From d5d47dc216fd285ec60df1ccaab1e0740e29e3c5 Mon Sep 17 00:00:00 2001 From: drebs Date: Mon, 18 Nov 2013 11:06:37 -0200 Subject: Add MAC verification to recovery document. Closes #4348. --- common/src/leap/soledad/common/crypto.py | 21 +++++++++++++++++++++ common/src/leap/soledad/common/tests/test_crypto.py | 9 ++++----- .../src/leap/soledad/common/tests/test_soledad.py | 5 +++-- 3 files changed, 28 insertions(+), 7 deletions(-) (limited to 'common/src/leap') diff --git a/common/src/leap/soledad/common/crypto.py b/common/src/leap/soledad/common/crypto.py index 2c6bd7a3..56bb608a 100644 --- a/common/src/leap/soledad/common/crypto.py +++ b/common/src/leap/soledad/common/crypto.py @@ -35,6 +35,13 @@ class EncryptionSchemes(object): PUBKEY = 'pubkey' +class UnknownEncryptionScheme(Exception): + """ + Raised when trying to decrypt from unknown encryption schemes. + """ + pass + + class MacMethods(object): """ Representation of MAC methods used to authenticate document's contents. @@ -43,6 +50,20 @@ class MacMethods(object): HMAC = 'hmac' +class UnknownMacMethod(Exception): + """ + Raised when trying to authenticate document's content with unknown MAC + mehtod. + """ + pass + + +class WrongMac(Exception): + """ + Raised when failing to authenticate document's contents based on MAC. + """ + + # # Crypto utilities for a SoledadDocument. # diff --git a/common/src/leap/soledad/common/tests/test_crypto.py b/common/src/leap/soledad/common/tests/test_crypto.py index db217bb3..af11bc76 100644 --- a/common/src/leap/soledad/common/tests/test_crypto.py +++ b/common/src/leap/soledad/common/tests/test_crypto.py @@ -40,6 +40,7 @@ from leap.soledad.common.tests import ( KEY_FINGERPRINT, PRIVATE_KEY, ) +from leap.soledad.common.crypto import WrongMac, UnknownMacMethod from leap.soledad.common.tests.u1db_tests import ( simple_doc, nested_doc, @@ -88,11 +89,9 @@ class RecoveryDocumentTestCase(BaseSoledadTest): def test_import_recovery_document(self): rd = self._soledad.export_recovery_document() - s = self._soledad_instance(user='anotheruser@leap.se') + s = self._soledad_instance() s.import_recovery_document(rd) s._set_secret_id(self._soledad._secret_id) - self.assertEqual(self._soledad._uuid, - s._uuid, 'Failed setting user uuid.') self.assertEqual(self._soledad._get_storage_secret(), s._get_storage_secret(), 'Failed settinng secret for symmetric encryption.') @@ -164,7 +163,7 @@ class MacAuthTestCase(BaseSoledadTest): doc.content[target.MAC_KEY] = '1234567890ABCDEF' # try to decrypt doc self.assertRaises( - target.WrongMac, + WrongMac, target.decrypt_doc, self._soledad._crypto, doc) def test_decrypt_with_unknown_mac_method_raises(self): @@ -182,7 +181,7 @@ class MacAuthTestCase(BaseSoledadTest): doc.content[target.MAC_METHOD_KEY] = 'mymac' # try to decrypt doc self.assertRaises( - target.UnknownMacMethod, + UnknownMacMethod, target.decrypt_doc, self._soledad._crypto, doc) diff --git a/common/src/leap/soledad/common/tests/test_soledad.py b/common/src/leap/soledad/common/tests/test_soledad.py index 8970a437..035c5ac5 100644 --- a/common/src/leap/soledad/common/tests/test_soledad.py +++ b/common/src/leap/soledad/common/tests/test_soledad.py @@ -33,6 +33,7 @@ from leap.soledad.common.tests import ( ) from leap import soledad from leap.soledad.common.document import SoledadDocument +from leap.soledad.common.crypto import WrongMac from