Add tests for cryptor and fix encryption.

serverauditor_sshconfig/cloud/client/cryptor.py

@@ -63,7 +63,7 @@ def hmac_salt(self, value):
     @property
     def initialization_vector(self):
         """Generate random bytes."""
-        return os.urandom(self.AES_BLOCK_SIZE)
+        return os.urandom(self.AES_BLOCK_SIZE / 8)
 
     @property
     def encryption_key(self):

serverauditor_sshconfig/core/ssh_config.py

@@ -1,4 +1,4 @@
-# coding: utf-8
+# -*- coding: utf-8 -*-
 
 import fnmatch
 import getpass
@@ -51,7 +51,7 @@ def create_config_file(path):
                 os.mkdir(ssh_dir, 0o700)
 
             with open(path, 'w') as _file:
-                _file.write("# File was created by ServerAuditor\n\n")
+                _file.write('# File was created by ServerAuditor\n\n')
 
             return
 
@@ -77,7 +77,7 @@ def get_hosts(val):
                 if val[i] == '"':
                     end = val.find('"', i + 1)
                     if end < 0:
-                        raise SSHConfigException("Unparsable host %s" % val)
+                        raise SSHConfigException('Unparsable host %s' % val)
                     hosts.append(val[i + 1:end])
                     i = end + 1
                 elif not val[i].isspace():
@@ -100,7 +100,7 @@ def get_hosts(val):
 
             match = re.match(settings_regex, line)
             if not match:
-                raise SSHConfigException("Unparsable line %s" % line)
+                raise SSHConfigException('Unparsable line %s' % line)
             key = match.group(1).lower()
             value = match.group(2)
 

serverauditor_sshconfig/sync/services/aws.py

@@ -1,3 +1,4 @@
+# -*- coding: utf-8 -*-
 from .base import BaseSyncService
 
 

setup.py

@@ -51,7 +51,7 @@
     url='https://github.com/Crystalnix/serverauditor-sshconfig',
     description='Serverauditor ssh-config utility.',
     keywords=['serverauditor', 'crystalnix'],
-    packages=find_packages(),
+    packages=find_packages(exclude=['tests']),
     install_requires=requires,
     test_suite='nose.collector',
     zip_safe=False,

tests/cloud/client/cryptor_test.py

@@ -0,0 +1,80 @@
+# -*- coding: utf-8 -*-
+from os import urandom
+from base64 import b64decode
+from nose.tools import eq_, ok_, raises
+from itertools import product
+
+from serverauditor_sshconfig.cloud.client.cryptor import RNCryptor
+
+
+def test_dual_encrypt_and_decrypt():
+    configs = [
+        config_factory(i)
+        for i in ('password', 'pass', 'psswrd', 'pa$$word')
+    ]
+    texts = [
+        'test', 'text', '',
+    ]
+    for config, text in product(configs, texts):
+        cryptor = generate_cryptor(**config)
+        yield dual_encrypt_decrypt_text, cryptor, text
+
+
+def dual_encrypt_decrypt_text(cryptor, original_text):
+    ciphertext = cryptor.encrypt(original_text)
+    text = cryptor.decrypt(ciphertext)
+    eq_(text, original_text)
+
+
+def test_encrypt_and_decrypt():
+    cryptor = generate_cryptor(
+        '1', b64decode('wenOgffhaJ8='), b64decode('8VbldsORPa4=')
+    )
+    text__ciphertexts = [
+        ('localhost',
+         'AgHB6c6B9+Fon/FW5XbDkT2ub25WJP3rVv1e4yHAljHPbH1xn9IIqw24in73DmAihe0'
+         'fEvUCObqsbPwOaD3kaj6L7W+uK03ayY6+mveto9yQqg=='),
+        ('localhost',
+         'AgHB6c6B9+Fon/FW5XbDkT2uMjUIJNPPUSbx++sR7leHVb0ys8vOP6s1BNCuCaf2FFm'
+         'skP2XVvHAR9xolNtfWwUDLQqgO1q5hiH3bukiCLJ1cw=='),
+        ('localhost',
+         'AgHB6c6B9+Fon/FW5XbDkT2ub25WJP3rVv1e4yHAljHPbH1xn9IIqw24in73Dm'
+         'Aihe0fEvUCObqsbPwOaD3kaj6L7W+uK03ayY6+mveto9yQqg=='),
+    ]
+    for text, ciphertext in text__ciphertexts:
+        yield encrypt_decrypt_text, cryptor, text, ciphertext
+
+
+def encrypt_decrypt_text(cryptor, original_text, original_ciphertext):
+    text = cryptor.decrypt(original_ciphertext)
+    ciphertext = cryptor.encrypt(text)
+    eq_(text, original_text)
+    ok_(ciphertext != original_ciphertext)
+
+
+@raises(TypeError)
+def test_encrypt_none():
+    cryptor = generate_cryptor(**config_factory('pass'))
+    cryptor.encrypt(None)
+
+
+@raises(TypeError)
+def test_decrypt_none():
+    cryptor = generate_cryptor(**config_factory('pa$$'))
+    cryptor.decrypt(None)
+
+
+def generate_cryptor(password, encryption_salt, hmac_salt):
+    cryptor = RNCryptor()
+    cryptor.password = password
+    cryptor.encryption_salt = encryption_salt
+    cryptor.hmac_salt = hmac_salt
+    return cryptor
+
+
+def config_factory(password):
+    return {
+        'password': password,
+        'encryption_salt': urandom(8),
+        'hmac_salt': urandom(8),
+    }

tests/integration/pull.bats

@@ -14,19 +14,19 @@ load test_helper
 @test "pull logged in" {
     login_serverauditor
 
-    run serverauditor pull -p $Serverauditor_password
+    run serverauditor pull -p $SERVERAUDITOR_PASSWORD
     [ "$status" -eq 0 ]
 }
 
 @test "pull logged in incorrect password" {
     login_serverauditor
 
     run serverauditor pull -p ""
-    [ "$status" -eq 0 ]
+    [ "$status" -eq 1 ]
 }
 
 @test "pull not logged in" {
 
     run serverauditor pull -p ""
-    [ "$status" -eq 0 ]
+    [ "$status" -eq 1 ]
 }

tests/integration/push.bats

@@ -14,19 +14,25 @@ load test_helper
 @test "push logged in" {
     login_serverauditor
 
-    run serverauditor push -p $Serverauditor_password
+    serverauditor pull -p $SERVERAUDITOR_PASSWORD
+    run serverauditor push -p $SERVERAUDITOR_PASSWORD
+    echo ${lines[*]}
     [ "$status" -eq 0 ]
 }
 
 @test "push logged in incorrect password" {
     login_serverauditor
 
     run serverauditor push -p ""
-    [ "$status" -eq 0 ]
+    [ "$status" -eq 1 ]
 }
 
 @test "push not logged in" {
 
     run serverauditor pull -p ""
-    [ "$status" -eq 0 ]
+    [ "$status" -eq 1 ]
+}
+
+setup() {
+    rm ~/.serverauditor.storage || true
 }