From eaed9510a08ee61a7f495de554e4f936985d68bd Mon Sep 17 00:00:00 2001 From: Glyph Date: Fri, 26 Jun 2015 22:00:25 -0700 Subject: compare contents and not pointers --- tests/hazmat/backends/test_openssl.py | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 34fff277..8846491a 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -223,8 +223,10 @@ class TestOpenSSLRandomEngine(object): # for all these tests. backend.activate_osrandom_engine() current_default = backend._lib.ENGINE_get_default_RAND() - name = backend._lib.ENGINE_get_name(current_default) - assert name == backend._lib.Cryptography_osrandom_engine_name + name = backend._ffi.string( + backend._lib.ENGINE_get_name(current_default) + ) + assert name == backend._binding._osrandom_engine_name def test_osrandom_engine_is_default(self, tmpdir): engine_printer = textwrap.dedent( @@ -277,15 +279,16 @@ class TestOpenSSLRandomEngine(object): backend.activate_osrandom_engine() e = backend._lib.ENGINE_get_default_RAND() name = backend._lib.ENGINE_get_name(e) - assert name == backend._lib.Cryptography_osrandom_engine_name + assert (backend._ffi.string(name) == + backend._binding._osrandom_engine_name) res = backend._lib.ENGINE_free(e) assert res == 1 def test_activate_builtin_random(self): e = backend._lib.ENGINE_get_default_RAND() assert e != backend._ffi.NULL - name = backend._lib.ENGINE_get_name(e) - assert name == backend._lib.Cryptography_osrandom_engine_name + name = backend._ffi.string(backend._lib.ENGINE_get_name(e)) + assert name == backend._binding._osrandom_engine_name res = backend._lib.ENGINE_free(e) assert res == 1 backend.activate_builtin_random() @@ -302,14 +305,14 @@ class TestOpenSSLRandomEngine(object): def test_activate_osrandom_already_default(self): e = backend._lib.ENGINE_get_default_RAND() - name = backend._lib.ENGINE_get_name(e) - assert name == backend._lib.Cryptography_osrandom_engine_name + name = backend._ffi.string(backend._lib.ENGINE_get_name(e)) + assert name == backend._binding._osrandom_engine_name res = backend._lib.ENGINE_free(e) assert res == 1 backend.activate_osrandom_engine() e = backend._lib.ENGINE_get_default_RAND() - name = backend._lib.ENGINE_get_name(e) - assert name == backend._lib.Cryptography_osrandom_engine_name + name = backend._ffi.string(backend._lib.ENGINE_get_name(e)) + assert name == backend._binding._osrandom_engine_name res = backend._lib.ENGINE_free(e) assert res == 1 -- cgit v1.2.3 From b51d246eb6ccaed7920ba6dd6a816f74d1158c16 Mon Sep 17 00:00:00 2001 From: Glyph Date: Fri, 26 Jun 2015 22:08:44 -0700 Subject: remove remaining vestiges, make adding twice work --- tests/hazmat/backends/test_openssl.py | 4 +--- tests/hazmat/bindings/test_openssl.py | 2 +- 2 files changed, 2 insertions(+), 4 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 8846491a..b24f03a8 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -259,9 +259,7 @@ class TestOpenSSLRandomEngine(object): stdout=out ) - osrandom_engine_name = backend._ffi.string( - backend._lib.Cryptography_osrandom_engine_name - ) + osrandom_engine_name = backend._binding._osrandom_engine_name assert engine_name.read().encode('ascii') == osrandom_engine_name diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py index e6d6fc45..fe78b0ba 100644 --- a/tests/hazmat/bindings/test_openssl.py +++ b/tests/hazmat/bindings/test_openssl.py @@ -89,7 +89,7 @@ class TestOpenSSL(object): def test_add_engine_more_than_once(self): b = Binding() - res = b.lib.Cryptography_add_osrandom_engine() + res = b._register_osrandom_engine() assert res == 2 def test_ssl_ctx_options(self): -- cgit v1.2.3 From d70c98d28effdc410d5ac773e0e461fb548a40e0 Mon Sep 17 