diff options
Diffstat (limited to 'testsuite')
13 files changed, 485 insertions, 0 deletions
diff --git a/testsuite/Testsrc/Testsbin/bcfg2-crypt/all-basic.xml b/testsuite/Testsrc/Testsbin/bcfg2-crypt/all-basic.xml new file mode 100644 index 000000000..ce68300b6 --- /dev/null +++ b/testsuite/Testsrc/Testsbin/bcfg2-crypt/all-basic.xml @@ -0,0 +1,12 @@ +<Properties> + <Foo name="1" encrypted="basic">U2FsdGVkX19C6Cy0nM0mlcGGBjqBMAC+GqyPfLpqgT0=</Foo> + <Bar name="1" encrypted="basic">U2FsdGVkX18KUHJTHdrgz3gWtNA5U3g3gq0i/AsdCVE=</Bar> + <Foo name="2" encrypted="basic">U2FsdGVkX1+9nUFxmbl8UJh1t5fWo4cQQa5nQm8hVtw=</Foo> + <Group name="test"> + <Bar name="2" encrypted="basic">U2FsdGVkX18tScJs1si9y45NxPkjYj66Ee+TsYDZAd0=</Bar> + <Foo name="3" encrypted="basic">U2FsdGVkX19q3USU1cnvgfV8roHeSNSQ2bCMD1CCR3jE0e53aT71ATtqHmfsJfDnTgQ28xbKGZhAwoML8ixXkdkyqnsSF69bnIwebaI4qqYXFA2FWF1Cop3bYEV67m6dSM9BkSluKIcs7VdPRANE71OQnd9P2cQbMig50IkBtuE3El8bnc+n4E0k31NT7ZZJ9s/9FJMHg/AfIjvB4KgMqylHcfT43gGICeq4JYPKIsxYjKq0bzFISPBgztD1++YTdCKbJDtjNJJOlqanB3LsBR3PQt6rliWqqPVT3aLP8BU/gIcGE3oyyce04ULxNGTPqFlWgw2r7RopygqgZbzTgU21thzef7bXRi/NATQpXkM70BdCLwRvRNaC3JrMY/z4k0//QliTiNYPNejpGvwezHf99PTN7VPWMhQyONSpLO905KmEJYRt1BXx8p+72b1Q/1S/QFfzU8JU3MO4yiLFf6kyB6nS+pCA40g/UfwKLQI2Fr6Oi5acOK7SRTXqSmxhI+96TQms6bWmm889BO8QOfiuAI1CvHWEBljPACXydcM9wACjhBvpra41UzVgkzadaUO8yBV0Z0bLVHuyIdI1I78vgrkd99tJvC/AmYazEwM=</Foo> + </Group> + <Group name="test2"> + <Bar name="3" encrypted="basic">U2FsdGVkX19aE/IqfkkhgkbhA0i9cb1PYp7tdTmfidg=<Foo name="4" encrypted="basic">U2FsdGVkX1+J4nhfxE5GjwDF1PzOjw2q5e5vrcFZyCQ=</Foo></Bar> + </Group> +</Properties> diff --git a/testsuite/Testsrc/Testsbin/bcfg2-crypt/basic-des-cbc.crypt b/testsuite/Testsrc/Testsbin/bcfg2-crypt/basic-des-cbc.crypt new file mode 100644 index 000000000..31aa80e26 --- /dev/null +++ b/testsuite/Testsrc/Testsbin/bcfg2-crypt/basic-des-cbc.crypt @@ -0,0 +1 @@ +U2FsdGVkX1/2LyHZkqC9Ri2CeDw45osMNNUwOMraHGD/Z3jsHekaU5w6YlTZ3DUPGJoNKsPiUp0jdheuvFGyv2jmXn4ocIPixcliR16n1lWTv5yE+lleELRRqzRCR+cYjmXJzAHg2L5YJ+/XwZR0tlN5cod81dsHiaVw86K7MU8SlkTuN+QSU24CFucuhi9cXTLt0E7ipIded4J5qlDS2ZZIR/m7LG++VS8jc47S65VHR5VHg6cTQ130b78eG8344LM7i4hVcH1Pm0YOm1Kq3Q+IrmyiPmJKFb1lABoEJHCKAlQ85H5xFdbnXP9FbcZVq9zLmIoB3RsGWLLZobY93FhwXN86VZ2APVn7rzLPZCk8KPqkxGoErUZl4of6eQMvi9Owvf7s6fhkKlG7c03BJ8FtbaKOGob9Y2vM2Vjs322QXnJnGXWZ2ZJLu6+OAdVNUueEhqe12SKIc9Olzv6Gn60tiB5XByqAuY8y6oPm3F+gCdbReh1Lu7fVVGP6brkgZWzoBv/T503nOU/Jw3yRSd9nHwBkiMA3HtjzgWZrXf+TRW5apSAoDAeX70nBR4GtqQO3GozFZgqvr4yzLHo1m3/+mB/svNjeMTbRKp5cKs+47C8rno3+asbVtykrPBnqgC16WRa+fB/juxjpRaEK7dbzhk701lNbJrXKT0S4S5Pdir+SDl1udgpTRiy1MaL9JnwQ5w5du6XfLUH43Q2UiMpNABQAyxHZDsdEcxzj16e7wKXVVguS2mqN8TrWhC1K7ZZ+q8BHZaV1c+R45CwT1nIuGoYzKe0Wsc3WtY8yYTbKJPeJQyL7qSyC/M8cV8RkkDGTgJ/FuRlsm5R89enBFRgb5tmT3S6pG6WxTsxcOyXNwc2VP47dJuetguiEYI8FX6pWbfwSfd1HG7uKkD3QMUYU1YtzCziNLNpag03jd/Ios2q/gR6agKGAzVTSIGeaNwpervlXiHXAdGThWXbqTy+1Zbp4OnEbLGEtksedpTD6Ij+JNFSgyIxDbBdrxvx0EZHf8GeIAiOifRZw3XTxla16oKylv2FnUJMJlwONOyswmwduWaY+0+LYHygzJYyF9YoJVYCASQpz5dll3Z1U/5vKqzrY8/88/SLINPP8nQ6mV1JbnXuRS8CD/LbzI3T0CTDKrsxQkkFsArtdUpYRHBqsPYyuikmG1GGeEtRznkNqcE2EXKoNdIU4Rm6GIK6thes3bYqnp5MK/HLQ2vKkOraSR3IyQJXW7EUVCqZk3M5wFGem+8aEw3sjYljrxNzSAB2EPitnxpBp21Mfu+6SmlGWOXANBNSBG630JzNgfqh31SKrWCw6jyFYrI43UXJEsAdEerfKK/UKBs2rb7Y/DGNF1lM9LDxH2nQ5ByELn/PxxpRdKYoXgsHmPwBHMuXhjPXxY1uw25GZgVVk58GR/l/Q78sRiqiwr2D0rriUTQfLW+bqpxEbdqxJjHa/rGjZQffHC08/xqY9P2FHqcE9VIGH3OdpoM6FKQ/NfBF8FMnkp756JC+nUVgFPTQ5Wn331DlUGyf4MVH6mKskUjOKGCnbt7GnG2K64eFcs0q8k0UK4f8lACtJEA5zSX2qNhPdkpG/yHyzvvLuX2p7j53QyIvX1Nz9k7ZoqD1rjhjDSsfV9C36KORyzqm/MKq8v8YVhEfnGI2UtWM= diff --git a/testsuite/Testsrc/Testsbin/bcfg2-crypt/basic.crypt b/testsuite/Testsrc/Testsbin/bcfg2-crypt/basic.crypt new file mode 100644 index 000000000..386544ca8 --- /dev/null +++ b/testsuite/Testsrc/Testsbin/bcfg2-crypt/basic.crypt @@ -0,0 +1 @@ +U2FsdGVkX1+fzWyB9BSYjGZTIEw6WGCFJvgWeS5BlGSVcLK6cDuoajcTj47falmJhrCg6uew41tps12UDaGe8Uaw8gzZnqGBCRYYSCazD3mqGsUQDbHdjRdsN5C1uTBlrUt52GuqP0EHEmJrqcmNYCkFw2KM8/RCflpuHkEj3L44PTsuq/TsxUmNLkn01z+U9Y1qK13bl60Gn0T3EYkI1hcO2JzyHW0HHwwe2E9xRB1u56Xj9xL8EozshlafTN2J9iIysG5j7P2dlmGHBQtVgrvbgZ8SycmiIOSenRgpln/Ax9WAwcXXbcvCcSUqxA5CrjfQAkfhMuHhYIoI/f5KJcLKnf1lnOXXlFaQVVLlvMxaw7v67jFOOIJekrphgnIF/VviR0ShP8KFvtTrG56lxHHP2ngZHPg6CxqUtyhCEMp2rES1s0PcAd4xvzUlrgZLvHpphZ0ZVtknDF5hmnFuO/Y1Ebo1PvN2vty1GH/XPcLyzk+Iks92hvYmeOy9fJ+9x+myaHCW/xbwesYrkcUnFvvovres20vM981Dv4GRgO1Yej98ac60wNEu8QigqCJCbVnst4g6+dEhd9xzHp9zsf8cCGcJPWp6BUOdk7Z96uA5UwOsbOgyShlLsp2eWnKAb/5HKx8C8JXdCPD7lFNa4QvrfrH6a1HUugZ7oxU8oQ1mPrg8t6Jf7HyMbBpKdx3BGwnb4yxaOPhpW66OXyFuU0l7yHx5tAzG4ee1HqA8wp5bpvwszCQcLuB5a8s5x+tDs/4pb8bb6f5kV4EnYXza9v8tVCwPegdz8IuluPGjbcO9XM8jjTJ6UDZPIOxNKGoxYUl0RKbAKJ1QC51/d2uNFGcd6j00zs4P5P9G5Pqyy1IMUHqCBpbIO1LI5SgHf9E51NYUjTZJMgxgDfXgo3isDVI39Bob5aNHdjJKWBalU4u5BOWosQ27Du7BmXfAF4CeB4nnilTC/MqvUp7i9RRBfiw9jiPxE1tBtjkqIRDf7k1nGtDWhDcP64ph/Iz5IJ/krafzNew36KAHwYISlDN8KYH5gEewixst7oqiRteCT8D55Es+7645MWHoLa6x/LHOT3sYcXQN+fd8SkjKbR8HBT5upAI+8/WWnU/umodJoyTW62xAhjFQVszj5S6451uTEEf6PnBEpbNaYgQhrUv8bX+WGxNL+Q4XmOUdM8holHyM2Lz7saMG5HlZMlYR6DClQqh5QLG1gmL17+ozARKfQWIXBtsWh5/aTlXVwTDAu8p50abgseNswRWm1QkqtDYxVgsj3qfdtOQo/K/gkHx1dJbkZVCVBRR2DNyKT1DZjU+6q8UJZmZ+JUZ1qcP16y+bc4WOXgBdxvDVWwsR1oe9GokQAHovxTms8VtW5+am37BXpJ+nRo6dVo71yaHXdjf6wQgxzFe9eo1BXypxtx+y5jEuN788d0jwLrZ8bF2KrnbzOinch2WkU+7eFt4pHCClX38hQ/d28q8UOyFEbZp1N9Guwtun3NzX4V0DbcZxIxJDGo45uPLDcT6r9dhAUwrfoM+atTEOM3K4BOBEyxehs7NoZrObWdy0FcrKokCT3iHOqImhVdJDnDYDtfqLFi/iycZ8mUnt6eF7oNLLh/TdB+HgC5bf684YPGYCGznAfjOVE8eIKsG5l6DqGDBxx4fh+Hb563aX/UA8tKrnMhcD/A== diff --git a/testsuite/Testsrc/Testsbin/bcfg2-crypt/basic2.crypt b/testsuite/Testsrc/Testsbin/bcfg2-crypt/basic2.crypt new file mode 100644 index 000000000..b26bd91a3 --- /dev/null +++ b/testsuite/Testsrc/Testsbin/bcfg2-crypt/basic2.crypt @@ -0,0 +1 @@ +U2FsdGVkX189QQFkAJ2EZErSsJ7h16U71KMeKEHIC803ktBOL0sBOEdWPKN/0G7Jt4mchdGSeBBCFcxGIJ7yGvhThWxgAsCNCZCPbCCGW7NQ8b01+WRzeggfHYuFw49Mwvr9Dqh97z6HelvvoNr90DW/IuxGrJgKzeP2obbdUn0MRuBNx//JjU9lTDRSCU6i5HR/IJvMdYT9iR7icJa0Wjtl6UXjoZXf2azL1jRLrtG2QtMmUI0PQcg9IDlH1Eiosut2LOcmCCThzR96ubQqjRCAggWJqR1x7qe5+Llkq47jPauWuD1RoH7OLTm1EcVRd68ZtfYPHK8tiu3xZqcmnHC5bHedM9hdwiyDqm/qhdnz5cWA4rlWp4VAFTmJzyt4VsgTTXDbCbRHtU0Ml7E36lg4fMekfql1XT+tiNxmoedAWGOXXbvf8rdyH6EZ2uFBhPtX+2kV66XsNBALAizqwVqpw/wdKVkWGRMsi1p8nE4wj6/WcHBd7YYJBig4UNyqdPTsn2dMhKi3GbzgNvkmNo+V6G3IZ0cqy4tBZkBW3izVfN8e5BEUZ6BR4V8uC/NvTSd7fcJSJZROw/RR2zdTo7qDqgzz27aZrPghDfmLYB26VGn56geSVwEFraDeaUZxa17UiBLtGYPb8rZRQkn0ACsfHu8r2PVt6p/W6oVnZ/05icvP2NjGtWWbzXRpHZEw/5R+cRsfTgi2HpWpJwpqt6Y+dxXb5mpNkwL3tM/p9i1+LKm+jxknkmtCW8rxeHseuvX3WIcyAP7JEBzv76xliKBQP0lpvM53fNcgsJvzgphnwUGAlht+2Y9ZBlKSdGyrft+K4hxYWRcCWMg8+s/VA1VkHl3+JOzwmgfGFx3eVcZnul1Xq58BGWRmVXo0PfSo0VCZuhVuegF2Odqfrx2w57CwKESxDkKGt7h8m7CexJbVHzawJlC5ZbP6iLHCf2rHXIcD/K4Qjl/rbDLvMrHpazSOpaIckYdXFeA3UglEFQ4m4o8OEYJ1rH8z3jQt4A+3L4+8+8tzeTIfnVgA2ouqs00XcoFoPSSvbzZstawJubBR6/pOwYjJAAJTVMPw08X/8qM1NJHSvxgkDlWrm8uUfgGbG6ftkCKlbEuJmWLH2I74zHa0/2j8VtcoHjFkbQc7Slg/pM0IC55ZJhgaZ74qsGJaGz5FpdYx8Fz+riqBTGZA7LpVzsYGl/f4Cmtvf6v0f2pCypb1bMWp+IEn2w7StGVd6oSuc9+wgBi9RWAmlB27MkBvKnx+IuUPpKtUSUG+YM3mFUl9f5A0spMdTiDPdh8Wegqx5S2PLKt61YvoMS8vSQTGxMf3A3WhykYGrFxq8l1zKcZfD7x4oPj398rfBGQPpemuiTuDJeGtsKta8ERgLw1bgrtEu6PWvEf4bSCLYa1x7RkrOihDPyn+jP0v/1Cb7+eQR33tVwNYdN7ZNRzvbn7JHKuci8DrZU2961aA+7t1UMjSaJ06RG4pm120pQckRi3vALxh583KlqpG5a8+DAHq46h16W7PC9IbDdb5YRgAo0QwOnIdFLj4EKt5GefOspnfOWM5gROU33l4J2n+5IsH8d0eOTGXlIVmyye3fXMTTI248DMchBR/xUKisujZZsvjFutxYYX/RGXoIHllmycpAsqnMBPNj6edjPruAqnyDzHpS88Y3eBSv446GA== diff --git a/testsuite/Testsrc/Testsbin/bcfg2-crypt/bogus-forced.xml b/testsuite/Testsrc/Testsbin/bcfg2-crypt/bogus-forced.xml new file mode 100644 index 000000000..d5d0eb8d9 --- /dev/null +++ b/testsuite/Testsrc/Testsbin/bcfg2-crypt/bogus-forced.xml @@ -0,0 +1,5 @@ +<Bogus> + <!