keepassxc/tests/TestCli.cpp

2209 lines
85 KiB
C++
Raw Normal View History

/*
* Copyright (C) 2020 KeePassXC Team <team@keepassxc.org>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 2 or (at your option)
* version 3 of the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "TestCli.h"
#include "config-keepassx-tests.h"
#include "core/Bootstrap.h"
#include "core/Config.h"
#include "core/Group.h"
#include "core/Metadata.h"
#include "core/Tools.h"
#include "crypto/Crypto.h"
#include "keys/FileKey.h"
2019-11-18 01:57:04 -05:00
#include "keys/drivers/YubiKey.h"
#include "cli/Add.h"
#include "cli/AddGroup.h"
#include "cli/Analyze.h"
#include "cli/AttachmentExport.h"
#include "cli/AttachmentImport.h"
#include "cli/AttachmentRemove.h"
#include "cli/Clip.h"
#include "cli/Create.h"
#include "cli/Diceware.h"
#include "cli/Edit.h"
#include "cli/Estimate.h"
#include "cli/Export.h"
#include "cli/Generate.h"
#include "cli/Help.h"
#include "cli/Import.h"
#include "cli/Info.h"
#include "cli/List.h"
#include "cli/Merge.h"
#include "cli/Move.h"
#include "cli/Open.h"
#include "cli/Remove.h"
#include "cli/RemoveGroup.h"
#include "cli/Search.h"
#include "cli/Show.h"
#include "cli/Utils.h"
#include <QClipboard>
#include <QSignalSpy>
2021-07-11 22:10:29 -04:00
#include <QTest>
#include <QtConcurrent>
QTEST_MAIN(TestCli)
void TestCli::initTestCase()
{
QVERIFY(Crypto::init());
Config::createTempFileInstance();
Bootstrap::bootstrap();
m_devNull.reset(new QFile());
#ifdef Q_OS_WIN
m_devNull->open(fopen("nul", "w"), QIODevice::WriteOnly);
#else
m_devNull->open(fopen("/dev/null", "w"), QIODevice::WriteOnly);
#endif
Utils::DEVNULL.setDevice(m_devNull.data());
}
void TestCli::init()
{
const auto file = QString(KEEPASSX_TEST_DATA_DIR).append("/%1");
m_dbFile.reset(new TemporaryFile());
m_dbFile->copyFromFile(file.arg("NewDatabase.kdbx"));
m_dbFile2.reset(new TemporaryFile());
m_dbFile2->copyFromFile(file.arg("NewDatabase2.kdbx"));
m_dbFileMulti.reset(new TemporaryFile());
m_dbFileMulti->copyFromFile(file.arg("NewDatabaseMulti.kdbx"));
m_xmlFile.reset(new TemporaryFile());
m_xmlFile->copyFromFile(file.arg("NewDatabase.xml"));
m_keyFileProtectedDbFile.reset(new TemporaryFile());
m_keyFileProtectedDbFile->copyFromFile(file.arg("KeyFileProtected.kdbx"));
m_keyFileProtectedNoPasswordDbFile.reset(new TemporaryFile());
m_keyFileProtectedNoPasswordDbFile->copyFromFile(file.arg("KeyFileProtectedNoPassword.kdbx"));
m_yubiKeyProtectedDbFile.reset(new TemporaryFile());
m_yubiKeyProtectedDbFile->copyFromFile(file.arg("YubiKeyProtectedPasswords.kdbx"));
m_stdout.reset(new QBuffer());
m_stdout->open(QIODevice::ReadWrite);
Utils::STDOUT.setDevice(m_stdout.data());
m_stderr.reset(new QBuffer());
m_stderr->open(QIODevice::ReadWrite);
Utils::STDERR.setDevice(m_stderr.data());
m_stdin.reset(new QBuffer());
m_stdin->open(QIODevice::ReadWrite);
Utils::STDIN.setDevice(m_stdin.data());
}
void TestCli::cleanup()
{
m_dbFile.reset();
m_dbFile2.reset();
m_dbFileMulti.reset();
2019-10-20 18:23:11 -04:00
m_keyFileProtectedDbFile.reset();
m_keyFileProtectedNoPasswordDbFile.reset();
m_yubiKeyProtectedDbFile.reset();
Utils::STDOUT.setDevice(nullptr);
Utils::STDERR.setDevice(nullptr);
Utils::STDIN.setDevice(nullptr);
}
void TestCli::cleanupTestCase()
{
m_devNull.reset();
}
QSharedPointer<Database> TestCli::readDatabase(const QString& filename, const QString& pw, const QString& keyfile)
{
auto db = QSharedPointer<Database>::create();
auto key = QSharedPointer<CompositeKey>::create();
if (filename.isEmpty()) {
// Open the default test database
key->addKey(QSharedPointer<PasswordKey>::create("a"));
if (!db->open(m_dbFile->fileName(), key)) {
return {};
}
} else {
// Open the specified database file using supplied credentials
key->addKey(QSharedPointer<PasswordKey>::create(pw));
if (!keyfile.isEmpty()) {
auto filekey = QSharedPointer<FileKey>::create();
filekey->load(keyfile);
key->addKey(filekey);
}
if (!db->open(filename, key)) {
return {};
}
}
return db;
}
int TestCli::execCmd(Command& cmd, const QStringList& args) const
{
// Move to end of stream
m_stdout->readAll();
m_stderr->readAll();
// Record stream position
auto outPos = m_stdout->pos();
auto errPos = m_stderr->pos();
// Execute command
int ret = cmd.execute(args);
// Move back to recorded position
m_stdout->seek(outPos);
m_stderr->seek(errPos);
// Skip over blank lines
QByteArray newline("\n");
while (m_stdout->peek(1) == newline) {
m_stdout->readLine();
}
while (m_stderr->peek(1) == newline) {
2021-11-03 23:09:08 -04:00
m_stderr->readLine();
}
return ret;
}
bool TestCli::isTotp(const QString& value)
{
static const QRegularExpression totp("^\\d{6}$");
return totp.match(value.trimmed()).hasMatch();
}
void TestCli::setInput(const QString& input)
{
setInput(QStringList(input));
}
void TestCli::setInput(const QStringList& input)
{
auto ba = input.join("\n").toLatin1();
// Always end in newline
if (!ba.endsWith("\n")) {
ba.append("\n");
}
auto pos = m_stdin->pos();
m_stdin->write(ba);
m_stdin->seek(pos);
}
void TestCli::testBatchCommands()
{
Commands::setupCommands(false);
QVERIFY(Commands::getCommand("add"));
QVERIFY(Commands::getCommand("analyze"));
QVERIFY(Commands::getCommand("attachment-export"));
QVERIFY(Commands::getCommand("attachment-import"));
QVERIFY(Commands::getCommand("attachment-rm"));
QVERIFY(Commands::getCommand("clip"));
QVERIFY(Commands::getCommand("close"));
QVERIFY(Commands::getCommand("db-create"));
QVERIFY(Commands::getCommand("db-info"));
QVERIFY(Commands::getCommand("diceware"));
QVERIFY(Commands::getCommand("edit"));
QVERIFY(Commands::getCommand("estimate"));
QVERIFY(Commands::getCommand("export"));
QVERIFY(Commands::getCommand("generate"));
QVERIFY(Commands::getCommand("help"));
QVERIFY(Commands::getCommand("import"));
QVERIFY(Commands::getCommand("ls"));
QVERIFY(Commands::getCommand("merge"));
QVERIFY(Commands::getCommand("mkdir"));
QVERIFY(Commands::getCommand("mv"));
QVERIFY(Commands::getCommand("open"));
QVERIFY(Commands::getCommand("rm"));
QVERIFY(Commands::getCommand("rmdir"));
QVERIFY(Commands::getCommand("show"));
QVERIFY(Commands::getCommand("search"));
QVERIFY(!Commands::getCommand("doesnotexist"));
QCOMPARE(Commands::getCommands().size(), 25);
}
void TestCli::testInteractiveCommands()
{
Commands::setupCommands(true);
QVERIFY(Commands::getCommand("add"));
QVERIFY(Commands::getCommand("analyze"));
QVERIFY(Commands::getCommand("attachment-export"));
QVERIFY(Commands::getCommand("attachment-import"));
QVERIFY(Commands::getCommand("attachment-rm"));
QVERIFY(Commands::getCommand("clip"));
QVERIFY(Commands::getCommand("close"));
QVERIFY(Commands::getCommand("db-create"));
QVERIFY(Commands::getCommand("db-info"));
QVERIFY(Commands::getCommand("diceware"));
QVERIFY(Commands::getCommand("edit"));
QVERIFY(Commands::getCommand("estimate"));
QVERIFY(Commands::getCommand("exit"));
QVERIFY(Commands::getCommand("generate"));
QVERIFY(Commands::getCommand("help"));
QVERIFY(Commands::getCommand("ls"));
QVERIFY(Commands::getCommand("merge"));
QVERIFY(Commands::getCommand("mkdir"));
QVERIFY(Commands::getCommand("mv"));
QVERIFY(Commands::getCommand("open"));
QVERIFY(Commands::getCommand("quit"));
QVERIFY(Commands::getCommand("rm"));
QVERIFY(Commands::getCommand("rmdir"));
QVERIFY(Commands::getCommand("show"));
QVERIFY(Commands::getCommand("search"));
QVERIFY(!Commands::getCommand("doesnotexist"));
QCOMPARE(Commands::getCommands().size(), 25);
}
void TestCli::testAdd()
{
Add addCmd;
QVERIFY(!addCmd.name.isEmpty());
QVERIFY(addCmd.getDescriptionLine().contains(addCmd.name));
setInput("a");
execCmd(addCmd,
{"add",
"-u",
"newuser",
"--url",
"https://example.com/",
"-g",
"-L",
"20",
"--notes",
"some notes",
m_dbFile->fileName(),
"/newuser-entry"});
m_stderr->readLine(); // Skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
QVERIFY(m_stdout->readAll().contains("Successfully added entry newuser-entry."));
auto db = readDatabase();
auto* entry = db->rootGroup()->findEntryByPath("/newuser-entry");
QVERIFY(entry);
QCOMPARE(entry->username(), QString("newuser"));
QCOMPARE(entry->url(), QString("https://example.com/"));
QCOMPARE(entry->password().size(), 20);
QCOMPARE(entry->notes(), QString("some notes"));
// Quiet option
setInput("a");
execCmd(addCmd, {"add", "-q", "-u", "newuser", "-g", "-L", "20", m_dbFile->fileName(), "/newentry-quiet"});
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(), QByteArray());
db = readDatabase();
entry = db->rootGroup()->findEntryByPath("/newentry-quiet");
QVERIFY(entry);
QCOMPARE(entry->password().size(), 20);
setInput({"a", "newpassword"});
execCmd(addCmd,
{"add", "-u", "newuser2", "--url", "https://example.net/", "-p", m_dbFile->fileName(), "/newuser-entry2"});
QVERIFY(m_stdout->readAll().contains("Successfully added entry newuser-entry2."));
db = readDatabase();
entry = db->rootGroup()->findEntryByPath("/newuser-entry2");
QVERIFY(entry);
QCOMPARE(entry->username(), QString("newuser2"));
QCOMPARE(entry->url(), QString("https://example.net/"));
QCOMPARE(entry->password(), QString("newpassword"));
// Password generation options
setInput("a");
execCmd(addCmd, {"add", "-u", "newuser3", "-g", "-L", "34", m_dbFile->fileName(), "/newuser-entry3"});
QVERIFY(m_stdout->readAll().contains("Successfully added entry newuser-entry3."));
db = readDatabase();
entry = db->rootGroup()->findEntryByPath("/newuser-entry3");
QVERIFY(entry);
QCOMPARE(entry->username(), QString("newuser3"));
QCOMPARE(entry->password().size(), 34);
QRegularExpression defaultPasswordClassesRegex("^[a-zA-Z0-9]+$");
QVERIFY(defaultPasswordClassesRegex.match(entry->password()).hasMatch());
setInput("a");
execCmd(addCmd,
{"add",
"-u",
"newuser4",
"-g",
"-L",
"20",
"--every-group",
"-s",
"-n",
"-U",
"-l",
m_dbFile->fileName(),
"/newuser-entry4"});
QVERIFY(m_stdout->readAll().contains("Successfully added entry newuser-entry4."));
db = readDatabase();
entry = db->rootGroup()->findEntryByPath("/newuser-entry4");
QVERIFY(entry);
QCOMPARE(entry->username(), QString("newuser4"));
QCOMPARE(entry->password().size(), 20);
QVERIFY(!defaultPasswordClassesRegex.match(entry->password()).hasMatch());
setInput("a");
execCmd(addCmd, {"add", "-u", "newuser5", "--notes", "test\\nnew line", m_dbFile->fileName(), "/newuser-entry5"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray(""));
QCOMPARE(m_stdout->readAll(), QByteArray("Successfully added entry newuser-entry5.\n"));
db = readDatabase();
entry = db->rootGroup()->findEntryByPath("/newuser-entry5");
QVERIFY(entry);
QCOMPARE(entry->username(), QString("newuser5"));
QCOMPARE(entry->notes(), QString("test\nnew line"));
}
void TestCli::testAddGroup()
{
AddGroup addGroupCmd;
QVERIFY(!addGroupCmd.name.isEmpty());
QVERIFY(addGroupCmd.getDescriptionLine().contains(addGroupCmd.name));
setInput("a");
execCmd(addGroupCmd, {"mkdir", m_dbFile->fileName(), "/new_group"});
m_stderr->readLine(); // Skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(), QByteArray("Successfully added group new_group.\n"));
auto db = readDatabase();
auto* group = db->rootGroup()->findGroupByPath("new_group");
QVERIFY(group);
QCOMPARE(group->name(), QString("new_group"));
// Trying to add the same group should fail.
