def test_rsa_basic(self):
silently_remove('./rsa-test.public_key.pem')
silently_remove('./rsa-test.private_key.pem')
crypto = LocalRsaProvider(dir='./', key='rsa-test', passphrase='1234')
with patch.object(oss2.utils,
'random_aes256_key',
return_value=unittests.common.fixed_aes_key,
autospect=True):
with patch.object(oss2.utils,
'random_counter',
return_value=unittests.common.fixed_aes_start,
autospect=True):
crypto.get_key()
crypto.get_start()
header = crypto.build_header()
self.assertEqual(
unittests.common.fixed_aes_key,
crypto.decrypt_oss_meta_data(header,
'x-oss-meta-oss-crypto-key'))
self.assertEqual(
unittests.common.fixed_aes_start,
crypto.decrypt_oss_meta_data(
header, 'x-oss-meta-oss-crypto-start',
lambda x: int(x)))
self.assertEqual(None,
crypto.decrypt_oss_meta_data(header, '1231'))
silently_remove('./rsa-test.public_key.pem')
silently_remove('./rsa-test.private_key.pem')
def test_local_rsa_provider_diff_keys(self):
silently_remove('./rsa-test.public_key.pem')
silently_remove('./rsa-test.private_key.pem')
silently_remove('./rsa-test-diff.public_key.pem')
silently_remove('./rsa-test-diff.private_key.pem')
provider = LocalRsaProvider(dir='./', key='rsa-test')
provider_diff = LocalRsaProvider(dir='./', key='rsa-test-diff')
plain_key = provider.get_key()
plain_iv = provider.get_iv()
with patch.object(oss2.utils,
'random_key',
return_value=plain_key,
autospect=True):
with patch.object(oss2.utils,
'random_iv',
return_value=plain_iv,
autospect=True):
content_crypto_material = provider.create_content_material()
self.assertFalse(content_crypto_material.is_unencrypted())
self.assertRaises(ClientError,
provider_diff.decrypt_encrypted_key,
content_crypto_material.encrypted_key)
self.assertRaises(ClientError,
provider_diff.decrypt_encrypted_iv,
content_crypto_material.encrypted_iv)
silently_remove('./rsa-test.public_key.pem')
silently_remove('./rsa-test.private_key.pem')
silently_remove('./rsa-test-diff.public_key.pem')
silently_remove('./rsa-test-diff.private_key.pem')
provider = RsaProvider(key_pair=key_pair)
provider_diff = RsaProvider(key_pair=key_pair_compact)
plain_key = provider.get_key()
plain_iv = provider.get_iv()
with patch.object(oss2.utils,
'random_key',
return_value=plain_key,
autospect=True):
with patch.object(oss2.utils,
'random_iv',
return_value=plain_iv,
autospect=True):
content_crypto_material = provider.create_content_material()
self.assertFalse(content_crypto_material.is_unencrypted())
self.assertRaises(ClientError,
provider_diff.decrypt_encrypted_key,
content_crypto_material.encrypted_key)
self.assertRaises(ClientError,
provider_diff.decrypt_encrypted_iv,
content_crypto_material.encrypted_iv)
def test_rsa_provider_init_keys_not_exist(self):
silently_remove('./rsa-test.public_key.pem')
silently_remove('./rsa-test.private_key.pem')
provider = LocalRsaProvider(dir='./', key='rsa-test')
self.assertTrue(os.path.exists('./rsa-test.public_key.pem'))
self.assertTrue(os.path.exists('./rsa-test.private_key.pem'))
silently_remove('./rsa-test.public_key.pem')
silently_remove('./rsa-test.private_key.pem')
def test_rsa_adapter(self):
silently_remove('./rsa-test.public_key.pem')
silently_remove('./rsa-test.private_key.pem')
content = b'1234'*10
rsa = LocalRsaProvider(dir='./', key='rsa-test', passphrase='1234')
key = rsa.get_key()
start = rsa.get_start()
adapter = rsa.make_encrypt_adapter(content, key, start)
encrypt_content = adapter.read()
self.assertNotEqual(content, encrypt_content)
adapter1 = rsa.make_decrypt_adapter(encrypt_content, key, start)
self.assertEqual(content, adapter1.read())
silently_remove('./rsa-test.public_key.pem')
silently_remove('./rsa-test.private_key.pem')
def test_rsa_basic(self):
silently_remove('./rsa-test.public_key.pem')
silently_remove('./rsa-test.private_key.pem')
crypto = LocalRsaProvider(dir='./', key='rsa-test', passphrase='1234')
with patch.object(oss2.utils, 'random_aes256_key', return_value=unittests.common.fixed_aes_key, autospect=True):
with patch.object(oss2.utils, 'random_counter', return_value=unittests.common.fixed_aes_start, autospect=True):
crypto.get_key()
crypto.get_start()
header = crypto.build_header()
self.assertEqual(unittests.common.fixed_aes_key, crypto.decrypt_oss_meta_data(header, 'x-oss-meta-oss-crypto-key'))
self.assertEqual(unittests.common.fixed_aes_start, crypto.decrypt_oss_meta_data(header, 'x-oss-meta-oss-crypto-start', lambda x:int(x)))
self.assertEqual(None, crypto.decrypt_oss_meta_data(header, '1231'))
silently_remove('./rsa-test.public_key.pem')
