def test_string_can_be_decrypt(): """Basic encryption decryption test.""" encrypted_source = encryption.encrypt(SOURCE, SECRET_KEY) assert SOURCE != encrypted_source decrypted_source = encryption.decrypt(encrypted_source, SECRET_KEY) assert SOURCE == decrypted_source
def test_bytes_can_be_decrypt(): """Basic decryption test.""" encrypted_source = encryption.encrypt(SOURCE.encode(), SECRET_KEY) assert SOURCE != encrypted_source decrypted_source = encryption.decrypt(encrypted_source, SECRET_KEY) assert SOURCE == decrypted_source
def test_generate_file_with_secretkey_entered(input_mock, getpass_mock): """Test with user secret key.""" input_mock.side_effect = ["n", FakeSettings.SECRET_KEY, "user"] getpass_mock.return_value = "pass" init_and_launch_command([]) assert os.path.exists(CREATED_FILE_PATH) config = configparser.RawConfigParser() config.read(CREATED_FILE_PATH) secret_key = config.get("DJANGO", "KEY") assert secret_key == FakeSettings.SECRET_KEY assert config.get("DATABASE_CREDENTIALS", "USER") == "user" assert (encryption.decrypt(config.get("DATABASE_CREDENTIALS", "PASSWORD"), secret_key) == "pass") os.remove(CREATED_FILE_PATH)
def test_decryption_error(): """Basic decryption error.""" with pytest.raises(ValueError): encryption.decrypt("Bad value", SECRET_KEY)
def handle(self, *args, **options): """ Command core. """ settings_template_file = options["settings_template_file"] settings_file_path = options["settings_file_path"] force_secret_key = options["force_secretkey"] if not force_secret_key: force_secret_key = self.default_force_secret_key if not settings_template_file: raise CommandError( "Parameter settings_template_file undefined.\nUsage: %s" % self.usage ) if not settings_file_path: raise CommandError( "Parameter settings_file_path undefined.\nUsage: %s" % self.usage ) if not os.path.exists(settings_template_file): raise CommandError("The settings template file doesn't exists.") self.stdout.write("** Configuration file generation: **") if os.path.exists(settings_file_path): override = get_input( "A configuration file already exists at %s. " "Would you override it ? (y/N) : " % settings_file_path ) if override.upper() != "Y": raise CommandError("Generation cancelled.") config = RawConfigParser() config.read(settings_template_file) input_secret_key = False secret_key = None if not force_secret_key: generate_secret_key = get_input( "Do you want to generate the secret key for Django ? (Y/n) : " ) input_secret_key = generate_secret_key.upper() == "N" if input_secret_key: secret_key = get_input("Enter your secret key : ") if not secret_key: raise CommandError( "Django secret key is needed for encryption. Generation cancelled." ) else: self.stdout.write("Django secret key generation !") self.stdout.write("\n** Filling values for configuration file content **") variable_regex = re.compile(r" *{(.+)} *") properties = {} for section in config.sections(): properties[section] = {} for key, value in config.items(section): match_groups = variable_regex.match(value) if match_groups: value_type = match_groups.group(1).strip().upper() value = self.get_value(section, key, value_type) properties[section][key] = value max_retry = 0 if input_secret_key else 3 retry = 0 encrypted_properties = properties.copy() while retry <= max_retry and self.encrypted_field: if secret_key is None: secret_key = get_random_secret_key().replace("%", "0") try: for section, key in self.encrypted_field: value = encryption.encrypt(properties[section][key], secret_key) encryption.decrypt(value, secret_key) encrypted_properties[section][key] = value retry = max_retry except ValueError: secret_key = None retry += 1 if secret_key is None: raise CommandError( "Error while encoding / decoding passwords with the secret key." "Retried %s. Generation cancelled." % max_retry ) for section, key in self.django_keys: encrypted_properties[section][key] = secret_key # Fill config file for section, values in encrypted_properties.items(): for key, value in values.items(): config.set(section, key, value) self.stdout.write("\nWriting file at %s:" % settings_file_path) settings_directory = os.path.dirname(settings_file_path) if not os.path.exists(settings_directory): os.makedirs(settings_directory) with open(settings_file_path, "w") as config_file: config.write(config_file) self.stdout.write( self.style.SUCCESS("Configuration file successfully generated !") )