def test_encode_random_bytes(self): key = encode_random_bytes(num_bytes=16) self.assertEqual(len(decode_random_bytes(key)), 16) key = encode_random_bytes(num_bytes=24) self.assertEqual(len(decode_random_bytes(key)), 24) key = encode_random_bytes(num_bytes=32) self.assertEqual(len(decode_random_bytes(key)), 32)
def test_encrypt_mode_gcm(self): from eventsourcing.utils.cipher.aes import AESCipher from eventsourcing.utils.random import encode_random_bytes, decode_random_bytes # Unicode string representing 256 random bits encoded with Base64. cipher_key = encode_random_bytes(num_bytes=32) # Construct AES cipher. cipher = AESCipher(cipher_key=decode_random_bytes(cipher_key)) # Encrypt some plaintext. ciphertext = cipher.encrypt('plaintext') self.assertNotEqual(ciphertext, 'plaintext') # Decrypt some ciphertext. plaintext = cipher.decrypt(ciphertext) self.assertEqual(plaintext, 'plaintext') # Check DataIntegrityError is raised (broken Base64 padding). with self.assertRaises(DataIntegrityError): damaged = ciphertext[:-1] cipher.decrypt(damaged) # Check DataIntegrityError is raised (MAC check fails). with self.assertRaises(DataIntegrityError): damaged = 'a' + ciphertext[:-1] cipher.decrypt(damaged)
def setup_cipher(self, cipher_key): cipher_key = decode_random_bytes(cipher_key or os.getenv('CIPHER_KEY', '')) self.cipher = AESCipher(cipher_key) if cipher_key else None