-- This is not a real properties file; we use it to test forcing + bcfg2-crypt to treat it like one --> + <Test encrypted="basic">U2FsdGVkX1+uFQUijBDQpGBdTroNS6nl8lPUSeHcWJw=</Test> +</Bogus> diff --git a/testsuite/Testsrc/Testsbin/bcfg2-crypt/bogus.xml b/testsuite/Testsrc/Testsbin/bcfg2-crypt/bogus.xml new file mode 100644 index 000000000..8c83afa69 --- /dev/null +++ b/testsuite/Testsrc/Testsbin/bcfg2-crypt/bogus.xml @@ -0,0 +1,5 @@ +<Bogus> + <!-- This is not a real properties file; we use it to test forcing + bcfg2-crypt to treat it like one --> + <Test encrypted="basic">some text</Test> +</Bogus> diff --git a/testsuite/Testsrc/Testsbin/bcfg2-crypt/complex.crypt b/testsuite/Testsrc/Testsbin/bcfg2-crypt/complex.crypt new file mode 100644 index 000000000..cd4ada4bf --- /dev/null +++ b/testsuite/Testsrc/Testsbin/bcfg2-crypt/complex.crypt @@ -0,0 +1 @@ +U2FsdGVkX1+pB62f8PRmn7i+qzc0nVvezv4sL6KXA4SaTWGvai48caajA480b//AfSkSaLK9C5pDFk0hf0HvoSK/qFdEL/3sChswE2EXJqcZCQxSpexQPhd4t/ES3m40PPO+WmK3AemjvNSv9oQdIXPlgwboVBoBfJ61onPqdQSrDtheDRsaNzOA9kYe5dttl7PwKz9UTj8Ds7rRXvrFdXvmX/KvwWHxQvHmz7RzFfMzBQ7AS+yKo4JPVMSA6peBQRsmu8n/c+G4q0MXntmPRfSELyxX2BG9kIUKJEmCgJHVOnN6Yd/wseKQWbWFut/vB+tq+83yTQKJmEtDx1EAupXv3oBNDpDR2wjLsijvAQCaBkvalHyLEC8/KlC3P6VMUObiaHOMIxcMX9wH5C2jGYCTZ+tlAnzM9RfKkXPEq0sXbTpRy0laRWfV6c39PDFgTE3qBy79Reh4V+YfqG0X2jFR3bbcG1ZFc/QL20X+6LvfP/cxf/zepZ1sa9yJmAw386xtt7tDohdZBmvwOgueqbHhlRnf2hXggSUBHLxspAKsy8kyHzSFBy71qzmXo4j3C96MFf/SCCDJsX1P2yEdny7hKxHKqvQBFR2JlN+m0DFt5rnhiWAkLbpJsBdy66hZ9dmWa3IfKhO9EDkAFf5ts7ZXPgimpdj/A7IjtD19FmBLZ/N29spA+InK661iHwc3HVJ14AorA9gOyeCW6p3GBS/BzENALEDrKk3O9w0Dk4pRcrlRgvEK+HZF6CDVV5jh188Lt3eWReCfBQ9Cwoj/sDY16WNTsqJnA9f+FIUW7WxSpUA5g3bk2IR3pfnzXLfxFpUUGy7v7y7EvOMOWH27550NKtXOszcS72rRzwf4jze7mN51Wt1n9iKKpmoUZNwJ6E6vaU2o/NyuWrWHMWPtTusdQsVMkm2J3TddvMFp6u8mTMIj5ypMuz8+9f2QgLjWrCTY0llVHQfQvELgSSNoNBMfpFKqZt0qk4Zoo0a/CRFj+wEv0zOwF8A0HAtIXrnF4zeiLjDlN4lMrR67hKOuHNLpR6hqkCUSo2blf3d3AiwN6YfLHNuVywuUHINVeoyzls1q6WXuLQuO3HOdpMOWrp4tA6PoDAia36qT8+WhK/hrzinEbiu0Wvd9uv7Ie/veAGBcqW+4SOu0kJqQLgnQfGXvUoxs5TvgbTsrs8TW9CtihR0u0vuuec4El6VEA0xVDKbyI1H2ac3X44qEXwVwWqC2JJdy9O2uNgEQhGah+qLiumvKQElZngMw/ovE76rysF8eO7z1Hkt45raOcodUcAnvTgvGYrVwPKa3a4ShBpT/94IjbsMQ/S9dsnACCps7/TGtqgS96XsookFX8m9x2oycJnpiF59+UlcyyxY6e+vAkl11eIwH/niEpl3JzGKGUi5rs3y7MiLR12ZAoI5R9xBpSY8nm9OGNN5lO242cDnstdjhd7Qz2bR8/KDFQtIVLgxhKrRaUnQr0CFBQ/bW0RS0E1SdFssixvvPohlAXoBQssVOUPHVXbk9On9k8ebQ9n9lhd6L2dK0HydVUFLr0vtVCTv049aLcI3yQ8a6TrOxtVy793hzwY0UZC8X5pjYqT6V/ddyRWzJQRvXnK5KzL4KHWSOXTvwam8TYMp3TdBEi8G+Raydi2kVSeGYEjdjkGSfGgw5kRoeDqkworeZSA== diff --git a/testsuite/Testsrc/Testsbin/bcfg2-crypt/plaintext b/testsuite/Testsrc/Testsbin/bcfg2-crypt/plaintext new file mode 100644 index 000000000..71fa9654e --- /dev/null +++ b/testsuite/Testsrc/Testsbin/bcfg2-crypt/plaintext @@ -0,0 +1,9 @@ +Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nulla in elit arcu. Morbi interdum fermentum magna non molestie. Curabitur imperdiet, mi eget ultrices porttitor, dolor arcu dictum purus, eu tristique felis felis eget leo. Suspendisse dignissim laoreet velit, id bibendum leo. Etiam faucibus lorem nunc, eget laoreet tortor feugiat at. Fusce at ornare tellus. Donec dui neque, fermentum quis ante ut, sodales commodo magna. Proin nec malesuada risus, ac consectetur mi. Praesent pharetra eleifend lacinia. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Donec odio metus, dictum vel commodo quis, tincidunt in ligula. Aenean et orci non arcu lobortis ultricies. Ut ipsum nisl, luctus sed porta nec, vestibulum pharetra tellus. + + Praesent consectetur condimentum nisl ut cursus. Etiam aliquam nisi + dolor. Mauris aliquet condimentum neque, sodales laoreet lectus + venenatis ac. Morbi mattis justo odio, ac fringilla leo egestas + ut. Integer nec sapien pulvinar, ultrices nulla id, posuere + magna. Quisque in tincidunt sem, sed vehicula orci. Nulla blandit, + nisi vel cursus semper, nibh metus consequat purus, ac ullamcorper + dolor lorem vitae