def test_read_bytes_from_framed_body_single_frame(self):
ct_stream = io.BytesIO(VALUES["data_128"])
test_decryptor = StreamDecryptor(
materials_manager=self.mock_materials_manager,
source=ct_stream,
commitment_policy=self.mock_commitment_policy,
)
test_decryptor.verifier = MagicMock()
test_decryptor.data_key = MagicMock()
test_decryptor._header = self.mock_header
test_decryptor._derived_data_key = sentinel.derived_data_key
frame_data = MagicMock()
frame_data.sequence_number = 1
frame_data.final_frame = False
frame_data.ciphertext = b"asdfzxcv"
self.mock_deserialize_frame.return_value = (frame_data, False)
self.mock_get_aad_content_string.return_value = sentinel.aad_content_string
self.mock_assemble_content_aad.return_value = sentinel.associated_data
self.mock_decrypt.return_value = b"1234"
test = test_decryptor._read_bytes_from_framed_body(4)
self.mock_deserialize_frame.assert_called_once_with(
stream=test_decryptor.source_stream,
header=test_decryptor._header,
verifier=test_decryptor.verifier)
assert not self.mock_deserialize_footer.called
assert test == b"1234"
def test_read_bytes_from_non_framed_finalize(self):
ct_stream = io.BytesIO(VALUES["data_128"])
test_decryptor = StreamDecryptor(
materials_manager=self.mock_materials_manager,
source=ct_stream,
commitment_policy=self.mock_commitment_policy,
)
test_decryptor.body_length = len(VALUES["data_128"])
test_decryptor.decryptor = self.mock_decryptor_instance
test_decryptor.verifier = MagicMock()
test_decryptor._header = self.mock_header
test_decryptor._derived_data_key = sentinel.derived_data_key
test_decryptor._unframed_body_iv = sentinel.unframed_body_iv
self.mock_decryptor_instance.update.return_value = b"1234"
self.mock_decryptor_instance.finalize.return_value = b"5678"
test = test_decryptor._read_bytes_from_non_framed_body(
len(VALUES["data_128"]) + 1)
test_decryptor.verifier.update.assert_called_once_with(
VALUES["data_128"])
self.mock_decryptor_instance.update.assert_called_once_with(
VALUES["data_128"])
self.mock_deserialize_footer.assert_called_once_with(
stream=test_decryptor.source_stream,
verifier=test_decryptor.verifier)
assert test == b"12345678"
def test_prep_non_framed(self):
test_decryptor = StreamDecryptor(key_provider=self.mock_key_provider,
source=self.mock_input_stream)
test_decryptor._header = self.mock_header
test_decryptor.verifier = sentinel.verifier
test_decryptor._derived_data_key = sentinel.derived_data_key
test_decryptor._prep_non_framed()
self.mock_deserialize_non_framed_values.assert_called_once_with(
stream=self.mock_input_stream,
header=self.mock_header,
verifier=sentinel.verifier)
assert test_decryptor.body_length == len(VALUES['data_128'])
self.mock_get_aad_content_string.assert_called_once_with(
content_type=self.mock_header.content_type, is_final_frame=True)
self.mock_assemble_content_aad.assert_called_once_with(
message_id=self.mock_header.message_id,
aad_content_string=sentinel.aad_content_string,
seq_num=1,
length=len(VALUES['data_128']))
self.mock_decryptor.assert_called_once_with(
algorithm=self.mock_header.algorithm,
key=sentinel.derived_data_key,
associated_data=sentinel.associated_data,
iv=sentinel.iv,
tag=sentinel.tag)
assert test_decryptor.decryptor is self.mock_decryptor_instance
assert test_decryptor.body_start == 0
assert test_decryptor.body_end == len(VALUES['data_128'])
def test_read_bytes_from_non_framed_no_verifier(self):
ct_stream = io.BytesIO(VALUES["data_128"])
test_decryptor = StreamDecryptor(key_provider=self.mock_key_provider, source=ct_stream)
