netbox-community-netbox/netbox/secrets/tests/test_models.py

from Crypto.PublicKey import RSA

from django.conf import settings
from django.contrib.auth.models import User
from django.core.exceptions import ValidationError
from django.test import TestCase

from secrets.models import UserKey, Secret, generate_master_key, encrypt_master_key, decrypt_master_key
from secrets.hashers import SecretValidationHasher


class UserKeyTestCase(TestCase):

    def setUp(self):
        self.TEST_KEYS = {}
        key_size = getattr(settings, 'SECRETS_MIN_PUBKEY_SIZE', 2048)
        for username in ['alice', 'bob']:
            User.objects.create_user(username=username, password=username)
            key = RSA.generate(key_size)
            self.TEST_KEYS['{}_public'.format(username)] = key.publickey().exportKey('PEM')
            self.TEST_KEYS['{}_private'.format(username)] = key.exportKey('PEM')

    def test_01_fill(self):
        """
        Validate the filling of a UserKey with public key material.
        """
        alice_uk = UserKey(user=User.objects.get(username='alice'))
        self.assertFalse(alice_uk.is_filled(), "UserKey with empty public_key is_filled() did not return False")
        alice_uk.public_key = self.TEST_KEYS['alice_public']
        self.assertTrue(alice_uk.is_filled(), "UserKey with public key is_filled() did not return True")

    def test_02_activate(self):
        """
        Validate the activation of a UserKey.
        """
        master_key = generate_master_key()
        alice_uk = UserKey(user=User.objects.get(username='alice'), public_key=self.TEST_KEYS['alice_public'])
        self.assertFalse(alice_uk.is_active(), "Inactive UserKey is_active() did not return False")
        alice_uk.activate(master_key)
        self.assertTrue(alice_uk.is_active(), "ActiveUserKey is_active() did not return True")

    def test_03_key_sizes(self):
        """
        Ensure that RSA keys which are too small or too large are rejected.
        """
        rsa = RSA.generate(getattr(settings, 'SECRETS_MIN_PUBKEY_SIZE', 2048) - 256)
        small_key = rsa.publickey().exportKey('PEM')
        try:
            UserKey(public_key=small_key).clean()
            self.fail("UserKey.clean() did not fail with an undersized RSA key")
        except ValidationError:
            pass
        rsa = RSA.generate(4096 + 256)  # Max size is 4096 (enforced by master_key_cipher field size)
        big_key = rsa.publickey().exportKey('PEM')
        try:
            UserKey(public_key=big_key).clean()
            self.fail("UserKey.clean() did not fail with an oversized RSA key")
        except ValidationError:
            pass

    def test_04_master_key_retrieval(self):
        """
        Test the decryption of a master key using the user's private key.
        """
        master_key = generate_master_key()
        alice_uk = UserKey(user=User.objects.get(username='alice'), public_key=self.TEST_KEYS['alice_public'])
        alice_uk.activate(master_key)
        retrieved_master_key = alice_uk.get_master_key(self.TEST_KEYS['alice_private'])
        self.assertEqual(master_key, retrieved_master_key, "Master key retrieval failed with correct private key")

    def test_05_invalid_private_key(self):
        """
        Ensure that an exception is raised when attempting to retrieve a secret key using an invalid private key.
        """
        secret_key = generate_master_key()
        secret_key_cipher = encrypt_master_key(secret_key, self.TEST_KEYS['alice_public'])
        try:
            decrypted_secret_key = decrypt_master_key(secret_key_cipher, self.TEST_KEYS['bob_private'])
            self.fail("Decrypting secret key from Alice's UserKey using Bob's private key did not fail")
        except ValueError:
            pass


class SecretTestCase(TestCase):

    def test_01_encrypt_decrypt(self):
        """
        Test basic encryption and decryption functionality using a random master key.
        """
        plaintext = "FooBar123"
        secret_key = generate_master_key()
        s = Secret(plaintext=plaintext)
        s.encrypt(secret_key)

        # Ensure plaintext is deleted upon encryption
        self.assertIsNone(s.plaintext, "Plaintext must be None after encrypting.")

