mirror of https://github.com/ByConity/ByConity
Merging requirements for AES encryption functions.
Updating aes_encryption tests to use new requirements. Updating TestFlows version to 1.6.72.
This commit is contained in:
parent
aa7793e38f
commit
f3a8f5dc45
|
@ -35,7 +35,7 @@ RUN apt-get update \
|
|||
ENV TZ=Europe/Moscow
|
||||
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
|
||||
|
||||
RUN pip3 install urllib3 testflows==1.6.65 docker-compose docker dicttoxml kazoo tzlocal
|
||||
RUN pip3 install urllib3 testflows==1.6.72 docker-compose docker dicttoxml kazoo tzlocal
|
||||
|
||||
ENV DOCKER_CHANNEL stable
|
||||
ENV DOCKER_VERSION 17.09.1-ce
|
||||
|
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
@ -149,58 +149,38 @@ def invalid_parameters(self):
|
|||
@Requirements(
|
||||
RQ_SRS008_AES_Decrypt_Function_Key_Length_InvalidLengthError("1.0"),
|
||||
RQ_SRS008_AES_Decrypt_Function_InitializationVector_Length_InvalidLengthError("1.0"),
|
||||
RQ_SRS008_AES_Decrypt_Function_AdditionalAuthenticationData_NotValidForMode("1.0")
|
||||
RQ_SRS008_AES_Decrypt_Function_AdditionalAuthenticationData_NotValidForMode("1.0"),
|
||||
RQ_SRS008_AES_Decrypt_Function_NonGCMMode_KeyAndInitializationVector_Length("1.0")
|
||||
)
|
||||
@Examples("mode key_len iv_len aad", [
|
||||
# ECB
|
||||
("'aes-128-ecb'", 16, None, None,
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_128_ECB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-ecb'", 24, None, None,
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_192_ECB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-ecb'", 32, None, None,
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_256_ECB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-ecb'", 16, None, None),
|
||||
("'aes-192-ecb'", 24, None, None),
|
||||
("'aes-256-ecb'", 32, None, None),
|
||||
# CBC
|
||||
("'aes-128-cbc'", 16, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_128_CBC_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-cbc'", 24, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_192_CBC_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-cbc'", 32, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_256_CBC_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-cbc'", 16, 16, None),
|
||||
("'aes-192-cbc'", 24, 16, None),
|
||||
("'aes-256-cbc'", 32, 16, None),
|
||||
# CFB1
|
||||
("'aes-128-cfb1'", 16, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_128_CFB1_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-cfb1'", 24, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_192_CFB1_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-cfb1'", 32, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_256_CFB1_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-cfb1'", 16, 16, None),
|
||||
("'aes-192-cfb1'", 24, 16, None),
|
||||
("'aes-256-cfb1'", 32, 16, None),
|
||||
# CFB8
|
||||
("'aes-128-cfb8'", 16, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_128_CFB8_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-cfb8'", 24, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_192_CFB8_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-cfb8'", 32, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_256_CFB8_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-cfb8'", 16, 16, None),
|
||||
("'aes-192-cfb8'", 24, 16, None),
|
||||
("'aes-256-cfb8'", 32, 16, None),
|
||||
# CFB128
|
||||
("'aes-128-cfb128'", 16, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_128_CFB128_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-cfb128'", 24, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_192_CFB128_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-cfb128'", 32, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_256_CFB128_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-cfb128'", 16, 16, None),
|
||||
("'aes-192-cfb128'", 24, 16, None),
|
||||
