more unit tests

lucasmcdonald3 · lucasmcdonald3 · commit 0da2a4f2c7de · 2024-02-26T13:10:59.000-08:00
diff --git a/test/unit/test_crypto_authentication_signer.py b/test/unit/test_crypto_authentication_signer.py
@@ -94,11 +94,14 @@ def test_GIVEN_no_encoding_WHEN_signer_from_key_bytes_THEN_load_der_private_key(
     with patch.object(cryptography.hazmat.primitives, "serialization"):
         # Mock the `serialization.load_der_private_key`
         with patch.object(aws_encryption_sdk.internal.crypto.authentication.serialization, "load_der_private_key") as mock_der:
+            # When: from_key_bytes
             Signer.from_key_bytes(
                 algorithm=_algorithm,
                 key_bytes=sentinel.key_bytes,
+                # Given: No encoding provided => default arg
             )
 
+            # Then: calls load_der_private_key
             mock_der.assert_called_once_with(
                 data=sentinel.key_bytes, password=None, backend=patch_default_backend.return_value
             )
@@ -113,12 +116,15 @@ def test_GIVEN_PEM_encoding_WHEN_signer_from_key_bytes_THEN_load_pem_private_key
     mock_algorithm_info = MagicMock(return_value=sentinel.algorithm_info, spec=patch_ec.EllipticCurve)
     _algorithm = MagicMock(signing_algorithm_info=mock_algorithm_info)
 
+    # When: from_key_bytes
     signer = Signer.from_key_bytes(
         algorithm=_algorithm,
         key_bytes=sentinel.key_bytes,
+        # Given: PEM encoding
         encoding=patch_serialization.Encoding.PEM
     )
 
+    # Then: calls load_pem_private_key
     patch_serialization.load_pem_private_key.assert_called_once_with(
         data=sentinel.key_bytes, password=None, backend=patch_default_backend.return_value
     )
@@ -136,10 +142,13 @@ def test_GIVEN_unrecognized_encoding_WHEN_signer_from_key_bytes_THEN_raise_Value
     mock_algorithm_info = MagicMock(return_value=sentinel.algorithm_info, spec=patch_ec.EllipticCurve)
     _algorithm = MagicMock(signing_algorithm_info=mock_algorithm_info)
 
+    # Then: Raises ValueError
     with pytest.raises(ValueError):
+        # When: from_key_bytes
         signer = Signer.from_key_bytes(
             algorithm=_algorithm,
             key_bytes=sentinel.key_bytes,
+            # Given: Invalid encoding
             encoding="not an encoding"
         )
 
diff --git a/test/unit/test_streaming_client_configs.py b/test/unit/test_streaming_client_configs.py
@@ -193,22 +193,28 @@ def test_client_config_converts(kwargs, stream_type):
         assert isinstance(test.materials_manager, DefaultCryptoMaterialsManager)
 
 
+# Given: no MPL
 @pytest.mark.skipif(HAS_MPL, reason="Test should only be executed without MPL in installation")
 @patch.object(_ClientConfig, "_no_mpl_attrs_post_init")
 def test_GIVEN_no_mpl_WHEN_attrs_post_init_THEN_calls_no_mpl_method(
     mock_no_mpl_attrs_post_init,
 ):
+    # When: attrs_post_init
     _ClientConfig(**BASE_KWARGS)
+    # Then: calls _no_mpl_attrs_post_init
     mock_no_mpl_attrs_post_init.assert_called_once_with()
 
 
+# Given: has MPL
 @pytest.mark.skipif(not HAS_MPL, reason="Test should only be executed with MPL in installation")
 @patch.object(_ClientConfig, "_has_mpl_attrs_post_init")
 def test_GIVEN_has_mpl_WHEN_attrs_post_init_THEN_calls_no_mpl_method(
-    _has_mpl_attrs_post_init,
+    mock_has_mpl_attrs_post_init,
 ):
+    # When: attrs_post_init
     _ClientConfig(**BASE_KWARGS)
-    _has_mpl_attrs_post_init.assert_called_once_with()
+    # Then: calls _has_mpl_attrs_post_init
+    mock_has_mpl_attrs_post_init.assert_called_once_with()
 
