def test_connection_extra_with_encryption_rotate_fernet_key(self): """ Tests rotating encrypted extras. """ key1 = Fernet.generate_key() key2 = Fernet.generate_key() with conf_vars({('core', 'fernet_key'): key1.decode()}): test_connection = Connection(extra='testextra') assert test_connection.is_extra_encrypted assert test_connection.extra == 'testextra' assert Fernet(key1).decrypt( test_connection._extra.encode()) == b'testextra' # Test decrypt of old value with new key with conf_vars({ ('core', 'fernet_key'): ','.join([key2.decode(), key1.decode()]) }): crypto._fernet = None assert test_connection.extra == 'testextra' # Test decrypt of new value with new key test_connection.rotate_fernet_key() assert test_connection.is_extra_encrypted assert test_connection.extra == 'testextra' assert Fernet(key2).decrypt( test_connection._extra.encode()) == b'testextra'
def test_connection_extra_with_encryption_rotate_fernet_key( self, mock_get): """ Tests rotating encrypted extras. """ key1 = Fernet.generate_key() key2 = Fernet.generate_key() mock_get.return_value = key1.decode() test_connection = Connection(extra='testextra') self.assertTrue(test_connection.is_extra_encrypted) self.assertEqual(test_connection.extra, 'testextra') self.assertEqual( Fernet(key1).decrypt(test_connection._extra.encode()), b'testextra') # Test decrypt of old value with new key mock_get.return_value = ','.join([key2.decode(), key1.decode()]) crypto._fernet = None self.assertEqual(test_connection.extra, 'testextra') # Test decrypt of new value with new key test_connection.rotate_fernet_key() self.assertTrue(test_connection.is_extra_encrypted) self.assertEqual(test_connection.extra, 'testextra') self.assertEqual( Fernet(key2).decrypt(test_connection._extra.encode()), b'testextra')
def test_connection_extra_with_encryption_rotate_fernet_key(self): """ Tests rotating encrypted extras. """ key1 = Fernet.generate_key() key2 = Fernet.generate_key() with conf_vars({('core', 'FERNET_KEY'): key1.decode()}): test_connection = Connection(extra='testextra') self.assertTrue(test_connection.is_extra_encrypted) self.assertEqual(test_connection.extra, 'testextra') self.assertEqual(Fernet(key1).decrypt(test_connection._extra.encode()), b'testextra') # Test decrypt of old value with new key with conf_vars({('core', 'FERNET_KEY'): ','.join([key2.decode(), key1.decode()])}): crypto._fernet = None self.assertEqual(test_connection.extra, 'testextra') # Test decrypt of new value with new key test_connection.rotate_fernet_key() self.assertTrue(test_connection.is_extra_encrypted) self.assertEqual(test_connection.extra, 'testextra') self.assertEqual(Fernet(key2).decrypt(test_connection._extra.encode()), b'testextra')
def test_connection_extra_with_encryption_rotate_fernet_key(self, mock_get): """ Tests rotating encrypted extras. """ key1 = Fernet.generate_key() key2 = Fernet.generate_key() mock_get.return_value = key1.decode() test_connection = Connection(extra='testextra') self.assertTrue(test_connection.is_extra_encrypted) self.assertEqual(test_connection.extra, 'testextra') self.assertEqual(Fernet(key1).decrypt(test_connection._extra.encode()), b'testextra') # Test decrypt of old value with new key mock_get.return_value = ','.join([key2.decode(), key1.decode()]) crypto._fernet = None self.assertEqual(test_connection.extra, 'testextra') # Test decrypt of new value with new key test_connection.rotate_fernet_key() self.assertTrue(test_connection.is_extra_encrypted) self.assertEqual(test_connection.extra, 'testextra') self.assertEqual(Fernet(key2).decrypt(test_connection._extra.encode()), b'testextra')