("'aes-256-cfb128'", 32, 16, None),
|
||||
# OFB
|
||||
("'aes-128-ofb'", 16, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_128_OFB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-ofb'", 24, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_192_OFB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-ofb'", 32, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_256_OFB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-ofb'", 16, 16, None),
|
||||
("'aes-192-ofb'", 24, 16, None),
|
||||
("'aes-256-ofb'", 32, 16, None),
|
||||
# CTR
|
||||
("'aes-128-ctr'", 16, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_128_CTR_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-ctr'", 24, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_192_CTR_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-ctr'", 32, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_256_CTR_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-ctr'", 16, 16, None),
|
||||
("'aes-192-ctr'", 24, 16, None),
|
||||
("'aes-256-ctr'", 32, 16, None)
|
||||
], "%-16s %-10s %-10s %-10s")
|
||||
def invalid_key_or_iv_length_for_mode_non_gcm(self, mode, key_len, iv_len, aad):
|
||||
"""Check that an error is returned when key or iv length does not match
|
||||
|
@ -235,22 +215,17 @@ def invalid_key_or_iv_length_for_mode_non_gcm(self, mode, key_len, iv_len, aad):
|
|||
@Requirements(
|
||||
RQ_SRS008_AES_Decrypt_Function_Key_Length_InvalidLengthError("1.0"),
|
||||
RQ_SRS008_AES_Decrypt_Function_InitializationVector_Length_InvalidLengthError("1.0"),
|
||||
RQ_SRS008_AES_Decrypt_Function_AdditionalAuthenticationData_NotValidForMode("1.0")
|
||||
RQ_SRS008_AES_Decrypt_Function_AdditionalAuthenticationData_NotValidForMode("1.0"),
|
||||
RQ_SRS008_AES_Decrypt_Function_GCMMode_KeyAndInitializationVector_Length("1.0")
|
||||
)
|
||||
@Examples("mode key_len iv_len aad", [
|
||||
# GCM
|
||||
("'aes-128-gcm'", 16, 8, "'hello there aad'",
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_128_GCM_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-gcm'", 16, None, "'hello there aad'",
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_128_GCM_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-gcm'", 24, 8, "''",
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_192_GCM_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-gcm'", 24, None, "''",
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_192_GCM_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-gcm'", 32, 8, "'a'",
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_256_GCM_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-gcm'", 32, None, "'a'",
|
||||
Requirements(RQ_SRS008_AES_Decrypt_Function_AES_256_GCM_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-gcm'", 16, 8, "'hello there aad'"),
|
||||
("'aes-128-gcm'", 16, None, "'hello there aad'"),
|
||||
("'aes-192-gcm'", 24, 8, "''"),
|
||||
("'aes-192-gcm'", 24, None, "''"),
|
||||
("'aes-256-gcm'", 32, 8, "'a'"),
|
||||
("'aes-256-gcm'", 32, None, "'a'")
|
||||
], "%-16s %-10s %-10s %-10s")
|
||||
def invalid_key_or_iv_length_for_gcm(self, mode, key_len, iv_len, aad):
|
||||
"""Check that an error is returned when key or iv length does not match
|
||||
|
@ -427,6 +402,7 @@ def syntax(self):
|
|||
RQ_SRS008_AES_Decrypt_Function_Parameters_CipherText("1.0"),
|
||||
RQ_SRS008_AES_Decrypt_Function_Parameters_Mode("1.0"),
|
||||
RQ_SRS008_AES_Decrypt_Function_Parameters_Mode_ValuesFormat("1.0"),
|
||||
RQ_SRS008_AES_Decrypt_Function_Parameters_Mode_Values("1.0")
|
||||
)
|
||||
def decryption(self):
|
||||
"""Check that `decrypt` functions accepts `ciphertext` as the second parameter
|
||||
|
@ -438,15 +414,13 @@ def decryption(self):
|
|||
aad = "some random aad"
|
||||
|
||||
with Given("I load encrypt snapshots"):
|
||||
snapshot_module = SourceFileLoader("snapshot", os.path.join(current_dir(), "snapshots", "encrypt.py.encrypt.snapshot")).load_module()
