def test_is_key_in_keys(self, dba): key = dbs.Fernet.generate_key() e_key = dbs.Fernet(key).encrypt(key) # it is extremely unlikely that e_key is among keys assert not dba.is_key_in_keys(e_key) # see what is in master key column conn = sqlite3.connect(Path(__file__).parent / 'test_db_auth.db') cur = conn.cursor() cur.execute('SELECT master_key FROM auth') keys = cur.fetchall() # they are all in keys for key in keys: assert dba.is_key_in_keys(key[0])
def test_add_new_key(self, dbk, master_key): # table = 'data_keys' table_num = 2 # 'app_keys' table = dbk.table_tuple[table_num] # before rows_before = dbk.select_all(table) rowid, key = dbk.add_new_key(table_num, master_key) row_after = dbk.select_row_by_rowid(table, rowid) if rowid <= len(rows_before): assert rows_before[rowid-1] != row_after # check the key and in_use f = dbs.Fernet(master_key) assert key == f.decrypt(row_after[1]) assert 'in_use' == f.decrypt(row_after[2].encode()).decode()
def test_insert_key(self, dbk, master_key): key = dbs.Fernet.generate_key() table_num = 0 # 'app_keys' table = dbk.table_tuple[table_num] rowid = 5 # before row_before = dbk.select_row_by_rowid(table, rowid) dbk.insert_key(key, table_num, rowid, master_key) # after row_after = dbk.select_row_by_rowid(table, rowid) assert row_after != row_before # check the key and in_use f = dbs.Fernet(master_key) assert key == f.decrypt(row_after[1]) assert 'in_use' == f.decrypt(row_after[2].encode()).decode()
def test_insert_password_data(self, dbp, rows_and_keys): rowid = 1 row_and_key = (rowid, rows_and_keys[rowid]) # change app from 1 to 3 and email from 3 to 6 a = 3 e = 6 url = 'www.url.com' un = 'new_username' pw_data = {'app_name': a, 'email': e, 'url': url, 'username': un} dbp.insert_password_data(pw_data, row_and_key) row = dbp.select_row_by_rowid('data', rowid) f = dbs.Fernet(row_and_key[1]) assert dbs.cs.decrypt_text(row[1], f) == un assert int(dbs.cs.decrypt_text(row[2], f)) == e assert dbs.cs.decrypt_text(row[5], f) == url
def test_delete_data(self, dbp, rows_and_keys): rowid = 6 key = rows_and_keys[rowid] f = dbs.Fernet(key) # check the 'old' data data = ['username', '00003', 'password', '0000001', 'url'] row = dbp.select_row_by_rowid('data', rowid) assert dbs.cs.decrypt_text(row[1], f) == data[0] dbp.delete_data(2, 6) # now trying the key raises exception row = dbp.select_row_by_rowid('data', rowid) with pytest.raises(dbs.cs.cryptography.fernet.InvalidToken): dbs.cs.decrypt_text(row[1], f) == data[0] # insert it back dbp.insert_data(2, data, (rowid, key))
def test_insert_data(self, dbp, rows_and_keys): for rowid, key in rows_and_keys.items(): row_and_key = (rowid, key) data = ['important data here', 'something'] # to check f = dbs.Fernet(key) # wrong data_type raises an exception data_type = 'nonsense' with pytest.raises(Exception): dbp.insert_data(data_type, data, row_and_key) row_before = dbp.select_row_by_rowid('apps', rowid) data_type = 0 data = [f'app{rowid}', f'0000{rowid}'] dbp.insert_data(data_type, data, row_and_key) row_after = dbp.select_row_by_rowid('apps', rowid) assert row_before != row_after for i, item in enumerate(data): assert f.decrypt(row_after[i+1].encode()).decode() == item # no errors with timestamp int(f.decrypt(row_after[-1].encode()).decode()) row_before = dbp.select_row_by_rowid('emails', rowid) data_type = 1 data = [f'mail{rowid}@email.com', f'0000{rowid}'] dbp.insert_data(data_type, data, row_and_key) row_after = dbp.select_row_by_rowid('emails', rowid) assert row_before != row_after for i, item in enumerate(data): assert f.decrypt(row_after[i+1].encode()).decode() == item # no errors with timestamp int(f.decrypt(row_after[-1].encode()).decode()) row_before = dbp.select_row_by_rowid('data', rowid) data_type = 2 # email 3, app 1 data = ['username', '00003', 'password', '0000001', 'url'] dbp.insert_data(data_type, data, row_and_key) row_after = dbp.select_row_by_rowid('data', rowid) assert row_before != row_after for i, item in enumerate(data): assert f.decrypt(row_after[i+1].encode()).decode() == item # no errors with timestamp int(f.decrypt(row_after[-1].encode()).decode())
def test_decrypt_key(self, dbk, master_key): key = dbs.Fernet.generate_key() f = dbs.Fernet(master_key) enc_key = f.encrypt(key) assert key == dbk.decrypt_key(enc_key, master_key)