o +keN@s6ddlZddlZddlZddlZddlmZmZddlZddl m Z m Z m Z ddl m Z mZmZmZmZmZmZmZddl mZmZddl mZmZmZmZddl mZdd l mZdd lmZdd lmZ dd l!mZdd l!m"Z"dd l!m#Z#ddl!m$Z$ddl!m%Z%GdddZ&GdddZ'GdddZ(dS)N)hexlify unhexlify) PassphrasePasswordRetriesExceeded bin_to_hex) PlaintextKey PassphraseKeyAuthenticatedKeyRepoKey KeyfileKeyBlake2KeyfileKey Blake2RepoKeyBlake2AuthenticatedKey)ID_HMAC_SHA_256ID_BLAKE2b_256)TAMRequiredError TAMInvalidTAMUnsupportedSuiteErrorUnsupportedManifestError)ArchiveTAMInvalid) identify_key) bytes_to_long)IntegrityError)Location) StableDict)get_security_dir)msgpackc @seZdZGdddZdZeedddZ edZ dZ e d Ze d Zejd d Zejeeeeeeeefd ddZGdddZddZddZddZddZddZ ddZ!ddZ"d d!Z#d"d#Z$d$d%Z%d&d'Z&d(d)Z'd*d+Z(d,d-Z)d.d/Z*d0S)1TestKeyc@seZdZeedZdS)zTestKey.MockArgsN)__name__ __module__ __qualname__rtempfilemkstemplocationr&r&6usr/lib/python3.10/site-packages/borg/testsuite/key.pyMockArgssr(aU BORG_KEY 0000000000000000000000000000000000000000000000000000000000000000 hqppdGVyYXRpb25zzgABhqCkaGFzaNoAIMyonNI+7Cjv0qHi0AOBM6bLGxACJhfgzVD2oq bIS9SFqWFsZ29yaXRobaZzaGEyNTakc2FsdNoAINNK5qqJc1JWSUjACwFEWGTdM7Nd0a5l 1uBGPEb+9XM9p3ZlcnNpb24BpGRhdGHaANAYDT5yfPpU099oBJwMomsxouKyx/OG4QIXK2 hQCG2L2L/9PUu4WIuKvGrsXoP7syemujNfcZws5jLp2UPva4PkQhQsrF1RYDEMLh2eF9Ol rwtkThq1tnh7KjWMG9Ijt7/aoQtq0zDYP/xaFF8XXSJxiyP5zjH5+spB6RL0oQHvbsliSh /cXJq7jrqmrJ1phd6dg4SHAM/i+hubadZoS6m25OQzYAW09wZD/phG8OVa698Z5ed3HTaT SmrtgJL3EoOKgUI9d6BLE4dJdBqntifoz\Wz 0055f161493fcfc16276e8c31493c4641e1eb19a79d0326fad0291e5a9c98e5933 00000000000003e8d21eaf9b86c297a8cd56432e1915bb Z@c3fbf14bc001ebcc3cd86e696c13482ed071740927cd7cbe1b01b4bfcee49314ay BORG_KEY 0000000000000000000000000000000000000000000000000000000000000000 hqlhbGdvcml0aG2mc2hhMjU2pGRhdGHaAZBu680Do3CmfWzeMCwe48KJi3Vps9mEDy7MKF TastsEhiAd1RQMuxfZpklkLeddMMWk+aPtFiURRFb02JLXV5cKRC1o2ZDdiNa0nao+o6+i gUjjsea9TAu25t3vxh8uQWs5BuKRLBRr0nUgrSd0IYMUgn+iVbLJRzCCssvxsklkwQxN3F Y+MvBnn8kUXSeoSoQ2l0fBHzq94Y7LMOm/owMam5URnE8/UEc6ZXBrbyX4EXxDtUqJcs+D i451thtlGdigDLpvf9nyK66mjiCpPCTCgtlzq0Pe1jcdhnsUYLg+qWzXZ7e2opEZoC6XxS 3DIuBOxG3Odqj9IKB+6/kl94vz98awPWFSpYcLZVWu7sIP38ZkUK+ad5MHTo/LvTuZdFnd iqKzZIDUJl3Zl1WGmP/0xVOmfIlznkCZy4d3SMuujwIcqQ5kDvwDRPpdhBBk+UWQY5vFXk kR1NBNLSTyhAzu3fiUmFl0qZ+UWPRkGAEBy/NuoEibrWwab8BX97cATyvnmOqYkU9PT0C6 l2l9E4bPpGhhc2jaACDnIa8KgKv84/b5sjaMgSZeIVkuKSLJy2NN8zoH8lnd36ppdGVyYX Rpb25zzgABhqCkc2FsdNoAIEJLlLh7q74j3q53856H5GgzA1HH+aW5bA/as544+PGkp3Zl