def test_aes_128(self): plaintext = '6bc1bee22e409f96e93d7e117393172a' +\ 'ae2d8a571e03ac9c9eb76fac45af8e51' +\ '30c81c46a35ce411e5fbc1191a0a52ef' +\ 'f69f2445df4f9b17ad2b417be66c3710' ciphertext = '3b3fd92eb72dad20333449f8e83cfb4a' +\ '7789508d16918f03f53c52dac54ed825' +\ '9740051e9c5fecf64344f7a82260edcc' +\ '304c6528f659c77866a510d9c1d6ae5e' key = '2b7e151628aed2a6abf7158809cf4f3c' iv = '000102030405060708090a0b0c0d0e0f' key = unhexlify(key) iv = unhexlify(iv) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.decrypt(ciphertext), plaintext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.encrypt(plaintext[:-8]), ciphertext[:-8]) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.decrypt(ciphertext[:-8]), plaintext[:-8])
def test_aes_256(self): plaintext = '6bc1bee22e409f96e93d7e117393172a' +\ 'ae2d8a571e03ac9c9eb76fac45af8e51' +\ '30c81c46a35ce411e5fbc1191a0a52ef' +\ 'f69f2445df4f9b17ad2b417be66c3710' ciphertext = 'dc7e84bfda79164b7ecd8486985d3860' +\ '4febdc6740d20b3ac88f6ad82a4fb08d' +\ '71ab47a086e86eedf39d1c5bba97c408' +\ '0126141d67f37be8538f5a8be740e484' key = '603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4' iv = '000102030405060708090a0b0c0d0e0f' key = unhexlify(key) iv = unhexlify(iv) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.decrypt(ciphertext), plaintext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.encrypt(plaintext[:-8]), ciphertext[:-8]) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.decrypt(ciphertext[:-8]), plaintext[:-8])
def test_aes_192(self): plaintext = '6bc1bee22e409f96e93d7e117393172a' +\ 'ae2d8a571e03ac9c9eb76fac45af8e51' +\ '30c81c46a35ce411e5fbc1191a0a52ef' +\ 'f69f2445df4f9b17ad2b417be66c3710' ciphertext = 'cdc80d6fddf18cab34c25909c99a4174' +\ 'fcc28b8d4c63837c09e81700c1100401' +\ '8d9a9aeac0f6596f559c6d4daf59a5f2' +\ '6d9f200857ca6c3e9cac524bd9acc92a' key = '8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b' iv = '000102030405060708090a0b0c0d0e0f' key = unhexlify(key) iv = unhexlify(iv) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.decrypt(ciphertext), plaintext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.encrypt(plaintext[:-8]), ciphertext[:-8]) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.decrypt(ciphertext[:-8]), plaintext[:-8])
def test_des3(self): # The following test vectors have been generated with gpg v1.4.0. # The command line used was: # gpg -c -z 0 --cipher-algo 3DES --passphrase secret_passphrase \ # --disable-mdc --s2k-mode 0 --output ct pt # For an explanation, see test_AES.py . plaintext = 'ac1762037074324fb53ba3596f73656d69746556616c6c6579' ciphertext = '9979238528357b90e2e0be549cb0b2d5999b9a4a447e5c5c7d' key = '7ade65b460f5ea9be35f9e14aa883a2048e3824aa616c0b2' iv='cd47e2afb8b7e4b0' encrypted_iv='6a7eef0b58050e8b904a' plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) key = unhexlify(key) iv = unhexlify(iv) encrypted_iv = unhexlify(encrypted_iv) cipher = DES3.new(key, DES3.MODE_OPENPGP, iv) ct = cipher.encrypt(plaintext) self.assertEqual(ct[:10], encrypted_iv) self.assertEqual(ct[10:], ciphertext) cipher = DES3.new(key, DES3.MODE_OPENPGP, encrypted_iv) pt = cipher.decrypt(ciphertext) self.assertEqual(pt, plaintext)
def test_des3(self): # The following test vectors have been generated with gpg v1.4.0. # The command line used was: # gpg -c -z 0 --cipher-algo 3DES --passphrase secret_passphrase \ # --disable-mdc --s2k-mode 0 --output ct pt # For an explanation, see test_AES.py . plaintext = 'ac1762037074324fb53ba3596f73656d69746556616c6c6579' ciphertext = '9979238528357b90e2e0be549cb0b2d5999b9a4a447e5c5c7d' key = '7ade65b460f5ea9be35f9e14aa883a2048e3824aa616c0b2' iv = 'cd47e2afb8b7e4b0' encrypted_iv = '6a7eef0b58050e8b904a' plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) key = unhexlify(key) iv = unhexlify(iv) encrypted_iv = unhexlify(encrypted_iv) cipher = DES3.new(key, DES3.MODE_OPENPGP, iv) ct = cipher.encrypt(plaintext) self.assertEqual(ct[:10], encrypted_iv) self.assertEqual(ct[10:], ciphertext) cipher = DES3.new(key, DES3.MODE_OPENPGP, encrypted_iv) pt = cipher.decrypt(ciphertext) self.assertEqual(pt, plaintext)
