Exemple #1
0
    def test_invalid_verify(self, backend):
        key = b"2b7e151628aed2a6abf7158809cf4f3c"
        cmac = CMAC(AES(key), backend)
        cmac.update(b"6bc1bee22e409f96e93d7e117393172a")

        with pytest.raises(InvalidSignature):
            cmac.verify(b"foobar")
Exemple #2
0
 def test_buffer_protocol(self, backend):
     key = bytearray(b"2b7e151628aed2a6abf7158809cf4f3c")
     cmac = CMAC(AES(key), backend)
     cmac.update(b"6bc1bee22e409f96e93d7e117393172a")
     assert cmac.finalize() == binascii.unhexlify(
         b"a21e6e647bfeaf5ca0a5e1bcd957dfad"
     )
Exemple #3
0
    def test_aes_verify(self, backend, params):
        key = params["key"]
        message = params["message"]
        output = params["output"]

        cmac = CMAC(AES(binascii.unhexlify(key)), backend)
        cmac.update(binascii.unhexlify(message))
        assert cmac.verify(binascii.unhexlify(output)) is None
Exemple #4
0
    def test_aes_generate(self, backend, params):
        key = params["key"]
        message = params["message"]
        output = params["output"]

        cmac = CMAC(AES(binascii.unhexlify(key)), backend)
        cmac.update(binascii.unhexlify(message))
        assert binascii.hexlify(cmac.finalize()) == output
Exemple #5
0
    def test_aes_verify(self, backend, params):
        key = params["key"]
        message = params["message"]
        output = params["output"]

        cmac = CMAC(AES(binascii.unhexlify(key)), backend)
        cmac.update(binascii.unhexlify(message))
        assert cmac.verify(binascii.unhexlify(output)) is None
Exemple #6
0
    def test_aes_generate(self, backend, params):
        key = params["key"]
        message = params["message"]
        output = params["output"]

        cmac = CMAC(AES(binascii.unhexlify(key)), backend)
        cmac.update(binascii.unhexlify(message))
        assert binascii.hexlify(cmac.finalize()) == output
def test_copy():
    backend = DummyCMACBackend([AES])
    copied_ctx = pretend.stub()
    pretend_ctx = pretend.stub(copy=lambda: copied_ctx)
    key = b"2b7e151628aed2a6abf7158809cf4f3c"
    cmac = CMAC(AES(key), backend=backend, ctx=pretend_ctx)

    assert cmac._backend is backend
    assert cmac.copy()._backend is backend
Exemple #8
0
    def test_verify_reject_unicode(self, backend):
        key = b"2b7e151628aed2a6abf7158809cf4f3c"
        cmac = CMAC(AES(key), backend)

        with pytest.raises(TypeError):
            cmac.update(six.u(''))

        with pytest.raises(TypeError):
            cmac.verify(six.u(''))
Exemple #9
0
def test_copy():
    backend = DummyCMACBackend([AES])
    copied_ctx = pretend.stub()
    pretend_ctx = pretend.stub(copy=lambda: copied_ctx)
    key = b"2b7e151628aed2a6abf7158809cf4f3c"
    cmac = CMAC(AES(key), backend=backend, ctx=pretend_ctx)

    assert cmac._backend is backend
    assert cmac.copy()._backend is backend
Exemple #10
0
    def test_3des_verify(self, backend, params):
        key1 = params["key1"]
        key2 = params["key2"]
        key3 = params["key3"]

        key = key1 + key2 + key3

        message = params["message"]
        output = params["output"]

        cmac = CMAC(TripleDES(binascii.unhexlify(key)), backend)
        cmac.update(binascii.unhexlify(message))
        assert cmac.verify(binascii.unhexlify(output)) is None
Exemple #11
0
def test_copy():
    @utils.register_interface(CMACBackend)
    class PretendBackend(object):
        pass

    pretend_backend = PretendBackend()
    copied_ctx = pretend.stub()
    pretend_ctx = pretend.stub(copy=lambda: copied_ctx)
    key = b"2b7e151628aed2a6abf7158809cf4f3c"
    cmac = CMAC(AES(key), backend=pretend_backend, ctx=pretend_ctx)

