def test_invalid_multiple_decrypt_and_verify(self): cipher = AES.new(self.key_256, AES.MODE_SIV, nonce=self.nonce_96) ct, tag = cipher.encrypt_and_digest(self.data_128) cipher = AES.new(self.key_256, AES.MODE_SIV, nonce=self.nonce_96) cipher.decrypt_and_verify(ct, tag) self.assertRaises(TypeError, cipher.decrypt_and_verify, ct, tag)
def test_aes_192(self): plaintext = '6bc1bee22e409f96e93d7e117393172a' +\ 'ae2d8a571e03ac9c9eb76fac45af8e51' +\ '30c81c46a35ce411e5fbc1191a0a52ef' +\ 'f69f2445df4f9b17ad2b417be66c3710' ciphertext = 'cdc80d6fddf18cab34c25909c99a4174' +\ 'fcc28b8d4c63837c09e81700c1100401' +\ '8d9a9aeac0f6596f559c6d4daf59a5f2' +\ '6d9f200857ca6c3e9cac524bd9acc92a' key = '8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b' iv = '000102030405060708090a0b0c0d0e0f' key = unhexlify(key) iv = unhexlify(iv) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.decrypt(ciphertext), plaintext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.encrypt(plaintext[:-8]), ciphertext[:-8]) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.decrypt(ciphertext[:-8]), plaintext[:-8])
def test_bytearray(self): data = b("1") * 16 iv = b("\x00") * 6 + b("\xFF\xFF") # Encrypt cipher1 = AES.new(self.key_128, AES.MODE_CTR, nonce=self.nonce_64, initial_value=iv) ref1 = cipher1.encrypt(data) cipher2 = AES.new(self.key_128, AES.MODE_CTR, nonce=bytearray(self.nonce_64), initial_value=bytearray(iv)) ref2 = cipher2.encrypt(bytearray(data)) self.assertEqual(ref1, ref2) self.assertEqual(cipher1.nonce, cipher2.nonce) # Decrypt cipher3 = AES.new(self.key_128, AES.MODE_CTR, nonce=self.nonce_64, initial_value=iv) ref3 = cipher3.decrypt(data) cipher4 = AES.new(self.key_128, AES.MODE_CTR, nonce=bytearray(self.nonce_64), initial_value=bytearray(iv)) ref4 = cipher4.decrypt(bytearray(data)) self.assertEqual(ref3, ref4)
def test_aes_128(self): plaintext = '6bc1bee22e409f96e93d7e117393172a' +\ 'ae2d8a571e03ac9c9eb76fac45af8e51' +\ '30c81c46a35ce411e5fbc1191a0a52ef' +\ 'f69f2445df4f9b17ad2b417be66c3710' ciphertext = '3b3fd92eb72dad20333449f8e83cfb4a' +\ '7789508d16918f03f53c52dac54ed825' +\ '9740051e9c5fecf64344f7a82260edcc' +\ '304c6528f659c77866a510d9c1d6ae5e' key = '2b7e151628aed2a6abf7158809cf4f3c' iv = '000102030405060708090a0b0c0d0e0f' key = unhexlify(key) iv = unhexlify(iv) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.decrypt(ciphertext), plaintext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.encrypt(plaintext[:-8]), ciphertext[:-8]) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.decrypt(ciphertext[:-8]), plaintext[:-8])
def test_shorter_assoc_data_than_expected(self): # With plaintext cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96, assoc_len=17) cipher.update(self.data_128) self.assertRaises(ValueError, cipher.encrypt, self.data_128) # With empty plaintext cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96, assoc_len=17) cipher.update(self.data_128) self.assertRaises(ValueError, cipher.digest) # With ciphertext cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96, assoc_len=17) cipher.update(self.data_128) self.assertRaises(ValueError, cipher.decrypt, self.data_128) # With empty ciphertext cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96) cipher.update(self.data_128) mac = cipher.digest() cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96, assoc_len=17) cipher.update(self.data_128) self.assertRaises(ValueError, cipher.verify, mac)
