def test_signedmessage_happy():
sm = SignedMessage.sign(Stub(420), SK)
assert sm.is_valid()
assert sm.msg == Stub(420)
assert sm.is_valid()
m, pk = sm.unwrap()
assert m == Stub(420)
assert pk == SK.pubkey
def test_encryptedmessage_crypt_identity_3():
# EncryptedMessage can store a EncryptedMessage, thorela at the time of
# writing, there's no need for this. It's just for completeness
ek_sub = Enckey.gen()
m_in = EncryptedMessage.enc(Stub(29874), ek_sub)
m_out = EncryptedMessage.enc(m_in, EK).dec(EK)
assert m_in == m_out
def test_getinfo_not_getinfo():
db_conn = get_db()
# not a GetInfo
gi = SignedMessage.sign(Stub(1), SK1)
gir = server.handle_getinfo(db_conn, gi)
assert isinstance(gir, getinfo.GetInfoResp)
assert not gir.ok
assert gir.err == getinfo.GetInfoRespErr.Malformed
def test_account_req_resp_malformed():
db_conn = get_db()
sk = crypto.Seckey((333).to_bytes(32, byteorder='big'))
# Supposed to be signing an AccountReq, but instead signing a junk message
req = SignedMessage.sign(Stub(420), sk)
resp = server.handle_account_request(db_conn, req)
assert resp.cred is None
assert resp.err == account.AuthRespErr.Malformed
def test_authchallengeresp_not_authreq():
db_conn = get_db()
# Sign something other than an AuthChallengeResp
smsg = SignedMessage.sign(Stub(1), SK1)
resp = server.handle_authchallengeresp(db_conn, smsg)
assert isinstance(resp, account.AuthResp)
assert resp.cred is None
assert resp.err == account.AuthRespErr.Malformed
def test_signedmessage_malformed():
sm = SignedMessage.sign(Stub(420), SK)
sm.msg_bytes = b'fooooo'
assert not sm.is_valid()
with pytest.raises(AssertionError):
sm.unwrap()
with pytest.raises(AssertionError):
sm.msg
def test_location_update_badecred_1():
db_conn = get_db()
u = db.user_with_pk(db_conn, U1.pk)
loc = location.Location(u, loca.Coords(42, 69), time.time())
# use a Stub instead of encrypted signed AccountCred
lu = location.LocationUpdate(loc, Stub(90210))
slu = SignedMessage.sign(lu, SK1)
resp = server.handle_location_update(db_conn, slu)
assert not resp.ok
assert resp.cred is None # TODO
assert resp.err == location.LocationUpdateRespErr.Malformed
def test_location_update_malformed():
db_conn = get_db()
u = db.user_with_pk(db_conn, U1.pk)
_ = get_cred(u)
# Sign a Stub instead of a LocationUpate
slu = SignedMessage.sign(Stub(90210), SK1)
resp = server.handle_location_update(db_conn, slu)
assert type(resp) == location.LocationUpdateResp
assert not resp.ok
assert resp.cred is None # TODO
assert resp.err == location.LocationUpdateRespErr.Malformed
def get_credchal(
u: user.User,
cls: Type[Union[account.AccountCred, account.AuthChallenge]],
expire: float,
scred_stub: bool = False,
scred_munge: bool = False,
cred_stub: bool = False,
cred_wrong_key: bool = False,
cred_expired: bool = False,
cred_wrong_user: bool = False,
) -> EncryptedMessage:
if scred_stub:
ecred = EncryptedMessage.enc(Stub(34444), server.ENCKEY)
elif scred_munge:
cred = cls(u, expire)
scred = SignedMessage.sign(cred, server.IDKEY)
scred.msg_bytes = b'fooooo'
ecred = EncryptedMessage.enc(scred, server.ENCKEY)
elif cred_stub:
scred = SignedMessage.sign(Stub(2342), server.IDKEY)
ecred = EncryptedMessage.enc(scred, server.ENCKEY)
elif cred_wrong_key:
sk = crypto.Seckey((9879).to_bytes(32, byteorder='big'))
cred = cls(u, expire)
scred = SignedMessage.sign(cred, sk)
