From 2b21b12d337e65c59b5d18e42f1927c64565945d Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Thu, 31 Oct 2013 09:39:25 -0700 Subject: Added test cases, fixed a bug --- tests/test_fernet.py | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 tests/test_fernet.py (limited to 'tests/test_fernet.py') diff --git a/tests/test_fernet.py b/tests/test_fernet.py new file mode 100644 index 00000000..e9d07f81 --- /dev/null +++ b/tests/test_fernet.py @@ -0,0 +1,23 @@ +import base64 + +from cryptography.fernet import Fernet + + +class TestFernet(object): + def test_generate(self): + f = Fernet(base64.urlsafe_b64decode( + b"cw_0x689RpI-jtRR7oE8h_eQsKImvJapLeSbXpwF4e4=" + )) + token = f._encrypt_from_parts( + b"hello", + 499162800, + b"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F", + ) + assert token == b"gAAAAAAdwJ6wAAECAwQFBgcICQoLDA0ODy021cpGVWKZ_eEwCGM4BLLF_5CV9dOPmrhuVUPgJobwOz7JcbmrR64jVmpU4IwqDA==" + + def test_verify(self): + f = Fernet(base64.urlsafe_b64decode( + b"cw_0x689RpI-jtRR7oE8h_eQsKImvJapLeSbXpwF4e4=" + )) + payload = f.decrypt(b"gAAAAAAdwJ6wAAECAwQFBgcICQoLDA0ODy021cpGVWKZ_eEwCGM4BLLF_5CV9dOPmrhuVUPgJobwOz7JcbmrR64jVmpU4IwqDA==", 60) + assert payload == b"hello" -- cgit v1.2.3 From 5e87dfdd7f9853d4072efa6dd0e0515141ab7eb2 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Thu, 31 Oct 2013 09:46:03 -0700 Subject: Fixed test and implementation --- tests/test_fernet.py | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'tests/test_fernet.py') diff --git a/tests/test_fernet.py b/tests/test_fernet.py index e9d07f81..f7c06b95 100644 --- a/tests/test_fernet.py +++ b/tests/test_fernet.py @@ -13,11 +13,17 @@ class TestFernet(object): 499162800, b"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F", ) - assert token == b"gAAAAAAdwJ6wAAECAwQFBgcICQoLDA0ODy021cpGVWKZ_eEwCGM4BLLF_5CV9dOPmrhuVUPgJobwOz7JcbmrR64jVmpU4IwqDA==" + assert token == (b"gAAAAAAdwJ6wAAECAwQFBgcICQoLDA0ODy021cpGVWKZ_eEwCGM" + "4BLLF_5CV9dOPmrhuVUPgJobwOz7JcbmrR64jVmpU4IwqDA==") def test_verify(self): f = Fernet(base64.urlsafe_b64decode( b"cw_0x689RpI-jtRR7oE8h_eQsKImvJapLeSbXpwF4e4=" )) - payload = f.decrypt(b"gAAAAAAdwJ6wAAECAwQFBgcICQoLDA0ODy021cpGVWKZ_eEwCGM4BLLF_5CV9dOPmrhuVUPgJobwOz7JcbmrR64jVmpU4IwqDA==", 60) + payload = f.decrypt( + (b"gAAAAAAdwJ6wAAECAwQFBgcICQoLDA0ODy021cpGVWKZ_eEwCGM4BLLF_5CV9dO" + "PmrhuVUPgJobwOz7JcbmrR64jVmpU4IwqDA=="), + ttl=60, + current_time=499162801 + ) assert payload == b"hello" -- cgit v1.2.3 From de36e90815f31ec39fe160bf69a81f1bb42b92d2 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Thu, 31 Oct 2013 10:10:44 -0700 Subject: Address pep8 concerns --- tests/test_fernet.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'tests/test_fernet.py') diff --git a/tests/test_fernet.py b/tests/test_fernet.py index f7c06b95..27d24182 100644 --- a/tests/test_fernet.py +++ b/tests/test_fernet.py @@ -1,5 +1,7 @@ import base64 +import six + from cryptography.fernet import Fernet @@ -11,10 +13,10 @@ class TestFernet(object): token = f._encrypt_from_parts( b"hello", 499162800, - b"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F", + b"".join(map(six.int2byte, range(16))), ) assert token == (b"gAAAAAAdwJ6wAAECAwQFBgcICQoLDA0ODy021cpGVWKZ_eEwCGM" - "4BLLF_5CV9dOPmrhuVUPgJobwOz7JcbmrR64jVmpU4IwqDA==") + "4BLLF_5CV9dOPmrhuVUPgJobwOz7JcbmrR64jVmpU4IwqDA==") def test_verify(self): f = Fernet(base64.urlsafe_b64decode( @@ -22,7 +24,7 @@ class TestFernet(object): )) payload = f.decrypt( (b"gAAAAAAdwJ6wAAECAwQFBgcICQoLDA0ODy021cpGVWKZ_eEwCGM4BLLF_5CV9dO" - "PmrhuVUPgJobwOz7JcbmrR64jVmpU4IwqDA=="), + "PmrhuVUPgJobwOz7JcbmrR64jVmpU4IwqDA=="), ttl=60, current_time=499162801 ) -- cgit v1.2.3 From 413bd8b45a51dc9c9afe3262534abba2d8528457 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Thu, 31 Oct 2013 11:22:11 -0700 Subject: py3k syntax fix --- tests/test_fernet.