From 037d54e4421867ff8242f11984f9c29fd300f5df Mon Sep 17 00:00:00 2001 From: Marian Beermann Date: Fri, 18 Mar 2016 02:58:29 +0100 Subject: [PATCH 1/6] ArchiverTestCase, test_symlink_extract --- borg/testsuite/archiver.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/borg/testsuite/archiver.py b/borg/testsuite/archiver.py index 1b89515c5..ddd0c5f66 100644 --- a/borg/testsuite/archiver.py +++ b/borg/testsuite/archiver.py @@ -353,6 +353,14 @@ class ArchiverTestCase(ArchiverTestCaseBase): # the interesting parts of info_output2 and info_output should be same self.assert_equal(filter(info_output), filter(info_output2)) + def test_symlink_extract(self): + self.create_test_files() + self.cmd('init', self.repository_location) + self.cmd('create', self.repository_location + '::test', 'input') + with changedir('output'): + self.cmd('extract', self.repository_location + '::test') + assert os.readlink('input/link1') == 'somewhere' + def test_atime(self): self.create_test_files() atime, mtime = 123456780, 234567890 From dece06fba998a548424a22ed357a4b9933150345 Mon Sep 17 00:00:00 2001 From: Marian Beermann Date: Sat, 16 Apr 2016 00:20:55 +0200 Subject: [PATCH 2/6] KeyTestCase, test_decrypt_integrity --- borg/testsuite/__init__.py | 2 ++ borg/testsuite/key.py | 33 +++++++++++++++++++++++++++++++-- 2 files changed, 33 insertions(+), 2 deletions(-) diff --git a/borg/testsuite/__init__.py b/borg/testsuite/__init__.py index cccf97a82..978c1ab42 100644 --- a/borg/testsuite/__init__.py +++ b/borg/testsuite/__init__.py @@ -45,6 +45,8 @@ class BaseTestCase(unittest.TestCase): assert_not_in = unittest.TestCase.assertNotIn assert_equal = unittest.TestCase.assertEqual assert_not_equal = unittest.TestCase.assertNotEqual + assert_raises = unittest.TestCase.assertRaises + assert_raises_regex = unittest.TestCase.assertRaisesRegex assert_true = unittest.TestCase.assertTrue if raises: diff --git a/borg/testsuite/key.py b/borg/testsuite/key.py index 11eb35061..4f9ec7b4c 100644 --- a/borg/testsuite/key.py +++ b/borg/testsuite/key.py @@ -6,8 +6,8 @@ from binascii import hexlify, unhexlify from ..crypto import bytes_to_long, num_aes_blocks from ..key import PlaintextKey, PassphraseKey, KeyfileKey -from ..helpers import Location, Chunk, bin_to_hex -from . import BaseTestCase, environment_variable +from ..helpers import Location, IntegrityError, Chunk, bin_to_hex +from . import environment_variable class KeyTestCase(BaseTestCase): @@ -126,3 +126,32 @@ class KeyTestCase(BaseTestCase): chunk = Chunk(b'foo') self.assert_equal(hexlify(key.id_hash(chunk.data)), b'818217cf07d37efad3860766dcdf1d21e401650fed2d76ed1d797d3aae925990') self.assert_equal(chunk, key2.decrypt(key2.id_hash(chunk.data), key.encrypt(chunk))) + + def test_decrypt_integrity(self): + with open(os.path.join(os.environ['BORG_KEYS_DIR'], 'keyfile'), 'w') as fd: + fd.write(self.keyfile2_key_file) + os.environ['BORG_PASSPHRASE'] = 'passphrase' + key = KeyfileKey.detect(self.MockRepository(), self.keyfile2_cdata) + with self.assert_raises_regex(IntegrityError, 'Invalid