Mercurial > libervia-backend
annotate src/test/test_memory_crypto.py @ 1030:15f43b54d697
core, memory, bridge: added profile password + password encryption:
/!\ This changeset updates the database version to 2 and modify the database content!
Description:
- new parameter General / Password to store the profile password
- profile password is initialized with XMPP password value, it is stored hashed
- bridge methods asyncCreateProfile/asyncConnect takes a new argument "password" (default = "")
- bridge method asyncConnect returns a boolean (True = connection already established, False = connection initiated)
- profile password is checked before initializing the XMPP connection
- new private individual parameter to store the personal encryption key of each profile
- personal key is randomly generated and encrypted with the profile password
- personal key is decrypted after profile authentification and stored in a Sessions instance
- personal key is used to encrypt/decrypt other passwords when they need to be retrieved/modified
- modifying the profile password re-encrypt the personal key
- Memory.setParam now returns a Deferred (the bridge method "setParam" is unchanged)
- Memory.asyncGetParamA eventually decrypts the password, Memory.getParamA would fail on a password parameter
TODO:
- if profile authentication is OK but XMPP authentication is KO, prompt the user for another XMPP password
- fix the method "registerNewAccount" (and move it to a plugin)
- remove bridge method "connect", sole "asyncConnect" should be used
| author | souliane <souliane@mailoo.org> |
|---|---|
| date | Wed, 07 May 2014 16:02:23 +0200 |
| parents | 127c96020022 |
| children | cbf917a90784 |
| rev | line source |
|---|---|
|
1028
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
1 #!/usr/bin/python |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
2 # -*- coding: utf-8 -*- |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
3 |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
4 # SAT: a jabber client |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
5 # Copyright (C) 2009, 2010, 2011, 2012, 2013, 2014 Jérôme Poisson (goffi@goffi.org) |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
6 # Copyright (C) 2013, 2014 Adrien Cossa (souliane@mailoo.org) |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
7 |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
8 # This program is free software: you can redistribute it and/or modify |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
9 # it under the terms of the GNU Affero General Public License as published by |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
10 # the Free Software Foundation, either version 3 of the License, or |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
11 # (at your option) any later version. |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
12 |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
13 # This program is distributed in the hope that it will be useful, |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
14 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
15 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
16 # GNU Affero General Public License for more details. |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
17 |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
18 # You should have received a copy of the GNU Affero General Public License |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
19 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
20 |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
21 |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
22 """ Tests for the plugin radiocol """ |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
23 |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
24 from sat.test import helpers |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
25 from sat.memory.crypto import BlockCipher, PasswordHasher |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
26 from os import urandom |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
27 from twisted.internet import defer |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
28 |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
29 |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
30 class CryptoTest(helpers.SatTestCase): |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
31 |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
32 def setUp(self): |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
33 self.host = helpers.FakeSAT() |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
34 |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
35 def test_encrypt_decrypt(self): |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
36 d_list = [] |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
37 for key_len in (0, 2, 8, 10, 16, 24, 30, 32, 40): |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
38 key = urandom(key_len) |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
39 for message_len in (0, 2, 16, 24, 32, 100): |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
40 message = urandom(message_len) |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
41 d = BlockCipher.encrypt(key, message) |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
42 d.addCallback(lambda ciphertext: lambda key, cipher: BlockCipher.decrypt(key, ciphertext)) |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
43 d.addCallback(lambda decrypted: lambda message, decrypted: self.assertEqual(message, decrypted)) |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
44 d_list.append(d) |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
45 return defer.DeferredList(d_list) |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
46 |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
47 def test_hash_verify(self): |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
48 d_list = [] |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
49 for password in (0, 2, 8, 10, 16, 24, 30, 32, 40): |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
50 d = PasswordHasher.hash(password) |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
51 |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
52 def cb(hashed): |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
53 d1 = PasswordHasher.verify(password, hashed) |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
54 d1.addCallback(lambda result: self.assertTrue(result)) |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
55 d_list.append(d1) |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
56 attempt = urandom(10) |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
57 d2 = PasswordHasher.verify(attempt, hashed) |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
58 d2.addCallback(lambda result: self.assertFalse(result)) |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
59 d_list.append(d2) |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
60 |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
61 d.addCallback(cb) |
|
127c96020022
memory, test: added module crypto to hash passwords and encrypt/decrypt passwords or blocks
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
62 return defer.DeferredList(d_list) |