def test_encryption_decryption(self):
encryptParams = EncryptParams(EncryptAlgorithmType.RsaOaep, 0)
privateKeyBlob = Blob(b64decode(PRIVATE_KEY))
publicKeyBlob = Blob(b64decode(PUBLIC_KEY))
decryptKey = DecryptKey(privateKeyBlob)
encryptKey = RsaAlgorithm.deriveEncryptKey(decryptKey.getKeyBits())
encodedPublic = publicKeyBlob
derivedPublicKey = encryptKey.getKeyBits()
self.assertTrue(encodedPublic.equals(derivedPublicKey))
plainBlob = Blob(PLAINTEXT, False)
encryptBlob = RsaAlgorithm.encrypt(encryptKey.getKeyBits(), plainBlob,
encryptParams)
receivedBlob = RsaAlgorithm.decrypt(decryptKey.getKeyBits(),
encryptBlob, encryptParams)
self.assertTrue(plainBlob.equals(receivedBlob))
cipherBlob = Blob(CIPHERTEXT_OAEP, False)
decryptedBlob = RsaAlgorithm.decrypt(decryptKey.getKeyBits(),
cipherBlob, encryptParams)
self.assertTrue(plainBlob.equals(decryptedBlob))
# Now test RsaPkcs.
encryptParams = EncryptParams(EncryptAlgorithmType.RsaPkcs, 0)
encryptBlob = RsaAlgorithm.encrypt(encryptKey.getKeyBits(), plainBlob,
encryptParams)
receivedBlob = RsaAlgorithm.decrypt(decryptKey.getKeyBits(),
encryptBlob, encryptParams)
self.assertTrue(plainBlob.equals(receivedBlob))
cipherBlob = Blob(CIPHERTEXT_PKCS, False)
decryptedBlob = RsaAlgorithm.decrypt(decryptKey.getKeyBits(),
cipherBlob, encryptParams)
self.assertTrue(plainBlob.equals(decryptedBlob))
def test_encryption_decryption(self):
encryptParams = EncryptParams(EncryptAlgorithmType.AesEcb, 16)
key = Blob(KEY, False)
decryptKey = DecryptKey(key)
encryptKey = AesAlgorithm.deriveEncryptKey(decryptKey.getKeyBits())
# Check key loading and key derivation.
self.assertTrue(encryptKey.getKeyBits().equals(key))
self.assertTrue(decryptKey.getKeyBits().equals(key))
plainBlob = Blob(PLAINTEXT, False)
# Encrypt data in AES_ECB.
cipherBlob = AesAlgorithm.encrypt(encryptKey.getKeyBits(), plainBlob,
encryptParams)
self.assertTrue(cipherBlob.equals(Blob(CIPHERTEXT_ECB, False)))
# Decrypt data in AES_ECB.
receivedBlob = AesAlgorithm.decrypt(decryptKey.getKeyBits(),
cipherBlob, encryptParams)
self.assertTrue(receivedBlob.equals(plainBlob))
# Encrypt/decrypt data in AES_CBC with auto-generated IV.
encryptParams.setAlgorithmType(EncryptAlgorithmType.AesCbc)
cipherBlob = AesAlgorithm.encrypt(encryptKey.getKeyBits(), plainBlob,
encryptParams)
receivedBlob = AesAlgorithm.decrypt(decryptKey.getKeyBits(),
cipherBlob, encryptParams)
self.assertTrue(receivedBlob.equals(plainBlob))
# Encrypt data in AES_CBC with specified IV.
initialVector = Blob(INITIAL_VECTOR, False)
encryptParams.setInitialVector(initialVector)
cipherBlob = AesAlgorithm.encrypt(encryptKey.getKeyBits(), plainBlob,
encryptParams)
self.assertTrue(cipherBlob.equals(Blob(CIPHERTEXT_CBC_IV, False)))
# Decrypt data in AES_CBC with specified IV.
receivedBlob = AesAlgorithm.decrypt(decryptKey.getKeyBits(),
cipherBlob, encryptParams)
self.assertTrue(receivedBlob.equals(plainBlob))
def test_encryption_decryption(self):
encryptParams = EncryptParams(EncryptAlgorithmType.RsaOaep, 0)
privateKeyBlob = Blob(b64decode(PRIVATE_KEY))
publicKeyBlob = Blob(b64decode(PUBLIC_KEY))
decryptKey = DecryptKey(privateKeyBlob)
encryptKey = RsaAlgorithm.deriveEncryptKey(decryptKey.getKeyBits())
encodedPublic = publicKeyBlob
derivedPublicKey = encryptKey.getKeyBits()
self.assertTrue(encodedPublic.equals(derivedPublicKey))
plainBlob = Blob(PLAINTEXT, False)
encryptBlob = RsaAlgorithm.encrypt(
encryptKey.getKeyBits(), plainBlob, encryptParams)
receivedBlob = RsaAlgorithm.decrypt(
decryptKey.getKeyBits(), encryptBlob, encryptParams)
self.assertTrue(plainBlob.equals(receivedBlob))
cipherBlob = Blob(CIPHERTEXT_OAEP, False)
decryptedBlob = RsaAlgorithm.decrypt(
decryptKey.getKeyBits(), cipherBlob, encryptParams)
self.assertTrue(plainBlob.equals(decryptedBlob))
