Test for invalid signature
This commit is contained in:
parent
96355c4352
commit
5572452cc0
1
Pipfile
1
Pipfile
@ -40,6 +40,7 @@ pytest-cov = "*"
|
||||
selenium = "*"
|
||||
honcho = "*"
|
||||
blinker = "*"
|
||||
pytest-mock = "*"
|
||||
|
||||
[requires]
|
||||
python_version = "3.6.6"
|
||||
|
84
Pipfile.lock
generated
84
Pipfile.lock
generated
@ -1,7 +1,7 @@
|
||||
{
|
||||
"_meta": {
|
||||
"hash": {
|
||||
"sha256": "03d5c2a739febe9a3c10d599ad5825ef603130098ecd73ce9833310d1eaed253"
|
||||
"sha256": "975303153664e6936b5118686cb7056e8135e7c8184b7c0c029fa120c9e0b67e"
|
||||
},
|
||||
"pipfile-spec": 6,
|
||||
"requires": {
|
||||
@ -95,10 +95,10 @@
|
||||
},
|
||||
"croniter": {
|
||||
"hashes": [
|
||||
"sha256:5389776e54a5e285d0c8e7b9a7e139a4d590f96f32958b0822d6d1b2faa12c0d",
|
||||
"sha256:fbd72189a0ff38c27e953d15175c5fedafb953479559240a1afcf8e8e7523757"
|
||||
"sha256:79a5eeaa10a7d5fb9bdae54211b8c1d306e0ed481fa970934bf3197940650d6f",
|
||||
"sha256:c31adf6a9b0b1981d362538bfa57769acaade1d62f80c264f402ce1f8d1210b4"
|
||||
],
|
||||
"version": "==0.3.27"
|
||||
"version": "==0.3.28"
|
||||
},
|
||||
"cryptography": {
|
||||
"hashes": [
|
||||
@ -210,9 +210,9 @@
|
||||
},
|
||||
"mako": {
|
||||
"hashes": [
|
||||
"sha256:4e02fde57bd4abb5ec400181e4c314f56ac3e49ba4fb8b0d50bba18cb27d25ae"
|
||||
"sha256:04092940c0df49b01f43daea4f5adcecd0e50ef6a4b222be5ac003d5d84b2843"
|
||||
],
|
||||
"version": "==1.0.7"
|
||||
"version": "==1.0.8"
|
||||
},
|
||||
"markupsafe": {
|
||||
"hashes": [
|
||||
@ -334,11 +334,11 @@
|
||||
},
|
||||
"redis": {
|
||||
"hashes": [
|
||||
"sha256:724932360d48e5407e8f82e405ab3650a36ed02c7e460d1e6fddf0f038422b54",
|
||||
"sha256:9b19425a38fd074eb5795ff2b0d9a55b46a44f91f5347995f27e3ad257a7d775"
|
||||
"sha256:6946b5dca72e86103edc8033019cc3814c031232d339d5f4533b02ea85685175",
|
||||
"sha256:8ca418d2ddca1b1a850afa1680a7d2fd1f3322739271de4b704e0d4668449273"
|
||||
],
|
||||
"index": "pypi",
|
||||
"version": "==3.2.0"
|
||||
"version": "==3.2.1"
|
||||
},
|
||||
"requests": {
|
||||
"hashes": [
|
||||
@ -418,10 +418,10 @@
|
||||
},
|
||||
"werkzeug": {
|
||||
"hashes": [
|
||||
"sha256:c3fd7a7d41976d9f44db327260e263132466836cef6f91512889ed60ad26557c",
|
||||
"sha256:d5da73735293558eb1651ee2fddc4d0dedcfa06538b8813a2e20011583c9e49b"
|
||||
"sha256:590abe38f8be026d78457fe3b5200895b3543e58ac3fc1dd792c6333ea11af64",
|
||||
"sha256:ee11b0f0640c56fb491b43b38356c4b588b3202b415a1e03eacf1c5561c961cf"
|
||||
],
|
||||
"version": "==0.14.1"
|
||||
"version": "==0.15.0"
|
||||
},
|
||||
"wtforms": {
|
||||
"hashes": [
|
||||
@ -492,11 +492,11 @@
|
||||
},
|
||||
"black": {
|
||||
"hashes": [
|
||||
"sha256:817243426042db1d36617910df579a54f1afd659adb96fc5032fcf4b36209739",
|
||||
"sha256:e030a9a28f542debc08acceb273f228ac422798e5215ba2a791a6ddeaaca22a5"
|
||||
"sha256:09a9dcb7c46ed496a9850b76e4e825d6049ecd38b611f1224857a79bd985a8cf",
|
||||
"sha256:68950ffd4d9169716bcb8719a56c07a2f4485354fec061cdd5910aa07369731c"
|
||||
],
|
||||
"index": "pypi",
|
||||
"version": "==18.9b0"
|
||||
"version": "==19.3b0"
