def test_rsa_basic(self): silently_remove('./rsa-test.public_key.pem') silently_remove('./rsa-test.private_key.pem') crypto = LocalRsaProvider(dir='./', key='rsa-test', passphrase='1234') with patch.object(oss2.utils, 'random_aes256_key', return_value=unittests.common.fixed_aes_key, autospect=True): with patch.object(oss2.utils, 'random_counter', return_value=unittests.common.fixed_aes_start, autospect=True): crypto.get_key() crypto.get_start() header = crypto.build_header() self.assertEqual( unittests.common.fixed_aes_key, crypto.decrypt_oss_meta_data(header, 'x-oss-meta-oss-crypto-key')) self.assertEqual( unittests.common.fixed_aes_start, crypto.decrypt_oss_meta_data( header, 'x-oss-meta-oss-crypto-start', lambda x: int(x))) self.assertEqual(None, crypto.decrypt_oss_meta_data(header, '1231')) silently_remove('./rsa-test.public_key.pem') silently_remove('./rsa-test.private_key.pem')
def test_rsa_provider_basic(self): silently_remove('./rsa-test.public_key.pem') silently_remove('./rsa-test.private_key.pem') provider = LocalRsaProvider(dir='./', key='rsa-test', passphrase=random_string(8)) self.assertEqual(provider.wrap_alg, "RSA/NONE/OAEPWithSHA-1AndMGF1Padding") self.assertEqual(provider.cipher.alg, "AES/CTR/NoPadding") plain_key = provider.get_key() self.assertEqual(len(plain_key), provider.cipher.key_len) plain_iv = provider.get_iv() with patch.object(oss2.utils, 'random_key', return_value=plain_key, autospect=True): with patch.object(oss2.utils, 'random_iv', return_value=plain_iv, autospect=True): content_crypto_material = provider.create_content_material() self.assertFalse(content_crypto_material.is_unencrypted()) decrypted_key = provider.decrypt_encrypted_key( content_crypto_material.encrypted_key) decrypted_iv = provider.decrypt_encrypted_iv( content_crypto_material.encrypted_iv) self.assertEqual(plain_key, decrypted_key) self.assertEqual(plain_iv, decrypted_iv) silently_remove('./rsa-test.public_key.pem') silently_remove('./rsa-test.private_key.pem') provider = RsaProvider(key_pair=key_pair, passphrase=random_string(8)) self.assertEqual(provider.wrap_alg, "RSA/NONE/PKCS1Padding") self.assertEqual(provider.cipher.alg, "AES/CTR/NoPadding") plain_key = provider.get_key() self.assertEqual(len(plain_key), provider.cipher.key_len) plain_iv = provider.get_iv() with patch.object(oss2.utils, 'random_key', return_value=plain_key, autospect=True): with patch.object(oss2.utils, 'random_iv', return_value=plain_iv, autospect=True): content_crypto_material = provider.create_content_material() self.assertFalse(content_crypto_material.is_unencrypted()) decrypted_key = provider.decrypt_encrypted_key( content_crypto_material.encrypted_key) decrypted_iv = provider.decrypt_encrypted_iv( content_crypto_material.encrypted_iv) self.assertEqual(plain_key, decrypted_key) self.assertEqual(plain_iv, decrypted_iv)
def test_local_rsa_provider_diff_keys(self): silently_remove('./rsa-test.public_key.pem') silently_remove('./rsa-test.private_key.pem') silently_remove('./rsa-test-diff.public_key.pem') silently_remove('./rsa-test-diff.private_key.pem') provider = LocalRsaProvider(dir='./', key='rsa-test') provider_diff = LocalRsaProvider(dir='./', key='rsa-test-diff') plain_key = provider.get_key() plain_iv = provider.get_iv() with patch.object(oss2.utils, 'random_key', return_value=plain_key, autospect=True): with patch.object(oss2.utils, 'random_iv', return_value=plain_iv, autospect=True): content_crypto_material = provider.create_content_material() self.assertFalse(content_crypto_material.is_unencrypted()) self.assertRaises(ClientError, provider_diff.decrypt_encrypted_key, content_crypto_material.encrypted_key) self.assertRaises(ClientError, provider_diff.decrypt_encrypted_iv, content_crypto_material.encrypted_iv) silently_remove('./rsa-test.public_key.pem') silently_remove('./rsa-test.private_key.pem') silently_remove('./rsa-test-diff.public_key.pem') silently_remove('./rsa-test-diff.private_key.pem') provider = RsaProvider(key_pair=key_pair) provider_diff = RsaProvider(key_pair=key_pair_compact) plain_key = provider.get_key() plain_iv = provider.get_iv() with patch.object(oss2.utils, 'random_key', return_value=plain_key, autospect=True): with patch.object(oss2.utils, 'random_iv', return_value=plain_iv, autospect=True): content_crypto_material = provider.create_content_material() self.assertFalse(content_crypto_material.is_unencrypted()) self.assertRaises(ClientError, provider_diff.decrypt_encrypted_key, content_crypto_material.encrypted_key) self.assertRaises(ClientError, provider_diff.decrypt_encrypted_iv, content_crypto_material.encrypted_iv)
def test_rsa_basic(self): silently_remove('./rsa-test.public_key.pem') silently_remove('./rsa-test.private_key.pem') crypto = LocalRsaProvider(dir='./', key='rsa-test', passphrase='1234') with patch.object(oss2.utils, 'random_aes256_key', return_value=unittests.common.fixed_aes_key, autospect=True): with patch.object(oss2.utils, 'random_counter', return_value=unittests.common.fixed_aes_start, autospect=True): crypto.get_key() crypto.get_start() header = crypto.build_header() self.assertEqual(unittests.common.fixed_aes_key, crypto.decrypt_oss_meta_data(header, 'x-oss-meta-oss-crypto-key')) self.assertEqual(unittests.common.fixed_aes_start, crypto.decrypt_oss_meta_data(header, 'x-oss-meta-oss-crypto-start', lambda x:int(x))) self.assertEqual(None, crypto.decrypt_oss_meta_data(header, '1231')) silently_remove('./rsa-test.public_key.pem') silently_remove('./rsa-test.private_key.pem')
def test_rsa_adapter(self): silently_remove('./rsa-test.public_key.pem') silently_remove('./rsa-test.private_key.pem') content = b'1234'*10 rsa = LocalRsaProvider(dir='./', key='rsa-test', passphrase='1234') key = rsa.get_key() start = rsa.get_start() adapter = rsa.make_encrypt_adapter(content, key, start) encrypt_content = adapter.read() self.assertNotEqual(content, encrypt_content) adapter1 = rsa.make_decrypt_adapter(encrypt_content, key, start) self.assertEqual(content, adapter1.read()) silently_remove('./rsa-test.public_key.pem') silently_remove('./rsa-test.private_key.pem')
def test_rsa_adapter(self): silently_remove('./rsa-test.public_key.pem') silently_remove('./rsa-test.private_key.pem') content = b'1234' * 10 rsa = LocalRsaProvider(dir='./', key='rsa-test', passphrase='1234') key = rsa.get_key() start = rsa.get_start() adapter = rsa.make_encrypt_adapter(content, key, start) encrypt_content = adapter.read() self.assertNotEqual(content, encrypt_content) adapter1 = rsa.make_decrypt_adapter(encrypt_content, key, start) self.assertEqual(content, adapter1.read()) silently_remove('./rsa-test.public_key.pem') silently_remove('./rsa-test.private_key.pem')