cnNpb24BZd04fdf9475cf2323c0ba7a99ddc011064f2e7d039f539f2e4480e6f5fc6ff9993d604040404040404098c8cee1c6db8c28947Z@d8bc68e961c79f99be39061589e5179b2113cd9226e07b08ddd4a1fef7ce93fbcCs|dt||S)NZ BORG_KEYS_DIR)setenvstr)selfrequest monkeypatchtmpdirr&r&r'keys_dirFszTestKey.keys_dir)paramscCs"|dd|j||SNBORG_PASSPHRASEtest)r*paramcreateMockRepositoryr()r,r-r.r&r&r'keyKs z TestKey.keyc@sPeZdZGdddZeZedZeeZddZ ddZ dd Z d d Z d S) zTestKey.MockRepositoryc@seZdZdZZddZdS)z TestKey.MockRepository._Locationz /some/placecC|jSN) processedr,r&r&r'canonical_path]z/TestKey.MockRepository._Location.canonical_pathN)r r!r"rawr;r=r&r&r&r' _LocationZs r@ cCdSr:r&r<r&r&r'get_free_noncedz%TestKey.MockRepository.get_free_noncecCrBr:r&)r,Znext_unreservedZ start_noncer&r&r'commit_nonce_reservationgrDz/TestKey.MockRepository.commit_nonce_reservationcCs ||_dSr:Zkey_data)r,datar&r&r'save_keyjs zTestKey.MockRepository.save_keycCr9r:rFr<r&r&r'load_keymr>zTestKey.MockRepository.load_keyN) r r!r"r@Z _locationbytesidrid_strrCrErHrIr&r&r&r'r7Ys r7cCsJtdd}d}t||dksJ||||||ks#JdS)Nfoos@2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae)rr6rid_hashdecryptencrypt)r,r8chunkr&r&r'test_plaintextps $zTestKey.test_plaintextc Cs,|ddt||}|jdksJ|d}|j|dks(J|d}||ks3J| d|| d|ksAJ|j|dksKJ|j|}t ||}|j||j t |tj ksmJt |j|j|jhdks{J|jdksJd}|| ||||ksJdS)Nr3r4rABCrrM)r*r r6r7r(ciphernext_ivrP extract_ivrOdetect block_countlenZPAYLOAD_OVERHEADid_keyenc_key enc_hmac_key chunk_seedrN) r,r.r0r8manifest manifest2ivkey2rQr&r&r' test_keyfilevs     ($zTestKey.test_keyfilecCs|dd|}ttjt|jdd }|dWdn1s'wYt || }| d}|j |dksCJ|d|dksMJdS)Nr3r4ZnoncewZ0000000000002000rSi )r*r7openospathjoinrrLwriter r6r(rPrUrWrO)r,r.r0 repositoryfdr8rGr&r&r'&test_keyfile_nonce_rollback_protections   z.TestKey.test_keyfile_nonce_rollback_protectioncCs|d}|dt||dd|rJt||}|s)Jd}||}| |}t ||}|| ||ksGJ| t tt ||WddS1sdwYdS)Nkeyfile BORG_KEY_FILEr3ZtestkfrS)rhr*r+existsr r6r7r(rNrPrXrOremovepytestraisesFileNotFoundError)r,r/r.rmr8rQZchunk_idZ chunk_cdatar&r&r'test_keyfile_kfenvs       "zTestKey.test_keyfile_kfenvcCv|dd}||jWdn1swY|ddt||j}| |j |jdks9JdSNrmrdr3 passphrasepayload) rhrerikeyfile2_key_filer*r rXr7keyfile2_cdatarO keyfile2_idr,r.r0rkr8r&r&r' test_keyfile2  zTestKey.test_keyfile2cCs|d}|d}||jWdn1swY|dt||ddt||j }| |j |j dksCJdS)Nrmrdrnr3rwrx) rhreriryr*r+r rXr7rzrOr{)r,r/r.rmrkr8r&r&r'test_keyfile2_kfenvs   zTestKey.test_keyfile2_kfenvcCrurv) rhrerikeyfile_blake2_key_filer*r rXr7keyfile_blake2_cdatarOkeyfile_blake2_idr|r&r&r'test_keyfile_blake2r~zTestKey.test_keyfile_blake2c