def test_expired(self):
signed = create_signed_value(SignedValueTest.SECRET, "key1", "value",
clock=self.past)
decoded_past = decode_signed_value(SignedValueTest.SECRET, "key1",
signed, clock=self.past)
self.assertEqual(decoded_past, b"value")
decoded_present = decode_signed_value(SignedValueTest.SECRET, "key1",
signed, clock=self.present)
self.assertIs(decoded_present, None)
python类decode_signed_value()的实例源码
def test_payload_tampering(self):
# These cookies are variants of the one in test_known_values.
sig = "3d4e60b996ff9c5d5788e333a0cba6f238a22c6c0f94788870e1a9ecd482e152"
def validate(prefix):
return (b'value' ==
decode_signed_value(SignedValueTest.SECRET, "key",
prefix + sig, clock=self.present))
self.assertTrue(validate("2|1:0|10:1300000000|3:key|8:dmFsdWU=|"))
# Change key version
self.assertFalse(validate("2|1:1|10:1300000000|3:key|8:dmFsdWU=|"))
# length mismatch (field too short)
self.assertFalse(validate("2|1:0|10:130000000|3:key|8:dmFsdWU=|"))
# length mismatch (field too long)
self.assertFalse(validate("2|1:0|10:1300000000|3:keey|8:dmFsdWU=|"))
def test_key_versioning_read_write_default_key(self):
value = b"\xe9"
signed = create_signed_value(SignedValueTest.SECRET_DICT,
"key", value, clock=self.present,
key_version=0)
decoded = decode_signed_value(SignedValueTest.SECRET_DICT,
"key", signed, clock=self.present)
self.assertEqual(value, decoded)
def test_key_versioning_read_write_non_default_key(self):
value = b"\xe9"
signed = create_signed_value(SignedValueTest.SECRET_DICT,
"key", value, clock=self.present,
key_version=1)
decoded = decode_signed_value(SignedValueTest.SECRET_DICT,
"key", signed, clock=self.present)
self.assertEqual(value, decoded)
def test_key_versioning_invalid_key(self):
value = b"\xe9"
signed = create_signed_value(SignedValueTest.SECRET_DICT,
"key", value, clock=self.present,
key_version=0)
newkeys = SignedValueTest.SECRET_DICT.copy()
newkeys.pop(0)
decoded = decode_signed_value(newkeys,
"key", signed, clock=self.present)
self.assertEqual(None, decoded)
def test_known_values(self):
signed_v1 = create_signed_value(SignedValueTest.SECRET, "key", "value",
version=1, clock=self.present)
self.assertEqual(
signed_v1,
b"dmFsdWU=|1300000000|31c934969f53e48164c50768b40cbd7e2daaaa4f")
signed_v2 = create_signed_value(SignedValueTest.SECRET, "key", "value",
version=2, clock=self.present)
self.assertEqual(
signed_v2,
b"2|1:0|10:1300000000|3:key|8:dmFsdWU=|"
b"3d4e60b996ff9c5d5788e333a0cba6f238a22c6c0f94788870e1a9ecd482e152")
signed_default = create_signed_value(SignedValueTest.SECRET,
"key", "value", clock=self.present)
self.assertEqual(signed_default, signed_v2)
decoded_v1 = decode_signed_value(SignedValueTest.SECRET, "key",
signed_v1, min_version=1,
clock=self.present)
self.assertEqual(decoded_v1, b"value")
decoded_v2 = decode_signed_value(SignedValueTest.SECRET, "key",
signed_v2, min_version=2,
clock=self.present)
self.assertEqual(decoded_v2, b"value")
def test_name_swap(self):
signed1 = create_signed_value(SignedValueTest.SECRET, "key1", "value",
clock=self.present)
signed2 = create_signed_value(SignedValueTest.SECRET, "key2", "value",
clock=self.present)
# Try decoding each string with the other's "name"
decoded1 = decode_signed_value(SignedValueTest.SECRET, "key2", signed1,
clock=self.present)
self.assertIs(decoded1, None)
decoded2 = decode_signed_value(SignedValueTest.SECRET, "key1", signed2,
clock=self.present)
self.assertIs(decoded2, None)
def test_expired(self):
signed = create_signed_value(SignedValueTest.SECRET, "key1", "value",
clock=self.past)
decoded_past = decode_signed_value(SignedValueTest.SECRET, "key1",
signed, clock=self.past)
self.assertEqual(decoded_past, b"value")
decoded_present = decode_signed_value(SignedValueTest.SECRET, "key1",
signed, clock=self.present)
self.assertIs(decoded_present, None)
def test_payload_tampering(self):
