sprint-8: EKF + adaptive tuner + HWID + SHA-256 audit hash-chain
- heading_ekf.py: 2-state Kalman filter fusing PGN 127250 heading and 127251 ROT with shortest-arc innovation and symmetric covariance update - adaptive_tuner.py: gradient-descent outer-loop Kp/Ki adjuster bounded to ±adaptive_max_deviation_pct; oscillation vs steady-state detection - hwid.py: HMAC-SHA256 activation token (verify side); hwid_from_mac_words converts three Modbus uint16 MAC words to 12-char hex HWID - audit.py: SHA-256 hash-chain -- each JSONL line carries prev_hash and line_hash; verify_chain() detects tampering, deletion, insertion - firmware/system/hwid.h+cpp: esp_efuse_mac_get_default wrapper + FNV-32 hash + "AA:BB:CC:DD:EE:FF" formatter - modbus_registers.yaml + generated .h/.py: HWID_MAC_01/23/45 at input addrs 9/10/11 (three 16-bit words = 6-byte MAC) - modbus_slave.cpp: INPUT_HWID_MAC_01/23/45 cases read eFuse MAC - main.cpp: logs HWID string + FNV-32 hash at boot (activation traceability) - tests: 72 new tests (audit signing, EKF, adaptive tuner, HWID) -- 398 total Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -0,0 +1,157 @@
|
||||
"""Tests for AdaptiveTuner -- Sprint 8."""
|
||||
|
||||
from __future__ import annotations
|
||||
|
||||
import pytest
|
||||
|
||||
from arautopilot.core.adaptive_tuner import AdaptiveTuner
|
||||
from arautopilot.core.pid_config import PidConfig, PidGains
|
||||
|
||||
|
||||
def _make_config(
|
||||
adaptive_enabled: bool = True,
|
||||
adaptive_max_deviation_pct: float = 50.0,
|
||||
) -> PidConfig:
|
||||
return PidConfig(
|
||||
inner_loop_base=PidGains(kp=1.0, ki=0.1, kd=0.05),
|
||||
outer_loop_base=PidGains(kp=2.0, ki=0.2, kd=0.1),
|
||||
adaptive_enabled=adaptive_enabled,
|
||||
adaptive_max_deviation_pct=adaptive_max_deviation_pct,
|
||||
)
|
||||
|
||||
|
||||
def _make_tuner(
|
||||
kp: float = 2.0,
|
||||
ki: float = 0.4,
|
||||
adaptive_max_deviation_pct: float = 50.0,
|
||||
window_steps: int = 10,
|
||||
step_pct: float = 0.1,
|
||||
) -> AdaptiveTuner:
|
||||
config = PidConfig(
|
||||
inner_loop_base=PidGains(kp=1.0, ki=0.1, kd=0.05),
|
||||
outer_loop_base=PidGains(kp=kp, ki=ki, kd=0.1),
|
||||
adaptive_enabled=True,
|
||||
adaptive_max_deviation_pct=adaptive_max_deviation_pct,
|
||||
)
|
||||
base = PidGains(kp=kp, ki=ki, kd=0.1)
|
||||
return AdaptiveTuner(config=config, base_gains=base, window_steps=window_steps, step_pct=step_pct)
|
||||
|
||||
|
||||
class TestAdaptiveDisabled:
|
||||
def test_returns_none_when_disabled(self):
|
||||
config = _make_config(adaptive_enabled=False)
|
||||
tuner = AdaptiveTuner(
|
||||
config=config,
|
||||
base_gains=PidGains(kp=2.0, ki=0.2, kd=0.1),
|
||||
)
|
||||
for _ in range(200):
|
||||
result = tuner.step(5.0)
|
||||
assert result is None
|
||||
|
||||
|
||||
class TestBufferFill:
|
||||
def test_returns_none_before_buffer_full(self):
|
||||
tuner = _make_tuner(window_steps=20)
|
||||
for i in range(19):
|
||||
assert tuner.step(5.0) is None
|
||||
|
||||
def test_may_adapt_once_buffer_is_full(self):
|
||||
tuner = _make_tuner(window_steps=10, step_pct=0.1)
|
||||
result = None
|
||||
for _ in range(10):
|
||||
result = tuner.step(5.0) # large persistent error → increase Kp
|
||||
# Should have triggered an adaptation on the 10th step
|
||||
assert result is not None
|
||||
|
||||
|
||||
class TestOscillationDetection:
|
||||
def test_oscillating_signal_reduces_kp(self):
|
||||
