def test_double():
a = b"hello"
b = enpad(a,16)
c = enpad(b,16)
d = unpad(c,16)
assert b==d
e = unpad(d,16)
assert a==e
def decrypt(self,ciphertext,nonce=None):
if nonce is None:
nonce = ciphertext[:self.NONCE_SIZE]
ciphertext = ciphertext[self.NONCE_SIZE:]
if len(nonce)!=self.NONCE_SIZE:
raise ValueError("nonce must be exactly {0:d} bytes long".format(self.NONCE_SIZE))
l = len(ciphertext) - self._hash.digest_size
cdigest = ciphertext[l:]
ciphertext = ciphertext[:l]
cipher = self._cipher.new(self.__key,self._cipher.MODE_CBC,nonce)
plaintext = unpad(cipher.decrypt(ciphertext),cipher.block_size)
# we check the mac after decrypting to mitigate timing attacks
if not consteq(cdigest,self._getmac(nonce,ciphertext)):
raise ValueError("decryption failed")
return plaintext
def decrypt(self, ciphertext, nonce=None):
if nonce is None:
nonce = ciphertext[:self.NONCE_SIZE]
ciphertext = ciphertext[self.NONCE_SIZE:]
if len(nonce) != self.NONCE_SIZE:
raise ValueError("nonce must be exactly {0:d} bytes long".format(
self.NONCE_SIZE))
l = len(ciphertext) - self._hash.digest_size
cdigest = ciphertext[l:]
ciphertext = ciphertext[:l]
cipher = self._cipher.new(self.__key, self._cipher.MODE_CBC, nonce)
plaintext = unpad(cipher.decrypt(ciphertext), cipher.block_size)
# we check the mac after decrypting to mitigate timing attacks
if not consteq(cdigest, self._getmac(nonce, ciphertext)):
raise ValueError("decryption failed")
return plaintext
def check_pad(text,bs):
p = enpad(text,bs)
u = unpad(p,bs)
assert (len(p)%bs)==0
assert u == text
def test_evil():
a = b'aaaaaaaaaaaaaa\x80a'
b = unpad(a,16)
assert b is None
