Ejemplo n.º 1
0
    def test_base64_decode(self):
        dec_one = to_test.decode_value("AA==", to_test.Encoding.BASE64)
        dec_string = to_test.decode_value("c29tZSBkYXRh", to_test.Encoding.BASE64)
        dec_empty = to_test.decode_value("", to_test.Encoding.BASE64)

        self.assertEqual(bytes(1), dec_one, "Decoded value not matching")
        self.assertEqual(b"some data", dec_string, "Decoded value not matching")
        self.assertEqual(b"", dec_empty, "Decoded value not matching")
Ejemplo n.º 2
0
    def test_hex_decode(self):
        dec_one = to_test.decode_value("00", to_test.Encoding.HEX)
        dec_string = to_test.decode_value("736f6d652064617461", to_test.Encoding.HEX)
        dec_empty = to_test.decode_value("", to_test.Encoding.HEX)

        self.assertEqual(bytes(1), dec_one, "Decoded value not matching")
        self.assertEqual(b"some data", dec_string, "Decoded value not matching")
        self.assertEqual(b"", dec_empty, "Decoded value not matching")
Ejemplo n.º 3
0
def decrypt_payload(payload, config, _params=None):
    """Decrypt some fields of a JSON payload using the given configuration."""

    try:
        json_payload = payload if type(payload) is dict else json.loads(
            payload)

        for elem, target in config.paths["$"].to_decrypt.items():
            try:
                node = get_node(json_payload, elem)

                cipher_text = decode_value(
                    node.pop(config.encrypted_value_field_name),
                    config.data_encoding)

                if not _params:
                    try:
                        encrypted_key = node.pop(
                            config.encrypted_key_field_name)
                        iv = node.pop(config.iv_field_name)
                    except KeyError:
                        raise EncryptionError(
                            "Encryption field(s) missing in payload.")

                    oaep_digest_algo = node.pop(
                        config.oaep_padding_digest_algorithm_field_name,
                        config.oaep_padding_digest_algorithm)

                    _remove_fingerprint_from_node(node, config)

                    params = SessionKeyParams(config, encrypted_key, iv,
                                              oaep_digest_algo)
                else:
                    params = _params

                cleanup_node(json_payload, elem, target)

                try:
                    update_node(
                        json_payload, target,
                        _decrypt_bytes(params.key, params.iv_spec,
                                       cipher_text))
                except KeyError:
                    raise EncryptionError("Field '" + target + "' not found!")

            except KeyError:
                pass  # encrypted data node not found, nothing to decrypt

        return json_payload

    except json.JSONDecodeError:  # not a json response - return it as is
        return payload
    except (IOError, ValueError, TypeError) as e:
        raise EncryptionError("Payload decryption failed!", e)
Ejemplo n.º 4
0
    def __unwrap_secret_key(encrypted_key, config, _hash):
        try:
            hash_algo = load_hash_algorithm(_hash)

            encrypted_key = decode_value(encrypted_key, config.data_encoding)
            _cipher = PKCS1_OAEP.new(key=config.decryption_key,
                                     hashAlgo=hash_algo)

            secret_key = _cipher.decrypt(encrypted_key)
            return secret_key

        except (IOError, TypeError, Error):
            raise KeyWrappingError("Unable to decrypt session secret key.")
Ejemplo n.º 5
0
    def iv_spec(self):
        if not self._iv:
            self._iv = decode_value(self._iv_value, self._config.data_encoding)

        return self._iv