        # Enforce minimum ciphertext length
        self.assertGreaterEqual(len(s.ciphertext), 80, "Ciphertext must be at least 80 bytes (16B IV + 64B+ ciphertext")

        # Ensure proper hashing algorithm is used
        hasher, iterations, salt, sha256 = s.hash.split('$')
        self.assertEqual(hasher, 'pbkdf2_sha256', "Hashing algorithm has been modified to: {}".format(hasher))
        self.assertGreaterEqual(int(iterations), SecretValidationHasher.iterations, "Insufficient iteration count ({}) for hash".format(iterations))
        self.assertGreaterEqual(len(salt), 12, "Hash salt is too short ({} chars)".format(len(salt)))

        # Test hash validation
        self.assertTrue(s.validate(plaintext), "Plaintext does not validate against the generated hash")
        self.assertFalse(s.validate(""), "Empty plaintext validated against hash")
        self.assertFalse(s.validate("Invalid plaintext"), "Invalid plaintext validated against hash")

        # Test decryption
        s.decrypt(secret_key)
        self.assertEqual(plaintext, s.plaintext, "Decrypting Secret returned incorrect plaintext")

    def test_02_ciphertext_uniqueness(self):
        """
        Generate 50 Secrets using the same plaintext and check for duplicate IVs or payloads.
        """
        plaintext = "1234567890abcdef"
        secret_key = generate_master_key()
        ivs = []
        ciphertexts = []
        for i in range(1, 51):
            s = Secret(plaintext=plaintext)
            s.encrypt(secret_key)
            ivs.append(s.ciphertext[0:16])
            ciphertexts.append(s.ciphertext[16:32])
        duplicate_ivs = [i for i, x in enumerate(ivs) if ivs.count(x) > 1]
        self.assertEqual(duplicate_ivs, [], "One or more duplicate IVs found!")
        duplicate_ciphertexts = [i for i, x in enumerate(ciphertexts) if ciphertexts.count(x) > 1]
        self.assertEqual(duplicate_ciphertexts, [], "One or more duplicate ciphertexts (first blocks) found!")
Initial push to public repo 2016-03-01 11:23:03 -05:00			`from Crypto.PublicKey import RSA`

			`from django.conf import settings`
			`from django.contrib.auth.models import User`
			`from django.core.exceptions import ValidationError`
			`from django.test import TestCase`

			`from secrets.models import UserKey, Secret, generate_master_key, encrypt_master_key, decrypt_master_key`
secrets: imported SecretValidationHasher.iterations for SecretTestCase 2016-06-23 00:01:22 -05:00			`from secrets.hashers import SecretValidationHasher`
Initial push to public repo 2016-03-01 11:23:03 -05:00

			`class UserKeyTestCase(TestCase):`

			`def setUp(self):`
			`self.TEST_KEYS = {}`
			`key_size = getattr(settings, 'SECRETS_MIN_PUBKEY_SIZE', 2048)`
			`for username in ['alice', 'bob']:`
			`User.objects.create_user(username=username, password=username)`
			`key = RSA.generate(key_size)`
			`self.TEST_KEYS['{}_public'.format(username)] = key.publickey().exportKey('PEM')`
			`self.TEST_KEYS['{}_private'.format(username)] = key.exportKey('PEM')`

			`def test_01_fill(self):`
			`"""`
			`Validate the filling of a UserKey with public key material.`
			`"""`
			`alice_uk = UserKey(user=User.objects.get(username='alice'))`
			`self.assertFalse(alice_uk.is_filled(), "UserKey with empty public_key is_filled() did not return False")`
			`alice_uk.public_key = self.TEST_KEYS['alice_public']`
			`self.assertTrue(alice_uk.is_filled(), "UserKey with public key is_filled() did not return True")`

			`def test_02_activate(self):`
			`"""`
			`Validate the activation of a UserKey.`
			`"""`
			`master_key = generate_master_key()`
			`alice_uk = UserKey(user=User.objects.get(username='alice'), public_key=self.TEST_KEYS['alice_public'])`
			`self.assertFalse(alice_uk.is_active(), "Inactive UserKey is_active() did not return False")`
			`alice_uk.activate(master_key)`
			`self.assertTrue(alice_uk.is_active(), "ActiveUserKey is_active() did not return True")`

			`def test_03_key_sizes(self):`
			`"""`
			`Ensure that RSA keys which are too small or too large are rejected.`
			`"""`
			`rsa = RSA.generate(getattr(settings, 'SECRETS_MIN_PUBKEY_SIZE', 2048) - 256)`
			`small_key = rsa.publickey().exportKey('PEM')`
			`try:`
			`UserKey(public_key=small_key).clean()`
			`self.fail("UserKey.clean() did not fail with an undersized RSA key")`
			`except ValidationError:`
			`pass`
			`rsa = RSA.generate(4096 + 256) # Max size is 4096 (enforced by master_key_cipher field size)`
			`big_key = rsa.publickey().exportKey('PEM')`
			`try:`
			`UserKey(public_key=big_key).clean()`
			`self.fail("UserKey.clean() did not fail with an oversized RSA key")`
			`except ValidationError:`
			`pass`