|
||||
snapshot_module = SourceFileLoader("snapshot", os.path.join(current_dir(),
|
||||
"snapshots", "encrypt.py.encrypt.snapshot")).load_module()
|
||||
|
||||
for mode, key_len, iv_len, aad_len in modes:
|
||||
for datatype, plaintext in plaintexts:
|
||||
|
||||
requirement = globals().get(f"""RQ_SRS008_AES_Decrypt_Function_Parameters_Mode_Value_{mode.strip("'").replace("-","_").upper()}""")("1.0")
|
||||
|
||||
with Example(f"""mode={mode.strip("'")} datatype={datatype.strip("'")} iv={iv_len} aad={aad_len}""",
|
||||
requirements=[requirement]) as example:
|
||||
with Example(f"""mode={mode.strip("'")} datatype={datatype.strip("'")} iv={iv_len} aad={aad_len}""") as example:
|
||||
|
||||
with Given("I have ciphertext"):
|
||||
example_name = basename(example.name)
|
||||
|
@ -488,7 +462,8 @@ def mismatched_key(self):
|
|||
plaintext = "'1'"
|
||||
|
||||
with Given("I load encrypt snapshots"):
|
||||
snapshot_module = SourceFileLoader("snapshot", os.path.join(current_dir(), "snapshots", "encrypt.py.encrypt.snapshot")).load_module()
|
||||
snapshot_module = SourceFileLoader("snapshot", os.path.join(current_dir(),
|
||||
"snapshots", "encrypt.py.encrypt.snapshot")).load_module()
|
||||
|
||||
for mode, key_len, iv_len, aad_len in modes:
|
||||
with Example(f"""mode={mode.strip("'")} datatype={datatype.strip("'")} iv={iv_len} aad={aad_len}""") as example:
|
||||
|
|
|
@ -67,13 +67,17 @@ def invalid_ciphertext(self):
|
|||
assert "DB::Exception:" in r.output
|
||||
|
||||
@TestOutline(Scenario)
|
||||
@Requirements(
|
||||
RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode_Values_GCM_Error("1.0"),
|
||||
RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode_Values_CTR_Error("1.0")
|
||||
)
|
||||
@Examples("mode", [
|
||||
("'aes-128-gcm'", Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode_Value_AES_128_GCM_Error("1.0"))),
|
||||
("'aes-192-gcm'", Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode_Value_AES_192_GCM_Error("1.0"))),
|
||||
("'aes-256-gcm'", Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode_Value_AES_256_GCM_Error("1.0"))),
|
||||
("'aes-128-ctr'", Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode_Value_AES_128_CTR_Error("1.0"))),
|
||||
("'aes-192-ctr'", Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode_Value_AES_192_CTR_Error("1.0"))),
|
||||
("'aes-256-ctr'", Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode_Value_AES_256_CTR_Error("1.0"))),
|
||||
("'aes-128-gcm'",),
|
||||
("'aes-192-gcm'",),
|
||||
("'aes-256-gcm'",),
|
||||
("'aes-128-ctr'",),
|
||||
("'aes-192-ctr'",),
|
||||
("'aes-256-ctr'",)
|
||||
])
|
||||
def unsupported_modes(self, mode):
|
||||
"""Check that `aes_decrypt_mysql` function returns an error when unsupported modes are specified.
|
||||
|
@ -166,51 +170,34 @@ def invalid_parameters(self):
|
|||
RQ_SRS008_AES_MySQL_Decrypt_Function_Key_Length_TooLong("1.0"),
|
||||
RQ_SRS008_AES_MySQL_Decrypt_Function_InitializationVector_Length_TooShortError("1.0"),
|
||||
RQ_SRS008_AES_MySQL_Decrypt_Function_InitializationVector_Length_TooLong("1.0"),
|
||||
RQ_SRS008_AES_MySQL_Decrypt_Function_InitializationVector_NotValidForMode("1.0")
|
||||
RQ_SRS008_AES_MySQL_Decrypt_Function_InitializationVector_NotValidForMode("1.0"),
|
||||
RQ_SRS008_AES_MySQL_Decrypt_Function_Mode_KeyAndInitializationVector_Length("1.0")
|
||||
)
|
||||
@Examples("mode key_len iv_len", [
|
||||
# ECB
|
||||
("'aes-128-ecb'", 16, None,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_AES_128_ECB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-ecb'", 24, None,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_AES_192_ECB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-ecb'", 32, None,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_AES_256_ECB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-ecb'", 16, None),
|
||||
("'aes-192-ecb'", 24, None),
|
||||
