Trigger InvalidSignature exceptions in storeroom exporter tests (3ad62c4) - derivepassphrase.git

tests/test_derivepassphrase_cli_export_vault.py

@@ -9,7 +9,9 @@ import json
 from typing import TYPE_CHECKING
 
 import click.testing
+import hypothesis
 import pytest
+from hypothesis import strategies
 
 import tests
 from derivepassphrase import cli
@@ -382,6 +384,32 @@ class TestStoreroom:
                 },
             )
 
+    @tests.hypothesis_settings_coverage_compatible
+    @hypothesis.given(
+        data=strategies.binary(
+            min_size=storeroom.MAC_SIZE, max_size=storeroom.MAC_SIZE
+        ),
+    )
+    def test_405_decrypt_keys_invalid_signature(self, data: bytes) -> None:
+        key = b'DEADBEEFdeadbeefDeAdBeEfdEaDbEeF'
+        # Guessing a correct payload plus MAC would be a pre-image
+        # attack on the underlying hash function (SHA-256), i.e. is
+        # computationally infeasible, and the chance of finding one by
+        # such random sampling is astronomically tiny.
+        with pytest.raises(cryptography.exceptions.InvalidSignature):
+            storeroom.decrypt_master_keys_data(
+                data, {'encryption_key': key, 'signing_key': key}
+            )
+        with pytest.raises(cryptography.exceptions.InvalidSignature):
+            storeroom.decrypt_session_keys(
+                data,
+                {
+                    'hashing_key': key,
+                    'encryption_key': key,
+                    'signing_key': key,
+                },
+            )
+
 
 class TestVaultNativeConfig:
     @pytest.mark.parametrize(


...	...	@@ -9,7 +9,9 @@ import json
9	9	from typing import TYPE_CHECKING
10	10
11	11	import click.testing
	12	+import hypothesis
12	13	import pytest
	14	+from hypothesis import strategies
13	15
14	16	import tests
15	17	from derivepassphrase import cli
...	...	@@ -382,6 +384,32 @@ class TestStoreroom:
382	384	},
383	385	)
384	386
	387	+ @tests.hypothesis_settings_coverage_compatible
	388	+ @hypothesis.given(
	389	+ data=strategies.binary(
	390	+ min_size=storeroom.MAC_SIZE, max_size=storeroom.MAC_SIZE
	391	+ ),
	392	+ )
	393	+ def test_405_decrypt_keys_invalid_signature(self, data: bytes) -> None:
	394	+ key = b'DEADBEEFdeadbeefDeAdBeEfdEaDbEeF'
	395	+ # Guessing a correct payload plus MAC would be a pre-image
	396	+ # attack on the underlying hash function (SHA-256), i.e. is
	397	+ # computationally infeasible, and the chance of finding one by
	398	+ # such random sampling is astronomically tiny.
	399	+ with pytest.raises(cryptography.exceptions.InvalidSignature):
	400	+ storeroom.decrypt_master_keys_data(
	401	+ data, {'encryption_key': key, 'signing_key': key}
	402	+ )
	403	+ with pytest.raises(cryptography.exceptions.InvalidSignature):
	404	+ storeroom.decrypt_session_keys(
	405	+ data,
	406	+ {
	407	+ 'hashing_key': key,
	408	+ 'encryption_key': key,
	409	+ 'signing_key': key,
	410	+ },
	411	+ )
	412	+
385	413
386	414	class TestVaultNativeConfig:
387	415	@pytest.mark.parametrize(
388	416