silently_remove('./rsa-test.private_key.pem')
def test_rsa_with_error_parameter(self):
silently_remove('./rsa-test.public_key.pem')
silently_remove('./rsa-test.private_key.pem')
crypto = LocalRsaProvider(dir='./', key='rsa-test', passphrase='1234')
self.assertRaises(ClientError,
LocalRsaProvider,
dir='./',
key='rsa-test')
silently_remove('./rsa-test.public_key.pem')
silently_remove('./rsa-test.private_key.pem')
def test_rsa_adapter(self):
silently_remove('./rsa-test.public_key.pem')
silently_remove('./rsa-test.private_key.pem')
content = b'1234' * 10
rsa = LocalRsaProvider(dir='./', key='rsa-test', passphrase='1234')
key = rsa.get_key()
start = rsa.get_start()
adapter = rsa.make_encrypt_adapter(content, key, start)
encrypt_content = adapter.read()
self.assertNotEqual(content, encrypt_content)
adapter1 = rsa.make_decrypt_adapter(encrypt_content, key, start)
self.assertEqual(content, adapter1.read())
silently_remove('./rsa-test.public_key.pem')
silently_remove('./rsa-test.private_key.pem')
def test_rsa_provider_adapter(self):
silently_remove('./rsa-test.public_key.pem')
silently_remove('./rsa-test.private_key.pem')
provider = LocalRsaProvider(dir='./', key='rsa-test')
content = b'a' * random.randint(1, 100) * 1024
content_crypto_material = provider.create_content_material()
plain_key = provider.decrypt_encrypted_key(
content_crypto_material.encrypted_key)
plain_iv = provider.decrypt_encrypted_iv(
content_crypto_material.encrypted_iv)
cipher = content_crypto_material.cipher
stream_encrypted = provider.make_encrypt_adapter(content, cipher)
encrypted_content = stream_encrypted.read()
# reset cipher
cipher.initialize(plain_key, plain_iv)
stream_decrypted = provider.make_decrypt_adapter(
encrypted_content, cipher)
self.assertEqual(content, stream_decrypted.read())
silently_remove('./rsa-test.public_key.pem')
silently_remove('./rsa-test.private_key.pem')
provider = RsaProvider(key_pair)
content = b'b' * random.randint(1, 100) * 1024
content_crypto_material = provider.create_content_material()
plain_key = provider.decrypt_encrypted_key(
content_crypto_material.encrypted_key)
plain_iv = provider.decrypt_encrypted_iv(
content_crypto_material.encrypted_iv)
cipher = content_crypto_material.cipher
stream_encrypted = provider.make_encrypt_adapter(content, cipher)
encrypted_content = stream_encrypted.read()
# reset cipher
cipher.initialize(plain_key, plain_iv)
stream_decrypted = provider.make_decrypt_adapter(
encrypted_content, cipher)
self.assertEqual(content, stream_decrypted.read())
def test_rsa_provider_basic(self):
silently_remove('./rsa-test.public_key.pem')
silently_remove('./rsa-test.private_key.pem')
provider = LocalRsaProvider(dir='./',
key='rsa-test',
passphrase=random_string(8))
self.assertEqual(provider.wrap_alg,
"RSA/NONE/OAEPWithSHA-1AndMGF1Padding")
self.assertEqual(provider.cipher.alg, "AES/CTR/NoPadding")
plain_key = provider.get_key()
self.assertEqual(len(plain_key), provider.cipher.key_len)
plain_iv = provider.get_iv()
with patch.object(oss2.utils,
'random_key',
return_value=plain_key,
autospect=True):
with patch.object(oss2.utils,
'random_iv',
return_value=plain_iv,
autospect=True):
content_crypto_material = provider.create_content_material()
self.assertFalse(content_crypto_material.is_unencrypted())
decrypted_key = provider.decrypt_encrypted_key(
content_crypto_material.encrypted_key)
decrypted_iv = provider.decrypt_encrypted_iv(
content_crypto_material.encrypted_iv)
self.assertEqual(plain_key, decrypted_key)
self.assertEqual(plain_iv, decrypted_iv)
silently_remove('./rsa-test.public_key.pem')
silently_remove('./rsa-test.private_key.pem')
provider = RsaProvider(key_pair=key_pair, passphrase=random_string(8))
self.assertEqual(provider.wrap_alg, "RSA/NONE/PKCS1Padding")
self.assertEqual(provider.cipher.alg, "AES/CTR/NoPadding")
plain_key = provider.get_key()
self.assertEqual(len(plain_key), provider.cipher.key_len)
plain_iv = provider.get_iv()
with patch.object(oss2.utils,
'random_key',
return_value=plain_key,
autospect=True):
with patch.object(oss2.utils,
'random_iv',
return_value=plain_iv,
autospect=True):
content_crypto_material = provider.create_content_material()
self.assertFalse(content_crypto_material.is_unencrypted())
decrypted_key = provider.decrypt_encrypted_key(
content_crypto_material.encrypted_key)
decrypted_iv = provider.decrypt_encrypted_iv(
content_crypto_material.encrypted_iv)
self.assertEqual(plain_key, decrypted_key)
self.assertEqual(plain_iv, decrypted_iv)