encryption envelope'): + data = bytearray(self.keyfile2_cdata) + data[0] += 5 # wrong TYPE + key.decrypt("", data) + with self.assert_raises_regex(IntegrityError, 'Encryption envelope checksum mismatch'): + data = bytearray(self.keyfile2_cdata) + data[5] += 5 # corrupt HMAC + key.decrypt("", data) + with self.assert_raises_regex(IntegrityError, 'Encryption envelope checksum mismatch'): + data = bytearray(self.keyfile2_cdata) + id = key.id_hash(data) + data[36] += 123 # this in the IV/CTR + key.decrypt(id, data) + with self.assert_raises_regex(IntegrityError, 'Encryption envelope checksum mismatch'): + data = bytearray(self.keyfile2_cdata) + id = key.id_hash(data) + data[50] += 1 # corrupt data + key.decrypt(id, data) + with self.assert_raises_regex(IntegrityError, 'Chunk id verification failed'): + data = bytearray(self.keyfile2_cdata) + id = bytearray(key.id_hash(data)) # corrupt chunk id + id[12] = 0 + key.decrypt(id, data) From e5356b7f66f074026f195b70b325bc6c4dac97c9 Mon Sep 17 00:00:00 2001 From: Marian Beermann Date: Sat, 16 Apr 2016 18:45:53 +0200 Subject: [PATCH 3/6] testsuite/key: port to pytest, test_decrypt_integrity w/ 'carpet bombing' --- borg/testsuite/key.py | 153 +++++++++++++++++++++--------------------- 1 file changed, 78 insertions(+), 75 deletions(-) diff --git a/borg/testsuite/key.py b/borg/testsuite/key.py index 4f9ec7b4c..8c57620a6 100644 --- a/borg/testsuite/key.py +++ b/borg/testsuite/key.py @@ -4,14 +4,20 @@ import shutil import tempfile from binascii import hexlify, unhexlify +import pytest from ..crypto import bytes_to_long, num_aes_blocks from ..key import PlaintextKey, PassphraseKey, KeyfileKey from ..helpers import Location, IntegrityError, Chunk, bin_to_hex from . import environment_variable -class KeyTestCase(BaseTestCase): +@pytest.fixture(autouse=True) +def clean_env(monkeypatch): + # Workaround for some tests (testsuite/archiver) polluting the environment + monkeypatch.delenv('BORG_PASSPHRASE', False) + +class TestKey: class MockArgs: location = Location(tempfile.mkstemp()[1]) @@ -31,14 +37,15 @@ class KeyTestCase(BaseTestCase): """)) keyfile2_id = unhexlify('c3fbf14bc001ebcc3cd86e696c13482ed071740927cd7cbe1b01b4bfcee49314') - def setUp(self): - self.tmppath = tempfile.mkdtemp() - os.environ['BORG_KEYS_DIR'] = self.tmppath - self.tmppath2 = tempfile.mkdtemp() + @pytest.fixture(autouse=True) + def keys_dir(self, request, monkeypatch): + tmp_keys_dir = tempfile.mkdtemp() - def tearDown(self): - shutil.rmtree(self.tmppath) - shutil.rmtree(self.tmppath2) + def finalize(): + shutil.rmtree(tmp_keys_dir) + + request.addfinalizer(finalize) + monkeypatch.setenv('BORG_KEYS_DIR', tmp_keys_dir) class MockRepository: class _Location: @@ -51,106 +58,102 @@ class KeyTestCase(BaseTestCase): def test_plaintext(self): key = PlaintextKey.create(None, None) chunk = Chunk(b'foo') - self.assert_equal(hexlify(key.id_hash(chunk.data)), b'2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae') - self.assert_equal(chunk, key.decrypt(key.id_hash(chunk.data), key.encrypt(chunk))) + assert