def test_signed_request_verify_failure_invalid_signature(self):
request_data = data.copy()
signed = SecureEnough.signed_request_create(request_data, secret=app_secret)
self.assertRaises(
insecure_but_secure_enough.InvalidSignature,
lambda: SecureEnough.signed_request_verify(signed, secret=app_secret_wrong)
)
def test_signed_request_create_and_verify_with_timeout(self):
request_data = data.copy()
issued_at = int(time())
signed = SecureEnough.signed_request_create(request_data, secret=app_secret, issued_at=issued_at)
(verified, payload) = SecureEnough.signed_request_verify(signed, secret=app_secret, timeout=100)
self.assertTrue(verified)
self.assertTrue(_validate_signed_request_payload(payload, request_data))
def test_signed_request_create_and_verify_with_timeout_failure(self):
request_data = data.copy()
# pretend to issue this earlier...
issued_at = int(time()) - 10000
signed = SecureEnough.signed_request_create(request_data, secret=app_secret, issued_at=issued_at)
(verified, payload) = SecureEnough.signed_request_verify(signed, secret=app_secret, timeout=1000)
self.assertFalse(verified)
self.assertTrue(_validate_signed_request_payload(payload, request_data))
def test_signed_request_create_and_verify(self):
request_data = data.copy()
signed = SecureEnough.signed_request_create(request_data,
secret=app_secret)
(verified,
payload) = SecureEnough.signed_request_verify(signed,
secret=app_secret)
self.assertTrue(verified)
self.assertTrue(_validate_signed_request_payload(
payload, request_data))
def test_signed_request_invalid__json(self):
request_data = data.copy()
issued_at = int(time())
signed = SecureEnough.signed_request_create(request_data, secret=app_secret, issued_at=issued_at)
# alter the payload
signed = signed[::-1]
self.assertRaises(
insecure_but_secure_enough.InvalidPayload,
lambda: SecureEnough.signed_request_verify(signed, secret=app_secret)
)
def test_signed_request_create_and_verify_with_timeout(self):
request_data = data.copy()
issued_at = int(time())
signed = SecureEnough.signed_request_create(request_data,
secret=app_secret,
issued_at=issued_at)
(verified,
payload) = SecureEnough.signed_request_verify(signed,
secret=app_secret,
timeout=100)
self.assertTrue(verified)
self.assertTrue(_validate_signed_request_payload(
payload, request_data))
def test_signed_request_invalid__json(self):
request_data = data.copy()
issued_at = int(time())
signed = SecureEnough.signed_request_create(request_data,
secret=app_secret,
issued_at=issued_at)
# alter the payload
signed = signed[::-1]
self.assertRaises(
insecure_but_secure_enough.InvalidPayload,
lambda: SecureEnough.signed_request_verify(signed,
secret=app_secret))
def test_signed_request_create_and_verify_with_timeout_failure(self):
request_data = data.copy()
# pretend to issue this earlier...
issued_at = int(time()) - 10000
signed = SecureEnough.signed_request_create(request_data,
secret=app_secret,
issued_at=issued_at)
(verified,
payload) = SecureEnough.signed_request_verify(signed,
secret=app_secret,
timeout=1000)
self.assertFalse(verified)
self.assertTrue(_validate_signed_request_payload(
payload, request_data))
def test_signed_request_verify_failure_invalid_signature(self):
request_data = data.copy()
signed = SecureEnough.signed_request_create(request_data,
secret=app_secret)
self.assertRaises(
insecure_but_secure_enough.InvalidSignature, lambda: SecureEnough.
