Commits

Andriy Kornatskyy  committed f9be979

Refactoring crypto/ticket module tests.

  • Participants
  • Parent commits 188c3e1

Comments (0)

Files changed (2)

File src/wheezy/security/crypto/tests/test_ticket.py

+
+""" Unit tests for ``wheezy.security.principal``.
+"""
+
+import unittest
+
+
+class TicketTestCase(unittest.TestCase):
+
+    def test_ensure_strong_key(self):
+        """ Ensure strong key
+        """
+        from base64 import b64encode
+        from wheezy.security.crypto.comp import b
+        from wheezy.security.crypto.comp import n
+        from wheezy.security.crypto.ticket import ensure_strong_key
+
+        k = ensure_strong_key(b(''))
+        assert 40 == len(k)
+        s = n(b64encode(k))
+        assert '+9sdGxiqbAgyS31ktx+3Y3BpDh1fA7dyIanFu+fzE/Lc5EaX+NQGsA==' == s
+        s = n(b64encode(ensure_strong_key(b('abc'))))
+        assert 'zEfjwKoMKYRFRHbQYRCMCxEBd66sLMHe/H6umZFFQMixhLcp8jfwGQ==' == s
+
+    def test_encode(self):
+        """ Test ticket encode.
+        """
+        from wheezy.security.crypto.comp import n
+        from wheezy.security.crypto.comp import sha1
+        from wheezy.security.crypto.ticket import Ticket
+
+        t = Ticket(digestmod=sha1)
+        assert 72 == len(t.encode(''))
+
+        x = t.encode('hello')
+        text, time_left = t.decode(x)
+        assert 'hello' == n(text)
+        assert time_left >= 0
+
+        # If cypher is not available verification is still applied.
+
+        import warnings
+        warnings.simplefilter('ignore')
+        t = Ticket(cypher=None)
+        warnings.simplefilter('default')
+        assert 48 == len(t.encode(''))
+
+        x = t.encode('hello')
+        text, time_left = t.decode(x)
+        assert 'hello' == n(text)
+        assert time_left >= 0
+
+
+class TicketDecodeTestCase(unittest.TestCase):
+
+    def setUp(self):
+        import warnings
+        warnings.simplefilter('ignore')
+
+    def tearDown(self):
+        import warnings
+        warnings.simplefilter('default')
+
+    def test_invalid_length(self):
+        """ The value is at least 48 in length.
+        """
+        from wheezy.security.crypto.ticket import Ticket
+        t = Ticket(cypher=None)
+        assert (None, None) == t.decode('a' * 47)
+
+    def test_invalid_base64_string(self):
+        """ Invalid base64 string.
+        """
+        from wheezy.security.crypto.ticket import Ticket
+        t = Ticket(cypher=None)
+        assert (None, None) == t.decode('D' * 57)
+
+    def test_unicode_error(self):
+        """ Unicode error.
+        """
+        from wheezy.security.crypto.comp import u
+        from wheezy.security.crypto.ticket import Ticket
+        t = Ticket(cypher=None)
+        value = t.encode(u('\\u0430'))
+        assert (None, None) == t.decode(value, 'ascii')
+
+    def test_invalid_padding(self):
+        """ Invalid padding.
+        """
+        from wheezy.security.crypto.ticket import Ticket
+        t = Ticket(cypher=None)
+        value = t.encode('a' * 31)
+        t = Ticket()
+        assert (None, None) == t.decode(value)
+
+    def test_signature_is_not_valid(self):
+        """ Signature is not valid.
+        """
+        from wheezy.security.crypto.ticket import Ticket
+        t = Ticket(cypher=None)
+        value = 'cf-0eDoyN6VwP-IyZap4zTBjsHqqaZua4MkGAA11HGdoZWxsbxBSjyg='
+        assert (None, None) == t.decode(value)
+
+    def test_expired(self):
+        """ Expired.
+        """
+        from wheezy.security.crypto.ticket import Ticket
+        t = Ticket(cypher=None)
+        value = '1ZRcHGsYENF~lzezpMKFFF9~QBCQkqPlIMoGAA11HGdoZWxsbxBSjyg='
+        assert (None, None) == t.decode(value)
+
+    def test_invalid_verification_key(self):
+        """ Invalid verification key.
+        """
+        from wheezy.security.crypto.ticket import Ticket
+        t = Ticket()
+        value = t.encode('test')
+        t = Ticket(options={'CRYPTO_VALIDATION_KEY': 'x'})
+        assert (None, None) == t.decode(value)
+
+    def test_invalid_encryption_key(self):
+        """ Invalid encryption key.
+        """
+        from wheezy.security.crypto.ticket import Ticket
+        t = Ticket()
+        value = t.encode('test')
+        t = Ticket(options={'CRYPTO_ENCRYPTION_KEY': 'x'})
+        assert (None, None) == t.decode(value)