hexlify(key.id_hash(chunk.data)) == b'2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae' + assert chunk == key.decrypt(key.id_hash(chunk.data), key.encrypt(chunk)) - def test_keyfile(self): - os.environ['BORG_PASSPHRASE'] = 'test' + def test_keyfile(self, monkeypatch): + monkeypatch.setenv('BORG_PASSPHRASE', 'test') key = KeyfileKey.create(self.MockRepository(), self.MockArgs()) - self.assert_equal(bytes_to_long(key.enc_cipher.iv, 8), 0) + assert bytes_to_long(key.enc_cipher.iv, 8) == 0 manifest = key.encrypt(Chunk(b'XXX')) - self.assert_equal(key.extract_nonce(manifest), 0) + assert key.extract_nonce(manifest) == 0 manifest2 = key.encrypt(Chunk(b'XXX')) - self.assert_not_equal(manifest, manifest2) - self.assert_equal(key.decrypt(None, manifest), key.decrypt(None, manifest2)) - self.assert_equal(key.extract_nonce(manifest2), 1) + assert manifest != manifest2 + assert key.decrypt(None, manifest) == key.decrypt(None, manifest2) + assert key.extract_nonce(manifest2) == 1 iv = key.extract_nonce(manifest) key2 = KeyfileKey.detect(self.MockRepository(), manifest) - self.assert_equal(bytes_to_long(key2.enc_cipher.iv, 8), iv + num_aes_blocks(len(manifest) - KeyfileKey.PAYLOAD_OVERHEAD)) + assert bytes_to_long(key2.enc_cipher.iv, 8) == iv + num_aes_blocks(len(manifest) - KeyfileKey.PAYLOAD_OVERHEAD) # Key data sanity check - self.assert_equal(len(set([key2.id_key, key2.enc_key, key2.enc_hmac_key])), 3) - self.assert_equal(key2.chunk_seed == 0, False) + assert len({key2.id_key, key2.enc_key, key2.enc_hmac_key}) == 3 + assert key2.chunk_seed != 0 + data = b'foo' chunk = Chunk(b'foo') - self.assert_equal(chunk, key2.decrypt(key.id_hash(chunk.data), key.encrypt(chunk))) + assert chunk == key2.decrypt(key.id_hash(chunk.data), key.encrypt(chunk)) - def test_keyfile_kfenv(self): - keyfile = os.path.join(self.tmppath2, 'keyfile') - with environment_variable(BORG_KEY_FILE=keyfile, BORG_PASSPHRASE='testkf'): - assert not os.path.exists(keyfile) + def test_keyfile_kfenv(self, tmpdir): + keyfile = tmpdir.join('keyfile') + with environment_variable(BORG_KEY_FILE=str(keyfile), BORG_PASSPHRASE='testkf'): + assert not keyfile.exists() key = KeyfileKey.create(self.MockRepository(), self.MockArgs()) - assert os.path.exists(keyfile) + assert keyfile.exists() chunk = Chunk(b'XXX') chunk_id = key.id_hash(chunk.data) chunk_cdata = key.encrypt(chunk) key = KeyfileKey.detect(self.MockRepository(), chunk_cdata) - self.assert_equal(chunk, key.decrypt(chunk_id, chunk_cdata)) - os.unlink(keyfile) - self.assert_raises(FileNotFoundError, KeyfileKey.detect, self.MockRepository(), chunk_cdata) + assert chunk == key.decrypt(chunk_id, chunk_cdata) + keyfile.unlink() + with pytest.raises(FileNotFoundError): + KeyfileKey.detect(self.MockRepository(), chunk_cdata) - def test_keyfile2(self): + def test_keyfile2(self, monkeypatch): with open(os.path.join(os.environ['BORG_KEYS_DIR'], 'keyfile'), 'w') as fd: fd.write(self.keyfile2_key_file) - os.environ['BORG_PASSPHRASE'] = 'passphrase' + monkeypatch.setenv('BORG_PASSPHRASE', 'passphrase') key = KeyfileKey.detect(self.MockRepository(), self.keyfile2_cdata) - self.assert_equal(key.decrypt(self.keyfile2_id, self.keyfile2_cdata).data, b'payload') + assert key.decrypt(self.keyfile2_id, self.keyfile2_cdata).data == b'payload' - def test_keyfile2_kfenv(self): - keyfile = os.path.join(self.tmppath2, 'keyfile') - with open(keyfile, 'w') as fd: + def test_keyfile2_kfenv(self, tmpdir): + keyfile = tmpdir.join('keyfile') + with keyfile.open('w') as fd: fd.write(self.keyfile2_key_file) with environment_variable(BORG_KEY_FILE=keyfile, BORG_PASSPHRASE='passphrase'): key = KeyfileKey.detect(self.MockRepository(), self.keyfile2_cdata) - self.assert_equal(key.decrypt(self.keyfile2_id, self.keyfile2_cdata).data, b'payload') + assert key.decrypt(self.keyfile2_id, self.keyfile2_cdata).data == b'payload' - def test_passphrase(self): - os.environ['BORG_PASSPHRASE'] = 'test' + def test_passphrase(self, keys_dir, monkeypatch): + monkeypatch.setenv('BORG_PASSPHRASE', 'test') key = PassphraseKey.create(self.MockRepository(), None) - self.assert_equal(bytes_to_long(key.enc_cipher.iv, 8), 0) - self.assert_equal(hexlify(key.id_key), b'793b0717f9d8fb01c751a487e9b827897ceea62409870600013fbc6b4d8d7ca6') - self.assert_equal(hexlify(key.enc_hmac_key), b'b885a05d329a086627412a6142aaeb9f6c54ab7950f996dd65587251f6bc0901') - self.assert_equal(hexlify(key.enc_key), b'2ff3654c6daf7381dbbe718d2b20b4f1ea1e34caa6cc65f6bb3ac376b93fed2a') - self.assert_equal(key.chunk_seed, -775740477) + assert bytes_to_long(key.enc_cipher.iv, 8) == 0 + assert hexlify(key.id_key) == b'793b0717f9d8fb01c751a487e9b827897ceea62409870600013fbc6b4d8d7ca6' + assert hexlify(key.enc_hmac_key) == b'b885a05d329a086627412a6142aaeb9f6c54ab7950f996dd65587251f6bc0901' + assert hexlify(key.enc_key) == b'2ff3654c6daf7381dbbe718d2b20b4f1ea1e34caa6cc65f6bb3ac376b93fed2a' + assert key.chunk_seed == -775740477 manifest = key.encrypt(Chunk(b'XXX')) - self.assert_equal(key.extract_nonce(manifest), 0) + assert key.extract_nonce(manifest) == 0 manifest2 = key.encrypt(Chunk(b'XXX')) - self.assert_not_equal(manifest, manifest2) - self.assert_equal(key.decrypt(None, manifest), key.decrypt(None, manifest2)) - self.assert_equal(key.extract_nonce(manifest2), 1) + assert manifest != manifest2 + assert key.decrypt(None, manifest) == key.decrypt(None, manifest2) + assert key.extract_nonce(manifest2) == 1 iv = key.extract_nonce(manifest) key2 = PassphraseKey.detect(self.MockRepository(), manifest) - self.assert_equal(bytes_to_long(key2.enc_cipher.iv, 8), iv + num_aes_blocks(len(manifest) - PassphraseKey.PAYLOAD_OVERHEAD)) - self.assert_equal(key.id_key, key2.id_key) - self.assert_equal(key.enc_hmac_key, key2.enc_hmac_key) - self.assert_equal(key.enc_key, key2.enc_key) - self.assert_equal(key.chunk_seed, key2.chunk_seed) + assert bytes_to_long(key2.enc_cipher.iv, 8) == iv + num_aes_blocks(len(manifest) - PassphraseKey.PAYLOAD_OVERHEAD) + assert key.id_key == key2.id_key + assert key.enc_hmac_key == key2.enc_hmac_key + assert key.enc_key == key2.enc_key + assert key.chunk_seed == key2.chunk_seed + data = b'foo' chunk = Chunk(b'foo') - self.assert_equal(hexlify(key.id_hash(chunk.data)), b'818217cf07d37efad3860766dcdf1d21e401650fed2d76ed1d797d3aae925990') - self.assert_equal(chunk, key2.decrypt(key2.id_hash(chunk.data), key.encrypt(chunk))) + assert hexlify(key.id_hash(chunk.data)) == b'818217cf07d37efad3860766dcdf1d21e401650fed2d76ed1d797d3aae925990' + assert chunk == key2.decrypt(key2.id_hash(chunk.data), key.encrypt(chunk)) - def test_decrypt_integrity(self): + def _corrupt_byte(self, key, data, offset): + data = bytearray(data) + data[offset] += 1 + with pytest.raises(IntegrityError): + key.decrypt("", data) + + def test_decrypt_integrity(self, monkeypatch): with open(os.path.join(os.environ['BORG_KEYS_DIR'], 'keyfile'), 'w') as fd: fd.write(self.keyfile2_key_file) - os.environ['BORG_PASSPHRASE'] = 'passphrase' + monkeypatch.setenv('BORG_PASSPHRASE', 'passphrase') key = KeyfileKey.detect(self.MockRepository(), self.keyfile2_cdata) - with self.assert_raises_regex(IntegrityError, 'Invalid encryption envelope'): - data = bytearray(self.keyfile2_cdata) - data[0] += 5 # wrong TYPE - key.decrypt("", data) - with self.assert_raises_regex(IntegrityError, 'Encryption envelope checksum mismatch'): - data = bytearray(self.keyfile2_cdata) - data[5] += 5 # corrupt HMAC - key.decrypt("", data) - with self.assert_raises_regex(IntegrityError, 'Encryption envelope checksum mismatch'): - data = bytearray(self.keyfile2_cdata) - id = key.id_hash(data) - data[36] += 123 # this in the IV/CTR - key.decrypt(id, data) - with self.assert_raises_regex(IntegrityError, 'Encryption envelope checksum mismatch'): - data = bytearray(self.keyfile2_cdata) - id = key.id_hash(data) - data[50] += 1 # corrupt data - key.decrypt(id, data) - with self.assert_raises_regex(IntegrityError, 'Chunk id verification failed'): + + data = self.keyfile2_cdata + for i in range(len(data)): + self._corrupt_byte(key, data, i) + + with pytest.raises(IntegrityError): data = bytearray(self.keyfile2_cdata) id = bytearray(key.id_hash(data)) # corrupt chunk id id[12] = 0 From c6f7866e3530bdffb46c221676c6af95a8b6ef96 Mon Sep 17 00:00:00 2001 From: Marian Beermann Date: Sun, 8 May 2016 23:13:39 +0200 Subject: [PATCH 4/6] testsuite/key: add TestPassphrase --- borg/testsuite/key.py | 53 ++++++++++++++++++++++++++++++++++++++----- 1 file changed, 47 insertions(+), 6 deletions(-) diff --git a/borg/testsuite/key.py b/borg/testsuite/key.py index 8c57620a6..65ad9a741 100644 --- a/borg/testsuite/key.py +++ b/borg/testsuite/key.py @@ -1,3 +1,4 @@ +import getpass import os import re import shutil @@ -5,9 +6,10 @@ import tempfile from binascii import hexlify, unhexlify import pytest + from ..crypto import bytes_to_long, num_aes_blocks -from ..key import PlaintextKey, PassphraseKey, KeyfileKey -from ..helpers import Location, IntegrityError, Chunk, bin_to_hex +from ..key import PlaintextKey, PassphraseKey, KeyfileKey, Passphrase, PasswordRetriesExceeded, bin_to_hex +from ..helpers import Location, Chunk, IntegrityError from . import