def test_keyset_info(self): keyset = tink_pb2.Keyset(primary_key_id=2) keyset.key.extend([ helper.fake_key(value=b'v1', type_url='t1', key_id=1, status=tink_pb2.ENABLED, output_prefix_type=tink_pb2.TINK), helper.fake_key(value=b'v2', type_url='t2', key_id=2, status=tink_pb2.DESTROYED, output_prefix_type=tink_pb2.RAW) ]) handle = core.KeysetHandle(keyset) expected_keyset_info = tink_pb2.KeysetInfo(primary_key_id=2) info1 = expected_keyset_info.key_info.add() info1.type_url = 't1' info1.status = tink_pb2.ENABLED info1.output_prefix_type = tink_pb2.TINK info1.key_id = 1 info2 = expected_keyset_info.key_info.add() info2.type_url = 't2' info2.status = tink_pb2.DESTROYED info2.output_prefix_type = tink_pb2.RAW info2.key_id = 2 self.assertEqual(expected_keyset_info, handle.keyset_info())
def test_primitive_fails_on_multiple_primary_keys(self): keyset = tink_pb2.Keyset() keyset.key.extend( [helper.fake_key(key_id=12345), helper.fake_key(key_id=12345)]) keyset.primary_key_id = 12345 handle = core.KeysetHandle(keyset) with self.assertRaisesRegex(core.TinkError, 'keyset contains multiple primary keys'): handle.primitive(aead.Aead)
def new_primitives_and_keys(key_id, output_prefix_type): fake_dec_key = helper.fake_key( key_material_type=tink_pb2.KeyData.ASYMMETRIC_PRIVATE, key_id=key_id, output_prefix_type=output_prefix_type) fake_enc_key = helper.fake_key( key_material_type=tink_pb2.KeyData.ASYMMETRIC_PUBLIC, key_id=key_id, output_prefix_type=output_prefix_type) fake_hybrid_decrypt = helper.FakeHybridDecrypt( 'fakeHybrid {}'.format(key_id)) fake_hybrid_encrypt = helper.FakeHybridEncrypt( 'fakeHybrid {}'.format(key_id)) return fake_hybrid_decrypt, fake_hybrid_encrypt, fake_dec_key, fake_enc_key
def test_add_invalid_key_fails(self): primitive_set = core.new_primitive_set(mac.Mac) key = helper.fake_key() key.ClearField('output_prefix_type') with self.assertRaisesRegex(core.TinkError, 'invalid OutputPrefixType'): primitive_set.add_primitive(helper.FakeMac(), key)
def new_primitive_key_pair(key_id, output_prefix_type): fake_key = helper.fake_key( key_id=key_id, key_material_type=tink_pb2.KeyData.ASYMMETRIC_PRIVATE, output_prefix_type=output_prefix_type) fake_sign = helper.FakePublicKeyVerify('fakePublicKeySign {}'.format(key_id)) return fake_sign, fake_key,
def test_list_of_entries_can_be_modified(self): primitive_set = core.new_primitive_set(mac.Mac) key = helper.fake_key(key_id=1) primitive_set.add_primitive(helper.FakeMac('FakeMac'), key) entries = primitive_set.primitive(key) entries.append('Something') self.assertLen(primitive_set.primitive(key), 1)
def test_primitive_fails_on_empty_keyset(self): keyset = tink_pb2.Keyset() keyset.key.extend([helper.fake_key(key_id=1, status=tink_pb2.DESTROYED)]) keyset.primary_key_id = 1 handle = _keyset_handle(keyset) with self.assertRaisesRegex(core.TinkError, 'empty keyset'): handle.primitive(aead.Aead)
def test_primitive_fails_on_key_with_unknown_status(self): keyset = tink_pb2.Keyset() keyset.key.extend( [helper.fake_key(key_id=1234, status=tink_pb2.UNKNOWN_STATUS)]) keyset.primary_key_id = 1234 handle = _keyset_handle(keyset) with self.assertRaisesRegex(core.TinkError, 'key 1234 has unknown status'): handle.primitive(aead.Aead)
def _mac_set(mac_list): """Converts a List of Mac in a PrimitiveSet and sets the last primary.""" mac_set = core.new_primitive_set(mac.Mac) for i, primitive in enumerate(mac_list): mac_set.set_primary( mac_set.add_primitive( primitive, helper.fake_key(key_id=i, output_prefix_type=tink_pb2.RAW))) return mac_set
def test_primitive_fails_on_key_with_unknown_prefix(self): keyset = tink_pb2.Keyset() keyset.key.extend([ helper.fake_key(key_id=12, output_prefix_type=tink_pb2.UNKNOWN_PREFIX) ]) keyset.primary_key_id = 12 handle = _keyset_handle(keyset) with self.assertRaisesRegex(core.TinkError, 'key 12 has unknown prefix'): handle.primitive(aead.Aead)
def test_primitive_fails_on_key_without_keydata(self): keyset = tink_pb2.Keyset() key = helper.fake_key(key_id=123) key.ClearField('key_data') keyset.key.extend([key]) keyset.primary_key_id = 123 handle = core.KeysetHandle(keyset) with self.assertRaisesRegex(core.TinkError, 'key 123 has no key data'): handle.primitive(aead.Aead)
