1
0

test_gpg.py 6.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195
  1. # -*- coding: utf-8 -*-
  2. # Import Python Libs
  3. from __future__ import absolute_import, print_function, unicode_literals
  4. from textwrap import dedent
  5. # Import Salt libs
  6. import salt.renderers.gpg as gpg
  7. from salt.exceptions import SaltRenderError
  8. # Import Salt Testing libs
  9. from tests.support.mixins import LoaderModuleMockMixin
  10. from tests.support.mock import MagicMock, patch
  11. from tests.support.unit import TestCase
  12. class GPGTestCase(TestCase, LoaderModuleMockMixin):
  13. """
  14. unit test GPG renderer
  15. """
  16. def setup_loader_modules(self):
  17. return {gpg: {}}
  18. def test__get_gpg_exec(self):
  19. """
  20. test _get_gpg_exec
  21. """
  22. gpg_exec = "/bin/gpg"
  23. with patch("salt.utils.path.which", MagicMock(return_value=gpg_exec)):
  24. self.assertEqual(gpg._get_gpg_exec(), gpg_exec)
  25. with patch("salt.utils.path.which", MagicMock(return_value=False)):
  26. self.assertRaises(SaltRenderError, gpg._get_gpg_exec)
  27. def test__decrypt_ciphertext(self):
  28. """
  29. test _decrypt_ciphertext
  30. """
  31. key_dir = "/etc/salt/gpgkeys"
  32. secret = "Use more salt."
  33. crypted = "-----BEGIN PGP MESSAGE-----!@#$%^&*()_+-----END PGP MESSAGE-----"
  34. multisecret = "password is {0} and salt is {0}".format(secret)
  35. multicrypted = "password is {0} and salt is {0}".format(crypted)
  36. class GPGDecrypt(object):
  37. def communicate(self, *args, **kwargs):
  38. return [secret, None]
  39. class GPGNotDecrypt(object):
  40. def communicate(self, *args, **kwargs):
  41. return [None, "decrypt error"]
  42. with patch(
  43. "salt.renderers.gpg._get_key_dir", MagicMock(return_value=key_dir)
  44. ), patch("salt.utils.path.which", MagicMock()):
  45. with patch(
  46. "salt.renderers.gpg.Popen", MagicMock(return_value=GPGDecrypt())
  47. ):
  48. self.assertEqual(gpg._decrypt_ciphertexts(crypted), secret)
  49. self.assertEqual(gpg._decrypt_ciphertexts(multicrypted), multisecret)
  50. with patch(
  51. "salt.renderers.gpg.Popen", MagicMock(return_value=GPGNotDecrypt())
  52. ):
  53. self.assertEqual(gpg._decrypt_ciphertexts(crypted), crypted)
  54. self.assertEqual(gpg._decrypt_ciphertexts(multicrypted), multicrypted)
  55. def test__decrypt_object(self):
  56. """
  57. test _decrypt_object
  58. """
  59. secret = "Use more salt."
  60. crypted = "-----BEGIN PGP MESSAGE-----!@#$%^&*()_+-----END PGP MESSAGE-----"
  61. secret_map = {"secret": secret}
  62. crypted_map = {"secret": crypted}
  63. secret_list = [secret]
  64. crypted_list = [crypted]
  65. with patch(
  66. "salt.renderers.gpg._decrypt_ciphertext", MagicMock(return_value=secret)
  67. ):
  68. self.assertEqual(gpg._decrypt_object(secret), secret)
  69. self.assertEqual(gpg._decrypt_object(crypted), secret)
  70. self.assertEqual(gpg._decrypt_object(crypted_map), secret_map)
  71. self.assertEqual(gpg._decrypt_object(crypted_list), secret_list)
  72. self.assertEqual(gpg._decrypt_object(None), None)
  73. def test_render(self):
  74. """
  75. test render
  76. """
  77. key_dir = "/etc/salt/gpgkeys"
  78. secret = "Use more salt."
