2025-01-03 14:28:15 +00:00
|
|
|
import pytest
|
2025-01-03 14:32:01 +00:00
|
|
|
from cryptography.fernet import Fernet, InvalidToken
|
|
|
|
|
|
|
|
|
|
from pssecret_server.utils import decrypt_secret, encrypt_secret
|
|
|
|
|
|
2025-01-03 14:28:15 +00:00
|
|
|
from ..factories import SecretFactory
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_encrypte_secret_ok(fernet: Fernet):
|
|
|
|
|
secret = SecretFactory().build()
|
|
|
|
|
encrypted_secret = encrypt_secret(secret, fernet)
|
2025-01-03 14:32:01 +00:00
|
|
|
|
2025-01-03 14:28:15 +00:00
|
|
|
assert secret.data != encrypted_secret.data
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_secret_is_decryptable_by_correct_key(fernet: Fernet):
|
|
|
|
|
secret = SecretFactory().build()
|
|
|
|
|
encrypted_secret = encrypt_secret(secret, fernet)
|
|
|
|
|
decrypted_secret = decrypt_secret(encrypted_secret.data.encode(), fernet)
|
|
|
|
|
|
|
|
|
|
assert decrypted_secret.decode() == secret.data
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_secret_is_not_decryptable_by_random_key(fernet: Fernet):
|
|
|
|
|
secret = SecretFactory().build()
|
|
|
|
|
encrypted_secret = encrypt_secret(secret, fernet)
|
|
|
|
|
|
|
|
|
|
random_fernet = Fernet(Fernet.generate_key())
|
|
|
|
|
|
|
|
|
|
with pytest.raises(InvalidToken):
|
|
|
|
|
decrypt_secret(encrypted_secret.data.encode(), random_fernet)
|