			`def test_04_master_key_retrieval(self):`
			`"""`
			`Test the decryption of a master key using the user's private key.`
			`"""`
			`master_key = generate_master_key()`
			`alice_uk = UserKey(user=User.objects.get(username='alice'), public_key=self.TEST_KEYS['alice_public'])`
			`alice_uk.activate(master_key)`
			`retrieved_master_key = alice_uk.get_master_key(self.TEST_KEYS['alice_private'])`
			`self.assertEqual(master_key, retrieved_master_key, "Master key retrieval failed with correct private key")`

			`def test_05_invalid_private_key(self):`
			`"""`
			`Ensure that an exception is raised when attempting to retrieve a secret key using an invalid private key.`
			`"""`
			`secret_key = generate_master_key()`
			`secret_key_cipher = encrypt_master_key(secret_key, self.TEST_KEYS['alice_public'])`
			`try:`
			`decrypted_secret_key = decrypt_master_key(secret_key_cipher, self.TEST_KEYS['bob_private'])`
			`self.fail("Decrypting secret key from Alice's UserKey using Bob's private key did not fail")`
			`except ValueError:`
			`pass`


			`class SecretTestCase(TestCase):`

			`def test_01_encrypt_decrypt(self):`
			`"""`
			`Test basic encryption and decryption functionality using a random master key.`
			`"""`
			`plaintext = "FooBar123"`
			`secret_key = generate_master_key()`
			`s = Secret(plaintext=plaintext)`
			`s.encrypt(secret_key)`

			`# Ensure plaintext is deleted upon encryption`
			`self.assertIsNone(s.plaintext, "Plaintext must be None after encrypting.")`

			`# Enforce minimum ciphertext length`
			`self.assertGreaterEqual(len(s.ciphertext), 80, "Ciphertext must be at least 80 bytes (16B IV + 64B+ ciphertext")`

			`# Ensure proper hashing algorithm is used`
			`hasher, iterations, salt, sha256 = s.hash.split('$')`
			`self.assertEqual(hasher, 'pbkdf2_sha256', "Hashing algorithm has been modified to: {}".format(hasher))`
secrets: imported SecretValidationHasher.iterations for SecretTestCase 2016-06-23 00:01:22 -05:00			`self.assertGreaterEqual(int(iterations), SecretValidationHasher.iterations, "Insufficient iteration count ({}) for hash".format(iterations))`
Initial push to public repo 2016-03-01 11:23:03 -05:00			`self.assertGreaterEqual(len(salt), 12, "Hash salt is too short ({} chars)".format(len(salt)))`

			`# Test hash validation`
			`self.assertTrue(s.validate(plaintext), "Plaintext does not validate against the generated hash")`
			`self.assertFalse(s.validate(""), "Empty plaintext validated against hash")`
			`self.assertFalse(s.validate("Invalid plaintext"), "Invalid plaintext validated against hash")`

			`# Test decryption`
			`s.decrypt(secret_key)`
			`self.assertEqual(plaintext, s.plaintext, "Decrypting Secret returned incorrect plaintext")`

			`def test_02_ciphertext_uniqueness(self):`
			`"""`
			`Generate 50 Secrets using the same plaintext and check for duplicate IVs or payloads.`
			`"""`
			`plaintext = "1234567890abcdef"`
			`secret_key = generate_master_key()`
			`ivs = []`
			`ciphertexts = []`
			`for i in range(1, 51):`
			`s = Secret(plaintext=plaintext)`
			`s.encrypt(secret_key)`
			`ivs.append(s.ciphertext[0:16])`
			`ciphertexts.append(s.ciphertext[16:32])`
			`duplicate_ivs = [i for i, x in enumerate(ivs) if ivs.count(x) > 1]`
			`self.assertEqual(duplicate_ivs, [], "One or more duplicate IVs found!")`
			`duplicate_ciphertexts = [i for i, x in enumerate(ciphertexts) if ciphertexts.count(x) > 1]`
			`self.assertEqual(duplicate_ciphertexts, [], "One or more duplicate ciphertexts (first blocks) found!")`