aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--cryptography/fernet.py2
-rw-r--r--tests/test_fernet.py9
2 files changed, 8 insertions, 3 deletions
diff --git a/cryptography/fernet.py b/cryptography/fernet.py
index cdb9bdca..153f398b 100644
--- a/cryptography/fernet.py
+++ b/cryptography/fernet.py
@@ -90,7 +90,7 @@ class Fernet(object):
except (TypeError, binascii.Error):
raise InvalidToken
- if six.indexbytes(data, 0) != 0x80:
+ if not data or six.indexbytes(data, 0) != 0x80:
raise InvalidToken
try:
diff --git a/tests/test_fernet.py b/tests/test_fernet.py
index 0683d950..0b4e3e87 100644
--- a/tests/test_fernet.py
+++ b/tests/test_fernet.py
@@ -86,15 +86,20 @@ class TestFernet(object):
f.decrypt(token.encode("ascii"), ttl=ttl_sec)
def test_invalid_start_byte(self, backend):
- f = Fernet(Fernet.generate_key(), backend=backend)
+ f = Fernet(base64.urlsafe_b64encode(b"\x00" * 32), backend=backend)
with pytest.raises(InvalidToken):
f.decrypt(base64.urlsafe_b64encode(b"\x81"))
def test_timestamp_too_short(self, backend):
- f = Fernet(Fernet.generate_key(), backend=backend)
+ f = Fernet(base64.urlsafe_b64encode(b"\x00" * 32), backend=backend)
with pytest.raises(InvalidToken):
f.decrypt(base64.urlsafe_b64encode(b"\x80abc"))
+ def test_non_base64_token(self, backend):
+ f = Fernet(base64.urlsafe_b64encode(b"\x00" * 32), backend=backend)
+ with pytest.raises(InvalidToken):
+ f.decrypt(b"\x00")
+
def test_unicode(self, backend):
f = Fernet(base64.urlsafe_b64encode(b"\x00" * 32), backend=backend)
with pytest.raises(TypeError):
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-05 22:53:41 +0000