setInput("a");
execCmd(addGroupCmd, {"mkdir", m_dbFile->fileName(), "/new_group"});
QVERIFY(m_stderr->readAll().contains("Group /new_group already exists!"));
QCOMPARE(m_stdout->readAll(), QByteArray());
// Should be able to add groups down the tree.
setInput("a");
execCmd(addGroupCmd, {"mkdir", m_dbFile->fileName(), "/new_group/newer_group"});
QVERIFY(m_stdout->readAll().contains("Successfully added group newer_group."));
db = readDatabase();
group = db->rootGroup()->findGroupByPath("new_group/newer_group");
QVERIFY(group);
QCOMPARE(group->name(), QString("newer_group"));
// Should fail if the path is invalid.
setInput("a");
execCmd(addGroupCmd, {"mkdir", m_dbFile->fileName(), "/invalid_group/newer_group"});
QVERIFY(m_stderr->readAll().contains("Group /invalid_group not found."));
QCOMPARE(m_stdout->readAll(), QByteArray());
// Should fail to add the root group.
setInput("a");
execCmd(addGroupCmd, {"mkdir", m_dbFile->fileName(), "/"});
QVERIFY(m_stderr->readAll().contains("Group / already exists!"));
QCOMPARE(m_stdout->readAll(), QByteArray());
}
void TestCli::testAnalyze()
{
Analyze analyzeCmd;
QVERIFY(!analyzeCmd.name.isEmpty());
QVERIFY(analyzeCmd.getDescriptionLine().contains(analyzeCmd.name));
const QString hibpPath = QString(KEEPASSX_TEST_DATA_DIR).append("/hibp.txt");
setInput("a");
execCmd(analyzeCmd, {"analyze", "--hibp", hibpPath, m_dbFile->fileName()});
auto output = m_stdout->readAll();
QVERIFY(output.contains("Sample Entry"));
QVERIFY(output.contains("123"));
m_stderr->readLine(); // Skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
}
void TestCli::testAttachmentExport()
{
AttachmentExport attachmentExportCmd;
QVERIFY(!attachmentExportCmd.name.isEmpty());
QVERIFY(attachmentExportCmd.getDescriptionLine().contains(attachmentExportCmd.name));
TemporaryFile exportOutput;
exportOutput.open(QIODevice::WriteOnly);
exportOutput.close();
// Try exporting an attachment of a non-existent entry
setInput("a");
execCmd(attachmentExportCmd,
{"attachment-export",
m_dbFile->fileName(),
"invalid_entry_path",
"invalid_attachment_name",
exportOutput.fileName()});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray("Could not find entry with path invalid_entry_path.\n"));
QCOMPARE(m_stdout->readAll(), QByteArray());
// Try exporting a non-existent attachment
setInput("a");
execCmd(attachmentExportCmd,
{"attachment-export",
m_dbFile->fileName(),
"/Sample Entry",
"invalid_attachment_name",
exportOutput.fileName()});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray("Could not find attachment with name invalid_attachment_name.\n"));
QCOMPARE(m_stdout->readAll(), QByteArray());
// Export an existing attachment to a file
setInput("a");
execCmd(
attachmentExportCmd,
{"attachment-export", m_dbFile->fileName(), "/Sample Entry", "Sample attachment.txt", exportOutput.fileName()});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(),
QByteArray(qPrintable(QString("Successfully exported attachment %1 of entry %2 to %3.\n")
.arg("Sample attachment.txt", "/Sample Entry", exportOutput.fileName()))));
exportOutput.open(QIODevice::ReadOnly);
QCOMPARE(exportOutput.readAll(), QByteArray("Sample content\n"));
// Export an existing attachment to stdout
setInput("a");
execCmd(attachmentExportCmd,
{"attachment-export", "--stdout", m_dbFile->fileName(), "/Sample Entry", "Sample attachment.txt"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(), QByteArray("Sample content\n"));
// Ensure --stdout works even in quiet mode
setInput("a");
execCmd(
attachmentExportCmd,
{"attachment-export", "--quiet", "--stdout", m_dbFile->fileName(), "/Sample Entry", "Sample attachment.txt"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(), QByteArray("Sample content\n"));
}
void TestCli::testAttachmentImport()
{
AttachmentImport attachmentImportCmd;
QVERIFY(!attachmentImportCmd.name.isEmpty());
QVERIFY(attachmentImportCmd.getDescriptionLine().contains(attachmentImportCmd.name));
const QString attachmentPath = QString(KEEPASSX_TEST_DATA_DIR).append("/Attachment.txt");
QVERIFY(QFile::exists(attachmentPath));
// Try importing an attachment to a non-existent entry
setInput("a");
execCmd(attachmentImportCmd,
{"attachment-import",
m_dbFile->fileName(),
"invalid_entry_path",
"invalid_attachment_name",
"invalid_attachment_path"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray("Could not find entry with path invalid_entry_path.\n"));
QCOMPARE(m_stdout->readAll(), QByteArray());
// Try importing an attachment with an occupied name without -f option
setInput("a");
execCmd(attachmentImportCmd,
{"attachment-import",
m_dbFile->fileName(),
"/Sample Entry",
"Sample attachment.txt",
"invalid_attachment_path"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(),
QByteArray("Attachment Sample attachment.txt already exists for entry /Sample Entry.\n"));
QCOMPARE(m_stdout->readAll(), QByteArray());
// Try importing a non-existent attachment
setInput("a");
execCmd(attachmentImportCmd,
{"attachment-import",
m_dbFile->fileName(),
"/Sample Entry",
"Sample attachment 2.txt",
"invalid_attachment_path"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray("Could not open attachment file invalid_attachment_path.\n"));
QCOMPARE(m_stdout->readAll(), QByteArray());
// Try importing an attachment with an occupied name with -f option
setInput("a");
execCmd(
attachmentImportCmd,
{"attachment-import", "-f", m_dbFile->fileName(), "/Sample Entry", "Sample attachment.txt", attachmentPath});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(),
QByteArray(qPrintable(
QString("Successfully imported attachment %1 as Sample attachment.txt to entry /Sample Entry.\n")
.arg(attachmentPath))));
// Try importing an attachment with an unoccupied name
setInput("a");
execCmd(attachmentImportCmd,
{"attachment-import", m_dbFile->fileName(), "/Sample Entry", "Attachment.txt", attachmentPath});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(
m_stdout->readAll(),
QByteArray(qPrintable(QString("Successfully imported attachment %1 as Attachment.txt to entry /Sample Entry.\n")
.arg(attachmentPath))));
}
void TestCli::testAttachmentRemove()
{
AttachmentRemove attachmentRemoveCmd;
QVERIFY(!attachmentRemoveCmd.name.isEmpty());
QVERIFY(attachmentRemoveCmd.getDescriptionLine().contains(attachmentRemoveCmd.name));
// Try deleting an attachment belonging to an non-existent entry
setInput("a");
execCmd(attachmentRemoveCmd,
{"attachment-rm", m_dbFile->fileName(), "invalid_entry_path", "invalid_attachment_name"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray("Could not find entry with path invalid_entry_path.\n"));
QCOMPARE(m_stdout->readAll(), QByteArray());
// Try deleting a non-existent attachment from an entry
setInput("a");
execCmd(attachmentRemoveCmd, {"attachment-rm", m_dbFile->fileName(), "/Sample Entry", "invalid_attachment_name"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray("Could not find attachment with name invalid_attachment_name.\n"));
QCOMPARE(m_stdout->readAll(), QByteArray());
// Finally delete an existing attachment from an existing entry
auto db = readDatabase();
QVERIFY(db);
const Entry* entry = db->rootGroup()->findEntryByPath("/Sample Entry");
QVERIFY(entry);
QVERIFY(entry->attachments()->hasKey("Sample attachment.txt"));
setInput("a");
execCmd(attachmentRemoveCmd, {"attachment-rm", m_dbFile->fileName(), "/Sample Entry", "Sample attachment.txt"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(),
QByteArray("Successfully removed attachment Sample attachment.txt from entry /Sample Entry.\n"));
db = readDatabase();
QVERIFY(db);
QVERIFY(!db->rootGroup()->findEntryByPath("/Sample Entry")->attachments()->hasKey("Sample attachment.txt"));
}
void TestCli::testClip()
{
if (QProcessEnvironment::systemEnvironment().contains("WAYLAND_DISPLAY")) {
QSKIP("Clip test skipped due to QClipboard and Wayland issues on Linux");
}
QClipboard* clipboard = QGuiApplication::clipboard();
clipboard->clear();
Clip clipCmd;
QVERIFY(!clipCmd.name.isEmpty());
QVERIFY(clipCmd.getDescriptionLine().contains(clipCmd.name));
// Password
setInput("a");
execCmd(clipCmd, {"clip", m_dbFile->fileName(), "/Sample Entry", "0"});
QString errorOutput(m_stderr->readAll());
if (errorOutput.contains("Unable to start program")
|| errorOutput.contains("No program defined for clipboard manipulation")) {
QSKIP("Clip test skipped due to missing clipboard tool");
}
m_stderr->readLine(); // Skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
2020-05-06 16:36:11 -04:00
QTRY_COMPARE(clipboard->text(), QString("Password"));
QCOMPARE(m_stdout->readLine(), QByteArray("Entry's \"Password\" attribute copied to the clipboard!\n"));
// Quiet option
setInput("a");
execCmd(clipCmd, {"clip", m_dbFile->fileName(), "/Sample Entry", "0", "-q"});
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(), QByteArray());
2020-05-06 16:36:11 -04:00
QTRY_COMPARE(clipboard->text(), QString("Password"));
// Username
setInput("a");
execCmd(clipCmd, {"clip", m_dbFile->fileName(), "/Sample Entry", "0", "-a", "username"});
2020-05-06 16:36:11 -04:00
QTRY_COMPARE(clipboard->text(), QString("User Name"));
// TOTP
setInput("a");
execCmd(clipCmd, {"clip", m_dbFile->fileName(), "/Sample Entry", "0", "--totp"});