def test_unaligned_data_128(self): plaintexts = [b("7777777")] * 100 cipher = AES.new(self.key_128, AES.MODE_CFB, self.iv_128, segment_size=8) ciphertexts = [cipher.encrypt(x) for x in plaintexts] cipher = AES.new(self.key_128, AES.MODE_CFB, self.iv_128, segment_size=8) self.assertEqual( b("").join(ciphertexts), cipher.encrypt(b("").join(plaintexts))) cipher = AES.new(self.key_128, AES.MODE_CFB, self.iv_128, segment_size=128) ciphertexts = [cipher.encrypt(x) for x in plaintexts] cipher = AES.new(self.key_128, AES.MODE_CFB, self.iv_128, segment_size=128) self.assertEqual( b("").join(ciphertexts), cipher.encrypt(b("").join(plaintexts)))
def test_initial_value_parameter(self): # Test with nonce parameter cipher1 = AES.new(self.key_128, AES.MODE_CTR, nonce=self.nonce_64, initial_value=0xFFFF) counter = Counter.new(64, prefix=self.nonce_64, initial_value=0xFFFF) cipher2 = AES.new(self.key_128, AES.MODE_CTR, counter=counter) pt = get_tag_random("plaintext", 65536) self.assertEqual(cipher1.encrypt(pt), cipher2.encrypt(pt)) # Test without nonce parameter cipher1 = AES.new(self.key_128, AES.MODE_CTR, initial_value=0xFFFF) counter = Counter.new(64, prefix=cipher1.nonce, initial_value=0xFFFF) cipher2 = AES.new(self.key_128, AES.MODE_CTR, counter=counter) pt = get_tag_random("plaintext", 65536) self.assertEqual(cipher1.encrypt(pt), cipher2.encrypt(pt)) # Initial_value and Counter are mutually exclusive self.assertRaises(TypeError, AES.new, self.key_128, AES.MODE_CTR, counter=self.ctr_128, initial_value=0)
def test_nonce_parameter(self): # Nonce parameter becomes nonce attribute cipher1 = AES.new(self.key_128, AES.MODE_CTR, nonce=self.nonce_64) self.assertEqual(cipher1.nonce, self.nonce_64) counter = Counter.new(64, prefix=self.nonce_64, initial_value=0) cipher2 = AES.new(self.key_128, AES.MODE_CTR, counter=counter) self.assertEqual(cipher1.nonce, cipher2.nonce) pt = get_tag_random("plaintext", 65536) self.assertEqual(cipher1.encrypt(pt), cipher2.encrypt(pt)) # Nonce is implicitly created (for AES) when no parameters are passed nonce1 = AES.new(self.key_128, AES.MODE_CTR).nonce nonce2 = AES.new(self.key_128, AES.MODE_CTR).nonce self.assertNotEqual(nonce1, nonce2) self.assertEqual(len(nonce1), 8) # Nonce can be zero-length cipher = AES.new(self.key_128, AES.MODE_CTR, nonce=b"") self.assertEqual(b"", cipher.nonce) cipher.encrypt(b'0' * 300) # Nonce and Counter are mutually exclusive self.assertRaises(TypeError, AES.new, self.key_128, AES.MODE_CTR, counter=self.ctr_128, nonce=self.nonce_64)
def test_data_must_be_bytes(self): cipher = AES.new(self.key_256, AES.MODE_SIV, nonce=self.nonce_96) self.assertRaises(TypeError, cipher.encrypt, 'test1234567890-*') cipher = AES.new(self.key_256, AES.MODE_SIV, nonce=self.nonce_96) self.assertRaises(TypeError, cipher.decrypt_and_verify, 'test1234567890-*', b("xxxx"))
def test_IV_iv_attributes(self): cipher = AES.new(self.key_128, AES.MODE_OPENPGP, self.iv_128) eiv = cipher.encrypt(b("")) self.assertEqual(cipher.iv, self.iv_128) cipher = AES.new(self.key_128, AES.MODE_OPENPGP, eiv) self.assertEqual(cipher.iv, self.iv_128)
def test_hex_mac(self): cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) mac_hex = cipher.hexdigest() self.assertEqual(cipher.digest(), unhexlify(mac_hex)) cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.hexverify(mac_hex)
def test_valid_init_verify(self): # Verify path INIT->VERIFY cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) mac = cipher.digest() cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.verify(mac)
