def test_decrypt_data(self):
encrypted = memcache_crypt.encrypt_data('mykey', 'mysecret', 'Testz')
self.assertEqual(
memcache_crypt.decrypt_data('mykey', 'mysecret', encrypted),
'Testz')
self.assertEqual(
memcache_crypt.decrypt_data('mykey', 'mysecret', 'Not Encrypted!'),
'Not Encrypted!')
def test_decrypt_data(self):
encrypted = memcache_crypt.encrypt_data('mykey', 'mysecret', 'Testz')
self.assertEqual(
memcache_crypt.decrypt_data('mykey', 'mysecret', encrypted),
'Testz')
self.assertEqual(
memcache_crypt.decrypt_data('mykey', 'mysecret',
'Not Encrypted!'),
'Not Encrypted!')
def test_encryption(self):
keys = self._setup_keys(b'ENCRYPT')
# what you put in is what you get out
for data in [b'data', b'1234567890123456', b'\x00\xFF' * 13
] + [six.int2byte(x % 256) * x for x in range(768)]:
crypt = memcache_crypt.encrypt_data(keys['ENCRYPTION'], data)
decrypt = memcache_crypt.decrypt_data(keys['ENCRYPTION'], crypt)
self.assertEqual(data, decrypt)
self.assertRaises(memcache_crypt.DecryptError,
memcache_crypt.decrypt_data,
keys['ENCRYPTION'], crypt[:-1])
def test_encryption(self):
keys = self._setup_keys(b'ENCRYPT')
# what you put in is what you get out
for data in [b'data', b'1234567890123456', b'\x00\xFF' * 13
] + [six.int2byte(x % 256) * x for x in range(768)]:
crypt = memcache_crypt.encrypt_data(keys['ENCRYPTION'], data)
decrypt = memcache_crypt.decrypt_data(keys['ENCRYPTION'], crypt)
self.assertEqual(data, decrypt)
self.assertRaises(memcache_crypt.DecryptError,
memcache_crypt.decrypt_data,
keys['ENCRYPTION'], crypt[:-1])
def _unprotect_cache_value(self, token, data):
""" Decrypt or verify signed data if necessary. """
if data is None:
return data
try:
if self._memcache_security_strategy == "ENCRYPT":
return memcache_crypt.decrypt_data(token, self._memcache_secret_key, data)
elif self._memcache_security_strategy == "MAC":
return memcache_crypt.verify_signed_data(token, data)
else:
return data
except:
msg = "Failed to decrypt/verify cache data."
self.LOG.exception(msg)
# this should have the same effect as data not found in cache
return None
def _unprotect_cache_value(self, token, data):
""" Decrypt or verify signed data if necessary. """
if data is None:
return data
try:
if self._memcache_security_strategy == 'ENCRYPT':
return memcache_crypt.decrypt_data(token,
self._memcache_secret_key,
data)
elif self._memcache_security_strategy == 'MAC':
return memcache_crypt.verify_signed_data(token, data)
else:
return data
except:
msg = 'Failed to decrypt/verify cache data.'
self.LOG.exception(msg)
# this should have the same effect as data not found in cache
return None