test_decryptor.body_length = len(VALUES["data_128"])
test_decryptor.decryptor = self.mock_decryptor_instance
test_decryptor._header = self.mock_header
test_decryptor._derived_data_key = sentinel.derived_data_key
test_decryptor._unframed_body_iv = sentinel.unframed_body_iv
test_decryptor.verifier = None
self.mock_decryptor_instance.update.return_value = b"1234"
test_decryptor._read_bytes_from_non_framed_body(5)
def test_prep_non_framed(self):
test_decryptor = StreamDecryptor(key_provider=self.mock_key_provider, source=self.mock_input_stream)
test_decryptor._header = self.mock_header
test_decryptor.verifier = sentinel.verifier
test_decryptor._derived_data_key = sentinel.derived_data_key
test_decryptor._prep_non_framed()
self.mock_deserialize_non_framed_values.assert_called_once_with(
stream=test_decryptor.source_stream, header=self.mock_header, verifier=sentinel.verifier
)
assert test_decryptor.body_length == len(VALUES["data_128"])
assert test_decryptor._body_start == self.mock_header.algorithm.iv_len + 8
assert test_decryptor._body_end == self.mock_header.algorithm.iv_len + 8 + len(VALUES["data_128"])
def test_read_bytes_from_non_framed(self):
ct_stream = io.BytesIO(VALUES["data_128"])
test_decryptor = StreamDecryptor(
materials_manager=self.mock_materials_manager,
source=ct_stream,
commitment_policy=self.mock_commitment_policy,
)
test_decryptor.body_length = len(VALUES["data_128"])
test_decryptor.decryptor = self.mock_decryptor_instance
test_decryptor._header = self.mock_header
test_decryptor.verifier = MagicMock()
test_decryptor._derived_data_key = sentinel.derived_data_key
test_decryptor._unframed_body_iv = sentinel.unframed_body_iv
self.mock_decryptor_instance.update.return_value = b"1234"
self.mock_decryptor_instance.finalize.return_value = b"5678"
test = test_decryptor._read_bytes_from_non_framed_body(5)
self.mock_deserialize_tag.assert_called_once_with(
stream=test_decryptor.source_stream,
header=test_decryptor._header,
verifier=test_decryptor.verifier)
self.mock_get_aad_content_string.assert_called_once_with(
content_type=self.mock_header.content_type, is_final_frame=True)
self.mock_assemble_content_aad.assert_called_once_with(
message_id=self.mock_header.message_id,
aad_content_string=sentinel.aad_content_string,
seq_num=1,
length=len(VALUES["data_128"]),
)
self.mock_decryptor.assert_called_once_with(
algorithm=self.mock_header.algorithm,
key=sentinel.derived_data_key,
associated_data=sentinel.associated_data,
iv=sentinel.unframed_body_iv,
tag=sentinel.tag,
)
assert test_decryptor.decryptor is self.mock_decryptor_instance
test_decryptor.verifier.update.assert_called_once_with(
VALUES["data_128"])
self.mock_decryptor_instance.update.assert_called_once_with(
VALUES["data_128"])
assert test == b"12345678"
def test_read_bytes_from_framed_body_multi_frame_finalize(self):
ct_stream = io.BytesIO(VALUES["data_128"])
test_decryptor = StreamDecryptor(
materials_manager=self.mock_materials_manager,
source=ct_stream,
commitment_policy=self.mock_commitment_policy,
)
test_decryptor.verifier = MagicMock()
test_decryptor.data_key = MagicMock()
test_decryptor._header = self.mock_header
test_decryptor._derived_data_key = sentinel.derived_data_key
frame_data_1 = MagicMock()
frame_data_1.sequence_number = 1
frame_data_1.final_frame = False
frame_data_1.ciphertext = b"qwer"
frame_data_2 = MagicMock()
frame_data_2.sequence_number = 2
frame_data_2.final_frame = False
frame_data_2.ciphertext = b"asdfg"
