def test_get_safe_key():
for threshold in 125, 126, 127, :
for length in 128, 256:
key1 = get_safe_key(length, threshold=threshold)
key2 = get_safe_key(length, threshold=threshold)
assert key1 != key2
assert len(key1) == len(key2) == length // 8
assert is_key_safe(key1, threshold=threshold)
assert is_key_safe(key2, threshold=threshold)
def test_get_safe_key():
for threshold in 125, 126, 127, :
for length in 128, 256:
key1 = get_safe_key(length, threshold=threshold)
key2 = get_safe_key(length, threshold=threshold)
assert key1 != key2
assert len(key1) == len(key2) == length // 8
assert is_key_safe(key1, threshold=threshold)
assert is_key_safe(key2, threshold=threshold)
def main():
def valid_threshold(value):
value = int(value)
if 0 < value <= 128:
return value
raise argparse.ArgumentTypeError(
'%i is not a valid threshold (must be between 1 and 128)')
parser = argparse.ArgumentParser(description='AES tools')
subparsers = parser.add_subparsers(dest='cmd', help='sub-command help')
parser_check = subparsers.add_parser('check', help='check an AES GCM key')
parser_check.add_argument('key',
type=valid_key,
help='key in hex representation')
parser_check.add_argument('--threshold',
dest='threshold',
type=valid_threshold,
default=THRESHOLD_DEFAULT,
help='safety threshold')
parser_check = subparsers.add_parser('hcheck', help='check a GCM Hash key')
parser_check.add_argument('key',
type=valid_key,
help='key in hex representation')
parser_check.add_argument('--threshold',
dest='threshold',
type=valid_threshold,
default=THRESHOLD_DEFAULT,
help='safety threshold')
parser_generate = subparsers.add_parser('generate',
help='generate a safe AES GCM key')
parser_generate.add_argument('bits',
type=valid_bits,
help='key length, 128 or 256')
args = parser.parse_args()
if args.cmd == 'check':
selftest()
strength = bit_strength_gcm_auth(args.key)
safe = strength >= args.threshold
print("%s is safe: %r (%i bits security)" %
(hexlify(args.key).decode('ascii'), safe, strength))
return 0 if safe else 1
if args.cmd == 'hcheck':
selftest()
strength = bit_strength_auth_key(args.key)
safe = strength >= args.threshold
if (safe):
print("%s is safe: %r (%i bits security)" %
(hexlify(args.key).decode('ascii'), safe, strength))
else:
print("%s is *NOT* safe: %r (%i bits security)" %
(hexlify(args.key).decode('ascii'), safe, strength))
return 0 if safe else 1
if args.cmd == 'generate':
selftest()
key = get_safe_key(args.bits)
print(hexlify(key).decode('ascii'))
return 0
def main():
def valid_threshold(value):
value = int(value)
if 0 < value <= 128:
return value
raise argparse.ArgumentTypeError('%i is not a valid threshold (must be between 1 and 128)')
parser = argparse.ArgumentParser(description='AES tools')
subparsers = parser.add_subparsers(dest='cmd', help='sub-command help')
parser_check = subparsers.add_parser('check', help='check an AES GCM key')
parser_check.add_argument('key', type=valid_key,
help='key in hex representation')
parser_check.add_argument('--threshold', dest='threshold', type=valid_threshold,
default=THRESHOLD_DEFAULT, help='safety threshold')
parser_generate = subparsers.add_parser('generate', help='generate a safe AES GCM key')
parser_generate.add_argument('bits', type=valid_bits,
help='key length, 128 or 256')
args = parser.parse_args()
if args.cmd == 'check':
selftest()
strength = bit_strength_gcm_auth(args.key)
safe = strength >= args.threshold
print("%s is safe: %r (%i bits security)" % (hexlify(args.key).decode('ascii'), safe, strength))
return 0 if safe else 1
if args.cmd == 'generate':
selftest()
key = get_safe_key(args.bits)
print(hexlify(key).decode('ascii'))
return 0
def main():
parser = argparse.ArgumentParser(description='AES tools')
subparsers = parser.add_subparsers(dest='cmd', help='sub-command help')
parser_check = subparsers.add_parser('check', help='check an AES GCM key')
parser_check.add_argument('key', type=valid_key,
help='key in hex representation')
parser_generate = subparsers.add_parser('generate', help='generate a safe AES GCM key')
parser_generate.add_argument('bits', type=valid_bits,
help='key length, 128 or 256')
args = parser.parse_args()
if args.cmd == 'check':
selftest()
safe = is_key_safe(args.key)
print("%s is safe: %r" % (hexlify(args.key).decode('ascii'), safe))
return 0 if safe else 1
if args.cmd == 'generate':
selftest()
key = get_safe_key(args.bits)
print(hexlify(key).decode('ascii'))
return 0
def test_get_safe_key_invalid():
with pytest.raises(AssertionError):
get_safe_key(0)
with pytest.raises(AssertionError):
get_safe_key(512)
def test_get_safe_key_not_found():
with pytest.raises(Exception):
get_safe_key(128, max_tries=0)
def test_get_safe_key_invalid():
with pytest.raises(AssertionError):
get_safe_key(0)
with pytest.raises(AssertionError):
get_safe_key(512)
def test_get_safe_key_not_found():
with pytest.raises(Exception):
get_safe_key(128, max_tries=0)