Cs|ddt|d}|jdksJt|jdks Jt|jdks)Jt|j dks2J|j dks9J| d}|j |dksHJ| d}||ksSJ| d|| d|ksaJ|j |d kskJ|j |}t||}|j||jt|ksJ|j|jksJ|j|jksJ|j |j ksJ|j |j ksJd }t||d ksJ|| ||| |ksJdS) Nr3r4rs@793b0717f9d8fb01c751a487e9b827897ceea62409870600013fbc6b4d8d7ca6s@b885a05d329a086627412a6142aaeb9f6c54ab7950f996dd65587251f6bc0901s@2ff3654c6daf7381dbbe718d2b20b4f1ea1e34caa6cc65f6bb3ac376b93fed2ai#rSrrMs@818217cf07d37efad3860766dcdf1d21e401650fed2d76ed1d797d3aae925990)r*r r6r7rUrVrr[r]r\r^rPrWrOrXrYrZrN) r,r0r.r8r_r`rarbrQr&r&r'test_passphrases.     "$zTestKey.test_passphrasecCsTt|}||dN<tt|d|WddS1s#wYdS)Nr) bytearrayrqrrIntegrityErrorBaserO)r,r8rGoffsetr&r&r' _corrupt_bytes  "zTestKey._corrupt_bytecCs|dd}||jWdn1swY|ddt||j}|j}t t |D] }| |||q6t tt|j}t||}d|d<|||WddS1sgwYdS)Nrmrdr3rwr )rhreriryr*r rXr7rzrangerZrrqrrrrrNrO)r,r.r0rkr8rGirKr&r&r'test_decrypt_integritys   "zTestKey.test_decrypt_integritycCsR|j}d}||}t|}||jksJ|||}|d|}||ks'JdS)NrM)rjrPr __class__rXrO)r,r8rj plaintext encryptedZidentified_key_classZ loaded_keyZ decryptedr&r&r'test_roundtrips   zTestKey.test_roundtripcCs>d}||}|jd|dd|ksJ|d||ksJdS)N 123456789F) decompress)rPrO)r,r8rrr&r&r'test_decrypt_decompresss zTestKey.test_decrypt_decompresscCsd}||}|||t|}|ddN<tt|||Wdn1s/wY|d}tt|||WddS1sOwYdS)Nrrr1)rNZ assert_idrrqrrr)r,r8rrKZ id_changedZplaintext_changedr&r&r'test_assert_ids    "zTestKey.test_assert_idcCd|ddt||}tjtjusJt|jdks!Jd}| |}|d|ks0JdS)Nr3r4rArs) r*r r6r7r(rNrrZr[rPr,r.r8rZ authenticatedr&r&r'test_authenticated_encrypt  z"TestKey.test_authenticated_encryptcCr)Nr3r4rs) r*rr6r7r(rNrrZr[rPrr&r&r'!test_blake2_authenticated_encryptrz)TestKey.test_blake2_authenticated_encryptN)+r r!r"r(stripryrresubrzr{rrJfromhexrrrqfixturer0rr r r r rrr8r7rRrcrlrtr}rrrrrrrrrrr&r&r&r'rsR          rc@s,eZdZddZddZddZddZd S) TestPassphrasecCs|tddd|ddt|\}}d|vsJd|vs%J|ddt}|\}}d|vs;Jd|vsAJ|d ksGJ|tdd dt|\}}d |vs`Jd |vsfJdS) NgetpasscSdS)N 12aöäür&promptr&r&r'zATestPassphrase.test_passphrase_new_verification..ZBORG_DISPLAY_PASSPHRASEnoZ12yesZ313261c3b6c3a4c3bcrcSr)N1234/@=r&rr&r&r'r*rr)setattrrr*rnew readouterr)r,capsysr.outerrrwr&r&r' test_passphrase_new_verifications"           z/TestPassphrase.test_passphrase_new_verificationcCsp|dd|tdddtttjddWdn1s%wY|\}}d|vs6JdS)Nr3FrcSr)Nr)r&rr&r&r'r2rz:TestPassphrase.test_passphrase_new_empty..)Z allow_emptyzmust not be blank) delenvrrrqrrrrrr)r,rr.rrr&r&r'test_passphrase_new_empty0s   z(TestPassphrase.test_passphrase_new_emptycsf|ddttd|tdfddtt t WddS1s,wYdS)Nr3Frcs