def test_same_key_id_and_prefix_type(self): primitive_set = core.new_primitive_set(mac.Mac) key1 = helper.fake_key(key_id=1, status=tink_pb2.ENABLED) fake_mac1 = helper.FakeMac('FakeMac1') primitive_set.add_primitive(fake_mac1, key1) key2 = helper.fake_key(key_id=1, status=tink_pb2.DISABLED) fake_mac2 = helper.FakeMac('FakeMac2') primitive_set.add_primitive(fake_mac2, key2) expected_ident = crypto_format.output_prefix(key1) entries = primitive_set.primitive(key1) self.assertLen(entries, 2) self.assertEqual(fake_mac1, entries[0].primitive) self.assertEqual(fake_mac2, entries[1].primitive) self.assertEqual(tink_pb2.ENABLED, entries[0].status) self.assertEqual(tink_pb2.DISABLED, entries[1].status) self.assertEqual(expected_ident, entries[0].identifier) self.assertEqual(expected_ident, entries[1].identifier) self.assertLen(primitive_set.primitive(key2), 2)
def test_primary_returns_primary(self): primitive_set = core.new_primitive_set(mac.Mac) key = helper.fake_key(key_id=1) fake_mac = helper.FakeMac('FakeMac') entry = primitive_set.add_primitive(fake_mac, key) primitive_set.set_primary(entry) entry = primitive_set.primary() self.assertEqual(fake_mac, entry.primitive) self.assertEqual(tink_pb2.ENABLED, entry.status) self.assertEqual(crypto_format.output_prefix(key), entry.identifier)
def test_raw_primitives(self): primitive_set = core.new_primitive_set(mac.Mac) primitive_set.add_primitive(helper.FakeMac('FakeMac1'), helper.fake_key(key_id=1)) key2 = helper.fake_key(key_id=1, output_prefix_type=tink_pb2.RAW) fake_mac2 = helper.FakeMac('FakeMac2') primitive_set.add_primitive(fake_mac2, key2) key3 = helper.fake_key(key_id=3, status=tink_pb2.DISABLED, output_prefix_type=tink_pb2.RAW) fake_mac3 = helper.FakeMac('FakeMac3') primitive_set.add_primitive(fake_mac3, key3) entries = primitive_set.raw_primitives() self.assertLen(entries, 2) self.assertEqual(fake_mac2, entries[0].primitive) self.assertEqual(tink_pb2.ENABLED, entries[0].status) self.assertEqual(crypto_format.RAW_PREFIX, entries[0].identifier) self.assertEqual(fake_mac3, entries[1].primitive) self.assertEqual(tink_pb2.DISABLED, entries[1].status) self.assertEqual(crypto_format.RAW_PREFIX, entries[1].identifier)
def test_primitive_from_identifier_returns_entry(self): primitive_set = core.new_primitive_set(mac.Mac) key = helper.fake_key(key_id=1) fake_mac = helper.FakeMac('FakeMac') primitive_set.add_primitive(fake_mac, key) ident = crypto_format.output_prefix(key) entries = primitive_set.primitive_from_identifier(ident) self.assertLen(entries, 1) entry = entries[0] self.assertEqual(fake_mac, entry.primitive) self.assertEqual(tink_pb2.ENABLED, entry.status) self.assertEqual(ident, entry.identifier)
def test_same_key_id_but_different_prefix_type(self): primitive_set = core.new_primitive_set(mac.Mac) key1 = helper.fake_key(key_id=1, output_prefix_type=tink_pb2.TINK) fake_mac1 = helper.FakeMac('FakeMac1') primitive_set.add_primitive(fake_mac1, key1) key2 = helper.fake_key(key_id=1, output_prefix_type=tink_pb2.LEGACY) fake_mac2 = helper.FakeMac('FakeMac2') primitive_set.add_primitive(fake_mac2, key2) entries1 = primitive_set.primitive(key1) self.assertLen(entries1, 1) self.assertEqual(fake_mac1, entries1[0].primitive) self.assertEqual(tink_pb2.ENABLED, entries1[0].status) self.assertEqual(crypto_format.output_prefix(key1), entries1[0].identifier) entries2 = primitive_set.primitive(key2) self.assertLen(entries2, 1) self.assertEqual(fake_mac2, entries2[0].primitive) self.assertEqual(tink_pb2.ENABLED, entries2[0].status) self.assertEqual(crypto_format.output_prefix(key2), entries2[0].identifier)
def new_primitive_key_pair(self, key_id, output_prefix_type): fake_key = helper.fake_key(key_id=key_id, output_prefix_type=output_prefix_type) fake_aead = helper.FakeAead('fakeAead {}'.format(key_id)) return fake_aead, fake_key
def new_primitive_key_pair(self, key_id, output_prefix_type): fake_key = helper.fake_key( key_id=key_id, output_prefix_type=output_prefix_type) fake_mac = helper.FakeMac('fakeMac {}'.format(key_id)) return fake_mac, fake_key
def test_add_wrong_primitive_fails(self): primitive_set = core.new_primitive_set(aead.Aead) with self.assertRaisesRegex(core.TinkError, 'The primitive is not an instance of '): primitive_set.add_primitive(helper.FakeMac(), helper.fake_key())
def test_primary_returns_none(self): primitive_set = core.new_primitive_set(mac.Mac) primitive_set.add_primitive(helper.FakeMac('FakeMac'), helper.fake_key(key_id=1)) self.assertEqual(primitive_set.primary(), None)
def test_unknown_key_returns_empty_list(self): primitive_set = core.new_primitive_set(mac.Mac) unknown_key = helper.fake_key(key_id=1) self.assertEqual(primitive_set.primitive(unknown_key), [])