def test_write_raises_error_when_decrypt_not_possible(self): handle = core.new_keyset_handle( mac.mac_key_templates.HMAC_SHA256_128BITTAG) writer = core.BinaryKeysetWriter(io.BytesIO()) with self.assertRaisesRegex(core.TinkError, 'invalid keyset, corrupted key material'): handle.write(writer, BadAead1())
def test_write_read(self): keyset = example_keyset() stream = io.BytesIO() writer = core.BinaryKeysetWriter(stream) writer.write(keyset) reader = core.BinaryKeysetReader(stream.getvalue()) self.assertEqual(keyset, reader.read())
def test_write(self): handle = cleartext_keyset_handle.CleartextKeysetHandle.generate_new( mac.mac_key_templates.HMAC_SHA256_128BITTAG) output_stream = io.BytesIO() writer = core.BinaryKeysetWriter(output_stream) handle.write(writer) reader = core.BinaryKeysetReader(output_stream.getvalue()) handle2 = cleartext_keyset_handle.CleartextKeysetHandle.read(reader) # Check that handle2 has the same primitive as handle. handle2.primitive(mac.Mac).verify_mac( handle.primitive(mac.Mac).compute_mac(b'data'), b'data')
def test_read_no_secret(self): private_handle = core.new_keyset_handle( hybrid.hybrid_key_templates.ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM) public_handle = private_handle.public_keyset_handle() output_stream_pub = io.BytesIO() writer = core.BinaryKeysetWriter(output_stream_pub) writer.write(public_handle._keyset) output_stream_priv = io.BytesIO() writer = core.BinaryKeysetWriter(output_stream_priv) writer.write(private_handle._keyset) reader = core.BinaryKeysetReader(output_stream_pub.getvalue()) core.read_no_secret_keyset_handle(reader) with self.assertRaisesRegex(core.TinkError, 'keyset contains secret key material'): reader = core.BinaryKeysetReader(output_stream_priv.getvalue()) core.read_no_secret_keyset_handle(reader)
def test_write_encrypted(self): handle = core.new_keyset_handle(mac.mac_key_templates.HMAC_SHA256_128BITTAG) # Encrypt the keyset with Aead. master_key_aead = _master_key_aead() output_stream = io.BytesIO() writer = core.BinaryKeysetWriter(output_stream) handle.write(writer, master_key_aead) reader = core.BinaryKeysetReader(output_stream.getvalue()) handle2 = core.read_keyset_handle(reader, master_key_aead) # Check that handle2 has the same primitive as handle. handle2.primitive(mac.Mac).verify_mac( handle.primitive(mac.Mac).compute_mac(b'data'), b'data')
def test_write_no_secret(self): private_handle = core.new_keyset_handle( hybrid.hybrid_key_templates.ECIES_P256_HKDF_HMAC_SHA256_AES128_GCM) public_handle = private_handle.public_keyset_handle() output_stream = io.BytesIO() writer = core.BinaryKeysetWriter(output_stream) public_handle.write_no_secret(writer) with self.assertRaisesRegex(core.TinkError, 'keyset contains secret key material'): private_handle.write_no_secret(writer)
def test_write_raises_error_when_decrypt_to_wrong_keyset(self): handle = core.new_keyset_handle( mac.mac_key_templates.HMAC_SHA256_128BITTAG) writer = core.BinaryKeysetWriter(io.BytesIO()) with self.assertRaisesRegex(core.TinkError, 'cannot encrypt keyset:'): handle.write(writer, BadAead2())
def test_write_raises_error_when_encrypt_failed(self): handle = core.new_keyset_handle( mac.mac_key_templates.HMAC_SHA256_128BITTAG) writer = core.BinaryKeysetWriter(io.BytesIO()) with self.assertRaisesRegex(core.TinkError, 'encrypt failed'): handle.write(writer, FaultyAead())
def test_write_encrypted_invalid_fails(self): with self.assertRaisesRegex(core.TinkError, 'invalid encrypted keyset'): stream = io.BytesIO() writer = core.BinaryKeysetWriter(stream) writer.write_encrypted(example_keyset())