("'aes-256-ecb'", 32, None),
|
||||
# CBC
|
||||
("'aes-128-cbc'", 16, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_AES_128_CBC_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-cbc'", 24, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_AES_192_CBC_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-cbc'", 32, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_AES_256_CBC_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-cbc'", 16, 16),
|
||||
("'aes-192-cbc'", 24, 16),
|
||||
("'aes-256-cbc'", 32, 16),
|
||||
# CFB1
|
||||
("'aes-128-cfb1'", 16, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_AES_128_CFB1_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-cfb1'", 24, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_AES_192_CFB1_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-cfb1'", 32, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_AES_256_CFB1_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-cfb1'", 16, 16),
|
||||
("'aes-192-cfb1'", 24, 16),
|
||||
("'aes-256-cfb1'", 32, 16),
|
||||
# CFB8
|
||||
("'aes-128-cfb8'", 16, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_AES_128_CFB8_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-cfb8'", 24, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_AES_192_CFB8_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-cfb8'", 32, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_AES_256_CFB8_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-cfb8'", 16, 16),
|
||||
("'aes-192-cfb8'", 24, 16),
|
||||
("'aes-256-cfb8'", 32, 16),
|
||||
# CFB128
|
||||
("'aes-128-cfb128'", 16, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_AES_128_CFB128_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-cfb128'", 24, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_AES_192_CFB128_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-cfb128'", 32, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_AES_256_CFB128_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-cfb128'", 16, 16),
|
||||
("'aes-192-cfb128'", 24, 16),
|
||||
("'aes-256-cfb128'", 32, 16),
|
||||
# OFB
|
||||
("'aes-128-ofb'", 16, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_AES_128_OFB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-ofb'", 24, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_AES_192_OFB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-ofb'", 32, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Decrypt_Function_AES_256_OFB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-ofb'", 16, 16),
|
||||
("'aes-192-ofb'", 24, 16),
|
||||
("'aes-256-ofb'", 32, 16)
|
||||
], "%-16s %-10s %-10s")
|
||||
def key_or_iv_length_for_mode(self, mode, key_len, iv_len):
|
||||
"""Check that key or iv length for mode.
|
||||
|
@ -298,7 +285,6 @@ def key_parameter_types(self):
|
|||
with When("key is specified using FixedString with UTF8 characters"):
|
||||
aes_decrypt_mysql(ciphertext="unhex('180086AA42AD57B71C706EEC372D0C3D')", key=f"toFixedString('Gãńdåłf_Thê', 16)", mode=mode, message="hello there")
|
||||
|
||||
|
||||
@TestScenario
|
||||
@Requirements(
|
||||
RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode("1.0"),
|
||||
|
@ -316,7 +302,6 @@ def mode_parameter_types(self):
|
|||
with When("mode is specified using FixedString type"):
|
||||
aes_decrypt_mysql(ciphertext="unhex('49C9ADB81BA9B58C485E7ADB90E70576')", key=key, mode=f"toFixedString({mode}, 12)", message="hello there")
|
||||
|
||||
|
||||
@TestScenario
|
||||
@Requirements(
|
||||
RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_ReturnValue("1.0")
|
||||
|
@ -359,6 +344,7 @@ def syntax(self):
|
|||
RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_CipherText("1.0"),
|
||||
RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode("1.0"),
|
||||
RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode_ValuesFormat("1.0"),
|
||||
RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode_Values("1.0")