def test_unknown_parameters(self): self.assertRaises(TypeError, AES.new, self.key_128, self.aes_mode, self.iv_128, 7) self.assertRaises(TypeError, AES.new, self.key_128, self.aes_mode, iv=self.iv_128, unknown=7) # But some are only known by the base cipher (e.g. use_aesni consumed by the AES module) AES.new(self.key_128, self.aes_mode, iv=self.iv_128, use_aesni=False)
def test_mac_len(self): # Invalid MAC length self.assertRaises(ValueError, AES.new, self.key_128, AES.MODE_OCB, nonce=self.nonce_96, mac_len=7) self.assertRaises(ValueError, AES.new, self.key_128, AES.MODE_OCB, nonce=self.nonce_96, mac_len=16 + 1) # Valid MAC length for mac_len in range(8, 16 + 1): cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96, mac_len=mac_len) _, mac = cipher.encrypt_and_digest(self.data_128) self.assertEqual(len(mac), mac_len) # Default MAC length cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) _, mac = cipher.encrypt_and_digest(self.data_128) self.assertEqual(len(mac), 16)
def test_aes_256(self): plaintext = '6bc1bee22e409f96e93d7e117393172a' +\ 'ae2d8a571e03ac9c9eb76fac45af8e51' +\ '30c81c46a35ce411e5fbc1191a0a52ef' +\ 'f69f2445df4f9b17ad2b417be66c3710' ciphertext = 'dc7e84bfda79164b7ecd8486985d3860' +\ '4febdc6740d20b3ac88f6ad82a4fb08d' +\ '71ab47a086e86eedf39d1c5bba97c408' +\ '0126141d67f37be8538f5a8be740e484' key = '603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4' iv = '000102030405060708090a0b0c0d0e0f' key = unhexlify(key) iv = unhexlify(iv) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.decrypt(ciphertext), plaintext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.encrypt(plaintext[:-8]), ciphertext[:-8]) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.decrypt(ciphertext[:-8]), plaintext[:-8])
def test_memoryview(self): data = b"1" * 16 data_mv = memoryview(bytearray(data)) # Encrypt key_mv = memoryview(bytearray(self.key_128)) iv_mv = memoryview(bytearray(self.iv_128)) cipher1 = AES.new(self.key_128, self.aes_mode, self.iv_128) ref1 = cipher1.encrypt(data) cipher2 = AES.new(key_mv, self.aes_mode, iv_mv) key_mv[:3] = b'\xFF\xFF\xFF' iv_mv[:3] = b'\xFF\xFF\xFF' ref2 = cipher2.encrypt(data_mv) self.assertEqual(ref1, ref2) self.assertEqual(cipher1.iv, cipher2.iv) # Decrypt key_mv = memoryview(bytearray(self.key_128)) iv_mv = memoryview(bytearray(self.iv_128)) cipher3 = AES.new(self.key_128, self.aes_mode, self.iv_128) ref3 = cipher3.decrypt(data) cipher4 = AES.new(key_mv, self.aes_mode, iv_mv) key_mv[:3] = b'\xFF\xFF\xFF' iv_mv[:3] = b'\xFF\xFF\xFF' ref4 = cipher4.decrypt(data_mv) self.assertEqual(ref3, ref4)
def test_bytearray(self): data = b"1" * 16 data_ba = bytearray(data) # Encrypt key_ba = bytearray(self.key_128) iv_ba = bytearray(self.iv_128) cipher1 = AES.new(self.key_128, self.aes_mode, self.iv_128) ref1 = cipher1.encrypt(data) cipher2 = AES.new(key_ba, self.aes_mode, iv_ba) key_ba[:3] = b'\xFF\xFF\xFF' iv_ba[:3] = b'\xFF\xFF\xFF' ref2 = cipher2.encrypt(data_ba) self.assertEqual(ref1, ref2) self.assertEqual(cipher1.iv, cipher2.iv) # Decrypt key_ba = bytearray(self.key_128) iv_ba = bytearray(self.iv_128) cipher3 = AES.new(self.key_128, self.aes_mode, self.iv_128) ref3 = cipher3.decrypt(data) cipher4 = AES.new(key_ba, self.aes_mode, iv_ba) key_ba[:3] = b'\xFF\xFF\xFF' iv_ba[:3] = b'\xFF\xFF\xFF' ref4 = cipher4.decrypt(data_ba) self.assertEqual(ref3, ref4)
