1
0

test_gpg.py 6.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167
  1. # -*- coding: utf-8 -*-
  2. # Import Python Libs
  3. from __future__ import absolute_import, print_function, unicode_literals
  4. from textwrap import dedent
  5. # Import Salt Testing libs
  6. from tests.support.mixins import LoaderModuleMockMixin
  7. from tests.support.unit import TestCase
  8. from tests.support.mock import (
  9. MagicMock,
  10. patch
  11. )
  12. # Import Salt libs
  13. import salt.renderers.gpg as gpg
  14. from salt.exceptions import SaltRenderError
  15. class GPGTestCase(TestCase, LoaderModuleMockMixin):
  16. '''
  17. unit test GPG renderer
  18. '''
  19. def setup_loader_modules(self):
  20. return {gpg: {}}
  21. def test__get_gpg_exec(self):
  22. '''
  23. test _get_gpg_exec
  24. '''
  25. gpg_exec = '/bin/gpg'
  26. with patch('salt.utils.path.which', MagicMock(return_value=gpg_exec)):
  27. self.assertEqual(gpg._get_gpg_exec(), gpg_exec)
  28. with patch('salt.utils.path.which', MagicMock(return_value=False)):
  29. self.assertRaises(SaltRenderError, gpg._get_gpg_exec)
  30. def test__decrypt_ciphertext(self):
  31. '''
  32. test _decrypt_ciphertext
  33. '''
  34. key_dir = '/etc/salt/gpgkeys'
  35. secret = 'Use more salt.'
  36. crypted = '-----BEGIN PGP MESSAGE-----!@#$%^&*()_+-----END PGP MESSAGE-----'
  37. multisecret = 'password is {0} and salt is {0}'.format(secret)
  38. multicrypted = 'password is {0} and salt is {0}'.format(crypted)
  39. class GPGDecrypt(object):
  40. def communicate(self, *args, **kwargs):
  41. return [secret, None]
  42. class GPGNotDecrypt(object):
  43. def communicate(self, *args, **kwargs):
  44. return [None, 'decrypt error']
  45. with patch('salt.renderers.gpg._get_key_dir', MagicMock(return_value=key_dir)), \
  46. patch('salt.utils.path.which', MagicMock()):
  47. with patch('salt.renderers.gpg.Popen', MagicMock(return_value=GPGDecrypt())):
  48. self.assertEqual(gpg._decrypt_ciphertexts(crypted), secret)
  49. self.assertEqual(
  50. gpg._decrypt_ciphertexts(multicrypted), multisecret)
  51. with patch('salt.renderers.gpg.Popen', MagicMock(return_value=GPGNotDecrypt())):
  52. self.assertEqual(gpg._decrypt_ciphertexts(crypted), crypted)
  53. self.assertEqual(
  54. gpg._decrypt_ciphertexts(multicrypted), multicrypted)
  55. def test__decrypt_object(self):
  56. '''
  57. test _decrypt_object
  58. '''
  59. secret = 'Use more salt.'
  60. crypted = '-----BEGIN PGP MESSAGE-----!@#$%^&*()_+-----END PGP MESSAGE-----'
  61. secret_map = {'secret': secret}
  62. crypted_map = {'secret': crypted}
  63. secret_list = [secret]
  64. crypted_list = [crypted]
  65. with patch('salt.renderers.gpg._decrypt_ciphertext', MagicMock(return_value=secret)):
  66. self.assertEqual(gpg._decrypt_object(secret), secret)
  67. self.assertEqual(gpg._decrypt_object(crypted), secret)
  68. self.assertEqual(gpg._decrypt_object(crypted_map), secret_map)
  69. self.assertEqual(gpg._decrypt_object(crypted_list), secret_list)
  70. self.assertEqual(gpg._decrypt_object(None), None)
  71. def test_render(self):
  72. '''
  73. test render
  74. '''
  75. key_dir = '/etc/salt/gpgkeys'
  76. secret = 'Use more salt.'