00:00:00 2001 From: Glyph Date: Fri, 26 Jun 2015 23:09:46 -0700 Subject: pointer shenanigans apparently (?) ENGINE_by_id treats its ID as an opaque *pointer* key and not actually as a string, and while CPython's CFFI support seems to manage to preserve the pointer identity when using the same Python string, PyPy doesn't. Fix things to use a cffi-wrapped pointer again and tests pass on PyPy. --- tests/hazmat/backends/test_openssl.py | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index b24f03a8..6a2e8a77 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -223,9 +223,7 @@ class TestOpenSSLRandomEngine(object): # for all these tests. backend.activate_osrandom_engine() current_default = backend._lib.ENGINE_get_default_RAND() - name = backend._ffi.string( - backend._lib.ENGINE_get_name(current_default) - ) + name = backend._lib.ENGINE_get_name(current_default) assert name == backend._binding._osrandom_engine_name def test_osrandom_engine_is_default(self, tmpdir): @@ -259,7 +257,9 @@ class TestOpenSSLRandomEngine(object): stdout=out ) - osrandom_engine_name = backend._binding._osrandom_engine_name + osrandom_engine_name = backend._ffi.string( + backend._binding._osrandom_engine_name + ) assert engine_name.read().encode('ascii') == osrandom_engine_name @@ -277,15 +277,14 @@ class TestOpenSSLRandomEngine(object): backend.activate_osrandom_engine() e = backend._lib.ENGINE_get_default_RAND() name = backend._lib.ENGINE_get_name(e) - assert (backend._ffi.string(name) == - backend._binding._osrandom_engine_name) + assert name == backend._binding._osrandom_engine_name res = backend._lib.ENGINE_free(e) assert res == 1 def test_activate_builtin_random(self): e = backend._lib.ENGINE_get_default_RAND() assert e != backend._ffi.NULL - name = backend._ffi.string(backend._lib.ENGINE_get_name(e)) + name = backend._lib.ENGINE_get_name(e) assert name == backend._binding._osrandom_engine_name res = backend._lib.ENGINE_free(e) assert res == 1 @@ -303,13 +302,13 @@ class TestOpenSSLRandomEngine(object): def test_activate_osrandom_already_default(self): e = backend._lib.ENGINE_get_default_RAND() - name = backend._ffi.string(backend._lib.ENGINE_get_name(e)) + name = backend._lib.ENGINE_get_name(e) assert name == backend._binding._osrandom_engine_name res = backend._lib.ENGINE_free(e) assert res == 1 backend.activate_osrandom_engine() e = backend._lib.ENGINE_get_default_RAND() - name = backend._ffi.string(backend._lib.ENGINE_get_name(e)) + name = backend._lib.ENGINE_get_name(e) assert name == backend._binding._osrandom_engine_name res = backend._lib.ENGINE_free(e) assert res == 1 -- cgit v1.2.3 From 1e3ffe10719ef8eeeda0df79aa3e708400f7028a Mon Sep 17 00:00:00 2001 From: Glyph Date: Sat, 27 Jun 2015 18:41:16 -0700 Subject: handle previous registration by raising RuntimeError --- tests/hazmat/bindings/test_openssl.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py index fe78b0ba..75a8e3f1 100644 --- a/tests/hazmat/bindings/test_openssl.py +++ b/tests/hazmat/bindings/test_openssl.py @@ -89,8 +89,8 @@ class TestOpenSSL(object): def test_add_engine_more_than_once(self): b = Binding() - res = b._register_osrandom_engine() - assert res == 2 + with pytest.raises(RuntimeError): + b._register_osrandom_engine() def test_ssl_ctx_options(self): # Test that we're properly handling 32-bit unsigned on all platforms. -- cgit v1.2.3 From 870d7e8986e38aba6bbd6d89a3e0f49dad25ae93 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sun, 21 Jun 2015 22:20:44 -0500 Subject: support name constraints in the openssl backend --- tests/test_x509_ext.py | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) (limited to 'tests') diff --git a/tests/test_x509_ext.py b/tests/test_x509_ext.py index 6d91ba41..15ee118a 100644 --- a/tests/test_x509_ext.py +++ b/tests/test_x509_ext.py @@ -2033,6 +2033,50 @@ class TestNameConstraints(object): assert nc != object() +@pytest.mark.requires_backend_interface(interface=RSABackend) +@pytest.mark.requires_backend_interface(interface=X509Backend) +class TestNameConstraintsExtension(object): + def test_permitted_excluded(self, backend): + cert = _load_cert( + os.path.join( + "x509", "custom", "nc_permitted_excluded_2.pem" + ), + x509.load_pem_x509_certificate, + backend + ) + nc = cert.extensions.get_extension_for_oid( + x509.OID_NAME_CONSTRAINTS + ).value + assert nc == x509.NameConstraints( + permitted_subtrees=[ + x509.DNSName(u"zombo.local"), + ], + excluded_subtrees=[ + x509.DirectoryName(x509.Name([ + x509.NameAttribute(x509.OID_COMMON_NAME, u"zombo") + ])) + ] + ) + + def test_permitted(self, backend): + cert = _load_cert( + os.path.join( + "x509", "custom", "nc_permitted_2.pem" + ), + x509.load_pem_x509_certificate, + backend + ) + nc = cert.extensions.get_extension_for_oid( + x509.OID_NAME_CONSTRAINTS + ).value + assert nc == x509.NameConstraints( + permitted_subtrees=[ + x509.DNSName(u"zombo.local"), + ], + excluded_subtrees=None + ) + + class TestDistributionPoint(object): def test_distribution_point_full_name_not_general_names(self): with pytest.raises(TypeError): -- cgit v1.2.3 From 7c3e7a83f06b0ff8f0c27a4486eaa6448ba6485e Mon Sep 17 00:00:00 2001 From: Glyph Date: Mon, 29 Jun 2015 17:21:02 -0700 Subject: the output of RAND_bytes is os.urandom's result --- tests/hazmat/bindings/test_openssl.py | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'tests') diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py index 75a8e3f1..207fece9 100644 --- a/tests/hazmat/bindings/test_openssl.py +++ b/tests/hazmat/bindings/test_openssl.py @@ -4,6 +4,8 @@ from __future__ import absolute_import, division, print_function +import os + import pytest from cryptography.hazmat.bindings.openssl.binding import Binding @@ -92,6 +94,18 @@ class TestOpenSSL(object): with pytest.raises(RuntimeError): b._register_osrandom_engine() + def test_actual_osrandom_bytes(self, monkeypatch): + sample_data = (b"\x01\x02\x03\x04" * 4) + length = len(sample_data) + def notrandom(size): + assert size == length + return sample_data + monkeypatch.setattr(os, "urandom", notrandom) + b = Binding() + buf = b.ffi.new("char[]", length) + b.lib.RAND_bytes(buf, length) + assert b.ffi.buffer(buf)[0:length] == sample_data + def test_ssl_ctx_options(self): # Test that we're properly handling 32-bit unsigned on all platforms. b = Binding() -- cgit v1.2.3 From 14e67ac4241a20c25f0d7751171c8b626f014e45 Mon Sep 17 00:00:00 2001 From: Glyph Date: Tue, 30 Jun 2015 01:46:38 -0700 Subject: Detect and ignore LibreSSL. --- tests/hazmat/bindings/test_openssl.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py index 207fece9..73952561 100644 --- a/tests/hazmat/bindings/test_openssl.py +++ b/tests/hazmat/bindings/test_openssl.py @@ -95,13 +95,15 @@ class TestOpenSSL(object): b._register_osrandom_engine() def test_actual_osrandom_bytes(self, monkeypatch): + b = Binding() + if b'LibreSSL' in b.ffi.string(b.lib.OPENSSL_VERSION_TEXT): + pytest.skip("LibreSSL hard-codes RAND_bytes to use arc4random.") sample_data = (b"\x01\x02\x03\x04" * 4) length = len(sample_data) def notrandom(size): assert size == length return sample_data monkeypatch.setattr(os, "urandom", notrandom) - b = Binding() buf = b.ffi.new("char[]", length) b.lib.RAND_bytes(buf, length) assert b.ffi.buffer(buf)[0:length] == sample_data -- cgit v1.2.3 From