def test__assures_data_integrity(self):
self.write_secret()
testdata = factory.make_bytes(size=10)
token = fernet_encrypt_psk(testdata)
bad_token = bytearray(token)
# Flip a bit in the token, so we can ensure it won't decrypt if it
# has been corrupted. Subtract 4 to avoid the end of the token; that
# portion is just padding, and isn't covered by the HMAC.
byte_to_flip = randint(0, len(bad_token) - 4)
bit_to_flip = 1 << randint(0, 7)
bad_token[byte_to_flip] ^= bit_to_flip
bad_token = bytes(bad_token)
test_description = ("token=%s; token[%d] ^= 0x%02x" % (
token.decode("utf-8"), byte_to_flip, bit_to_flip))
with ExpectedException(InvalidToken, msg=test_description):
fernet_decrypt_psk(bad_token)
评论列表
文章目录
