def test_invalid_verify(self, backend): key = b"2b7e151628aed2a6abf7158809cf4f3c" cmac = CMAC(AES(key), backend) cmac.update(b"6bc1bee22e409f96e93d7e117393172a") with pytest.raises(InvalidSignature): cmac.verify(b"foobar")
def test_verify_reject_unicode(self, backend): key = b"2b7e151628aed2a6abf7158809cf4f3c" cmac = CMAC(AES(key), backend) with pytest.raises(TypeError): cmac.update(six.u('')) with pytest.raises(TypeError): cmac.verify(six.u(''))
def test_raises_after_finalize(self, backend): key = b"2b7e151628aed2a6abf7158809cf4f3c" cmac = CMAC(AES(key), backend) cmac.finalize() with pytest.raises(AlreadyFinalized): cmac.update(b"foo") with pytest.raises(AlreadyFinalized): cmac.copy() with pytest.raises(AlreadyFinalized): cmac.finalize() with pytest.raises(AlreadyFinalized): cmac.verify(b"")
def test_raises_after_finalize(self, backend): key = b"2b7e151628aed2a6abf7158809cf4f3c" cmac = CMAC(AES(key), backend) cmac.finalize() with pytest.raises(AlreadyFinalized): cmac.update(b"foo") with pytest.raises(AlreadyFinalized): cmac.copy() with pytest.raises(AlreadyFinalized): cmac.finalize() with pytest.raises(AlreadyFinalized): cmac.verify(b"")
def test_aes_verify(self, backend, params): key = params["key"] message = params["message"] output = params["output"] cmac = CMAC(AES(binascii.unhexlify(key)), backend) cmac.update(binascii.unhexlify(message)) assert cmac.verify(binascii.unhexlify(output)) is None
def test_aes_verify(self, backend, params): key = params["key"] message = params["message"] output = params["output"] cmac = CMAC(AES(binascii.unhexlify(key)), backend) cmac.update(binascii.unhexlify(message)) assert cmac.verify(binascii.unhexlify(output)) is None
def test_aes_cmac(backend, wycheproof): key = binascii.unhexlify(wycheproof.testcase["key"]) msg = binascii.unhexlify(wycheproof.testcase["msg"]) tag = binascii.unhexlify(wycheproof.testcase["tag"]) # skip truncated tags, which we don't support in the API if wycheproof.valid and len(tag) == 16: ctx = CMAC(AES(key), backend) ctx.update(msg) ctx.verify(tag) elif len(key) not in [16, 24, 32]: with pytest.raises(ValueError): CMAC(AES(key), backend) else: ctx = CMAC(AES(key), backend) ctx.update(msg) with pytest.raises(InvalidSignature): ctx.verify(tag)
def test_aes_cmac(backend, wycheproof): key = binascii.unhexlify(wycheproof.testcase["key"]) msg = binascii.unhexlify(wycheproof.testcase["msg"]) tag = binascii.unhexlify(wycheproof.testcase["tag"]) # skip truncated tags, which we don't support in the API if wycheproof.valid and len(tag) == 16: ctx = CMAC(AES(key), backend) ctx.update(msg) ctx.verify(tag) elif len(key) not in [16, 24, 32]: with pytest.raises(ValueError): CMAC(AES(key), backend) else: ctx = CMAC(AES(key), backend) ctx.update(msg) with pytest.raises(InvalidSignature): ctx.verify(tag)
class _KSP1_decryptor: """ DO NOT CALL Use KSP1().decryptor() instead """ def __init__(self, key, nonce, mac_key): self._aes = Cipher(algorithms.AES(key), modes.CTR(nonce), default_backend()).decryptor() self._mac = CMAC(algorithms.AES(mac_key), default_backend()) def update(self, data): self._mac.update(data) return self._aes.update(data) def finalize(self, tag): try: self._mac.verify(tag) except Exception: raise InvalidToken
def test_3des_verify(self, backend, params): key1 = params["key1"] key2 = params["key2"] key3 = params["key3"] key = key1 + key2 + key3 message = params["message"] output = params["output"] cmac = CMAC(TripleDES(binascii.unhexlify(key)), backend) cmac.update(binascii.unhexlify(message)) assert cmac.verify(binascii.unhexlify(output)) is None
def test_3des_verify(self, backend, params): key1 = params["key1"] key2 = params["key2"] key3 = params["key3"] key = key1 + key2 + key3 message = params["message"] output = params["output"] cmac = CMAC(TripleDES(binascii.unhexlify(key)), backend) cmac.update(binascii.unhexlify(message)) assert cmac.verify(binascii.unhexlify(output)) is None