def test_varying_length_msg(self):
pf = PKFernet(pr_kr, pu_kr)
for i in xrange(50):
msg = urlsafe_b64encode(os.urandom(i))
ctx = pf.encrypt(msg, "dan_haiwei", "ecc.secp224r1.1.enc.pub", "ecdsa_with_sha256.secp224r1.1.sig.priv", "ADATA", sign_also=True)
deciphered_msg = pf.decrypt(ctx, "dan_haiwei", verify_also = True)
assert deciphered_msg == msg
def test_rsa(self):
pf = PKFernet(pr_kr, pu_kr)
for i in xrange(20):
msg = urlsafe_b64encode(os.urandom(40))
adata = urlsafe_b64encode(os.urandom(40))
ctx = pf.encrypt(msg, "dan_haiwei", "rsa.2048.1.enc.pub", "ecdsa_with_sha256.secp224r1.1.sig.priv", adata, sign_also = True)
deciphered_msg = pf.decrypt(ctx, "dan_haiwei", verify_also = True)
assert deciphered_msg == msg
def test__ecc_curves(self):
pf = PKFernet(pr_kr, pu_kr)
for alias in ["ecc.secp224r1.1.enc.pub", "ecc.sect571r1.1.enc.pub"]:
_, curve, ver, _, _ = alias.split('.')
msg = urlsafe_b64encode(os.urandom(40))
adata = urlsafe_b64encode(os.urandom(40))
ctx = pf.encrypt(msg, "dan_haiwei", alias, "ecdsa_with_sha256.{0}.{1}.sig.priv".format(curve, ver), adata, sign_also=True)
deciphered_msg = pf.decrypt(ctx, "dan_haiwei", verify_also = True)
assert deciphered_msg == msg
def test_pub_key_import(self):
pf = PKFernet()
assert not pf.pub_keyrings # assert empty
rec = "test"
kr = {"1": "key"}
pf.import_pub_keys(rec, kr)
pu_kr = {"test": {"1": "key"}}
assert pf.pub_keyrings == pu_kr
def test_unverified(self):
pf = PKFernet(pr_kr, pu_kr)
for i in xrange(20):
msg = urlsafe_b64encode(os.urandom(40))
adata = urlsafe_b64encode(os.urandom(40))
ctx = pf.encrypt(msg, "dan_haiwei", "ecc.secp224r1.1.enc.pub", "ecdsa_with_sha256.secp224r1.1.sig.priv", adata, sign_also = True)
msg_and_sig = pf.decrypt(ctx, "dan_haiwei", verify_also = False)
encoded_msg, sig_header, sig = msg_and_sig.split('|')
deciphered_msg = urlsafe_b64decode(encoded_msg)
assert deciphered_msg == msg
assert sig_header and sig # ensure signatures exist, even if we don't check them
def test_rahul_enc_msg(self):
pf = PKFernet(pr_kr, pu_kr)
correct_msg = 'Hello from rahul to daniel and haiwei'
rahul_ctx = '|ZWNjLnNlY3Q1NzFyMS4xLmVuYy5wdWI=|-----BEGIN PUBLIC KEY-----\nMIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFwCwWOH-JiYmwH2Cijob4gKSaz32a\nrCG83ffhPU9omLe08tAdTysSlW1cfjFY7TWwUNi2gP06XyW0P26_3HpsoNONvP-K\n2dUBnk5FaTQddfTxqhZvWEHW46c8tTXjFugHs_YSgoneQBC_uC24dyhs81Y38jvb\neBibEbxcyJhoXu8ERQwTGuNEmrXo0yPLoO8=\n-----END PUBLIC KEY-----\n|gbqziTAN4d1XX6kGJykgTmd86ChOO_R_EReptxCCFO-8sKibcVXSSyGn6exXE2ijDUYNVP4skLZXsmnlpmQy0r-lNPRfVKKeqScPOytE6MlTn6NedSbmBREOl5ugliFVl7rxHQ2Vg9lDtPKBhxDWaX8='
msg = urlsafe_b64decode(pf.decrypt(rahul_ctx, "rahul", verify_also = False))
assert msg == correct_msg
def test_export_pub_keys(self):
pf = PKFernet(pr_kr, test_kr)
assert pf.export_pub_keys(["test_1", "test_3"]) == test_export
assert pf.export_pub_keys() == test_kr
def test_invalid_alias(self):
pf = PKFernet(pr_kr, pu_kr)
msg = urlsafe_b64encode(os.urandom(40))
adata = urlsafe_b64encode(os.urandom(40))
with pytest.raises(AssertionError):
ctx = pf.encrypt(msg, "dan_haiwei", "ecc.non-existent.1.enc.pub", "ecdsa_with_sha256.secp224r1.1.sig.priv", adata, sign_also = True)
def test_invalid_receiver(self):
pf = PKFernet(pr_kr, pu_kr)
msg = urlsafe_b64encode(os.urandom(40))
adata = urlsafe_b64encode(os.urandom(40))
with pytest.raises(AssertionError):
ctx = pf.encrypt(msg, "invalid_group", "ecc.secp224r1.1.enc.pub", "ecdsa_with_sha256.secp224r1.1.sig.priv", adata, sign_also = True)
