azaion/ai-training
1
0
Fork 0
mirror of https://github.com/azaion/ai-training.git synced 2026-04-23 04:16:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
243b69656b4014d1821c83a135cc7292c402e0a3
ai-training/_docs/02_tasks/AZ-157_test_encryption.md
T
Oleksandr Bezdieniezhnykh 142c6c4de8 Refactor constants management to use Pydantic BaseModel for configuration 
- Replaced module-level path variables in constants.py with a structured Pydantic Config class.
- Updated all relevant modules (train.py, augmentation.py, exports.py, dataset-visualiser.py, manual_run.py) to access paths through the new config structure.
- Fixed bugs related to image processing and model saving.
- Enhanced test infrastructure to accommodate the new configuration approach.

This refactor improves code maintainability and clarity by centralizing configuration management.
2026-03-27 18:18:30 +02:00

2.9 KiB
Raw Blame History

Encryption & Security Tests

Task: AZ-157_test_encryption Name: Encryption & Security Tests Description: Implement blackbox, security, performance, resilience, and resource tests for AES-256-CBC encryption — roundtrips, key behavior, IV randomness, throughput, size bounds Complexity: 3 points Dependencies: AZ-152_test_infrastructure Component: Blackbox Tests Jira: AZ-157 Epic: AZ-151

Problem

The encryption module must correctly encrypt/decrypt data, produce key-dependent ciphertexts with random IVs, handle edge cases, and meet throughput requirements.

Outcome

  • 13 passing pytest tests in tests/test_encryption.py
  • Performance test in tests/performance/test_encryption_perf.py

Scope

Included

  • BT-ENC-01: Encrypt-decrypt roundtrip (1024 random bytes)
  • BT-ENC-02: Encrypt-decrypt roundtrip (ONNX model)
  • BT-ENC-03: Empty input roundtrip
  • BT-ENC-04: Single byte roundtrip
  • BT-ENC-05: Different keys produce different ciphertext
  • BT-ENC-06: Wrong key fails decryption
  • PT-ENC-01: Encryption throughput (10MB ≤ 5s)
  • RT-ENC-01: Decrypt with corrupted ciphertext
  • ST-ENC-01: Random IV (same data, same key → different ciphertexts)
  • ST-ENC-02: Wrong key cannot recover plaintext
  • ST-ENC-03: Model encryption key is deterministic
  • RL-ENC-01: Encrypted output size bounded (≤ N + 32 bytes)

Excluded

  • Model split tests (separate task)

Acceptance Criteria

AC-1: Roundtrip Given 1024 random bytes and key "test-key" When encrypt then decrypt Then output equals input exactly

AC-2: Model roundtrip Given azaion.onnx bytes and model encryption key When encrypt then decrypt Then output equals input exactly

AC-3: Empty input Given b"" and key When encrypt then decrypt Then output equals b""

AC-4: Single byte Given b"\x00" and key When encrypt then decrypt Then output equals b"\x00"

AC-5: Key-dependent ciphertext Given same data, keys "key-a" and "key-b" When encrypting with each key Then ciphertexts differ

AC-6: Wrong key failure Given encrypted with "key-a" When decrypting with "key-b" Then output does NOT equal original

AC-7: Throughput Given 10MB random bytes When encrypt + decrypt roundtrip Then completes within 5 seconds

AC-8: Corrupted ciphertext Given randomly modified ciphertext bytes When decrypt_to is called Then either raises exception or returns non-original bytes

AC-9: Random IV Given same data, same key, encrypted twice When comparing ciphertexts Then they differ (random IV)

AC-10: Model key deterministic Given two calls to get_model_encryption_key() When comparing results Then identical

AC-11: Size bound Given N bytes plaintext When encrypted Then ciphertext size ≤ N + 32 bytes

Constraints

  • ONNX model fixture is session-scoped (77MB, read once)
  • Security tests marked: @pytest.mark.security
  • Performance test marked: @pytest.mark.performance
  • Resource limit test marked: @pytest.mark.resource_limit
Reference in New Issue View Git Blame Copy Permalink