|
||||
)
|
||||
def decryption(self):
|
||||
"""Check that `aes_decrypt_mysql` functions accepts `mode` as the first parameter
|
||||
|
@ -369,15 +355,13 @@ def decryption(self):
|
|||
iv = f"{'2' * 64}"
|
||||
|
||||
with Given("I load encrypt snapshots"):
|
||||
snapshot_module = SourceFileLoader("snapshot", os.path.join(current_dir(), "snapshots", "encrypt_mysql.py.encrypt_mysql.snapshot")).load_module()
|
||||
snapshot_module = SourceFileLoader("snapshot", os.path.join(current_dir(),
|
||||
"snapshots", "encrypt_mysql.py.encrypt_mysql.snapshot")).load_module()
|
||||
|
||||
for mode, key_len, iv_len in mysql_modes:
|
||||
for datatype, plaintext in plaintexts:
|
||||
|
||||
requirement = globals().get(f"""RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode_Value_{mode.strip("'").replace("-","_").upper()}""")("1.0")
|
||||
|
||||
with Example(f"""mode={mode.strip("'")} datatype={datatype.strip("'")} key={key_len} iv={iv_len}""",
|
||||
requirements=[requirement]) as example:
|
||||
with Example(f"""mode={mode.strip("'")} datatype={datatype.strip("'")} key={key_len} iv={iv_len}""") as example:
|
||||
|
||||
with Given("I have ciphertext"):
|
||||
example_name = basename(example.name)
|
||||
|
@ -415,7 +399,8 @@ def mismatched_key(self):
|
|||
iv = f"{'2' * 64}"
|
||||
|
||||
with Given("I load encrypt snapshots"):
|
||||
snapshot_module = SourceFileLoader("snapshot", os.path.join(current_dir(), "snapshots", "encrypt_mysql.py.encrypt_mysql.snapshot")).load_module()
|
||||
snapshot_module = SourceFileLoader("snapshot", os.path.join(current_dir(),
|
||||
"snapshots", "encrypt_mysql.py.encrypt_mysql.snapshot")).load_module()
|
||||
|
||||
for mode, key_len, iv_len in mysql_modes:
|
||||
with Example(f"""mode={mode.strip("'")} datatype=String key={key_len} iv={iv_len}""") as example:
|
||||
|
@ -446,7 +431,8 @@ def mismatched_iv(self):
|
|||
iv = f"{'2' * 64}"
|
||||
|
||||
with Given("I load encrypt snapshots"):
|
||||
snapshot_module = SourceFileLoader("snapshot", os.path.join(current_dir(), "snapshots", "encrypt_mysql.py.encrypt_mysql.snapshot")).load_module()
|
||||
snapshot_module = SourceFileLoader("snapshot", os.path.join(current_dir(),
|
||||
"snapshots", "encrypt_mysql.py.encrypt_mysql.snapshot")).load_module()
|
||||
|
||||
for mode, key_len, iv_len in mysql_modes:
|
||||
if not iv_len:
|
||||
|
@ -480,7 +466,8 @@ def mismatched_mode(self):
|
|||
plaintext = hex('Gãńdåłf_Thê_Gręât'.encode("utf-8"))
|
||||
|
||||
with Given("I load encrypt snapshots"):
|
||||
snapshot_module = SourceFileLoader("snapshot", os.path.join(current_dir(), "snapshots", "encrypt_mysql.py.encrypt_mysql.snapshot")).load_module()
|
||||
snapshot_module = SourceFileLoader("snapshot", os.path.join(current_dir(),
|
||||
"snapshots", "encrypt_mysql.py.encrypt_mysql.snapshot")).load_module()
|
||||
|
||||
for mode, key_len, iv_len in mysql_modes:
|
||||
if not iv_len:
|
||||
|
@ -518,4 +505,4 @@ def feature(self, node="clickhouse1"):
|
|||
self.context.node = self.context.cluster.node(node)
|
||||
|
||||
for scenario in loads(current_module(), Scenario):
|
||||
Scenario(run=scenario, flags=TE)
|
||||
Scenario(run=scenario, flags=TE)
|
||||
|
|
|
@ -104,58 +104,38 @@ def invalid_parameters(self):
|
|||
@Requirements(
|
||||
RQ_SRS008_AES_Encrypt_Function_Key_Length_InvalidLengthError("1.0"),
|
||||
RQ_SRS008_AES_Encrypt_Function_InitializationVector_Length_InvalidLengthError("1.0"),
|
||||
RQ_SRS008_AES_Encrypt_Function_AdditionalAuthenticationData_NotValidForMode("1.0")
|
||||
RQ_SRS008_AES_Encrypt_Function_AdditionalAuthenticationData_NotValidForMode("1.0"),
|
||||
RQ_SRS008_AES_Encrypt_Function_NonGCMMode_KeyAndInitializationVector_Length("1.0")
|
||||
)
|
||||
@Examples("mode key_len iv_len aad", [
|
||||
# ECB
|
||||
("'aes-128-ecb'", 16, None, None,
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_128_ECB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-ecb'", 24, None, None,
