Skip to content
This repository was archived by the owner on Apr 13, 2024. It is now read-only.

Commit 23d8cd4

Browse files
fulderfulder
committed
Add additional key tests
1 parent 8712e9b commit 23d8cd4

4 files changed

Lines changed: 130 additions & 0 deletions

File tree

httpsig/tests/rsa_private_2.pem

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,27 @@
1+
-----BEGIN RSA PRIVATE KEY-----
2+
MIIEpQIBAAKCAQEA42O9foFVWSgIjh+uUn3Up2hF54tbv48deni0ju+kFqYJVzxw
3+
G23fFSplbhUzL1eilBLRQWC18fGKe1Ae28mgfvtjHM+oN3omuKZMyqzTppOQKMt8
4+
GifGiX9mzdaOhYDozkER16b4UptFuUYYeOZR397jpvQD485YZ/bQoZRoBe641HWe
5+
MeryU/4ByIFnJXLnezURe+SbIlQWmt87FPrTVAuCMFP9IlN8fGBZ5DOeudkrW/vd
6+
Hkh9MG+CGjiNAFDgko0zJr24YS0KotCGA8g/0ARs5KWnIRpiAkvJD9WrLORfLeM/
7+
3GDWVO9bg4bDjh53ktSmMegUlXZEU4mYtMSorwIDAQABAoIBAQCMQbFYnp3uaGse
8+
fxwfdc39lKvJroPhHH2qVVnJ8Lbd4XxRes4LnTHE9GmsBReVVBDMFO9NzEFuAvbQ
9+
KRNfrnZ43Ma9trijv4yyyKEFQqUqUkrRXvIlj/M+TH805+rxHhp7XleLFUqGaZAQ
10+
P9RIfohx9iGlkU307gpJ1kvJ3qhrPzLM1oaMIGzB26LnUeiFRx2nhi2mMv/wqkhm
11+
muZ+vFLABJQu+CLDAz112EwkjLyhzv+aGVEdpNU6jVeG7ej9Bxm5chau9SIWj4Sg
12+
Eg6Jq/YswQ1QFb/RBoNuftr7Pr8x+DnOx0AW4P/nrqsVvmCf2QKhHE+bB01IvMn9
13+
F8Ss97DBAoGBAPK0QcOGwLYTYkzcRSuA4RWlUq9huQ96Ssy3y5vwgrzosfV1T9Y/
14+
yF6vwijZeTV/B/Ew/pBcRPgEl1exNibByg0qPApfL9V9xv+oMjEZr5WQoeQhff8D
15+
hpeP1znbNZKaJzFAAHE1p8mAmSPjggKd+M1F/zH86sads2istp7kE5oNAoGBAO/Y
16+
tW259w9mtEx82Pw3zGsMhn+ca6Vetn+igthhmfjBBm+TrKVe1RTTN+Pz7JxOp3jU
17+
wVhdw8Sa7pigMpSVDvcSHXt0cVs9d5pOoEQFInGnC9Y4A9auvL+5uT/AspKQqlwJ
18+
8lE4ugU5xelfnd4UnTbTZsA0pEmpRWYz9cUleUqrAoGBAJb3MtTpc+ONiR6gANJ/
19+
lwJ81ELNOWx8OBzA0oCMCPZyk4dH0kJFaGAlWVNJetCg1JLdU+r9ydSwHmdojnNr
20+
JUAtHi2hacKVOvv5ZkcOYB5bWafqgVHnooeR7GFLjjZDds92rQ++PUDkod0l/c+c
21+
7Y7Z1FQGqw6iN1+L1whcfCjdAoGALQwhv1MfQQhEMt18D5sXTL/UfyFM4olwc3Z9
22+
ZtCmD5+Jaulskr7F/JxTMgA9X3oyYDJtggBSZZnH2Gi2N0vrvKHtYaOUKtPXo+bC
23+
mSPxvTDnuztYFTlKgCQM1BmIMJj1NkYz+edSoOqh7lwkFXL/uC1qbg01EhS10SVP
24+
MtD///MCgYEA4dMkdsM4pDauvHsfiGH0kuSV8doWpyZIcRXpZk5aSVKxQY1X0RXu
25+
ra38P+PzSfAx1Wpo1tU5k+I0aRKImZv7EB7gwrsGnpFoDL5VzTfJrZh8u9TKrqaz
26+
RuPfYlljHQ7GXO528c6ePdaaDCwNvtqAXRPm0AFiemaQP5s5cc2u2l8=
27+
-----END RSA PRIVATE KEY-----

