diff --git a/.github/workflows/ci_codebuild-tests.yml b/.github/workflows/ci_codebuild-tests.yml index a0078cd86..323a8ca48 100644 --- a/.github/workflows/ci_codebuild-tests.yml +++ b/.github/workflows/ci_codebuild-tests.yml @@ -1,7 +1,6 @@ name: AWS CodeBuild CI on: - pull_request: push: # Run once a day schedule: @@ -47,7 +46,7 @@ jobs: role-duration-seconds: 7200 - name: Run python-${{ matrix.python.python_version }} ${{ matrix.codebuild_file_name }} uses: aws-actions/aws-codebuild-run-build@v1 - timeout-minutes: 120 + timeout-minutes: 150 with: project-name: python-esdk buildspec-override: codebuild/py${{ matrix.python.python_version }}/${{ matrix.codebuild_file_name }} diff --git a/.github/workflows/ci_test-vector-handler.yaml b/.github/workflows/ci_test-vector-handler.yaml index 433f805f8..b82da4445 100644 --- a/.github/workflows/ci_test-vector-handler.yaml +++ b/.github/workflows/ci_test-vector-handler.yaml @@ -21,7 +21,7 @@ jobs: os: - ubuntu-latest - windows-latest - - macos-13 + - macos-latest python: - 3.8 - 3.x @@ -36,7 +36,7 @@ jobs: # x86 builds are only meaningful for Windows - os: ubuntu-latest architecture: x86 - - os: macos-13 + - os: macos-latest architecture: x86 steps: - uses: aws-actions/configure-aws-credentials@v4 diff --git a/.github/workflows/ci_tests.yaml b/.github/workflows/ci_tests.yaml index acb0b9b33..de668487a 100644 --- a/.github/workflows/ci_tests.yaml +++ b/.github/workflows/ci_tests.yaml @@ -22,7 +22,7 @@ jobs: os: - ubuntu-latest - windows-latest - - macos-13 + - macos-latest python: - 3.8 - 3.9 @@ -47,11 +47,23 @@ jobs: - "" - -mpl exclude: + # Python <3.11 incompatible with macOS ARM64 runners + # https://github.com/actions/setup-python/issues/948 + - python: 3.7 + os: macos-latest + - python: 3.8 + os: macos-latest + - python: 3.9 + os: macos-latest + - python: 3.10 + os: macos-latest + # x86 builds are only meaningful for Windows - os: ubuntu-latest architecture: x86 - - os: macos-13 + - os: macos-latest architecture: x86 + # MPL is not supported on <3.11 - python: 3.7 optional_mpl_dependency: -mpl @@ -71,6 +83,7 @@ jobs: git config --global core.longpaths true - uses: actions/checkout@v4 + - uses: actions/setup-python@v4 with: python-version: ${{ matrix.python }} diff --git a/.github/workflows/pull.yml b/.github/workflows/pull.yml index 6b4c1b7ab..01caa4904 100644 --- a/.github/workflows/pull.yml +++ b/.github/workflows/pull.yml @@ -3,6 +3,12 @@ name: Pull Request Workflow on: pull_request: +# Concurrency control helps avoid CodeBuild throttling. +# When new commits are pushed, the previous workflow run is cancelled. +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + permissions: id-token: write contents: read diff --git a/decrypt_oracle/test/requirements.txt b/decrypt_oracle/test/requirements.txt index 11be59be6..956d9ec6f 100644 --- a/decrypt_oracle/test/requirements.txt +++ b/decrypt_oracle/test/requirements.txt @@ -1,5 +1,5 @@ mock -pytest>=3.3.1 +pytest>=8.4.2 pytest-cov -pytest-mock +pytest-mock>=3.14.0 requests diff --git a/decrypt_oracle/tox.ini b/decrypt_oracle/tox.ini index 7002877a6..e13916b1d 100644 --- a/decrypt_oracle/tox.ini +++ b/decrypt_oracle/tox.ini @@ -233,7 +233,7 @@ commands = seed-isort-config [testenv:isort] basepython = python3 deps = isort -commands = isort -rc \ +commands = isort \ src \ test \ #doc \ diff --git a/dev_requirements/test-requirements.txt b/dev_requirements/test-requirements.txt index 01d7a2e2b..ed6ef0d17 100644 --- a/dev_requirements/test-requirements.txt +++ b/dev_requirements/test-requirements.txt @@ -1,4 +1,4 @@ mock==4.0.3 -pytest==7.2.1 +pytest==8.0.0 pytest-cov==4.0.0 pytest-mock==3.6.1 diff --git a/performance_tests/tox.ini b/performance_tests/tox.ini index 8b51f98a5..5c5cfd99c 100644 --- a/performance_tests/tox.ini +++ b/performance_tests/tox.ini @@ -128,7 +128,7 @@ commands = seed-isort-config [testenv:isort] basepython = python3 deps = -r../dev_requirements/linter-requirements.txt -commands = isort -rc \ +commands = isort \ src \ test \ setup.py \ diff --git a/test/unit/test_compatability.py b/test/unit/test_compatability.py index bd602c7cd..11400e241 100644 --- a/test/unit/test_compatability.py +++ b/test/unit/test_compatability.py @@ -2,6 +2,7 @@ # SPDX-License-Identifier: Apache-2.0 """Unit test suite for aws_encryption_sdk.compatability""" import sys +import warnings import mock import pytest @@ -16,7 +17,8 @@ def test_happy_version(self): with mock.patch.object(sys, "version_info") as v_info: v_info.major = 3 v_info.minor = 6 - with pytest.warns(None) as record: + with warnings.catch_warnings(record=True) as record: + warnings.simplefilter("always") _warn_deprecated_python() assert len(record) == 0 diff --git a/test/unit/test_serialize.py b/test/unit/test_serialize.py index 1df4d1bd7..1d38818c3 100644 --- a/test/unit/test_serialize.py +++ b/test/unit/test_serialize.py @@ -19,7 +19,27 @@ pytestmark = [pytest.mark.unit, pytest.mark.local] -provider_input_strings = ["", "abc", "𐀂", "abc𐀂", "𐀂abc", "秘密代码", "abc秘密代码", "秘密代码abc", "秘密代码abc𐀂", "𐀂abc秘密代码123𐀂"] +provider_input_strings = [ + "", + "abc", + "𐀂", + "abc𐀂", + "𐀂abc", + "秘密代码", + "abc秘密代码", + "秘密代码abc", + "秘密代码abc𐀂", + "𐀂abc秘密代码123𐀂", +] + +provider_input_strings_batch1 = ["", "abc", "𐀂", "abc𐀂", "𐀂abc"] +provider_input_strings_batch2 = [ + "秘密代码", + "abc秘密代码", + "秘密代码abc", + "秘密代码abc𐀂", + "𐀂abc秘密代码123𐀂", +] @pytest.mark.parametrize( @@ -58,7 +78,9 @@ def apply_fixtures(self): __lt__=MagicMock(return_value=False), __gt__=MagicMock(return_value=False) ) - self.mock_key_provider = MasterKeyInfo(provider_id=VALUES["provider_id"], key_info=VALUES["key_info"]) + self.mock_key_provider = MasterKeyInfo( + provider_id=VALUES["provider_id"], key_info=VALUES["key_info"] + ) self.mock_wrapping_algorithm = MagicMock() self.mock_wrapping_algorithm.algorithm = self.mock_algorithm # Set up encryption_context patch @@ -66,9 +88,13 @@ def apply_fixtures(self): "aws_encryption_sdk.internal.formatting.serialize.aws_encryption_sdk.internal.formatting.encryption_context" ) self.mock_serialize_acc = self.mock_serialize_acc_patcher.start() - self.mock_serialize_acc.serialize_encryption_context.return_value = VALUES["serialized_encryption_context"] + self.mock_serialize_acc.serialize_encryption_context.return_value = VALUES[ + "serialized_encryption_context" + ] # Set up crypto patch - self.mock_encrypt_patcher = patch("aws_encryption_sdk.internal.formatting.serialize.encrypt") + self.mock_encrypt_patcher = patch( + "aws_encryption_sdk.internal.formatting.serialize.encrypt" + ) self.mock_encrypt = self.mock_encrypt_patcher.start() # Set up validate_frame_length patch self.mock_valid_frame_length_patcher = patch( @@ -117,15 +143,73 @@ def test_GIVEN_valid_encrypted_data_key_WHEN_serialize_encrypted_data_key_THEN_d assert len(deserialized) == 1 deserialized_edk = list(deserialized)[0] assert deserialized_edk.key_provider == encrypted_data_key.key_provider - assert deserialized_edk.key_provider.provider_id == encrypted_data_key.key_provider.provider_id - assert deserialized_edk.key_provider.key_info == encrypted_data_key.key_provider.key_info - assert deserialized_edk.encrypted_data_key == encrypted_data_key.encrypted_data_key - - @pytest.mark.parametrize("edk_1_provider_id", provider_input_strings) - @pytest.mark.parametrize("edk_1_provider_info", provider_input_strings) - @pytest.mark.parametrize("edk_2_provider_id", provider_input_strings) - @pytest.mark.parametrize("edk_2_provider_info", provider_input_strings) - def test_GIVEN_two_distinct_valid_encrypted_data_keys_WHEN_serialize_encrypted_data_keys_THEN_deserialize_equals_inputs( # noqa pylint: disable=line-too-long + assert ( + deserialized_edk.key_provider.provider_id + == encrypted_data_key.key_provider.provider_id + ) + assert ( + deserialized_edk.key_provider.key_info + == encrypted_data_key.key_provider.key_info + ) + assert ( + deserialized_edk.encrypted_data_key == encrypted_data_key.encrypted_data_key + ) + + @pytest.mark.parametrize("edk_1_provider_id", provider_input_strings_batch1) + @pytest.mark.parametrize("edk_1_provider_info", provider_input_strings_batch1) + @pytest.mark.parametrize("edk_2_provider_id", provider_input_strings_batch1) + @pytest.mark.parametrize("edk_2_provider_info", provider_input_strings_batch1) + def test_GIVEN_two_distinct_valid_encrypted_data_keys_WHEN_serialize_encrypted_data_keys_THEN_deserialize_equals_inputs_batch1( # noqa pylint: disable=line-too-long + self, + edk_1_provider_id, + edk_1_provider_info, + edk_2_provider_id, + edk_2_provider_info, + ): + self._helper_test_GIVEN_two_distinct_valid_encrypted_data_keys_WHEN_serialize_encrypted_data_keys_THEN_deserialize_equals_inputs( # noqa pylint: disable=line-too-long + edk_1_provider_id, + edk_1_provider_info, + edk_2_provider_id, + edk_2_provider_info, + ) + + @pytest.mark.parametrize("edk_1_provider_id", provider_input_strings_batch2) + @pytest.mark.parametrize("edk_1_provider_info", provider_input_strings_batch2) + @pytest.mark.parametrize("edk_2_provider_id", provider_input_strings_batch2) + @pytest.mark.parametrize("edk_2_provider_info", provider_input_strings_batch2) + def test_GIVEN_two_distinct_valid_encrypted_data_keys_WHEN_serialize_encrypted_data_keys_THEN_deserialize_equals_inputs_batch2( # noqa pylint: disable=line-too-long + self, + edk_1_provider_id, + edk_1_provider_info, + edk_2_provider_id, + edk_2_provider_info, + ): + self._helper_test_GIVEN_two_distinct_valid_encrypted_data_keys_WHEN_serialize_encrypted_data_keys_THEN_deserialize_equals_inputs( # noqa pylint: disable=line-too-long + edk_1_provider_id, + edk_1_provider_info, + edk_2_provider_id, + edk_2_provider_info, + ) + + @pytest.mark.parametrize("edk_1_provider_id", provider_input_strings_batch1) + @pytest.mark.parametrize("edk_1_provider_info", provider_input_strings_batch1) + @pytest.mark.parametrize("edk_2_provider_id", provider_input_strings_batch2) + @pytest.mark.parametrize("edk_2_provider_info", provider_input_strings_batch2) + def