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tests/test_fernet.py') diff --git a/tests/test_fernet.py b/tests/test_fernet.py index 27d24182..7bdfa3fa 100644 --- a/tests/test_fernet.py +++ b/tests/test_fernet.py @@ -16,7 +16,7 @@ class TestFernet(object): b"".join(map(six.int2byte, range(16))), ) assert token == (b"gAAAAAAdwJ6wAAECAwQFBgcICQoLDA0ODy021cpGVWKZ_eEwCGM" - "4BLLF_5CV9dOPmrhuVUPgJobwOz7JcbmrR64jVmpU4IwqDA==") + b"4BLLF_5CV9dOPmrhuVUPgJobwOz7JcbmrR64jVmpU4IwqDA==") def test_verify(self): f = Fernet(base64.urlsafe_b64decode( @@ -24,7 +24,7 @@ class TestFernet(object): )) payload = f.decrypt( (b"gAAAAAAdwJ6wAAECAwQFBgcICQoLDA0ODy021cpGVWKZ_eEwCGM4BLLF_5CV9dO" - "PmrhuVUPgJobwOz7JcbmrR64jVmpU4IwqDA=="), + b"PmrhuVUPgJobwOz7JcbmrR64jVmpU4IwqDA=="), ttl=60, current_time=499162801 ) -- cgit v1.2.3 From fb8adfcb2f0a67519ee81cad0c50d2e359ff3a20 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Thu, 31 Oct 2013 14:16:24 -0700 Subject: Use raw vector files --- tests/test_fernet.py | 56 ++++++++++++++++++++++++++++++++++------------------ 1 file changed, 37 insertions(+), 19 deletions(-) (limited to 'tests/test_fernet.py') diff --git a/tests/test_fernet.py b/tests/test_fernet.py index 7bdfa3fa..382a232c 100644 --- a/tests/test_fernet.py +++ b/tests/test_fernet.py @@ -1,31 +1,49 @@ import base64 +import calendar +import json +import os + +import iso8601 + +import pytest import six from cryptography.fernet import Fernet +def json_parametrize(keys, path): + with open(path) as f: + data = json.load(f) + return pytest.mark.parametrize(keys, [ + tuple([entry[k] for k in keys]) + for entry in data + ]) + + class TestFernet(object): - def test_generate(self): - f = Fernet(base64.urlsafe_b64decode( - b"cw_0x689RpI-jtRR7oE8h_eQsKImvJapLeSbXpwF4e4=" - )) - token = f._encrypt_from_parts( - b"hello", - 499162800, - b"".join(map(six.int2byte, range(16))), + @json_parametrize( + ("secret", "now", "iv", "src", "token"), + os.path.join(os.path.dirname(__file__), "vectors", "fernet", "generate.json") + ) + def test_generate(self, secret, now, iv, src, token): + f = Fernet(base64.urlsafe_b64decode(secret.encode("ascii"))) + actual_token = f._encrypt_from_parts( + src.encode("ascii"), + calendar.timegm(iso8601.parse_date(now).utctimetuple()), + b"".join(map(six.int2byte, iv)) ) - assert token == (b"gAAAAAAdwJ6wAAECAwQFBgcICQoLDA0ODy021cpGVWKZ_eEwCGM" - b"4BLLF_5CV9dOPmrhuVUPgJobwOz7JcbmrR64jVmpU4IwqDA==") + assert actual_token == token - def test_verify(self): - f = Fernet(base64.urlsafe_b64decode( - b"cw_0x689RpI-jtRR7oE8h_eQsKImvJapLeSbXpwF4e4=" - )) + @json_parametrize( + ("secret", "now", "src", "ttl_sec", "token"), + os.path.join(os.path.dirname(__file__), "vectors", "fernet", "verify.json") + ) + def test_verify(self, secret, now, src, ttl_sec, token): + f = Fernet(base64.urlsafe_b64decode(secret.encode("ascii"))) payload = f.decrypt( - (b"gAAAAAAdwJ6wAAECAwQFBgcICQoLDA0ODy021cpGVWKZ_eEwCGM4BLLF_5CV9dO" - b"PmrhuVUPgJobwOz7JcbmrR64jVmpU4IwqDA=="), - ttl=60, - current_time=499162801 + token.encode("ascii"), + ttl=ttl_sec, + current_time=calendar.timegm(iso8601.parse_date(now).utctimetuple()) ) - assert payload == b"hello" + assert payload == src -- cgit v1.2.3 From 38f34557e432f98cc8a023e621b5efe525ef886c Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Thu, 31 Oct 2013 14:50:00 -0700 Subject: Started working on the invalid cases --- tests/test_fernet.py | 28 ++++++++++++++++++++++------ 1 file changed, 22 insertions(+), 6 deletions(-) (limited to 'tests/test_fernet.py') diff --git a/tests/test_fernet.py b/tests/test_fernet.py index 382a232c..15071718 100644 --- a/tests/test_fernet.py +++ b/tests/test_fernet.py @@ -9,10 +9,11 @@ import pytest import six -from cryptography.fernet import Fernet +from cryptography.fernet import Fernet, InvalidToken -def json_parametrize(keys, path): +def json_parametrize(keys, fname): + path = os.path.join(os.path.dirname(__file__), "vectors", "fernet", fname) with open(path) as f: data = json.load(f) return pytest.mark.parametrize(keys, [ @@ -23,8 +24,7 @@ def json_parametrize(keys, path): class TestFernet(object): @json_parametrize( - ("secret", "now", "iv", "src", "token"), - os.path.join(os.path.dirname(__file__), "vectors", "fernet", "generate.json") + ("secret", "now", "iv", "src", "token"), "generate.json", ) def test_generate(self, secret, now, iv, src, token): f = Fernet(base64.urlsafe_b64decode(secret.encode("ascii"))) @@ -36,8 +36,7 @@ class TestFernet(object): assert actual_token == token @json_parametrize( - ("secret", "now", "src", "ttl_sec", "token"), - os.path.join(os.path.dirname(__file__), "vectors", "fernet", "verify.json") + ("secret", "now", "src", "ttl_sec", "token"), "verify.json", ) def test_verify(self, secret, now, src, ttl_sec, token): f = Fernet(base64.urlsafe_b64decode(secret.encode("ascii"))) @@ -47,3 +46,20 @@ class TestFernet(object): current_time=calendar.timegm(iso8601.parse_date(now).utctimetuple()) ) assert payload == src + + @json_parametrize(("secret", "token", "now", "ttl_sec"), "invalid.json") + def test_invalid(self, secret, token, now, ttl_sec): + f = Fernet(base64.urlsafe_b64decode(secret.encode("ascii"))) + with pytest.raises(InvalidToken): + f.decrypt( + token.encode("ascii"), + ttl=ttl_sec, + current_time=calendar.timegm(iso8601.parse_date(now).utctimetuple()) + ) + + def test_unicode(self): + f = Fernet(b"\x00" * 32) + with pytest.raises(TypeError): + f.encrypt(six.u("")) + with pytest.raises(TypeError): + f.decrypt(six.u("")) -- cgit v1.2.3 From c1ea0a0d23115bb0586230a139bcb2b60adb6262 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Thu, 31 Oct 2013 15:03:53 -0700 Subject: Fixed pep8 issues --- tests/test_fernet.py | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'tests/test_fernet.py') diff --git a/tests/test_fernet.py b/tests/test_fernet.py index 15071718..b0f22f0c 100644 --- a/tests/test_fernet.py +++ b/tests/test_fernet.py @@ -40,21 +40,19 @@ class TestFernet(object): ) def test_verify(self, secret, now, src, ttl_sec, token): f = Fernet(base64.urlsafe_b64decode(secret.encode("ascii"))) + current_time = calendar.timegm(iso8601.parse_date(now).utctimetuple()) payload = f.decrypt( - token.encode("ascii"), - ttl=ttl_sec, - current_time=calendar.timegm(iso8601.parse_date(now).utctimetuple()) + token.encode("ascii"), ttl=ttl_sec, current_time=current_time ) assert payload == src @json_parametrize(("secret", "token", "now", "ttl_sec"), "invalid.json") def test_invalid(self, secret, token, now, ttl_sec): f = Fernet(base64.urlsafe_b64decode(secret.encode("ascii"))) + current_time = calendar.timegm(iso8601.parse_date(now).utctimetuple()) with