cbmi/account/tests.py

"""
This file demonstrates writing tests using the unittest module. These will pass
when you run "manage.py test".

Replace this with more appropriate tests for your application.
"""
import base64
import pytest

from django.test import TestCase
from account.password_encryption import encrypt_ldap_password, \
    decrypt_ldap_password


class PasswordEncryptionTest(TestCase):
    """
    Test for the cbmi apps.
    """
    TEST_LDAP_PASSWD = 'correcthorsebatterystaple'

    def encrypt_it(self):
        return encrypt_ldap_password(self.TEST_LDAP_PASSWD)

    def test_encrypt_ldap_password(self):
        message, key = self.encrypt_it()
        print('key:', key)
        print('message:', message)

    def test_decrypt_ldap_password(self):
        message, key = self.encrypt_it()
        decrypted = decrypt_ldap_password(message, key)
        self.assertEqual(self.TEST_LDAP_PASSWD, decrypted)

@pytest.mark.parametrize("password", [
    "simplePassword123",
    "pässwörd_mit_üöäß",
    "",
    " " * 10,
    "🔐✨🚀",
])
def test_encrypt_decrypt_roundtrip(password):
    encrypted, key = encrypt_ldap_password(password)

    encrypted_bytes = base64.b64decode(encrypted)
    key_bytes = base64.b64decode(key)

    assert isinstance(encrypted, str)
    assert isinstance(key, str)
    assert len(key_bytes) == 16  # 128-bit AES

    decrypted = decrypt_ldap_password(encrypted, key)
    assert decrypted == password


def test_decryption_with_wrong_key_should_fail():
    password = "correctPassword"
    encrypted, key = encrypt_ldap_password(password)

    wrong_key_bytes = base64.b64decode(key)
    wrong_key_bytes = bytearray(wrong_key_bytes)
    wrong_key_bytes[0] ^= 0xFF  # Flip first bit
    wrong_key = base64.b64encode(bytes(wrong_key_bytes)).decode()

    with pytest.raises(Exception):
        decrypt_ldap_password(encrypted, wrong_key)
Init 2013-10-19 00:47:24 +02:00			`"""`
			`This file demonstrates writing tests using the unittest module. These will pass`
			`when you run "manage.py test".`

			`Replace this with more appropriate tests for your application.`
			`"""`
update dependencies, replace pycrypto with cryptography 2025-04-11 21:44:34 +02:00			`import base64`
			`import pytest`
Init 2013-10-19 00:47:24 +02:00
			`from django.test import TestCase`
Fixes IndexError on save with removed member forwarding email (#11) * Fixed IndexError if a non existent field gets queried for a value. Using dict.get to either get a value or provide a reasonable default * Removed list construction around new_key value * Clean up source code with 80x25 terminal and vim (complies with PEP-8) * Added some docstrings 2020-12-05 23:23:19 +01:00			`from account.password_encryption import encrypt_ldap_password, \`
			`decrypt_ldap_password`

Init 2013-10-19 00:47:24 +02:00
changed testcases to use the functions from password_encryption module 2013-10-27 21:14:30 +01:00			`class PasswordEncryptionTest(TestCase):`
#11 passwords are now stored with aes-128 encryption 2013-10-27 21:13:41 +01:00			`"""`
			`Test for the cbmi apps.`
			`"""`
			`TEST_LDAP_PASSWD = 'correcthorsebatterystaple'`
Init 2013-10-19 00:47:24 +02:00
#11 passwords are now stored with aes-128 encryption 2013-10-27 21:13:41 +01:00			`def encrypt_it(self):`
			`return encrypt_ldap_password(self.TEST_LDAP_PASSWD)`

			`def test_encrypt_ldap_password(self):`
			`message, key = self.encrypt_it()`
upgrade to django 1.11.16 and python3.6 2018-10-03 00:16:28 +02:00			`print('key:', key)`
			`print('message:', message)`
#11 passwords are now stored with aes-128 encryption 2013-10-27 21:13:41 +01:00
			`def test_decrypt_ldap_password(self):`
			`message, key = self.encrypt_it()`
			`decrypted = decrypt_ldap_password(message, key)`
Fixes IndexError on save with removed member forwarding email (#11) * Fixed IndexError if a non existent field gets queried for a value. Using dict.get to either get a value or provide a reasonable default * Removed list construction around new_key value * Clean up source code with 80x25 terminal and vim (complies with PEP-8) * Added some docstrings 2020-12-05 23:23:19 +01:00			`self.assertEqual(self.TEST_LDAP_PASSWD, decrypted)`
update dependencies, replace pycrypto with cryptography 2025-04-11 21:44:34 +02:00
			`@pytest.mark.parametrize("password", [`
			`"simplePassword123",`
			`"pässwörd_mit_üöäß",`
			`"",`
			`" " * 10,`
			`"🔐✨🚀",`
			`])`
			`def test_encrypt_decrypt_roundtrip(password):`
			`encrypted, key = encrypt_ldap_password(password)`

			`encrypted_bytes = base64.b64decode(encrypted)`
			`key_bytes = base64.b64decode(key)`

			`assert isinstance(encrypted, str)`
			`assert isinstance(key, str)`
			`assert len(key_bytes) == 16 # 128-bit AES`

			`decrypted = decrypt_ldap_password(encrypted, key)`
			`assert decrypted == password`


			`def test_decryption_with_wrong_key_should_fail():`
			`password = "correctPassword"`
			`encrypted, key = encrypt_ldap_password(password)`

			`wrong_key_bytes = base64.b64decode(key)`
			`wrong_key_bytes = bytearray(wrong_key_bytes)`
			`wrong_key_bytes[0] ^= 0xFF # Flip first bit`
			`wrong_key = base64.b64encode(bytes(wrong_key_bytes)).decode()`

			`with pytest.raises(Exception):`
			`decrypt_ldap_password(encrypted, wrong_key)`