QTRY_VERIFY(isTotp(clipboard->text()));
// Test Unicode
setInput("a");
execCmd(clipCmd, {"clip", m_dbFile2->fileName(), "/General/Unicode", "0", "-a", "username"});
QTRY_COMPARE(clipboard->text(), QString(R"\_(ツ)_/¯)"));
// Password with timeout
setInput("a");
// clang-format off
QFuture<void> future = QtConcurrent::run(&clipCmd,
static_cast<int(Clip::*)(const QStringList&)>(&DatabaseCommand::execute),
QStringList{"clip", m_dbFile->fileName(), "/Sample Entry", "1"});
// clang-format on
2020-05-06 16:36:11 -04:00
QTRY_COMPARE(clipboard->text(), QString("Password"));
QTRY_COMPARE_WITH_TIMEOUT(clipboard->text(), QString(""), 2000);
future.waitForFinished();
// TOTP with timeout
setInput("a");
future = QtConcurrent::run(&clipCmd,
static_cast<int (Clip::*)(const QStringList&)>(&DatabaseCommand::execute),
QStringList{"clip", m_dbFile->fileName(), "/Sample Entry", "1", "-t"});
QTRY_VERIFY(isTotp(clipboard->text()));
2020-05-06 16:36:11 -04:00
QTRY_COMPARE_WITH_TIMEOUT(clipboard->text(), QString(""), 2000);
future.waitForFinished();
setInput("a");
execCmd(clipCmd, {"clip", m_dbFile->fileName(), "--totp", "/Sample Entry", "bleuh"});
QVERIFY(m_stderr->readAll().contains("Invalid timeout value bleuh.\n"));
setInput("a");
execCmd(clipCmd, {"clip", m_dbFile2->fileName(), "--totp", "/Sample Entry", "0"});
QVERIFY(m_stderr->readAll().contains("Entry with path /Sample Entry has no TOTP set up.\n"));
setInput("a");
execCmd(clipCmd, {"clip", m_dbFile->fileName(), "-a", "TESTAttribute1", "/Sample Entry", "0"});
QVERIFY(m_stderr->readAll().contains("ERROR: attribute TESTAttribute1 is ambiguous"));
setInput("a");
execCmd(clipCmd, {"clip", m_dbFile2->fileName(), "--attribute", "Username", "--totp", "/Sample Entry", "0"});
QVERIFY(m_stderr->readAll().contains("ERROR: Please specify one of --attribute or --totp, not both.\n"));
// Best option
setInput("a");
execCmd(clipCmd, {"clip", m_dbFileMulti->fileName(), "Multi", "0", "-b"});
QByteArray errorChoices = m_stderr->readAll();
QVERIFY(errorChoices.contains("Multi Entry 1"));
QVERIFY(errorChoices.contains("Multi Entry 2"));
setInput("a");
execCmd(clipCmd, {"clip", m_dbFileMulti->fileName(), "Entry 2", "0", "-b"});
QTRY_COMPARE(clipboard->text(), QString("Password2"));
}
void TestCli::testCreate()
{
Create createCmd;
QVERIFY(!createCmd.name.isEmpty());
QVERIFY(createCmd.getDescriptionLine().contains(createCmd.name));
QScopedPointer<QTemporaryDir> testDir(new QTemporaryDir());
QString dbFilename;
// Testing password option, password mismatch
dbFilename = testDir->path() + "/testCreate_pw.kdbx";
setInput({"a", "b"});
execCmd(createCmd, {"db-create", dbFilename, "-p"});
QCOMPARE(m_stderr->readLine(), QByteArray("Enter password to encrypt database (optional): \n"));
QCOMPARE(m_stderr->readLine(), QByteArray("Repeat password: \n"));
QCOMPARE(m_stderr->readLine(), QByteArray("Error: Passwords do not match.\n"));
QCOMPARE(m_stderr->readLine(), QByteArray("Failed to set database password.\n"));
// Testing password option
setInput({"a", "a"});
execCmd(createCmd, {"db-create", dbFilename, "-p"});
QCOMPARE(m_stderr->readLine(), QByteArray("Enter password to encrypt database (optional): \n"));
QCOMPARE(m_stderr->readLine(), QByteArray("Repeat password: \n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Successfully created new database.\n"));
auto db = readDatabase(dbFilename, "a");
QVERIFY(db);
// Testing with empty password (deny it)
dbFilename = testDir->path() + "/testCreate_blankpw.kdbx";
setInput({"", "n"});
execCmd(createCmd, {"db-create", dbFilename, "-p"});
QCOMPARE(m_stderr->readLine(), QByteArray("Enter password to encrypt database (optional): \n"));
QVERIFY(m_stderr->readLine().contains("empty password"));
QCOMPARE(m_stderr->readLine(), QByteArray("Failed to set database password.\n"));
// Testing with empty password (accept it)
setInput({"", "y"});
execCmd(createCmd, {"db-create", dbFilename, "-p"});
QCOMPARE(m_stderr->readLine(), QByteArray("Enter password to encrypt database (optional): \n"));
QVERIFY(m_stderr->readLine().contains("empty password"));
QCOMPARE(m_stdout->readLine(), QByteArray("Successfully created new database.\n"));
db = readDatabase(dbFilename, "");
QVERIFY(db);
// Should refuse to create the database if it already exists.
execCmd(createCmd, {"db-create", dbFilename, "-p"});
// Output should be empty when there is an error.
QCOMPARE(m_stdout->readAll(), QByteArray());
QString errorMessage = QString("File " + dbFilename + " already exists.\n");
QCOMPARE(m_stderr->readAll(), errorMessage.toUtf8());
// Should refuse to create without any key provided.
dbFilename = testDir->path() + "/testCreate_key.kdbx";
execCmd(createCmd, {"db-create", dbFilename});
QCOMPARE(m_stdout->readAll(), QByteArray());
QCOMPARE(m_stderr->readLine(), QByteArray("No key is set. Aborting database creation.\n"));
// Testing with keyfile creation
dbFilename = testDir->path() + "/testCreate_key2.kdbx";
2019-10-20 18:23:11 -04:00
QString keyfilePath = testDir->path() + "/keyfile.txt";
setInput({"a", "a"});
execCmd(createCmd, {"db-create", dbFilename, "-p", "-k", keyfilePath});
QCOMPARE(m_stderr->readLine(), QByteArray("Enter password to encrypt database (optional): \n"));
QCOMPARE(m_stderr->readLine(), QByteArray("Repeat password: \n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Successfully created new database.\n"));
db = readDatabase(dbFilename, "a", keyfilePath);
QVERIFY(db);
// Testing with existing keyfile
dbFilename = testDir->path() + "/testCreate_key3.kdbx";
setInput({"a", "a"});
execCmd(createCmd, {"db-create", dbFilename, "-p", "-k", keyfilePath});
QCOMPARE(m_stderr->readLine(), QByteArray("Enter password to encrypt database (optional): \n"));
QCOMPARE(m_stderr->readLine(), QByteArray("Repeat password: \n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Successfully created new database.\n"));
db = readDatabase(dbFilename, "a", keyfilePath);
QVERIFY(db);
// Invalid decryption time (format).
dbFilename = testDir->path() + "/testCreate_time.kdbx";
execCmd(createCmd, {"db-create", dbFilename, "-p", "-t", "NAN"});
QCOMPARE(m_stdout->readAll(), QByteArray());
QCOMPARE(m_stderr->readAll(), QByteArray("Invalid decryption time NAN.\n"));
// Invalid decryption time (range).
execCmd(createCmd, {"db-create", dbFilename, "-p", "-t", "10"});
QCOMPARE(m_stdout->readAll(), QByteArray());
QVERIFY(m_stderr->readAll().contains(QByteArray("Target decryption time must be between")));
int encryptionTime = 500;
// Custom encryption time
setInput({"a", "a"});
int epochBefore = QDateTime::currentMSecsSinceEpoch();
execCmd(createCmd, {"db-create", dbFilename, "-p", "-t", QString::number(encryptionTime)});
// Removing 100ms to make sure we account for changes in computation time.
QVERIFY(QDateTime::currentMSecsSinceEpoch() > (epochBefore + encryptionTime - 100));
QCOMPARE(m_stderr->readLine(), QByteArray("Enter password to encrypt database (optional): \n"));
QCOMPARE(m_stderr->readLine(), QByteArray("Repeat password: \n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Benchmarking key derivation function for 500ms delay.\n"));
QVERIFY(m_stdout->readLine().contains(QByteArray("rounds for key derivation function.\n")));
db = readDatabase(dbFilename, "a");
QVERIFY(db);
}
void TestCli::testInfo()
{
Info infoCmd;
QVERIFY(!infoCmd.name.isEmpty());
QVERIFY(infoCmd.getDescriptionLine().contains(infoCmd.name));
setInput("a");
execCmd(infoCmd, {"db-info", m_dbFile->fileName()});
m_stderr->readLine(); // Skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
QVERIFY(m_stdout->readLine().contains(QByteArray("UUID: ")));
QCOMPARE(m_stdout->readLine(), QByteArray("Name: \n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Description: \n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Cipher: AES 256-bit\n"));
QCOMPARE(m_stdout->readLine(), QByteArray("KDF: AES (6000 rounds)\n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Recycle bin is enabled.\n"));
QVERIFY(m_stdout->readLine().contains(m_dbFile->fileName().toUtf8()));
QVERIFY(m_stdout->readLine().contains(
QByteArray("Database created: "))); // date changes often, so just test for the first part
QVERIFY(m_stdout->readLine().contains(
QByteArray("Last saved: "))); // date changes often, so just test for the first part
QCOMPARE(m_stdout->readLine(), QByteArray("Unsaved changes: no\n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Number of groups: 8\n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Number of entries: 2\n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Number of expired entries: 0\n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Unique passwords: 2\n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Non-unique passwords: 0\n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Maximum password reuse: 1\n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Number of short passwords: 0\n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Number of weak passwords: 2\n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Entries excluded from reports: 0\n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Average password length: 11 characters\n"));
// Test with quiet option.
