def test_sign(self):
sig = Crypto.sign(b"test", self.key)
assert_equal(bytes, sig.__class__)
sig2 = Crypto.sign(b"tesa", self.key)
assert_equal(bytes, sig2.__class__)
assert_not_equal(
sig, sig2,
'signatures for two different strings should return different values'
)
def setUp(self):
self.key = Crypto.generate_key()
self.addr_port_pair = ('127.0.0.1', 35341)
self.client = KnockClient(socket.AF_INET, self.addr_port_pair)
self.server = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
self.server.bind(self.addr_port_pair)
self.expected_time = int(time.time())
def test_create_encrypted_knock_request(self):
expected_visit_duration = 12600
KnockClient.create_encrypted_knock_request
encrypted_knock_request = KnockClient.create_encrypted_knock_request(
expected_visit_duration, self.key)
knock_request = Crypto.decrypt(encrypted_knock_request, self.key)
assert_is_not_none(knock_request)
self.check_knock_request(knock_request, expected_visit_duration)
def test_knock(self):
expected_visit_duration = 111
self.client.knock(expected_visit_duration, self.key)
data, addr = self.server.recvfrom(2048)
assert_is_not_none(data)
decrypted = Crypto.decrypt(data, self.key)
assert_is_not_none(decrypted)
self.check_knock_request(decrypted, expected_visit_duration)
def handle(self, data, addr):
decrypted_data = Crypto.decrypt(data, self.key)
if decrypted_data is None:
return None
knock_request = self.parse(decrypted_data)
if not self.validate(knock_request):
return None
return self.execute(knock_request)
def test_decrypt_wrong_key(self):
assert_equal(
None,
Crypto.decrypt(Crypto.encrypt(self.message, self.key),
self.wrong_key))
def test_decrypt(self):
result = Crypto.decrypt(Crypto.encrypt(self.message, self.key),
self.key)
assert_equal(result, self.message)
def test_encrypt_different_key(self):
enc1 = Crypto.encrypt(self.message, self.key, iv=self.iv)
enc2 = Crypto.encrypt(self.message, self.wrong_key, iv=self.iv)
assert_equal(bytes, enc1.__class__)
assert_equal(bytes, enc2.__class__)
assert_not_equal(enc1, enc2)
def check_pad(self, message):
padded_message = Crypto.pad(message)
assert_greater_equal(len(padded_message), len(padded_message))
assert_equal(0, len(padded_message) % Crypto.BLOCK_SIZE)
def test_invalid_key(self):
assert_raises(ValueError, KnockRequestHandler, Crypto.generate_key()[:-1])
def test_verify_fail_wrong_signature(self):
sig = Crypto.sign(self.message, self.wrong_key)
assert_false(Crypto.verify(self.message + b"2", self.key, sig))
def test_verify(self):
sig = Crypto.sign(self.message, self.key)
assert_true(Crypto.verify(self.message, self.key, sig))
def test_extract_crypted(self):
assert_equal(self.fake_crypted,
Crypto.extract_crypted(self.fake_encrypted))
def test_extract_signature(self):
assert_equal(self.fake_sig,
Crypto.extract_signature(self.fake_encrypted))
def test_extract_iv(self):
assert_equal(self.fake_iv, Crypto.extract_iv(self.fake_encrypted))
def check_unpad(self, padded_message):
assert_equal(padded_message, Crypto.unpad(Crypto.pad(padded_message)))
def test_encrypt_same_iv(self):
enc1 = Crypto.encrypt(self.message, self.key, iv=self.iv)
enc2 = Crypto.encrypt(self.message, self.key, iv=self.iv)
assert_equal(bytes, enc1.__class__)
assert_equal(bytes, enc2.__class__)
assert_equal(enc1, enc2)
def test_encrypt_same_iv_different_message(self):
enc1 = Crypto.encrypt(self.message + b"a", self.key, iv=self.iv)
enc2 = Crypto.encrypt(self.message + b"b", self.key, iv=self.iv)
assert_equal(bytes, enc1.__class__)
assert_equal(bytes, enc2.__class__)
assert_not_equal(enc1, enc2)
def setUp(self):
self.handler = KnockRequestHandler(Crypto.generate_key())
self.req_invalid_knock_time = KnockRequest(0, 100)
self.req_invalid_visit_duration = KnockRequest(0, 1000000)
self.request_valid = KnockRequest.create(100)
def test_generate_key(self):
key = Crypto.generate_key()
assert_equals(Crypto.KEY_SIZE, len(key))
assert_is_instance(key, bytes)