class BaseSoledadDeferredEncTest(SoledadWithCouchServerMixin): """ Another base class for testing the deferred encryption/decryption during the syncs, using the intermediate database. """ defer_sync_encryption = True def setUp(self): SoledadWithCouchServerMixin.setUp(self) # config info self.db1_file = os.path.join(self.tempdir, "db1.u1db") os.unlink(self.db1_file) self.db_pass = DBPASS self.email = ADDRESS # get a random prefix for each test, so we do not mess with # concurrency during initialization and shutting down of # each local db. self.rand_prefix = ''.join( map(lambda x: random.choice(string.ascii_letters), range(6))) # open test dbs: db1 will be the local sqlcipher db (which # instantiates a syncdb). We use the self._soledad instance that was # already created on some setUp method. import binascii tohex = binascii.b2a_hex key = tohex(self._soledad.secrets.get_local_storage_key()) sync_db_key = tohex(self._soledad.secrets.get_sync_db_key()) dbpath = self._soledad._local_db_path self.opts = SQLCipherOptions(dbpath, key, is_raw_key=True, create=False, defer_encryption=True, sync_db_key=sync_db_key) self.db1 = SQLCipherDatabase(self.opts) self.db2 = couch.CouchDatabase.open_database(urljoin( 'http://localhost:' + str(self.wrapper.port), 'test'), create=True, ensure_ddocs=True) def tearDown(self): self.db1.close() self.db2.close() self._soledad.close() # XXX should not access "private" attrs shutil.rmtree(os.path.dirname(self._soledad._local_db_path)) SoledadWithCouchServerMixin.tearDown(self)
class BaseSoledadDeferredEncTest(SoledadWithCouchServerMixin): """ Another base class for testing the deferred encryption/decryption during the syncs, using the intermediate database. """ defer_sync_encryption = True def setUp(self): SoledadWithCouchServerMixin.setUp(self) # config info self.db1_file = os.path.join(self.tempdir, "db1.u1db") os.unlink(self.db1_file) self.db_pass = DBPASS self.email = ADDRESS # get a random prefix for each test, so we do not mess with # concurrency during initialization and shutting down of # each local db. self.rand_prefix = ''.join( map(lambda x: random.choice(string.ascii_letters), range(6))) # open test dbs: db1 will be the local sqlcipher db (which # instantiates a syncdb). We use the self._soledad instance that was # already created on some setUp method. import binascii tohex = binascii.b2a_hex key = tohex(self._soledad.secrets.get_local_storage_key()) sync_db_key = tohex(self._soledad.secrets.get_sync_db_key()) dbpath = self._soledad._local_db_path self.opts = SQLCipherOptions( dbpath, key, is_raw_key=True, create=False, defer_encryption=True, sync_db_key=sync_db_key) self.db1 = SQLCipherDatabase(self.opts) self.db2 = couch.CouchDatabase.open_database( urljoin( 'http://localhost:' + str(self.wrapper.port), 'test'), create=True, ensure_ddocs=True) def tearDown(self): self.db1.close() self.db2.close() self._soledad.close() # XXX should not access "private" attrs shutil.rmtree(os.path.dirname(self._soledad._local_db_path)) SoledadWithCouchServerMixin.tearDown(self)
def test_try_to_open_encrypted_db_with_sqlite_backend(self): """ SQLite backend should not succeed to open SQLCipher databases. """ db = SQLCipherDatabase(self.DB_FILE, PASSWORD) doc = db.create_doc_from_json(tests.simple_doc) db.close() try: # trying to open an encrypted database with the regular u1db # backend should raise a DatabaseError exception. SQLitePartialExpandDatabase(self.DB_FILE, document_factory=SoledadDocument) raise DatabaseIsNotEncrypted() except dbapi2.DatabaseError: # at this point we know that the regular U1DB sqlcipher backend # did not succeed on opening the database, so it was indeed # encrypted. db = SQLCipherDatabase(self.DB_FILE, PASSWORD) doc = db.get_doc(doc.doc_id) self.assertEqual(tests.simple_doc, doc.get_json(), 'decrypted content mismatch')