ligula. Maecenas non consectetur nibh. diff --git a/testsuite/Testsrc/Testsbin/bcfg2-crypt/plaintext-all.xml b/testsuite/Testsrc/Testsbin/bcfg2-crypt/plaintext-all.xml new file mode 100644 index 000000000..2dccaa51c --- /dev/null +++ b/testsuite/Testsrc/Testsbin/bcfg2-crypt/plaintext-all.xml @@ -0,0 +1,12 @@ +<Properties> + <Foo name="1" encrypted="basic">U2FsdGVkX19CZCt2ydtozka/HuG9Iay3Dpxs/pR7byM=</Foo> + <Bar name="1" encrypted="complex">U2FsdGVkX18RmlLRK6CSIww69iuUTAb1xOkA/2dZw84=</Bar> + <Foo name="2" encrypted="complex">U2FsdGVkX1+h5sBn5Ms1FXe88o69Wc0tE99Nuck++tQ=</Foo> + <Group name="test"> + <Bar name="2" encrypted="basic">U2FsdGVkX1/NcWDYbvU1fUWry44xvFxYQXodBoTs/Ek=</Bar> + <Foo name="3" encrypted="basic">U2FsdGVkX1+02mmcZw+h/QkC+Qr48bjy198xcivfopvaK64xzBe25fEBADvIG7Qab+BxZdZAPWFgX3toBVQFVjQ6M6zf1lrNeciK39LSDj4v3mTIg1/gvew8TUGeQtkrU/xo8ShEAiExma6ILf7Qq6PTc5IdBfuB85bn5YtU1tN4YTiUbK3/DIkTRJI+8YI4GbhFBKeaqMkau5498YdwhxpE0LB0sxTK3Bjw23nwOfcLLXH0uYux1JCxDgYJ9Zalx0qPUthrNnEq2mR9R11lZGmRQD8ToN0/7eS8NkZs3j5TgefbzNdpK7yThbXHFPNwuD6I1AwhQ5oJ//iOkVGpAMXvdPkEZCgKthXnze/X99J0MphTq6oD7XGrY+Sj5EwVzv8X9Mux96QtFylCIGhNllkCAqb3Mzmsr7ZIEmauAr+eTkuRASjJr7XsQKSL5hoLFtF/vKnzTx6YjVETrbXkczZUhA2n7C3HF1OYAozPZmd2WTF7/15jcWCKZB517dfKr5GC1q10NlbiujEUfb/8JnVRg9JfK5r6oXcdfxbODbLchzU+/h2sRRjSVdN6wcXrX+bVMJG9P6cLiPR3oruBUHf/dbZXg06Mp1bqazbOpJY=</Foo> + </Group> + <Group name="test2"> + <Bar name="3" encrypted="basic">U2FsdGVkX1/keWAAgSOnVvhoEDWzmRQWaf3mxOy749o=<Foo name="4" encrypted="basic">U2FsdGVkX1+O10Id9f9FUcavHi8JaQWVNlWm/jwQ4f4=</Foo></Bar> + </Group> +</Properties> diff --git a/testsuite/Testsrc/Testsbin/bcfg2-crypt/plaintext-xpath.xml b/testsuite/Testsrc/Testsbin/bcfg2-crypt/plaintext-xpath.xml new file mode 100644 index 000000000..4bcec1474 --- /dev/null +++ b/testsuite/Testsrc/Testsbin/bcfg2-crypt/plaintext-xpath.xml @@ -0,0 +1,12 @@ +<Properties> + <Foo name="1" encrypted="basic">U2FsdGVkX18bAwhcMtr8J02ztT8kBjdCjae9lYnbsRY=</Foo> + <Bar name="1" encrypted="complex">Some text</Bar> + <Foo name="2" encrypted="complex">U2FsdGVkX19+Yq+VwbAfNGUHtnB7hy74V7Fvz0GHsqA=</Foo> + <Group name="test"> + <Bar name="2" encrypted="basic">Some text</Bar> + <Foo name="3" encrypted="basic">U2FsdGVkX1+A3f6lIoFvCNaC6/ctbOLqT0z/YCJ+FkeyTgAnmU1/wk7FlPxOaPPkI2iRfEbNK2sNtUS0rQ8TYT3gIRO3qyrUNIcHaYfGerAZN3Xg9F3CsaL1NQjHxSKyJLdTmdB/1m0AQ3jw13n1eNrokGHF6HU6bD6TIJVFmds126ucOg56Xh+3ffOUukh2EwlBxnvGC/CDQluFixL1MY74xFd5mY5iDcJG9o5qUtjKmiOrtEAXFuM49JLciDHtMjQ2wbX/9lGek7U2Y05I2vU8BGtD3jh/Pt+17Vql80UrNHqVnWx247sxgYmkJIaworCTNowU2KsWEQj46E1bzAXEUVdGF65ltIXIK75KozHf8msKuVFwQDYCJ+lXRZgIygqcZ5glAyjW1WxyigxSFpRfVcZfiHp7d52JfBCU66367j7DvEnAJAuvL7jufJSavd6RxaEGGB3KGAMpz8NQxPy6i2s5RkY5V8eiqUOHsnZN6zHPgkZ90a+dokllLbH+HSYGU26sevJL4TupDCkz2/sRasmBB8fBAF5PGOI+UC7vXncbvpsMLsILFoUYtyWrDZ9cygOElEmWpVJSeECAA09iOhyaXN5rN/tyqkt3+ao=</Foo> + </Group> + <Group name="test2"> + <Bar name="3" encrypted="basic">Some text<Foo name="4" encrypted="basic">U2FsdGVkX1+cSl37JVEVIEV+bqVBlMGQnZdZWsjHPME=</Foo></Bar> + </Group> +</Properties> diff --git a/testsuite/Testsrc/Testsbin/bcfg2-crypt/plaintext.xml b/testsuite/Testsrc/Testsbin/bcfg2-crypt/plaintext.xml new file mode 100644 index 000000000..45d9941c8 --- /dev/null +++ b/testsuite/Testsrc/Testsbin/bcfg2-crypt/plaintext.xml @@ -0,0 +1,18 @@ +<Properties> + <Foo name="1" encrypted="basic">Some text</Foo> + <Bar name="1" encrypted="complex">Some text</Bar> + <Foo name="2" encrypted="complex">Some text</Foo> + <Group name="test"> + <Bar name="2" encrypted="basic">Some text</Bar> + <Foo name="3" encrypted="basic">Praesent consectetur condimentum nisl ut cursus. Etiam aliquam nisi +dolor. Mauris aliquet condimentum neque, sodales laoreet lectus +venenatis ac. Morbi mattis justo odio, ac fringilla leo egestas +ut. Integer nec sapien pulvinar, ultrices nulla id, posuere +magna. Quisque in tincidunt sem, sed vehicula orci. Nulla blandit, +nisi vel cursus semper, nibh metus consequat purus, ac ullamcorper +dolor lorem vitae ligula. Maecenas non consectetur nibh.