Coverage for tests/admin/test_certificate_v2.py: 100%

43 statements  

« prev     ^ index     » next       coverage.py v7.5.3, created at 2025-10-30 06:22 +0000

1# The MIT License (MIT) 

2# 

3# Copyright (c) 2021 RSK Labs Ltd 

4# 

5# Permission is hereby granted, free of charge, to any person obtaining a copy of 

6# this software and associated documentation files (the "Software"), to deal in 

7# the Software without restriction, including without limitation the rights to 

8# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies 

9# of the Software, and to permit persons to whom the Software is furnished to do 

10# so, subject to the following conditions: 

11# 

12# The above copyright notice and this permission notice shall be included in all 

13# copies or substantial portions of the Software. 

14# 

15# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 

16# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 

17# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 

18# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 

19# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 

20# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 

21# SOFTWARE. 

22 

23from unittest import TestCase 

24from parameterized import parameterized 

25from admin.certificate_v1 import HSMCertificate 

26from admin.certificate_v2 import HSMCertificateV2 

27from .test_certificate_v2_resources import TEST_CERTIFICATE 

28 

29 

30class TestHSMCertificateV2(TestCase): 

31 def test_behavior_inherited(self): 

32 self.assertTrue(issubclass(HSMCertificateV2, HSMCertificate)) 

33 

34 def test_create_empty_certificate_ok(self): 

35 cert = HSMCertificateV2() 

36 self.assertEqual({"version": 2, "targets": [], "elements": []}, cert.to_dict()) 

37 

38 def test_parse_identity(self): 

39 cert = HSMCertificateV2(TEST_CERTIFICATE) 

40 self.assertEqual(TEST_CERTIFICATE, cert.to_dict()) 

41 

42 def mock_element(self, which_one_invalid, names_with_collateral=[]): 

43 class MockElement: 

44 def __init__(self, d): 

45 self.d = d 

46 self.name = d["name"] 

47 self.signed_by = d["signed_by"] 

48 self.collateral = None 

49 if self.name in names_with_collateral: 

50 self.collateral = f"collateral-for-{d["name"]}" 

51 

52 def is_valid(self, c): 

53 return self.name != which_one_invalid 

54 

55 def get_value(self): 

56 return f"the value for {self.name}" 

57 

58 def get_tweak(self): 

59 return None 

60 

61 def get_collateral(self): 

62 return self.collateral 

63 

64 def mock_element_factory(k, d): 

65 return MockElement(d) 

66 

67 HSMCertificateV2.ELEMENT_FACTORY = mock_element_factory 

68 

69 def test_validate_and_get_values_value(self): 

70 self.mock_element(True, ["platform_ca", "quoting_enclave"]) 

71 cert = HSMCertificateV2(TEST_CERTIFICATE) 

72 self.assertEqual({ 

73 "quote": { 

74 "valid": True, 

75 "value": "the value for quote", 

76 "tweak": None, 

77 "collateral": { 

78 "platform_ca": "collateral-for-platform_ca", 

79 "quoting_enclave": "collateral-for-quoting_enclave", 

80 } 

81 }, 

82 }, cert.validate_and_get_values("a-root-of-trust")) 

83 

84 @parameterized.expand([ 

85 ("invalid_quote", "quote"), 

86 ("invalid_attestation", "attestation"), 

87 ("invalid_qe", "quoting_enclave"), 

88 ("invalid_plf", "platform_ca"), 

89 ]) 

90 def test_validate_and_get_values_invalid(self, _, invalid_name): 

91 self.mock_element(invalid_name) 

92 cert = HSMCertificateV2(TEST_CERTIFICATE) 

93 self.assertEqual({ 

94 "quote": { 

95 "valid": False, 

96 "failed_element": invalid_name, 

97 }, 

98 }, cert.validate_and_get_values("a-root-of-trust"))