MCPcopy
hub / github.com/AstrBotDevs/AstrBot / test_wecom_crypto_uses_secrets

Function test_wecom_crypto_uses_secrets

tests/test_security_fixes.py:13–33  ·  view source on GitHub ↗

Test that WXBizJsonMsgCrypt uses secrets module instead of random.

()

Source from the content-addressed store, hash-verified

11
12
13def test_wecom_crypto_uses_secrets():
14 """Test that WXBizJsonMsgCrypt uses secrets module instead of random."""
15 from astrbot.core.platform.sources.wecom_ai_bot.WXBizJsonMsgCrypt import Prpcrypt
16
17 # Create an instance and test that random string generation works
18 prpcrypt = Prpcrypt(b"test_key_32_bytes_long_value!")
19
20 # Generate multiple random strings and verify they are different and valid
21 random_strings = [prpcrypt.get_random_str() for _ in range(10)]
22
23 # All strings should be 16 bytes long
24 assert all(len(s) == 16 for s in random_strings)
25
26 # All strings should be different (extremely high probability with cryptographic random)
27 assert len(set(random_strings)) == 10
28
29 # All strings should be numeric when decoded
30 for s in random_strings:
31 decoded = s.decode()
32 assert decoded.isdigit()
33 assert 1000000000000000 <= int(decoded) <= 9999999999999999
34
35
36def test_wecomai_utils_uses_secrets():

Callers

nothing calls this directly

Calls 4

get_random_strMethod · 0.95
PrpcryptClass · 0.90
setFunction · 0.85
decodeMethod · 0.80

Tested by

no test coverage detected