def test_delete(self, mock_error_handler, mock_context_unpack): response = self.app.delete('/tenders/abc/dump', status=403) self.assertEqual(response.status, '403 Forbidden') self.app.authorization = ('Basic', ('archivarius', '')) response = self.app.delete('/tenders/abc/dump') encrypted_dump = response.json['data']['tender'] box = SecretBox('a' * 32) decrypted_data = box.decrypt(b64decode(encrypted_dump)) decrypted_data = json.loads(decrypted_data) self.assertEqual(response.status, '200 OK') self.assertEqual(decrypted_data, tender.serialize.return_value)
def test_dump_resource(self): request = MagicMock() context = { 'id': uuid.uuid4().hex, 'rev': '1-{}'.format(uuid.uuid4().hex), 'dateModified': datetime.now().isoformat(), 'doc_type': 'Tenders' } request.registry.docservice_key.vk = 'a' * 32 request.context.serialize.return_value = context res = dump_resource(request) box = SecretBox('a' * 32) decrypted_data = box.decrypt(b64decode(res)) decrypted_data = json.loads(decrypted_data) self.assertNotEqual(res, json.dumps(context)) self.assertEqual(decrypted_data, context)
class Console(object): def __init__(self, key=None, host='127.0.0.1', port=5199, have_sodium=HAVE_SODIUM, merge_nonces=False): if have_sodium: if key: key = base64.b64decode(key) else: # libnacl won't like it if you send anything less then KEYBYTES key = '\0' * libnacl.crypto_secretbox_KEYBYTES self.__merge_nonces = merge_nonces self.__box = SecretBox(key=key) self.__my_nonce = rand_nonce() else: self.__box = None self.__my_nonce = '\0' self.__client = socket.socket(socket.AF_INET, socket.SOCK_STREAM) logging.info('Connecting to %s:%d' % (host, port)) self.__client.connect((host, port)) logging.debug('Sending my nonce: %s' % self.__my_nonce.encode('hex')) self.__client.send(self.__my_nonce) if self.__box: self.__th_nonce = self.__client.recv(libnacl.crypto_secretbox_NONCEBYTES) else: self.__th_nonce = self.__client.recv(1) logging.debug('Got their nonce: %s' % self.__th_nonce.encode('hex')) @staticmethod def increment_nonce(nonce): count = unpack("!I", nonce[0:4])[0] count += 1 return pack("!I", count) + nonce[4:] def _send(self, msg): self.__client.send(pack("!I", len(msg))) self.__client.send(msg) def _recvbits(self, bits): data = self.__client.recv(bits) while len(data) < bits: data += self.__client.recv(bits - len(data)) return data def _recv(self): bits = self._recvbits(4) length = unpack("!I", bits)[0] logging.debug('Got length of %d' % length) return self._recvbits(length) def _reading_nonce(self): if self.__merge_nonces: half_nonce_size = len(self.__my_nonce) / 2 return self.__my_nonce[0:half_nonce_size] + self.__th_nonce[half_nonce_size:] else: return self.__th_nonce def _writing_nonce(self): if self.__merge_nonces: half_nonce_size = len(self.__my_nonce) / 2 return self.__th_nonce[0:half_nonce_size] + self.__my_nonce[half_nonce_size:] else: return self.__my_nonce def disconnect(self): self.__client.close() def execute(self, msg): logging.info("Sending: %s" % msg) if self.__box: msg = self.__box.encrypt(msg, nonce=self._writing_nonce(), pack_nonce=False)[1] logging.info("Cipher text: %s" % msg.encode('hex')) self._send(msg) logging.info("Waiting for response...") msg = self._recv() if self.__box: logging.info("Cipher text: %s" % msg.encode('hex')) msg = self.__box.decrypt(msg, nonce=self._reading_nonce()) self.__my_nonce = Console.increment_nonce(self.__my_nonce) logging.debug('Our new nonce: %s' % self.__my_nonce.encode('hex')) self.__th_nonce = Console.increment_nonce(self.__th_nonce) logging.debug('Their new nonce: %s' % self.__th_nonce.encode('hex')) logging.info("Received: %s" % msg) return msg
def _extract_caveat_key(self, signature, caveat): key = truncate_or_pad(signature) box = SecretBox(key=key) decrypted = box.decrypt(caveat._verification_key_id) return decrypted
class Console(object): def __init__(self, key=None, host='127.0.0.1', port=5199, have_sodium=HAVE_SODIUM): if have_sodium: if key: key = base64.b64decode(key) else: # libnacl won't like it if you send anything less then KEYBYTES key = '\0' * libnacl.crypto_secretbox_KEYBYTES self.__box = SecretBox(key=key) self.__my_nonce = rand_nonce() else: self.__box = None self.__my_nonce = '\0' self.__client = socket.socket(socket.AF_INET, socket.SOCK_STREAM) logging.info('Connecting to %s:%d' % (host, port)) self.__client.connect((host, port)) logging.debug('Sending my nonce: %s' % self.__my_nonce.encode('hex')) self.__client.send(self.__my_nonce) if self.__box: self.__th_nonce = self.__client.recv( libnacl.crypto_secretbox_NONCEBYTES) else: self.__th_nonce = self.__client.recv(1) logging.debug('Got their nonce: %s' % self.__th_nonce.encode('hex')) @staticmethod def increment_nonce(nonce): count = unpack("!I", nonce[0:4])[0] count += 1 return pack("!I", count) + nonce[4:] def _send(self, msg): self.__client.send(pack("!I", len(msg))) self.__client.send(msg) def _recvbits(self, bits): data = self.__client.recv(bits) while len(data) < bits: data += self.__client.recv(bits - len(data)) return data def _recv(self): bits = self._recvbits(4) length = unpack("!I", bits)[0] logging.debug('Got length of %d' % length) return self._recvbits(length) def disconnect(self): self.__client.close() def execute(self, msg): logging.info("Sending: %s" % msg) if self.__box: msg = self.__box.encrypt(msg, nonce=self.__my_nonce, pack_nonce=False)[1] logging.info("Cipher text: %s" % msg.encode('hex')) self.__my_nonce = Console.increment_nonce(self.__my_nonce) logging.debug('New nonce: %s' % self.__my_nonce.encode('hex')) self._send(msg) logging.info("Waiting for response...") msg = self._recv() if self.__box: logging.info("Cipher text: %s" % msg.encode('hex')) msg = self.__box.decrypt(msg, nonce=self.__th_nonce) self.__th_nonce = Console.increment_nonce(self.__th_nonce) logging.debug('New nonce: %s' % self.__th_nonce.encode('hex')) logging.info("Received: %s" % msg) return msg
def decrypt(self, signature, field_data): key = truncate_or_pad(signature) box = SecretBox(key=key) encoded = convert_to_bytes(field_data[len(self.signifier):]) decrypted = box.decrypt(standard_b64decode(encoded)) return convert_to_string(decrypted)