def test_det_row_search(self): config = '[row]\n'+\ 'key_id = Pycrypto_AES_SIV\n'+\ 'encryption = Pycrypto_AES_SIV\n' self._run_search(config, 'brow', None, [ Cell('brow', 'cf1', 'cq1', '', 6, 'val1'), Cell('brow', 'cf2', 'cq2', '', 7, 'val2') ])
def test_unencrypted_search(self): config = '[colFamily]\n'+\ 'key_id = Pycrypto_AES_CBC\n'+\ 'cell_sections = colFamily\n'+\ 'encryption = Pycrypto_AES_CBC\n' self._run_search(config, 'brow', None, [ Cell('brow', 'cf1', 'cq1', '', 6, 'val1'), Cell('brow', 'cf2', 'cq2', '', 7, 'val2') ])
def test_det_row_cf_search(self): config = '[row]\n'+\ 'key_id = Pycrypto_AES_SIV\n'+\ 'encryption = Pycrypto_AES_SIV\n'+\ '[colFamily]\n'+\ 'key_id = Pycrypto_AES_SIV\n'+\ 'cell_sections = colFamily\n'+\ 'encryption = Pycrypto_AES_SIV\n' self._run_search(config, 'brow', [['cf1']], [Cell('brow', 'cf1', 'cq1', '', 6, 'val1')]) self._run_search(config, 'arow', [['cf1'], ['cf3']], [ Cell('arow', 'cf1', 'cq1', '', 1, 'val1'), Cell('arow', 'cf1', 'cq1', '', 3, 'val3'), Cell('arow', 'cf3', 'cq4', '', 5, 'val5') ])
def test_det_non_det_search(self): config = '[row]\n'+\ 'key_id = Pycrypto_AES_SIV\n'+\ 'encryption = Pycrypto_AES_SIV\n'+\ '[colFamily]\n'+\ 'key_id = Pycrypto_AES_CBC\n'+\ 'cell_sections = colFamily\n'+\ 'encryption = Pycrypto_AES_CBC\n'+\ '[colQualifier]\n'+\ 'key_id = Pycrypto_AES_SIV\n'+\ 'cell_sections = colQualifier\n'+\ 'encryption = Pycrypto_AES_CBC\n' self._run_search(config, 'brow', None, [ Cell('brow', 'cf1', 'cq1', '', 6, 'val1'), Cell('brow', 'cf2', 'cq2', '', 7, 'val2') ])
def test_det_cq_search(self): config = '[colQualifier]\n'+\ 'key_id = Pycrypto_AES_SIV\n'+\ 'cell_sections = colQualifier\n'+\ 'encryption = Pycrypto_AES_SIV\n' self._run_search(config, 'brow', [['cf1', 'cq1']], [Cell('brow', 'cf1', 'cq1', '', 6, 'val1')])
def _split_entry(self, entry): # Value format: <metadata>|<signature>|<actual value> metadata, sig, value = string.split(entry.val, '|', maxsplit=2) tup = (entry.row, entry.cf, entry.cq, entry.cv, None, value) return (SignedEntry(cell_string=str(tup), metadata=metadata, sig=sig), Cell(*tup))
def test_get_and_split_values(self): ''' Tests get_values_by_cell_string and split_values_by_cell_string ''' mut = EncMutation(self.mut,self.encryptor_dict) values = EncMutation.concatenate_cell_section_values(mut, ['colFamily','colQualifier']) self.assertEqual(values, ['cf1+cq1']) split_values = EncMutation.split_values(values) self.assertEqual(split_values, [('cf1',),('cq1',)]) cell = Cell('row','cf','cq','cv',1234,'val') value = EncCell.get_value_by_cell_string(cell._asdict(), ['colFamily', 'colQualifier']) self.assertEqual(value, 'cf+cq') split_value = EncCell.split_value_by_cell_string(value) self.assertEqual(split_value,['cf','cq'])
def test_encrypt_decrypt_cell(self): ''' Tests encrypt then decrypt functionality of EncCell ''' cell = Cell('row','cf','cq','cv',1234,'val') enc_cell = EncCell.encrypt(cell, self.encryptor_dict) dec_cell = EncCell.decrypt(enc_cell, self.encryptor_dict) self.assertEqual(cell, dec_cell, str(dec_cell) + " was not correctly encrypted and decrypted " +\ "should be " + str(cell))
def test_decrypt_cell(self): ''' Tests decryption functionality of EncCell when decryption is identity function ''' cell = Cell('row','cf','cq','cv',1234,'val') dec_cell = EncCell.decrypt(cell, self.encryptor_dict_identity) self.assertEqual(cell, dec_cell, str(dec_cell) + " was not correctly handled during decyption process " +\ "should be " + str(cell))
def _split_entry(self, entry): """ Extract the original visibility, signature, and other signature metadata from the visibility field. This function assumes that the entry has been signed, and that the signature metadata is put in quotation marks and appended to the end of the visibility field, as follows: <original visibility field>|",<metadata>,<base 64 encoded signature>," keyword arguments: entry - a pyaccumulo entry Returns two values: - A named tuple containing the original string, the metadata associated with the signature (either the signature algorithm's name or the signer's ID), and the signature itself. - A Cell object (from pyaccumulo) representing the original cell, without metadata """ #split the visibility field into actual visibility and #signature full_vis = entry.cv pieces = full_vis.split(',') # Check a couple of simple invariants about the signature field. # Note that these will NOT prevent the code from interpreting any # malformed or unsigned piece of metadata, but they should catch a # lot of cases, and help provide better error messages in the case # that an entry up for verification was not actually signed. if len(pieces) < 4: raise VerificationException( 'Visibility field contains too few entries to contain metadata' ) if not (pieces[-1] == '"' and pieces[-4][-2:] == '|"'): raise VerificationException( 'Visibility field contains wrong formatting for signature metadata' ) metadata, sig = pieces[-3:-1] # Join up with any other commas that may have existed, and truncate # the trailing |" that was added to the end, before the first # metadata comma. cell_vis = ','.join(pieces[0:-3])[:-2] #construct the data tuple and convert it to a string tup = (entry.row, entry.cf, entry.cq, cell_vis, None, entry.val) cell_string = str(tup) return SignedEntry(cell_string=cell_string, metadata=metadata, sig=sig), Cell(*tup)
def decrypt(cell, encryptor_dict): ''' Arguments: cell - cell to be encrypted encryptor_dict - dictionary keyed by cell location containing a tuple of the encryptor class and also contains the key object for retrieving the key Returns new cell with all locations in cell decrypted that are noted in encryptor_dict ''' cell_dict = cell._asdict() dec_cell = cell_dict.copy() for (cell_string, encryptor) in encryptor_dict.items(): encryptor.encryption.decrypt_cell(cell_dict, dec_cell, encryptor.key_container, cell_string, encryptor.cell_sections) return Cell(*[dec_cell[field] for field in CELL_ORDER])
def _check_encrypt_decrypt_cell(encClass): ''' Tests the encrypt then decryption functionality of the various algorithms on cells ''' config = stringio.StringIO( '[colFamily]\n'+\ 'key_id = '+ encClass.name +'\n'+\ 'encryption = ' + encClass.name) encryptor_dict = _create_encryptor_dict(config) cell = Cell('row', 'cf', 'cq', '(a&b)|c', 1234, 'val') enc_cell = EncCell.encrypt(cell, encryptor_dict) dec_cell = EncCell.decrypt(enc_cell, encryptor_dict) eq_(cell, dec_cell, str(dec_cell) + " was not correctly encrypted and decrypted " +\ "should be " + str(cell))