fa40f9f1b42b27d0f0e3f7581cf8d1997e36f0b0 Mon Sep 17 00:00:00 2001 From: Glyph Date: Tue, 30 Jun 2015 01:57:02 -0700 Subject: pep8 --- tests/hazmat/bindings/test_openssl.py | 1 + 1 file changed, 1 insertion(+) (limited to 'tests') diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py index 73952561..ff8bcca6 100644 --- a/tests/hazmat/bindings/test_openssl.py +++ b/tests/hazmat/bindings/test_openssl.py @@ -100,6 +100,7 @@ class TestOpenSSL(object): pytest.skip("LibreSSL hard-codes RAND_bytes to use arc4random.") sample_data = (b"\x01\x02\x03\x04" * 4) length = len(sample_data) + def notrandom(size): assert size == length return sample_data -- cgit v1.2.3 From b18fc3912682d39ba5a4addfab963e50736e689c Mon Sep 17 00:00:00 2001 From: Glyph Date: Tue, 30 Jun 2015 16:46:29 -0700 Subject: test libressl when there is no libressl --- tests/hazmat/bindings/test_openssl.py | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py index ff8bcca6..f3f2eaf4 100644 --- a/tests/hazmat/bindings/test_openssl.py +++ b/tests/hazmat/bindings/test_openssl.py @@ -11,6 +11,20 @@ import pytest from cryptography.hazmat.bindings.openssl.binding import Binding +def skip_if_libre_ssl(openssl_version): + if b'LibreSSL' in openssl_version: + pytest.skip("LibreSSL hard-codes RAND_bytes to use arc4random.") + + +class TestLibreSkip(object): + def test_skip_no(self): + assert skip_if_libre_ssl(b"OpenSSL 0.9.8zf 19 Mar 2015") is None + + def test_skip_yes(self): + with pytest.raises(pytest.skip.Exception): + skip_if_libre_ssl(b"LibreSSL 2.1.6") + + class TestOpenSSL(object): def test_binding_loads(self): binding = Binding() @@ -96,8 +110,7 @@ class TestOpenSSL(object): def test_actual_osrandom_bytes(self, monkeypatch): b = Binding() - if b'LibreSSL' in b.ffi.string(b.lib.OPENSSL_VERSION_TEXT): - pytest.skip("LibreSSL hard-codes RAND_bytes to use arc4random.") + skip_if_libre_ssl(b.ffi.string(b.lib.OPENSSL_VERSION_TEXT)) sample_data = (b"\x01\x02\x03\x04" * 4) length = len(sample_data) -- cgit v1.2.3 From b073c8cd31f27af8002174999904556ec283ac7e Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 1 Jul 2015 19:55:07 -0500 Subject: put the AAD and encrypted byte limit checks in the parent context --- tests/hazmat/primitives/test_aes.py | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_aes.py b/tests/hazmat/primitives/test_aes.py index 4d48e8ad..32892678 100644 --- a/tests/hazmat/primitives/test_aes.py +++ b/tests/hazmat/primitives/test_aes.py @@ -253,3 +253,33 @@ class TestAESModeGCM(object): computed_ct = encryptor.update(pt) + encryptor.finalize() assert computed_ct == ct assert encryptor.tag == tag + + def test_gcm_ciphertext_limit(self, backend): + encryptor = base.Cipher( + algorithms.AES(b"\x00" * 16), + modes.GCM(b"\x01" * 16), + backend=backend + ).encryptor() + # 16 bytes less than the encryption limit + near_limit_bytes = (2 ** 39 - 256 - 128) // 8 + encryptor._bytes_processed = near_limit_bytes + encryptor.update(b"0" * 16) + assert ( + encryptor._bytes_processed == modes.GCM._MAX_ENCRYPTED_BYTES + ) + with pytest.raises(ValueError): + encryptor.update(b"0") + + def test_gcm_aad_limit(self, backend): + encryptor = base.Cipher( + algorithms.AES(b"\x00" * 16), + modes.GCM(b"\x01" * 16), + backend=backend + ).encryptor() + # 16 bytes less than the AAD limit + near_limit_bytes = (2 ** 64 - 128) // 8 + encryptor._aad_bytes_processed = near_limit_bytes + encryptor.authenticate_additional_data(b"0" * 16) + assert encryptor._aad_bytes_processed == modes.GCM._MAX_AAD_BYTES + with pytest.raises(ValueError): + encryptor.authenticate_additional_data(b"0") -- cgit v1.2.3 From 463de43d9cc05ae97e08b3d439b70d44c70f9f62 