def test_crypto_secretstream_xchacha20poly1305_pull_multiple(self):
if not pysodium.sodium_version_check(1, 0, 15): return
key = pysodium.crypto_secretstream_xchacha20poly1305_keygen()
state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(
key)
ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(
state, b"Correct Horse Battery Staple", None, 0)
ciphertext2 = pysodium.crypto_secretstream_xchacha20poly1305_push(
state, b"howdy", None,
pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
# Verify decryption
state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(
header, key)
msg, tag = pysodium.crypto_secretstream_xchacha20poly1305_pull(
state2, ciphertext, None)
msg2, tag2 = pysodium.crypto_secretstream_xchacha20poly1305_pull(
state2, ciphertext2, None)
self.assertEqual(msg, b"Correct Horse Battery Staple")
self.assertEqual(tag, 0)
self.assertEqual(msg2, b"howdy")
self.assertEqual(
tag2, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
def test_crypto_secretstream_xchacha20poly1305_rekey(self):
if not pysodium.sodium_version_check(1, 0, 15): return
key = pysodium.crypto_secretstream_xchacha20poly1305_keygen()
state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(
key)
# Encrypt two messages with intermediate re-key
ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(
state, b"Correct Horse Battery Staple", None, 0)
pysodium.crypto_secretstream_xchacha20poly1305_rekey(state)
ciphertext2 = pysodium.crypto_secretstream_xchacha20poly1305_push(
state, b"howdy", None,
pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
# Verify by decrypting them
state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(
header, key)
msg, tag = pysodium.crypto_secretstream_xchacha20poly1305_pull(
state2, ciphertext, None)
pysodium.crypto_secretstream_xchacha20poly1305_rekey(state2)
msg2, tag2 = pysodium.crypto_secretstream_xchacha20poly1305_pull(
state2, ciphertext2, None)
self.assertEqual(msg, b"Correct Horse Battery Staple")
self.assertEqual(tag, 0)
self.assertEqual(msg2, b"howdy")
self.assertEqual(
tag2, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
def test_crypto_secretstream_xchacha20poly1305_out_of_order_messeges(self):
if not pysodium.sodium_version_check(1, 0, 15): return
key = pysodium.crypto_secretstream_xchacha20poly1305_keygen()
state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key)
ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"Correct Horse Battery Staple", None, 0)
ciphertext2 = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
# Decrypting the second message first should fail
state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key)
self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext2, None)
def test_crypto_secretstream_xchacha20poly1305_out_of_order_messeges(self):
if not pysodium.sodium_version_check(1, 0, 15): return
key = pysodium.crypto_secretstream_xchacha20poly1305_keygen()
state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key)
ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"Correct Horse Battery Staple", None, 0)
ciphertext2 = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
# Decrypting the second message first should fail
state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key)
self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext2, None)
def test_crypto_secretstream_xchacha20poly1305_missing_rekey(self):
if not pysodium.sodium_version_check(1, 0, 15): return
key = pysodium.crypto_secretstream_xchacha20poly1305_keygen()
state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key)
# Encrypt two messages with intermediate re-key
ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"Correct Horse Battery Staple", None, 0)
pysodium.crypto_secretstream_xchacha20poly1305_rekey(state)
ciphertext2 = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key)
msg, tag = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext, None)
# re-key should be here, so following call should fail
self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext2, None)
def test_crypto_secretstream_xchacha20poly1305_missing_rekey(self):
if not pysodium.sodium_version_check(1, 0, 15): return
key = pysodium.crypto_secretstream_xchacha20poly1305_keygen()
state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key)
# Encrypt two messages with intermediate re-key
ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"Correct Horse Battery Staple", None, 0)
pysodium.crypto_secretstream_xchacha20poly1305_rekey(state)
ciphertext2 = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key)
msg, tag = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext, None)
# re-key should be here, so following call should fail
self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext2, None)
def test_crypto_secretstream_xchacha20poly1305_pull_corrupted(self):
if not pysodium.sodium_version_check(1, 0, 15): return
key = pysodium.crypto_secretstream_xchacha20poly1305_keygen()
state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(
key)
ad = 'additional data'
ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(
state, b"Correct Horse Battery Staple", ad, 0)
# Verify error is raised if cypher text is changed
state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(
header, key)
self.assertRaises(ValueError,
pysodium.crypto_secretstream_xchacha20poly1305_pull,
state2, ciphertext + 'this is a corruption'.encode(),
ad)
# Verify error is raised if additional data is changed
ad2 = 'this is not the same'
state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(
header, key)
self.assertRaises(ValueError,
pysodium.crypto_secretstream_xchacha20poly1305_pull,
state2, ciphertext, ad2)
def test_crypto_secretstream_xchacha20poly1305_push(self):
if not pysodium.sodium_version_check(1, 0, 15): return
key = pysodium.crypto_secretstream_xchacha20poly1305_keygen()
state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(
key)
ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(
state, b"howdy", None, 0)
def test_crypto_secretstream_xchacha20poly1305_pull_changed_ad(self):
if not pysodium.sodium_version_check(1, 0, 15): return
key = pysodium.crypto_secretstream_xchacha20poly1305_keygen()
state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key)
ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", b"some data", pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key)
self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext, b"different data")