setInput("a");
execCmd(infoCmd, {"db-info", "-q", m_dbFile->fileName()});
QCOMPARE(m_stderr->readAll(), QByteArray());
QVERIFY(m_stdout->readLine().contains(QByteArray("UUID: ")));
QCOMPARE(m_stdout->readLine(), QByteArray("Name: \n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Description: \n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Cipher: AES 256-bit\n"));
QCOMPARE(m_stdout->readLine(), QByteArray("KDF: AES (6000 rounds)\n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Recycle bin is enabled.\n"));
}
void TestCli::testDiceware()
{
Diceware dicewareCmd;
QVERIFY(!dicewareCmd.name.isEmpty());
QVERIFY(dicewareCmd.getDescriptionLine().contains(dicewareCmd.name));
execCmd(dicewareCmd, {"diceware"});
QString passphrase(m_stdout->readLine());
QVERIFY(!passphrase.isEmpty());
execCmd(dicewareCmd, {"diceware", "-W", "2"});
passphrase = m_stdout->readLine();
QCOMPARE(passphrase.split(" ").size(), 2);
execCmd(dicewareCmd, {"diceware", "-W", "10"});
passphrase = m_stdout->readLine();
QCOMPARE(passphrase.split(" ").size(), 10);
// Testing with invalid word count
execCmd(dicewareCmd, {"diceware", "-W", "-10"});
QCOMPARE(m_stderr->readLine(), QByteArray("Invalid word count -10\n"));
// Testing with invalid word count format
execCmd(dicewareCmd, {"diceware", "-W", "bleuh"});
QCOMPARE(m_stderr->readLine(), QByteArray("Invalid word count bleuh\n"));
TemporaryFile wordFile;
wordFile.open();
for (int i = 0; i < 4500; ++i) {
wordFile.write(QString("word" + QString::number(i) + "\n").toLatin1());
}
wordFile.close();
execCmd(dicewareCmd, {"diceware", "-W", "11", "-w", wordFile.fileName()});
passphrase = m_stdout->readLine();
const auto words = passphrase.split(" ");
QCOMPARE(words.size(), 11);
QRegularExpression regex("^word\\d+$");
for (const auto& word : words) {
QVERIFY2(regex.match(word).hasMatch(), qPrintable("Word " + word + " was not on the word list"));
}
TemporaryFile smallWordFile;
smallWordFile.open();
for (int i = 0; i < 50; ++i) {
smallWordFile.write(QString("word" + QString::number(i) + "\n").toLatin1());
}
smallWordFile.close();
execCmd(dicewareCmd, {"diceware", "-W", "11", "-w", smallWordFile.fileName()});
QCOMPARE(m_stderr->readLine(), QByteArray("The word list is too small (< 1000 items)\n"));
}
void TestCli::testEdit()
{
Edit editCmd;
QVERIFY(!editCmd.name.isEmpty());
QVERIFY(editCmd.getDescriptionLine().contains(editCmd.name));
setInput("a");
execCmd(editCmd,
{"edit",
"-u",
"newuser",
"--url",
"https://otherurl.example.com/",
"--notes",
"newnotes",
"-t",
"newtitle",
m_dbFile->fileName(),
"/Sample Entry"});
QCOMPARE(m_stdout->readLine(), QByteArray("Successfully edited entry newtitle.\n"));
auto db = readDatabase();
auto* entry = db->rootGroup()->findEntryByPath("/newtitle");
QVERIFY(entry);
QCOMPARE(entry->username(), QString("newuser"));
QCOMPARE(entry->url(), QString("https://otherurl.example.com/"));
QCOMPARE(entry->password(), QString("Password"));
QCOMPARE(entry->notes(), QString("newnotes"));
// Quiet option
setInput("a");
execCmd(editCmd, {"edit", m_dbFile->fileName(), "-q", "-t", "newertitle", "/newtitle"});
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(), QByteArray());
setInput("a");
execCmd(editCmd, {"edit", "-g", m_dbFile->fileName(), "/newertitle"});
db = readDatabase();
entry = db->rootGroup()->findEntryByPath("/newertitle");
QVERIFY(entry);
QCOMPARE(entry->username(), QString("newuser"));
QCOMPARE(entry->url(), QString("https://otherurl.example.com/"));
QVERIFY(!entry->password().isEmpty());
QVERIFY(entry->password() != QString("Password"));
setInput("a");
execCmd(editCmd, {"edit", "-g", "-L", "34", "-t", "evennewertitle", m_dbFile->fileName(), "/newertitle"});
db = readDatabase();
entry = db->rootGroup()->findEntryByPath("/evennewertitle");
QVERIFY(entry);
QCOMPARE(entry->username(), QString("newuser"));
QCOMPARE(entry->url(), QString("https://otherurl.example.com/"));
QVERIFY(entry->password() != QString("Password"));
QCOMPARE(entry->password().size(), 34);
QRegularExpression defaultPasswordClassesRegex("^[a-zA-Z0-9]+$");
QVERIFY(defaultPasswordClassesRegex.match(entry->password()).hasMatch());
setInput("a");
execCmd(editCmd,
{"edit",
"-g",
"-L",
"20",
"--every-group",
"-s",
"-n",
"--upper",
"-l",
m_dbFile->fileName(),
"/evennewertitle"});
QCOMPARE(m_stdout->readAll(), QByteArray("Successfully edited entry evennewertitle.\n"));
db = readDatabase();
entry = db->rootGroup()->findEntryByPath("/evennewertitle");
QVERIFY(entry);
QCOMPARE(entry->password().size(), 20);
QVERIFY(!defaultPasswordClassesRegex.match(entry->password()).hasMatch());
setInput({"a", "newpassword"});
execCmd(editCmd, {"edit", "-p", m_dbFile->fileName(), "/evennewertitle"});
db = readDatabase();
QVERIFY(db);
entry = db->rootGroup()->findEntryByPath("/evennewertitle");
QVERIFY(entry);
QCOMPARE(entry->password(), QString("newpassword"));
// with line break in notes
setInput("a");
execCmd(editCmd, {"edit", m_dbFile->fileName(), "--notes", "testing\\nline breaks", "/evennewertitle"});
db = readDatabase();
entry = db->rootGroup()->findEntryByPath("/evennewertitle");
QVERIFY(entry);
QCOMPARE(entry->notes(), QString("testing\nline breaks"));
}
void TestCli::testEstimate_data()
{
QTest::addColumn<QString>("input");
QTest::addColumn<QString>("length");
QTest::addColumn<QString>("entropy");
QTest::addColumn<QString>("log10");
QTest::addColumn<QStringList>("searchStrings");
QTest::newRow("Dictionary") << "password"
<< "8"
<< "1.0"
<< "0.3" << QStringList{"Type: Dictionary", "\tpassword"};
QTest::newRow("Spatial") << "zxcv"
<< "4"
<< "10.3"
<< "3.1" << QStringList{"Type: Spatial", "\tzxcv"};
QTest::newRow("Spatial(Rep)") << "sdfgsdfg"
<< "8"
<< "11.3"
<< "3.4" << QStringList{"Type: Spatial(Rep)", "\tsdfgsdfg"};
QTest::newRow("Dictionary / Sequence")
<< "password123"
<< "11"
<< "4.5"
<< "1.3" << QStringList{"Type: Dictionary", "Type: Sequence", "\tpassword", "\t123"};
QTest::newRow("Dict+Leet") << "p455w0rd"
<< "8"
<< "2.5"
<< "0.7" << QStringList{"Type: Dict+Leet", "\tp455w0rd"};
QTest::newRow("Dictionary(Rep)") << "hellohello"
<< "10"
<< "7.3"
<< "2.2" << QStringList{"Type: Dictionary(Rep)", "\thellohello"};
QTest::newRow("Sequence(Rep) / Dictionary")
<< "456456foobar"
<< "12"
<< "16.7"
<< "5.0" << QStringList{"Type: Sequence(Rep)", "Type: Dictionary", "\t456456", "\tfoobar"};
QTest::newRow("Bruteforce(Rep) / Bruteforce")
<< "xzxzy"
<< "5"
<< "16.1"
<< "4.8" << QStringList{"Type: Bruteforce(Rep)", "Type: Bruteforce", "\txzxz", "\ty"};
QTest::newRow("Dictionary / Date(Rep)")
<< "pass20182018"
<< "12"
<< "15.1"
<< "4.56" << QStringList{"Type: Dictionary", "Type: Date(Rep)", "\tpass", "\t20182018"};
QTest::newRow("Dictionary / Date / Bruteforce")
<< "mypass2018-2"
<< "12"
<< "32.9"
<< "9.9" << QStringList{"Type: Dictionary", "Type: Date", "Type: Bruteforce", "\tmypass", "\t2018", "\t-2"};
QTest::newRow("Strong Password") << "E*!%.Qw{t.X,&bafw)\"Q!ah$%;U/"
<< "28"
<< "165.7"
<< "49.8" << QStringList{"Type: Bruteforce", "\tE*"};
// TODO: detect passphrases and adjust entropy calculation accordingly (issue #2347)
QTest::newRow("Strong Passphrase")
<< "squint wooing resupply dangle isolation axis headsman"
<< "53"
<< "151.2"
<< "45.5"
<< QStringList{
"Type: Dictionary", "Type: Bruteforce", "Multi-word extra bits 22.0", "\tsquint", "\t ", "\twooing"};
}
void TestCli::testEstimate()
{
QFETCH(QString, input);
QFETCH(QString, length);
QFETCH(QString, entropy);
QFETCH(QString, log10);
QFETCH(QStringList, searchStrings);
Estimate estimateCmd;
QVERIFY(!estimateCmd.name.isEmpty());
QVERIFY(estimateCmd.getDescriptionLine().contains(estimateCmd.name));
setInput(input);
execCmd(estimateCmd, {"estimate", "-a"});
auto result = QString(m_stdout->readAll());
QVERIFY(result.contains("Length " + length));
QVERIFY(result.contains("Entropy " + entropy));
QVERIFY(result.contains("Log10 " + log10));
for (const auto& string : asConst(searchStrings)) {
QVERIFY2(result.contains(string), qPrintable("String " + string + " missing"));
}
}
void TestCli::testExport()
{
Export exportCmd;
QVERIFY(!exportCmd.name.isEmpty());
QVERIFY(exportCmd.getDescriptionLine().contains(exportCmd.name));
setInput("a");
execCmd(exportCmd, {"export", m_dbFile->fileName()});
TemporaryFile xmlOutput;
xmlOutput.open(QIODevice::WriteOnly);
xmlOutput.write(m_stdout->readAll());
xmlOutput.close();
QScopedPointer<Database> db(new Database());
QVERIFY(db->import(xmlOutput.fileName()));
auto* entry = db->rootGroup()->findEntryByPath("/Sample Entry");
QVERIFY(entry);
QCOMPARE(entry->password(), QString("Password"));
// Quiet option
QScopedPointer<Database> dbQuiet(new Database());
setInput("a");
execCmd(exportCmd, {"export", "-f", "xml", "-q", m_dbFile->fileName()});
QCOMPARE(m_stderr->readAll(), QByteArray());
xmlOutput.open(QIODevice::WriteOnly);
xmlOutput.write(m_stdout->readAll());
xmlOutput.close();
QVERIFY(db->import(xmlOutput.fileName()));
// CSV exporting
setInput("a");
execCmd(exportCmd, {"export", "-f", "csv", m_dbFile->fileName()});
QByteArray csvHeader = m_stdout->readLine();
QVERIFY(csvHeader.contains(QByteArray("\"Group\",\"Title\",\"Username\",\"Password\",\"URL\",\"Notes\"")));