tuner = _make_tuner(window_steps=10, kp=2.0, step_pct=0.1)
|
||||
original_kp = tuner._current_kp
|
||||
# Fill buffer with alternating signs (100% sign flips)
|
||||
result = None
|
||||
for i in range(10):
|
||||
err = 3.0 if i % 2 == 0 else -3.0
|
||||
result = tuner.step(err)
|
||||
# After oscillation detection, Kp should be reduced
|
||||
if result is not None:
|
||||
assert result.kp < original_kp
|
||||
|
||||
def test_steady_error_increases_kp(self):
|
||||
tuner = _make_tuner(window_steps=10, kp=2.0, step_pct=0.1, ki=0.2)
|
||||
original_kp = tuner._current_kp
|
||||
result = None
|
||||
for _ in range(10):
|
||||
result = tuner.step(5.0) # sustained positive error
|
||||
assert result is not None
|
||||
assert result.kp > original_kp
|
||||
|
||||
def test_small_error_within_deadband_no_adapt(self):
|
||||
tuner = _make_tuner(window_steps=10)
|
||||
tuner.dead_band_deg = 2.0
|
||||
result = None
|
||||
for _ in range(10):
|
||||
result = tuner.step(0.5) # within dead band
|
||||
assert result is None
|
||||
|
||||
|
||||
class TestBoundsClamping:
|
||||
def test_kp_never_exceeds_upper_bound(self):
|
||||
tuner = _make_tuner(kp=2.0, adaptive_max_deviation_pct=20.0, window_steps=5, step_pct=0.5)
|
||||
for _ in range(200):
|
||||
tuner.step(10.0) # large error, keep trying to increase
|
||||
assert tuner._current_kp <= 2.0 * 1.20 + 1e-9
|
||||
|
||||
def test_kp_never_below_lower_bound(self):
|
||||
tuner = _make_tuner(kp=2.0, adaptive_max_deviation_pct=20.0, window_steps=5, step_pct=0.5)
|
||||
for i in range(200):
|
||||
err = 5.0 if i % 2 == 0 else -5.0
|
||||
assert tuner._current_kp >= 2.0 * 0.80 - 1e-9
|
||||
|
||||
def test_ki_stays_within_bound(self):
|
||||
tuner = _make_tuner(kp=2.0, ki=0.4, adaptive_max_deviation_pct=30.0, window_steps=5, step_pct=0.5)
|
||||
for _ in range(200):
|
||||
tuner.step(10.0)
|
||||
assert tuner._current_ki <= 0.4 * 1.30 + 1e-9
|
||||
|
||||
def test_kd_unchanged_after_adaptation(self):
|
||||
tuner = _make_tuner(window_steps=10, step_pct=0.1)
|
||||
original_kd = tuner._current_kd
|
||||
for _ in range(50):
|
||||
tuner.step(5.0)
|
||||
assert tuner._current_kd == pytest.approx(original_kd)
|
||||
|
||||
|
||||
class TestKiRatioPreservation:
|
||||
def test_ki_kp_ratio_preserved_after_adapt(self):
|
||||
tuner = _make_tuner(kp=2.0, ki=0.4, window_steps=10, step_pct=0.1)
|
||||
base_ratio = 0.4 / 2.0
|
||||
result = None
|
||||
for _ in range(10):
|
||||
result = tuner.step(5.0)
|
||||
if result is not None:
|
||||
new_ratio = result.ki / result.kp
|
||||
assert new_ratio == pytest.approx(base_ratio, rel=0.01)
|
||||
|
||||
|
||||
class TestReset:
|
||||
def test_reset_restores_base_gains(self):
|
||||
tuner = _make_tuner(kp=2.0, ki=0.4, window_steps=10, step_pct=0.1)
|
||||
for _ in range(10):
|
||||
tuner.step(5.0)
|
||||
tuner.reset()
|
||||
assert tuner._current_kp == pytest.approx(2.0)
|
||||
assert tuner._current_ki == pytest.approx(0.4)
|
||||
|
||||
def test_reset_clears_buffer(self):
|
||||
tuner = _make_tuner(window_steps=10)
|
||||
for _ in range(8):
|
||||
tuner.step(5.0)
|
||||
tuner.reset()
|
||||
assert len(tuner._error_buffer) == 0
|
||||
|
||||
def test_current_gains_property(self):
|
||||
tuner = _make_tuner(kp=2.0, ki=0.4)
|
||||
g = tuner.current_gains
|
||||
assert g.kp == pytest.approx(2.0)
|
||||
assert g.ki == pytest.approx(0.4)
|
||||
@@ -0,0 +1,180 @@
|
||||
"""Tests for SHA-256 hash-chain audit signing -- Sprint 8."""