frame_data_3 = MagicMock()
frame_data_3.sequence_number = 3
frame_data_3.final_frame = False
frame_data_3.ciphertext = b"zxcvbn"
frame_data_4 = MagicMock()
frame_data_4.sequence_number = 4
frame_data_4.final_frame = True
frame_data_4.ciphertext = b"yuiohjk"
self.mock_deserialize_frame.side_effect = (
(frame_data_1, False),
(frame_data_2, False),
(frame_data_3, False),
(frame_data_4, True),
)
self.mock_get_aad_content_string.side_effect = (
sentinel.aad_content_string_1,
sentinel.aad_content_string_2,
sentinel.aad_content_string_3,
sentinel.aad_content_string_4,
)
self.mock_assemble_content_aad.side_effect = (
sentinel.associated_data_1,
sentinel.associated_data_2,
sentinel.associated_data_3,
sentinel.associated_data_4,
)
self.mock_decrypt.side_effect = (b"123", b"456", b"789", b"0-=")
test = test_decryptor._read_bytes_from_framed_body(12)
self.mock_deserialize_frame.assert_has_calls(
calls=(
call(stream=test_decryptor.source_stream,
header=test_decryptor._header,
verifier=test_decryptor.verifier),
call(stream=test_decryptor.source_stream,
header=test_decryptor._header,
verifier=test_decryptor.verifier),
call(stream=test_decryptor.source_stream,
header=test_decryptor._header,
verifier=test_decryptor.verifier),
call(stream=test_decryptor.source_stream,
header=test_decryptor._header,
verifier=test_decryptor.verifier),
),
any_order=False,
)
self.mock_get_aad_content_string.assert_has_calls(
calls=(
call(content_type=test_decryptor._header.content_type,
is_final_frame=False),
call(content_type=test_decryptor._header.content_type,
is_final_frame=False),
call(content_type=test_decryptor._header.content_type,
is_final_frame=False),
call(content_type=test_decryptor._header.content_type,
is_final_frame=True),
),
any_order=False,
)
self.mock_assemble_content_aad.assert_has_calls(
calls=(
call(
message_id=test_decryptor._header.message_id,
aad_content_string=sentinel.aad_content_string_1,
seq_num=1,
length=4,
),
call(
message_id=test_decryptor._header.message_id,
aad_content_string=sentinel.aad_content_string_2,
seq_num=2,
length=5,
),
call(
message_id=test_decryptor._header.message_id,
aad_content_string=sentinel.aad_content_string_3,
seq_num=3,
length=6,
),
call(
message_id=test_decryptor._header.message_id,
aad_content_string=sentinel.aad_content_string_4,
seq_num=4,
length=7,
),
),
any_order=False,
)
self.mock_decrypt.assert_has_calls(
calls=(
call(
algorithm=test_decryptor._header.algorithm,
key=sentinel.derived_data_key,
encrypted_data=frame_data_1,
associated_data=sentinel.associated_data_1,
),
call(
algorithm=test_decryptor._header.algorithm,
key=sentinel.derived_data_key,
encrypted_data=frame_data_2,
associated_data=sentinel.associated_data_2,
),
call(
algorithm=test_decryptor._header.algorithm,
key=sentinel.derived_data_key,
encrypted_data=frame_data_3,
associated_data=sentinel.associated_data_3,
),
call(
algorithm=test_decryptor._header.algorithm,
key=sentinel.derived_data_key,
encrypted_data=frame_data_4,
associated_data=sentinel.associated_data_4,
),
),
any_order=False,
)
self.mock_deserialize_footer.assert_called_once_with(
stream=test_decryptor.source_stream,
verifier=test_decryptor.verifier)
assert test == b"1234567890-="
def test_read_bytes_from_framed_body_multi_frame_finalize(self):
ct_stream = io.BytesIO(VALUES['data_128'])
test_decryptor = StreamDecryptor(key_provider=self.mock_key_provider,
source=ct_stream)
test_decryptor.verifier = MagicMock()
test_decryptor.data_key = MagicMock()
test_decryptor._header = self.mock_header
