tests/conftest.py
| 1 | """Shared pytest fixtures for pqc-ebpf-attestation tests.""" |
| 2 | |
| 3 | from __future__ import annotations |
| 4 | |
| 5 | from typing import Callable |
| 6 | |
| 7 | import pytest |
| 8 | from quantumshield.identity.agent import AgentIdentity |
| 9 | |
| 10 | from pqc_ebpf_attestation import ( |
| 11 | BPFProgram, |
| 12 | BPFProgramMetadata, |
| 13 | BPFProgramType, |
| 14 | BPFSigner, |
| 15 | SignedBPFProgram, |
| 16 | ) |
| 17 | |
| 18 | |
| 19 | @pytest.fixture |
| 20 | def signer_identity() -> AgentIdentity: |
| 21 | return AgentIdentity.create("trusted-bpf-signer", capabilities=["sign"]) |
| 22 | |
| 23 | |
| 24 | @pytest.fixture |
| 25 | def untrusted_identity() -> AgentIdentity: |
| 26 | return AgentIdentity.create("untrusted-bpf-signer", capabilities=["sign"]) |
| 27 | |
| 28 | |
| 29 | @pytest.fixture |
| 30 | def signer(signer_identity: AgentIdentity) -> BPFSigner: |
| 31 | return BPFSigner(signer_identity) |
| 32 | |
| 33 | |
| 34 | @pytest.fixture |
| 35 | def sample_bpf_metadata() -> BPFProgramMetadata: |
| 36 | return BPFProgramMetadata( |
| 37 | name="trace_sys_enter_read", |
| 38 | program_type=BPFProgramType.KPROBE, |
| 39 | license="GPL", |
| 40 | author="ops-team", |
| 41 | description="Traces sys_enter_read for latency histograms.", |
| 42 | version="1.0.0", |
| 43 | kernel_min="5.15", |
| 44 | attach_point="sys_enter_read", |
| 45 | ) |
| 46 | |
| 47 | |
| 48 | @pytest.fixture |
| 49 | def sample_bytecode() -> bytes: |
| 50 | # Non-trivial bytes simulating a small ELF-like payload. |
| 51 | # Not real BPF bytecode - just enough to exercise hashing and signing. |
| 52 | header = b"\x7fELF\x02\x01\x01\x00" + b"\x00" * 8 |
| 53 | instructions = bytes(range(256)) * 4 # 1024 bytes of deterministic content |
| 54 | return header + instructions |
| 55 | |
| 56 | |
| 57 | @pytest.fixture |
| 58 | def signed_program( |
| 59 | signer: BPFSigner, |
| 60 | sample_bpf_metadata: BPFProgramMetadata, |
| 61 | sample_bytecode: bytes, |
| 62 | ) -> SignedBPFProgram: |
| 63 | program = BPFProgram.from_bytes(sample_bpf_metadata, sample_bytecode) |
| 64 | return signer.sign(program) |
| 65 | |
| 66 | |
| 67 | @pytest.fixture |
| 68 | def signed_program_factory( |
| 69 | signer: BPFSigner, |
| 70 | ) -> Callable[[BPFProgramMetadata, bytes], SignedBPFProgram]: |
| 71 | """Factory that builds a SignedBPFProgram from metadata + bytes.""" |
| 72 | |
| 73 | def _make(metadata: BPFProgramMetadata, bytecode: bytes) -> SignedBPFProgram: |
| 74 | program = BPFProgram.from_bytes(metadata, bytecode) |
| 75 | return signer.sign(program) |
| 76 | |
| 77 | return _make |
| 78 | |