Пример #1
0
class TestPythonCryptoWorker(TestCase):

    def setUp(self):
        self.worker = CryptoWorker(path=CERTS_LOCATION)
        self.runner = PurePythonRunner(self.worker)

        # on start, the worker should load the certs in the folder.
        self.assertEquals(len(self.worker.certs), 1)

    def test_check_signature(self):
        hostname = 'browserid.org'
        data = 'NOBODY EXPECTS THE SPANISH INQUISITION!'

        sig = sign_data(hostname, data)
        result = self.runner.check_signature(hostname=hostname,
                signed_data=data, signature=sig)
        self.assertTrue(result)

    def test_check_signature_with_key(self):
        hostname = 'browserid.org'
        data = 'NOBODY EXPECTS THE SPANISH INQUISITION!'

        sig = sign_data(hostname, data)
        filename = os.path.join(CERTS_LOCATION, 'browserid.org.RS256.crt')
        with open(filename, 'rb') as f:
            cert = f.read()

        result = self.runner.check_signature_with_cert(cert=cert,
                signed_data=data, signature=sig, algorithm='RS256')

        self.assertTrue(result)

    def test_key_derivation(self):
        return
    def test_the_crypto_tester(self):
        self.worker = MockCryptoWorker()
        self.runner = PurePythonRunner(self.worker)

        hostname = 'browserid.org'
        data = 'NOBODY EXPECTS THE SPANISH INQUISITION!'

        sig = sign_data(hostname, data)
        result = self.runner.check_signature(hostname=hostname,
                                             signed_data=data,
                                             signature=sig,
                                             algorithm="DS128")
        self.assertTrue(result)
Пример #3
0
    def test_key_derivation(self):
        # derivating the key twice with the same parameters should return the
        # same key.
        self.worker = CryptoWorker()
        self.runner = PurePythonRunner(self.worker)

        # taken from the tokenlib
        hashmod = "sha256"
        IKM = "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"
        salt = "000102030405060708090a0b0c"
        info = "f0f1f2f3f4f5f6f7f8f9"
        L = 42
        OKM = "3cb25f25faacd57a90434f64d0362f2a"\
              "2d2d0a90cf1a5a4c5db02d56ecc4c5bf"\
              "34007208d5b887185865"
        result = self.runner.derivate_key(ikm=IKM, salt=salt, info=info,
                                          l=L, hashmod=hashmod)
        self.assertEquals(result, OKM)
        return

        hashmod = 'sha1'
        IKM = "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c".decode("hex")
        salt = None
        info = ""
        L = 42
        OKM = "2c91117204d745f3500d636a62f64f0a".decode("hex") +\
              "b3bae548aa53d423b0d1f27ebba6f5e5".decode("hex") +\
              "673a081d70cce7acfc48".decode("hex")

        result = self.runner.derivate_key(ikm=IKM, salt=salt, info=info,
                                          l=L, hashmod=hashmod)
        self.assertEquals(result, OKM)
    def test_loadtest_mode(self):
        # when in loadtest mode, the crypto worker should be able to verify
        # signatures issued by loadtest.local
        self.worker = CryptoWorker(loadtest_mode=True)
        self.runner = PurePythonRunner(self.worker)
        hostname = 'loadtest.local'
        data = "All your base are belong to us."

        signature = sign_data(hostname, data)

        # as you may have noticed, we are not mocking the key fetching here.
        result = self.runner.check_signature(hostname=hostname,
                                             signed_data=data,
                                             signature=signature,
                                             algorithm="DS128")

        self.assertTrue(result)
Пример #5
0
 def test_loadtest_mode(self):
     worker = get_crypto_worker(CryptoWorker,
                                loadtest_mode=True,
                                memory_ttl=100)
     verifier = PowerHoseVerifier(runner=PurePythonRunner(worker),
                                  audiences=('*', ))
     result = verifier.verify(
         get_assertion('*****@*****.**', issuer='loadtest.local'))
     self.assertTrue(result)
Пример #6
0
    def test_the_crypto_tester(self):
        self.worker = MockCryptoWorker()
        self.runner = PurePythonRunner(self.worker)

        hostname = 'browserid.org'
        data = 'NOBODY EXPECTS THE SPANISH INQUISITION!'

        sig = sign_data(hostname, data)
        result = self.runner.check_signature(hostname=hostname,
                signed_data=data, signature=sig, algorithm="DS128")
        self.assertTrue(result)
Пример #7
0
    def test_assertion_verification(self):
        # giving a valid assertion should return True
        worker = get_crypto_worker(MockCryptoWorker, memory_ttl=100)
        verifier = PowerHoseVerifier(runner=PurePythonRunner(worker),
                                     audiences=('*', ))
        self.assertTrue(verifier.verify(get_assertion(DEFAULT_EMAIL)))

