From 480fdfc3ff5cc6bb1b59341487215ec1c90c5e1f Mon Sep 17 00:00:00 2001
From: Philipp Gesang <philipp.gesang@intra2net.com>
Date: Fri, 19 May 2017 11:16:10 +0200
Subject: [PATCH] add unit test for CLI scrypt hashing

---
 deltatar/crypto.py         |    4 ++--
 testing/test_encryption.py |   43 +++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 45 insertions(+), 2 deletions(-)

diff --git a/deltatar/crypto.py b/deltatar/crypto.py
index f4b330a..478e279 100755
--- a/deltatar/crypto.py
+++ b/deltatar/crypto.py
@@ -1485,8 +1485,8 @@ def mode_scrypt (pw, ins):
     hsh, nacl, params = scrypt_hashsource (pw, ins)
 
     import json
-    out = json.dumps ({ "salt"          : str (binascii.hexlify (nacl))
-                      , "hash"          : str (binascii.hexlify (hsh))
+    out = json.dumps ({ "salt"          : binascii.hexlify (nacl).decode ()
+                      , "hash"          : binascii.hexlify (hsh).decode ()
                       , "scrypt_params" : { "N"     : params ["N"]
                                           , "r"     : params ["r"]
                                           , "p"     : params ["p"]
diff --git a/testing/test_encryption.py b/testing/test_encryption.py
index 76568eb..5fb328a 100644
--- a/testing/test_encryption.py
+++ b/testing/test_encryption.py
@@ -17,7 +17,9 @@
 
 import binascii
 import hashlib
+import json
 import os
+import subprocess
 
 from deltatar import crypto
 from deltatar.tarfile import TarFile, GNU_FORMAT
@@ -164,6 +166,47 @@ class EncryptionTest(BaseTest):
         assert hash == self.md5sum("big")
 
 
+    def test_cli_scrypt (self):
+        """
+        Create an encrypted archive, then have crypto.py extract the
+        scrypt hash from it.
+        """
+        pw   = "It goes baah, it is a sheep."
+        nacl = hashlib.md5 ("Stráðu á mig salti".encode ()).digest ()
+
+        # create the content of the file to compress and hash it
+        _void = self.create_file("big", 50000)
+
+        # create the encryption handler
+        encryptor = crypto.Encrypt (password=pw, nacl=nacl,
+                                    version=DELTATAR_HEADER_VERSION,
+                                    paramversion=DELTATAR_PARAMETER_VERSION)
+
+        # create the tar file with volumes
+        tarobj = TarFile.open("sample.tar.gz.pdtcrypt",
+                              mode="w#gz",
+                              format=GNU_FORMAT,
+                              encryption=encryptor)
+        tarobj.add("big")
+        tarobj.close()
+        os.unlink("big")
+
+        # decrypt outer archive layer with crypto.py
+        assert os.path.exists("sample.tar.gz.pdtcrypt")
+        with subprocess.Popen ( [ "python3", "./deltatar/crypto.py"
+                                , "scrypt", "-i", "sample.tar.gz.pdtcrypt" ]
+                              , env={ "PDTCRYPT_PASSWORD" : pw }
+                              , stdout=subprocess.PIPE
+                              ) as p:
+            raw = p.stdout.read ().strip ().decode ()
+
+        info = json.loads (raw)
+        assert nacl == binascii.unhexlify (info ["salt"])
+        key = binascii.unhexlify (info ["hash"])
+        kdf = crypto.kdf_by_version (1)
+        assert key, nacl == kdf (pw.encode (), nacl)
+
+
     def test_cli_multiple_files_decrypt_pw_argv (self):
         """
         Create a tar file with multiple files inside, using concat
-- 
1.7.1