def init(self, sock):
txnonce = os.urandom(16)
try:
sock.setblocking(1)
sock._raw_sendall(txnonce)
rxnonce = sock._raw_recvall(16)
if rxnonce == None:
return
txkey = hashlib.sha256(txnonce + self.rc4key).digest()
rxkey = hashlib.sha256(rxnonce + self.rc4key).digest()
self.txcrypt = Cipher(ARC4(txkey),
mode=None,
backend=default_backend()).encryptor()
self.rxcrypt = Cipher(ARC4(rxkey),
mode=None,
backend=default_backend()).decryptor()
finally:
if sock.plex:
sock.setblocking(0)
def __init__(self, rc4key):
self.rc4key = rc4key
self.txcrypt = Cipher(ARC4(rc4key),
mode=None,
backend=default_backend()).encryptor()
self.rxcrypt = Cipher(ARC4(rc4key),
mode=None,
backend=default_backend()).decryptor()
def test_invalid_mode_algorithm():
with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_CIPHER):
ciphers.Cipher(
ARC4(b"\x00" * 16),
modes.GCM(b"\x00" * 12),
)
with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_CIPHER):
ciphers.Cipher(
ARC4(b"\x00" * 16),
modes.CBC(b"\x00" * 12),
)
with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_CIPHER):
ciphers.Cipher(
ARC4(b"\x00" * 16),
modes.CTR(b"\x00" * 12),
)
def test_invalid_key_type(self):
with pytest.raises(TypeError, match="key must be bytes"):
ARC4(u"0" * 10)
def test_invalid_key_size(self):
with pytest.raises(ValueError):
ARC4(binascii.unhexlify(b"0" * 34))
def test_key_size(self, key, keysize):
cipher = ARC4(binascii.unhexlify(key))
assert cipher.key_size == keysize
class TestCMAC(object):
@pytest.mark.supported(
only_if=lambda backend: backend.cmac_algorithm_supported(AES(fake_key)
),
skip_message="Does not support CMAC.",
)
@pytest.mark.parametrize("params", vectors_aes)
def test_aes_generate(self, backend, params):
key = params["key"]
message = params["message"]
output = params["output"]
cmac = CMAC(AES(binascii.unhexlify(key)), backend)
cmac.update(binascii.unhexlify(message))
assert binascii.hexlify(cmac.finalize()) == output
@pytest.mark.supported(
only_if=lambda backend: backend.cmac_algorithm_supported(AES(fake_key)
),
skip_message="Does not support CMAC.",
)
@pytest.mark.parametrize("params", vectors_aes)
def test_aes_verify(self, backend, params):
key = params["key"]
message = params["message"]
output = params["output"]
cmac = CMAC(AES(binascii.unhexlify(key)), backend)
cmac.update(binascii.unhexlify(message))
assert cmac.verify(binascii.unhexlify(output)) is None
@pytest.mark.supported(
only_if=lambda backend: backend.cmac_algorithm_supported(
TripleDES(fake_key)),
skip_message="Does not support CMAC.",
)
@pytest.mark.parametrize("params", vectors_3des)
def test_3des_generate(self, backend, params):
key1 = params["key1"]
key2 = params["key2"]
key3 = params["key3"]
key = key1 + key2 + key3
message = params["message"]
output = params["output"]
cmac = CMAC(TripleDES(binascii.unhexlify(key)), backend)
cmac.update(binascii.unhexlify(message))
assert binascii.hexlify(cmac.finalize()) == output
@pytest.mark.supported(
only_if=lambda backend: backend.cmac_algorithm_supported(
TripleDES(fake_key)),
skip_message="Does not support CMAC.",
)
@pytest.mark.parametrize("params", vectors_3des)
def test_3des_verify(self, backend, params):
key1 = params["key1"]
key2 = params["key2"]
key3 = params["key3"]
key = key1 + key2 + key3
message = params["message"]
output = params["output"]
cmac = CMAC(TripleDES(binascii.unhexlify(key)), backend)
cmac.update(binascii.unhexlify(message))
assert cmac.verify(binascii.unhexlify(output)) is None
@pytest.mark.supported(
only_if=lambda backend: backend.cmac_algorithm_supported(AES(fake_key)
),
skip_message="Does not support CMAC.",
)
def test_invalid_verify(self, backend):
key = b"2b7e151628aed2a6abf7158809cf4f3c"
cmac = CMAC(AES(key), backend)
cmac.update(b"6bc1bee22e409f96e93d7e117393172a")
with pytest.raises(InvalidSignature):
cmac.verify(b"foobar")
@pytest.mark.supported(
only_if=lambda backend: backend.cipher_supported(ARC4(fake_key), None),
skip_message="Does not support CMAC.",
)
def test_invalid_algorithm(self, backend):
key = b"0102030405"
with pytest.raises(TypeError):
CMAC(ARC4(key), backend)
@pytest.mark.supported(
only_if=lambda backend: backend.cmac_algorithm_supported(AES(fake_key)
),
skip_message="Does not support CMAC.",
)
def test_raises_after_finalize(self, backend):
key = b"2b7e151628aed2a6abf7158809cf4f3c"
cmac = CMAC(AES(key), backend)
cmac.finalize()
with pytest.raises(AlreadyFinalized):
cmac.update(b"foo")
with pytest.raises(AlreadyFinalized):
cmac.copy()
with pytest.raises(AlreadyFinalized):
cmac.finalize()
with pytest.raises(AlreadyFinalized):
cmac.verify(b"")
@pytest.mark.supported(
only_if=lambda backend: backend.cmac_algorithm_supported(AES(fake_key)
),
skip_message="Does not support CMAC.",
)
def test_verify_reject_unicode(self, backend):
key = b"2b7e151628aed2a6abf7158809cf4f3c"
cmac = CMAC(AES(key), backend)
with pytest.raises(TypeError):
cmac.update("")
with pytest.raises(TypeError):
cmac.verify("")
@pytest.mark.supported(
only_if=lambda backend: backend.cmac_algorithm_supported(AES(fake_key)
),
skip_message="Does not support CMAC.",
)
def test_copy_with_backend(self, backend):
key = b"2b7e151628aed2a6abf7158809cf4f3c"
cmac = CMAC(AES(key), backend)
cmac.update(b"6bc1bee22e409f96e93d7e117393172a")
copy_cmac = cmac.copy()
assert cmac.finalize() == copy_cmac.finalize()
@pytest.mark.supported(
only_if=lambda backend: backend.cmac_algorithm_supported(AES(fake_key)
),
skip_message="Does not support CMAC.",
)
def test_buffer_protocol(self, backend):
key = bytearray(b"2b7e151628aed2a6abf7158809cf4f3c")
cmac = CMAC(AES(key), backend)
cmac.update(b"6bc1bee22e409f96e93d7e117393172a")
assert cmac.finalize() == binascii.unhexlify(
b"a21e6e647bfeaf5ca0a5e1bcd957dfad")
def test_invalid_algorithm(self, backend):
key = b"0102030405"
with pytest.raises(TypeError):
CMAC(ARC4(key), backend)
def test_invalid_key_type(self):
with pytest.raises(TypeError, match="key must be bytes"):
ARC4("0" * 10) # type: ignore[arg-type]