test_GIVEN_two_distinct_valid_encrypted_data_keys_WHEN_serialize_encrypted_data_keys_THEN_deserialize_equals_inputs_batch3( # noqa pylint: disable=line-too-long + self, + edk_1_provider_id, + edk_1_provider_info, + edk_2_provider_id, + edk_2_provider_info, + ): + self._helper_test_GIVEN_two_distinct_valid_encrypted_data_keys_WHEN_serialize_encrypted_data_keys_THEN_deserialize_equals_inputs( # noqa pylint: disable=line-too-long + edk_1_provider_id, + edk_1_provider_info, + edk_2_provider_id, + edk_2_provider_info, + ) + + def _helper_test_GIVEN_two_distinct_valid_encrypted_data_keys_WHEN_serialize_encrypted_data_keys_THEN_deserialize_equals_inputs( # noqa pylint: disable=line-too-long self, edk_1_provider_id, edk_1_provider_info, @@ -134,14 +218,20 @@ def test_GIVEN_two_distinct_valid_encrypted_data_keys_WHEN_serialize_encrypted_d ): # pylint: disable=too-many-locals # Given: Two distinct valid encrypted data keys - edk_1_key_provider = MasterKeyInfo(provider_id=edk_1_provider_id, key_info=edk_1_provider_info) + edk_1_key_provider = MasterKeyInfo( + provider_id=edk_1_provider_id, key_info=edk_1_provider_info + ) encrypted_data_key_1 = EncryptedDataKey( - key_provider=edk_1_key_provider, encrypted_data_key=VALUES["encrypted_data_key"] + key_provider=edk_1_key_provider, + encrypted_data_key=VALUES["encrypted_data_key"], ) - edk_2_key_provider = MasterKeyInfo(provider_id=edk_2_provider_id, key_info=edk_2_provider_info) + edk_2_key_provider = MasterKeyInfo( + provider_id=edk_2_provider_id, key_info=edk_2_provider_info + ) encrypted_data_key_2 = EncryptedDataKey( - key_provider=edk_2_key_provider, encrypted_data_key=VALUES["encrypted_data_key"] + key_provider=edk_2_key_provider, + encrypted_data_key=VALUES["encrypted_data_key"], ) # Must be distinct @@ -174,8 +264,11 @@ def test_GIVEN_two_distinct_valid_encrypted_data_keys_WHEN_serialize_encrypted_d deserialized_edk_other = deserialized_edk_list[1] assert ( - (deserialized_edk_some == encrypted_data_key_1 and deserialized_edk_other == encrypted_data_key_2) - or (deserialized_edk_some == encrypted_data_key_2 and deserialized_edk_other == encrypted_data_key_1) + deserialized_edk_some == encrypted_data_key_1 + and deserialized_edk_other == encrypted_data_key_2 + ) or ( + deserialized_edk_some == encrypted_data_key_2 + and deserialized_edk_other == encrypted_data_key_1 ) def test_GIVEN_invalid_encrypted_data_key_WHEN_serialize_THEN_raises_UnicodeEncodeError( @@ -189,10 +282,13 @@ def test_GIVEN_invalid_encrypted_data_key_WHEN_serialize_THEN_raises_UnicodeEnco # Then: raises UnicodeEncodeError with pytest.raises(UnicodeEncodeError): - key_provider = MasterKeyInfo(provider_id=invalid_provider_string, key_info=invalid_provider_string) + key_provider = MasterKeyInfo( + provider_id=invalid_provider_string, key_info=invalid_provider_string + ) encrypted_data_key = EncryptedDataKey( - key_provider=key_provider, encrypted_data_key=VALUES["encrypted_data_key"] + key_provider=key_provider, + encrypted_data_key=VALUES["encrypted_data_key"], ) # When: serialize_encrypted_data_key @@ -202,10 +298,13 @@ def test_GIVEN_invalid_encrypted_data_key_WHEN_serialize_THEN_raises_UnicodeEnco # Then: raises UnicodeEncodeError with pytest.raises(UnicodeEncodeError): - key_provider = MasterKeyInfo(provider_id=invalid_provider_string, key_info="abc") + key_provider = MasterKeyInfo( + provider_id=invalid_provider_string, key_info="abc" + ) encrypted_data_key = EncryptedDataKey( - key_provider=key_provider, encrypted_data_key=VALUES["encrypted_data_key"] + key_provider=key_provider, + encrypted_data_key=VALUES["encrypted_data_key"], ) # When: serialize_encrypted_data_key @@ -215,10 +314,13 @@ def test_GIVEN_invalid_encrypted_data_key_WHEN_serialize_THEN_raises_UnicodeEnco # Then: raises UnicodeEncodeError with pytest.raises(UnicodeEncodeError): - key_provider = MasterKeyInfo(provider_id="abc", key_info=invalid_provider_string) + key_provider = MasterKeyInfo( + provider_id="abc", key_info=invalid_provider_string + ) encrypted_data_key = EncryptedDataKey( - key_provider=key_provider, encrypted_data_key=VALUES["encrypted_data_key"] + key_provider=key_provider, + encrypted_data_key=VALUES["encrypted_data_key"], ) # When: serialize_encrypted_data_key @@ -236,7 +338,9 @@ def test_serialize_header_v1(self): self.mock_serialize_acc.serialize_encryption_context.assert_called_once_with( VALUES["updated_encryption_context"] ) - self.mock_signer.update.assert_called_once_with(VALUES["serialized_header_small_frame"]) + self.mock_signer.update.assert_called_once_with( + VALUES["serialized_header_small_frame"] + ) assert test == VALUES["serialized_header_small_frame"] def test_serialize_header_v1_no_signer(self): @@ -257,7 +361,9 @@ def test_serialize_header_v2(self): self.mock_serialize_acc.serialize_encryption_context.assert_called_once_with( VALUES["updated_encryption_context"] ) - self.mock_signer.update.assert_called_once_with(VALUES["serialized_header_v2_committing"]) + self.mock_signer.update.assert_called_once_with( + VALUES["serialized_header_v2_committing"] + ) assert test == VALUES["serialized_header_v2_committing"] def test_serialize_header_v2_no_signer(self): @@ -288,7 +394,9 @@ def test_serialize_header_auth_v1(self, mock_header_auth_iv): associated_data=VALUES["serialized_header"], iv=mock_header_auth_iv.return_value, ) - self.mock_signer.update.assert_called_once_with(VALUES["serialized_header_auth"]) + self.mock_signer.update.assert_called_once_with( + VALUES["serialized_header_auth"] + ) assert test == VALUES["serialized_header_auth"] def test_serialize_header_auth_v1_no_signer(self): @@ -329,7 +437,9 @@ def test_GIVEN_required_ec_bytes_WHEN_serialize_header_auth_v1_THEN_aad_has_requ associated_data=VALUES["serialized_header"] + self.mock_required_ec_bytes, iv=mock_header_auth_iv.return_value, ) - self.mock_signer.update.assert_called_once_with(VALUES["serialized_header_auth"]) + self.mock_signer.update.assert_called_once_with( + VALUES["serialized_header_auth"] + ) assert test == VALUES["serialized_header_auth"] @patch("aws_encryption_sdk.internal.formatting.serialize.header_auth_iv") @@ -352,7 +462,9 @@ def test_serialize_header_auth_v2(self, mock_header_auth_iv): associated_data=VALUES["serialized_header_v2_committing"], iv=mock_header_auth_iv.return_value, ) - self.mock_signer.update.assert_called_once_with(VALUES["serialized_header_auth_v2"]) + self.mock_signer.update.assert_called_once_with( + VALUES["serialized_header_auth_v2"] + ) assert test == VALUES["serialized_header_auth_v2"] def test_serialize_header_auth_v2_no_signer(self): @@ -389,23 +501,30 @@ def test_GIVEN_required_ec_bytes_WHEN_serialize_header_auth_v2_THEN_aad_has_requ algorithm=self.mock_algorithm, key=sentinel.encryption_key, plaintext=b"", - associated_data=VALUES["serialized_header_v2_committing"] + self.mock_required_ec_bytes, + associated_data=VALUES["serialized_header_v2_committing"] + + self.mock_required_ec_bytes, iv=mock_header_auth_iv.return_value, ) - self.mock_signer.update.assert_called_once_with(VALUES["serialized_header_auth_v2"]) + self.mock_signer.update.assert_called_once_with( + VALUES["serialized_header_auth_v2"] + ) assert test == VALUES["serialized_header_auth_v2"] def test_serialize_non_framed_open(self): """Validate that the serialize_non_framed_open function behaves as expected. """ - test = aws_encryption_sdk.internal.formatting.serialize.serialize_non_framed_open( - algorithm=self.mock_algorithm, - iv=VALUES["final_frame_base"].iv, - plaintext_length=len(VALUES["data_128"]), - signer=self.mock_signer, + test = ( + aws_encryption_sdk.internal.formatting.serialize.serialize_non_framed_open( + algorithm=self.mock_algorithm, + iv=VALUES["final_frame_base"].iv, + plaintext_length=len(VALUES["data_128"]), + signer=self.mock_signer, + ) + ) + self.mock_signer.update.assert_called_once_with( + VALUES["serialized_non_framed_start"] ) - self.mock_signer.update.assert_called_once_with(VALUES["serialized_non_framed_start"]) assert test == VALUES["serialized_non_framed_start"] def test_serialize_non_framed_open_no_signer(self): @@ -414,17 +533,23 @@ def test_serialize_non_framed_open_no_signer(self): no signer. """ aws_encryption_sdk.internal.formatting.serialize.serialize_non_framed_open( - algorithm=self.mock_algorithm, iv=VALUES["final_frame_base"].iv, plaintext_length=len(VALUES["data_128"]) + algorithm=self.mock_algorithm, + iv=VALUES["final_frame_base"].iv, + plaintext_length=len(VALUES["data_128"]), ) def test_serialize_non_framed_close(self): """Validate that the serialize_non_framed_close function behaves as expected. """ - test = aws_encryption_sdk.internal.formatting.serialize.serialize_non_framed_close( - tag=VALUES["final_frame_base"].tag, signer=self.mock_signer + test = ( + aws_encryption_sdk.internal.formatting.serialize.serialize_non_framed_close( + tag=VALUES["final_frame_base"].tag, signer=self.mock_signer + ) + ) + self.mock_signer.update.assert_called_once_with( + VALUES["serialized_non_framed_close"] ) - self.mock_signer.update.assert_called_once_with(VALUES["serialized_non_framed_close"]) assert test == VALUES["serialized_non_framed_close"] def test_serialize_non_framed_close_no_signer(self): @@ -432,7 +557,9 @@ def test_serialize_non_framed_close_no_signer(self): function behaves as expected when called with no signer. """ - aws_encryption_sdk.internal.formatting.serialize.serialize_non_framed_close(tag=VALUES["final_frame_base"].tag) + aws_encryption_sdk.internal.formatting.serialize.serialize_non_framed_close( + tag=VALUES["final_frame_base"].tag + ) @patch("aws_encryption_sdk.internal.formatting.serialize.frame_iv") def test_encrypt_and_serialize_frame(self, mock_frame_iv): @@ -442,15 +569,17 @@ def test_encrypt_and_serialize_frame(self, mock_frame_iv): self.mock_serialize_acc.assemble_content_aad.return_value = VALUES["frame_aac"] self.mock_encrypt.return_value = VALUES["frame_base"] source_plaintext = VALUES["data_128"] * 2 - test_serialized, test_remainder = aws_encryption_sdk.internal.formatting.serialize.serialize_frame( - algorithm=self.mock_algorithm, - plaintext=source_plaintext, - message_id=VALUES["message_id"], - data_encryption_key=sentinel.encryption_key, - frame_length=VALUES["small_frame_length"], - sequence_number=self.mock_valid_sequence_number, - is_final_frame=False, - signer=self.mock_signer, + test_serialized, test_remainder = ( + aws_encryption_sdk.internal.formatting.serialize.serialize_frame( + algorithm=self.mock_algorithm, + plaintext=source_plaintext, + message_id=VALUES["message_id"], + data_encryption_key=sentinel.encryption_key, + frame_length=VALUES["small_frame_length"], + sequence_number=self.mock_valid_sequence_number, + is_final_frame=False, + signer=self.mock_signer, + ) ) self.mock_serialize_acc.assemble_content_aad.assert_called_once_with( message_id=VALUES["message_id"], @@ -458,7 +587,9 @@ def test_encrypt_and_serialize_frame(self, mock_frame_iv): seq_num=self.mock_valid_sequence_number, length=VALUES["small_frame_length"], ) - mock_frame_iv.assert_called_once_with(self.mock_algorithm, self.mock_valid_sequence_number) + mock_frame_iv.assert_called_once_with( + self.mock_algorithm, self.mock_valid_sequence_number + ) self.mock_encrypt.assert_called_once_with( algorithm=self.mock_algorithm, key=sentinel.encryption_key, @@ -492,17 +623,21 @@ def test_encrypt_and_serialize_frame_final(self, mock_frame_iv): """Validate that the _encrypt_and_serialize_frame function behaves as expected for a final frame. """ - self.mock_serialize_acc.assemble_content_aad.return_value = VALUES["final_frame_aac"] + self.mock_serialize_acc.assemble_content_aad.return_value = VALUES[ + "final_frame_aac" + ] self.mock_encrypt.return_value = VALUES["final_frame_base"] - test_serialized, test_remainder = aws_encryption_sdk.internal.formatting.serialize.serialize_frame( - algorithm=self.mock_algorithm, - plaintext=VALUES["data_128"], - message_id=VALUES["message_id"], - data_encryption_key=sentinel.encryption_key, - frame_length=len(VALUES["data_128"]), - sequence_number=self.mock_valid_sequence_number, - is_final_frame=True, - signer=self.mock_signer, + test_serialized, test_remainder = ( + aws_encryption_sdk.internal.formatting.serialize.serialize_frame( + algorithm=self.mock_algorithm, + plaintext=VALUES["data_128"], + message_id=VALUES["message_id"], + data_encryption_key=sentinel.encryption_key, + frame_length=len(VALUES["data_128"]), + sequence_number=self.mock_valid_sequence_number, + is_final_frame=True, + signer=self.mock_signer, + ) ) self.mock_serialize_acc.assemble_content_aad.assert_called_once_with( message_id=VALUES["message_id"], @@ -510,7 +645,9 @@ def test_encrypt_and_serialize_frame_final(self, mock_frame_iv): seq_num=self.mock_valid_sequence_number, length=len(VALUES["data_128"]), ) - mock_frame_iv.assert_called_once_with(self.mock_algorithm, self.mock_valid_sequence_number) + mock_frame_iv.assert_called_once_with( + self.mock_algorithm, self.mock_valid_sequence_number + ) self.mock_encrypt.assert_called_once_with( algorithm=self.mock_algorithm, key=sentinel.encryption_key, @@ -518,7 +655,9 @@ def test_encrypt_and_serialize_frame_final(self, mock_frame_iv): associated_data=VALUES["final_frame_aac"], iv=mock_frame_iv.return_value, ) - self.mock_signer.update.assert_called_once_with(VALUES["serialized_final_frame"]) + self.mock_signer.update.assert_called_once_with( + VALUES["serialized_final_frame"] + ) assert