diff options
| author | Kali Kaneko <kali@leap.se> | 2017-06-30 12:38:40 +0200 |
|---|---|---|
| committer | Victor Shyba <victor1984@riseup.net> | 2017-07-08 03:15:05 -0300 |
| commit | 88d52a578d0d7b06e138820fc0df24ba5f22e0e1 (patch) | |
| tree | 91ba56f8f90ad4d555d1b6ef3f2b9534881d6448 /testing | |
| parent | 4672cb4be9c01d89b17b772331531b6502fb72ba (diff) | |
[feat] use OpenSSL backend for scrypt if available
This needs OpenSSL >= 1.1, otherwise it will keep using the scrypt
dependency.
We should think about deprecating scrypt as a dependency when we can be
sure that the adoption of libssl 1.1 is wide enough. I think that at
some point (soledad 0.11 or so) we can drop the scrypt dependency, which
was being somehow problematic at times (the _scrypt.so was not appearing
when installing with pip, needed workarounds). From that moment on, we
can raise an error if an old libssl is found and no scrypt can be
imported - leaving that to the user/packager.
In debian stretch and afterwards, you can get that version by installing
libssl-dev
- Related: #8472
Diffstat (limited to 'testing')
| -rw-r--r-- | testing/requirements-testing.pip | 3 | ||||
| -rw-r--r-- | testing/tests/client/test_crypto.py | 12 | ||||
| -rw-r--r-- | testing/tox.ini | 7 |
3 files changed, 17 insertions, 5 deletions
diff --git a/testing/requirements-testing.pip b/testing/requirements-testing.pip index a33c65ab..a80b1b34 100644 --- a/testing/requirements-testing.pip +++ b/testing/requirements-testing.pip @@ -1,2 +1,3 @@ pip -tox
\ No newline at end of file +tox +pytest-twisted diff --git a/testing/tests/client/test_crypto.py b/testing/tests/client/test_crypto.py index 11384ad7..10cccbb2 100644 --- a/testing/tests/client/test_crypto.py +++ b/testing/tests/client/test_crypto.py @@ -33,6 +33,7 @@ from cryptography.exceptions import InvalidTag from leap.soledad.common.document import SoledadDocument from test_soledad.util import BaseSoledadTest from leap.soledad.client import _crypto +from leap.soledad.client import _scrypt from twisted.trial import unittest from twisted.internet import defer @@ -46,6 +47,17 @@ snowden1 = ( "they will.") +class ScryptTest(unittest.TestCase): + + def test_scrypt(self): + secret = 'supersikret' + salt = 'randomsalt' + key = _scrypt.hash(secret, salt, buflen=32) + expected = ('47996b569ea58d51ccbcc318d710' + 'a537acd28bb7a94615ab8d061d4b2a920f01') + assert binascii.b2a_hex(key) == expected + + class AESTest(unittest.TestCase): def test_chunked_encryption(self): diff --git a/testing/tox.ini b/testing/tox.ini index bb8f0913..6a6275f3 100644 --- a/testing/tox.ini +++ b/testing/tox.ini @@ -5,8 +5,7 @@ skipsdist=True [testenv] basepython = python2.7 commands = - pip uninstall -y pysqlcipher - pip install --install-option="--bundled" pysqlcipher + pip install -I --install-option="--bundled" pysqlcipher py.test -x --ignore=tests/benchmarks \ --cov-report=html \ --cov-report=term \ @@ -25,6 +24,7 @@ deps = couchdb requests service_identity + leap.common # install soledad from current tree -e../ -e../[client] @@ -75,8 +75,7 @@ deps = commands = # use a bundled version of pysqlcipher to ensure HAVE_USLEEP is set and we # don't have problems with concurrent db access. - pip uninstall -y pysqlcipher - pip install --install-option="--bundled" pysqlcipher + pip install -I --install-option="--bundled" pysqlcipher ./check-pysqlcipher.py # and only then run benchmark py.test --benchmark-only -m 'not synchronous' {posargs} |