def test_rename_secret(set_up):
m_pwd = u"memorabile"
domain = u"my_domain"
access = u"my_access"
new_domain = u"new_domain"
new_access = u"new_access"
info = {'message': 'secret'}
try:
#before
assert not du.has_secret(domain, access)
assert not du.has_secret(new_domain, new_access)
#after insertion
du.insert_secret(domain, access, None, None, info, m_pwd,
parameters.get_salt_key())
assert du.has_secret(domain, access)
assert not du.has_secret(new_domain, new_access)
#after rename
du.rename_secret(domain, access, new_domain, new_access)
assert not du.has_secret(domain, access)
assert du.has_secret(new_domain, new_access)
res = du.get_secret(new_domain, new_access, m_pwd,
parameters.get_salt_key())
assert info['message'] == res['info']['message']
finally:
du.delete_secret(domain, access)
du.delete_secret(new_domain, new_access)
def test_update_missing_secret_no_effect(set_up):
m_pwd = u"memorabile"
domain = u"my_domain"
access = u"my_access"
access2 = u"my_second access"
secret_uid = u"me@home"
secret_pwd = u"ciao mamma"
secret_pwd2 = u"my second password"
secret_info = {'message': 'secret'}
try:
ns = du.count_secrets()
du.insert_secret(domain, access, secret_uid, secret_pwd, secret_info,
m_pwd, parameters.get_salt_key())
assert ns + 1 == du.count_secrets()
res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key())
old_ts = res['timestamp']
assert 'secret' == res['info']['message']
assert secret_pwd == res['pwd']
assert secret_uid == res['uid']
du.update_secret(domain, access2, None, secret_pwd2, None, None, m_pwd,
parameters.get_salt_key())
assert ns + 1 == du.count_secrets()
res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key())
assert old_ts == res['timestamp']
finally:
du.delete_secret(domain, access)
def test_update_info_dict_remove_key(set_up):
m_pwd = u"memorabile"
domain = u"my_domain"
access = u"my_access"
secret_info = {'key1': 'value1', 'key2': 'value2'}
salt = parameters.get_salt_key()
try:
ns = du.count_secrets()
du.insert_secret(domain, access, None, None, secret_info, m_pwd,
parameters.get_salt_key())
assert ns + 1 == du.count_secrets()
res = du.get_secret(domain, access, m_pwd, salt,
False) #no decryption of secret
old_ts = res['timestamp']
info = res['info']
assert 2 == len(info)
del info['key2'] #remove one entry
du.update_secret_info_dictionary(domain, access, info)
res = du.get_secret(domain, access, m_pwd, salt)
ts = res['timestamp']
info = res['info']
assert 1 == len(info)
assert 'value1' == info['key1']
assert ts != old_ts
finally:
du.delete_secret(domain, access)
def test_update_secret_info_change_password_and_a_value(set_up):
m_pwd = u"memorabile"
domain = u"my_domain"
access = u"my_access"
secret_uid = u"me@home"
secret_pwd = u"ciao mamma"
secret_pwd2 = u"another password"
secret_info = {'message': 'secret'}
info_key = 'message'
info_val = 'a new secret'
try:
du.insert_secret(domain, access, secret_uid, secret_pwd, secret_info,
m_pwd, parameters.get_salt_key())
res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key())
old_ts = res['timestamp']
assert 'secret' == res['info'][info_key]
assert secret_pwd == res['pwd']
du.update_secret(domain, access, None, secret_pwd2, info_key, info_val,
m_pwd, parameters.get_salt_key())
res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key())
assert info_val == res['info'][info_key]
assert secret_pwd2 == res['pwd']
assert old_ts < res['timestamp']
finally:
du.delete_secret(domain, access)
def set_up():
#mocking the user input
iou.my_input = lambda _:'yes'
iou.my_output = lambda message,_=False: print(message)
path = os.path.dirname(__file__)
conf_file = os.path.join(path,'data','test_integration.json')
conf_data = get_configuration(conf_file)
parameters.set_data(conf_data)
du.insert_secret(DOMAIN, ACCESS, UID, PWD, INFO, MEM)
p =Process(target=my_session, args =(MEM, 60, 10))
p.start()
yield conf_file
iou.my_input = old_input
iou.my_output = old_output
iou.my_getpass = old_getpass
du.delete_secret(DOMAIN,ACCESS)
parameters.clear()
set_configuration_data(conf_data, conf_file)
if is_connected():
stop_service()
p.terminate()
def test_update_secret_login(set_up):
m_pwd = u"memorabile"
secret_uid = u"me@home"
secret_uid2 = u"me@office"
secret_pwd = u"ciao mamma"
domain = u"my_domain"
access = u"my_access"
try:
ns = du.count_secrets()
du.insert_secret(domain, access, secret_uid, secret_pwd, None, m_pwd,
parameters.get_salt_key())
assert ns + 1 == du.count_secrets()
assert du.has_secret(domain, access)
old_ts = du.get_secret(domain, access, m_pwd,
parameters.get_salt_key())['timestamp']