def test_crypto_secretstream_xchacha20poly1305_pull_changed_ad(self):
if not pysodium.sodium_version_check(1, 0, 15): return
key = pysodium.crypto_secretstream_xchacha20poly1305_keygen()
state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key)
ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", b"some data", pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key)
self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext, b"different data")
def next_chunk(self, chunk):
if self.enable:
if not isinstance(chunk, bytes):
raise TypeError('Data must be a byte string')
res = pysodium.crypto_secretstream_xchacha20poly1305_push(
self.state, chunk, self.pipeline_header, 0)
if self.chunk_id == 0: res = self.header + res
chunk = res
self.child.next_chunk(chunk)
self.chunk_id += 1
def test_crypto_secretstream_xchacha20poly1305_pull_incorrect_key(self):
if not pysodium.sodium_version_check(1, 0, 15): return
key = pysodium.crypto_secretstream_xchacha20poly1305_keygen()
state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key)
ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
bad_key = pysodium.crypto_secretstream_xchacha20poly1305_keygen()
state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, bad_key)
self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext, None)
def test_crypto_secretstream_xchacha20poly1305_pull_multiple(self):
if not pysodium.sodium_version_check(1, 0, 15): return
key = pysodium.crypto_secretstream_xchacha20poly1305_keygen()
state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key)
ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"Correct Horse Battery Staple", None, 0)
ciphertext2 = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
# Verify decryption
state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key)
msg, tag = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext, None)
msg2, tag2 = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext2, None)
self.assertEqual(msg, b"Correct Horse Battery Staple")
self.assertEqual(tag, 0)
self.assertEqual(msg2, b"howdy")
self.assertEqual(tag2, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
def test_crypto_secretstream_xchacha20poly1305_pull_incorrect_key(self):
if not pysodium.sodium_version_check(1, 0, 15): return
key = pysodium.crypto_secretstream_xchacha20poly1305_keygen()
state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key)
ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
bad_key = pysodium.crypto_secretstream_xchacha20poly1305_keygen()
state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, bad_key)
self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext, None)
def test_crypto_secretstream_xchacha20poly1305_pull(self):
if not pysodium.sodium_version_check(1, 0, 15): return
key = pysodium.crypto_secretstream_xchacha20poly1305_keygen()
state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key)
ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key)
msg, tag = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext, None)
self.assertEqual(msg, b"howdy")
self.assertEqual(tag, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
def test_crypto_secretstream_xchacha20poly1305_pull(self):
if not pysodium.sodium_version_check(1, 0, 15): return
key = pysodium.crypto_secretstream_xchacha20poly1305_keygen()
state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key)
ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key)
msg, tag = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext, None)
self.assertEqual(msg, b"howdy")
self.assertEqual(tag, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
def test_crypto_secretstream_xchacha20poly1305_rekey(self):
if not pysodium.sodium_version_check(1, 0, 15): return
key = pysodium.crypto_secretstream_xchacha20poly1305_keygen()
state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key)
# Encrypt two messages with intermediate re-key
ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"Correct Horse Battery Staple", None, 0)
pysodium.crypto_secretstream_xchacha20poly1305_rekey(state)
ciphertext2 = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
# Verify by decrypting them
state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key)
msg, tag = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext, None)
pysodium.crypto_secretstream_xchacha20poly1305_rekey(state2)
msg2, tag2 = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext2, None)
self.assertEqual(msg, b"Correct Horse Battery Staple")
self.assertEqual(tag, 0)
self.assertEqual(msg2, b"howdy")
self.assertEqual(tag2, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL)
def test_crypto_secretstream_xchacha20poly1305_pull_corrupted(self):
if not pysodium.sodium_version_check(1, 0, 15): return
key = pysodium.crypto_secretstream_xchacha20poly1305_keygen()
state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key)
ad = 'additional data'
ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"Correct Horse Battery Staple", ad, 0)
# Verify error is raised if cypher text is changed
state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key)
self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext + 'this is a corruption'.encode(), ad)
# Verify error is raised if additional data is changed
ad2 = 'this is not the same'
state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key)
self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext, ad2)
def encrypt(child, data: bytes, meta: dict, config: dict):
if not isinstance(data, bytes):
raise TypeError('Data must be a byte string')
pl_format = rrbackup.pipeline.parse_pipeline_format(meta['header'])
if 'encrypt' in pl_format['format']:
pl_format['format']['encrypt']['E'] = 'sodssxcc20'
meta['header'] = rrbackup.pipeline.serialise_pipeline_format(pl_format)
crypt_key = config['crypto']['stream_crypt_key']
ad_data = meta['header']
state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(
crypt_key)
cyphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(
state, data, ad_data, 0)
data = header + cyphertext
return child(data, meta, config)
def test_crypto_secretstream_xchacha20poly1305_push(self):
if not pysodium.sodium_version_check(1, 0, 15): return
key = pysodium.crypto_secretstream_xchacha20poly1305_keygen()
state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key)
ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, 0)