class TestSoledadDbSync(TestWithScenarios, SoledadWithCouchServerMixin, tests.TestCaseWithServer): """Test db.sync remote sync shortcut""" scenarios = [ ('py-token-http', { 'create_db_and_target': make_local_db_and_token_soledad_target, 'make_app_with_state': make_token_soledad_app, 'make_database_for_test': make_sqlcipher_database_for_test, 'token': True }), ] oauth = False token = False def setUp(self): """ Need to explicitely invoke inicialization on all bases. """ SoledadWithCouchServerMixin.setUp(self) self.server = self.server_thread = None self.startTwistedServer() self.syncer = None # config info self.db1_file = os.path.join(self.tempdir, "db1.u1db") os.unlink(self.db1_file) self.db_pass = DBPASS self.email = ADDRESS # get a random prefix for each test, so we do not mess with # concurrency during initialization and shutting down of # each local db. self.rand_prefix = ''.join( map(lambda x: random.choice(string.ascii_letters), range(6))) # open test dbs: db1 will be the local sqlcipher db (which # instantiates a syncdb). We use the self._soledad instance that was # already created on some setUp method. import binascii tohex = binascii.b2a_hex key = tohex(self._soledad.secrets.local_key) dbpath = self._soledad._local_db_path self.opts = SQLCipherOptions(dbpath, key, is_raw_key=True, create=False) self.db1 = SQLCipherDatabase(self.opts) self.db2 = self.request_state._create_database(replica_uid='test') def tearDown(self): """ Need to explicitely invoke destruction on all bases. """ dbsyncer = getattr(self, 'dbsyncer', None) if dbsyncer: dbsyncer.close() self.db1.close() self.db2.close() self._soledad.close() # XXX should not access "private" attrs shutil.rmtree(os.path.dirname(self._soledad._local_db_path)) SoledadWithCouchServerMixin.tearDown(self) def do_sync(self, target_name): """ Perform sync using SoledadSynchronizer, SoledadSyncTarget and Token auth. """ if self.token: creds = { 'token': { 'uuid': 'user-uuid', 'token': 'auth-token', } } target_url = self.getURL(self.db2._dbname) # get a u1db syncer crypto = self._soledad._crypto replica_uid = self.db1._replica_uid dbsyncer = SQLCipherU1DBSync(self.opts, crypto, replica_uid, None) self.dbsyncer = dbsyncer return dbsyncer.sync(target_url, creds=creds) else: return self._do_sync(self, target_name) def _do_sync(self, target_name): if self.oauth: path = '~/' + target_name extra = dict( creds={ 'oauth': { 'consumer_key': tests.consumer1.key, 'consumer_secret': tests.consumer1.secret, 'token_key': tests.token1.key, 'token_secret': tests.token1.secret, } }) else: path = target_name extra = {} target_url = self.getURL(path) return self.db.sync(target_url, **extra) def wait_for_sync(self): """ Wait for sync to finish. """ wait = 0 syncer = self.syncer if syncer is not None: while syncer.syncing: time.sleep(WAIT_STEP) wait += WAIT_STEP if wait >= MAX_WAIT: raise SyncTimeoutError def test_db_sync(self): """ Test sync. Adapted to check for encrypted content. """ doc1 = self.db1.create_doc_from_json(tests.simple_doc) doc2 = self.db2.create_doc_from_json(tests.nested_doc) d = self.do_sync('test') def _assert_successful_sync(results): import time # need to give time to the encryption to proceed # TODO should implement a defer list to subscribe to the # all-decrypted event time.sleep(2) local_gen_before_sync = results self.wait_for_sync() gen, _, changes = self.db1.whats_changed(local_gen_before_sync) self.assertEqual(1, len(changes)) self.assertEqual(doc2.doc_id, changes[0][0]) self.assertEqual(1, gen - local_gen_before_sync) self.assertGetEncryptedDoc(self.db2, doc1.doc_id, doc1.rev, tests.simple_doc, False) self.assertGetEncryptedDoc(self.db1, doc2.doc_id, doc2.rev, tests.nested_doc, False) d.addCallback(_assert_successful_sync) return d