QByteArray csvData = m_stdout->readAll();
QVERIFY(csvData.contains(QByteArray(
"\"NewDatabase\",\"Sample Entry\",\"User Name\",\"Password\",\"http://www.somesite.com/\",\"Notes\"")));
// test invalid format
setInput("a");
execCmd(exportCmd, {"export", "-f", "yaml", m_dbFile->fileName()});
m_stderr->readLine(); // Skip password prompt
QCOMPARE(m_stderr->readLine(), QByteArray("Unsupported format yaml\n"));
}
void TestCli::testGenerate_data()
{
QTest::addColumn<QStringList>("parameters");
QTest::addColumn<QString>("pattern");
QTest::newRow("default") << QStringList{"generate"} << "^[^\r\n]+$";
QTest::newRow("length") << QStringList{"generate", "-L", "13"} << "^.{13}$";
QTest::newRow("lowercase") << QStringList{"generate", "-L", "14", "-l"} << "^[a-z]{14}$";
QTest::newRow("uppercase") << QStringList{"generate", "-L", "15", "--upper"} << "^[A-Z]{15}$";
QTest::newRow("numbers") << QStringList{"generate", "-L", "16", "-n"} << "^[0-9]{16}$";
QTest::newRow("special") << QStringList{"generate", "-L", "200", "-s"}
<< R"(^[\(\)\[\]\{\}\.\-*|\\,:;"'\/\_!+-<=>?#$%&^`@~]{200}$)";
QTest::newRow("special (exclude)") << QStringList{"generate", "-L", "200", "-s", "-x", "+.?@&"}
<< R"(^[\(\)\[\]\{\}\.\-*|\\,:;"'\/\_!-<=>#$%^`~]{200}$)";
QTest::newRow("extended") << QStringList{"generate", "-L", "50", "-e"}
<< R"(^[^a-zA-Z0-9\(\)\[\]\{\}\.\-\*\|\\,:;"'\/\_!+-<=>?#$%&^`@~]{50}$)";
QTest::newRow("numbers + lowercase + uppercase")
<< QStringList{"generate", "-L", "16", "-n", "--upper", "-l"} << "^[0-9a-zA-Z]{16}$";
QTest::newRow("numbers + lowercase + uppercase (exclude)")
<< QStringList{"generate", "-L", "500", "-n", "-U", "-l", "-x", "abcdefg0123@"} << "^[^abcdefg0123@]{500}$";
QTest::newRow("numbers + lowercase + uppercase (exclude similar)")
<< QStringList{"generate", "-L", "200", "-n", "-U", "-l", "--exclude-similar"} << "^[^l1IO0]{200}$";
QTest::newRow("uppercase + lowercase (every)")
<< QStringList{"generate", "-L", "2", "--upper", "-l", "--every-group"} << "^[a-z][A-Z]|[A-Z][a-z]$";
QTest::newRow("numbers + lowercase (every)")
<< QStringList{"generate", "-L", "2", "-n", "-l", "--every-group"} << "^[a-z][0-9]|[0-9][a-z]$";
QTest::newRow("custom character set")
<< QStringList{"generate", "-L", "200", "-n", "-c", "abc"} << "^[abc0-9]{200}$";
QTest::newRow("custom character set without extra options uses only custom chars")
<< QStringList{"generate", "-L", "200", "-c", "a"} << "^a{200}$";
}
void TestCli::testGenerate()
{
QFETCH(QStringList, parameters);
QFETCH(QString, pattern);
Generate generateCmd;
QVERIFY(!generateCmd.name.isEmpty());
QVERIFY(generateCmd.getDescriptionLine().contains(generateCmd.name));
for (int i = 0; i < 10; ++i) {
execCmd(generateCmd, parameters);
QRegularExpression regex(pattern);
#ifdef Q_OS_UNIX
QString password = QString::fromUtf8(m_stdout->readLine());
#else
QString password = QString::fromLatin1(m_stdout->readLine());
#endif
QVERIFY2(regex.match(password).hasMatch(),
qPrintable("Password " + password + " does not match pattern " + pattern));
QCOMPARE(m_stderr->readAll(), QByteArray());
}
// Testing with invalid password length
execCmd(generateCmd, {"generate", "-L", "-10"});
QCOMPARE(m_stderr->readLine(), QByteArray("Invalid password length -10\n"));
execCmd(generateCmd, {"generate", "-L", "0"});
QCOMPARE(m_stderr->readLine(), QByteArray("Invalid password length 0\n"));
// Testing with invalid word count format
execCmd(generateCmd, {"generate", "-L", "bleuh"});
QCOMPARE(m_stderr->readLine(), QByteArray("Invalid password length bleuh\n"));
}
void TestCli::testImport()
{
Import importCmd;
QVERIFY(!importCmd.name.isEmpty());
QVERIFY(importCmd.getDescriptionLine().contains(importCmd.name));
QScopedPointer<QTemporaryDir> testDir(new QTemporaryDir());
QString databaseFilename = testDir->path() + "/testImport1.kdbx";
setInput({"a", "a"});
execCmd(importCmd, {"import", m_xmlFile->fileName(), databaseFilename, "-p"});
QCOMPARE(m_stderr->readLine(), QByteArray("Enter password to encrypt database (optional): \n"));
QCOMPARE(m_stderr->readLine(), QByteArray("Repeat password: \n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Successfully imported database.\n"));
auto db = readDatabase(databaseFilename, "a");
QVERIFY(db);
auto* entry = db->rootGroup()->findEntryByPath("/Sample Entry 1");
QVERIFY(entry);
QCOMPARE(entry->username(), QString("User Name"));
// Should refuse to create the database if it already exists.
execCmd(importCmd, {"import", m_xmlFile->fileName(), databaseFilename});
// Output should be empty when there is an error.
QCOMPARE(m_stdout->readAll(), QByteArray());
QString errorMessage = QString("File " + databaseFilename + " already exists.\n");
QCOMPARE(m_stderr->readAll(), errorMessage.toUtf8());
// Testing import with non-existing keyfile
databaseFilename = testDir->path() + "/testImport2.kdbx";
QString keyfilePath = testDir->path() + "/keyfile.txt";
setInput({"a", "a"});
execCmd(importCmd, {"import", "-p", "-k", keyfilePath, m_xmlFile->fileName(), databaseFilename});
QCOMPARE(m_stderr->readLine(), QByteArray("Enter password to encrypt database (optional): \n"));
QCOMPARE(m_stderr->readLine(), QByteArray("Repeat password: \n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Successfully imported database.\n"));
db = readDatabase(databaseFilename, "a", keyfilePath);
QVERIFY(db);
// Testing import with existing keyfile
databaseFilename = testDir->path() + "/testImport3.kdbx";
setInput({"a", "a"});
execCmd(importCmd, {"import", "-p", "-k", keyfilePath, m_xmlFile->fileName(), databaseFilename});
QCOMPARE(m_stderr->readLine(), QByteArray("Enter password to encrypt database (optional): \n"));
QCOMPARE(m_stderr->readLine(), QByteArray("Repeat password: \n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Successfully imported database.\n"));
db = readDatabase(databaseFilename, "a", keyfilePath);
QVERIFY(db);
// Invalid decryption time (format).
databaseFilename = testDir->path() + "/testCreate_time.kdbx";
execCmd(importCmd, {"import", "-p", "-t", "NAN", m_xmlFile->fileName(), databaseFilename});
QCOMPARE(m_stdout->readAll(), QByteArray());
QCOMPARE(m_stderr->readAll(), QByteArray("Invalid decryption time NAN.\n"));
// Invalid decryption time (range).
execCmd(importCmd, {"import", "-p", "-t", "10", m_xmlFile->fileName(), databaseFilename});
QCOMPARE(m_stdout->readAll(), QByteArray());
QVERIFY(m_stderr->readAll().contains(QByteArray("Target decryption time must be between")));
int encryptionTime = 500;
// Custom encryption time
setInput({"a", "a"});
int epochBefore = QDateTime::currentMSecsSinceEpoch();
execCmd(importCmd,
{"import", "-p", "-t", QString::number(encryptionTime), m_xmlFile->fileName(), databaseFilename});
// Removing 100ms to make sure we account for changes in computation time.
QVERIFY(QDateTime::currentMSecsSinceEpoch() > (epochBefore + encryptionTime - 100));
QCOMPARE(m_stderr->readLine(), QByteArray("Enter password to encrypt database (optional): \n"));
QCOMPARE(m_stderr->readLine(), QByteArray("Repeat password: \n"));
QCOMPARE(m_stdout->readLine(), QByteArray("Benchmarking key derivation function for 500ms delay.\n"));
QVERIFY(m_stdout->readLine().contains(QByteArray("rounds for key derivation function.\n")));
db = readDatabase(databaseFilename, "a");
QVERIFY(db);
// Quiet option
QScopedPointer<QTemporaryDir> testDirQuiet(new QTemporaryDir());
QString databaseFilenameQuiet = testDirQuiet->path() + "/testImport2.kdbx";
setInput({"a", "a"});
execCmd(importCmd, {"import", "-p", "-q", m_xmlFile->fileName(), databaseFilenameQuiet});
QCOMPARE(m_stderr->readLine(), QByteArray("Enter password to encrypt database (optional): \n"));
QCOMPARE(m_stderr->readLine(), QByteArray("Repeat password: \n"));
QCOMPARE(m_stdout->readLine(), QByteArray());
db = readDatabase(databaseFilenameQuiet, "a");
QVERIFY(db);
}
void TestCli::testKeyFileOption()
{
List listCmd;
QString keyFilePath(QString(KEEPASSX_TEST_DATA_DIR).append("/KeyFileProtected.key"));
setInput("a");
execCmd(listCmd, {"ls", "-k", keyFilePath, m_keyFileProtectedDbFile->fileName()});
m_stderr->readLine(); // Skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(),
QByteArray("entry1\n"
"entry2\n"));
// Should raise an error with no key file.
setInput("a");
execCmd(listCmd, {"ls", m_keyFileProtectedDbFile->fileName()});
QCOMPARE(m_stdout->readAll(), QByteArray());
QVERIFY(m_stderr->readAll().contains("Invalid credentials were provided"));
// Should raise an error if key file path is invalid.
setInput("a");
execCmd(listCmd, {"ls", "-k", "invalidpath", m_keyFileProtectedDbFile->fileName()});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stdout->readAll(), QByteArray());
QCOMPARE(m_stderr->readAll().split(':').at(0), QByteArray("Failed to load key file invalidpath"));
}
void TestCli::testNoPasswordOption()
{
List listCmd;
QString keyFilePath(QString(KEEPASSX_TEST_DATA_DIR).append("/KeyFileProtectedNoPassword.key"));
execCmd(listCmd, {"ls", "-k", keyFilePath, "--no-password", m_keyFileProtectedNoPasswordDbFile->fileName()});
// Expecting no password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(),
QByteArray("entry1\n"
"entry2\n"));
// Should raise an error with no key file.