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_192_ECB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-ecb'", 32, None, None,
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_256_ECB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-ecb'", 16, None, None),
|
||||
("'aes-192-ecb'", 24, None, None),
|
||||
("'aes-256-ecb'", 32, None, None),
|
||||
# CBC
|
||||
("'aes-128-cbc'", 16, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_128_CBC_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-cbc'", 24, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_192_CBC_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-cbc'", 32, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_256_CBC_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-cbc'", 16, 16, None),
|
||||
("'aes-192-cbc'", 24, 16, None),
|
||||
("'aes-256-cbc'", 32, 16, None),
|
||||
# CFB1
|
||||
("'aes-128-cfb1'", 16, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_128_CFB1_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-cfb1'", 24, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_192_CFB1_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-cfb1'", 32, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_256_CFB1_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-cfb1'", 16, 16, None),
|
||||
("'aes-192-cfb1'", 24, 16, None),
|
||||
("'aes-256-cfb1'", 32, 16, None),
|
||||
# CFB8
|
||||
("'aes-128-cfb8'", 16, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_128_CFB8_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-cfb8'", 24, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_192_CFB8_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-cfb8'", 32, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_256_CFB8_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-cfb8'", 16, 16, None),
|
||||
("'aes-192-cfb8'", 24, 16, None),
|
||||
("'aes-256-cfb8'", 32, 16, None),
|
||||
# CFB128
|
||||
("'aes-128-cfb128'", 16, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_128_CFB128_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-cfb128'", 24, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_192_CFB128_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-cfb128'", 32, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_256_CFB128_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-cfb128'", 16, 16, None),
|
||||
("'aes-192-cfb128'", 24, 16, None),
|
||||
("'aes-256-cfb128'", 32, 16, None),
|
||||
# OFB
|
||||
("'aes-128-ofb'", 16, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_128_OFB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-ofb'", 24, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_192_OFB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-ofb'", 32, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_256_OFB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-ofb'", 16, 16, None),
|
||||
("'aes-192-ofb'", 24, 16, None),
|
||||
("'aes-256-ofb'", 32, 16, None),
|
||||
# CTR
|
||||
("'aes-128-ctr'", 16, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_128_CTR_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-ctr'", 24, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_192_CTR_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-ctr'", 32, 16, None,
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_256_CTR_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-ctr'", 16, 16, None),
|
||||
("'aes-192-ctr'", 24, 16, None),
|
||||
("'aes-256-ctr'", 32, 16, None),
|
||||
], "%-16s %-10s %-10s %-10s")
|
||||
def invalid_key_or_iv_length_for_mode_non_gcm(self, mode, key_len, iv_len, aad):
|
||||
"""Check that an error is returned when key or iv length does not match
|
||||
|
@ -190,16 +170,14 @@ def invalid_key_or_iv_length_for_mode_non_gcm(self, mode, key_len, iv_len, aad):
|
|||
@Requirements(
|
||||