# These cookies are variants of the one in test_known_values.
sig = "3d4e60b996ff9c5d5788e333a0cba6f238a22c6c0f94788870e1a9ecd482e152"
def validate(prefix):
return (b'value' ==
decode_signed_value(SignedValueTest.SECRET, "key",
prefix + sig, clock=self.present))
self.assertTrue(validate("2|1:0|10:1300000000|3:key|8:dmFsdWU=|"))
# Change key version
self.assertFalse(validate("2|1:1|10:1300000000|3:key|8:dmFsdWU=|"))
# length mismatch (field too short)
self.assertFalse(validate("2|1:0|10:130000000|3:key|8:dmFsdWU=|"))
# length mismatch (field too long)
self.assertFalse(validate("2|1:0|10:1300000000|3:keey|8:dmFsdWU=|"))
def test_key_versioning_read_write_default_key(self):
value = b"\xe9"
signed = create_signed_value(SignedValueTest.SECRET_DICT,
"key", value, clock=self.present,
key_version=0)
decoded = decode_signed_value(SignedValueTest.SECRET_DICT,
"key", signed, clock=self.present)
self.assertEqual(value, decoded)
def test_key_versioning_read_write_non_default_key(self):
value = b"\xe9"
signed = create_signed_value(SignedValueTest.SECRET_DICT,
"key", value, clock=self.present,
key_version=1)
decoded = decode_signed_value(SignedValueTest.SECRET_DICT,
"key", signed, clock=self.present)
self.assertEqual(value, decoded)
def test_key_versioning_invalid_key(self):
value = b"\xe9"
signed = create_signed_value(SignedValueTest.SECRET_DICT,
"key", value, clock=self.present,
key_version=0)
newkeys = SignedValueTest.SECRET_DICT.copy()
newkeys.pop(0)
decoded = decode_signed_value(newkeys,
"key", signed, clock=self.present)
self.assertEqual(None, decoded)
def test_known_values(self):
signed_v1 = create_signed_value(SignedValueTest.SECRET, "key", "value",
version=1, clock=self.present)
self.assertEqual(
signed_v1,
b"dmFsdWU=|1300000000|31c934969f53e48164c50768b40cbd7e2daaaa4f")
signed_v2 = create_signed_value(SignedValueTest.SECRET, "key", "value",
version=2, clock=self.present)
self.assertEqual(
signed_v2,
b"2|1:0|10:1300000000|3:key|8:dmFsdWU=|"
b"3d4e60b996ff9c5d5788e333a0cba6f238a22c6c0f94788870e1a9ecd482e152")
signed_default = create_signed_value(SignedValueTest.SECRET,
"key", "value", clock=self.present)
self.assertEqual(signed_default, signed_v2)
decoded_v1 = decode_signed_value(SignedValueTest.SECRET, "key",
signed_v1, min_version=1,
clock=self.present)
self.assertEqual(decoded_v1, b"value")
decoded_v2 = decode_signed_value(SignedValueTest.SECRET, "key",
signed_v2, min_version=2,
clock=self.present)
self.assertEqual(decoded_v2, b"value")
def test_name_swap(self):
signed1 = create_signed_value(SignedValueTest.SECRET, "key1", "value",
clock=self.present)
signed2 = create_signed_value(SignedValueTest.SECRET, "key2", "value",
clock=self.present)
# Try decoding each string with the other's "name"
decoded1 = decode_signed_value(SignedValueTest.SECRET, "key2", signed1,
clock=self.present)
self.assertIs(decoded1, None)
decoded2 = decode_signed_value(SignedValueTest.SECRET, "key1", signed2,
clock=self.present)
self.assertIs(decoded2, None)
def test_expired(self):
signed = create_signed_value(SignedValueTest.SECRET, "key1", "value",
clock=self.past)
decoded_past = decode_signed_value(SignedValueTest.SECRET, "key1",
signed, clock=self.past)
self.assertEqual(decoded_past, b"value")
decoded_present = decode_signed_value(SignedValueTest.SECRET, "key1",
signed, clock=self.present)
self.assertIs(decoded_present, None)
def test_payload_tampering(self):