execCmd(listCmd, {"ls", "--no-password", m_keyFileProtectedNoPasswordDbFile->fileName()});
QCOMPARE(m_stdout->readAll(), QByteArray());
QVERIFY(m_stderr->readAll().contains("Invalid credentials were provided"));
}
void TestCli::testList()
{
List listCmd;
QVERIFY(!listCmd.name.isEmpty());
QVERIFY(listCmd.getDescriptionLine().contains(listCmd.name));
setInput("a");
execCmd(listCmd, {"ls", m_dbFile->fileName()});
m_stderr->readLine(); // Skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(),
QByteArray("Sample Entry\n"
"General/\n"
"Windows/\n"
"Network/\n"
"Internet/\n"
"eMail/\n"
"Homebanking/\n"));
// Quiet option
setInput("a");
execCmd(listCmd, {"ls", "-q", m_dbFile->fileName()});
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(),
QByteArray("Sample Entry\n"
"General/\n"
"Windows/\n"
"Network/\n"
"Internet/\n"
"eMail/\n"
"Homebanking/\n"));
setInput("a");
execCmd(listCmd, {"ls", "-R", m_dbFile->fileName()});
QCOMPARE(m_stdout->readAll(),
QByteArray("Sample Entry\n"
"General/\n"
" [empty]\n"
"Windows/\n"
" [empty]\n"
"Network/\n"
" [empty]\n"
"Internet/\n"
" [empty]\n"
"eMail/\n"
" [empty]\n"
"Homebanking/\n"
" Subgroup/\n"
" Subgroup Entry\n"));
setInput("a");
execCmd(listCmd, {"ls", "-R", "-f", m_dbFile->fileName()});
QCOMPARE(m_stdout->readAll(),
QByteArray("Sample Entry\n"
"General/\n"
"General/[empty]\n"
"Windows/\n"
"Windows/[empty]\n"
"Network/\n"
"Network/[empty]\n"
"Internet/\n"
"Internet/[empty]\n"
"eMail/\n"
"eMail/[empty]\n"
"Homebanking/\n"
"Homebanking/Subgroup/\n"
"Homebanking/Subgroup/Subgroup Entry\n"));
setInput("a");
execCmd(listCmd, {"ls", "-R", "-f", m_dbFile->fileName(), "/Homebanking"});
QCOMPARE(m_stdout->readAll(),
QByteArray("Subgroup/\n"
"Subgroup/Subgroup Entry\n"));
setInput("a");
execCmd(listCmd, {"ls", m_dbFile->fileName(), "/General/"});
QCOMPARE(m_stdout->readAll(), QByteArray("[empty]\n"));
setInput("a");
execCmd(listCmd, {"ls", m_dbFile->fileName(), "/DoesNotExist/"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray("Cannot find group /DoesNotExist/.\n"));
QCOMPARE(m_stdout->readAll(), QByteArray());
}
void TestCli::testMerge()
{
Merge mergeCmd;
QVERIFY(!mergeCmd.name.isEmpty());
QVERIFY(mergeCmd.getDescriptionLine().contains(mergeCmd.name));
// load test database and save copies
auto db = readDatabase();
QVERIFY(db);
TemporaryFile targetFile1;
targetFile1.open();
targetFile1.close();
TemporaryFile targetFile2;
targetFile2.open();
targetFile2.close();
TemporaryFile targetFile3;
targetFile3.open();
targetFile3.close();
db->saveAs(targetFile1.fileName());
db->saveAs(targetFile2.fileName());
// save another copy with a different password
auto oldKey = db->key();
auto key = QSharedPointer<CompositeKey>::create();
key->addKey(QSharedPointer<PasswordKey>::create("b"));
db->setKey(key);
db->saveAs(targetFile3.fileName());
// Restore the original password
db->setKey(oldKey);
// then add a new entry to the in-memory database and save another copy
auto* entry = new Entry();
entry->setUuid(QUuid::createUuid());
entry->setTitle("Some Website");
entry->setPassword("secretsecretsecret");
auto* group = db->rootGroup()->findGroupByPath("/Internet/");
QVERIFY(group);
group->addEntry(entry);
TemporaryFile sourceFile;
sourceFile.open();
sourceFile.close();
db->saveAs(sourceFile.fileName());
setInput("a");
execCmd(mergeCmd, {"merge", "-s", targetFile1.fileName(), sourceFile.fileName()});
m_stderr->readLine(); // Skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
QList<QByteArray> outLines1 = m_stdout->readAll().split('\n');
QVERIFY(outLines1.at(0).contains("Overwriting Internet"));
QVERIFY(outLines1.at(1).contains("Creating missing Some Website"));
QCOMPARE(outLines1.at(2),
QString("Successfully merged %1 into %2.").arg(sourceFile.fileName(), targetFile1.fileName()).toUtf8());
auto mergedDb = QSharedPointer<Database>::create();
QVERIFY(mergedDb->open(targetFile1.fileName(), oldKey));
auto* entry1 = mergedDb->rootGroup()->findEntryByPath("/Internet/Some Website");
QVERIFY(entry1);
QCOMPARE(entry1->title(), QString("Some Website"));
QCOMPARE(entry1->password(), QString("secretsecretsecret"));
// the dry run option should not modify the target database.
setInput("a");
execCmd(mergeCmd, {"merge", "--dry-run", "-s", targetFile2.fileName(), sourceFile.fileName()});
QList<QByteArray> outLines2 = m_stdout->readAll().split('\n');
QVERIFY(outLines2.at(0).contains("Overwriting Internet"));
QVERIFY(outLines2.at(1).contains("Creating missing Some Website"));
QCOMPARE(outLines2.at(2), QByteArray("Database was not modified by merge operation."));
mergedDb = QSharedPointer<Database>::create();
QVERIFY(mergedDb->open(targetFile2.fileName(), oldKey));
entry1 = mergedDb->rootGroup()->findEntryByPath("/Internet/Some Website");
QVERIFY(!entry1);
// the dry run option can be used with the quiet option
setInput("a");
execCmd(mergeCmd, {"merge", "--dry-run", "-s", "-q", targetFile2.fileName(), sourceFile.fileName()});
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(), QByteArray());
mergedDb = QSharedPointer<Database>::create();
QVERIFY(mergedDb->open(targetFile2.fileName(), oldKey));
entry1 = mergedDb->rootGroup()->findEntryByPath("/Internet/Some Website");
QVERIFY(!entry1);
// try again with different passwords for both files
setInput({"b", "a"});
execCmd(mergeCmd, {"merge", targetFile3.fileName(), sourceFile.fileName()});
QList<QByteArray> outLines3 = m_stdout->readAll().split('\n');
QCOMPARE(outLines3.at(2),
QString("Successfully merged %1 into %2.").arg(sourceFile.fileName(), targetFile3.fileName()).toUtf8());
mergedDb = QSharedPointer<Database>::create();
QVERIFY(mergedDb->open(targetFile3.fileName(), key));
entry1 = mergedDb->rootGroup()->findEntryByPath("/Internet/Some Website");
QVERIFY(entry1);
QCOMPARE(entry1->title(), QString("Some Website"));
QCOMPARE(entry1->password(), QString("secretsecretsecret"));
// making sure that the message is different if the database was not
// modified by the merge operation.
setInput("a");
execCmd(mergeCmd, {"merge", "-s", sourceFile.fileName(), sourceFile.fileName()});
QCOMPARE(m_stdout->readAll(), QByteArray("Database was not modified by merge operation.\n"));
// Quiet option
setInput("a");
execCmd(mergeCmd, {"merge", "-q", "-s", sourceFile.fileName(), sourceFile.fileName()});
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(), QByteArray());
// Quiet option without the -s option
setInput({"a", "a"});
execCmd(mergeCmd, {"merge", "-q", sourceFile.fileName(), sourceFile.fileName()});
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(), QByteArray());
}
void TestCli::testMergeWithKeys()
{
Create createCmd;
QVERIFY(!createCmd.name.isEmpty());
QVERIFY(createCmd.getDescriptionLine().contains(createCmd.name));
Merge mergeCmd;
QVERIFY(!mergeCmd.name.isEmpty());
QVERIFY(mergeCmd.getDescriptionLine().contains(mergeCmd.name));
QScopedPointer<QTemporaryDir> testDir(new QTemporaryDir());
QString sourceDatabaseFilename = testDir->path() + "/testSourceDatabase.kdbx";
QString sourceKeyfilePath = testDir->path() + "/testSourceKeyfile.txt";
QString targetDatabaseFilename = testDir->path() + "/testTargetDatabase.kdbx";
QString targetKeyfilePath = testDir->path() + "/testTargetKeyfile.txt";
setInput({"a", "a"});
execCmd(createCmd, {"db-create", sourceDatabaseFilename, "-p", "-k", sourceKeyfilePath});
setInput({"b", "b"});
execCmd(createCmd, {"db-create", targetDatabaseFilename, "-p", "-k", targetKeyfilePath});
auto sourceDatabase = readDatabase(sourceDatabaseFilename, "a", sourceKeyfilePath);
QVERIFY(sourceDatabase);
auto targetDatabase = readDatabase(targetDatabaseFilename, "b", targetKeyfilePath);
QVERIFY(targetDatabase);
auto* rootGroup = new Group();
rootGroup->setName("root");
rootGroup->setUuid(QUuid::createUuid());
auto* group = new Group();
group->setUuid(QUuid::createUuid());
group->setParent(rootGroup);
group->setName("Internet");
auto* entry = new Entry();
entry->setUuid(QUuid::createUuid());
entry->setTitle("Some Website");
entry->setPassword("secretsecretsecret");
group->addEntry(entry);
sourceDatabase->setRootGroup(rootGroup);
auto* otherRootGroup = new Group();
otherRootGroup->setName("root");
otherRootGroup->setUuid(QUuid::createUuid());
auto* otherGroup = new Group();
otherGroup->setUuid(QUuid::createUuid());
otherGroup->setParent(otherRootGroup);
otherGroup->setName("Internet");
auto* otherEntry = new Entry();
otherEntry->setUuid(QUuid::createUuid());
otherEntry->setTitle("Some Website 2");
otherEntry->setPassword("secretsecretsecret 2");
otherGroup->addEntry(otherEntry);
targetDatabase->setRootGroup(otherRootGroup);
sourceDatabase->saveAs(sourceDatabaseFilename);
targetDatabase->saveAs(targetDatabaseFilename);
setInput({"b", "a"});
execCmd(mergeCmd,
{"merge",
"-k",
targetKeyfilePath,
"--key-file-from",
sourceKeyfilePath,
targetDatabaseFilename,
sourceDatabaseFilename});
QList<QByteArray> lines = m_stdout->readAll().split('\n');
QVERIFY(lines.contains(
QString("Successfully merged %1 into %2.").arg(sourceDatabaseFilename, targetDatabaseFilename).toUtf8()));
}
void TestCli::testMove()
{
Move moveCmd;
QVERIFY(!moveCmd.name.isEmpty());
QVERIFY(moveCmd.getDescriptionLine().contains(moveCmd.name));
setInput("a");
execCmd(moveCmd, {"mv", m_dbFile->fileName(), "invalid_entry_path", "invalid_group_path"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readLine(), QByteArray("Could not find entry with path invalid_entry_path.\n"));
QCOMPARE(m_stdout->readLine(), QByteArray());
setInput("a");
execCmd(moveCmd, {"mv", m_dbFile->fileName(), "Sample Entry", "invalid_group_path"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readLine(), QByteArray("Could not find group with path invalid_group_path.\n"));
QCOMPARE(m_stdout->readLine(), QByteArray());
setInput("a");
execCmd(moveCmd, {"mv", m_dbFile->fileName(), "Sample Entry", "General/"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readLine(), QByteArray());
QCOMPARE(m_stdout->readLine(), QByteArray("Successfully moved entry Sample Entry to group General/.\n"));
auto db = readDatabase();
auto* entry = db->rootGroup()->findEntryByPath("General/Sample Entry");
QVERIFY(entry);
// Test that not modified if the same group is destination.