    assert cmac._backend is pretend_backend
    assert cmac.copy()._backend is pretend_backend
Exemple #12
0
    def test_raises_after_finalize(self, backend):
        key = b"2b7e151628aed2a6abf7158809cf4f3c"
        cmac = CMAC(AES(key), backend)
        cmac.finalize()

        with pytest.raises(AlreadyFinalized):
            cmac.update(b"foo")

        with pytest.raises(AlreadyFinalized):
            cmac.copy()

        with pytest.raises(AlreadyFinalized):
            cmac.finalize()
Exemple #13
0
    def test_3des_generate(self, backend, params):
        key1 = params["key1"]
        key2 = params["key2"]
        key3 = params["key3"]

        key = key1 + key2 + key3

        message = params["message"]
        output = params["output"]

        cmac = CMAC(TripleDES(binascii.unhexlify(key)), backend)
        cmac.update(binascii.unhexlify(message))
        assert binascii.hexlify(cmac.finalize()) == output
Exemple #14
0
    def test_3des_verify(self, backend, params):
        key1 = params["key1"]
        key2 = params["key2"]
        key3 = params["key3"]

        key = key1 + key2 + key3

        message = params["message"]
        output = params["output"]

        cmac = CMAC(TripleDES(binascii.unhexlify(key)), backend)
        cmac.update(binascii.unhexlify(message))
        assert cmac.verify(binascii.unhexlify(output)) is None
Exemple #15
0
def test_copy():
    @utils.register_interface(CMACBackend)
    class PretendBackend(object):
        pass

    pretend_backend = PretendBackend()
    copied_ctx = pretend.stub()
    pretend_ctx = pretend.stub(copy=lambda: copied_ctx)
    key = b"2b7e151628aed2a6abf7158809cf4f3c"
    cmac = CMAC(AES(key), backend=pretend_backend, ctx=pretend_ctx)

    assert cmac._backend is pretend_backend
    assert cmac.copy()._backend is pretend_backend
Exemple #16
0
    def test_3des_generate(self, backend, params):
        key1 = params["key1"]
        key2 = params["key2"]
        key3 = params["key3"]

        key = key1 + key2 + key3

        message = params["message"]
        output = params["output"]

        cmac = CMAC(TripleDES(binascii.unhexlify(key)), backend)
        cmac.update(binascii.unhexlify(message))
        assert binascii.hexlify(cmac.finalize()) == output
Exemple #17
0
    def test_raises_after_finalize(self, backend):
        key = b"2b7e151628aed2a6abf7158809cf4f3c"
        cmac = CMAC(AES(key), backend)
        cmac.finalize()

        with pytest.raises(AlreadyFinalized):
            cmac.update(b"foo")

        with pytest.raises(AlreadyFinalized):
            cmac.copy()

        with pytest.raises(AlreadyFinalized):
            cmac.finalize()
Exemple #18
0
class _KSP1_encryptor:
    """
    DO NOT CALL
    
    Use KSP1().encryptor() instead
    """
    def __init__(self, key, nonce, mac_key):
        self._aes = Cipher(algorithms.AES(key), modes.CTR(nonce),
                           default_backend()).encryptor()
        self._mac = CMAC(algorithms.AES(mac_key), default_backend())

    def update(self, data):
        data = self._aes.update(data)
        self._mac.update(data)
        return data

    def finalize(self):
        return self._mac.finalize()
Exemple #19
0
def test_aes_cmac(backend, wycheproof):
    key = binascii.unhexlify(wycheproof.testcase["key"])
    msg = binascii.unhexlify(wycheproof.testcase["msg"])
    tag = binascii.unhexlify(wycheproof.testcase["tag"])

    # skip truncated tags, which we don't support in the API
    if wycheproof.valid and len(tag) == 16:
        ctx = CMAC(AES(key), backend)
        ctx.update(msg)
        ctx.verify(tag)
    elif len(key) not in [16, 24, 32]:
        with pytest.raises(ValueError):
            CMAC(AES(key), backend)
    else:
        ctx = CMAC(AES(key), backend)
        ctx.update(msg)
        with pytest.raises(InvalidSignature):
            ctx.verify(tag)
Exemple #20
0
class _KSP1_decryptor:
    """
    DO NOT CALL
    