  79. crypted = "-----BEGIN PGP MESSAGE-----!@#$%^&*()_+"
  80. with patch("salt.renderers.gpg._get_gpg_exec", MagicMock(return_value=True)):
  81. with patch(
  82. "salt.renderers.gpg._get_key_dir", MagicMock(return_value=key_dir)
  83. ):
  84. with patch(
  85. "salt.renderers.gpg._decrypt_object", MagicMock(return_value=secret)
  86. ):
  87. self.assertEqual(gpg.render(crypted), secret)
  88. def test_multi_render(self):
  89. key_dir = "/etc/salt/gpgkeys"
  90. secret = "Use more salt."
  91. expected = "\n".join([secret] * 3)
  92. crypted = dedent(
  93. """\
  94. -----BEGIN PGP MESSAGE-----
  95. !@#$%^&*()_+
  96. -----END PGP MESSAGE-----
  97. -----BEGIN PGP MESSAGE-----
  98. !@#$%^&*()_+
  99. -----END PGP MESSAGE-----
  100. -----BEGIN PGP MESSAGE-----
  101. !@#$%^&*()_+
  102. -----END PGP MESSAGE-----
  103. """
  104. )
  105. with patch("salt.renderers.gpg._get_gpg_exec", MagicMock(return_value=True)):
  106. with patch(
  107. "salt.renderers.gpg._get_key_dir", MagicMock(return_value=key_dir)
  108. ):
  109. with patch(
  110. "salt.renderers.gpg._decrypt_ciphertext",
  111. MagicMock(return_value=secret),
  112. ):
  113. self.assertEqual(gpg.render(crypted), expected)
  114. def test_render_with_binary_data_should_return_binary_data(self):
  115. key_dir = "/etc/salt/gpgkeys"
  116. secret = b"Use\x8b more\x8b salt."
  117. expected = b"\n".join([secret] * 3)
  118. crypted = dedent(
  119. """\
  120. -----BEGIN PGP MESSAGE-----
  121. !@#$%^&*()_+
  122. -----END PGP MESSAGE-----
  123. -----BEGIN PGP MESSAGE-----
  124. !@#$%^&*()_+
  125. -----END PGP MESSAGE-----
  126. -----BEGIN PGP MESSAGE-----
  127. !@#$%^&*()_+
  128. -----END PGP MESSAGE-----
  129. """
  130. )
  131. with patch("salt.renderers.gpg._get_gpg_exec", MagicMock(return_value=True)):
  132. with patch(
  133. "salt.renderers.gpg._get_key_dir", MagicMock(return_value=key_dir)
  134. ):
  135. with patch(
  136. "salt.renderers.gpg._decrypt_ciphertext",
  137. MagicMock(return_value=secret),
  138. ):
  139. self.assertEqual(gpg.render(crypted, encoding="utf-8"), expected)
  140. def test_render_with_translate_newlines_should_translate_newlines(self):
  141. key_dir = "/etc/salt/gpgkeys"
  142. secret = b"Use\x8b more\x8b salt."
  143. expected = b"\n\n".join([secret] * 3)
  144. crypted = dedent(
  145. """\
  146. -----BEGIN PGP MESSAGE-----
  147. !@#$%^&*()_+
  148. -----END PGP MESSAGE-----\\n
  149. -----BEGIN PGP MESSAGE-----
  150. !@#$%^&*()_+
  151. -----END PGP MESSAGE-----\\n
  152. -----BEGIN PGP MESSAGE-----
  153. !@#$%^&*()_+
  154. -----END PGP MESSAGE-----
  155. """
  156. )
  157. with patch("salt.renderers.gpg._get_gpg_exec", MagicMock(return_value=True)):
  158. with patch(
  159. "salt.renderers.gpg._get_key_dir", MagicMock(return_value=key_dir)
  160. ):
  161. with patch(
  162. "salt.renderers.gpg._decrypt_ciphertext",
  163. MagicMock(return_value=secret),
  164. ):
  165. self.assertEqual(
  166. gpg.render(crypted, translate_newlines=True, encoding="utf-8"),
  167. expected,
  168. )