def test_read_bytes_from_framed_body_single_frame(self): ct_stream = io.BytesIO(VALUES["data_128"]) test_decryptor = StreamDecryptor( materials_manager=self.mock_materials_manager, source=ct_stream, commitment_policy=self.mock_commitment_policy, ) test_decryptor.verifier = MagicMock() test_decryptor.data_key = MagicMock() test_decryptor._header = self.mock_header test_decryptor._derived_data_key = sentinel.derived_data_key frame_data = MagicMock() frame_data.sequence_number = 1 frame_data.final_frame = False frame_data.ciphertext = b"asdfzxcv" self.mock_deserialize_frame.return_value = (frame_data, False) self.mock_get_aad_content_string.return_value = sentinel.aad_content_string self.mock_assemble_content_aad.return_value = sentinel.associated_data self.mock_decrypt.return_value = b"1234" test = test_decryptor._read_bytes_from_framed_body(4) self.mock_deserialize_frame.assert_called_once_with( stream=test_decryptor.source_stream, header=test_decryptor._header, verifier=test_decryptor.verifier) assert not self.mock_deserialize_footer.called assert test == b"1234"
def test_read_bytes_from_framed_body_single_frame(self): ct_stream = io.BytesIO(VALUES['data_128']) test_decryptor = StreamDecryptor( key_provider=self.mock_key_provider, source=ct_stream ) test_decryptor.verifier = MagicMock() test_decryptor.data_key = MagicMock() test_decryptor._header = self.mock_header frame_data = MagicMock() frame_data.sequence_number = 1 frame_data.final_frame = False frame_data.ciphertext = b'asdfzxcv' self.mock_deserialize_frame.return_value = (frame_data, False) self.mock_get_aad_content_string.return_value = sentinel.aad_content_string self.mock_assemble_content_aad.return_value = sentinel.associated_data self.mock_decrypt.return_value = b'1234' test = test_decryptor._read_bytes_from_framed_body(4) self.mock_deserialize_frame.assert_called_once_with( stream=test_decryptor.source_stream, header=test_decryptor._header, verifier=test_decryptor.verifier ) assert not self.mock_deserialize_footer.called assert not test_decryptor.source_stream.closed assert test == b'1234'
def test_close(self, mock_close): self.mock_header.content_type = ContentType.NO_FRAMING test_decryptor = StreamDecryptor(key_provider=self.mock_key_provider, source=self.mock_input_stream) test_decryptor.footer = sentinel.footer test_decryptor.data_key = VALUES["data_key_obj"] test_decryptor.close() mock_close.assert_called_once_with()
def test_close(self, mock_close): self.mock_header.content_type = ContentType.NO_FRAMING test_decryptor = StreamDecryptor( materials_manager=self.mock_materials_manager, source=self.mock_input_stream, commitment_policy=self.mock_commitment_policy, ) test_decryptor.footer = sentinel.footer test_decryptor.data_key = VALUES["data_key_obj"] test_decryptor.close() mock_close.assert_called_once_with()
def test_prep_non_framed_content_length_too_large(self): self.mock_header.content_type = ContentType.NO_FRAMING self.mock_header.frame_length = 1024 test_decryptor = StreamDecryptor( key_provider=self.mock_key_provider, source=self.mock_input_stream, max_body_length=len(VALUES['data_128']) // 2) test_decryptor._header = self.mock_header test_decryptor.verifier = sentinel.verifier mock_data_key = MagicMock() test_decryptor.data_key = mock_data_key with six.assertRaisesRegex( self, CustomMaximumValueExceeded, 'Non-framed message content length found larger than custom value: {found} > {custom}' .format(found=len(VALUES['data_128']), custom=len(VALUES['data_128']) // 2)): test_decryptor._prep_non_framed()
def test_prep_non_framed_content_length_too_large(self): self.mock_header.content_type = ContentType.NO_FRAMING self.mock_header.frame_length = 1024 test_decryptor = StreamDecryptor( key_provider=self.mock_key_provider, source=self.mock_input_stream, max_body_length=len(VALUES["data_128"]) // 2, ) test_decryptor._header = self.mock_header test_decryptor.verifier = sentinel.verifier mock_data_key = MagicMock() test_decryptor.data_key = mock_data_key with pytest.raises(CustomMaximumValueExceeded) as excinfo: test_decryptor._prep_non_framed() excinfo.match( "Non-framed message content length found larger than custom value: {found} > {custom}" .format(found=len(VALUES["data_128"]), custom=len(VALUES["data_128"]) // 2))