 
 @pytest.mark.skipif(not HAS_MPL, reason="Test should only be executed with MPL in installation")
diff --git a/test/unit/test_streaming_client_stream_decryptor.py b/test/unit/test_streaming_client_stream_decryptor.py
@@ -37,14 +37,11 @@
 # Ideally, this logic would be based on mocking imports and testing logic,
 # but doing that introduces errors that cause other tests to fail.
 try:
-    from aws_cryptographic_materialproviders.mpl.references import (
-        IKeyring,
-    )
-    HAS_MPL = True
-
     from aws_encryption_sdk.materials_managers.mpl.cmm import (
         CryptoMaterialsManagerFromMPL,
     )
+    HAS_MPL = True
+
 except ImportError:
     HAS_MPL = False
 
@@ -238,12 +235,14 @@ def test_read_header(self, mock_derive_datakey, mock_decrypt_materials_request,
     @patch("aws_encryption_sdk.streaming_client.DecryptionMaterialsRequest")
     @patch("aws_encryption_sdk.streaming_client.derive_data_encryption_key")
     @patch("aws_encryption_sdk.streaming_client.Verifier")
+    # Given: no MPL
     @pytest.mark.skipif(HAS_MPL, reason="Test should only be executed without MPL in installation")
     def test_GIVEN_verification_key_AND_no_mpl_WHEN_read_header_THEN_calls_from_key_bytes(
         self,
         mock_verifier,
         *_,
     ):
+        # Given: verification key
         mock_verifier_instance = MagicMock()
         mock_verifier.from_key_bytes.return_value = mock_verifier_instance
         ct_stream = io.BytesIO(VALUES["data_128"])
@@ -256,35 +255,42 @@ def test_GIVEN_verification_key_AND_no_mpl_WHEN_read_header_THEN_calls_from_key_
         test_decryptor.source_stream = ct_stream
         test_decryptor._stream_length = len(VALUES["data_128"])
 
+        # When: read header
         test_decryptor._read_header()
 
+        # Then: calls from_key_bytes 
         mock_verifier.from_key_bytes.assert_called_once_with(
             algorithm=self.mock_header.algorithm, key_bytes=sentinel.verification_key
         )
 
     @patch("aws_encryption_sdk.streaming_client.DecryptionMaterialsRequest")
     @patch("aws_encryption_sdk.streaming_client.derive_data_encryption_key")
     @patch("aws_encryption_sdk.streaming_client.Verifier")
+    # Given: has MPL
     @pytest.mark.skipif(not HAS_MPL, reason="Test should only be executed with MPL in installation")
     def test_GIVEN_verification_key_AND_has_mpl_AND_not_MPLCMM_WHEN_read_header_THEN_calls_from_key_bytes(
         self,
         mock_verifier,
         *_,
     ):
+        # Given: verification key
         mock_verifier_instance = MagicMock()
         mock_verifier.from_key_bytes.return_value = mock_verifier_instance
         ct_stream = io.BytesIO(VALUES["data_128"])
         mock_commitment_policy = MagicMock(__class__=CommitmentPolicy)
         test_decryptor = StreamDecryptor(
+            # Given: native CMM
             materials_manager=self.mock_materials_manager,
             source=ct_stream,
             commitment_policy=mock_commitment_policy,
         )
         test_decryptor.source_stream = ct_stream
         test_decryptor._stream_length = len(VALUES["data_128"])
 
+        # When: read_header
         test_decryptor._read_header()
 