httpsig/tests/rsa_public_2.pem

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
-----BEGIN PUBLIC KEY-----
2+
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA42O9foFVWSgIjh+uUn3U
3+
p2hF54tbv48deni0ju+kFqYJVzxwG23fFSplbhUzL1eilBLRQWC18fGKe1Ae28mg
4+
fvtjHM+oN3omuKZMyqzTppOQKMt8GifGiX9mzdaOhYDozkER16b4UptFuUYYeOZR
5+
397jpvQD485YZ/bQoZRoBe641HWeMeryU/4ByIFnJXLnezURe+SbIlQWmt87FPrT
6+
VAuCMFP9IlN8fGBZ5DOeudkrW/vdHkh9MG+CGjiNAFDgko0zJr24YS0KotCGA8g/
7+
0ARs5KWnIRpiAkvJD9WrLORfLeM/3GDWVO9bg4bDjh53ktSmMegUlXZEU4mYtMSo
8+
rwIDAQAB
9+
-----END PUBLIC KEY-----

httpsig/tests/test_signature.py

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,11 @@ def setUp(self):
2828
with open(self.key_path, 'rb') as f:
2929
self.key = f.read()
3030

31+
self.other_key_path = os.path.join(
32+
os.path.dirname(__file__), 'rsa_private_2.pem')
33+
with open(self.other_key_path, 'rb') as f:
34+
self.other_key = f.read()
35+
3136
def test_default(self):
3237
hs = sign.HeaderSigner(key_id='Test', secret=self.key)
3338
unsigned = {
@@ -46,6 +51,25 @@ def test_default(self):
4651
self.assertEqual(params['algorithm'], 'rsa-sha256')
4752
self.assertEqual(params['signature'], 'jKyvPcxB4JbmYY4mByyBY7cZfNl4OW9HpFQlG7N4YcJPteKTu4MWCLyk+gIr0wDgqtLWf9NLpMAMimdfsH7FSWGfbMFSrsVTHNTk0rK3usrfFnti1dxsM4jl0kYJCKTGI/UWkqiaxwNiKqGcdlEDrTcUhhsFsOIo8VhddmZTZ8w=') # noqa: E501
4853

54+
def test_other_default(self):
55+
hs = sign.HeaderSigner(key_id='Test', secret=self.other_key)
56+
unsigned = {
57+
'Date': self.header_date
58+
}
59+
signed = hs.sign(unsigned)
60+
self.assertIn('Date', signed)
61+
self.assertEqual(unsigned['Date'], signed['Date'])
62+
self.assertIn('Authorization', signed)
63+
auth = parse_authorization_header(signed['authorization'])
64+
params = auth[1]
65+
self.assertIn('keyId', params)
66+
self.assertIn('algorithm', params)
67+
self.assertIn('signature', params)
68+
self.assertEqual(params['keyId'], 'Test')
69+
self.assertEqual(params['algorithm'], 'rsa-sha256')
70+
self.assertEqual(params['signature'],
71+
'GY3Yyuj92xScIb2QbDUWxIW/fg7ZP8rxURltbpouTGxTo+ZRDHO9BbfN6YQeP1Z0VJBEA0dgynuzQs2bVBJavTcoEgvttzznAIj9ypfI6n35Uzeid+9gepa0pfBom6qnoNbblMNsHt7hXBfrpe5EwfEKmpqZgivjJZ53p9gD1NAhlioty/m1MFu1J5wEjpgX466R2PmR10yl22rMcv3mbEPV5ijqLTViDW18DchLyHR+fItzRtor2yLv7QgBSw+gVJu0dVeKeL9kwPxsaurzODgYsFsjZOJvuP9nKPJOdH3PI6eDhpfwjmwhjbSTte3bjkbw0w5tlWuA8m5l1gzyBQ==')
72+
4973
def test_basic(self):
5074
hs = sign.HeaderSigner(key_id='Test', secret=self.key, headers=[
5175
'(request-target)',

