def test_encryption_bad_ciphertext(authenced): __, ciphertext, __ = authenced new_ciphertext = ('é' * len(ciphertext)).encode('utf-8') new_tag = hmac.new(test_sig_key, new_ciphertext, hashlib.sha256).hexdigest() with pytest.raises(CryptoError): decrypt_authenticated(new_ciphertext, new_tag, test_enc_key, test_sig_key, hashlib.sha256)
def value_decode(self, val): encoded_data = val val = base64.b64decode(val.strip('"')) hashlength = get_hash_length(self.hashalg) / 4 sig, ciphertext = val[:hashlength], val[hashlength:] data = decrypt_authenticated(ciphertext, sig, self.enc_key, self.sig_key, self.hashalg) return self.serializer.loads(data), encoded_data
def test_encryption(authenced): testval, ciphertext, tag = authenced plain = decrypt_authenticated(ciphertext, tag, test_enc_key, test_sig_key, hashlib.sha256) assert isinstance(plain, unicode) if isinstance(testval, str): testval = testval.decode('utf-8') assert plain == testval
def test_session_enc(sessionmaker): sessionmaker.settings["encryption_key"] = test_enc_key session = sessionmaker() session_id = ("a94d3fc0fd42e0f4d860b714b7ca4b2f" "675c5164bfaa50dc1c6ce949b52699dd") cookie = session.save() session.session_id = session_id data = base64.b64decode(str(cookie).split(";")[0][20:]) tag, ciphertext = data[:64], data[64:] plain = decrypt_authenticated(ciphertext, tag, test_enc_key, test_sig_key, hashlib.sha256) plain = json.loads(plain) if sessionmaker.settings["backend"] == "cookie": plain = plain[0] assert plain == session_id
def test_encryption_wrong_hashalg(authenced): __, ciphertext, tag = authenced with pytest.raises(CryptoError): decrypt_authenticated(ciphertext, tag, test_enc_key, test_sig_key, hashlib.md5)
def test_encryption_bad_sig_key(authenced): __, ciphertext, tag = authenced with pytest.raises(CryptoError): decrypt_authenticated(ciphertext, tag, test_enc_key, b'hmac_key', hashlib.sha256)
def test_encryption_wrong_tag(authenced): __, ciphertext, __ = authenced with pytest.raises(CryptoError): decrypt_authenticated(ciphertext, '0', test_enc_key, test_sig_key, hashlib.sha256)