andy-maier / easy-vault Goto Github PK
View Code? Open in Web Editor NEWSecure vault files that are easy to use
License: Apache License 2.0
Secure vault files that are easy to use
License: Apache License 2.0
The set_password() and get_password() functions have a verbose and echo parameter for controlling whether verbose messages are printed and which function is used to print them.
Expand the existing keyring section somewhat. Karl says Ubuntu works out of the box. Explain how to disable the use of keyring
The get_password() function has the ability to prompt for password, but there are no testcases for it yet.
KeyRingLib is not used by the other projects so the name can be cleaned up.
This improves security, but requires a redesign. We now need to store the key in the keyring, and the key generation cannot be invoked multiple times as it is done now, but needs to be under control of the user.
Without CLI.
The encrypt and decrypt commands automatically keep the password stored for a vault file in the keyring service up to date, and can also override it if needed.
What is not supported yet, is to remove the keyring item for a vault file, utilizing the KeyRingLib function provided in issue #35 .
A functionality to update the password in the keyring item separately is not needed, because that is done automatically when encrypting or decrypting the fault file.
There should be an easy-vault command that checks for the availability of the keyring service, utilizing the function provided by issue #34
I'm trying to package your module as an rpm package. So I'm using the typical build, install and test cycle used on building packages from non-root account.
Looks like pytest is failing on collecting units
+ PYTHONPATH=/home/tkloczko/rpmbuild/BUILDROOT/python-easy-vault-0.7.0-2.fc35.x86_64/usr/lib64/python3.8/site-packages:/home/tkloczko/rpmbuild/BUILDROOT/python-easy-vault-0.7.0-2.fc35.x86_64/usr/lib/python3.8/site-packages
+ /usr/bin/pytest -ra
=========================================================================== test session starts ============================================================================
platform linux -- Python 3.8.12, pytest-6.2.5, py-1.11.0, pluggy-1.0.0
benchmark: 3.4.1 (defaults: timer=time.perf_counter disable_gc=False min_rounds=5 min_time=0.000005 max_time=1.0 calibration_precision=10 warmup=False warmup_iterations=100000)
Using --randomly-seed=3901611956
rootdir: /home/tkloczko/rpmbuild/BUILD/easy-vault-0.7.0
plugins: shutil-1.7.0, virtualenv-1.7.0, mock-3.6.1, cov-2.12.1, anyio-3.3.4, forked-1.3.0, xdist-2.3.0, flaky-3.7.0, tornasync-0.6.0.post2, console-scripts-1.2.0, trio-0.7.0, timeout-2.0.1, asyncio-0.16.0, freezegun-0.4.2, flake8-1.0.7, pyfakefs-4.5.3, hypothesis-6.29.3, benchmark-3.4.1, profiling-1.7.0, datadir-1.3.1, regressions-2.2.0, randomly-3.8.0, rerunfailures-9.1.1, yagot-0.5.0, requests-mock-1.9.3, django-4.5.1
collected 79 items / 2 errors / 77 selected
================================================================================== ERRORS ==================================================================================
_____________________________________________________________ ERROR collecting tests/unittest/test_keyring.py ______________________________________________________________
tests/unittest/test_keyring.py:34: in <module>
not is_keyring_available(), reason="No keyring service available")
tests/utils/keyring_utils.py:43: in is_keyring_available
return kr.is_available()
easy_vault/_keyring.py:203: in is_available
self.check_available()
easy_vault/_keyring.py:256: in check_available
raise new_exc # KeyringError
E easy_vault._keyring.KeyringError: Failed to create the collection: Prompt dismissed..
_____________________________________________________________ ERROR collecting tests/unittest/test_password.py _____________________________________________________________
tests/unittest/test_password.py:28: in <module>
not is_keyring_available(), reason="No keyring service available")
tests/utils/keyring_utils.py:43: in is_keyring_available
return kr.is_available()
easy_vault/_keyring.py:203: in is_available
self.check_available()
easy_vault/_keyring.py:256: in check_available
raise new_exc # KeyringError
E easy_vault._keyring.KeyringError: Failed to create the collection: Prompt dismissed..
========================================================================= short test summary info ==========================================================================
ERROR tests/unittest/test_keyring.py - easy_vault._keyring.KeyringError: Failed to create the collection: Prompt dismissed..
ERROR tests/unittest/test_password.py - easy_vault._keyring.KeyringError: Failed to create the collection: Prompt dismissed..
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Interrupted: 2 errors during collection !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
============================================================================ 2 errors in 0.79s =============================================================================
The encryption implementation methods that can be replaced by a user are checked for correct results, and the testcases should implement user-defined methods for them and trigger these checks.
The EasyVault class currently requires that a password is specified. However, it is perfectly valid to operate on unencrypted vault files without having a password.
The get_password() function currently always prompts for a password if the keyring service did not find the password. For use in headless systems, there should be a way to disable the prompting. (Note: The use of the keyring service can already be disabled.)
These environments are currently excluded from the complete weekly test, due to errors.
See for example this run: https://github.com/andy-maier/easy-vault/actions/runs/697835361
The goal is to address the issues so that some or all of these environments can be enabled again.
If the vault file is stored in a repository, it is helpful to regularly check if it is encrypted.
There should be a KeyRingLib function that checks for availability of the keyring service, much like the respective function in the keyring test utils already does. That test utils function could then go away.
There is already a function in the keyring test utils that does this and could be used as a basis. That test utils function would then go away.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.