def test_init(self): with self.assertRaises(ThemisError): SCellSeal(passphrase=None) with self.assertRaises(ThemisError): SCellSeal(passphrase=b'') with self.assertRaises(ThemisError): SCellSeal(passphrase=u'')
def test_init_weird(self): # You can't use key and passphrase simultaneously with self.assertRaises(ThemisError): SCellSeal(key=self.key, passphrase=u'secrets') # You can't omit both of them too with self.assertRaises(ThemisError): SCellSeal()
def api_compatibility(self): # Make sure positional API uses passphrases scell_old = SCellSealPassphrase(self.passphrase) scell_new = SCellSeal(passphrase=self.passphrase) encrypted = scell_old.encrypt(self.data) decrypted = scell_new.decrypt(encrypted) self.assertEqual(self.data, decrypted)
def test_init(self): with self.assertRaises(ThemisError): SCellSeal(None) with self.assertRaises(ThemisError): SCellSeal(b'') with warnings.catch_warnings(record=True) as w: SCellSeal(u'passphrase') self.assertEqual(len(w), 1) self.assertTrue( 'master key should be "bytes"' in str(w[-1].message))
def test_encrypt_decrypt(self): scell1 = SCellSeal(self.key) scell2 = SCellSeal(self.key) scell3 = SCellSeal(self.incorrect_key) self.assertEqual(self.data, scell2.decrypt(scell1.encrypt(self.data))) with self.assertRaises(ThemisError): scell3.decrypt(scell1.encrypt(self.data)) with self.assertRaises(ThemisError): scell1.encrypt(self.incorrect_data)
def create_acrastruct(data, acra_public_key, context=None): random_kp = GenerateKeyPair(KEY_PAIR_TYPE.EC) smessage = SMessage(random_kp.export_private_key(), acra_public_key) random_key = generate_key() wrapped_random_key = smessage.wrap(random_key) scell = SCellSeal(random_key) encrypted_data = scell.encrypt(data, context) del random_key encrypted_data_len = struct.pack('<Q', len(encrypted_data)) acrastruct = (BEGIN_TAG + random_kp.export_public_key() + wrapped_random_key + encrypted_data_len + encrypted_data) del random_kp del wrapped_random_key return acrastruct
def test_encoding(self): scell1 = SCellSeal(passphrase=u'passphrase'.encode('utf-16')) scell2 = SCellSeal(passphrase=u'passphrase', encoding='utf-16') data12 = scell1.decrypt(scell2.encrypt(self.data)) data21 = scell2.decrypt(scell1.encrypt(self.data)) self.assertEqual(self.data, data12) self.assertEqual(self.data, data21)
def test_encrypt_decrypt_context(self): scell1 = SCellSeal(self.key) scell2 = SCellSeal(self.key) self.assertEqual( self.data, scell2.decrypt(scell1.encrypt(self.data, self.context), self.context)) encrypted = scell1.encrypt(self.data, self.context) with self.assertRaises(ThemisError): scell2.decrypt(encrypted, self.incorrect_context) with self.assertRaises(ThemisError): scell1.encrypt(self.incorrect_data, self.context) with self.assertRaises(ThemisError): SCellSeal(self.incorrect_key).decrypt(encrypted, self.context)
def api_compatibility(self): # Make sure positional API uses keys, not passphrases scell_old = SCellSeal(self.key) scell_new = SCellSeal(key=self.key) encrypted = scell_old.encrypt(self.data) decrypted = scell_new.decrypt(encrypted) self.assertEqual(self.data, decrypted)
def test_encrypt_decrypt_context(self): scell1 = SCellSeal(self.key) scell2 = SCellSeal(self.key) self.assertEqual( self.data, scell2.decrypt(scell1.encrypt(self.data, self.context), self.context)) encrypted = scell1.encrypt(self.data, self.context) with self.assertRaises(ThemisError): scell2.decrypt(encrypted, self.incorrect_context) with self.assertRaises(ThemisError): scell1.encrypt(self.incorrect_data, self.context) with self.assertRaises(ThemisError): SCellSeal(self.incorrect_key).decrypt(encrypted, self.context)
