Exemplo n.º 1
0
def test_load_key_strings_long():
    with pytest.raises(ValueError):
        client = pssst.PSSSTClient(k1_pub + 'ff')

    with pytest.raises(ValueError):
        client = pssst.PSSSTClient(k1_pub, k2_priv + 'ff')

    with pytest.raises(ValueError):
        client = pssst.PSSSTServer(k1_priv + 'ff')
Exemplo n.º 2
0
def test_load_key_strings_short():
    with pytest.raises(ValueError):
        client = pssst.PSSSTClient(k1_pub[:-1])

    with pytest.raises(ValueError):
        client = pssst.PSSSTClient(k1_pub, k2_priv[:-1])

    with pytest.raises(ValueError):
        client = pssst.PSSSTServer(k1_priv[:-1])
Exemplo n.º 3
0
def test_round_trip_client_auth_text_keys():
    client = pssst.PSSSTClient(k1_pub, k2_priv)
    server = pssst.PSSSTServer(k1_priv)
    client_public_key = X25519PublicKey.from_public_bytes(
        bytes.fromhex(k2_pub))

    test_message = b"This is a test message"

    request_packet, client_reply_handler = client.pack_request(test_message)
    received_message, received_client_public_key, server_reply_handler = server.unpack_request(
        request_packet)

    assert received_message == test_message, "Message didn't arrive intact"

    source_client_key_bytes = client_public_key.public_bytes(
        encoding=Encoding.Raw, format=PublicFormat.Raw)
    received_client_key_bytes = received_client_public_key.public_bytes(
        encoding=Encoding.Raw, format=PublicFormat.Raw)

    assert received_client_key_bytes == source_client_key_bytes, "Bad client auth"

    reply_packet = server_reply_handler(received_message)
    round_trip_message = client_reply_handler(reply_packet)

    assert round_trip_message == test_message, "Round trip failed"
Exemplo n.º 4
0
def test_round_trip_client_auth():
    server_private_key, server_public_key = pssst.generate_key_pair(
        cipher_suite=pssst.CipherSuite.X25519_AESGCM128)
    client_private_key, client_public_key = pssst.generate_key_pair(
        cipher_suite=pssst.CipherSuite.X25519_AESGCM128)

    client = pssst.PSSSTClient(server_public_key, client_private_key)
    server = pssst.PSSSTServer(server_private_key)

    test_message = b"This is a test message"

    request_packet, client_reply_handler = client.pack_request(test_message)
    received_message, received_client_public_key, server_reply_handler = server.unpack_request(
        request_packet)

    assert received_message == test_message, "Message didn't arrive intact"

    source_client_key_bytes = client_public_key.public_bytes(
        encoding=Encoding.Raw, format=PublicFormat.Raw)
    received_client_key_bytes = received_client_public_key.public_bytes(
        encoding=Encoding.Raw, format=PublicFormat.Raw)

    assert received_client_key_bytes == source_client_key_bytes, "Bad client auth"

    reply_packet = server_reply_handler(received_message)
    round_trip_message = client_reply_handler(reply_packet)

    assert round_trip_message == test_message, "Round trip failed"
Exemplo n.º 5
0
def test_unsupported_ciphers():
    with pytest.raises(pssst.PSSSTUnsupportedCipher):
        pssst.generate_key_pair(cipher_suite=pssst.CipherSuite.NONE)

    with pytest.raises(pssst.PSSSTUnsupportedCipher):
        pssst.PSSSTClient(b'\x55'*32, cipher_suite=pssst.CipherSuite.NONE)

    with pytest.raises(pssst.PSSSTUnsupportedCipher):
        pssst.PSSSTServer(b'\x55'*32, cipher_suite=pssst.CipherSuite.NONE)
Exemplo n.º 6
0
def test_round_trip_text_keys():
    client = pssst.PSSSTClient(k1_pub)
    server = pssst.PSSSTServer(k1_priv)

    test_message = b"This is a test message"

    request_packet, client_reply_handler = client.pack_request(test_message)
    received_message, client_public_key, server_reply_handler = server.unpack_request(
        request_packet)

    assert received_message == test_message

    reply_packet = server_reply_handler(received_message)
    round_trip_message = client_reply_handler(reply_packet)

    assert round_trip_message == test_message
Exemplo n.º 7
0
def main(public_key, client_key_file, port, iterations, payload, threads):
    if client_key_file:
        private_key_text = open(client_key_file).readline().strip()
        private_key = X25519PrivateKey.from_private_bytes(
            bytes.fromhex(private_key_text))
    else:
        private_key = None

    client = pssst.PSSSTClient(public_key, private_key)

    payload = payload.encode("UTF8")
    result_list = []

    tests = [client.pack_request(payload) for _ in range(iterations)]

    def send_tests(test_subset):
        replies = 0
        start_time = time.time()
        with closing(socket.socket(socket.AF_INET,
                                   socket.SOCK_DGRAM)) as client_socket:
            client_socket.settimeout(0.25)
            for packet, reply_handler in test_subset:
                client_socket.sendto(packet, ('127.0.0.1', port))
                try:
                    client_socket.recvfrom(2048)
                    replies += 1
                except socket.timeout:
                    pass
        end_time = time.time()
        result_list.append((len(test_subset), replies, end_time - start_time))

