m17hr1l/psyc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
56466c334ddbb817a08c0da1f397209fca8f31d2
psyc/tests/test_seal.py
m17hr1l e504b3dbcf stage-14: pytest test suite over the worker lines 
38 tests covering the pure worker-line logic: Classifyline rules, Routeline
TLP/country/incident-type gates, Sealine seal/unseal round-trip, Proofline
confidence scoring, Mapline CVEResolver escalation, Trainline dataset
well-posedness (the v1/v3 input-signal bugs are now regression-guarded), and
the Scoutline feed parsers. pytest added as a dev extra.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-18 23:36:41 +02:00

59 lines
1.8 KiB
Python
Raw Blame History

"""Sealine — sealed-box encryption round-trip tests."""
from __future__ import annotations
import pytest
from psyc.lines import seal
from psyc.result import Err, Ok
@pytest.fixture(autouse=True)
def _isolate_seal_dirs(tmp_path, monkeypatch):
monkeypatch.setattr(seal, "KEYS_DIR", tmp_path / "keys")
monkeypatch.setattr(seal, "SEALED_DIR", tmp_path / "sealed")
def test_seal_unseal_round_trip():
seal.generate_recipient_keys("CERT-Test")
plaintext = b'{"case": "evidence", "secret": true}'
pkg = seal.seal(plaintext, ["CERT-Test"])
assert isinstance(pkg, Ok)
out = seal.unseal(pkg.value.package_id, "CERT-Test")
assert isinstance(out, Ok)
assert out.value == plaintext
def test_seal_to_unknown_recipient_errors():
result = seal.seal(b"data", ["Nobody"])
assert isinstance(result, Err)
def test_unseal_with_wrong_recipient_errors():
seal.generate_recipient_keys("CERT-A")
seal.generate_recipient_keys("CERT-B")
pkg = seal.seal(b"data", ["CERT-A"])
assert isinstance(pkg, Ok)
# CERT-B has keys but is not on the package
assert isinstance(seal.unseal(pkg.value.package_id, "CERT-B"), Err)
def test_multi_recipient_each_can_unseal():
seal.generate_recipient_keys("CERT-Bund")
seal.generate_recipient_keys("MISP")
plaintext = b"shared evidence"
pkg = seal.seal(plaintext, ["CERT-Bund", "MISP"])
assert isinstance(pkg, Ok)
for recipient in ("CERT-Bund", "MISP"):
out = seal.unseal(pkg.value.package_id, recipient)
assert isinstance(out, Ok) and out.value == plaintext
def test_plaintext_hash_recorded():
import hashlib
seal.generate_recipient_keys("R")
plaintext = b"hash me"
pkg = seal.seal(plaintext, ["R"])
assert isinstance(pkg, Ok)
assert pkg.value.plaintext_hash == hashlib.sha256(plaintext).hexdigest()
Reference in New Issue View Git Blame Copy Permalink