def test_prep_non_framed(self): test_decryptor = StreamDecryptor( key_provider=self.mock_key_provider, source=self.mock_input_stream ) test_decryptor._header = self.mock_header test_decryptor.verifier = sentinel.verifier mock_data_key = MagicMock() test_decryptor.data_key = mock_data_key test_decryptor._prep_non_framed() self.mock_deserialize_non_framed_values.assert_called_once_with( stream=self.mock_input_stream, header=self.mock_header, verifier=sentinel.verifier ) assert test_decryptor.body_length == len(VALUES['data_128']) self.mock_get_aad_content_string.assert_called_once_with( content_type=self.mock_header.content_type, is_final_frame=True ) self.mock_assemble_content_aad.assert_called_once_with( message_id=self.mock_header.message_id, aad_content_string=sentinel.aad_content_string, seq_num=1, length=len(VALUES['data_128']) ) self.mock_decryptor.assert_called_once_with( algorithm=self.mock_header.algorithm, key=mock_data_key.data_key, associated_data=sentinel.associated_data, message_id=self.mock_header.message_id, iv=sentinel.iv, tag=sentinel.tag ) assert test_decryptor.decryptor is self.mock_decryptor_instance assert test_decryptor.body_start == 0 assert test_decryptor.body_end == len(VALUES['data_128'])
def test_read_bytes_from_framed_body_multi_frame_finalize(self): ct_stream = io.BytesIO(VALUES["data_128"]) test_decryptor = StreamDecryptor( materials_manager=self.mock_materials_manager, source=ct_stream, commitment_policy=self.mock_commitment_policy, ) test_decryptor.verifier = MagicMock() test_decryptor.data_key = MagicMock() test_decryptor._header = self.mock_header test_decryptor._derived_data_key = sentinel.derived_data_key frame_data_1 = MagicMock() frame_data_1.sequence_number = 1 frame_data_1.final_frame = False frame_data_1.ciphertext = b"qwer" frame_data_2 = MagicMock() frame_data_2.sequence_number = 2 frame_data_2.final_frame = False frame_data_2.ciphertext = b"asdfg" frame_data_3 = MagicMock() frame_data_3.sequence_number = 3 frame_data_3.final_frame = False frame_data_3.ciphertext = b"zxcvbn" frame_data_4 = MagicMock() frame_data_4.sequence_number = 4 frame_data_4.final_frame = True frame_data_4.ciphertext = b"yuiohjk" self.mock_deserialize_frame.side_effect = ( (frame_data_1, False), (frame_data_2, False), (frame_data_3, False), (frame_data_4, True), ) self.mock_get_aad_content_string.side_effect = ( sentinel.aad_content_string_1, sentinel.aad_content_string_2, sentinel.aad_content_string_3, sentinel.aad_content_string_4, ) self.mock_assemble_content_aad.side_effect = ( sentinel.associated_data_1, sentinel.associated_data_2, sentinel.associated_data_3, sentinel.associated_data_4, ) self.mock_decrypt.side_effect = (b"123", b"456", b"789", b"0-=") test = test_decryptor._read_bytes_from_framed_body(12) self.mock_deserialize_frame.assert_has_calls( calls=( call(stream=test_decryptor.source_stream, header=test_decryptor._header, verifier=test_decryptor.verifier), call(stream=test_decryptor.source_stream, header=test_decryptor._header, verifier=test_decryptor.verifier), call(stream=test_decryptor.source_stream, header=test_decryptor._header, verifier=test_decryptor.verifier), call(stream=test_decryptor.source_stream, header=test_decryptor._header, verifier=test_decryptor.verifier), ), any_order=False, ) self.mock_get_aad_content_string.assert_has_calls( calls=( call(content_type=test_decryptor._header.content_type, is_final_frame=False), call(content_type=test_decryptor._header.content_type, is_final_frame=False), call(content_type=test_decryptor._header.content_type, is_final_frame=False), call(content_type=test_decryptor._header.content_type, is_final_frame=True), ), any_order=False, ) self.mock_assemble_content_aad.assert_has_calls( calls=( call( message_id=test_decryptor._header.message_id, aad_content_string=sentinel.aad_content_string_1, seq_num=1, length=4, ), call( message_id=test_decryptor._header.message_id, aad_content_string=sentinel.aad_content_string_2, seq_num=2, length=5, ), call( message_id=test_decryptor._header.message_id, aad_content_string=sentinel.aad_content_string_3, seq_num=3, length=6, ), call( message_id=test_decryptor._header.message_id, aad_content_string=sentinel.aad_content_string_4, seq_num=4, length=7, ), ), any_order=False, ) self.mock_decrypt.assert_has_calls( calls=( call( algorithm=test_decryptor._header.algorithm, key=sentinel.derived_data_key, encrypted_data=frame_data_1, associated_data=sentinel.associated_data_1, ), call( algorithm=test_decryptor._header.algorithm, key=sentinel.derived_data_key, encrypted_data=frame_data_2, associated_data=sentinel.associated_data_2, ), call( algorithm=test_decryptor._header.algorithm, key=sentinel.derived_data_key, encrypted_data=frame_data_3, associated_data=sentinel.associated_data_3, ), call( algorithm=test_decryptor._header.algorithm, key=sentinel.derived_data_key, encrypted_data=frame_data_4, associated_data=sentinel.associated_data_4, ), ), any_order=False, ) self.mock_deserialize_footer.assert_called_once_with( stream=test_decryptor.source_stream, verifier=test_decryptor.verifier) assert test == b"1234567890-="