+        # Then: calls from_key_bytess
         mock_verifier.from_key_bytes.assert_called_once_with(
             algorithm=self.mock_header.algorithm, key_bytes=sentinel.verification_key
         )
@@ -293,56 +299,36 @@ def test_GIVEN_verification_key_AND_has_mpl_AND_not_MPLCMM_WHEN_read_header_THEN
     @patch("aws_encryption_sdk.streaming_client.derive_data_encryption_key")
     @patch("aws_encryption_sdk.streaming_client.Verifier")
     @patch("base64.b64encode")
+    # Given: has MPL
     @pytest.mark.skipif(not HAS_MPL, reason="Test should only be executed with MPL in installation")
     def test_GIVEN_verification_key_AND_has_mpl_AND_has_MPLCMM_WHEN_read_header_THEN_calls_from_encoded_point(
         self,
         mock_b64encoding,
         mock_verifier,
         *_,
     ):
+        # Given: Verification key
         mock_verifier_instance = MagicMock()
         mock_verifier.from_key_bytes.return_value = mock_verifier_instance
         ct_stream = io.BytesIO(VALUES["data_128"])
         mock_commitment_policy = MagicMock(__class__=CommitmentPolicy)
         test_decryptor = StreamDecryptor(
+            # Given: MPL CMM
             materials_manager=self.mock_mpl_materials_manager,
             source=ct_stream,
             commitment_policy=mock_commitment_policy,
         )
         test_decryptor.source_stream = ct_stream
         test_decryptor._stream_length = len(VALUES["data_128"])
 
+        # When: read header
         test_decryptor._read_header()
 
+        # Then: calls from_encoded_point
         mock_verifier.from_encoded_point.assert_called_once_with(
             algorithm=self.mock_header.algorithm, encoded_point=mock_b64encoding()
         )
 
-    # @patch("aws_encryption_sdk.streaming_client.Verifier")
-    # @pytest.mark.skipif(not HAS_MPL, reason="Test should only be executed with MPL in installation")
-    # def test_GIVEN_verification_key_AND_has_mpl_AND_not_MPLCMM_WHEN_read_header_THEN_calls_from_key_bytes(
-    #     self,
-    #     mock_verifier,
-    # ):
-    #     mock_verifier_instance = MagicMock()
-    #     mock_verifier.from_key_bytes.return_value = mock_verifier_instance
-    #     ct_stream = io.BytesIO(VALUES["data_128"])
-    #     mock_commitment_policy = MagicMock(__class__=CommitmentPolicy)
-    #     test_decryptor = StreamDecryptor(
-    #         materials_manager=self.mock_materials_manager,
-    #         source=ct_stream,
-    #         commitment_policy=mock_commitment_policy,
-    #     )
-    #     test_decryptor.source_stream = ct_stream
-    #     test_decryptor._stream_length = len(VALUES["data_128"])
-
-    #     test_decryptor._read_header()
-
-    #     mock_verifier.from_key_bytes.assert_called_once_with(
-    #         algorithm=self.mock_header.algorithm, key_bytes=sentinel.verification_key
-    #     )
-
-
     @patch("aws_encryption_sdk.streaming_client.derive_data_encryption_key")
     def test_read_header_frame_too_large(self, mock_derive_datakey):
         self.mock_header.content_type = ContentType.FRAMED_DATA
diff --git a/test/unit/test_streaming_client_stream_encryptor.py b/test/unit/test_streaming_client_stream_encryptor.py
@@ -42,14 +42,11 @@
 # Ideally, this logic would be based on mocking imports and testing logic,
 # but doing that introduces errors that cause other tests to fail.
 try:
-    from aws_cryptographic_materialproviders.mpl.references import (
-        IKeyring,
-    )
-    HAS_MPL = True
-
     from aws_encryption_sdk.materials_managers.mpl.cmm import (
         CryptoMaterialsManagerFromMPL,
     )
+    HAS_MPL = True
+
 except ImportError:
     HAS_MPL = False
 
@@ -387,6 +384,7 @@ def test_prep_message_non_framed_message(self, mock_write_header, mock_prep_non_
         test_encryptor._prep_message()
         mock_prep_non_framed.assert_called_once_with()
 