    chops = [(iterations * i) // threads for i in range(threads + 1)]
    thread_list = [
        Thread(target=send_tests, args=(tests[chops[i]:chops[i + 1]], ))
        for i in range(threads)
    ]
    for t in thread_list:
        t.start()
    for t in thread_list:
        t.join()

    total_sent = sum(row[0] for row in result_list)
    total_received = sum(row[1] for row in result_list)
    duration = max(row[2] for row in result_list)

    print("Sent: {}, received: {}, total time: {:.2f}".format(
        total_sent, total_received, duration))
Exemplo n.º 8
0
def test_round_trip():
    server_private_key, server_public_key = pssst.generate_key_pair(
        cipher_suite=pssst.CipherSuite.X25519_AESGCM128)

    client = pssst.PSSSTClient(server_public_key)
    server = pssst.PSSSTServer(server_private_key)

    test_message = b"This is a test message"

    request_packet, client_reply_handler = client.pack_request(test_message)
    received_message, client_public_key, server_reply_handler = server.unpack_request(
        request_packet)

    assert received_message == test_message

    reply_packet = server_reply_handler(received_message)
    round_trip_message = client_reply_handler(reply_packet)

    assert round_trip_message == test_message
Exemplo n.º 9
0
def main():
    server_private_key, server_public_key = pssst.generate_key_pair()

    client = pssst.PSSSTClient(server_public_key)
    server = pssst.PSSSTServer(server_private_key)

    request_message = b"The Magic Words are Squeamish Ossifrage"

    # Pack the message with the client and unpack it with the server
    request_packet, client_reply_handler = client.pack_request(request_message)
    received_request, client_auth_key, server_reply_handler = server.unpack_request(
        request_packet)

    # Echo the request back from the server to the client
    reply_packet = server_reply_handler(received_request)
    received_reply = client_reply_handler(reply_packet)

    if received_reply == request_message:
        print("Success")
    else:
        print("Failed!")
Exemplo n.º 10
0
def client(keys):
    server_private_key, server_public_key, client_private_key, client_public_key = keys
    client = pssst.PSSSTClient(server_public_key, client_private_key)

    return client
Exemplo n.º 11
0
def compat_test(suite):
    cipher_suite = pssst.CipherSuite(suite)

    server_priv, server_pub = pssst.generate_key_pair(cipher_suite)
    client_priv, client_pub = pssst.generate_key_pair(cipher_suite)

    s_pub_bytes = server_pub.public_bytes(encoding=Encoding.Raw,
                                          format=PublicFormat.Raw)
    c_pub_bytes = client_pub.public_bytes(encoding=Encoding.Raw,
                                          format=PublicFormat.Raw)

    emit_msg(SERVER_KEY, s_pub_bytes)
    emit_msg(CLIENT_KEY, c_pub_bytes)

    plaintext = os.urandom(64)
    incoming_plaintext = None

    emit_msg(PLAINTEXT, plaintext)
    server = pssst.PSSSTServer(server_priv, cipher_suite=cipher_suite)

    remote_client_key = None

    client = None
    auth_client = None

    client_handler = None
    auth_client_handler = None

    replies = 0

    while replies < 2:
        tag, value = get_msg()
        if tag == SERVER_KEY:
            client = pssst.PSSSTClient(value, cipher_suite=cipher_suite)
            auth_client = pssst.PSSSTClient(value,
                                            client_priv,
                                            cipher_suite=cipher_suite)

            packet, client_handler = client.pack_request(plaintext)
            emit_msg(REQUEST, packet)

            packet, auth_client_handler = auth_client.pack_request(plaintext)
            emit_msg(REQUEST_AUTH, packet)
        elif tag == CLIENT_KEY:
            remote_client_key = value
        elif tag == PLAINTEXT:
            incoming_plaintext = value
        elif tag == REQUEST:
            request_msg, auth_key, reply_handler = server.unpack_request(value)
            assert request_msg == incoming_plaintext, "Decrypted plaintext did not match"
            assert auth_key == None, "Auth key provided for non-auth message"
            reply_msg = bytes(reversed(request_msg))
            reply_packet = reply_handler(reply_msg)
            emit_msg(REPLY, reply_packet)
            replies += 1
        elif tag == REQUEST_AUTH:
            request_msg, auth_key, reply_handler = server.unpack_request(value)
            assert request_msg == incoming_plaintext, "Decrypted plaintext did not match (auth)"
            auth_key_bytes = auth_key.public_bytes(encoding=Encoding.Raw,
                                                   format=PublicFormat.Raw)
            assert auth_key_bytes == remote_client_key, (
                "Auth key did not match", auth_key, remote_client_key)
            reply_msg = bytes(reversed(request_msg))
            reply_packet = reply_handler(reply_msg)
            emit_msg(REPLY_AUTH, reply_packet)
        elif tag == REPLY:
            reply_msg = client_handler(value)
            assert reply_msg == bytes(
                reversed(plaintext)), "Reply bytes did not match"
            replies += 1
            if replies == 2:
                emit_msg(DONE)
        elif tag == REPLY_AUTH:
            reply_msg = auth_client_handler(value)
            assert reply_msg == bytes(
                reversed(plaintext)), "Reply bytes did not match"
            replies += 1
            if replies == 2:
                emit_msg(DONE)
        elif tag == DONE:
            break