    Use KSP1().decryptor() instead
    """
    def __init__(self, key, nonce, mac_key):
        self._aes = Cipher(algorithms.AES(key), modes.CTR(nonce),
                           default_backend()).decryptor()
        self._mac = CMAC(algorithms.AES(mac_key), default_backend())

    def update(self, data):
        self._mac.update(data)
        return self._aes.update(data)

    def finalize(self, tag):
        try:
            self._mac.verify(tag)
        except Exception:
            raise InvalidToken
Exemple #21
0
    def test_invalid_verify(self, backend):
        key = b"2b7e151628aed2a6abf7158809cf4f3c"
        cmac = CMAC(AES(key), backend)
        cmac.update(b"6bc1bee22e409f96e93d7e117393172a")

        with pytest.raises(InvalidSignature):
            cmac.verify(b"foobar")
Exemple #22
0
def mac(key, msg):
    """
    Default MAC function (CMAC using AES-128).

    Args:
        key: key for MAC creation.
        msg: Plaintext to be MACed, as a bytes object.

    Returns:
        MAC output, as a bytes object.

    Raises:
        ValueError: An error occurred when key is NULL or ciphertext is NULL.
    """
    if key is None:
        raise ValueError('Key is NULL.')
    elif msg is None:
        raise ValueError('Message is NULL.')
    else:
        cobj = CMAC(AES(key), backend=default_backend())
        cobj.update(msg)
        return cobj.finalize()
Exemple #23
0
    def test_verify_reject_unicode(self, backend):
        key = b"2b7e151628aed2a6abf7158809cf4f3c"
        cmac = CMAC(AES(key), backend)

        with pytest.raises(TypeError):
            cmac.update("")

        with pytest.raises(TypeError):
            cmac.verify("")
Exemple #24
0
 def test_copy_with_backend(self, backend):
     key = b"2b7e151628aed2a6abf7158809cf4f3c"
     cmac = CMAC(AES(key), backend)
     cmac.update(b"6bc1bee22e409f96e93d7e117393172a")
     copy_cmac = cmac.copy()
     assert cmac.finalize() == copy_cmac.finalize()
Exemple #25
0
 def __init__(self, key, nonce, mac_key):
     self._aes = Cipher(algorithms.AES(key), modes.CTR(nonce),
                        default_backend()).decryptor()
     self._mac = CMAC(algorithms.AES(mac_key), default_backend())
def aes_cmac(key, data):
    backend = default_backend()
    cmac = CMAC(algorithms.AES(key), backend=backend)
    cmac.update(data)
    return cmac.finalize()
Exemple #27
0
def test_invalid_backend():
    key = b"2b7e151628aed2a6abf7158809cf4f3c"
    pretend_backend = object()

    with raises_unsupported_algorithm(_Reasons.BACKEND_MISSING_INTERFACE):
        CMAC(AES(key), pretend_backend)
Exemple #28
0
def test_aes_cmac(backend, wycheproof):
    key = binascii.unhexlify(wycheproof.testcase["key"])
    msg = binascii.unhexlify(wycheproof.testcase["msg"])
    tag = binascii.unhexlify(wycheproof.testcase["tag"])

    # skip truncated tags, which we don't support in the API
    if wycheproof.valid and len(tag) == 16:
        ctx = CMAC(AES(key), backend)
        ctx.update(msg)
        ctx.verify(tag)
    elif len(key) not in [16, 24, 32]:
        with pytest.raises(ValueError):
            CMAC(AES(key), backend)
    else:
        ctx = CMAC(AES(key), backend)
        ctx.update(msg)
        with pytest.raises(InvalidSignature):
            ctx.verify(tag)
Exemple #29
0
 def test_copy_with_backend(self, backend):
     key = b"2b7e151628aed2a6abf7158809cf4f3c"
     cmac = CMAC(AES(key), backend)
     cmac.update(b"6bc1bee22e409f96e93d7e117393172a")
     copy_cmac = cmac.copy()
     assert cmac.finalize() == copy_cmac.finalize()
Exemple #30
0
 def test_invalid_algorithm(self, backend):
     key = b"0102030405"
     with pytest.raises(TypeError):
         CMAC(ARC4(key), backend)