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 1 Jul 2015 20:05:53 -0500 Subject: add additional increment tests --- tests/hazmat/primitives/test_aes.py | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_aes.py b/tests/hazmat/primitives/test_aes.py index 32892678..06e8adf8 100644 --- a/tests/hazmat/primitives/test_aes.py +++ b/tests/hazmat/primitives/test_aes.py @@ -270,16 +270,26 @@ class TestAESModeGCM(object): with pytest.raises(ValueError): encryptor.update(b"0") - def test_gcm_aad_limit(self, backend): + def test_gcm_ciphertext_increments(self, backend): encryptor = base.Cipher( algorithms.AES(b"\x00" * 16), modes.GCM(b"\x01" * 16), backend=backend ).encryptor() - # 16 bytes less than the AAD limit - near_limit_bytes = (2 ** 64 - 128) // 8 - encryptor._aad_bytes_processed = near_limit_bytes - encryptor.authenticate_additional_data(b"0" * 16) - assert encryptor._aad_bytes_processed == modes.GCM._MAX_AAD_BYTES - with pytest.raises(ValueError): - encryptor.authenticate_additional_data(b"0") + encryptor.update(b"0" * 8) + assert encryptor._bytes_processed == 8 + encryptor.update(b"0" * 7) + assert encryptor._bytes_processed == 15 + encryptor.update(b"0" * 18) + assert encryptor._bytes_processed == 33 + + def test_gcm_aad_increments(self, backend): + encryptor = base.Cipher( + algorithms.AES(b"\x00" * 16), + modes.GCM(b"\x01" * 16), + backend=backend + ).encryptor() + encryptor.authenticate_additional_data(b"0" * 8) + assert encryptor._aad_bytes_processed == 8 + encryptor.authenticate_additional_data(b"0" * 18) + assert encryptor._aad_bytes_processed == 26 -- cgit v1.2.3 From 423768361e3b5ea6a39819d512ca72ce176d151d Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 1 Jul 2015 18:10:32 -0500 Subject: name constraints - support leading periods --- tests/test_x509_ext.py | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) (limited to 'tests') diff --git a/tests/test_x509_ext.py b/tests/test_x509_ext.py index 15ee118a..0ef84e79 100644 --- a/tests/test_x509_ext.py +++ b/tests/test_x509_ext.py @@ -2076,6 +2076,44 @@ class TestNameConstraintsExtension(object): excluded_subtrees=None ) + def test_permitted_with_leading_period(self, backend): + cert = _load_cert( + os.path.join( + "x509", "custom", "nc_permitted.pem" + ), + x509.load_pem_x509_certificate, + backend + ) + nc = cert.extensions.get_extension_for_oid( + x509.OID_NAME_CONSTRAINTS + ).value + assert nc == x509.NameConstraints( + permitted_subtrees=[ + x509.DNSName(u".cryptography.io"), + x509.UniformResourceIdentifier(u"ftp://cryptography.test") + ], + excluded_subtrees=None + ) + + def test_excluded_with_leading_period(self, backend): + cert = _load_cert( + os.path.join( + "x509", "custom", "nc_excluded.pem" + ), + x509.load_pem_x509_certificate, + backend + ) + nc = cert.extensions.get_extension_for_oid( + x509.OID_NAME_CONSTRAINTS + ).value + assert nc == x509.NameConstraints( + permitted_subtrees=None, + excluded_subtrees=[ + x509.DNSName(u".cryptography.io"), + x509.UniformResourceIdentifier(u"gopher://cryptography.test") + ] + ) + class TestDistributionPoint(object): def test_distribution_point_full_name_not_general_names(self): -- cgit v1.2.3 From d5119d530b4bd15cae9e758972e0407a5bcdd244 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 1 Jul 2015 20:21:33 -0500 Subject: add missing test, simplify encrypted byte near limit calculation --- tests/hazmat/primitives/test_aes.py | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_aes.py b/tests/hazmat/primitives/test_aes.py index 06e8adf8..f079ae4f 100644 --- a/tests/hazmat/primitives/test_aes.py +++ b/tests/hazmat/primitives/test_aes.py @@ -260,9 +260,7 @@ class