add test_serialization

bodik · Jun 9, 2023 · 0eafac0 · 0eafac0
1 parent 4765fd7
commit 0eafac0
Show file tree

Hide file tree

Showing 2 changed files with 74 additions and 10 deletions.
diff --git a/tests/test_class.py b/tests/test_class.py
@@ -5,12 +5,11 @@
 import pytest
 from cryptography.hazmat.primitives import hashes
 from cryptography.hazmat.primitives.asymmetric import ec
-from fido2.webauthn import AttestedCredentialData
 from fido2.utils import sha256
+from fido2.webauthn import AttestedCredentialData
 
 from soft_webauthn import SoftWebauthnDevice
 
-
 # PublicKeyCredentialCreationOptions
 PKCCO = {
     'publicKey': {
@@ -38,6 +37,19 @@
 }
 
 
+def _device_assertions(device):
+    """verify authenticator response"""
+
+    assertion = device.get(PKCRO, 'https://example.org')
+
+    assert assertion
+    device.private_key.public_key().verify(
+        assertion['response']['signature'],
+        assertion['response']['authenticatorData'] + sha256(assertion['response']['clientDataJSON']),
+        ec.ECDSA(hashes.SHA256())
+    )
+
+
 def test_as_attested_cred():
     """test straight credential generation and access"""
 
@@ -86,14 +98,7 @@ def test_get():
     device = SoftWebauthnDevice()
     device.cred_init(PKCRO['publicKey']['rpId'], b'randomhandle')
 
-    assertion = device.get(PKCRO, 'https://example.org')
-
-    assert assertion
-    device.private_key.public_key().verify(
-        assertion['response']['signature'],
-        assertion['response']['authenticatorData'] + sha256(assertion['response']['clientDataJSON']),
-        ec.ECDSA(hashes.SHA256())
-    )
+    _device_assertions(device)
 
 
 def test_get_not_matching_rpid():

diff --git a/tests/test_serialization.py b/tests/test_serialization.py
@@ -0,0 +1,59 @@
+"""SoftWebauthnDevice serialization tests, mostly adapted from test_class.py"""
+
+import pytest
+
+from soft_webauthn import SoftWebauthnDevice
+
+from .test_class import PKCCO, PKCRO, _device_assertions
+
+
+def test_create_and_serialize_without_password():
+    """test create"""
+
+    device = SoftWebauthnDevice()
+    device.create(PKCCO, 'https://example.org')
+
+    serialized = device.to_bytes()
+    deserialized = SoftWebauthnDevice.from_bytes(serialized)
+
+    assert deserialized.private_key
+    assert deserialized.rp_id == 'example.org'
+
+
+def test_create_and_serialize_with_password():
+    """test create"""
+
+    device = SoftWebauthnDevice()
+    device.create(PKCCO, 'https://example.org')
+    password = "password"
+
+    serialized = device.to_bytes(password)
+    deserialized = SoftWebauthnDevice.from_bytes(serialized, password)
+
+    assert deserialized.private_key
+    assert deserialized.rp_id == 'example.org'
+
+
+def test_create_and_serialize_no_or_incorrect_password():
+    """test create"""
+
+    device = SoftWebauthnDevice()
+    device.create(PKCCO, 'https://example.org')
+
+    serialized = device.to_bytes("password")
+
+    with pytest.raises(TypeError):
+        SoftWebauthnDevice.from_bytes(serialized)
+    with pytest.raises(ValueError):
+        SoftWebauthnDevice.from_bytes(serialized, "wrongpassword")
+
+
+def test_get_after_deserialize():
+    """test get"""
+
+    device = SoftWebauthnDevice()
+    device.cred_init(PKCRO['publicKey']['rpId'], b'randomhandle')
+    serialized = device.to_bytes()
+    deserialized = SoftWebauthnDevice.from_bytes(serialized)
+
+    _device_assertions(deserialized)