# These cookies are variants of the one in test_known_values.
sig = "3d4e60b996ff9c5d5788e333a0cba6f238a22c6c0f94788870e1a9ecd482e152"
def validate(prefix):
return (b'value' ==
decode_signed_value(SignedValueTest.SECRET, "key",
prefix + sig, clock=self.present))
self.assertTrue(validate("2|1:0|10:1300000000|3:key|8:dmFsdWU=|"))
# Change key version
self.assertFalse(validate("2|1:1|10:1300000000|3:key|8:dmFsdWU=|"))
# length mismatch (field too short)
self.assertFalse(validate("2|1:0|10:130000000|3:key|8:dmFsdWU=|"))
# length mismatch (field too long)
self.assertFalse(validate("2|1:0|10:1300000000|3:keey|8:dmFsdWU=|"))
def test_known_values(self):
signed_v1 = create_signed_value(SignedValueTest.SECRET, "key", "value",
version=1, clock=self.present)
self.assertEqual(
signed_v1,
b"dmFsdWU=|1300000000|31c934969f53e48164c50768b40cbd7e2daaaa4f")
signed_v2 = create_signed_value(SignedValueTest.SECRET, "key", "value",
version=2, clock=self.present)
self.assertEqual(
signed_v2,
b"2|1:0|10:1300000000|3:key|8:dmFsdWU=|"
b"3d4e60b996ff9c5d5788e333a0cba6f238a22c6c0f94788870e1a9ecd482e152")
signed_default = create_signed_value(SignedValueTest.SECRET,
"key", "value", clock=self.present)
self.assertEqual(signed_default, signed_v2)
decoded_v1 = decode_signed_value(SignedValueTest.SECRET, "key",
signed_v1, min_version=1,
clock=self.present)
self.assertEqual(decoded_v1, b"value")
decoded_v2 = decode_signed_value(SignedValueTest.SECRET, "key",
signed_v2, min_version=2,
clock=self.present)
self.assertEqual(decoded_v2, b"value")
def test_name_swap(self):
signed1 = create_signed_value(SignedValueTest.SECRET, "key1", "value",
clock=self.present)
signed2 = create_signed_value(SignedValueTest.SECRET, "key2", "value",
clock=self.present)
# Try decoding each string with the other's "name"
decoded1 = decode_signed_value(SignedValueTest.SECRET, "key2", signed1,
clock=self.present)
self.assertIs(decoded1, None)
decoded2 = decode_signed_value(SignedValueTest.SECRET, "key1", signed2,
clock=self.present)
self.assertIs(decoded2, None)
def test_expired(self):
signed = create_signed_value(SignedValueTest.SECRET, "key1", "value",
clock=self.past)
decoded_past = decode_signed_value(SignedValueTest.SECRET, "key1",
signed, clock=self.past)
self.assertEqual(decoded_past, b"value")
decoded_present = decode_signed_value(SignedValueTest.SECRET, "key1",
signed, clock=self.present)
self.assertIs(decoded_present, None)
def test_payload_tampering(self):
# These cookies are variants of the one in test_known_values.
sig = "3d4e60b996ff9c5d5788e333a0cba6f238a22c6c0f94788870e1a9ecd482e152"
def validate(prefix):
return (b'value' ==
decode_signed_value(SignedValueTest.SECRET, "key",
prefix + sig, clock=self.present))
self.assertTrue(validate("2|1:0|10:1300000000|3:key|8:dmFsdWU=|"))
# Change key version
self.assertFalse(validate("2|1:1|10:1300000000|3:key|8:dmFsdWU=|"))
# length mismatch (field too short)
self.assertFalse(validate("2|1:0|10:130000000|3:key|8:dmFsdWU=|"))
# length mismatch (field too long)
self.assertFalse(validate("2|1:0|10:1300000000|3:keey|8:dmFsdWU=|"))