pytest.raises(InvalidToken): f.decrypt( - token.encode("ascii"), - ttl=ttl_sec, - current_time=calendar.timegm(iso8601.parse_date(now).utctimetuple()) + token.encode("ascii"), ttl=ttl_sec, current_time=current_time ) def test_unicode(self): -- cgit v1.2.3 From ce8f9a4e2a5d159356a06147f65e221dbdf43171 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Thu, 31 Oct 2013 15:23:15 -0700 Subject: A test for roundtripping --- tests/test_fernet.py | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'tests/test_fernet.py') diff --git a/tests/test_fernet.py b/tests/test_fernet.py index b0f22f0c..a42011a6 100644 --- a/tests/test_fernet.py +++ b/tests/test_fernet.py @@ -61,3 +61,10 @@ class TestFernet(object): f.encrypt(six.u("")) with pytest.raises(TypeError): f.decrypt(six.u("")) + + @pytest.mark.parametrize("message", [b"", b"Abc!", b"\x00\xFF\x00\x80"]) + def test_roundtrips(self, message): + f = Fernet(b"\x00" * 32) + ciphertext = f.encrypt(message) + plaintext = f.decrypt(ciphertext) + assert plaintext == message -- cgit v1.2.3 From 6b9770b159b920cccddc8e3c3d1b0fb0287a0c15 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Thu, 31 Oct 2013 16:07:35 -0700 Subject: write more readably --- tests/test_fernet.py | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'tests/test_fernet.py') diff --git a/tests/test_fernet.py b/tests/test_fernet.py index a42011a6..baae36d2 100644 --- a/tests/test_fernet.py +++ b/tests/test_fernet.py @@ -65,6 +65,4 @@ class TestFernet(object): @pytest.mark.parametrize("message", [b"", b"Abc!", b"\x00\xFF\x00\x80"]) def test_roundtrips(self, message): f = Fernet(b"\x00" * 32) - ciphertext = f.encrypt(message) - plaintext = f.decrypt(ciphertext) - assert plaintext == message + assert f.decrypt(f.encrypt(message)) == message -- cgit v1.2.3 From 7ecd3148acc35668bf679be5a603ed4bd7313148 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Thu, 31 Oct 2013 16:29:18 -0700 Subject: py3k fixes --- tests/test_fernet.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tests/test_fernet.py') diff --git a/tests/test_fernet.py b/tests/test_fernet.py index baae36d2..ca8e4ccd 100644 --- a/tests/test_fernet.py +++ b/tests/test_fernet.py @@ -33,7 +33,7 @@ class TestFernet(object): calendar.timegm(iso8601.parse_date(now).utctimetuple()), b"".join(map(six.int2byte, iv)) ) - assert actual_token == token + assert actual_token == token.encode("ascii") @json_parametrize( ("secret", "now", "src", "ttl_sec", "token"), "verify.json", @@ -44,7 +44,7 @@ class TestFernet(object): payload = f.decrypt( token.encode("ascii"), ttl=ttl_sec, current_time=current_time ) - assert payload == src + assert payload == src.encode("ascii") @json_parametrize(("secret", "token", "now", "ttl_sec"), "invalid.json") def test_invalid(self, secret, token, now, ttl_sec): -- cgit v1.2.3 From 8912d3afde05ff6f91a508f0a54b5c24960eb09a Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sat, 2 Nov 2013 14:04:19 -0700 Subject: Include the license --- tests/test_fernet.py | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'tests/test_fernet.py') diff --git a/tests/test_fernet.py b/tests/test_fernet.py index ca8e4ccd..922f7223 100644 --- a/tests/test_fernet.py +++ b/tests/test_fernet.py @@ -1,3 +1,16 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + import base64 import calendar import json -- cgit v1.2.3 From 898fe0f899eb3ec744acaaa0a8641644fc6cf219 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Wed, 20 Nov 2013 16:38:32 -0800 Subject: Key in the right place --- tests/test_fernet.