def test_crypto_secretstream_xchacha20poly1305_pull_multiple(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push( key) ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push( state, b"Correct Horse Battery Staple", None, 0) ciphertext2 = pysodium.crypto_secretstream_xchacha20poly1305_push( state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) # Verify decryption state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull( header, key) msg, tag = pysodium.crypto_secretstream_xchacha20poly1305_pull( state2, ciphertext, None) msg2, tag2 = pysodium.crypto_secretstream_xchacha20poly1305_pull( state2, ciphertext2, None) self.assertEqual(msg, b"Correct Horse Battery Staple") self.assertEqual(tag, 0) self.assertEqual(msg2, b"howdy") self.assertEqual( tag2, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
def test_crypto_secretstream_xchacha20poly1305_rekey(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push( key) # Encrypt two messages with intermediate re-key ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push( state, b"Correct Horse Battery Staple", None, 0) pysodium.crypto_secretstream_xchacha20poly1305_rekey(state) ciphertext2 = pysodium.crypto_secretstream_xchacha20poly1305_push( state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) # Verify by decrypting them state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull( header, key) msg, tag = pysodium.crypto_secretstream_xchacha20poly1305_pull( state2, ciphertext, None) pysodium.crypto_secretstream_xchacha20poly1305_rekey(state2) msg2, tag2 = pysodium.crypto_secretstream_xchacha20poly1305_pull( state2, ciphertext2, None) self.assertEqual(msg, b"Correct Horse Battery Staple") self.assertEqual(tag, 0) self.assertEqual(msg2, b"howdy") self.assertEqual( tag2, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
def test_crypto_secretstream_xchacha20poly1305_out_of_order_messeges(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"Correct Horse Battery Staple", None, 0) ciphertext2 = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) # Decrypting the second message first should fail state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key) self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext2, None)
def test_crypto_secretstream_xchacha20poly1305_out_of_order_messeges(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"Correct Horse Battery Staple", None, 0) ciphertext2 = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) # Decrypting the second message first should fail state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key) self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext2, None)
def test_crypto_secretstream_xchacha20poly1305_missing_rekey(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) # Encrypt two messages with intermediate re-key ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"Correct Horse Battery Staple", None, 0) pysodium.crypto_secretstream_xchacha20poly1305_rekey(state) ciphertext2 = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key) msg, tag = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext, None) # re-key should be here, so following call should fail self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext2, None)
def test_crypto_secretstream_xchacha20poly1305_missing_rekey(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) # Encrypt two messages with intermediate re-key ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"Correct Horse Battery Staple", None, 0) pysodium.crypto_secretstream_xchacha20poly1305_rekey(state) ciphertext2 = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key) msg, tag = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext, None) # re-key should be here, so following call should fail self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext2, None)
def test_crypto_secretstream_xchacha20poly1305_pull_corrupted(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push( key) ad = 'additional data' ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push( state, b"Correct Horse Battery Staple", ad, 0) # Verify error is raised if cypher text is changed state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull( header, key) self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext + 'this is a corruption'.encode(), ad) # Verify error is raised if additional data is changed ad2 = 'this is not the same' state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull( header, key) self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext, ad2)
def test_crypto_secretstream_xchacha20poly1305_push(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push( key) ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push( state, b"howdy", None, 0)
def test_crypto_secretstream_xchacha20poly1305_pull_changed_ad(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", b"some data", pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key) self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext, b"different data")
def test_crypto_secretstream_xchacha20poly1305_pull_changed_ad(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", b"some data", pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key) self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext, b"different data")
def next_chunk(self, chunk): if self.enable: if not isinstance(chunk, bytes): raise TypeError('Data must be a byte string') res = pysodium.crypto_secretstream_xchacha20poly1305_push( self.state, chunk, self.pipeline_header, 0) if self.chunk_id == 0: res = self.header + res chunk = res self.child.next_chunk(chunk) self.chunk_id += 1
def test_crypto_secretstream_xchacha20poly1305_pull_incorrect_key(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) bad_key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, bad_key) self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext, None)
def test_crypto_secretstream_xchacha20poly1305_pull_multiple(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"Correct Horse Battery Staple", None, 0) ciphertext2 = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) # Verify decryption state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key) msg, tag = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext, None) msg2, tag2 = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext2, None) self.assertEqual(msg, b"Correct Horse Battery Staple") self.assertEqual(tag, 0) self.assertEqual(msg2, b"howdy") self.assertEqual(tag2, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
def test_crypto_secretstream_xchacha20poly1305_pull_incorrect_key(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) bad_key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, bad_key) self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext, None)
def test_crypto_secretstream_xchacha20poly1305_pull(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key) msg, tag = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext, None) self.assertEqual(msg, b"howdy") self.assertEqual(tag, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
def test_crypto_secretstream_xchacha20poly1305_pull(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key) msg, tag = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext, None) self.assertEqual(msg, b"howdy") self.assertEqual(tag, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
def test_crypto_secretstream_xchacha20poly1305_rekey(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) # Encrypt two messages with intermediate re-key ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"Correct Horse Battery Staple", None, 0) pysodium.crypto_secretstream_xchacha20poly1305_rekey(state) ciphertext2 = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) # Verify by decrypting them state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key) msg, tag = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext, None) pysodium.crypto_secretstream_xchacha20poly1305_rekey(state2) msg2, tag2 = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext2, None) self.assertEqual(msg, b"Correct Horse Battery Staple") self.assertEqual(tag, 0) self.assertEqual(msg2, b"howdy") self.assertEqual(tag2, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
def test_crypto_secretstream_xchacha20poly1305_pull_corrupted(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) ad = 'additional data' ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"Correct Horse Battery Staple", ad, 0) # Verify error is raised if cypher text is changed state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key) self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext + 'this is a corruption'.encode(), ad) # Verify error is raised if additional data is changed ad2 = 'this is not the same' state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key) self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext, ad2)
def encrypt(child, data: bytes, meta: dict, config: dict): if not isinstance(data, bytes): raise TypeError('Data must be a byte string') pl_format = rrbackup.pipeline.parse_pipeline_format(meta['header']) if 'encrypt' in pl_format['format']: pl_format['format']['encrypt']['E'] = 'sodssxcc20' meta['header'] = rrbackup.pipeline.serialise_pipeline_format(pl_format) crypt_key = config['crypto']['stream_crypt_key'] ad_data = meta['header'] state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push( crypt_key) cyphertext = pysodium.crypto_secretstream_xchacha20poly1305_push( state, data, ad_data, 0) data = header + cyphertext return child(data, meta, config)
def test_crypto_secretstream_xchacha20poly1305_push(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, 0)