예제 #1
0
def test_weak():
    # this is a key with only 93 bits security from the paper:
    unsafe_key = b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xEC\x69\x7A\xA8'
    assert not is_key_safe(unsafe_key)
    assert not is_key_safe(unsafe_key, threshold=THRESHOLD)
    assert not is_key_safe(unsafe_key, threshold=94)
    assert is_key_safe(unsafe_key, threshold=93)
예제 #2
0
def test_get_safe_key():
    for threshold in 125, 126, 127, :
        for length in 128, 256:
            key1 = get_safe_key(length, threshold=threshold)
            key2 = get_safe_key(length, threshold=threshold)
            assert key1 != key2
            assert len(key1) == len(key2) == length // 8
            assert is_key_safe(key1, threshold=threshold)
            assert is_key_safe(key2, threshold=threshold)
예제 #3
0
def test_get_safe_key():
    for threshold in 125, 126, 127, :
        for length in 128, 256:
            key1 = get_safe_key(length, threshold=threshold)
            key2 = get_safe_key(length, threshold=threshold)
            assert key1 != key2
            assert len(key1) == len(key2) == length // 8
            assert is_key_safe(key1, threshold=threshold)
            assert is_key_safe(key2, threshold=threshold)
예제 #4
0
def main():
    parser = argparse.ArgumentParser(description='AES tools')
    subparsers = parser.add_subparsers(dest='cmd', help='sub-command help')
    parser_check = subparsers.add_parser('check', help='check an AES GCM key')
    parser_check.add_argument('key', type=valid_key,
                              help='key in hex representation')
    parser_generate = subparsers.add_parser('generate', help='generate a safe AES GCM key')
    parser_generate.add_argument('bits', type=valid_bits,
                                 help='key length, 128 or 256')
    args = parser.parse_args()

    if args.cmd == 'check':
        selftest()
        safe = is_key_safe(args.key)
        print("%s is safe: %r" % (hexlify(args.key).decode('ascii'), safe))
        return 0 if safe else 1

    if args.cmd == 'generate':
        selftest()
        key = get_safe_key(args.bits)
        print(hexlify(key).decode('ascii'))
        return 0
예제 #5
0
def test_invalid_threshold():
    key = b'\42' * 16
    with pytest.raises(AssertionError):
        is_key_safe(key, threshold=0)
    with pytest.raises(AssertionError):
        is_key_safe(key, threshold=129)
예제 #6
0
def test_strong():
    # most keys should be strong
    safe_key = b'\xfe\xde\xec\x12\x34\x56\x78\x00\xaa\xbb\xcc\xdd\xee\xff\x42\x23'
    assert is_key_safe(safe_key)
    assert is_key_safe(safe_key, threshold=THRESHOLD)
예제 #7
0
def test_invalid_threshold():
    key, _ = KEYS_STRENGTHS[STRONG]
    with pytest.raises(AssertionError):
        is_key_safe(key, threshold=0)
    with pytest.raises(AssertionError):
        is_key_safe(key, threshold=129)
예제 #8
0
def test_strong():
    safe_key, _ = KEYS_STRENGTHS[STRONG]
    assert is_key_safe(safe_key)
    assert is_key_safe(safe_key, threshold=THRESHOLD)
예제 #9
0
def test_weak():
    unsafe_key, strength = KEYS_STRENGTHS[WEAK]
    assert not is_key_safe(unsafe_key)
    assert not is_key_safe(unsafe_key, threshold=THRESHOLD)
    assert not is_key_safe(unsafe_key, threshold=strength+1)
    assert is_key_safe(unsafe_key, threshold=strength)
예제 #10
0
def test_invalid_threshold():
    key, _ = KEYS_STRENGTHS[STRONG]
    with pytest.raises(AssertionError):
        is_key_safe(key, threshold=0)
    with pytest.raises(AssertionError):
        is_key_safe(key, threshold=129)
예제 #11
0
def test_strong():
    safe_key, _ = KEYS_STRENGTHS[STRONG]
    assert is_key_safe(safe_key)
    assert is_key_safe(safe_key, threshold=THRESHOLD)
예제 #12
0
def test_weak():
    unsafe_key, strength = KEYS_STRENGTHS[WEAK]
    assert not is_key_safe(unsafe_key)
    assert not is_key_safe(unsafe_key, threshold=THRESHOLD)
    assert not is_key_safe(unsafe_key, threshold=strength + 1)
    assert is_key_safe(unsafe_key, threshold=strength)