def test_blob_decryptor(self): ciphertext = yield self.blob.encrypt() decryptor = _crypto.BlobDecryptor(self.doc_info, ciphertext, secret='A' * 96) decrypted = yield decryptor.decrypt() assert decrypted.getvalue() == snowden1
def _check_result(uri, data, *args, **kwargs): decryptor = _crypto.BlobDecryptor(self.doc_info, data, armor=False, secret=self.secret) decrypted = yield decryptor.decrypt() self.assertEquals(decrypted.getvalue(), 'up and up') defer.returnValue(Mock(code=200))
def test_init_with_preamble_alone(self): ciphertext = yield self.blob.encrypt() preamble = ciphertext.getvalue().split()[0] decryptor = _crypto.BlobDecryptor(self.doc_info, BytesIO(preamble), start_stream=False, secret='A' * 96) assert decryptor._consume_preamble()
def test_unarmored_blob_encrypt(self): self.blob.armor = False encrypted = yield self.blob.encrypt() decryptor = _crypto.BlobDecryptor(self.doc_info, encrypted, armor=False, secret='A' * 96) decrypted = yield decryptor.decrypt() assert decrypted.getvalue() == snowden1
def test_blob_decryptor(self): inf = BytesIO(snowden1) blob = _crypto.BlobEncryptor(self.doc_info, inf, secret='A' * 96) ciphertext = yield blob.encrypt() decryptor = _crypto.BlobDecryptor(self.doc_info, ciphertext, secret='A' * 96) decrypted = yield decryptor.decrypt() assert decrypted == snowden1
def test_incremental_blob_decryptor(self): ciphertext = yield self.blob.encrypt() preamble, ciphertext = ciphertext.getvalue().split() ciphertext = base64.urlsafe_b64decode(ciphertext) decryptor = _crypto.BlobDecryptor(self.doc_info, BytesIO(preamble), start_stream=False, secret='A' * 96, tag=ciphertext[-16:]) ciphertext = BytesIO(ciphertext[:-16]) chunk = ciphertext.read(10) while chunk: decryptor.write(chunk) chunk = ciphertext.read(10) decrypted = decryptor._end_stream() assert decrypted.getvalue() == snowden1
def test_preamble_can_come_without_size(self): # XXX: This test case is here only to test backwards compatibility! preamble = self.blob._encode_preamble() # repack preamble using legacy format, without doc size unpacked = _preamble.PACMAN.unpack(preamble) preamble_without_size = _preamble.LEGACY_PACMAN.pack(*unpacked[0:7]) # encrypt it manually for custom tag ciphertext, tag = _aes_encrypt(self.blob.sym_key, self.blob.iv, self.cleartext.getvalue(), aead=preamble_without_size) ciphertext = ciphertext + tag # encode it ciphertext = base64.urlsafe_b64encode(ciphertext) preamble_without_size = base64.urlsafe_b64encode(preamble_without_size) # decrypt it ciphertext = preamble_without_size + ' ' + ciphertext cleartext = yield _crypto.BlobDecryptor(self.doc_info, BytesIO(ciphertext), secret='A' * 96).decrypt() assert cleartext.getvalue() == self.cleartext.getvalue() warnings = self.flushWarnings() assert len(warnings) == 1 assert 'legacy preamble without size' in warnings[0]['message']