|
||||
|
||||
from __future__ import annotations
|
||||
|
||||
import json
|
||||
import tempfile
|
||||
from pathlib import Path
|
||||
|
||||
import pytest
|
||||
|
||||
from arautopilot.core.audit import (
|
||||
GENESIS_HASH,
|
||||
AuditEvent,
|
||||
AuditLog,
|
||||
AuditOutcome,
|
||||
)
|
||||
|
||||
|
||||
def _make_event(**kwargs) -> AuditEvent:
|
||||
defaults = dict(action="test_action", outcome=AuditOutcome.SUCCESS)
|
||||
defaults.update(kwargs)
|
||||
return AuditEvent(**defaults)
|
||||
|
||||
|
||||
class TestGenesisHash:
|
||||
def test_genesis_hash_is_64_hex_chars(self):
|
||||
assert len(GENESIS_HASH) == 64
|
||||
assert all(c == "0" for c in GENESIS_HASH)
|
||||
|
||||
def test_compute_hash_returns_64_char_hex(self):
|
||||
h = AuditEvent._compute_hash(GENESIS_HASH, "payload")
|
||||
assert len(h) == 64
|
||||
assert all(c in "0123456789abcdef" for c in h)
|
||||
|
||||
|
||||
class TestHashChainAppend:
|
||||
def test_first_event_prev_hash_is_genesis(self, tmp_path):
|
||||
log = AuditLog(tmp_path / "audit.jsonl")
|
||||
log.append(_make_event(action="first"))
|
||||
events = log.read_all()
|
||||
assert events[0].prev_hash == GENESIS_HASH
|
||||
|
||||
def test_second_event_prev_hash_links_to_first(self, tmp_path):
|
||||
log = AuditLog(tmp_path / "audit.jsonl")
|
||||
log.append(_make_event(action="first"))
|
||||
log.append(_make_event(action="second"))
|
||||
events = log.read_all()
|
||||
assert events[1].prev_hash == events[0].line_hash
|
||||
|
||||
def test_line_hash_is_deterministic(self, tmp_path):
|
||||
log = AuditLog(tmp_path / "audit.jsonl")
|
||||
event = _make_event(action="deterministic")
|
||||
log.append(event)
|
||||
events = log.read_all()
|
||||
e = events[0]
|
||||
# Recompute manually
|
||||
payload_dict = e.model_dump(mode="json")
|
||||
payload_dict.pop("prev_hash")
|
||||
payload_dict.pop("line_hash")
|
||||
canonical = json.dumps(payload_dict, ensure_ascii=False, sort_keys=True)
|
||||
expected = AuditEvent._compute_hash(GENESIS_HASH, canonical)
|
||||
assert e.line_hash == expected
|
||||
|
||||
def test_chain_links_across_multiple_events(self, tmp_path):
|
||||
log = AuditLog(tmp_path / "audit.jsonl")
|
||||
for i in range(5):
|
||||
log.append(_make_event(action=f"event_{i}"))
|
||||
events = log.read_all()
|
||||
assert events[0].prev_hash == GENESIS_HASH
|
||||
for i in range(1, 5):
|
||||
assert events[i].prev_hash == events[i - 1].line_hash
|
||||
|
||||
def test_chain_continues_after_reload(self, tmp_path):
|
||||
p = tmp_path / "audit.jsonl"
|
||||
log1 = AuditLog(p)
|
||||
log1.append(_make_event(action="first"))
|
||||
first_hash = log1._last_line_hash
|
||||
|
||||
log2 = AuditLog(p) # reload
|
||||
log2.append(_make_event(action="second"))
