diff --git a/httpsig/tests/test_signature.py b/httpsig/tests/test_signature.py index 42afeca..c1e879b 100755 --- a/httpsig/tests/test_signature.py +++ b/httpsig/tests/test_signature.py @@ -53,6 +53,25 @@ def test_default(self): self.assertEqual(params['algorithm'], 'hs2019') self.assertEqual(params['signature'], 'T8+Cj3Zp2cBDm2r8/loPgfHUSSFXXyZJNxxbNx1NvKVz/r5T4z6pVxhl9rqk8WfYHMdlh2aT5hCrYKvhs88Jy0DDmeUP4nELWRsO1BF0oAqHfcrbEikZQL7jA6z0guVaLr0S5QRGmd1K5HUEkP/vYEOns+FRL+JrFG4dNJNESvG5iyKUoaXfoZCFdqtzLlIteEAL7dW/kaX/dE116wfpbem1eCABuGopRhuFtjqLKVjuUVwyP/zSYTqd9j+gDhinkAifTJPxbGMh0b5LZdNCqw5irT9NkTcTFRXDp8ioX8r805Z9QhjT7H+rSo350U2LsAFoQ9ttryPBOoMPCiQTlw==') # noqa: E501 + def test_other_default(self): + hs = sign.HeaderSigner(key_id='Test', secret=self.key_1024, sign_algorithm=PSS(hash_algorithm="sha512", salt_length=0)) + unsigned = { + 'Date': self.header_date + } + signed = hs.sign(unsigned) + self.assertIn('Date', signed) + self.assertEqual(unsigned['Date'], signed['Date']) + self.assertIn('Authorization', signed) + auth = parse_authorization_header(signed['authorization']) + params = auth[1] + self.assertIn('keyId', params) + self.assertIn('algorithm', params) + self.assertIn('signature', params) + self.assertEqual(params['keyId'], 'Test') + self.assertEqual(params['algorithm'], 'hs2019') + self.assertEqual(params['signature'], + 'Gw8FOaXNxqwJHXwJ30OKiMFpK5zP916CFtzK7/biKi9NppjGAlpUfFKqp5kK+bFRyXxqUzQ1x5cbSeFzRWnqodNNO60ApYbOVD7ePqJfZ3DJFAxYOMzoECzc+lyVskSHKC0Ue8aYiV66gXTuY7hrEIqUsK3To/DhSNgO8csdzwg=') + def test_basic(self): hs = sign.HeaderSigner(key_id='Test', secret=self.key_2048, sign_algorithm=PSS(salt_length=0), headers=[ '(request-target)', diff --git a/httpsig/tests/test_verify.py b/httpsig/tests/test_verify.py index c5af6f3..5bce889 100755 --- a/httpsig/tests/test_verify.py +++ b/httpsig/tests/test_verify.py @@ -258,3 +258,73 @@ def setUp(self): self.sign_secret = private_key self.verify_secret = public_key self.sign_algorithm = PSS(salt_length=0) + + +class TestSignAndVerify(unittest.TestCase): + header_date = 'Thu, 05 Jan 2014 21:31:40 GMT' + sign_header = 'authorization' + + def setUp(self): + with open(os.path.join(os.path.dirname(__file__), 'rsa_private_1024.pem'), 'rb') as f: + self.private_key = f.read() + + with open(os.path.join(os.path.dirname(__file__), 'rsa_public_1024.pem'), 'rb') as f: + self.public_key = f.read() + + with open(os.path.join(os.path.dirname(__file__), 'rsa_private_2048.pem'), 'rb') as f: + self.other_private_key = f.read() + + with open(os.path.join(os.path.dirname(__file__), 'rsa_public_2048.pem'), 'rb') as f: + self.other_public_key = f.read() + + def test_default(self): + unsigned = { + 'Date': self.header_date + } + + hs = HeaderSigner( + key_id="Test", secret=self.private_key, algorithm='rsa-sha1', + sign_header=self.sign_header) + signed = hs.sign(unsigned) + hv = HeaderVerifier( + headers=signed, secret=self.public_key, sign_header=self.sign_header) + self.assertTrue(hv.verify()) + + def test_other_default(self): + unsigned = { + 'Date': self.header_date + } + + hs = HeaderSigner( + key_id="Test", secret=self.other_private_key, algorithm='rsa-sha256', + sign_header=self.sign_header) + signed = hs.sign(unsigned) + hv = HeaderVerifier( + headers=signed, secret=self.other_public_key, sign_header=self.sign_header) + self.assertTrue(hv.verify()) + + def test_mix_default_1_256(self): + unsigned = { + 'Date': self.header_date + } + + hs = HeaderSigner( + key_id="Test", secret=self.private_key, algorithm='rsa-sha1', + sign_header=self.sign_header) + signed = hs.sign(unsigned) + hv = HeaderVerifier( + headers=signed, secret=self.other_public_key, sign_header=self.sign_header) + self.assertFalse(hv.verify()) + + def test_mix_default_256_1(self): + unsigned = { + 'Date': self.header_date + } + + hs = HeaderSigner( + key_id="Test", secret=self.other_private_key, algorithm='rsa-sha256', + sign_header=self.sign_header) + signed = hs.sign(unsigned) + hv = HeaderVerifier( + headers=signed, secret=self.public_key, sign_header=self.sign_header) + self.assertFalse(hv.verify())