Introduce a secure storage.

author: Cyrille Bagard <nocbos@gmail.com> 2025-02-08 15:57:23 (GMT)
committer: Cyrille Bagard <nocbos@gmail.com> 2025-02-08 15:57:23 (GMT)
commit: 71d0b80eca2fd2aed5883e2a6a57cb8c03aa27ff (patch)
tree: 74c9654c9c6d02059ba9aff4536ce0ea25e7763c /tests
parent: c928f8abb669d37e77bd9056240074941a945bb9 (diff)
2 files changed, 165 insertions, 0 deletions
diff --git a/tests/core/re.chrysalide.tests.secstorage.gschema.xml b/tests/core/re.chrysalide.tests.secstorage.gschema.xml
new file mode 100644
index 0000000..6afa96b
--- /dev/null
+++ b/tests/core/re.chrysalide.tests.secstorage.gschema.xml
@@ -0,0 +1,15 @@
+<schemalist>
+
+    <schema id="re.chrysalide.tests.secstorage" path="/re/chrysalide/tests/secstorage/">
+
+        <key name="salt" type="ay">
+            <default>[]</default>
+	    </key>
+
+        <key name="master" type="ay">
+            <default>[]</default>
+	    </key>
+
+    </schema>
+
+</schemalist>
diff --git a/tests/core/secstorage.py b/tests/core/secstorage.py
new file mode 100644
index 0000000..1f82388
--- /dev/null
+++ b/tests/core/secstorage.py
@@ -0,0 +1,150 @@
+
+import gi
+import os
+import subprocess
+
+from chrysacase import ChrysalideTestCase
+from pychrysalide import core
+from gi.repository import Gio, GLib
+
+
+class TestSecretStorage(ChrysalideTestCase):
+    """TestCase for secret storage features."""
+
+    @classmethod
+    def setUpClass(cls):
+
+        super(TestSecretStorage, cls).setUpClass()
+
+        cls.log('Creating GSettings schema...')
+
+        path = os.path.dirname(os.path.realpath(__file__))
+
+        subprocess.run([ 'glib-compile-schemas', path ])
+
+        os.environ['GSETTINGS_SCHEMA_DIR'] = path + ':' + os.environ['GSETTINGS_SCHEMA_DIR']
+
+
+    @classmethod
+    def tearDownClass(cls):
+
+        super(TestSecretStorage, cls).tearDownClass()
+
+        cls.log('Removing compiled GSettings schema...')
+
+        os.environ['GSETTINGS_SCHEMA_DIR'] = ':'.join(os.environ['GSETTINGS_SCHEMA_DIR'].split(':')[1:])
+
+        path = os.path.dirname(os.path.realpath(__file__))
+
+        filename = os.path.join(path, 'gschemas.compiled')
+
+        if os.path.exists(filename):
+            os.remove(filename)
+
+
+    def testMasterKeyDefinition(self):
+        """Check for cryptographic parameters for secret storage."""
+
+        settings = Gio.Settings.new('re.chrysalide.tests.secstorage')
+
+        settings.reset('master')
+
+        self.assertEqual(len(settings.get_value('master').unpack()), 0)
+
+        self.assertFalse(core.has_secret_storage_key(settings))
+
+        settings.set_value('master', GLib.Variant('ay', b'ABC'))
+
+        self.assertFalse(core.has_secret_storage_key(settings))
+
+        settings.set_value('master', GLib.Variant('ay', b'A' * 23))
+
+        self.assertTrue(core.has_secret_storage_key(settings))
+
+
+    def testMasterKeyCreation(self):
+        """Create and update cryptographic parameters for secret storage."""
+
+        settings = Gio.Settings.new('re.chrysalide.tests.secstorage')
+
+        settings.reset('salt')
+        settings.reset('master')
+
+        status = core.has_secret_storage_key(settings)
+
+        self.assertFalse(status);
+
+        status = core.set_secret_storage_password(settings, '')
+
+        self.assertTrue(status);
+
+        status = core.has_secret_storage_key(settings)
+
+        self.assertTrue(status);
+
+        status = core.is_secret_storage_locked(settings)
+
+        self.assertTrue(status)
+
+        status = core.unlock_secret_storage(settings, '')
+
+        self.assertTrue(status)
+
+        status = core.is_secret_storage_locked(settings)
+
+        self.assertFalse(status)
+
+        core.lock_secret_storage(settings)
+
+        status = core.is_secret_storage_locked(settings)
+
+        self.assertTrue(status)
+
+        status = core.unlock_secret_storage(settings, 'XXX')
+
+        self.assertFalse(status)
+
+        status = core.is_secret_storage_locked(settings)
+
+        self.assertTrue(status)
+
+
+    def testDataEncryption(self):
+        """Create and update cryptographic parameters for secret storage."""
+
+        settings = Gio.Settings.new('re.chrysalide.tests.secstorage')
+
+        settings.reset('salt')
+        settings.reset('master')
+
+        status = core.set_secret_storage_password(settings, '<s3cUre>')
+
+        self.assertTrue(status);
+
+        status = core.unlock_secret_storage(settings, '<s3cUre>')
+
+        self.assertTrue(status)
+
+
+        original = b'ABC'
+
+        encrypted = core.encrypt_secret_storage_data(original, settings)
+
+        self.assertIsNotNone(encrypted)
+
+        plain = core.decrypt_secret_storage_data(encrypted, settings)
+
+        self.assertIsNotNone(plain)
+        self.assertEqual(original, plain)
+
+
+        original = b'A' * 136
+
+        encrypted = core.encrypt_secret_storage_data(original, settings)
+
+        self.assertIsNotNone(encrypted)
+
+        plain = core.decrypt_secret_storage_data(encrypted, settings)
+
+        self.assertIsNotNone(plain)
+        self.assertEqual(original, plain)
author	Cyrille Bagard <nocbos@gmail.com>	2025-02-08 15:57:23 (GMT)
committer	Cyrille Bagard <nocbos@gmail.com>	2025-02-08 15:57:23 (GMT)
commit	71d0b80eca2fd2aed5883e2a6a57cb8c03aa27ff (patch)
tree	74c9654c9c6d02059ba9aff4536ce0ea25e7763c /tests
parent	c928f8abb669d37e77bd9056240074941a945bb9 (diff)