def test_parity_option3(self): before_3k = unhexlify( "AAAAAAAAAAAAAAAABBBBBBBBBBBBBBBBCCCCCCCCCCCCCCCC") after_3k = DES3.adjust_key_parity(before_3k) self.assertEqual( after_3k, unhexlify("ABABABABABABABABBABABABABABABABACDCDCDCDCDCDCDCD"))
class TestVectors(unittest.TestCase): """Class exercising the SIV test vectors found in RFC5297""" # This is a list of tuples with 5 items: # # 1. Header + '|' + plaintext # 2. Header + '|' + ciphertext + '|' + MAC # 3. AES-128 key # 4. Description # 5. Dictionary of parameters to be passed to AES.new(). # It must include the nonce. # # A "Header" is a dash ('-') separated sequece of components. # test_vectors = [ ('101112131415161718191a1b1c1d1e1f2021222324252627', '112233445566778899aabbccddee', '40c02b9690c4dc04daef7f6afe5c', '85632d07c6e8f37f950acd320a2ecc93', 'fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff', None), ('00112233445566778899aabbccddeeffdeaddadadeaddadaffeeddccbbaa9988' + '7766554433221100-102030405060708090a0', '7468697320697320736f6d6520706c61696e7465787420746f20656e63727970' + '74207573696e67205349562d414553', 'cb900f2fddbe404326601965c889bf17dba77ceb094fa663b7a3f748ba8af829' + 'ea64ad544a272e9c485b62a3fd5c0d', '7bdb6e3b432667eb06f4d14bff2fbd0f', '7f7e7d7c7b7a79787776757473727170404142434445464748494a4b4c4d4e4f', '09f911029d74e35bd84156c5635688c0'), ] for index, tv in enumerate(test_vectors): test_vectors[index] = [[unhexlify(x) for x in tv[0].split("-")]] test_vectors[index] += [unhexlify(x) for x in tv[1:5]] if tv[5]: nonce = unhexlify(tv[5]) else: nonce = None test_vectors[index].append(nonce) def runTest(self): for assoc_data, pt, ct, mac, key, nonce in self.test_vectors: # Encrypt cipher = AES.new(key, AES.MODE_SIV, nonce=nonce) for x in assoc_data: cipher.update(x) ct2, mac2 = cipher.encrypt_and_digest(pt) self.assertEqual(ct, ct2) self.assertEqual(mac, mac2) # Decrypt cipher = AES.new(key, AES.MODE_SIV, nonce=nonce) for x in assoc_data: cipher.update(x) pt2 = cipher.decrypt_and_verify(ct, mac) self.assertEqual(pt, pt2)
def test_1(self): key = unhexlify("3da6c536d6295579c0959a7043efb503") iv = unhexlify("2b926197d34e091ef722db94") aad = unhexlify("00000000000000000000000000000000" + "000102030405060708090a0b0c0d0e0f" + "101112131415161718191a1b1c1d1e1f" + "202122232425262728292a2b2c2d2e2f" + "303132333435363738393a3b3c3d3e3f") digest = unhexlify("69dd586555ce3fcc89663801a71d957b") cipher = AES.new(key, AES.MODE_GCM, iv).update(aad) self.assertEqual(digest, cipher.digest())
def test_aes_128_cfb8(self): plaintext = '6bc1bee22e409f96e93d7e117393172aae2d' ciphertext = '3b79424c9c0dd436bace9e0ed4586a4f32b9' key = '2b7e151628aed2a6abf7158809cf4f3c' iv = '000102030405060708090a0b0c0d0e0f' key = unhexlify(key) iv = unhexlify(iv) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_CFB, iv, segment_size=8) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_CFB, iv, segment_size=8) self.assertEqual(cipher.decrypt(ciphertext), plaintext)
def test_aes_192_cfb8(self): plaintext = '6bc1bee22e409f96e93d7e117393172aae2d' ciphertext = 'cda2521ef0a905ca44cd057cbf0d47a0678a' key = '8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b' iv = '000102030405060708090a0b0c0d0e0f' key = unhexlify(key) iv = unhexlify(iv) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_CFB, iv, segment_size=8) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_CFB, iv, segment_size=8) self.assertEqual(cipher.decrypt(ciphertext), plaintext)
