def test_bad_signature(self): msg = seal_token(fake_subtoken_proto()) # make sure that pkcs1_sha256_sig is changed. msg.pkcs1_sha256_sig = msg.pkcs1_sha256_sig[:-1] + chr( ord(msg.pkcs1_sha256_sig[-1]) ^ 1) with self.assertRaises(exceptions.BadTokenError): delegation.unseal_token(msg)
def test_bad_signature(self): msg = seal_token(fake_subtoken_proto()) msg.pkcs1_sha256_sig = msg.pkcs1_sha256_sig[:-1] + 'A' with self.assertRaises(delegation.BadTokenError): delegation.unseal_token(msg)
def test_unknown_signing_key_id(self): msg = seal_token(fake_subtoken_proto()) msg.signing_key_id = 'blah' with self.assertRaises(delegation.BadTokenError): delegation.unseal_token(msg)
def test_unknown_signer_id(self): # Empty dict, no trusted signers. self.mock(delegation, 'get_trusted_signers', lambda: {}) with self.assertRaises(delegation.BadTokenError): delegation.unseal_token(seal_token(fake_subtoken_proto()))
def test_bad_signer_id(self): msg = seal_token(fake_subtoken_proto()) msg.signer_id = 'not an identity' with self.assertRaises(delegation.BadTokenError): delegation.unseal_token(msg)
def test_seal_round_trip(self): tok = fake_subtoken_proto() self.assertEqual(tok, delegation.unseal_token(seal_token(tok)))
def decode_token(token): return auth_delegation.unseal_token( auth_delegation.deserialize_token(token))
def test_round_trip(self): toks = fake_subtoken_list_proto() self.assertEqual(toks, delegation.unseal_token(delegation.seal_token(toks)))
def test_bad_signature(self): msg = delegation.seal_token(fake_subtoken_list_proto()) msg.pkcs1_sha256_sig = msg.pkcs1_sha256_sig[:-1] + 'A' with self.assertRaises(delegation.BadTokenError): delegation.unseal_token(msg)
def test_unknown_signing_key_id(self): msg = delegation.seal_token(fake_subtoken_list_proto()) msg.signing_key_id = 'blah' with self.assertRaises(delegation.BadTokenError): delegation.unseal_token(msg)
def test_unknown_signer_id(self): checker = delegation.SignatureChecker() # empty, no trusted signers self.mock(delegation, 'get_signature_checker', lambda: checker) with self.assertRaises(delegation.BadTokenError): delegation.unseal_token(delegation.seal_token(fake_subtoken_list_proto()))
def test_bad_signer_id(self): msg = delegation.seal_token(fake_subtoken_list_proto()) msg.signer_id = 'not an identity' with self.assertRaises(delegation.BadTokenError): delegation.unseal_token(msg)
def test_round_trip(self): toks = fake_subtoken_list_proto() self.assertEqual(toks, delegation.unseal_token(delegation.seal_token(toks)))
def test_unknown_signer_id(self): checker = delegation.SignatureChecker() # empty, no trusted signers self.mock(delegation, 'get_signature_checker', lambda: checker) with self.assertRaises(delegation.BadTokenError): delegation.unseal_token( delegation.seal_token(fake_subtoken_list_proto()))