qubes-installer-qubes-os/anaconda/tests/storage/devicelibs/crypto.py

127 lines
4.3 KiB
Python
Raw Normal View History

import baseclass
import unittest
import storage.devicelibs.crypto as crypto
import tempfile
import os
class CryptoTestCase(baseclass.DevicelibsTestCase):
def testCrypto(self):
##
## is_luks
##
# pass
self.assertEqual(crypto.is_luks(self._LOOP_DEV0), -22)
self.assertEqual(crypto.is_luks("/not/existing/device"), -22)
##
## luks_format
##
# pass
self.assertEqual(crypto.luks_format(self._LOOP_DEV0, passphrase="secret", cipher="aes-cbc-essiv:sha256", key_size=256), None)
# make a key file
handle, keyfile = tempfile.mkstemp(prefix="key", text=False)
os.write(handle, "nobodyknows")
os.close(handle)
# format with key file
self.assertEqual(crypto.luks_format(self._LOOP_DEV1, key_file=keyfile), None)
# fail
self.assertRaises(crypto.CryptoError, crypto.luks_format, "/not/existing/device", passphrase="secret", cipher="aes-cbc-essiv:sha256", key_size=256)
# no passhprase or key file
self.assertRaises(ValueError, crypto.luks_format, self._LOOP_DEV1, cipher="aes-cbc-essiv:sha256", key_size=256)
##
## is_luks
##
# pass
self.assertEqual(crypto.is_luks(self._LOOP_DEV0), 0) # 0 = is luks
self.assertEqual(crypto.is_luks(self._LOOP_DEV1), 0)
##
## luks_add_key
##
# pass
self.assertEqual(crypto.luks_add_key(self._LOOP_DEV0, new_passphrase="another-secret", passphrase="secret"), None)
# make another key file
handle, new_keyfile = tempfile.mkstemp(prefix="key", text=False)
os.write(handle, "area51")
os.close(handle)
# add new key file
self.assertEqual(crypto.luks_add_key(self._LOOP_DEV1, new_key_file=new_keyfile, key_file=keyfile), None)
# fail
self.assertRaises(RuntimeError, crypto.luks_add_key, self._LOOP_DEV0, new_passphrase="another-secret", passphrase="wrong-passphrase")
##
## luks_remove_key
##
# fail
self.assertRaises(RuntimeError, crypto.luks_remove_key, self._LOOP_DEV0, del_passphrase="another-secret", passphrase="wrong-pasphrase")
# pass
self.assertEqual(crypto.luks_remove_key(self._LOOP_DEV0, del_passphrase="another-secret", passphrase="secret"), None)
# remove key file
self.assertEqual(crypto.luks_remove_key(self._LOOP_DEV1, del_key_file=new_keyfile, key_file=keyfile), None)
##
## luks_open
##
# pass
self.assertEqual(crypto.luks_open(self._LOOP_DEV0, "crypted", passphrase="secret"), None)
self.assertEqual(crypto.luks_open(self._LOOP_DEV1, "encrypted", key_file=keyfile), None)
# fail
self.assertRaises(crypto.CryptoError, crypto.luks_open, "/not/existing/device", "another-crypted", passphrase="secret")
self.assertRaises(crypto.CryptoError, crypto.luks_open, "/not/existing/device", "another-crypted", key_file=keyfile)
# no passhprase or key file
self.assertRaises(ValueError, crypto.luks_open, self._LOOP_DEV1, "another-crypted")
##
## luks_status
##
# pass
self.assertEqual(crypto.luks_status("crypted"), True)
self.assertEqual(crypto.luks_status("encrypted"), True)
self.assertEqual(crypto.luks_status("another-crypted"), False)
##
## luks_uuid
##
# pass
uuid = crypto.luks_uuid(self._LOOP_DEV0)
self.assertEqual(crypto.luks_uuid(self._LOOP_DEV0), uuid)
uuid = crypto.luks_uuid(self._LOOP_DEV1)
self.assertEqual(crypto.luks_uuid(self._LOOP_DEV1), uuid)
##
## luks_close
##
# pass
self.assertEqual(crypto.luks_close("crypted"), None)
self.assertEqual(crypto.luks_close("encrypted"), None)
# fail
self.assertRaises(crypto.CryptoError, crypto.luks_close, "wrong-name")
# already closed
self.assertRaises(crypto.CryptoError, crypto.luks_close, "crypted")
self.assertRaises(crypto.CryptoError, crypto.luks_close, "encrypted")
# cleanup
os.unlink(keyfile)
os.unlink(new_keyfile)
def suite():
return unittest.TestLoader().loadTestsFromTestCase(CryptoTestCase)
if __name__ == "__main__":
unittest.main()