Skip to main content

A library for secure password handling.

Project description

CryptoLibrary is a library for secure password handling. project page

For more information about Robot Framework, see http://robotframework.org.

Keyword Documentation


Installation

If you already have Python >= 3.6 with pip installed, you can simply run:

pip install --upgrade robotframework-crypto

or if you have Python 2 and 3 installed in parallel you may use

pip3 install --upgrade robotframework-crypto

If you have Python 2 … i am very sorry! Please update!


How it works

CryptoLibrary uses asymmetric crypto with elliptic curve cryptography to store confidential data securely.

With the command CryptoLibrary in console/terminal you can generate a key pair (private and public key) for your test env. You will get the public key after generating.

This public key can now be used to encrypt every data you do not want to be public. Passwords, personal data, etc.

You can use the command``CryptoClient`` on you computer where you want to encrypt data.

Encrypted Data will look like this:

crypt:tIdr5s65+ggfJZl46pJgljioCUePUdZLozgiwquznw+xSlmzT3dcvfrTL9wIdRwmNOJuONT7FBW5

This encrypted data can now be decrypted with CryptoLibrary within Robot Framework.

CryptoLibrary need the private_key_store.json for this. This is what is generated as key pair. Private key can be imported in test env with python -m CryptoLibrary .


Suppressing encrypted Text from Logs

All Data that is decrypted by CryptoLibrary is replaced in the log by *** This works always and can not be disabled. No need to use special keywords for this.


Usage in Test

*** Settings ***
Resource    imports.resource
Library     CryptoLibrary    %{private_key_password}    variable_decryption=False
#private key which should be secret, should also be protected by a password

*** Variables ***
${secret}=     KILL ALL HUMANS!!!
${enc_user}=   crypt:nkpEPOVKfOko3t04XxOupA+F/ANTEuR9aQuPaPeMBGBQenwYf6UNESEl9MWRKGuj60ZWd10=
${enc_pwd}=    crypt:TVpamLXCtrzRsl8UAgD0YuoY+lSJNV73+bTYhOP51zM1GQihgyCvSZ2CoGoKsUHLFjokyJLHxFzPEB4=

*** Test Cases ***
Valid Login
    Open Browser    ${BASE-URL}
    Suppress Logging                                  #disable Robot Framework logging
    ${var}=    set Variable   ${secret}
    Log    ${var}
    Unsuppress Logging                                #enable Robot Framework logging
    ${user}=    Get Decrypted Text    ${enc_user}     #decrypts cipher text and returns plain text
    Input Text      id:input_username    ${user}
    ${password}=    Get Decrypted Text    ${enc_pwd}  #decrypts cipher text and returns plain text
    Input Password    id:input_password    ${password}
    Click Button    id:button_login
    Page Should Contain Element    //a[text()='Logout']
    [Teardown]   Close Browser

in this case the decryption password for the private key. It can also be saved on test env persistently as a hash.

The parameter variable_decryption in the Library call, if set to true it will automatically decode ALL passwords defined in the variables section and then "Get Decrypted Text" isn’t needed.


Importing of CryptoLibrary

password:

Password for private key can be given as argument. This should be stored as secret! Use environment variables instead of hard coding it here.

variable_decryption:

If set to True all variables that are available on Test Suite or on Test Case start, that contain a encrypted text, will be decrypted automatically.

key_path:

A path that defines where the key pair is stored physically. Path needs to be an absolute path or relative to cryptoutility.py.


SeleniumLibrary Plugin

CryptoLibrary.Plugin is a SeleniumLibrary Plugin. When taken into usage, the Input Password Keyword can now handle decrypted cipher texts as well.

Example:

*** Settings ***
Library    SeleniumLibrary    plugins=CryptoLibrary.Plugin


*** Variables ***
${Admins-Password}=    crypt:fQ5Iqn/j2lN8rXwimyz0JXlYzD0gTsPRwb0YJ3YSvDchkvDpfwYDmhHxsZ2i7bIQDlsWKJVhBb+Dz4w=


*** Test Cases ***
Decrypt as Plugin
    Open Browser      http://www.keyword-driven.de
    Input Text        input_username    admin
    Input Password    input_password    ${Admins-Password}

It may happen that keywords changes. i try not to do, but it can happen in major releases. Feel free to make a pull Request to improve docs or write some tests for it.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

robotframework-crypto-0.3.0.tar.gz (74.0 kB view details)

Uploaded Source

Built Distribution

robotframework_crypto-0.3.0-py3-none-any.whl (22.2 kB view details)

Uploaded Python 3

File details

Details for the file robotframework-crypto-0.3.0.tar.gz.

File metadata

  • Download URL: robotframework-crypto-0.3.0.tar.gz
  • Upload date:
  • Size: 74.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.4.1 importlib_metadata/3.7.3 pkginfo/1.7.0 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.59.0 CPython/3.9.0

File hashes

Hashes for robotframework-crypto-0.3.0.tar.gz
Algorithm Hash digest
SHA256 0dc5a7e3aa8b95aa8ddfba18074541e6e0efad1f410f9a8aa599850aeb59aabd
MD5 373e294304a32e7e560d608f237aca65
BLAKE2b-256 e7b12bb69d06c0a1cb62602dd525df58d9b1e51c6800309ce696c2798a4e64f8

See more details on using hashes here.

File details

Details for the file robotframework_crypto-0.3.0-py3-none-any.whl.

File metadata

  • Download URL: robotframework_crypto-0.3.0-py3-none-any.whl
  • Upload date:
  • Size: 22.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.4.1 importlib_metadata/3.7.3 pkginfo/1.7.0 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.59.0 CPython/3.9.0

File hashes

Hashes for robotframework_crypto-0.3.0-py3-none-any.whl
Algorithm Hash digest
SHA256 b6784e4139211a770ec55e825d23e568c9030b7eb7230a2a3b6832b2d9f007a1
MD5 1a5b8a27d3c0a9023b401142731768d2
BLAKE2b-256 42f2b897fd82c3dc1eaf6241b78e5e0e58e207a2a8af879fcc122f61f43e07d4

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page