</Foo> + </Group> + <Group name="test2"> + <Bar name="3" encrypted="basic">Some text<Foo name="4" encrypted="basic">Nested text</Foo></Bar> + </Group> +</Properties> diff --git a/testsuite/Testsrc/Testsbin/bcfg2-crypt/plaintext2.xml b/testsuite/Testsrc/Testsbin/bcfg2-crypt/plaintext2.xml new file mode 100644 index 000000000..fa63330f0 --- /dev/null +++ b/testsuite/Testsrc/Testsbin/bcfg2-crypt/plaintext2.xml @@ -0,0 +1,18 @@ +<Properties> + <Foo name="1" encrypted="basic">Some text</Foo> + <Bar name="1" encrypted="basic">Some text</Bar> + <Foo name="2" encrypted="basic">Some text</Foo> + <Group name="test"> + <Bar name="2" encrypted="basic">Some text</Bar> + <Foo name="3" encrypted="basic">Praesent consectetur condimentum nisl ut cursus. Etiam aliquam nisi +dolor. Mauris aliquet condimentum neque, sodales laoreet lectus +venenatis ac. Morbi mattis justo odio, ac fringilla leo egestas +ut. Integer nec sapien pulvinar, ultrices nulla id, posuere +magna. Quisque in tincidunt sem, sed vehicula orci. Nulla blandit, +nisi vel cursus semper, nibh metus consequat purus, ac ullamcorper +dolor lorem vitae ligula. Maecenas non consectetur nibh.</Foo> + </Group> + <Group name="test2"> + <Bar name="3" encrypted="basic">Some text<Foo name="4" encrypted="basic">Nested text</Foo></Bar> + </Group> +</Properties> diff --git a/testsuite/Testsrc/Testsbin/test_bcfg2_crypt.py b/testsuite/Testsrc/Testsbin/test_bcfg2_crypt.py new file mode 100644 index 000000000..3eee4415f --- /dev/null +++ b/testsuite/Testsrc/Testsbin/test_bcfg2_crypt.py @@ -0,0 +1,390 @@ +# -*- coding: utf-8 -*- +import os +import sys +import shutil +import difflib +import tempfile +import lxml.etree +import Bcfg2.Options +from Bcfg2.Compat import StringIO, b64decode, u_str +from mock import Mock, MagicMock, patch + +# add all parent testsuite directories to sys.path to allow (most) +# relative imports in python 2.4 +path = os.path.dirname(__file__) +while path != "/": + if os.path.basename(path).lower().startswith("test"): + sys.path.append(path) + if os.path.basename(path) == "testsuite": + break + path = os.path.dirname(path) +from common import * + +try: + from Bcfg2.Server.Encryption import CLI + HAS_CRYPTO = True +except ImportError: + HAS_CRYPTO = False + + +class TestEncryption(Bcfg2TestCase): + cfg_plaintext = None + known_files = None + basedir = None + + @classmethod + def setUpClass(cls): + basedir = os.path.join(os.path.dirname(__file__), "bcfg2-crypt") + cls.basedir = tempfile.mkdtemp() + for fname in os.listdir(basedir): + shutil.copy(os.path.join(basedir, fname), cls.basedir) + cls.known_files = os.listdir(cls.basedir) + cls.cfg_plaintext = open(os.path.join(cls.basedir, "plaintext")).read() + + @classmethod + def tearDownClass(cls): + shutil.rmtree(cls.basedir) + + @skipUnless(HAS_CRYPTO, "Encryption libraries not found") + def setUp(self): + set_setup_default("lax_decryption", False) + + def set_options(self): + Bcfg2.Options.setup.algorithm = "aes_256_cbc" + Bcfg2.Options.setup.passphrases = dict( + basic="basic", + complex="1234567890əùíÿł¢€ñû⸘" * 10) + + def tearDown(self): + # clean up stray files created by tests + for fname in os.listdir(self.basedir): + if fname not in self.known_files: + os.unlink(os.path.join(self.basedir, fname)) + + def assertExists(self, fname): + fpath = os.path.join(self.basedir, fname) + self.assertTrue(os.path.exists(fpath), + "%s does not exist" % fpath) + + def assertNotExists(self, fname): + fpath = os.path.join(self.basedir, fname) + self.assertFalse(os.path.exists(fpath), + "%s exists, but shouldn't" % fpath) + + def assertFilesEqual(self, fname1, fname2): + self.assertExists(fname1) + self.assertExists(fname2) + contents1 = open(os.path.join(self.basedir, fname1)).read().strip() + contents2 = open(os.path.join(self.basedir, fname2)).read().strip() + diff = "\n".join( + difflib.unified_diff(contents1.splitlines(), + contents2.splitlines(), + fname1, fname2)).replace("\n\n", "\n") + self.assertEqual(contents1, contents2, + "Contents of %s and %s do not match:\n%s" % + (fname1, fname2, diff)) + + def assertFilesNotEqual(self, fname1, fname2): + self.assertExists(fname1) + self.assertExists(fname2) + self.assertNotEqual( + open(os.path.join(self.basedir, fname1)).read(), + open(os.path.join(self.basedir, fname2)).read(), + "Contents of %s and %s are unexpectedly identical") + + def _is_encrypted(self, data): + """ Pretty crappy check for whether or not data is encrypted: + just see if it's a valid base64-encoded string whose contents + start with "Salted__". But without decrypting, which rather + begs the question in a set of crypto unit tests, I'm not sure + how to do a better test.""" + try: + return b64decode(data).startswith("Salted__") + except UnicodeDecodeError: + # decoded base64, resulting value contained non-ASCII text + return True + except TypeError: + # couldn't decode base64 + return False + + def assertIsEncrypted(self, data): + if not self._is_encrypted(data): + self.fail("Data is not encrypted: %s" % data) + + def assertNotEncrypted(self, data): + if self._is_encrypted(data): + self.fail("Data is unexpectedly encrypted: %s" % data) + + def _decrypt(self, cli, outfile, expected=None): + self.set_options() + cli.run() + if expected is None: + self.assertExists(outfile) + actual = open(os.path.join(self.basedir, outfile)).read() + self.assertEqual(self.cfg_plaintext, actual) + self.assertNotEncrypted(actual) + else: + self.assertFilesEqual(outfile, expected) + + def _encrypt(self, cli, outfile, original=None): + self.set_options() + cli.run() + if original is None: + self.assertExists(outfile) + actual = open(os.path.join(self.basedir, outfile)).read() + self.assertNotEqual(self.cfg_plaintext, actual) + self.assertIsEncrypted(actual) + else: + self.assertFilesNotEqual(outfile, original) + + def _cfg_decrypt(self, opts, encrypted): + if encrypted.endswith(".crypt"): + decrypted = encrypted[:-6] + else: + self.fail("Could not determine decrypted filename for %s" % + encrypted) + cli = CLI(opts + [os.path.join(self.basedir, encrypted)]) + self._decrypt(cli, decrypted) + + def _cfg_encrypt(self, opts, plaintext): + cli = CLI(opts + [os.path.join(self.basedir, plaintext)]) + self._encrypt(cli, plaintext + ".crypt") + + def _props_decrypt(self, opts, encrypted, expected): + test = os.path.join(self.basedir, "test.xml") + shutil.copy(os.path.join(self.basedir, encrypted), test) + cli = CLI(opts + [test]) + self._decrypt(cli, "test.xml", expected) + try: + xdata = lxml.etree.parse(test) + except: + self.fail("Could not parse decrypted Properties file: %s" % + sys.exc_info()[1]) + for el in xdata.iter(): + if el.tag is not lxml.etree.Comment and el.text.strip(): + self.assertNotEncrypted(el.text) + + def _props_encrypt(self, opts, plaintext, check_all=True): + test = os.path.join(self.basedir, "test.xml") + shutil.copy(os.path.join(self.basedir, plaintext), test) + cli = CLI(opts + [test]) + self._encrypt(cli, "test.xml", plaintext) + try: + xdata = lxml.etree.parse(test) + except: + self.fail("Could not parse encrypted Properties file: %s" % + sys.exc_info()[1]) + if check_all: + for el in xdata.iter(): + if el.tag is not lxml.etree.Comment and el.text.strip(): + self.assertIsEncrypted(el.text) + + def test_decrypt_cfg(self): + """ Decrypt a Cfg file """ + self._cfg_decrypt(["--decrypt", "--cfg", "-p", "basic"], + "basic.crypt") + + def test_decrypt_cfg_complex(self): + """ Decrypt a Cfg file with a passphrase with special characters """ + self._cfg_decrypt(["--decrypt", "--cfg", "-p", "complex"], + "complex.crypt") + + def test_decrypt_cfg_algorithm(self): + """ Decrypt a Cfg file with a non-default algorithm """ + # this can't be done with