|
||||
events = log2.read_all()
|
||||
assert events[1].prev_hash == first_hash
|
||||
|
||||
|
||||
class TestVerifyChain:
|
||||
def test_empty_log_verifies_ok(self, tmp_path):
|
||||
log = AuditLog(tmp_path / "audit.jsonl")
|
||||
ok, reason = log.verify_chain()
|
||||
assert ok
|
||||
assert reason == "ok"
|
||||
|
||||
def test_valid_chain_verifies_ok(self, tmp_path):
|
||||
log = AuditLog(tmp_path / "audit.jsonl")
|
||||
for i in range(10):
|
||||
log.append(_make_event(action=f"ev_{i}"))
|
||||
ok, reason = log.verify_chain()
|
||||
assert ok, reason
|
||||
|
||||
def test_tampered_content_detected(self, tmp_path):
|
||||
p = tmp_path / "audit.jsonl"
|
||||
log = AuditLog(p)
|
||||
log.append(_make_event(action="before_tamper"))
|
||||
log.append(_make_event(action="after_tamper"))
|
||||
|
||||
# Tamper the first line: change action field in the raw JSON
|
||||
lines = p.read_text(encoding="utf-8").splitlines()
|
||||
data = json.loads(lines[0])
|
||||
data["action"] = "TAMPERED"
|
||||
lines[0] = json.dumps(data)
|
||||
p.write_text("\n".join(lines) + "\n", encoding="utf-8")
|
||||
|
||||
log2 = AuditLog(p)
|
||||
ok, reason = log2.verify_chain()
|
||||
assert not ok
|
||||
assert "tampered" in reason.lower() or "mismatch" in reason.lower()
|
||||
|
||||
def test_deleted_line_detected(self, tmp_path):
|
||||
p = tmp_path / "audit.jsonl"
|
||||
log = AuditLog(p)
|
||||
for i in range(3):
|
||||
log.append(_make_event(action=f"ev_{i}"))
|
||||
|
||||
# Remove the second line
|
||||
lines = [l for l in p.read_text(encoding="utf-8").splitlines() if l.strip()]
|
||||
lines.pop(1)
|
||||
p.write_text("\n".join(lines) + "\n", encoding="utf-8")
|
||||
|
||||
log2 = AuditLog(p)
|
||||
ok, reason = log2.verify_chain()
|
||||
assert not ok
|
||||
|
||||
def test_inserted_line_detected(self, tmp_path):
|
||||
p = tmp_path / "audit.jsonl"
|
||||
log = AuditLog(p)
|
||||
log.append(_make_event(action="first"))
|
||||
log.append(_make_event(action="last"))
|
||||
|
||||
# Insert a fake line between them (with wrong prev_hash)
|
||||
lines = p.read_text(encoding="utf-8").splitlines()
|
||||
fake = json.loads(lines[0])
|
||||
fake["action"] = "injected"
|
||||
fake["prev_hash"] = "a" * 64
|
||||
fake["line_hash"] = "b" * 64
|
||||
lines.insert(1, json.dumps(fake))
|
||||
p.write_text("\n".join(lines) + "\n", encoding="utf-8")
|
||||
|
||||
log2 = AuditLog(p)
|
||||
ok, reason = log2.verify_chain()
|
||||
assert not ok
|
||||
|
||||
|
||||
class TestHashChainIsolation:
|
||||
def test_hash_fields_excluded_from_payload(self, tmp_path):
|
||||
log = AuditLog(tmp_path / "audit.jsonl")
|
||||
log.append(_make_event(action="isolated"))
|
||||
events = log.read_all()
|
||||
e = events[0]