TestAESModeGCM(object): modes.GCM(b"\x01" * 16), backend=backend ).encryptor() - # 16 bytes less than the encryption limit - near_limit_bytes = (2 ** 39 - 256 - 128) // 8 - encryptor._bytes_processed = near_limit_bytes + encryptor._bytes_processed = modes.GCM._MAX_ENCRYPTED_BYTES - 16 encryptor.update(b"0" * 16) assert ( encryptor._bytes_processed == modes.GCM._MAX_ENCRYPTED_BYTES @@ -270,6 +268,20 @@ class TestAESModeGCM(object): with pytest.raises(ValueError): encryptor.update(b"0") + def test_gcm_aad_limit(self, backend): + encryptor = base.Cipher( + algorithms.AES(b"\x00" * 16), + modes.GCM(b"\x01" * 16), + backend=backend + ).encryptor() + # 16 bytes less than the AAD limit + near_limit_bytes = (2 ** 64 - 128) // 8 + encryptor._aad_bytes_processed = near_limit_bytes + encryptor.authenticate_additional_data(b"0" * 16) + assert encryptor._aad_bytes_processed == modes.GCM._MAX_AAD_BYTES + with pytest.raises(ValueError): + encryptor.authenticate_additional_data(b"0") + def test_gcm_ciphertext_increments(self, backend): encryptor = base.Cipher( algorithms.AES(b"\x00" * 16), -- cgit v1.2.3 From 326502a8535e72fe76fdf61762cdf66198370799 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 1 Jul 2015 20:23:11 -0500 Subject: do the same simplification to the aad test --- tests/hazmat/primitives/test_aes.py | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_aes.py b/tests/hazmat/primitives/test_aes.py index f079ae4f..2c3e5f90 100644 --- a/tests/hazmat/primitives/test_aes.py +++ b/tests/hazmat/primitives/test_aes.py @@ -274,9 +274,7 @@ class TestAESModeGCM(object): modes.GCM(b"\x01" * 16), backend=backend ).encryptor() - # 16 bytes less than the AAD limit - near_limit_bytes = (2 ** 64 - 128) // 8 - encryptor._aad_bytes_processed = near_limit_bytes + encryptor._aad_bytes_processed = modes.GCM._MAX_AAD_BYTES - 16 encryptor.authenticate_additional_data(b"0" * 16) assert encryptor._aad_bytes_processed == modes.GCM._MAX_AAD_BYTES with pytest.raises(ValueError): -- cgit v1.2.3 From 9bbd4900bc4db86b675aaf6c22c034a071150d5a Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Wed, 1 Jul 2015 22:26:28 -0400 Subject: Fixed #1689 -- correctly handle code with multiple requires_backend_itnerface --- tests/conftest.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'tests') diff --git a/tests/conftest.py b/tests/conftest.py index c4d6b9c1..6599a643 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -18,11 +18,13 @@ def pytest_generate_tests(metafunc): if "backend" in metafunc.fixturenames: filtered_backends = [] required = metafunc.function.requires_backend_interface - required_interfaces = tuple( + required_interfaces = [ mark.kwargs["interface"] for mark in required - ) + ] for backend in selected_backends: - if isinstance(backend, required_interfaces): + if all( + isinstance(backend, iface) for iface in required_interfaces + ): filtered_backends.append(backend) # If you pass an empty list to parametrize Bad Things(tm) happen -- cgit v1.2.3 From be28a243b2ca27a569cb732003e3ebde69ed75b7 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Thu, 2 Jul 2015 00:05:49 -0400 Subject: Improved coverage for tests, handle multiple pytest.mark.supported decorators on one function --- tests/test_interfaces.py | 2 ++ tests/utils.py | 5 ++++- 2 files changed, 6 insertions(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/test_interfaces.py b/tests/test_interfaces.py index 4d571ea6..329ac7db 100644 --- a/tests/test_interfaces.py +++ b/tests/test_interfaces.py @@ -36,6 +36,7 @@ class TestVerifyInterface(object): def method(self): """Method with no arguments""" + NonImplementer().method() with