def test_read_header_no_verifier(self, mock_derive_datakey, mock_decrypt_materials_request, mock_verifier): self.mock_materials_manager.decrypt_materials.return_value = MagicMock( data_key=VALUES["data_key_obj"], verification_key=None ) test_decryptor = StreamDecryptor(materials_manager=self.mock_materials_manager, source=self.mock_input_stream) test_decryptor.key_provider = self.mock_key_provider test_decryptor.source_stream = self.mock_input_stream test_decryptor._stream_length = len(VALUES["data_128"]) test_decryptor._read_header() assert test_decryptor.verifier is None
def test_read_header_no_verifier(self, mock_init): self.mock_verifier_from_header.return_value = None mock_init.return_value = None test_decryptor = StreamDecryptor( key_provider=self.mock_key_provider, source=self.mock_input_stream ) test_decryptor.key_provider = self.mock_key_provider test_decryptor.source_stream = self.mock_input_stream test_decryptor._stream_length = len(VALUES['data_128']) test_decryptor._read_header()
def test_read_header_frame_too_large(self, mock_derive_datakey): self.mock_header.content_type = ContentType.FRAMED_DATA self.mock_header.frame_length = 1024 ct_stream = io.BytesIO(VALUES["data_128"]) test_decryptor = StreamDecryptor(key_provider=self.mock_key_provider, source=ct_stream, max_body_length=10) test_decryptor.key_provider = self.mock_key_provider test_decryptor.source_stream = ct_stream test_decryptor._stream_length = len(VALUES["data_128"]) with pytest.raises(CustomMaximumValueExceeded) as excinfo: test_decryptor._read_header() excinfo.match( "Frame Size in header found larger than custom value: {found} > {custom}".format(found=1024, custom=10) )
def test_read_header_frame_too_large(self, mock_init, mock_derive_datakey): self.mock_header.content_type = ContentType.FRAMED_DATA self.mock_header.frame_length = 1024 mock_init.return_value = None ct_stream = io.BytesIO(VALUES['data_128']) test_decryptor = StreamDecryptor(key_provider=self.mock_key_provider, source=ct_stream, max_body_length=10) test_decryptor.key_provider = self.mock_key_provider test_decryptor.source_stream = ct_stream test_decryptor._stream_length = len(VALUES['data_128']) with six.assertRaisesRegex( self, CustomMaximumValueExceeded, 'Frame Size in header found larger than custom value: {found} > {custom}' .format(found=1024, custom=10)): test_decryptor._read_header()
def test_commitment_committing_algorithm_policy_allows_check_passes( self, mock_derive_datakey, mock_decrypt_materials_request, mock_verifier, policy): """Verifies that when the commitment check passes for a committing algorithm on decrypt, we successfully read the header.""" self.mock_header.algorithm = MagicMock( __class__=Algorithm, iv_len=12, is_committing=MagicMock(return_value=True)) test_decryptor = StreamDecryptor( materials_manager=self.mock_materials_manager, source=self.mock_input_stream, commitment_policy=policy, ) test_decryptor.key_provider = self.mock_key_provider test_decryptor.source_stream = self.mock_input_stream test_decryptor._stream_length = len(VALUES["data_128"]) test_decryptor._read_header() self.mock_deserialize_header.assert_called_once_with( self.mock_input_stream)
def test_read_header(self, mock_init): mock_verifier = MagicMock() self.mock_verifier_from_header.return_value = mock_verifier mock_init.return_value = None ct_stream = io.BytesIO(VALUES['data_128']) test_decryptor = StreamDecryptor( key_provider=self.mock_key_provider, source=ct_stream ) test_decryptor.key_provider = self.mock_key_provider test_decryptor.source_stream = ct_stream test_decryptor._stream_length = len(VALUES['data_128']) test_header, test_header_auth = test_decryptor._read_header() self.mock_deserialize_header.assert_called_once_with(ct_stream) self.mock_verifier_from_header.assert_called_once_with(self.mock_header) mock_verifier.update.assert_called_once_with(b'') self.mock_deserialize_header_auth.assert_called_once_with( stream=ct_stream, algorithm=sentinel.algorithm, verifier=mock_verifier ) self.mock_key_provider.decrypt_data_key_from_list.assert_called_once_with( encrypted_data_keys=sentinel.encrypted_data_keys, algorithm=sentinel.algorithm, encryption_context=sentinel.encryption_context ) self.mock_validate_header.assert_called_once_with( header=self.mock_header, header_auth=sentinel.header_auth, stream=ct_stream, header_start=0, header_end=0, # Because we mock out deserialize_header, this stays at the start of the stream data_key=VALUES['data_key_obj'] ) assert test_header is self.mock_header assert test_header_auth is sentinel.header_auth