def test_either_encrypt_or_decrypt(self): cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.encrypt(b("xyz")) self.assertRaises(TypeError, cipher.decrypt, b("xyz")) cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.decrypt(b("xyz")) self.assertRaises(TypeError, cipher.encrypt, b("xyz"))
def test_either_encrypt_or_decrypt(self): cipher = AES.new(self.key_128, AES.MODE_CTR, counter=self.ctr_128) cipher.encrypt(b("")) self.assertRaises(TypeError, cipher.decrypt, b("")) cipher = AES.new(self.key_128, AES.MODE_CTR, counter=self.ctr_128) cipher.decrypt(b("")) self.assertRaises(TypeError, cipher.encrypt, b(""))
def test_loopback_128(self): cipher = AES.new(self.key_128, AES.MODE_CTR, counter=self.ctr_128) pt = get_tag_random("plaintext", 16 * 100) ct = cipher.encrypt(pt) cipher = AES.new(self.key_128, AES.MODE_CTR, counter=self.ctr_128) pt2 = cipher.decrypt(ct) self.assertEqual(pt, pt2)
def test_loopback_128(self): cipher = AES.new(self.key_128, self.aes_mode, self.iv_128) pt = get_tag_random("plaintext", 16 * 100) ct = cipher.encrypt(pt) cipher = AES.new(self.key_128, self.aes_mode, self.iv_128) pt2 = cipher.decrypt(ct) self.assertEqual(pt, pt2)
def test_either_encrypt_or_decrypt(self): cipher = AES.new(self.key_128, self.aes_mode, self.iv_128) cipher.encrypt(b"") self.assertRaises(TypeError, cipher.decrypt, b"") cipher = AES.new(self.key_128, self.aes_mode, self.iv_128) cipher.decrypt(b"") self.assertRaises(TypeError, cipher.encrypt, b"")
def test_loopback_128(self): cipher = AES.new(self.key_128, AES.MODE_GCM, nonce=self.nonce_96) pt = get_tag_random("plaintext", 16 * 100) ct = cipher.encrypt(pt) cipher = AES.new(self.key_128, AES.MODE_GCM, nonce=self.nonce_96) pt2 = cipher.decrypt(ct) self.assertEqual(pt, pt2)
def test_unaligned_data_128(self): cipher = AES.new(self.key_128, self.aes_mode, self.iv_128) for wrong_length in range(1,16): self.assertRaises(ValueError, cipher.encrypt, b"5" * wrong_length) cipher = AES.new(self.key_128, self.aes_mode, self.iv_128) for wrong_length in range(1,16): self.assertRaises(ValueError, cipher.decrypt, b"5" * wrong_length)
def test_loopback_128(self): cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) pt = get_tag_random("plaintext", 16 * 100) ct, mac = cipher.encrypt_and_digest(pt) cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) pt2 = cipher.decrypt_and_verify(ct, mac) self.assertEqual(pt, pt2)
def test_either_encrypt_or_decrypt(self): cipher = AES.new(self.key_128, AES.MODE_OPENPGP, self.iv_128) eiv = cipher.encrypt(b("")) self.assertRaises(TypeError, cipher.decrypt, b("")) cipher = AES.new(self.key_128, AES.MODE_OPENPGP, eiv) cipher.decrypt(b("")) self.assertRaises(TypeError, cipher.encrypt, b(""))
def test_nonce(self): # Nonce is optional (a random one will be created) AES.new(self.key_128, AES.MODE_GCM) cipher = AES.new(self.key_128, AES.MODE_GCM, self.nonce_96) ct = cipher.encrypt(self.data_128) cipher = AES.new(self.key_128, AES.MODE_GCM, nonce=self.nonce_96) self.assertEqual(ct, cipher.encrypt(self.data_128))
def test_nonce_attribute(self): cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) self.assertEqual(cipher.nonce, self.nonce_96) # By default, a 15 bytes long nonce is randomly generated nonce1 = AES.new(self.key_128, AES.MODE_OCB).nonce nonce2 = AES.new(self.key_128, AES.MODE_OCB).nonce self.assertEqual(len(nonce1), 15) self.assertNotEqual(nonce1, nonce2)