|
||||
# The hash must NOT depend on the hash fields themselves (circular).
|
||||
# Recompute without hash fields and confirm it matches.
|
||||
payload_dict = e.model_dump(mode="json")
|
||||
payload_dict.pop("prev_hash")
|
||||
payload_dict.pop("line_hash")
|
||||
canonical = json.dumps(payload_dict, ensure_ascii=False, sort_keys=True)
|
||||
expected = AuditEvent._compute_hash(e.prev_hash, canonical)
|
||||
assert e.line_hash == expected
|
||||
|
||||
def test_extra_field_change_breaks_chain(self, tmp_path):
|
||||
p = tmp_path / "audit.jsonl"
|
||||
log = AuditLog(p)
|
||||
log.append(_make_event(action="good", extra={"key": "value"}))
|
||||
|
||||
lines = p.read_text(encoding="utf-8").splitlines()
|
||||
data = json.loads(lines[0])
|
||||
data["extra"]["key"] = "EVIL"
|
||||
lines[0] = json.dumps(data)
|
||||
p.write_text("\n".join(lines) + "\n", encoding="utf-8")
|
||||
|
||||
log2 = AuditLog(p)
|
||||
ok, _ = log2.verify_chain()
|
||||
assert not ok
|
||||
@@ -0,0 +1,142 @@
|
||||
"""Tests for 2-state Heading EKF -- Sprint 8."""
|
||||
|
||||
from __future__ import annotations
|
||||
|
||||
import math
|
||||
|
||||
import pytest
|
||||
|
||||
from arautopilot.core.heading_ekf import HeadingEKF, _shortest_arc
|
||||
|
||||
|
||||
class TestShortestArc:
|
||||
def test_zero_difference(self):
|
||||
assert _shortest_arc(90.0, 90.0) == pytest.approx(0.0)
|
||||
|
||||
def test_positive_difference(self):
|
||||
assert _shortest_arc(100.0, 90.0) == pytest.approx(10.0)
|
||||
|
||||
def test_negative_difference(self):
|
||||
assert _shortest_arc(80.0, 90.0) == pytest.approx(-10.0)
|
||||
|
||||
def test_wrap_around_positive(self):
|
||||
# 350 → 10 is +20 degrees (going through north)
|
||||
assert _shortest_arc(10.0, 350.0) == pytest.approx(20.0)
|
||||
|
||||
def test_wrap_around_negative(self):
|
||||
# 10 → 350 is -20 degrees
|
||||
assert _shortest_arc(350.0, 10.0) == pytest.approx(-20.0)
|
||||
|
||||
def test_exactly_180_degrees(self):
|
||||
diff = _shortest_arc(270.0, 90.0)
|
||||
assert abs(diff) == pytest.approx(180.0)
|
||||
|
||||
|
||||
class TestPredict:
|
||||
def test_heading_advances_by_rot_times_dt(self):
|
||||
ekf = HeadingEKF(heading_deg=0.0, rot_dps=10.0)
|
||||
ekf.predict(dt_s=1.0)
|
||||
assert ekf.heading_deg == pytest.approx(10.0)
|
||||
|
||||
def test_heading_wraps_at_360(self):
|
||||
ekf = HeadingEKF(heading_deg=355.0, rot_dps=10.0)
|
||||
ekf.predict(dt_s=1.0)
|
||||
assert ekf.heading_deg == pytest.approx(5.0)
|
||||
|
||||
def test_zero_rot_heading_unchanged(self):
|
||||
ekf = HeadingEKF(heading_deg=45.0, rot_dps=0.0)
|
||||
ekf.predict(dt_s=1.0)
|
||||
assert ekf.heading_deg == pytest.approx(45.0)
|
||||
|
||||
def test_covariance_grows_with_predict(self):
|
||||
ekf = HeadingEKF()
|
||||
p00_before = ekf._P[0]
|
||||
ekf.predict(dt_s=0.1)
|
||||
assert ekf._P[0] > p00_before
|
||||
|
||||
def test_predict_symmetry_p01_p10(self):
|
||||
ekf = HeadingEKF()
|
||||
for _ in range(5):
|
||||
ekf.predict(dt_s=0.1)
|
||||
assert ekf._P[1] == pytest.approx(ekf._P[2])
