def _crypt(self, offset, data): offset_big = offset // 16 offset_small = offset % 16 iv = binascii.unhexlify("%032x" % offset_big) cipher = aes.create_encryptor(self.key, iv) # this is just to advance the counter aes.encrypt_data(cipher, b"\x00" * offset_small) return aes.encrypt_data(cipher, data)
def test_encrypt_data_not_bytes(self): ''' only bytes can be encrypted ''' key = b'\x00' * 16 encryptor = aes.create_encryptor(key) with self.assertRaises(ValueError) as ctx: aes.encrypt_data(encryptor, u"not bytes") self.assertIn("must be bytes", str(ctx.exception))
def test_previous_upload_failed(self): self.basedir = "helper/AssistedUpload/test_previous_upload_failed" self.setUpHelper(self.basedir) # we want to make sure that an upload which fails (leaving the # ciphertext in the CHK_encoding/ directory) does not prevent a later # attempt to upload that file from working. We simulate this by # populating the directory manually. The hardest part is guessing the # storage index. k = FakeClient.DEFAULT_ENCODING_PARAMETERS["k"] n = FakeClient.DEFAULT_ENCODING_PARAMETERS["n"] max_segsize = FakeClient.DEFAULT_ENCODING_PARAMETERS[ "max_segment_size"] segsize = min(max_segsize, len(DATA)) # this must be a multiple of 'required_shares'==k segsize = mathutil.next_multiple(segsize, k) key = hashutil.convergence_hash(k, n, segsize, DATA, "test convergence string") assert len(key) == 16 encryptor = aes.create_encryptor(key) SI = hashutil.storage_index_hash(key) SI_s = si_b2a(SI) encfile = os.path.join(self.basedir, "CHK_encoding", SI_s) f = open(encfile, "wb") f.write(aes.encrypt_data(encryptor, DATA)) f.close() u = upload.Uploader(self.helper_furl) u.setServiceParent(self.s) d = wait_a_few_turns() def _ready(res): assert u._helper return upload_data(u, DATA, convergence="test convergence string") d.addCallback(_ready) def _uploaded(results): the_uri = results.get_uri() assert "CHK" in the_uri d.addCallback(_uploaded) def _check_empty(res): files = os.listdir(os.path.join(self.basedir, "CHK_encoding")) self.failUnlessEqual(files, []) files = os.listdir(os.path.join(self.basedir, "CHK_incoming")) self.failUnlessEqual(files, []) d.addCallback(_check_empty) return d
def _encrypt_rw_uri(writekey, rw_uri): precondition(isinstance(rw_uri, str), rw_uri) precondition(isinstance(writekey, str), writekey) salt = hashutil.mutable_rwcap_salt_hash(rw_uri) key = hashutil.mutable_rwcap_key_hash(salt, writekey) encryptor = aes.create_encryptor(key) crypttext = aes.encrypt_data(encryptor, rw_uri) mac = hashutil.hmac(key, salt + crypttext) assert len(mac) == 32 return salt + crypttext + mac
def _encrypt_privkey(self, writekey, privkey): encryptor = aes.create_encryptor(writekey) crypttext = aes.encrypt_data(encryptor, privkey) return crypttext
def fake_ecb_using_ctr(k, p): encryptor = aes.create_encryptor(key=k, iv=p) return aes.encrypt_data(encryptor, b'\x00' * 16)