def test_serialization_and_deserialization_does_not_garble_output(): """ Ensure that encrypt/decrypt works even after serializing and deserializing """ private_key = generate_new_private_key() public_key = generate_new_public_key(private_key) input_str = "AABB" encrypted_str = encrypt_value(input_str, public_key) built_dict = {"sum_key": Encrypted(encrypted_str)} dump_output = dump(built_dict) str_to_load = dump(built_dict) load_output = load(str_to_load) dump_output = dump(load_output) load_output = load(dump_output) parsed_encrypted = load_output['sum_key'] output_str = decrypt_value(parsed_encrypted, private_key) assert input_str == output_str
def test_reencrypt_secrets_and_write_to_yaml_file(): private_key_file = "fixtures/test.private" private_key = load_private_key_from_file(private_key_file) yaml_file_fixture = "fixtures/test_reencrypt_secrets_and_write_to_yaml_file.yml" input_yaml_file = "test_output/test_reencrypt_secrets_and_write_to_yaml_file.yml" test_encrypted_key = "C" copyfile(yaml_file_fixture, input_yaml_file) private_key_output_filename_new = "test_output/test_new_reencrypt_secrets_and_write_to_yaml_file.private" public_key_output_filename_new = "test_output/test_new_reencrypt_secrets_and_write_to_yaml_file.public" private_key_new = generate_private_key_to_file( private_key_output_filename_new) public_key_new = generate_public_key_to_file( private_key_output_filename_new, public_key_output_filename_new) reencrypt_secrets_and_write_to_yaml_file(input_yaml_file, private_key_file, public_key_output_filename_new) before_dict = None with open(yaml_file_fixture) as f: before_dict = load(f) # Check for expected test data assert before_dict["A"] == "A" assert before_dict["B"] == "B" # Check for expected encrypted test data test_encrypted_key_value = decrypt_value(before_dict[test_encrypted_key], private_key) assert test_encrypted_key_value == "C" after_dict = None with open(input_yaml_file) as f: after_dict = load(f) # Test the expected test data was not modified, and is still present assert after_dict["A"] == "A" assert after_dict["B"] == "B" # Test the value is re-encrypted test_encrypted_key_value = decrypt_value(after_dict[test_encrypted_key], private_key_new) assert test_encrypted_key_value == "C"
def test_encrypt_decrypt_for_short_values_with_no_chunking(): """ Test that we an encrypt and decrypt a short value """ private_key = generate_new_private_key() public_key = generate_new_public_key(private_key) input_str = "A" * 2 message = encrypt_value(input_str, public_key) output_str = decrypt_value(message, private_key) assert input_str == output_str
def test_encrypt_value_and_print(): private_key_output_filename = "test_output/test_encrypt_value_and_print.private" public_key_output_filename = "test_output/test_encrypt_value_and_print.public" private_key = generate_private_key_to_file(private_key_output_filename) public_key = generate_public_key_to_file(private_key_output_filename, public_key_output_filename) input_str = "A" * 2 message = encrypt_value_and_print(input_str, public_key_output_filename) output_str = decrypt_value(message, private_key) assert input_str == output_str
def test_encrypt_decrypt_for_long_values_with_chunking(): """ Test that for a value that is too large to be encrypted in one pass that we can encrypt/decrypt it. """ private_key = generate_new_private_key() public_key = generate_new_public_key(private_key) input_str = "你" * KEY_CHUNK_SIZE * 10 message = encrypt_value(input_str, public_key) output_str = decrypt_value(message, private_key) assert input_str == output_str