|
||||
|
||||
|
||||
class TestUpdateHeading:
|
||||
def test_state_moves_toward_measurement(self):
|
||||
ekf = HeadingEKF(heading_deg=0.0)
|
||||
ekf.update_heading(10.0)
|
||||
assert 0.0 < ekf.heading_deg < 10.0
|
||||
|
||||
def test_exact_measurement_moves_fully_when_p_large(self):
|
||||
# With very large P and very small noise, Kalman gain → 1
|
||||
ekf = HeadingEKF(heading_deg=0.0, _P=[1e6, 0.0, 0.0, 1e6])
|
||||
ekf.update_heading(90.0, noise_deg=0.001)
|
||||
assert ekf.heading_deg == pytest.approx(90.0, abs=0.1)
|
||||
|
||||
def test_covariance_shrinks_after_update(self):
|
||||
ekf = HeadingEKF()
|
||||
ekf._P = [100.0, 0.0, 0.0, 100.0]
|
||||
p00_before = ekf._P[0]
|
||||
ekf.update_heading(10.0, noise_deg=2.0)
|
||||
assert ekf._P[0] < p00_before
|
||||
|
||||
def test_wrap_around_innov(self):
|
||||
ekf = HeadingEKF(heading_deg=355.0)
|
||||
ekf._P = [1e6, 0.0, 0.0, 1e6]
|
||||
ekf.update_heading(5.0, noise_deg=0.001)
|
||||
# Should go toward 5.0 (via shortest arc +10), not regress
|
||||
assert ekf.heading_deg == pytest.approx(5.0, abs=0.5)
|
||||
|
||||
|
||||
class TestUpdateRot:
|
||||
def test_state_moves_toward_rot_measurement(self):
|
||||
ekf = HeadingEKF(rot_dps=0.0)
|
||||
ekf.update_rot(5.0)
|
||||
assert 0.0 < ekf.rot_dps < 5.0
|
||||
|
||||
def test_covariance_p11_shrinks_after_rot_update(self):
|
||||
ekf = HeadingEKF()
|
||||
ekf._P = [100.0, 0.0, 0.0, 100.0]
|
||||
p11_before = ekf._P[3]
|
||||
ekf.update_rot(2.0, noise_dps=1.0)
|
||||
assert ekf._P[3] < p11_before
|
||||
|
||||
|
||||
class TestCovarianceConvergence:
|
||||
def test_covariance_converges_with_repeated_updates(self):
|
||||
ekf = HeadingEKF(
|
||||
process_noise_heading=0.01,
|
||||
process_noise_rot=0.1,
|
||||
_P=[100.0, 0.0, 0.0, 100.0],
|
||||
)
|
||||
# 50 predict+update cycles
|
||||
for _ in range(50):
|
||||
ekf.predict(dt_s=0.1)
|
||||
ekf.update_heading(ekf.heading_deg, noise_deg=2.0)
|
||||
ekf.update_rot(ekf.rot_dps, noise_dps=1.0)
|
||||
|
||||
# Covariance should have converged to steady-state (not 100 anymore)
|
||||
assert ekf._P[0] < 50.0
|
||||
assert ekf._P[3] < 50.0
|
||||
|
||||
def test_filter_tracks_constant_heading(self):
|
||||
true_heading = 135.0
|
||||
ekf = HeadingEKF(heading_deg=0.0)
|
||||
for _ in range(100):
|
||||
ekf.predict(dt_s=0.1)
|
||||
ekf.update_heading(true_heading, noise_deg=2.0)
|
||||
assert ekf.heading_deg == pytest.approx(true_heading, abs=2.0)
|
||||
|
||||
def test_filter_tracks_constant_rot(self):
|
||||
ekf = HeadingEKF(heading_deg=0.0, rot_dps=0.0)
|
||||
true_rot = 3.0
|
||||
for _ in range(100):
|
||||
ekf.predict(dt_s=0.1)
|
||||
ekf.update_rot(true_rot, noise_dps=0.5)
|
||||
assert ekf.rot_dps == pytest.approx(true_rot, abs=0.5)
|
||||
|
||||
def test_covariance_property_returns_tuple(self):
|
||||
ekf = HeadingEKF()
|
||||
cov = ekf.covariance
|
||||
assert len(cov) == 4
|
||||
assert all(isinstance(v, float) for v in cov)
|
||||
@@ -0,0 +1,144 @@
|
||||
"""Tests for HWID activation token -- Sprint 8."""