  77. crypted = '-----BEGIN PGP MESSAGE-----!@#$%^&*()_+'
  78. with patch('salt.renderers.gpg._get_gpg_exec', MagicMock(return_value=True)):
  79. with patch('salt.renderers.gpg._get_key_dir', MagicMock(return_value=key_dir)):
  80. with patch('salt.renderers.gpg._decrypt_object', MagicMock(return_value=secret)):
  81. self.assertEqual(gpg.render(crypted), secret)
  82. def test_multi_render(self):
  83. key_dir = '/etc/salt/gpgkeys'
  84. secret = 'Use more salt.'
  85. expected = '\n'.join([secret]*3)
  86. crypted = dedent('''\
  87. -----BEGIN PGP MESSAGE-----
  88. !@#$%^&*()_+
  89. -----END PGP MESSAGE-----
  90. -----BEGIN PGP MESSAGE-----
  91. !@#$%^&*()_+
  92. -----END PGP MESSAGE-----
  93. -----BEGIN PGP MESSAGE-----
  94. !@#$%^&*()_+
  95. -----END PGP MESSAGE-----
  96. ''')
  97. with patch('salt.renderers.gpg._get_gpg_exec', MagicMock(return_value=True)):
  98. with patch('salt.renderers.gpg._get_key_dir', MagicMock(return_value=key_dir)):
  99. with patch('salt.renderers.gpg._decrypt_ciphertext', MagicMock(return_value=secret)):
  100. self.assertEqual(gpg.render(crypted), expected)
  101. def test_render_with_binary_data_should_return_binary_data(self):
  102. key_dir = '/etc/salt/gpgkeys'
  103. secret = b'Use\x8b more\x8b salt.'
  104. expected = b'\n'.join([secret]*3)
  105. crypted = dedent('''\
  106. -----BEGIN PGP MESSAGE-----
  107. !@#$%^&*()_+
  108. -----END PGP MESSAGE-----
  109. -----BEGIN PGP MESSAGE-----
  110. !@#$%^&*()_+
  111. -----END PGP MESSAGE-----
  112. -----BEGIN PGP MESSAGE-----
  113. !@#$%^&*()_+
  114. -----END PGP MESSAGE-----
  115. ''')
  116. with patch('salt.renderers.gpg._get_gpg_exec', MagicMock(return_value=True)):
  117. with patch('salt.renderers.gpg._get_key_dir', MagicMock(return_value=key_dir)):
  118. with patch('salt.renderers.gpg._decrypt_ciphertext', MagicMock(return_value=secret)):
  119. self.assertEqual(gpg.render(crypted, encoding='utf-8'), expected)
  120. def test_render_with_translate_newlines_should_translate_newlines(self):
  121. key_dir = '/etc/salt/gpgkeys'
  122. secret = b'Use\x8b more\x8b salt.'
  123. expected = b'\n\n'.join([secret]*3)
  124. crypted = dedent('''\
  125. -----BEGIN PGP MESSAGE-----
  126. !@#$%^&*()_+
  127. -----END PGP MESSAGE-----\\n
  128. -----BEGIN PGP MESSAGE-----
  129. !@#$%^&*()_+
  130. -----END PGP MESSAGE-----\\n
  131. -----BEGIN PGP MESSAGE-----
  132. !@#$%^&*()_+
  133. -----END PGP MESSAGE-----
  134. ''')
  135. with patch('salt.renderers.gpg._get_gpg_exec', MagicMock(return_value=True)):
  136. with patch('salt.renderers.gpg._get_key_dir', MagicMock(return_value=key_dir)):
  137. with patch('salt.renderers.gpg._decrypt_ciphertext', MagicMock(return_value=secret)):
  138. self.assertEqual(
  139. gpg.render(crypted, translate_newlines=True, encoding='utf-8'),
  140. expected,
  141. )