|
||||
},
|
||||
"blinker": {
|
||||
"hashes": [
|
||||
@ -555,10 +555,10 @@
|
||||
},
|
||||
"decorator": {
|
||||
"hashes": [
|
||||
"sha256:33cd704aea07b4c28b3eb2c97d288a06918275dac0ecebdaf1bc8a48d98adb9e",
|
||||
"sha256:cabb249f4710888a2fc0e13e9a16c343d932033718ff62e1e9bc93a9d3a9122b"
|
||||
"sha256:86156361c50488b84a3f148056ea716ca587df2f0de1d34750d35c21312725de",
|
||||
"sha256:f069f3a01830ca754ba5258fde2278454a0b5b79e0d7f5c13b3b97e57d4acff6"
|
||||
],
|
||||
"version": "==4.3.2"
|
||||
"version": "==4.4.0"
|
||||
},
|
||||
"docopt": {
|
||||
"hashes": [
|
||||
@ -576,10 +576,10 @@
|
||||
},
|
||||
"faker": {
|
||||
"hashes": [
|
||||
"sha256:16342dca4d92bfc83bab6a7daf6650e0ab087605a66bc38f17523fdb01757910",
|
||||
"sha256:d871ea315b2dcba9138b8344f2c131a76ac62d6227ca39f69b0c889fec97376c"
|
||||
"sha256:00b7011757c4907546f17d0e47df098b542ea2b04c966ee0e80a493aae2c13c8",
|
||||
"sha256:745ac8b9c9526e338696e07b7f2e206e5e317e5744e22fdd7c2894bf19af41f1"
|
||||
],
|
||||
"version": "==1.0.2"
|
||||
"version": "==1.0.4"
|
||||
},
|
||||
"flask": {
|
||||
"hashes": [
|
||||
@ -613,10 +613,10 @@
|
||||
},
|
||||
"ipdb": {
|
||||
"hashes": [
|
||||
"sha256:7081c65ed7bfe7737f83fa4213ca8afd9617b42ff6b3f1daf9a3419839a2a00a"
|
||||
"sha256:dce2112557edfe759742ca2d0fee35c59c97b0cc7a05398b791079d78f1519ce"
|
||||
],
|
||||
"index": "pypi",
|
||||
"version": "==0.11"
|
||||
"version": "==0.12"
|
||||
},
|
||||
"ipython": {
|
||||
"hashes": [
|
||||
@ -852,6 +852,14 @@
|
||||
"index": "pypi",
|
||||
"version": "==0.14.0"
|
||||
},
|
||||
"pytest-mock": {
|
||||
"hashes": [
|
||||
"sha256:4d0d06d173eecf172703219a71dbd4ade0e13904e6bbce1ce660e2e0dc78b5c4",
|
||||
"sha256:bfdf02789e3d197bd682a758cae0a4a18706566395fbe2803badcd1335e0173e"
|
||||
],
|
||||
"index": "pypi",
|
||||
"version": "==1.10.1"
|
||||
},
|
||||
"pytest-watch": {
|
||||
"hashes": [
|
||||
"sha256:06136f03d5b361718b8d0d234042f7b2f203910d8568f63df2f866b547b3d4b9"
|
||||
@ -868,19 +876,19 @@
|
||||
},
|
||||
"pyyaml": {
|
||||
"hashes": [
|
||||
"sha256:544a0050e76e9b60751c58617fa28c253ad5d23af2e5f0b1c250390bf90bb0df",
|
||||
"sha256:594bf80477a58b6fd53e8b3f24ccf965c25eeeb6e05e4b1fb18c82c2d2090603",
|
||||
"sha256:75e20ca689d0a2bf0c84f0e2028cc68ebef34b213fa66d73c410c53f870c49f4",
|
||||
"sha256:994da68a1dc1050f290f8017f044172360b608c0f2562b47645ecc69d7a61c0a",
|
||||
"sha256:ad902e00088c50bdced94a57b819c24fdadaeaed5494df7a9a67d63774f210fd",
|
||||
"sha256:b11aff75875ffc73541c4e4b1ac2f5e21717c1fc4396238943b9a44d962e74e1",
|
||||
"sha256:bc733b5a9047c3e4848c0e80eeacfa6a799139242606410260c5450d665ea58c",
|
||||
"sha256:d960c68931b96bb215f385baa8ef867b8ebac66af60fa06cc1008f963848c7ad",
|
||||
"sha256:dd461c04e6a91e4eef7d5b75c1fc1c7013d3f8d354033b16526baadddd524079",
|
||||
"sha256:e4d6b5d6218a06f3141189d75c93876dd525a6d15f1b00ef4f274726c93719f1",
|
||||
"sha256:f3c386fa12415bde8a0162745c4badf98fe171c6dfd67e54831f05ec88feeebb"
|
||||
"sha256:1adecc22f88d38052fb787d959f003811ca858b799590a5eaa70e63dca50308c",
|
||||
"sha256:436bc774ecf7c103814098159fbb84c2715d25980175292c648f2da143909f95",
|
||||
"sha256:460a5a4248763f6f37ea225d19d5c205677d8d525f6a83357ca622ed541830c2",
|
||||
"sha256:5a22a9c84653debfbf198d02fe592c176ea548cccce47553f35f466e15cf2fd4",
|
||||
"sha256:7a5d3f26b89d688db27822343dfa25c599627bc92093e788956372285c6298ad",
|
||||
"sha256:9372b04a02080752d9e6f990179a4ab840227c6e2ce15b95e1278456664cf2ba",
|
||||
"sha256:a5dcbebee834eaddf3fa7366316b880ff4062e4bcc9787b78c7fbb4a26ff2dd1",
|
||||
"sha256:aee5bab92a176e7cd034e57f46e9df9a9862a71f8f37cad167c6fc74c65f5b4e",
|
||||
"sha256:c51f642898c0bacd335fc119da60baae0824f2cde95b0330b56c0553439f0673",
|
||||
"sha256:c68ea4d3ba1705da1e0d85da6684ac657912679a649e8868bd850d2c299cce13",
|
||||
"sha256:e23d0cc5299223dcc37885dae624f382297717e459ea24053709675a976a3e19"
|
||||
],
|
||||
"version": "==5.1b5"
|
||||
"version": "==5.1"
|
||||
},
|
||||
"selenium": {
|
||||
"hashes": [
|
||||
@ -979,10 +987,10 @@
|
||||
},
|
||||
"werkzeug": {
|
||||
"hashes": [
|
||||
"sha256:c3fd7a7d41976d9f44db327260e263132466836cef6f91512889ed60ad26557c",
|
||||
"sha256:d5da73735293558eb1651ee2fddc4d0dedcfa06538b8813a2e20011583c9e49b"
|
||||
"sha256:590abe38f8be026d78457fe3b5200895b3543e58ac3fc1dd792c6333ea11af64",
|
||||
"sha256:ee11b0f0640c56fb491b43b38356c4b588b3202b415a1e03eacf1c5561c961cf"
|
||||
],
|
||||
"version": "==0.14.1"
|
||||
"version": "==0.15.0"
|
||||
},
|
||||
"wrapt": {
|
||||
"hashes": [
|
||||
|
@ -52,7 +52,7 @@ def get_current_user():
|
||||
|
||||
def logout():
|
||||
if session.get("user_id"): # pragma: no branch
|
||||
del (session["user_id"])
|
||||
del session["user_id"]
|
||||
|
||||
|
||||
def _unprotected_route(request):
|
||||
|
@ -1,4 +1,6 @@
|
||||
import pytest
|
||||
|
||||
import cryptography
|
||||
from atst.domain.authnid.crl import CRLCache, CRLRevocationException
|
||||
from atst.utils.pdf_verification import pdf_signature_validations
|
||||
|
||||
@ -90,6 +92,35 @@ def test_signed_pdf_thats_been_modified(crl_check):
|
||||
}
|
||||
|
||||
|
||||
def test_signed_pdf_that_has_invalid_signature(mocker):
|
||||
def mock_crl_check(_):
|
||||
return True
|
||||
|
||||
mocker.patch.object(
|
||||
cryptography.hazmat.backends.openssl.rsa._RSAPublicKey, "verify", Exception()
|
||||
)
|
||||
|
||||
valid_signed_pdf = open("tests/fixtures/signed-pdf-not-dod.pdf", "rb").read()
|
||||
result = pdf_signature_validations(pdf=valid_signed_pdf, crl_check=mock_crl_check)
|
||||
|
||||
assert result == {
|
||||
"result": False,
|
||||
"signature_count": 1,
|
||||
"signatures": [
|
||||
{
|
||||
"cert_common_name": "John B Harris",
|
||||
"hashed_binary_data": "3f0047e6cb5b9bb089254b20d174445c3ba4f513",
|
||||
"hashing_algorithm": "sha1",
|
||||
"is_valid": False,
|
||||
"is_valid_cert": True,
|
||||
"is_valid_hash": True,
|
||||
"is_valid_signature": False,
|
||||
"signers_serial": 514,
|
||||
}
|
||||
],
|
||||
}
|
||||
|
||||
|
||||
@pytest.mark.skip(reason="Need fixture file")
|
||||
def test_signed_pdf_dod_revoked(crl_check):
|
||||
signed_pdf_dod_revoked = open(
|
||||
|
Loading…
x
Reference in New Issue
Block a user