def test_nonce(self): # Nonce is optional AES.new(self.key_128, AES.MODE_OCB) cipher = AES.new(self.key_128, AES.MODE_OCB, self.nonce_96) ct = cipher.encrypt(self.data_128) cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) self.assertEqual(ct, cipher.encrypt(self.data_128))
def test_block_size_128(self): cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) self.assertEqual(cipher.block_size, AES.block_size) # By default, a 15 bytes long nonce is randomly generated nonce1 = AES.new(self.key_128, AES.MODE_OCB).nonce nonce2 = AES.new(self.key_128, AES.MODE_OCB).nonce self.assertEqual(len(nonce1), 15) self.assertNotEqual(nonce1, nonce2)
def add_student(name, password, email): """creates unique id for each student, and adds student to the student table""" conn = sqlite3.connect(DBNAME) c = conn.cursor() #get length c.execute('SELECT name FROM {}'.format(STUDENTTNAME)) ctnum = len(c.fetchall()) #encrypt/encode text cipher = AES.new(SECRET) encoded = encodeAES(cipher, password) internstring = "" #string will contain 0 for each entry in internship table for r in view_internship_t(): internstring += '0' c.execute("INSERT INTO {} values {}".format(STUDENTTNAME, STUDENTPARAMS), (name, encoded, ctnum, email, internstring)) conn.commit() conn.close() return ctnum
def setup_crypto(self, sn): """ Performs decryption of packets received. Stores decrypted packets in a Queue for use. """ if is_old_model(sn): self.old_model = True # print self.old_model k = ['\0'] * 16 k[0] = sn[-1] k[1] = '\0' k[2] = sn[-2] if self.is_research: k[3] = 'H' k[4] = sn[-1] k[5] = '\0' k[6] = sn[-2] k[7] = 'T' k[8] = sn[-3] k[9] = '\x10' k[10] = sn[-4] k[11] = 'B' else: k[3] = 'T' k[4] = sn[-3] k[5] = '\x10' k[6] = sn[-4] k[7] = 'B' k[8] = sn[-1] k[9] = '\0' k[10] = sn[-2] k[11] = 'H' k[12] = sn[-3] k[13] = '\0' k[14] = sn[-4] k[15] = 'P' key = ''.join(k) iv = Random.new().read(AES.block_size) cipher = AES.new(key, AES.MODE_ECB, iv) # for i in k: # print "0x%.02x " % (ord(i)) while self.running: while not tasks.empty(): task = tasks.get() try: data = cipher.decrypt(task[:16]) + cipher.decrypt(task[16:]) self.packets.put_nowait(EmotivPacket(data, self.sensors, self.old_model)) self.packets_processed += 1 except: pass gevent.sleep(0) gevent.sleep(0)
def student_login(email, password): #check company's login information conn = sqlite3.connect(DBNAME) c = conn.cursor() cipher = AES.new(SECRET) c.execute('SELECT password FROM {} WHERE email = ?'.format(STUDENTTNAME),(email,)) data = c.fetchone() if data is None: return False else: encoded = encodeAES(cipher, password) if data[0] == encoded: return True else: return False
def add_company(name, password, email): """Creates unique id for each company, and adds company to the company table""" conn = sqlite3.connect(DBNAME) c = conn.cursor() #get length c.execute('SELECT name FROM {}'.format(COMPANYTNAME)) ctnum = len(c.fetchall()) #encrypt/encode text cipher = AES.new(SECRET) encoded = encodeAES(cipher, password) c.execute("INSERT INTO {} values {}".format(COMPANYTNAME, COMPANYPARAMS), (name, encoded, ctnum, 1, email)) conn.commit() conn.close() return ctnum
def encrypt(self,text): if len(text)%16!=0: text=text+str((16-len(text)%16)*'0') cryptor = AES.new(self.key,self.mode,self.values) self.ciphertext = cryptor.encrypt(text) return b2a_hex(self.ciphertext)
def decrypt(self,text): cryptor = AES.new(self.key,self.mode,self.values) plain_text = cryptor.decrypt(a2b_hex(text)) return plain_text.rstrip('\0')