httpsig/tests/test_verify.py

Lines changed: 70 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -218,3 +218,73 @@ def setUp(self):
218218

219219
class TestVerifyRSASHA512ChangeHeader(TestVerifyRSASHA1):
220220
sign_header = 'Signature'
221+
222+
223+
class TestSignAndVerify(unittest.TestCase):
224+
header_date = 'Thu, 05 Jan 2014 21:31:40 GMT'
225+
sign_header = 'authorization'
226+
227+
def setUp(self):
228+
with open(os.path.join(os.path.dirname(__file__), 'rsa_private.pem'), 'rb') as f:
229+
self.private_key = f.read()
230+
231+
with open(os.path.join(os.path.dirname(__file__), 'rsa_public.pem'), 'rb') as f:
232+
self.public_key = f.read()
233+
234+
with open(os.path.join(os.path.dirname(__file__), 'rsa_private_2.pem'), 'rb') as f:
235+
self.other_private_key = f.read()
236+
237+
with open(os.path.join(os.path.dirname(__file__), 'rsa_public_2.pem'), 'rb') as f:
238+
self.other_public_key = f.read()
239+
240+
def test_default(self):
241+
unsigned = {
242+
'Date': self.header_date
243+
}
244+
245+
hs = HeaderSigner(
246+
key_id="Test", secret=self.private_key, algorithm='rsa-sha1',
247+
sign_header=self.sign_header)
248+
signed = hs.sign(unsigned)
249+
hv = HeaderVerifier(
250+
headers=signed, secret=self.public_key, sign_header=self.sign_header)
251+
self.assertTrue(hv.verify())
252+
253+
def test_other_default(self):
254+
unsigned = {
255+
'Date': self.header_date
256+
}
257+
258+
hs = HeaderSigner(
259+
key_id="Test", secret=self.other_private_key, algorithm='rsa-sha256',
260+
sign_header=self.sign_header)
261+
signed = hs.sign(unsigned)
262+
hv = HeaderVerifier(
263+
headers=signed, secret=self.other_public_key, sign_header=self.sign_header)
264+
self.assertTrue(hv.verify())
265+
266+
def test_mix_default_1_256(self):
267+
unsigned = {
268+
'Date': self.header_date
269+
}
270+
271+
hs = HeaderSigner(
272+
key_id="Test", secret=self.private_key, algorithm='rsa-sha1',
273+
sign_header=self.sign_header)
274+
signed = hs.sign(unsigned)
275+
hv = HeaderVerifier(
276+
headers=signed, secret=self.other_public_key, sign_header=self.sign_header)
277+
self.assertFalse(hv.verify())
278+
279+
def test_mix_default_256_1(self):
280+
unsigned = {
281+
'Date': self.header_date
282+
}
283+
284+
hs = HeaderSigner(
285+
key_id="Test", secret=self.other_private_key, algorithm='rsa-sha256',
286+
sign_header=self.sign_header)
287+
signed = hs.sign(unsigned)
288+
hv = HeaderVerifier(
289+
headers=signed, secret=self.public_key, sign_header=self.sign_header)
290+
self.assertFalse(hv.verify())

0 commit comments

Comments
 (0)