def test_aes_256_cfb8(self): plaintext = '6bc1bee22e409f96e93d7e117393172aae2d' ciphertext = 'dc1f1a8520a64db55fcc8ac554844e889700' key = '603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4' iv = '000102030405060708090a0b0c0d0e0f' key = unhexlify(key) iv = unhexlify(iv) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_CFB, iv, segment_size=8) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_CFB, iv, segment_size=8) self.assertEqual(cipher.decrypt(ciphertext), plaintext)
def test3(self): for keylen, taglen, result in self.tv3: key = bchr(0) * (keylen // 8 - 1) + bchr(taglen) C = b("") for i in xrange(128): S = bchr(0) * i N = long_to_bytes(3 * i + 1, 12) cipher = AES.new(key, AES.MODE_OCB, nonce=N, mac_len=taglen // 8) cipher.update(S) C += cipher.encrypt(S) + cipher.encrypt() + cipher.digest() N = long_to_bytes(3 * i + 2, 12) cipher = AES.new(key, AES.MODE_OCB, nonce=N, mac_len=taglen // 8) C += cipher.encrypt(S) + cipher.encrypt() + cipher.digest() N = long_to_bytes(3 * i + 3, 12) cipher = AES.new(key, AES.MODE_OCB, nonce=N, mac_len=taglen // 8) cipher.update(S) C += cipher.encrypt() + cipher.digest() N = long_to_bytes(385, 12) cipher = AES.new(key, AES.MODE_OCB, nonce=N, mac_len=taglen // 8) cipher.update(C) result2 = cipher.encrypt() + cipher.digest() self.assertEquals(unhexlify(b(result)), result2)
class PKCS1_15_NoParams(unittest.TestCase): """Verify that PKCS#1 v1.5 signatures pass even without NULL parameters in the algorithm identifier (PyCrypto/LP bug #1119552).""" rsakey = """-----BEGIN RSA PRIVATE KEY----- MIIBOwIBAAJBAL8eJ5AKoIsjURpcEoGubZMxLD7+kT+TLr7UkvEtFrRhDDKMtuII q19FrL4pUIMymPMSLBn3hJLe30Dw48GQM4UCAwEAAQJACUSDEp8RTe32ftq8IwG8 Wojl5mAd1wFiIOrZ/Uv8b963WJOJiuQcVN29vxU5+My9GPZ7RA3hrDBEAoHUDPrI OQIhAPIPLz4dphiD9imAkivY31Rc5AfHJiQRA7XixTcjEkojAiEAyh/pJHks/Mlr +rdPNEpotBjfV4M4BkgGAA/ipcmaAjcCIQCHvhwwKVBLzzTscT2HeUdEeBMoiXXK JACAr3sJQJGxIQIgarRp+m1WSKV1MciwMaTOnbU7wxFs9DP1pva76lYBzgUCIQC9 n0CnZCJ6IZYqSt0H5N7+Q+2Ro64nuwV/OSQfM6sBwQ== -----END RSA PRIVATE KEY-----""" msg = b("This is a test\x0a") # PKCS1 v1.5 signature of the message computed using SHA-1. # The digestAlgorithm SEQUENCE does NOT contain the NULL parameter. signature = "a287a13517f716e72fb14eea8e33a8db4a4643314607e7ca3e3e28"\ "1893db74013dda8b855fd99f6fecedcb25fcb7a434f35cd0a101f8"\ "b19348e0bd7b6f152dfc" signature = unhexlify(b(signature)) def runTest(self): verifier = pkcs1_15.new(RSA.importKey(self.rsakey)) hashed = SHA1.new(self.msg) verifier.verify(hashed, self.signature)
def add_tests(self, filename): comps = "Cryptodome.SelfTest.Signature.test_vectors.wycheproof".split(".") with open(pycryptodome_filename(comps, filename), "rt") as file_in: tv_tree = json.load(file_in) for group in tv_tree['testGroups']: try: key = ECC.import_key(group['keyPem']) except ValueError: continue hash_name = group['sha'] if hash_name == "SHA-256": hash_module = SHA256 elif hash_name == "SHA-224": hash_module = SHA224 elif hash_name == "SHA-1": hash_module = SHA1 else: assert False assert group['type'] == "ECDSAVer" for test in group['tests']: tv = TestVector() tv.id = test['tcId'] tv.comment = test['comment'] for attr in 'msg', 'sig': setattr(tv, attr, unhexlify(test[attr])) tv.key = key tv.hash_module = hash_module tv.valid = test['result'] != "invalid" tv.warning = test['result'] == "acceptable" self.tv.append(tv)