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'tests/test_fernet.py') diff --git a/tests/test_fernet.py b/tests/test_fernet.py index 922f7223..4080bd2d 100644 --- a/tests/test_fernet.py +++ b/tests/test_fernet.py @@ -40,7 +40,7 @@ class TestFernet(object): ("secret", "now", "iv", "src", "token"), "generate.json", ) def test_generate(self, secret, now, iv, src, token): - f = Fernet(base64.urlsafe_b64decode(secret.encode("ascii"))) + f = Fernet(secret.encode("ascii")) actual_token = f._encrypt_from_parts( src.encode("ascii"), calendar.timegm(iso8601.parse_date(now).utctimetuple()), @@ -52,7 +52,7 @@ class TestFernet(object): ("secret", "now", "src", "ttl_sec", "token"), "verify.json", ) def test_verify(self, secret, now, src, ttl_sec, token): - f = Fernet(base64.urlsafe_b64decode(secret.encode("ascii"))) + f = Fernet(secret.encode("ascii")) current_time = calendar.timegm(iso8601.parse_date(now).utctimetuple()) payload = f.decrypt( token.encode("ascii"), ttl=ttl_sec, current_time=current_time @@ -61,7 +61,7 @@ class TestFernet(object): @json_parametrize(("secret", "token", "now", "ttl_sec"), "invalid.json") def test_invalid(self, secret, token, now, ttl_sec): - f = Fernet(base64.urlsafe_b64decode(secret.encode("ascii"))) + f = Fernet(secret.encode("ascii")) current_time = calendar.timegm(iso8601.parse_date(now).utctimetuple()) with pytest.raises(InvalidToken): f.decrypt( @@ -69,7 +69,7 @@ class TestFernet(object): ) def test_unicode(self): - f = Fernet(b"\x00" * 32) + f = Fernet(base64.b64encode(b"\x00" * 32)) with pytest.raises(TypeError): f.encrypt(six.u("")) with pytest.raises(TypeError): @@ -77,5 +77,5 @@ class TestFernet(object): @pytest.mark.parametrize("message", [b"", b"Abc!", b"\x00\xFF\x00\x80"]) def test_roundtrips(self, message): - f = Fernet(b"\x00" * 32) + f = Fernet(base64.urlsafe_b64encode(b"\x00" * 32)) assert f.decrypt(f.encrypt(message)) == message -- cgit v1.2.3 From 1d2901cae193cb965480835aaf96696f8eecfaab Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Fri, 22 Nov 2013 10:12:05 -0800 Subject: Hide the dangerous bits --- tests/test_fernet.py | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) (limited to 'tests/test_fernet.py') diff --git a/tests/test_fernet.py b/tests/test_fernet.py index 4080bd2d..c1caaa05 100644 --- a/tests/test_fernet.py +++ b/tests/test_fernet.py @@ -15,6 +15,7 @@ import base64 import calendar import json import os +import time import iso8601 @@ -51,22 +52,20 @@ class TestFernet(object): @json_parametrize( ("secret", "now", "src", "ttl_sec", "token"), "verify.json", ) - def test_verify(self, secret, now, src, ttl_sec, token): + def test_verify(self, secret, now, src, ttl_sec, token, monkeypatch): f = Fernet(secret.encode("ascii")) current_time = calendar.timegm(iso8601.parse_date(now).utctimetuple()) - payload = f.decrypt( - token.encode("ascii"), ttl=ttl_sec, current_time=current_time - ) + monkeypatch.setattr(time, "time", lambda: current_time) + payload = f.decrypt(token.encode("ascii"), ttl=ttl_sec) assert payload == src.encode("ascii") @json_parametrize(("secret", "token", "now", "ttl_sec"), "invalid.json") - def test_invalid(self, secret, token, now, ttl_sec): + def test_invalid(self, secret, token, now, ttl_sec, monkeypatch): f = Fernet(secret.encode("ascii")) current_time = calendar.timegm(iso8601.parse_date(now).utctimetuple()) + monkeypatch.setattr(time, "time", lambda: current_time) with pytest.raises(InvalidToken): - f.decrypt( - token.encode("ascii"), ttl=ttl_sec, current_time=current_time - ) + f.decrypt(token.encode("ascii"), ttl=ttl_sec) def test_unicode(self): f = Fernet(base64.b64encode(b"\x00" * 32)) -- cgit v1.2.3 From 56bcade581e68ad0dd82dbabe97c75a9f0701fed Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Fri, 22 Nov 2013 10:15:14 -0800 Subject: fix, technically --- tests/test_fernet.