pytest.raises(InterfaceNotImplemented): verify_interface(SimpleInterface, NonImplementer) @@ -51,4 +52,5 @@ class TestVerifyInterface(object): def property(self): """A concrete property""" + NonImplementer().property verify_interface(SimpleInterface, NonImplementer) diff --git a/tests/utils.py b/tests/utils.py index 8be5c1fa..c810303e 100644 --- a/tests/utils.py +++ b/tests/utils.py @@ -53,7 +53,10 @@ def skip_if_empty(backend_list, required_interfaces): def check_backend_support(item): supported = item.keywords.get("supported") if supported and "backend" in item.funcargs: - if not supported.kwargs["only_if"](item.funcargs["backend"]): + if not all( + mark.kwargs["only_if"](item.funcargs["backend"]) + for mark in supported + ): pytest.skip("{0} ({1})".format( supported.kwargs["skip_message"], item.funcargs["backend"] )) -- cgit v1.2.3 From cc04d679b81bcd69370ddc79c651e5e8a656ef04 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Thu, 2 Jul 2015 00:06:18 -0400 Subject: comment --- tests/test_interfaces.py | 2 ++ 1 file changed, 2 insertions(+) (limited to 'tests') diff --git a/tests/test_interfaces.py b/tests/test_interfaces.py index 329ac7db..bdb4a94d 100644 --- a/tests/test_interfaces.py +++ b/tests/test_interfaces.py @@ -36,6 +36,7 @@ class TestVerifyInterface(object): def method(self): """Method with no arguments""" + # Invoke this to ensure the line is covered NonImplementer().method() with pytest.raises(InterfaceNotImplemented): verify_interface(SimpleInterface, NonImplementer) @@ -52,5 +53,6 @@ class TestVerifyInterface(object): def property(self): """A concrete property""" + # Invoke this to ensure the line is covered NonImplementer().property verify_interface(SimpleInterface, NonImplementer) -- cgit v1.2.3 From 50ebb489852b8c9dd02d08e09375aa00859999bf Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Thu, 2 Jul 2015 00:21:41 -0400 Subject: fixed tests --- tests/test_utils.py | 4 ++-- tests/utils.py | 12 +++++------- 2 files changed, 7 insertions(+), 9 deletions(-) (limited to 'tests') diff --git a/tests/test_utils.py b/tests/test_utils.py index 8601d11d..f71264ea 100644 --- a/tests/test_utils.py +++ b/tests/test_utils.py @@ -85,7 +85,7 @@ def test_check_backend_support_skip(): supported = pretend.stub( kwargs={"only_if": lambda backend: False, "skip_message": "Nope"} ) - item = pretend.stub(keywords={"supported": supported}, + item = pretend.stub(keywords={"supported": [supported]}, funcargs={"backend": True}) with pytest.raises(pytest.skip.Exception) as exc_info: check_backend_support(item) @@ -96,7 +96,7 @@ def test_check_backend_support_no_skip(): supported = pretend.stub( kwargs={"only_if": lambda backend: True, "skip_message": "Nope"} ) - item = pretend.stub(keywords={"supported": supported}, + item = pretend.stub(keywords={"supported": [supported]}, funcargs={"backend": True}) assert check_backend_support(item) is None diff --git a/tests/utils.py b/tests/utils.py index c810303e..5083d48c 100644 --- a/tests/utils.py +++ b/tests/utils.py @@ -53,13 +53,11 @@ def skip_if_empty(backend_list, required_interfaces): def check_backend_support(item): supported = item.keywords.get("supported") if supported and "backend" in item.funcargs: - if not all( - mark.kwargs["only_if"](item.funcargs["backend"]) - for mark in supported - ): - pytest.skip("{0} ({1})".format( - supported.kwargs["skip_message"], item.funcargs["backend"] - )) + for mark in supported: + if not mark.kwargs["only_if"](item.funcargs["backend"]): + pytest.skip("{0} ({1})".format( + mark.kwargs["skip_message"], item.funcargs["backend"] + )) elif supported: raise ValueError("This mark is only available on methods that take a " "backend") -- cgit v1.2.3