← Back to branch summary

~ubuntu-branches/ubuntu/trusty/python-keystoneclient/trusty-proposed

« back to all changes in this revision

Viewing changes to keystoneclient/tests/test_memcache_crypt.py

  • Committer: Package Import Robot
  • Author(s): Chuck Short, Adam Gandelman, Chuck Short
  • Date: 2013-11-14 10:51:32 UTC
  • mfrom: (1.1.23)
  • Revision ID: package-import@ubuntu.com-20131114105132-p1o428l7fclasv9e
Tags: 1:0.4.1-0ubuntu1
[ Adam Gandelman ]
* debian/patches: Refreshed.
* debian/patches/use-mox-dependency.patch: Use mox instead of mox3
  dependency.

[ Chuck Short ]
* New upstream release.
* debian/control:
  - open icehouse release.
  - Dropped python-d2to1 and python-httplib2 dependency.
* debian/patches/skip-tests-ubuntu.patch: Dropped no longer needed.

Show diffs side-by-side

added added

removed removed

Lines of Context:
keystoneclient/tests/test_memcache_crypt.py
 
1
# vim: tabstop=4 shiftwidth=4 softtabstop=4
 
2
 
 
3
#    Licensed under the Apache License, Version 2.0 (the "License"); you may
 
4
#    not use this file except in compliance with the License. You may obtain
 
5
#    a copy of the License at
 
6
#
 
7
#         http://www.apache.org/licenses/LICENSE-2.0
 
8
#
 
9
#    Unless required by applicable law or agreed to in writing, software
 
10
#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 
11
#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 
12
#    License for the specific language governing permissions and limitations
 
13
#    under the License.
 
14
 
 
15
import testtools
 
16
 
 
17
from keystoneclient.middleware import memcache_crypt
 
18
 
 
19
 
 
20
class MemcacheCryptPositiveTests(testtools.TestCase):
 
21
    def _setup_keys(self, strategy):
 
22
        return memcache_crypt.derive_keys('token', 'secret', strategy)
 
23
 
 
24
    def test_constant_time_compare(self):
 
25
        # make sure it works as a compare, the "constant time" aspect
 
26
        # isn't appropriate to test in unittests
 
27
        ctc = memcache_crypt.constant_time_compare
 
28
        self.assertTrue(ctc('abcd', 'abcd'))
 
29
        self.assertTrue(ctc('', ''))
 
30
        self.assertFalse(ctc('abcd', 'efgh'))
 
31
        self.assertFalse(ctc('abc', 'abcd'))
 
32
        self.assertFalse(ctc('abc', 'abc\x00'))
 
33
        self.assertFalse(ctc('', 'abc'))
 
34
 
 
35
    def test_derive_keys(self):
 
36
        keys = memcache_crypt.derive_keys('token', 'secret', 'strategy')
 
37
        self.assertEqual(len(keys['ENCRYPTION']),
 
38
                         len(keys['CACHE_KEY']))
 
39
        self.assertEqual(len(keys['CACHE_KEY']),
 
40
                         len(keys['MAC']))
 
41
        self.assertNotEqual(keys['ENCRYPTION'],
 
42
                            keys['MAC'])
 
43
        self.assertIn('strategy', keys.keys())
 
44
 
 
45
    def test_key_strategy_diff(self):
 
46
        k1 = self._setup_keys('MAC')
 
47
        k2 = self._setup_keys('ENCRYPT')
 
48
        self.assertNotEqual(k1, k2)
 
49
 
 
50
    def test_sign_data(self):
 
51
        keys = self._setup_keys('MAC')
 
52
        sig = memcache_crypt.sign_data(keys['MAC'], 'data')
 
53
        self.assertEqual(len(sig), memcache_crypt.DIGEST_LENGTH_B64)
 
54
 
 
55
    def test_encryption(self):
 
56
        keys = self._setup_keys('ENCRYPT')
 
57
        # what you put in is what you get out
 
58
        for data in ['data', '1234567890123456', '\x00\xFF' * 13
 
59
                     ] + [chr(x % 256) * x for x in range(768)]:
 
60
            crypt = memcache_crypt.encrypt_data(keys['ENCRYPTION'], data)
 
61
            decrypt = memcache_crypt.decrypt_data(keys['ENCRYPTION'], crypt)
 
62
            self.assertEqual(data, decrypt)
 
63
            self.assertRaises(memcache_crypt.DecryptError,
 
64
                              memcache_crypt.decrypt_data,
 
65
                              keys['ENCRYPTION'], crypt[:-1])
 
66
 
 
67
    def test_protect_wrappers(self):
 
68
        data = 'My Pretty Little Data'
 
69
        for strategy in ['MAC', 'ENCRYPT']:
 
70
            keys = self._setup_keys(strategy)
 
71
            protected = memcache_crypt.protect_data(keys, data)
 
72
            self.assertNotEqual(protected, data)
 
73
            if strategy == 'ENCRYPT':
 
74
                self.assertNotIn(data, protected)
 
75
            unprotected = memcache_crypt.unprotect_data(keys, protected)
 
76
            self.assertEqual(data, unprotected)
 
77
            self.assertRaises(memcache_crypt.InvalidMacError,
 
78
                              memcache_crypt.unprotect_data,
 
79
                              keys, protected[:-1])
 
80
            self.assertIsNone(memcache_crypt.unprotect_data(keys, None))
 
81
 
 
82
    def test_no_pycrypt(self):
 
83
        aes = memcache_crypt.AES
 
84
        memcache_crypt.AES = None
 
85
        self.assertRaises(memcache_crypt.CryptoUnavailableError,
 
86
                          memcache_crypt.encrypt_data, 'token', 'secret',
 
87
                          'data')
 
88
        memcache_crypt.AES = aes