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests/test_fernet.py') diff --git a/tests/test_fernet.py b/tests/test_fernet.py index c1caaa05..8759229a 100644 --- a/tests/test_fernet.py +++ b/tests/test_fernet.py @@ -68,7 +68,7 @@ class TestFernet(object): f.decrypt(token.encode("ascii"), ttl=ttl_sec) def test_unicode(self): - f = Fernet(base64.b64encode(b"\x00" * 32)) + f = Fernet(base64.urlsafe_b64encode(b"\x00" * 32)) with pytest.raises(TypeError): f.encrypt(six.u("")) with pytest.raises(TypeError): -- cgit v1.2.3 From 36597b4379bd62e520b9076072a030c73b85f471 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Fri, 22 Nov 2013 10:25:13 -0800 Subject: An API for generating keys --- tests/test_fernet.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests/test_fernet.py') diff --git a/tests/test_fernet.py b/tests/test_fernet.py index 8759229a..af64175e 100644 --- a/tests/test_fernet.py +++ b/tests/test_fernet.py @@ -76,5 +76,5 @@ class TestFernet(object): @pytest.mark.parametrize("message", [b"", b"Abc!", b"\x00\xFF\x00\x80"]) def test_roundtrips(self, message): - f = Fernet(base64.urlsafe_b64encode(b"\x00" * 32)) + f = Fernet(Fernet.generate_key()) assert f.decrypt(f.encrypt(message)) == message -- cgit v1.2.3 From fae20715b85e84297f01b60fc153cde93a7549c7 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Mon, 16 Dec 2013 15:29:30 -0800 Subject: Address dreid's comments --- tests/test_fernet.py | 26 ++++++++++++++++---------- 1 file changed, 16 insertions(+), 10 deletions(-) (limited to 'tests/test_fernet.py') diff --git a/tests/test_fernet.py b/tests/test_fernet.py index af64175e..48df867c 100644 --- a/tests/test_fernet.py +++ b/tests/test_fernet.py @@ -24,6 +24,7 @@ import pytest import six from cryptography.fernet import Fernet, InvalidToken +from cryptography.hazmat.backends import default_backend def json_parametrize(keys, fname): @@ -40,8 +41,8 @@ class TestFernet(object): @json_parametrize( ("secret", "now", "iv", "src", "token"), "generate.json", ) - def test_generate(self, secret, now, iv, src, token): - f = Fernet(secret.encode("ascii")) + def test_generate(self, secret, now, iv, src, token, backend): + f = Fernet(secret.encode("ascii"), backend=backend) actual_token = f._encrypt_from_parts( src.encode("ascii"), calendar.timegm(iso8601.parse_date(now).utctimetuple()), @@ -52,29 +53,34 @@ class TestFernet(object): @json_parametrize( ("secret", "now", "src", "ttl_sec", "token"), "verify.json", ) - def test_verify(self, secret, now, src, ttl_sec, token, monkeypatch): - f = Fernet(secret.encode("ascii")) + def test_verify(self, secret, now, src, ttl_sec, token, backend, + monkeypatch): + f = Fernet(secret.encode("ascii"), backend=backend) current_time = calendar.timegm(iso8601.parse_date(now).utctimetuple()) monkeypatch.setattr(time, "time", lambda: current_time) payload = f.decrypt(token.encode("ascii"), ttl=ttl_sec) assert payload == src.encode("ascii") @json_parametrize(("secret", "token", "now", "ttl_sec"), "invalid.json") - def test_invalid(self, secret, token, now, ttl_sec, monkeypatch): - f = Fernet(secret.encode("ascii")) + def test_invalid(self, secret, token, now, ttl_sec, backend, monkeypatch): + f = Fernet(secret.encode("ascii"), backend=backend) current_time = calendar.timegm(iso8601.parse_date(now).utctimetuple()) monkeypatch.setattr(time, "time", lambda: current_time) with pytest.raises(InvalidToken): f.decrypt(token.encode("ascii"), ttl=ttl_sec) - def test_unicode(self): - f = Fernet(base64.urlsafe_b64encode(b"\x00" * 32)) + def test_unicode(self, backend): + f = Fernet(base64.urlsafe_b64encode(b"\x00" * 32), backend=backend) with pytest.raises(TypeError): f.encrypt(six.u("")) with pytest.raises(TypeError): f.decrypt(six.u("")) @pytest.mark.parametrize("message", [b"", b"Abc!", b"\x00\xFF\x00\x80"]) - def test_roundtrips(self, message): - f = Fernet(Fernet.generate_key()) + def test_roundtrips(self, message, backend): + f = Fernet(Fernet.generate_key(), backend=backend) assert f.decrypt(f.encrypt(message)) == message + + def test_default_backend(self): + f = Fernet(Fernet.generate_key()) + assert f._backend is default_backend() -- cgit v1.2.3 From a8f0b63dddc6a22a1a982c6217d4cef2f598b781 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Mon, 16 Dec 2013 15:44:06 -0800 Subject: Replace assertions with real error checks --- tests/test_fernet.py | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'tests/test_fernet.py') diff --git a/tests/test_fernet.py b/tests/test_fernet.py index 48df867c..77661180 100644 --- a/tests/test_fernet.py +++ b/tests/test_fernet.py @@ -69,6 +69,11 @@ class TestFernet(object): with pytest.raises(InvalidToken): f.decrypt(token.encode("ascii"), ttl=ttl_sec) + def test_invalid_start_byte(self, backend): + f = Fernet(Fernet.generate_key(), backend=backend) + with pytest.raises(InvalidToken): + f.decrypt(base64.urlsafe_b64encode(b"\x81")) + def test_unicode(self, backend): f = Fernet(base64.urlsafe_b64encode(b"\x00" * 32), backend=backend) with pytest.raises(TypeError): @@ -84,3 +89,7 @@ class TestFernet(object): def test_default_backend(self): f = Fernet(Fernet.generate_key()) assert f._backend is default_backend() + + def test_bad_key(self, backend): + with pytest.raises(ValueError): + Fernet(base64.urlsafe_b64encode(b"abc"), backend=backend) -- cgit v1.2.3 From e78960fa8c2a210484695bf2e20c4847313cf5a0 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Fri, 20 Dec 2013 11:02:33 -0800 Subject: Handle invalid timestamp length --- tests/test_fernet.py | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'tests/test_fernet.py') diff --git a/tests/test_fernet.py b/tests/test_fernet.py index 77661180..45188c47 100644 --- a/tests/test_fernet.py +++ b/tests/test_fernet.py @@ -74,6 +74,11 @@ class TestFernet(object): with pytest.raises(InvalidToken): f.decrypt(base64.urlsafe_b64encode(b"\x81")) + def test_timestamp_too_short(self, backend): + f = Fernet(Fernet.generate_key(), backend=backend) + with pytest.raises(InvalidToken): + f.decrypt(base64.urlsafe_b64encode(b"\x80abc")) + def test_unicode(self, backend): f = Fernet(base64.urlsafe_b64encode(b"\x00" * 32), backend=backend) with pytest.raises(TypeError): -- cgit v1.2.3 From 0abdf870fa213684198b0e8965e6b71b289b0348 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Thu, 9 Jan 2014 22:21:14 -0600 Subject: add test marks to fernet so backends without cipher (or AES/CBC) will skip --- tests/test_fernet.py | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) (limited to 'tests/test_fernet.py') diff --git a/tests/test_fernet.py b/tests/test_fernet.py index 45188c47..bd4d90a5 100644 --- a/tests/test_fernet.py +++ b/tests/test_fernet.py @@ -25,6 +25,7 @@ import six from