yadm/test/test_unit_encryption.py

"""Unit tests: encryption functions"""

import pytest


@pytest.mark.parametrize("condition", ["default", "override"])
def test_get_cipher(runner, paths, condition):
    """Test _get_cipher()"""

    if condition == "override":
        paths.config.write("[yadm]\n\tcipher = override-cipher")

    script = f"""
        YADM_TEST=1 source {paths.pgm}
        YADM_DIR="{paths.yadm}"
        set_yadm_dirs
        configure_paths
        _get_cipher test-archive
        echo "output_archive:$output_archive"
        echo "yadm_cipher:$yadm_cipher"
    """
    run = runner(command=["bash"], inp=script)
    assert run.success
    assert run.err == ""
    assert "output_archive:test-archive" in run.out
    if condition == "override":
        assert "yadm_cipher:override-cipher" in run.out
    else:
        assert "yadm_cipher:gpg" in run.out


@pytest.mark.parametrize("cipher", ["gpg", "openssl", "bad"])
@pytest.mark.parametrize("mode", ["_encrypt_to", "_decrypt_from"])
def test_encrypt_decrypt(runner, paths, cipher, mode):
    """Test _encrypt_to() & _decrypt_from"""

    script = f"""
        YADM_TEST=1 source {paths.pgm}
        YADM_DIR="{paths.yadm}"
        set_yadm_dirs
        configure_paths
        function mock_openssl() {{ echo openssl $*; }}
        function mock_gpg() {{ echo gpg $*; }}
        function _get_cipher() {{
            output_archive="$1"
            yadm_cipher="{cipher}"
        }}
        OPENSSL_PROGRAM=mock_openssl
        GPG_PROGRAM=mock_gpg
        {mode} {paths.archive}
    """
    run = runner(command=["bash"], inp=script)

    if cipher != "bad":
        assert run.success
        assert run.out.startswith(cipher)
        assert str(paths.archive) in run.out
        assert run.err == ""
    else:
        assert run.failure
        assert "Unknown cipher" in run.err


@pytest.mark.parametrize("condition", ["default", "override"])
def test_get_openssl_ciphername(runner, paths, condition):
    """Test _get_openssl_ciphername()"""

    if condition == "override":
        paths.config.write("[yadm]\n\topenssl-ciphername = override-cipher")

    script = f"""
        YADM_TEST=1 source {paths.pgm}
        YADM_DIR="{paths.yadm}"
        set_yadm_dirs
        configure_paths
        result=$(_get_openssl_ciphername)
        echo "result:$result"
    """
    run = runner(command=["bash"], inp=script)
    assert run.success
    assert run.err == ""
    if condition == "override":
        assert run.out.strip() == "result:override-cipher"
    else:
        assert run.out.strip() == "result:aes-256-cbc"


@pytest.mark.parametrize("condition", ["old", "not-old"])
def test_set_openssl_options(runner, paths, condition):
    """Test _set_openssl_options()"""

    if condition == "old":
        paths.config.write("[yadm]\n\topenssl-old = true")

    script = f"""
        YADM_TEST=1 source {paths.pgm}
        YADM_DIR="{paths.yadm}"
        set_yadm_dirs
        configure_paths
        function _get_openssl_ciphername() {{ echo "testcipher"; }}
        _set_openssl_options
        echo "result:${{OPENSSL_OPTS[@]}}"
    """
    run = runner(command=["bash"], inp=script)
    assert run.success
    assert run.err == ""
    if condition == "old":
        assert "-testcipher -salt -md md5" in run.out
    else:
        assert "-testcipher -salt -pbkdf2 -iter 100000 -md sha512" in run.out


@pytest.mark.parametrize("recipient", ["ASK", "present", ""])
def test_set_gpg_options(runner, paths, recipient):
    """Test _set_gpg_options()"""

    paths.config.write(f"[yadm]\n\tgpg-recipient = {recipient}")

    script = f"""
        YADM_TEST=1 source {paths.pgm}
        YADM_DIR="{paths.yadm}"
        set_yadm_dirs
        configure_paths
        _set_gpg_options
        echo "result:${{GPG_OPTS[@]}}"
    """
    run = runner(command=["bash"], inp=script)
    assert run.success
    assert run.err == ""
    if recipient == "ASK":
        assert run.out.strip() == "result:--no-default-recipient -e"
    elif recipient != "":
        assert run.out.strip() == f"result:-e -r {recipient}"
    else:
        assert run.out.strip() == "result:-c"
Add encryption unit tests 2020-10-05 23:34:17 -04:00			`"""Unit tests: encryption functions"""`

			`import pytest`


Changes for black compliance 2023-07-10 15:43:17 -04:00			`@pytest.mark.parametrize("condition", ["default", "override"])`
Add encryption unit tests 2020-10-05 23:34:17 -04:00			`def test_get_cipher(runner, paths, condition):`
			`"""Test _get_cipher()"""`