def setUp(self): file_in = open( pycryptodome_filename( "Cryptodome.SelfTest.Cipher.test_vectors.wycheproof".split( "."), "aes_gcm_test.json"), "rt") tv_tree = json.load(file_in) class TestVector(object): pass self.tv = [] for group in tv_tree['testGroups']: tag_size = group['tagSize'] // 8 for test in group['tests']: tv = TestVector() tv.tag_size = tag_size tv.id = test['tcId'] tv.comment = test['comment'] for attr in 'key', 'iv', 'aad', 'msg', 'ct', 'tag': setattr(tv, attr, unhexlify(test[attr])) tv.valid = test['result'] != "invalid" tv.warning = test['result'] == "acceptable" self.tv.append(tv)
def setUp(self): comps = "Cryptodome.SelfTest.Signature.test_vectors.wycheproof".split(".") with open(pycryptodome_filename(comps, "rsa_signature_test.json"), "rt") as file_in: tv_tree = json.load(file_in) class TestVector(object): pass self.tv = [] for group in tv_tree['testGroups']: key = RSA.import_key(group['keyPem']) hash_name = group['sha'] if hash_name == "SHA-256": hash_module = SHA256 elif hash_name == "SHA-224": hash_module = SHA224 elif hash_name == "SHA-1": hash_module = SHA1 else: assert False assert group['type'] == "RSASigVer" for test in group['tests']: tv = TestVector() tv.id = test['tcId'] tv.comment = test['comment'] for attr in 'msg', 'sig': setattr(tv, attr, unhexlify(test[attr])) tv.key = key tv.hash_module = hash_module tv.valid = test['result'] != "invalid" tv.warning = test['result'] == "acceptable" self.tv.append(tv)
def test_hex_mac(self): cipher = AES.new(self.key_256, AES.MODE_SIV, nonce=self.nonce_96) mac_hex = cipher.hexdigest() self.assertEqual(cipher.digest(), unhexlify(mac_hex)) cipher = AES.new(self.key_256, AES.MODE_SIV, nonce=self.nonce_96) cipher.hexverify(mac_hex)
def test_hex_mac(self): cipher = AES.new(self.key_128, AES.MODE_EAX, nonce=self.nonce_96) mac_hex = cipher.hexdigest() self.assertEqual(cipher.digest(), unhexlify(mac_hex)) cipher = AES.new(self.key_128, AES.MODE_EAX, nonce=self.nonce_96) cipher.hexverify(mac_hex)
def test1(self): key = unhexlify(b(self.tv1_key)) for tv in self.tv1: nonce, aad, pt, ct = [ unhexlify(b(x)) for x in tv ] ct, mac_tag = ct[:-16], ct[-16:] cipher = AES.new(key, AES.MODE_OCB, nonce=nonce) cipher.update(aad) ct2 = cipher.encrypt(pt) + cipher.encrypt() self.assertEquals(ct, ct2) self.assertEquals(mac_tag, cipher.digest()) cipher = AES.new(key, AES.MODE_OCB, nonce=nonce) cipher.update(aad) pt2 = cipher.decrypt(ct) + cipher.decrypt() self.assertEquals(pt, pt2) cipher.verify(mac_tag)
def test_aes(self): # The following test vectors have been generated with gpg v1.4.0. # The command line used was: # # gpg -c -z 0 --cipher-algo AES --passphrase secret_passphrase \ # --disable-mdc --s2k-mode 0 --output ct pt # # As result, the content of the file 'pt' is encrypted with a key derived # from 'secret_passphrase' and written to file 'ct'. # Test vectors must be extracted from 'ct', which is a collection of # TLVs (see RFC4880 for all details): # - the encrypted data (with the encrypted IV as prefix) is the payload # of the TLV with tag 9 (Symmetrical Encrypted Data Packet). # This is the ciphertext in the test vector. # - inside the encrypted part, there is a further layer of TLVs. One must # look for tag 11 (Literal Data Packet); in its payload, after a short # but time dependent header, there is the content of file 'pt'. # In the test vector, the plaintext is the complete set of TLVs that gets # encrypted. It is not just the content of 'pt'. # - the key is the leftmost 16 bytes of the SHA1 digest of the password. # The test vector contains such shortened digest. # # Note that encryption uses a clear IV, and decryption an encrypted IV plaintext = 'ac18620270744fb4f647426c61636b4361745768697465436174' ciphertext = 'dc6b9e1f095de609765c59983db5956ae4f63aea7405389d2ebb' key = '5baa61e4c9b93f3f0682250b6cf8331b' iv = '3d7d3e62282add7eb203eeba5c800733' encrypted_iv='fd934601ef49cb58b6d9aebca6056bdb96ef' plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) key = unhexlify(key) iv = unhexlify(iv) encrypted_iv = unhexlify(encrypted_iv) cipher = AES.new(key, AES.MODE_OPENPGP, iv) ct = cipher.encrypt(plaintext) self.assertEqual(ct[:18], encrypted_iv) self.assertEqual(ct[18:], ciphertext) cipher = AES.new(key, AES.MODE_OPENPGP, encrypted_iv) pt = cipher.decrypt(ciphertext) self.assertEqual(pt, plaintext)