+    # Given: no MPL
     @pytest.mark.skipif(HAS_MPL, reason="Test should only be executed without MPL in installation")
     def test_GIVEN_no_mpl_AND_uses_signer_WHEN_prep_message_THEN_signer_uses_default_encoding(self):
         self.mock_encryption_materials.algorithm = Algorithm.AES_128_GCM_IV12_TAG16
@@ -400,17 +398,21 @@ def test_GIVEN_no_mpl_AND_uses_signer_WHEN_prep_message_THEN_signer_uses_default
         )
         test_encryptor.content_type = ContentType.FRAMED_DATA
         with patch.object(self.mock_signer, "from_key_bytes"):
+            # When: prep message
             test_encryptor._prep_message()
+            # Then: calls from_key_bytes with default encoding
             self.mock_signer.from_key_bytes.assert_called_once_with(
                 algorithm=self.mock_encryption_materials.algorithm,
                 key_bytes=self.mock_encryption_materials.signing_key
             )
 
+    # Given: has MPL
     @pytest.mark.skipif(not HAS_MPL, reason="Test should only be executed with MPL in installation")
     def test_GIVEN_has_mpl_AND_not_MPLCMM_AND_uses_signer_WHEN_prep_message_THEN_signer_uses_default_encoding(self):
         self.mock_encryption_materials.algorithm = Algorithm.AES_128_GCM_IV12_TAG16
         test_encryptor = StreamEncryptor(
             source=VALUES["data_128"],
+            # Given: native CMM
             materials_manager=self.mock_materials_manager,
             frame_length=self.mock_frame_length,
             algorithm=Algorithm.AES_128_GCM_IV12_TAG16,
@@ -419,17 +421,21 @@ def test_GIVEN_has_mpl_AND_not_MPLCMM_AND_uses_signer_WHEN_prep_message_THEN_sig
         )
         test_encryptor.content_type = ContentType.FRAMED_DATA
         with patch.object(self.mock_signer, "from_key_bytes"):
+            # When: prep_message
             test_encryptor._prep_message()
+            # Then: calls from_key_bytes with default encoding
             self.mock_signer.from_key_bytes.assert_called_once_with(
                 algorithm=self.mock_encryption_materials.algorithm,
                 key_bytes=self.mock_encryption_materials.signing_key
             )
 
+    # Given: has MPL
     @pytest.mark.skipif(not HAS_MPL, reason="Test should only be executed with MPL in installation")
-    def test_GIVEN_has_mpl_AND_has_MPLCMM_AND_uses_signer_WHEN_prep_message_THEN_signer_uses_default_encoding(self):
+    def test_GIVEN_has_mpl_AND_has_MPLCMM_AND_uses_signer_WHEN_prep_message_THEN_signer_uses_PEM_encoding(self):
         self.mock_encryption_materials.algorithm = Algorithm.AES_128_GCM_IV12_TAG16
         test_encryptor = StreamEncryptor(
             source=VALUES["data_128"],
+            # Given: MPL CMM
             materials_manager=self.mock_mpl_materials_manager,
             frame_length=self.mock_frame_length,
             algorithm=Algorithm.AES_128_GCM_IV12_TAG16,
@@ -438,10 +444,12 @@ def test_GIVEN_has_mpl_AND_has_MPLCMM_AND_uses_signer_WHEN_prep_message_THEN_sig
         )
         test_encryptor.content_type = ContentType.FRAMED_DATA
         with patch.object(self.mock_signer, "from_key_bytes"):
+            # When: prep_message
             test_encryptor._prep_message()
             self.mock_signer.from_key_bytes.assert_called_once_with(
                 algorithm=self.mock_encryption_materials.algorithm,
                 key_bytes=self.mock_encryption_materials.signing_key,
+                # Then: calls from_key_bytes with PEM encoding
                 encoding=serialization.Encoding.PEM
             )
 