cryptography.fernet import Fernet, InvalidToken from cryptography.hazmat.backends import default_backend +from cryptography.hazmat.primitives.ciphers import algorithms, modes def json_parametrize(keys, fname): @@ -37,7 +38,14 @@ def json_parametrize(keys, fname): ]) +@pytest.mark.cipher class TestFernet(object): + @pytest.mark.supported( + only_if=lambda backend: backend.cipher_supported( + algorithms.AES("\x00" * 32), modes.CBC("\x00" * 16) + ), + skip_message="Does not support AES CBC", + ) @json_parametrize( ("secret", "now", "iv", "src", "token"), "generate.json", ) @@ -50,6 +58,12 @@ class TestFernet(object): ) assert actual_token == token.encode("ascii") + @pytest.mark.supported( + only_if=lambda backend: backend.cipher_supported( + algorithms.AES("\x00" * 32), modes.CBC("\x00" * 16) + ), + skip_message="Does not support AES CBC", + ) @json_parametrize( ("secret", "now", "src", "ttl_sec", "token"), "verify.json", ) @@ -61,6 +75,12 @@ class TestFernet(object): payload = f.decrypt(token.encode("ascii"), ttl=ttl_sec) assert payload == src.encode("ascii") + @pytest.mark.supported( + only_if=lambda backend: backend.cipher_supported( + algorithms.AES("\x00" * 32), modes.CBC("\x00" * 16) + ), + skip_message="Does not support AES CBC", + ) @json_parametrize(("secret", "token", "now", "ttl_sec"), "invalid.json") def test_invalid(self, secret, token, now, ttl_sec, backend, monkeypatch): f = Fernet(secret.encode("ascii"), backend=backend) @@ -69,16 +89,34 @@ class TestFernet(object): with pytest.raises(InvalidToken): f.decrypt(token.encode("ascii"), ttl=ttl_sec) + @pytest.mark.supported( + only_if=lambda backend: backend.cipher_supported( + algorithms.AES("\x00" * 32), modes.CBC("\x00" * 16) + ), + skip_message="Does not support AES CBC", + ) def test_invalid_start_byte(self, backend): f = Fernet(Fernet.generate_key(), backend=backend) with pytest.raises(InvalidToken): f.decrypt(base64.urlsafe_b64encode(b"\x81")) + @pytest.mark.supported( + only_if=lambda backend: backend.cipher_supported( + algorithms.AES("\x00" * 32), modes.CBC("\x00" * 16) + ), + skip_message="Does not support AES CBC", + ) def test_timestamp_too_short(self, backend): f = Fernet(Fernet.generate_key(), backend=backend) with pytest.raises(InvalidToken): f.decrypt(base64.urlsafe_b64encode(b"\x80abc")) + @pytest.mark.supported( + only_if=lambda backend: backend.cipher_supported( + algorithms.AES("\x00" * 32), modes.CBC("\x00" * 16) + ), + skip_message="Does not support AES CBC", + ) def test_unicode(self, backend): f = Fernet(base64.urlsafe_b64encode(b"\x00" * 32), backend=backend) with pytest.raises(TypeError): @@ -86,6 +124,12 @@ class TestFernet(object): with pytest.raises(TypeError): f.decrypt(six.u("")) + @pytest.mark.supported( + only_if=lambda backend: backend.cipher_supported( + algorithms.AES("\x00" * 32), modes.CBC("\x00" * 16) + ), + skip_message="Does not support AES CBC", + ) @pytest.mark.parametrize("message", [b"", b"Abc!", b"\x00\xFF\x00\x80"]) def test_roundtrips(self, message, backend): f = Fernet(Fernet.generate_key(), backend=backend) @@ -95,6 +139,12 @@ class TestFernet(object): f = Fernet(Fernet.generate_key()) assert f._backend is default_backend() + @pytest.mark.supported( + only_if=lambda backend: backend.cipher_supported( + algorithms.AES("\x00" * 32), modes.CBC("\x00" * 16) + ), + skip_message="Does not support AES CBC", + ) def test_bad_key(self, backend): with pytest.raises(ValueError): Fernet(base64.urlsafe_b64encode(b"abc"), backend=backend) -- cgit v1.2.3