X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;f=osm_common%2Ftests%2Ftest_dbbase.py;h=ca1336d20d6264aafd5197b49b3c3d1d4a338144;hb=c5297e4f2313738e2c8df4902339d647f9ada75f;hp=64bfb3e223c301afcc89c3bb4808e023bd96f87f;hpb=136f29577fd83028369c2c4fc4c60f738e0d26d3;p=osm%2Fcommon.git diff --git a/osm_common/tests/test_dbbase.py b/osm_common/tests/test_dbbase.py index 64bfb3e..ca1336d 100644 --- a/osm_common/tests/test_dbbase.py +++ b/osm_common/tests/test_dbbase.py @@ -1,8 +1,28 @@ +# Copyright 2018 Whitestack, LLC +# Copyright 2018 Telefonica S.A. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# For those usages not covered by the Apache License, Version 2.0 please +# contact: esousa@whitestack.com or alfonso.tiernosepulveda@telefonica.com +## + import http import pytest import unittest from osm_common.dbbase import DbBase, DbException, deep_update from os import urandom +from http import HTTPStatus def exception_message(message): @@ -67,13 +87,17 @@ def test_del_one(db_base): class TestEncryption(unittest.TestCase): def setUp(self): - master_password = "Setting a long master password with numbers 123 and capitals AGHBNHD and symbols %&8)!'" - db_base1 = DbBase(master_password=master_password) + master_key = "Setting a long master key with numbers 123 and capitals AGHBNHD and symbols %&8)!'" + db_base1 = DbBase() db_base2 = DbBase() + db_base3 = DbBase() # set self.secret_key obtained when connect - db_base1.secret_key = DbBase._join_passwords(urandom(32), db_base1.master_password) - db_base2.secret_key = DbBase._join_passwords(urandom(32), db_base2.master_password) - self.db_base = [db_base1, db_base2] + db_base1.set_secret_key(master_key, replace=True) + db_base1.set_secret_key(urandom(32)) + db_base2.set_secret_key(None, replace=True) + db_base2.set_secret_key(urandom(30)) + db_base3.set_secret_key(master_key) + self.db_bases = [db_base1, db_base2, db_base3] def test_encrypt_decrypt(self): TEST = ( @@ -84,7 +108,7 @@ class TestEncryption(unittest.TestCase): (u"plain unicode 5 with salt ! ", "1a000d1a-4a7e-4d9c-8c65-251290183106"), (u"plain unicode 6 with usalt ! ", u"1abcdd1a-4a7e-4d9c-8c65-251290183106"), ) - for db_base in self.db_base: + for db_base in self.db_bases: for value, salt in TEST: # no encryption encrypted = db_base.encrypt(value, schema_version='1.0', salt=salt) @@ -102,7 +126,7 @@ class TestEncryption(unittest.TestCase): def test_encrypt_decrypt_salt(self): value = "value to be encrypted!" encrypted = [] - for db_base in self.db_base: + for db_base in self.db_bases: for salt in (None, "salt 1", "1afd5d1a-4a7e-4d9c-8c65-251290183106"): # encrypt/decrypt encrypted.append(db_base.encrypt(value, schema_version='1.1', salt=salt)) @@ -113,7 +137,14 @@ class TestEncryption(unittest.TestCase): for i in range(0, len(encrypted)): for j in range(i+1, len(encrypted)): self.assertNotEqual(encrypted[i], encrypted[j], - "encryption with different salt contains different result") + "encryption with different salt must contain different result") + # decrypt with a different master key + try: + decrypted = self.db_bases[-1].decrypt(encrypted[0], schema_version='1.1', salt=None) + self.assertNotEqual(encrypted[0], decrypted, "Decryption with different KEY must generate different result") + except DbException as e: + self.assertEqual(e.http_code, HTTPStatus.INTERNAL_SERVER_ERROR, + "Decryption with different KEY does not provide expected http_code") class TestDeepUpdate(unittest.TestCase):