def test_init(self):
with self.assertRaises(ThemisError):
SCellSeal(passphrase=None)
with self.assertRaises(ThemisError):
SCellSeal(passphrase=b'')
with self.assertRaises(ThemisError):
SCellSeal(passphrase=u'')
def test_init_weird(self):
# You can't use key and passphrase simultaneously
with self.assertRaises(ThemisError):
SCellSeal(key=self.key, passphrase=u'secrets')
# You can't omit both of them too
with self.assertRaises(ThemisError):
SCellSeal()
def api_compatibility(self):
# Make sure positional API uses passphrases
scell_old = SCellSealPassphrase(self.passphrase)
scell_new = SCellSeal(passphrase=self.passphrase)
encrypted = scell_old.encrypt(self.data)
decrypted = scell_new.decrypt(encrypted)
self.assertEqual(self.data, decrypted)
def test_init(self):
with self.assertRaises(ThemisError):
SCellSeal(None)
with self.assertRaises(ThemisError):
SCellSeal(b'')
with warnings.catch_warnings(record=True) as w:
SCellSeal(u'passphrase')
self.assertEqual(len(w), 1)
self.assertTrue(
'master key should be "bytes"' in str(w[-1].message))
def test_encrypt_decrypt(self):
scell1 = SCellSeal(self.key)
scell2 = SCellSeal(self.key)
scell3 = SCellSeal(self.incorrect_key)
self.assertEqual(self.data, scell2.decrypt(scell1.encrypt(self.data)))
with self.assertRaises(ThemisError):
scell3.decrypt(scell1.encrypt(self.data))
with self.assertRaises(ThemisError):
scell1.encrypt(self.incorrect_data)
def create_acrastruct(data, acra_public_key, context=None):
random_kp = GenerateKeyPair(KEY_PAIR_TYPE.EC)
smessage = SMessage(random_kp.export_private_key(), acra_public_key)
random_key = generate_key()
wrapped_random_key = smessage.wrap(random_key)
scell = SCellSeal(random_key)
encrypted_data = scell.encrypt(data, context)
del random_key
encrypted_data_len = struct.pack('<Q', len(encrypted_data))
acrastruct = (BEGIN_TAG + random_kp.export_public_key() +
wrapped_random_key + encrypted_data_len + encrypted_data)
del random_kp
del wrapped_random_key
return acrastruct
def test_encoding(self):
scell1 = SCellSeal(passphrase=u'passphrase'.encode('utf-16'))
scell2 = SCellSeal(passphrase=u'passphrase', encoding='utf-16')
data12 = scell1.decrypt(scell2.encrypt(self.data))
data21 = scell2.decrypt(scell1.encrypt(self.data))
self.assertEqual(self.data, data12)
self.assertEqual(self.data, data21)
def test_encrypt_decrypt_context(self):
scell1 = SCellSeal(self.key)
scell2 = SCellSeal(self.key)
self.assertEqual(
self.data,
scell2.decrypt(scell1.encrypt(self.data, self.context),
self.context))
encrypted = scell1.encrypt(self.data, self.context)
with self.assertRaises(ThemisError):
scell2.decrypt(encrypted, self.incorrect_context)
with self.assertRaises(ThemisError):
scell1.encrypt(self.incorrect_data, self.context)
with self.assertRaises(ThemisError):
SCellSeal(self.incorrect_key).decrypt(encrypted, self.context)
def api_compatibility(self):
# Make sure positional API uses keys, not passphrases
scell_old = SCellSeal(self.key)
scell_new = SCellSeal(key=self.key)
encrypted = scell_old.encrypt(self.data)
decrypted = scell_new.decrypt(encrypted)
self.assertEqual(self.data, decrypted)
def test_encrypt_decrypt_context(self):
scell1 = SCellSeal(self.key)
scell2 = SCellSeal(self.key)
self.assertEqual(
self.data,
scell2.decrypt(scell1.encrypt(self.data, self.context),
self.context))
encrypted = scell1.encrypt(self.data, self.context)
with self.assertRaises(ThemisError):
scell2.decrypt(encrypted, self.incorrect_context)
with self.assertRaises(ThemisError):
scell1.encrypt(self.incorrect_data, self.context)
with self.assertRaises(ThemisError):
SCellSeal(self.incorrect_key).decrypt(encrypted, self.context)
def test_encrypt_decrypt(self):
scell1 = SCellSeal(self.key)
scell2 = SCellSeal(self.key)
scell3 = SCellSeal(self.incorrect_key)
self.assertEqual(self.data, scell2.decrypt(scell1.encrypt(self.data)))
with self.assertRaises(ThemisError):
scell3.decrypt(scell1.encrypt(self.data))
with self.assertRaises(ThemisError):
scell1.encrypt(self.incorrect_data)
def test_init(self):
with self.assertRaises(ThemisError):
SCellSeal(None)
import base64
from pythemis.scell import SCellSeal
message = 'message to encrypt'
passwrd = b"pass"
scell = SCellSeal(passwrd)
print("encrypting...")
