Merge pull request #93 from mattsb42-aws/vectors

Fix handling of raw test vector manifests
aws · Nov 6, 2018 · 3a02cb6 · 3a02cb6
2 parents c609316 + 4e742c6
commit 3a02cb6
Show file tree

Hide file tree

Showing 6 changed files with 50,827 additions and 2,350 deletions.
diff --git a/.gitignore b/.gitignore
@@ -33,6 +33,7 @@ __pycache__
 
 # PyCharm
 .idea/
+venv/
 
 # Tox
 .tox

diff --git a/.travis.yml b/.travis.yml
@@ -101,7 +101,7 @@ matrix:
     - python: 2.7
       env:
         TEST_VECTOR_HANDLERS=1
-        TOXENV=py27-awses_1.3.0
+        TOXENV=py27-awses_1.3.3
     - python: 2.7
       env:
         TEST_VECTOR_HANDLERS=1
@@ -114,7 +114,7 @@ matrix:
     - python: 3.4
       env:
         TEST_VECTOR_HANDLERS=1
-        TOXENV=py34-awses_1.3.0
+        TOXENV=py34-awses_1.3.3
     - python: 3.4
       env:
         TEST_VECTOR_HANDLERS=1
@@ -127,7 +127,7 @@ matrix:
     - python: 3.5
       env:
         TEST_VECTOR_HANDLERS=1
-        TOXENV=py35-awses_1.3.0
+        TOXENV=py35-awses_1.3.3
     - python: 3.5
       env:
         TEST_VECTOR_HANDLERS=1
@@ -140,7 +140,7 @@ matrix:
     - python: 3.6
       env:
         TEST_VECTOR_HANDLERS=1
-        TOXENV=py36-awses_1.3.0
+        TOXENV=py36-awses_1.3.3
     - python: 3.6
       env:
         TEST_VECTOR_HANDLERS=1
@@ -153,7 +153,7 @@ matrix:
     - python: 3.7
       env:
         TEST_VECTOR_HANDLERS=1
-        TOXENV=py37-awses_1.3.0
+        TOXENV=py37-awses_1.3.3
       dist: xenial
       sudo: true
     - python: 3.7

diff --git a/test_vector_handlers/src/awses_test_vectors/manifests/full_message/encrypt.py b/test_vector_handlers/src/awses_test_vectors/manifests/full_message/encrypt.py
@@ -202,10 +202,14 @@ def from_file(cls, input_file):
         raw_keys_manifest = json.loads(reader(raw_manifest["keys"]).decode(ENCODING))
         keys = KeysManifest.from_manifest_spec(raw_keys_manifest)
         plaintexts = cls._generate_plaintexts(raw_manifest["plaintexts"])
-        tests = {
-            name: MessageEncryptionTestScenario.from_scenario(scenario=scenario, keys=keys, plaintexts=plaintexts)
-            for name, scenario in raw_manifest["tests"].items()
-        }
+        tests = {}
+        for name, scenario in raw_manifest["tests"].items():
+            try:
+                tests[name] = MessageEncryptionTestScenario.from_scenario(
+                    scenario=scenario, keys=keys, plaintexts=plaintexts
+                )
+            except NotImplementedError:
+                continue
         return cls(version=raw_manifest["manifest"]["version"], keys=keys, plaintexts=plaintexts, tests=tests)
 
     def run_and_write_to_dir(self, target_directory, json_indent=None):

diff --git a/test_vector_handlers/src/awses_test_vectors/manifests/master_key.py b/test_vector_handlers/src/awses_test_vectors/manifests/master_key.py
@@ -54,6 +54,7 @@
     # 'rsa/oaep-mgf1/sha384': WrappingAlgorithm.RSA_OAEP_SHA384_MGF1,
     # 'rsa/oaep-mgf1/sha512': WrappingAlgorithm.RSA_OAEP_SHA512_MGF1,
 }
+_NOT_YET_IMPLEMENTED = {"rsa/oaep-mgf1/sha384", "rsa/oaep-mgf1/sha512"}
 _RAW_ENCRYPTION_KEY_TYPE = {
     "symmetric": EncryptionKeyType.SYMMETRIC,
     "private": EncryptionKeyType.PRIVATE,
@@ -91,10 +92,11 @@ def __attrs_post_init__(self):
             raise NotImplementedError("Gap found between known master key types and available master key loaders.")
 
         if self.type_name == "raw":
-            if None in (self.provider_id, self.encryption_algorithm, self.padding_algorithm):
-                raise ValueError(
-                    "Provider ID, encryption algorithm, and padding algorithm are all required for raw keys"
-                )
+            if None in (self.provider_id, self.encryption_algorithm):
+                raise ValueError("Provider ID and encryption algorithm are both required for raw keys")
+
+            if self.encryption_algorithm == "rsa" and self.padding_algorithm is None:
+                raise ValueError("Padding algorithm is required for raw RSA keys")
 
             if self.padding_algorithm == "oaep-mgf1" and self.padding_hash is None:
                 raise ValueError('Padding hash must be specified if padding algorithm is "oaep-mgf1"')
@@ -140,7 +142,12 @@ def _wrapping_algorithm(self, key_bits):
             if self.padding_hash is not None:
                 key_spec_values.append(self.padding_hash)
 
-        return _RAW_WRAPPING_KEY_ALGORITHMS["/".join(key_spec_values)]
+        key_spec_name = "/".join(key_spec_values)
+
+        if key_spec_name in _NOT_YET_IMPLEMENTED:
+            raise NotImplementedError('Key spec "{}" is not yet available.')
+
+        return _RAW_WRAPPING_KEY_ALGORITHMS[key_spec_name]
 
     def _wrapping_key(self, key_spec):
         # type: (KeySpec) -> WrappingKey