class TestSoledadDbSync( TestWithScenarios, SoledadWithCouchServerMixin, tests.TestCaseWithServer): """Test db.sync remote sync shortcut""" scenarios = [ ('py-token-http', { 'create_db_and_target': make_local_db_and_token_soledad_target, 'make_app_with_state': make_token_soledad_app, 'make_database_for_test': make_sqlcipher_database_for_test, 'token': True }), ] oauth = False token = False def setUp(self): """ Need to explicitely invoke inicialization on all bases. """ SoledadWithCouchServerMixin.setUp(self) self.server = self.server_thread = None self.startTwistedServer() self.syncer = None # config info self.db1_file = os.path.join(self.tempdir, "db1.u1db") os.unlink(self.db1_file) self.db_pass = DBPASS self.email = ADDRESS # get a random prefix for each test, so we do not mess with # concurrency during initialization and shutting down of # each local db. self.rand_prefix = ''.join( map(lambda x: random.choice(string.ascii_letters), range(6))) # open test dbs: db1 will be the local sqlcipher db (which # instantiates a syncdb). We use the self._soledad instance that was # already created on some setUp method. import binascii tohex = binascii.b2a_hex key = tohex(self._soledad.secrets.get_local_storage_key()) sync_db_key = tohex(self._soledad.secrets.get_sync_db_key()) dbpath = self._soledad._local_db_path self.opts = SQLCipherOptions( dbpath, key, is_raw_key=True, create=False, defer_encryption=True, sync_db_key=sync_db_key) self.db1 = SQLCipherDatabase(self.opts) self.db2 = self.request_state._create_database(replica_uid='test') def tearDown(self): """ Need to explicitely invoke destruction on all bases. """ dbsyncer = getattr(self, 'dbsyncer', None) if dbsyncer: dbsyncer.close() self.db1.close() self.db2.close() self._soledad.close() # XXX should not access "private" attrs shutil.rmtree(os.path.dirname(self._soledad._local_db_path)) SoledadWithCouchServerMixin.tearDown(self) def do_sync(self, target_name): """ Perform sync using SoledadSynchronizer, SoledadSyncTarget and Token auth. """ if self.token: creds = {'token': { 'uuid': 'user-uuid', 'token': 'auth-token', }} target_url = self.getURL(self.db2._dbname) # get a u1db syncer crypto = self._soledad._crypto replica_uid = self.db1._replica_uid dbsyncer = SQLCipherU1DBSync( self.opts, crypto, replica_uid, None, defer_encryption=True) self.dbsyncer = dbsyncer return dbsyncer.sync(target_url, creds=creds, defer_decryption=DEFER_DECRYPTION) else: return self._do_sync(self, target_name) def _do_sync(self, target_name): if self.oauth: path = '~/' + target_name extra = dict(creds={'oauth': { 'consumer_key': tests.consumer1.key, 'consumer_secret': tests.consumer1.secret, 'token_key': tests.token1.key, 'token_secret': tests.token1.secret, }}) else: path = target_name extra = {} target_url = self.getURL(path) return self.db.sync(target_url, **extra) def wait_for_sync(self): """ Wait for sync to finish. """ wait = 0 syncer = self.syncer if syncer is not None: while syncer.syncing: time.sleep(WAIT_STEP) wait += WAIT_STEP if wait >= MAX_WAIT: raise SyncTimeoutError def test_db_sync(self): """ Test sync. Adapted to check for encrypted content. """ doc1 = self.db1.create_doc_from_json(tests.simple_doc) doc2 = self.db2.create_doc_from_json(tests.nested_doc) d = self.do_sync('test') def _assert_successful_sync(results): import time # need to give time to the encryption to proceed # TODO should implement a defer list to subscribe to the # all-decrypted event time.sleep(2) local_gen_before_sync = results self.wait_for_sync() gen, _, changes = self.db1.whats_changed(local_gen_before_sync) self.assertEqual(1, len(changes)) self.assertEqual(doc2.doc_id, changes[0][0]) self.assertEqual(1, gen - local_gen_before_sync) self.assertGetEncryptedDoc( self.db2, doc1.doc_id, doc1.rev, tests.simple_doc, False) self.assertGetEncryptedDoc( self.db1, doc2.doc_id, doc2.rev, tests.nested_doc, False) d.addCallback(_assert_successful_sync) return d