def test_varying_length_msg(self): pf = PKFernet(pr_kr, pu_kr) for i in xrange(50): msg = urlsafe_b64encode(os.urandom(i)) ctx = pf.encrypt(msg, "dan_haiwei", "ecc.secp224r1.1.enc.pub", "ecdsa_with_sha256.secp224r1.1.sig.priv", "ADATA", sign_also=True) deciphered_msg = pf.decrypt(ctx, "dan_haiwei", verify_also = True) assert deciphered_msg == msg
def test_rsa(self): pf = PKFernet(pr_kr, pu_kr) for i in xrange(20): msg = urlsafe_b64encode(os.urandom(40)) adata = urlsafe_b64encode(os.urandom(40)) ctx = pf.encrypt(msg, "dan_haiwei", "rsa.2048.1.enc.pub", "ecdsa_with_sha256.secp224r1.1.sig.priv", adata, sign_also = True) deciphered_msg = pf.decrypt(ctx, "dan_haiwei", verify_also = True) assert deciphered_msg == msg
def test__ecc_curves(self): pf = PKFernet(pr_kr, pu_kr) for alias in ["ecc.secp224r1.1.enc.pub", "ecc.sect571r1.1.enc.pub"]: _, curve, ver, _, _ = alias.split('.') msg = urlsafe_b64encode(os.urandom(40)) adata = urlsafe_b64encode(os.urandom(40)) ctx = pf.encrypt(msg, "dan_haiwei", alias, "ecdsa_with_sha256.{0}.{1}.sig.priv".format(curve, ver), adata, sign_also=True) deciphered_msg = pf.decrypt(ctx, "dan_haiwei", verify_also = True) assert deciphered_msg == msg
def test_pub_key_import(self): pf = PKFernet() assert not pf.pub_keyrings # assert empty rec = "test" kr = {"1": "key"} pf.import_pub_keys(rec, kr) pu_kr = {"test": {"1": "key"}} assert pf.pub_keyrings == pu_kr
def test_unverified(self): pf = PKFernet(pr_kr, pu_kr) for i in xrange(20): msg = urlsafe_b64encode(os.urandom(40)) adata = urlsafe_b64encode(os.urandom(40)) ctx = pf.encrypt(msg, "dan_haiwei", "ecc.secp224r1.1.enc.pub", "ecdsa_with_sha256.secp224r1.1.sig.priv", adata, sign_also = True) msg_and_sig = pf.decrypt(ctx, "dan_haiwei", verify_also = False) encoded_msg, sig_header, sig = msg_and_sig.split('|') deciphered_msg = urlsafe_b64decode(encoded_msg) assert deciphered_msg == msg assert sig_header and sig # ensure signatures exist, even if we don't check them
def test_rahul_enc_msg(self): pf = PKFernet(pr_kr, pu_kr) correct_msg = 'Hello from rahul to daniel and haiwei' rahul_ctx = '|ZWNjLnNlY3Q1NzFyMS4xLmVuYy5wdWI=|-----BEGIN PUBLIC KEY-----\nMIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFwCwWOH-JiYmwH2Cijob4gKSaz32a\nrCG83ffhPU9omLe08tAdTysSlW1cfjFY7TWwUNi2gP06XyW0P26_3HpsoNONvP-K\n2dUBnk5FaTQddfTxqhZvWEHW46c8tTXjFugHs_YSgoneQBC_uC24dyhs81Y38jvb\neBibEbxcyJhoXu8ERQwTGuNEmrXo0yPLoO8=\n-----END PUBLIC KEY-----\n|gbqziTAN4d1XX6kGJykgTmd86ChOO_R_EReptxCCFO-8sKibcVXSSyGn6exXE2ijDUYNVP4skLZXsmnlpmQy0r-lNPRfVKKeqScPOytE6MlTn6NedSbmBREOl5ugliFVl7rxHQ2Vg9lDtPKBhxDWaX8=' msg = urlsafe_b64decode(pf.decrypt(rahul_ctx, "rahul", verify_also = False)) assert msg == correct_msg
def test_export_pub_keys(self): pf = PKFernet(pr_kr, test_kr) assert pf.export_pub_keys(["test_1", "test_3"]) == test_export assert pf.export_pub_keys() == test_kr
def test_invalid_alias(self): pf = PKFernet(pr_kr, pu_kr) msg = urlsafe_b64encode(os.urandom(40)) adata = urlsafe_b64encode(os.urandom(40)) with pytest.raises(AssertionError): ctx = pf.encrypt(msg, "dan_haiwei", "ecc.non-existent.1.enc.pub", "ecdsa_with_sha256.secp224r1.1.sig.priv", adata, sign_also = True)
def test_invalid_receiver(self): pf = PKFernet(pr_kr, pu_kr) msg = urlsafe_b64encode(os.urandom(40)) adata = urlsafe_b64encode(os.urandom(40)) with pytest.raises(AssertionError): ctx = pf.encrypt(msg, "invalid_group", "ecc.secp224r1.1.enc.pub", "ecdsa_with_sha256.secp224r1.1.sig.priv", adata, sign_also = True)