test_decryptor._derived_data_key = sentinel.derived_data_key
frame_data_1 = MagicMock()
frame_data_1.sequence_number = 1
frame_data_1.final_frame = False
frame_data_1.ciphertext = b'qwer'
frame_data_2 = MagicMock()
frame_data_2.sequence_number = 2
frame_data_2.final_frame = False
frame_data_2.ciphertext = b'asdfg'
frame_data_3 = MagicMock()
frame_data_3.sequence_number = 3
frame_data_3.final_frame = False
frame_data_3.ciphertext = b'zxcvbn'
frame_data_4 = MagicMock()
frame_data_4.sequence_number = 4
frame_data_4.final_frame = True
frame_data_4.ciphertext = b'yuiohjk'
self.mock_deserialize_frame.side_effect = ((frame_data_1, False),
(frame_data_2, False),
(frame_data_3, False),
(frame_data_4, True))
self.mock_get_aad_content_string.side_effect = (
sentinel.aad_content_string_1, sentinel.aad_content_string_2,
sentinel.aad_content_string_3, sentinel.aad_content_string_4)
self.mock_assemble_content_aad.side_effect = (
sentinel.associated_data_1, sentinel.associated_data_2,
sentinel.associated_data_3, sentinel.associated_data_4)
self.mock_decrypt.side_effect = (b'123', b'456', b'789', b'0-=')
test = test_decryptor._read_bytes_from_framed_body(12)
self.mock_deserialize_frame.assert_has_calls(
calls=(call(stream=test_decryptor.source_stream,
header=test_decryptor._header,
verifier=test_decryptor.verifier),
call(stream=test_decryptor.source_stream,
header=test_decryptor._header,
verifier=test_decryptor.verifier),
call(stream=test_decryptor.source_stream,
header=test_decryptor._header,
verifier=test_decryptor.verifier),
call(stream=test_decryptor.source_stream,
header=test_decryptor._header,
verifier=test_decryptor.verifier)),
any_order=False)
self.mock_get_aad_content_string.assert_has_calls(
calls=(call(content_type=test_decryptor._header.content_type,
is_final_frame=False),
call(content_type=test_decryptor._header.content_type,
is_final_frame=False),
call(content_type=test_decryptor._header.content_type,
is_final_frame=False),
call(content_type=test_decryptor._header.content_type,
is_final_frame=True)),
any_order=False)
self.mock_assemble_content_aad.assert_has_calls(
calls=(call(message_id=test_decryptor._header.message_id,
aad_content_string=sentinel.aad_content_string_1,
seq_num=1,
length=4),
call(message_id=test_decryptor._header.message_id,
aad_content_string=sentinel.aad_content_string_2,
seq_num=2,
length=5),
call(message_id=test_decryptor._header.message_id,
aad_content_string=sentinel.aad_content_string_3,
seq_num=3,
length=6),
call(message_id=test_decryptor._header.message_id,
aad_content_string=sentinel.aad_content_string_4,
seq_num=4,
length=7)),
any_order=False)
self.mock_decrypt.assert_has_calls(
calls=(call(algorithm=test_decryptor._header.algorithm,
key=sentinel.derived_data_key,
encrypted_data=frame_data_1,
associated_data=sentinel.associated_data_1),
call(algorithm=test_decryptor._header.algorithm,
key=sentinel.derived_data_key,
encrypted_data=frame_data_2,
associated_data=sentinel.associated_data_2),
call(algorithm=test_decryptor._header.algorithm,
key=sentinel.derived_data_key,
encrypted_data=frame_data_3,
associated_data=sentinel.associated_data_3),
call(algorithm=test_decryptor._header.algorithm,
key=sentinel.derived_data_key,
encrypted_data=frame_data_4,
associated_data=sentinel.associated_data_4)),
any_order=False)
self.mock_deserialize_footer.assert_called_once_with(
stream=test_decryptor.source_stream,
verifier=test_decryptor.verifier)
assert test_decryptor.source_stream.closed
assert test == b'1234567890-='