self._cfg_decrypt or even + # self._decrypt because we have to set the algorithm after + # other options are set, but before the decrypt is performed + cli = CLI(["--decrypt", "--cfg", "-p", "basic", + os.path.join(self.basedir, "basic-des-cbc.crypt")]) + self.set_options() + Bcfg2.Options.setup.algorithm = "des_cbc" + cli.run() + self.assertExists("basic-des-cbc") + actual = open(os.path.join(self.basedir, "basic-des-cbc")).read() + self.assertEqual(self.cfg_plaintext, actual) + self.assertNotEncrypted(actual) + + def test_cfg_auto_passphrase(self): + """ Discover the passphrase to decrypt a Cfg file""" + self._cfg_decrypt(["--decrypt", "--cfg"], "complex.crypt") + + def test_cfg_auto_mode(self): + """ Discover whether to encrypt or decrypt a Cfg file """ + self._cfg_decrypt(["--cfg", "-p", "basic"], "basic.crypt") + self._cfg_encrypt(["--cfg", "-p", "basic"], "plaintext") + + def test_cfg_auto_type(self): + """ Discover a file is a Cfg file """ + self._cfg_decrypt(["--decrypt", "-p", "basic"], "basic.crypt") + self._cfg_encrypt(["--encrypt", "-p", "basic"], "plaintext") + + def test_cfg_multiple(self): + """ Decrypt multiple Cfg files """ + cli = CLI(["--decrypt", "--cfg", "-p", "basic", + os.path.join(self.basedir, "basic.crypt"), + os.path.join(self.basedir, "basic2.crypt")]) + self.set_options() + cli.run() + self.assertExists("basic") + self.assertExists("basic2") + actual1 = open(os.path.join(self.basedir, "basic")).read() + actual2 = open(os.path.join(self.basedir, "basic2")).read() + self.assertEqual(self.cfg_plaintext, actual1) + self.assertEqual(self.cfg_plaintext, actual2) + self.assertNotEncrypted(actual1) + self.assertNotEncrypted(actual2) + + def test_cfg_auto_all(self): + """ Discover all options to encrypt/decrypt Cfg files """ + self._cfg_decrypt([], "complex.crypt") + self._cfg_encrypt(["-p", "basic"], "plaintext") + + def test_cfg_stdout(self): + """ Decrypt a Cfg file to stdout """ + cli = CLI(["--decrypt", "--cfg", "-p", "basic", "--stdout", + os.path.join(self.basedir, "basic.crypt")]) + self.set_options() + old_stdout = sys.stdout + sys.stdout = StringIO() + cli.run() + output = sys.stdout.getvalue() + sys.stdout = old_stdout + + self.assertNotExists("basic") + self.assertEqual(self.cfg_plaintext.strip(), output.strip()) + self.assertNotEncrypted(output) + + def test_encrypt_cfg(self): + """ Encrypt a Cfg file """ + self._cfg_encrypt(["--encrypt", "--cfg", "-p", "basic"], "plaintext") + os.rename(os.path.join(self.basedir, "plaintext.crypt"), + os.path.join(self.basedir, "test.crypt")) + self._cfg_decrypt(["--decrypt", "--cfg", "-p", "basic"], + "test.crypt") + + def test_encrypt_props_as_cfg(self): + """ Encrypt an XML file as a Cfg file """ + cli = CLI(["--encrypt", "--cfg", "-p", "basic", + os.path.join(self.basedir, "plaintext.xml")]) + self._encrypt(cli, "plaintext.xml.crypt", "plaintext.xml") + + os.rename(os.path.join(self.basedir, "plaintext.xml.crypt"), + os.path.join(self.basedir, "test.xml.crypt")) + cli = CLI(["--decrypt", "--cfg", "-p", "basic", + os.path.join(self.basedir, "test.xml.crypt")]) + self._decrypt(cli, "test.xml", "plaintext.xml") + + def test_cfg_remove(self): + """ Encrypt and remove a Cfg file """ + test = os.path.join(self.basedir, "test") + shutil.copy(os.path.join(self.basedir, "plaintext"), test) + self._cfg_encrypt(["--encrypt", "--remove", "--cfg", "-p", "basic"], + test) + self.assertNotExists("test") + + def test_decrypt_props(self): + """ Decrypt a Properties file """ + self._props_decrypt(["--decrypt", "--properties", "-p", "basic"], + "all-basic.xml", "plaintext2.xml") + + def test_props_decrypt_multiple_passphrases(self): + """ Decrypt a Properties file with multiple passphrases""" + self._props_decrypt(["--decrypt", "--properties"], + "plaintext-all.xml", "plaintext.xml") + + def test_props_decrypt_mixed(self): + """ Decrypt a Properties file with mixed encrypted