leap.soledad.client import Soledad, PassphraseTooShort from leap.soledad.client.crypto import SoledadCrypto from leap.soledad.client.shared_db import SoledadSharedDatabase @@ -119,7 +120,7 @@ class AuxMethodsTestCase(BaseSoledadTest): sol.change_passphrase(u'654321') self.assertRaises( - DatabaseError, + WrongMac, self._soledad_instance, 'leap@leap.se', passphrase=u'123', prefix=self.rand_prefix) @@ -292,7 +293,7 @@ class SoledadSignalingTestCase(BaseSoledadTest): sol = self._soledad_instance() # create a document with secrets doc = SoledadDocument(doc_id=sol._shared_db_doc_id()) - doc.content = sol.export_recovery_document(include_uuid=False) + doc.content = sol.export_recovery_document() class Stage2MockSharedDB(object): -- cgit v1.2.3 From 61fe6b1ed3f8a42eb22e12168c88212e55b9095e Mon Sep 17 00:00:00 2001 From: drebs Date: Thu, 21 Nov 2013 19:27:06 -0200 Subject: Remove tests dependency on nose2. Closes #4258. --- common/src/leap/soledad/common/tests/u1db_tests/README | 8 -------- 1 file changed, 8 deletions(-) (limited to 'common/src/leap') diff --git a/common/src/leap/soledad/common/tests/u1db_tests/README b/common/src/leap/soledad/common/tests/u1db_tests/README index 605f01fa..d543f250 100644 --- a/common/src/leap/soledad/common/tests/u1db_tests/README +++ b/common/src/leap/soledad/common/tests/u1db_tests/README @@ -12,7 +12,6 @@ Dependencies u1db tests depend on the following python packages: - nose2 unittest2 mercurial hgtools @@ -25,10 +24,3 @@ u1db tests depend on the following python packages: routes simplejson cython - -Running tests -------------- - -Use nose2 to run tests: - - nose2 leap.soledad.tests.u1db_tests -- cgit v1.2.3 From 6792e50606e33f10c12f16b0d7d7aeb87d4a4adb Mon Sep 17 00:00:00 2001 From: drebs Date: Wed, 4 Dec 2013 17:40:55 -0200 Subject: Encode U1DB metadata doc prefix. Closes #4658. --- common/src/leap/soledad/common/objectstore.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'common/src/leap') diff --git a/common/src/leap/soledad/common/objectstore.py b/common/src/leap/soledad/common/objectstore.py index 7aff3e32..9f477a8d 100644 --- a/common/src/leap/soledad/common/objectstore.py +++ b/common/src/leap/soledad/common/objectstore.py @@ -50,7 +50,7 @@ class ObjectStoreDatabase(InMemoryDatabase): A backend for storing u1db data in an object store. """ - U1DB_DATA_DOC_ID_PREFIX = 'u1db/' + U1DB_DATA_DOC_ID_PREFIX = 'u1db%2F' @classmethod def open_database(cls, url, create, document_factory=None): -- cgit v1.2.3 From f8bba9c2c2031941955340d48636bf769e99d146 Mon Sep 17 00:00:00 2001 From: drebs Date: Thu, 5 Dec 2013 15:48:48 -0200 Subject: Revert "Encode U1DB metadata doc prefix. Closes #4658." This reverts commit 6792e50606e33f10c12f16b0d7d7aeb87d4a4adb. --- common/src/leap/soledad/common/objectstore.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'common/src/leap') diff --git a/common/src/leap/soledad/common/objectstore.py b/common/src/leap/soledad/common/objectstore.py index 9f477a8d..7aff3e32 100644 --- a/common/src/leap/soledad/common/objectstore.py +++ b/common/src/leap/soledad/common/objectstore.py @@ -50,7 +50,7 @@ class ObjectStoreDatabase(InMemoryDatabase): A backend for storing u1db data in an object store. """ - U1DB_DATA_DOC_ID_PREFIX = 'u1db%2F' + U1DB_DATA_DOC_ID_PREFIX = 'u1db/' @classmethod def open_database(cls, url, create, document_factory=None): -- cgit v1.2.3