du.update_secret(domain, access, secret_uid2, None, None, None, m_pwd,
parameters.get_salt_key())
assert ns + 1 == du.count_secrets(
) #no change to the number of secrets
res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key())
assert secret_uid2 == res['uid']
assert secret_pwd == res['pwd']
assert old_ts < res['timestamp']
finally:
du.delete_secret(domain, access)
def test_qget_wrong_input(set_up):
domain1 = 'pera'
access1 = "cotta"
domain2 = 'bella'
access2 = 'pera'
#when the list of secrete is returned they are ordered alphabetically
#by domain, access. Hence the first secret is bella,pera, or the second record here
sleep(1)
#delete first
du.delete_secret(domain1, access1)
du.delete_secret(domain2, access2)
#then set
sys.argv=['secret_wallet','set','-d',domain1, '-a', access1, '-ik', 'idx', '-iv','second record']
Parser()
sys.argv=['secret_wallet','set','-d',domain2, '-a', access2, '-ik', 'idx', '-iv','first record']
Parser()
assert du.has_secret(domain1, access1)
assert du.has_secret(domain2, access2)
#now running a qget command with some mockable input
iou.my_input = iou.MockableInput(["string"])
sys.argv=['secret_wallet','qget','pera']
with io.StringIO() as buf, redirect_stdout(buf):
Parser()
sleep(1)
assert "first record" not in buf.getvalue() #get the inner value in the secret
assert "second record" not in buf.getvalue()
assert "I need a number" in buf.getvalue()
def test_set_secret(set_up):
sys.argv=['secret_wallet','set','-d',DOMAIN, '-a', 'test_access_2', '-u','x@y','-p','mamma']
#output redirection to string
try:
sleep(1)
with io.StringIO() as buf, redirect_stdout(buf):
Parser()
du.list_secrets(DOMAIN)
assert 'test_access_2' in buf.getvalue()
finally:
du.delete_secret(DOMAIN,'test_access_2')
def test_wrong_memorable(set_up):
m_pwd = u"memorabile"
domain = u"my_domain"
access = u"my_access"
secret_uid = u"me@home"
secret_pwd = u"ciao mamma"
try:
du.insert_secret(domain, access, secret_uid, secret_pwd, None, m_pwd)
with pytest.raises(cryptography.fernet.InvalidToken):
du.get_secret(domain, access, 'pirillo')
finally:
du.delete_secret(domain, access)
def test_has_not_secret(set_up):
m_pwd = u"memorabile"
secret_uid = u"me@home"
secret_pwd = u"ciao mamma"
domain = u"my_domain"
access = u"my_access"
try:
du.insert_secret(domain, access, secret_uid, secret_pwd, None, m_pwd,
parameters.get_salt_key())
assert not du.has_secret('new_domain', access)
finally:
du.delete_secret(domain, access)
def test_insert_select_compare_info(set_up):
m_pwd = u"memorabile"
secret_info = {'message': 'secret'}
domain = u"my_domain"
access = u"my_access"
try:
du.insert_secret(domain, access, None, None, secret_info, m_pwd,
parameters.get_salt_key())
res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key())
assert secret_info['message'] == res['info']['message']
finally:
du.delete_secret(domain, access)
def test_insert_delete_login(set_up):
m_pwd = u"memorabile"
secret_uid = u"me@home"
secret_pwd = u"ciao mamma"
domain = u"my_domain"
access = u"my_access"
ns = du.count_secrets()
try:
du.insert_secret(domain, access, secret_uid, secret_pwd, None, m_pwd,
parameters.get_salt_key())
assert ns + 1 == du.count_secrets()
finally:
du.delete_secret(domain, access)
assert ns == du.count_secrets()
def test_insert_select_compare_login(set_up):
m_pwd = u"memorabile"
secret_uid = u"me@home"
secret_pwd = u"ciao mamma"
domain = u"my_domain"
access = u"my_access"
try:
du.insert_secret(domain, access, secret_uid, secret_pwd, None, m_pwd,
parameters.get_salt_key())
res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key())
assert secret_uid == res['uid']
assert secret_pwd == res['pwd']
finally:
du.delete_secret(domain, access)
def test_wrong_salt_key(set_up):
c_pwd = 'pirillo'
wrong_key = cu.encrypt_key(c_pwd)
m_pwd = u"memorabile"
domain = u"my_domain"
access = u"my_access"
secret_uid = u"me@home"
secret_pwd = u"ciao mamma"
try:
du.insert_secret(domain, access, secret_uid, secret_pwd, None, m_pwd,
wrong_key)
with pytest.raises(cryptography.fernet.InvalidToken):
du.get_secret(domain, access, m_pwd)
finally:
du.delete_secret(domain, access)
def test_wrong_memorable_password(set_up):
my_access = 'another'
sleep(1)
try:
#insert
sys.argv=['secret_wallet','set','-d',DOMAIN, '-a', my_access, '-u','login','-p','password']
Parser()
#now change the memorable in the session
sys.argv=['secret_wallet','client','-a','set','-v','azzo']
Parser()
#the following shoud produce and InvalidToken error
sys.argv=['secret_wallet','get','-d',DOMAIN, '-a', my_access]
with io.StringIO() as buf, redirect_stdout(buf):