signed_request_verify(signed, secret=app_secret_wrong))
def _makeOne_obfuscation(self):
encryptionFactory = SecureEnough(
app_secret=app_secret,
use_obfuscation=True,
obfuscation_secret=app_secret,
)
return encryptionFactory
def test_signed_request_create_invalid_algoritm(self):
request_data = data.copy()
request_data['algorithm'] = 'md5'
self.assertRaises(
insecure_but_secure_enough.InvalidAlgorithm,
lambda: SecureEnough.signed_request_create(request_data,
secret=app_secret))
def _makeOne_encryption(self):
encryptionFactory = SecureEnough(
app_secret=app_secret,
use_rsa_encryption=True,
rsa_key_private=rsa_key_private,
rsa_key_private_passphrase=rsa_key_private_passphrase)
return encryptionFactory
def test_signed_request_create_invalid_algoritm(self):
request_data = data.copy()
request_data['algorithm'] = 'md5'
self.assertRaises(
insecure_but_secure_enough.InvalidAlgorithm,
lambda: SecureEnough.signed_request_create(request_data, secret=app_secret)
)
def ise_signed_request_decode():
valid = SecureEnough.signed_request_verify(computed['ise-signing:signed_request'], secret=global_app_secret)
def ise_signed_request_decode():
valid = SecureEnough.signed_request_verify(
computed['ise-signing:signed_request'], secret=global_app_secret)
def test_signed_request_verify_failure_invalid_algoritm(self):
request_data = data.copy()
self.assertRaises(
insecure_but_secure_enough.InvalidAlgorithm,
lambda: SecureEnough.signed_request_create(request_data, secret=app_secret, algorithm='md5')
)
def ise_signed_request_roundtrip():
signed = SecureEnough.signed_request_create(payload,
secret=global_app_secret)
valid = SecureEnough.signed_request_verify(signed,
secret=global_app_secret)
def test_signed_request_create_and_verify(self):
request_data = data.copy()
signed = SecureEnough.signed_request_create(request_data, secret=app_secret)
(verified, payload) = SecureEnough.signed_request_verify(signed, secret=app_secret)
self.assertTrue(verified)
self.assertTrue(_validate_signed_request_payload(payload, request_data))
cxpcKi/x4bktCW7JBPC/r9aZOy7wNr9vUvKBK8y3WbcDECNbm/puqfAUM5ljOlIA
kZSdMQIc9jwAuyrwR4TvcSWHmzIN4P1l6R2KL31ViQxwokrdFpL46eUovIiG69sG
qLMvdCqApHakhoed8JcllCws7ulDomv0L88KWCCtrvQQSb4l+PgNyQ==
-----END RSA PRIVATE KEY-----
"""
rsa_key_private_passphrase = """tweet"""
rsa_key_public = None
data = {'hello': 'howareyou',
}
# create a factory for encryption
encryptionFactory = SecureEnough(
app_secret = '517353cr37',
use_rsa_encryption = True,
rsa_key_private = rsa_key_private,
rsa_key_private_passphrase = rsa_key_private_passphrase
)
encryptionFactoryAES = SecureEnough(
app_secret = '517353cr37',
use_aes_encryption = True,
aes_secret = '123124',
)
# create a factory for signing
signingFactory = SecureEnough(
app_secret = '517353cr37',
use_rsa_encryption = False,
use_obfuscation = False
def ise_signed_request_roundtrip():
signed = SecureEnough.signed_request_create(payload, secret=global_app_secret)
valid = SecureEnough.signed_request_verify(signed, secret=global_app_secret)
def ise_signed_request_encode():
signed = SecureEnough.signed_request_create(payload, secret=global_app_secret)
def ise_signed_request_encode():