Changes for black compliance 2023-07-10 15:43:17 -04:00			`if condition == "override":`
			`paths.config.write("[yadm]\n\tcipher = override-cipher")`
Add encryption unit tests 2020-10-05 23:34:17 -04:00
			`script = f"""`
			`YADM_TEST=1 source {paths.pgm}`
			`YADM_DIR="{paths.yadm}"`
Support XDG_DATA_HOME (#208) * Create a YADM_DATA base (that is the source for repo & archive) * Add --yadm-data to override * Default YADM_DATA will be determined by XDG_DATA_HOME 2020-11-15 15:23:49 -05:00			`set_yadm_dirs`
Add encryption unit tests 2020-10-05 23:34:17 -04:00			`configure_paths`
			`_get_cipher test-archive`
			`echo "output_archive:$output_archive"`
			`echo "yadm_cipher:$yadm_cipher"`
			`"""`
Changes for black compliance 2023-07-10 15:43:17 -04:00			`run = runner(command=["bash"], inp=script)`
Add encryption unit tests 2020-10-05 23:34:17 -04:00			`assert run.success`
Changes for black compliance 2023-07-10 15:43:17 -04:00			`assert run.err == ""`
			`assert "output_archive:test-archive" in run.out`
			`if condition == "override":`
			`assert "yadm_cipher:override-cipher" in run.out`
Add encryption unit tests 2020-10-05 23:34:17 -04:00			`else:`
Changes for black compliance 2023-07-10 15:43:17 -04:00			`assert "yadm_cipher:gpg" in run.out`
Add encryption unit tests 2020-10-05 23:34:17 -04:00

Changes for black compliance 2023-07-10 15:43:17 -04:00			`@pytest.mark.parametrize("cipher", ["gpg", "openssl", "bad"])`
			`@pytest.mark.parametrize("mode", ["_encrypt_to", "_decrypt_from"])`
Add encryption unit tests 2020-10-05 23:34:17 -04:00			`def test_encrypt_decrypt(runner, paths, cipher, mode):`
			`"""Test _encrypt_to() & _decrypt_from"""`

			`script = f"""`
			`YADM_TEST=1 source {paths.pgm}`
			`YADM_DIR="{paths.yadm}"`
Support XDG_DATA_HOME (#208) * Create a YADM_DATA base (that is the source for repo & archive) * Add --yadm-data to override * Default YADM_DATA will be determined by XDG_DATA_HOME 2020-11-15 15:23:49 -05:00			`set_yadm_dirs`
Add encryption unit tests 2020-10-05 23:34:17 -04:00			`configure_paths`
			`function mock_openssl() {{ echo openssl $*; }}`
			`function mock_gpg() {{ echo gpg $*; }}`
			`function _get_cipher() {{`
			`output_archive="$1"`
			`yadm_cipher="{cipher}"`
			`}}`
			`OPENSSL_PROGRAM=mock_openssl`
			`GPG_PROGRAM=mock_gpg`
			`{mode} {paths.archive}`
			`"""`
Changes for black compliance 2023-07-10 15:43:17 -04:00			`run = runner(command=["bash"], inp=script)`
Add encryption unit tests 2020-10-05 23:34:17 -04:00
Changes for black compliance 2023-07-10 15:43:17 -04:00			`if cipher != "bad":`
Add encryption unit tests 2020-10-05 23:34:17 -04:00			`assert run.success`
			`assert run.out.startswith(cipher)`
			`assert str(paths.archive) in run.out`
Changes for black compliance 2023-07-10 15:43:17 -04:00			`assert run.err == ""`
Add encryption unit tests 2020-10-05 23:34:17 -04:00			`else:`
			`assert run.failure`
Changes for black compliance 2023-07-10 15:43:17 -04:00			`assert "Unknown cipher" in run.err`
Add encryption unit tests 2020-10-05 23:34:17 -04:00

Changes for black compliance 2023-07-10 15:43:17 -04:00			`@pytest.mark.parametrize("condition", ["default", "override"])`
Add encryption unit tests 2020-10-05 23:34:17 -04:00			`def test_get_openssl_ciphername(runner, paths, condition):`
			`"""Test _get_openssl_ciphername()"""`