Parser()
assert 'InvalidToken' in buf.getvalue()
finally:
du.delete_secret(DOMAIN,my_access)
def delete(self):
"""
Deletes an existing secret, as identified by the domain, access pair. These two fields can
be passed by using the -d and -a options. If only the domain is given, all secrets for that domain
are deleted. When the -ik option is given with a key name, the corresponding entry
in the info dictionary is removed, only if both domain and access are given and they identify an existing secret
"""
parser = argparse.ArgumentParser(description=self.delete.__doc__,
prog='secret_wallet delete')
#required arguments
parser.add_argument('-d',
dest='domain',
required=True,
help='The domain (category) of the secret')
parser.add_argument(
'-a',
dest='access',
help='The sub=domain (sub-category or access) of the secret')
parser.add_argument('-ik',
'--info_key',
help='The key in an information map')
args = iou.my_parse(parser, sys.argv[2:])
if args is None:
return
iou.my_output('Running delete with arguments %s' % args)
try:
if args.domain is not None and args.access is not None and args.info_key is not None:
iou.confirm_delete_key(args.domain, args.access, args.info_key)
sec = get_secret(args.domain, args.access, None, None,
False) #no decryption
info = sec['info']
del info[args.info_key]
update_secret_info_dictionary(args.domain, args.access, info)
elif args.domain is not None and args.access is not None:
iou.confirm_delete([(args.domain, args.access)])
delete_secret(args.domain, args.access)
else:
secrets = list_secrets(args.domain)
iou.confirm_delete(secrets)
delete_secrets(secrets)
except Exception as e:
iou.my_output(repr(e))
def test_rename_secret(set_up):
new_domain = "new domain_01"
new_access = "new_access_01"
sleep(1)
#delete first
du.delete_secret(DOMAIN, ACCESS)
#then set
sys.argv=['secret_wallet','set','-d',DOMAIN, '-a', ACCESS, '-ik','first_key','-iv','first_value']
Parser()
assert du.has_secret(DOMAIN, ACCESS)
assert not du.has_secret(new_domain, new_access)
#now rename
sys.argv=['secret_wallet','rename','-d',DOMAIN, '-a', ACCESS, '-nd', new_domain,'-na', new_access]
Parser()
assert not du.has_secret(DOMAIN, ACCESS)
assert du.has_secret(new_domain, new_access)
du.delete_secret(new_domain, new_access)
def test_update_secret_info_change_value(set_up):
m_pwd = u"memorabile"
domain = u"my_domain"
access = u"my_access"
secret_info = {'message': 'secret'}
info_key = 'message'
info_val = 'a new secret'
try:
du.insert_secret(domain, access, None, None, secret_info, m_pwd,
parameters.get_salt_key())
res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key())
old_ts = res['timestamp']
assert 'secret' == res['info'][info_key]
du.update_secret(domain, access, None, None, info_key, info_val, m_pwd,
parameters.get_salt_key())
res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key())
assert info_val == res['info'][info_key]
assert old_ts < res['timestamp']
finally:
du.delete_secret(domain, access)
def test_delete_info_item(set_up):
domain = 'pera'
access = "cotta"
key1 = 'bella'
value1 = 'pupa'
key2 = 'toste'
value2 = 'mele'
sleep(1)
#delete first
du.delete_secret(domain, access)
#then set
sys.argv=['secret_wallet','set','-d',domain, '-a', access, '-ik', key1, '-iv', value1]
Parser()
sys.argv=['secret_wallet','set','-d',domain, '-a', access, '-ik', key2, '-iv',value2]
Parser()
assert du.has_secret(domain, access)
sys.argv=['secret_wallet','get', '-d', domain, '-a', access]
with io.StringIO() as buf, redirect_stdout(buf):
Parser()
sleep(1)
assert "pupa" in buf.getvalue()
assert "mele" in buf.getvalue()
#now remove one item from the dictionary
sys.argv=['secret_wallet','delete', '-d', domain, '-a', access, '-ik', key2]
Parser()
#check that the item is gone
sys.argv=['secret_wallet','get', '-d', domain, '-a', access]
with io.StringIO() as buf, redirect_stdout(buf):
Parser()
sleep(1)
assert "pupa" in buf.getvalue()
assert "mele" not in buf.getvalue()
def test_query_by_pattern(set_up):
domain1 = 'pera'
access1 = "cotta"
domain2 = 'bella'
access2 = 'pera'
sleep(1)
#delete first
du.delete_secret(domain1, access1)
du.delete_secret(domain2, access2)
#then set
sys.argv=['secret_wallet','set','-d',domain1, '-a', access1]
Parser()
sys.argv=['secret_wallet','set','-d',domain2, '-a', access2]
Parser()
assert du.has_secret(domain1, access1)
assert du.has_secret(domain2, access2)
#now querying by domain
sys.argv=['secret_wallet','query','pera']
with io.StringIO() as buf, redirect_stdout(buf):
Parser()
assert "cotta" in buf.getvalue()
assert "bella" in buf.getvalue()