Python: Add tests for rsa PyPI package

RasmusWL · RasmusWL · commit 40714c05b7c6 · 2021-06-11T11:17:13.000+02:00
diff --git a/python/ql/test/library-tests/frameworks/rsa/ConceptsTest.expected b/python/ql/test/library-tests/frameworks/rsa/ConceptsTest.expected
diff --git a/python/ql/test/library-tests/frameworks/rsa/ConceptsTest.ql b/python/ql/test/library-tests/frameworks/rsa/ConceptsTest.ql
@@ -0,0 +1,2 @@
+import python
+import experimental.meta.ConceptsTest
diff --git a/python/ql/test/library-tests/frameworks/rsa/InlineTaintTest.expected b/python/ql/test/library-tests/frameworks/rsa/InlineTaintTest.expected
@@ -0,0 +1,3 @@
+argumentToEnsureNotTaintedNotMarkedAsSpurious
+untaintedArgumentToEnsureTaintedNotMarkedAsMissing
+failures
diff --git a/python/ql/test/library-tests/frameworks/rsa/InlineTaintTest.ql b/python/ql/test/library-tests/frameworks/rsa/InlineTaintTest.ql
@@ -0,0 +1 @@
+import experimental.meta.InlineTaintTest
diff --git a/python/ql/test/library-tests/frameworks/rsa/test_rsa.py b/python/ql/test/library-tests/frameworks/rsa/test_rsa.py
@@ -0,0 +1,68 @@
+# Following examples from https://stuvel.eu/python-rsa-doc/usage.html
+import rsa
+
+# using a rather low keysize, since otherwise it takes quite long to run.
+(public_key, private_key) = rsa.newkeys(512) # $ MISSING: PublicKeyGeneration keySize=2048
+(public_key, private_key) = rsa.newkeys(nbits=512) # $ MISSING: PublicKeyGeneration keySize=2048
+
+
+# ------------------------------------------------------------------------------
+# encrypt/decrypt
+# ------------------------------------------------------------------------------
+
+# Note: These are using PKCS#1 v1.5
+
+print("encrypt/decrypt")
+
+secret_message = b"secret message"
+
+encrypted = rsa.encrypt(secret_message, public_key) # $ MISSING: CryptographicOperation CryptographicOperationAlgorithm=RSA CryptographicOperationInput=secret_message
+encrypted = rsa.encrypt(message=secret_message, pub_key=public_key) # $ MISSING: CryptographicOperation CryptographicOperationAlgorithm=RSA CryptographicOperationInput=secret_message
+
+print("encrypted={}".format(encrypted))
+
+print()
+
+decrypted = rsa.decrypt(encrypted, private_key) # $ MISSING: CryptographicOperation CryptographicOperationAlgorithm=RSA CryptographicOperationInput=encrypted
+decrypted = rsa.decrypt(crypto=encrypted, priv_key=private_key) # $ MISSING: CryptographicOperation CryptographicOperationAlgorithm=RSA CryptographicOperationInput=encrypted
+
+print("decrypted={}".format(decrypted))
+assert decrypted == secret_message
+
+print("\n---\n")
+
+# ------------------------------------------------------------------------------
+# sign/verify
+# ------------------------------------------------------------------------------
+
+# Note: These are using PKCS#1 v1.5
+
+print("sign/verify")
+
+message = b"message"
+other_message = b"other message"
+
+hash = rsa.compute_hash(message, "SHA-256") # $ MISSING: CryptographicOperation CryptographicOperationAlgorithm=SHA256 CryptographicOperationInput=message
+hash = rsa.compute_hash(message=message, method_name="SHA-256") # $ MISSING: CryptographicOperation CryptographicOperationAlgorithm=SHA256 CryptographicOperationInput=message
+signature_from_hash = rsa.sign_hash(hash, private_key, "SHA-256") # $ MISSING: CryptographicOperation CryptographicOperationAlgorithm=RSA CryptographicOperationInput=hash
+signature_from_hash = rsa.sign_hash(hash_value=hash, priv_key=private_key, hash_method="SHA-256") # $ MISSING: CryptographicOperation CryptographicOperationAlgorithm=RSA CryptographicOperationInput=hash
+
+signature = rsa.sign(message, private_key, "SHA-256") # $ MISSING: CryptographicOperation CryptographicOperationAlgorithm=RSA CryptographicOperationAlgorithm=SHA256 CryptographicOperationInput=message
+signature = rsa.sign(message=message, priv_key=private_key, hash_method="SHA-256") # $ MISSING: CryptographicOperation CryptographicOperationAlgorithm=RSA CryptographicOperationAlgorithm=SHA256 CryptographicOperationInput=message
+
+assert signature == signature_from_hash
+
+print("signature={}".format(signature))
+
+print()
+
+rsa.verify(message, signature, public_key) # $ MISSING: CryptographicOperation CryptographicOperationAlgorithm=RSA CryptographicOperationInput=message CryptographicOperationInput=signature
+rsa.verify(message=message, signature=signature, pub_key=public_key) # $ MISSING: CryptographicOperation CryptographicOperationAlgorithm=RSA CryptographicOperationInput=message CryptographicOperationInput=signature
+
+print("Signature verified (as expected)")
+
+try:
+    rsa.verify(other_message, signature, public_key) # $ MISSING: CryptographicOperation CryptographicOperationAlgorithm=RSA CryptographicOperationInput=other_message CryptographicOperationInput=signature
+    raise Exception("Signature verified (unexpected)")
+except rsa.VerificationError:
+    print("Signature mismatch (as expected)")

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+import python`
	`2`	`+import experimental.meta.ConceptsTest`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+argumentToEnsureNotTaintedNotMarkedAsSpurious`
	`2`	`+untaintedArgumentToEnsureTaintedNotMarkedAsMissing`
	`3`	`+failures`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+import experimental.meta.InlineTaintTest`