RQ_SRS008_AES_Encrypt_Function_Key_Length_InvalidLengthError("1.0"),
|
||||
RQ_SRS008_AES_Encrypt_Function_InitializationVector_Length_InvalidLengthError("1.0"),
|
||||
RQ_SRS008_AES_Encrypt_Function_AdditionalAuthenticationData_NotValidForMode("1.0")
|
||||
RQ_SRS008_AES_Encrypt_Function_AdditionalAuthenticationData_NotValidForMode("1.0"),
|
||||
RQ_SRS008_AES_Encrypt_Function_GCMMode_KeyAndInitializationVector_Length("1.0")
|
||||
)
|
||||
@Examples("mode key_len iv_len aad", [
|
||||
# GCM
|
||||
("'aes-128-gcm'", 16, 8, "'hello there aad'",
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_128_GCM_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-gcm'", 24, 8, "''",
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_192_GCM_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-gcm'", 32, 8, "'a'",
|
||||
Requirements(RQ_SRS008_AES_Encrypt_Function_AES_256_GCM_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-gcm'", 16, 8, "'hello there aad'"),
|
||||
("'aes-192-gcm'", 24, 8, "''"),
|
||||
("'aes-256-gcm'", 32, 8, "'a'"),
|
||||
], "%-16s %-10s %-10s %-10s")
|
||||
def invalid_key_or_iv_length_for_gcm(self, mode, key_len, iv_len, aad):
|
||||
"""Check that an error is returned when key or iv length does not match
|
||||
|
@ -334,6 +312,7 @@ def mode_parameter_types(self):
|
|||
RQ_SRS008_AES_Encrypt_Function_Parameters_PlainText("1.0"),
|
||||
RQ_SRS008_AES_Encrypt_Function_Parameters_Mode("1.0"),
|
||||
RQ_SRS008_AES_Encrypt_Function_Parameters_Mode_ValuesFormat("1.0"),
|
||||
RQ_SRS008_AES_Encrypt_Function_Parameters_Mode_Values("1.0")
|
||||
)
|
||||
def encryption(self):
|
||||
"""Check that `encrypt` functions accepts `plaintext` as the second parameter
|
||||
|
@ -345,11 +324,8 @@ def encryption(self):
|
|||
|
||||
for mode, key_len, iv_len, aad_len in modes:
|
||||
for datatype, plaintext in plaintexts:
|
||||
with Example(f"""mode={mode.strip("'")} datatype={datatype.strip("'")} iv={iv_len} aad={aad_len}""") as example:
|
||||
|
||||
requirement = globals().get(f"""RQ_SRS008_AES_Encrypt_Function_Parameters_Mode_Value_{mode.strip("'").replace("-","_").upper()}""")("1.0")
|
||||
|
||||
with Example(f"""mode={mode.strip("'")} datatype={datatype.strip("'")} iv={iv_len} aad={aad_len}""",
|
||||
requirements=[requirement]) as example:
|
||||
r = encrypt(plaintext=plaintext, key=f"'{key[:key_len]}'", mode=mode,
|
||||
iv=(None if not iv_len else f"'{iv[:iv_len]}'"), aad=(None if not aad_len else f"'{aad}'"))
|
||||
|
||||
|
|
|
@ -24,13 +24,17 @@ def aes_encrypt_mysql(self, plaintext=None, key=None, mode=None, iv=None, exitco
|
|||
return current().context.node.query(sql, step=step, exitcode=exitcode, message=message)
|
||||
|
||||
@TestOutline(Scenario)
|
||||
@Requirements(
|
||||
RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_Values_GCM_Error("1.0"),
|
||||
RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_Values_CTR_Error("1.0")
|
||||
)
|
||||
@Examples("mode", [
|
||||
("'aes-128-gcm'", Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_Value_AES_128_GCM_Error("1.0"))),
|
||||
("'aes-192-gcm'", Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_Value_AES_192_GCM_Error("1.0"))),
|
||||
("'aes-256-gcm'", Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_Value_AES_256_GCM_Error("1.0"))),
|
||||
("'aes-128-ctr'", Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_Value_AES_128_CTR_Error("1.0"))),
|
||||
("'aes-192-ctr'", Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_Value_AES_192_CTR_Error("1.0"))),
|
||||
("'aes-256-ctr'", Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_Value_AES_256_CTR_Error("1.0"))),
|
||||
("'aes-128-gcm'",),
|
||||
("'aes-192-gcm'",),
|
||||
("'aes-256-gcm'",),
|
||||
("'aes-128-ctr'",),
|
||||
("'aes-192-ctr'",),
|
||||
("'aes-256-ctr'",),
|
||||
])
|
||||
def unsupported_modes(self, mode):
|
||||
"""Check that `aes_encrypt_mysql` function returns an error when unsupported modes are specified.