def test_aes(self): # The following test vectors have been generated with gpg v1.4.0. # The command line used was: # # gpg -c -z 0 --cipher-algo AES --passphrase secret_passphrase \ # --disable-mdc --s2k-mode 0 --output ct pt # # As result, the content of the file 'pt' is encrypted with a key derived # from 'secret_passphrase' and written to file 'ct'. # Test vectors must be extracted from 'ct', which is a collection of # TLVs (see RFC4880 for all details): # - the encrypted data (with the encrypted IV as prefix) is the payload # of the TLV with tag 9 (Symmetrical Encrypted Data Packet). # This is the ciphertext in the test vector. # - inside the encrypted part, there is a further layer of TLVs. One must # look for tag 11 (Literal Data Packet); in its payload, after a short # but time dependent header, there is the content of file 'pt'. # In the test vector, the plaintext is the complete set of TLVs that gets # encrypted. It is not just the content of 'pt'. # - the key is the leftmost 16 bytes of the SHA1 digest of the password. # The test vector contains such shortened digest. # # Note that encryption uses a clear IV, and decryption an encrypted IV plaintext = 'ac18620270744fb4f647426c61636b4361745768697465436174' ciphertext = 'dc6b9e1f095de609765c59983db5956ae4f63aea7405389d2ebb' key = '5baa61e4c9b93f3f0682250b6cf8331b' iv = '3d7d3e62282add7eb203eeba5c800733' encrypted_iv = 'fd934601ef49cb58b6d9aebca6056bdb96ef' plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) key = unhexlify(key) iv = unhexlify(iv) encrypted_iv = unhexlify(encrypted_iv) cipher = AES.new(key, AES.MODE_OPENPGP, iv) ct = cipher.encrypt(plaintext) self.assertEqual(ct[:18], encrypted_iv) self.assertEqual(ct[18:], ciphertext) cipher = AES.new(key, AES.MODE_OPENPGP, encrypted_iv) pt = cipher.decrypt(ciphertext) self.assertEqual(pt, plaintext)
class RFC3686TestVectors(unittest.TestCase): # Each item is a test vector with: # - plaintext # - ciphertext # - key (AES 128, 192 or 256 bits) # - counter prefix data = (( '53696e676c6520626c6f636b206d7367', 'e4095d4fb7a7b3792d6175a3261311b8', 'ae6852f8121067cc4bf7a5765577f39e', '00000030' + '0000000000000000' ), ( '000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f', '5104a106168a72d9790d41ee8edad388eb2e1efc46da57c8fce630df9141be28', '7e24067817fae0d743d6ce1f32539163', '006cb6dbc0543b59da48d90b' ), ( '000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223', 'c1cf48a89f2ffdd9cf4652e9efdb72d74540a42bde6d7836d59a5ceaaef3105325b2072f', '7691be035e5020a8ac6e618529f9a0dc', '00e0017b27777f3f4a1786f0' ), ( '53696e676c6520626c6f636b206d7367', '4b55384fe259c9c84e7935a003cbe928', '16af5b145fc9f579c175f93e3bfb0eed863d06ccfdb78515', '0000004836733c147d6d93cb' ), ( '000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f', '453243fc609b23327edfaafa7131cd9f8490701c5ad4a79cfc1fe0ff42f4fb00', '7c5cb2401b3dc33c19e7340819e0f69c678c3db8e6f6a91a', '0096b03b020c6eadc2cb500d' ), ( '000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223', '96893fc55e5c722f540b7dd1ddf7e758d288bc95c69165884536c811662f2188abee0935', '02bf391ee8ecb159b959617b0965279bf59b60a786d3e0fe', '0007bdfd5cbd60278dcc0912' ), ( '53696e676c6520626c6f636b206d7367', '145ad01dbf824ec7560863dc71e3e0c0', '776beff2851db06f4c8a0542c8696f6c6a81af1eec96b4d37fc1d689e6c1c104', '00000060db5672c97aa8f0b2' ), ( '000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f', 