127 lines
4.3 KiB
Python
127 lines
4.3 KiB
Python
|
import baseclass
|
||
|
import unittest
|
||
|
import storage.devicelibs.crypto as crypto
|
||
|
|
||
|
import tempfile
|
||
|
import os
|
||
|
|
||
|
class CryptoTestCase(baseclass.DevicelibsTestCase):
|
||
|
|
||
|
def testCrypto(self):
|
||
|
##
|
||
|
## is_luks
|
||
|
##
|
||
|
# pass
|
||
|
self.assertEqual(crypto.is_luks(self._LOOP_DEV0), -22)
|
||
|
self.assertEqual(crypto.is_luks("/not/existing/device"), -22)
|
||
|
|
||
|
##
|
||
|
## luks_format
|
||
|
##
|
||
|
# pass
|
||
|
self.assertEqual(crypto.luks_format(self._LOOP_DEV0, passphrase="secret", cipher="aes-cbc-essiv:sha256", key_size=256), None)
|
||
|
|
||
|
# make a key file
|
||
|
handle, keyfile = tempfile.mkstemp(prefix="key", text=False)
|
||
|
os.write(handle, "nobodyknows")
|
||
|
os.close(handle)
|
||
|
|
||
|
# format with key file
|
||
|
self.assertEqual(crypto.luks_format(self._LOOP_DEV1, key_file=keyfile), None)
|
||
|
|
||
|
# fail
|
||
|
self.assertRaises(crypto.CryptoError, crypto.luks_format, "/not/existing/device", passphrase="secret", cipher="aes-cbc-essiv:sha256", key_size=256)
|
||
|
# no passhprase or key file
|
||
|
self.assertRaises(ValueError, crypto.luks_format, self._LOOP_DEV1, cipher="aes-cbc-essiv:sha256", key_size=256)
|
||
|
|
||
|
##
|
||
|
## is_luks
|
||
|
##
|
||
|
# pass
|
||
|
self.assertEqual(crypto.is_luks(self._LOOP_DEV0), 0) # 0 = is luks
|
||
|
self.assertEqual(crypto.is_luks(self._LOOP_DEV1), 0)
|
||
|
|
||
|
##
|
||
|
## luks_add_key
|
||
|
##
|
||
|
# pass
|
||
|
self.assertEqual(crypto.luks_add_key(self._LOOP_DEV0, new_passphrase="another-secret", passphrase="secret"), None)
|
||
|
|
||
|
# make another key file
|
||
|
handle, new_keyfile = tempfile.mkstemp(prefix="key", text=False)
|
||
|
os.write(handle, "area51")
|
||
|
os.close(handle)
|
||
|
|
||
|
# add new key file
|
||
|
self.assertEqual(crypto.luks_add_key(self._LOOP_DEV1, new_key_file=new_keyfile, key_file=keyfile), None)
|
||
|
|
||
|
# fail
|
||
|
self.assertRaises(RuntimeError, crypto.luks_add_key, self._LOOP_DEV0, new_passphrase="another-secret", passphrase="wrong-passphrase")
|
||
|
|
||
|
##
|
||
|
## luks_remove_key
|
||
|
##
|
||
|
# fail
|
||
|
self.assertRaises(RuntimeError, crypto.luks_remove_key, self._LOOP_DEV0, del_passphrase="another-secret", passphrase="wrong-pasphrase")
|
||
|
|
||
|
# pass
|
||
|
self.assertEqual(crypto.luks_remove_key(self._LOOP_DEV0, del_passphrase="another-secret", passphrase="secret"), None)
|
||
|
|
||
|
# remove key file
|
||
|
self.assertEqual(crypto.luks_remove_key(self._LOOP_DEV1, del_key_file=new_keyfile, key_file=keyfile), None)
|
||
|
|
||
|
##
|
||
|
## luks_open
|
||
|
##
|
||
|
# pass
|
||
|
self.assertEqual(crypto.luks_open(self._LOOP_DEV0, "crypted", passphrase="secret"), None)
|
||
|
self.assertEqual(crypto.luks_open(self._LOOP_DEV1, "encrypted", key_file=keyfile), None)
|
||
|
|
||
|
# fail
|
||
|
self.assertRaises(crypto.CryptoError, crypto.luks_open, "/not/existing/device", "another-crypted", passphrase="secret")
|
||
|
self.assertRaises(crypto.CryptoError, crypto.luks_open, "/not/existing/device", "another-crypted", key_file=keyfile)
|
||
|
# no passhprase or key file
|
||
|
self.assertRaises(ValueError, crypto.luks_open, self._LOOP_DEV1, "another-crypted")
|
||
|
|
||
|
##
|
||
|
## luks_status
|
||
|
##
|
||
|
# pass
|
||
|
self.assertEqual(crypto.luks_status("crypted"), True)
|
||
|
self.assertEqual(crypto.luks_status("encrypted"), True)
|
||
|
self.assertEqual(crypto.luks_status("another-crypted"), False)
|
||
|
|
||
|
##
|
||
|
## luks_uuid
|
||
|
##
|
||
|
# pass
|
||
|
uuid = crypto.luks_uuid(self._LOOP_DEV0)
|
||
|
self.assertEqual(crypto.luks_uuid(self._LOOP_DEV0), uuid)
|
||
|
uuid = crypto.luks_uuid(self._LOOP_DEV1)
|
||
|
self.assertEqual(crypto.luks_uuid(self._LOOP_DEV1), uuid)
|
||
|
|
||
|
##
|
||
|
## luks_close
|
||
|
##
|
||
|
# pass
|
||
|
self.assertEqual(crypto.luks_close("crypted"), None)
|
||
|
self.assertEqual(crypto.luks_close("encrypted"), None)
|
||
|
|
||
|
# fail
|
||
|
self.assertRaises(crypto.CryptoError, crypto.luks_close, "wrong-name")
|
||
|
# already closed
|
||
|
self.assertRaises(crypto.CryptoError, crypto.luks_close, "crypted")
|
||
|
self.assertRaises(crypto.CryptoError, crypto.luks_close, "encrypted")
|
||
|
|
||
|
# cleanup
|
||
|
os.unlink(keyfile)
|
||
|
os.unlink(new_keyfile)
|
||
|
|
||
|
|
||
|
def suite():
|
||
|
return unittest.TestLoader().loadTestsFromTestCase(CryptoTestCase)
|
||
|
|
||
|
|
||
|
if __name__ == "__main__":
|
||
|
unittest.main()
|