def test_write_read(self): keyset = example_keyset() stream = io.BytesIO() writer = core.BinaryKeysetWriter(stream) writer.write(keyset) reader = core.BinaryKeysetReader(stream.getvalue()) self.assertEqual(keyset, reader.read())
def test_write(self): handle = cleartext_keyset_handle.CleartextKeysetHandle.generate_new( mac.mac_key_templates.HMAC_SHA256_128BITTAG) output_stream = io.BytesIO() writer = core.BinaryKeysetWriter(output_stream) handle.write(writer) reader = core.BinaryKeysetReader(output_stream.getvalue()) handle2 = cleartext_keyset_handle.CleartextKeysetHandle.read(reader) # Check that handle2 has the same primitive as handle. handle2.primitive(mac.Mac).verify_mac( handle.primitive(mac.Mac).compute_mac(b'data'), b'data')
def test_read_encrypted(self): encrypted_keyset = tink_pb2.EncryptedKeyset() encrypted_keyset.encrypted_keyset = b'c29tZSBjaXBoZXJ0ZXh0IHdpdGgga2V5c2V0' encrypted_keyset.keyset_info.primary_key_id = 42 key_info = encrypted_keyset.keyset_info.key_info.add() key_info.type_url = 'type.googleapis.com/google.crypto.tink.AesGcmKey' key_info.output_prefix_type = tink_pb2.TINK key_info.key_id = 42 key_info.status = tink_pb2.ENABLED reader = core.BinaryKeysetReader(encrypted_keyset.SerializeToString()) self.assertEqual(encrypted_keyset, reader.read_encrypted())
def test_read_no_secret(self): private_handle = core.new_keyset_handle( hybrid.hybrid_key_templates.ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM) public_handle = private_handle.public_keyset_handle() output_stream_pub = io.BytesIO() writer = core.BinaryKeysetWriter(output_stream_pub) writer.write(public_handle._keyset) output_stream_priv = io.BytesIO() writer = core.BinaryKeysetWriter(output_stream_priv) writer.write(private_handle._keyset) reader = core.BinaryKeysetReader(output_stream_pub.getvalue()) core.read_no_secret_keyset_handle(reader) with self.assertRaisesRegex(core.TinkError, 'keyset contains secret key material'): reader = core.BinaryKeysetReader(output_stream_priv.getvalue()) core.read_no_secret_keyset_handle(reader)
def test_read(self): keyset = tink_pb2.Keyset() keyset.primary_key_id = 42 key = keyset.key.add() key.key_data.type_url = 'type.googleapis.com/google.crypto.tink.AesGcmKey' key.key_data.key_material_type = tink_pb2.KeyData.SYMMETRIC key.key_data.value = b'GhCS/1+ejWpx68NfGt6ziYHd' key.output_prefix_type = tink_pb2.TINK key.key_id = 42 key.status = tink_pb2.ENABLED reader = core.BinaryKeysetReader(keyset.SerializeToString()) self.assertEqual(keyset, reader.read())
def test_write_encrypted(self): handle = core.new_keyset_handle(mac.mac_key_templates.HMAC_SHA256_128BITTAG) # Encrypt the keyset with Aead. master_key_aead = _master_key_aead() output_stream = io.BytesIO() writer = core.BinaryKeysetWriter(output_stream) handle.write(writer, master_key_aead) reader = core.BinaryKeysetReader(output_stream.getvalue()) handle2 = core.read_keyset_handle(reader, master_key_aead) # Check that handle2 has the same primitive as handle. handle2.primitive(mac.Mac).verify_mac( handle.primitive(mac.Mac).compute_mac(b'data'), b'data')
def test_read_empty_keyset_fails(self): with self.assertRaisesRegex(core.TinkError, 'No keyset found'): core.read_keyset_handle(core.BinaryKeysetReader(b''), _master_key_aead())
def test_read_empty_keyset_fails(self): with self.assertRaisesRegex(core.TinkError, 'No keyset found'): cleartext_keyset_handle.CleartextKeysetHandle.read( core.BinaryKeysetReader(b''))
def test_read_none(self): with self.assertRaisesRegex(core.TinkError, 'No keyset found'): reader = core.BinaryKeysetReader(None) reader.read()
def test_read_encrypted_invalid(self): with self.assertRaisesRegex(core.TinkError, 'Wrong wire type'): reader = core.BinaryKeysetReader(b'some weird data') reader.read_encrypted()
def test_read_encrypted_empty(self): with self.assertRaisesRegex(core.TinkError, 'No keyset found'): reader = core.BinaryKeysetReader('') reader.read_encrypted()