'f05e231b3894612c49ee000b804eb2a9b8306b508f839d6a5530831d9344af1c', 'f6d66d6bd52d59bb0796365879eff886c66dd51a5b6a99744b50590c87a23884', '00faac24c1585ef15a43d875' ), ('000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223', 'eb6c52821d0bbbf7ce7594462aca4faab407df866569fd07f48cc0b583d6071f1ec0e6b8', 'ff7a617ce69148e4f1726e2f43581de2aa62d9f805532edff1eed687fb54153d', '001cc5b751a51d70a1c11148')) bindata = [] for tv in data: bindata.append([unhexlify(x) for x in tv]) def runTest(self): for pt, ct, key, prefix in self.bindata: counter = Counter.new(32, prefix=prefix) cipher = AES.new(key, AES.MODE_CTR, counter=counter) result = cipher.encrypt(pt) self.assertEqual(ct, result)
def test_aes_128_cfb128(self): plaintext = '6bc1bee22e409f96e93d7e117393172a' +\ 'ae2d8a571e03ac9c9eb76fac45af8e51' +\ '30c81c46a35ce411e5fbc1191a0a52ef' +\ 'f69f2445df4f9b17ad2b417be66c3710' ciphertext = '3b3fd92eb72dad20333449f8e83cfb4a' +\ 'c8a64537a0b3a93fcde3cdad9f1ce58b' +\ '26751f67a3cbb140b1808cf187a4f4df' +\ 'c04b05357c5d1c0eeac4c66f9ff7f2e6' key = '2b7e151628aed2a6abf7158809cf4f3c' iv = '000102030405060708090a0b0c0d0e0f' key = unhexlify(key) iv = unhexlify(iv) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_CFB, iv, segment_size=128) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_CFB, iv, segment_size=128) self.assertEqual(cipher.decrypt(ciphertext), plaintext)
def test_aes_256(self): plaintext = '6bc1bee22e409f96e93d7e117393172a' +\ 'ae2d8a571e03ac9c9eb76fac45af8e51' +\ '30c81c46a35ce411e5fbc1191a0a52ef' +\ 'f69f2445df4f9b17ad2b417be66c3710' ciphertext = '601ec313775789a5b7a7f504bbf3d228' +\ 'f443e3ca4d62b59aca84e990cacaf5c5' +\ '2b0930daa23de94ce87017ba2d84988d' +\ 'dfc9c58db67aada613c2dd08457941a6' key = '603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4' counter = Counter.new(nbits=16, prefix=unhexlify('f0f1f2f3f4f5f6f7f8f9fafbfcfd'), initial_value=0xfeff) key = unhexlify(key) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_CTR, counter=counter) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_CTR, counter=counter) self.assertEqual(cipher.decrypt(ciphertext), plaintext)
def test_aes_256(self): key = '603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4' iv = '000102030405060708090a0b0c0d0e0f' plaintext = '6bc1bee22e409f96e93d7e117393172a' +\ 'ae2d8a571e03ac9c9eb76fac45af8e51' +\ '30c81c46a35ce411e5fbc1191a0a52ef' +\ 'f69f2445df4f9b17ad2b417be66c3710' ciphertext = 'f58c4c04d6e5f1ba779eabfb5f7bfbd6' +\ '9cfc4e967edb808d679f777bc6702c7d' +\ '39f23369a9d9bacfa530e26304231461' +\ 'b2eb05e2c39be9fcda6c19078c6a9d1b' key = unhexlify(key) iv = unhexlify(iv) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_CBC, iv) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_CBC, iv) self.assertEqual(cipher.decrypt(ciphertext), plaintext)
def test_aes_192(self): key = '8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b' iv = '000102030405060708090a0b0c0d0e0f' plaintext = '6bc1bee22e409f96e93d7e117393172a' +\ 'ae2d8a571e03ac9c9eb76fac45af8e51' +\ '30c81c46a35ce411e5fbc1191a0a52ef' +\ 'f69f2445df4f9b17ad2b417be66c3710' ciphertext = '4f021db243bc633d7178183a9fa071e8' +\ 'b4d9ada9ad7dedf4e5e738763f69145a' +\ '571b242012fb7ae07fa9baac3df102e0' +\ '08b0e27988598881d920a9e64f5615cd' key = unhexlify(key) iv = unhexlify(iv) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_CBC, iv) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_CBC, iv) self.assertEqual(cipher.decrypt(ciphertext), plaintext)
