def test_update_info_dict_remove_key(set_up): m_pwd = u"memorabile" domain = u"my_domain" access = u"my_access" secret_info = {'key1': 'value1', 'key2': 'value2'} salt = parameters.get_salt_key() try: ns = du.count_secrets() du.insert_secret(domain, access, None, None, secret_info, m_pwd, parameters.get_salt_key()) assert ns + 1 == du.count_secrets() res = du.get_secret(domain, access, m_pwd, salt, False) #no decryption of secret old_ts = res['timestamp'] info = res['info'] assert 2 == len(info) del info['key2'] #remove one entry du.update_secret_info_dictionary(domain, access, info) res = du.get_secret(domain, access, m_pwd, salt) ts = res['timestamp'] info = res['info'] assert 1 == len(info) assert 'value1' == info['key1'] assert ts != old_ts finally: du.delete_secret(domain, access)
def test_update_secret_info_change_password_and_a_value(set_up): m_pwd = u"memorabile" domain = u"my_domain" access = u"my_access" secret_uid = u"me@home" secret_pwd = u"ciao mamma" secret_pwd2 = u"another password" secret_info = {'message': 'secret'} info_key = 'message' info_val = 'a new secret' try: du.insert_secret(domain, access, secret_uid, secret_pwd, secret_info, m_pwd, parameters.get_salt_key()) res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key()) old_ts = res['timestamp'] assert 'secret' == res['info'][info_key] assert secret_pwd == res['pwd'] du.update_secret(domain, access, None, secret_pwd2, info_key, info_val, m_pwd, parameters.get_salt_key()) res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key()) assert info_val == res['info'][info_key] assert secret_pwd2 == res['pwd'] assert old_ts < res['timestamp'] finally: du.delete_secret(domain, access)
def test_update_missing_secret_no_effect(set_up): m_pwd = u"memorabile" domain = u"my_domain" access = u"my_access" access2 = u"my_second access" secret_uid = u"me@home" secret_pwd = u"ciao mamma" secret_pwd2 = u"my second password" secret_info = {'message': 'secret'} try: ns = du.count_secrets() du.insert_secret(domain, access, secret_uid, secret_pwd, secret_info, m_pwd, parameters.get_salt_key()) assert ns + 1 == du.count_secrets() res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key()) old_ts = res['timestamp'] assert 'secret' == res['info']['message'] assert secret_pwd == res['pwd'] assert secret_uid == res['uid'] du.update_secret(domain, access2, None, secret_pwd2, None, None, m_pwd, parameters.get_salt_key()) assert ns + 1 == du.count_secrets() res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key()) assert old_ts == res['timestamp'] finally: du.delete_secret(domain, access)
def set_up(): #mocking the user input iou.my_input = lambda _:'yes' iou.my_output = lambda message,_=False: print(message) path = os.path.dirname(__file__) conf_file = os.path.join(path,'data','test_integration.json') conf_data = get_configuration(conf_file) parameters.set_data(conf_data) du.insert_secret(DOMAIN, ACCESS, UID, PWD, INFO, MEM) p =Process(target=my_session, args =(MEM, 60, 10)) p.start() yield conf_file iou.my_input = old_input iou.my_output = old_output iou.my_getpass = old_getpass du.delete_secret(DOMAIN,ACCESS) parameters.clear() set_configuration_data(conf_data, conf_file) if is_connected(): stop_service() p.terminate()
def test_update_secret_login(set_up): m_pwd = u"memorabile" secret_uid = u"me@home" secret_uid2 = u"me@office" secret_pwd = u"ciao mamma" domain = u"my_domain" access = u"my_access" try: ns = du.count_secrets() du.insert_secret(domain, access, secret_uid, secret_pwd, None, m_pwd, parameters.get_salt_key()) assert ns + 1 == du.count_secrets() assert du.has_secret(domain, access) old_ts = du.get_secret(domain, access, m_pwd, parameters.get_salt_key())['timestamp'] du.update_secret(domain, access, secret_uid2, None, None, None, m_pwd, parameters.get_salt_key()) assert ns + 1 == du.count_secrets( ) #no change to the number of secrets res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key()) assert secret_uid2 == res['uid'] assert secret_pwd == res['pwd'] assert old_ts < res['timestamp'] finally: du.delete_secret(domain, access)
def test_rename_secret(set_up): m_pwd = u"memorabile" domain = u"my_domain" access = u"my_access" new_domain = u"new_domain" new_access = u"new_access" info = {'message': 'secret'} try: #before assert not du.has_secret(domain, access) assert not du.has_secret(new_domain, new_access) #after insertion du.insert_secret(domain, access, None, None, info, m_pwd, parameters.get_salt_key()) assert du.has_secret(domain, access) assert not du.has_secret(new_domain, new_access) #after rename du.rename_secret(domain, access, new_domain, new_access) assert not du.has_secret(domain, access) assert du.has_secret(new_domain, new_access) res = du.get_secret(new_domain, new_access, m_pwd, parameters.get_salt_key()) assert info['message'] == res['info']['message'] finally: du.delete_secret(domain, access) du.delete_secret(new_domain, new_access)