def test_read_bytes_from_framed_body_multi_frame_finalize(self): ct_stream = io.BytesIO(VALUES['data_128']) test_decryptor = StreamDecryptor( key_provider=self.mock_key_provider, source=ct_stream ) test_decryptor.verifier = MagicMock() test_decryptor.data_key = MagicMock() test_decryptor._header = self.mock_header frame_data_1 = MagicMock() frame_data_1.sequence_number = 1 frame_data_1.final_frame = False frame_data_1.ciphertext = b'qwer' frame_data_2 = MagicMock() frame_data_2.sequence_number = 2 frame_data_2.final_frame = False frame_data_2.ciphertext = b'asdfg' frame_data_3 = MagicMock() frame_data_3.sequence_number = 3 frame_data_3.final_frame = False frame_data_3.ciphertext = b'zxcvbn' frame_data_4 = MagicMock() frame_data_4.sequence_number = 4 frame_data_4.final_frame = True frame_data_4.ciphertext = b'yuiohjk' self.mock_deserialize_frame.side_effect = ( (frame_data_1, False), (frame_data_2, False), (frame_data_3, False), (frame_data_4, True) ) self.mock_get_aad_content_string.side_effect = ( sentinel.aad_content_string_1, sentinel.aad_content_string_2, sentinel.aad_content_string_3, sentinel.aad_content_string_4 ) self.mock_assemble_content_aad.side_effect = ( sentinel.associated_data_1, sentinel.associated_data_2, sentinel.associated_data_3, sentinel.associated_data_4 ) self.mock_decrypt.side_effect = ( b'123', b'456', b'789', b'0-=' ) test = test_decryptor._read_bytes_from_framed_body(12) self.mock_deserialize_frame.assert_has_calls( calls=( call( stream=test_decryptor.source_stream, header=test_decryptor._header, verifier=test_decryptor.verifier ), call( stream=test_decryptor.source_stream, header=test_decryptor._header, verifier=test_decryptor.verifier ), call( stream=test_decryptor.source_stream, header=test_decryptor._header, verifier=test_decryptor.verifier ), call( stream=test_decryptor.source_stream, header=test_decryptor._header, verifier=test_decryptor.verifier ) ), any_order=False ) self.mock_get_aad_content_string.assert_has_calls( calls=( call(content_type=test_decryptor._header.content_type, is_final_frame=False), call(content_type=test_decryptor._header.content_type, is_final_frame=False), call(content_type=test_decryptor._header.content_type, is_final_frame=False), call(content_type=test_decryptor._header.content_type, is_final_frame=True) ), any_order=False ) self.mock_assemble_content_aad.assert_has_calls( calls=( call( message_id=test_decryptor._header.message_id, aad_content_string=sentinel.aad_content_string_1, seq_num=1, length=4 ), call( message_id=test_decryptor._header.message_id, aad_content_string=sentinel.aad_content_string_2, seq_num=2, length=5 ), call( message_id=test_decryptor._header.message_id, aad_content_string=sentinel.aad_content_string_3, seq_num=3, length=6 ), call( message_id=test_decryptor._header.message_id, aad_content_string=sentinel.aad_content_string_4, seq_num=4, length=7 ) ), any_order=False ) self.mock_decrypt.assert_has_calls( calls=( call( algorithm=test_decryptor._header.algorithm, key=test_decryptor.data_key.data_key, encrypted_data=frame_data_1, associated_data=sentinel.associated_data_1, message_id=test_decryptor._header.message_id ), call( algorithm=test_decryptor._header.algorithm, key=test_decryptor.data_key.data_key, encrypted_data=frame_data_2, associated_data=sentinel.associated_data_2, message_id=test_decryptor._header.message_id ), call( algorithm=test_decryptor._header.algorithm, key=test_decryptor.data_key.data_key, encrypted_data=frame_data_3, associated_data=sentinel.associated_data_3, message_id=test_decryptor._header.message_id ), call( algorithm=test_decryptor._header.algorithm, key=test_decryptor.data_key.data_key, encrypted_data=frame_data_4, associated_data=sentinel.associated_data_4, message_id=test_decryptor._header.message_id ) ), any_order=False ) self.mock_deserialize_footer.assert_called_once_with( stream=test_decryptor.source_stream, verifier=test_decryptor.verifier ) assert test_decryptor.source_stream.closed assert test == b'1234567890-='