test_serialized == VALUES["serialized_final_frame"] assert test_remainder == b"" @@ -527,7 +666,9 @@ def test_encrypt_and_serialize_frame_final_no_signer(self): function behaves as expected for a final frame when called with no signer. """ - self.mock_serialize_acc.assemble_content_aad.return_value = VALUES["final_frame_aac"] + self.mock_serialize_acc.assemble_content_aad.return_value = VALUES[ + "final_frame_aac" + ] self.mock_encrypt.return_value = VALUES["final_frame_base"] aws_encryption_sdk.internal.formatting.serialize.serialize_frame( algorithm=self.mock_algorithm, @@ -543,7 +684,9 @@ def test_serialize_footer_with_signer(self): """Validate that the serialize_footer function behaves as expected when called with a signer. """ - test = aws_encryption_sdk.internal.formatting.serialize.serialize_footer(self.mock_signer) + test = aws_encryption_sdk.internal.formatting.serialize.serialize_footer( + self.mock_signer + ) self.mock_signer.finalize.assert_called_with() assert test == VALUES["serialized_footer"] @@ -559,11 +702,14 @@ def test_serialize_wrapped_key_asymmetric(self): key_provider=self.mock_key_provider, wrapping_algorithm=self.mock_wrapping_algorithm, wrapping_key_id=VALUES["wrapped_keys"]["raw"]["key_info"], - encrypted_wrapped_key=EncryptedData(iv=None, ciphertext=VALUES["data_128"], tag=None), + encrypted_wrapped_key=EncryptedData( + iv=None, ciphertext=VALUES["data_128"], tag=None + ), ) assert test == EncryptedDataKey( key_provider=MasterKeyInfo( - provider_id=VALUES["provider_id"], key_info=VALUES["wrapped_keys"]["raw"]["key_info"] + provider_id=VALUES["provider_id"], + key_info=VALUES["wrapped_keys"]["raw"]["key_info"], ), encrypted_data_key=VALUES["data_128"], ) @@ -573,11 +719,14 @@ def test_serialize_wrapped_key_symmetric(self): key_provider=self.mock_key_provider, wrapping_algorithm=self.mock_wrapping_algorithm, wrapping_key_id=VALUES["wrapped_keys"]["raw"]["key_info"], - encrypted_wrapped_key=VALUES["wrapped_keys"]["structures"]["wrapped_encrypted_data"], + encrypted_wrapped_key=VALUES["wrapped_keys"]["structures"][ + "wrapped_encrypted_data" + ], ) assert test == EncryptedDataKey( key_provider=MasterKeyInfo( - provider_id=VALUES["provider_id"], key_info=VALUES["wrapped_keys"]["serialized"]["key_info"] + provider_id=VALUES["provider_id"], + key_info=VALUES["wrapped_keys"]["serialized"]["key_info"], ), encrypted_data_key=VALUES["wrapped_keys"]["serialized"]["key_ciphertext"], ) diff --git a/test_vector_handlers/tox.ini b/test_vector_handlers/tox.ini index 76534e829..41a208a3f 100644 --- a/test_vector_handlers/tox.ini +++ b/test_vector_handlers/tox.ini @@ -184,7 +184,7 @@ commands = seed-isort-config [testenv:isort] basepython = python3 deps = -r../dev_requirements/linter-requirements.txt -commands = isort -rc \ +commands = isort \ src \ test \ setup.py \ diff --git a/tox.ini b/tox.ini index 2a1121409..130737f86 100644 --- a/tox.ini +++ b/tox.ini @@ -242,7 +242,7 @@ commands = seed-isort-config [testenv:isort] basepython = python3 deps = -rdev_requirements/linter-requirements.txt -commands = isort -rc \ +commands = isort \ src \ test \ # We do not include examples/test because of the need to modify sys.path for some imports