Skip to content

Commit

Permalink
Add unit test for tar encryption
Browse files Browse the repository at this point in the history
  • Loading branch information
twiggler committed Oct 16, 2024
1 parent 608fa64 commit 9079bdb
Show file tree
Hide file tree
Showing 3 changed files with 26 additions and 8 deletions.
6 changes: 6 additions & 0 deletions tests/conftest.py
Original file line number Diff line number Diff line change
Expand Up @@ -33,3 +33,9 @@ def mock_target(mock_fs: VirtualFilesystem) -> Target:
target.filesystems.add(mock_fs)
target.os = "mock"
return target


@pytest.fixture
def public_key() -> bytes:
with open("tests/data/public_key.pem", "r") as f:
return f.read()
18 changes: 18 additions & 0 deletions tests/test_outputs_tar.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
from dissect.target.filesystem import VirtualFilesystem

from acquire.outputs import TarOutput
from acquire.tools.decrypter import EncryptedFile


@pytest.fixture(params=[(True, "gzip"), (True, "bzip2"), (True, "xz"), (False, None)])
Expand Down Expand Up @@ -41,3 +42,20 @@ def test_tar_output_write_entry(mock_fs: VirtualFilesystem, tar_output: TarOutpu
assert file.issym()
elif entry.is_file():
assert file.isfile()


def test_tar_output_encrypt(mock_fs: VirtualFilesystem, public_key: bytes, tmp_path: Path) -> None:
entry_name = "/foo/bar/some-file"
entry = mock_fs.get(entry_name)
tar_output = TarOutput(tmp_path, compress=True, compression_method="gzip", encrypt=True, public_key=public_key)
tar_output.write_entry(entry_name, entry)
tar_output.close()

encrypted_stream = EncryptedFile(tar_output.path.open("rb"), Path("tests/data/private_key.pem"))
decrypted_path = tmp_path / "decrypted.tar"
# Direct streaming is not an option because tarfile needs seek when reading from encrypted files directly
with open(decrypted_path, "wb") as f:
f.write(encrypted_stream.read())

tar_file = tarfile.open(name=decrypted_path, mode="r")
assert entry.open().read() == tar_file.extractfile(entry_name).read()
10 changes: 2 additions & 8 deletions tests/test_outputs_zip.py
Original file line number Diff line number Diff line change
Expand Up @@ -48,12 +48,6 @@ def test_zip_output_write_entry(mock_fs: VirtualFilesystem, zip_output: ZipOutpu
assert stat.S_ISREG(file_type)


@pytest.fixture
def public_key() -> bytes:
with open("tests/data/public_key.pem", "r") as f:
return f.read()


def test_zip_output_encrypt(mock_fs: VirtualFilesystem, public_key: bytes, tmp_path: Path) -> None:
entry_name = "/foo/bar/some-file"
entry = mock_fs.get(entry_name)
Expand All @@ -63,9 +57,9 @@ def test_zip_output_encrypt(mock_fs: VirtualFilesystem, public_key: bytes, tmp_p

encrypted_stream = EncryptedFile(zip_output.path.open("rb"), Path("tests/data/private_key.pem"))
decrypted_path = tmp_path / "decrypted.zip"
# Direct streaming is not an otion because zipfile needs seek when reading from encrypted files directly
# Direct streaming is not an option because zipfile needs seek when reading from encrypted files directly
with open(decrypted_path, "wb") as f:
f.write(encrypted_stream.read())
zip_file = zipfile.ZipFile(decrypted_path, mode="r")

zip_file = zipfile.ZipFile(decrypted_path, mode="r")
assert entry.open().read() == zip_file.open(entry_name).read()

0 comments on commit 9079bdb

Please sign in to comment.