summaryrefslogtreecommitdiff
path: root/src/leap/soledad/tests
diff options
context:
space:
mode:
Diffstat (limited to 'src/leap/soledad/tests')
-rw-r--r--src/leap/soledad/tests/test_sqlcipher.py59
1 files changed, 55 insertions, 4 deletions
diff --git a/src/leap/soledad/tests/test_sqlcipher.py b/src/leap/soledad/tests/test_sqlcipher.py
index 870f9e5d..4457db53 100644
--- a/src/leap/soledad/tests/test_sqlcipher.py
+++ b/src/leap/soledad/tests/test_sqlcipher.py
@@ -2,7 +2,7 @@
import os
import time
-from sqlite3 import dbapi2
+from sqlite3 import dbapi2, DatabaseError
import unittest2 as unittest
from StringIO import StringIO
import threading
@@ -12,10 +12,13 @@ from u1db import (
errors,
query_parser,
)
-from u1db.backends.sqlite_backend import SQLiteDatabase
+from u1db.backends.sqlite_backend import SQLitePartialExpandDatabase
# soledad stuff.
-from leap.soledad.backends.sqlcipher import SQLCipherDatabase
+from leap.soledad.backends.sqlcipher import (
+ SQLCipherDatabase,
+ DatabaseIsNotEncrypted,
+)
from leap.soledad.backends.sqlcipher import open as u1db_open
# u1db tests stuff.
@@ -130,7 +133,7 @@ class TestSQLCipherDatabase(TestSQLiteDatabase):
t2 = None # will be a thread
- class SQLCipherDatabaseTesting(SQLiteDatabase):
+ class SQLCipherDatabaseTesting(SQLitePartialExpandDatabase):
_index_storage_value = "testing"
def __init__(self, dbname, ntry):
@@ -298,3 +301,51 @@ class SQLCipherOpen(TestU1DBOpen):
db2 = u1db_open(self.db_path, password=PASSWORD, create=False)
self.addCleanup(db2.close)
self.assertIsInstance(db2, SQLCipherDatabase)
+
+#-----------------------------------------------------------------------------
+# Tests for actual encryption of the database
+#-----------------------------------------------------------------------------
+
+class SQLCipherEncryptionTest(unittest.TestCase):
+
+ DB_FILE = '/tmp/test.db'
+
+ def delete_dbfiles(self):
+ for dbfile in [self.DB_FILE]:
+ if os.path.exists(dbfile):
+ os.unlink(dbfile)
+
+ def setUp(self):
+ self.delete_dbfiles()
+
+ def tearDown(self):
+ self.delete_dbfiles()
+
+ def test_try_to_open_encrypted_db_with_sqlite_backend(self):
+ db = SQLCipherDatabase(self.DB_FILE, PASSWORD)
+ doc = db.create_doc_from_json(tests.simple_doc)
+ db.close()
+ try:
+ # trying to open an encrypted database with the regular u1db backend
+ # should raise a DatabaseError exception.
+ SQLitePartialExpandDatabase(self.DB_FILE)
+ raise DatabaseIsNotEncrypted()
+ except DatabaseError:
+ # at this point we know that the regular U1DB sqlcipher backend
+ # did not succeed on opening the database, so it was indeed
+ # encrypted.
+ db = SQLCipherDatabase(self.DB_FILE, PASSWORD)
+ doc = db.get_doc(doc.doc_id)
+ self.assertEqual(tests.simple_doc, doc.get_json(), 'decrypted content mismatch')
+
+ def test_try_to_open_raw_db_with_sqlcipher_backend(self):
+ db = SQLitePartialExpandDatabase(self.DB_FILE)
+ db.create_doc_from_json(tests.simple_doc)
+ db.close()
+ try:
+ # trying to open the a non-encrypted database with sqlcipher backend
+ # should raise a DatabaseIsNotEncrypted exception.
+ SQLCipherDatabase(self.DB_FILE, PASSWORD)
+ raise DatabaseError("SQLCipher backend should not be able to open non-encrypted dbs.")
+ except DatabaseIsNotEncrypted:
+ pass \ No newline at end of file