        # An assertion not signed with the root issuer certificate should
        # fail.

        with self.assertRaises(InvalidSignatureError):
            verifier.verify(get_assertion(DEFAULT_EMAIL, bad_issuer_cert=True))
    def test_key_derivation(self):
        # derivating the key twice with the same parameters should return the
        # same key.
        self.worker = CryptoWorker()
        self.runner = PurePythonRunner(self.worker)

        # taken from the tokenlib
        hashmod = "sha256"
        IKM = "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"
        salt = "000102030405060708090a0b0c"
        info = "f0f1f2f3f4f5f6f7f8f9"
        L = 42
        OKM = "3cb25f25faacd57a90434f64d0362f2a"\
              "2d2d0a90cf1a5a4c5db02d56ecc4c5bf"\
              "34007208d5b887185865"
        result = self.runner.derivate_key(ikm=IKM,
                                          salt=salt,
                                          info=info,
                                          l=L,
                                          hashmod=hashmod)
        self.assertEquals(result, OKM)
        return

        hashmod = 'sha1'
        IKM = "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c".decode("hex")
        salt = None
        info = ""
        L = 42
        OKM = "2c91117204d745f3500d636a62f64f0a".decode("hex") +\
              "b3bae548aa53d423b0d1f27ebba6f5e5".decode("hex") +\
              "673a081d70cce7acfc48".decode("hex")

        result = self.runner.derivate_key(ikm=IKM,
                                          salt=salt,
                                          info=info,
                                          l=L,
                                          hashmod=hashmod)
        self.assertEquals(result, OKM)
Пример #9
0
    def test_loadtest_mode(self):
        # when in loadtest mode, the crypto worker should be able to verify
        # signatures issued by loadtest.local
        self.worker = CryptoWorker(loadtest_mode=True)
        self.runner = PurePythonRunner(self.worker)
        hostname = 'loadtest.local'
        data = "All your base are belong to us."

        signature = sign_data(hostname, data)

        # as you may have noticed, we are not mocking the key fetching here.
        result = self.runner.check_signature(hostname=hostname,
                signed_data=data, signature=signature, algorithm="DS128")

        self.assertTrue(result)
Пример #10
0
    def setUp(self):
        self.worker = CryptoWorker(path=CERTS_LOCATION)
        self.runner = PurePythonRunner(self.worker)

        # on start, the worker should load the certs in the folder.
        self.assertEquals(len(self.worker.certs), 1)
 def setUp(self):
     self.worker = MockCryptoWorker()
     self.runner = PurePythonRunner(self.worker)
class TestPythonCryptoWorker(unittest.TestCase):
    def setUp(self):
        self.worker = MockCryptoWorker()
        self.runner = PurePythonRunner(self.worker)

    def test_check_signature(self):
        hostname = 'browserid.org'
        data = 'NOBODY EXPECTS THE SPANISH INQUISITION!'

        sig = sign_data(hostname, data)
        result = self.runner.check_signature(hostname=hostname,
                                             signed_data=data,
                                             signature=sig,
                                             algorithm="DS128")
        self.assertTrue(result)

    def test_the_crypto_tester(self):
        self.worker = MockCryptoWorker()
        self.runner = PurePythonRunner(self.worker)

        hostname = 'browserid.org'
        data = 'NOBODY EXPECTS THE SPANISH INQUISITION!'

        sig = sign_data(hostname, data)
        result = self.runner.check_signature(hostname=hostname,
                                             signed_data=data,
                                             signature=sig,
                                             algorithm="DS128")
        self.assertTrue(result)

    def test_check_signature_with_key(self):
        hostname = 'browserid.org'
        data = 'NOBODY EXPECTS THE SPANISH INQUISITION!'

        sig = sign_data(hostname, data)
        cert = json.dumps(fetch_support_document(hostname)["public-key"])

        result = self.runner.check_signature_with_cert(cert=cert,
                                                       signed_data=data,
                                                       signature=sig,
                                                       algorithm='DS128')

        self.assertTrue(result)

    def test_loadtest_mode(self):
        # when in loadtest mode, the crypto worker should be able to verify
        # signatures issued by loadtest.local
        self.worker = CryptoWorker(loadtest_mode=True)
        self.runner = PurePythonRunner(self.worker)
        hostname = 'loadtest.local'
        data = "All your base are belong to us."

        signature = sign_data(hostname, data)

        # as you may have noticed, we are not mocking the key fetching here.
        result = self.runner.check_signature(hostname=hostname,
                                             signed_data=data,
                                             signature=signature,
                                             algorithm="DS128")

        self.assertTrue(result)

    def test_key_derivation(self):
        # derivating the key twice with the same parameters should return the
        # same key.
        self.worker = CryptoWorker()
        self.runner = PurePythonRunner(self.worker)