content""" + self._props_decrypt(["--decrypt", "--properties"], + "plaintext-xpath.xml", "plaintext.xml") + + def test_props_decrypt_bogus(self): + """ Decrypt a malformed Properties file """ + self._props_decrypt(["--decrypt", "--properties"], + "bogus-forced.xml", "bogus.xml") + + def test_props_decrypt_auto_type(self): + """ Discover an encrypted file is a Properties file """ + self._props_decrypt(["--decrypt"], + "all-basic.xml", "plaintext2.xml") + + def test_props_decrypt_auto_mode(self): + """ Discover whether to encrypt or decrypt an encrypted Properties file """ + self._props_decrypt(["--properties"], + "all-basic.xml", "plaintext2.xml") + + def test_props_decrypt_auto_all(self): + """ Discover all options to decrypt a Properties file """ + self._props_decrypt([], "all-basic.xml", "plaintext2.xml") + + def test_props_encrypt_cli_passphrase(self): + """ Encrypt a Properties file with passphrase on the CLI""" + self._props_encrypt(["--encrypt", "--properties", "-p", "basic"], + "plaintext2.xml") + os.rename(os.path.join(self.basedir, "test.xml"), + os.path.join(self.basedir, "encrypted.xml")) + self._props_decrypt(["--decrypt", "--properties", "-p", "basic"], + "encrypted.xml", "plaintext2.xml") + + def test_props_encrypt_file_passphrase(self): + """ Encrypt a Properties file with passphrase in the file """ + self._props_encrypt(["--encrypt", "--properties"], "plaintext2.xml") + os.rename(os.path.join(self.basedir, "test.xml"), + os.path.join(self.basedir, "encrypted.xml")) + self._props_decrypt(["--decrypt", "--properties"], + "encrypted.xml", "plaintext2.xml") + + def test_props_encrypt_multiple_passphrases(self): + """ Encrypt a Properties file with multiple passphrases """ + self._props_encrypt(["--encrypt", "--properties"], "plaintext.xml") + os.rename(os.path.join(self.basedir, "test.xml"), + os.path.join(self.basedir, "encrypted.xml")) + self._props_decrypt(["--decrypt", "--properties"], + "encrypted.xml", "plaintext.xml") + + def test_props_encrypt_xpath(self): + """ Encrypt a Properties file with --xpath """ + test = os.path.join(self.basedir, "test.xml") + self._props_encrypt(["--encrypt", "--properties", "--xpath", "//Foo"], + "plaintext.xml", check_all=False) + xdata = lxml.etree.parse(test) + for el in xdata.iter(): + if el.tag is not lxml.etree.Comment and el.text.strip(): + if el.tag == "Foo": + self.assertIsEncrypted(el.text) + else: + self.assertNotEncrypted(el.text) + + os.rename(test, os.path.join(self.basedir, "encrypted.xml")) + self._props_decrypt(["--decrypt", "--properties"], + "encrypted.xml", "plaintext.xml") + + def test_props_encrypt_bogus(self): + """ Decrypt a malformed Properties file """ + self._props_encrypt(["--encrypt", "--properties"], "bogus.xml") + os.rename(os.path.join(self.basedir, "test.xml"), + os.path.join(self.basedir, "encrypted.xml")) + self._props_decrypt(["--decrypt", "--properties"], + "encrypted.xml", "bogus.xml") + + def test_props_encrypt_auto_type(self): + """ Discover if a file is a Properties file """ + self._props_encrypt(["--encrypt"], "plaintext2.xml") + os.rename(os.path.join(self.basedir, "test.xml"), + os.path.join(self.basedir, "encrypted.xml")) + self._props_decrypt(["--decrypt"], + "encrypted.xml", "plaintext2.xml") + + def test_props_encrypt_auto_mode(self): + """ Discover whether to encrypt or decrypt a Properties file """ + self._props_encrypt(["--properties"], "plaintext2.xml") + os.rename(os.path.join(self.basedir, "test.xml"), + os.path.join(self.basedir, "encrypted.xml")) + self._props_decrypt(["--properties"], + "encrypted.xml", "plaintext2.xml") + + def test_props_encrypt_auto_all(self): + """ Discover all options to encrypt a Properties file """ + self._props_encrypt([], "plaintext.xml") + os.rename(os.path.join(self.basedir, "test.xml"), + os.path.join(self.basedir, "encrypted.xml")) + self._props_decrypt([], "encrypted.xml", "plaintext.xml") |