# Now test RsaPkcs.
encryptParams = EncryptParams(EncryptAlgorithmType.RsaPkcs, 0)
encryptBlob = RsaAlgorithm.encrypt(
encryptKey.getKeyBits(), plainBlob, encryptParams)
receivedBlob = RsaAlgorithm.decrypt(
decryptKey.getKeyBits(), encryptBlob, encryptParams)
self.assertTrue(plainBlob.equals(receivedBlob))
cipherBlob = Blob(CIPHERTEXT_PKCS, False)
decryptedBlob = RsaAlgorithm.decrypt(
decryptKey.getKeyBits(), cipherBlob, encryptParams)
self.assertTrue(plainBlob.equals(decryptedBlob))
def test_encryption_decryption(self):
encryptParams = EncryptParams(EncryptAlgorithmType.AesEcb, 16)
key = Blob(KEY, False)
decryptKey = DecryptKey(key)
encryptKey = AesAlgorithm.deriveEncryptKey(decryptKey.getKeyBits())
# Check key loading and key derivation.
self.assertTrue(encryptKey.getKeyBits().equals(key))
self.assertTrue(decryptKey.getKeyBits().equals(key))
plainBlob = Blob(PLAINTEXT, False)
# Encrypt data in AES_ECB.
cipherBlob = AesAlgorithm.encrypt(
encryptKey.getKeyBits(), plainBlob, encryptParams)
self.assertTrue(cipherBlob.equals(Blob(CIPHERTEXT_ECB, False)))
# Decrypt data in AES_ECB.
receivedBlob = AesAlgorithm.decrypt(
decryptKey.getKeyBits(), cipherBlob, encryptParams)
self.assertTrue(receivedBlob.equals(plainBlob))
# Encrypt/decrypt data in AES_CBC with auto-generated IV.
encryptParams.setAlgorithmType(EncryptAlgorithmType.AesCbc)
cipherBlob = AesAlgorithm.encrypt(
encryptKey.getKeyBits(), plainBlob, encryptParams)
receivedBlob = AesAlgorithm.decrypt(
decryptKey.getKeyBits(), cipherBlob, encryptParams)
self.assertTrue(receivedBlob.equals(plainBlob))
# Encrypt data in AES_CBC with specified IV.
initialVector = Blob(INITIAL_VECTOR, False)
encryptParams.setInitialVector(initialVector)
cipherBlob = AesAlgorithm.encrypt(
encryptKey.getKeyBits(), plainBlob, encryptParams)
self.assertTrue(cipherBlob.equals(Blob(CIPHERTEXT_CBC_IV, False)))
# Decrypt data in AES_CBC with specified IV.
receivedBlob = AesAlgorithm.decrypt(
decryptKey.getKeyBits(), cipherBlob, encryptParams)
self.assertTrue(receivedBlob.equals(plainBlob))
def test_get_group_key(self):
# Create the group manager.
manager = GroupManager(
Name("Alice"), Name("data_type"),
Sqlite3GroupManagerDb(self.groupKeyDatabaseFilePath), 1024, 1,
self.keyChain)
self.setManager(manager)
# Get the data list from the group manager.
timePoint1 = Schedule.fromIsoString("20150825T093000")
result = manager.getGroupKey(timePoint1)
self.assertEqual(4, len(result))
# The first data packet contains the group's encryption key (public key).
data = result[0]
self.assertEqual(
"/Alice/READ/data_type/E-KEY/20150825T090000/20150825T100000",
data.getName().toUri())
groupEKey = EncryptKey(data.getContent())
# Get the second data packet and decrypt.
data = result[1]
self.assertEqual(
"/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberA/ksk-123",
data.getName().toUri())
####################################################### Start decryption.