        # taken from the tokenlib
        hashmod = "sha256"
        IKM = "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"
        salt = "000102030405060708090a0b0c"
        info = "f0f1f2f3f4f5f6f7f8f9"
        L = 42
        OKM = "3cb25f25faacd57a90434f64d0362f2a"\
              "2d2d0a90cf1a5a4c5db02d56ecc4c5bf"\
              "34007208d5b887185865"
        result = self.runner.derivate_key(ikm=IKM,
                                          salt=salt,
                                          info=info,
                                          l=L,
                                          hashmod=hashmod)
        self.assertEquals(result, OKM)
        return

        hashmod = 'sha1'
        IKM = "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c".decode("hex")
        salt = None
        info = ""
        L = 42
        OKM = "2c91117204d745f3500d636a62f64f0a".decode("hex") +\
              "b3bae548aa53d423b0d1f27ebba6f5e5".decode("hex") +\
              "673a081d70cce7acfc48".decode("hex")

        result = self.runner.derivate_key(ikm=IKM,
                                          salt=salt,
                                          info=info,
                                          l=L,
                                          hashmod=hashmod)
        self.assertEquals(result, OKM)
Пример #13
0
            try:
                return func(*args, **kw)
            finally:
                sys.stdout.write('%.4f s\n' % (time.time() - start))
                sys.stdout.flush()

        return __timed

    return _timed


def job(hostname, data, runner):
    sig = sign_data(hostname, data)
    runner.check_signature(hostname=hostname,
                           signed_data=data,
                           signature=sig,
                           algorithm="DS128")


@timed("one single call")
def single(**kwargs):
    job(**kwargs)


if __name__ == '__main__':

    kwargs = dict(runner=PurePythonRunner(MockCryptoWorker()),
                  hostname='browserid.org',
                  data='NOBODY EXPECTS THE SPANISH INQUISITION!')
    single(**kwargs)
Пример #14
0
 def setUp(self):
     self.worker = MockCryptoWorker()
     self.runner = PurePythonRunner(self.worker)
Пример #15
0
class TestPythonCryptoWorker(unittest.TestCase):

    def setUp(self):
        self.worker = MockCryptoWorker()
        self.runner = PurePythonRunner(self.worker)

    def test_check_signature(self):
        hostname = 'browserid.org'
        data = 'NOBODY EXPECTS THE SPANISH INQUISITION!'

        sig = sign_data(hostname, data)
        result = self.runner.check_signature(
            hostname=hostname,
            signed_data=data,
            signature=sig,
            algorithm="DS128"
        )
        self.assertTrue(result)

    def test_the_crypto_tester(self):
        self.worker = MockCryptoWorker()
        self.runner = PurePythonRunner(self.worker)

        hostname = 'browserid.org'
        data = 'NOBODY EXPECTS THE SPANISH INQUISITION!'

        sig = sign_data(hostname, data)
        result = self.runner.check_signature(
            hostname=hostname,
            signed_data=data,
            signature=sig,
            algorithm="DS128"
        )
        self.assertTrue(result)

    def test_check_signature_with_key(self):
        hostname = 'browserid.org'
        data = 'NOBODY EXPECTS THE SPANISH INQUISITION!'

        sig = sign_data(hostname, data)
        cert = json.dumps(fetch_support_document(hostname)["public-key"])

        result = self.runner.check_signature_with_cert(
            cert=cert,
            signed_data=data,
            signature=sig,
            algorithm='DS128'
        )

        self.assertTrue(result)

    def test_loadtest_mode(self):
        # when in loadtest mode, the crypto worker should be able to verify
        # signatures issued by loadtest.local
        self.worker = CryptoWorker(loadtest_mode=True)
        self.runner = PurePythonRunner(self.worker)
        hostname = 'loadtest.local'
        data = "All your base are belong to us."

        signature = sign_data(hostname, data)

        # as you may have noticed, we are not mocking the key fetching here.
        result = self.runner.check_signature(
            hostname=hostname,
            signed_data=data,
            signature=signature,
            algorithm="DS128"
        )

        self.assertTrue(result)

    def test_key_derivation(self):
        # derivating the key twice with the same parameters should return the
        # same key.
        self.worker = CryptoWorker()
        self.runner = PurePythonRunner(self.worker)

        # taken from the tokenlib
        hashmod = "sha256"
        IKM = "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"
        salt = "000102030405060708090a0b0c"
        info = "f0f1f2f3f4f5f6f7f8f9"
        L = 42
        OKM = "3cb25f25faacd57a90434f64d0362f2a"\
              "2d2d0a90cf1a5a4c5db02d56ecc4c5bf"\
              "34007208d5b887185865"
        result = self.runner.derivate_key(ikm=IKM, salt=salt, info=info,
                                          l=L, hashmod=hashmod)
        self.assertEquals(result, OKM)
        return

        hashmod = 'sha1'
        IKM = "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c".decode("hex")
        salt = None
        info = ""
        L = 42
        OKM = "2c91117204d745f3500d636a62f64f0a".decode("hex") +\
              "b3bae548aa53d423b0d1f27ebba6f5e5".decode("hex") +\
              "673a081d70cce7acfc48".decode("hex")

        result = self.runner.derivate_key(ikm=IKM, salt=salt, info=info,
                                          l=L, hashmod=hashmod)
        self.assertEquals(result, OKM)