|
||||
|
||||
from __future__ import annotations
|
||||
|
||||
import hashlib
|
||||
import hmac
|
||||
import os
|
||||
|
||||
import pytest
|
||||
|
||||
from arautopilot.core.hwid import (
|
||||
STUB_SECRET_KEY,
|
||||
TOKEN_BYTES,
|
||||
format_hwid,
|
||||
generate_token,
|
||||
hwid_from_mac_words,
|
||||
verify_token,
|
||||
)
|
||||
|
||||
|
||||
SAMPLE_HWID = "aabbccddeeff" # 12-char lower-case hex
|
||||
|
||||
|
||||
class TestHwidFromMacWords:
|
||||
def test_known_bytes(self):
|
||||
# mac01=0xAABB, mac23=0xCCDD, mac45=0xEEFF → "aabbccddeeff"
|
||||
result = hwid_from_mac_words(0xAABB, 0xCCDD, 0xEEFF)
|
||||
assert result == "aabbccddeeff"
|
||||
|
||||
def test_zero_mac(self):
|
||||
result = hwid_from_mac_words(0, 0, 0)
|
||||
assert result == "000000000000"
|
||||
|
||||
def test_all_ones(self):
|
||||
result = hwid_from_mac_words(0xFFFF, 0xFFFF, 0xFFFF)
|
||||
assert result == "ffffffffffff"
|
||||
|
||||
def test_returns_lowercase(self):
|
||||
result = hwid_from_mac_words(0xAABB, 0xCCDD, 0xEEFF)
|
||||
assert result == result.lower()
|
||||
|
||||
def test_result_is_12_chars(self):
|
||||
result = hwid_from_mac_words(0x0102, 0x0304, 0x0506)
|
||||
assert len(result) == 12
|
||||
|
||||
def test_byte_order(self):
|
||||
# 0x1234 → bytes [0x12, 0x34]
|
||||
result = hwid_from_mac_words(0x1234, 0x0000, 0x0000)
|
||||
assert result[:4] == "1234"
|
||||
|
||||
|
||||
class TestGenerateToken:
|
||||
def test_returns_32_hex_chars(self):
|
||||
token = generate_token(SAMPLE_HWID)
|
||||
assert len(token) == TOKEN_BYTES * 2 # 32
|
||||
assert all(c in "0123456789abcdef" for c in token.lower())
|
||||
|
||||
def test_deterministic_with_stub_key(self, monkeypatch):
|
||||
monkeypatch.delenv("AR_ACTIVATION_KEY", raising=False)
|
||||
t1 = generate_token(SAMPLE_HWID)
|
||||
t2 = generate_token(SAMPLE_HWID)
|
||||
assert t1 == t2
|
||||
|
||||
def test_different_hwid_different_token(self, monkeypatch):
|
||||
monkeypatch.delenv("AR_ACTIVATION_KEY", raising=False)
|
||||
t1 = generate_token("aabbccddeeff")
|
||||
t2 = generate_token("112233445566")
|
||||
assert t1 != t2
|
||||
|
||||
def test_uses_env_key_when_set(self, monkeypatch):
|
||||
monkeypatch.setenv("AR_ACTIVATION_KEY", "test-production-key")
|
||||
prod_token = generate_token(SAMPLE_HWID)
|
||||
monkeypatch.delenv("AR_ACTIVATION_KEY")
|
||||
stub_token = generate_token(SAMPLE_HWID)
|
||||
assert prod_token != stub_token
|
||||
|
||||
def test_case_insensitive_hwid(self, monkeypatch):
|
||||
monkeypatch.delenv("AR_ACTIVATION_KEY", raising=False)
|
||||
t_lower = generate_token("aabbccddeeff")
|
||||
t_upper = generate_token("AABBCCDDEEFF")
|
||||
assert t_lower == t_upper
