MQE-1070: Hide Sensitive Creds in Allure Report

- encrypt creds for display and decrypt on execution

Author: imeron2433

dev/tests/unit/Magento/FunctionalTestFramework/DataGenerator/Handlers/CredentialStoreTest.php

@@ -0,0 +1,35 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+namespace tests\unit\Magento\FunctionalTestFramework\DataGenerator\Handlers;
+
+use Magento\FunctionalTestingFramework\DataGenerator\Handlers\CredentialStore;
+use Magento\FunctionalTestingFramework\Util\MagentoTestCase;
+use AspectMock\Test as AspectMock;
+
+class CredentialStoreTest extends MagentoTestCase
+{
+
+    public function testBasicEncryptDecrypt()
+    {
+        $testKey = 'myKey';
+        $testValue = 'myValue';
+
+        AspectMock::double(CredentialStore::class, [
+            'readInCredentialsFile' => ["$testKey=$testValue"]
+        ]);
+
+        $encryptedCred = CredentialStore::getInstance()->getSecret($testKey);
+
+        // assert the value we've gotten is in fact not identical to our test value
+        $this->assertNotEquals($testValue, $encryptedCred);
+
+        $actualValue = CredentialStore::getInstance()->decryptSecretValue($encryptedCred);
+
+        // assert that we are able to successfully decrypt our secret value
+        $this->assertEquals($testValue, $actualValue);
+    }
+}

src/Magento/FunctionalTestingFramework/DataGenerator/Handlers/CredentialStore.php

@@ -13,6 +13,8 @@
 
 class CredentialStore
 {
+    const ENCRYPTION_ALGO = "AES-256-CBC";
+
     /**
      * Singleton instance
      *
@@ -27,6 +29,13 @@ class CredentialStore
      */
     private $iv = null;
 
+    /**
+     * Key for open_ssl encryption/decryption
+     *
+     * @var string
+     */
+    private $encodedKey = null;
+
     /**
      * Key/Value paris of credential names and their corresponding values
      *
@@ -53,8 +62,10 @@ public static function getInstance()
      */
     private function __construct()
     {
-        $this->readInCredentialsFile();
-        $this->encryptionKey = openssl_random_pseudo_bytes(16);
+        $this->encodedKey = base64_encode(openssl_random_pseudo_bytes(16));
+        $this->iv = substr(hash('sha256', $this->encodedKey), 0, 16);
+        $creds = $this->readInCredentialsFile();
+        $this->credentials = $this->encryptCredFileContents($creds);
     }
 
     /**
@@ -85,7 +96,7 @@ public function getSecret($key)
     /**
      * Private function which reads in secret key/values from .credentials file and stores in memory as key/value pair.
      *
-     * @return void
+     * @return array
      * @throws TestFrameworkException
      */
     private function readInCredentialsFile()
@@ -103,17 +114,36 @@ private function readInCredentialsFile()
             );
         }
 
-        $credContents = file($credsFilePath, FILE_IGNORE_NEW_LINES);
+        return file($credsFilePath, FILE_IGNORE_NEW_LINES);
+    }
+
+    /**
+     * Function which takes the contents of the credentials file and encrypts the entries.
+     *
+     * @param array $credContents
+     * @return array
+     */
+    private function encryptCredFileContents($credContents)
+    {
+        $encryptedCreds = [];
         foreach ($credContents as $credValue) {
             if (substr($credValue, 0, 1) === '#' || empty($credValue)) {
                 continue;
             }
 
             list($key, $value) = explode("=", $credValue);
             if (!empty($value)) {
-                $this->credentials[$key] = openssl_encrypt($value, "AES-128-ECB", 0, $this->iv);
+                $encryptedCreds[$key] = openssl_encrypt(
+                    $value,
+                    self::ENCRYPTION_ALGO,
+                    $this->encodedKey,
+                    0,
+                    $this->iv
+                );
             }
         }
+
+        return $encryptedCreds;
     }
 
     /**
@@ -124,6 +154,6 @@ private function readInCredentialsFile()
      */
     public function decryptSecretValue($value)
     {
-        return openssl_decrypt($value, "AES-128-ECB", 0, $this->iv);
+        return openssl_decrypt($value, self::ENCRYPTION_ALGO, $this->encodedKey, 0, $this->iv);
     }
 }

src/Magento/FunctionalTestingFramework/Module/MagentoWebDriver.php

@@ -52,8 +52,6 @@ class MagentoWebDriver extends WebDriver
         '//div[@data-role="spinner"]'
     ];
 
-    const STEP_OBJ_BACKTRACE_POS = 2;
-
     /**
      * The module required fields, to be set in the suite .yml configuration file.
      *