setInput("a");
execCmd(moveCmd, {"mv", m_dbFile->fileName(), "General/Sample Entry", "General/"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readLine(), QByteArray("Entry is already in group General/.\n"));
QCOMPARE(m_stdout->readLine(), QByteArray());
// sanity check
db = readDatabase();
entry = db->rootGroup()->findEntryByPath("General/Sample Entry");
QVERIFY(entry);
}
void TestCli::testRemove()
{
Remove removeCmd;
QVERIFY(!removeCmd.name.isEmpty());
QVERIFY(removeCmd.getDescriptionLine().contains(removeCmd.name));
// load test database and save a copy with disabled recycle bin
auto db = readDatabase();
QVERIFY(db);
TemporaryFile fileCopy;
fileCopy.open();
fileCopy.close();
db->metadata()->setRecycleBinEnabled(false);
db->saveAs(fileCopy.fileName());
// delete entry and verify
setInput("a");
execCmd(removeCmd, {"rm", m_dbFile->fileName(), "/Sample Entry"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(), QByteArray("Successfully recycled entry Sample Entry.\n"));
auto readBackDb = readDatabase();
QVERIFY(readBackDb);
QVERIFY(!readBackDb->rootGroup()->findEntryByPath("/Sample Entry"));
QVERIFY(readBackDb->rootGroup()->findEntryByPath(QString("/%1/Sample Entry").arg(Group::tr("Recycle Bin"))));
// try again, this time without recycle bin
setInput("a");
execCmd(removeCmd, {"rm", fileCopy.fileName(), "/Sample Entry"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stdout->readAll(), QByteArray("Successfully deleted entry Sample Entry.\n"));
readBackDb = readDatabase(fileCopy.fileName(), "a");
QVERIFY(readBackDb);
QVERIFY(!readBackDb->rootGroup()->findEntryByPath("/Sample Entry"));
QVERIFY(!readBackDb->rootGroup()->findEntryByPath(QString("/%1/Sample Entry").arg(Group::tr("Recycle Bin"))));
// finally, try deleting a non-existent entry
setInput("a");
execCmd(removeCmd, {"rm", fileCopy.fileName(), "/Sample Entry"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray("Entry /Sample Entry not found.\n"));
QCOMPARE(m_stdout->readAll(), QByteArray());
// try deleting a directory, should fail
setInput("a");
execCmd(removeCmd, {"rm", fileCopy.fileName(), "/General"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray("Entry /General not found.\n"));
QCOMPARE(m_stdout->readAll(), QByteArray());
}
void TestCli::testRemoveGroup()
{
RemoveGroup removeGroupCmd;
QVERIFY(!removeGroupCmd.name.isEmpty());
QVERIFY(removeGroupCmd.getDescriptionLine().contains(removeGroupCmd.name));
// try deleting a directory, should recycle it first.
setInput("a");
execCmd(removeGroupCmd, {"rmdir", m_dbFile->fileName(), "/General"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(), QByteArray("Successfully recycled group /General.\n"));
auto db = readDatabase();
auto* group = db->rootGroup()->findGroupByPath("General");
QVERIFY(!group);
// try deleting a directory again, should delete it permanently.
setInput("a");
execCmd(removeGroupCmd, {"rmdir", m_dbFile->fileName(), "Recycle Bin/General"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(), QByteArray("Successfully deleted group Recycle Bin/General.\n"));
db = readDatabase();
group = db->rootGroup()->findGroupByPath("Recycle Bin/General");
QVERIFY(!group);
// try deleting an invalid group, should fail.
setInput("a");
execCmd(removeGroupCmd, {"rmdir", m_dbFile->fileName(), "invalid"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray("Group invalid not found.\n"));
QCOMPARE(m_stdout->readAll(), QByteArray());
// Should fail to remove the root group.
setInput("a");
execCmd(removeGroupCmd, {"rmdir", m_dbFile->fileName(), "/"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray("Cannot remove root group from database.\n"));
QCOMPARE(m_stdout->readAll(), QByteArray());
}
void TestCli::testRemoveQuiet()
{
Remove removeCmd;
QVERIFY(!removeCmd.name.isEmpty());
QVERIFY(removeCmd.getDescriptionLine().contains(removeCmd.name));
// delete entry and verify
setInput("a");
execCmd(removeCmd, {"rm", "-q", m_dbFile->fileName(), "/Sample Entry"});
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(), QByteArray());
auto db = readDatabase();
QVERIFY(db);
QVERIFY(!db->rootGroup()->findEntryByPath("/Sample Entry"));
QVERIFY(db->rootGroup()->findEntryByPath(QString("/%1/Sample Entry").arg(Group::tr("Recycle Bin"))));
// remove the entry completely
setInput("a");
execCmd(removeCmd, {"rm", "-q", m_dbFile->fileName(), QString("/%1/Sample Entry").arg(Group::tr("Recycle Bin"))});
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(), QByteArray());
db = readDatabase();
QVERIFY(!db->rootGroup()->findEntryByPath("/Sample Entry"));
QVERIFY(!db->rootGroup()->findEntryByPath(QString("/%1/Sample Entry").arg(Group::tr("Recycle Bin"))));
}
void TestCli::testSearch()
{
Search searchCmd;
QVERIFY(!searchCmd.name.isEmpty());
QVERIFY(searchCmd.getDescriptionLine().contains(searchCmd.name));
setInput("a");
execCmd(searchCmd, {"search", m_dbFile->fileName(), "Sample"});
m_stderr->readLine(); // Skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(), QByteArray("/Sample Entry\n"));
// Quiet option
setInput("a");
execCmd(searchCmd, {"search", m_dbFile->fileName(), "-q", "Sample"});
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(), QByteArray("/Sample Entry\n"));
setInput("a");
execCmd(searchCmd, {"search", m_dbFile->fileName(), "Does Not Exist"});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray("No results for that search term.\n"));
QCOMPARE(m_stdout->readAll(), QByteArray());
// write a modified database
auto db = readDatabase();
QVERIFY(db);
auto* group = db->rootGroup()->findGroupByPath("/General/");
QVERIFY(group);
auto* entry = new Entry();
entry->setUuid(QUuid::createUuid());
entry->setTitle("New Entry");
group->addEntry(entry);
TemporaryFile tmpFile;
tmpFile.open();
tmpFile.close();
db->saveAs(tmpFile.fileName());
setInput("a");
execCmd(searchCmd, {"search", tmpFile.fileName(), "title:New"});
QCOMPARE(m_stdout->readAll(), QByteArray("/General/New Entry\n"));
setInput("a");
execCmd(searchCmd, {"search", tmpFile.fileName(), "title:Entry"});
QCOMPARE(m_stdout->readAll(),
QByteArray("/Sample Entry\n/General/New Entry\n/Homebanking/Subgroup/Subgroup Entry\n"));
setInput("a");
execCmd(searchCmd, {"search", tmpFile.fileName(), "group:General"});
QCOMPARE(m_stdout->readAll(), QByteArray("/General/New Entry\n"));
setInput("a");
execCmd(searchCmd, {"search", tmpFile.fileName(), "group:NewDatabase"});
QCOMPARE(m_stdout->readAll(), QByteArray("/Sample Entry\n"));
setInput("a");
execCmd(searchCmd, {"search", tmpFile.fileName(), "group:/NewDatabase"});
QCOMPARE(m_stdout->readAll(),
QByteArray("/Sample Entry\n/General/New Entry\n/Homebanking/Subgroup/Subgroup Entry\n"));
setInput("a");
execCmd(searchCmd, {"search", tmpFile.fileName(), "url:bank"});
QCOMPARE(m_stdout->readAll(), QByteArray("/Homebanking/Subgroup/Subgroup Entry\n"));
setInput("a");
execCmd(searchCmd, {"search", tmpFile.fileName(), "u:User Name"});
QCOMPARE(m_stdout->readAll(), QByteArray("/Sample Entry\n/Homebanking/Subgroup/Subgroup Entry\n"));
}
void TestCli::testShow()
{
Show showCmd;
QVERIFY(!showCmd.name.isEmpty());
QVERIFY(showCmd.getDescriptionLine().contains(showCmd.name));
setInput("a");
execCmd(showCmd, {"show", m_dbFile->fileName(), "/Sample Entry"});
m_stderr->readLine(); // Skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(),
QByteArray("Title: Sample Entry\n"
"UserName: User Name\n"
"Password: PROTECTED\n"
"URL: http://www.somesite.com/\n"
"Notes: Notes\n"));
setInput("a");
execCmd(showCmd, {"show", "-s", m_dbFile->fileName(), "/Sample Entry"});
QCOMPARE(m_stdout->readAll(),
QByteArray("Title: Sample Entry\n"
"UserName: User Name\n"
"Password: Password\n"
"URL: http://www.somesite.com/\n"
"Notes: Notes\n"));
setInput("a");
execCmd(showCmd, {"show", m_dbFile->fileName(), "-q", "/Sample Entry"});
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(),
QByteArray("Title: Sample Entry\n"
"UserName: User Name\n"
"Password: PROTECTED\n"
"URL: http://www.somesite.com/\n"
"Notes: Notes\n"));
setInput("a");
execCmd(showCmd, {"show", m_dbFile->fileName(), "--show-attachments", "/Sample Entry"});
m_stderr->readLine(); // Skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(),
QByteArray("Title: Sample Entry\n"
"UserName: User Name\n"
"Password: PROTECTED\n"
"URL: http://www.somesite.com/\n"
"Notes: Notes\n"
"\n"
"Attachments:\n"
" Sample attachment.txt (15.0 B)\n"));
setInput("a");
execCmd(showCmd, {"show", m_dbFile->fileName(), "--show-attachments", "/Homebanking/Subgroup/Subgroup Entry"});
m_stderr->readLine(); // Skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(),
QByteArray("Title: Subgroup Entry\n"
"UserName: Bank User Name\n"
"Password: PROTECTED\n"
"URL: https://www.bank.com\n"
"Notes: Important note\n"
"\n"
"No attachments present.\n"));
setInput("a");
execCmd(showCmd, {"show", "-a", "Title", m_dbFile->fileName(), "/Sample Entry"});
QCOMPARE(m_stdout->readAll(), QByteArray("Sample Entry\n"));
setInput("a");
execCmd(showCmd, {"show", "-a", "Password", m_dbFile->fileName(), "/Sample Entry"});
QCOMPARE(m_stdout->readAll(), QByteArray("Password\n"));
setInput("a");
execCmd(showCmd, {"show", "-a", "Title", "-a", "URL", m_dbFile->fileName(), "/Sample Entry"});
QCOMPARE(m_stdout->readAll(),
QByteArray("Sample Entry\n"
"http://www.somesite.com/\n"));
// Test case insensitivity
setInput("a");
execCmd(showCmd, {"show", "-a", "TITLE", "-a", "URL", m_dbFile->fileName(), "/Sample Entry"});
QCOMPARE(m_stdout->readAll(),
QByteArray("Sample Entry\n"
"http://www.somesite.com/\n"));
setInput("a");
execCmd(showCmd, {"show", "-a", "DoesNotExist", m_dbFile->fileName(), "/Sample Entry"});
QCOMPARE(m_stdout->readAll(), QByteArray());
QVERIFY(m_stderr->readAll().contains("ERROR: unknown attribute DoesNotExist.\n"));
setInput("a");
execCmd(showCmd, {"show", "-t", m_dbFile->fileName(), "/Sample Entry"});
QVERIFY(isTotp(m_stdout->readAll()));
setInput("a");
execCmd(showCmd, {"show", "-a", "Title", m_dbFile->fileName(), "--totp", "/Sample Entry"});
QCOMPARE(m_stdout->readLine(), QByteArray("Sample Entry\n"));
QVERIFY(isTotp(m_stdout->readAll()));
setInput("a");
execCmd(showCmd, {"show", m_dbFile2->fileName(), "--totp", "/Sample Entry"});
QCOMPARE(m_stdout->readAll(), QByteArray());
QVERIFY(m_stderr->readAll().contains("Entry with path /Sample Entry has no TOTP set up.\n"));
// Show with ambiguous attributes
setInput("a");
execCmd(showCmd, {"show", m_dbFile->fileName(), "-a", "Testattribute1", "/Sample Entry"});
QCOMPARE(m_stdout->readAll(), QByteArray());
QVERIFY(m_stderr->readAll().contains("ERROR: attribute Testattribute1 is ambiguous"));
}
void TestCli::testInvalidDbFiles()
{
Show showCmd;
QString nonExistentDbPath("/foo/bar/baz");
QString directoryName("/");
execCmd(showCmd, {"show", nonExistentDbPath, "/Sample Entry"});
QCOMPARE(QString(m_stderr->readAll()),
QObject::tr("Failed to open database file %1: not found").arg(nonExistentDbPath) + "\n");
QCOMPARE(m_stdout->readAll(), QByteArray());
execCmd(showCmd, {"show", directoryName, "whatever"});
QCOMPARE(QString(m_stderr->readAll()),
QObject::tr("Failed to open database file %1: not a plain file").arg(directoryName) + "\n");
// Create a write-only file and try to open it.
