def test_varying_length_msg(self): pf = PKFernet(pr_kr, pu_kr) for i in xrange(50): msg = urlsafe_b64encode(os.urandom(i)) ctx = pf.encrypt(msg, "dan_haiwei", "ecc.secp224r1.1.enc.pub", "ecdsa_with_sha256.secp224r1.1.sig.priv", "ADATA", sign_also=True) deciphered_msg = pf.decrypt(ctx, "dan_haiwei", verify_also = True) assert deciphered_msg == msg
def test_rsa(self): pf = PKFernet(pr_kr, pu_kr) for i in xrange(20): msg = urlsafe_b64encode(os.urandom(40)) adata = urlsafe_b64encode(os.urandom(40)) ctx = pf.encrypt(msg, "dan_haiwei", "rsa.2048.1.enc.pub", "ecdsa_with_sha256.secp224r1.1.sig.priv", adata, sign_also = True) deciphered_msg = pf.decrypt(ctx, "dan_haiwei", verify_also = True) assert deciphered_msg == msg
def test__ecc_curves(self): pf = PKFernet(pr_kr, pu_kr) for alias in ["ecc.secp224r1.1.enc.pub", "ecc.sect571r1.1.enc.pub"]: _, curve, ver, _, _ = alias.split('.') msg = urlsafe_b64encode(os.urandom(40)) adata = urlsafe_b64encode(os.urandom(40)) ctx = pf.encrypt(msg, "dan_haiwei", alias, "ecdsa_with_sha256.{0}.{1}.sig.priv".format(curve, ver), adata, sign_also=True) deciphered_msg = pf.decrypt(ctx, "dan_haiwei", verify_also = True) assert deciphered_msg == msg
def test_unverified(self): pf = PKFernet(pr_kr, pu_kr) for i in xrange(20): msg = urlsafe_b64encode(os.urandom(40)) adata = urlsafe_b64encode(os.urandom(40)) ctx = pf.encrypt(msg, "dan_haiwei", "ecc.secp224r1.1.enc.pub", "ecdsa_with_sha256.secp224r1.1.sig.priv", adata, sign_also = True) msg_and_sig = pf.decrypt(ctx, "dan_haiwei", verify_also = False) encoded_msg, sig_header, sig = msg_and_sig.split('|') deciphered_msg = urlsafe_b64decode(encoded_msg) assert deciphered_msg == msg assert sig_header and sig # ensure signatures exist, even if we don't check them
def test_invalid_alias(self): pf = PKFernet(pr_kr, pu_kr) msg = urlsafe_b64encode(os.urandom(40)) adata = urlsafe_b64encode(os.urandom(40)) with pytest.raises(AssertionError): ctx = pf.encrypt(msg, "dan_haiwei", "ecc.non-existent.1.enc.pub", "ecdsa_with_sha256.secp224r1.1.sig.priv", adata, sign_also = True)
def test_invalid_receiver(self): pf = PKFernet(pr_kr, pu_kr) msg = urlsafe_b64encode(os.urandom(40)) adata = urlsafe_b64encode(os.urandom(40)) with pytest.raises(AssertionError): ctx = pf.encrypt(msg, "invalid_group", "ecc.secp224r1.1.enc.pub", "ecdsa_with_sha256.secp224r1.1.sig.priv", adata, sign_also = True)