environment_variable @@ -77,7 +79,6 @@ class TestKey: # Key data sanity check assert len({key2.id_key, key2.enc_key, key2.enc_hmac_key}) == 3 assert key2.chunk_seed != 0 - data = b'foo' chunk = Chunk(b'foo') assert chunk == key2.decrypt(key.id_hash(chunk.data), key.encrypt(chunk)) @@ -92,7 +93,7 @@ class TestKey: chunk_cdata = key.encrypt(chunk) key = KeyfileKey.detect(self.MockRepository(), chunk_cdata) assert chunk == key.decrypt(chunk_id, chunk_cdata) - keyfile.unlink() + keyfile.remove() with pytest.raises(FileNotFoundError): KeyfileKey.detect(self.MockRepository(), chunk_cdata) @@ -107,7 +108,7 @@ class TestKey: keyfile = tmpdir.join('keyfile') with keyfile.open('w') as fd: fd.write(self.keyfile2_key_file) - with environment_variable(BORG_KEY_FILE=keyfile, BORG_PASSPHRASE='passphrase'): + with environment_variable(BORG_KEY_FILE=str(keyfile), BORG_PASSPHRASE='passphrase'): key = KeyfileKey.detect(self.MockRepository(), self.keyfile2_cdata) assert key.decrypt(self.keyfile2_id, self.keyfile2_cdata).data == b'payload' @@ -132,7 +133,6 @@ class TestKey: assert key.enc_hmac_key == key2.enc_hmac_key assert key.enc_key == key2.enc_key assert key.chunk_seed == key2.chunk_seed - data = b'foo' chunk = Chunk(b'foo') assert hexlify(key.id_hash(chunk.data)) == b'818217cf07d37efad3860766dcdf1d21e401650fed2d76ed1d797d3aae925990' assert chunk == key2.decrypt(key2.id_hash(chunk.data), key.encrypt(chunk)) @@ -158,3 +158,44 @@ class TestKey: id = bytearray(key.id_hash(data)) # corrupt chunk id id[12] = 0 key.decrypt(id, data) + + +class TestPassphrase: + def test_passphrase_new_verification(self, capsys, monkeypatch): + monkeypatch.setattr(getpass, 'getpass', lambda prompt: "12aöäü") + monkeypatch.setenv('BORG_DISPLAY_PASSPHRASE', 'no') + Passphrase.new() + out, err = capsys.readouterr() + assert "12" not in out + assert "12" not in err + + monkeypatch.setenv('BORG_DISPLAY_PASSPHRASE', 'yes') + passphrase = Passphrase.new() + out, err = capsys.readouterr() + assert "313261c3b6c3a4c3bc" not in out + assert "313261c3b6c3a4c3bc" in err + assert passphrase == "12aöäü" + + monkeypatch.setattr(getpass, 'getpass', lambda prompt: "1234/@=") + Passphrase.new() + out, err = capsys.readouterr() + assert "1234/@=" not in out + assert "1234/@=" in err + + def test_passphrase_new_empty(self, capsys, monkeypatch): + monkeypatch.delenv('BORG_PASSPHRASE', False) + monkeypatch.setattr(getpass, 'getpass', lambda prompt: "") + with pytest.raises(PasswordRetriesExceeded): + Passphrase.new(allow_empty=False) + out, err = capsys.readouterr() + assert "must not be blank" in err + + def test_passphrase_new_retries(self, monkeypatch): + monkeypatch.delenv('BORG_PASSPHRASE', False) + ascending_numbers = iter(range(20)) + monkeypatch.setattr(getpass, 'getpass', lambda prompt: str(next(ascending_numbers))) + with pytest.raises(PasswordRetriesExceeded): + Passphrase.new() + + def test_passphrase_repr(self): + assert "secret" not in repr(Passphrase("secret")) From 6a15e8d13886f6ab8d25d751338cbdfd866a9618 Mon Sep 17 00:00:00 2001 From: Marian Beermann