ecred = EncryptedMessage.enc(scred, server.ENCKEY)
elif cred_expired:
cred = cls(u, time.time() - 0.00001)
scred = SignedMessage.sign(cred, server.IDKEY)
ecred = EncryptedMessage.enc(scred, server.ENCKEY)
elif cred_wrong_user:
assert u != U2
fake_u = user.User(U2.nick, U2.pk, rowid=11)
cred = cls(fake_u, expire)
scred = SignedMessage.sign(cred, server.IDKEY)
ecred = EncryptedMessage.enc(scred, server.ENCKEY)
else:
cred = cls(u, expire)
scred = SignedMessage.sign(cred, server.IDKEY)
ecred = EncryptedMessage.enc(scred, server.ENCKEY)
return ecred
def test_encryptedmessage_crypt_identity_2():
# EncryptedMessage can store a SignedMessage
m_in = SignedMessage.sign(Stub(29874987), SK)
m_out = EncryptedMessage.enc(m_in, EK).dec(EK)
assert m_in == m_out
def test_authresp_dict_no_cred():
d = account.AuthResp(Stub(1), None).to_dict()
del d['cred']
assert account.AuthResp.from_dict(d) is None
def test_encryptmessage_dict_identity_3():
ek_sub = Enckey.gen()
first = EncryptedMessage.enc(EncryptedMessage.enc(Stub(420), ek_sub), EK)
second = EncryptedMessage.from_dict(first.to_dict())
assert first == second
def test_encryptedmessage_crypt_identity_1():
# EncryptedMessage can store a Message
m_in = Stub(29873987)
m_out = EncryptedMessage.enc(m_in, EK).dec(EK)
assert m_in == m_out
def test_encryptmessage_malformed():
em = EncryptedMessage.enc(Stub(420), EK)
em.ctext_nonce = b'nnnnnnnnnnnnnnnnnnnnnnnncccccccc'
with pytest.raises(nacl.exceptions.CryptoError):
em.dec(EK)
def test_encryptmessage_dict_identity_2():
first = EncryptedMessage.enc(SignedMessage.sign(Stub(420), SK), EK)
second = EncryptedMessage.from_dict(first.to_dict())
assert first == second
def test_authchallenegeresp_dict_identity():
echal = EncryptedMessage.enc(Stub(1), EK)
first = account.AuthChallengeResp(echal)
second = account.AuthChallengeResp.from_dict(first.to_dict())
assert first == second
def test_authresp_dict_bad_cred():
d = account.AuthResp(Stub(1), None).to_dict()
assert account.AuthResp.from_dict(d) is None
def test_authchallengeresp_dict_no_enc_chal():
echal = EncryptedMessage.enc(Stub(1), EK)
d = account.AuthChallengeResp(echal).to_dict()
del d['enc_chal']
assert account.AuthChallengeResp.from_dict(d) is None
def test_getinfo_dict_bad_ecred():
gi = GetInfo(U.pk, really_fake_cred())
d = gi.to_dict()
d['cred'] = Stub(1).to_dict()
assert GetInfo.from_dict(d) is None
def test_signedmessage_dict_identity():
first = SignedMessage.sign(Stub(420), SK)
second = SignedMessage.from_dict(first.to_dict())
assert first == second
def test_authchallengeresp_str():
echal = EncryptedMessage.enc(Stub(1), EK)
acr = account.AuthChallengeResp(echal)
s = 'AuthChallengeResp<%s>' % (echal, )
assert str(acr) == s
def test_authchallengeresp_dict_bad_enc_chal():
d = account.AuthChallengeResp(Stub(1)).to_dict()
assert account.AuthChallengeResp.from_dict(d) is None
def really_fake_cred() -> EncryptedMessage:
return EncryptedMessage.enc(Stub(1), crypto.Enckey.gen())
def test_locationupdate_from_dict_invalid_3():
cred = fake_cred()
lu = LocationUpdate(Location(U, Stub(1), time.time()), cred)
assert isinstance(lu, LocationUpdate)
lu = LocationUpdate.from_dict(lu.to_dict())
assert lu is None
def test_getinforesp_eq_stub():
assert GetInfoResp(None) != Stub(1)
def test_locationupdateresp_equal_stub():
lur = LocationUpdateResp(fake_cred(), None)
assert lur != Stub(1)