def test_encrypt_decrypt(self): scell1 = SCellSeal(self.key) scell2 = SCellSeal(self.key) scell3 = SCellSeal(self.incorrect_key) self.assertEqual(self.data, scell2.decrypt(scell1.encrypt(self.data))) with self.assertRaises(ThemisError): scell3.decrypt(scell1.encrypt(self.data)) with self.assertRaises(ThemisError): scell1.encrypt(self.incorrect_data)
def test_init(self): with self.assertRaises(ThemisError): SCellSeal(None)
import base64 from pythemis.scell import SCellSeal message = 'message to encrypt' passwrd = b"pass" scell = SCellSeal(passwrd) print("encrypting...") encrypted_message = scell.encrypt(message.encode('utf-8')) encrypted_message_string = base64.b64encode(encrypted_message) print(encrypted_message_string) print("decrypting from binary...") decrypted_message = scell.decrypt(encrypted_message).decode('utf-8') print(decrypted_message) print("decrypting from string...") # check https://themis.cossacklabs.com/data-simulator/cell/ encrypted_message_string = "AAEBQAwAAAAQAAAADQAAACoEM9MbJzEu2RDuRoGzcQgN4jchys0q+LLcsbfUDV3M2eg/FhygH1ns" decrypted_message_from_string = base64.b64decode(encrypted_message_string) decrypted_message = scell.decrypt(decrypted_message_from_string).decode( 'utf-8') print(decrypted_message)
import base64 from pythemis.scell import SCellTokenProtect from pythemis.scell import SCellSeal from pythemis.scell import SCellContextImprint message = "i'm plain text message" passwrd = b"pass" context = b"somecontext" print("running secure cell in seal mode...") scell = SCellSeal(passwrd) print("encrypting...") encrypted_message = scell.encrypt(message.encode('utf-8')) encrypted_message_string = base64.b64encode(encrypted_message) print(encrypted_message_string) print("decrypting from binary... --> ") decrypted_message = scell.decrypt(encrypted_message).decode('utf-8') print(decrypted_message) print("decrypting from string... --> ") # check https://themis.cossacklabs.com/data-simulator/cell/ encrypted_message_string = "AAEBQAwAAAAQAAAADQAAACoEM9MbJzEu2RDuRoGzcQgN4jchys0q+LLcsbfUDV3M2eg/FhygH1ns" decrypted_message_from_string = base64.b64decode(encrypted_message_string) decrypted_message = scell.decrypt(decrypted_message_from_string).decode('utf-8') print(decrypted_message)
def cell(self): if not hasattr(self, '_cell'): self._cell = SCellSeal(key=self.key) return self._cell
from pythemis.scell import SCellTokenProtect from pythemis.scell import SCellSeal from pythemis.scell import SCellContextImprint message = "i'm plain text message" context = b"somecontext" master_key = base64.b64decode( "bm8sIHRoaXMgaXMgbm90IGEgdmFsaWQgbWFzdGVyIGtleQ==") passphrase = b"secret passphrase" print("# Secure Cell in Seal mode\n") print("## Master key API\n") scellMK = SCellSeal(key=master_key) encrypted_message = scellMK.encrypt(message.encode('utf-8')) print("Encrypted: " + base64.b64encode(encrypted_message).decode('ascii')) decrypted_message = scellMK.decrypt(encrypted_message).decode('utf-8') print("Decrypted: " + decrypted_message) # Visit https://docs.cossacklabs.com/simulator/data-cell/ print("") encrypted_message_string = "AAEBQAwAAAAQAAAAEQAAAC0fCd2mOIxlDUORXz8+qCKuHCXcDii4bMF8OjOCOqsKEdV4+Ga2xTHPMupFvg==" decrypted_message_from_string = base64.b64decode(encrypted_message_string) decrypted_message = scellMK.decrypt(decrypted_message_from_string).decode( 'utf-8') print("Decrypted (simulator): " + decrypted_message)
def cell(self): if not hasattr(self, '_cell'): from getpass import getpass self._cell = SCellSeal(passphrase=self.passhash) return self._cell