def set(self): """ Add or change a secret in the wallet. This could be an entire new secret, with all the information passed inline or an update of an existing secret. What is set with this command determines the content of a secret, identified by the domain, access pair. Key values pairs, as defined by the -ik and -iv options, can be added incrementally by multiple calls to the set command. """ parser = argparse.ArgumentParser(description=self.set.__doc__, prog='secret_wallet set') #required arguments parser.add_argument('-d', dest='domain', required=True, help='The domain (category) of the secret') parser.add_argument( '-a', dest='access', required=True, help='The sub=domain (sub-category or access) of the secret') #optional arguments parser.add_argument('-u', '--uid', help='The login id for a given access') parser.add_argument('-p', '--pwd', help='The password for a given access') parser.add_argument('-ik', '--info_key', help='The key in an information map') parser.add_argument('-iv', '--info_value', help='The value in an information map') args = iou.my_parse(parser, sys.argv[2:]) if args is None: return iou.my_output('Running set for domain %s and access %s' % (args.domain, args.access)) if args.info_key is None or args.info_value is None: info = None else: info = {args.info_key: args.info_value} try: memorable, need_session = pm.get_memorable_password(True) if not has_secret(args.domain, args.access): insert_secret(args.domain, args.access, args.uid, args.pwd, info, memorable) else: update_secret(args.domain, args.access, args.uid, args.pwd, args.info_key, args.info_value, memorable) if need_session: start_my_session(memorable, parameters.get_session_lifetime(), parameters.get_session_timeout()) except Exception as e: iou.my_output(repr(e))
def test_wrong_salt(set_up): my_access = 'another' other_key = cu.encrypt_key('pirillo') sleep(1) du.insert_secret(DOMAIN, my_access, 'login', 'password', None, 'memorable', other_key) #the following shoud produce and InvalidToken error sys.argv=['secret_wallet','get','-d',DOMAIN, '-a', my_access] with io.StringIO() as buf, redirect_stdout(buf): Parser() assert 'InvalidToken' in buf.getvalue()
def test_has_not_secret(set_up): m_pwd = u"memorabile" secret_uid = u"me@home" secret_pwd = u"ciao mamma" domain = u"my_domain" access = u"my_access" try: du.insert_secret(domain, access, secret_uid, secret_pwd, None, m_pwd, parameters.get_salt_key()) assert not du.has_secret('new_domain', access) finally: du.delete_secret(domain, access)
def test_insert_select_compare_info(set_up): m_pwd = u"memorabile" secret_info = {'message': 'secret'} domain = u"my_domain" access = u"my_access" try: du.insert_secret(domain, access, None, None, secret_info, m_pwd, parameters.get_salt_key()) res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key()) assert secret_info['message'] == res['info']['message'] finally: du.delete_secret(domain, access)
def test_wrong_memorable(set_up): m_pwd = u"memorabile" domain = u"my_domain" access = u"my_access" secret_uid = u"me@home" secret_pwd = u"ciao mamma" try: du.insert_secret(domain, access, secret_uid, secret_pwd, None, m_pwd) with pytest.raises(cryptography.fernet.InvalidToken): du.get_secret(domain, access, 'pirillo') finally: du.delete_secret(domain, access)
def test_insert_select_compare_login(set_up): m_pwd = u"memorabile" secret_uid = u"me@home" secret_pwd = u"ciao mamma" domain = u"my_domain" access = u"my_access" try: du.insert_secret(domain, access, secret_uid, secret_pwd, None, m_pwd, parameters.get_salt_key()) res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key()) assert secret_uid == res['uid'] assert secret_pwd == res['pwd'] finally: du.delete_secret(domain, access)
def test_insert_delete_login(set_up): m_pwd = u"memorabile" secret_uid = u"me@home" secret_pwd = u"ciao mamma" domain = u"my_domain" access = u"my_access" ns = du.count_secrets() try: du.insert_secret(domain, access, secret_uid, secret_pwd, None, m_pwd, parameters.get_salt_key()) assert ns + 1 == du.count_secrets() finally: du.delete_secret(domain, access) assert ns == du.count_secrets()
def test_wrong_salt_key(set_up): c_pwd = 'pirillo' wrong_key = cu.encrypt_key(c_pwd) m_pwd = u"memorabile" domain = u"my_domain" access = u"my_access" secret_uid = u"me@home" secret_pwd = u"ciao mamma" try: du.insert_secret(domain, access, secret_uid, secret_pwd, None, m_pwd, wrong_key) with pytest.raises(cryptography.fernet.InvalidToken): du.get_secret(domain, access, m_pwd) finally: du.delete_secret(domain, access)
def test_delete_secrets(set_up): m_pwd = u"memorabile" domain = u"my_domain" info = {'message': 'secret'} #cleanup du.delete_secrets(du.list_secrets(None)) cnt = du.count_secrets() for i in range(5): access = f"access_{i}" du.insert_secret(domain, access, None, None, info, m_pwd, parameters.get_salt_key()) assert cnt + 5 == du.count_secrets() # now get the secret back by domain secrets = du.list_secrets(domain) #delete them in block du.delete_secrets(secrets) #check that they are gone assert cnt == du.count_secrets()
def test_update_secret_info_change_value(set_up): m_pwd = u"memorabile" domain = u"my_domain" access = u"my_access" secret_info = {'message': 'secret'} info_key = 'message' info_val = 'a new secret' try: du.insert_secret(domain, access, None, None, secret_info, m_pwd, parameters.get_salt_key()) res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key()) old_ts = res['timestamp'] assert 'secret' == res['info'][info_key] du.update_secret(domain, access, None, None, info_key, info_val, m_pwd, parameters.get_salt_key()) res = du.get_secret(domain, access, m_pwd, parameters.get_salt_key()) assert info_val == res['info'][info_key] assert old_ts < res['timestamp'] finally: du.delete_secret(domain, access)
def insert_records(): m_pwd = 'memorable' du.insert_secret("d1", "a1", "u1", "p1", {"k1": "v1", "k2": "v2"}, m_pwd) du.insert_secret("d1", "a2", "u2", "p2", {"k3": "v3"}, m_pwd) du.insert_secret("d2", "a3", "u3", "p3", {"k4": "v4"}, m_pwd) yield du.delete_secrets(du.list_secrets("d1")) du.delete_secrets(du.list_secrets("d2"))