azaion/ai-training
1
0
Fork 0
mirror of https://github.com/azaion/ai-training.git synced 2026-04-22 22:16:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
8c665bd0a46fdf23910dc558ac7b75de63350afa
ai-training/_docs/02_tasks/AZ-157_test_encryption.md
T
Oleksandr Bezdieniezhnykh 142c6c4de8 Refactor constants management to use Pydantic BaseModel for configuration 
- Replaced module-level path variables in constants.py with a structured Pydantic Config class.
- Updated all relevant modules (train.py, augmentation.py, exports.py, dataset-visualiser.py, manual_run.py) to access paths through the new config structure.
- Fixed bugs related to image processing and model saving.
- Enhanced test infrastructure to accommodate the new configuration approach.

This refactor improves code maintainability and clarity by centralizing configuration management.
2026-03-27 18:18:30 +02:00

103 lines
2.9 KiB
Markdown
Raw Blame History

# Encryption & Security Tests
**Task**: AZ-157_test_encryption
**Name**: Encryption & Security Tests
**Description**: Implement blackbox, security, performance, resilience, and resource tests for AES-256-CBC encryption — roundtrips, key behavior, IV randomness, throughput, size bounds
**Complexity**: 3 points
**Dependencies**: AZ-152_test_infrastructure
**Component**: Blackbox Tests
**Jira**: AZ-157
**Epic**: AZ-151
## Problem
The encryption module must correctly encrypt/decrypt data, produce key-dependent ciphertexts with random IVs, handle edge cases, and meet throughput requirements.
## Outcome
- 13 passing pytest tests in `tests/test_encryption.py`
- Performance test in `tests/performance/test_encryption_perf.py`
## Scope
### Included
- BT-ENC-01: Encrypt-decrypt roundtrip (1024 random bytes)
- BT-ENC-02: Encrypt-decrypt roundtrip (ONNX model)
- BT-ENC-03: Empty input roundtrip
- BT-ENC-04: Single byte roundtrip
- BT-ENC-05: Different keys produce different ciphertext
- BT-ENC-06: Wrong key fails decryption
- PT-ENC-01: Encryption throughput (10MB ≤ 5s)
- RT-ENC-01: Decrypt with corrupted ciphertext
- ST-ENC-01: Random IV (same data, same key → different ciphertexts)
- ST-ENC-02: Wrong key cannot recover plaintext
- ST-ENC-03: Model encryption key is deterministic
- RL-ENC-01: Encrypted output size bounded (≤ N + 32 bytes)
### Excluded
- Model split tests (separate task)
## Acceptance Criteria
**AC-1: Roundtrip**
Given 1024 random bytes and key "test-key"
When encrypt then decrypt
Then output equals input exactly
**AC-2: Model roundtrip**
Given azaion.onnx bytes and model encryption key
When encrypt then decrypt
Then output equals input exactly
**AC-3: Empty input**
Given b"" and key
When encrypt then decrypt
Then output equals b""
**AC-4: Single byte**
Given b"\x00" and key
When encrypt then decrypt
Then output equals b"\x00"
**AC-5: Key-dependent ciphertext**
Given same data, keys "key-a" and "key-b"
When encrypting with each key
Then ciphertexts differ
**AC-6: Wrong key failure**
Given encrypted with "key-a"
When decrypting with "key-b"
Then output does NOT equal original
**AC-7: Throughput**
Given 10MB random bytes
When encrypt + decrypt roundtrip
Then completes within 5 seconds
**AC-8: Corrupted ciphertext**
Given randomly modified ciphertext bytes
When decrypt_to is called
Then either raises exception or returns non-original bytes
**AC-9: Random IV**
Given same data, same key, encrypted twice
When comparing ciphertexts
Then they differ (random IV)
**AC-10: Model key deterministic**
Given two calls to get_model_encryption_key()
When comparing results
Then identical
**AC-11: Size bound**
Given N bytes plaintext
When encrypted
Then ciphertext size ≤ N + 32 bytes
## Constraints
- ONNX model fixture is session-scoped (77MB, read once)
- Security tests marked: `@pytest.mark.security`
- Performance test marked: `@pytest.mark.performance`
- Resource limit test marked: `@pytest.mark.resource_limit`
Reference in New Issue View Git Blame Copy Permalink