dataContent = data.getContent()
# Get the nonce key.
# dataContent is a sequence of the two EncryptedContent.
encryptedNonce = EncryptedContent()
encryptedNonce.wireDecode(dataContent)
self.assertEqual(0, encryptedNonce.getInitialVector().size())
self.assertEqual(EncryptAlgorithmType.RsaOaep,
encryptedNonce.getAlgorithmType())
decryptParams = EncryptParams(EncryptAlgorithmType.RsaOaep)
blobNonce = encryptedNonce.getPayload()
nonce = RsaAlgorithm.decrypt(self.decryptKeyBlob, blobNonce,
decryptParams)
# Get the payload.
# Use the size of encryptedNonce to find the start of encryptedPayload.
payloadContent = dataContent.buf()[encryptedNonce.wireEncode().size():]
encryptedPayload = EncryptedContent()
encryptedPayload.wireDecode(payloadContent)
self.assertEqual(16, encryptedPayload.getInitialVector().size())
self.assertEqual(EncryptAlgorithmType.AesCbc,
encryptedPayload.getAlgorithmType())
decryptParams.setAlgorithmType(EncryptAlgorithmType.AesCbc)
decryptParams.setInitialVector(encryptedPayload.getInitialVector())
blobPayload = encryptedPayload.getPayload()
largePayload = AesAlgorithm.decrypt(nonce, blobPayload, decryptParams)
# Get the group D-KEY.
groupDKey = DecryptKey(largePayload)
####################################################### End decryption.
# Check the D-KEY.
derivedGroupEKey = RsaAlgorithm.deriveEncryptKey(
groupDKey.getKeyBits())
self.assertTrue(groupEKey.getKeyBits().equals(
derivedGroupEKey.getKeyBits()))
# Check the third data packet.
data = result[2]
self.assertEqual(
"/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberB/ksk-123",
data.getName().toUri())
# Check the fourth data packet.
data = result[3]
self.assertEqual(
"/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberC/ksk-123",
data.getName().toUri())
# Check invalid time stamps for getting the group key.
timePoint2 = Schedule.fromIsoString("20150826T083000")
self.assertEqual(0, len(manager.getGroupKey(timePoint2)))
timePoint3 = Schedule.fromIsoString("20150827T023000")
self.assertEqual(0, len(manager.getGroupKey(timePoint3)))
def test_get_group_key(self):
# Create the group manager.
manager = GroupManager(
Name("Alice"), Name("data_type"),
Sqlite3GroupManagerDb(self.groupKeyDatabaseFilePath), 1024, 1,
self.keyChain)
self.setManager(manager)
# Get the data list from the group manager.
timePoint1 = Schedule.fromIsoString("20150825T093000")
result = manager.getGroupKey(timePoint1)
self.assertEqual(4, len(result))
# The first data packet contains the group's encryption key (public key).
data = result[0]
self.assertEqual(
"/Alice/READ/data_type/E-KEY/20150825T090000/20150825T100000",
data.getName().toUri())
groupEKey = EncryptKey(data.getContent())
# Get the second data packet and decrypt.
data = result[1]
self.assertEqual(
"/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberA/ksk-123",
data.getName().toUri())
####################################################### Start decryption.
dataContent = data.getContent()
# Get the nonce key.
# dataContent is a sequence of the two EncryptedContent.
encryptedNonce = EncryptedContent()
encryptedNonce.wireDecode(dataContent)
self.assertEqual(0, encryptedNonce.getInitialVector().size())
self.assertEqual(EncryptAlgorithmType.RsaOaep, encryptedNonce.getAlgorithmType())
decryptParams = EncryptParams(EncryptAlgorithmType.RsaOaep)
blobNonce = encryptedNonce.getPayload()
nonce = RsaAlgorithm.decrypt(self.decryptKeyBlob, blobNonce, decryptParams)
# Get the payload.
# Use the size of encryptedNonce to find the start of encryptedPayload.
payloadContent = dataContent.buf()[encryptedNonce.wireEncode().size():]
encryptedPayload = EncryptedContent()
encryptedPayload.wireDecode(payloadContent)
self.assertEqual(16, encryptedPayload.getInitialVector().size())
self.assertEqual(EncryptAlgorithmType.AesCbc, encryptedPayload.getAlgorithmType())
decryptParams.setAlgorithmType(EncryptAlgorithmType.AesCbc)
decryptParams.setInitialVector(encryptedPayload.getInitialVector())
blobPayload = encryptedPayload.getPayload()
largePayload = AesAlgorithm.decrypt(nonce, blobPayload, decryptParams)
# Get the group D-KEY.
groupDKey = DecryptKey(largePayload)
####################################################### End decryption.
# Check the D-KEY.
derivedGroupEKey = RsaAlgorithm.deriveEncryptKey(groupDKey.getKeyBits())
self.assertTrue(groupEKey.getKeyBits().equals(derivedGroupEKey.getKeyBits()))
# Check the third data packet.
data = result[2]
self.assertEqual(
"/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberB/ksk-123",
data.getName().toUri())
# Check the fourth data packet.
data = result[3]
self.assertEqual(
"/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberC/ksk-123",
data.getName().toUri())
# Check invalid time stamps for getting the group key.
timePoint2 = Schedule.fromIsoString("20150826T083000")
self.assertEqual(0, len(manager.getGroupKey(timePoint2)))
timePoint3 = Schedule.fromIsoString("20150827T023000")
self.assertEqual(0, len(manager.getGroupKey(timePoint3)))
