diff options
| author | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2014-10-27 14:35:25 -0500 |
|---|---|---|
| committer | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2014-10-27 14:35:25 -0500 |
| commit | 6a843db90ae164c14ba1daacce52e0b680f3520e (patch) | |
| tree | b98032de9f2ffa0aaa9e508e23e1bfecf1ef0a3f /testsuite | |
| parent | ed9ad7642c211e7eba33a93dbb71c1afb2eda864 (diff) | |
| download | bcfg2-6a843db90ae164c14ba1daacce52e0b680f3520e.tar.gz bcfg2-6a843db90ae164c14ba1daacce52e0b680f3520e.tar.bz2 bcfg2-6a843db90ae164c14ba1daacce52e0b680f3520e.zip | |
Fix nondeterministic bruteforce_decrypt test
The existing test_bruteforce_decrypt was nondeterministic; in some
cases, the generated ciphertext would be decryptable with one of the
wrong passphrases, which would cause test failure even though it
decrypts to gibberish. This checks that by splitting it into two
tests:
1. Test with an invalid ciphertext, so that EVPError is always raised;
2. Test with valid ciphertext, and check for *either* EVPError or
decrypted plaintext that is not the same as the original plaintext.
Diffstat (limited to 'testsuite')
| -rw-r--r-- | testsuite/Testsrc/Testlib/TestServer/TestEncryption.py | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/testsuite/Testsrc/Testlib/TestServer/TestEncryption.py b/testsuite/Testsrc/Testlib/TestServer/TestEncryption.py index cfb0c023b..3da323262 100644 --- a/testsuite/Testsrc/Testlib/TestServer/TestEncryption.py +++ b/testsuite/Testsrc/Testlib/TestServer/TestEncryption.py @@ -1,7 +1,7 @@ # -*- coding: utf-8 -*- import os import sys -from Bcfg2.Compat import b64decode +from Bcfg2.Compat import b64decode, b64encode from mock import Mock, MagicMock, patch # add all parent testsuite directories to sys.path to allow (most) @@ -125,10 +125,28 @@ baz passwd, "also bogus"])) - # test with no good passphrase given nor in config + # test with no good passphrase given nor in config. we use + # something that isn't a valid ciphertext here since a + # ciphertext encrypted with one key may be technically + # decryptable with a different key, although it will decrypt + # to gibberish. nonetheless, it doesn't raise the requisite + # EVPError, so the test fails. self.assertRaises(EVPError, bruteforce_decrypt, - crypted, passphrases=["bogus", "also bogus"]) + b64encode("not an actual ciphertext!"), + passphrases=["bogus", "also bogus"]) + + # test with no good passphrase given nor in config. this + # version of the test uses a valid ciphertext, and looks for + # *either* EVPError or a failed decrypt. + try: + plaintext = bruteforce_decrypt(crypted, + passphrases=["bogus", "also bogus"]) + if plaintext == passwd: + self.fail("Successfully decrypted ciphertext with wrong key") + except EVPError: + # success! + pass # test with good passphrase in config file Bcfg2.Options.setup.passphrases = dict(bogus="bogus", |