Add mock requirement and add prompt tests

Add Python mock package as dev and and ci requirement for versions <3.3 (above it's in the standard library) and add interface.import_rsa_privatekey_from_file tests that mock passwords entered on the prompt.
secure-systems-lab · Mar 8, 2018 · 9596b5f · 9596b5f
1 parent b063ace
commit 9596b5f
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 1 deletion.
diff --git a/ci-requirements.txt b/ci-requirements.txt
@@ -5,3 +5,4 @@ coverage
 coveralls
 six
 colorama
+mock; python_version < '3.3'
diff --git a/dev-requirements.txt b/dev-requirements.txt
@@ -7,3 +7,4 @@ tox==2.9.1
 coveralls==1.2.0
 coverage==4.5.1
 colorama==0.3.9
+mock==2.0.0; python_version < '3.3'
diff --git a/securesystemslib/interface.py b/securesystemslib/interface.py
@@ -314,7 +314,7 @@ def import_rsa_privatekey_from_file(filepath, password=None,
     if not len(password):
       raise ValueError('Password must be 1 or more charcters')
 
-  elif prompt: # pragma: no cover
+  elif prompt:
     # Password confirmation disabled here, which should ideally happen only
     # when creating encrypted key files (i.e., improve usability).
     # It is safe to specify the full path of 'filepath' in the prompt and not

diff --git a/tests/test_interface.py b/tests/test_interface.py
@@ -42,6 +42,13 @@
 else:
   import unittest2 as unittest
 
+# Use external backport 'mock' on versions under 3.3
+if sys.version_info >= (3, 3):
+  import unittest.mock as mock
+
+else:
+  import mock
+
 import securesystemslib.formats
 import securesystemslib.formats
 import securesystemslib.hash
@@ -120,6 +127,14 @@ def test_generate_and_write_rsa_keypair(self):
     interface.import_rsa_privatekey_from_file(test_keypath_unencrypted)
     self.assertTrue(securesystemslib.formats.RSAKEY_SCHEMA.matches(imported_privkey))
 
+    # Try to import the unencrypted key file, by entering an empty password
+    with mock.patch('securesystemslib.interface.get_password',
+        return_value=''):
+      interface.import_rsa_privatekey_from_file(test_keypath_unencrypted,
+          prompt=True)
+      self.assertTrue(
+          securesystemslib.formats.RSAKEY_SCHEMA.matches(imported_privkey))
+
     # Fail importing unencrypted key passing a password
     with self.assertRaises(securesystemslib.exceptions.CryptoError):
       interface.import_rsa_privatekey_from_file(test_keypath_unencrypted, 'pw')
@@ -182,6 +197,13 @@ def test_import_rsa_privatekey_from_file(self):
         key_filepath, 'password')
     self.assertTrue(securesystemslib.formats.RSAKEY_SCHEMA.matches(imported_rsa_key))
 
+    # Test load encrypted key prompt for password
+    with mock.patch('securesystemslib.interface.get_password',
+        return_value='password'):
+      imported_rsa_key = interface.import_rsa_privatekey_from_file(
+          key_filepath, prompt=True)
+      self.assertTrue(securesystemslib.formats.RSAKEY_SCHEMA.matches(
+          imported_rsa_key))
 
     # Test improperly formatted 'filepath' argument.
     self.assertRaises(securesystemslib.exceptions.FormatError,