def test_aes_128(self): key = '2b7e151628aed2a6abf7158809cf4f3c' iv = '000102030405060708090a0b0c0d0e0f' plaintext = '6bc1bee22e409f96e93d7e117393172a' +\ 'ae2d8a571e03ac9c9eb76fac45af8e51' +\ '30c81c46a35ce411e5fbc1191a0a52ef' +\ 'f69f2445df4f9b17ad2b417be66c3710' ciphertext = '7649abac8119b246cee98e9b12e9197d' +\ '5086cb9b507219ee95db113a917678b2' +\ '73bed6b8e3c1743b7116e69e22229516' +\ '3ff1caa1681fac09120eca307586e1a7' key = unhexlify(key) iv = unhexlify(iv) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_CBC, iv) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_CBC, iv) self.assertEqual(cipher.decrypt(ciphertext), plaintext)
def test_aes_192_cfb128(self): plaintext = '6bc1bee22e409f96e93d7e117393172a' +\ 'ae2d8a571e03ac9c9eb76fac45af8e51' +\ '30c81c46a35ce411e5fbc1191a0a52ef' +\ 'f69f2445df4f9b17ad2b417be66c3710' ciphertext = 'cdc80d6fddf18cab34c25909c99a4174' +\ '67ce7f7f81173621961a2b70171d3d7a' +\ '2e1e8a1dd59b88b1c8e60fed1efac4c9' +\ 'c05f9f9ca9834fa042ae8fba584b09ff' key = '8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b' iv = '000102030405060708090a0b0c0d0e0f' key = unhexlify(key) iv = unhexlify(iv) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_CFB, iv, segment_size=128) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_CFB, iv, segment_size=128) self.assertEqual(cipher.decrypt(ciphertext), plaintext)
def test_aes_256_cfb128(self): plaintext = '6bc1bee22e409f96e93d7e117393172a' +\ 'ae2d8a571e03ac9c9eb76fac45af8e51' +\ '30c81c46a35ce411e5fbc1191a0a52ef' +\ 'f69f2445df4f9b17ad2b417be66c3710' ciphertext = 'dc7e84bfda79164b7ecd8486985d3860' +\ '39ffed143b28b1c832113c6331e5407b' +\ 'df10132415e54b92a13ed0a8267ae2f9' +\ '75a385741ab9cef82031623d55b1e471' key = '603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4' iv = '000102030405060708090a0b0c0d0e0f' key = unhexlify(key) iv = unhexlify(iv) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_CFB, iv, segment_size=128) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_CFB, iv, segment_size=128) self.assertEqual(cipher.decrypt(ciphertext), plaintext)
def test_aes_192(self): plaintext = '6bc1bee22e409f96e93d7e117393172a' +\ 'ae2d8a571e03ac9c9eb76fac45af8e51' +\ '30c81c46a35ce411e5fbc1191a0a52ef' +\ 'f69f2445df4f9b17ad2b417be66c3710' ciphertext = '1abc932417521ca24f2b0459fe7e6e0b' +\ '090339ec0aa6faefd5ccc2c6f4ce8e94' +\ '1e36b26bd1ebc670d1bd1d665620abf7' +\ '4f78a7f6d29809585a97daec58c6b050' key = '8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b' counter = Counter.new(nbits=16, prefix=unhexlify('f0f1f2f3f4f5f6f7f8f9fafbfcfd'), initial_value=0xfeff) key = unhexlify(key) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_CTR, counter=counter) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_CTR, counter=counter) self.assertEqual(cipher.decrypt(ciphertext), plaintext)
def test_aes_128(self): plaintext = '6bc1bee22e409f96e93d7e117393172a' +\ 'ae2d8a571e03ac9c9eb76fac45af8e51' +\ '30c81c46a35ce411e5fbc1191a0a52ef' +\ 'f69f2445df4f9b17ad2b417be66c3710' ciphertext = '874d6191b620e3261bef6864990db6ce' +\ '9806f66b7970fdff8617187bb9fffdff' +\ '5ae4df3edbd5d35e5b4f09020db03eab' +\ '1e031dda2fbe03d1792170a0f3009cee' key = '2b7e151628aed2a6abf7158809cf4f3c' counter = Counter.new(nbits=16, prefix=unhexlify('f0f1f2f3f4f5f6f7f8f9fafbfcfd'), initial_value=0xfeff) key = unhexlify(key) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_CTR, counter=counter) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_CTR, counter=counter) self.assertEqual(cipher.decrypt(ciphertext), plaintext)
def hexverify(self, hex_mac_tag): """Validate the *printable* MAC tag. This method is like `verify`. :Parameters: hex_mac_tag : string This is the *printable* MAC, as received from the sender. :Raises ValueError: if the MAC does not match. The message has been tampered with or the key is incorrect. """ self.verify(unhexlify(hex_mac_tag))