|
||||
|
||||
def test_matches_manual_hmac(self, monkeypatch):
|
||||
monkeypatch.delenv("AR_ACTIVATION_KEY", raising=False)
|
||||
expected = hmac.new(
|
||||
STUB_SECRET_KEY, SAMPLE_HWID.encode(), hashlib.sha256
|
||||
).hexdigest()[:TOKEN_BYTES * 2]
|
||||
assert generate_token(SAMPLE_HWID) == expected
|
||||
|
||||
|
||||
class TestVerifyToken:
|
||||
def test_valid_token_returns_true(self, monkeypatch):
|
||||
monkeypatch.delenv("AR_ACTIVATION_KEY", raising=False)
|
||||
token = generate_token(SAMPLE_HWID)
|
||||
assert verify_token(SAMPLE_HWID, token) is True
|
||||
|
||||
def test_wrong_token_returns_false(self, monkeypatch):
|
||||
monkeypatch.delenv("AR_ACTIVATION_KEY", raising=False)
|
||||
assert verify_token(SAMPLE_HWID, "a" * 32) is False
|
||||
|
||||
def test_wrong_hwid_returns_false(self, monkeypatch):
|
||||
monkeypatch.delenv("AR_ACTIVATION_KEY", raising=False)
|
||||
token = generate_token(SAMPLE_HWID)
|
||||
assert verify_token("000000000000", token) is False
|
||||
|
||||
def test_case_insensitive_token_comparison(self, monkeypatch):
|
||||
monkeypatch.delenv("AR_ACTIVATION_KEY", raising=False)
|
||||
token = generate_token(SAMPLE_HWID)
|
||||
assert verify_token(SAMPLE_HWID, token.upper()) is True
|
||||
|
||||
def test_constant_time_compare(self, monkeypatch):
|
||||
"""verify_token must use hmac.compare_digest (checked by smoke-test, not timing)."""
|
||||
monkeypatch.delenv("AR_ACTIVATION_KEY", raising=False)
|
||||
token = generate_token(SAMPLE_HWID)
|
||||
# Calling with correct and incorrect tokens both return without exception
|
||||
assert verify_token(SAMPLE_HWID, token) is True
|
||||
assert verify_token(SAMPLE_HWID, "x" * 32) is False
|
||||
|
||||
|
||||
class TestFormatHwid:
|
||||
def test_formats_correctly(self):
|
||||
result = format_hwid("aabbccddeeff")
|
||||
assert result == "AA:BB:CC:DD:EE:FF"
|
||||
|
||||
def test_uppercase_output(self):
|
||||
result = format_hwid("aabbccddeeff")
|
||||
assert result == result.upper().replace("X", ":") # colons preserved
|
||||
assert result == "AA:BB:CC:DD:EE:FF"
|
||||
|
||||
def test_colon_separated_6_groups(self):
|
||||
result = format_hwid("112233445566")
|
||||
parts = result.split(":")
|
||||
assert len(parts) == 6
|
||||
assert all(len(p) == 2 for p in parts)
|
||||
|
||||
def test_invalid_length_raises(self):
|
||||
with pytest.raises(ValueError, match="12 hex chars"):
|
||||
format_hwid("aabb")
|
||||
|
||||
def test_all_zeros(self):
|
||||
assert format_hwid("000000000000") == "00:00:00:00:00:00"
|
||||
|
||||
def test_all_ff(self):
|
||||
assert format_hwid("ffffffffffff") == "FF:FF:FF:FF:FF:FF"
|
||||
Reference in New Issue
Block a user