Changes for black compliance 2023-07-10 15:43:17 -04:00			`if condition == "override":`
			`paths.config.write("[yadm]\n\topenssl-ciphername = override-cipher")`
Add encryption unit tests 2020-10-05 23:34:17 -04:00
			`script = f"""`
			`YADM_TEST=1 source {paths.pgm}`
			`YADM_DIR="{paths.yadm}"`
Support XDG_DATA_HOME (#208) * Create a YADM_DATA base (that is the source for repo & archive) * Add --yadm-data to override * Default YADM_DATA will be determined by XDG_DATA_HOME 2020-11-15 15:23:49 -05:00			`set_yadm_dirs`
Add encryption unit tests 2020-10-05 23:34:17 -04:00			`configure_paths`
			`result=$(_get_openssl_ciphername)`
			`echo "result:$result"`
			`"""`
Changes for black compliance 2023-07-10 15:43:17 -04:00			`run = runner(command=["bash"], inp=script)`
Add encryption unit tests 2020-10-05 23:34:17 -04:00			`assert run.success`
Changes for black compliance 2023-07-10 15:43:17 -04:00			`assert run.err == ""`
			`if condition == "override":`
			`assert run.out.strip() == "result:override-cipher"`
Add encryption unit tests 2020-10-05 23:34:17 -04:00			`else:`
Changes for black compliance 2023-07-10 15:43:17 -04:00			`assert run.out.strip() == "result:aes-256-cbc"`
Add encryption unit tests 2020-10-05 23:34:17 -04:00

Changes for black compliance 2023-07-10 15:43:17 -04:00			`@pytest.mark.parametrize("condition", ["old", "not-old"])`
Add encryption unit tests 2020-10-05 23:34:17 -04:00			`def test_set_openssl_options(runner, paths, condition):`
			`"""Test _set_openssl_options()"""`

Changes for black compliance 2023-07-10 15:43:17 -04:00			`if condition == "old":`
			`paths.config.write("[yadm]\n\topenssl-old = true")`
Add encryption unit tests 2020-10-05 23:34:17 -04:00
			`script = f"""`
			`YADM_TEST=1 source {paths.pgm}`
			`YADM_DIR="{paths.yadm}"`
Support XDG_DATA_HOME (#208) * Create a YADM_DATA base (that is the source for repo & archive) * Add --yadm-data to override * Default YADM_DATA will be determined by XDG_DATA_HOME 2020-11-15 15:23:49 -05:00			`set_yadm_dirs`
Add encryption unit tests 2020-10-05 23:34:17 -04:00			`configure_paths`
			`function _get_openssl_ciphername() {{ echo "testcipher"; }}`
			`_set_openssl_options`
			`echo "result:${{OPENSSL_OPTS[@]}}"`
			`"""`
Changes for black compliance 2023-07-10 15:43:17 -04:00			`run = runner(command=["bash"], inp=script)`
Add encryption unit tests 2020-10-05 23:34:17 -04:00			`assert run.success`
Changes for black compliance 2023-07-10 15:43:17 -04:00			`assert run.err == ""`
			`if condition == "old":`
			`assert "-testcipher -salt -md md5" in run.out`
Add encryption unit tests 2020-10-05 23:34:17 -04:00			`else:`
Changes for black compliance 2023-07-10 15:43:17 -04:00			`assert "-testcipher -salt -pbkdf2 -iter 100000 -md sha512" in run.out`
Add encryption unit tests 2020-10-05 23:34:17 -04:00

Changes for black compliance 2023-07-10 15:43:17 -04:00			`@pytest.mark.parametrize("recipient", ["ASK", "present", ""])`
Add encryption unit tests 2020-10-05 23:34:17 -04:00			`def test_set_gpg_options(runner, paths, recipient):`
			`"""Test _set_gpg_options()"""`

Changes for black compliance 2023-07-10 15:43:17 -04:00			`paths.config.write(f"[yadm]\n\tgpg-recipient = {recipient}")`
Add encryption unit tests 2020-10-05 23:34:17 -04:00
			`script = f"""`
			`YADM_TEST=1 source {paths.pgm}`
			`YADM_DIR="{paths.yadm}"`
Support XDG_DATA_HOME (#208) * Create a YADM_DATA base (that is the source for repo & archive) * Add --yadm-data to override * Default YADM_DATA will be determined by XDG_DATA_HOME 2020-11-15 15:23:49 -05:00			`set_yadm_dirs`
Add encryption unit tests 2020-10-05 23:34:17 -04:00			`configure_paths`
			`_set_gpg_options`
			`echo "result:${{GPG_OPTS[@]}}"`
			`"""`
Changes for black compliance 2023-07-10 15:43:17 -04:00			`run = runner(command=["bash"], inp=script)`
Add encryption unit tests 2020-10-05 23:34:17 -04:00			`assert run.success`
Changes for black compliance 2023-07-10 15:43:17 -04:00			`assert run.err == ""`
			`if recipient == "ASK":`
			`assert run.out.strip() == "result:--no-default-recipient -e"`
			`elif recipient != "":`
			`assert run.out.strip() == f"result:-e -r {recipient}"`
Add encryption unit tests 2020-10-05 23:34:17 -04:00			`else:`
Changes for black compliance 2023-07-10 15:43:17 -04:00			`assert run.out.strip() == "result:-c"`