def test_seek_tv(self): # Test Vector #4, A.1 from # http://tools.ietf.org/html/draft-nir-cfrg-chacha20-poly1305-04 key = bchr(0) + bchr(255) + bchr(0) * 30 nonce = bchr(0) * 8 cipher = ChaCha20.new(key=key, nonce=nonce) cipher.seek(64 * 2) expected_key_stream = unhexlify( b("72d54dfbf12ec44b362692df94137f32" "8fea8da73990265ec1bbbea1ae9af0ca" "13b25aa26cb4a648cb9b9d1be65b2c09" "24a66c54d545ec1b7374f4872e99f096")) ct = cipher.encrypt(bchr(0) * len(expected_key_stream)) self.assertEqual(expected_key_stream, ct)
def test_seek_tv(self): # Test Vector #4, A.1 from # http://tools.ietf.org/html/draft-nir-cfrg-chacha20-poly1305-04 key = bchr(0) + bchr(255) + bchr(0) * 30 nonce = bchr(0) * 8 cipher = ChaCha20.new(key=key, nonce=nonce) cipher.seek(64 * 2) expected_key_stream = unhexlify(b( "72d54dfbf12ec44b362692df94137f32" "8fea8da73990265ec1bbbea1ae9af0ca" "13b25aa26cb4a648cb9b9d1be65b2c09" "24a66c54d545ec1b7374f4872e99f096" )) ct = cipher.encrypt(bchr(0) * len(expected_key_stream)) self.assertEqual(expected_key_stream, ct)
def test2(self): key, nonce, aad, pt, ct = [ unhexlify(b(x)) for x in self.tv2 ] ct, mac_tag = ct[:-12], ct[-12:] cipher = AES.new(key, AES.MODE_OCB, nonce=nonce, mac_len=12) cipher.update(aad) ct2 = cipher.encrypt(pt) + cipher.encrypt() self.assertEquals(ct, ct2) self.assertEquals(mac_tag, cipher.digest()) cipher = AES.new(key, AES.MODE_OCB, nonce=nonce, mac_len=12) cipher.update(aad) pt2 = cipher.decrypt(ct) + cipher.decrypt() self.assertEquals(pt, pt2) cipher.verify(mac_tag)
def setUp(self): comps = "Cryptodome.SelfTest.Cipher.test_vectors.wycheproof".split(".") with open(pycryptodome_filename(comps, "aes_siv_cmac_test.json"), "rt") as file_in: tv_tree = json.load(file_in) class TestVector(object): pass self.tv = [] for group in tv_tree['testGroups']: for test in group['tests']: tv = TestVector() tv.id = test['tcId'] for attr in 'key', 'aad', 'msg', 'ct': setattr(tv, attr, unhexlify(test[attr])) tv.valid = test['result'] != "invalid" self.tv.append(tv)
def setUp(self): comps = "Cryptodome.SelfTest.Cipher.test_vectors.wycheproof".split(".") with open(pycryptodome_filename(comps, "aes_eax_test.json"), "rt") as file_in: tv_tree = json.load(file_in) class TestVector(object): pass self.tv = [] for group in tv_tree['testGroups']: tag_size = group['tagSize'] // 8 for test in group['tests']: tv = TestVector() tv.tag_size = tag_size tv.id = test['tcId'] tv.comment = test['comment'] for attr in 'key', 'iv', 'aad', 'msg', 'ct', 'tag': setattr(tv, attr, unhexlify(test[attr])) tv.valid = test['result'] != "invalid" tv.warning = test['result'] == "acceptable" self.tv.append(tv)
def test_2(self): key = unhexlify("843ffcf5d2b72694d19ed01d01249412") iv = unhexlify("dbcca32ebf9b804617c3aa9e") aad = unhexlify("00000000000000000000000000000000" + "101112131415161718191a1b1c1d1e1f") pt = unhexlify("000102030405060708090a0b0c0d0e0f" + "101112131415161718191a1b1c1d1e1f" + "202122232425262728292a2b2c2d2e2f" + "303132333435363738393a3b3c3d3e3f" + "404142434445464748494a4b4c4d4e4f") ct = unhexlify("6268c6fa2a80b2d137467f092f657ac0" + "4d89be2beaa623d61b5a868c8f03ff95" + "d3dcee23ad2f1ab3a6c80eaf4b140eb0" + "5de3457f0fbc111a6b43d0763aa422a3" + "013cf1dc37fe417d1fbfc449b75d4cc5") digest = unhexlify("3b629ccfbc1119b7319e1dce2cd6fd6d") cipher = AES.new(key, AES.MODE_GCM, iv).update(aad) ct2, digest2 = cipher.encrypt_and_digest(pt) self.assertEqual(ct, ct2) self.assertEqual(digest, digest2)
def test_parity_option3(self): before_3k = unhexlify("AAAAAAAAAAAAAAAABBBBBBBBBBBBBBBBCCCCCCCCCCCCCCCC") after_3k = DES3.adjust_key_parity(before_3k) self.assertEqual(after_3k, unhexlify("ABABABABABABABABBABABABABABABABACDCDCDCDCDCDCDCD"))