|
||||
|
@ -109,51 +113,34 @@ def invalid_parameters(self):
|
|||
RQ_SRS008_AES_MySQL_Encrypt_Function_Key_Length_TooLong("1.0"),
|
||||
RQ_SRS008_AES_MySQL_Encrypt_Function_InitializationVector_Length_TooShortError("1.0"),
|
||||
RQ_SRS008_AES_MySQL_Encrypt_Function_InitializationVector_Length_TooLong("1.0"),
|
||||
RQ_SRS008_AES_MySQL_Encrypt_Function_InitializationVector_NotValidForMode("1.0")
|
||||
RQ_SRS008_AES_MySQL_Encrypt_Function_InitializationVector_NotValidForMode("1.0"),
|
||||
RQ_SRS008_AES_MySQL_Encrypt_Function_Mode_KeyAndInitializationVector_Length("1.0")
|
||||
)
|
||||
@Examples("mode key_len iv_len", [
|
||||
# ECB
|
||||
("'aes-128-ecb'", 16, None,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_AES_128_ECB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-ecb'", 24, None,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_AES_192_ECB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-ecb'", 32, None,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_AES_256_ECB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-ecb'", 16, None),
|
||||
("'aes-192-ecb'", 24, None),
|
||||
("'aes-256-ecb'", 32, None),
|
||||
# CBC
|
||||
("'aes-128-cbc'", 16, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_AES_128_CBC_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-cbc'", 24, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_AES_192_CBC_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-cbc'", 32, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_AES_256_CBC_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-cbc'", 16, 16),
|
||||
("'aes-192-cbc'", 24, 16),
|
||||
("'aes-256-cbc'", 32, 16),
|
||||
# CFB1
|
||||
("'aes-128-cfb1'", 16, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_AES_128_CFB1_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-cfb1'", 24, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_AES_192_CFB1_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-cfb1'", 32, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_AES_256_CFB1_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-cfb1'", 16, 16),
|
||||
("'aes-192-cfb1'", 24, 16),
|
||||
("'aes-256-cfb1'", 32, 16),
|
||||
# CFB8
|
||||
("'aes-128-cfb8'", 16, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_AES_128_CFB8_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-cfb8'", 24, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_AES_192_CFB8_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-cfb8'", 32, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_AES_256_CFB8_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-cfb8'", 16, 16),
|
||||
("'aes-192-cfb8'", 24, 16),
|
||||
("'aes-256-cfb8'", 32, 16),
|
||||
# CFB128
|
||||
("'aes-128-cfb128'", 16, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_AES_128_CFB128_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-cfb128'", 24, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_AES_192_CFB128_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-cfb128'", 32, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_AES_256_CFB128_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-cfb128'", 16, 16),
|
||||
("'aes-192-cfb128'", 24, 16),
|
||||
("'aes-256-cfb128'", 32, 16),
|
||||
# OFB
|
||||
("'aes-128-ofb'", 16, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_AES_128_OFB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-192-ofb'", 24, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_AES_192_OFB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-256-ofb'", 32, 16,
|
||||
Requirements(RQ_SRS008_AES_MySQL_Encrypt_Function_AES_256_OFB_KeyAndInitializationVector_Length("1.0"))),
|
||||
("'aes-128-ofb'", 16, 16),
|
||||
("'aes-192-ofb'", 24, 16),
|
||||
("'aes-256-ofb'", 32, 16)
|
||||
], "%-16s %-10s %-10s")
|
||||
def key_or_iv_length_for_mode(self, mode, key_len, iv_len):
|
||||
"""Check that key or iv length for mode.
|
||||
|
@ -289,6 +276,7 @@ def syntax(self):
|
|||
RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_PlainText("1.0"),
|
||||
RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode("1.0"),
|
||||
RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_ValuesFormat("1.0"),
|
||||
RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_Values("1.0")
|
||||
)
|
||||
def encryption(self):
|
||||
"""Check that `aes_encrypt_mysql` functions accepts `plaintext` as the second parameter
|
||||
|
@ -299,10 +287,8 @@ def encryption(self):
|
|||
|
||||
for mode, key_len, iv_len in mysql_modes:
|
||||
for datatype, plaintext in plaintexts:
|
||||
requirement = globals().get(f"""RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_Value_{mode.strip("'").replace("-","_").upper()}""")("1.0")
|
||||
|
||||
with Example(f"""mode={mode.strip("'")} datatype={datatype.strip("'")} key={key_len} iv={iv_len}""",
|
||||
requirements=[requirement]) as example:
|
||||
with Example(f"""mode={mode.strip("'")} datatype={datatype.strip("'")} key={key_len} iv={iv_len}""") as example:
|
||||
|
||||
r = aes_encrypt_mysql(plaintext=plaintext, key=f"'{key[:key_len]}'", mode=mode,
|
||||
iv=(None if not iv_len else f"'{iv[:iv_len]}'"))
|
||||
|
|
Loading…
Reference in New Issue