Add more entropy unit tests

These tests assert the basic mathematical properties of entropy scoring.
godaddy · Nov 10, 2021 · fcda3f3 · fcda3f3
1 parent 58e2c2a
commit fcda3f3
Showing 1 changed file with 48 additions and 0 deletions.
diff --git a/tests/test_base_scanner.py b/tests/test_base_scanner.py
@@ -614,6 +614,54 @@ def test_issues_are_not_created_for_low_entropy_hex_strings(
         )
         self.assertEqual(len(issues), 0)
 
+    def test_calculate_entropy_minimum_calculation(self):
+
+        # We already know an empty string trivially has zero entropy.
+        # Doing the math, a one-character string also should have zero entropy.
+        self.assertEqual(self.scanner.calculate_entropy("a"), 0.0)
+
+    def test_calculate_entropy_maximum_hexadecimal(self):
+
+        # We reach maximum entropy when every character in the alphabet appears
+        # once in the input string (order doesn't matter). Each character represents
+        # 4 bits (has 2^4 = 16 possible values).
+        #
+        # Try to avoid causing a finding ourselves. :)
+        #
+        # Note there is no requirement that the test alphabet actually is the
+        # same as the hexadecimal representation, as long as the size is identical.
+        # However, it is convenient to use the real thing to avoid errors. Note
+        # that representation is case-insensitive so we do not include uppercase
+        # letters in this alphabet.
+        alphabet = "0123" "4567" "89ab" "cdef"  # pylint: disable=implicit-str-concat
+        self.assertEqual(self.scanner.calculate_entropy(alphabet), 4.0)
+
+    def test_calculate_entropy_maximum_base64(self):
+
+        # See above. base64 uses 4 characters to represent 3 bytes, so the
+        # underlying bit rate is 24 / 4 = 6 bits per character. Unlike above,
+        # case matters, so we include both upper- and lowercase letters.
+        alphabet = (
+            "ABCD"
+            "EFGH"
+            "IJKL"
+            "MNOP"
+            "QRST"
+            "UVWX"
+            "YZ"
+            "abcd"
+            "efgh"
+            "ijkl"
+            "mnop"
+            "qrst"
+            "uvwx"
+            "yz"
+            "0123"
+            "4567"
+            "89+/"
+        )
+        self.assertEqual(self.scanner.calculate_entropy(alphabet), 6.0)
+
 
 if __name__ == "__main__":
     unittest.main()