def test_is_key_in_keys(self, dba):
key = dbs.Fernet.generate_key()
e_key = dbs.Fernet(key).encrypt(key)
# it is extremely unlikely that e_key is among keys
assert not dba.is_key_in_keys(e_key)
# see what is in master key column
conn = sqlite3.connect(Path(__file__).parent / 'test_db_auth.db')
cur = conn.cursor()
cur.execute('SELECT master_key FROM auth')
keys = cur.fetchall()
# they are all in keys
for key in keys:
assert dba.is_key_in_keys(key[0])
def test_add_new_key(self, dbk, master_key):
# table = 'data_keys'
table_num = 2 # 'app_keys'
table = dbk.table_tuple[table_num]
# before
rows_before = dbk.select_all(table)
rowid, key = dbk.add_new_key(table_num, master_key)
row_after = dbk.select_row_by_rowid(table, rowid)
if rowid <= len(rows_before):
assert rows_before[rowid-1] != row_after
# check the key and in_use
f = dbs.Fernet(master_key)
assert key == f.decrypt(row_after[1])
assert 'in_use' == f.decrypt(row_after[2].encode()).decode()
def test_insert_key(self, dbk, master_key):
key = dbs.Fernet.generate_key()
table_num = 0 # 'app_keys'
table = dbk.table_tuple[table_num]
rowid = 5
# before
row_before = dbk.select_row_by_rowid(table, rowid)
dbk.insert_key(key, table_num, rowid, master_key)
# after
row_after = dbk.select_row_by_rowid(table, rowid)
assert row_after != row_before
# check the key and in_use
f = dbs.Fernet(master_key)
assert key == f.decrypt(row_after[1])
assert 'in_use' == f.decrypt(row_after[2].encode()).decode()
def test_insert_password_data(self, dbp, rows_and_keys):
rowid = 1
row_and_key = (rowid, rows_and_keys[rowid])
# change app from 1 to 3 and email from 3 to 6
a = 3
e = 6
url = 'www.url.com'
un = 'new_username'
pw_data = {'app_name': a, 'email': e, 'url': url, 'username': un}
dbp.insert_password_data(pw_data, row_and_key)
row = dbp.select_row_by_rowid('data', rowid)
f = dbs.Fernet(row_and_key[1])
assert dbs.cs.decrypt_text(row[1], f) == un
assert int(dbs.cs.decrypt_text(row[2], f)) == e
assert dbs.cs.decrypt_text(row[5], f) == url
def test_delete_data(self, dbp, rows_and_keys):
rowid = 6
key = rows_and_keys[rowid]
f = dbs.Fernet(key)
# check the 'old' data
data = ['username', '00003', 'password', '0000001', 'url']
row = dbp.select_row_by_rowid('data', rowid)
assert dbs.cs.decrypt_text(row[1], f) == data[0]
dbp.delete_data(2, 6)
# now trying the key raises exception
row = dbp.select_row_by_rowid('data', rowid)
with pytest.raises(dbs.cs.cryptography.fernet.InvalidToken):
dbs.cs.decrypt_text(row[1], f) == data[0]
# insert it back
dbp.insert_data(2, data, (rowid, key))
def test_insert_data(self, dbp, rows_and_keys):
for rowid, key in rows_and_keys.items():
row_and_key = (rowid, key)
data = ['important data here', 'something']
# to check
f = dbs.Fernet(key)
# wrong data_type raises an exception
data_type = 'nonsense'
with pytest.raises(Exception):
dbp.insert_data(data_type, data, row_and_key)
row_before = dbp.select_row_by_rowid('apps', rowid)
data_type = 0
data = [f'app{rowid}', f'0000{rowid}']
dbp.insert_data(data_type, data, row_and_key)
row_after = dbp.select_row_by_rowid('apps', rowid)
assert row_before != row_after
for i, item in enumerate(data):
assert f.decrypt(row_after[i+1].encode()).decode() == item
# no errors with timestamp
int(f.decrypt(row_after[-1].encode()).decode())
row_before = dbp.select_row_by_rowid('emails', rowid)
data_type = 1
data = [f'mail{rowid}@email.com', f'0000{rowid}']
dbp.insert_data(data_type, data, row_and_key)
row_after = dbp.select_row_by_rowid('emails', rowid)
assert row_before != row_after
for i, item in enumerate(data):
assert f.decrypt(row_after[i+1].encode()).decode() == item
# no errors with timestamp
int(f.decrypt(row_after[-1].encode()).decode())
row_before = dbp.select_row_by_rowid('data', rowid)
data_type = 2
# email 3, app 1
data = ['username', '00003', 'password', '0000001', 'url']
dbp.insert_data(data_type, data, row_and_key)
row_after = dbp.select_row_by_rowid('data', rowid)
assert row_before != row_after
for i, item in enumerate(data):
assert f.decrypt(row_after[i+1].encode()).decode() == item
# no errors with timestamp
int(f.decrypt(row_after[-1].encode()).decode())
def test_decrypt_key(self, dbk, master_key):
key = dbs.Fernet.generate_key()
f = dbs.Fernet(master_key)
enc_key = f.encrypt(key)
assert key == dbk.decrypt_key(enc_key, master_key)