Skip to content

Commit 5e3e4bf

Browse files
ejimenezejimenez
committed
Add a test to check encrypted feedback
Ver ietf-tools#913 - Legacy-Id: 5157
1 parent 7900160 commit 5e3e4bf

File tree

2 files changed

+101
-4
lines changed

2 files changed

+101
-4
lines changed

ietf/nomcom/fields.py

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,5 @@
1+
import os
2+
13
import tempfile
24
from django.conf import settings
35
from django.db import models
@@ -15,13 +17,14 @@ def pre_save(self, instance, add):
1517
comments = getattr(instance, 'comments')
1618
position = getattr(instance, 'position')
1719
cert_file = position.nomcom.public_key.path
18-
comments_file = tempfile.NamedTemporaryFile()
20+
comments_file = tempfile.NamedTemporaryFile(delete=False)
1921
comments_file.write(comments)
22+
comments_file.close()
2023

2124
code, out, error = pipe("%s smime -encrypt -in %s %s" % (settings.OPENSSL_COMMAND,
2225
comments_file.name,
2326
cert_file))
24-
comments_file.close()
27+
os.unlink(comments_file.name)
2528
if not error:
2629
instance.comments = out
2730
return out

ietf/nomcom/tests.py

Lines changed: 96 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,20 @@
1+
import os
2+
import tempfile
3+
4+
from django.conf import settings
15
from django.test import TestCase
26
from django.db import IntegrityError
37
from django.core.urlresolvers import reverse
8+
from django.core.files import File
49

510
from ietf.utils.test_utils import login_testing_unauthorized
11+
from ietf.utils.pipe import pipe
612
from ietf.nomcom.test_data import nomcom_test_data
7-
from ietf.nomcom.models import NomineePosition, Position, Nominee, NomineePositionState
13+
from ietf.nomcom.models import NomineePosition, Position, Nominee, \
14+
NomineePositionState, Feedback, FeedbackType
815

916

10-
class NomcomTest(TestCase):
17+
class NomcomViewsTest(TestCase):
1118
"""Tests to create a new nomcom"""
1219
fixtures = ['names', 'nomcom_templates']
1320

@@ -78,3 +85,90 @@ def test_nomine_position_unique(self):
7885
nominee_position = NomineePosition(position=position, nominee=self.nominee)
7986

8087
self.assertRaises(IntegrityError, nominee_position.save)
88+
89+
90+
class FeedbackTest(TestCase):
91+
fixtures = ['names', 'nomcom_templates']
92+
93+
def setUp(self):
94+
nomcom_test_data()
95+
self.generate_cert()
96+
97+
def generate_cert(self):
98+
"""Function to generate cert"""
99+
config = """
100+
[ req ]
101+
distinguished_name = req_distinguished_name
102+
string_mask = utf8only
103+
x509_extensions = ss_v3_ca
104+
105+
[ req_distinguished_name ]
106+
commonName = Common Name (e.g., NomComYY)
107+
commonName_default = NomCom12
108+
109+
[ ss_v3_ca ]
110+
111+
subjectKeyIdentifier = hash
112+
keyUsage = critical, digitalSignature, keyEncipherment, dataEncipherment
113+
basicConstraints = critical, CA:true
114+
subjectAltName = email:nomcom12@ietf.org
115+
extendedKeyUsage= emailProtection"""
116+
117+
self.config_file = tempfile.NamedTemporaryFile(delete=False)
118+
self.privatekey_file = tempfile.NamedTemporaryFile(delete=False)
119+
self.cert_file = tempfile.NamedTemporaryFile(delete=False)
120+
121+
self.config_file.write(config)
122+
self.config_file.close()
123+
124+
command = "%s req -config %s -x509 -new -newkey rsa:2048 -sha256 -days 730 -nodes \
125+
-keyout %s -out %s -batch"
126+
code, out, error = pipe(command % (settings.OPENSSL_COMMAND,
127+
self.config_file.name,
128+
self.privatekey_file.name,
129+
self.cert_file.name))
130+
self.privatekey_file.close()
131+
self.cert_file.close()
132+
133+
def test_encrypted_comments(self):
134+
135+
nominee = Nominee.objects.get(email__address="plain@example.com")
136+
position = Position.objects.get(name='OAM')
137+
nomcom = position.nomcom
138+
139+
# save the cert file in tmp
140+
nomcom.public_key.storage.location = tempfile.gettempdir()
141+
nomcom.public_key.save('cert', File(open(self.cert_file.name, 'r')))
142+
143+
comments = 'plain text'
144+
feedback = Feedback.objects.create(position=position,
145+
nominee=nominee,
146+
comments=comments,
147+
type=FeedbackType.objects.get(slug='nomina'))
148+
149+
# to check feedback comments are saved like enrypted data
150+
self.assertNotEqual(feedback.comments, comments)
151+
152+
encrypted_file = tempfile.NamedTemporaryFile(delete=False)
153+
encrypted_file.write(feedback.comments)
154+
encrypted_file.close()
155+
156+
# to decrypt comments was encryped and check they are equal to the plain comments
157+
decrypted_file = tempfile.NamedTemporaryFile(delete=False)
158+
command = "%s smime -decrypt -in %s -out %s -inkey %s"
159+
code, out, error = pipe(command % (settings.OPENSSL_COMMAND,
160+
encrypted_file.name,
161+
decrypted_file.name,
162+
self.privatekey_file.name))
163+
164+
decrypted_file.close()
165+
encrypted_file.close()
166+
167+
self.assertEqual(open(decrypted_file.name, 'r').read(), comments)
168+
169+
# delete tmps
170+
os.unlink(self.config_file.name)
171+
os.unlink(self.privatekey_file.name)
172+
os.unlink(self.cert_file.name)
173+
os.unlink(encrypted_file.name)
174+
os.unlink(decrypted_file.name)

0 commit comments

Comments
 (0)