
self.assertEqual(wallet.get_secret(wallet.default_tag), 'two')
wallet = AppWallet({'1': 'one', '02': 'two', 'A': 'aaa'})
self.assertEqual(wallet.default_tag, 'A')
self.assertEqual(wallet.get_secret(wallet.default_tag), 'aaa')
wallet = AppWallet({
'1': 'one',
'02': 'two',
'A': 'aaa'
},
default_tag='1')
self.assertEqual(wallet.default_tag, '1')
self.assertEqual(wallet.get_secret(wallet.default_tag), 'one')
self.assertRaises(KeyError,
AppWallet, {
'1': 'one',
'02': 'two',
'A': 'aaa'
},
default_tag='B')
wallet = AppWallet()
self.assertEqual(wallet.default_tag, None)
self.assertRaises(KeyError, wallet.get_secret, None)
return
def test_encrypt_key(self):
wallet = AppWallet({'1': PASS1}, encrypt_cost=5)
self.require_aes_support(canary=partial(wallet.encrypt_key, KEY1_RAW))
result = wallet.encrypt_key(KEY1_RAW)
self.assertSaneResult(result, wallet, KEY1_RAW)
other = wallet.encrypt_key(KEY1_RAW)
self.assertSaneResult(result, wallet, KEY1_RAW)
self.assertNotEqual(other['s'], result['s'])
self.assertNotEqual(other['k'], result['k'])
wallet2 = AppWallet({'1': PASS1}, encrypt_cost=6)
result = wallet2.encrypt_key(KEY1_RAW)
self.assertSaneResult(result, wallet2, KEY1_RAW)
wallet2 = AppWallet({'1': PASS1, '2': PASS2})
result = wallet2.encrypt_key(KEY1_RAW)
self.assertSaneResult(result, wallet2, KEY1_RAW, tag='2')
wallet2 = AppWallet({'1': PASS1})
wallet2.salt_size = 64
result = wallet2.encrypt_key(KEY1_RAW)
self.assertSaneResult(result, wallet2, KEY1_RAW)
result = wallet.encrypt_key(KEY2_RAW)
self.assertSaneResult(result, wallet, KEY2_RAW)
self.assertRaises(ValueError, wallet.encrypt_key, '')