-
Notifications
You must be signed in to change notification settings - Fork 86
/
Copy pathtest_signer.py
134 lines (98 loc) · 5.27 KB
/
test_signer.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
# Copyright 2017 Amazon.com, Inc. or its affiliates. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"). You
# may not use this file except in compliance with the License. A copy of
# the License is located at
#
# http://aws.amazon.com/apache2.0/
#
# or in the "license" file accompanying this file. This file is
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
# ANY KIND, either express or implied. See the License for the specific
# language governing permissions and limitations under the License.
"""Unit test suite for ``aws_encryption_sdk.internal.crypto.authentication.Signer``."""
import pytest
from mock import MagicMock, sentinel
from pytest_mock import mocker # noqa pylint: disable=unused-import
import aws_encryption_sdk.internal.crypto.authentication
from aws_encryption_sdk.internal.crypto.authentication import Signer
from aws_encryption_sdk.internal.defaults import ALGORITHM
from ..vectors import VALUES
pytestmark = [pytest.mark.unit, pytest.mark.local]
@pytest.yield_fixture
def patch_default_backend(mocker):
mocker.patch.object(aws_encryption_sdk.internal.crypto.authentication, "default_backend")
yield aws_encryption_sdk.internal.crypto.authentication.default_backend
@pytest.yield_fixture
def patch_serialization(mocker):
mocker.patch.object(aws_encryption_sdk.internal.crypto.authentication, "serialization")
yield aws_encryption_sdk.internal.crypto.authentication.serialization
@pytest.yield_fixture
def patch_ecc_encode_compressed_point(mocker):
mocker.patch.object(aws_encryption_sdk.internal.crypto.authentication, "_ecc_encode_compressed_point")
yield aws_encryption_sdk.internal.crypto.authentication._ecc_encode_compressed_point
@pytest.yield_fixture
def patch_ecc_static_length_signature(mocker):
mocker.patch.object(aws_encryption_sdk.internal.crypto.authentication, "_ecc_static_length_signature")
yield aws_encryption_sdk.internal.crypto.authentication._ecc_static_length_signature
@pytest.yield_fixture
def patch_base64(mocker):
mocker.patch.object(aws_encryption_sdk.internal.crypto.authentication, "base64")
yield aws_encryption_sdk.internal.crypto.authentication.base64
@pytest.yield_fixture
def patch_build_hasher(mocker):
mocker.patch.object(Signer, "_build_hasher")
yield Signer._build_hasher
def test_f_signer_from_key_bytes():
check = Signer(algorithm=ALGORITHM, key=VALUES["ecc_private_key_prime"])
test = Signer.from_key_bytes(algorithm=ALGORITHM, key_bytes=VALUES["ecc_private_key_prime_private_bytes"])
assert check.key.private_numbers().private_value == test.key.private_numbers().private_value
def test_f_signer_key_bytes():
test = Signer(algorithm=ALGORITHM, key=VALUES["ecc_private_key_prime"])
assert test.key_bytes() == VALUES["ecc_private_key_prime_private_bytes"]
def test_signer_from_key_bytes(patch_default_backend, patch_serialization, patch_build_hasher):
_algorithm = MagicMock()
signer = Signer.from_key_bytes(algorithm=_algorithm, key_bytes=sentinel.key_bytes)
patch_serialization.load_der_private_key.assert_called_once_with(
data=sentinel.key_bytes, password=None, backend=patch_default_backend.return_value
)
assert isinstance(signer, Signer)
assert signer.algorithm is _algorithm
assert signer.key is patch_serialization.load_der_private_key.return_value
def test_signer_key_bytes(patch_default_backend, patch_serialization, patch_build_hasher):
private_key = MagicMock()
signer = Signer(MagicMock(), key=private_key)
test = signer.key_bytes()
assert test is private_key.private_bytes.return_value
private_key.private_bytes.assert_called_once_with(
encoding=patch_serialization.Encoding.DER,
format=patch_serialization.PrivateFormat.PKCS8,
encryption_algorithm=patch_serialization.NoEncryption.return_value,
)
def test_signer_encoded_public_key(
patch_default_backend, patch_serialization, patch_build_hasher, patch_ecc_encode_compressed_point, patch_base64
):
patch_ecc_encode_compressed_point.return_value = sentinel.compressed_point
patch_base64.b64encode.return_value = sentinel.encoded_point
private_key = MagicMock()
signer = Signer(MagicMock(), key=private_key)
test_key = signer.encoded_public_key()
patch_ecc_encode_compressed_point.assert_called_once_with(private_key)
patch_base64.b64encode.assert_called_once_with(sentinel.compressed_point)
assert test_key == sentinel.encoded_point
def test_signer_update(patch_default_backend, patch_serialization, patch_build_hasher):
signer = Signer(MagicMock(), key=MagicMock())
signer.update(sentinel.data)
patch_build_hasher.return_value.update.assert_called_once_with(sentinel.data)
def test_signer_finalize(
patch_default_backend, patch_serialization, patch_build_hasher, patch_ecc_static_length_signature
):
algorithm = MagicMock()
private_key = MagicMock()
signer = Signer(algorithm, key=private_key)
test_signature = signer.finalize()
patch_build_hasher.return_value.finalize.assert_called_once_with()
patch_ecc_static_length_signature.assert_called_once_with(
key=private_key, algorithm=algorithm, digest=patch_build_hasher.return_value.finalize.return_value
)
assert test_signature is patch_ecc_static_length_signature.return_value