// QFileInfo.isReadable returns 'true' on Windows, even after the call to
// setPermissions(WriteOwner) and with NTFS permissions enabled, so this
// check doesn't work.
#if !defined(Q_OS_WIN)
QTemporaryFile tempFile;
QVERIFY(tempFile.open());
QString path = QFileInfo(tempFile).absoluteFilePath();
QVERIFY(tempFile.setPermissions(QFileDevice::WriteOwner));
execCmd(showCmd, {"show", path, "some entry"});
QCOMPARE(QString(m_stderr->readAll()),
QObject::tr("Failed to open database file %1: not readable").arg(path) + "\n");
#endif // Q_OS_WIN
}
/**
* Secret key for the YubiKey slot used by the unit test is
* 1c e3 0f d7 8d 20 dc fa 40 b5 0c 18 77 9a fb 0f 02 28 8d b7
* This secret can be on either slot but must be passive.
*/
void TestCli::testYubiKeyOption()
{
if (!YubiKey::instance()->isInitialized()) {
QSKIP("Unable to initialize YubiKey interface.");
}
YubiKey::instance()->findValidKeys();
// Wait for the hardware to respond
QSignalSpy detected(YubiKey::instance(), SIGNAL(detectComplete(bool)));
QTRY_VERIFY_WITH_TIMEOUT(detected.count() > 0, 2000);
auto keys = YubiKey::instance()->foundKeys();
if (keys.isEmpty()) {
QSKIP("No YubiKey devices were detected.");
}
bool wouldBlock = false;
QByteArray challenge("CLITest");
Replace all crypto libraries with Botan Selected the [Botan crypto library](https://github.com/randombit/botan) due to its feature list, maintainer support, availability across all deployment platforms, and ease of use. Also evaluated Crypto++ as a viable candidate, but the additional features of Botan (PKCS#11, TPM, etc) won out. The random number generator received a backend upgrade. Botan prefers hardware-based RNG's and will provide one if available. This is transparent to KeePassXC and a significant improvement over gcrypt. Replaced Argon2 library with built-in Botan implementation that supports i, d, and id. This requires Botan 2.11.0 or higher. Also simplified the parameter test across KDF's. Aligned SymmetricCipher parameters with available modes. All encrypt and decrypt operations are done in-place instead of returning new objects. This allows use of secure vectors in the future with no additional overhead. Took this opportunity to decouple KeeShare from SSH Agent. Removed leftover code from OpenSSHKey and consolidated the SSH Agent code into the same directory. Removed bcrypt and blowfish inserts since they are provided by Botan. Additionally simplified KeeShare settings interface by removing raw certificate byte data from the user interface. KeeShare will be further refactored in a future PR. NOTE: This PR breaks backwards compatibility with KeeShare certificates due to different RSA key storage with Botan. As a result, new "own" certificates will need to be generated and trust re-established. Removed YKChallengeResponseKeyCLI in favor of just using the original implementation with signal/slots. Removed TestRandom stub since it was just faking random numbers and not actually using the backend. TestRandomGenerator now uses the actual RNG. Greatly simplified Secret Service plugin's use of crypto functions with Botan.
2021-04-04 08:56:00 -04:00
Botan::secure_vector<char> response;
QByteArray expected("\xA2\x3B\x94\x00\xBE\x47\x9A\x30\xA9\xEB\x50\x9B\x85\x56\x5B\x6B\x30\x25\xB4\x8E", 20);
// Find a key that as configured for this test
YubiKeySlot pKey(0, 0);
for (auto key : keys) {
if (YubiKey::instance()->testChallenge(key, &wouldBlock) && !wouldBlock) {
YubiKey::instance()->challenge(key, challenge, response);
Replace all crypto libraries with Botan Selected the [Botan crypto library](https://github.com/randombit/botan) due to its feature list, maintainer support, availability across all deployment platforms, and ease of use. Also evaluated Crypto++ as a viable candidate, but the additional features of Botan (PKCS#11, TPM, etc) won out. The random number generator received a backend upgrade. Botan prefers hardware-based RNG's and will provide one if available. This is transparent to KeePassXC and a significant improvement over gcrypt. Replaced Argon2 library with built-in Botan implementation that supports i, d, and id. This requires Botan 2.11.0 or higher. Also simplified the parameter test across KDF's. Aligned SymmetricCipher parameters with available modes. All encrypt and decrypt operations are done in-place instead of returning new objects. This allows use of secure vectors in the future with no additional overhead. Took this opportunity to decouple KeeShare from SSH Agent. Removed leftover code from OpenSSHKey and consolidated the SSH Agent code into the same directory. Removed bcrypt and blowfish inserts since they are provided by Botan. Additionally simplified KeeShare settings interface by removing raw certificate byte data from the user interface. KeeShare will be further refactored in a future PR. NOTE: This PR breaks backwards compatibility with KeeShare certificates due to different RSA key storage with Botan. As a result, new "own" certificates will need to be generated and trust re-established. Removed YKChallengeResponseKeyCLI in favor of just using the original implementation with signal/slots. Removed TestRandom stub since it was just faking random numbers and not actually using the backend. TestRandomGenerator now uses the actual RNG. Greatly simplified Secret Service plugin's use of crypto functions with Botan.
2021-04-04 08:56:00 -04:00
if (std::memcmp(response.data(), expected.data(), expected.size())) {
pKey = key;
break;
}
Tools::wait(100);
}
}
if (pKey.first == 0 && pKey.second == 0) {
QSKIP("No YubiKey is properly configured to perform this test.");
}
List listCmd;
Add addCmd;
setInput("a");
execCmd(listCmd, {"ls", "-y", "2", m_yubiKeyProtectedDbFile->fileName()});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll(), QByteArray());
QCOMPARE(m_stdout->readAll(),
QByteArray("entry1\n"
"entry2\n"));
// Should raise an error with no yubikey slot.
setInput("a");
execCmd(listCmd, {"ls", m_yubiKeyProtectedDbFile->fileName()});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readLine(),
QByteArray("Error while reading the database: Invalid credentials were provided, please try again.\n"));
QCOMPARE(m_stderr->readLine(),
QByteArray("If this reoccurs, then your database file may be corrupt. (HMAC mismatch)\n"));
QCOMPARE(m_stdout->readAll(), QByteArray());
// Should raise an error if yubikey slot is not a string
setInput("a");
execCmd(listCmd, {"ls", "-y", "invalidslot", m_yubiKeyProtectedDbFile->fileName()});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll().split(':').at(0), QByteArray("Invalid YubiKey slot invalidslot\n"));
QCOMPARE(m_stdout->readAll(), QByteArray());
// Should raise an error if yubikey slot is invalid.
setInput("a");
execCmd(listCmd, {"ls", "-y", "3", m_yubiKeyProtectedDbFile->fileName()});
m_stderr->readLine(); // skip password prompt
QCOMPARE(m_stderr->readAll().split(':').at(0), QByteArray("Invalid YubiKey slot 3\n"));
QCOMPARE(m_stdout->readAll(), QByteArray());
}
void TestCli::testCommandParsing_data()
{
QTest::addColumn<QString>("input");
QTest::addColumn<QStringList>("expectedOutput");
QTest::newRow("basic") << "hello world" << QStringList({"hello", "world"});
QTest::newRow("basic escaping") << "hello\\ world" << QStringList({"hello world"});
QTest::newRow("quoted string") << "\"hello world\"" << QStringList({"hello world"});
QTest::newRow("multiple params") << "show Passwords/Internet" << QStringList({"show", "Passwords/Internet"});
QTest::newRow("quoted string inside param")
<< R"(ls foo\ bar\ baz"quoted")" << QStringList({"ls", "foo bar baz\"quoted\""});
QTest::newRow("multiple whitespace") << "hello world" << QStringList({"hello", "world"});
QTest::newRow("single slash char") << "\\" << QStringList({"\\"});
QTest::newRow("double backslash entry name") << "show foo\\\\\\\\bar" << QStringList({"show", "foo\\\\bar"});
}
void TestCli::testCommandParsing()
{
QFETCH(QString, input);
QFETCH(QStringList, expectedOutput);
QStringList result = Utils::splitCommandString(input);
QCOMPARE(result.size(), expectedOutput.size());
for (int i = 0; i < expectedOutput.size(); ++i) {
QCOMPARE(result[i], expectedOutput[i]);
}
}
void TestCli::testOpen()
{
Open openCmd;
setInput("a");
execCmd(openCmd, {"open", m_dbFile->fileName()});
QVERIFY(openCmd.currentDatabase);
List listCmd;
// Set a current database, simulating interactive mode.
listCmd.currentDatabase = openCmd.currentDatabase;
execCmd(listCmd, {"ls"});
QByteArray expectedOutput("Sample Entry\n"
"General/\n"
"Windows/\n"
"Network/\n"
"Internet/\n"
"eMail/\n"
"Homebanking/\n");
QByteArray actualOutput = m_stdout->readAll();
actualOutput.truncate(expectedOutput.length());
QCOMPARE(actualOutput, expectedOutput);
}
void TestCli::testHelp()
{
Help helpCmd;
Commands::setupCommands(false);
execCmd(helpCmd, {"help"});
QVERIFY(m_stdout->readAll().contains("Available commands"));
List listCmd;
execCmd(helpCmd, {"help", "ls"});
QVERIFY(m_stdout->readAll().contains(listCmd.description.toLatin1()));
}