From 6c1b204938109de29fa53cc4e445b822f622826d Mon Sep 17 00:00:00 2001
From: drebs <drebs@leap.se>
Date: Tue, 21 May 2013 20:33:48 -0300
Subject: Improve _has_secret() logic and tests.

---
 src/leap/soledad/tests/__init__.py     |  5 ++--
 src/leap/soledad/tests/test_crypto.py  | 43 ++++++++++++++++++++++++++++++++++
 src/leap/soledad/tests/test_soledad.py | 15 ++++++++----
 3 files changed, 57 insertions(+), 6 deletions(-)

(limited to 'src/leap/soledad/tests')

diff --git a/src/leap/soledad/tests/__init__.py b/src/leap/soledad/tests/__init__.py
index 79ee69c4..00de687b 100644
--- a/src/leap/soledad/tests/__init__.py
+++ b/src/leap/soledad/tests/__init__.py
@@ -48,7 +48,7 @@ class BaseSoledadTest(BaseLeapTest):
                           prefix='',
                           secrets_path=Soledad.STORAGE_SECRETS_FILE_NAME,
                           local_db_path='/soledad.u1db', server_url='',
-                          cert_file=None):
+                          cert_file=None, secret_id=None):
 
         def _put_doc_side_effect(doc):
             self._doc_put = doc
@@ -68,7 +68,8 @@ class BaseSoledadTest(BaseLeapTest):
             secrets_path=self.tempdir+prefix+secrets_path,
             local_db_path=self.tempdir+prefix+local_db_path,
             server_url=server_url,  # Soledad will fail if not given an url.
-            cert_file=cert_file)
+            cert_file=cert_file,
+            secret_id=secret_id)
 
     def assertGetEncryptedDoc(
             self, db, doc_id, doc_rev, content, has_conflicts):
diff --git a/src/leap/soledad/tests/test_crypto.py b/src/leap/soledad/tests/test_crypto.py
index 4c57e023..7b8f756a 100644
--- a/src/leap/soledad/tests/test_crypto.py
+++ b/src/leap/soledad/tests/test_crypto.py
@@ -27,6 +27,7 @@ try:
     import simplejson as json
 except ImportError:
     import json  # noqa
+import hashlib
 
 
 from leap.soledad.backends.leap_backend import (
@@ -204,9 +205,51 @@ class RecoveryDocumentTestCase(BaseSoledadTest):
 class CryptoMethodsTestCase(BaseSoledadTest):
 
     def test__gen_secret(self):
+        # instantiate and save secret_id
+        sol = self._soledad_instance(user='user@leap.se')
+        self.assertTrue(len(sol._secrets) == 1)
+        secret_id_1 = sol.secret_id
+        # assert id is hash of secret
+        self.assertTrue(
+            secret_id_1 == hashlib.sha256(sol.storage_secret).hexdigest())
+        # generate new secret
+        secret_id_2 = sol._gen_secret()
+        self.assertTrue(secret_id_1 != secret_id_2)
+        # re-instantiate
+        sol = self._soledad_instance(
+            user='user@leap.se',
+            secret_id=secret_id_1)
+        # assert ids are valid
+        self.assertTrue(len(sol._secrets) == 2)
+        self.assertTrue(secret_id_1 in sol._secrets)
+        self.assertTrue(secret_id_2 in sol._secrets)
+        # assert format of secret 1
+        self.assertTrue(sol.storage_secret is not None)
+        self.assertIsInstance(sol.storage_secret, str)
+        self.assertTrue(len(sol.storage_secret) == sol.GENERATED_SECRET_LENGTH)
+        # assert format of secret 2
+        sol._set_secret_id(secret_id_2)
+        self.assertTrue(sol.storage_secret is not None)
+        self.assertIsInstance(sol.storage_secret, str)
+        self.assertTrue(len(sol.storage_secret) == sol.GENERATED_SECRET_LENGTH)
+        # assert id is hash of new secret
+        self.assertTrue(
+            secret_id_2 == hashlib.sha256(sol.storage_secret).hexdigest())
+
+
+    def test__has_secret(self):
         sol = self._soledad_instance(user='user@leap.se', prefix='/3')
         self.assertTrue(sol._has_secret(), "Should have a secret at "
                                            "this point")
+        # setting secret id to None should not interfere in the fact we have a
+        # secret.
+        sol._set_secret_id(None)
+        self.assertTrue(sol._has_secret(), "Should have a secret at "
+                                           "this point")
+        # but not being able to decrypt correctly should
+        sol._secrets[sol.secret_id][sol.SECRET_KEY] = None
+        self.assertFalse(sol._has_secret())
+
 
 
 class MacAuthTestCase(BaseSoledadTest):
diff --git a/src/leap/soledad/tests/test_soledad.py b/src/leap/soledad/tests/test_soledad.py
index 6a4261c0..45cd7eb2 100644
--- a/src/leap/soledad/tests/test_soledad.py
+++ b/src/leap/soledad/tests/test_soledad.py
@@ -64,14 +64,21 @@ class AuxMethodsTestCase(BaseSoledadTest):
         """
         Test if configuration defaults point to the correct place.
         """
-        sol = Soledad(
-            'leap@leap.se', passphrase='123',
-            secrets_path=None, local_db_path=None,
-            server_url='', cert_file=None)  # otherwise Soledad will fail.
+
+        class SoledadMock(Soledad):
+
+            def __init__(self):
+                pass
+
+        # instantiate without initializing so we just test _init_config()
+        sol = SoledadMock()
+        Soledad._init_config(sol, None, None, '')
+        # assert value of secrets_path
         self.assertEquals(
             os.path.join(
                 sol.DEFAULT_PREFIX, Soledad.STORAGE_SECRETS_FILE_NAME),
             sol.secrets_path)
+        # assert value of local_db_path
         self.assertEquals(
             os.path.join(sol.DEFAULT_PREFIX, 'soledad.u1db'),
             sol.local_db_path)
-- 
cgit v1.2.3