diff options
Diffstat (limited to 'tests/integration/keymanager')
-rw-r--r-- | tests/integration/keymanager/test_keymanager.py | 23 | ||||
-rw-r--r-- | tests/integration/keymanager/test_openpgp.py | 6 | ||||
-rw-r--r-- | tests/integration/keymanager/test_refresher.py | 149 |
3 files changed, 161 insertions, 17 deletions
diff --git a/tests/integration/keymanager/test_keymanager.py b/tests/integration/keymanager/test_keymanager.py index 9b5de831..c623b94a 100644 --- a/tests/integration/keymanager/test_keymanager.py +++ b/tests/integration/keymanager/test_keymanager.py @@ -34,9 +34,6 @@ from leap.common import ca_bundle from leap.bitmask.keymanager import client from leap.bitmask.keymanager import errors from leap.bitmask.keymanager.keys import ( - -from leap.keymanager import errors -from leap.keymanager.keys import ( OpenPGPKey, is_address, build_key_from_dict, @@ -209,7 +206,7 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase): token = "mytoken" km = self._key_manager(token=token) yield km._openpgp.put_raw_key(PUBLIC_KEY, ADDRESS) - km._async_client_pinned.request = mock.Mock( + km._async_client.request = mock.Mock( return_value=defer.succeed('')) # the following data will be used on the send km.ca_cert_path = 'capath' @@ -272,7 +269,7 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase): """ km = self._key_manager(url=NICKSERVER_URI) client.readBody = mock.Mock(return_value=defer.succeed(None)) - km._async_client_pinned.request = mock.Mock( + km._nicknym._async_client_pinned.request = mock.Mock( return_value=defer.succeed(None)) url = NICKSERVER_URI + '?address=' + INVALID_MAIL_ADDRESS @@ -298,7 +295,7 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase): """ km = self._key_manager(url=NICKSERVER_URI) key_not_found_exception = errors.KeyNotFound('some message') - km._async_client_pinned.request = mock.Mock( + km._nicknym._async_client_pinned.request = mock.Mock( side_effect=key_not_found_exception) def assert_key_not_found_raised(error): @@ -340,7 +337,7 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase): client.readBody = mock.Mock(return_value=defer.succeed(data)) # mock the fetcher so it returns the key for ADDRESS_2 - km._async_client_pinned.request = mock.Mock( + km._nicknym._async_client_pinned.request = mock.Mock( return_value=defer.succeed(None)) km.ca_cert_path = 'cacertpath' # try to key get without fetching from server @@ -356,10 +353,10 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase): """ data = json.dumps({'fingerprint': fingerprint, 'openpgp': key}) - client.readBody = Mock(return_value=defer.succeed(data)) + client.readBody = mock.Mock(return_value=defer.succeed(data)) # mock the fetcher so it returns the key for KEY_FINGERPRINT - km._nicknym._async_client_pinned.request = Mock( + km._nicknym._async_client_pinned.request = mock.Mock( return_value=defer.succeed(None)) km.ca_cert_path = 'cacertpath' key = km._nicknym.fetch_key_with_fingerprint(fingerprint) @@ -398,7 +395,7 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase): """ km = self._key_manager() - km._async_client.request = mock.Mock( + km._nicknym._async_client_pinned.request = mock.Mock( return_value=defer.succeed(PUBLIC_KEY)) yield km.fetch_key(ADDRESS, "http://site.domain/key") @@ -413,7 +410,7 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase): """ km = self._key_manager() - km._async_client.request = mock.Mock( + km._nicknym._async_client_pinned.request = mock.Mock( return_value=defer.succeed(self.get_public_binary_key())) yield km.fetch_key(ADDRESS, "http://site.domain/key") @@ -426,7 +423,7 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase): """ km = self._key_manager() - km._async_client.request = mock.Mock(return_value=defer.succeed("")) + km._nicknym._async_client_pinned.request = mock.Mock(return_value=defer.succeed("")) d = km.fetch_key(ADDRESS, "http://site.domain/key") return self.assertFailure(d, errors.KeyNotFound) @@ -437,7 +434,7 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase): """ km = self._key_manager() - km._async_client.request = mock.Mock( + km._nicknym._async_client_pinned.request = mock.Mock( return_value=defer.succeed(PUBLIC_KEY)) d = km.fetch_key(ADDRESS_2, "http://site.domain/key") return self.assertFailure(d, errors.KeyAddressMismatch) diff --git a/tests/integration/keymanager/test_openpgp.py b/tests/integration/keymanager/test_openpgp.py index 289480f1..b16e52fd 100644 --- a/tests/integration/keymanager/test_openpgp.py +++ b/tests/integration/keymanager/test_openpgp.py @@ -21,10 +21,8 @@ from datetime import datetime from mock import Mock from twisted.internet.defer import inlineCallbacks, succeed -from leap.bitmask.keymanager import ( - KeyNotFound, - openpgp, -) +from leap.bitmask.keymanager import openpgp +from leap.bitmask.keymanager.errors import KeyNotFound from leap.bitmask.keymanager.documents import ( TYPE_FINGERPRINT_PRIVATE_INDEX, ) diff --git a/tests/integration/keymanager/test_refresher.py b/tests/integration/keymanager/test_refresher.py new file mode 100644 index 00000000..47dd0578 --- /dev/null +++ b/tests/integration/keymanager/test_refresher.py @@ -0,0 +1,149 @@ +# -*- coding: utf-8 -*- +# test_refresher.py +# Copyright (C) 2016 LEAP +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +""" +Tests for refreshing the key directory. +""" + +from datetime import datetime + +from mock import Mock, patch +from twisted.internet import defer +from twisted.logger import Logger + + +from leap.bitmask.keymanager import openpgp +from leap.bitmask.keymanager.keys import OpenPGPKey +from leap.bitmask.keymanager.refresher import RandomRefreshPublicKey, MIN_RANDOM_INTERVAL_RANGE, DEBUG_START_REFRESH, \ + DEBUG_STOP_REFRESH, ERROR_UNEQUAL_FINGERPRINTS +from leap.bitmask.keymanager.testing import KeyManagerWithSoledadTestCase + +from common import KEY_FINGERPRINT + +ANOTHER_FP = 'ANOTHERFINGERPRINT' + + +logger = Logger() + + +class RandomRefreshPublicKeyTestCase(KeyManagerWithSoledadTestCase): + + @defer.inlineCallbacks + def test_get_random_address(self): + pgp = openpgp.OpenPGPScheme( + self._soledad, gpgbinary=self.gpg_binary_path) + rf = RandomRefreshPublicKey(pgp, self._key_manager()) + key = OpenPGPKey(address='user@leap.se') + key_another = OpenPGPKey(address='zara@leap.se') + + pgp.get_all_keys = Mock(return_value=defer.succeed([key, key_another])) + + random_key = yield rf._get_random_key() + self.assertTrue(random_key.address == key.address or random_key.address == key_another.address) + + @defer.inlineCallbacks + def test_do_not_throw_error_for_empty_key_dict(self): + pgp = openpgp.OpenPGPScheme( + self._soledad, gpgbinary=self.gpg_binary_path) + rf = RandomRefreshPublicKey(pgp, self._key_manager()) + + pgp.get_all_keys = Mock(return_value=defer.succeed([])) + random_address = yield rf._get_random_key() + self.assertTrue(random_address is None) + + @defer.inlineCallbacks + def _test_log_error_if_fetch_by_fingerprint_returns_wrong_key(self): + # FIXME !!! --------------------------------------------------- + pgp = openpgp.OpenPGPScheme( + self._soledad, gpgbinary=self.gpg_binary_path) + km = self._key_manager() + + with patch.object(Logger, 'error') as mock_logger_error: + rf = RandomRefreshPublicKey(pgp, km) + rf._get_random_key = \ + Mock(return_value=defer.succeed(OpenPGPKey(fingerprint=KEY_FINGERPRINT))) + + km._nicknym.fetch_key_with_fingerprint = \ + Mock(return_value=defer.succeed(OpenPGPKey(fingerprint=ANOTHER_FP))) + + yield rf.maybe_refresh_key() + + mock_logger_error.assert_called_with(ERROR_UNEQUAL_FINGERPRINTS % + (KEY_FINGERPRINT, ANOTHER_FP)) + + @defer.inlineCallbacks + def test_put_new_key_in_local_storage(self): + pgp = openpgp.OpenPGPScheme( + self._soledad, gpgbinary=self.gpg_binary_path) + km = self._key_manager() + + rf = RandomRefreshPublicKey(pgp, km) + rf._get_random_key = Mock(return_value=defer.succeed(OpenPGPKey(fingerprint=KEY_FINGERPRINT))) + + km._nicknym.fetch_key_with_fingerprint = \ + Mock(return_value=defer.succeed(OpenPGPKey(fingerprint=ANOTHER_FP))) + + yield rf.maybe_refresh_key() + + @defer.inlineCallbacks + def test_key_expired_will_be_deactivatet(self): + pgp = openpgp.OpenPGPScheme( + self._soledad, gpgbinary=self.gpg_binary_path) + km = self._key_manager() + rf = RandomRefreshPublicKey(pgp, km) + key = OpenPGPKey(address='zara@leap.se', expiry_date=datetime.now()) + self.assertTrue(key.address is 'zara@leap.se') + km._openpgp.unactivate_key = Mock(return_value=defer.succeed(None)) + yield rf._maybe_unactivate_key(key) + self.assertTrue(key.address is None) + self.assertFalse(key.is_active()) + + def _test_start_refreshing(self): + # FIXME !!! --------------------------------------------------- + pgp = openpgp.OpenPGPScheme( + self._soledad, gpgbinary=self.gpg_binary_path) + + with patch.object(Logger, 'debug') as mock_logger_start: + rf = RandomRefreshPublicKey(pgp, self._key_manager()) + rf.start() + mock_logger_start.assert_called_with(DEBUG_START_REFRESH) + rf.stop() + mock_logger_start.assert_called_with(DEBUG_STOP_REFRESH) + + def test_random_interval_is_set_properly(self): + pgp = openpgp.OpenPGPScheme( + self._soledad, gpgbinary=self.gpg_binary_path) + rf = RandomRefreshPublicKey(pgp, self._key_manager()) + self.assertTrue(rf._loop.interval >= MIN_RANDOM_INTERVAL_RANGE) + + def test_is_random_really_random(self): + pgp = openpgp.OpenPGPScheme( + self._soledad, gpgbinary=self.gpg_binary_path) + rf = RandomRefreshPublicKey(pgp, self._key_manager()) + + for x in range(0, 5): + random_numbers = [] + + for y in range(0, 5): + random_numbers.append(rf._get_random_interval_to_refresh()) + + # there are different numbers in the list + if len(random_numbers) == len(set(random_numbers)) \ + or len(random_numbers) == len(set(random_numbers)) + 1: + self.assertTrue(True) + else: + self.assertTrue(False) |