File src/wheezy/security/crypto/ticket.py

 def ensure_strong_key(key):
     """ Translates a given key to a computed strong key of length
         320 bit suitable for encryption.
-
-        >>> from wheezy.security.crypto.comp import n
-        >>> k = ensure_strong_key(b(''))
-        >>> len(k)
-        40
-        >>> n(b64encode(k))
-        '+9sdGxiqbAgyS31ktx+3Y3BpDh1fA7dyIanFu+fzE/Lc5EaX+NQGsA=='
-        >>> n(b64encode(ensure_strong_key(b('abc'))))
-        'zEfjwKoMKYRFRHbQYRCMCxEBd66sLMHe/H6umZFFQMixhLcp8jfwGQ=='
     """
     hmac = hmac_new(key, digestmod=sha1)
     key = hmac.digest()
 
 
 class Ticket(object):
-    """ Protects sensitive information (e.g. user id). Default policy
-        applies verification and encryption. Verification is provided
-        by ``hmac`` initialized with ``sha1`` digestmod. Encryption
-        is provided if available, by default it attempts to use AES
-        cypher.
+    """ Protects sensitive information (e.g. user id).
 
-        >>> from wheezy.security.crypto.comp import n
-        >>> t = Ticket(digestmod=sha1)
-        >>> len(t.encode(''))
-        72
-        >>> x = t.encode('hello')
-        >>> text, time_left = t.decode(x)
-        >>> n(text)
-        'hello'
-        >>> assert time_left >= 0
-
-        If cypher is not available verification is still applied.
-
-        >>> import warnings
-        >>> warnings.simplefilter('ignore')
-        >>> t = Ticket(cypher=None)
-        >>> warnings.simplefilter('default')
-        >>> len(t.encode(''))
-        48
-        >>> x = t.encode('hello')
-        >>> text, time_left = t.decode(x)
-        >>> n(text)
-        'hello'
-        >>> assert time_left >= 0
+        Default policy applies verification and encryption.
+        Verification is provided by ``hmac`` initialized with ``sha1``
+        digestmod. Encryption is provided if available, by default
+        it attempts to use AES cypher.
     """
     __slots__ = ('cypher', 'max_age', 'hmac', 'digest_size', 'block_size')
 
             warn('Ticket: cypher not available', stacklevel=2)
 
     def encode(self, value, encoding='UTF-8'):
-        """ Encode ``value`` accoring to ticket policy.
+        """ Encode ``value`` according to ticket policy.
         """
         value = b(value, encoding)
         expires = pack('<i', timestamp() + self.max_age)
 
     def decode(self, value, encoding='UTF-8'):
         """ Decode ``value`` according to ticket policy.
-
-            The ``value`` length is at least 48.
-
-            >>> import warnings
-            >>> warnings.simplefilter('ignore')
-            >>> t = Ticket(cypher=None)
-            >>> warnings.simplefilter('default')
-            >>> t.decode('a' * 47)
-            (None, None)
-
-            Invalid base64 string
-
-            >>> value = 'D' * 57
-            >>> t.decode(value)
-            (None, None)
-
-            UnicodeDecodeError
-
-            >>> from wheezy.security.crypto.comp import u
-            >>> value = t.encode(u('\\u0430'))
-            >>> t.decode(value, 'ascii')
-            (None, None)
-
-            Invalid string padding
-
-            >>> t = Ticket(cypher=None)
-            >>> value = t.encode('a'*31)
-            >>> t = Ticket()
-            >>> t.decode(value)
-            (None, None)
-
-            Signature is not valid
-
-            >>> t = Ticket(cypher=None)
-            >>> value = 'cf-0eDoyN6VwP-IyZap4zTBjsHqqaZua4MkG'
-            >>> value += 'AA11HGdoZWxsbxBSjyg='
-            >>> t.decode(value)
-            (None, None)
-
-            Expired
-
-            >>> value = '1ZRcHGsYENF~lzezpMKFFF9~QBCQkqPlIMoG'
-            >>> value += 'AA11HGdoZWxsbxBSjyg='
-            >>> t.decode(value)
-            (None, None)
-
-            Invalid verification key
-
-            >>> t = Ticket()
-            >>> value = t.encode('test')
-            >>> t = Ticket(options={'CRYPTO_VALIDATION_KEY': 'x'})
-            >>> t.decode(value)
-            (None, None)
-
-            Invalid encryption key
-
-            >>> t = Ticket()
-            >>> value = t.encode('test')
-            >>> t = Ticket(options={'CRYPTO_ENCRYPTION_KEY': 'x'})
-            >>> t.decode(value)
-            (None, None)
         """
         if len(value) < 48:
             return (None, None)
             return (None, None)
 
     def sign(self, value):
+        """ Compute hmac digest.
+        """
         h = self.hmac.copy()
         h.update(value)
         return h.digest()