def test_gpg_function_rsa(self):
"write rsa (private and public), confirm secret file exists, reveal and check"
tag = '?{gpg:secret/rsa||rsa}'
REF_CONTROLLER[tag] = RefParams()
self.assertTrue(os.path.isfile(os.path.join(REFS_HOME, 'secret/rsa')))
file_with_secret_tags = tempfile.mktemp()
with open(file_with_secret_tags, 'w') as fp:
fp.write('?{gpg:secret/rsa}')
revealed = REVEALER.reveal_raw_file(file_with_secret_tags)
try:
serialization.load_pem_private_key(revealed.encode(),
password=None,
backend=default_backend())
except ValueError:
raise Exception("Failed to decode RSA private key")
REVEALER._reveal_tag_without_subvar.cache_clear()
# Test with parameter key_size=2048
tag = '?{gpg:secret/rsa||rsa:2048}'
REF_CONTROLLER[tag] = RefParams()
revealed = REVEALER.reveal_raw_file(file_with_secret_tags)
try:
private_key = serialization.load_pem_private_key(
revealed.encode(), password=None, backend=default_backend())
except ValueError:
raise Exception("Failed to decode RSA private key")
self.assertEqual(private_key.key_size, 2048)
# Test rsapublic with previous private key as the parameter
tag_rsapublic = '?{gpg:secret/rsapublic||reveal:secret/rsa|rsapublic}'
REF_CONTROLLER[tag_rsapublic] = RefParams()
self.assertTrue(os.path.isfile(os.path.join(REFS_HOME, 'secret/rsa')))
file_with_secret_tags = tempfile.mktemp()
with open(file_with_secret_tags, 'w') as fp:
fp.write('?{gpg:secret/rsapublic}')
revealed = REVEALER.reveal_raw_file(file_with_secret_tags)
self.assertEqual(revealed.splitlines()[0],
"-----BEGIN PUBLIC KEY-----")
def test_ref_function_randomstr(self):
"write randomstr to secret, confirm ref file exists, reveal and check"
tag = '?{ref:ref/randomstr|randomstr}'
REF_CONTROLLER[tag] = RefParams()
self.assertTrue(os.path.isfile(os.path.join(REFS_HOME, 'ref/base64')))
file_with_tags = tempfile.mktemp()
with open(file_with_tags, 'w') as fp:
fp.write('?{ref:ref/randomstr}')
revealed = REVEALER.reveal_raw_file(file_with_tags)
self.assertEqual(len(revealed), 43) # default length of token_urlsafe() string is 43
self.assertTrue(get_entropy(revealed) > 4)
# Test with parameter nbytes=16, correlating with string length 16
tag = '?{ref:ref/randomstr|randomstr:16}'
REF_CONTROLLER[tag] = RefParams()
revealed = REVEALER.reveal_raw_file(file_with_tags)
self.assertEqual(len(revealed), 16)
def test_gpg_function_ed25519(self):
"write ed25519 (private and public), confirm secret file exists, reveal and check"
tag = "?{gpg:secret/ed25519||ed25519}"
REF_CONTROLLER[tag] = RefParams()
self.assertTrue(
os.path.isfile(os.path.join(REFS_HOME, "secret/ed25519")))
file_with_secret_tags = tempfile.mktemp()
with open(file_with_secret_tags, "w") as fp:
fp.write("?{gpg:secret/ed25519}")
revealed = REVEALER.reveal_raw_file(file_with_secret_tags)
try:
serialization.load_pem_private_key(revealed.encode(),
password=None,
backend=default_backend())
except ValueError:
raise Exception("Failed to decode ed25519 private key")
REVEALER._reveal_tag_without_subvar.cache_clear()
tag = "?{gpg:secret/ed25519||ed25519}"
REF_CONTROLLER[tag] = RefParams()
revealed = REVEALER.reveal_raw_file(file_with_secret_tags)
try:
private_key = serialization.load_pem_private_key(
revealed.encode(), password=None, backend=default_backend())
except ValueError:
raise Exception("Failed to decode ed25519 private key")
# Test 'publickey' with previous private key as the parameter
tag_ed25519public = "?{gpg:secret/ed25519public||reveal:secret/ed25519|publickey}"
REF_CONTROLLER[tag_ed25519public] = RefParams()
self.assertTrue(
os.path.isfile(os.path.join(REFS_HOME, "secret/ed25519")))
file_with_secret_tags = tempfile.mktemp()
with open(file_with_secret_tags, "w") as fp:
fp.write("?{gpg:secret/ed25519public}")
revealed = REVEALER.reveal_raw_file(file_with_secret_tags)
self.assertEqual(revealed.splitlines()[0],
"-----BEGIN PUBLIC KEY-----")
def test_ref_func_raise_RefFromFuncError(self):
"""
check new ref tag with function raises RefFromFuncError
and then creates it using RefParams()
"""
tag = '?{ref:my/ref7|randomstr}'
with self.assertRaises(RefFromFuncError):
REF_CONTROLLER[tag]
try:
REF_CONTROLLER[tag]
except RefFromFuncError:
REF_CONTROLLER[tag] = RefParams()
REF_CONTROLLER[tag]
def test_ref_function_base64(self):
"write randomstr to ref and base64, confirm ref file exists, reveal and check"
tag = '?{base64:ref/base64||randomstr|base64}'
REF_CONTROLLER[tag] = RefParams()
self.assertTrue(os.path.isfile(os.path.join(REFS_HOME, 'ref/base64')))
file_with_tags = tempfile.mktemp()
with open(file_with_tags, 'w') as fp:
fp.write('?{base64:ref/base64}')
revealed = REVEALER.reveal_raw_file(file_with_tags)
# If the following succeeds, we guarantee that ref is base64-encoded
self.assertEqual(base64.b64encode(base64.b64decode(revealed)).decode("UTF-8"), revealed)
def test_ref_function_sha256(self):
"write randomstr to ref and sha256, confirm ref file exists, reveal and check"
tag = '?{ref:ref/sha256|randomstr|sha256}'
REF_CONTROLLER[tag] = RefParams()
self.assertTrue(os.path.isfile(os.path.join(REFS_HOME, 'ref/sha256')))
file_with_tags = tempfile.mktemp()
with open(file_with_tags, 'w') as fp:
fp.write('?{ref:ref/sha256}')
revealed = REVEALER.reveal_raw_file(file_with_tags)
self.assertEqual(len(revealed), 64)
try:
int(revealed, 16) # sha256 should convert to hex
except ValueError:
raise Exception("ref is not sha256 hash")