Date: Mon, 9 May 2016 12:02:16 +0200 Subject: [PATCH 5/6] testsuite/key: environment_variable -> monkeypatch.setenv --- borg/testsuite/__init__.py | 2 -- borg/testsuite/key.py | 37 +++++++++++++++++++------------------ 2 files changed, 19 insertions(+), 20 deletions(-) diff --git a/borg/testsuite/__init__.py b/borg/testsuite/__init__.py index 978c1ab42..cccf97a82 100644 --- a/borg/testsuite/__init__.py +++ b/borg/testsuite/__init__.py @@ -45,8 +45,6 @@ class BaseTestCase(unittest.TestCase): assert_not_in = unittest.TestCase.assertNotIn assert_equal = unittest.TestCase.assertEqual assert_not_equal = unittest.TestCase.assertNotEqual - assert_raises = unittest.TestCase.assertRaises - assert_raises_regex = unittest.TestCase.assertRaisesRegex assert_true = unittest.TestCase.assertTrue if raises: diff --git a/borg/testsuite/key.py b/borg/testsuite/key.py index 65ad9a741..360b88a0c 100644 --- a/borg/testsuite/key.py +++ b/borg/testsuite/key.py @@ -10,7 +10,6 @@ import pytest from ..crypto import bytes_to_long, num_aes_blocks from ..key import PlaintextKey, PassphraseKey, KeyfileKey, Passphrase, PasswordRetriesExceeded, bin_to_hex from ..helpers import Location, Chunk, IntegrityError -from . import environment_variable @pytest.fixture(autouse=True) @@ -82,20 +81,21 @@ class TestKey: chunk = Chunk(b'foo') assert chunk == key2.decrypt(key.id_hash(chunk.data), key.encrypt(chunk)) - def test_keyfile_kfenv(self, tmpdir): + def test_keyfile_kfenv(self, tmpdir, monkeypatch): keyfile = tmpdir.join('keyfile') - with environment_variable(BORG_KEY_FILE=str(keyfile), BORG_PASSPHRASE='testkf'): - assert not keyfile.exists() - key = KeyfileKey.create(self.MockRepository(), self.MockArgs()) - assert keyfile.exists() - chunk = Chunk(b'XXX') - chunk_id = key.id_hash(chunk.data) - chunk_cdata = key.encrypt(chunk) - key = KeyfileKey.detect(self.MockRepository(), chunk_cdata) - assert chunk == key.decrypt(chunk_id, chunk_cdata) - keyfile.remove() - with pytest.raises(FileNotFoundError): - KeyfileKey.detect(self.MockRepository(), chunk_cdata) + monkeypatch.setenv('BORG_KEY_FILE', str(keyfile)) + monkeypatch.setenv('BORG_PASSPHRASE', 'testkf') + assert not keyfile.exists() + key = KeyfileKey.create(self.MockRepository(), self.MockArgs()) + assert keyfile.exists() + chunk = Chunk(b'XXX') + chunk_id = key.id_hash(chunk.data) + chunk_cdata = key.encrypt(chunk) + key = KeyfileKey.detect(self.MockRepository(), chunk_cdata) + assert chunk == key.decrypt(chunk_id, chunk_cdata) + keyfile.remove() + with pytest.raises(FileNotFoundError): + KeyfileKey.detect(self.MockRepository(), chunk_cdata) def test_keyfile2(self, monkeypatch): with open(os.path.join(os.environ['BORG_KEYS_DIR'], 'keyfile'), 'w') as fd: @@ -104,13 +104,14 @@ class TestKey: key = KeyfileKey.detect(self.MockRepository(), self.keyfile2_cdata) assert key.decrypt(self.keyfile2_id, self.keyfile2_cdata).data == b'payload' - def test_keyfile2_kfenv(self, tmpdir): + def test_keyfile2_kfenv(self, tmpdir, monkeypatch): keyfile = tmpdir.join('keyfile') with keyfile.open('w') as fd: fd.write(self.keyfile2_key_file) - with environment_variable(BORG_KEY_FILE=str(keyfile), BORG_PASSPHRASE='passphrase'): - key = KeyfileKey.detect(self.MockRepository(), self.keyfile2_cdata) - assert key.decrypt(self.keyfile2_id, self.keyfile2_cdata).data == b'payload' + monkeypatch.setenv('BORG_KEY_FILE', str(keyfile)) + monkeypatch.setenv('BORG_PASSPHRASE', 'passphrase') + key = KeyfileKey.detect(self.MockRepository(), self.keyfile2_cdata) + assert key.decrypt(self.keyfile2_id, self.keyfile2_cdata).data == b'payload' def test_passphrase(self, keys_dir, monkeypatch): monkeypatch.setenv('BORG_PASSPHRASE', 'test') From ad5ae32cc404b3f4a2915ceb094db9827b754652 Mon Sep 17 00:00:00 2001 From: Marian Beermann Date: Fri, 13 May 2016 22:06:38 +0200 Subject: [PATCH 6/6] testsuite/key: Use pytest built-in fixture --- borg/testsuite/key.py | 23 +++++++++-------------- 1 file changed, 9 insertions(+), 14 deletions(-) diff --git a/borg/testsuite/key.py b/borg/testsuite/key.py index 360b88a0c..8a1642a1d 100644 --- a/borg/testsuite/key.py +++ b/borg/testsuite/key.py @@ -38,15 +38,10 @@ class TestKey: """)) keyfile2_id = unhexlify('c3fbf14bc001ebcc3cd86e696c13482ed071740927cd7cbe1b01b4bfcee49314') - @pytest.fixture(autouse=True) - def keys_dir(self, request, monkeypatch): - tmp_keys_dir = tempfile.mkdtemp() - - def finalize(): - shutil.rmtree(tmp_keys_dir) - - request.addfinalizer(finalize) - monkeypatch.setenv('BORG_KEYS_DIR', tmp_keys_dir) + @pytest.fixture + def keys_dir(self, request, monkeypatch, tmpdir): + monkeypatch.setenv('BORG_KEYS_DIR', tmpdir) + return tmpdir class MockRepository: class _Location: @@ -62,7 +57,7 @@ class TestKey: assert hexlify(key.id_hash(chunk.data)) == b'2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae' assert chunk == key.decrypt(key.id_hash(chunk.data), key.encrypt(chunk)) - def test_keyfile(self, monkeypatch): + def test_keyfile(self, monkeypatch, keys_dir): monkeypatch.setenv('BORG_PASSPHRASE', 'test') key = KeyfileKey.create(self.MockRepository(), self.MockArgs()) assert bytes_to_long(key.enc_cipher.iv, 8) == 0 @@ -97,8 +92,8 @@ class TestKey: with pytest.raises(FileNotFoundError): KeyfileKey.detect(self.MockRepository(), chunk_cdata) - def test_keyfile2(self, monkeypatch): - with open(os.path.join(os.environ['BORG_KEYS_DIR'], 'keyfile'), 'w') as fd: + def test_keyfile2(self, monkeypatch, keys_dir): + with keys_dir.join('keyfile').open('w') as fd: fd.write(self.keyfile2_key_file) monkeypatch.setenv('BORG_PASSPHRASE', 'passphrase') key = KeyfileKey.detect(self.MockRepository(), self.keyfile2_cdata) @@ -144,8 +139,8 @@ class TestKey: with pytest.raises(IntegrityError): key.decrypt("", data) - def test_decrypt_integrity(self, monkeypatch): - with open(os.path.join(os.environ['BORG_KEYS_DIR'], 'keyfile'), 'w') as fd: + def test_decrypt_integrity(self, monkeypatch, keys_dir): + with keys_dir.join('keyfile').open('w') as fd: fd.write(self.keyfile2_key_file) monkeypatch.setenv('BORG_PASSPHRASE', 'passphrase') key = KeyfileKey.detect(self.MockRepository(), self.keyfile2_cdata)