signed = SecureEnough.signed_request_create(payload,
secret=global_app_secret)
factories['ise-signing'] = SecureEnough(
app_secret = global_app_secret,
use_rsa_encryption = False,
use_obfuscation = False
)
# ##
# ## store some values for decryption tests
computed = {}
computed['ise-rsa'] = factories['ise-rsa'].encode(payload, hashtime=False)
computed['ise-aes'] = factories['ise-aes'].encode(payload, hashtime=False)
computed['ise-signing:serialized_plaintext_encode'] = factories['ise-signing'].serialized_plaintext_encode(payload)
computed['ise-signing:hmac_sha1_encode'] = factories['ise-signing'].hmac_sha1_encode(payload)
computed['ise-signing:hmac_sha256_encode'] = factories['ise-signing'].hmac_sha256_encode(payload)
computed['ise-signing:signed_request'] = SecureEnough.signed_request_create(payload, secret=global_app_secret)
# ## store the tests
tests = {}
# ##
# ## the test routines
# #
# # ise - RSA
# #
def ise_rsa_encrypt():
signed = factories['ise-rsa'].encode(payload, hashtime=False)
def test_signed_request_verify_failure_invalid_algoritm(self):
request_data = data.copy()
self.assertRaises(
insecure_but_secure_enough.InvalidAlgorithm,
lambda: SecureEnough.signed_request_create(
request_data, secret=app_secret, algorithm='md5'))
cxpcKi/x4bktCW7JBPC/r9aZOy7wNr9vUvKBK8y3WbcDECNbm/puqfAUM5ljOlIA
kZSdMQIc9jwAuyrwR4TvcSWHmzIN4P1l6R2KL31ViQxwokrdFpL46eUovIiG69sG
qLMvdCqApHakhoed8JcllCws7ulDomv0L88KWCCtrvQQSb4l+PgNyQ==
-----END RSA PRIVATE KEY-----
"""
rsa_key_private_passphrase = """tweet"""
rsa_key_public = None
data = {
'hello': 'howareyou',
}
# create a factory for encryption
encryptionFactory = SecureEnough(
app_secret='517353cr37',
use_rsa_encryption=True,
rsa_key_private=rsa_key_private,
rsa_key_private_passphrase=rsa_key_private_passphrase)
encryptionFactoryAES = SecureEnough(
app_secret='517353cr37',
use_aes_encryption=True,
aes_secret='123124',
)
# create a factory for signing
signingFactory = SecureEnough(app_secret='517353cr37',
use_rsa_encryption=False,
use_obfuscation=False)
print("")
BrMfGvi6PjpEE8oHyiiF3KKiaP+HHg+EIaPirNginsHrh3QcdJkbZpefn3NbbfyS
9bsI1P69yH2MLEU/KYSXy9XhmjbwtKUYpyQJOHOmO6J74J7D3rGQl/omG+xSSIX0
r2y2S3Cph/mCv9zVh4ZaishU0VQE/feQNkZzZj/Mr/ck0mqm4kGvP0DJcl8o9XTC
aD1YsUGNmGbQMOt330HXmDFfSo8aH3BpcKU40mBw636HIh8gsNDHguEQxEQDx1La
cxpcKi/x4bktCW7JBPC/r9aZOy7wNr9vUvKBK8y3WbcDECNbm/puqfAUM5ljOlIA
kZSdMQIc9jwAuyrwR4TvcSWHmzIN4P1l6R2KL31ViQxwokrdFpL46eUovIiG69sG
qLMvdCqApHakhoed8JcllCws7ulDomv0L88KWCCtrvQQSb4l+PgNyQ==
-----END RSA PRIVATE KEY-----
"""
rsa_key_private_passphrase = """tweet"""
rsa_key_public = None
factories = {}
factories['ise-rsa'] = SecureEnough(
app_secret=global_app_secret,
use_rsa_encryption=True,
rsa_key_private=rsa_key_private,
rsa_key_private_passphrase=rsa_key_private_passphrase,
)
factories['ise-aes'] = SecureEnough(
app_secret=global_app_secret,
use_aes_encryption=True,
aes_secret=global_app_secret,
)
factories['ise-signing'] = SecureEnough(app_secret=global_app_secret,
use_rsa_encryption=False,
use_obfuscation=False)
# ##
# ## store some values for decryption tests
computed = {}
computed['ise-rsa'] = factories['ise-rsa'].encode(payload, hashtime=False)