diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2016-01-21 08:54:59 -0600 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2016-01-21 08:54:59 -0600 |
| commit | a418e96e08537e77b86c7eff8975e0c76b251797 (patch) | |
| tree | e358b7def421ef7c2414e13897f4b124934efa1d /tests/test_fernet.py | |
| parent | f0546c66551099b69a69b6d3db9b439aeb8bea08 (diff) | |
| download | cryptography-a418e96e08537e77b86c7eff8975e0c76b251797.tar.gz cryptography-a418e96e08537e77b86c7eff8975e0c76b251797.tar.bz2 cryptography-a418e96e08537e77b86c7eff8975e0c76b251797.zip | |
fernet fix: ignore the timestamp entirely when no ttl is set
Previously if the token claimed to have been generated more than 60
seconds in the future we would raise InvalidToken even if ttl was set
to None.
Diffstat (limited to 'tests/test_fernet.py')
| -rw-r--r-- | tests/test_fernet.py | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/tests/test_fernet.py b/tests/test_fernet.py index 0b93f017..c272eec0 100644 --- a/tests/test_fernet.py +++ b/tests/test_fernet.py @@ -103,6 +103,15 @@ class TestFernet(object): with pytest.raises(TypeError): f.decrypt(u"") + def test_timestamp_ignored_no_ttl(self, monkeypatch, backend): + f = Fernet(base64.urlsafe_b64encode(b"\x00" * 32), backend=backend) + pt = b"encrypt me" + token = f.encrypt(pt) + ts = "1985-10-26T01:20:01-07:00" + current_time = calendar.timegm(iso8601.parse_date(ts).utctimetuple()) + monkeypatch.setattr(time, "time", lambda: current_time) + assert f.decrypt(token, ttl=None) == pt + @pytest.mark.parametrize("message", [b"", b"Abc!", b"\x00\xFF\x00\x80"]) def test_roundtrips(self, message, backend): f = Fernet(Fernet.generate_key(), backend=backend) |