ttSr:)r+nextrZascending_numbersr&r'r;s z.) riterrrrrqrrrrrr,r.r&rr'test_passphrase_new_retries8s    "z*TestPassphrase.test_passphrase_new_retriescCsdttdvs JdS)NZsecret)reprrr<r&r&r'test_passphrase_repr?sz#TestPassphrase.test_passphrase_reprN)r r!r"rrrrr&r&r&r'rs  rc@s(eZdZejddZddZddZddZd d Z d d Z ej d ie fddie fdefdeffddZej d ie fddie fdefdeffddZej j diedfedifdedfeddffgddddZddZddZej d d!d"d#Zej d d!d$d%ZdS)&TestTAMcCs |ddtttSr2)r*r r6rr7r(rr&r&r'r8Ds z TestTAM.keycCsxd}tt ||Wdn1swYd}ttj||WddS1s5wYdS)Ns foobars)rqrrrunpack_and_verify_manifestrZUnpackExceptionr,r8blobr&r&r'test_unpack_futureIs   "zTestTAM.test_unpack_futurecCsxti}tt ||Wdn1swYtt||WddS1s5wYdSr:)rpackbrqrrrrunpack_and_verify_archiverr&r&r'test_missing_when_requiredRs     "z"TestTAM.test_missing_when_requiredcCsZti}d|_||\}}|iksJ|rJ||\}}}|iks'J|r+JdS)NFrrZ tam_requiredrrr,r8runpackedverified_r&r&r' test_missingYs    zTestTAM.test_missingcCstdddii}tt ||Wdn1swYtt||WddS1s9wYdS)Ntamtype HMAC_VOLLBIT)rrrqrrrrrrr&r&r'test_unknown_type_when_requiredcs    "z'TestTAM.test_unknown_type_when_requiredcCsbtdddii}d|_||\}}|iksJ|rJ||\}}}|iks+J|r/JdS)NrrrFrrr&r&r'test_unknown_typens   zTestTAM.test_unknown_typeztam, excrNicCHtd|i}t|||WddS1swYdSNr)rrrqrrrr,r8rexcrr&r&r'test_invalid_manifest|   "zTestTAM.test_invalid_manifestcCrr)rrrqrrrrr&r&r'test_invalid_archiverzTestTAM.test_invalid_archivez hmac, salt@)zed-b64zb64-edzn-b64zb64-n)ZidscCsdd||di}|d}|dur|d=|dur|d=t|}tt ||Wdn1s4wYtt||WddS1sOwYdS)NrZHKDF_HMAC_SHA512)rhmacsaltrr)rrrqrrrrrr)r,r8rrrGrrr&r&r'test_wrong_typess$     "zTestTAM.test_wrong_typescCsxddi}|j|dd}|dsJt|}|dddks!J||\}}|s,J|d d ks4Jd|vs:JdS) NfoobarmanifestcontexttamtypeHKDF_HMAC_SHA512rMbar)pack_and_authenticate_metadata startswithrunpackbr)r,r8rGrrrr&r&r'test_round_trip_manifests z TestTAM.test_round_trip_manifestcCszddi}|j|dd}|dsJt|}|dddks!J||\}}}|s-J|d d ks5Jd|vs;JdS) NrrarchiverrrrrrMr)rrrrr)r,r8rGrrrrr&r&r'test_round_trip_archives zTestTAM.test_round_trip_archivewhich)shmacssaltcCddi}|j|dd}|dsJtj|td}t|d|dks%J|d|d d td |d|<t|d|dksCJt|}t t | |WddS1s^wYdS) Nrrrrr object_hookrrrrA) rrrrrrZrJrrqrrrrr,r8rrGrrr&r&r'test_tampered_manifest$   "zTestTAM.test_tampered_manifestcCr) NrrrrrrrrrrA) rrrrrrZrJrrqrrrrrr&r&r'test_tampered_archiverzTestTAM.test_tampered_archive)r r!r"rqrr8rrrrrZmarkZ parametrizerrrrrrJrrrrrr&r&r&r'rCsJ               r))ros.pathrfrr#binasciirrrqZ crypto.keyrrrrr r r r r rrrrrrrrrrZcrypto.low_levelrrrhelpersrrrrrrrr&r&r&r's0(         )