encrypted_message = scell.encrypt(message.encode('utf-8'))
encrypted_message_string = base64.b64encode(encrypted_message)
print(encrypted_message_string)
print("decrypting from binary...")
decrypted_message = scell.decrypt(encrypted_message).decode('utf-8')
print(decrypted_message)
print("decrypting from string...")
# check https://themis.cossacklabs.com/data-simulator/cell/
encrypted_message_string = "AAEBQAwAAAAQAAAADQAAACoEM9MbJzEu2RDuRoGzcQgN4jchys0q+LLcsbfUDV3M2eg/FhygH1ns"
decrypted_message_from_string = base64.b64decode(encrypted_message_string)
decrypted_message = scell.decrypt(decrypted_message_from_string).decode(
'utf-8')
print(decrypted_message)
import base64
from pythemis.scell import SCellTokenProtect
from pythemis.scell import SCellSeal
from pythemis.scell import SCellContextImprint
message = "i'm plain text message"
passwrd = b"pass"
context = b"somecontext"
print("running secure cell in seal mode...")
scell = SCellSeal(passwrd)
print("encrypting...")
encrypted_message = scell.encrypt(message.encode('utf-8'))
encrypted_message_string = base64.b64encode(encrypted_message)
print(encrypted_message_string)
print("decrypting from binary... --> ")
decrypted_message = scell.decrypt(encrypted_message).decode('utf-8')
print(decrypted_message)
print("decrypting from string... --> ")
# check https://themis.cossacklabs.com/data-simulator/cell/
encrypted_message_string = "AAEBQAwAAAAQAAAADQAAACoEM9MbJzEu2RDuRoGzcQgN4jchys0q+LLcsbfUDV3M2eg/FhygH1ns"
decrypted_message_from_string = base64.b64decode(encrypted_message_string)
decrypted_message = scell.decrypt(decrypted_message_from_string).decode('utf-8')
print(decrypted_message)
def cell(self):
if not hasattr(self, '_cell'):
self._cell = SCellSeal(key=self.key)
return self._cell
from pythemis.scell import SCellTokenProtect
from pythemis.scell import SCellSeal
from pythemis.scell import SCellContextImprint
message = "i'm plain text message"
context = b"somecontext"
master_key = base64.b64decode(
"bm8sIHRoaXMgaXMgbm90IGEgdmFsaWQgbWFzdGVyIGtleQ==")
passphrase = b"secret passphrase"
print("# Secure Cell in Seal mode\n")
print("## Master key API\n")
scellMK = SCellSeal(key=master_key)
encrypted_message = scellMK.encrypt(message.encode('utf-8'))
print("Encrypted: " + base64.b64encode(encrypted_message).decode('ascii'))
decrypted_message = scellMK.decrypt(encrypted_message).decode('utf-8')
print("Decrypted: " + decrypted_message)
# Visit https://docs.cossacklabs.com/simulator/data-cell/
print("")
encrypted_message_string = "AAEBQAwAAAAQAAAAEQAAAC0fCd2mOIxlDUORXz8+qCKuHCXcDii4bMF8OjOCOqsKEdV4+Ga2xTHPMupFvg=="
decrypted_message_from_string = base64.b64decode(encrypted_message_string)
decrypted_message = scellMK.decrypt(decrypted_message_from_string).decode(
'utf-8')
print("Decrypted (simulator): " + decrypted_message)
def cell(self):
if not hasattr(self, '_cell'):
from getpass import getpass
self._cell = SCellSeal(passphrase=self.passhash)
return self._cell
